[ Index ]

PHP Cross Reference of MyBB 1.8.38

title

Body

[close]

/admin/modules/user/ -> users.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  // Disallow direct access to this file for security reasons
  12  if(!defined("IN_MYBB"))
  13  {
  14      die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
  15  }
  16  
  17  require_once  MYBB_ROOT."inc/functions_upload.php";
  18  
  19  $page->add_breadcrumb_item($lang->users, "index.php?module=user-users");
  20  
  21  if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action'])
  22  {
  23      $sub_tabs['browse_users'] = array(
  24          'title' => $lang->browse_users,
  25          'link' => "index.php?module=user-users",
  26          'description' => $lang->browse_users_desc
  27      );
  28  
  29      $sub_tabs['find_users'] = array(
  30          'title' => $lang->find_users,
  31          'link' => "index.php?module=user-users&amp;action=search",
  32          'description' => $lang->find_users_desc
  33      );
  34  
  35      $sub_tabs['create_user'] = array(
  36          'title' => $lang->create_user,
  37          'link' => "index.php?module=user-users&amp;action=add",
  38          'description' => $lang->create_user_desc
  39      );
  40  
  41      $sub_tabs['merge_users'] = array(
  42          'title' => $lang->merge_users,
  43          'link' => "index.php?module=user-users&amp;action=merge",
  44          'description' => $lang->merge_users_desc
  45      );
  46  }
  47  
  48  $user_view_fields = array(
  49      "avatar" => array(
  50          "title" => $lang->avatar,
  51          "width" => "24",
  52          "align" => ""
  53      ),
  54  
  55      "username" => array(
  56          "title" => $lang->username,
  57          "width" => "",
  58          "align" => ""
  59      ),
  60  
  61      "email" => array(
  62          "title" => $lang->email,
  63          "width" => "",
  64          "align" => "center"
  65      ),
  66  
  67      "usergroup" => array(
  68          "title" => $lang->primary_group,
  69          "width" => "",
  70          "align" => "center"
  71      ),
  72  
  73      "additionalgroups" => array(
  74          "title" => $lang->additional_groups,
  75          "width" => "",
  76          "align" => "center"
  77      ),
  78  
  79      "regdate" => array(
  80          "title" => $lang->registered,
  81          "width" => "",
  82          "align" => "center"
  83      ),
  84  
  85      "lastactive" => array(
  86          "title" => $lang->last_active,
  87          "width" => "",
  88          "align" => "center"
  89      ),
  90  
  91      "postnum" => array(
  92          "title" => $lang->post_count,
  93          "width" => "",
  94          "align" => "center"
  95      ),
  96  
  97      "threadnum" => array(
  98          "title" => $lang->thread_count,
  99          "width" => "",
 100          "align" => "center"
 101      ),
 102  
 103      "reputation" => array(
 104          "title" => $lang->reputation,
 105          "width" => "",
 106          "align" => "center"
 107      ),
 108  
 109      "warninglevel" => array(
 110          "title" => $lang->warning_level,
 111          "width" => "",
 112          "align" => "center"
 113      ),
 114  
 115      "regip" => array(
 116          "title" => $lang->registration_ip,
 117          "width" => "",
 118          "align" => "center"
 119      ),
 120  
 121      "lastip" => array(
 122          "title" => $lang->last_known_ip,
 123          "width" => "",
 124          "align" => "center"
 125      ),
 126  
 127      "controls" => array(
 128          "title" => $lang->controls,
 129          "width" => "",
 130          "align" => "center"
 131      )
 132  );
 133  
 134  $sort_options = array(
 135      "username" => $lang->username,
 136      "regdate" => $lang->registration_date,
 137      "lastactive" => $lang->last_active,
 138      "numposts" => $lang->post_count,
 139      "reputation" => $lang->reputation,
 140      "warninglevel" => $lang->warning_level
 141  );
 142  
 143  $plugins->run_hooks("admin_user_users_begin");
 144  
 145  // Initialise the views manager for user based views
 146  require MYBB_ADMIN_DIR."inc/functions_view_manager.php";
 147  if($mybb->input['action'] == "views")
 148  {
 149      view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions");
 150  }
 151  
 152  if($mybb->input['action'] == 'iplookup')
 153  {
 154      $mybb->input['ipaddress'] = $mybb->get_input('ipaddress');
 155      $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress']));
 156      $ipaddress_location = $lang->na;
 157      $ipaddress_host_name = $lang->na;
 158      $modcp_ipsearch_misc_info = '';
 159      if(!strstr($mybb->input['ipaddress'], "*"))
 160      {
 161          // Return GeoIP information if it is available to us
 162          if(function_exists('geoip_record_by_name'))
 163          {
 164              $ip_record = @geoip_record_by_name($mybb->input['ipaddress']);
 165              if($ip_record)
 166              {
 167                  $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name']));
 168                  if($ip_record['city'])
 169                  {
 170                      $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city']));
 171                  }
 172              }
 173          }
 174  
 175          if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP))
 176          {
 177              $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress']));
 178  
 179              // gethostbyaddr returns the same ip on failure
 180              if($ipaddress_host_name == $mybb->input['ipaddress'])
 181              {
 182                  $ipaddress_host_name = $lang->na;
 183              }
 184          }
 185      }
 186  
 187      ?>
 188      <div class="modal">
 189          <div style="overflow-y: auto; max-height: 400px;">
 190  
 191              <?php
 192  
 193              $table = new Table();
 194  
 195              $table->construct_cell($lang->ipaddress_host_name.":");
 196              $table->construct_cell($ipaddress_host_name);
 197              $table->construct_row();
 198  
 199              $table->construct_cell($lang->ipaddress_location.":");
 200              $table->construct_cell($ipaddress_location);
 201              $table->construct_row();
 202  
 203              $table->output($lang->ipaddress_misc_info);
 204  
 205              ?>
 206          </div>
 207      </div>
 208  <?php
 209  }
 210  
 211  if($mybb->input['action'] == "activate_user")
 212  {
 213      if(!verify_post_check($mybb->get_input('my_post_key')))
 214      {
 215          flash_message($lang->invalid_post_verify_key2, 'error');
 216          admin_redirect("index.php?module=user-users");
 217      }
 218  
 219      $user = get_user($mybb->input['uid']);
 220  
 221      // Does the user not exist?
 222      if(!$user || $user['usergroup'] != 5)
 223      {
 224          flash_message($lang->error_invalid_user, 'error');
 225          admin_redirect("index.php?module=user-users");
 226      }
 227  
 228      $plugins->run_hooks("admin_user_users_coppa_activate");
 229  
 230      $updated_user['usergroup'] = $user['usergroup'];
 231  
 232      // Update
 233      if($user['coppauser'])
 234      {
 235          $updated_user = array(
 236              "coppauser" => 0
 237          );
 238      }
 239      else
 240      {
 241          $db->delete_query("awaitingactivation", "uid='{$user['uid']}'");
 242      }
 243  
 244      // Move out of awaiting activation if they're in it.
 245      if($user['usergroup'] == 5)
 246      {
 247          $updated_user['usergroup'] = 2;
 248      }
 249  
 250      $plugins->run_hooks("admin_user_users_coppa_activate_commit");
 251  
 252      $db->update_query("users", $updated_user, "uid='{$user['uid']}'");
 253  
 254      $cache->update_awaitingactivation();
 255  
 256      $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
 257      my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
 258  
 259      // Log admin action
 260      log_admin_action($user['uid'], $user['username']);
 261  
 262      if($mybb->input['from'] == "home")
 263      {
 264          if($user['coppauser'])
 265          {
 266              $message = $lang->success_coppa_activated;
 267          }
 268          else
 269          {
 270              $message = $lang->success_activated;
 271          }
 272  
 273          update_admin_session('flash_message2', array('message' => $message, 'type' => 'success'));
 274      }
 275      else
 276      {
 277          if($user['coppauser'])
 278          {
 279              flash_message($lang->success_coppa_activated, 'success');
 280          }
 281          else
 282          {
 283              flash_message($lang->success_activated, 'success');
 284          }
 285      }
 286  
 287      if($admin_session['data']['last_users_url'])
 288      {
 289          $url = $admin_session['data']['last_users_url'];
 290          update_admin_session('last_users_url', '');
 291  
 292          if($mybb->input['from'] == "home")
 293          {
 294              update_admin_session('from', 'home');
 295          }
 296      }
 297      else
 298      {
 299          $url = "index.php?module=user-users&action=edit&uid={$user['uid']}";
 300      }
 301  
 302      $plugins->run_hooks("admin_user_users_coppa_end");
 303  
 304      admin_redirect($url);
 305  }
 306  
 307  if($mybb->input['action'] == "add")
 308  {
 309      $plugins->run_hooks("admin_user_users_add");
 310  
 311      if($mybb->request_method == "post")
 312      {
 313          // Determine the usergroup stuff
 314          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 315          {
 316              foreach($mybb->input['additionalgroups'] as $key => $gid)
 317              {
 318                  if($gid == $mybb->input['usergroup'])
 319                  {
 320                      unset($mybb->input['additionalgroups'][$key]);
 321                  }
 322              }
 323              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 324          }
 325          else
 326          {
 327              $additionalgroups = '';
 328          }
 329  
 330          // Set up user handler.
 331          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 332          $userhandler = new UserDataHandler('insert');
 333  
 334          // Set the data for the new user.
 335          $new_user = array(
 336              "uid" => $mybb->get_input('uid'),
 337              "username" => $mybb->get_input('username'),
 338              "password" => $mybb->get_input('password'),
 339              "password2" => $mybb->get_input('confirm_password'),
 340              "email" => $mybb->get_input('email'),
 341              "email2" => $mybb->get_input('email'),
 342              "usergroup" => $mybb->get_input('usergroup'),
 343              "additionalgroups" => $additionalgroups,
 344              "displaygroup" => $mybb->get_input('displaygroup'),
 345              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 346              "profile_fields_editable" => true,
 347          );
 348  
 349          // Set the data of the user in the datahandler.
 350          $userhandler->set_data($new_user);
 351          $errors = '';
 352  
 353          // Validate the user and get any errors that might have occurred.
 354          if(!$userhandler->validate_user())
 355          {
 356              $errors = $userhandler->get_friendly_errors();
 357          }
 358          else
 359          {
 360              $user_info = $userhandler->insert_user();
 361  
 362              $plugins->run_hooks("admin_user_users_add_commit");
 363  
 364              // Log admin action
 365              log_admin_action($user_info['uid'], $user_info['username']);
 366  
 367              flash_message($lang->success_user_created, 'success');
 368              admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}");
 369          }
 370      }
 371  
 372      // Fetch custom profile fields - only need required profile fields here
 373      $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder'));
 374  
 375      $profile_fields = array(
 376          'required' => array(),
 377          'optional' => array(),
 378      );
 379      while($profile_field = $db->fetch_array($query))
 380      {
 381          $profile_fields['required'][] = $profile_field;
 382      }
 383  
 384      $page->add_breadcrumb_item($lang->create_user);
 385      $page->output_header($lang->create_user);
 386  
 387      $form = new Form("index.php?module=user-users&amp;action=add", "post");
 388  
 389      $page->output_nav_tabs($sub_tabs, 'create_user');
 390  
 391      // If we have any error messages, show them
 392      if($errors)
 393      {
 394          $page->output_inline_error($errors);
 395      }
 396      else
 397      {
 398          $mybb->input = array_merge($mybb->input, array('usergroup' => 2));
 399      }
 400  
 401      $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
 402  
 403      $form_container = new FormContainer($lang->required_profile_info);
 404      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username');
 405      $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password');
 406      $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password');
 407      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email');
 408  
 409      $display_group_options[0] = $lang->use_primary_user_group;
 410      $options = array();
 411      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
 412      while($usergroup = $db->fetch_array($query))
 413      {
 414          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 415          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 416      }
 417  
 418      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
 419      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
 420      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
 421  
 422      // Output custom profile fields - required
 423      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
 424  
 425      $form_container->end();
 426      $buttons[] = $form->generate_submit_button($lang->save_user);
 427      $form->output_submit_wrapper($buttons);
 428  
 429      $form->end();
 430      $page->output_footer();
 431  }
 432  
 433  if($mybb->input['action'] == "edit")
 434  {
 435      $user = get_user($mybb->input['uid']);
 436  
 437      // Does the user not exist?
 438      if(!$user)
 439      {
 440          flash_message($lang->error_invalid_user, 'error');
 441          admin_redirect("index.php?module=user-users");
 442      }
 443  
 444      $plugins->run_hooks("admin_user_users_edit");
 445  
 446      if($mybb->request_method == "post")
 447      {
 448          $plugins->run_hooks("admin_user_users_edit_start");
 449          if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
 450          {
 451              flash_message($lang->error_no_perms_super_admin, 'error');
 452              admin_redirect("index.php?module=user-users");
 453          }
 454  
 455          // Determine the usergroup stuff
 456          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 457          {
 458              foreach($mybb->input['additionalgroups'] as $key => $gid)
 459              {
 460                  if($gid == $mybb->input['usergroup'])
 461                  {
 462                      unset($mybb->input['additionalgroups'][$key]);
 463                  }
 464              }
 465              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 466          }
 467          else
 468          {
 469              $additionalgroups = '';
 470          }
 471  
 472          $returndate = "";
 473          if(!empty($mybb->input['away_day']))
 474          {
 475              $awaydate = TIME_NOW;
 476              // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
 477              if(!$mybb->input['away_month'])
 478              {
 479                  $mybb->input['away_month'] = my_date('n', $awaydate);
 480              }
 481              if(!$mybb->input['away_year'])
 482              {
 483                  $mybb->input['away_year'] = my_date('Y', $awaydate);
 484              }
 485  
 486              $return_month = (int)substr($mybb->input['away_month'], 0, 2);
 487              $return_day = (int)substr($mybb->input['away_day'], 0, 2);
 488              $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999);
 489  
 490              // Check if return date is after the away date.
 491              $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year);
 492              $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
 493              if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
 494              {
 495                  $away_in_past = true;
 496              }
 497  
 498              $returndate = "{$return_day}-{$return_month}-{$return_year}";
 499          }
 500  
 501          // Set up user handler.
 502          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 503          $userhandler = new UserDataHandler('update');
 504  
 505          // Set the data for the new user.
 506          $updated_user = array(
 507              "uid" => $mybb->get_input('uid'),
 508              "username" => $mybb->get_input('username'),
 509              "email" => $mybb->get_input('email'),
 510              "email2" => $mybb->get_input('email'),
 511              "usergroup" => $mybb->get_input('usergroup'),
 512              "additionalgroups" => $additionalgroups,
 513              "displaygroup" => $mybb->get_input('displaygroup'),
 514              "postnum" => $mybb->get_input('postnum'),
 515              "threadnum" => $mybb->get_input('threadnum'),
 516              "usertitle" => $mybb->get_input('usertitle'),
 517              "timezone" => $mybb->get_input('timezone'),
 518              "language" => $mybb->get_input('language'),
 519              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 520              "profile_fields_editable" => true,
 521              "website" => $mybb->get_input('website'),
 522              "icq" => $mybb->get_input('icq'),
 523              "skype" => $mybb->get_input('skype'),
 524              "google" => $mybb->get_input('google'),
 525              "birthday" => array(
 526                  "day" => $mybb->get_input('bday1'),
 527                  "month" => $mybb->get_input('bday2'),
 528                  "year" => $mybb->get_input('bday3')
 529              ),
 530              "style" => $mybb->get_input('style'),
 531              "signature" => $mybb->get_input('signature'),
 532              "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
 533              "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT),
 534              "usernotes" => $mybb->get_input('usernotes'),
 535              "away" => array(
 536                  "away" => $mybb->get_input('away'),
 537                  "date" => TIME_NOW,
 538                  "returndate" => $returndate,
 539                  "awayreason" => $mybb->get_input('awayreason')
 540              )
 541          );
 542  
 543          if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5)
 544          {
 545              if($user['coppauser'] == 1)
 546              {
 547                  $updated_user['coppa_user'] = 0;
 548              }
 549          }
 550          if($mybb->get_input('new_password'))
 551          {
 552              $updated_user['password'] = $mybb->get_input('new_password');
 553              $updated_user['password2'] = $mybb->get_input('confirm_new_password');
 554          }
 555  
 556          $updated_user['options'] = array(
 557              "allownotices" => $mybb->get_input('allownotices'),
 558              "hideemail" => $mybb->get_input('hideemail'),
 559              "subscriptionmethod" => $mybb->get_input('subscriptionmethod'),
 560              "invisible" => $mybb->get_input('invisible'),
 561              "dstcorrection" => $mybb->get_input('dstcorrection'),
 562              "threadmode" => $mybb->get_input('threadmode'),
 563              "classicpostbit" => $mybb->get_input('classicpostbit'),
 564              "showimages" => $mybb->get_input('showimages'),
 565              "showvideos" => $mybb->get_input('showvideos'),
 566              "showsigs" => $mybb->get_input('showsigs'),
 567              "showavatars" => $mybb->get_input('showavatars'),
 568              "showquickreply" => $mybb->get_input('showquickreply'),
 569              "receivepms" => $mybb->get_input('receivepms'),
 570              "receivefrombuddy" => $mybb->get_input('receivefrombuddy'),
 571              "pmnotice" => $mybb->get_input('pmnotice'),
 572              "daysprune" => $mybb->get_input('daysprune'),
 573              "showcodebuttons" => $mybb->get_input('showcodebuttons'),
 574              "sourceeditor" => $mybb->get_input('sourceeditor'),
 575              "pmnotify" => $mybb->get_input('pmnotify'),
 576              "buddyrequestspm" => $mybb->get_input('buddyrequestspm'),
 577              "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'),
 578              "showredirect" => $mybb->get_input('showredirect')
 579          );
 580  
 581          if($mybb->settings['usertppoptions'])
 582          {
 583              $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
 584          }
 585  
 586          if($mybb->settings['userpppoptions'])
 587          {
 588              $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);
 589          }
 590  
 591          // Set the data of the user in the datahandler.
 592          $userhandler->set_data($updated_user);
 593          $errors = '';
 594  
 595          // Validate the user and get any errors that might have occurred.
 596          if(!$userhandler->validate_user())
 597          {
 598              $errors = $userhandler->get_friendly_errors();
 599          }
 600          else
 601          {
 602              // Are we removing an avatar from this user?
 603              if($mybb->get_input('remove_avatar'))
 604              {
 605                  $extra_user_updates = array(
 606                      "avatar" => "",
 607                      "avatardimensions" => "",
 608                      "avatartype" => ""
 609                  );
 610                  remove_avatars($user['uid']);
 611              }
 612  
 613              // Are we uploading a new avatar?
 614              if($_FILES['avatar_upload']['name'])
 615              {
 616                  $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']);
 617                  if($avatar['error'])
 618                  {
 619                      $errors = array($avatar['error']);
 620                  }
 621                  else
 622                  {
 623                      if($avatar['width'] > 0 && $avatar['height'] > 0)
 624                      {
 625                          $avatar_dimensions = $avatar['width']."|".$avatar['height'];
 626                      }
 627                      $extra_user_updates = array(
 628                          "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW,
 629                          "avatardimensions" => $avatar_dimensions,
 630                          "avatartype" => "upload"
 631                      );
 632                  }
 633              }
 634              // Are we setting a new avatar from a URL?
 635              else if(!empty($mybb->input['avatar_url']) && $mybb->input['avatar_url'] != $user['avatar'])
 636              {
 637                  if(!$mybb->settings['allowremoteavatars'])
 638                  {
 639                      $errors = array($lang->error_remote_avatar_not_allowed);
 640                  }
 641                  else
 642                  {
 643                      if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false)
 644                      {
 645                          // Gravatar
 646                          $email = md5(strtolower(trim($mybb->input['avatar_url'])));
 647  
 648                          $s = '';
 649                          if(!$mybb->settings['maxavatardims'])
 650                          {
 651                              $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits
 652                          }
 653  
 654                          // Because Gravatars are square, hijack the width
 655                          list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 656  
 657                          $s = "?s={$maxwidth}";
 658                          $maxheight = (int)$maxwidth;
 659  
 660                          $extra_user_updates = array(
 661                              "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",
 662                              "avatardimensions" => "{$maxheight}|{$maxheight}",
 663                              "avatartype" => "gravatar"
 664                          );
 665                      }
 666                      else
 667                      {
 668                          $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']);
 669                          $ext = get_extension($mybb->input['avatar_url']);
 670  
 671                          // Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
 672                          $file = fetch_remote_file($mybb->input['avatar_url']);
 673                          if(!$file)
 674                          {
 675                              $avatar_error = $lang->error_invalidavatarurl;
 676                          }
 677                          else
 678                          {
 679                              $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str());
 680                              $fp = @fopen($tmp_name, "wb");
 681                              if(!$fp)
 682                              {
 683                                  $avatar_error = $lang->error_invalidavatarurl;
 684                              }
 685                              else
 686                              {
 687                                  fwrite($fp, $file);
 688                                  fclose($fp);
 689                                  list($width, $height, $type) = @getimagesize($tmp_name);
 690                                  @unlink($tmp_name);
 691                                  echo $type;
 692                                  if(!$type)
 693                                  {
 694                                      $avatar_error = $lang->error_invalidavatarurl;
 695                                  }
 696                              }
 697                          }
 698  
 699                          if(empty($avatar_error))
 700                          {
 701                              if($width && $height && $mybb->settings['maxavatardims'] != "")
 702                              {
 703                                  list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 704                                  if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
 705                                  {
 706                                      $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
 707                                      $avatar_error = $lang->error_avatartoobig;
 708                                  }
 709                              }
 710                          }
 711  
 712                          if(empty($avatar_error))
 713                          {
 714                              if($width > 0 && $height > 0)
 715                              {
 716                                  $avatar_dimensions = (int)$width."|".(int)$height;
 717                              }
 718                              $extra_user_updates = array(
 719                                  "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW),
 720                                  "avatardimensions" => $avatar_dimensions,
 721                                  "avatartype" => "remote"
 722                              );
 723                              remove_avatars($user['uid']);
 724                          }
 725                          else
 726                          {
 727                              $errors = array($avatar_error);
 728                          }
 729                      }
 730                  }
 731              }
 732  
 733              // Moderator "Options" (suspend signature, suspend/moderate posting)
 734              $moderator_options = array(
 735                  1 => array(
 736                      "action" => "suspendsignature", // The moderator action we're performing
 737                      "period" => "action_period", // The time period we've selected from the dropdown box
 738                      "time" => "action_time", // The time we've entered
 739                      "update_field" => "suspendsignature", // The field in the database to update if true
 740                      "update_length" => "suspendsigtime" // The length of suspension field in the database
 741                  ),
 742                  2 => array(
 743                      "action" => "moderateposting",
 744                      "period" => "modpost_period",
 745                      "time" => "modpost_time",
 746                      "update_field" => "moderateposts",
 747                      "update_length" => "moderationtime"
 748                  ),
 749                  3 => array(
 750                      "action" => "suspendposting",
 751                      "period" => "suspost_period",
 752                      "time" => "suspost_time",
 753                      "update_field" => "suspendposting",
 754                      "update_length" => "suspensiontime"
 755                  )
 756              );
 757  
 758              require_once  MYBB_ROOT."inc/functions_warnings.php";
 759              foreach($moderator_options as $option)
 760              {
 761                  if(empty($mybb->input[$option['action']]))
 762                  {
 763                      if($user[$option['update_field']] == 1)
 764                      {
 765                          // We're revoking the suspension
 766                          $extra_user_updates[$option['update_field']] = 0;
 767                          $extra_user_updates[$option['update_length']] = 0;
 768                      }
 769  
 770                      // Skip this option if we haven't selected it
 771                      continue;
 772                  }
 773                  else
 774                  {
 775                      if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1)
 776                      {
 777                          // User has selected a type of ban, but not entered a valid time frame
 778                          $string = $option['action']."_error";
 779                          $errors[] = $lang->$string;
 780                      }
 781  
 782                      if(!is_array($errors))
 783                      {
 784                          $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]);
 785  
 786                          if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never"))
 787                          {
 788                              // We already have a suspension, but entered a new time
 789                              if($suspend_length == "-1")
 790                              {
 791                                  // Permanent ban on action
 792                                  $extra_user_updates[$option['update_length']] = 0;
 793                              }
 794                              elseif($suspend_length && $suspend_length != "-1")
 795                              {
 796                                  // Temporary ban on action
 797                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 798                              }
 799                          }
 800                          elseif(!$user[$option['update_field']])
 801                          {
 802                              // New suspension for this user... bad user!
 803                              $extra_user_updates[$option['update_field']] = 1;
 804                              if($suspend_length == "-1")
 805                              {
 806                                  $extra_user_updates[$option['update_length']] = 0;
 807                              }
 808                              else
 809                              {
 810                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 811                              }
 812                          }
 813                      }
 814                  }
 815              }
 816  
 817              if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting']))
 818              {
 819                  $errors[] = $lang->suspendmoderate_error;
 820              }
 821  
 822              if(isset($away_in_past))
 823              {
 824                  $errors[] = $lang->error_acp_return_date_past;
 825              }
 826  
 827              if(!$errors)
 828              {
 829                  $user_info = $userhandler->update_user();
 830  
 831                  $plugins->run_hooks("admin_user_users_edit_commit_start");
 832  
 833                  if(!empty($extra_user_updates))
 834                  {
 835                      $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'");
 836                  }
 837  
 838                  // if we're updating the user's signature preferences, do so now
 839                  if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable')
 840                  {
 841                      $update_signature = array(
 842                          'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0)
 843                      );
 844                      $db->update_query("posts", $update_signature, "uid='{$user['uid']}'");
 845                  }
 846  
 847                  $plugins->run_hooks("admin_user_users_edit_commit");
 848  
 849                  if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5)
 850                  {
 851                      $cache->update_awaitingactivation();
 852                  }
 853  
 854                  // Log admin action
 855                  log_admin_action($user['uid'], $mybb->input['username']);
 856  
 857                  flash_message($lang->success_user_updated, 'success');
 858                  admin_redirect("index.php?module=user-users");
 859              }
 860              $plugins->run_hooks("admin_user_users_edit_end");
 861          }
 862      }
 863  
 864      if(!$errors)
 865      {
 866          $user['usertitle'] = htmlspecialchars_decode($user['usertitle']);
 867          $mybb->input = array_merge($mybb->input, $user);
 868  
 869          $options = array(
 870              'bday1', 'bday2', 'bday3',
 871              'new_password', 'confirm_new_password',
 872              'action_time', 'action_period',
 873              'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time'
 874          );
 875  
 876          foreach($options as $option)
 877          {
 878              if(!isset($input_user[$option]))
 879              {
 880                  $mybb->input[$option] = '';
 881              }
 882          }
 883  
 884          // We need to fetch this users profile field values
 885          $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'");
 886          $mybb->input['profile_fields'] = $db->fetch_array($query);
 887      }
 888  
 889      if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3'])
 890      {
 891          $mybb->input['bday'][0] = $mybb->input['bday1'];
 892          $mybb->input['bday'][1] = $mybb->input['bday2'];
 893          $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT);
 894      }
 895      else
 896      {
 897          $mybb->input['bday'] = array(0, 0, '');
 898  
 899          if($user['birthday'])
 900          {
 901              $mybb->input['bday'] = explode('-', $user['birthday']);
 902          }
 903      }
 904  
 905      if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year'))
 906      {
 907          $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT);
 908      }
 909      else
 910      {
 911          $mybb->input['away_day'] = 0;
 912          $mybb->input['away_month'] = 0;
 913          $mybb->input['away_year'] = '';
 914  
 915          if($user['returndate'])
 916          {
 917              list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']);
 918          }
 919      }
 920  
 921      // Fetch custom profile fields
 922      $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
 923  
 924      $profile_fields = array(
 925          'required' => array(),
 926          'optional' => array(),
 927      );
 928      while($profile_field = $db->fetch_array($query))
 929      {
 930          if($profile_field['required'] == 1)
 931          {
 932              $profile_fields['required'][] = $profile_field;
 933          }
 934          else
 935          {
 936              $profile_fields['optional'][] = $profile_field;
 937          }
 938      }
 939  
 940      $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username']));
 941  
 942      $page->extra_header .= <<<EOF
 943  
 944      <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" />
 945      <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1832"></script>
 946      <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1837"></script>
 947      <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1832"></script>
 948  EOF;
 949      $page->output_header($lang->edit_user);
 950  
 951      $sub_tabs['edit_user'] = array(
 952          'title' => $lang->edit_user,
 953          'description' => $lang->edit_user_desc
 954      );
 955  
 956      $form = new Form("index.php?module=user-users&amp;action=edit&amp;uid={$user['uid']}", "post", "", 1);
 957  
 958      $page->output_nav_tabs($sub_tabs, 'edit_user');
 959  
 960      // If we have any error messages, show them
 961      if($errors)
 962      {
 963          $page->output_inline_error($errors);
 964      }
 965  
 966      // Is this user a COPPA user? We show a warning & activate link
 967      if($user['coppauser'])
 968      {
 969          echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code);
 970      }
 971  
 972      $tabs = array(
 973          "overview" => $lang->overview,
 974          "profile" => $lang->profile,
 975          "settings" => $lang->account_settings,
 976          "signature" => $lang->signature,
 977          "avatar" => $lang->avatar,
 978          "modoptions" => $lang->mod_options
 979      );
 980      $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs);
 981      $page->output_tab_control($tabs);
 982  
 983      //
 984      // OVERVIEW
 985      //
 986      echo "<div id=\"tab_overview\">\n";
 987      $table = new Table;
 988      $table->construct_header($lang->avatar, array('class' => 'align_center'));
 989      $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center'));
 990  
 991      // Avatar
 992      $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']);
 993      if($user['avatardimensions'])
 994      {
 995          require_once  MYBB_ROOT."inc/functions_image.php";
 996          list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']);
 997          $scaled_dimensions = scale_image($width, $height, 120, 120);
 998      }
 999      else
1000      {
1001          $scaled_dimensions = array(
1002              "width" => 120,
1003              "height" => 120
1004          );
1005      }
1006      if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars']))
1007      {
1008          if(!my_validate_url($user['avatar']))
1009          {
1010              $avatar = format_avatar($user['avatar'], $user['avatardimensions']);
1011              $user['avatar'] = $avatar['image'];
1012          }
1013      }
1014      else
1015      {
1016          if(my_validate_url($mybb->settings['useravatar']))
1017          {
1018              $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1019          }
1020          else
1021          {
1022              $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1023          }
1024      }
1025      $avatar_top = ceil((126-$scaled_dimensions['height'])/2);
1026      $last_seen = max(array($user['lastactive'], $user['lastvisit']));
1027      if(!empty($last_seen))
1028      {
1029          $last_active = my_date('relative', $last_seen);
1030      }
1031      else
1032      {
1033          $last_active = $lang->never;
1034      }
1035      $reg_date = my_date('relative', $user['regdate']);
1036      if($user['dst'] == 1)
1037      {
1038          $timezone = (float)$user['timezone']+1;
1039      }
1040      else
1041      {
1042          $timezone = (float)$user['timezone'];
1043      }
1044      $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600));
1045      $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600));
1046  
1047      $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time);
1048      $days_registered = (TIME_NOW - $user['regdate']) / (24*3600);
1049      $posts_per_day = 0;
1050      if($days_registered > 0)
1051      {
1052          $posts_per_day = round($user['postnum'] / $days_registered, 2);
1053          if($posts_per_day > $user['postnum'])
1054          {
1055              $posts_per_day = $user['postnum'];
1056          }
1057      }
1058      $posts_per_day = my_number_format($posts_per_day);
1059  
1060      $stats = $cache->read("stats");
1061      $posts = $stats['numposts'];
1062      if($posts == 0)
1063      {
1064          $percent_posts = "0";
1065      }
1066      else
1067      {
1068          $percent_posts = round($user['postnum']*100/$posts, 2);
1069      }
1070  
1071      $user_permissions = user_permissions($user['uid']);
1072  
1073      // Fetch the reputation for this user
1074      if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
1075      {
1076          $reputation = get_reputation($user['reputation']);
1077      }
1078      else
1079      {
1080          $reputation = "-";
1081      }
1082  
1083      if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0)
1084      {
1085          if($mybb->settings['maxwarningpoints'] < 1)
1086          {
1087              $mybb->settings['maxwarningpoints'] = 10;
1088          }
1089  
1090          $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
1091          if($warning_level > 100)
1092          {
1093              $warning_level = 100;
1094          }
1095          $warning_level = get_colored_warning_level($warning_level);
1096      }
1097      else
1098      {
1099          $warning_level = "-";
1100      }
1101  
1102      $age = $lang->na;
1103      if($user['birthday'])
1104      {
1105          $age = get_age($user['birthday']);
1106      }
1107  
1108      $postnum = my_number_format($user['postnum']);
1109  
1110      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1));
1111      $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>");
1112      $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}");
1113      $table->construct_row();
1114      $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}");
1115      $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}");
1116      $table->construct_row();
1117      $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}");
1118      $table->construct_cell("<strong>{$lang->age}:</strong> {$age}");
1119      $table->construct_row();
1120      $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}");
1121      $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}");
1122      $table->construct_row();
1123      $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}");
1124      $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}");
1125      $table->construct_row();
1126      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip'])));
1127      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip'])));
1128      $table->construct_row();
1129  
1130      $username = htmlspecialchars_uni($user['username']);
1131      $table->output("{$lang->user_overview}: {$username}");
1132      $plugins->run_hooks("admin_user_users_edit_overview");
1133      echo "</div>\n";
1134  
1135      //
1136      // PROFILE
1137      //
1138      echo "<div id=\"tab_profile\">\n";
1139  
1140      $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username']));
1141      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username');
1142      $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password');
1143      $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password');
1144      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email');
1145  
1146      $display_group_options[0] = $lang->use_primary_user_group;
1147      $options = array();
1148      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
1149      while($usergroup = $db->fetch_array($query))
1150      {
1151          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1152          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1153      }
1154  
1155      if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups']))
1156      {
1157          $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']);
1158      }
1159  
1160      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
1161      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
1162      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
1163      $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum');
1164      $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum');
1165  
1166      // Output custom profile fields - required
1167      if(!isset($profile_fields['required']))
1168      {
1169          $profile_fields['required'] = array();
1170      }
1171      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
1172  
1173      $form_container->end();
1174  
1175      $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username']));
1176      $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle');
1177      $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website');
1178      $form_container->output_row($lang->icq_number, "", $form->generate_numeric_field('icq', $mybb->get_input('icq'), array('id' => 'icq', 'min' => 0)), 'icq');
1179      $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype');
1180      $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google');
1181  
1182      // Birthday
1183      $birthday_days = array(0 => '');
1184      for($i = 1; $i <= 31; $i++)
1185      {
1186          $birthday_days[$i] = $i;
1187      }
1188  
1189      $birthday_months = array(
1190          0 => '',
1191          1 => $lang->january,
1192          2 => $lang->february,
1193          3 => $lang->march,
1194          4 => $lang->april,
1195          5 => $lang->may,
1196          6 => $lang->june,
1197          7 => $lang->july,
1198          8 => $lang->august,
1199          9 => $lang->september,
1200          10 => $lang->october,
1201          11 => $lang->november,
1202          12 => $lang->december
1203      );
1204  
1205      $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day'));
1206      $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month'));
1207      $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0));
1208  
1209      $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday');
1210  
1211      // Output custom profile fields - optional
1212      output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form);
1213  
1214      $form_container->end();
1215  
1216  
1217      if($mybb->settings['allowaway'] != 0)
1218      {
1219          $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username']));
1220          $awaycheck = array(false, true);
1221          if($mybb->input['away'] == 1)
1222          {
1223              $awaycheck = array(true, false);
1224          }
1225          $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away');
1226          $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason');
1227  
1228          //Return date (we can use the arrays from birthday)
1229          $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day'));
1230          $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month'));
1231          $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0));
1232  
1233          $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date');
1234  
1235          $form_container->end();
1236      }
1237  
1238      $plugins->run_hooks("admin_user_users_edit_profile");
1239      echo "</div>\n";
1240  
1241      //
1242      // ACCOUNT SETTINGS
1243      //
1244  
1245      echo "<div id=\"tab_settings\">\n";
1246      $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username']));
1247      $login_options = array(
1248          $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))),
1249      );
1250      $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>");
1251  
1252      if($mybb->get_input('pmnotice') > 1)
1253      {
1254          $mybb->input['pmnotice'] = 1;
1255      }
1256  
1257      $messaging_options = array(
1258          $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))),
1259          $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))),
1260          $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))),
1261          $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))),
1262          $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))),
1263          $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))),
1264          $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))),
1265          $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))),
1266          "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod'))
1267      );
1268  
1269      // Allow plugins to add messaging options
1270      $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options);
1271  
1272      // Output messaging options
1273      $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>");
1274  
1275      $date_format_options = array($lang->use_default);
1276      foreach($date_formats as $key => $format)
1277      {
1278          $date_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1279      }
1280  
1281      $time_format_options = array($lang->use_default);
1282      foreach($time_formats as $key => $format)
1283      {
1284          $time_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1285      }
1286  
1287      $date_options = array(
1288          "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')),
1289          "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')),
1290          "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')),
1291          "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection'))
1292      );
1293  
1294      // Allow plugins to add date options
1295      $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options);
1296  
1297      // Output date options
1298      $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>");
1299  
1300  
1301      $tpp_options = array($lang->use_default);
1302      if($mybb->settings['usertppoptions'])
1303      {
1304          $explodedtpp = explode(",", $mybb->settings['usertppoptions']);
1305          if(is_array($explodedtpp))
1306          {
1307              foreach($explodedtpp as $tpp)
1308              {
1309                  if($tpp <= 0) continue;
1310                  $tpp_options[$tpp] = $tpp;
1311              }
1312          }
1313      }
1314  
1315      $thread_age_options = array(
1316          0 => $lang->use_default,
1317          1 => $lang->show_threads_last_day,
1318          5 => $lang->show_threads_last_5_days,
1319          10 => $lang->show_threads_last_10_days,
1320          20 => $lang->show_threads_last_20_days,
1321          50 => $lang->show_threads_last_50_days,
1322          75 => $lang->show_threads_last_75_days,
1323          100 => $lang->show_threads_last_100_days,
1324          365 => $lang->show_threads_last_year,
1325          9999 => $lang->show_all_threads
1326      );
1327  
1328      $forum_options = array(
1329          "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')),
1330          "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune'))
1331      );
1332  
1333      // Allow plugins to add forum options
1334      $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options);
1335  
1336      // Output forum options
1337      $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>");
1338  
1339      $ppp_options = array($lang->use_default);
1340      if($mybb->settings['userpppoptions'])
1341      {
1342          $explodedppp = explode(",", $mybb->settings['userpppoptions']);
1343          if(is_array($explodedppp))
1344          {
1345              foreach($explodedppp as $ppp)
1346              {
1347                  if($ppp <= 0) continue;
1348                  $ppp_options[$ppp] = $ppp;
1349              }
1350          }
1351      }
1352  
1353      $thread_options = array(
1354          $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))),
1355          $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))),
1356          $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))),
1357          $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))),
1358          $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))),
1359          $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))),
1360          "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')),
1361          "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode'))
1362      );
1363  
1364      // Allow plugins to add thread options
1365      $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options);
1366  
1367      // Output thread options
1368      $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>");
1369  
1370      $languages = array_merge(array('' => $lang->use_default), $lang->get_languages());
1371  
1372      $other_options = array(
1373          $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))),
1374          $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))),
1375          $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))),
1376          "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true),
1377          "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language'))
1378      );
1379  
1380      // Allow plugins to add other options
1381      $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options);
1382  
1383      // Output other options
1384      $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>");
1385  
1386      $form_container->end();
1387      $plugins->run_hooks("admin_user_users_edit_settings");
1388      echo "</div>\n";
1389  
1390      //
1391      // SIGNATURE EDITOR
1392      //
1393      $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%'));
1394      $sig_smilies = $lang->off;
1395      if($mybb->settings['sigsmilies'] == 1)
1396      {
1397          $sig_smilies = $lang->on;
1398      }
1399      $sig_mycode = $lang->off;
1400      if($mybb->settings['sigmycode'] == 1)
1401      {
1402          $sig_mycode = $lang->on;
1403          $signature_editor .= build_mycode_inserter("signature");
1404      }
1405      $sig_html = $lang->off;
1406      if($mybb->settings['sightml'] == 1)
1407      {
1408          $sig_html = $lang->on;
1409      }
1410      $sig_imgcode = $lang->off;
1411      if($mybb->settings['sigimgcode'] == 1)
1412      {
1413          $sig_imgcode = $lang->on;
1414      }
1415      echo "<div id=\"tab_signature\">\n";
1416      $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username']));
1417      $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature');
1418  
1419      $periods = array(
1420          "hours" => $lang->expire_hours,
1421          "days" => $lang->expire_days,
1422          "weeks" => $lang->expire_weeks,
1423          "months" => $lang->expire_months,
1424          "never" => $lang->expire_permanent
1425      );
1426  
1427      // Are we already suspending the signature?
1428      if($mybb->get_input('suspendsignature'))
1429      {
1430          $sig_checked = 1;
1431  
1432          // Display how much time is left on the ban for the user to extend it
1433          if($user['suspendsigtime'] == "0")
1434          {
1435              // Permanent
1436              $lang->suspend_expire_info = $lang->suspend_sig_perm;
1437          }
1438          else
1439          {
1440              // There's a limit to the suspension!
1441              $remaining = $user['suspendsigtime']-TIME_NOW;
1442              $expired = nice_time($remaining, array('seconds' => false));
1443  
1444              $color = 'inherit';
1445              if($remaining < 3600)
1446              {
1447                  $color = 'red';
1448              }
1449              elseif($remaining < 86400)
1450              {
1451                  $color = 'maroon';
1452              }
1453              elseif($remaining < 604800)
1454              {
1455                  $color = 'green';
1456              }
1457  
1458              $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color);
1459          }
1460          $user_suspend_info = '
1461                  <tr>
1462                      <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td>
1463                  </tr>';
1464      }
1465      else
1466      {
1467          $sig_checked = 0;
1468          $user_suspend_info = '';
1469      }
1470  
1471      $actions = '
1472      <script type="text/javascript">
1473      <!--
1474          var sig_checked = "'.$sig_checked.'";
1475  
1476  		function toggleAction()
1477          {
1478              if($("#suspend_action").is(\':visible\'))
1479              {
1480                  $("#suspend_action").hide();
1481              }
1482              else
1483              {
1484                  $("#suspend_action").show();
1485              }
1486          }
1487      // -->
1488      </script>
1489  
1490      <dl style="margin-top: 0; margin-bottom: 0; width: 100%;">
1491          <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt>
1492          <dd style="margin-top: 4px;" id="suspend_action" class="actions">
1493              <table cellpadding="4">'.$user_suspend_info.'
1494                  <tr>
1495                      <td width="30%"><small>'.$lang->expire_length.'</small></td>
1496                      <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td>
1497                  </tr>
1498              </table>
1499          </dd>
1500      </dl>
1501  
1502      <script type="text/javascript">
1503      <!--
1504          if(sig_checked == 0)
1505          {
1506              $("#suspend_action").hide();
1507          }
1508      // -->
1509      </script>';
1510  
1511      $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions);
1512  
1513      $signature_options = array(
1514          $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)),
1515          $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)),
1516          $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1))
1517      );
1518  
1519      $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options));
1520  
1521      $form_container->end();
1522      $plugins->run_hooks("admin_user_users_edit_signatur");
1523      echo "</div>\n";
1524  
1525      //
1526      // AVATAR MANAGER
1527      //
1528      echo "<div id=\"tab_avatar\">\n";
1529      $table = new Table;
1530      $table->construct_header($lang->current_avatar, array('colspan' => 2));
1531  
1532      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1));
1533  
1534      $avatar_url = '';
1535      if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath']))
1536      {
1537          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>";
1538      }
1539      elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar']))
1540      {
1541          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>";
1542          $avatar_url = $user['avatar'];
1543      }
1544  
1545      if($errors)
1546      {
1547          if(isset($mybb->input['avatar_url']))
1548          {
1549              $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']);
1550          }
1551      }
1552  
1553      if($mybb->settings['maxavatardims'] != "")
1554      {
1555          list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
1556          $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}";
1557      }
1558  
1559      if($mybb->settings['avatarsize'])
1560      {
1561          $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024);
1562          $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}";
1563      }
1564  
1565      if($user['avatar'])
1566      {
1567          $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>");
1568      }
1569  
1570      $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>");
1571      $table->construct_row();
1572  
1573      $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username']));
1574  
1575      // Custom avatar
1576      if($mybb->settings['avatarresizing'] == "auto")
1577      {
1578          $auto_resize = $lang->avatar_auto_resize;
1579      }
1580      else if($mybb->settings['avatarresizing'] == "user")
1581      {
1582          $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>";
1583      }
1584      $form_container = new FormContainer($lang->specify_custom_avatar);
1585      $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload');
1586      if($mybb->settings['allowremoteavatars'])
1587      {
1588          $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url');
1589      }
1590      $form_container->end();
1591      $plugins->run_hooks("admin_user_users_edit_avatar");
1592      echo "</div>\n";
1593  
1594      //
1595      // MODERATOR OPTIONS
1596      //
1597      $periods = array(
1598          "hours" => $lang->expire_hours,
1599          "days" => $lang->expire_days,
1600          "weeks" => $lang->expire_weeks,
1601          "months" => $lang->expire_months,
1602          "never" => $lang->expire_permanent
1603      );
1604  
1605      echo "<div id=\"tab_modoptions\">\n";
1606      $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username']));
1607      $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes');
1608  
1609      // Mod posts
1610      // Generate check box
1611      $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period'));
1612  
1613      // Do we have any existing suspensions here?
1614      $existing_info = '';
1615      if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors)))
1616      {
1617          $mybb->input['moderateposting'] = 1;
1618          if($user['moderationtime'] != 0)
1619          {
1620              $remaining = $user['moderationtime']-TIME_NOW;
1621              $expired = nice_time($remaining, array('seconds' => false));
1622  
1623              $color = 'inherit';
1624              if($remaining < 3600)
1625              {
1626                  $color = 'red';
1627              }
1628              elseif($remaining < 86400)
1629              {
1630                  $color = 'maroon';
1631              }
1632              elseif($remaining < 604800)
1633              {
1634                  $color = 'green';
1635              }
1636  
1637              $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color);
1638          }
1639          else
1640          {
1641              $existing_info = $lang->moderated_perm;
1642          }
1643      }
1644  
1645      $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>';
1646      $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username']));
1647      $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div);
1648  
1649      // Suspend posts
1650      // Generate check box
1651      $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period'));
1652  
1653      // Do we have any existing suspensions here?
1654      if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors)))
1655      {
1656          $mybb->input['suspendposting'] = 1;
1657  
1658          if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never")
1659          {
1660              $existing_info = $lang->suspended_perm;
1661          }
1662          else
1663          {
1664              $remaining = $user['suspensiontime']-TIME_NOW;
1665              $suspost_date = nice_time($remaining, array('seconds' => false));
1666  
1667              $color = 'inherit';
1668              if($remaining < 3600)
1669              {
1670                  $color = 'red';
1671              }
1672              elseif($remaining < 86400)
1673              {
1674                  $color = 'maroon';
1675              }
1676              elseif($remaining < 604800)
1677              {
1678                  $color = 'green';
1679              }
1680  
1681              $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color);
1682          }
1683      }
1684  
1685      $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>';
1686      $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username']));
1687      $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div);
1688  
1689  
1690      $form_container->end();
1691      $plugins->run_hooks("admin_user_users_edit_moderator_options");
1692      echo "</div>\n";
1693  
1694      $plugins->run_hooks("admin_user_users_edit_graph");
1695  
1696      $buttons[] = $form->generate_submit_button($lang->save_user);
1697      $form->output_submit_wrapper($buttons);
1698  
1699      $form->end();
1700  
1701      echo '<script type="text/javascript">
1702  <!--
1703  
1704  function toggleBox(action)
1705  {
1706      if(action == "modpost")
1707      {
1708          $("#suspendposting").attr("checked", false);
1709          $("#suspost").hide();
1710  
1711          if($("#moderateposting").is(":checked") == true)
1712          {
1713              $("#modpost").show();
1714          }
1715          else if($("#moderateposting").is(":checked") == false)
1716          {
1717              $("#modpost").hide();
1718          }
1719      }
1720      else if(action == "suspost")
1721      {
1722          $("#moderateposting").attr("checked", false);
1723          $("#modpost").hide();
1724  
1725          if($("#suspendposting").is(":checked") == true)
1726          {
1727              $("#suspost").show();
1728          }
1729          else if($("#suspendposting").is(":checked") == false)
1730          {
1731              $("#suspost").hide();
1732          }
1733      }
1734  }
1735  
1736  if($("#moderateposting").is(":checked") == false)
1737  {
1738      $("#modpost").hide();
1739  }
1740  else
1741  {
1742      $("#modpost").show();
1743  }
1744  
1745  if($("#suspendposting").is(":checked") == false)
1746  {
1747      $("#suspost").hide();
1748  }
1749  else
1750  {
1751      $("#suspost").show();
1752  }
1753  
1754  // -->
1755  </script>';
1756  
1757      $page->output_footer();
1758  }
1759  
1760  if($mybb->input['action'] == "delete")
1761  {
1762      $user = get_user($mybb->input['uid']);
1763  
1764      // Does the user not exist?
1765      if(!$user)
1766      {
1767          flash_message($lang->error_invalid_user, 'error');
1768          admin_redirect("index.php?module=user-users");
1769      }
1770  
1771      if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
1772      {
1773          flash_message($lang->error_no_perms_super_admin, 'error');
1774          admin_redirect("index.php?module=user-users");
1775      }
1776  
1777      // User clicked no
1778      if($mybb->get_input('no'))
1779      {
1780          admin_redirect("index.php?module=user-users");
1781      }
1782  
1783      $plugins->run_hooks("admin_user_users_delete");
1784  
1785      if($mybb->request_method == "post")
1786      {
1787          $plugins->run_hooks("admin_user_users_delete_commit");
1788  
1789          // Set up user handler.
1790          require_once  MYBB_ROOT.'inc/datahandlers/user.php';
1791          $userhandler = new UserDataHandler('delete');
1792  
1793          // Delete the user
1794          if(!$userhandler->delete_user($user['uid']))
1795          {
1796              flash_message($lang->error_cannot_delete_user, 'error');
1797              admin_redirect("index.php?module=user-users");
1798          }
1799  
1800          $cache->update_awaitingactivation();
1801  
1802          $plugins->run_hooks("admin_user_users_delete_commit_end");
1803  
1804          log_admin_action($user['uid'], $user['username']);
1805  
1806          flash_message($lang->success_user_deleted, 'success');
1807          admin_redirect("index.php?module=user-users");
1808      }
1809      else
1810      {
1811          $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation);
1812      }
1813  }
1814  
1815  if($mybb->input['action'] == "referrers")
1816  {
1817      $page->add_breadcrumb_item($lang->show_referrers);
1818      $page->output_header($lang->show_referrers);
1819  
1820      $sub_tabs['referrers'] = array(
1821          'title' => $lang->show_referrers,
1822          'link' => "index.php?module=user-users&amp;action=referrers&amp;uid={$mybb->input['uid']}",
1823          'description' => $lang->show_referrers_desc
1824      );
1825  
1826      $plugins->run_hooks("admin_user_users_referrers");
1827  
1828      $page->output_nav_tabs($sub_tabs, 'referrers');
1829  
1830      // Fetch default admin view
1831      $default_view = fetch_default_view("user");
1832      if(!$default_view)
1833      {
1834          $default_view = "0";
1835      }
1836      $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
1837      $admin_view = $db->fetch_array($query);
1838  
1839      if(!empty($mybb->input['type']))
1840      {
1841          $admin_view['view_type'] = $mybb->input['type'];
1842      }
1843  
1844      $admin_view['conditions'] = my_unserialize($admin_view['conditions']);
1845      $admin_view['conditions']['referrer'] = $mybb->input['uid'];
1846  
1847      $view = build_users_view($admin_view);
1848  
1849      // No referred users
1850      if(!$view)
1851      {
1852          $table = new Table;
1853          $table->construct_cell($lang->error_no_referred_users);
1854          $table->construct_row();
1855          $table->output($lang->show_referrers);
1856      }
1857      else
1858      {
1859          echo $view;
1860      }
1861  
1862      $page->output_footer();
1863  }
1864  
1865  if($mybb->input['action'] == "ipaddresses")
1866  {
1867      $page->add_breadcrumb_item($lang->ip_addresses);
1868      $page->output_header($lang->ip_addresses);
1869  
1870      $sub_tabs['ipaddresses'] = array(
1871          'title' => $lang->show_ip_addresses,
1872          'link' => "index.php?module=user-users&amp;action=ipaddresses&amp;uid={$mybb->input['uid']}",
1873          'description' => $lang->show_ip_addresses_desc
1874      );
1875  
1876      $plugins->run_hooks("admin_user_users_ipaddresses");
1877  
1878      $page->output_nav_tabs($sub_tabs, 'ipaddresses');
1879  
1880      $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1));
1881      $user = $db->fetch_array($query);
1882  
1883      // Log admin action
1884      log_admin_action($user['uid'], $user['username']);
1885  
1886      $table = new Table;
1887  
1888      $table->construct_header($lang->ip_address);
1889      $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center"));
1890  
1891      if(empty($user['lastip']))
1892      {
1893          $user['lastip'] = $lang->unknown;
1894          $controls = '';
1895      }
1896      else
1897      {
1898          $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip']));
1899          $popup = new PopupMenu("user_last", $lang->options);
1900          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;action=search&amp;results=1&amp;conditions[regip]=".$user['lastip']);
1901          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['lastip']);
1902          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}', null, true); return false;");
1903          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['lastip']}");
1904          $controls = $popup->fetch();
1905      }
1906      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']);
1907      $table->construct_cell($controls, array('class' => "align_center"));
1908      $table->construct_row();
1909  
1910      if(empty($user['regip']))
1911      {
1912          $user['regip'] = $lang->unknown;
1913          $controls = '';
1914      }
1915      else
1916      {
1917          $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip']));
1918          $popup = new PopupMenu("user_reg", $lang->options);
1919          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$user['regip']);
1920          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['regip']);
1921          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}', null, true); return false;");
1922          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['regip']}");
1923          $controls = $popup->fetch();
1924      }
1925      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']);
1926      $table->construct_cell($controls, array('class' => "align_center"));
1927      $table->construct_row();
1928  
1929      $counter = 0;
1930  
1931      $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'");
1932      while($ip = $db->fetch_array($query))
1933      {
1934          ++$counter;
1935          $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress']));
1936          $popup = new PopupMenu("id_{$counter}", $lang->options);
1937          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$ip['ipaddress']);
1938          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$ip['ipaddress']);
1939          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;");
1940          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$ip['ipaddress']}");
1941          $controls = $popup->fetch();
1942  
1943          $table->construct_cell($ip['ipaddress']);
1944          $table->construct_cell($controls, array('class' => "align_center"));
1945          $table->construct_row();
1946      }
1947  
1948      $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username']));
1949  
1950      $page->output_footer();
1951  }
1952  
1953  if($mybb->input['action'] == "merge")
1954  {
1955      $plugins->run_hooks("admin_user_users_merge");
1956  
1957      if($mybb->request_method == "post")
1958      {
1959          foreach(array('source', 'destination') as $target)
1960          {
1961              ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*'));
1962              if(empty(${$target.'_user'}['uid']))
1963              {
1964                  $errors[] = $lang->{'error_invalid_user_'.$target};
1965              }
1966          }
1967  
1968          // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action
1969          if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid'])))
1970          {
1971              flash_message($lang->error_no_perms_super_admin, 'error');
1972              admin_redirect("index.php?module=user-users");
1973          }
1974  
1975          if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid']))
1976          {
1977              $errors[] = $lang->error_cannot_merge_same_account;
1978          }
1979  
1980          if(empty($errors))
1981          {
1982              // Begin to merge the accounts
1983              $uid_update = array(
1984                  "uid" => $destination_user['uid']
1985              );
1986              $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'");
1987              $existing_admin_options = $db->fetch_field($query, "uid");
1988  
1989              // Only carry over admin options/permissions if we don't already have them
1990              if(!$existing_admin_options)
1991              {
1992                  $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'");
1993              }
1994  
1995              $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'");
1996              $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'");
1997              $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'");
1998              $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
1999              $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
2000              $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'");
2001              $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'");
2002              $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'");
2003              $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'");
2004              $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'");
2005              $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'");
2006              $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'");
2007              $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'");
2008              $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'");
2009              $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'");
2010  
2011              // Thread ratings
2012              merge_thread_ratings($source_user['uid'], $destination_user['uid']);
2013  
2014              // Banning
2015              switch($db->type)
2016              {
2017                  case 'mysql':
2018                  case 'mysqli':
2019                      $where = "`admin` = '{$source_user['uid']}'";
2020                      break;
2021                  default:
2022                      $where = "admin = '{$source_user['uid']}'";
2023                      break;
2024              }
2025              $db->update_query("banned", array('admin' => $destination_user['uid']), $where);
2026  
2027              // Carry over referrals
2028              $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'");
2029              // If destination user has no referrer but source does and source user was not referred by destination user
2030              // or destination user was referred by the source user
2031              if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid'])
2032              {
2033                  $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'");
2034              }
2035              $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'");
2036              $new_referrals = $db->fetch_field($query, "total_referrals");
2037              $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'");
2038  
2039              // Merging Reputation
2040              // First, let's change all the details over to our new user...
2041              $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'");
2042              $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'");
2043  
2044              // Now that all the repuation is merged, figure out what to do with this user's comments...
2045              $options = array(
2046                  "order_by" => "uid",
2047                  "order_dir" => "ASC"
2048              );
2049  
2050              $to_remove = array();
2051              $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options);
2052              while($rep = $db->fetch_array($query))
2053              {
2054                  if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid'])
2055                  {
2056                      // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment
2057                      $to_remove[] = $rep['rid'];
2058                  }
2059  
2060                  // Remove comments or posts liked by "me"
2061                  if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid'])
2062                  {
2063                      if(!in_array($rep['rid'], $to_remove))
2064                      {
2065                          $to_remove[] = $rep['rid'];
2066                          continue;
2067                      }
2068                  }
2069  
2070                  $last_result = array(
2071                      "rid" => $rep['rid'],
2072                      "uid" => $rep['uid']
2073                  );
2074              }
2075  
2076              // Remove any reputations we've selected to remove...
2077              if(!empty($to_remove))
2078              {
2079                  $imp = implode(",", $to_remove);
2080                  $db->delete_query("reputation", "rid IN (".$imp.")");
2081              }
2082  
2083              // Calculate the new reputation for this user...
2084              $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'");
2085              $total_reputation = $db->fetch_field($query, "total_rep");
2086  
2087              $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'");
2088  
2089              // Calculate warning points
2090              $query = $db->query("
2091                  SELECT SUM(points) as warn_lev
2092                  FROM ".TABLE_PREFIX."warnings
2093                  WHERE uid='{$source_user['uid']}' AND expired='0'
2094              ");
2095              $original_warn_level = $db->fetch_field($query, "warn_lev");
2096  
2097              $query = $db->query("
2098                  SELECT SUM(points) as warn_lev
2099                  FROM ".TABLE_PREFIX."warnings
2100                  WHERE uid='{$destination_user['uid']}' AND expired='0'
2101              ");
2102              $new_warn_level = $db->fetch_field($query, "warn_lev");
2103              $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'");
2104  
2105              // Additional updates for non-uid fields
2106              $last_poster = array(
2107                  "lastposteruid" => $destination_user['uid'],
2108                  "lastposter" => $db->escape_string($destination_user['username'])
2109              );
2110              $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'");
2111              $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'");
2112              $edit_uid = array(
2113                  "edituid" => $destination_user['uid']
2114              );
2115              $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'");
2116  
2117              $from_uid = array(
2118                  "fromid" => $destination_user['uid']
2119              );
2120              $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'");
2121              $to_uid = array(
2122                  "toid" => $destination_user['uid']
2123              );
2124              $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'");
2125  
2126              // Buddy/ignore lists
2127              $destination_buddies = explode(',', $destination_user['buddylist']);
2128              $source_buddies = explode(',', $source_user['buddylist']);
2129              $buddies = array_unique(array_merge($source_buddies, $destination_buddies));
2130              // Make sure the new buddy list doesn't contain either users
2131              $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid']));
2132  
2133              $destination_ignored = explode(',', $destination_user['ignorelist']);
2134              $source_ignored = explode(',', $destination_user['ignorelist']);
2135              $ignored = array_unique(array_merge($source_ignored, $destination_ignored));
2136              // ... and the same for the new ignore list
2137              $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid']));
2138  
2139              // Remove any ignored users from the buddy list
2140              $buddies = array_diff($buddies_array, $ignored_array);
2141              // implode the arrays so we get a nice neat list for each
2142              $buddies = trim(implode(',', $buddies), ',');
2143              $ignored = trim(implode(',', $ignored_array), ',');
2144  
2145              $lists = array(
2146                  "buddylist" => $buddies,
2147                  "ignorelist" => $ignored
2148              );
2149              $db->update_query("users", $lists, "uid='{$destination_user['uid']}'");
2150  
2151              // Get a list of forums where post count doesn't apply
2152              $fids = array();
2153              $query = $db->simple_select("forums", "fid", "usepostcounts=0");
2154              while($fid = $db->fetch_field($query, "fid"))
2155              {
2156                  $fids[] = $fid;
2157              }
2158  
2159              $fids_not_in = '';
2160              if(!empty($fids))
2161              {
2162                  $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")";
2163              }
2164  
2165              // Update user post count
2166              $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2167              $num = $db->fetch_array($query);
2168              $updated_count = array(
2169                  "postnum" => $num['postnum']
2170              );
2171              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2172  
2173              // Update user thread count
2174              $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2175              $num = $db->fetch_array($query);
2176              $updated_count = array(
2177                  "threadnum" => $num['threadnum']
2178              );
2179              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2180  
2181              // Use the earliest registration date
2182              if($destination_user['regdate'] > $source_user['regdate'])
2183              {
2184                  $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'");
2185              }
2186  
2187              $plugins->run_hooks("admin_user_users_merge_commit");
2188  
2189              // Set up user handler.
2190              require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2191              $userhandler = new UserDataHandler('delete');
2192  
2193              // Delete the old user
2194              $userhandler->delete_user($source_user['uid']);
2195  
2196              $cache->update_awaitingactivation();
2197  
2198              // Log admin action
2199              log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']);
2200  
2201              // Redirect!
2202              $username = htmlspecialchars_uni($source_user['username']);
2203              $destination_username = htmlspecialchars_uni($destination_user['username']);
2204              flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success");
2205              admin_redirect("index.php?module=user-users");
2206              exit;
2207          }
2208      }
2209  
2210      $page->add_breadcrumb_item($lang->merge_users);
2211      $page->output_header($lang->merge_users);
2212  
2213      $page->output_nav_tabs($sub_tabs, 'merge_users');
2214  
2215      // If we have any error messages, show them
2216      if($errors)
2217      {
2218          $page->output_inline_error($errors);
2219      }
2220  
2221      $form = new Form("index.php?module=user-users&amp;action=merge", "post");
2222  
2223      $form_container = new FormContainer($lang->merge_users);
2224      $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username');
2225      $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username');
2226      $form_container->end();
2227  
2228      // Autocompletion for usernames
2229      echo '
2230      <link rel="stylesheet" href="../jscripts/select2/select2.css">
2231      <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script>
2232      <script type="text/javascript">
2233      <!--
2234      $("#source_username").select2({
2235          placeholder: "'.$lang->search_for_a_user.'",
2236          minimumInputLength: 2,
2237          multiple: false,
2238          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2239              url: "../xmlhttp.php?action=get_users",
2240              dataType: \'json\',
2241              data: function (term, page) {
2242                  return {
2243                      query: term // search term
2244                  };
2245              },
2246              results: function (data, page) { // parse the results into the format expected by Select2.
2247                  // since we are using custom formatting functions we do not need to alter remote JSON data
2248                  return {results: data};
2249              }
2250          },
2251          initSelection: function(element, callback) {
2252              var query = $(element).val();
2253              if (query !== "") {
2254                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2255                      data: {
2256                          query: query
2257                      },
2258                      dataType: "json"
2259                  }).done(function(data) { callback(data); });
2260              }
2261          }
2262      });
2263      $("#destination_username").select2({
2264          placeholder: "'.$lang->search_for_a_user.'",
2265          minimumInputLength: 2,
2266          multiple: false,
2267          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2268              url: "../xmlhttp.php?action=get_users",
2269              dataType: \'json\',
2270              data: function (term, page) {
2271                  return {
2272                      query: term // search term
2273                  };
2274              },
2275              results: function (data, page) { // parse the results into the format expected by Select2.
2276                  // since we are using custom formatting functions we do not need to alter remote JSON data
2277                  return {results: data};
2278              }
2279          },
2280          initSelection: function(element, callback) {
2281              var query = $(element).val();
2282              if (query !== "") {
2283                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2284                      data: {
2285                          query: query
2286                      },
2287                      dataType: "json"
2288                  }).done(function(data) { callback(data); });
2289              }
2290          }
2291      });
2292      // -->
2293      </script>';
2294  
2295      $buttons[] = $form->generate_submit_button($lang->merge_user_accounts);
2296      $form->output_submit_wrapper($buttons);
2297      $form->end();
2298  
2299      $page->output_footer();
2300  }
2301  
2302  if($mybb->input['action'] == "search")
2303  {
2304      $plugins->run_hooks("admin_user_users_search");
2305  
2306      if($mybb->request_method == "post" || $mybb->get_input('results') == 1)
2307      {
2308          // Build view options from incoming search options
2309          if($mybb->get_input('vid'))
2310          {
2311              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
2312              $admin_view = $db->fetch_array($query);
2313              // View does not exist or this view is private and does not belong to the current user
2314              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
2315              {
2316                  unset($admin_view);
2317              }
2318          }
2319  
2320          if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')])
2321          {
2322              $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')];
2323              unset($admin_view['extra_sql']);
2324          }
2325  
2326          // Don't have a view? Fetch the default
2327          if(!isset($admin_view) || !$admin_view['vid'])
2328          {
2329              $default_view = fetch_default_view("user");
2330              if(!$default_view)
2331              {
2332                  $default_view = "0";
2333              }
2334              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
2335              $admin_view = $db->fetch_array($query);
2336          }
2337  
2338          // Override specific parts of the view
2339          unset($admin_view['vid']);
2340  
2341          if($mybb->get_input('type'))
2342          {
2343              $admin_view['view_type'] = $mybb->get_input('type');
2344          }
2345  
2346          if(!empty($mybb->input['conditions']))
2347          {
2348              $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY);
2349          }
2350  
2351          if($mybb->get_input('sortby'))
2352          {
2353              $admin_view['sortby'] = $mybb->get_input('sortby');
2354          }
2355  
2356          if($mybb->get_input('perpage', MyBB::INPUT_INT))
2357          {
2358              $admin_view['perpage'] = $mybb->get_input('perpage');
2359          }
2360  
2361          if($mybb->get_input('order'))
2362          {
2363              $admin_view['sortorder'] = $mybb->get_input('order');
2364          }
2365  
2366          if($mybb->get_input('displayas'))
2367          {
2368              $admin_view['view_type'] = $mybb->get_input('displayas');
2369          }
2370  
2371          if(!empty($mybb->input['profile_fields']))
2372          {
2373              $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
2374          }
2375  
2376          $plugins->run_hooks("admin_user_users_search_commit");
2377  
2378          $results = build_users_view($admin_view);
2379  
2380          if($results)
2381          {
2382              $page->output_header($lang->find_users);
2383              echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
2384              $page->output_nav_tabs($sub_tabs, 'find_users');
2385              echo $results;
2386              $page->output_footer();
2387          }
2388          else
2389          {
2390              if($mybb->get_input('from') == "home")
2391              {
2392                  flash_message($lang->error_no_users_found, 'error');
2393                  admin_redirect("index.php");
2394                  exit;
2395              }
2396              else
2397              {
2398                  $errors[] = $lang->error_no_users_found;
2399              }
2400          }
2401      }
2402  
2403      $page->add_breadcrumb_item($lang->find_users);
2404      $page->output_header($lang->find_users);
2405  
2406      $page->output_nav_tabs($sub_tabs, 'find_users');
2407  
2408      // If we have any error messages, show them
2409      if($errors)
2410      {
2411          $page->output_inline_error($errors);
2412      }
2413  
2414      if(!$mybb->get_input('displayas'))
2415      {
2416          $mybb->input['displayas'] = "card";
2417      }
2418  
2419      $form = new Form("index.php?module=user-users&amp;action=search", "post");
2420  
2421      user_search_conditions($mybb->input, $form);
2422  
2423      $form_container = new FormContainer($lang->display_options);
2424      $sort_directions = array(
2425          "asc" => $lang->ascending,
2426          "desc" => $lang->descending
2427      );
2428      $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby');
2429      $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage');
2430      $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false))));
2431      $form_container->end();
2432  
2433      $buttons[] = $form->generate_submit_button($lang->find_users);
2434      $form->output_submit_wrapper($buttons);
2435      $form->end();
2436  
2437      $page->output_footer();
2438  }
2439  
2440  if($mybb->input['action'] == "inline_edit")
2441  {
2442      $plugins->run_hooks("admin_user_users_inline");
2443  
2444      if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view']))
2445      {
2446          // We have a custom view
2447          if(empty($mybb->cookies['acp_view']))
2448          {
2449              // Set a cookie
2450              my_setcookie("acp_view", $mybb->input['vid'], 60);
2451          }
2452          else
2453          {
2454              // We already have a cookie, so let's use it...
2455              $mybb->input['vid'] = $mybb->cookies['acp_view'];
2456          }
2457  
2458          $vid_url = "&amp;vid=".$mybb->get_input('vid');
2459      }
2460      else
2461      {
2462          $vid_url = null;
2463      }
2464  
2465      // First, collect the user IDs that we're performing the moderation on
2466      $selected = array();
2467      if(isset($mybb->cookies['inlinemod_useracp']))
2468      {
2469          $ids = explode("|", $mybb->cookies['inlinemod_useracp']);
2470          foreach($ids as $id)
2471          {
2472              if($id != '')
2473              {
2474                  $selected[] = (int)$id;
2475              }
2476          }
2477      }
2478  
2479      // Verify incoming POST request
2480      if(!verify_post_check($mybb->get_input('my_post_key')))
2481      {
2482          flash_message($lang->invalid_post_verify_key2, 'error');
2483          admin_redirect("index.php?module=user-user");
2484      }
2485      $sub_tabs['manage_users'] = array(
2486          "title" => $lang->manage_users,
2487          "link" => "./",
2488          "description" => $lang->manage_users_desc
2489      );
2490      $page->add_breadcrumb_item($lang->manage_users);
2491  
2492      if(empty($selected))
2493      {
2494          // Not selected any users, show error
2495          flash_message($lang->error_inline_no_users_selected, 'error');
2496          admin_redirect("index.php?module=user-users".$vid_url);
2497      }
2498  
2499      switch($mybb->input['inline_action'])
2500      {
2501          case 'multiactivate':
2502              // Run through the activating users, so that users already registered (but have been selected) aren't affected
2503              if(is_array($selected))
2504              {
2505                  $sql_array = implode(",", $selected);
2506                  $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")");
2507                  $user_mail_data = array();
2508                  while($user = $db->fetch_array($query))
2509                  {
2510                      $to_update[] = $user['uid'];
2511                      $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']);
2512                  }
2513              }
2514  
2515              $plugins->run_hooks("admin_user_multiactivate", $to_update);
2516  
2517              if(isset($to_update) && is_array($to_update))
2518              {
2519                  $sql_array = implode(",", $to_update);
2520                  $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")");
2521  
2522                  $cache->update_awaitingactivation();
2523  
2524                  // send activation mail
2525                  foreach($user_mail_data as $mail_data)
2526                  {
2527                      $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
2528                      my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
2529                  }
2530  
2531                  // Action complete, grab stats and show success message - redirect user
2532                  $to_update_count = count($to_update);
2533                  $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count));
2534  
2535                  if(is_array($selected) && $to_update_count != count($selected))
2536                  {
2537                      // The update count is different to how many we selected!
2538                      $not_updated_count = count($selected) - $to_update_count;
2539                      $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count));
2540                      $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message
2541                  }
2542  
2543                  $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog
2544                  log_admin_action($to_update_count); // Add to adminlog
2545                  my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected
2546  
2547                  flash_message($lang->inline_activated, 'success');
2548                  admin_redirect("index.php?module=user-users".$vid_url);
2549              }
2550              else
2551              {
2552                  // Nothing was updated, show an error
2553                  flash_message($lang->inline_activated_failed, 'error');
2554                  admin_redirect("index.php?module=user-users".$vid_url);
2555              }
2556              break;
2557          case 'multilift':
2558              // Get the users that are banned, and check that they have been selected
2559              if($mybb->get_input('no'))
2560              {
2561                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No'
2562              }
2563  
2564              if($mybb->request_method == "post")
2565              {
2566                  $sql_array = implode(",", $selected);
2567                  $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")");
2568                  $to_be_unbanned = $db->num_rows($query);
2569                  while($ban = $db->fetch_array($query))
2570                  {
2571                      $updated_group = array(
2572                          "usergroup" => $ban['oldgroup'],
2573                          "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']),
2574                          "displaygroup" => $ban['olddisplaygroup']
2575                      );
2576                      $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'");
2577                      $db->delete_query("banned", "uid = '".$ban['uid']."'");
2578                  }
2579  
2580                  $cache->update_moderators();
2581  
2582                  $mybb->input['action'] = "inline_lift";
2583                  log_admin_action($to_be_unbanned);
2584                  my_unsetcookie("inlinemod_useracp");
2585  
2586                  $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned));
2587                  flash_message($lang->success_ban_lifted, 'success');
2588                  admin_redirect("index.php?module=user-users".$vid_url);
2589              }
2590              else
2591              {
2592                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift", $lang->confirm_multilift);
2593              }
2594  
2595              break;
2596          case 'multiban':
2597              if($mybb->input['processed'] == 1)
2598              {
2599                  // We've posted ban information!
2600                  // Build an array of users to ban, =D
2601                  $sql_array = implode(",", $selected);
2602                  // Build a cache array for this users that have been banned already
2603                  $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")");
2604                  while($user = $db->fetch_array($query))
2605                  {
2606                      $bannedcache[] = "u_".$user['uid'];
2607                  }
2608  
2609                  // Collect the users
2610                  $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")");
2611  
2612                  if($mybb->input['bantime'] == '---')
2613                  {
2614                      $lifted = 0;
2615                  }
2616                  else
2617                  {
2618                      $lifted = ban_date2timestamp($mybb->input['bantime']);
2619                  }
2620  
2621                  $reason = my_substr($mybb->input['reason'], 0, 255);
2622  
2623                  $banned_count = 0;
2624                  while($user = $db->fetch_array($query))
2625                  {
2626                      if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid']))
2627                      {
2628                          // We remove ourselves and Super Admins from the mix
2629                          continue;
2630                      }
2631  
2632                      if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache))
2633                      {
2634                          // User already has a ban, update it!
2635                          $update_array = array(
2636                              "admin" => (int)$mybb->user['uid'],
2637                              "dateline" => TIME_NOW,
2638                              "bantime" => $db->escape_string($mybb->input['bantime']),
2639                              "lifted" => $db->escape_string($lifted),
2640                              "reason" => $db->escape_string($reason)
2641                          );
2642                          $db->update_query("banned", $update_array, "uid = '".$user['uid']."'");
2643                      }
2644                      else
2645                      {
2646                          // Not currently banned - insert the ban
2647                          $insert_array = array(
2648                              'uid' => $user['uid'],
2649                              'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
2650                              'oldgroup' => $user['usergroup'],
2651                              'oldadditionalgroups' => $db->escape_string($user['additionalgroups']),
2652                              'olddisplaygroup' => $user['displaygroup'],
2653                              'admin' => (int)$mybb->user['uid'],
2654                              'dateline' => TIME_NOW,
2655                              'bantime' => $db->escape_string($mybb->input['bantime']),
2656                              'lifted' => $db->escape_string($lifted),
2657                              'reason' => $db->escape_string($reason)
2658                          );
2659                          $db->insert_query('banned', $insert_array);
2660                      }
2661  
2662                      // Moved the user to the 'Banned' Group
2663                      $update_array = array(
2664                          'usergroup' => 7,
2665                          'displaygroup' => 0,
2666                          'additionalgroups' => '',
2667                      );
2668                      $db->update_query('users', $update_array, "uid = '{$user['uid']}'");
2669  
2670                      $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'");
2671                      $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'");
2672  
2673                      ++$banned_count;
2674                  }
2675                  $mybb->input['action'] = "inline_banned";
2676                  log_admin_action($banned_count, $lifted);
2677                  my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them
2678  
2679                  $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count);
2680                  flash_message($lang->users_banned, 'success');
2681                  admin_redirect("index.php?module=user-users".$vid_url);
2682              }
2683  
2684              $page->output_header($lang->manage_users);
2685              $page->output_nav_tabs($sub_tabs, 'manage_users');
2686  
2687              // Provide the user with a warning of what they're about to do
2688              $table = new Table;
2689              $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected));
2690              $table->construct_cell($lang->mass_ban_info);
2691              $table->construct_row();
2692              $table->output($lang->important);
2693  
2694              // If there's any errors, display inline
2695              if($errors)
2696              {
2697                  $page->output_inline_error($errors);
2698              }
2699  
2700              $form = new Form("index.php?module=user-users", "post");
2701              echo $form->generate_hidden_field('action', 'inline_edit');
2702              echo $form->generate_hidden_field('inline_action', 'multiban');
2703              echo $form->generate_hidden_field('processed', '1');
2704  
2705              $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift&amp;my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban);
2706              $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason');
2707              $ban_times = fetch_ban_times();
2708              foreach($ban_times as $time => $period)
2709              {
2710                  if($time != '---')
2711                  {
2712                      $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time));
2713                      $period = "{$period} ({$friendly_time})";
2714                  }
2715                  $length_list[$time] = $period;
2716              }
2717              $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime');
2718              $form_container->end();
2719  
2720              $buttons[] = $form->generate_submit_button($lang->ban_users);
2721              $form->output_submit_wrapper($buttons);
2722              $form->end();
2723              $page->output_footer();
2724              break;
2725          case 'multidelete':
2726              if($mybb->get_input('no'))
2727              {
2728                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No
2729              }
2730              else
2731              {
2732                  if($mybb->input['processed'] == 1)
2733                  {
2734                      // Set up user handler.
2735                      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2736                      $userhandler = new UserDataHandler('delete');
2737  
2738                      // Delete users
2739                      $deleted = $userhandler->delete_user($selected);
2740                      $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users
2741  
2742                      // Update forum stats, remove the cookie and redirect the user
2743                      my_unsetcookie("inlinemod_useracp");
2744                      $mybb->input['action'] = "inline_delete";
2745                      log_admin_action($to_be_deleted);
2746  
2747                      $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted);
2748  
2749                      $cache->update_awaitingactivation();
2750  
2751                      flash_message($lang->users_deleted, 'success');
2752                      admin_redirect("index.php?module=user-users".$vid_url);
2753                  }
2754  
2755                  $to_be_deleted = count($selected);
2756                  $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted));
2757                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multidelete&amp;my_post_key={$mybb->post_code}&amp;processed=1", $lang->confirm_multidelete);
2758              }
2759              break;
2760          case 'multiprune':
2761              if($mybb->input['processed'] == 1)
2762              {
2763                  if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set'])
2764                  {
2765                      $errors[] = $lang->multi_selected_dates;
2766                  }
2767  
2768                  $day = $mybb->get_input('day', MyBB::INPUT_INT);
2769                  $month = $mybb->get_input('month', MyBB::INPUT_INT);
2770                  $year = $mybb->get_input('year', MyBB::INPUT_INT);
2771  
2772                  // Selected a date - check if the date the user entered is valid
2773                  if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year'])
2774                  {
2775                      // Is the date sort of valid?
2776                      if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29))
2777                      {
2778                          $errors[] = $lang->incorrect_date;
2779                      }
2780  
2781                      // Check the month
2782                      $months = get_bdays($year);
2783                      if($day > $months[$month-1])
2784                      {
2785                          $errors[] = $lang->incorrect_date;
2786                      }
2787  
2788                      // Check the year
2789                      if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y"))
2790                      {
2791                          $errors[] = $lang->incorrect_date;
2792                      }
2793  
2794                      if(!$errors)
2795                      {
2796                          // No errors, so let's continue and set the date to delete from
2797                          $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp
2798                      }
2799                  }
2800                  elseif($mybb->input['set'] > 0)
2801                  {
2802                      // Set options
2803                      // For this purpose, 1 month = 31 days
2804                      $base_time = 24 * 60 * 60;
2805  
2806                      switch($mybb->input['set'])
2807                      {
2808                          case '1':
2809                              $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms
2810                              break;
2811                          case '2':
2812                              $threshold = $base_time * 93; // 3 months = 31 days * 3
2813                              break;
2814                          case '3':
2815                              $threshold = $base_time * 183; // 6 months = 365 days / 2
2816                              break;
2817                          case '4':
2818                              $threshold = $base_time * 365; // 1 year = 365 days
2819                              break;
2820                          case '5':
2821                              $threshold = $base_time * 548; // 18 months = 365 + 183
2822                              break;
2823                          case '6':
2824                              $threshold = $base_time * 730; // 2 years = 365 * 2
2825                              break;
2826                      }
2827  
2828                      if(!$threshold)
2829                      {
2830                          // An option was entered that isn't in the dropdown box
2831                          $errors[] = $lang->no_set_option;
2832                      }
2833                      else
2834                      {
2835                          $date = TIME_NOW - $threshold;
2836                      }
2837                  }
2838                  else
2839                  {
2840                      $errors[] = $lang->no_prune_option;
2841                  }
2842  
2843                  if(!$errors)
2844                  {
2845                      $sql_array = implode(",", $selected);
2846                      $prune_array = array();
2847                      $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")");
2848                      while($user = $db->fetch_array($query))
2849                      {
2850                          // Protect Super Admins
2851                          if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid']))
2852                          {
2853                              continue;
2854                          }
2855  
2856                          $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete
2857                          if($return_array && is_array($return_array))
2858                          {
2859                              $prune_array = array_merge_recursive($prune_array, $return_array);
2860                          }
2861                      }
2862  
2863                      $plugins->run_hooks("admin_user_multiprune_threads", $prune_array);
2864  
2865                      // No posts were found for the user, return error
2866                      if(!is_array($prune_array) || count($prune_array) == 0)
2867                      {
2868                          flash_message($lang->prune_fail, 'error');
2869                          admin_redirect("index.php?module=user-users".$vid_url);
2870                      }
2871  
2872                      // Require the rebuild functions
2873                      require_once  MYBB_ROOT.'/inc/functions.php';
2874                      require_once  MYBB_ROOT.'/inc/functions_rebuild.php';
2875  
2876                      // We've finished deleting user's posts, so let's delete the threads
2877                      if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0)
2878                      {
2879                          foreach($prune_array['to_delete'] as $tid)
2880                          {
2881                              $db->delete_query("threads", "tid='$tid'");
2882                              $db->delete_query("threads", "closed='moved|$tid'");
2883                              $db->delete_query("threadsubscriptions", "tid='$tid'");
2884                              $db->delete_query("polls", "tid='$tid'");
2885                              $db->delete_query("threadsread", "tid='$tid'");
2886                              $db->delete_query("threadratings", "tid='$tid'");
2887                          }
2888                      }
2889  
2890                      // After deleting threads, rebuild the thread counters for the affected threads
2891                      if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0)
2892                      {
2893                          $sql_array = implode(",", $prune_array['thread_update']);
2894                          $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc'));
2895                          while($thread = $db->fetch_array($query))
2896                          {
2897                              rebuild_thread_counters($thread['tid']);
2898                          }
2899                      }
2900  
2901                      // After updating thread counters, update the affected forum counters
2902                      if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0)
2903                      {
2904                          $sql_array = implode(",", $prune_array['forum_update']);
2905                          $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc'));
2906                          while($forum = $db->fetch_array($query))
2907                          {
2908                              // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update
2909                              if($looped_forum == $forum['fid'])
2910                              {
2911                                  continue;
2912                              }
2913                              $looped_forum = $forum['fid'];
2914                              rebuild_forum_counters($forum['fid']);
2915                          }
2916                      }
2917  
2918                      //log_admin_action();
2919                      my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie
2920                      flash_message($lang->prune_complete, 'success');
2921                      admin_redirect("index.php?module=user-users".$vid_url);
2922                  }
2923              }
2924  
2925              $page->output_header($lang->manage_users);
2926              $page->output_nav_tabs($sub_tabs, 'manage_users');
2927  
2928              // Display a table warning
2929              $table = new Table;
2930              $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected));
2931              $table->construct_cell($lang->mass_prune_info);
2932              $table->construct_row();
2933              $table->output($lang->important);
2934  
2935              if($errors)
2936              {
2937                  $page->output_inline_error($errors);
2938              }
2939  
2940              // Display the prune options
2941              $form = new Form("index.php?module=user-users", "post");
2942              echo $form->generate_hidden_field('action', 'inline_edit');
2943              echo $form->generate_hidden_field('inline_action', 'multiprune');
2944              echo $form->generate_hidden_field('processed', '1');
2945  
2946              $form_container = new FormContainer($lang->mass_prune_posts);
2947  
2948              // Generate a list of days (1 - 31)
2949              $day_options = array();
2950              $day_options[] = "&nbsp;";
2951              for($i = 1; $i <= 31; ++$i)
2952              {
2953                  $day_options[] = $i;
2954              }
2955  
2956              // Generate a list of months (1 - 12)
2957              $month_options = array();
2958              $month_options[] = "&nbsp;";
2959              for($i = 1; $i <= 12; ++$i)
2960              {
2961                  $string = "month_{$i}";
2962                  $month_options[] = $lang->$string;
2963              }
2964              $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']);
2965              $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']);
2966              $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0));
2967  
2968              $prune_select = $date_box.$month_box.$year_box;
2969              $form_container->output_row($lang->manual_date, "", $prune_select, 'date');
2970  
2971              // Generate the set date box
2972              $set_options = array();
2973              $set_options[] = $lang->set_an_option;
2974              for($i = 1; $i <= 6; ++$i)
2975              {
2976                  $string = "option_{$i}";
2977                  $set_options[] = $lang->$string;
2978              }
2979  
2980              $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set');
2981              $form_container->end();
2982  
2983              $buttons[] = $form->generate_submit_button($lang->prune_posts);
2984              $form->output_submit_wrapper($buttons);
2985              $form->end();
2986              $page->output_footer();
2987              break;
2988          case 'multiusergroup':
2989              if($mybb->get_input('processed', \MyBB::INPUT_INT) === 1)
2990              {
2991                  // Determine additional usergroups
2992                  if(is_array($mybb->input['additionalgroups']))
2993                  {
2994                      foreach($mybb->input['additionalgroups'] as $key => $gid)
2995                      {
2996                          if($gid == $mybb->input['usergroup'])
2997                          {
2998                              unset($mybb->input['additionalgroups'][$key]);
2999                          }
3000                      }
3001  
3002                      $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
3003                  }
3004                  else
3005                  {
3006                      $additionalgroups = '';
3007                  }
3008  
3009                  // Create an update array
3010                  $update_array = array(
3011                      "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT),
3012                      "additionalgroups" => $additionalgroups,
3013                      "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT)
3014                  );
3015  
3016                  // Create an admin_user_multiusergroup hook array
3017                  $hook_params = array(
3018                      "selected" => &$selected,
3019                      "update_array" => &$update_array
3020                  );
3021  
3022                  $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params);
3023  
3024                  // Do the usergroup update for all those selected
3025                  // If the a selected user is a super admin, don't update that user
3026                  $users_to_update = array();
3027                  foreach($selected as $user)
3028                  {
3029                      if(!is_super_admin($user))
3030                      {
3031                          $users_to_update[] = $user;
3032                      }
3033                  }
3034  
3035                  $to_update_count = count($users_to_update);
3036                  if($to_update_count > 0)
3037                  {
3038                      // Update the users in the database
3039                      $sql = implode(",", $users_to_update);
3040                      $db->update_query("users", $update_array, "uid IN (".$sql.")");
3041  
3042                      // Redirect the admin...
3043                      $mybb->input['action'] = "inline_usergroup";
3044                      log_admin_action($to_update_count);
3045                      my_unsetcookie("inlinemod_useracp");
3046                      flash_message($lang->success_mass_usergroups, 'success');
3047                      admin_redirect("index.php?module=user-users".$vid_url);
3048                  }
3049                  else
3050                  {
3051                      // They tried to edit super admins! Uh-oh!
3052                      $errors[] = $lang->no_usergroup_changed;
3053                  }
3054              }
3055  
3056              $page->output_header($lang->manage_users);
3057              $page->output_nav_tabs($sub_tabs, 'manage_users');
3058  
3059              // Display a table warning
3060              $table = new Table;
3061              $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected));
3062              $table->construct_cell($lang->usergroup_info);
3063              $table->construct_row();
3064              $table->output($lang->important);
3065  
3066              if($errors)
3067              {
3068                  $page->output_inline_error($errors);
3069              }
3070  
3071              // Display the usergroup options
3072              $form = new Form("index.php?module=user-users", "post");
3073              echo $form->generate_hidden_field('action', 'inline_edit');
3074              echo $form->generate_hidden_field('inline_action', 'multiusergroup');
3075              echo $form->generate_hidden_field('processed', '1');
3076  
3077              $form_container = new FormContainer($lang->mass_usergroups);
3078  
3079              // Usergroups
3080              $display_group_options[0] = $lang->use_primary_user_group;
3081              $options = array();
3082              $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
3083              while($usergroup = $db->fetch_array($query))
3084              {
3085                  $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3086                  $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3087              }
3088  
3089              if(!$mybb->get_input('additionalgroups', \MyBB::INPUT_ARRAY))
3090              {
3091                  $mybb->input['additionalgroups'] = explode(',', $mybb->get_input('additionalgroups'));
3092              }
3093  
3094              $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
3095              $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
3096              $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup');
3097  
3098              $form_container->end();
3099  
3100              $buttons[] = $form->generate_submit_button($lang->alter_usergroups);
3101              $form->output_submit_wrapper($buttons);
3102              $form->end();
3103              $page->output_footer();
3104              break;
3105      }
3106  }
3107  
3108  if(!$mybb->input['action'])
3109  {
3110      $plugins->run_hooks("admin_user_users_start");
3111  
3112      $page->output_header($lang->browse_users);
3113      echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
3114  
3115      $page->output_nav_tabs($sub_tabs, 'browse_users');
3116  
3117      if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']])
3118      {
3119          $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']];
3120          unset($admin_view['extra_sql']);
3121      }
3122      else
3123      {
3124          // Showing a specific view
3125          if(isset($mybb->input['vid']))
3126          {
3127              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
3128              $admin_view = $db->fetch_array($query);
3129              // View does not exist or this view is private and does not belong to the current user
3130              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
3131              {
3132                  unset($admin_view);
3133              }
3134          }
3135  
3136          // Don't have a view? Fetch the default
3137          if(!isset($admin_view))
3138          {
3139              $default_view = fetch_default_view("user");
3140              if(!$default_view)
3141              {
3142                  $default_view = "0";
3143              }
3144              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
3145              $admin_view = $db->fetch_array($query);
3146          }
3147      }
3148  
3149      // Fetch a list of all of the views for this user
3150      $popup = new PopupMenu("views", $lang->views);
3151  
3152      $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title"));
3153      while($view = $db->fetch_array($query))
3154      {
3155          $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&amp;vid={$view['vid']}");
3156      }
3157      $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&amp;action=views");
3158      $admin_view['popup'] = $popup->fetch