[ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 require_once MYBB_ROOT."inc/functions_upload.php"; 18 19 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 20 21 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 22 { 23 $sub_tabs['browse_users'] = array( 24 'title' => $lang->browse_users, 25 'link' => "index.php?module=user-users", 26 'description' => $lang->browse_users_desc 27 ); 28 29 $sub_tabs['find_users'] = array( 30 'title' => $lang->find_users, 31 'link' => "index.php?module=user-users&action=search", 32 'description' => $lang->find_users_desc 33 ); 34 35 $sub_tabs['create_user'] = array( 36 'title' => $lang->create_user, 37 'link' => "index.php?module=user-users&action=add", 38 'description' => $lang->create_user_desc 39 ); 40 41 $sub_tabs['merge_users'] = array( 42 'title' => $lang->merge_users, 43 'link' => "index.php?module=user-users&action=merge", 44 'description' => $lang->merge_users_desc 45 ); 46 } 47 48 $user_view_fields = array( 49 "avatar" => array( 50 "title" => $lang->avatar, 51 "width" => "24", 52 "align" => "" 53 ), 54 55 "username" => array( 56 "title" => $lang->username, 57 "width" => "", 58 "align" => "" 59 ), 60 61 "email" => array( 62 "title" => $lang->email, 63 "width" => "", 64 "align" => "center" 65 ), 66 67 "usergroup" => array( 68 "title" => $lang->primary_group, 69 "width" => "", 70 "align" => "center" 71 ), 72 73 "additionalgroups" => array( 74 "title" => $lang->additional_groups, 75 "width" => "", 76 "align" => "center" 77 ), 78 79 "regdate" => array( 80 "title" => $lang->registered, 81 "width" => "", 82 "align" => "center" 83 ), 84 85 "lastactive" => array( 86 "title" => $lang->last_active, 87 "width" => "", 88 "align" => "center" 89 ), 90 91 "postnum" => array( 92 "title" => $lang->post_count, 93 "width" => "", 94 "align" => "center" 95 ), 96 97 "threadnum" => array( 98 "title" => $lang->thread_count, 99 "width" => "", 100 "align" => "center" 101 ), 102 103 "reputation" => array( 104 "title" => $lang->reputation, 105 "width" => "", 106 "align" => "center" 107 ), 108 109 "warninglevel" => array( 110 "title" => $lang->warning_level, 111 "width" => "", 112 "align" => "center" 113 ), 114 115 "regip" => array( 116 "title" => $lang->registration_ip, 117 "width" => "", 118 "align" => "center" 119 ), 120 121 "lastip" => array( 122 "title" => $lang->last_known_ip, 123 "width" => "", 124 "align" => "center" 125 ), 126 127 "controls" => array( 128 "title" => $lang->controls, 129 "width" => "", 130 "align" => "center" 131 ) 132 ); 133 134 $sort_options = array( 135 "username" => $lang->username, 136 "regdate" => $lang->registration_date, 137 "lastactive" => $lang->last_active, 138 "numposts" => $lang->post_count, 139 "reputation" => $lang->reputation, 140 "warninglevel" => $lang->warning_level 141 ); 142 143 $plugins->run_hooks("admin_user_users_begin"); 144 145 // Initialise the views manager for user based views 146 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 147 if($mybb->input['action'] == "views") 148 { 149 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 150 } 151 152 if($mybb->input['action'] == 'iplookup') 153 { 154 $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); 155 $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); 156 $ipaddress_location = $lang->na; 157 $ipaddress_host_name = $lang->na; 158 $modcp_ipsearch_misc_info = ''; 159 if(!strstr($mybb->input['ipaddress'], "*")) 160 { 161 // Return GeoIP information if it is available to us 162 if(function_exists('geoip_record_by_name')) 163 { 164 $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); 165 if($ip_record) 166 { 167 $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name'])); 168 if($ip_record['city']) 169 { 170 $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city'])); 171 } 172 } 173 } 174 175 if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP)) 176 { 177 $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); 178 179 // gethostbyaddr returns the same ip on failure 180 if($ipaddress_host_name == $mybb->input['ipaddress']) 181 { 182 $ipaddress_host_name = $lang->na; 183 } 184 } 185 } 186 187 ?> 188 <div class="modal"> 189 <div style="overflow-y: auto; max-height: 400px;"> 190 191 <?php 192 193 $table = new Table(); 194 195 $table->construct_cell($lang->ipaddress_host_name.":"); 196 $table->construct_cell($ipaddress_host_name); 197 $table->construct_row(); 198 199 $table->construct_cell($lang->ipaddress_location.":"); 200 $table->construct_cell($ipaddress_location); 201 $table->construct_row(); 202 203 $table->output($lang->ipaddress_misc_info); 204 205 ?> 206 </div> 207 </div> 208 <?php 209 } 210 211 if($mybb->input['action'] == "activate_user") 212 { 213 if(!verify_post_check($mybb->get_input('my_post_key'))) 214 { 215 flash_message($lang->invalid_post_verify_key2, 'error'); 216 admin_redirect("index.php?module=user-users"); 217 } 218 219 $user = get_user($mybb->input['uid']); 220 221 // Does the user not exist? 222 if(!$user || $user['usergroup'] != 5) 223 { 224 flash_message($lang->error_invalid_user, 'error'); 225 admin_redirect("index.php?module=user-users"); 226 } 227 228 $plugins->run_hooks("admin_user_users_coppa_activate"); 229 230 $updated_user['usergroup'] = $user['usergroup']; 231 232 // Update 233 if($user['coppauser']) 234 { 235 $updated_user = array( 236 "coppauser" => 0 237 ); 238 } 239 else 240 { 241 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 242 } 243 244 // Move out of awaiting activation if they're in it. 245 if($user['usergroup'] == 5) 246 { 247 $updated_user['usergroup'] = 2; 248 } 249 250 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 251 252 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 253 254 $cache->update_awaitingactivation(); 255 256 $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 257 my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 258 259 // Log admin action 260 log_admin_action($user['uid'], $user['username']); 261 262 if($mybb->input['from'] == "home") 263 { 264 if($user['coppauser']) 265 { 266 $message = $lang->success_coppa_activated; 267 } 268 else 269 { 270 $message = $lang->success_activated; 271 } 272 273 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 274 } 275 else 276 { 277 if($user['coppauser']) 278 { 279 flash_message($lang->success_coppa_activated, 'success'); 280 } 281 else 282 { 283 flash_message($lang->success_activated, 'success'); 284 } 285 } 286 287 if($admin_session['data']['last_users_url']) 288 { 289 $url = $admin_session['data']['last_users_url']; 290 update_admin_session('last_users_url', ''); 291 292 if($mybb->input['from'] == "home") 293 { 294 update_admin_session('from', 'home'); 295 } 296 } 297 else 298 { 299 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 300 } 301 302 $plugins->run_hooks("admin_user_users_coppa_end"); 303 304 admin_redirect($url); 305 } 306 307 if($mybb->input['action'] == "add") 308 { 309 $plugins->run_hooks("admin_user_users_add"); 310 311 if($mybb->request_method == "post") 312 { 313 // Determine the usergroup stuff 314 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 315 { 316 foreach($mybb->input['additionalgroups'] as $key => $gid) 317 { 318 if($gid == $mybb->input['usergroup']) 319 { 320 unset($mybb->input['additionalgroups'][$key]); 321 } 322 } 323 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 324 } 325 else 326 { 327 $additionalgroups = ''; 328 } 329 330 // Set up user handler. 331 require_once MYBB_ROOT."inc/datahandlers/user.php"; 332 $userhandler = new UserDataHandler('insert'); 333 334 // Set the data for the new user. 335 $new_user = array( 336 "uid" => $mybb->get_input('uid'), 337 "username" => $mybb->get_input('username'), 338 "password" => $mybb->get_input('password'), 339 "password2" => $mybb->get_input('confirm_password'), 340 "email" => $mybb->get_input('email'), 341 "email2" => $mybb->get_input('email'), 342 "usergroup" => $mybb->get_input('usergroup'), 343 "additionalgroups" => $additionalgroups, 344 "displaygroup" => $mybb->get_input('displaygroup'), 345 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 346 "profile_fields_editable" => true, 347 ); 348 349 // Set the data of the user in the datahandler. 350 $userhandler->set_data($new_user); 351 $errors = ''; 352 353 // Validate the user and get any errors that might have occurred. 354 if(!$userhandler->validate_user()) 355 { 356 $errors = $userhandler->get_friendly_errors(); 357 } 358 else 359 { 360 $user_info = $userhandler->insert_user(); 361 362 $plugins->run_hooks("admin_user_users_add_commit"); 363 364 // Log admin action 365 log_admin_action($user_info['uid'], $user_info['username']); 366 367 flash_message($lang->success_user_created, 'success'); 368 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 369 } 370 } 371 372 // Fetch custom profile fields - only need required profile fields here 373 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 374 375 $profile_fields = array( 376 'required' => array(), 377 'optional' => array(), 378 ); 379 while($profile_field = $db->fetch_array($query)) 380 { 381 $profile_fields['required'][] = $profile_field; 382 } 383 384 $page->add_breadcrumb_item($lang->create_user); 385 $page->output_header($lang->create_user); 386 387 $form = new Form("index.php?module=user-users&action=add", "post"); 388 389 $page->output_nav_tabs($sub_tabs, 'create_user'); 390 391 // If we have any error messages, show them 392 if($errors) 393 { 394 $page->output_inline_error($errors); 395 } 396 else 397 { 398 $mybb->input = array_merge($mybb->input, array('usergroup' => 2)); 399 } 400 401 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 402 403 $form_container = new FormContainer($lang->required_profile_info); 404 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username'); 405 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password'); 406 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password'); 407 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email'); 408 409 $display_group_options[0] = $lang->use_primary_user_group; 410 $options = array(); 411 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 412 while($usergroup = $db->fetch_array($query)) 413 { 414 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 415 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 416 } 417 418 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 419 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 420 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 421 422 // Output custom profile fields - required 423 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 424 425 $form_container->end(); 426 $buttons[] = $form->generate_submit_button($lang->save_user); 427 $form->output_submit_wrapper($buttons); 428 429 $form->end(); 430 $page->output_footer(); 431 } 432 433 if($mybb->input['action'] == "edit") 434 { 435 $user = get_user($mybb->input['uid']); 436 437 // Does the user not exist? 438 if(!$user) 439 { 440 flash_message($lang->error_invalid_user, 'error'); 441 admin_redirect("index.php?module=user-users"); 442 } 443 444 $plugins->run_hooks("admin_user_users_edit"); 445 446 if($mybb->request_method == "post") 447 { 448 $plugins->run_hooks("admin_user_users_edit_start"); 449 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 450 { 451 flash_message($lang->error_no_perms_super_admin, 'error'); 452 admin_redirect("index.php?module=user-users"); 453 } 454 455 // Determine the usergroup stuff 456 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 457 { 458 foreach($mybb->input['additionalgroups'] as $key => $gid) 459 { 460 if($gid == $mybb->input['usergroup']) 461 { 462 unset($mybb->input['additionalgroups'][$key]); 463 } 464 } 465 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 466 } 467 else 468 { 469 $additionalgroups = ''; 470 } 471 472 $returndate = ""; 473 if(!empty($mybb->input['away_day'])) 474 { 475 $awaydate = TIME_NOW; 476 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 477 if(!$mybb->input['away_month']) 478 { 479 $mybb->input['away_month'] = my_date('n', $awaydate); 480 } 481 if(!$mybb->input['away_year']) 482 { 483 $mybb->input['away_year'] = my_date('Y', $awaydate); 484 } 485 486 $return_month = (int)substr($mybb->input['away_month'], 0, 2); 487 $return_day = (int)substr($mybb->input['away_day'], 0, 2); 488 $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999); 489 490 // Check if return date is after the away date. 491 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 492 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 493 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 494 { 495 $away_in_past = true; 496 } 497 498 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 499 } 500 501 // Set up user handler. 502 require_once MYBB_ROOT."inc/datahandlers/user.php"; 503 $userhandler = new UserDataHandler('update'); 504 505 // Set the data for the new user. 506 $updated_user = array( 507 "uid" => $mybb->get_input('uid'), 508 "username" => $mybb->get_input('username'), 509 "email" => $mybb->get_input('email'), 510 "email2" => $mybb->get_input('email'), 511 "usergroup" => $mybb->get_input('usergroup'), 512 "additionalgroups" => $additionalgroups, 513 "displaygroup" => $mybb->get_input('displaygroup'), 514 "postnum" => $mybb->get_input('postnum'), 515 "threadnum" => $mybb->get_input('threadnum'), 516 "usertitle" => $mybb->get_input('usertitle'), 517 "timezone" => $mybb->get_input('timezone'), 518 "language" => $mybb->get_input('language'), 519 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 520 "profile_fields_editable" => true, 521 "website" => $mybb->get_input('website'), 522 "icq" => $mybb->get_input('icq'), 523 "skype" => $mybb->get_input('skype'), 524 "google" => $mybb->get_input('google'), 525 "birthday" => array( 526 "day" => $mybb->get_input('bday1'), 527 "month" => $mybb->get_input('bday2'), 528 "year" => $mybb->get_input('bday3') 529 ), 530 "style" => $mybb->get_input('style'), 531 "signature" => $mybb->get_input('signature'), 532 "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT), 533 "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT), 534 "usernotes" => $mybb->get_input('usernotes'), 535 "away" => array( 536 "away" => $mybb->get_input('away'), 537 "date" => TIME_NOW, 538 "returndate" => $returndate, 539 "awayreason" => $mybb->get_input('awayreason') 540 ) 541 ); 542 543 if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5) 544 { 545 if($user['coppauser'] == 1) 546 { 547 $updated_user['coppa_user'] = 0; 548 } 549 } 550 if($mybb->get_input('new_password')) 551 { 552 $updated_user['password'] = $mybb->get_input('new_password'); 553 $updated_user['password2'] = $mybb->get_input('confirm_new_password'); 554 } 555 556 $updated_user['options'] = array( 557 "allownotices" => $mybb->get_input('allownotices'), 558 "hideemail" => $mybb->get_input('hideemail'), 559 "subscriptionmethod" => $mybb->get_input('subscriptionmethod'), 560 "invisible" => $mybb->get_input('invisible'), 561 "dstcorrection" => $mybb->get_input('dstcorrection'), 562 "threadmode" => $mybb->get_input('threadmode'), 563 "classicpostbit" => $mybb->get_input('classicpostbit'), 564 "showimages" => $mybb->get_input('showimages'), 565 "showvideos" => $mybb->get_input('showvideos'), 566 "showsigs" => $mybb->get_input('showsigs'), 567 "showavatars" => $mybb->get_input('showavatars'), 568 "showquickreply" => $mybb->get_input('showquickreply'), 569 "receivepms" => $mybb->get_input('receivepms'), 570 "receivefrombuddy" => $mybb->get_input('receivefrombuddy'), 571 "pmnotice" => $mybb->get_input('pmnotice'), 572 "daysprune" => $mybb->get_input('daysprune'), 573 "showcodebuttons" => $mybb->get_input('showcodebuttons'), 574 "sourceeditor" => $mybb->get_input('sourceeditor'), 575 "pmnotify" => $mybb->get_input('pmnotify'), 576 "buddyrequestspm" => $mybb->get_input('buddyrequestspm'), 577 "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'), 578 "showredirect" => $mybb->get_input('showredirect') 579 ); 580 581 if($mybb->settings['usertppoptions']) 582 { 583 $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT); 584 } 585 586 if($mybb->settings['userpppoptions']) 587 { 588 $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT); 589 } 590 591 // Set the data of the user in the datahandler. 592 $userhandler->set_data($updated_user); 593 $errors = ''; 594 595 // Validate the user and get any errors that might have occurred. 596 if(!$userhandler->validate_user()) 597 { 598 $errors = $userhandler->get_friendly_errors(); 599 } 600 else 601 { 602 // Are we removing an avatar from this user? 603 if($mybb->get_input('remove_avatar')) 604 { 605 $extra_user_updates = array( 606 "avatar" => "", 607 "avatardimensions" => "", 608 "avatartype" => "" 609 ); 610 remove_avatars($user['uid']); 611 } 612 613 // Are we uploading a new avatar? 614 if($_FILES['avatar_upload']['name']) 615 { 616 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 617 if($avatar['error']) 618 { 619 $errors = array($avatar['error']); 620 } 621 else 622 { 623 if($avatar['width'] > 0 && $avatar['height'] > 0) 624 { 625 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 626 } 627 $extra_user_updates = array( 628 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 629 "avatardimensions" => $avatar_dimensions, 630 "avatartype" => "upload" 631 ); 632 } 633 } 634 // Are we setting a new avatar from a URL? 635 else if(!empty($mybb->input['avatar_url']) && $mybb->input['avatar_url'] != $user['avatar']) 636 { 637 if(!$mybb->settings['allowremoteavatars']) 638 { 639 $errors = array($lang->error_remote_avatar_not_allowed); 640 } 641 else 642 { 643 if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false) 644 { 645 // Gravatar 646 $email = md5(strtolower(trim($mybb->input['avatar_url']))); 647 648 $s = ''; 649 if(!$mybb->settings['maxavatardims']) 650 { 651 $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits 652 } 653 654 // Because Gravatars are square, hijack the width 655 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 656 657 $s = "?s={$maxwidth}"; 658 $maxheight = (int)$maxwidth; 659 660 $extra_user_updates = array( 661 "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}", 662 "avatardimensions" => "{$maxheight}|{$maxheight}", 663 "avatartype" => "gravatar" 664 ); 665 } 666 else 667 { 668 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 669 $ext = get_extension($mybb->input['avatar_url']); 670 671 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 672 $file = fetch_remote_file($mybb->input['avatar_url']); 673 if(!$file) 674 { 675 $avatar_error = $lang->error_invalidavatarurl; 676 } 677 else 678 { 679 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 680 $fp = @fopen($tmp_name, "wb"); 681 if(!$fp) 682 { 683 $avatar_error = $lang->error_invalidavatarurl; 684 } 685 else 686 { 687 fwrite($fp, $file); 688 fclose($fp); 689 list($width, $height, $type) = @getimagesize($tmp_name); 690 @unlink($tmp_name); 691 echo $type; 692 if(!$type) 693 { 694 $avatar_error = $lang->error_invalidavatarurl; 695 } 696 } 697 } 698 699 if(empty($avatar_error)) 700 { 701 if($width && $height && $mybb->settings['maxavatardims'] != "") 702 { 703 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 704 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 705 { 706 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 707 $avatar_error = $lang->error_avatartoobig; 708 } 709 } 710 } 711 712 if(empty($avatar_error)) 713 { 714 if($width > 0 && $height > 0) 715 { 716 $avatar_dimensions = (int)$width."|".(int)$height; 717 } 718 $extra_user_updates = array( 719 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 720 "avatardimensions" => $avatar_dimensions, 721 "avatartype" => "remote" 722 ); 723 remove_avatars($user['uid']); 724 } 725 else 726 { 727 $errors = array($avatar_error); 728 } 729 } 730 } 731 } 732 733 // Moderator "Options" (suspend signature, suspend/moderate posting) 734 $moderator_options = array( 735 1 => array( 736 "action" => "suspendsignature", // The moderator action we're performing 737 "period" => "action_period", // The time period we've selected from the dropdown box 738 "time" => "action_time", // The time we've entered 739 "update_field" => "suspendsignature", // The field in the database to update if true 740 "update_length" => "suspendsigtime" // The length of suspension field in the database 741 ), 742 2 => array( 743 "action" => "moderateposting", 744 "period" => "modpost_period", 745 "time" => "modpost_time", 746 "update_field" => "moderateposts", 747 "update_length" => "moderationtime" 748 ), 749 3 => array( 750 "action" => "suspendposting", 751 "period" => "suspost_period", 752 "time" => "suspost_time", 753 "update_field" => "suspendposting", 754 "update_length" => "suspensiontime" 755 ) 756 ); 757 758 require_once MYBB_ROOT."inc/functions_warnings.php"; 759 foreach($moderator_options as $option) 760 { 761 if(empty($mybb->input[$option['action']])) 762 { 763 if($user[$option['update_field']] == 1) 764 { 765 // We're revoking the suspension 766 $extra_user_updates[$option['update_field']] = 0; 767 $extra_user_updates[$option['update_length']] = 0; 768 } 769 770 // Skip this option if we haven't selected it 771 continue; 772 } 773 else 774 { 775 if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 776 { 777 // User has selected a type of ban, but not entered a valid time frame 778 $string = $option['action']."_error"; 779 $errors[] = $lang->$string; 780 } 781 782 if(!is_array($errors)) 783 { 784 $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]); 785 786 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 787 { 788 // We already have a suspension, but entered a new time 789 if($suspend_length == "-1") 790 { 791 // Permanent ban on action 792 $extra_user_updates[$option['update_length']] = 0; 793 } 794 elseif($suspend_length && $suspend_length != "-1") 795 { 796 // Temporary ban on action 797 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 798 } 799 } 800 elseif(!$user[$option['update_field']]) 801 { 802 // New suspension for this user... bad user! 803 $extra_user_updates[$option['update_field']] = 1; 804 if($suspend_length == "-1") 805 { 806 $extra_user_updates[$option['update_length']] = 0; 807 } 808 else 809 { 810 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 811 } 812 } 813 } 814 } 815 } 816 817 if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting'])) 818 { 819 $errors[] = $lang->suspendmoderate_error; 820 } 821 822 if(isset($away_in_past)) 823 { 824 $errors[] = $lang->error_acp_return_date_past; 825 } 826 827 if(!$errors) 828 { 829 $user_info = $userhandler->update_user(); 830 831 $plugins->run_hooks("admin_user_users_edit_commit_start"); 832 833 if(!empty($extra_user_updates)) 834 { 835 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 836 } 837 838 // if we're updating the user's signature preferences, do so now 839 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 840 { 841 $update_signature = array( 842 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 843 ); 844 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 845 } 846 847 $plugins->run_hooks("admin_user_users_edit_commit"); 848 849 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 850 { 851 $cache->update_awaitingactivation(); 852 } 853 854 // Log admin action 855 log_admin_action($user['uid'], $mybb->input['username']); 856 857 flash_message($lang->success_user_updated, 'success'); 858 admin_redirect("index.php?module=user-users"); 859 } 860 $plugins->run_hooks("admin_user_users_edit_end"); 861 } 862 } 863 864 if(!$errors) 865 { 866 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 867 $mybb->input = array_merge($mybb->input, $user); 868 869 $options = array( 870 'bday1', 'bday2', 'bday3', 871 'new_password', 'confirm_new_password', 872 'action_time', 'action_period', 873 'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time' 874 ); 875 876 foreach($options as $option) 877 { 878 if(!isset($input_user[$option])) 879 { 880 $mybb->input[$option] = ''; 881 } 882 } 883 884 // We need to fetch this users profile field values 885 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 886 $mybb->input['profile_fields'] = $db->fetch_array($query); 887 } 888 889 if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3']) 890 { 891 $mybb->input['bday'][0] = $mybb->input['bday1']; 892 $mybb->input['bday'][1] = $mybb->input['bday2']; 893 $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT); 894 } 895 else 896 { 897 $mybb->input['bday'] = array(0, 0, ''); 898 899 if($user['birthday']) 900 { 901 $mybb->input['bday'] = explode('-', $user['birthday']); 902 } 903 } 904 905 if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year')) 906 { 907 $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT); 908 } 909 else 910 { 911 $mybb->input['away_day'] = 0; 912 $mybb->input['away_month'] = 0; 913 $mybb->input['away_year'] = ''; 914 915 if($user['returndate']) 916 { 917 list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']); 918 } 919 } 920 921 // Fetch custom profile fields 922 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 923 924 $profile_fields = array( 925 'required' => array(), 926 'optional' => array(), 927 ); 928 while($profile_field = $db->fetch_array($query)) 929 { 930 if($profile_field['required'] == 1) 931 { 932 $profile_fields['required'][] = $profile_field; 933 } 934 else 935 { 936 $profile_fields['optional'][] = $profile_field; 937 } 938 } 939 940 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 941 942 $page->extra_header .= <<<EOF 943 944 <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" /> 945 <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1832"></script> 946 <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1837"></script> 947 <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1832"></script> 948 EOF; 949 $page->output_header($lang->edit_user); 950 951 $sub_tabs['edit_user'] = array( 952 'title' => $lang->edit_user, 953 'description' => $lang->edit_user_desc 954 ); 955 956 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 957 958 $page->output_nav_tabs($sub_tabs, 'edit_user'); 959 960 // If we have any error messages, show them 961 if($errors) 962 { 963 $page->output_inline_error($errors); 964 } 965 966 // Is this user a COPPA user? We show a warning & activate link 967 if($user['coppauser']) 968 { 969 echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code); 970 } 971 972 $tabs = array( 973 "overview" => $lang->overview, 974 "profile" => $lang->profile, 975 "settings" => $lang->account_settings, 976 "signature" => $lang->signature, 977 "avatar" => $lang->avatar, 978 "modoptions" => $lang->mod_options 979 ); 980 $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs); 981 $page->output_tab_control($tabs); 982 983 // 984 // OVERVIEW 985 // 986 echo "<div id=\"tab_overview\">\n"; 987 $table = new Table; 988 $table->construct_header($lang->avatar, array('class' => 'align_center')); 989 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 990 991 // Avatar 992 $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']); 993 if($user['avatardimensions']) 994 { 995 require_once MYBB_ROOT."inc/functions_image.php"; 996 list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']); 997 $scaled_dimensions = scale_image($width, $height, 120, 120); 998 } 999 else 1000 { 1001 $scaled_dimensions = array( 1002 "width" => 120, 1003 "height" => 120 1004 ); 1005 } 1006 if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars'])) 1007 { 1008 if(!my_validate_url($user['avatar'])) 1009 { 1010 $avatar = format_avatar($user['avatar'], $user['avatardimensions']); 1011 $user['avatar'] = $avatar['image']; 1012 } 1013 } 1014 else 1015 { 1016 if(my_validate_url($mybb->settings['useravatar'])) 1017 { 1018 $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1019 } 1020 else 1021 { 1022 $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1023 } 1024 } 1025 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 1026 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 1027 if(!empty($last_seen)) 1028 { 1029 $last_active = my_date('relative', $last_seen); 1030 } 1031 else 1032 { 1033 $last_active = $lang->never; 1034 } 1035 $reg_date = my_date('relative', $user['regdate']); 1036 if($user['dst'] == 1) 1037 { 1038 $timezone = (float)$user['timezone']+1; 1039 } 1040 else 1041 { 1042 $timezone = (float)$user['timezone']; 1043 } 1044 $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)); 1045 $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1046 1047 $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time); 1048 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1049 $posts_per_day = 0; 1050 if($days_registered > 0) 1051 { 1052 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1053 if($posts_per_day > $user['postnum']) 1054 { 1055 $posts_per_day = $user['postnum']; 1056 } 1057 } 1058 $posts_per_day = my_number_format($posts_per_day); 1059 1060 $stats = $cache->read("stats"); 1061 $posts = $stats['numposts']; 1062 if($posts == 0) 1063 { 1064 $percent_posts = "0"; 1065 } 1066 else 1067 { 1068 $percent_posts = round($user['postnum']*100/$posts, 2); 1069 } 1070 1071 $user_permissions = user_permissions($user['uid']); 1072 1073 // Fetch the reputation for this user 1074 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1075 { 1076 $reputation = get_reputation($user['reputation']); 1077 } 1078 else 1079 { 1080 $reputation = "-"; 1081 } 1082 1083 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1084 { 1085 if($mybb->settings['maxwarningpoints'] < 1) 1086 { 1087 $mybb->settings['maxwarningpoints'] = 10; 1088 } 1089 1090 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1091 if($warning_level > 100) 1092 { 1093 $warning_level = 100; 1094 } 1095 $warning_level = get_colored_warning_level($warning_level); 1096 } 1097 else 1098 { 1099 $warning_level = "-"; 1100 } 1101 1102 $age = $lang->na; 1103 if($user['birthday']) 1104 { 1105 $age = get_age($user['birthday']); 1106 } 1107 1108 $postnum = my_number_format($user['postnum']); 1109 1110 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1111 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1112 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1113 $table->construct_row(); 1114 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1115 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}"); 1116 $table->construct_row(); 1117 $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}"); 1118 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1119 $table->construct_row(); 1120 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1121 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1122 $table->construct_row(); 1123 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1124 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1125 $table->construct_row(); 1126 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip']))); 1127 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip']))); 1128 $table->construct_row(); 1129 1130 $username = htmlspecialchars_uni($user['username']); 1131 $table->output("{$lang->user_overview}: {$username}"); 1132 $plugins->run_hooks("admin_user_users_edit_overview"); 1133 echo "</div>\n"; 1134 1135 // 1136 // PROFILE 1137 // 1138 echo "<div id=\"tab_profile\">\n"; 1139 1140 $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username'])); 1141 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1142 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1143 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1144 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1145 1146 $display_group_options[0] = $lang->use_primary_user_group; 1147 $options = array(); 1148 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1149 while($usergroup = $db->fetch_array($query)) 1150 { 1151 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1152 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1153 } 1154 1155 if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups'])) 1156 { 1157 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1158 } 1159 1160 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 1161 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1162 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 1163 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum'); 1164 $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum'); 1165 1166 // Output custom profile fields - required 1167 if(!isset($profile_fields['required'])) 1168 { 1169 $profile_fields['required'] = array(); 1170 } 1171 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 1172 1173 $form_container->end(); 1174 1175 $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username'])); 1176 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle'); 1177 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website'); 1178 $form_container->output_row($lang->icq_number, "", $form->generate_numeric_field('icq', $mybb->get_input('icq'), array('id' => 'icq', 'min' => 0)), 'icq'); 1179 $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype'); 1180 $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google'); 1181 1182 // Birthday 1183 $birthday_days = array(0 => ''); 1184 for($i = 1; $i <= 31; $i++) 1185 { 1186 $birthday_days[$i] = $i; 1187 } 1188 1189 $birthday_months = array( 1190 0 => '', 1191 1 => $lang->january, 1192 2 => $lang->february, 1193 3 => $lang->march, 1194 4 => $lang->april, 1195 5 => $lang->may, 1196 6 => $lang->june, 1197 7 => $lang->july, 1198 8 => $lang->august, 1199 9 => $lang->september, 1200 10 => $lang->october, 1201 11 => $lang->november, 1202 12 => $lang->december 1203 ); 1204 1205 $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day')); 1206 $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month')); 1207 $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0)); 1208 1209 $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday'); 1210 1211 // Output custom profile fields - optional 1212 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1213 1214 $form_container->end(); 1215 1216 1217 if($mybb->settings['allowaway'] != 0) 1218 { 1219 $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username'])); 1220 $awaycheck = array(false, true); 1221 if($mybb->input['away'] == 1) 1222 { 1223 $awaycheck = array(true, false); 1224 } 1225 $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away'); 1226 $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason'); 1227 1228 //Return date (we can use the arrays from birthday) 1229 $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day')); 1230 $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month')); 1231 $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0)); 1232 1233 $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date'); 1234 1235 $form_container->end(); 1236 } 1237 1238 $plugins->run_hooks("admin_user_users_edit_profile"); 1239 echo "</div>\n"; 1240 1241 // 1242 // ACCOUNT SETTINGS 1243 // 1244 1245 echo "<div id=\"tab_settings\">\n"; 1246 $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username'])); 1247 $login_options = array( 1248 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))), 1249 ); 1250 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1251 1252 if($mybb->get_input('pmnotice') > 1) 1253 { 1254 $mybb->input['pmnotice'] = 1; 1255 } 1256 1257 $messaging_options = array( 1258 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))), 1259 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))), 1260 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))), 1261 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))), 1262 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))), 1263 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))), 1264 $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))), 1265 $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))), 1266 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod')) 1267 ); 1268 1269 // Allow plugins to add messaging options 1270 $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options); 1271 1272 // Output messaging options 1273 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1274 1275 $date_format_options = array($lang->use_default); 1276 foreach($date_formats as $key => $format) 1277 { 1278 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1279 } 1280 1281 $time_format_options = array($lang->use_default); 1282 foreach($time_formats as $key => $format) 1283 { 1284 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1285 } 1286 1287 $date_options = array( 1288 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')), 1289 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')), 1290 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')), 1291 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection')) 1292 ); 1293 1294 // Allow plugins to add date options 1295 $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options); 1296 1297 // Output date options 1298 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1299 1300 1301 $tpp_options = array($lang->use_default); 1302 if($mybb->settings['usertppoptions']) 1303 { 1304 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1305 if(is_array($explodedtpp)) 1306 { 1307 foreach($explodedtpp as $tpp) 1308 { 1309 if($tpp <= 0) continue; 1310 $tpp_options[$tpp] = $tpp; 1311 } 1312 } 1313 } 1314 1315 $thread_age_options = array( 1316 0 => $lang->use_default, 1317 1 => $lang->show_threads_last_day, 1318 5 => $lang->show_threads_last_5_days, 1319 10 => $lang->show_threads_last_10_days, 1320 20 => $lang->show_threads_last_20_days, 1321 50 => $lang->show_threads_last_50_days, 1322 75 => $lang->show_threads_last_75_days, 1323 100 => $lang->show_threads_last_100_days, 1324 365 => $lang->show_threads_last_year, 1325 9999 => $lang->show_all_threads 1326 ); 1327 1328 $forum_options = array( 1329 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')), 1330 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune')) 1331 ); 1332 1333 // Allow plugins to add forum options 1334 $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options); 1335 1336 // Output forum options 1337 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1338 1339 $ppp_options = array($lang->use_default); 1340 if($mybb->settings['userpppoptions']) 1341 { 1342 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1343 if(is_array($explodedppp)) 1344 { 1345 foreach($explodedppp as $ppp) 1346 { 1347 if($ppp <= 0) continue; 1348 $ppp_options[$ppp] = $ppp; 1349 } 1350 } 1351 } 1352 1353 $thread_options = array( 1354 $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))), 1355 $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))), 1356 $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))), 1357 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))), 1358 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))), 1359 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))), 1360 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')), 1361 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1362 ); 1363 1364 // Allow plugins to add thread options 1365 $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options); 1366 1367 // Output thread options 1368 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1369 1370 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1371 1372 $other_options = array( 1373 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))), 1374 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))), 1375 $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))), 1376 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true), 1377 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language')) 1378 ); 1379 1380 // Allow plugins to add other options 1381 $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options); 1382 1383 // Output other options 1384 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1385 1386 $form_container->end(); 1387 $plugins->run_hooks("admin_user_users_edit_settings"); 1388 echo "</div>\n"; 1389 1390 // 1391 // SIGNATURE EDITOR 1392 // 1393 $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%')); 1394 $sig_smilies = $lang->off; 1395 if($mybb->settings['sigsmilies'] == 1) 1396 { 1397 $sig_smilies = $lang->on; 1398 } 1399 $sig_mycode = $lang->off; 1400 if($mybb->settings['sigmycode'] == 1) 1401 { 1402 $sig_mycode = $lang->on; 1403 $signature_editor .= build_mycode_inserter("signature"); 1404 } 1405 $sig_html = $lang->off; 1406 if($mybb->settings['sightml'] == 1) 1407 { 1408 $sig_html = $lang->on; 1409 } 1410 $sig_imgcode = $lang->off; 1411 if($mybb->settings['sigimgcode'] == 1) 1412 { 1413 $sig_imgcode = $lang->on; 1414 } 1415 echo "<div id=\"tab_signature\">\n"; 1416 $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username'])); 1417 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1418 1419 $periods = array( 1420 "hours" => $lang->expire_hours, 1421 "days" => $lang->expire_days, 1422 "weeks" => $lang->expire_weeks, 1423 "months" => $lang->expire_months, 1424 "never" => $lang->expire_permanent 1425 ); 1426 1427 // Are we already suspending the signature? 1428 if($mybb->get_input('suspendsignature')) 1429 { 1430 $sig_checked = 1; 1431 1432 // Display how much time is left on the ban for the user to extend it 1433 if($user['suspendsigtime'] == "0") 1434 { 1435 // Permanent 1436 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1437 } 1438 else 1439 { 1440 // There's a limit to the suspension! 1441 $remaining = $user['suspendsigtime']-TIME_NOW; 1442 $expired = nice_time($remaining, array('seconds' => false)); 1443 1444 $color = 'inherit'; 1445 if($remaining < 3600) 1446 { 1447 $color = 'red'; 1448 } 1449 elseif($remaining < 86400) 1450 { 1451 $color = 'maroon'; 1452 } 1453 elseif($remaining < 604800) 1454 { 1455 $color = 'green'; 1456 } 1457 1458 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color); 1459 } 1460 $user_suspend_info = ' 1461 <tr> 1462 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1463 </tr>'; 1464 } 1465 else 1466 { 1467 $sig_checked = 0; 1468 $user_suspend_info = ''; 1469 } 1470 1471 $actions = ' 1472 <script type="text/javascript"> 1473 <!-- 1474 var sig_checked = "'.$sig_checked.'"; 1475 1476 function toggleAction() 1477 { 1478 if($("#suspend_action").is(\':visible\')) 1479 { 1480 $("#suspend_action").hide(); 1481 } 1482 else 1483 { 1484 $("#suspend_action").show(); 1485 } 1486 } 1487 // --> 1488 </script> 1489 1490 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1491 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1492 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1493 <table cellpadding="4">'.$user_suspend_info.' 1494 <tr> 1495 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1496 <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1497 </tr> 1498 </table> 1499 </dd> 1500 </dl> 1501 1502 <script type="text/javascript"> 1503 <!-- 1504 if(sig_checked == 0) 1505 { 1506 $("#suspend_action").hide(); 1507 } 1508 // --> 1509 </script>'; 1510 1511 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1512 1513 $signature_options = array( 1514 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1515 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1516 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1517 ); 1518 1519 $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options)); 1520 1521 $form_container->end(); 1522 $plugins->run_hooks("admin_user_users_edit_signatur"); 1523 echo "</div>\n"; 1524 1525 // 1526 // AVATAR MANAGER 1527 // 1528 echo "<div id=\"tab_avatar\">\n"; 1529 $table = new Table; 1530 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1531 1532 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1533 1534 $avatar_url = ''; 1535 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1536 { 1537 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1538 } 1539 elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar'])) 1540 { 1541 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1542 $avatar_url = $user['avatar']; 1543 } 1544 1545 if($errors) 1546 { 1547 if(isset($mybb->input['avatar_url'])) 1548 { 1549 $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']); 1550 } 1551 } 1552 1553 if($mybb->settings['maxavatardims'] != "") 1554 { 1555 list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 1556 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1557 } 1558 1559 if($mybb->settings['avatarsize']) 1560 { 1561 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1562 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1563 } 1564 1565 if($user['avatar']) 1566 { 1567 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1568 } 1569 1570 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1571 $table->construct_row(); 1572 1573 $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username'])); 1574 1575 // Custom avatar 1576 if($mybb->settings['avatarresizing'] == "auto") 1577 { 1578 $auto_resize = $lang->avatar_auto_resize; 1579 } 1580 else if($mybb->settings['avatarresizing'] == "user") 1581 { 1582 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1583 } 1584 $form_container = new FormContainer($lang->specify_custom_avatar); 1585 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1586 if($mybb->settings['allowremoteavatars']) 1587 { 1588 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1589 } 1590 $form_container->end(); 1591 $plugins->run_hooks("admin_user_users_edit_avatar"); 1592 echo "</div>\n"; 1593 1594 // 1595 // MODERATOR OPTIONS 1596 // 1597 $periods = array( 1598 "hours" => $lang->expire_hours, 1599 "days" => $lang->expire_days, 1600 "weeks" => $lang->expire_weeks, 1601 "months" => $lang->expire_months, 1602 "never" => $lang->expire_permanent 1603 ); 1604 1605 echo "<div id=\"tab_modoptions\">\n"; 1606 $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username'])); 1607 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1608 1609 // Mod posts 1610 // Generate check box 1611 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1612 1613 // Do we have any existing suspensions here? 1614 $existing_info = ''; 1615 if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors))) 1616 { 1617 $mybb->input['moderateposting'] = 1; 1618 if($user['moderationtime'] != 0) 1619 { 1620 $remaining = $user['moderationtime']-TIME_NOW; 1621 $expired = nice_time($remaining, array('seconds' => false)); 1622 1623 $color = 'inherit'; 1624 if($remaining < 3600) 1625 { 1626 $color = 'red'; 1627 } 1628 elseif($remaining < 86400) 1629 { 1630 $color = 'maroon'; 1631 } 1632 elseif($remaining < 604800) 1633 { 1634 $color = 'green'; 1635 } 1636 1637 $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color); 1638 } 1639 else 1640 { 1641 $existing_info = $lang->moderated_perm; 1642 } 1643 } 1644 1645 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>'; 1646 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username'])); 1647 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div); 1648 1649 // Suspend posts 1650 // Generate check box 1651 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period')); 1652 1653 // Do we have any existing suspensions here? 1654 if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors))) 1655 { 1656 $mybb->input['suspendposting'] = 1; 1657 1658 if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never") 1659 { 1660 $existing_info = $lang->suspended_perm; 1661 } 1662 else 1663 { 1664 $remaining = $user['suspensiontime']-TIME_NOW; 1665 $suspost_date = nice_time($remaining, array('seconds' => false)); 1666 1667 $color = 'inherit'; 1668 if($remaining < 3600) 1669 { 1670 $color = 'red'; 1671 } 1672 elseif($remaining < 86400) 1673 { 1674 $color = 'maroon'; 1675 } 1676 elseif($remaining < 604800) 1677 { 1678 $color = 'green'; 1679 } 1680 1681 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color); 1682 } 1683 } 1684 1685 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>'; 1686 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username'])); 1687 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div); 1688 1689 1690 $form_container->end(); 1691 $plugins->run_hooks("admin_user_users_edit_moderator_options"); 1692 echo "</div>\n"; 1693 1694 $plugins->run_hooks("admin_user_users_edit_graph"); 1695 1696 $buttons[] = $form->generate_submit_button($lang->save_user); 1697 $form->output_submit_wrapper($buttons); 1698 1699 $form->end(); 1700 1701 echo '<script type="text/javascript"> 1702 <!-- 1703 1704 function toggleBox(action) 1705 { 1706 if(action == "modpost") 1707 { 1708 $("#suspendposting").attr("checked", false); 1709 $("#suspost").hide(); 1710 1711 if($("#moderateposting").is(":checked") == true) 1712 { 1713 $("#modpost").show(); 1714 } 1715 else if($("#moderateposting").is(":checked") == false) 1716 { 1717 $("#modpost").hide(); 1718 } 1719 } 1720 else if(action == "suspost") 1721 { 1722 $("#moderateposting").attr("checked", false); 1723 $("#modpost").hide(); 1724 1725 if($("#suspendposting").is(":checked") == true) 1726 { 1727 $("#suspost").show(); 1728 } 1729 else if($("#suspendposting").is(":checked") == false) 1730 { 1731 $("#suspost").hide(); 1732 } 1733 } 1734 } 1735 1736 if($("#moderateposting").is(":checked") == false) 1737 { 1738 $("#modpost").hide(); 1739 } 1740 else 1741 { 1742 $("#modpost").show(); 1743 } 1744 1745 if($("#suspendposting").is(":checked") == false) 1746 { 1747 $("#suspost").hide(); 1748 } 1749 else 1750 { 1751 $("#suspost").show(); 1752 } 1753 1754 // --> 1755 </script>'; 1756 1757 $page->output_footer(); 1758 } 1759 1760 if($mybb->input['action'] == "delete") 1761 { 1762 $user = get_user($mybb->input['uid']); 1763 1764 // Does the user not exist? 1765 if(!$user) 1766 { 1767 flash_message($lang->error_invalid_user, 'error'); 1768 admin_redirect("index.php?module=user-users"); 1769 } 1770 1771 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1772 { 1773 flash_message($lang->error_no_perms_super_admin, 'error'); 1774 admin_redirect("index.php?module=user-users"); 1775 } 1776 1777 // User clicked no 1778 if($mybb->get_input('no')) 1779 { 1780 admin_redirect("index.php?module=user-users"); 1781 } 1782 1783 $plugins->run_hooks("admin_user_users_delete"); 1784 1785 if($mybb->request_method == "post") 1786 { 1787 $plugins->run_hooks("admin_user_users_delete_commit"); 1788 1789 // Set up user handler. 1790 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1791 $userhandler = new UserDataHandler('delete'); 1792 1793 // Delete the user 1794 if(!$userhandler->delete_user($user['uid'])) 1795 { 1796 flash_message($lang->error_cannot_delete_user, 'error'); 1797 admin_redirect("index.php?module=user-users"); 1798 } 1799 1800 $cache->update_awaitingactivation(); 1801 1802 $plugins->run_hooks("admin_user_users_delete_commit_end"); 1803 1804 log_admin_action($user['uid'], $user['username']); 1805 1806 flash_message($lang->success_user_deleted, 'success'); 1807 admin_redirect("index.php?module=user-users"); 1808 } 1809 else 1810 { 1811 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1812 } 1813 } 1814 1815 if($mybb->input['action'] == "referrers") 1816 { 1817 $page->add_breadcrumb_item($lang->show_referrers); 1818 $page->output_header($lang->show_referrers); 1819 1820 $sub_tabs['referrers'] = array( 1821 'title' => $lang->show_referrers, 1822 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1823 'description' => $lang->show_referrers_desc 1824 ); 1825 1826 $plugins->run_hooks("admin_user_users_referrers"); 1827 1828 $page->output_nav_tabs($sub_tabs, 'referrers'); 1829 1830 // Fetch default admin view 1831 $default_view = fetch_default_view("user"); 1832 if(!$default_view) 1833 { 1834 $default_view = "0"; 1835 } 1836 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1837 $admin_view = $db->fetch_array($query); 1838 1839 if(!empty($mybb->input['type'])) 1840 { 1841 $admin_view['view_type'] = $mybb->input['type']; 1842 } 1843 1844 $admin_view['conditions'] = my_unserialize($admin_view['conditions']); 1845 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1846 1847 $view = build_users_view($admin_view); 1848 1849 // No referred users 1850 if(!$view) 1851 { 1852 $table = new Table; 1853 $table->construct_cell($lang->error_no_referred_users); 1854 $table->construct_row(); 1855 $table->output($lang->show_referrers); 1856 } 1857 else 1858 { 1859 echo $view; 1860 } 1861 1862 $page->output_footer(); 1863 } 1864 1865 if($mybb->input['action'] == "ipaddresses") 1866 { 1867 $page->add_breadcrumb_item($lang->ip_addresses); 1868 $page->output_header($lang->ip_addresses); 1869 1870 $sub_tabs['ipaddresses'] = array( 1871 'title' => $lang->show_ip_addresses, 1872 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1873 'description' => $lang->show_ip_addresses_desc 1874 ); 1875 1876 $plugins->run_hooks("admin_user_users_ipaddresses"); 1877 1878 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1879 1880 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1881 $user = $db->fetch_array($query); 1882 1883 // Log admin action 1884 log_admin_action($user['uid'], $user['username']); 1885 1886 $table = new Table; 1887 1888 $table->construct_header($lang->ip_address); 1889 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1890 1891 if(empty($user['lastip'])) 1892 { 1893 $user['lastip'] = $lang->unknown; 1894 $controls = ''; 1895 } 1896 else 1897 { 1898 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 1899 $popup = new PopupMenu("user_last", $lang->options); 1900 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&action=search&results=1&conditions[regip]=".$user['lastip']); 1901 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['lastip']); 1902 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}', null, true); return false;"); 1903 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1904 $controls = $popup->fetch(); 1905 } 1906 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']); 1907 $table->construct_cell($controls, array('class' => "align_center")); 1908 $table->construct_row(); 1909 1910 if(empty($user['regip'])) 1911 { 1912 $user['regip'] = $lang->unknown; 1913 $controls = ''; 1914 } 1915 else 1916 { 1917 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 1918 $popup = new PopupMenu("user_reg", $lang->options); 1919 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$user['regip']); 1920 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['regip']); 1921 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}', null, true); return false;"); 1922 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1923 $controls = $popup->fetch(); 1924 } 1925 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']); 1926 $table->construct_cell($controls, array('class' => "align_center")); 1927 $table->construct_row(); 1928 1929 $counter = 0; 1930 1931 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1932 while($ip = $db->fetch_array($query)) 1933 { 1934 ++$counter; 1935 $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress'])); 1936 $popup = new PopupMenu("id_{$counter}", $lang->options); 1937 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$ip['ipaddress']); 1938 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$ip['ipaddress']); 1939 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;"); 1940 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1941 $controls = $popup->fetch(); 1942 1943 $table->construct_cell($ip['ipaddress']); 1944 $table->construct_cell($controls, array('class' => "align_center")); 1945 $table->construct_row(); 1946 } 1947 1948 $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username'])); 1949 1950 $page->output_footer(); 1951 } 1952 1953 if($mybb->input['action'] == "merge") 1954 { 1955 $plugins->run_hooks("admin_user_users_merge"); 1956 1957 if($mybb->request_method == "post") 1958 { 1959 foreach(array('source', 'destination') as $target) 1960 { 1961 ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*')); 1962 if(empty(${$target.'_user'}['uid'])) 1963 { 1964 $errors[] = $lang->{'error_invalid_user_'.$target}; 1965 } 1966 } 1967 1968 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1969 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1970 { 1971 flash_message($lang->error_no_perms_super_admin, 'error'); 1972 admin_redirect("index.php?module=user-users"); 1973 } 1974 1975 if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid'])) 1976 { 1977 $errors[] = $lang->error_cannot_merge_same_account; 1978 } 1979 1980 if(empty($errors)) 1981 { 1982 // Begin to merge the accounts 1983 $uid_update = array( 1984 "uid" => $destination_user['uid'] 1985 ); 1986 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1987 $existing_admin_options = $db->fetch_field($query, "uid"); 1988 1989 // Only carry over admin options/permissions if we don't already have them 1990 if(!$existing_admin_options) 1991 { 1992 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1993 } 1994 1995 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1996 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1997 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1998 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1999 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 2000 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 2001 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 2002 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 2003 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 2004 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 2005 $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'"); 2006 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 2007 $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'"); 2008 $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'"); 2009 $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'"); 2010 2011 // Thread ratings 2012 merge_thread_ratings($source_user['uid'], $destination_user['uid']); 2013 2014 // Banning 2015 switch($db->type) 2016 { 2017 case 'mysql': 2018 case 'mysqli': 2019 $where = "`admin` = '{$source_user['uid']}'"; 2020 break; 2021 default: 2022 $where = "admin = '{$source_user['uid']}'"; 2023 break; 2024 } 2025 $db->update_query("banned", array('admin' => $destination_user['uid']), $where); 2026 2027 // Carry over referrals 2028 $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'"); 2029 // If destination user has no referrer but source does and source user was not referred by destination user 2030 // or destination user was referred by the source user 2031 if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid']) 2032 { 2033 $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'"); 2034 } 2035 $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'"); 2036 $new_referrals = $db->fetch_field($query, "total_referrals"); 2037 $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'"); 2038 2039 // Merging Reputation 2040 // First, let's change all the details over to our new user... 2041 $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'"); 2042 $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'"); 2043 2044 // Now that all the repuation is merged, figure out what to do with this user's comments... 2045 $options = array( 2046 "order_by" => "uid", 2047 "order_dir" => "ASC" 2048 ); 2049 2050 $to_remove = array(); 2051 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options); 2052 while($rep = $db->fetch_array($query)) 2053 { 2054 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 2055 { 2056 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 2057 $to_remove[] = $rep['rid']; 2058 } 2059 2060 // Remove comments or posts liked by "me" 2061 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 2062 { 2063 if(!in_array($rep['rid'], $to_remove)) 2064 { 2065 $to_remove[] = $rep['rid']; 2066 continue; 2067 } 2068 } 2069 2070 $last_result = array( 2071 "rid" => $rep['rid'], 2072 "uid" => $rep['uid'] 2073 ); 2074 } 2075 2076 // Remove any reputations we've selected to remove... 2077 if(!empty($to_remove)) 2078 { 2079 $imp = implode(",", $to_remove); 2080 $db->delete_query("reputation", "rid IN (".$imp.")"); 2081 } 2082 2083 // Calculate the new reputation for this user... 2084 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 2085 $total_reputation = $db->fetch_field($query, "total_rep"); 2086 2087 $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'"); 2088 2089 // Calculate warning points 2090 $query = $db->query(" 2091 SELECT SUM(points) as warn_lev 2092 FROM ".TABLE_PREFIX."warnings 2093 WHERE uid='{$source_user['uid']}' AND expired='0' 2094 "); 2095 $original_warn_level = $db->fetch_field($query, "warn_lev"); 2096 2097 $query = $db->query(" 2098 SELECT SUM(points) as warn_lev 2099 FROM ".TABLE_PREFIX."warnings 2100 WHERE uid='{$destination_user['uid']}' AND expired='0' 2101 "); 2102 $new_warn_level = $db->fetch_field($query, "warn_lev"); 2103 $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'"); 2104 2105 // Additional updates for non-uid fields 2106 $last_poster = array( 2107 "lastposteruid" => $destination_user['uid'], 2108 "lastposter" => $db->escape_string($destination_user['username']) 2109 ); 2110 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2111 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2112 $edit_uid = array( 2113 "edituid" => $destination_user['uid'] 2114 ); 2115 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 2116 2117 $from_uid = array( 2118 "fromid" => $destination_user['uid'] 2119 ); 2120 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 2121 $to_uid = array( 2122 "toid" => $destination_user['uid'] 2123 ); 2124 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 2125 2126 // Buddy/ignore lists 2127 $destination_buddies = explode(',', $destination_user['buddylist']); 2128 $source_buddies = explode(',', $source_user['buddylist']); 2129 $buddies = array_unique(array_merge($source_buddies, $destination_buddies)); 2130 // Make sure the new buddy list doesn't contain either users 2131 $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid'])); 2132 2133 $destination_ignored = explode(',', $destination_user['ignorelist']); 2134 $source_ignored = explode(',', $destination_user['ignorelist']); 2135 $ignored = array_unique(array_merge($source_ignored, $destination_ignored)); 2136 // ... and the same for the new ignore list 2137 $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid'])); 2138 2139 // Remove any ignored users from the buddy list 2140 $buddies = array_diff($buddies_array, $ignored_array); 2141 // implode the arrays so we get a nice neat list for each 2142 $buddies = trim(implode(',', $buddies), ','); 2143 $ignored = trim(implode(',', $ignored_array), ','); 2144 2145 $lists = array( 2146 "buddylist" => $buddies, 2147 "ignorelist" => $ignored 2148 ); 2149 $db->update_query("users", $lists, "uid='{$destination_user['uid']}'"); 2150 2151 // Get a list of forums where post count doesn't apply 2152 $fids = array(); 2153 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 2154 while($fid = $db->fetch_field($query, "fid")) 2155 { 2156 $fids[] = $fid; 2157 } 2158 2159 $fids_not_in = ''; 2160 if(!empty($fids)) 2161 { 2162 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 2163 } 2164 2165 // Update user post count 2166 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2167 $num = $db->fetch_array($query); 2168 $updated_count = array( 2169 "postnum" => $num['postnum'] 2170 ); 2171 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2172 2173 // Update user thread count 2174 $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2175 $num = $db->fetch_array($query); 2176 $updated_count = array( 2177 "threadnum" => $num['threadnum'] 2178 ); 2179 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2180 2181 // Use the earliest registration date 2182 if($destination_user['regdate'] > $source_user['regdate']) 2183 { 2184 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 2185 } 2186 2187 $plugins->run_hooks("admin_user_users_merge_commit"); 2188 2189 // Set up user handler. 2190 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2191 $userhandler = new UserDataHandler('delete'); 2192 2193 // Delete the old user 2194 $userhandler->delete_user($source_user['uid']); 2195 2196 $cache->update_awaitingactivation(); 2197 2198 // Log admin action 2199 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 2200 2201 // Redirect! 2202 $username = htmlspecialchars_uni($source_user['username']); 2203 $destination_username = htmlspecialchars_uni($destination_user['username']); 2204 flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success"); 2205 admin_redirect("index.php?module=user-users"); 2206 exit; 2207 } 2208 } 2209 2210 $page->add_breadcrumb_item($lang->merge_users); 2211 $page->output_header($lang->merge_users); 2212 2213 $page->output_nav_tabs($sub_tabs, 'merge_users'); 2214 2215 // If we have any error messages, show them 2216 if($errors) 2217 { 2218 $page->output_inline_error($errors); 2219 } 2220 2221 $form = new Form("index.php?module=user-users&action=merge", "post"); 2222 2223 $form_container = new FormContainer($lang->merge_users); 2224 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username'); 2225 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username'); 2226 $form_container->end(); 2227 2228 // Autocompletion for usernames 2229 echo ' 2230 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 2231 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 2232 <script type="text/javascript"> 2233 <!-- 2234 $("#source_username").select2({ 2235 placeholder: "'.$lang->search_for_a_user.'", 2236 minimumInputLength: 2, 2237 multiple: false, 2238 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2239 url: "../xmlhttp.php?action=get_users", 2240 dataType: \'json\', 2241 data: function (term, page) { 2242 return { 2243 query: term // search term 2244 }; 2245 }, 2246 results: function (data, page) { // parse the results into the format expected by Select2. 2247 // since we are using custom formatting functions we do not need to alter remote JSON data 2248 return {results: data}; 2249 } 2250 }, 2251 initSelection: function(element, callback) { 2252 var query = $(element).val(); 2253 if (query !== "") { 2254 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2255 data: { 2256 query: query 2257 }, 2258 dataType: "json" 2259 }).done(function(data) { callback(data); }); 2260 } 2261 } 2262 }); 2263 $("#destination_username").select2({ 2264 placeholder: "'.$lang->search_for_a_user.'", 2265 minimumInputLength: 2, 2266 multiple: false, 2267 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2268 url: "../xmlhttp.php?action=get_users", 2269 dataType: \'json\', 2270 data: function (term, page) { 2271 return { 2272 query: term // search term 2273 }; 2274 }, 2275 results: function (data, page) { // parse the results into the format expected by Select2. 2276 // since we are using custom formatting functions we do not need to alter remote JSON data 2277 return {results: data}; 2278 } 2279 }, 2280 initSelection: function(element, callback) { 2281 var query = $(element).val(); 2282 if (query !== "") { 2283 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2284 data: { 2285 query: query 2286 }, 2287 dataType: "json" 2288 }).done(function(data) { callback(data); }); 2289 } 2290 } 2291 }); 2292 // --> 2293 </script>'; 2294 2295 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 2296 $form->output_submit_wrapper($buttons); 2297 $form->end(); 2298 2299 $page->output_footer(); 2300 } 2301 2302 if($mybb->input['action'] == "search") 2303 { 2304 $plugins->run_hooks("admin_user_users_search"); 2305 2306 if($mybb->request_method == "post" || $mybb->get_input('results') == 1) 2307 { 2308 // Build view options from incoming search options 2309 if($mybb->get_input('vid')) 2310 { 2311 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 2312 $admin_view = $db->fetch_array($query); 2313 // View does not exist or this view is private and does not belong to the current user 2314 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2315 { 2316 unset($admin_view); 2317 } 2318 } 2319 2320 if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')]) 2321 { 2322 $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')]; 2323 unset($admin_view['extra_sql']); 2324 } 2325 2326 // Don't have a view? Fetch the default 2327 if(!isset($admin_view) || !$admin_view['vid']) 2328 { 2329 $default_view = fetch_default_view("user"); 2330 if(!$default_view) 2331 { 2332 $default_view = "0"; 2333 } 2334 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2335 $admin_view = $db->fetch_array($query); 2336 } 2337 2338 // Override specific parts of the view 2339 unset($admin_view['vid']); 2340 2341 if($mybb->get_input('type')) 2342 { 2343 $admin_view['view_type'] = $mybb->get_input('type'); 2344 } 2345 2346 if(!empty($mybb->input['conditions'])) 2347 { 2348 $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY); 2349 } 2350 2351 if($mybb->get_input('sortby')) 2352 { 2353 $admin_view['sortby'] = $mybb->get_input('sortby'); 2354 } 2355 2356 if($mybb->get_input('perpage', MyBB::INPUT_INT)) 2357 { 2358 $admin_view['perpage'] = $mybb->get_input('perpage'); 2359 } 2360 2361 if($mybb->get_input('order')) 2362 { 2363 $admin_view['sortorder'] = $mybb->get_input('order'); 2364 } 2365 2366 if($mybb->get_input('displayas')) 2367 { 2368 $admin_view['view_type'] = $mybb->get_input('displayas'); 2369 } 2370 2371 if(!empty($mybb->input['profile_fields'])) 2372 { 2373 $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 2374 } 2375 2376 $plugins->run_hooks("admin_user_users_search_commit"); 2377 2378 $results = build_users_view($admin_view); 2379 2380 if($results) 2381 { 2382 $page->output_header($lang->find_users); 2383 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2384 $page->output_nav_tabs($sub_tabs, 'find_users'); 2385 echo $results; 2386 $page->output_footer(); 2387 } 2388 else 2389 { 2390 if($mybb->get_input('from') == "home") 2391 { 2392 flash_message($lang->error_no_users_found, 'error'); 2393 admin_redirect("index.php"); 2394 exit; 2395 } 2396 else 2397 { 2398 $errors[] = $lang->error_no_users_found; 2399 } 2400 } 2401 } 2402 2403 $page->add_breadcrumb_item($lang->find_users); 2404 $page->output_header($lang->find_users); 2405 2406 $page->output_nav_tabs($sub_tabs, 'find_users'); 2407 2408 // If we have any error messages, show them 2409 if($errors) 2410 { 2411 $page->output_inline_error($errors); 2412 } 2413 2414 if(!$mybb->get_input('displayas')) 2415 { 2416 $mybb->input['displayas'] = "card"; 2417 } 2418 2419 $form = new Form("index.php?module=user-users&action=search", "post"); 2420 2421 user_search_conditions($mybb->input, $form); 2422 2423 $form_container = new FormContainer($lang->display_options); 2424 $sort_directions = array( 2425 "asc" => $lang->ascending, 2426 "desc" => $lang->descending 2427 ); 2428 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby'); 2429 $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage'); 2430 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false)))); 2431 $form_container->end(); 2432 2433 $buttons[] = $form->generate_submit_button($lang->find_users); 2434 $form->output_submit_wrapper($buttons); 2435 $form->end(); 2436 2437 $page->output_footer(); 2438 } 2439 2440 if($mybb->input['action'] == "inline_edit") 2441 { 2442 $plugins->run_hooks("admin_user_users_inline"); 2443 2444 if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view'])) 2445 { 2446 // We have a custom view 2447 if(empty($mybb->cookies['acp_view'])) 2448 { 2449 // Set a cookie 2450 my_setcookie("acp_view", $mybb->input['vid'], 60); 2451 } 2452 else 2453 { 2454 // We already have a cookie, so let's use it... 2455 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2456 } 2457 2458 $vid_url = "&vid=".$mybb->get_input('vid'); 2459 } 2460 else 2461 { 2462 $vid_url = null; 2463 } 2464 2465 // First, collect the user IDs that we're performing the moderation on 2466 $selected = array(); 2467 if(isset($mybb->cookies['inlinemod_useracp'])) 2468 { 2469 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2470 foreach($ids as $id) 2471 { 2472 if($id != '') 2473 { 2474 $selected[] = (int)$id; 2475 } 2476 } 2477 } 2478 2479 // Verify incoming POST request 2480 if(!verify_post_check($mybb->get_input('my_post_key'))) 2481 { 2482 flash_message($lang->invalid_post_verify_key2, 'error'); 2483 admin_redirect("index.php?module=user-user"); 2484 } 2485 $sub_tabs['manage_users'] = array( 2486 "title" => $lang->manage_users, 2487 "link" => "./", 2488 "description" => $lang->manage_users_desc 2489 ); 2490 $page->add_breadcrumb_item($lang->manage_users); 2491 2492 if(empty($selected)) 2493 { 2494 // Not selected any users, show error 2495 flash_message($lang->error_inline_no_users_selected, 'error'); 2496 admin_redirect("index.php?module=user-users".$vid_url); 2497 } 2498 2499 switch($mybb->input['inline_action']) 2500 { 2501 case 'multiactivate': 2502 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2503 if(is_array($selected)) 2504 { 2505 $sql_array = implode(",", $selected); 2506 $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")"); 2507 $user_mail_data = array(); 2508 while($user = $db->fetch_array($query)) 2509 { 2510 $to_update[] = $user['uid']; 2511 $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']); 2512 } 2513 } 2514 2515 $plugins->run_hooks("admin_user_multiactivate", $to_update); 2516 2517 if(isset($to_update) && is_array($to_update)) 2518 { 2519 $sql_array = implode(",", $to_update); 2520 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2521 2522 $cache->update_awaitingactivation(); 2523 2524 // send activation mail 2525 foreach($user_mail_data as $mail_data) 2526 { 2527 $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 2528 my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 2529 } 2530 2531 // Action complete, grab stats and show success message - redirect user 2532 $to_update_count = count($to_update); 2533 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2534 2535 if(is_array($selected) && $to_update_count != count($selected)) 2536 { 2537 // The update count is different to how many we selected! 2538 $not_updated_count = count($selected) - $to_update_count; 2539 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2540 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2541 } 2542 2543 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2544 log_admin_action($to_update_count); // Add to adminlog 2545 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2546 2547 flash_message($lang->inline_activated, 'success'); 2548 admin_redirect("index.php?module=user-users".$vid_url); 2549 } 2550 else 2551 { 2552 // Nothing was updated, show an error 2553 flash_message($lang->inline_activated_failed, 'error'); 2554 admin_redirect("index.php?module=user-users".$vid_url); 2555 } 2556 break; 2557 case 'multilift': 2558 // Get the users that are banned, and check that they have been selected 2559 if($mybb->get_input('no')) 2560 { 2561 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2562 } 2563 2564 if($mybb->request_method == "post") 2565 { 2566 $sql_array = implode(",", $selected); 2567 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2568 $to_be_unbanned = $db->num_rows($query); 2569 while($ban = $db->fetch_array($query)) 2570 { 2571 $updated_group = array( 2572 "usergroup" => $ban['oldgroup'], 2573 "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']), 2574 "displaygroup" => $ban['olddisplaygroup'] 2575 ); 2576 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2577 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2578 } 2579 2580 $cache->update_moderators(); 2581 2582 $mybb->input['action'] = "inline_lift"; 2583 log_admin_action($to_be_unbanned); 2584 my_unsetcookie("inlinemod_useracp"); 2585 2586 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2587 flash_message($lang->success_ban_lifted, 'success'); 2588 admin_redirect("index.php?module=user-users".$vid_url); 2589 } 2590 else 2591 { 2592 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2593 } 2594 2595 break; 2596 case 'multiban': 2597 if($mybb->input['processed'] == 1) 2598 { 2599 // We've posted ban information! 2600 // Build an array of users to ban, =D 2601 $sql_array = implode(",", $selected); 2602 // Build a cache array for this users that have been banned already 2603 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2604 while($user = $db->fetch_array($query)) 2605 { 2606 $bannedcache[] = "u_".$user['uid']; 2607 } 2608 2609 // Collect the users 2610 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2611 2612 if($mybb->input['bantime'] == '---') 2613 { 2614 $lifted = 0; 2615 } 2616 else 2617 { 2618 $lifted = ban_date2timestamp($mybb->input['bantime']); 2619 } 2620 2621 $reason = my_substr($mybb->input['reason'], 0, 255); 2622 2623 $banned_count = 0; 2624 while($user = $db->fetch_array($query)) 2625 { 2626 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2627 { 2628 // We remove ourselves and Super Admins from the mix 2629 continue; 2630 } 2631 2632 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2633 { 2634 // User already has a ban, update it! 2635 $update_array = array( 2636 "admin" => (int)$mybb->user['uid'], 2637 "dateline" => TIME_NOW, 2638 "bantime" => $db->escape_string($mybb->input['bantime']), 2639 "lifted" => $db->escape_string($lifted), 2640 "reason" => $db->escape_string($reason) 2641 ); 2642 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2643 } 2644 else 2645 { 2646 // Not currently banned - insert the ban 2647 $insert_array = array( 2648 'uid' => $user['uid'], 2649 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 2650 'oldgroup' => $user['usergroup'], 2651 'oldadditionalgroups' => $db->escape_string($user['additionalgroups']), 2652 'olddisplaygroup' => $user['displaygroup'], 2653 'admin' => (int)$mybb->user['uid'], 2654 'dateline' => TIME_NOW, 2655 'bantime' => $db->escape_string($mybb->input['bantime']), 2656 'lifted' => $db->escape_string($lifted), 2657 'reason' => $db->escape_string($reason) 2658 ); 2659 $db->insert_query('banned', $insert_array); 2660 } 2661 2662 // Moved the user to the 'Banned' Group 2663 $update_array = array( 2664 'usergroup' => 7, 2665 'displaygroup' => 0, 2666 'additionalgroups' => '', 2667 ); 2668 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2669 2670 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2671 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2672 2673 ++$banned_count; 2674 } 2675 $mybb->input['action'] = "inline_banned"; 2676 log_admin_action($banned_count, $lifted); 2677 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2678 2679 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2680 flash_message($lang->users_banned, 'success'); 2681 admin_redirect("index.php?module=user-users".$vid_url); 2682 } 2683 2684 $page->output_header($lang->manage_users); 2685 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2686 2687 // Provide the user with a warning of what they're about to do 2688 $table = new Table; 2689 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2690 $table->construct_cell($lang->mass_ban_info); 2691 $table->construct_row(); 2692 $table->output($lang->important); 2693 2694 // If there's any errors, display inline 2695 if($errors) 2696 { 2697 $page->output_inline_error($errors); 2698 } 2699 2700 $form = new Form("index.php?module=user-users", "post"); 2701 echo $form->generate_hidden_field('action', 'inline_edit'); 2702 echo $form->generate_hidden_field('inline_action', 'multiban'); 2703 echo $form->generate_hidden_field('processed', '1'); 2704 2705 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2706 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason'); 2707 $ban_times = fetch_ban_times(); 2708 foreach($ban_times as $time => $period) 2709 { 2710 if($time != '---') 2711 { 2712 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 2713 $period = "{$period} ({$friendly_time})"; 2714 } 2715 $length_list[$time] = $period; 2716 } 2717 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 2718 $form_container->end(); 2719 2720 $buttons[] = $form->generate_submit_button($lang->ban_users); 2721 $form->output_submit_wrapper($buttons); 2722 $form->end(); 2723 $page->output_footer(); 2724 break; 2725 case 'multidelete': 2726 if($mybb->get_input('no')) 2727 { 2728 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2729 } 2730 else 2731 { 2732 if($mybb->input['processed'] == 1) 2733 { 2734 // Set up user handler. 2735 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2736 $userhandler = new UserDataHandler('delete'); 2737 2738 // Delete users 2739 $deleted = $userhandler->delete_user($selected); 2740 $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users 2741 2742 // Update forum stats, remove the cookie and redirect the user 2743 my_unsetcookie("inlinemod_useracp"); 2744 $mybb->input['action'] = "inline_delete"; 2745 log_admin_action($to_be_deleted); 2746 2747 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2748 2749 $cache->update_awaitingactivation(); 2750 2751 flash_message($lang->users_deleted, 'success'); 2752 admin_redirect("index.php?module=user-users".$vid_url); 2753 } 2754 2755 $to_be_deleted = count($selected); 2756 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2757 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2758 } 2759 break; 2760 case 'multiprune': 2761 if($mybb->input['processed'] == 1) 2762 { 2763 if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set']) 2764 { 2765 $errors[] = $lang->multi_selected_dates; 2766 } 2767 2768 $day = $mybb->get_input('day', MyBB::INPUT_INT); 2769 $month = $mybb->get_input('month', MyBB::INPUT_INT); 2770 $year = $mybb->get_input('year', MyBB::INPUT_INT); 2771 2772 // Selected a date - check if the date the user entered is valid 2773 if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) 2774 { 2775 // Is the date sort of valid? 2776 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2777 { 2778 $errors[] = $lang->incorrect_date; 2779 } 2780 2781 // Check the month 2782 $months = get_bdays($year); 2783 if($day > $months[$month-1]) 2784 { 2785 $errors[] = $lang->incorrect_date; 2786 } 2787 2788 // Check the year 2789 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2790 { 2791 $errors[] = $lang->incorrect_date; 2792 } 2793 2794 if(!$errors) 2795 { 2796 // No errors, so let's continue and set the date to delete from 2797 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2798 } 2799 } 2800 elseif($mybb->input['set'] > 0) 2801 { 2802 // Set options 2803 // For this purpose, 1 month = 31 days 2804 $base_time = 24 * 60 * 60; 2805 2806 switch($mybb->input['set']) 2807 { 2808 case '1': 2809 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2810 break; 2811 case '2': 2812 $threshold = $base_time * 93; // 3 months = 31 days * 3 2813 break; 2814 case '3': 2815 $threshold = $base_time * 183; // 6 months = 365 days / 2 2816 break; 2817 case '4': 2818 $threshold = $base_time * 365; // 1 year = 365 days 2819 break; 2820 case '5': 2821 $threshold = $base_time * 548; // 18 months = 365 + 183 2822 break; 2823 case '6': 2824 $threshold = $base_time * 730; // 2 years = 365 * 2 2825 break; 2826 } 2827 2828 if(!$threshold) 2829 { 2830 // An option was entered that isn't in the dropdown box 2831 $errors[] = $lang->no_set_option; 2832 } 2833 else 2834 { 2835 $date = TIME_NOW - $threshold; 2836 } 2837 } 2838 else 2839 { 2840 $errors[] = $lang->no_prune_option; 2841 } 2842 2843 if(!$errors) 2844 { 2845 $sql_array = implode(",", $selected); 2846 $prune_array = array(); 2847 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2848 while($user = $db->fetch_array($query)) 2849 { 2850 // Protect Super Admins 2851 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2852 { 2853 continue; 2854 } 2855 2856 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2857 if($return_array && is_array($return_array)) 2858 { 2859 $prune_array = array_merge_recursive($prune_array, $return_array); 2860 } 2861 } 2862 2863 $plugins->run_hooks("admin_user_multiprune_threads", $prune_array); 2864 2865 // No posts were found for the user, return error 2866 if(!is_array($prune_array) || count($prune_array) == 0) 2867 { 2868 flash_message($lang->prune_fail, 'error'); 2869 admin_redirect("index.php?module=user-users".$vid_url); 2870 } 2871 2872 // Require the rebuild functions 2873 require_once MYBB_ROOT.'/inc/functions.php'; 2874 require_once MYBB_ROOT.'/inc/functions_rebuild.php'; 2875 2876 // We've finished deleting user's posts, so let's delete the threads 2877 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2878 { 2879 foreach($prune_array['to_delete'] as $tid) 2880 { 2881 $db->delete_query("threads", "tid='$tid'"); 2882 $db->delete_query("threads", "closed='moved|$tid'"); 2883 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2884 $db->delete_query("polls", "tid='$tid'"); 2885 $db->delete_query("threadsread", "tid='$tid'"); 2886 $db->delete_query("threadratings", "tid='$tid'"); 2887 } 2888 } 2889 2890 // After deleting threads, rebuild the thread counters for the affected threads 2891 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2892 { 2893 $sql_array = implode(",", $prune_array['thread_update']); 2894 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2895 while($thread = $db->fetch_array($query)) 2896 { 2897 rebuild_thread_counters($thread['tid']); 2898 } 2899 } 2900 2901 // After updating thread counters, update the affected forum counters 2902 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2903 { 2904 $sql_array = implode(",", $prune_array['forum_update']); 2905 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2906 while($forum = $db->fetch_array($query)) 2907 { 2908 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2909 if($looped_forum == $forum['fid']) 2910 { 2911 continue; 2912 } 2913 $looped_forum = $forum['fid']; 2914 rebuild_forum_counters($forum['fid']); 2915 } 2916 } 2917 2918 //log_admin_action(); 2919 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2920 flash_message($lang->prune_complete, 'success'); 2921 admin_redirect("index.php?module=user-users".$vid_url); 2922 } 2923 } 2924 2925 $page->output_header($lang->manage_users); 2926 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2927 2928 // Display a table warning 2929 $table = new Table; 2930 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2931 $table->construct_cell($lang->mass_prune_info); 2932 $table->construct_row(); 2933 $table->output($lang->important); 2934 2935 if($errors) 2936 { 2937 $page->output_inline_error($errors); 2938 } 2939 2940 // Display the prune options 2941 $form = new Form("index.php?module=user-users", "post"); 2942 echo $form->generate_hidden_field('action', 'inline_edit'); 2943 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2944 echo $form->generate_hidden_field('processed', '1'); 2945 2946 $form_container = new FormContainer($lang->mass_prune_posts); 2947 2948 // Generate a list of days (1 - 31) 2949 $day_options = array(); 2950 $day_options[] = " "; 2951 for($i = 1; $i <= 31; ++$i) 2952 { 2953 $day_options[] = $i; 2954 } 2955 2956 // Generate a list of months (1 - 12) 2957 $month_options = array(); 2958 $month_options[] = " "; 2959 for($i = 1; $i <= 12; ++$i) 2960 { 2961 $string = "month_{$i}"; 2962 $month_options[] = $lang->$string; 2963 } 2964 $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']); 2965 $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']); 2966 $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0)); 2967 2968 $prune_select = $date_box.$month_box.$year_box; 2969 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2970 2971 // Generate the set date box 2972 $set_options = array(); 2973 $set_options[] = $lang->set_an_option; 2974 for($i = 1; $i <= 6; ++$i) 2975 { 2976 $string = "option_{$i}"; 2977 $set_options[] = $lang->$string; 2978 } 2979 2980 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set'); 2981 $form_container->end(); 2982 2983 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2984 $form->output_submit_wrapper($buttons); 2985 $form->end(); 2986 $page->output_footer(); 2987 break; 2988 case 'multiusergroup': 2989 if($mybb->get_input('processed', \MyBB::INPUT_INT) === 1) 2990 { 2991 // Determine additional usergroups 2992 if(is_array($mybb->input['additionalgroups'])) 2993 { 2994 foreach($mybb->input['additionalgroups'] as $key => $gid) 2995 { 2996 if($gid == $mybb->input['usergroup']) 2997 { 2998 unset($mybb->input['additionalgroups'][$key]); 2999 } 3000 } 3001 3002 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 3003 } 3004 else 3005 { 3006 $additionalgroups = ''; 3007 } 3008 3009 // Create an update array 3010 $update_array = array( 3011 "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT), 3012 "additionalgroups" => $additionalgroups, 3013 "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT) 3014 ); 3015 3016 // Create an admin_user_multiusergroup hook array 3017 $hook_params = array( 3018 "selected" => &$selected, 3019 "update_array" => &$update_array 3020 ); 3021 3022 $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params); 3023 3024 // Do the usergroup update for all those selected 3025 // If the a selected user is a super admin, don't update that user 3026 $users_to_update = array(); 3027 foreach($selected as $user) 3028 { 3029 if(!is_super_admin($user)) 3030 { 3031 $users_to_update[] = $user; 3032 } 3033 } 3034 3035 $to_update_count = count($users_to_update); 3036 if($to_update_count > 0) 3037 { 3038 // Update the users in the database 3039 $sql = implode(",", $users_to_update); 3040 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 3041 3042 // Redirect the admin... 3043 $mybb->input['action'] = "inline_usergroup"; 3044 log_admin_action($to_update_count); 3045 my_unsetcookie("inlinemod_useracp"); 3046 flash_message($lang->success_mass_usergroups, 'success'); 3047 admin_redirect("index.php?module=user-users".$vid_url); 3048 } 3049 else 3050 { 3051 // They tried to edit super admins! Uh-oh! 3052 $errors[] = $lang->no_usergroup_changed; 3053 } 3054 } 3055 3056 $page->output_header($lang->manage_users); 3057 $page->output_nav_tabs($sub_tabs, 'manage_users'); 3058 3059 // Display a table warning 3060 $table = new Table; 3061 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 3062 $table->construct_cell($lang->usergroup_info); 3063 $table->construct_row(); 3064 $table->output($lang->important); 3065 3066 if($errors) 3067 { 3068 $page->output_inline_error($errors); 3069 } 3070 3071 // Display the usergroup options 3072 $form = new Form("index.php?module=user-users", "post"); 3073 echo $form->generate_hidden_field('action', 'inline_edit'); 3074 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 3075 echo $form->generate_hidden_field('processed', '1'); 3076 3077 $form_container = new FormContainer($lang->mass_usergroups); 3078 3079 // Usergroups 3080 $display_group_options[0] = $lang->use_primary_user_group; 3081 $options = array(); 3082 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3083 while($usergroup = $db->fetch_array($query)) 3084 { 3085 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3086 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3087 } 3088 3089 if(!$mybb->get_input('additionalgroups', \MyBB::INPUT_ARRAY)) 3090 { 3091 $mybb->input['additionalgroups'] = explode(',', $mybb->get_input('additionalgroups')); 3092 } 3093 3094 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 3095 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 3096 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 3097 3098 $form_container->end(); 3099 3100 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 3101 $form->output_submit_wrapper($buttons); 3102 $form->end(); 3103 $page->output_footer(); 3104 break; 3105 } 3106 } 3107 3108 if(!$mybb->input['action']) 3109 { 3110 $plugins->run_hooks("admin_user_users_start"); 3111 3112 $page->output_header($lang->browse_users); 3113 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 3114 3115 $page->output_nav_tabs($sub_tabs, 'browse_users'); 3116 3117 if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) 3118 { 3119 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 3120 unset($admin_view['extra_sql']); 3121 } 3122 else 3123 { 3124 // Showing a specific view 3125 if(isset($mybb->input['vid'])) 3126 { 3127 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 3128 $admin_view = $db->fetch_array($query); 3129 // View does not exist or this view is private and does not belong to the current user 3130 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 3131 { 3132 unset($admin_view); 3133 } 3134 } 3135 3136 // Don't have a view? Fetch the default 3137 if(!isset($admin_view)) 3138 { 3139 $default_view = fetch_default_view("user"); 3140 if(!$default_view) 3141 { 3142 $default_view = "0"; 3143 } 3144 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 3145 $admin_view = $db->fetch_array($query); 3146 } 3147 } 3148 3149 // Fetch a list of all of the views for this user 3150 $popup = new PopupMenu("views", $lang->views); 3151 3152 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 3153 while($view = $db->fetch_array($query)) 3154 { 3155 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 3156 } 3157 $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views"); 3158 $admin_view['popup'] = $popup->fetch