| [ Index ] |
PHP Cross Reference of MyBB 1.8.39 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 require_once MYBB_ROOT."inc/functions_upload.php"; 18 19 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 20 21 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 22 { 23 $sub_tabs['browse_users'] = array( 24 'title' => $lang->browse_users, 25 'link' => "index.php?module=user-users", 26 'description' => $lang->browse_users_desc 27 ); 28 29 $sub_tabs['find_users'] = array( 30 'title' => $lang->find_users, 31 'link' => "index.php?module=user-users&action=search", 32 'description' => $lang->find_users_desc 33 ); 34 35 $sub_tabs['create_user'] = array( 36 'title' => $lang->create_user, 37 'link' => "index.php?module=user-users&action=add", 38 'description' => $lang->create_user_desc 39 ); 40 41 $sub_tabs['merge_users'] = array( 42 'title' => $lang->merge_users, 43 'link' => "index.php?module=user-users&action=merge", 44 'description' => $lang->merge_users_desc 45 ); 46 } 47 48 $user_view_fields = array( 49 "avatar" => array( 50 "title" => $lang->avatar, 51 "width" => "24", 52 "align" => "" 53 ), 54 55 "username" => array( 56 "title" => $lang->username, 57 "width" => "", 58 "align" => "" 59 ), 60 61 "email" => array( 62 "title" => $lang->email, 63 "width" => "", 64 "align" => "center" 65 ), 66 67 "usergroup" => array( 68 "title" => $lang->primary_group, 69 "width" => "", 70 "align" => "center" 71 ), 72 73 "additionalgroups" => array( 74 "title" => $lang->additional_groups, 75 "width" => "", 76 "align" => "center" 77 ), 78 79 "regdate" => array( 80 "title" => $lang->registered, 81 "width" => "", 82 "align" => "center" 83 ), 84 85 "lastactive" => array( 86 "title" => $lang->last_active, 87 "width" => "", 88 "align" => "center" 89 ), 90 91 "postnum" => array( 92 "title" => $lang->post_count, 93 "width" => "", 94 "align" => "center" 95 ), 96 97 "threadnum" => array( 98 "title" => $lang->thread_count, 99 "width" => "", 100 "align" => "center" 101 ), 102 103 "reputation" => array( 104 "title" => $lang->reputation, 105 "width" => "", 106 "align" => "center" 107 ), 108 109 "warninglevel" => array( 110 "title" => $lang->warning_level, 111 "width" => "", 112 "align" => "center" 113 ), 114 115 "regip" => array( 116 "title" => $lang->registration_ip, 117 "width" => "", 118 "align" => "center" 119 ), 120 121 "lastip" => array( 122 "title" => $lang->last_known_ip, 123 "width" => "", 124 "align" => "center" 125 ), 126 127 "controls" => array( 128 "title" => $lang->controls, 129 "width" => "", 130 "align" => "center" 131 ) 132 ); 133 134 $sort_options = array( 135 "username" => $lang->username, 136 "regdate" => $lang->registration_date, 137 "lastactive" => $lang->last_active, 138 "numposts" => $lang->post_count, 139 "reputation" => $lang->reputation, 140 "warninglevel" => $lang->warning_level 141 ); 142 143 $plugins->run_hooks("admin_user_users_begin"); 144 145 // Initialise the views manager for user based views 146 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 147 if($mybb->input['action'] == "views") 148 { 149 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 150 } 151 152 if($mybb->input['action'] == 'iplookup') 153 { 154 $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); 155 $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); 156 $ipaddress_location = $lang->na; 157 $ipaddress_host_name = $lang->na; 158 $modcp_ipsearch_misc_info = ''; 159 if(!strstr($mybb->input['ipaddress'], "*")) 160 { 161 // Return GeoIP information if it is available to us 162 if(function_exists('geoip_record_by_name')) 163 { 164 $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); 165 if($ip_record) 166 { 167 $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name'])); 168 if($ip_record['city']) 169 { 170 $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city'])); 171 } 172 } 173 } 174 175 if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP)) 176 { 177 $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); 178 179 // gethostbyaddr returns the same ip on failure 180 if($ipaddress_host_name == $mybb->input['ipaddress']) 181 { 182 $ipaddress_host_name = $lang->na; 183 } 184 } 185 } 186 187 ?> 188 <div class="modal"> 189 <div style="overflow-y: auto; max-height: 400px;"> 190 191 <?php 192 193 $table = new Table(); 194 195 $table->construct_cell($lang->ipaddress_host_name.":"); 196 $table->construct_cell($ipaddress_host_name); 197 $table->construct_row(); 198 199 $table->construct_cell($lang->ipaddress_location.":"); 200 $table->construct_cell($ipaddress_location); 201 $table->construct_row(); 202 203 $table->output($lang->ipaddress_misc_info); 204 205 ?> 206 </div> 207 </div> 208 <?php 209 } 210 211 if($mybb->input['action'] == "activate_user") 212 { 213 if(!verify_post_check($mybb->get_input('my_post_key'))) 214 { 215 flash_message($lang->invalid_post_verify_key2, 'error'); 216 admin_redirect("index.php?module=user-users"); 217 } 218 219 $user = get_user($mybb->input['uid']); 220 221 // Does the user not exist? 222 if(!$user || $user['usergroup'] != 5) 223 { 224 flash_message($lang->error_invalid_user, 'error'); 225 admin_redirect("index.php?module=user-users"); 226 } 227 228 $plugins->run_hooks("admin_user_users_coppa_activate"); 229 230 $updated_user['usergroup'] = $user['usergroup']; 231 232 // Update 233 if($user['coppauser']) 234 { 235 $updated_user = array( 236 "coppauser" => 0 237 ); 238 } 239 else 240 { 241 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 242 } 243 244 // Move out of awaiting activation if they're in it. 245 if($user['usergroup'] == 5) 246 { 247 $updated_user['usergroup'] = 2; 248 } 249 250 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 251 252 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 253 254 $cache->update_awaitingactivation(); 255 256 $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 257 my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 258 259 // Log admin action 260 log_admin_action($user['uid'], $user['username']); 261 262 if($mybb->input['from'] == "home") 263 { 264 if($user['coppauser']) 265 { 266 $message = $lang->success_coppa_activated; 267 } 268 else 269 { 270 $message = $lang->success_activated; 271 } 272 273 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 274 } 275 else 276 { 277 if($user['coppauser']) 278 { 279 flash_message($lang->success_coppa_activated, 'success'); 280 } 281 else 282 { 283 flash_message($lang->success_activated, 'success'); 284 } 285 } 286 287 if($admin_session['data']['last_users_url']) 288 { 289 $url = $admin_session['data']['last_users_url']; 290 update_admin_session('last_users_url', ''); 291 292 if($mybb->input['from'] == "home") 293 { 294 update_admin_session('from', 'home'); 295 } 296 } 297 else 298 { 299 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 300 } 301 302 $plugins->run_hooks("admin_user_users_coppa_end"); 303 304 admin_redirect($url); 305 } 306 307 if($mybb->input['action'] == "add") 308 { 309 $plugins->run_hooks("admin_user_users_add"); 310 311 if($mybb->request_method == "post") 312 { 313 // Determine the usergroup stuff 314 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 315 { 316 foreach($mybb->input['additionalgroups'] as $key => $gid) 317 { 318 if($gid == $mybb->input['usergroup']) 319 { 320 unset($mybb->input['additionalgroups'][$key]); 321 } 322 } 323 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 324 } 325 else 326 { 327 $additionalgroups = ''; 328 } 329 330 // Set up user handler. 331 require_once MYBB_ROOT."inc/datahandlers/user.php"; 332 $userhandler = new UserDataHandler('insert'); 333 334 // Set the data for the new user. 335 $new_user = array( 336 "uid" => $mybb->get_input('uid'), 337 "username" => $mybb->get_input('username'), 338 "password" => $mybb->get_input('password'), 339 "password2" => $mybb->get_input('confirm_password'), 340 "email" => $mybb->get_input('email'), 341 "email2" => $mybb->get_input('email'), 342 "usergroup" => $mybb->get_input('usergroup'), 343 "additionalgroups" => $additionalgroups, 344 "displaygroup" => $mybb->get_input('displaygroup'), 345 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 346 "profile_fields_editable" => true, 347 ); 348 349 // Set the data of the user in the datahandler. 350 $userhandler->set_data($new_user); 351 $errors = ''; 352 353 // Validate the user and get any errors that might have occurred. 354 if(!$userhandler->validate_user()) 355 { 356 $errors = $userhandler->get_friendly_errors(); 357 } 358 else 359 { 360 $user_info = $userhandler->insert_user(); 361 362 $plugins->run_hooks("admin_user_users_add_commit"); 363 364 // Log admin action 365 log_admin_action($user_info['uid'], $user_info['username']); 366 367 flash_message($lang->success_user_created, 'success'); 368 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 369 } 370 } 371 372 // Fetch custom profile fields - only need required profile fields here 373 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 374 375 $profile_fields = array( 376 'required' => array(), 377 'optional' => array(), 378 ); 379 while($profile_field = $db->fetch_array($query)) 380 { 381 $profile_fields['required'][] = $profile_field; 382 } 383 384 $page->add_breadcrumb_item($lang->create_user); 385 $page->output_header($lang->create_user); 386 387 $form = new Form("index.php?module=user-users&action=add", "post"); 388 389 $page->output_nav_tabs($sub_tabs, 'create_user'); 390 391 // If we have any error messages, show them 392 if($errors) 393 { 394 $page->output_inline_error($errors); 395 } 396 else 397 { 398 $mybb->input = array_merge($mybb->input, array('usergroup' => 2)); 399 } 400 401 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 402 403 $form_container = new FormContainer($lang->required_profile_info); 404 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username'); 405 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password'); 406 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password'); 407 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email'); 408 409 $display_group_options[0] = $lang->use_primary_user_group; 410 $options = array(); 411 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 412 while($usergroup = $db->fetch_array($query)) 413 { 414 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 415 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 416 } 417 418 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 419 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 420 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 421 422 // Output custom profile fields - required 423 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 424 425 $form_container->end(); 426 $buttons[] = $form->generate_submit_button($lang->save_user); 427 $form->output_submit_wrapper($buttons); 428 429 $form->end(); 430 $page->output_footer(); 431 } 432 433 if($mybb->input['action'] == "edit") 434 { 435 $user = get_user($mybb->input['uid']); 436 437 // Does the user not exist? 438 if(!$user) 439 { 440 flash_message($lang->error_invalid_user, 'error'); 441 admin_redirect("index.php?module=user-users"); 442 } 443 444 $plugins->run_hooks("admin_user_users_edit"); 445 446 if($mybb->request_method == "post") 447 { 448 $plugins->run_hooks("admin_user_users_edit_start"); 449 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 450 { 451 flash_message($lang->error_no_perms_super_admin, 'error'); 452 admin_redirect("index.php?module=user-users"); 453 } 454 455 // Determine the usergroup stuff 456 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 457 { 458 foreach($mybb->input['additionalgroups'] as $key => $gid) 459 { 460 if($gid == $mybb->input['usergroup']) 461 { 462 unset($mybb->input['additionalgroups'][$key]); 463 } 464 } 465 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 466 } 467 else 468 { 469 $additionalgroups = ''; 470 } 471 472 $returndate = ""; 473 if(!empty($mybb->input['away_day'])) 474 { 475 $awaydate = TIME_NOW; 476 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 477 if(!$mybb->input['away_month']) 478 { 479 $mybb->input['away_month'] = my_date('n', $awaydate); 480 } 481 if(!$mybb->input['away_year']) 482 { 483 $mybb->input['away_year'] = my_date('Y', $awaydate); 484 } 485 486 $return_month = (int)substr($mybb->input['away_month'], 0, 2); 487 $return_day = (int)substr($mybb->input['away_day'], 0, 2); 488 $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999); 489 490 // Check if return date is after the away date. 491 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 492 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 493 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 494 { 495 $away_in_past = true; 496 } 497 498 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 499 } 500 501 // Set up user handler. 502 require_once MYBB_ROOT."inc/datahandlers/user.php"; 503 $userhandler = new UserDataHandler('update'); 504 505 // Set the data for the new user. 506 $updated_user = array( 507 "uid" => $mybb->get_input('uid'), 508 "username" => $mybb->get_input('username'), 509 "email" => $mybb->get_input('email'), 510 "email2" => $mybb->get_input('email'), 511 "usergroup" => $mybb->get_input('usergroup'), 512 "additionalgroups" => $additionalgroups, 513 "displaygroup" => $mybb->get_input('displaygroup'), 514 "postnum" => $mybb->get_input('postnum'), 515 "threadnum" => $mybb->get_input('threadnum'), 516 "usertitle" => $mybb->get_input('usertitle'), 517 "timezone" => $mybb->get_input('timezone'), 518 "language" => $mybb->get_input('language'), 519 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 520 "profile_fields_editable" => true, 521 "website" => $mybb->get_input('website'), 522 "skype" => $mybb->get_input('skype'), 523 "google" => $mybb->get_input('google'), 524 "birthday" => array( 525 "day" => $mybb->get_input('bday1'), 526 "month" => $mybb->get_input('bday2'), 527 "year" => $mybb->get_input('bday3') 528 ), 529 "style" => $mybb->get_input('style'), 530 "signature" => $mybb->get_input('signature'), 531 "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT), 532 "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT), 533 "usernotes" => $mybb->get_input('usernotes'), 534 "away" => array( 535 "away" => $mybb->get_input('away'), 536 "date" => TIME_NOW, 537 "returndate" => $returndate, 538 "awayreason" => $mybb->get_input('awayreason') 539 ) 540 ); 541 542 if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5) 543 { 544 if($user['coppauser'] == 1) 545 { 546 $updated_user['coppa_user'] = 0; 547 } 548 } 549 if($mybb->get_input('new_password')) 550 { 551 $updated_user['password'] = $mybb->get_input('new_password'); 552 $updated_user['password2'] = $mybb->get_input('confirm_new_password'); 553 } 554 555 $updated_user['options'] = array( 556 "allownotices" => $mybb->get_input('allownotices'), 557 "hideemail" => $mybb->get_input('hideemail'), 558 "subscriptionmethod" => $mybb->get_input('subscriptionmethod'), 559 "invisible" => $mybb->get_input('invisible'), 560 "dstcorrection" => $mybb->get_input('dstcorrection'), 561 "threadmode" => $mybb->get_input('threadmode'), 562 "classicpostbit" => $mybb->get_input('classicpostbit'), 563 "showimages" => $mybb->get_input('showimages'), 564 "showvideos" => $mybb->get_input('showvideos'), 565 "showsigs" => $mybb->get_input('showsigs'), 566 "showavatars" => $mybb->get_input('showavatars'), 567 "showquickreply" => $mybb->get_input('showquickreply'), 568 "receivepms" => $mybb->get_input('receivepms'), 569 "receivefrombuddy" => $mybb->get_input('receivefrombuddy'), 570 "pmnotice" => $mybb->get_input('pmnotice'), 571 "daysprune" => $mybb->get_input('daysprune'), 572 "showcodebuttons" => $mybb->get_input('showcodebuttons'), 573 "sourceeditor" => $mybb->get_input('sourceeditor'), 574 "pmnotify" => $mybb->get_input('pmnotify'), 575 "buddyrequestspm" => $mybb->get_input('buddyrequestspm'), 576 "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'), 577 "showredirect" => $mybb->get_input('showredirect') 578 ); 579 580 if($mybb->settings['usertppoptions']) 581 { 582 $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT); 583 } 584 585 if($mybb->settings['userpppoptions']) 586 { 587 $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT); 588 } 589 590 // Set the data of the user in the datahandler. 591 $userhandler->set_data($updated_user); 592 $errors = array(); 593 594 // Validate the user and get any errors that might have occurred. 595 if(!$userhandler->validate_user()) 596 { 597 $errors = $userhandler->get_friendly_errors(); 598 } 599 else 600 { 601 // Are we removing an avatar from this user? 602 if($mybb->get_input('remove_avatar')) 603 { 604 $extra_user_updates = array( 605 "avatar" => "", 606 "avatardimensions" => "", 607 "avatartype" => "" 608 ); 609 remove_avatars($user['uid']); 610 } 611 612 // Are we uploading a new avatar? 613 if($_FILES['avatar_upload']['name']) 614 { 615 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 616 if($avatar['error']) 617 { 618 $errors = array($avatar['error']); 619 } 620 else 621 { 622 if($avatar['width'] > 0 && $avatar['height'] > 0) 623 { 624 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 625 } 626 $extra_user_updates = array( 627 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 628 "avatardimensions" => $avatar_dimensions, 629 "avatartype" => "upload" 630 ); 631 } 632 } 633 // Are we setting a new avatar from a URL? 634 else if(!empty($mybb->input['avatar_url']) && $mybb->input['avatar_url'] != $user['avatar']) 635 { 636 if(!$mybb->settings['allowremoteavatars']) 637 { 638 $errors = array($lang->error_remote_avatar_not_allowed); 639 } 640 else 641 { 642 if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false) 643 { 644 // Gravatar 645 $email = md5(strtolower(trim($mybb->input['avatar_url']))); 646 647 $s = ''; 648 if(!$mybb->settings['maxavatardims']) 649 { 650 $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits 651 } 652 653 // Because Gravatars are square, hijack the width 654 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 655 656 $s = "?s={$maxwidth}"; 657 $maxheight = (int)$maxwidth; 658 659 $extra_user_updates = array( 660 "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}", 661 "avatardimensions" => "{$maxheight}|{$maxheight}", 662 "avatartype" => "gravatar" 663 ); 664 } 665 else 666 { 667 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 668 $ext = get_extension($mybb->input['avatar_url']); 669 670 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 671 $file = fetch_remote_file($mybb->input['avatar_url']); 672 if(!$file) 673 { 674 $avatar_error = $lang->error_invalidavatarurl; 675 } 676 else 677 { 678 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 679 $fp = @fopen($tmp_name, "wb"); 680 if(!$fp) 681 { 682 $avatar_error = $lang->error_invalidavatarurl; 683 } 684 else 685 { 686 fwrite($fp, $file); 687 fclose($fp); 688 list($width, $height, $type) = @getimagesize($tmp_name); 689 @unlink($tmp_name); 690 echo $type; 691 if(!$type) 692 { 693 $avatar_error = $lang->error_invalidavatarurl; 694 } 695 } 696 } 697 698 if(empty($avatar_error)) 699 { 700 if($width && $height && $mybb->settings['maxavatardims'] != "") 701 { 702 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 703 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 704 { 705 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 706 $avatar_error = $lang->error_avatartoobig; 707 } 708 } 709 } 710 711 if(empty($avatar_error)) 712 { 713 if($width > 0 && $height > 0) 714 { 715 $avatar_dimensions = (int)$width."|".(int)$height; 716 } 717 $extra_user_updates = array( 718 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 719 "avatardimensions" => $avatar_dimensions, 720 "avatartype" => "remote" 721 ); 722 remove_avatars($user['uid']); 723 } 724 else 725 { 726 $errors = array($avatar_error); 727 } 728 } 729 } 730 } 731 732 // Moderator "Options" (suspend signature, suspend/moderate posting) 733 $moderator_options = array( 734 1 => array( 735 "action" => "suspendsignature", // The moderator action we're performing 736 "period" => "action_period", // The time period we've selected from the dropdown box 737 "time" => "action_time", // The time we've entered 738 "update_field" => "suspendsignature", // The field in the database to update if true 739 "update_length" => "suspendsigtime" // The length of suspension field in the database 740 ), 741 2 => array( 742 "action" => "moderateposting", 743 "period" => "modpost_period", 744 "time" => "modpost_time", 745 "update_field" => "moderateposts", 746 "update_length" => "moderationtime" 747 ), 748 3 => array( 749 "action" => "suspendposting", 750 "period" => "suspost_period", 751 "time" => "suspost_time", 752 "update_field" => "suspendposting", 753 "update_length" => "suspensiontime" 754 ) 755 ); 756 757 require_once MYBB_ROOT."inc/functions_warnings.php"; 758 foreach($moderator_options as $option) 759 { 760 if(empty($mybb->input[$option['action']])) 761 { 762 if($user[$option['update_field']] == 1) 763 { 764 // We're revoking the suspension 765 $extra_user_updates[$option['update_field']] = 0; 766 $extra_user_updates[$option['update_length']] = 0; 767 } 768 769 // Skip this option if we haven't selected it 770 continue; 771 } 772 else 773 { 774 if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 775 { 776 // User has selected a type of ban, but not entered a valid time frame 777 $string = $option['action']."_error"; 778 $errors[] = $lang->$string; 779 } 780 781 if(!is_array($errors)) 782 { 783 $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]); 784 785 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 786 { 787 // We already have a suspension, but entered a new time 788 if($suspend_length == "-1") 789 { 790 // Permanent ban on action 791 $extra_user_updates[$option['update_length']] = 0; 792 } 793 elseif($suspend_length && $suspend_length != "-1") 794 { 795 // Temporary ban on action 796 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 797 } 798 } 799 elseif(!$user[$option['update_field']]) 800 { 801 // New suspension for this user... bad user! 802 $extra_user_updates[$option['update_field']] = 1; 803 if($suspend_length == "-1") 804 { 805 $extra_user_updates[$option['update_length']] = 0; 806 } 807 else 808 { 809 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 810 } 811 } 812 } 813 } 814 } 815 816 if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting'])) 817 { 818 $errors[] = $lang->suspendmoderate_error; 819 } 820 821 if(isset($away_in_past)) 822 { 823 $errors[] = $lang->error_acp_return_date_past; 824 } 825 826 if(!$errors) 827 { 828 $user_info = $userhandler->update_user(); 829 830 $plugins->run_hooks("admin_user_users_edit_commit_start"); 831 832 if(!empty($extra_user_updates)) 833 { 834 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 835 } 836 837 // if we're updating the user's signature preferences, do so now 838 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 839 { 840 $update_signature = array( 841 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 842 ); 843 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 844 } 845 846 $plugins->run_hooks("admin_user_users_edit_commit"); 847 848 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 849 { 850 $cache->update_awaitingactivation(); 851 } 852 853 // Log admin action 854 log_admin_action($user['uid'], $mybb->input['username']); 855 856 flash_message($lang->success_user_updated, 'success'); 857 admin_redirect("index.php?module=user-users"); 858 } 859 $plugins->run_hooks("admin_user_users_edit_end"); 860 } 861 } 862 863 if(!$errors) 864 { 865 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 866 $mybb->input = array_merge($mybb->input, $user); 867 868 $options = array( 869 'bday1', 'bday2', 'bday3', 870 'new_password', 'confirm_new_password', 871 'action_time', 'action_period', 872 'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time' 873 ); 874 875 foreach($options as $option) 876 { 877 if(!isset($input_user[$option])) 878 { 879 $mybb->input[$option] = ''; 880 } 881 } 882 883 // We need to fetch this users profile field values 884 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 885 $mybb->input['profile_fields'] = $db->fetch_array($query); 886 } 887 888 if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3']) 889 { 890 $mybb->input['bday'][0] = $mybb->input['bday1']; 891 $mybb->input['bday'][1] = $mybb->input['bday2']; 892 $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT); 893 } 894 else 895 { 896 $mybb->input['bday'] = array(0, 0, ''); 897 898 if($user['birthday']) 899 { 900 $mybb->input['bday'] = explode('-', $user['birthday']); 901 } 902 } 903 904 if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year')) 905 { 906 $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT); 907 } 908 else 909 { 910 $mybb->input['away_day'] = 0; 911 $mybb->input['away_month'] = 0; 912 $mybb->input['away_year'] = ''; 913 914 if($user['returndate']) 915 { 916 list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']); 917 } 918 } 919 920 // Fetch custom profile fields 921 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 922 923 $profile_fields = array( 924 'required' => array(), 925 'optional' => array(), 926 ); 927 while($profile_field = $db->fetch_array($query)) 928 { 929 if($profile_field['required'] == 1) 930 { 931 $profile_fields['required'][] = $profile_field; 932 } 933 else 934 { 935 $profile_fields['optional'][] = $profile_field; 936 } 937 } 938 939 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 940 941 $page->extra_header .= <<<EOF 942 943 <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" /> 944 <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1832"></script> 945 <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1837"></script> 946 <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1832"></script> 947 EOF; 948 $page->output_header($lang->edit_user); 949 950 $sub_tabs['edit_user'] = array( 951 'title' => $lang->edit_user, 952 'description' => $lang->edit_user_desc 953 ); 954 955 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 956 957 $page->output_nav_tabs($sub_tabs, 'edit_user'); 958 959 // If we have any error messages, show them 960 if($errors) 961 { 962 $page->output_inline_error($errors); 963 } 964 965 // Is this user a COPPA user? We show a warning & activate link 966 if($user['coppauser']) 967 { 968 echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code); 969 } 970 971 $tabs = array( 972 "overview" => $lang->overview, 973 "profile" => $lang->profile, 974 "settings" => $lang->account_settings, 975 "signature" => $lang->signature, 976 "avatar" => $lang->avatar, 977 "modoptions" => $lang->mod_options 978 ); 979 $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs); 980 $page->output_tab_control($tabs); 981 982 // 983 // OVERVIEW 984 // 985 echo "<div id=\"tab_overview\">\n"; 986 $table = new Table; 987 $table->construct_header($lang->avatar, array('class' => 'align_center')); 988 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 989 990 // Avatar 991 $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']); 992 if($user['avatardimensions']) 993 { 994 require_once MYBB_ROOT."inc/functions_image.php"; 995 list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']); 996 $scaled_dimensions = scale_image($width, $height, 120, 120); 997 } 998 else 999 { 1000 $scaled_dimensions = array( 1001 "width" => 120, 1002 "height" => 120 1003 ); 1004 } 1005 if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars'])) 1006 { 1007 if(!my_validate_url($user['avatar'])) 1008 { 1009 $avatar = format_avatar($user['avatar'], $user['avatardimensions']); 1010 $user['avatar'] = $avatar['image']; 1011 } 1012 } 1013 else 1014 { 1015 if(my_validate_url($mybb->settings['useravatar'])) 1016 { 1017 $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1018 } 1019 else 1020 { 1021 $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1022 } 1023 } 1024 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 1025 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 1026 if(!empty($last_seen)) 1027 { 1028 $last_active = my_date('relative', $last_seen); 1029 } 1030 else 1031 { 1032 $last_active = $lang->never; 1033 } 1034 $reg_date = my_date('relative', $user['regdate']); 1035 if($user['dst'] == 1) 1036 { 1037 $timezone = (float)$user['timezone']+1; 1038 } 1039 else 1040 { 1041 $timezone = (float)$user['timezone']; 1042 } 1043 $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)); 1044 $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1045 1046 $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time); 1047 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1048 $posts_per_day = 0; 1049 if($days_registered > 0) 1050 { 1051 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1052 if($posts_per_day > $user['postnum']) 1053 { 1054 $posts_per_day = $user['postnum']; 1055 } 1056 } 1057 $posts_per_day = my_number_format($posts_per_day); 1058 1059 $stats = $cache->read("stats"); 1060 $posts = $stats['numposts']; 1061 if($posts == 0) 1062 { 1063 $percent_posts = "0"; 1064 } 1065 else 1066 { 1067 $percent_posts = round($user['postnum']*100/$posts, 2); 1068 } 1069 1070 $user_permissions = user_permissions($user['uid']); 1071 1072 // Fetch the reputation for this user 1073 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1074 { 1075 $reputation = get_reputation($user['reputation']); 1076 } 1077 else 1078 { 1079 $reputation = "-"; 1080 } 1081 1082 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1083 { 1084 if($mybb->settings['maxwarningpoints'] < 1) 1085 { 1086 $mybb->settings['maxwarningpoints'] = 10; 1087 } 1088 1089 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1090 if($warning_level > 100) 1091 { 1092 $warning_level = 100; 1093 } 1094 $warning_level = get_colored_warning_level($warning_level); 1095 } 1096 else 1097 { 1098 $warning_level = "-"; 1099 } 1100 1101 $age = $lang->na; 1102 if($user['birthday']) 1103 { 1104 $age = get_age($user['birthday']); 1105 } 1106 1107 $postnum = my_number_format($user['postnum']); 1108 1109 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1110 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1111 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1112 $table->construct_row(); 1113 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1114 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}"); 1115 $table->construct_row(); 1116 $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}"); 1117 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1118 $table->construct_row(); 1119 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1120 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1121 $table->construct_row(); 1122 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1123 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1124 $table->construct_row(); 1125 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip']))); 1126 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip']))); 1127 $table->construct_row(); 1128 1129 $username = htmlspecialchars_uni($user['username']); 1130 $table->output("{$lang->user_overview}: {$username}"); 1131 $plugins->run_hooks("admin_user_users_edit_overview"); 1132 echo "</div>\n"; 1133 1134 // 1135 // PROFILE 1136 // 1137 echo "<div id=\"tab_profile\">\n"; 1138 1139 $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username'])); 1140 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1141 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1142 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1143 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1144 1145 $display_group_options[0] = $lang->use_primary_user_group; 1146 $options = array(); 1147 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1148 while($usergroup = $db->fetch_array($query)) 1149 { 1150 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1151 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1152 } 1153 1154 if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups'])) 1155 { 1156 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1157 } 1158 1159 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 1160 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1161 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 1162 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum'); 1163 $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum'); 1164 1165 // Output custom profile fields - required 1166 if(!isset($profile_fields['required'])) 1167 { 1168 $profile_fields['required'] = array(); 1169 } 1170 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 1171 1172 $form_container->end(); 1173 1174 $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username'])); 1175 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle'); 1176 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website'); 1177 $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype'); 1178 $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google'); 1179 1180 // Birthday 1181 $birthday_days = array(0 => ''); 1182 for($i = 1; $i <= 31; $i++) 1183 { 1184 $birthday_days[$i] = $i; 1185 } 1186 1187 $birthday_months = array( 1188 0 => '', 1189 1 => $lang->january, 1190 2 => $lang->february, 1191 3 => $lang->march, 1192 4 => $lang->april, 1193 5 => $lang->may, 1194 6 => $lang->june, 1195 7 => $lang->july, 1196 8 => $lang->august, 1197 9 => $lang->september, 1198 10 => $lang->october, 1199 11 => $lang->november, 1200 12 => $lang->december 1201 ); 1202 1203 $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day')); 1204 $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month')); 1205 $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0)); 1206 1207 $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday'); 1208 1209 // Output custom profile fields - optional 1210 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1211 1212 $form_container->end(); 1213 1214 1215 if($mybb->settings['allowaway'] != 0) 1216 { 1217 $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username'])); 1218 $awaycheck = array(false, true); 1219 if($mybb->input['away'] == 1) 1220 { 1221 $awaycheck = array(true, false); 1222 } 1223 $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away'); 1224 $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason'); 1225 1226 //Return date (we can use the arrays from birthday) 1227 $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day')); 1228 $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month')); 1229 $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0)); 1230 1231 $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date'); 1232 1233 $form_container->end(); 1234 } 1235 1236 $plugins->run_hooks("admin_user_users_edit_profile"); 1237 echo "</div>\n"; 1238 1239 // 1240 // ACCOUNT SETTINGS 1241 // 1242 1243 echo "<div id=\"tab_settings\">\n"; 1244 $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username'])); 1245 $login_options = array( 1246 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))), 1247 ); 1248 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1249 1250 if($mybb->get_input('pmnotice') > 1) 1251 { 1252 $mybb->input['pmnotice'] = 1; 1253 } 1254 1255 $messaging_options = array( 1256 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))), 1257 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))), 1258 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))), 1259 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))), 1260 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))), 1261 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))), 1262 $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))), 1263 $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))), 1264 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod')) 1265 ); 1266 1267 // Allow plugins to add messaging options 1268 $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options); 1269 1270 // Output messaging options 1271 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1272 1273 $date_format_options = array($lang->use_default); 1274 foreach($date_formats as $key => $format) 1275 { 1276 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1277 } 1278 1279 $time_format_options = array($lang->use_default); 1280 foreach($time_formats as $key => $format) 1281 { 1282 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1283 } 1284 1285 $date_options = array( 1286 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')), 1287 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')), 1288 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')), 1289 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection')) 1290 ); 1291 1292 // Allow plugins to add date options 1293 $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options); 1294 1295 // Output date options 1296 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1297 1298 1299 $tpp_options = array($lang->use_default); 1300 if($mybb->settings['usertppoptions']) 1301 { 1302 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1303 if(is_array($explodedtpp)) 1304 { 1305 foreach($explodedtpp as $tpp) 1306 { 1307 if($tpp <= 0) continue; 1308 $tpp_options[$tpp] = $tpp; 1309 } 1310 } 1311 } 1312 1313 $thread_age_options = array( 1314 0 => $lang->use_default, 1315 1 => $lang->show_threads_last_day, 1316 5 => $lang->show_threads_last_5_days, 1317 10 => $lang->show_threads_last_10_days, 1318 20 => $lang->show_threads_last_20_days, 1319 50 => $lang->show_threads_last_50_days, 1320 75 => $lang->show_threads_last_75_days, 1321 100 => $lang->show_threads_last_100_days, 1322 365 => $lang->show_threads_last_year, 1323 9999 => $lang->show_all_threads 1324 ); 1325 1326 $forum_options = array( 1327 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')), 1328 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune')) 1329 ); 1330 1331 // Allow plugins to add forum options 1332 $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options); 1333 1334 // Output forum options 1335 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1336 1337 $ppp_options = array($lang->use_default); 1338 if($mybb->settings['userpppoptions']) 1339 { 1340 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1341 if(is_array($explodedppp)) 1342 { 1343 foreach($explodedppp as $ppp) 1344 { 1345 if($ppp <= 0) continue; 1346 $ppp_options[$ppp] = $ppp; 1347 } 1348 } 1349 } 1350 1351 $thread_options = array( 1352 $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))), 1353 $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))), 1354 $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))), 1355 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))), 1356 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))), 1357 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))), 1358 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')), 1359 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1360 ); 1361 1362 // Allow plugins to add thread options 1363 $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options); 1364 1365 // Output thread options 1366 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1367 1368 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1369 1370 $other_options = array( 1371 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))), 1372 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))), 1373 $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))), 1374 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true), 1375 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language')) 1376 ); 1377 1378 // Allow plugins to add other options 1379 $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options); 1380 1381 // Output other options 1382 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1383 1384 $form_container->end(); 1385 $plugins->run_hooks("admin_user_users_edit_settings"); 1386 echo "</div>\n"; 1387 1388 // 1389 // SIGNATURE EDITOR 1390 // 1391 $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%')); 1392 $sig_smilies = $lang->off; 1393 if($mybb->settings['sigsmilies'] == 1) 1394 { 1395 $sig_smilies = $lang->on; 1396 } 1397 $sig_mycode = $lang->off; 1398 if($mybb->settings['sigmycode'] == 1) 1399 { 1400 $sig_mycode = $lang->on; 1401 $signature_editor .= build_mycode_inserter("signature"); 1402 } 1403 $sig_html = $lang->off; 1404 if($mybb->settings['sightml'] == 1) 1405 { 1406 $sig_html = $lang->on; 1407 } 1408 $sig_imgcode = $lang->off; 1409 if($mybb->settings['sigimgcode'] == 1) 1410 { 1411 $sig_imgcode = $lang->on; 1412 } 1413 echo "<div id=\"tab_signature\">\n"; 1414 $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username'])); 1415 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1416 1417 $periods = array( 1418 "hours" => $lang->expire_hours, 1419 "days" => $lang->expire_days, 1420 "weeks" => $lang->expire_weeks, 1421 "months" => $lang->expire_months, 1422 "never" => $lang->expire_permanent 1423 ); 1424 1425 // Are we already suspending the signature? 1426 if($mybb->get_input('suspendsignature')) 1427 { 1428 $sig_checked = 1; 1429 1430 // Display how much time is left on the ban for the user to extend it 1431 if($user['suspendsigtime'] == "0") 1432 { 1433 // Permanent 1434 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1435 } 1436 else 1437 { 1438 // There's a limit to the suspension! 1439 $remaining = $user['suspendsigtime']-TIME_NOW; 1440 $expired = nice_time($remaining, array('seconds' => false)); 1441 1442 $color = 'inherit'; 1443 if($remaining < 3600) 1444 { 1445 $color = 'red'; 1446 } 1447 elseif($remaining < 86400) 1448 { 1449 $color = 'maroon'; 1450 } 1451 elseif($remaining < 604800) 1452 { 1453 $color = 'green'; 1454 } 1455 1456 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color); 1457 } 1458 $user_suspend_info = ' 1459 <tr> 1460 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1461 </tr>'; 1462 } 1463 else 1464 { 1465 $sig_checked = 0; 1466 $user_suspend_info = ''; 1467 } 1468 1469 $actions = ' 1470 <script type="text/javascript"> 1471 <!-- 1472 var sig_checked = "'.$sig_checked.'"; 1473 1474 function toggleAction() 1475 { 1476 if($("#suspend_action").is(\':visible\')) 1477 { 1478 $("#suspend_action").hide(); 1479 } 1480 else 1481 { 1482 $("#suspend_action").show(); 1483 } 1484 } 1485 // --> 1486 </script> 1487 1488 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1489 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1490 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1491 <table cellpadding="4">'.$user_suspend_info.' 1492 <tr> 1493 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1494 <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1495 </tr> 1496 </table> 1497 </dd> 1498 </dl> 1499 1500 <script type="text/javascript"> 1501 <!-- 1502 if(sig_checked == 0) 1503 { 1504 $("#suspend_action").hide(); 1505 } 1506 // --> 1507 </script>'; 1508 1509 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1510 1511 $signature_options = array( 1512 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1513 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1514 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1515 ); 1516 1517 $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options)); 1518 1519 $form_container->end(); 1520 $plugins->run_hooks("admin_user_users_edit_signatur"); 1521 echo "</div>\n"; 1522 1523 // 1524 // AVATAR MANAGER 1525 // 1526 echo "<div id=\"tab_avatar\">\n"; 1527 $table = new Table; 1528 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1529 1530 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1531 1532 $avatar_url = ''; 1533 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1534 { 1535 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1536 } 1537 elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar'])) 1538 { 1539 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1540 $avatar_url = $user['avatar']; 1541 } 1542 1543 if($errors) 1544 { 1545 if(isset($mybb->input['avatar_url'])) 1546 { 1547 $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']); 1548 } 1549 } 1550 1551 if($mybb->settings['maxavatardims'] != "") 1552 { 1553 list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 1554 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1555 } 1556 1557 if($mybb->settings['avatarsize']) 1558 { 1559 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1560 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1561 } 1562 1563 if($user['avatar']) 1564 { 1565 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1566 } 1567 1568 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1569 $table->construct_row(); 1570 1571 $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username'])); 1572 1573 // Custom avatar 1574 if($mybb->settings['avatarresizing'] == "auto") 1575 { 1576 $auto_resize = $lang->avatar_auto_resize; 1577 } 1578 else if($mybb->settings['avatarresizing'] == "user") 1579 { 1580 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1581 } 1582 $form_container = new FormContainer($lang->specify_custom_avatar); 1583 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1584 if($mybb->settings['allowremoteavatars']) 1585 { 1586 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1587 } 1588 $form_container->end(); 1589 $plugins->run_hooks("admin_user_users_edit_avatar"); 1590 echo "</div>\n"; 1591 1592 // 1593 // MODERATOR OPTIONS 1594 // 1595 $periods = array( 1596 "hours" => $lang->expire_hours, 1597 "days" => $lang->expire_days, 1598 "weeks" => $lang->expire_weeks, 1599 "months" => $lang->expire_months, 1600 "never" => $lang->expire_permanent 1601 ); 1602 1603 echo "<div id=\"tab_modoptions\">\n"; 1604 $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username'])); 1605 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1606 1607 // Mod posts 1608 // Generate check box 1609 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1610 1611 // Do we have any existing suspensions here? 1612 $existing_info = ''; 1613 if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors))) 1614 { 1615 $mybb->input['moderateposting'] = 1; 1616 if($user['moderationtime'] != 0) 1617 { 1618 $remaining = $user['moderationtime']-TIME_NOW; 1619 $expired = nice_time($remaining, array('seconds' => false)); 1620 1621 $color = 'inherit'; 1622 if($remaining < 3600) 1623 { 1624 $color = 'red'; 1625 } 1626 elseif($remaining < 86400) 1627 { 1628 $color = 'maroon'; 1629 } 1630 elseif($remaining < 604800) 1631 { 1632 $color = 'green'; 1633 } 1634 1635 $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color); 1636 } 1637 else 1638 { 1639 $existing_info = $lang->moderated_perm; 1640 } 1641 } 1642 1643 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>'; 1644 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username'])); 1645 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div); 1646 1647 // Suspend posts 1648 // Generate check box 1649 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period')); 1650 1651 // Do we have any existing suspensions here? 1652 if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors))) 1653 { 1654 $mybb->input['suspendposting'] = 1; 1655 1656 if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never") 1657 { 1658 $existing_info = $lang->suspended_perm; 1659 } 1660 else 1661 { 1662 $remaining = $user['suspensiontime']-TIME_NOW; 1663 $suspost_date = nice_time($remaining, array('seconds' => false)); 1664 1665 $color = 'inherit'; 1666 if($remaining < 3600) 1667 { 1668 $color = 'red'; 1669 } 1670 elseif($remaining < 86400) 1671 { 1672 $color = 'maroon'; 1673 } 1674 elseif($remaining < 604800) 1675 { 1676 $color = 'green'; 1677 } 1678 1679 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color); 1680 } 1681 } 1682 1683 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>'; 1684 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username'])); 1685 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div); 1686 1687 1688 $form_container->end(); 1689 $plugins->run_hooks("admin_user_users_edit_moderator_options"); 1690 echo "</div>\n"; 1691 1692 $plugins->run_hooks("admin_user_users_edit_graph"); 1693 1694 $buttons[] = $form->generate_submit_button($lang->save_user); 1695 $form->output_submit_wrapper($buttons); 1696 1697 $form->end(); 1698 1699 echo '<script type="text/javascript"> 1700 <!-- 1701 1702 function toggleBox(action) 1703 { 1704 if(action == "modpost") 1705 { 1706 $("#suspendposting").attr("checked", false); 1707 $("#suspost").hide(); 1708 1709 if($("#moderateposting").is(":checked") == true) 1710 { 1711 $("#modpost").show(); 1712 } 1713 else if($("#moderateposting").is(":checked") == false) 1714 { 1715 $("#modpost").hide(); 1716 } 1717 } 1718 else if(action == "suspost") 1719 { 1720 $("#moderateposting").attr("checked", false); 1721 $("#modpost").hide(); 1722 1723 if($("#suspendposting").is(":checked") == true) 1724 { 1725 $("#suspost").show(); 1726 } 1727 else if($("#suspendposting").is(":checked") == false) 1728 { 1729 $("#suspost").hide(); 1730 } 1731 } 1732 } 1733 1734 if($("#moderateposting").is(":checked") == false) 1735 { 1736 $("#modpost").hide(); 1737 } 1738 else 1739 { 1740 $("#modpost").show(); 1741 } 1742 1743 if($("#suspendposting").is(":checked") == false) 1744 { 1745 $("#suspost").hide(); 1746 } 1747 else 1748 { 1749 $("#suspost").show(); 1750 } 1751 1752 // --> 1753 </script>'; 1754 1755 $page->output_footer(); 1756 } 1757 1758 if($mybb->input['action'] == "delete") 1759 { 1760 $user = get_user($mybb->input['uid']); 1761 1762 // Does the user not exist? 1763 if(!$user) 1764 { 1765 flash_message($lang->error_invalid_user, 'error'); 1766 admin_redirect("index.php?module=user-users"); 1767 } 1768 1769 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1770 { 1771 flash_message($lang->error_no_perms_super_admin, 'error'); 1772 admin_redirect("index.php?module=user-users"); 1773 } 1774 1775 // User clicked no 1776 if($mybb->get_input('no')) 1777 { 1778 admin_redirect("index.php?module=user-users"); 1779 } 1780 1781 $plugins->run_hooks("admin_user_users_delete"); 1782 1783 if($mybb->request_method == "post") 1784 { 1785 $plugins->run_hooks("admin_user_users_delete_commit"); 1786 1787 // Set up user handler. 1788 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1789 $userhandler = new UserDataHandler('delete'); 1790 1791 // Delete the user 1792 if(!$userhandler->delete_user($user['uid'])) 1793 { 1794 flash_message($lang->error_cannot_delete_user, 'error'); 1795 admin_redirect("index.php?module=user-users"); 1796 } 1797 1798 $cache->update_awaitingactivation(); 1799 1800 $plugins->run_hooks("admin_user_users_delete_commit_end"); 1801 1802 log_admin_action($user['uid'], $user['username']); 1803 1804 flash_message($lang->success_user_deleted, 'success'); 1805 admin_redirect("index.php?module=user-users"); 1806 } 1807 else 1808 { 1809 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1810 } 1811 } 1812 1813 if($mybb->input['action'] == "referrers") 1814 { 1815 $page->add_breadcrumb_item($lang->show_referrers); 1816 $page->output_header($lang->show_referrers); 1817 1818 $sub_tabs['referrers'] = array( 1819 'title' => $lang->show_referrers, 1820 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1821 'description' => $lang->show_referrers_desc 1822 ); 1823 1824 $plugins->run_hooks("admin_user_users_referrers"); 1825 1826 $page->output_nav_tabs($sub_tabs, 'referrers'); 1827 1828 // Fetch default admin view 1829 $default_view = fetch_default_view("user"); 1830 if(!$default_view) 1831 { 1832 $default_view = "0"; 1833 } 1834 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1835 $admin_view = $db->fetch_array($query); 1836 1837 if(!empty($mybb->input['type'])) 1838 { 1839 $admin_view['view_type'] = $mybb->input['type']; 1840 } 1841 1842 $admin_view['conditions'] = my_unserialize($admin_view['conditions']); 1843 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1844 1845 $view = build_users_view($admin_view); 1846 1847 // No referred users 1848 if(!$view) 1849 { 1850 $table = new Table; 1851 $table->construct_cell($lang->error_no_referred_users); 1852 $table->construct_row(); 1853 $table->output($lang->show_referrers); 1854 } 1855 else 1856 { 1857 echo $view; 1858 } 1859 1860 $page->output_footer(); 1861 } 1862 1863 if($mybb->input['action'] == "ipaddresses") 1864 { 1865 $page->add_breadcrumb_item($lang->ip_addresses); 1866 $page->output_header($lang->ip_addresses); 1867 1868 $sub_tabs['ipaddresses'] = array( 1869 'title' => $lang->show_ip_addresses, 1870 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1871 'description' => $lang->show_ip_addresses_desc 1872 ); 1873 1874 $plugins->run_hooks("admin_user_users_ipaddresses"); 1875 1876 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1877 1878 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1879 $user = $db->fetch_array($query); 1880 1881 // Log admin action 1882 log_admin_action($user['uid'], $user['username']); 1883 1884 $table = new Table; 1885 1886 $table->construct_header($lang->ip_address); 1887 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1888 1889 if(empty($user['lastip'])) 1890 { 1891 $user['lastip'] = $lang->unknown; 1892 $controls = ''; 1893 } 1894 else 1895 { 1896 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 1897 $popup = new PopupMenu("user_last", $lang->options); 1898 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&action=search&results=1&conditions[regip]=".$user['lastip']); 1899 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['lastip']); 1900 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}', null, true); return false;"); 1901 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1902 $controls = $popup->fetch(); 1903 } 1904 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']); 1905 $table->construct_cell($controls, array('class' => "align_center")); 1906 $table->construct_row(); 1907 1908 if(empty($user['regip'])) 1909 { 1910 $user['regip'] = $lang->unknown; 1911 $controls = ''; 1912 } 1913 else 1914 { 1915 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 1916 $popup = new PopupMenu("user_reg", $lang->options); 1917 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$user['regip']); 1918 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['regip']); 1919 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}', null, true); return false;"); 1920 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1921 $controls = $popup->fetch(); 1922 } 1923 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']); 1924 $table->construct_cell($controls, array('class' => "align_center")); 1925 $table->construct_row(); 1926 1927 $counter = 0; 1928 1929 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1930 while($ip = $db->fetch_array($query)) 1931 { 1932 ++$counter; 1933 $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress'])); 1934 $popup = new PopupMenu("id_{$counter}", $lang->options); 1935 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$ip['ipaddress']); 1936 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$ip['ipaddress']); 1937 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;"); 1938 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1939 $controls = $popup->fetch(); 1940 1941 $table->construct_cell($ip['ipaddress']); 1942 $table->construct_cell($controls, array('class' => "align_center")); 1943 $table->construct_row(); 1944 } 1945 1946 $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username'])); 1947 1948 $page->output_footer(); 1949 } 1950 1951 if($mybb->input['action'] == "merge") 1952 { 1953 $plugins->run_hooks("admin_user_users_merge"); 1954 1955 if($mybb->request_method == "post") 1956 { 1957 foreach(array('source', 'destination') as $target) 1958 { 1959 ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*')); 1960 if(empty(${$target.'_user'}['uid'])) 1961 { 1962 $errors[] = $lang->{'error_invalid_user_'.$target}; 1963 } 1964 } 1965 1966 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1967 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1968 { 1969 flash_message($lang->error_no_perms_super_admin, 'error'); 1970 admin_redirect("index.php?module=user-users"); 1971 } 1972 1973 if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid'])) 1974 { 1975 $errors[] = $lang->error_cannot_merge_same_account; 1976 } 1977 1978 if(empty($errors)) 1979 { 1980 // Begin to merge the accounts 1981 $uid_update = array( 1982 "uid" => $destination_user['uid'] 1983 ); 1984 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1985 $existing_admin_options = $db->fetch_field($query, "uid"); 1986 1987 // Only carry over admin options/permissions if we don't already have them 1988 if(!$existing_admin_options) 1989 { 1990 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1991 } 1992 1993 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1994 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1995 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1996 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1997 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1998 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 1999 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 2000 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 2001 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 2002 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 2003 $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'"); 2004 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 2005 $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'"); 2006 $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'"); 2007 $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'"); 2008 2009 // Thread ratings 2010 merge_thread_ratings($source_user['uid'], $destination_user['uid']); 2011 2012 // Banning 2013 switch($db->type) 2014 { 2015 case 'mysql': 2016 case 'mysqli': 2017 $where = "`admin` = '{$source_user['uid']}'"; 2018 break; 2019 default: 2020 $where = "admin = '{$source_user['uid']}'"; 2021 break; 2022 } 2023 $db->update_query("banned", array('admin' => $destination_user['uid']), $where); 2024 2025 // Carry over referrals 2026 $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'"); 2027 // If destination user has no referrer but source does and source user was not referred by destination user 2028 // or destination user was referred by the source user 2029 if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid']) 2030 { 2031 $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'"); 2032 } 2033 $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'"); 2034 $new_referrals = $db->fetch_field($query, "total_referrals"); 2035 $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'"); 2036 2037 // Merging Reputation 2038 // First, let's change all the details over to our new user... 2039 $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'"); 2040 $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'"); 2041 2042 // Now that all the repuation is merged, figure out what to do with this user's comments... 2043 $options = array( 2044 "order_by" => "uid", 2045 "order_dir" => "ASC" 2046 ); 2047 2048 $to_remove = array(); 2049 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options); 2050 while($rep = $db->fetch_array($query)) 2051 { 2052 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 2053 { 2054 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 2055 $to_remove[] = $rep['rid']; 2056 } 2057 2058 // Remove comments or posts liked by "me" 2059 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 2060 { 2061 if(!in_array($rep['rid'], $to_remove)) 2062 { 2063 $to_remove[] = $rep['rid']; 2064 continue; 2065 } 2066 } 2067 2068 $last_result = array( 2069 "rid" => $rep['rid'], 2070 "uid" => $rep['uid'] 2071 ); 2072 } 2073 2074 // Remove any reputations we've selected to remove... 2075 if(!empty($to_remove)) 2076 { 2077 $imp = implode(",", $to_remove); 2078 $db->delete_query("reputation", "rid IN (".$imp.")"); 2079 } 2080 2081 // Calculate the new reputation for this user... 2082 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 2083 $total_reputation = $db->fetch_field($query, "total_rep"); 2084 2085 $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'"); 2086 2087 // Calculate warning points 2088 $query = $db->query(" 2089 SELECT SUM(points) as warn_lev 2090 FROM ".TABLE_PREFIX."warnings 2091 WHERE uid='{$source_user['uid']}' AND expired='0' 2092 "); 2093 $original_warn_level = $db->fetch_field($query, "warn_lev"); 2094 2095 $query = $db->query(" 2096 SELECT SUM(points) as warn_lev 2097 FROM ".TABLE_PREFIX."warnings 2098 WHERE uid='{$destination_user['uid']}' AND expired='0' 2099 "); 2100 $new_warn_level = $db->fetch_field($query, "warn_lev"); 2101 $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'"); 2102 2103 // Additional updates for non-uid fields 2104 $last_poster = array( 2105 "lastposteruid" => $destination_user['uid'], 2106 "lastposter" => $db->escape_string($destination_user['username']) 2107 ); 2108 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2109 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2110 $edit_uid = array( 2111 "edituid" => $destination_user['uid'] 2112 ); 2113 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 2114 2115 $from_uid = array( 2116 "fromid" => $destination_user['uid'] 2117 ); 2118 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 2119 $to_uid = array( 2120 "toid" => $destination_user['uid'] 2121 ); 2122 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 2123 2124 // Buddy/ignore lists 2125 $destination_buddies = explode(',', $destination_user['buddylist']); 2126 $source_buddies = explode(',', $source_user['buddylist']); 2127 $buddies = array_unique(array_merge($source_buddies, $destination_buddies)); 2128 // Make sure the new buddy list doesn't contain either users 2129 $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid'])); 2130 2131 $destination_ignored = explode(',', $destination_user['ignorelist']); 2132 $source_ignored = explode(',', $destination_user['ignorelist']); 2133 $ignored = array_unique(array_merge($source_ignored, $destination_ignored)); 2134 // ... and the same for the new ignore list 2135 $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid'])); 2136 2137 // Remove any ignored users from the buddy list 2138 $buddies = array_diff($buddies_array, $ignored_array); 2139 // implode the arrays so we get a nice neat list for each 2140 $buddies = trim(implode(',', $buddies), ','); 2141 $ignored = trim(implode(',', $ignored_array), ','); 2142 2143 $lists = array( 2144 "buddylist" => $buddies, 2145 "ignorelist" => $ignored 2146 ); 2147 $db->update_query("users", $lists, "uid='{$destination_user['uid']}'"); 2148 2149 // Get a list of forums where post count doesn't apply 2150 $fids = array(); 2151 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 2152 while($fid = $db->fetch_field($query, "fid")) 2153 { 2154 $fids[] = $fid; 2155 } 2156 2157 $fids_not_in = ''; 2158 if(!empty($fids)) 2159 { 2160 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 2161 } 2162 2163 // Update user post count 2164 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2165 $num = $db->fetch_array($query); 2166 $updated_count = array( 2167 "postnum" => $num['postnum'] 2168 ); 2169 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2170 2171 // Update user thread count 2172 $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2173 $num = $db->fetch_array($query); 2174 $updated_count = array( 2175 "threadnum" => $num['threadnum'] 2176 ); 2177 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2178 2179 // Use the earliest registration date 2180 if($destination_user['regdate'] > $source_user['regdate']) 2181 { 2182 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 2183 } 2184 2185 $plugins->run_hooks("admin_user_users_merge_commit"); 2186 2187 // Set up user handler. 2188 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2189 $userhandler = new UserDataHandler('delete'); 2190 2191 // Delete the old user 2192 $userhandler->delete_user($source_user['uid']); 2193 2194 $cache->update_awaitingactivation(); 2195 2196 // Log admin action 2197 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 2198 2199 // Redirect! 2200 $username = htmlspecialchars_uni($source_user['username']); 2201 $destination_username = htmlspecialchars_uni($destination_user['username']); 2202 flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success"); 2203 admin_redirect("index.php?module=user-users"); 2204 exit; 2205 } 2206 } 2207 2208 $page->add_breadcrumb_item($lang->merge_users); 2209 $page->output_header($lang->merge_users); 2210 2211 $page->output_nav_tabs($sub_tabs, 'merge_users'); 2212 2213 // If we have any error messages, show them 2214 if($errors) 2215 { 2216 $page->output_inline_error($errors); 2217 } 2218 2219 $form = new Form("index.php?module=user-users&action=merge", "post"); 2220 2221 $form_container = new FormContainer($lang->merge_users); 2222 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username'); 2223 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username'); 2224 $form_container->end(); 2225 2226 // Autocompletion for usernames 2227 echo ' 2228 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 2229 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 2230 <script type="text/javascript"> 2231 <!-- 2232 $("#source_username").select2({ 2233 placeholder: "'.$lang->search_for_a_user.'", 2234 minimumInputLength: 2, 2235 multiple: false, 2236 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2237 url: "../xmlhttp.php?action=get_users", 2238 dataType: \'json\', 2239 data: function (term, page) { 2240 return { 2241 query: term // search term 2242 }; 2243 }, 2244 results: function (data, page) { // parse the results into the format expected by Select2. 2245 // since we are using custom formatting functions we do not need to alter remote JSON data 2246 return {results: data}; 2247 } 2248 }, 2249 initSelection: function(element, callback) { 2250 var query = $(element).val(); 2251 if (query !== "") { 2252 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2253 data: { 2254 query: query 2255 }, 2256 dataType: "json" 2257 }).done(function(data) { callback(data); }); 2258 } 2259 } 2260 }); 2261 $("#destination_username").select2({ 2262 placeholder: "'.$lang->search_for_a_user.'", 2263 minimumInputLength: 2, 2264 multiple: false, 2265 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2266 url: "../xmlhttp.php?action=get_users", 2267 dataType: \'json\', 2268 data: function (term, page) { 2269 return { 2270 query: term // search term 2271 }; 2272 }, 2273 results: function (data, page) { // parse the results into the format expected by Select2. 2274 // since we are using custom formatting functions we do not need to alter remote JSON data 2275 return {results: data}; 2276 } 2277 }, 2278 initSelection: function(element, callback) { 2279 var query = $(element).val(); 2280 if (query !== "") { 2281 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2282 data: { 2283 query: query 2284 }, 2285 dataType: "json" 2286 }).done(function(data) { callback(data); }); 2287 } 2288 } 2289 }); 2290 // --> 2291 </script>'; 2292 2293 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 2294 $form->output_submit_wrapper($buttons); 2295 $form->end(); 2296 2297 $page->output_footer(); 2298 } 2299 2300 if($mybb->input['action'] == "search") 2301 { 2302 $plugins->run_hooks("admin_user_users_search"); 2303 2304 if($mybb->request_method == "post" || $mybb->get_input('results') == 1) 2305 { 2306 // Build view options from incoming search options 2307 if($mybb->get_input('vid')) 2308 { 2309 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 2310 $admin_view = $db->fetch_array($query); 2311 // View does not exist or this view is private and does not belong to the current user 2312 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2313 { 2314 unset($admin_view); 2315 } 2316 } 2317 2318 if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')]) 2319 { 2320 $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')]; 2321 unset($admin_view['extra_sql']); 2322 } 2323 2324 // Don't have a view? Fetch the default 2325 if(!isset($admin_view) || !$admin_view['vid']) 2326 { 2327 $default_view = fetch_default_view("user"); 2328 if(!$default_view) 2329 { 2330 $default_view = "0"; 2331 } 2332 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2333 $admin_view = $db->fetch_array($query); 2334 } 2335 2336 // Override specific parts of the view 2337 unset($admin_view['vid']); 2338 2339 if($mybb->get_input('type')) 2340 { 2341 $admin_view['view_type'] = $mybb->get_input('type'); 2342 } 2343 2344 if(!empty($mybb->input['conditions'])) 2345 { 2346 $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY); 2347 } 2348 2349 if($mybb->get_input('sortby')) 2350 { 2351 $admin_view['sortby'] = $mybb->get_input('sortby'); 2352 } 2353 2354 if($mybb->get_input('perpage', MyBB::INPUT_INT)) 2355 { 2356 $admin_view['perpage'] = $mybb->get_input('perpage'); 2357 } 2358 2359 if($mybb->get_input('order')) 2360 { 2361 $admin_view['sortorder'] = $mybb->get_input('order'); 2362 } 2363 2364 if($mybb->get_input('displayas')) 2365 { 2366 $admin_view['view_type'] = $mybb->get_input('displayas'); 2367 } 2368 2369 if(!empty($mybb->input['profile_fields'])) 2370 { 2371 $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 2372 } 2373 2374 $plugins->run_hooks("admin_user_users_search_commit"); 2375 2376 $results = build_users_view($admin_view); 2377 2378 if($results) 2379 { 2380 $page->output_header($lang->find_users); 2381 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2382 $page->output_nav_tabs($sub_tabs, 'find_users'); 2383 echo $results; 2384 $page->output_footer(); 2385 } 2386 else 2387 { 2388 if($mybb->get_input('from') == "home") 2389 { 2390 flash_message($lang->error_no_users_found, 'error'); 2391 admin_redirect("index.php"); 2392 exit; 2393 } 2394 else 2395 { 2396 $errors[] = $lang->error_no_users_found; 2397 } 2398 } 2399 } 2400 2401 $page->add_breadcrumb_item($lang->find_users); 2402 $page->output_header($lang->find_users); 2403 2404 $page->output_nav_tabs($sub_tabs, 'find_users'); 2405 2406 // If we have any error messages, show them 2407 if($errors) 2408 { 2409 $page->output_inline_error($errors); 2410 } 2411 2412 if(!$mybb->get_input('displayas')) 2413 { 2414 $mybb->input['displayas'] = "card"; 2415 } 2416 2417 $form = new Form("index.php?module=user-users&action=search", "post"); 2418 2419 user_search_conditions($mybb->input, $form); 2420 2421 $form_container = new FormContainer($lang->display_options); 2422 $sort_directions = array( 2423 "asc" => $lang->ascending, 2424 "desc" => $lang->descending 2425 ); 2426 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby'); 2427 $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage'); 2428 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false)))); 2429 $form_container->end(); 2430 2431 $buttons[] = $form->generate_submit_button($lang->find_users); 2432 $form->output_submit_wrapper($buttons); 2433 $form->end(); 2434 2435 $page->output_footer(); 2436 } 2437 2438 if($mybb->input['action'] == "inline_edit") 2439 { 2440 $plugins->run_hooks("admin_user_users_inline"); 2441 2442 if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view'])) 2443 { 2444 // We have a custom view 2445 if(empty($mybb->cookies['acp_view'])) 2446 { 2447 // Set a cookie 2448 my_setcookie("acp_view", $mybb->input['vid'], 60); 2449 } 2450 else 2451 { 2452 // We already have a cookie, so let's use it... 2453 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2454 } 2455 2456 $vid_url = "&vid=".$mybb->get_input('vid'); 2457 } 2458 else 2459 { 2460 $vid_url = null; 2461 } 2462 2463 // First, collect the user IDs that we're performing the moderation on 2464 $selected = array(); 2465 if(isset($mybb->cookies['inlinemod_useracp'])) 2466 { 2467 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2468 foreach($ids as $id) 2469 { 2470 if($id != '') 2471 { 2472 $selected[] = (int)$id; 2473 } 2474 } 2475 } 2476 2477 // Verify incoming POST request 2478 if(!verify_post_check($mybb->get_input('my_post_key'))) 2479 { 2480 flash_message($lang->invalid_post_verify_key2, 'error'); 2481 admin_redirect("index.php?module=user-user"); 2482 } 2483 $sub_tabs['manage_users'] = array( 2484 "title" => $lang->manage_users, 2485 "link" => "./", 2486 "description" => $lang->manage_users_desc 2487 ); 2488 $page->add_breadcrumb_item($lang->manage_users); 2489 2490 if(empty($selected)) 2491 { 2492 // Not selected any users, show error 2493 flash_message($lang->error_inline_no_users_selected, 'error'); 2494 admin_redirect("index.php?module=user-users".$vid_url); 2495 } 2496 2497 switch($mybb->input['inline_action']) 2498 { 2499 case 'multiactivate': 2500 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2501 if(is_array($selected)) 2502 { 2503 $sql_array = implode(",", $selected); 2504 $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")"); 2505 $user_mail_data = array(); 2506 while($user = $db->fetch_array($query)) 2507 { 2508 $to_update[] = $user['uid']; 2509 $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']); 2510 } 2511 } 2512 2513 $plugins->run_hooks("admin_user_multiactivate", $to_update); 2514 2515 if(isset($to_update) && is_array($to_update)) 2516 { 2517 $sql_array = implode(",", $to_update); 2518 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2519 2520 $cache->update_awaitingactivation(); 2521 2522 // send activation mail 2523 foreach($user_mail_data as $mail_data) 2524 { 2525 $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 2526 my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 2527 } 2528 2529 // Action complete, grab stats and show success message - redirect user 2530 $to_update_count = count($to_update); 2531 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2532 2533 if(is_array($selected) && $to_update_count != count($selected)) 2534 { 2535 // The update count is different to how many we selected! 2536 $not_updated_count = count($selected) - $to_update_count; 2537 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2538 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2539 } 2540 2541 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2542 log_admin_action($to_update_count); // Add to adminlog 2543 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2544 2545 flash_message($lang->inline_activated, 'success'); 2546 admin_redirect("index.php?module=user-users".$vid_url); 2547 } 2548 else 2549 { 2550 // Nothing was updated, show an error 2551 flash_message($lang->inline_activated_failed, 'error'); 2552 admin_redirect("index.php?module=user-users".$vid_url); 2553 } 2554 break; 2555 case 'multilift': 2556 // Get the users that are banned, and check that they have been selected 2557 if($mybb->get_input('no')) 2558 { 2559 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2560 } 2561 2562 if($mybb->request_method == "post") 2563 { 2564 $sql_array = implode(",", $selected); 2565 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2566 $to_be_unbanned = $db->num_rows($query); 2567 while($ban = $db->fetch_array($query)) 2568 { 2569 $updated_group = array( 2570 "usergroup" => $ban['oldgroup'], 2571 "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']), 2572 "displaygroup" => $ban['olddisplaygroup'] 2573 ); 2574 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2575 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2576 } 2577 2578 $cache->update_moderators(); 2579 2580 $mybb->input['action'] = "inline_lift"; 2581 log_admin_action($to_be_unbanned); 2582 my_unsetcookie("inlinemod_useracp"); 2583 2584 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2585 flash_message($lang->success_ban_lifted, 'success'); 2586 admin_redirect("index.php?module=user-users".$vid_url); 2587 } 2588 else 2589 { 2590 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2591 } 2592 2593 break; 2594 case 'multiban': 2595 if($mybb->input['processed'] == 1) 2596 { 2597 // We've posted ban information! 2598 // Build an array of users to ban, =D 2599 $sql_array = implode(",", $selected); 2600 // Build a cache array for this users that have been banned already 2601 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2602 while($user = $db->fetch_array($query)) 2603 { 2604 $bannedcache[] = "u_".$user['uid']; 2605 } 2606 2607 // Collect the users 2608 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2609 2610 if($mybb->input['bantime'] == '---') 2611 { 2612 $lifted = 0; 2613 } 2614 else 2615 { 2616 $lifted = ban_date2timestamp($mybb->input['bantime']); 2617 } 2618 2619 $reason = my_substr($mybb->input['reason'], 0, 255); 2620 2621 $banned_count = 0; 2622 while($user = $db->fetch_array($query)) 2623 { 2624 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2625 { 2626 // We remove ourselves and Super Admins from the mix 2627 continue; 2628 } 2629 2630 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2631 { 2632 // User already has a ban, update it! 2633 $update_array = array( 2634 "admin" => (int)$mybb->user['uid'], 2635 "dateline" => TIME_NOW, 2636 "bantime" => $db->escape_string($mybb->input['bantime']), 2637 "lifted" => $db->escape_string($lifted), 2638 "reason" => $db->escape_string($reason) 2639 ); 2640 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2641 } 2642 else 2643 { 2644 // Not currently banned - insert the ban 2645 $insert_array = array( 2646 'uid' => $user['uid'], 2647 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 2648 'oldgroup' => $user['usergroup'], 2649 'oldadditionalgroups' => $db->escape_string($user['additionalgroups']), 2650 'olddisplaygroup' => $user['displaygroup'], 2651 'admin' => (int)$mybb->user['uid'], 2652 'dateline' => TIME_NOW, 2653 'bantime' => $db->escape_string($mybb->input['bantime']), 2654 'lifted' => $db->escape_string($lifted), 2655 'reason' => $db->escape_string($reason) 2656 ); 2657 $db->insert_query('banned', $insert_array); 2658 } 2659 2660 // Moved the user to the 'Banned' Group 2661 $update_array = array( 2662 'usergroup' => 7, 2663 'displaygroup' => 0, 2664 'additionalgroups' => '', 2665 ); 2666 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2667 2668 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2669 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2670 2671 ++$banned_count; 2672 } 2673 $mybb->input['action'] = "inline_banned"; 2674 log_admin_action($banned_count, $lifted); 2675 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2676 2677 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2678 flash_message($lang->users_banned, 'success'); 2679 admin_redirect("index.php?module=user-users".$vid_url); 2680 } 2681 2682 $page->output_header($lang->manage_users); 2683 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2684 2685 // Provide the user with a warning of what they're about to do 2686 $table = new Table; 2687 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2688 $table->construct_cell($lang->mass_ban_info); 2689 $table->construct_row(); 2690 $table->output($lang->important); 2691 2692 // If there's any errors, display inline 2693 if($errors) 2694 { 2695 $page->output_inline_error($errors); 2696 } 2697 2698 $form = new Form("index.php?module=user-users", "post"); 2699 echo $form->generate_hidden_field('action', 'inline_edit'); 2700 echo $form->generate_hidden_field('inline_action', 'multiban'); 2701 echo $form->generate_hidden_field('processed', '1'); 2702 2703 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2704 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason'); 2705 $ban_times = fetch_ban_times(); 2706 foreach($ban_times as $time => $period) 2707 { 2708 if($time != '---') 2709 { 2710 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 2711 $period = "{$period} ({$friendly_time})"; 2712 } 2713 $length_list[$time] = $period; 2714 } 2715 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 2716 $form_container->end(); 2717 2718 $buttons[] = $form->generate_submit_button($lang->ban_users); 2719 $form->output_submit_wrapper($buttons); 2720 $form->end(); 2721 $page->output_footer(); 2722 break; 2723 case 'multidelete': 2724 if($mybb->get_input('no')) 2725 { 2726 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2727 } 2728 else 2729 { 2730 if(isset($mybb->input['processed'])) 2731 { 2732 // Set up user handler. 2733 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2734 $userhandler = new UserDataHandler('delete'); 2735 2736 // Delete users 2737 $deleted = $userhandler->delete_user($selected); 2738 $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users 2739 2740 // Update forum stats, remove the cookie and redirect the user 2741 my_unsetcookie("inlinemod_useracp"); 2742 $mybb->input['action'] = "inline_delete"; 2743 log_admin_action($to_be_deleted); 2744 2745 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2746 2747 $cache->update_awaitingactivation(); 2748 2749 flash_message($lang->users_deleted, 'success'); 2750 admin_redirect("index.php?module=user-users".$vid_url); 2751 } 2752 2753 $to_be_deleted = count($selected); 2754 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2755 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2756 } 2757 break; 2758 case 'multiprune': 2759 if($mybb->input['processed'] == 1) 2760 { 2761 if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set']) 2762 { 2763 $errors[] = $lang->multi_selected_dates; 2764 } 2765 2766 $day = $mybb->get_input('day', MyBB::INPUT_INT); 2767 $month = $mybb->get_input('month', MyBB::INPUT_INT); 2768 $year = $mybb->get_input('year', MyBB::INPUT_INT); 2769 2770 // Selected a date - check if the date the user entered is valid 2771 if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) 2772 { 2773 // Is the date sort of valid? 2774 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2775 { 2776 $errors[] = $lang->incorrect_date; 2777 } 2778 2779 // Check the month 2780 $months = get_bdays($year); 2781 if($day > $months[$month-1]) 2782 { 2783 $errors[] = $lang->incorrect_date; 2784 } 2785 2786 // Check the year 2787 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2788 { 2789 $errors[] = $lang->incorrect_date; 2790 } 2791 2792 if(!$errors) 2793 { 2794 // No errors, so let's continue and set the date to delete from 2795 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2796 } 2797 } 2798 elseif($mybb->input['set'] > 0) 2799 { 2800 // Set options 2801 // For this purpose, 1 month = 31 days 2802 $base_time = 24 * 60 * 60; 2803 2804 switch($mybb->input['set']) 2805 { 2806 case '1': 2807 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2808 break; 2809 case '2': 2810 $threshold = $base_time * 93; // 3 months = 31 days * 3 2811 break; 2812 case '3': 2813 $threshold = $base_time * 183; // 6 months = 365 days / 2 2814 break; 2815 case '4': 2816 $threshold = $base_time * 365; // 1 year = 365 days 2817 break; 2818 case '5': 2819 $threshold = $base_time * 548; // 18 months = 365 + 183 2820 break; 2821 case '6': 2822 $threshold = $base_time * 730; // 2 years = 365 * 2 2823 break; 2824 } 2825 2826 if(!$threshold) 2827 { 2828 // An option was entered that isn't in the dropdown box 2829 $errors[] = $lang->no_set_option; 2830 } 2831 else 2832 { 2833 $date = TIME_NOW - $threshold; 2834 } 2835 } 2836 else 2837 { 2838 $errors[] = $lang->no_prune_option; 2839 } 2840 2841 if(!$errors) 2842 { 2843 $sql_array = implode(",", $selected); 2844 $prune_array = array(); 2845 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2846 while($user = $db->fetch_array($query)) 2847 { 2848 // Protect Super Admins 2849 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2850 { 2851 continue; 2852 } 2853 2854 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2855 if($return_array && is_array($return_array)) 2856 { 2857 $prune_array = array_merge_recursive($prune_array, $return_array); 2858 } 2859 } 2860 2861 $plugins->run_hooks("admin_user_multiprune_threads", $prune_array); 2862 2863 // No posts were found for the user, return error 2864 if(!is_array($prune_array) || count($prune_array) == 0) 2865 { 2866 flash_message($lang->prune_fail, 'error'); 2867 admin_redirect("index.php?module=user-users".$vid_url); 2868 } 2869 2870 // Require the rebuild functions 2871 require_once MYBB_ROOT.'/inc/functions.php'; 2872 require_once MYBB_ROOT.'/inc/functions_rebuild.php'; 2873 2874 // We've finished deleting user's posts, so let's delete the threads 2875 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2876 { 2877 foreach($prune_array['to_delete'] as $tid) 2878 { 2879 $db->delete_query("threads", "tid='$tid'"); 2880 $db->delete_query("threads", "closed='moved|$tid'"); 2881 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2882 $db->delete_query("polls", "tid='$tid'"); 2883 $db->delete_query("threadsread", "tid='$tid'"); 2884 $db->delete_query("threadratings", "tid='$tid'"); 2885 } 2886 } 2887 2888 // After deleting threads, rebuild the thread counters for the affected threads 2889 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2890 { 2891 $sql_array = implode(",", $prune_array['thread_update']); 2892 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2893 while($thread = $db->fetch_array($query)) 2894 { 2895 rebuild_thread_counters($thread['tid']); 2896 } 2897 } 2898 2899 // After updating thread counters, update the affected forum counters 2900 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2901 { 2902 $sql_array = implode(",", $prune_array['forum_update']); 2903 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2904 while($forum = $db->fetch_array($query)) 2905 { 2906 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2907 if($looped_forum == $forum['fid']) 2908 { 2909 continue; 2910 } 2911 $looped_forum = $forum['fid']; 2912 rebuild_forum_counters($forum['fid']); 2913 } 2914 } 2915 2916 //log_admin_action(); 2917 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2918 flash_message($lang->prune_complete, 'success'); 2919 admin_redirect("index.php?module=user-users".$vid_url); 2920 } 2921 } 2922 2923 $page->output_header($lang->manage_users); 2924 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2925 2926 // Display a table warning 2927 $table = new Table; 2928 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2929 $table->construct_cell($lang->mass_prune_info); 2930 $table->construct_row(); 2931 $table->output($lang->important); 2932 2933 if($errors) 2934 { 2935 $page->output_inline_error($errors); 2936 } 2937 2938 // Display the prune options 2939 $form = new Form("index.php?module=user-users", "post"); 2940 echo $form->generate_hidden_field('action', 'inline_edit'); 2941 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2942 echo $form->generate_hidden_field('processed', '1'); 2943 2944 $form_container = new FormContainer($lang->mass_prune_posts); 2945 2946 // Generate a list of days (1 - 31) 2947 $day_options = array(); 2948 $day_options[] = " "; 2949 for($i = 1; $i <= 31; ++$i) 2950 { 2951 $day_options[] = $i; 2952 } 2953 2954 // Generate a list of months (1 - 12) 2955 $month_options = array(); 2956 $month_options[] = " "; 2957 for($i = 1; $i <= 12; ++$i) 2958 { 2959 $string = "month_{$i}"; 2960 $month_options[] = $lang->$string; 2961 } 2962 $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']); 2963 $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']); 2964 $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0)); 2965 2966 $prune_select = $date_box.$month_box.$year_box; 2967 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2968 2969 // Generate the set date box 2970 $set_options = array(); 2971 $set_options[] = $lang->set_an_option; 2972 for($i = 1; $i <= 6; ++$i) 2973 { 2974 $string = "option_{$i}"; 2975 $set_options[] = $lang->$string; 2976 } 2977 2978 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set'); 2979 $form_container->end(); 2980 2981 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2982 $form->output_submit_wrapper($buttons); 2983 $form->end(); 2984 $page->output_footer(); 2985 break; 2986 case 'multiusergroup': 2987 if($mybb->get_input('processed', \MyBB::INPUT_INT) === 1) 2988 { 2989 // Determine additional usergroups 2990 if(is_array($mybb->input['additionalgroups'])) 2991 { 2992 foreach($mybb->input['additionalgroups'] as $key => $gid) 2993 { 2994 if($gid == $mybb->input['usergroup']) 2995 { 2996 unset($mybb->input['additionalgroups'][$key]); 2997 } 2998 } 2999 3000 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 3001 } 3002 else 3003 { 3004 $additionalgroups = ''; 3005 } 3006 3007 // Create an update array 3008 $update_array = array( 3009 "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT), 3010 "additionalgroups" => $additionalgroups, 3011 "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT) 3012 ); 3013 3014 // Create an admin_user_multiusergroup hook array 3015 $hook_params = array( 3016 "selected" => &$selected, 3017 "update_array" => &$update_array 3018 ); 3019 3020 $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params); 3021 3022 // Do the usergroup update for all those selected 3023 // If the a selected user is a super admin, don't update that user 3024 $users_to_update = array(); 3025 foreach($selected as $user) 3026 { 3027 if(!is_super_admin($user)) 3028 { 3029 $users_to_update[] = $user; 3030 } 3031 } 3032 3033 $to_update_count = count($users_to_update); 3034 if($to_update_count > 0) 3035 { 3036 // Update the users in the database 3037 $sql = implode(",", $users_to_update); 3038 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 3039 3040 // Redirect the admin... 3041 $mybb->input['action'] = "inline_usergroup"; 3042 log_admin_action($to_update_count); 3043 my_unsetcookie("inlinemod_useracp"); 3044 flash_message($lang->success_mass_usergroups, 'success'); 3045 admin_redirect("index.php?module=user-users".$vid_url); 3046 } 3047 else 3048 { 3049 // They tried to edit super admins! Uh-oh! 3050 $errors[] = $lang->no_usergroup_changed; 3051 } 3052 } 3053 3054 $page->output_header($lang->manage_users); 3055 $page->output_nav_tabs($sub_tabs, 'manage_users'); 3056 3057 // Display a table warning 3058 $table = new Table; 3059 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 3060 $table->construct_cell($lang->usergroup_info); 3061 $table->construct_row(); 3062 $table->output($lang->important); 3063 3064 if($errors) 3065 { 3066 $page->output_inline_error($errors); 3067 } 3068 3069 // Display the usergroup options 3070 $form = new Form("index.php?module=user-users", "post"); 3071 echo $form->generate_hidden_field('action', 'inline_edit'); 3072 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 3073 echo $form->generate_hidden_field('processed', '1'); 3074 3075 $form_container = new FormContainer($lang->mass_usergroups); 3076 3077 // Usergroups 3078 $display_group_options[0] = $lang->use_primary_user_group; 3079 $options = array(); 3080 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3081 while($usergroup = $db->fetch_array($query)) 3082 { 3083 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3084 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3085 } 3086 3087 if(!$mybb->get_input('additionalgroups', \MyBB::INPUT_ARRAY)) 3088 { 3089 $mybb->input['additionalgroups'] = explode(',', $mybb->get_input('additionalgroups')); 3090 } 3091 3092 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 3093 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 3094 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 3095 3096 $form_container->end(); 3097 3098 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 3099 $form->output_submit_wrapper($buttons); 3100 $form->end(); 3101 $page->output_footer(); 3102 break; 3103 } 3104 } 3105 3106 if(!$mybb->input['action']) 3107 { 3108 $plugins->run_hooks("admin_user_users_start"); 3109 3110 $page->output_header($lang->browse_users); 3111 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 3112 3113 $page->output_nav_tabs($sub_tabs, 'browse_users'); 3114 3115 if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) 3116 { 3117 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 3118 unset($admin_view['extra_sql']); 3119 } 3120 else 3121 { 3122 // Showing a specific view 3123 if(isset($mybb->input['vid'])) 3124 { 3125 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 3126 $admin_view = $db->fetch_array($query); 3127 // View does not exist or this view is private and does not belong to the current user 3128 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 3129 { 3130 unset($admin_view); 3131 } 3132 } 3133 3134 // Don't have a view? Fetch the default 3135 if(!isset($admin_view)) 3136 { 3137 $default_view = fetch_default_view("user"); 3138 if(!$default_view) 3139 { 3140 $default_view = "0"; 3141 } 3142 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 3143 $admin_view = $db->fetch_array($query); 3144 } 3145 } 3146 3147 // Fetch a list of all of the views for this user 3148 $popup = new PopupMenu("views", $lang->views); 3149 3150 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 3151 while($view = $db->fetch_array($query)) 3152 { 3153 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 3154 } 3155 $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views"); 3156 $admin_view['popup'] = $popup->fetch(); 3157 3158 if(isset($mybb->input['type'])) 3159 { 3160 $admin_view['view_type'] = $mybb->input['type']; 3161 } 3162 3163 $results = build_users_view($admin_view); 3164 3165 if(!$results) 3166 { 3167 // If we came from the home page and clicked on the "Activate Users" link, send them back to here 3168 if($admin_session['data']['from'] == "home") 3169 { 3170 flash_message($admin_session['data']['flash_message2']['message'], $admin_session['data']['flash_message2']['type']); 3171 update_admin_session('flash_message2', ''); 3172 update_admin_session('from', ''); 3173 admin_redirect("index.php"); 3174 exit; 3175 } 3176 else 3177 { 3178 $errors[] = $lang->error_no_users_found; 3179 } 3180 } 3181 3182 // If we have any error messages, show them 3183 if($errors) 3184 { 3185 if($inline != true) 3186 { 3187 echo "<div style=\"display: inline; float: right;\">{$admin_view['popup']}</div><br />\n"; 3188 } 3189 $page->output_inline_error($errors); 3190 } 3191 3192 echo $results; 3193 3194 $page->output_footer(); 3195 } 3196 3197 /** 3198 * @param array $view 3199 * 3200 * @return string 3201 */ 3202 function build_users_view($view) 3203 { 3204 global $mybb, $db, $cache, $lang, $user_view_fields, $page; 3205 3206 if($view['view_type'] != 'card') 3207 { 3208 $view['view_type'] = 'table'; 3209 } 3210 3211 $view_title = ''; 3212 if($view['title']) 3213 { 3214 if(isset($view['vid'])) 3215 { 3216 $title_string = "view_title_{$view['vid']}"; 3217 3218 if(isset($lang->$title_string)) 3219 { 3220 $view['title'] = $lang->$title_string; 3221 } 3222 } 3223 3224 $view_title .= " (".htmlspecialchars_uni($view['title']).")"; 3225 } 3226 3227 // Build the URL to this view 3228 if(!isset($view['url'])) 3229 { 3230 $view['url'] = "index.php?module=user-users"; 3231 } 3232 if(!is_array($view['conditions'])) 3233 { 3234 $view['conditions'] = my_unserialize($view['conditions']); 3235 } 3236 if(!is_array($view['fields'])) 3237 { 3238 $view['fields'] = my_unserialize($view['fields']); 3239 } 3240 if(!is_array($view['custom_profile_fields'])) 3241 { 3242 $view['custom_profile_fields'] = my_unserialize($view['custom_profile_fields']); 3243 } 3244 if(isset($mybb->input['username'])) 3245 { 3246 $view['conditions']['username'] = $mybb->input['username']; 3247 $view['url'] .= "&username=".urlencode(htmlspecialchars_uni($mybb->input['username'])); 3248 } 3249 if(!empty($view['vid'])) 3250 { 3251 $view['url'] .= "&vid={$view['vid']}"; 3252 } 3253 else 3254 { 3255 // If this is a custom view we need to save everything ready to pass it on from page to page 3256 global $admin_session; 3257 if(empty($mybb->input['search_id'])) 3258 { 3259 $search_id = md5(random_str()); 3260 $admin_session['data']['user_views'][$search_id] = $view; 3261 update_admin_session('user_views', $admin_session['data']['user_views']); 3262 $mybb->input['search_id'] = $search_id; 3263 } 3264 $view['url'] .= "&search_id=".htmlspecialchars_uni($mybb->input['search_id']); 3265 } 3266 3267 if(!isset($admin_session['data']['last_users_view']) || $admin_session['data']['last_users_view'] != str_replace("&", "&", $view['url'])) 3268 { 3269 update_admin_session('last_users_url', str_replace("&", "&", $view['url'])); 3270 } 3271 3272 if(isset($view['conditions']['referrer'])){ 3273 $view['url'] .= "&action=referrers&uid=".htmlspecialchars_uni($view['conditions']['referrer']); 3274 } 3275 3276 // Do we not have any views? 3277 if(empty($view)) 3278 { 3279 return false; 3280 } 3281 3282 $table = new Table; 3283 3284 // Build header for table based view 3285 if($view['view_type'] != "card") 3286 { 3287 foreach($view['fields'] as $field) 3288 { 3289 if(!$user_view_fields[$field]) 3290 { 3291 continue; 3292 } 3293 $view_field = $user_view_fields[$field]; 3294 $field_options = array(); 3295 if($view_field['width']) 3296 { 3297 $field_options['width'] = $view_field['width']; 3298 } 3299 if($view_field['align']) 3300 { 3301 $field_options['class'] = "align_".$view_field['align']; 3302 } 3303 $table->construct_header($view_field['title'], $field_options); 3304 } 3305 $table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />"); // Create a header for the "select" boxes 3306 } 3307 3308 $search_sql = '1=1'; 3309 3310 // Build the search SQL for users 3311 3312 // List of valid LIKE search fields 3313 $user_like_fields = array("username", "email", "website", "skype", "google", "signature", "usertitle"); 3314 foreach($user_like_fields as $search_field) 3315 { 3316 if(!empty($view['conditions'][$search_field]) && empty($view['conditions'][$search_field.'_blank'])) 3317 { 3318 $search_sql .= " AND u.{$search_field} LIKE '%".$db->escape_string_like($view['conditions'][$search_field])."%'"; 3319 } 3320 else if(!empty($view['conditions'][$search_field.'_blank'])) 3321 { 3322 $search_sql .= " AND u.{$search_field} != ''"; 3323 } 3324 } 3325 3326 // EXACT matching fields 3327 $user_exact_fields = array("referrer"); 3328 foreach($user_exact_fields as $search_field) 3329 { 3330 if(!empty($view['conditions'][$search_field])) 3331 { 3332 $search_sql .= " AND u.{$search_field}='".$db->escape_string($view['conditions'][$search_field])."'"; 3333 } 3334 } 3335 3336 // LESS THAN or GREATER THAN 3337 $direction_fields = array("postnum", "threadnum"); 3338 foreach($direction_fields as $search_field) 3339 { 3340 $direction_field = $search_field."_dir"; 3341 if(isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) 3342 { 3343 switch($view['conditions'][$direction_field]) 3344 { 3345 case "greater_than": 3346 $direction = ">"; 3347 break; 3348 case "less_than": 3349 $direction = "<"; 3350 break; 3351 default: 3352 $direction = "="; 3353 } 3354 $search_sql .= " AND u.{$search_field}{$direction}'".$db->escape_string($view['conditions'][$search_field])."'"; 3355 } 3356 } 3357 3358 // Registration searching 3359 $reg_fields = array("regdate"); 3360 foreach($reg_fields as $search_field) 3361 { 3362 if(!empty($view['conditions'][$search_field]) && (int)$view['conditions'][$search_field]) 3363 { 3364 $threshold = TIME_NOW - ((int)$view['conditions'][$search_field] * 24 * 60 * 60); 3365 3366 $search_sql .= " AND u.{$search_field} >= '{$threshold}'"; 3367 } 3368 } 3369 3370 // IP searching 3371 $ip_fields = array("regip", "lastip"); 3372 foreach($ip_fields as $search_field) 3373 { 3374 if(!empty($view['conditions'][$search_field])) 3375 { 3376 $ip_range = fetch_ip_range($view['conditions'][$search_field]); 3377 if(!is_array($ip_range)) 3378 { 3379 $ip_sql = "{$search_field}=".$db->escape_binary($ip_range); 3380 } 3381 else 3382 { 3383 $ip_sql = "{$search_field} BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); 3384 } 3385 $search_sql .= " AND {$ip_sql}"; 3386 } 3387 } 3388 3389 // Post IP searching 3390 if(!empty($view['conditions']['postip'])) 3391 { 3392 $ip_range = fetch_ip_range($view['conditions']['postip']); 3393 if(!is_array($ip_range)) 3394 { 3395 $ip_sql = "ipaddress=".$db->escape_binary($ip_range); 3396 } 3397 else 3398 { 3399 $ip_sql = "ipaddress BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); 3400 } 3401 $ip_uids = array(0); 3402 $query = $db->simple_select("posts", "uid", $ip_sql); 3403 while($uid = $db->fetch_field($query, "uid")) 3404 { 3405 $ip_uids[] = $uid; 3406 } 3407 $search_sql .= " AND u.uid IN(".implode(',', $ip_uids).")"; 3408 unset($ip_uids); 3409 } 3410 3411 // Custom Profile Field searching 3412 if($view['custom_profile_fields']) 3413 { 3414 $userfield_sql = '1=1'; 3415 foreach($view['custom_profile_fields'] as $column => $input) 3416 { 3417 if(!preg_match('/^fid[0-9]+(_blank)?$/', $column)) 3418 { 3419 continue; 3420 } 3421 3422 if(is_array($input)) 3423 { 3424 foreach($input as $value => $text) 3425 { 3426 if($value == $column) 3427 { 3428 $value = $text; 3429 } 3430 3431 if($value == $lang->na) 3432 { 3433 continue; 3434 } 3435 3436 if(strpos($column, '_blank') !== false) 3437 { 3438 $column = str_replace('_blank', '', $column); 3439 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3440 } 3441 else 3442 { 3443 $userfield_sql .= ' AND '.$db->escape_string($column)."='".$db->escape_string($value)."'"; 3444 } 3445 } 3446 } 3447 else if(!empty($input)) 3448 { 3449 if($input == $lang->na) 3450 { 3451 continue; 3452 } 3453 3454 if(strpos($column, '_blank') !== false) 3455 { 3456 $column = str_replace('_blank', '', $column); 3457 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3458 } 3459 else 3460 { 3461 $userfield_sql .= ' AND '.$db->escape_string($column)." LIKE '%".$db->escape_string_like($input)."%'"; 3462 } 3463 } 3464 } 3465 3466 if($userfield_sql != '1=1') 3467 { 3468 $userfield_uids = array(0); 3469 $query = $db->simple_select("userfields", "ufid", $userfield_sql); 3470 while($userfield = $db->fetch_array($query)) 3471 { 3472 $userfield_uids[] = $userfield['ufid']; 3473 } 3474 $search_sql .= " AND u.uid IN(".implode(',', $userfield_uids).")"; 3475 unset($userfield_uids); 3476 } 3477 } 3478 3479 // Usergroup based searching 3480 if(isset($view['conditions']['usergroup'])) 3481 { 3482 if(!is_array($view['conditions']['usergroup'])) 3483 { 3484 $view['conditions']['usergroup'] = array($view['conditions']['usergroup']); 3485 } 3486 3487 foreach($view['conditions']['usergroup'] as $usergroup) 3488 { 3489 $usergroup = (int)$usergroup; 3490 3491 if(!$usergroup) 3492 { 3493 continue; 3494 } 3495 3496 $additional_sql = ''; 3497 3498 switch($db->type) 3499 { 3500 case "pgsql": 3501 case "sqlite": 3502 $additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'"; 3503 break; 3504 default: 3505 $additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'"; 3506 } 3507 } 3508 3509 $search_sql .= " AND (u.usergroup IN (".implode(",", array_map('intval', $view['conditions']['usergroup'])).") {$additional_sql})"; 3510 } 3511 3512 // COPPA users only? 3513 if(isset($view['conditions']['coppa'])) 3514 { 3515 $search_sql .= " AND u.coppauser=1 AND u.usergroup=5"; 3516 } 3517 3518 // Extra SQL? 3519 if(isset($view['extra_sql'])) 3520 { 3521 $search_sql .= $view['extra_sql']; 3522 } 3523 3524 // Lets fetch out how many results we have 3525 $query = $db->query(" 3526 SELECT COUNT(u.uid) AS num_results 3527 FROM ".TABLE_PREFIX."users u 3528 WHERE {$search_sql} 3529 "); 3530 $num_results = $db->fetch_field($query, "num_results"); 3531 3532 // No matching results then return false 3533 if(!$num_results) 3534 { 3535 return false; 3536 } 3537 // Generate the list of results 3538 else 3539 { 3540 if(!$view['perpage']) 3541 { 3542 $view['perpage'] = 20; 3543 } 3544 $view['perpage'] = (int)$view['perpage']; 3545 3546 // Establish which page we're viewing and the starting index for querying 3547 if(!isset($mybb->input['page'])) 3548 { 3549 $mybb->input['page'] = 1; 3550 } 3551 else 3552 { 3553 $mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT); 3554 } 3555 3556 if($mybb->input['page']) 3557 { 3558 $start = ($mybb->input['page'] - 1) * $view['perpage']; 3559 $pages = ceil($num_results / $view['perpage']); 3560 if($mybb->input['page'] > $pages) 3561 { 3562 $start = 0; 3563 $mybb->input['page'] = 1; 3564 } 3565 } 3566 else 3567 { 3568 $start = 0; 3569 $mybb->input['page'] = 1; 3570 } 3571 3572 $from_bit = ""; 3573 if(isset($mybb->input['from']) && $mybb->input['from'] == "home") 3574 { 3575 $from_bit = "&from=home"; 3576 } 3577 3578 switch($view['sortby']) 3579 { 3580 case "regdate": 3581 case "lastactive": 3582 case "postnum": 3583 case "reputation": 3584 $view['sortby'] = $db->escape_string($view['sortby']); 3585 break; 3586 case "numposts": 3587 $view['sortby'] = "postnum"; 3588 break; 3589 case "numthreads": 3590 $view['sortby'] = "threadnum"; 3591 break; 3592 case "warninglevel": 3593 $view['sortby'] = "warningpoints"; 3594 break; 3595 default: 3596 $view['sortby'] = "username"; 3597 } 3598 3599 if($view['sortorder'] != "desc") 3600 { 3601 $view['sortorder'] = "asc"; 3602 } 3603 3604 $usergroups = $cache->read("usergroups"); 3605 3606 // Fetch matching users 3607 $query = $db->query(" 3608 SELECT u.* 3609 FROM ".TABLE_PREFIX."users u 3610 WHERE {$search_sql} 3611 ORDER BY {$view['sortby']} {$view['sortorder']} 3612 LIMIT {$start}, {$view['perpage']} 3613 "); 3614 $users = ''; 3615 while($user = $db->fetch_array($query)) 3616 { 3617 $comma = $groups_list = ''; 3618 $user['username'] = htmlspecialchars_uni($user['username']); 3619 $user['view']['username'] = "<a href=\"index.php?module=user-users&action=edit&uid={$user['uid']}\">".format_name($user['username'], $user['usergroup'], $user['displaygroup'])."</a>"; 3620 $user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']); 3621 if($user['additionalgroups']) 3622 { 3623 $additional_groups = explode(",", $user['additionalgroups']); 3624 3625 foreach($additional_groups as $group) 3626 { 3627 $groups_list .= $comma.htmlspecialchars_uni($usergroups[$group]['title']); 3628 $comma = $lang->comma; 3629 } 3630 } 3631 if(!$groups_list) 3632 { 3633 $groups_list = $lang->none; 3634 } 3635 $user['view']['additionalgroups'] = "<small>{$groups_list}</small>"; 3636 $user['view']['email'] = "<a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"; 3637 $user['view']['regdate'] = my_date('relative', $user['regdate']); 3638 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 3639 if(!empty($last_seen)) 3640 { 3641 $user['view']['lastactive'] = my_date('relative', $last_seen); 3642 } 3643 else 3644 { 3645 $user['view']['lastactive'] = $lang->never; 3646 } 3647 3648 // Build popup menu 3649 $popup = new PopupMenu("user_{$user['uid']}", $lang->options); 3650 $popup->add_item($lang->view_profile, $mybb->settings['bburl'].'/'.get_profile_link($user['uid'])); 3651 $popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}"); 3652 3653 // Banning options... is this user banned? 3654 if($usergroups[$user['usergroup']]['isbannedgroup'] == 1) 3655 { 3656 // Yes, so do we want to edit the ban or pardon his crime? 3657 $popup->add_item($lang->edit_ban, "index.php?module=user-banning&uid={$user['uid']}#username"); 3658 $popup->add_item($lang->lift_ban, "index.php?module=user-banning&action=lift&uid={$user['uid']}&my_post_key={$mybb->post_code}"); 3659 } 3660 else 3661 { 3662 // Not banned... but soon maybe! 3663 $popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username"); 3664 } 3665 3666 if($user['usergroup'] == 5) 3667 { 3668 if($user['coppauser']) 3669 { 3670 $popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3671 } 3672 else 3673 { 3674 $popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3675 } 3676 } 3677 3678 $popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')"); 3679 $popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}"); 3680 $popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}"); 3681 $popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username=".urlencode($user['username'])); 3682 $user['view']['controls'] = $popup->fetch(); 3683 3684 // Fetch the reputation for this user 3685 if($usergroups[$user['usergroup']]['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 3686 { 3687 $user['view']['reputation'] = get_reputation($user['reputation']); 3688 } 3689 else 3690 { 3691 $reputation = "-"; 3692 } 3693 3694 if($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) 3695 { 3696 if($mybb->settings['maxwarningpoints'] < 1) 3697 { 3698 $mybb->settings['maxwarningpoints'] = 10; 3699 } 3700 3701 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3702 if($warning_level > 100) 3703 { 3704 $warning_level = 100; 3705 } 3706 $user['view']['warninglevel'] = get_colored_warning_level($warning_level); 3707 } 3708 3709 if($view['view_type'] == "card") 3710 { 3711 $max_dimensions = '80x80'; 3712 } 3713 else 3714 { 3715 $max_dimensions = '34x34'; 3716 } 3717 3718 $avatar = format_avatar($user['avatar'], $user['avatardimensions'], $max_dimensions); 3719 3720 $user['view']['avatar'] = "<img src=\"".$avatar['image']."\" alt=\"\" {$avatar['width_height']} />"; 3721 3722 // Convert IP's to readable 3723 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 3724 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 3725 3726 if($view['view_type'] == "card") 3727 { 3728 $users .= build_user_view_card($user, $view, $i); 3729 } 3730 else 3731 { 3732 build_user_view_table($user, $view, $table); 3733 } 3734 } 3735 3736 // If card view, we need to output the results 3737 if($view['view_type'] == "card") 3738 { 3739 $table->construct_cell($users); 3740 $table->construct_row(); 3741 } 3742 } 3743 3744 if(!isset($view['table_id'])) 3745 { 3746 $view['table_id'] = "users_list"; 3747 } 3748 3749 $switch_view = "<div class=\"float_right\">"; 3750 $switch_url = $view['url']; 3751 if($mybb->input['page'] > 0) 3752 { 3753 $switch_url .= "&page=".$mybb->get_input('page', MyBB::INPUT_INT); 3754 } 3755 if($view['view_type'] != "card") 3756 { 3757 $switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>"; 3758 } 3759 else 3760 { 3761 $switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>"; 3762 } 3763 $switch_view .= "</div>"; 3764 3765 // Do we need to construct the pagination? 3766 if($num_results > $view['perpage']) 3767 { 3768 $view_type = htmlspecialchars_uni($view['view_type']); 3769 $pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url']."&type={$view_type}"); 3770 $search_class = "float_right"; 3771 $search_style = ""; 3772 } 3773 else 3774 { 3775 $search_class = ''; 3776 $search_style = "text-align: right;"; 3777 } 3778 3779 $search_action = $view['url']; 3780 // stop &username= in the query string 3781 if($view_upos = strpos($search_action, '&username=')) 3782 { 3783 $search_action = substr($search_action, 0, $view_upos); 3784 } 3785 $search_action = str_replace("&", "&", $search_action); 3786 $search = new Form(htmlspecialchars_uni($search_action), 'post', 'search_form', 0, '', true); 3787 $built_view = $search->construct_return; 3788 $built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">"; 3789 $built_view .= $search->generate_hidden_field('action', 'search')."\n"; 3790 if(isset($view['conditions']['username'])) 3791 { 3792 $default_class = ''; 3793 $value = $view['conditions']['username']; 3794 } 3795 else 3796 { 3797 $default_class = "search_default"; 3798 $value = $lang->search_for_user; 3799 } 3800 $built_view .= $search->generate_text_box('username', htmlspecialchars_uni($value), array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small"))."\n"; 3801 $built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n"; 3802 if(!empty($view['popup'])) 3803 { 3804 $built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n"; 3805 } 3806 $built_view .= "<script type=\"text/javascript\"> 3807 var form = $(\"#search_form\"); 3808 form.on('submit', function() { 3809 var search = $('#search_keywords'); 3810 if(search.val() == '' || search.val() == '".addcslashes($lang->search_for_user, "'")."') 3811 { 3812 search.trigger('focus'); 3813 return false; 3814 } 3815 }); 3816 3817 var search = $(\"#search_keywords\"); 3818 search.on('focus', function() 3819 { 3820 var searched_focus = $(this); 3821 if(searched_focus.val() == '".addcslashes($lang->search_for_user, "'")."') 3822 { 3823 searched_focus.removeClass(\"search_default\"); 3824 searched_focus.val(\"\"); 3825 } 3826 }).on('blur', function() 3827 { 3828 var searched_blur = $(this); 3829 if(searched_blur.val() == \"\") 3830 { 3831 searched_blur.addClass('search_default'); 3832 searched_blur.val('".addcslashes($lang->search_for_user, "'")."'); 3833 } 3834 }); 3835 3836 // fix the styling used if we have a different default value 3837 if(search.val() != '".addcslashes($lang->search_for_user, "'")."') 3838 { 3839 $(search).removeClass('search_default'); 3840 } 3841 </script>\n"; 3842 $built_view .= "</div>\n"; 3843 3844 // Autocompletion for usernames 3845 // TODO Select2 3846 3847 $built_view .= $search->end(); 3848 3849 if(isset($pagination)) 3850 { 3851 $built_view .= $pagination; 3852 } 3853 if($view['view_type'] != "card") 3854 { 3855 $checkbox = ''; 3856 } 3857 else 3858 { 3859 $checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> "; 3860 } 3861 $built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']); 3862 if(isset($pagination)) 3863 { 3864 $built_view .= $pagination; 3865 } 3866 3867 $built_view .= ' 3868 <script type="text/javascript" src="'.$mybb->settings['bburl'].'/jscripts/inline_moderation.js?ver=1838"></script> 3869 <form action="index.php?module=user-users" method="post"> 3870 <input type="hidden" name="my_post_key" value="'.$mybb->post_code.'" /> 3871 <input type="hidden" name="action" value="inline_edit" /> 3872 <div class="float_right"><span class="smalltext"><strong>'.$lang->inline_edit.'</strong></span> 3873 <select name="inline_action"> 3874 <option value="multiactivate">'.$lang->inline_activate.'</option> 3875 <option value="multiban">'.$lang->inline_ban.'</option> 3876 <option value="multiusergroup">'.$lang->inline_usergroup.'</option> 3877 <option value="multidelete">'.$lang->inline_delete.'</option> 3878 <option value="multiprune">'.$lang->inline_prune.'</option> 3879 </select> 3880 <input type="submit" class="submit_button inline_element" name="go" value="'.$lang->go.' (0)" id="inline_go" /> 3881 <input type="button" onclick="javascript:inlineModeration.clearChecked();" value="'.$lang->clear.'" class="submit_button inline_element" /> 3882 </div> 3883 </form> 3884 <br style="clear: both;" /> 3885 <script type="text/javascript"> 3886 <!-- 3887 var go_text = "'.$lang->go.'"; 3888 var all_text = "1"; 3889 var inlineType = "user"; 3890 var inlineId = "acp"; 3891 // --> 3892 </script>'; 3893 3894 return $built_view; 3895 } 3896 3897 /** 3898 * @param array $user 3899 * @param array $view 3900 * @param int $i 3901 * 3902 * @return string 3903 */ 3904 function build_user_view_card($user, $view, &$i) 3905 { 3906 global $user_view_fields; 3907 3908 ++$i; 3909 if($i == 3) 3910 { 3911 $i = 1; 3912 } 3913 3914 // Loop through fields user wants to show 3915 foreach($view['fields'] as $field) 3916 { 3917 if(!$user_view_fields[$field]) 3918 { 3919 continue; 3920 } 3921 3922 $view_field = $user_view_fields[$field]; 3923 3924 // Special conditions for avatar 3925 if($field == "avatar") 3926 { 3927 $avatar = $user['view']['avatar']; 3928 } 3929 else if($field == "controls") 3930 { 3931 $controls = $user['view']['controls']; 3932 } 3933 // Otherwise, just user data 3934 else if($field != "username") 3935 { 3936 if(isset($user['view'][$field])) 3937 { 3938 $value = $user['view'][$field]; 3939 } 3940 else 3941 { 3942 $value = $user[$field]; 3943 } 3944 3945 if($field == "postnum") 3946 { 3947 $value = my_number_format($value); 3948 } 3949 3950 $user_details[] = "<strong>{$view_field['title']}:</strong> {$value}"; 3951 } 3952 3953 } 3954 // Floated to the left or right? 3955 if($i == 1) 3956 { 3957 $float = "left"; 3958 } 3959 else 3960 { 3961 $float = "right"; 3962 } 3963 3964 // And build the final card 3965 $uname = ""; 3966 if(in_array('username', $view['fields'])) 3967 { 3968 $uname = $user['view']['username']; 3969 } 3970 $card = "<fieldset id=\"uid_{$user['uid']}\" style=\"width: 47%; float: {$float};\">\n"; 3971 $card .= "<legend><input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" /> {$uname}</legend>\n"; 3972 if(!empty($avatar)) 3973 { 3974 $card .= "<div class=\"user_avatar\">{$avatar}</div>\n"; 3975 } 3976 if(!empty($user_details)) 3977 { 3978 $card .= "<div class=\"user_details\">".implode("<br />", $user_details)."</div>\n"; 3979 } 3980 if(!empty($controls)) 3981 { 3982 $card .= "<div class=\"float_right\" style=\"padding: 4px;\">{$controls}</div>\n"; 3983 } 3984 $card .= "</fieldset>"; 3985 return $card; 3986 3987 } 3988 3989 /** 3990 * @param array $user 3991 * @param array $view 3992 * @param DefaultTable $table 3993 */ 3994 function build_user_view_table($user, $view, &$table) 3995 { 3996 global $user_view_fields; 3997 3998 foreach($view['fields'] as $field) 3999 { 4000 if(!$user_view_fields[$field]) 4001 { 4002 continue; 4003 } 4004 $view_field = $user_view_fields[$field]; 4005 $field_options = array(); 4006 if(($view_field['align'])) 4007 { 4008 $field_options['class'] = "align_".$view_field['align']; 4009 } 4010 if(!empty($user['view'][$field])) 4011 { 4012 $value = $user['view'][$field]; 4013 } 4014 else 4015 { 4016 $value = $user[$field]; 4017 } 4018 4019 if($field == "postnum") 4020 { 4021 $value = my_number_format($user[$field]); 4022 } 4023 $table->construct_cell($value, $field_options); 4024 } 4025 4026 $table->construct_cell("<input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" />"); 4027 4028 $table->construct_row(); 4029 } 4030 4031 /** 4032 * @param array $fields 4033 * @param array $values 4034 * @param DefaultFormContainer $form_container 4035 * @param DefaultForm $form 4036 * @param bool $search 4037 */ 4038 function output_custom_profile_fields($fields, $values, &$form_container, &$form, $search=false) 4039 { 4040 global $lang, $mybb; 4041 4042 if(!is_array($fields)) 4043 { 4044 return; 4045 } 4046 foreach($fields as $profile_field) 4047 { 4048 $profile_field['name'] = htmlspecialchars_uni($profile_field['name']); 4049 $profile_field['description'] = htmlspecialchars_uni($profile_field['description']); 4050 4051 $type_data = explode("\n", $profile_field['type'], 2); 4052 $type = $type_data[0]; 4053 $options = !empty($type_data[1]) ? $type_data[1] : null; 4054 4055 $type = trim($type); 4056 $field_name = "fid{$profile_field['fid']}"; 4057 4058 if(!isset($values[$field_name])) 4059 { 4060 $values[$field_name] = ''; 4061 } 4062 if(!isset($values[$field_name.'_blank'])) 4063 { 4064 $values[$field_name.'_blank'] = ''; 4065 } 4066 4067 switch($type) 4068 { 4069 case "multiselect": 4070 $selected_options = array(); 4071 if(!is_array($values[$field_name])) 4072 { 4073 $user_options = explode("\n", $values[$field_name]); 4074 } 4075 else 4076 { 4077 $user_options = $values[$field_name]; 4078 } 4079 4080 4081 foreach($user_options as $val) 4082 { 4083 $selected_options[$val] = htmlspecialchars_uni($val); 4084 } 4085 4086 $select_options = explode("\n", $options); 4087 $options = array(); 4088 if($search == true) 4089 { 4090 $select_options[''] = $lang->na; 4091 } 4092 4093 foreach($select_options as $val) 4094 { 4095 $val = htmlspecialchars_uni(trim($val)); 4096 $options[$val] = $val; 4097 } 4098 if(!$profile_field['length']) 4099 { 4100 $profile_field['length'] = 3; 4101 } 4102 $code = $form->generate_select_box("profile_fields[{$field_name}][]", $options, $selected_options, array('id' => "profile_field_{$field_name}", 'multiple' => true, 'size' => $profile_field['length'])); 4103 break; 4104 case "select": 4105 $select_options = array(); 4106 if($search == true) 4107 { 4108 $select_options[''] = $lang->na; 4109 } 4110 $select_options += explode("\n", $options); 4111 $options = array(); 4112 foreach($select_options as $val) 4113 { 4114 $val = htmlspecialchars_uni(trim($val)); 4115 $options[$val] = $val; 4116 } 4117 if(!$profile_field['length']) 4118 { 4119 $profile_field['length'] = 1; 4120 } 4121 if($search == true) 4122 { 4123 $code = $form->generate_select_box("profile_fields[{$field_name}][{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 4124 } 4125 else 4126 { 4127 $code = $form->generate_select_box("profile_fields[{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 4128 } 4129 break; 4130 case "radio": 4131 $radio_options = array(); 4132 if($search == true) 4133 { 4134 $radio_options[''] = $lang->na; 4135 } 4136 $radio_options += explode("\n", $options); 4137 $code = ''; 4138 foreach($radio_options as $val) 4139 { 4140 $val = trim($val); 4141 $code .= $form->generate_radio_button("profile_fields[{$field_name}]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => ($val == $values[$field_name] ? true : false)))."<br />"; 4142 } 4143 break; 4144 case "checkbox": 4145 $select_options = array(); 4146 if(!is_array($values[$field_name])) 4147 { 4148 $user_options = explode("\n", $values[$field_name]); 4149 } 4150 else 4151 { 4152 $user_options = $values[$field_name]; 4153 } 4154 4155 $selected_options = array(); 4156 foreach($user_options as $val) 4157 { 4158 $selected_options[$val] = $val; 4159 } 4160 4161 if($search == true) 4162 { 4163 $select_options[''] = $lang->na; 4164 } 4165 $select_options += explode("\n", $options); 4166 $code = ''; 4167 foreach($select_options as $val) 4168 { 4169 $val = trim($val); 4170 $code .= $form->generate_check_box("profile_fields[{$field_name}][]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => (isset($selected_options[$val]) && $val == $selected_options[$val] ? true : false)))."<br />"; 4171 } 4172 break; 4173 case "textarea": 4174 $extra = ''; 4175 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 4176 { 4177 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 4178 } 4179 4180 $code = $form->generate_text_area("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'rows' => 6, 'cols' => 50)).$extra; 4181 break; 4182 default: 4183 $extra = ''; 4184 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 4185 { 4186 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 4187 } 4188 4189 $code = $form->generate_text_box("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'maxlength' => $profile_field['maxlength'], 'length' => $profile_field['length'])).$extra; 4190 break; 4191 } 4192 4193 $form_container->output_row($profile_field['name'], $profile_field['description'], $code, "", array('id' => "profile_field_{$field_name}")); 4194 $code = $user_options = $selected_options = $radio_options = $val = $options = ''; 4195 } 4196 } 4197 4198 /** 4199 * @param array $input 4200 * @param DefaultForm $form 4201 */ 4202 function user_search_conditions($input, &$form) 4203 { 4204 global $mybb, $db, $lang; 4205 4206 if(!$input) 4207 { 4208 $input = $mybb->input; 4209 } 4210 4211 if(empty($input['conditions'])) 4212 { 4213 $input['conditions'] = array(); 4214 } 4215 4216 if(!is_array($input['conditions'])) 4217 { 4218 $input['conditions'] = (array)my_unserialize($input['conditions']); 4219 } 4220 4221 $array = array('username', 'email', 'usergroup', 'website', 'website_blank', 'skype', 'skype_blank', 'google', 'google_blank', 'signature', 'signature_blank', 'usertitle', 'usertitle_blank', 'postnum_dir', 'postnum', 'threadnum_dir', 'threadnum', 'regdate', 'regip', 'lastip', 'postip'); 4222 foreach($array as $condition) 4223 { 4224 if(!isset($input['conditions'][$condition])) 4225 { 4226 $input['conditions'][$condition] = ''; 4227 } 4228 } 4229 4230 if(empty($input['profile_fields'])) 4231 { 4232 $input['profile_fields'] = array(); 4233 } 4234 4235 if(!is_array($input['profile_fields'])) 4236 { 4237 $input['profile_fields'] = (array)my_unserialize($input['profile_fields']); 4238 } 4239 4240 if(empty($input['fields'])) 4241 { 4242 $input['fields'] = array(); 4243 } 4244 4245 if(!is_array($input['fields'])) 4246 { 4247 $input['fields'] = (array)my_unserialize($input['fields']); 4248 } 4249 4250 $form_container = new FormContainer($lang->find_users_where); 4251 $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', htmlspecialchars_uni($input['conditions']['username']), array('id' => 'username')), 'username'); 4252 $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email'); 4253 4254 $options = array(); 4255 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 4256 while($usergroup = $db->fetch_array($query)) 4257 { 4258 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 4259 } 4260 4261 $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups'); 4262 4263 $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website'))." {$lang->or} ".$form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website'); 4264 $form_container->output_row($lang->skype_contains, "", $form->generate_text_box('conditions[skype]', $input['conditions']['skype'], array('id' => 'skype'))." {$lang->or} ".$form->generate_check_box('conditions[skype_blank]', 1, $lang->is_not_blank, array('id' => 'skype_blank', 'checked' => $input['conditions']['skype_blank'])), 'skype'); 4265 $form_container->output_row($lang->google_contains, "", $form->generate_text_box('conditions[google]', $input['conditions']['google'], array('id' => 'google'))." {$lang->or} ".$form->generate_check_box('conditions[google_blank]', 1, $lang->is_not_blank, array('id' => 'google_blank', 'checked' => $input['conditions']['google_blank'])), 'google'); 4266 $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature'))." {$lang->or} ".$form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature'); 4267 $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle'))." {$lang->or} ".$form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle'); 4268 $greater_options = array( 4269 "greater_than" => $lang->greater_than, 4270 "is_exactly" => $lang->is_exactly, 4271 "less_than" => $lang->less_than 4272 ); 4273 $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir'))." ".$form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts'); 4274 $form_container->output_row($lang->thread_count_is, "", $form->generate_select_box('conditions[threadnum_dir]', $greater_options, $input['conditions']['threadnum_dir'], array('id' => 'numthreads_dir'))." ".$form->generate_text_box('conditions[threadnum]', $input['conditions']['threadnum'], array('id' => 'numthreads')), 'numthreads'); 4275 4276 $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')).' '.$lang->days, 'regdate'); 4277 $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip'); 4278 $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip'); 4279 $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip'); 4280 4281 $form_container->end(); 4282 4283 // Custom profile fields go here 4284 $form_container = new FormContainer($lang->custom_profile_fields_match); 4285 4286 // Fetch custom profile fields 4287 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 4288 4289 $profile_fields = array( 4290 'required' => array(), 4291 'optional' => array(), 4292 ); 4293 while($profile_field = $db->fetch_array($query)) 4294 { 4295 if($profile_field['required'] == 1) 4296 { 4297 $profile_fields['required'][] = $profile_field; 4298 } 4299 else 4300 { 4301 $profile_fields['optional'][] = $profile_field; 4302 } 4303 } 4304 4305 output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true); 4306 output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true); 4307 4308 $form_container->end(); 4309 4310 // Autocompletion for usernames 4311 echo ' 4312 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 4313 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 4314 <script type="text/javascript"> 4315 <!-- 4316 $("#username").select2({ 4317 placeholder: "'.$lang->search_for_a_user.'", 4318 minimumInputLength: 2, 4319 multiple: false, 4320 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 4321 url: "../xmlhttp.php?action=get_users", 4322 dataType: \'json\', 4323 data: function (term, page) { 4324 return { 4325 query: term // search term 4326 }; 4327 }, 4328 results: function (data, page) { // parse the results into the format expected by Select2. 4329 // since we are using custom formatting functions we do not need to alter remote JSON data 4330 return {results: data}; 4331 } 4332 }, 4333 initSelection: function(element, callback) { 4334 var query = $(element).val(); 4335 if (query !== "") { 4336 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 4337 data: { 4338 query: query 4339 }, 4340 dataType: "json" 4341 }).done(function(data) { callback(data); }); 4342 } 4343 } 4344 }); 4345 // --> 4346 </script>'; 4347 } 4348 4349 /** 4350 * @param int $source_uid 4351 * @param int $destination_uid 4352 */ 4353 function merge_thread_ratings($source_uid, $destination_uid) 4354 { 4355 global $db; 4356 4357 $source_ratings = $dest_threads = $delete_list = $decrement_list = array(); 4358 4359 // Get all thread ratings from both accounts 4360 $query = $db->simple_select('threadratings', 'tid, uid, rid, rating', "uid IN ({$destination_uid}, {$source_uid})"); 4361 while($rating = $db->fetch_array($query)) 4362 { 4363 if($rating['uid'] == $destination_uid) 4364 { 4365 $dest_threads[] = $rating['tid']; 4366 } 4367 else 4368 { 4369 $source_ratings[] = $rating; 4370 } 4371 } 4372 4373 // If there are duplicates, mark them for deletion 4374 foreach($source_ratings as $rating) 4375 { 4376 if(in_array($rating['tid'], $dest_threads)) 4377 { 4378 $delete_list[] = $rating['rid']; 4379 $decrement_list[$rating['tid']][] = (int) $rating['rating']; 4380 } 4381 } 4382 4383 // Attribute all of the source user's ratings to the destination user 4384 $db->update_query("threadratings", array("uid" => $destination_uid), "uid='{$source_uid}'"); 4385 4386 // Remove ratings previously given to recently acquired threads 4387 $query = $db->query(" 4388 SELECT tr.rid, tr.rating, t.tid 4389 FROM {$db->table_prefix}threadratings tr 4390 LEFT JOIN {$db->table_prefix}threads t ON (t.tid=tr.tid) 4391 WHERE tr.uid='{$destination_uid}' AND tr.uid=t.uid 4392 "); 4393 while($rating = $db->fetch_array($query)) 4394 { 4395 $delete_list[] = $rating['rid']; 4396 $decrement_list[$rating['tid']][] = (int) $rating['rating']; 4397 } 4398 4399 // Delete the duplicate/disallowed ratings 4400 if(!empty($delete_list)) 4401 { 4402 $imp = implode(',', $delete_list); 4403 $db->delete_query('threadratings', "rid IN ({$imp})"); 4404 } 4405 4406 // Correct the thread rating counters 4407 if(!empty($decrement_list)) 4408 { 4409 foreach($decrement_list as $tid => $ratings) 4410 { 4411 if(is_array($ratings)) 4412 { 4413 $db->update_query('threads', array('numratings' => 'numratings-'.count($ratings), 'totalratings' => 'totalratings-'.array_sum($ratings)), "tid='{$tid}'", 1, true); 4414 } 4415 } 4416 } 4417 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |