[ Index ] |
PHP Cross Reference of MyBB 1.8.36 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 require_once MYBB_ROOT."inc/functions_upload.php"; 18 19 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 20 21 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 22 { 23 $sub_tabs['browse_users'] = array( 24 'title' => $lang->browse_users, 25 'link' => "index.php?module=user-users", 26 'description' => $lang->browse_users_desc 27 ); 28 29 $sub_tabs['find_users'] = array( 30 'title' => $lang->find_users, 31 'link' => "index.php?module=user-users&action=search", 32 'description' => $lang->find_users_desc 33 ); 34 35 $sub_tabs['create_user'] = array( 36 'title' => $lang->create_user, 37 'link' => "index.php?module=user-users&action=add", 38 'description' => $lang->create_user_desc 39 ); 40 41 $sub_tabs['merge_users'] = array( 42 'title' => $lang->merge_users, 43 'link' => "index.php?module=user-users&action=merge", 44 'description' => $lang->merge_users_desc 45 ); 46 } 47 48 $user_view_fields = array( 49 "avatar" => array( 50 "title" => $lang->avatar, 51 "width" => "24", 52 "align" => "" 53 ), 54 55 "username" => array( 56 "title" => $lang->username, 57 "width" => "", 58 "align" => "" 59 ), 60 61 "email" => array( 62 "title" => $lang->email, 63 "width" => "", 64 "align" => "center" 65 ), 66 67 "usergroup" => array( 68 "title" => $lang->primary_group, 69 "width" => "", 70 "align" => "center" 71 ), 72 73 "additionalgroups" => array( 74 "title" => $lang->additional_groups, 75 "width" => "", 76 "align" => "center" 77 ), 78 79 "regdate" => array( 80 "title" => $lang->registered, 81 "width" => "", 82 "align" => "center" 83 ), 84 85 "lastactive" => array( 86 "title" => $lang->last_active, 87 "width" => "", 88 "align" => "center" 89 ), 90 91 "postnum" => array( 92 "title" => $lang->post_count, 93 "width" => "", 94 "align" => "center" 95 ), 96 97 "threadnum" => array( 98 "title" => $lang->thread_count, 99 "width" => "", 100 "align" => "center" 101 ), 102 103 "reputation" => array( 104 "title" => $lang->reputation, 105 "width" => "", 106 "align" => "center" 107 ), 108 109 "warninglevel" => array( 110 "title" => $lang->warning_level, 111 "width" => "", 112 "align" => "center" 113 ), 114 115 "regip" => array( 116 "title" => $lang->registration_ip, 117 "width" => "", 118 "align" => "center" 119 ), 120 121 "lastip" => array( 122 "title" => $lang->last_known_ip, 123 "width" => "", 124 "align" => "center" 125 ), 126 127 "controls" => array( 128 "title" => $lang->controls, 129 "width" => "", 130 "align" => "center" 131 ) 132 ); 133 134 $sort_options = array( 135 "username" => $lang->username, 136 "regdate" => $lang->registration_date, 137 "lastactive" => $lang->last_active, 138 "numposts" => $lang->post_count, 139 "reputation" => $lang->reputation, 140 "warninglevel" => $lang->warning_level 141 ); 142 143 $plugins->run_hooks("admin_user_users_begin"); 144 145 // Initialise the views manager for user based views 146 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 147 if($mybb->input['action'] == "views") 148 { 149 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 150 } 151 152 if($mybb->input['action'] == 'iplookup') 153 { 154 $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); 155 $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); 156 $ipaddress_location = $lang->na; 157 $ipaddress_host_name = $lang->na; 158 $modcp_ipsearch_misc_info = ''; 159 if(!strstr($mybb->input['ipaddress'], "*")) 160 { 161 // Return GeoIP information if it is available to us 162 if(function_exists('geoip_record_by_name')) 163 { 164 $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); 165 if($ip_record) 166 { 167 $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name'])); 168 if($ip_record['city']) 169 { 170 $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city'])); 171 } 172 } 173 } 174 175 if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP)) 176 { 177 $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); 178 179 // gethostbyaddr returns the same ip on failure 180 if($ipaddress_host_name == $mybb->input['ipaddress']) 181 { 182 $ipaddress_host_name = $lang->na; 183 } 184 } 185 } 186 187 ?> 188 <div class="modal"> 189 <div style="overflow-y: auto; max-height: 400px;"> 190 191 <?php 192 193 $table = new Table(); 194 195 $table->construct_cell($lang->ipaddress_host_name.":"); 196 $table->construct_cell($ipaddress_host_name); 197 $table->construct_row(); 198 199 $table->construct_cell($lang->ipaddress_location.":"); 200 $table->construct_cell($ipaddress_location); 201 $table->construct_row(); 202 203 $table->output($lang->ipaddress_misc_info); 204 205 ?> 206 </div> 207 </div> 208 <?php 209 } 210 211 if($mybb->input['action'] == "activate_user") 212 { 213 if(!verify_post_check($mybb->get_input('my_post_key'))) 214 { 215 flash_message($lang->invalid_post_verify_key2, 'error'); 216 admin_redirect("index.php?module=user-users"); 217 } 218 219 $user = get_user($mybb->input['uid']); 220 221 // Does the user not exist? 222 if(!$user['uid'] || $user['usergroup'] != 5) 223 { 224 flash_message($lang->error_invalid_user, 'error'); 225 admin_redirect("index.php?module=user-users"); 226 } 227 228 $plugins->run_hooks("admin_user_users_coppa_activate"); 229 230 $updated_user['usergroup'] = $user['usergroup']; 231 232 // Update 233 if($user['coppauser']) 234 { 235 $updated_user = array( 236 "coppauser" => 0 237 ); 238 } 239 else 240 { 241 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 242 } 243 244 // Move out of awaiting activation if they're in it. 245 if($user['usergroup'] == 5) 246 { 247 $updated_user['usergroup'] = 2; 248 } 249 250 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 251 252 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 253 254 $cache->update_awaitingactivation(); 255 256 $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 257 my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 258 259 // Log admin action 260 log_admin_action($user['uid'], $user['username']); 261 262 if($mybb->input['from'] == "home") 263 { 264 if($user['coppauser']) 265 { 266 $message = $lang->success_coppa_activated; 267 } 268 else 269 { 270 $message = $lang->success_activated; 271 } 272 273 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 274 } 275 else 276 { 277 if($user['coppauser']) 278 { 279 flash_message($lang->success_coppa_activated, 'success'); 280 } 281 else 282 { 283 flash_message($lang->success_activated, 'success'); 284 } 285 } 286 287 if($admin_session['data']['last_users_url']) 288 { 289 $url = $admin_session['data']['last_users_url']; 290 update_admin_session('last_users_url', ''); 291 292 if($mybb->input['from'] == "home") 293 { 294 update_admin_session('from', 'home'); 295 } 296 } 297 else 298 { 299 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 300 } 301 302 $plugins->run_hooks("admin_user_users_coppa_end"); 303 304 admin_redirect($url); 305 } 306 307 if($mybb->input['action'] == "add") 308 { 309 $plugins->run_hooks("admin_user_users_add"); 310 311 if($mybb->request_method == "post") 312 { 313 // Determine the usergroup stuff 314 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 315 { 316 foreach($mybb->input['additionalgroups'] as $key => $gid) 317 { 318 if($gid == $mybb->input['usergroup']) 319 { 320 unset($mybb->input['additionalgroups'][$key]); 321 } 322 } 323 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 324 } 325 else 326 { 327 $additionalgroups = ''; 328 } 329 330 // Set up user handler. 331 require_once MYBB_ROOT."inc/datahandlers/user.php"; 332 $userhandler = new UserDataHandler('insert'); 333 334 // Set the data for the new user. 335 $new_user = array( 336 "uid" => $mybb->get_input('uid'), 337 "username" => $mybb->get_input('username'), 338 "password" => $mybb->get_input('password'), 339 "password2" => $mybb->get_input('confirm_password'), 340 "email" => $mybb->get_input('email'), 341 "email2" => $mybb->get_input('email'), 342 "usergroup" => $mybb->get_input('usergroup'), 343 "additionalgroups" => $additionalgroups, 344 "displaygroup" => $mybb->get_input('displaygroup'), 345 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 346 "profile_fields_editable" => true, 347 ); 348 349 // Set the data of the user in the datahandler. 350 $userhandler->set_data($new_user); 351 $errors = ''; 352 353 // Validate the user and get any errors that might have occurred. 354 if(!$userhandler->validate_user()) 355 { 356 $errors = $userhandler->get_friendly_errors(); 357 } 358 else 359 { 360 $user_info = $userhandler->insert_user(); 361 362 $plugins->run_hooks("admin_user_users_add_commit"); 363 364 // Log admin action 365 log_admin_action($user_info['uid'], $user_info['username']); 366 367 flash_message($lang->success_user_created, 'success'); 368 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 369 } 370 } 371 372 // Fetch custom profile fields - only need required profile fields here 373 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 374 375 $profile_fields = array( 376 'required' => array(), 377 'optional' => array(), 378 ); 379 while($profile_field = $db->fetch_array($query)) 380 { 381 $profile_fields['required'][] = $profile_field; 382 } 383 384 $page->add_breadcrumb_item($lang->create_user); 385 $page->output_header($lang->create_user); 386 387 $form = new Form("index.php?module=user-users&action=add", "post"); 388 389 $page->output_nav_tabs($sub_tabs, 'create_user'); 390 391 // If we have any error messages, show them 392 if($errors) 393 { 394 $page->output_inline_error($errors); 395 } 396 else 397 { 398 $mybb->input = array_merge($mybb->input, array('usergroup' => 2)); 399 } 400 401 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 402 403 $form_container = new FormContainer($lang->required_profile_info); 404 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username'); 405 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password'); 406 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password'); 407 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email'); 408 409 $display_group_options[0] = $lang->use_primary_user_group; 410 $options = array(); 411 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 412 while($usergroup = $db->fetch_array($query)) 413 { 414 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 415 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 416 } 417 418 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 419 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 420 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 421 422 // Output custom profile fields - required 423 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 424 425 $form_container->end(); 426 $buttons[] = $form->generate_submit_button($lang->save_user); 427 $form->output_submit_wrapper($buttons); 428 429 $form->end(); 430 $page->output_footer(); 431 } 432 433 if($mybb->input['action'] == "edit") 434 { 435 $user = get_user($mybb->input['uid']); 436 437 // Does the user not exist? 438 if(!$user['uid']) 439 { 440 flash_message($lang->error_invalid_user, 'error'); 441 admin_redirect("index.php?module=user-users"); 442 } 443 444 $plugins->run_hooks("admin_user_users_edit"); 445 446 if($mybb->request_method == "post") 447 { 448 $plugins->run_hooks("admin_user_users_edit_start"); 449 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 450 { 451 flash_message($lang->error_no_perms_super_admin, 'error'); 452 admin_redirect("index.php?module=user-users"); 453 } 454 455 // Determine the usergroup stuff 456 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 457 { 458 foreach($mybb->input['additionalgroups'] as $key => $gid) 459 { 460 if($gid == $mybb->input['usergroup']) 461 { 462 unset($mybb->input['additionalgroups'][$key]); 463 } 464 } 465 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 466 } 467 else 468 { 469 $additionalgroups = ''; 470 } 471 472 $returndate = ""; 473 if(!empty($mybb->input['away_day'])) 474 { 475 $awaydate = TIME_NOW; 476 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 477 if(!$mybb->input['away_month']) 478 { 479 $mybb->input['away_month'] = my_date('n', $awaydate); 480 } 481 if(!$mybb->input['away_year']) 482 { 483 $mybb->input['away_year'] = my_date('Y', $awaydate); 484 } 485 486 $return_month = (int)substr($mybb->input['away_month'], 0, 2); 487 $return_day = (int)substr($mybb->input['away_day'], 0, 2); 488 $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999); 489 490 // Check if return date is after the away date. 491 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 492 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 493 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 494 { 495 $away_in_past = true; 496 } 497 498 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 499 } 500 501 // Set up user handler. 502 require_once MYBB_ROOT."inc/datahandlers/user.php"; 503 $userhandler = new UserDataHandler('update'); 504 505 // Set the data for the new user. 506 $updated_user = array( 507 "uid" => $mybb->get_input('uid'), 508 "username" => $mybb->get_input('username'), 509 "email" => $mybb->get_input('email'), 510 "email2" => $mybb->get_input('email'), 511 "usergroup" => $mybb->get_input('usergroup'), 512 "additionalgroups" => $additionalgroups, 513 "displaygroup" => $mybb->get_input('displaygroup'), 514 "postnum" => $mybb->get_input('postnum'), 515 "threadnum" => $mybb->get_input('threadnum'), 516 "usertitle" => $mybb->get_input('usertitle'), 517 "timezone" => $mybb->get_input('timezone'), 518 "language" => $mybb->get_input('language'), 519 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 520 "profile_fields_editable" => true, 521 "website" => $mybb->get_input('website'), 522 "icq" => $mybb->get_input('icq'), 523 "skype" => $mybb->get_input('skype'), 524 "google" => $mybb->get_input('google'), 525 "birthday" => array( 526 "day" => $mybb->get_input('bday1'), 527 "month" => $mybb->get_input('bday2'), 528 "year" => $mybb->get_input('bday3') 529 ), 530 "style" => $mybb->get_input('style'), 531 "signature" => $mybb->get_input('signature'), 532 "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT), 533 "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT), 534 "usernotes" => $mybb->get_input('usernotes'), 535 "away" => array( 536 "away" => $mybb->get_input('away'), 537 "date" => TIME_NOW, 538 "returndate" => $returndate, 539 "awayreason" => $mybb->get_input('awayreason') 540 ) 541 ); 542 543 if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5) 544 { 545 if($user['coppauser'] == 1) 546 { 547 $updated_user['coppa_user'] = 0; 548 } 549 } 550 if($mybb->get_input('new_password')) 551 { 552 $updated_user['password'] = $mybb->get_input('new_password'); 553 $updated_user['password2'] = $mybb->get_input('confirm_new_password'); 554 } 555 556 $updated_user['options'] = array( 557 "allownotices" => $mybb->get_input('allownotices'), 558 "hideemail" => $mybb->get_input('hideemail'), 559 "subscriptionmethod" => $mybb->get_input('subscriptionmethod'), 560 "invisible" => $mybb->get_input('invisible'), 561 "dstcorrection" => $mybb->get_input('dstcorrection'), 562 "threadmode" => $mybb->get_input('threadmode'), 563 "classicpostbit" => $mybb->get_input('classicpostbit'), 564 "showimages" => $mybb->get_input('showimages'), 565 "showvideos" => $mybb->get_input('showvideos'), 566 "showsigs" => $mybb->get_input('showsigs'), 567 "showavatars" => $mybb->get_input('showavatars'), 568 "showquickreply" => $mybb->get_input('showquickreply'), 569 "receivepms" => $mybb->get_input('receivepms'), 570 "receivefrombuddy" => $mybb->get_input('receivefrombuddy'), 571 "pmnotice" => $mybb->get_input('pmnotice'), 572 "daysprune" => $mybb->get_input('daysprune'), 573 "showcodebuttons" => $mybb->get_input('showcodebuttons'), 574 "sourceeditor" => $mybb->get_input('sourceeditor'), 575 "pmnotify" => $mybb->get_input('pmnotify'), 576 "buddyrequestspm" => $mybb->get_input('buddyrequestspm'), 577 "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'), 578 "showredirect" => $mybb->get_input('showredirect') 579 ); 580 581 if($mybb->settings['usertppoptions']) 582 { 583 $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT); 584 } 585 586 if($mybb->settings['userpppoptions']) 587 { 588 $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT); 589 } 590 591 // Set the data of the user in the datahandler. 592 $userhandler->set_data($updated_user); 593 $errors = ''; 594 595 // Validate the user and get any errors that might have occurred. 596 if(!$userhandler->validate_user()) 597 { 598 $errors = $userhandler->get_friendly_errors(); 599 } 600 else 601 { 602 // Are we removing an avatar from this user? 603 if($mybb->get_input('remove_avatar')) 604 { 605 $extra_user_updates = array( 606 "avatar" => "", 607 "avatardimensions" => "", 608 "avatartype" => "" 609 ); 610 remove_avatars($user['uid']); 611 } 612 613 // Are we uploading a new avatar? 614 if($_FILES['avatar_upload']['name']) 615 { 616 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 617 if($avatar['error']) 618 { 619 $errors = array($avatar['error']); 620 } 621 else 622 { 623 if($avatar['width'] > 0 && $avatar['height'] > 0) 624 { 625 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 626 } 627 $extra_user_updates = array( 628 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 629 "avatardimensions" => $avatar_dimensions, 630 "avatartype" => "upload" 631 ); 632 } 633 } 634 // Are we setting a new avatar from a URL? 635 else if($mybb->input['avatar_url'] && $mybb->input['avatar_url'] != $user['avatar']) 636 { 637 if(!$mybb->settings['allowremoteavatars']) 638 { 639 $errors = array($lang->error_remote_avatar_not_allowed); 640 } 641 else 642 { 643 if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false) 644 { 645 // Gravatar 646 $email = md5(strtolower(trim($mybb->input['avatar_url']))); 647 648 $s = ''; 649 if(!$mybb->settings['maxavatardims']) 650 { 651 $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits 652 } 653 654 // Because Gravatars are square, hijack the width 655 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 656 657 $s = "?s={$maxwidth}"; 658 $maxheight = (int)$maxwidth; 659 660 $extra_user_updates = array( 661 "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}", 662 "avatardimensions" => "{$maxheight}|{$maxheight}", 663 "avatartype" => "gravatar" 664 ); 665 } 666 else 667 { 668 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 669 $ext = get_extension($mybb->input['avatar_url']); 670 671 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 672 $file = fetch_remote_file($mybb->input['avatar_url']); 673 if(!$file) 674 { 675 $avatar_error = $lang->error_invalidavatarurl; 676 } 677 else 678 { 679 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 680 $fp = @fopen($tmp_name, "wb"); 681 if(!$fp) 682 { 683 $avatar_error = $lang->error_invalidavatarurl; 684 } 685 else 686 { 687 fwrite($fp, $file); 688 fclose($fp); 689 list($width, $height, $type) = @getimagesize($tmp_name); 690 @unlink($tmp_name); 691 echo $type; 692 if(!$type) 693 { 694 $avatar_error = $lang->error_invalidavatarurl; 695 } 696 } 697 } 698 699 if(empty($avatar_error)) 700 { 701 if($width && $height && $mybb->settings['maxavatardims'] != "") 702 { 703 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 704 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 705 { 706 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 707 $avatar_error = $lang->error_avatartoobig; 708 } 709 } 710 } 711 712 if(empty($avatar_error)) 713 { 714 if($width > 0 && $height > 0) 715 { 716 $avatar_dimensions = (int)$width."|".(int)$height; 717 } 718 $extra_user_updates = array( 719 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 720 "avatardimensions" => $avatar_dimensions, 721 "avatartype" => "remote" 722 ); 723 remove_avatars($user['uid']); 724 } 725 else 726 { 727 $errors = array($avatar_error); 728 } 729 } 730 } 731 } 732 733 // Moderator "Options" (suspend signature, suspend/moderate posting) 734 $moderator_options = array( 735 1 => array( 736 "action" => "suspendsignature", // The moderator action we're performing 737 "period" => "action_period", // The time period we've selected from the dropdown box 738 "time" => "action_time", // The time we've entered 739 "update_field" => "suspendsignature", // The field in the database to update if true 740 "update_length" => "suspendsigtime" // The length of suspension field in the database 741 ), 742 2 => array( 743 "action" => "moderateposting", 744 "period" => "modpost_period", 745 "time" => "modpost_time", 746 "update_field" => "moderateposts", 747 "update_length" => "moderationtime" 748 ), 749 3 => array( 750 "action" => "suspendposting", 751 "period" => "suspost_period", 752 "time" => "suspost_time", 753 "update_field" => "suspendposting", 754 "update_length" => "suspensiontime" 755 ) 756 ); 757 758 require_once MYBB_ROOT."inc/functions_warnings.php"; 759 foreach($moderator_options as $option) 760 { 761 if(empty($mybb->input[$option['action']])) 762 { 763 if($user[$option['update_field']] == 1) 764 { 765 // We're revoking the suspension 766 $extra_user_updates[$option['update_field']] = 0; 767 $extra_user_updates[$option['update_length']] = 0; 768 } 769 770 // Skip this option if we haven't selected it 771 continue; 772 } 773 else 774 { 775 if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 776 { 777 // User has selected a type of ban, but not entered a valid time frame 778 $string = $option['action']."_error"; 779 $errors[] = $lang->$string; 780 } 781 782 if(!is_array($errors)) 783 { 784 $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]); 785 786 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 787 { 788 // We already have a suspension, but entered a new time 789 if($suspend_length == "-1") 790 { 791 // Permanent ban on action 792 $extra_user_updates[$option['update_length']] = 0; 793 } 794 elseif($suspend_length && $suspend_length != "-1") 795 { 796 // Temporary ban on action 797 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 798 } 799 } 800 elseif(!$user[$option['update_field']]) 801 { 802 // New suspension for this user... bad user! 803 $extra_user_updates[$option['update_field']] = 1; 804 if($suspend_length == "-1") 805 { 806 $extra_user_updates[$option['update_length']] = 0; 807 } 808 else 809 { 810 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 811 } 812 } 813 } 814 } 815 } 816 817 if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting'])) 818 { 819 $errors[] = $lang->suspendmoderate_error; 820 } 821 822 if(isset($away_in_past)) 823 { 824 $errors[] = $lang->error_acp_return_date_past; 825 } 826 827 if(!$errors) 828 { 829 $user_info = $userhandler->update_user(); 830 831 $plugins->run_hooks("admin_user_users_edit_commit_start"); 832 833 if(!empty($extra_user_updates)) 834 { 835 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 836 } 837 838 // if we're updating the user's signature preferences, do so now 839 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 840 { 841 $update_signature = array( 842 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 843 ); 844 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 845 } 846 847 $plugins->run_hooks("admin_user_users_edit_commit"); 848 849 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 850 { 851 $cache->update_awaitingactivation(); 852 } 853 854 // Log admin action 855 log_admin_action($user['uid'], $mybb->input['username']); 856 857 flash_message($lang->success_user_updated, 'success'); 858 admin_redirect("index.php?module=user-users"); 859 } 860 $plugins->run_hooks("admin_user_users_edit_end"); 861 } 862 } 863 864 if(!$errors) 865 { 866 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 867 $mybb->input = array_merge($mybb->input, $user); 868 869 $options = array( 870 'bday1', 'bday2', 'bday3', 871 'new_password', 'confirm_new_password', 872 'action_time', 'action_period', 873 'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time' 874 ); 875 876 foreach($options as $option) 877 { 878 if(!isset($input_user[$option])) 879 { 880 $mybb->input[$option] = ''; 881 } 882 } 883 884 // We need to fetch this users profile field values 885 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 886 $mybb->input['profile_fields'] = $db->fetch_array($query); 887 } 888 889 if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3']) 890 { 891 $mybb->input['bday'][0] = $mybb->input['bday1']; 892 $mybb->input['bday'][1] = $mybb->input['bday2']; 893 $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT); 894 } 895 else 896 { 897 $mybb->input['bday'] = array(0, 0, ''); 898 899 if($user['birthday']) 900 { 901 $mybb->input['bday'] = explode('-', $user['birthday']); 902 } 903 } 904 905 if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year')) 906 { 907 $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT); 908 } 909 else 910 { 911 $mybb->input['away_day'] = 0; 912 $mybb->input['away_month'] = 0; 913 $mybb->input['away_year'] = ''; 914 915 if($user['returndate']) 916 { 917 list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']); 918 } 919 } 920 921 // Fetch custom profile fields 922 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 923 924 $profile_fields = array( 925 'required' => array(), 926 'optional' => array(), 927 ); 928 while($profile_field = $db->fetch_array($query)) 929 { 930 if($profile_field['required'] == 1) 931 { 932 $profile_fields['required'][] = $profile_field; 933 } 934 else 935 { 936 $profile_fields['optional'][] = $profile_field; 937 } 938 } 939 940 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 941 942 $page->extra_header .= <<<EOF 943 944 <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" /> 945 <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1832"></script> 946 <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1832"></script> 947 <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1832"></script> 948 EOF; 949 $page->output_header($lang->edit_user); 950 951 $sub_tabs['edit_user'] = array( 952 'title' => $lang->edit_user, 953 'description' => $lang->edit_user_desc 954 ); 955 956 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 957 958 $page->output_nav_tabs($sub_tabs, 'edit_user'); 959 960 // If we have any error messages, show them 961 if($errors) 962 { 963 $page->output_inline_error($errors); 964 } 965 966 // Is this user a COPPA user? We show a warning & activate link 967 if($user['coppauser']) 968 { 969 echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code); 970 } 971 972 $tabs = array( 973 "overview" => $lang->overview, 974 "profile" => $lang->profile, 975 "settings" => $lang->account_settings, 976 "signature" => $lang->signature, 977 "avatar" => $lang->avatar, 978 "modoptions" => $lang->mod_options 979 ); 980 $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs); 981 $page->output_tab_control($tabs); 982 983 // 984 // OVERVIEW 985 // 986 echo "<div id=\"tab_overview\">\n"; 987 $table = new Table; 988 $table->construct_header($lang->avatar, array('class' => 'align_center')); 989 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 990 991 // Avatar 992 $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']); 993 if($user['avatardimensions']) 994 { 995 require_once MYBB_ROOT."inc/functions_image.php"; 996 list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']); 997 $scaled_dimensions = scale_image($width, $height, 120, 120); 998 } 999 else 1000 { 1001 $scaled_dimensions = array( 1002 "width" => 120, 1003 "height" => 120 1004 ); 1005 } 1006 if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars'])) 1007 { 1008 if(!my_validate_url($user['avatar'])) 1009 { 1010 $avatar = format_avatar($user['avatar'], $user['avatardimensions']); 1011 $user['avatar'] = $avatar['image']; 1012 } 1013 } 1014 else 1015 { 1016 if(my_validate_url($mybb->settings['useravatar'])) 1017 { 1018 $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1019 } 1020 else 1021 { 1022 $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1023 } 1024 } 1025 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 1026 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 1027 if(!empty($last_seen)) 1028 { 1029 $last_active = my_date('relative', $last_seen); 1030 } 1031 else 1032 { 1033 $last_active = $lang->never; 1034 } 1035 $reg_date = my_date('relative', $user['regdate']); 1036 if($user['dst'] == 1) 1037 { 1038 $timezone = (float)$user['timezone']+1; 1039 } 1040 else 1041 { 1042 $timezone = (float)$user['timezone']; 1043 } 1044 $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)); 1045 $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1046 1047 $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time); 1048 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1049 $posts_per_day = 0; 1050 if($days_registered > 0) 1051 { 1052 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1053 if($posts_per_day > $user['postnum']) 1054 { 1055 $posts_per_day = $user['postnum']; 1056 } 1057 } 1058 $posts_per_day = my_number_format($posts_per_day); 1059 1060 $stats = $cache->read("stats"); 1061 $posts = $stats['numposts']; 1062 if($posts == 0) 1063 { 1064 $percent_posts = "0"; 1065 } 1066 else 1067 { 1068 $percent_posts = round($user['postnum']*100/$posts, 2); 1069 } 1070 1071 $user_permissions = user_permissions($user['uid']); 1072 1073 // Fetch the reputation for this user 1074 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1075 { 1076 $reputation = get_reputation($user['reputation']); 1077 } 1078 else 1079 { 1080 $reputation = "-"; 1081 } 1082 1083 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1084 { 1085 if($mybb->settings['maxwarningpoints'] < 1) 1086 { 1087 $mybb->settings['maxwarningpoints'] = 10; 1088 } 1089 1090 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1091 if($warning_level > 100) 1092 { 1093 $warning_level = 100; 1094 } 1095 $warning_level = get_colored_warning_level($warning_level); 1096 } 1097 else 1098 { 1099 $warning_level = "-"; 1100 } 1101 1102 $age = $lang->na; 1103 if($user['birthday']) 1104 { 1105 $age = get_age($user['birthday']); 1106 } 1107 1108 $postnum = my_number_format($user['postnum']); 1109 1110 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1111 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1112 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1113 $table->construct_row(); 1114 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1115 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}"); 1116 $table->construct_row(); 1117 $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}"); 1118 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1119 $table->construct_row(); 1120 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1121 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1122 $table->construct_row(); 1123 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1124 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1125 $table->construct_row(); 1126 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip']))); 1127 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip']))); 1128 $table->construct_row(); 1129 1130 $username = htmlspecialchars_uni($user['username']); 1131 $table->output("{$lang->user_overview}: {$username}"); 1132 $plugins->run_hooks("admin_user_users_edit_overview"); 1133 echo "</div>\n"; 1134 1135 // 1136 // PROFILE 1137 // 1138 echo "<div id=\"tab_profile\">\n"; 1139 1140 $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username'])); 1141 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1142 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1143 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1144 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1145 1146 $display_group_options[0] = $lang->use_primary_user_group; 1147 $options = array(); 1148 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1149 while($usergroup = $db->fetch_array($query)) 1150 { 1151 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1152 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1153 } 1154 1155 if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups'])) 1156 { 1157 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1158 } 1159 1160 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 1161 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1162 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 1163 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum'); 1164 $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum'); 1165 1166 // Output custom profile fields - required 1167 if(!isset($profile_fields['required'])) 1168 { 1169 $profile_fields['required'] = array(); 1170 } 1171 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 1172 1173 $form_container->end(); 1174 1175 $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username'])); 1176 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle'); 1177 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website'); 1178 $form_container->output_row($lang->icq_number, "", $form->generate_numeric_field('icq', $mybb->get_input('icq'), array('id' => 'icq', 'min' => 0)), 'icq'); 1179 $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype'); 1180 $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google'); 1181 1182 // Birthday 1183 $birthday_days = array(0 => ''); 1184 for($i = 1; $i <= 31; $i++) 1185 { 1186 $birthday_days[$i] = $i; 1187 } 1188 1189 $birthday_months = array( 1190 0 => '', 1191 1 => $lang->january, 1192 2 => $lang->february, 1193 3 => $lang->march, 1194 4 => $lang->april, 1195 5 => $lang->may, 1196 6 => $lang->june, 1197 7 => $lang->july, 1198 8 => $lang->august, 1199 9 => $lang->september, 1200 10 => $lang->october, 1201 11 => $lang->november, 1202 12 => $lang->december 1203 ); 1204 1205 $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day')); 1206 $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month')); 1207 $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0)); 1208 1209 $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday'); 1210 1211 // Output custom profile fields - optional 1212 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1213 1214 $form_container->end(); 1215 1216 1217 if($mybb->settings['allowaway'] != 0) 1218 { 1219 $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username'])); 1220 $awaycheck = array(false, true); 1221 if($mybb->input['away'] == 1) 1222 { 1223 $awaycheck = array(true, false); 1224 } 1225 $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away'); 1226 $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason'); 1227 1228 //Return date (we can use the arrays from birthday) 1229 $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day')); 1230 $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month')); 1231 $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0)); 1232 1233 $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date'); 1234 1235 $form_container->end(); 1236 } 1237 1238 $plugins->run_hooks("admin_user_users_edit_profile"); 1239 echo "</div>\n"; 1240 1241 // 1242 // ACCOUNT SETTINGS 1243 // 1244 1245 echo "<div id=\"tab_settings\">\n"; 1246 $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username'])); 1247 $login_options = array( 1248 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))), 1249 ); 1250 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1251 1252 if($mybb->get_input('pmnotice') > 1) 1253 { 1254 $mybb->input['pmnotice'] = 1; 1255 } 1256 1257 $messaging_options = array( 1258 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))), 1259 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))), 1260 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))), 1261 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))), 1262 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))), 1263 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))), 1264 $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))), 1265 $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))), 1266 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod')) 1267 ); 1268 1269 // Allow plugins to add messaging options 1270 $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options); 1271 1272 // Output messaging options 1273 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1274 1275 $date_format_options = array($lang->use_default); 1276 foreach($date_formats as $key => $format) 1277 { 1278 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1279 } 1280 1281 $time_format_options = array($lang->use_default); 1282 foreach($time_formats as $key => $format) 1283 { 1284 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1285 } 1286 1287 $date_options = array( 1288 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')), 1289 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')), 1290 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')), 1291 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection')) 1292 ); 1293 1294 // Allow plugins to add date options 1295 $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options); 1296 1297 // Output date options 1298 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1299 1300 1301 $tpp_options = array($lang->use_default); 1302 if($mybb->settings['usertppoptions']) 1303 { 1304 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1305 if(is_array($explodedtpp)) 1306 { 1307 foreach($explodedtpp as $tpp) 1308 { 1309 if($tpp <= 0) continue; 1310 $tpp_options[$tpp] = $tpp; 1311 } 1312 } 1313 } 1314 1315 $thread_age_options = array( 1316 0 => $lang->use_default, 1317 1 => $lang->show_threads_last_day, 1318 5 => $lang->show_threads_last_5_days, 1319 10 => $lang->show_threads_last_10_days, 1320 20 => $lang->show_threads_last_20_days, 1321 50 => $lang->show_threads_last_50_days, 1322 75 => $lang->show_threads_last_75_days, 1323 100 => $lang->show_threads_last_100_days, 1324 365 => $lang->show_threads_last_year, 1325 9999 => $lang->show_all_threads 1326 ); 1327 1328 $forum_options = array( 1329 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')), 1330 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune')) 1331 ); 1332 1333 // Allow plugins to add forum options 1334 $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options); 1335 1336 // Output forum options 1337 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1338 1339 $ppp_options = array($lang->use_default); 1340 if($mybb->settings['userpppoptions']) 1341 { 1342 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1343 if(is_array($explodedppp)) 1344 { 1345 foreach($explodedppp as $ppp) 1346 { 1347 if($ppp <= 0) continue; 1348 $ppp_options[$ppp] = $ppp; 1349 } 1350 } 1351 } 1352 1353 $thread_options = array( 1354 $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))), 1355 $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))), 1356 $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))), 1357 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))), 1358 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))), 1359 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))), 1360 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')), 1361 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1362 ); 1363 1364 // Allow plugins to add thread options 1365 $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options); 1366 1367 // Output thread options 1368 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1369 1370 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1371 1372 $other_options = array( 1373 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))), 1374 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))), 1375 $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))), 1376 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true), 1377 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language')) 1378 ); 1379 1380 // Allow plugins to add other options 1381 $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options); 1382 1383 // Output other options 1384 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1385 1386 $form_container->end(); 1387 $plugins->run_hooks("admin_user_users_edit_settings"); 1388 echo "</div>\n"; 1389 1390 // 1391 // SIGNATURE EDITOR 1392 // 1393 $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%')); 1394 $sig_smilies = $lang->off; 1395 if($mybb->settings['sigsmilies'] == 1) 1396 { 1397 $sig_smilies = $lang->on; 1398 } 1399 $sig_mycode = $lang->off; 1400 if($mybb->settings['sigmycode'] == 1) 1401 { 1402 $sig_mycode = $lang->on; 1403 $signature_editor .= build_mycode_inserter("signature"); 1404 } 1405 $sig_html = $lang->off; 1406 if($mybb->settings['sightml'] == 1) 1407 { 1408 $sig_html = $lang->on; 1409 } 1410 $sig_imgcode = $lang->off; 1411 if($mybb->settings['sigimgcode'] == 1) 1412 { 1413 $sig_imgcode = $lang->on; 1414 } 1415 echo "<div id=\"tab_signature\">\n"; 1416 $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username'])); 1417 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1418 1419 $periods = array( 1420 "hours" => $lang->expire_hours, 1421 "days" => $lang->expire_days, 1422 "weeks" => $lang->expire_weeks, 1423 "months" => $lang->expire_months, 1424 "never" => $lang->expire_permanent 1425 ); 1426 1427 // Are we already suspending the signature? 1428 if($mybb->get_input('suspendsignature')) 1429 { 1430 $sig_checked = 1; 1431 1432 // Display how much time is left on the ban for the user to extend it 1433 if($user['suspendsigtime'] == "0") 1434 { 1435 // Permanent 1436 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1437 } 1438 else 1439 { 1440 // There's a limit to the suspension! 1441 $remaining = $user['suspendsigtime']-TIME_NOW; 1442 $expired = nice_time($remaining, array('seconds' => false)); 1443 1444 $color = 'inherit'; 1445 if($remaining < 3600) 1446 { 1447 $color = 'red'; 1448 } 1449 elseif($remaining < 86400) 1450 { 1451 $color = 'maroon'; 1452 } 1453 elseif($remaining < 604800) 1454 { 1455 $color = 'green'; 1456 } 1457 1458 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color); 1459 } 1460 $user_suspend_info = ' 1461 <tr> 1462 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1463 </tr>'; 1464 } 1465 else 1466 { 1467 $sig_checked = 0; 1468 $user_suspend_info = ''; 1469 } 1470 1471 $actions = ' 1472 <script type="text/javascript"> 1473 <!-- 1474 var sig_checked = "'.$sig_checked.'"; 1475 1476 function toggleAction() 1477 { 1478 if($("#suspend_action").is(\':visible\')) 1479 { 1480 $("#suspend_action").hide(); 1481 } 1482 else 1483 { 1484 $("#suspend_action").show(); 1485 } 1486 } 1487 // --> 1488 </script> 1489 1490 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1491 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1492 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1493 <table cellpadding="4">'.$user_suspend_info.' 1494 <tr> 1495 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1496 <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1497 </tr> 1498 </table> 1499 </dd> 1500 </dl> 1501 1502 <script type="text/javascript"> 1503 <!-- 1504 if(sig_checked == 0) 1505 { 1506 $("#suspend_action").hide(); 1507 } 1508 // --> 1509 </script>'; 1510 1511 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1512 1513 $signature_options = array( 1514 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1515 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1516 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1517 ); 1518 1519 $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options)); 1520 1521 $form_container->end(); 1522 $plugins->run_hooks("admin_user_users_edit_signatur"); 1523 echo "</div>\n"; 1524 1525 // 1526 // AVATAR MANAGER 1527 // 1528 echo "<div id=\"tab_avatar\">\n"; 1529 $table = new Table; 1530 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1531 1532 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1533 1534 $avatar_url = ''; 1535 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1536 { 1537 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1538 } 1539 elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar'])) 1540 { 1541 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1542 $avatar_url = $user['avatar']; 1543 } 1544 1545 if($errors) 1546 { 1547 $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']); 1548 } 1549 1550 if($mybb->settings['maxavatardims'] != "") 1551 { 1552 list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 1553 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1554 } 1555 1556 if($mybb->settings['avatarsize']) 1557 { 1558 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1559 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1560 } 1561 1562 if($user['avatar']) 1563 { 1564 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1565 } 1566 1567 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1568 $table->construct_row(); 1569 1570 $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username'])); 1571 1572 // Custom avatar 1573 if($mybb->settings['avatarresizing'] == "auto") 1574 { 1575 $auto_resize = $lang->avatar_auto_resize; 1576 } 1577 else if($mybb->settings['avatarresizing'] == "user") 1578 { 1579 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1580 } 1581 $form_container = new FormContainer($lang->specify_custom_avatar); 1582 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1583 if($mybb->settings['allowremoteavatars']) 1584 { 1585 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1586 } 1587 $form_container->end(); 1588 $plugins->run_hooks("admin_user_users_edit_avatar"); 1589 echo "</div>\n"; 1590 1591 // 1592 // MODERATOR OPTIONS 1593 // 1594 $periods = array( 1595 "hours" => $lang->expire_hours, 1596 "days" => $lang->expire_days, 1597 "weeks" => $lang->expire_weeks, 1598 "months" => $lang->expire_months, 1599 "never" => $lang->expire_permanent 1600 ); 1601 1602 echo "<div id=\"tab_modoptions\">\n"; 1603 $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username'])); 1604 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1605 1606 // Mod posts 1607 // Generate check box 1608 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1609 1610 // Do we have any existing suspensions here? 1611 $existing_info = ''; 1612 if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors))) 1613 { 1614 $mybb->input['moderateposting'] = 1; 1615 if($user['moderationtime'] != 0) 1616 { 1617 $remaining = $user['moderationtime']-TIME_NOW; 1618 $expired = nice_time($remaining, array('seconds' => false)); 1619 1620 $color = 'inherit'; 1621 if($remaining < 3600) 1622 { 1623 $color = 'red'; 1624 } 1625 elseif($remaining < 86400) 1626 { 1627 $color = 'maroon'; 1628 } 1629 elseif($remaining < 604800) 1630 { 1631 $color = 'green'; 1632 } 1633 1634 $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color); 1635 } 1636 else 1637 { 1638 $existing_info = $lang->moderated_perm; 1639 } 1640 } 1641 1642 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>'; 1643 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username'])); 1644 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div); 1645 1646 // Suspend posts 1647 // Generate check box 1648 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period')); 1649 1650 // Do we have any existing suspensions here? 1651 if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors))) 1652 { 1653 $mybb->input['suspendposting'] = 1; 1654 1655 if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never") 1656 { 1657 $existing_info = $lang->suspended_perm; 1658 } 1659 else 1660 { 1661 $remaining = $user['suspensiontime']-TIME_NOW; 1662 $suspost_date = nice_time($remaining, array('seconds' => false)); 1663 1664 $color = 'inherit'; 1665 if($remaining < 3600) 1666 { 1667 $color = 'red'; 1668 } 1669 elseif($remaining < 86400) 1670 { 1671 $color = 'maroon'; 1672 } 1673 elseif($remaining < 604800) 1674 { 1675 $color = 'green'; 1676 } 1677 1678 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color); 1679 } 1680 } 1681 1682 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>'; 1683 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username'])); 1684 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div); 1685 1686 1687 $form_container->end(); 1688 $plugins->run_hooks("admin_user_users_edit_moderator_options"); 1689 echo "</div>\n"; 1690 1691 $plugins->run_hooks("admin_user_users_edit_graph"); 1692 1693 $buttons[] = $form->generate_submit_button($lang->save_user); 1694 $form->output_submit_wrapper($buttons); 1695 1696 $form->end(); 1697 1698 echo '<script type="text/javascript"> 1699 <!-- 1700 1701 function toggleBox(action) 1702 { 1703 if(action == "modpost") 1704 { 1705 $("#suspendposting").attr("checked", false); 1706 $("#suspost").hide(); 1707 1708 if($("#moderateposting").is(":checked") == true) 1709 { 1710 $("#modpost").show(); 1711 } 1712 else if($("#moderateposting").is(":checked") == false) 1713 { 1714 $("#modpost").hide(); 1715 } 1716 } 1717 else if(action == "suspost") 1718 { 1719 $("#moderateposting").attr("checked", false); 1720 $("#modpost").hide(); 1721 1722 if($("#suspendposting").is(":checked") == true) 1723 { 1724 $("#suspost").show(); 1725 } 1726 else if($("#suspendposting").is(":checked") == false) 1727 { 1728 $("#suspost").hide(); 1729 } 1730 } 1731 } 1732 1733 if($("#moderateposting").is(":checked") == false) 1734 { 1735 $("#modpost").hide(); 1736 } 1737 else 1738 { 1739 $("#modpost").show(); 1740 } 1741 1742 if($("#suspendposting").is(":checked") == false) 1743 { 1744 $("#suspost").hide(); 1745 } 1746 else 1747 { 1748 $("#suspost").show(); 1749 } 1750 1751 // --> 1752 </script>'; 1753 1754 $page->output_footer(); 1755 } 1756 1757 if($mybb->input['action'] == "delete") 1758 { 1759 $user = get_user($mybb->input['uid']); 1760 1761 // Does the user not exist? 1762 if(!$user['uid']) 1763 { 1764 flash_message($lang->error_invalid_user, 'error'); 1765 admin_redirect("index.php?module=user-users"); 1766 } 1767 1768 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1769 { 1770 flash_message($lang->error_no_perms_super_admin, 'error'); 1771 admin_redirect("index.php?module=user-users"); 1772 } 1773 1774 // User clicked no 1775 if($mybb->get_input('no')) 1776 { 1777 admin_redirect("index.php?module=user-users"); 1778 } 1779 1780 $plugins->run_hooks("admin_user_users_delete"); 1781 1782 if($mybb->request_method == "post") 1783 { 1784 $plugins->run_hooks("admin_user_users_delete_commit"); 1785 1786 // Set up user handler. 1787 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1788 $userhandler = new UserDataHandler('delete'); 1789 1790 // Delete the user 1791 if(!$userhandler->delete_user($user['uid'])) 1792 { 1793 flash_message($lang->error_cannot_delete_user, 'error'); 1794 admin_redirect("index.php?module=user-users"); 1795 } 1796 1797 $cache->update_awaitingactivation(); 1798 1799 $plugins->run_hooks("admin_user_users_delete_commit_end"); 1800 1801 log_admin_action($user['uid'], $user['username']); 1802 1803 flash_message($lang->success_user_deleted, 'success'); 1804 admin_redirect("index.php?module=user-users"); 1805 } 1806 else 1807 { 1808 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1809 } 1810 } 1811 1812 if($mybb->input['action'] == "referrers") 1813 { 1814 $page->add_breadcrumb_item($lang->show_referrers); 1815 $page->output_header($lang->show_referrers); 1816 1817 $sub_tabs['referrers'] = array( 1818 'title' => $lang->show_referrers, 1819 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1820 'description' => $lang->show_referrers_desc 1821 ); 1822 1823 $plugins->run_hooks("admin_user_users_referrers"); 1824 1825 $page->output_nav_tabs($sub_tabs, 'referrers'); 1826 1827 // Fetch default admin view 1828 $default_view = fetch_default_view("user"); 1829 if(!$default_view) 1830 { 1831 $default_view = "0"; 1832 } 1833 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1834 $admin_view = $db->fetch_array($query); 1835 1836 if($mybb->input['type']) 1837 { 1838 $admin_view['view_type'] = $mybb->input['type']; 1839 } 1840 1841 $admin_view['conditions'] = my_unserialize($admin_view['conditions']); 1842 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1843 1844 $view = build_users_view($admin_view); 1845 1846 // No referred users 1847 if(!$view) 1848 { 1849 $table = new Table; 1850 $table->construct_cell($lang->error_no_referred_users); 1851 $table->construct_row(); 1852 $table->output($lang->show_referrers); 1853 } 1854 else 1855 { 1856 echo $view; 1857 } 1858 1859 $page->output_footer(); 1860 } 1861 1862 if($mybb->input['action'] == "ipaddresses") 1863 { 1864 $page->add_breadcrumb_item($lang->ip_addresses); 1865 $page->output_header($lang->ip_addresses); 1866 1867 $sub_tabs['ipaddresses'] = array( 1868 'title' => $lang->show_ip_addresses, 1869 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1870 'description' => $lang->show_ip_addresses_desc 1871 ); 1872 1873 $plugins->run_hooks("admin_user_users_ipaddresses"); 1874 1875 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1876 1877 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1878 $user = $db->fetch_array($query); 1879 1880 // Log admin action 1881 log_admin_action($user['uid'], $user['username']); 1882 1883 $table = new Table; 1884 1885 $table->construct_header($lang->ip_address); 1886 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1887 1888 if(empty($user['lastip'])) 1889 { 1890 $user['lastip'] = $lang->unknown; 1891 $controls = ''; 1892 } 1893 else 1894 { 1895 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 1896 $popup = new PopupMenu("user_last", $lang->options); 1897 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&action=search&results=1&conditions[regip]=".$user['lastip']); 1898 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['lastip']); 1899 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}', null, true); return false;"); 1900 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1901 $controls = $popup->fetch(); 1902 } 1903 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']); 1904 $table->construct_cell($controls, array('class' => "align_center")); 1905 $table->construct_row(); 1906 1907 if(empty($user['regip'])) 1908 { 1909 $user['regip'] = $lang->unknown; 1910 $controls = ''; 1911 } 1912 else 1913 { 1914 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 1915 $popup = new PopupMenu("user_reg", $lang->options); 1916 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$user['regip']); 1917 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['regip']); 1918 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}', null, true); return false;"); 1919 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1920 $controls = $popup->fetch(); 1921 } 1922 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']); 1923 $table->construct_cell($controls, array('class' => "align_center")); 1924 $table->construct_row(); 1925 1926 $counter = 0; 1927 1928 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1929 while($ip = $db->fetch_array($query)) 1930 { 1931 ++$counter; 1932 $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress'])); 1933 $popup = new PopupMenu("id_{$counter}", $lang->options); 1934 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$ip['ipaddress']); 1935 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$ip['ipaddress']); 1936 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;"); 1937 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1938 $controls = $popup->fetch(); 1939 1940 $table->construct_cell($ip['ipaddress']); 1941 $table->construct_cell($controls, array('class' => "align_center")); 1942 $table->construct_row(); 1943 } 1944 1945 $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username'])); 1946 1947 $page->output_footer(); 1948 } 1949 1950 if($mybb->input['action'] == "merge") 1951 { 1952 $plugins->run_hooks("admin_user_users_merge"); 1953 1954 if($mybb->request_method == "post") 1955 { 1956 foreach(array('source', 'destination') as $target) 1957 { 1958 ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*')); 1959 if(empty(${$target.'_user'}['uid'])) 1960 { 1961 $errors[] = $lang->{'error_invalid_user_'.$target}; 1962 } 1963 } 1964 1965 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1966 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1967 { 1968 flash_message($lang->error_no_perms_super_admin, 'error'); 1969 admin_redirect("index.php?module=user-users"); 1970 } 1971 1972 if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid'])) 1973 { 1974 $errors[] = $lang->error_cannot_merge_same_account; 1975 } 1976 1977 if(empty($errors)) 1978 { 1979 // Begin to merge the accounts 1980 $uid_update = array( 1981 "uid" => $destination_user['uid'] 1982 ); 1983 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1984 $existing_admin_options = $db->fetch_field($query, "uid"); 1985 1986 // Only carry over admin options/permissions if we don't already have them 1987 if(!$existing_admin_options) 1988 { 1989 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1990 } 1991 1992 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1993 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1994 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1995 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1996 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1997 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 1998 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 1999 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 2000 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 2001 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 2002 $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'"); 2003 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 2004 $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'"); 2005 $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'"); 2006 $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'"); 2007 2008 // Thread ratings 2009 merge_thread_ratings($source_user['uid'], $destination_user['uid']); 2010 2011 // Banning 2012 switch($db->type) 2013 { 2014 case 'mysql': 2015 case 'mysqli': 2016 $where = "`admin` = '{$source_user['uid']}'"; 2017 break; 2018 default: 2019 $where = "admin = '{$source_user['uid']}'"; 2020 break; 2021 } 2022 $db->update_query("banned", array('admin' => $destination_user['uid']), $where); 2023 2024 // Carry over referrals 2025 $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'"); 2026 // If destination user has no referrer but source does and source user was not referred by destination user 2027 // or destination user was referred by the source user 2028 if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid']) 2029 { 2030 $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'"); 2031 } 2032 $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'"); 2033 $new_referrals = $db->fetch_field($query, "total_referrals"); 2034 $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'"); 2035 2036 // Merging Reputation 2037 // First, let's change all the details over to our new user... 2038 $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'"); 2039 $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'"); 2040 2041 // Now that all the repuation is merged, figure out what to do with this user's comments... 2042 $options = array( 2043 "order_by" => "uid", 2044 "order_dir" => "ASC" 2045 ); 2046 2047 $to_remove = array(); 2048 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options); 2049 while($rep = $db->fetch_array($query)) 2050 { 2051 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 2052 { 2053 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 2054 $to_remove[] = $rep['rid']; 2055 } 2056 2057 // Remove comments or posts liked by "me" 2058 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 2059 { 2060 if(!in_array($rep['rid'], $to_remove)) 2061 { 2062 $to_remove[] = $rep['rid']; 2063 continue; 2064 } 2065 } 2066 2067 $last_result = array( 2068 "rid" => $rep['rid'], 2069 "uid" => $rep['uid'] 2070 ); 2071 } 2072 2073 // Remove any reputations we've selected to remove... 2074 if(!empty($to_remove)) 2075 { 2076 $imp = implode(",", $to_remove); 2077 $db->delete_query("reputation", "rid IN (".$imp.")"); 2078 } 2079 2080 // Calculate the new reputation for this user... 2081 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 2082 $total_reputation = $db->fetch_field($query, "total_rep"); 2083 2084 $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'"); 2085 2086 // Calculate warning points 2087 $query = $db->query(" 2088 SELECT SUM(points) as warn_lev 2089 FROM ".TABLE_PREFIX."warnings 2090 WHERE uid='{$source_user['uid']}' AND expired='0' 2091 "); 2092 $original_warn_level = $db->fetch_field($query, "warn_lev"); 2093 2094 $query = $db->query(" 2095 SELECT SUM(points) as warn_lev 2096 FROM ".TABLE_PREFIX."warnings 2097 WHERE uid='{$destination_user['uid']}' AND expired='0' 2098 "); 2099 $new_warn_level = $db->fetch_field($query, "warn_lev"); 2100 $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'"); 2101 2102 // Additional updates for non-uid fields 2103 $last_poster = array( 2104 "lastposteruid" => $destination_user['uid'], 2105 "lastposter" => $db->escape_string($destination_user['username']) 2106 ); 2107 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2108 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2109 $edit_uid = array( 2110 "edituid" => $destination_user['uid'] 2111 ); 2112 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 2113 2114 $from_uid = array( 2115 "fromid" => $destination_user['uid'] 2116 ); 2117 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 2118 $to_uid = array( 2119 "toid" => $destination_user['uid'] 2120 ); 2121 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 2122 2123 // Buddy/ignore lists 2124 $destination_buddies = explode(',', $destination_user['buddylist']); 2125 $source_buddies = explode(',', $source_user['buddylist']); 2126 $buddies = array_unique(array_merge($source_buddies, $destination_buddies)); 2127 // Make sure the new buddy list doesn't contain either users 2128 $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid'])); 2129 2130 $destination_ignored = explode(',', $destination_user['ignorelist']); 2131 $source_ignored = explode(',', $destination_user['ignorelist']); 2132 $ignored = array_unique(array_merge($source_ignored, $destination_ignored)); 2133 // ... and the same for the new ignore list 2134 $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid'])); 2135 2136 // Remove any ignored users from the buddy list 2137 $buddies = array_diff($buddies_array, $ignored_array); 2138 // implode the arrays so we get a nice neat list for each 2139 $buddies = trim(implode(',', $buddies), ','); 2140 $ignored = trim(implode(',', $ignored_array), ','); 2141 2142 $lists = array( 2143 "buddylist" => $buddies, 2144 "ignorelist" => $ignored 2145 ); 2146 $db->update_query("users", $lists, "uid='{$destination_user['uid']}'"); 2147 2148 // Get a list of forums where post count doesn't apply 2149 $fids = array(); 2150 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 2151 while($fid = $db->fetch_field($query, "fid")) 2152 { 2153 $fids[] = $fid; 2154 } 2155 2156 $fids_not_in = ''; 2157 if(!empty($fids)) 2158 { 2159 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 2160 } 2161 2162 // Update user post count 2163 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2164 $num = $db->fetch_array($query); 2165 $updated_count = array( 2166 "postnum" => $num['postnum'] 2167 ); 2168 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2169 2170 // Update user thread count 2171 $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2172 $num = $db->fetch_array($query); 2173 $updated_count = array( 2174 "threadnum" => $num['threadnum'] 2175 ); 2176 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2177 2178 // Use the earliest registration date 2179 if($destination_user['regdate'] > $source_user['regdate']) 2180 { 2181 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 2182 } 2183 2184 $plugins->run_hooks("admin_user_users_merge_commit"); 2185 2186 // Set up user handler. 2187 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2188 $userhandler = new UserDataHandler('delete'); 2189 2190 // Delete the old user 2191 $userhandler->delete_user($source_user['uid']); 2192 2193 $cache->update_awaitingactivation(); 2194 2195 // Log admin action 2196 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 2197 2198 // Redirect! 2199 $username = htmlspecialchars_uni($source_user['username']); 2200 $destination_username = htmlspecialchars_uni($destination_user['username']); 2201 flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success"); 2202 admin_redirect("index.php?module=user-users"); 2203 exit; 2204 } 2205 } 2206 2207 $page->add_breadcrumb_item($lang->merge_users); 2208 $page->output_header($lang->merge_users); 2209 2210 $page->output_nav_tabs($sub_tabs, 'merge_users'); 2211 2212 // If we have any error messages, show them 2213 if($errors) 2214 { 2215 $page->output_inline_error($errors); 2216 } 2217 2218 $form = new Form("index.php?module=user-users&action=merge", "post"); 2219 2220 $form_container = new FormContainer($lang->merge_users); 2221 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username'); 2222 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username'); 2223 $form_container->end(); 2224 2225 // Autocompletion for usernames 2226 echo ' 2227 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 2228 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 2229 <script type="text/javascript"> 2230 <!-- 2231 $("#source_username").select2({ 2232 placeholder: "'.$lang->search_for_a_user.'", 2233 minimumInputLength: 2, 2234 multiple: false, 2235 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2236 url: "../xmlhttp.php?action=get_users", 2237 dataType: \'json\', 2238 data: function (term, page) { 2239 return { 2240 query: term // search term 2241 }; 2242 }, 2243 results: function (data, page) { // parse the results into the format expected by Select2. 2244 // since we are using custom formatting functions we do not need to alter remote JSON data 2245 return {results: data}; 2246 } 2247 }, 2248 initSelection: function(element, callback) { 2249 var query = $(element).val(); 2250 if (query !== "") { 2251 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2252 data: { 2253 query: query 2254 }, 2255 dataType: "json" 2256 }).done(function(data) { callback(data); }); 2257 } 2258 } 2259 }); 2260 $("#destination_username").select2({ 2261 placeholder: "'.$lang->search_for_a_user.'", 2262 minimumInputLength: 2, 2263 multiple: false, 2264 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2265 url: "../xmlhttp.php?action=get_users", 2266 dataType: \'json\', 2267 data: function (term, page) { 2268 return { 2269 query: term // search term 2270 }; 2271 }, 2272 results: function (data, page) { // parse the results into the format expected by Select2. 2273 // since we are using custom formatting functions we do not need to alter remote JSON data 2274 return {results: data}; 2275 } 2276 }, 2277 initSelection: function(element, callback) { 2278 var query = $(element).val(); 2279 if (query !== "") { 2280 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2281 data: { 2282 query: query 2283 }, 2284 dataType: "json" 2285 }).done(function(data) { callback(data); }); 2286 } 2287 } 2288 }); 2289 // --> 2290 </script>'; 2291 2292 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 2293 $form->output_submit_wrapper($buttons); 2294 $form->end(); 2295 2296 $page->output_footer(); 2297 } 2298 2299 if($mybb->input['action'] == "search") 2300 { 2301 $plugins->run_hooks("admin_user_users_search"); 2302 2303 if($mybb->request_method == "post" || $mybb->get_input('results') == 1) 2304 { 2305 // Build view options from incoming search options 2306 if($mybb->get_input('vid')) 2307 { 2308 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 2309 $admin_view = $db->fetch_array($query); 2310 // View does not exist or this view is private and does not belong to the current user 2311 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2312 { 2313 unset($admin_view); 2314 } 2315 } 2316 2317 if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')]) 2318 { 2319 $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')]; 2320 unset($admin_view['extra_sql']); 2321 } 2322 2323 // Don't have a view? Fetch the default 2324 if(!isset($admin_view) || !$admin_view['vid']) 2325 { 2326 $default_view = fetch_default_view("user"); 2327 if(!$default_view) 2328 { 2329 $default_view = "0"; 2330 } 2331 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2332 $admin_view = $db->fetch_array($query); 2333 } 2334 2335 // Override specific parts of the view 2336 unset($admin_view['vid']); 2337 2338 if($mybb->get_input('type')) 2339 { 2340 $admin_view['view_type'] = $mybb->get_input('type'); 2341 } 2342 2343 if(!empty($mybb->input['conditions'])) 2344 { 2345 $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY); 2346 } 2347 2348 if($mybb->get_input('sortby')) 2349 { 2350 $admin_view['sortby'] = $mybb->get_input('sortby'); 2351 } 2352 2353 if($mybb->get_input('perpage', MyBB::INPUT_INT)) 2354 { 2355 $admin_view['perpage'] = $mybb->get_input('perpage'); 2356 } 2357 2358 if($mybb->get_input('order')) 2359 { 2360 $admin_view['sortorder'] = $mybb->get_input('order'); 2361 } 2362 2363 if($mybb->get_input('displayas')) 2364 { 2365 $admin_view['view_type'] = $mybb->get_input('displayas'); 2366 } 2367 2368 if(!empty($mybb->input['profile_fields'])) 2369 { 2370 $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 2371 } 2372 2373 $plugins->run_hooks("admin_user_users_search_commit"); 2374 2375 $results = build_users_view($admin_view); 2376 2377 if($results) 2378 { 2379 $page->output_header($lang->find_users); 2380 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2381 $page->output_nav_tabs($sub_tabs, 'find_users'); 2382 echo $results; 2383 $page->output_footer(); 2384 } 2385 else 2386 { 2387 if($mybb->get_input('from') == "home") 2388 { 2389 flash_message($lang->error_no_users_found, 'error'); 2390 admin_redirect("index.php"); 2391 exit; 2392 } 2393 else 2394 { 2395 $errors[] = $lang->error_no_users_found; 2396 } 2397 } 2398 } 2399 2400 $page->add_breadcrumb_item($lang->find_users); 2401 $page->output_header($lang->find_users); 2402 2403 $page->output_nav_tabs($sub_tabs, 'find_users'); 2404 2405 // If we have any error messages, show them 2406 if($errors) 2407 { 2408 $page->output_inline_error($errors); 2409 } 2410 2411 if(!$mybb->get_input('displayas')) 2412 { 2413 $mybb->input['displayas'] = "card"; 2414 } 2415 2416 $form = new Form("index.php?module=user-users&action=search", "post"); 2417 2418 user_search_conditions($mybb->input, $form); 2419 2420 $form_container = new FormContainer($lang->display_options); 2421 $sort_directions = array( 2422 "asc" => $lang->ascending, 2423 "desc" => $lang->descending 2424 ); 2425 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby'); 2426 $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage'); 2427 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false)))); 2428 $form_container->end(); 2429 2430 $buttons[] = $form->generate_submit_button($lang->find_users); 2431 $form->output_submit_wrapper($buttons); 2432 $form->end(); 2433 2434 $page->output_footer(); 2435 } 2436 2437 if($mybb->input['action'] == "inline_edit") 2438 { 2439 $plugins->run_hooks("admin_user_users_inline"); 2440 2441 if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view'])) 2442 { 2443 // We have a custom view 2444 if(empty($mybb->cookies['acp_view'])) 2445 { 2446 // Set a cookie 2447 my_setcookie("acp_view", $mybb->input['vid'], 60); 2448 } 2449 else 2450 { 2451 // We already have a cookie, so let's use it... 2452 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2453 } 2454 2455 $vid_url = "&vid=".$mybb->get_input('vid'); 2456 } 2457 else 2458 { 2459 $vid_url = null; 2460 } 2461 2462 // First, collect the user IDs that we're performing the moderation on 2463 $selected = array(); 2464 if(isset($mybb->cookies['inlinemod_useracp'])) 2465 { 2466 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2467 foreach($ids as $id) 2468 { 2469 if($id != '') 2470 { 2471 $selected[] = (int)$id; 2472 } 2473 } 2474 } 2475 2476 // Verify incoming POST request 2477 if(!verify_post_check($mybb->get_input('my_post_key'))) 2478 { 2479 flash_message($lang->invalid_post_verify_key2, 'error'); 2480 admin_redirect("index.php?module=user-user"); 2481 } 2482 $sub_tabs['manage_users'] = array( 2483 "title" => $lang->manage_users, 2484 "link" => "./", 2485 "description" => $lang->manage_users_desc 2486 ); 2487 $page->add_breadcrumb_item($lang->manage_users); 2488 2489 if(empty($selected)) 2490 { 2491 // Not selected any users, show error 2492 flash_message($lang->error_inline_no_users_selected, 'error'); 2493 admin_redirect("index.php?module=user-users".$vid_url); 2494 } 2495 2496 switch($mybb->input['inline_action']) 2497 { 2498 case 'multiactivate': 2499 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2500 if(is_array($selected)) 2501 { 2502 $sql_array = implode(",", $selected); 2503 $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")"); 2504 $user_mail_data = array(); 2505 while($user = $db->fetch_array($query)) 2506 { 2507 $to_update[] = $user['uid']; 2508 $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']); 2509 } 2510 } 2511 2512 $plugins->run_hooks("admin_user_multiactivate", $to_update); 2513 2514 if(isset($to_update) && is_array($to_update)) 2515 { 2516 $sql_array = implode(",", $to_update); 2517 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2518 2519 $cache->update_awaitingactivation(); 2520 2521 // send activation mail 2522 foreach($user_mail_data as $mail_data) 2523 { 2524 $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 2525 my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 2526 } 2527 2528 // Action complete, grab stats and show success message - redirect user 2529 $to_update_count = count($to_update); 2530 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2531 2532 if(is_array($selected) && $to_update_count != count($selected)) 2533 { 2534 // The update count is different to how many we selected! 2535 $not_updated_count = count($selected) - $to_update_count; 2536 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2537 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2538 } 2539 2540 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2541 log_admin_action($to_update_count); // Add to adminlog 2542 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2543 2544 flash_message($lang->inline_activated, 'success'); 2545 admin_redirect("index.php?module=user-users".$vid_url); 2546 } 2547 else 2548 { 2549 // Nothing was updated, show an error 2550 flash_message($lang->inline_activated_failed, 'error'); 2551 admin_redirect("index.php?module=user-users".$vid_url); 2552 } 2553 break; 2554 case 'multilift': 2555 // Get the users that are banned, and check that they have been selected 2556 if($mybb->get_input('no')) 2557 { 2558 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2559 } 2560 2561 if($mybb->request_method == "post") 2562 { 2563 $sql_array = implode(",", $selected); 2564 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2565 $to_be_unbanned = $db->num_rows($query); 2566 while($ban = $db->fetch_array($query)) 2567 { 2568 $updated_group = array( 2569 "usergroup" => $ban['oldgroup'], 2570 "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']), 2571 "displaygroup" => $ban['olddisplaygroup'] 2572 ); 2573 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2574 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2575 } 2576 2577 $cache->update_moderators(); 2578 2579 $mybb->input['action'] = "inline_lift"; 2580 log_admin_action($to_be_unbanned); 2581 my_unsetcookie("inlinemod_useracp"); 2582 2583 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2584 flash_message($lang->success_ban_lifted, 'success'); 2585 admin_redirect("index.php?module=user-users".$vid_url); 2586 } 2587 else 2588 { 2589 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2590 } 2591 2592 break; 2593 case 'multiban': 2594 if($mybb->input['processed'] == 1) 2595 { 2596 // We've posted ban information! 2597 // Build an array of users to ban, =D 2598 $sql_array = implode(",", $selected); 2599 // Build a cache array for this users that have been banned already 2600 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2601 while($user = $db->fetch_array($query)) 2602 { 2603 $bannedcache[] = "u_".$user['uid']; 2604 } 2605 2606 // Collect the users 2607 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2608 2609 if($mybb->input['bantime'] == '---') 2610 { 2611 $lifted = 0; 2612 } 2613 else 2614 { 2615 $lifted = ban_date2timestamp($mybb->input['bantime']); 2616 } 2617 2618 $reason = my_substr($mybb->input['reason'], 0, 255); 2619 2620 $banned_count = 0; 2621 while($user = $db->fetch_array($query)) 2622 { 2623 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2624 { 2625 // We remove ourselves and Super Admins from the mix 2626 continue; 2627 } 2628 2629 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2630 { 2631 // User already has a ban, update it! 2632 $update_array = array( 2633 "admin" => (int)$mybb->user['uid'], 2634 "dateline" => TIME_NOW, 2635 "bantime" => $db->escape_string($mybb->input['bantime']), 2636 "lifted" => $db->escape_string($lifted), 2637 "reason" => $db->escape_string($reason) 2638 ); 2639 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2640 } 2641 else 2642 { 2643 // Not currently banned - insert the ban 2644 $insert_array = array( 2645 'uid' => $user['uid'], 2646 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 2647 'oldgroup' => $user['usergroup'], 2648 'oldadditionalgroups' => $db->escape_string($user['additionalgroups']), 2649 'olddisplaygroup' => $user['displaygroup'], 2650 'admin' => (int)$mybb->user['uid'], 2651 'dateline' => TIME_NOW, 2652 'bantime' => $db->escape_string($mybb->input['bantime']), 2653 'lifted' => $db->escape_string($lifted), 2654 'reason' => $db->escape_string($reason) 2655 ); 2656 $db->insert_query('banned', $insert_array); 2657 } 2658 2659 // Moved the user to the 'Banned' Group 2660 $update_array = array( 2661 'usergroup' => 7, 2662 'displaygroup' => 0, 2663 'additionalgroups' => '', 2664 ); 2665 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2666 2667 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2668 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2669 2670 ++$banned_count; 2671 } 2672 $mybb->input['action'] = "inline_banned"; 2673 log_admin_action($banned_count, $lifted); 2674 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2675 2676 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2677 flash_message($lang->users_banned, 'success'); 2678 admin_redirect("index.php?module=user-users".$vid_url); 2679 } 2680 2681 $page->output_header($lang->manage_users); 2682 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2683 2684 // Provide the user with a warning of what they're about to do 2685 $table = new Table; 2686 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2687 $table->construct_cell($lang->mass_ban_info); 2688 $table->construct_row(); 2689 $table->output($lang->important); 2690 2691 // If there's any errors, display inline 2692 if($errors) 2693 { 2694 $page->output_inline_error($errors); 2695 } 2696 2697 $form = new Form("index.php?module=user-users", "post"); 2698 echo $form->generate_hidden_field('action', 'inline_edit'); 2699 echo $form->generate_hidden_field('inline_action', 'multiban'); 2700 echo $form->generate_hidden_field('processed', '1'); 2701 2702 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2703 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason'); 2704 $ban_times = fetch_ban_times(); 2705 foreach($ban_times as $time => $period) 2706 { 2707 if($time != '---') 2708 { 2709 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 2710 $period = "{$period} ({$friendly_time})"; 2711 } 2712 $length_list[$time] = $period; 2713 } 2714 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 2715 $form_container->end(); 2716 2717 $buttons[] = $form->generate_submit_button($lang->ban_users); 2718 $form->output_submit_wrapper($buttons); 2719 $form->end(); 2720 $page->output_footer(); 2721 break; 2722 case 'multidelete': 2723 if($mybb->get_input('no')) 2724 { 2725 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2726 } 2727 else 2728 { 2729 if($mybb->input['processed'] == 1) 2730 { 2731 // Set up user handler. 2732 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2733 $userhandler = new UserDataHandler('delete'); 2734 2735 // Delete users 2736 $deleted = $userhandler->delete_user($selected); 2737 $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users 2738 2739 // Update forum stats, remove the cookie and redirect the user 2740 my_unsetcookie("inlinemod_useracp"); 2741 $mybb->input['action'] = "inline_delete"; 2742 log_admin_action($to_be_deleted); 2743 2744 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2745 2746 $cache->update_awaitingactivation(); 2747 2748 flash_message($lang->users_deleted, 'success'); 2749 admin_redirect("index.php?module=user-users".$vid_url); 2750 } 2751 2752 $to_be_deleted = count($selected); 2753 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2754 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2755 } 2756 break; 2757 case 'multiprune': 2758 if($mybb->input['processed'] == 1) 2759 { 2760 if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set']) 2761 { 2762 $errors[] = $lang->multi_selected_dates; 2763 } 2764 2765 $day = $mybb->get_input('day', MyBB::INPUT_INT); 2766 $month = $mybb->get_input('month', MyBB::INPUT_INT); 2767 $year = $mybb->get_input('year', MyBB::INPUT_INT); 2768 2769 // Selected a date - check if the date the user entered is valid 2770 if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) 2771 { 2772 // Is the date sort of valid? 2773 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2774 { 2775 $errors[] = $lang->incorrect_date; 2776 } 2777 2778 // Check the month 2779 $months = get_bdays($year); 2780 if($day > $months[$month-1]) 2781 { 2782 $errors[] = $lang->incorrect_date; 2783 } 2784 2785 // Check the year 2786 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2787 { 2788 $errors[] = $lang->incorrect_date; 2789 } 2790 2791 if(!$errors) 2792 { 2793 // No errors, so let's continue and set the date to delete from 2794 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2795 } 2796 } 2797 elseif($mybb->input['set'] > 0) 2798 { 2799 // Set options 2800 // For this purpose, 1 month = 31 days 2801 $base_time = 24 * 60 * 60; 2802 2803 switch($mybb->input['set']) 2804 { 2805 case '1': 2806 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2807 break; 2808 case '2': 2809 $threshold = $base_time * 93; // 3 months = 31 days * 3 2810 break; 2811 case '3': 2812 $threshold = $base_time * 183; // 6 months = 365 days / 2 2813 break; 2814 case '4': 2815 $threshold = $base_time * 365; // 1 year = 365 days 2816 break; 2817 case '5': 2818 $threshold = $base_time * 548; // 18 months = 365 + 183 2819 break; 2820 case '6': 2821 $threshold = $base_time * 730; // 2 years = 365 * 2 2822 break; 2823 } 2824 2825 if(!$threshold) 2826 { 2827 // An option was entered that isn't in the dropdown box 2828 $errors[] = $lang->no_set_option; 2829 } 2830 else 2831 { 2832 $date = TIME_NOW - $threshold; 2833 } 2834 } 2835 else 2836 { 2837 $errors[] = $lang->no_prune_option; 2838 } 2839 2840 if(!$errors) 2841 { 2842 $sql_array = implode(",", $selected); 2843 $prune_array = array(); 2844 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2845 while($user = $db->fetch_array($query)) 2846 { 2847 // Protect Super Admins 2848 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2849 { 2850 continue; 2851 } 2852 2853 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2854 if($return_array && is_array($return_array)) 2855 { 2856 $prune_array = array_merge_recursive($prune_array, $return_array); 2857 } 2858 } 2859 2860 $plugins->run_hooks("admin_user_multiprune_threads", $prune_array); 2861 2862 // No posts were found for the user, return error 2863 if(!is_array($prune_array) || count($prune_array) == 0) 2864 { 2865 flash_message($lang->prune_fail, 'error'); 2866 admin_redirect("index.php?module=user-users".$vid_url); 2867 } 2868 2869 // Require the rebuild functions 2870 require_once MYBB_ROOT.'/inc/functions.php'; 2871 require_once MYBB_ROOT.'/inc/functions_rebuild.php'; 2872 2873 // We've finished deleting user's posts, so let's delete the threads 2874 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2875 { 2876 foreach($prune_array['to_delete'] as $tid) 2877 { 2878 $db->delete_query("threads", "tid='$tid'"); 2879 $db->delete_query("threads", "closed='moved|$tid'"); 2880 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2881 $db->delete_query("polls", "tid='$tid'"); 2882 $db->delete_query("threadsread", "tid='$tid'"); 2883 $db->delete_query("threadratings", "tid='$tid'"); 2884 } 2885 } 2886 2887 // After deleting threads, rebuild the thread counters for the affected threads 2888 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2889 { 2890 $sql_array = implode(",", $prune_array['thread_update']); 2891 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2892 while($thread = $db->fetch_array($query)) 2893 { 2894 rebuild_thread_counters($thread['tid']); 2895 } 2896 } 2897 2898 // After updating thread counters, update the affected forum counters 2899 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2900 { 2901 $sql_array = implode(",", $prune_array['forum_update']); 2902 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2903 while($forum = $db->fetch_array($query)) 2904 { 2905 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2906 if($looped_forum == $forum['fid']) 2907 { 2908 continue; 2909 } 2910 $looped_forum = $forum['fid']; 2911 rebuild_forum_counters($forum['fid']); 2912 } 2913 } 2914 2915 //log_admin_action(); 2916 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2917 flash_message($lang->prune_complete, 'success'); 2918 admin_redirect("index.php?module=user-users".$vid_url); 2919 } 2920 } 2921 2922 $page->output_header($lang->manage_users); 2923 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2924 2925 // Display a table warning 2926 $table = new Table; 2927 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2928 $table->construct_cell($lang->mass_prune_info); 2929 $table->construct_row(); 2930 $table->output($lang->important); 2931 2932 if($errors) 2933 { 2934 $page->output_inline_error($errors); 2935 } 2936 2937 // Display the prune options 2938 $form = new Form("index.php?module=user-users", "post"); 2939 echo $form->generate_hidden_field('action', 'inline_edit'); 2940 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2941 echo $form->generate_hidden_field('processed', '1'); 2942 2943 $form_container = new FormContainer($lang->mass_prune_posts); 2944 2945 // Generate a list of days (1 - 31) 2946 $day_options = array(); 2947 $day_options[] = " "; 2948 for($i = 1; $i <= 31; ++$i) 2949 { 2950 $day_options[] = $i; 2951 } 2952 2953 // Generate a list of months (1 - 12) 2954 $month_options = array(); 2955 $month_options[] = " "; 2956 for($i = 1; $i <= 12; ++$i) 2957 { 2958 $string = "month_{$i}"; 2959 $month_options[] = $lang->$string; 2960 } 2961 $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']); 2962 $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']); 2963 $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0)); 2964 2965 $prune_select = $date_box.$month_box.$year_box; 2966 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2967 2968 // Generate the set date box 2969 $set_options = array(); 2970 $set_options[] = $lang->set_an_option; 2971 for($i = 1; $i <= 6; ++$i) 2972 { 2973 $string = "option_{$i}"; 2974 $set_options[] = $lang->$string; 2975 } 2976 2977 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set'); 2978 $form_container->end(); 2979 2980 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2981 $form->output_submit_wrapper($buttons); 2982 $form->end(); 2983 $page->output_footer(); 2984 break; 2985 case 'multiusergroup': 2986 if($mybb->input['processed'] == 1) 2987 { 2988 // Determine additional usergroups 2989 if(is_array($mybb->input['additionalgroups'])) 2990 { 2991 foreach($mybb->input['additionalgroups'] as $key => $gid) 2992 { 2993 if($gid == $mybb->input['usergroup']) 2994 { 2995 unset($mybb->input['additionalgroups'][$key]); 2996 } 2997 } 2998 2999 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 3000 } 3001 else 3002 { 3003 $additionalgroups = ''; 3004 } 3005 3006 // Create an update array 3007 $update_array = array( 3008 "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT), 3009 "additionalgroups" => $additionalgroups, 3010 "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT) 3011 ); 3012 3013 // Create an admin_user_multiusergroup hook array 3014 $hook_params = array( 3015 "selected" => &$selected, 3016 "update_array" => &$update_array 3017 ); 3018 3019 $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params); 3020 3021 // Do the usergroup update for all those selected 3022 // If the a selected user is a super admin, don't update that user 3023 $users_to_update = array(); 3024 foreach($selected as $user) 3025 { 3026 if(!is_super_admin($user)) 3027 { 3028 $users_to_update[] = $user; 3029 } 3030 } 3031 3032 $to_update_count = count($users_to_update); 3033 if($to_update_count > 0) 3034 { 3035 // Update the users in the database 3036 $sql = implode(",", $users_to_update); 3037 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 3038 3039 // Redirect the admin... 3040 $mybb->input['action'] = "inline_usergroup"; 3041 log_admin_action($to_update_count); 3042 my_unsetcookie("inlinemod_useracp"); 3043 flash_message($lang->success_mass_usergroups, 'success'); 3044 admin_redirect("index.php?module=user-users".$vid_url); 3045 } 3046 else 3047 { 3048 // They tried to edit super admins! Uh-oh! 3049 $errors[] = $lang->no_usergroup_changed; 3050 } 3051 } 3052 3053 $page->output_header($lang->manage_users); 3054 $page->output_nav_tabs($sub_tabs, 'manage_users'); 3055 3056 // Display a table warning 3057 $table = new Table; 3058 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 3059 $table->construct_cell($lang->usergroup_info); 3060 $table->construct_row(); 3061 $table->output($lang->important); 3062 3063 if($errors) 3064 { 3065 $page->output_inline_error($errors); 3066 } 3067 3068 // Display the usergroup options 3069 $form = new Form("index.php?module=user-users", "post"); 3070 echo $form->generate_hidden_field('action', 'inline_edit'); 3071 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 3072 echo $form->generate_hidden_field('processed', '1'); 3073 3074 $form_container = new FormContainer($lang->mass_usergroups); 3075 3076 // Usergroups 3077 $display_group_options[0] = $lang->use_primary_user_group; 3078 $options = array(); 3079 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3080 while($usergroup = $db->fetch_array($query)) 3081 { 3082 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3083 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3084 } 3085 3086 if(!is_array($mybb->input['additionalgroups'])) 3087 { 3088 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 3089 } 3090 3091 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 3092 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 3093 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 3094 3095 $form_container->end(); 3096 3097 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 3098 $form->output_submit_wrapper($buttons); 3099 $form->end(); 3100 $page->output_footer(); 3101 break; 3102 } 3103 } 3104 3105 if(!$mybb->input['action']) 3106 { 3107 $plugins->run_hooks("admin_user_users_start"); 3108 3109 $page->output_header($lang->browse_users); 3110 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 3111 3112 $page->output_nav_tabs($sub_tabs, 'browse_users'); 3113 3114 if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) 3115 { 3116 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 3117 unset($admin_view['extra_sql']); 3118 } 3119 else 3120 { 3121 // Showing a specific view 3122 if(isset($mybb->input['vid'])) 3123 { 3124 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 3125 $admin_view = $db->fetch_array($query); 3126 // View does not exist or this view is private and does not belong to the current user 3127 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 3128 { 3129 unset($admin_view); 3130 } 3131 } 3132 3133 // Don't have a view? Fetch the default 3134 if(!isset($admin_view)) 3135 { 3136 $default_view = fetch_default_view("user"); 3137 if(!$default_view) 3138 { 3139 $default_view = "0"; 3140 } 3141 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 3142 $admin_view = $db->fetch_array($query); 3143 } 3144 } 3145 3146 // Fetch a list of all of the views for this user 3147 $popup = new PopupMenu("views", $lang->views); 3148 3149 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 3150 while($view = $db->fetch_array($query)) 3151 { 3152 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 3153 } 3154 $popup->add_item("<em>{$lang->manage_views}</em>&