[ Index ]

PHP Cross Reference of MyBB 1.8.28

title

Body

[close]

/admin/modules/user/ -> users.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  // Disallow direct access to this file for security reasons
  12  if(!defined("IN_MYBB"))
  13  {
  14      die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
  15  }
  16  
  17  require_once  MYBB_ROOT."inc/functions_upload.php";
  18  
  19  $page->add_breadcrumb_item($lang->users, "index.php?module=user-users");
  20  
  21  if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action'])
  22  {
  23      $sub_tabs['browse_users'] = array(
  24          'title' => $lang->browse_users,
  25          'link' => "index.php?module=user-users",
  26          'description' => $lang->browse_users_desc
  27      );
  28  
  29      $sub_tabs['find_users'] = array(
  30          'title' => $lang->find_users,
  31          'link' => "index.php?module=user-users&amp;action=search",
  32          'description' => $lang->find_users_desc
  33      );
  34  
  35      $sub_tabs['create_user'] = array(
  36          'title' => $lang->create_user,
  37          'link' => "index.php?module=user-users&amp;action=add",
  38          'description' => $lang->create_user_desc
  39      );
  40  
  41      $sub_tabs['merge_users'] = array(
  42          'title' => $lang->merge_users,
  43          'link' => "index.php?module=user-users&amp;action=merge",
  44          'description' => $lang->merge_users_desc
  45      );
  46  }
  47  
  48  $user_view_fields = array(
  49      "avatar" => array(
  50          "title" => $lang->avatar,
  51          "width" => "24",
  52          "align" => ""
  53      ),
  54  
  55      "username" => array(
  56          "title" => $lang->username,
  57          "width" => "",
  58          "align" => ""
  59      ),
  60  
  61      "email" => array(
  62          "title" => $lang->email,
  63          "width" => "",
  64          "align" => "center"
  65      ),
  66  
  67      "usergroup" => array(
  68          "title" => $lang->primary_group,
  69          "width" => "",
  70          "align" => "center"
  71      ),
  72  
  73      "additionalgroups" => array(
  74          "title" => $lang->additional_groups,
  75          "width" => "",
  76          "align" => "center"
  77      ),
  78  
  79      "regdate" => array(
  80          "title" => $lang->registered,
  81          "width" => "",
  82          "align" => "center"
  83      ),
  84  
  85      "lastactive" => array(
  86          "title" => $lang->last_active,
  87          "width" => "",
  88          "align" => "center"
  89      ),
  90  
  91      "postnum" => array(
  92          "title" => $lang->post_count,
  93          "width" => "",
  94          "align" => "center"
  95      ),
  96  
  97      "threadnum" => array(
  98          "title" => $lang->thread_count,
  99          "width" => "",
 100          "align" => "center"
 101      ),
 102  
 103      "reputation" => array(
 104          "title" => $lang->reputation,
 105          "width" => "",
 106          "align" => "center"
 107      ),
 108  
 109      "warninglevel" => array(
 110          "title" => $lang->warning_level,
 111          "width" => "",
 112          "align" => "center"
 113      ),
 114  
 115      "regip" => array(
 116          "title" => $lang->registration_ip,
 117          "width" => "",
 118          "align" => "center"
 119      ),
 120  
 121      "lastip" => array(
 122          "title" => $lang->last_known_ip,
 123          "width" => "",
 124          "align" => "center"
 125      ),
 126  
 127      "controls" => array(
 128          "title" => $lang->controls,
 129          "width" => "",
 130          "align" => "center"
 131      )
 132  );
 133  
 134  $sort_options = array(
 135      "username" => $lang->username,
 136      "regdate" => $lang->registration_date,
 137      "lastactive" => $lang->last_active,
 138      "numposts" => $lang->post_count,
 139      "reputation" => $lang->reputation,
 140      "warninglevel" => $lang->warning_level
 141  );
 142  
 143  $plugins->run_hooks("admin_user_users_begin");
 144  
 145  // Initialise the views manager for user based views
 146  require MYBB_ADMIN_DIR."inc/functions_view_manager.php";
 147  if($mybb->input['action'] == "views")
 148  {
 149      view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions");
 150  }
 151  
 152  if($mybb->input['action'] == 'iplookup')
 153  {
 154      $mybb->input['ipaddress'] = $mybb->get_input('ipaddress');
 155      $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress']));
 156      $ipaddress_location = $lang->na;
 157      $ipaddress_host_name = $lang->na;
 158      $modcp_ipsearch_misc_info = '';
 159      if(!strstr($mybb->input['ipaddress'], "*"))
 160      {
 161          // Return GeoIP information if it is available to us
 162          if(function_exists('geoip_record_by_name'))
 163          {
 164              $ip_record = @geoip_record_by_name($mybb->input['ipaddress']);
 165              if($ip_record)
 166              {
 167                  $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name']));
 168                  if($ip_record['city'])
 169                  {
 170                      $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city']));
 171                  }
 172              }
 173          }
 174  
 175          if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP))
 176          {
 177              $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress']));
 178  
 179              // gethostbyaddr returns the same ip on failure
 180              if($ipaddress_host_name == $mybb->input['ipaddress'])
 181              {
 182                  $ipaddress_host_name = $lang->na;
 183              }
 184          }
 185      }
 186  
 187      ?>
 188      <div class="modal">
 189          <div style="overflow-y: auto; max-height: 400px;">
 190  
 191              <?php
 192  
 193              $table = new Table();
 194  
 195              $table->construct_cell($lang->ipaddress_host_name.":");
 196              $table->construct_cell($ipaddress_host_name);
 197              $table->construct_row();
 198  
 199              $table->construct_cell($lang->ipaddress_location.":");
 200              $table->construct_cell($ipaddress_location);
 201              $table->construct_row();
 202  
 203              $table->output($lang->ipaddress_misc_info);
 204  
 205              ?>
 206          </div>
 207      </div>
 208  <?php
 209  }
 210  
 211  if($mybb->input['action'] == "activate_user")
 212  {
 213      if(!verify_post_check($mybb->get_input('my_post_key')))
 214      {
 215          flash_message($lang->invalid_post_verify_key2, 'error');
 216          admin_redirect("index.php?module=user-users");
 217      }
 218  
 219      $user = get_user($mybb->input['uid']);
 220  
 221      // Does the user not exist?
 222      if(!$user['uid'] || $user['usergroup'] != 5)
 223      {
 224          flash_message($lang->error_invalid_user, 'error');
 225          admin_redirect("index.php?module=user-users");
 226      }
 227  
 228      $plugins->run_hooks("admin_user_users_coppa_activate");
 229  
 230      $updated_user['usergroup'] = $user['usergroup'];
 231  
 232      // Update
 233      if($user['coppauser'])
 234      {
 235          $updated_user = array(
 236              "coppauser" => 0
 237          );
 238      }
 239      else
 240      {
 241          $db->delete_query("awaitingactivation", "uid='{$user['uid']}'");
 242      }
 243  
 244      // Move out of awaiting activation if they're in it.
 245      if($user['usergroup'] == 5)
 246      {
 247          $updated_user['usergroup'] = 2;
 248      }
 249  
 250      $plugins->run_hooks("admin_user_users_coppa_activate_commit");
 251  
 252      $db->update_query("users", $updated_user, "uid='{$user['uid']}'");
 253  
 254      $cache->update_awaitingactivation();
 255  
 256      $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
 257      my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
 258  
 259      // Log admin action
 260      log_admin_action($user['uid'], $user['username']);
 261  
 262      if($mybb->input['from'] == "home")
 263      {
 264          if($user['coppauser'])
 265          {
 266              $message = $lang->success_coppa_activated;
 267          }
 268          else
 269          {
 270              $message = $lang->success_activated;
 271          }
 272  
 273          update_admin_session('flash_message2', array('message' => $message, 'type' => 'success'));
 274      }
 275      else
 276      {
 277          if($user['coppauser'])
 278          {
 279              flash_message($lang->success_coppa_activated, 'success');
 280          }
 281          else
 282          {
 283              flash_message($lang->success_activated, 'success');
 284          }
 285      }
 286  
 287      if($admin_session['data']['last_users_url'])
 288      {
 289          $url = $admin_session['data']['last_users_url'];
 290          update_admin_session('last_users_url', '');
 291  
 292          if($mybb->input['from'] == "home")
 293          {
 294              update_admin_session('from', 'home');
 295          }
 296      }
 297      else
 298      {
 299          $url = "index.php?module=user-users&action=edit&uid={$user['uid']}";
 300      }
 301  
 302      $plugins->run_hooks("admin_user_users_coppa_end");
 303  
 304      admin_redirect($url);
 305  }
 306  
 307  if($mybb->input['action'] == "add")
 308  {
 309      $plugins->run_hooks("admin_user_users_add");
 310  
 311      if($mybb->request_method == "post")
 312      {
 313          // Determine the usergroup stuff
 314          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 315          {
 316              foreach($mybb->input['additionalgroups'] as $key => $gid)
 317              {
 318                  if($gid == $mybb->input['usergroup'])
 319                  {
 320                      unset($mybb->input['additionalgroups'][$key]);
 321                  }
 322              }
 323              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 324          }
 325          else
 326          {
 327              $additionalgroups = '';
 328          }
 329  
 330          // Set up user handler.
 331          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 332          $userhandler = new UserDataHandler('insert');
 333  
 334          // Set the data for the new user.
 335          $new_user = array(
 336              "uid" => $mybb->get_input('uid'),
 337              "username" => $mybb->get_input('username'),
 338              "password" => $mybb->get_input('password'),
 339              "password2" => $mybb->get_input('confirm_password'),
 340              "email" => $mybb->get_input('email'),
 341              "email2" => $mybb->get_input('email'),
 342              "usergroup" => $mybb->get_input('usergroup'),
 343              "additionalgroups" => $additionalgroups,
 344              "displaygroup" => $mybb->get_input('displaygroup'),
 345              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 346              "profile_fields_editable" => true,
 347          );
 348  
 349          // Set the data of the user in the datahandler.
 350          $userhandler->set_data($new_user);
 351          $errors = '';
 352  
 353          // Validate the user and get any errors that might have occurred.
 354          if(!$userhandler->validate_user())
 355          {
 356              $errors = $userhandler->get_friendly_errors();
 357          }
 358          else
 359          {
 360              $user_info = $userhandler->insert_user();
 361  
 362              $plugins->run_hooks("admin_user_users_add_commit");
 363  
 364              // Log admin action
 365              log_admin_action($user_info['uid'], $user_info['username']);
 366  
 367              flash_message($lang->success_user_created, 'success');
 368              admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}");
 369          }
 370      }
 371  
 372      // Fetch custom profile fields - only need required profile fields here
 373      $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder'));
 374  
 375      $profile_fields = array(
 376          'required' => array(),
 377          'optional' => array(),
 378      );
 379      while($profile_field = $db->fetch_array($query))
 380      {
 381          $profile_fields['required'][] = $profile_field;
 382      }
 383  
 384      $page->add_breadcrumb_item($lang->create_user);
 385      $page->output_header($lang->create_user);
 386  
 387      $form = new Form("index.php?module=user-users&amp;action=add", "post");
 388  
 389      $page->output_nav_tabs($sub_tabs, 'create_user');
 390  
 391      // If we have any error messages, show them
 392      if($errors)
 393      {
 394          $page->output_inline_error($errors);
 395      }
 396      else
 397      {
 398          $mybb->input = array_merge($mybb->input, array('usergroup' => 2));
 399      }
 400  
 401      $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
 402  
 403      $form_container = new FormContainer($lang->required_profile_info);
 404      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username');
 405      $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password');
 406      $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password');
 407      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email');
 408  
 409      $display_group_options[0] = $lang->use_primary_user_group;
 410      $options = array();
 411      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
 412      while($usergroup = $db->fetch_array($query))
 413      {
 414          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 415          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 416      }
 417  
 418      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
 419      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
 420      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
 421  
 422      // Output custom profile fields - required
 423      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
 424  
 425      $form_container->end();
 426      $buttons[] = $form->generate_submit_button($lang->save_user);
 427      $form->output_submit_wrapper($buttons);
 428  
 429      $form->end();
 430      $page->output_footer();
 431  }
 432  
 433  if($mybb->input['action'] == "edit")
 434  {
 435      $user = get_user($mybb->input['uid']);
 436  
 437      // Does the user not exist?
 438      if(!$user['uid'])
 439      {
 440          flash_message($lang->error_invalid_user, 'error');
 441          admin_redirect("index.php?module=user-users");
 442      }
 443  
 444      $plugins->run_hooks("admin_user_users_edit");
 445  
 446      if($mybb->request_method == "post")
 447      {
 448          $plugins->run_hooks("admin_user_users_edit_start");
 449          if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
 450          {
 451              flash_message($lang->error_no_perms_super_admin, 'error');
 452              admin_redirect("index.php?module=user-users");
 453          }
 454  
 455          // Determine the usergroup stuff
 456          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 457          {
 458              foreach($mybb->input['additionalgroups'] as $key => $gid)
 459              {
 460                  if($gid == $mybb->input['usergroup'])
 461                  {
 462                      unset($mybb->input['additionalgroups'][$key]);
 463                  }
 464              }
 465              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 466          }
 467          else
 468          {
 469              $additionalgroups = '';
 470          }
 471  
 472          $returndate = "";
 473          if(!empty($mybb->input['away_day']))
 474          {
 475              $awaydate = TIME_NOW;
 476              // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
 477              if(!$mybb->input['away_month'])
 478              {
 479                  $mybb->input['away_month'] = my_date('n', $awaydate);
 480              }
 481              if(!$mybb->input['away_year'])
 482              {
 483                  $mybb->input['away_year'] = my_date('Y', $awaydate);
 484              }
 485  
 486              $return_month = (int)substr($mybb->input['away_month'], 0, 2);
 487              $return_day = (int)substr($mybb->input['away_day'], 0, 2);
 488              $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999);
 489  
 490              // Check if return date is after the away date.
 491              $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year);
 492              $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
 493              if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
 494              {
 495                  $away_in_past = true;
 496              }
 497  
 498              $returndate = "{$return_day}-{$return_month}-{$return_year}";
 499          }
 500  
 501          // Set up user handler.
 502          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 503          $userhandler = new UserDataHandler('update');
 504  
 505          // Set the data for the new user.
 506          $updated_user = array(
 507              "uid" => $mybb->get_input('uid'),
 508              "username" => $mybb->get_input('username'),
 509              "email" => $mybb->get_input('email'),
 510              "email2" => $mybb->get_input('email'),
 511              "usergroup" => $mybb->get_input('usergroup'),
 512              "additionalgroups" => $additionalgroups,
 513              "displaygroup" => $mybb->get_input('displaygroup'),
 514              "postnum" => $mybb->get_input('postnum'),
 515              "threadnum" => $mybb->get_input('threadnum'),
 516              "usertitle" => $mybb->get_input('usertitle'),
 517              "timezone" => $mybb->get_input('timezone'),
 518              "language" => $mybb->get_input('language'),
 519              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 520              "profile_fields_editable" => true,
 521              "website" => $mybb->get_input('website'),
 522              "icq" => $mybb->get_input('icq'),
 523              "skype" => $mybb->get_input('skype'),
 524              "google" => $mybb->get_input('google'),
 525              "birthday" => array(
 526                  "day" => $mybb->get_input('bday1'),
 527                  "month" => $mybb->get_input('bday2'),
 528                  "year" => $mybb->get_input('bday3')
 529              ),
 530              "style" => $mybb->get_input('style'),
 531              "signature" => $mybb->get_input('signature'),
 532              "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
 533              "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT),
 534              "usernotes" => $mybb->get_input('usernotes'),
 535              "away" => array(
 536                  "away" => $mybb->get_input('away'),
 537                  "date" => TIME_NOW,
 538                  "returndate" => $returndate,
 539                  "awayreason" => $mybb->get_input('awayreason')
 540              )
 541          );
 542  
 543          if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5)
 544          {
 545              if($user['coppauser'] == 1)
 546              {
 547                  $updated_user['coppa_user'] = 0;
 548              }
 549          }
 550          if($mybb->get_input('new_password'))
 551          {
 552              $updated_user['password'] = $mybb->get_input('new_password');
 553              $updated_user['password2'] = $mybb->get_input('confirm_new_password');
 554          }
 555  
 556          $updated_user['options'] = array(
 557              "allownotices" => $mybb->get_input('allownotices'),
 558              "hideemail" => $mybb->get_input('hideemail'),
 559              "subscriptionmethod" => $mybb->get_input('subscriptionmethod'),
 560              "invisible" => $mybb->get_input('invisible'),
 561              "dstcorrection" => $mybb->get_input('dstcorrection'),
 562              "threadmode" => $mybb->get_input('threadmode'),
 563              "classicpostbit" => $mybb->get_input('classicpostbit'),
 564              "showimages" => $mybb->get_input('showimages'),
 565              "showvideos" => $mybb->get_input('showvideos'),
 566              "showsigs" => $mybb->get_input('showsigs'),
 567              "showavatars" => $mybb->get_input('showavatars'),
 568              "showquickreply" => $mybb->get_input('showquickreply'),
 569              "receivepms" => $mybb->get_input('receivepms'),
 570              "receivefrombuddy" => $mybb->get_input('receivefrombuddy'),
 571              "pmnotice" => $mybb->get_input('pmnotice'),
 572              "daysprune" => $mybb->get_input('daysprune'),
 573              "showcodebuttons" => $mybb->get_input('showcodebuttons'),
 574              "sourceeditor" => $mybb->get_input('sourceeditor'),
 575              "pmnotify" => $mybb->get_input('pmnotify'),
 576              "buddyrequestspm" => $mybb->get_input('buddyrequestspm'),
 577              "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'),
 578              "showredirect" => $mybb->get_input('showredirect')
 579          );
 580  
 581          if($mybb->settings['usertppoptions'])
 582          {
 583              $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
 584          }
 585  
 586          if($mybb->settings['userpppoptions'])
 587          {
 588              $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);
 589          }
 590  
 591          // Set the data of the user in the datahandler.
 592          $userhandler->set_data($updated_user);
 593          $errors = '';
 594  
 595          // Validate the user and get any errors that might have occurred.
 596          if(!$userhandler->validate_user())
 597          {
 598              $errors = $userhandler->get_friendly_errors();
 599          }
 600          else
 601          {
 602              // Are we removing an avatar from this user?
 603              if($mybb->get_input('remove_avatar'))
 604              {
 605                  $extra_user_updates = array(
 606                      "avatar" => "",
 607                      "avatardimensions" => "",
 608                      "avatartype" => ""
 609                  );
 610                  remove_avatars($user['uid']);
 611              }
 612  
 613              // Are we uploading a new avatar?
 614              if($_FILES['avatar_upload']['name'])
 615              {
 616                  $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']);
 617                  if($avatar['error'])
 618                  {
 619                      $errors = array($avatar['error']);
 620                  }
 621                  else
 622                  {
 623                      if($avatar['width'] > 0 && $avatar['height'] > 0)
 624                      {
 625                          $avatar_dimensions = $avatar['width']."|".$avatar['height'];
 626                      }
 627                      $extra_user_updates = array(
 628                          "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW,
 629                          "avatardimensions" => $avatar_dimensions,
 630                          "avatartype" => "upload"
 631                      );
 632                  }
 633              }
 634              // Are we setting a new avatar from a URL?
 635              else if($mybb->input['avatar_url'] && $mybb->input['avatar_url'] != $user['avatar'])
 636              {
 637                  if(!$mybb->settings['allowremoteavatars'])
 638                  {
 639                      $errors = array($lang->error_remote_avatar_not_allowed);
 640                  }
 641                  else
 642                  {
 643                      if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false)
 644                      {
 645                          // Gravatar
 646                          $email = md5(strtolower(trim($mybb->input['avatar_url'])));
 647  
 648                          $s = '';
 649                          if(!$mybb->settings['maxavatardims'])
 650                          {
 651                              $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits
 652                          }
 653  
 654                          // Because Gravatars are square, hijack the width
 655                          list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 656  
 657                          $s = "?s={$maxwidth}";
 658                          $maxheight = (int)$maxwidth;
 659  
 660                          $extra_user_updates = array(
 661                              "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",
 662                              "avatardimensions" => "{$maxheight}|{$maxheight}",
 663                              "avatartype" => "gravatar"
 664                          );
 665                      }
 666                      else
 667                      {
 668                          $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']);
 669                          $ext = get_extension($mybb->input['avatar_url']);
 670  
 671                          // Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
 672                          $file = fetch_remote_file($mybb->input['avatar_url']);
 673                          if(!$file)
 674                          {
 675                              $avatar_error = $lang->error_invalidavatarurl;
 676                          }
 677                          else
 678                          {
 679                              $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str());
 680                              $fp = @fopen($tmp_name, "wb");
 681                              if(!$fp)
 682                              {
 683                                  $avatar_error = $lang->error_invalidavatarurl;
 684                              }
 685                              else
 686                              {
 687                                  fwrite($fp, $file);
 688                                  fclose($fp);
 689                                  list($width, $height, $type) = @getimagesize($tmp_name);
 690                                  @unlink($tmp_name);
 691                                  echo $type;
 692                                  if(!$type)
 693                                  {
 694                                      $avatar_error = $lang->error_invalidavatarurl;
 695                                  }
 696                              }
 697                          }
 698  
 699                          if(empty($avatar_error))
 700                          {
 701                              if($width && $height && $mybb->settings['maxavatardims'] != "")
 702                              {
 703                                  list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 704                                  if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
 705                                  {
 706                                      $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
 707                                      $avatar_error = $lang->error_avatartoobig;
 708                                  }
 709                              }
 710                          }
 711  
 712                          if(empty($avatar_error))
 713                          {
 714                              if($width > 0 && $height > 0)
 715                              {
 716                                  $avatar_dimensions = (int)$width."|".(int)$height;
 717                              }
 718                              $extra_user_updates = array(
 719                                  "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW),
 720                                  "avatardimensions" => $avatar_dimensions,
 721                                  "avatartype" => "remote"
 722                              );
 723                              remove_avatars($user['uid']);
 724                          }
 725                          else
 726                          {
 727                              $errors = array($avatar_error);
 728                          }
 729                      }
 730                  }
 731              }
 732  
 733              // Moderator "Options" (suspend signature, suspend/moderate posting)
 734              $moderator_options = array(
 735                  1 => array(
 736                      "action" => "suspendsignature", // The moderator action we're performing
 737                      "period" => "action_period", // The time period we've selected from the dropdown box
 738                      "time" => "action_time", // The time we've entered
 739                      "update_field" => "suspendsignature", // The field in the database to update if true
 740                      "update_length" => "suspendsigtime" // The length of suspension field in the database
 741                  ),
 742                  2 => array(
 743                      "action" => "moderateposting",
 744                      "period" => "modpost_period",
 745                      "time" => "modpost_time",
 746                      "update_field" => "moderateposts",
 747                      "update_length" => "moderationtime"
 748                  ),
 749                  3 => array(
 750                      "action" => "suspendposting",
 751                      "period" => "suspost_period",
 752                      "time" => "suspost_time",
 753                      "update_field" => "suspendposting",
 754                      "update_length" => "suspensiontime"
 755                  )
 756              );
 757  
 758              require_once  MYBB_ROOT."inc/functions_warnings.php";
 759              foreach($moderator_options as $option)
 760              {
 761                  if(empty($mybb->input[$option['action']]))
 762                  {
 763                      if($user[$option['update_field']] == 1)
 764                      {
 765                          // We're revoking the suspension
 766                          $extra_user_updates[$option['update_field']] = 0;
 767                          $extra_user_updates[$option['update_length']] = 0;
 768                      }
 769  
 770                      // Skip this option if we haven't selected it
 771                      continue;
 772                  }
 773                  else
 774                  {
 775                      if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1)
 776                      {
 777                          // User has selected a type of ban, but not entered a valid time frame
 778                          $string = $option['action']."_error";
 779                          $errors[] = $lang->$string;
 780                      }
 781  
 782                      if(!is_array($errors))
 783                      {
 784                          $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]);
 785  
 786                          if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never"))
 787                          {
 788                              // We already have a suspension, but entered a new time
 789                              if($suspend_length == "-1")
 790                              {
 791                                  // Permanent ban on action
 792                                  $extra_user_updates[$option['update_length']] = 0;
 793                              }
 794                              elseif($suspend_length && $suspend_length != "-1")
 795                              {
 796                                  // Temporary ban on action
 797                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 798                              }
 799                          }
 800                          elseif(!$user[$option['update_field']])
 801                          {
 802                              // New suspension for this user... bad user!
 803                              $extra_user_updates[$option['update_field']] = 1;
 804                              if($suspend_length == "-1")
 805                              {
 806                                  $extra_user_updates[$option['update_length']] = 0;
 807                              }
 808                              else
 809                              {
 810                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 811                              }
 812                          }
 813                      }
 814                  }
 815              }
 816  
 817              if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting']))
 818              {
 819                  $errors[] = $lang->suspendmoderate_error;
 820              }
 821  
 822              if(isset($away_in_past))
 823              {
 824                  $errors[] = $lang->error_acp_return_date_past;
 825              }
 826  
 827              if(!$errors)
 828              {
 829                  $user_info = $userhandler->update_user();
 830  
 831                  $plugins->run_hooks("admin_user_users_edit_commit_start");
 832  
 833                  if(!empty($extra_user_updates))
 834                  {
 835                      $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'");
 836                  }
 837  
 838                  // if we're updating the user's signature preferences, do so now
 839                  if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable')
 840                  {
 841                      $update_signature = array(
 842                          'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0)
 843                      );
 844                      $db->update_query("posts", $update_signature, "uid='{$user['uid']}'");
 845                  }
 846  
 847                  $plugins->run_hooks("admin_user_users_edit_commit");
 848  
 849                  if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5)
 850                  {
 851                      $cache->update_awaitingactivation();
 852                  }
 853  
 854                  // Log admin action
 855                  log_admin_action($user['uid'], $mybb->input['username']);
 856  
 857                  flash_message($lang->success_user_updated, 'success');
 858                  admin_redirect("index.php?module=user-users");
 859              }
 860              $plugins->run_hooks("admin_user_users_edit_end");
 861          }
 862      }
 863  
 864      if(!$errors)
 865      {
 866          $user['usertitle'] = htmlspecialchars_decode($user['usertitle']);
 867          $mybb->input = array_merge($mybb->input, $user);
 868  
 869          $options = array(
 870              'bday1', 'bday2', 'bday3',
 871              'new_password', 'confirm_new_password',
 872              'action_time', 'action_period',
 873              'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time'
 874          );
 875  
 876          foreach($options as $option)
 877          {
 878              if(!isset($input_user[$option]))
 879              {
 880                  $mybb->input[$option] = '';
 881              }
 882          }
 883  
 884          // We need to fetch this users profile field values
 885          $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'");
 886          $mybb->input['profile_fields'] = $db->fetch_array($query);
 887      }
 888  
 889      if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3'])
 890      {
 891          $mybb->input['bday'][0] = $mybb->input['bday1'];
 892          $mybb->input['bday'][1] = $mybb->input['bday2'];
 893          $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT);
 894      }
 895      else
 896      {
 897          $mybb->input['bday'] = array(0, 0, '');
 898  
 899          if($user['birthday'])
 900          {
 901              $mybb->input['bday'] = explode('-', $user['birthday']);
 902          }
 903      }
 904  
 905      if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year'))
 906      {
 907          $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT);
 908      }
 909      else
 910      {
 911          $mybb->input['away_day'] = 0;
 912          $mybb->input['away_month'] = 0;
 913          $mybb->input['away_year'] = '';
 914  
 915          if($user['returndate'])
 916          {
 917              list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']);
 918          }
 919      }
 920  
 921      // Fetch custom profile fields
 922      $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
 923  
 924      $profile_fields = array(
 925          'required' => array(),
 926          'optional' => array(),
 927      );
 928      while($profile_field = $db->fetch_array($query))
 929      {
 930          if($profile_field['required'] == 1)
 931          {
 932              $profile_fields['required'][] = $profile_field;
 933          }
 934          else
 935          {
 936              $profile_fields['optional'][] = $profile_field;
 937          }
 938      }
 939  
 940      $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username']));
 941  
 942      $page->extra_header .= <<<EOF
 943  
 944      <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" />
 945      <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1822"></script>
 946      <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1827"></script>
 947      <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1805"></script>
 948  EOF;
 949      $page->output_header($lang->edit_user);
 950  
 951      $sub_tabs['edit_user'] = array(
 952          'title' => $lang->edit_user,
 953          'description' => $lang->edit_user_desc
 954      );
 955  
 956      $form = new Form("index.php?module=user-users&amp;action=edit&amp;uid={$user['uid']}", "post", "", 1);
 957  
 958      $page->output_nav_tabs($sub_tabs, 'edit_user');
 959  
 960      // If we have any error messages, show them
 961      if($errors)
 962      {
 963          $page->output_inline_error($errors);
 964      }
 965  
 966      // Is this user a COPPA user? We show a warning & activate link
 967      if($user['coppauser'])
 968      {
 969          echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code);
 970      }
 971  
 972      $tabs = array(
 973          "overview" => $lang->overview,
 974          "profile" => $lang->profile,
 975          "settings" => $lang->account_settings,
 976          "signature" => $lang->signature,
 977          "avatar" => $lang->avatar,
 978          "modoptions" => $lang->mod_options
 979      );
 980      $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs);
 981      $page->output_tab_control($tabs);
 982  
 983      //
 984      // OVERVIEW
 985      //
 986      echo "<div id=\"tab_overview\">\n";
 987      $table = new Table;
 988      $table->construct_header($lang->avatar, array('class' => 'align_center'));
 989      $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center'));
 990  
 991      // Avatar
 992      $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']);
 993      if($user['avatardimensions'])
 994      {
 995          require_once  MYBB_ROOT."inc/functions_image.php";
 996          list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']);
 997          $scaled_dimensions = scale_image($width, $height, 120, 120);
 998      }
 999      else
1000      {
1001          $scaled_dimensions = array(
1002              "width" => 120,
1003              "height" => 120
1004          );
1005      }
1006      if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars']))
1007      {
1008          if(!my_validate_url($user['avatar']))
1009          {
1010              $avatar = format_avatar($user['avatar'], $user['avatardimensions']);
1011              $user['avatar'] = $avatar['image'];
1012          }
1013      }
1014      else
1015      {
1016          if(my_validate_url($mybb->settings['useravatar']))
1017          {
1018              $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1019          }
1020          else
1021          {
1022              $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1023          }
1024      }
1025      $avatar_top = ceil((126-$scaled_dimensions['height'])/2);
1026      $last_seen = max(array($user['lastactive'], $user['lastvisit']));
1027      if(!empty($last_seen))
1028      {
1029          $last_active = my_date('relative', $last_seen);
1030      }
1031      else
1032      {
1033          $last_active = $lang->never;
1034      }
1035      $reg_date = my_date('relative', $user['regdate']);
1036      if($user['dst'] == 1)
1037      {
1038          $timezone = (float)$user['timezone']+1;
1039      }
1040      else
1041      {
1042          $timezone = (float)$user['timezone'];
1043      }
1044      $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600));
1045      $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600));
1046  
1047      $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time);
1048      $days_registered = (TIME_NOW - $user['regdate']) / (24*3600);
1049      $posts_per_day = 0;
1050      if($days_registered > 0)
1051      {
1052          $posts_per_day = round($user['postnum'] / $days_registered, 2);
1053          if($posts_per_day > $user['postnum'])
1054          {
1055              $posts_per_day = $user['postnum'];
1056          }
1057      }
1058      $posts_per_day = my_number_format($posts_per_day);
1059  
1060      $stats = $cache->read("stats");
1061      $posts = $stats['numposts'];
1062      if($posts == 0)
1063      {
1064          $percent_posts = "0";
1065      }
1066      else
1067      {
1068          $percent_posts = round($user['postnum']*100/$posts, 2);
1069      }
1070  
1071      $user_permissions = user_permissions($user['uid']);
1072  
1073      // Fetch the reputation for this user
1074      if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
1075      {
1076          $reputation = get_reputation($user['reputation']);
1077      }
1078      else
1079      {
1080          $reputation = "-";
1081      }
1082  
1083      if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0)
1084      {
1085          if($mybb->settings['maxwarningpoints'] < 1)
1086          {
1087              $mybb->settings['maxwarningpoints'] = 10;
1088          }
1089  
1090          $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
1091          if($warning_level > 100)
1092          {
1093              $warning_level = 100;
1094          }
1095          $warning_level = get_colored_warning_level($warning_level);
1096      }
1097  
1098      $age = $lang->na;
1099      if($user['birthday'])
1100      {
1101          $age = get_age($user['birthday']);
1102      }
1103  
1104      $postnum = my_number_format($user['postnum']);
1105  
1106      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1));
1107      $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>");
1108      $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}");
1109      $table->construct_row();
1110      $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}");
1111      $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}");
1112      $table->construct_row();
1113      $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}");
1114      $table->construct_cell("<strong>{$lang->age}:</strong> {$age}");
1115      $table->construct_row();
1116      $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}");
1117      $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}");
1118      $table->construct_row();
1119      $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}");
1120      $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}");
1121      $table->construct_row();
1122      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip'])));
1123      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip'])));
1124      $table->construct_row();
1125  
1126      $username = htmlspecialchars_uni($user['username']);
1127      $table->output("{$lang->user_overview}: {$username}");
1128      $plugins->run_hooks("admin_user_users_edit_overview");
1129      echo "</div>\n";
1130  
1131      //
1132      // PROFILE
1133      //
1134      echo "<div id=\"tab_profile\">\n";
1135  
1136      $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username']));
1137      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username');
1138      $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password');
1139      $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password');
1140      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email');
1141  
1142      $display_group_options[0] = $lang->use_primary_user_group;
1143      $options = array();
1144      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
1145      while($usergroup = $db->fetch_array($query))
1146      {
1147          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1148          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1149      }
1150  
1151      if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups']))
1152      {
1153          $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']);
1154      }
1155  
1156      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
1157      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
1158      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
1159      $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum');
1160      $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum');
1161  
1162      // Output custom profile fields - required
1163      if(!isset($profile_fields['required']))
1164      {
1165          $profile_fields['required'] = array();
1166      }
1167      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
1168  
1169      $form_container->end();
1170  
1171      $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username']));
1172      $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle');
1173      $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website');
1174      $form_container->output_row($lang->icq_number, "", $form->generate_numeric_field('icq', $mybb->get_input('icq'), array('id' => 'icq', 'min' => 0)), 'icq');
1175      $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype');
1176      $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google');
1177  
1178      // Birthday
1179      $birthday_days = array(0 => '');
1180      for($i = 1; $i <= 31; $i++)
1181      {
1182          $birthday_days[$i] = $i;
1183      }
1184  
1185      $birthday_months = array(
1186          0 => '',
1187          1 => $lang->january,
1188          2 => $lang->february,
1189          3 => $lang->march,
1190          4 => $lang->april,
1191          5 => $lang->may,
1192          6 => $lang->june,
1193          7 => $lang->july,
1194          8 => $lang->august,
1195          9 => $lang->september,
1196          10 => $lang->october,
1197          11 => $lang->november,
1198          12 => $lang->december
1199      );
1200  
1201      $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day'));
1202      $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month'));
1203      $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0));
1204  
1205      $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday');
1206  
1207      // Output custom profile fields - optional
1208      output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form);
1209  
1210      $form_container->end();
1211  
1212  
1213      if($mybb->settings['allowaway'] != 0)
1214      {
1215          $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username']));
1216          $awaycheck = array(false, true);
1217          if($mybb->input['away'] == 1)
1218          {
1219              $awaycheck = array(true, false);
1220          }
1221          $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away');
1222          $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason');
1223  
1224          //Return date (we can use the arrays from birthday)
1225          $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day'));
1226          $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month'));
1227          $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0));
1228  
1229          $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date');
1230  
1231          $form_container->end();
1232      }
1233  
1234      $plugins->run_hooks("admin_user_users_edit_profile");
1235      echo "</div>\n";
1236  
1237      //
1238      // ACCOUNT SETTINGS
1239      //
1240  
1241      echo "<div id=\"tab_settings\">\n";
1242      $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username']));
1243      $login_options = array(
1244          $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))),
1245      );
1246      $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>");
1247  
1248      if($mybb->get_input('pmnotice') > 1)
1249      {
1250          $mybb->input['pmnotice'] = 1;
1251      }
1252  
1253      $messaging_options = array(
1254          $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))),
1255          $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))),
1256          $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))),
1257          $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))),
1258          $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))),
1259          $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))),
1260          $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))),
1261          $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))),
1262          "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod'))
1263      );
1264  
1265      // Allow plugins to add messaging options
1266      $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options);
1267  
1268      // Output messaging options
1269      $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>");
1270  
1271      $date_format_options = array($lang->use_default);
1272      foreach($date_formats as $key => $format)
1273      {
1274          $date_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1275      }
1276  
1277      $time_format_options = array($lang->use_default);
1278      foreach($time_formats as $key => $format)
1279      {
1280          $time_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1281      }
1282  
1283      $date_options = array(
1284          "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')),
1285          "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')),
1286          "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')),
1287          "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection'))
1288      );
1289  
1290      // Allow plugins to add date options
1291      $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options);
1292  
1293      // Output date options
1294      $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>");
1295  
1296  
1297      $tpp_options = array($lang->use_default);
1298      if($mybb->settings['usertppoptions'])
1299      {
1300          $explodedtpp = explode(",", $mybb->settings['usertppoptions']);
1301          if(is_array($explodedtpp))
1302          {
1303              foreach($explodedtpp as $tpp)
1304              {
1305                  if($tpp <= 0) continue;
1306                  $tpp_options[$tpp] = $tpp;
1307              }
1308          }
1309      }
1310  
1311      $thread_age_options = array(
1312          0 => $lang->use_default,
1313          1 => $lang->show_threads_last_day,
1314          5 => $lang->show_threads_last_5_days,
1315          10 => $lang->show_threads_last_10_days,
1316          20 => $lang->show_threads_last_20_days,
1317          50 => $lang->show_threads_last_50_days,
1318          75 => $lang->show_threads_last_75_days,
1319          100 => $lang->show_threads_last_100_days,
1320          365 => $lang->show_threads_last_year,
1321          9999 => $lang->show_all_threads
1322      );
1323  
1324      $forum_options = array(
1325          "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')),
1326          "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune'))
1327      );
1328  
1329      // Allow plugins to add forum options
1330      $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options);
1331  
1332      // Output forum options
1333      $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>");
1334  
1335      $ppp_options = array($lang->use_default);
1336      if($mybb->settings['userpppoptions'])
1337      {
1338          $explodedppp = explode(",", $mybb->settings['userpppoptions']);
1339          if(is_array($explodedppp))
1340          {
1341              foreach($explodedppp as $ppp)
1342              {
1343                  if($ppp <= 0) continue;
1344                  $ppp_options[$ppp] = $ppp;
1345              }
1346          }
1347      }
1348  
1349      $thread_options = array(
1350          $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))),
1351          $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))),
1352          $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))),
1353          $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))),
1354          $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))),
1355          $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))),
1356          "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')),
1357          "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode'))
1358      );
1359  
1360      // Allow plugins to add thread options
1361      $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options);
1362  
1363      // Output thread options
1364      $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>");
1365  
1366      $languages = array_merge(array('' => $lang->use_default), $lang->get_languages());
1367  
1368      $other_options = array(
1369          $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))),
1370          $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))),
1371          $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))),
1372          "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true),
1373          "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language'))
1374      );
1375  
1376      // Allow plugins to add other options
1377      $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options);
1378  
1379      // Output other options
1380      $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>");
1381  
1382      $form_container->end();
1383      $plugins->run_hooks("admin_user_users_edit_settings");
1384      echo "</div>\n";
1385  
1386      //
1387      // SIGNATURE EDITOR
1388      //
1389      $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%'));
1390      $sig_smilies = $lang->off;
1391      if($mybb->settings['sigsmilies'] == 1)
1392      {
1393          $sig_smilies = $lang->on;
1394      }
1395      $sig_mycode = $lang->off;
1396      if($mybb->settings['sigmycode'] == 1)
1397      {
1398          $sig_mycode = $lang->on;
1399          $signature_editor .= build_mycode_inserter("signature");
1400      }
1401      $sig_html = $lang->off;
1402      if($mybb->settings['sightml'] == 1)
1403      {
1404          $sig_html = $lang->on;
1405      }
1406      $sig_imgcode = $lang->off;
1407      if($mybb->settings['sigimgcode'] == 1)
1408      {
1409          $sig_imgcode = $lang->on;
1410      }
1411      echo "<div id=\"tab_signature\">\n";
1412      $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username']));
1413      $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature');
1414  
1415      $periods = array(
1416          "hours" => $lang->expire_hours,
1417          "days" => $lang->expire_days,
1418          "weeks" => $lang->expire_weeks,
1419          "months" => $lang->expire_months,
1420          "never" => $lang->expire_permanent
1421      );
1422  
1423      // Are we already suspending the signature?
1424      if($mybb->get_input('suspendsignature'))
1425      {
1426          $sig_checked = 1;
1427  
1428          // Display how much time is left on the ban for the user to extend it
1429          if($user['suspendsigtime'] == "0")
1430          {
1431              // Permanent
1432              $lang->suspend_expire_info = $lang->suspend_sig_perm;
1433          }
1434          else
1435          {
1436              // There's a limit to the suspension!
1437              $remaining = $user['suspendsigtime']-TIME_NOW;
1438              $expired = nice_time($remaining, array('seconds' => false));
1439  
1440              $color = 'inherit';
1441              if($remaining < 3600)
1442              {
1443                  $color = 'red';
1444              }
1445              elseif($remaining < 86400)
1446              {
1447                  $color = 'maroon';
1448              }
1449              elseif($remaining < 604800)
1450              {
1451                  $color = 'green';
1452              }
1453  
1454              $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color);
1455          }
1456          $user_suspend_info = '
1457                  <tr>
1458                      <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td>
1459                  </tr>';
1460      }
1461      else
1462      {
1463          $sig_checked = 0;
1464          $user_suspend_info = '';
1465      }
1466  
1467      $actions = '
1468      <script type="text/javascript">
1469      <!--
1470          var sig_checked = "'.$sig_checked.'";
1471  
1472  		function toggleAction()
1473          {
1474              if($("#suspend_action").is(\':visible\'))
1475              {
1476                  $("#suspend_action").hide();
1477              }
1478              else
1479              {
1480                  $("#suspend_action").show();
1481              }
1482          }
1483      // -->
1484      </script>
1485  
1486      <dl style="margin-top: 0; margin-bottom: 0; width: 100%;">
1487          <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt>
1488          <dd style="margin-top: 4px;" id="suspend_action" class="actions">
1489              <table cellpadding="4">'.$user_suspend_info.'
1490                  <tr>
1491                      <td width="30%"><small>'.$lang->expire_length.'</small></td>
1492                      <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td>
1493                  </tr>
1494              </table>
1495          </dd>
1496      </dl>
1497  
1498      <script type="text/javascript">
1499      <!--
1500          if(sig_checked == 0)
1501          {
1502              $("#suspend_action").hide();
1503          }
1504      // -->
1505      </script>';
1506  
1507      $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions);
1508  
1509      $signature_options = array(
1510          $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)),
1511          $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)),
1512          $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1))
1513      );
1514  
1515      $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options));
1516  
1517      $form_container->end();
1518      $plugins->run_hooks("admin_user_users_edit_signatur");
1519      echo "</div>\n";
1520  
1521      //
1522      // AVATAR MANAGER
1523      //
1524      echo "<div id=\"tab_avatar\">\n";
1525      $table = new Table;
1526      $table->construct_header($lang->current_avatar, array('colspan' => 2));
1527  
1528      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1));
1529  
1530      $avatar_url = '';
1531      if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath']))
1532      {
1533          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>";
1534      }
1535      elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar']))
1536      {
1537          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>";
1538          $avatar_url = $user['avatar'];
1539      }
1540  
1541      if($errors)
1542      {
1543          $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']);
1544      }
1545  
1546      if($mybb->settings['maxavatardims'] != "")
1547      {
1548          list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
1549          $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}";
1550      }
1551  
1552      if($mybb->settings['avatarsize'])
1553      {
1554          $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024);
1555          $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}";
1556      }
1557  
1558      if($user['avatar'])
1559      {
1560          $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>");
1561      }
1562  
1563      $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>");
1564      $table->construct_row();
1565  
1566      $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username']));
1567  
1568      // Custom avatar
1569      if($mybb->settings['avatarresizing'] == "auto")
1570      {
1571          $auto_resize = $lang->avatar_auto_resize;
1572      }
1573      else if($mybb->settings['avatarresizing'] == "user")
1574      {
1575          $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>";
1576      }
1577      $form_container = new FormContainer($lang->specify_custom_avatar);
1578      $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload');
1579      if($mybb->settings['allowremoteavatars'])
1580      {
1581          $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url');
1582      }
1583      $form_container->end();
1584      $plugins->run_hooks("admin_user_users_edit_avatar");
1585      echo "</div>\n";
1586  
1587      //
1588      // MODERATOR OPTIONS
1589      //
1590      $periods = array(
1591          "hours" => $lang->expire_hours,
1592          "days" => $lang->expire_days,
1593          "weeks" => $lang->expire_weeks,
1594          "months" => $lang->expire_months,
1595          "never" => $lang->expire_permanent
1596      );
1597  
1598      echo "<div id=\"tab_modoptions\">\n";
1599      $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username']));
1600      $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes');
1601  
1602      // Mod posts
1603      // Generate check box
1604      $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period'));
1605  
1606      // Do we have any existing suspensions here?
1607      $existing_info = '';
1608      if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors)))
1609      {
1610          $mybb->input['moderateposting'] = 1;
1611          if($user['moderationtime'] != 0)
1612          {
1613              $remaining = $user['moderationtime']-TIME_NOW;
1614              $expired = nice_time($remaining, array('seconds' => false));
1615  
1616              $color = 'inherit';
1617              if($remaining < 3600)
1618              {
1619                  $color = 'red';
1620              }
1621              elseif($remaining < 86400)
1622              {
1623                  $color = 'maroon';
1624              }
1625              elseif($remaining < 604800)
1626              {
1627                  $color = 'green';
1628              }
1629  
1630              $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color);
1631          }
1632          else
1633          {
1634              $existing_info = $lang->moderated_perm;
1635          }
1636      }
1637  
1638      $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>';
1639      $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username']));
1640      $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div);
1641  
1642      // Suspend posts
1643      // Generate check box
1644      $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period'));
1645  
1646      // Do we have any existing suspensions here?
1647      if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors)))
1648      {
1649          $mybb->input['suspendposting'] = 1;
1650  
1651          if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never")
1652          {
1653              $existing_info = $lang->suspended_perm;
1654          }
1655          else
1656          {
1657              $remaining = $user['suspensiontime']-TIME_NOW;
1658              $suspost_date = nice_time($remaining, array('seconds' => false));
1659  
1660              $color = 'inherit';
1661              if($remaining < 3600)
1662              {
1663                  $color = 'red';
1664              }
1665              elseif($remaining < 86400)
1666              {
1667                  $color = 'maroon';
1668              }
1669              elseif($remaining < 604800)
1670              {
1671                  $color = 'green';
1672              }
1673  
1674              $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color);
1675          }
1676      }
1677  
1678      $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>';
1679      $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username']));
1680      $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div);
1681  
1682  
1683      $form_container->end();
1684      $plugins->run_hooks("admin_user_users_edit_moderator_options");
1685      echo "</div>\n";
1686  
1687      $plugins->run_hooks("admin_user_users_edit_graph");
1688  
1689      $buttons[] = $form->generate_submit_button($lang->save_user);
1690      $form->output_submit_wrapper($buttons);
1691  
1692      $form->end();
1693  
1694      echo '<script type="text/javascript">
1695  <!--
1696  
1697  function toggleBox(action)
1698  {
1699      if(action == "modpost")
1700      {
1701          $("#suspendposting").attr("checked", false);
1702          $("#suspost").hide();
1703  
1704          if($("#moderateposting").is(":checked") == true)
1705          {
1706              $("#modpost").show();
1707          }
1708          else if($("#moderateposting").is(":checked") == false)
1709          {
1710              $("#modpost").hide();
1711          }
1712      }
1713      else if(action == "suspost")
1714      {
1715          $("#moderateposting").attr("checked", false);
1716          $("#modpost").hide();
1717  
1718          if($("#suspendposting").is(":checked") == true)
1719          {
1720              $("#suspost").show();
1721          }
1722          else if($("#suspendposting").is(":checked") == false)
1723          {
1724              $("#suspost").hide();
1725          }
1726      }
1727  }
1728  
1729  if($("#moderateposting").is(":checked") == false)
1730  {
1731      $("#modpost").hide();
1732  }
1733  else
1734  {
1735      $("#modpost").show();
1736  }
1737  
1738  if($("#suspendposting").is(":checked") == false)
1739  {
1740      $("#suspost").hide();
1741  }
1742  else
1743  {
1744      $("#suspost").show();
1745  }
1746  
1747  // -->
1748  </script>';
1749  
1750      $page->output_footer();
1751  }
1752  
1753  if($mybb->input['action'] == "delete")
1754  {
1755      $user = get_user($mybb->input['uid']);
1756  
1757      // Does the user not exist?
1758      if(!$user['uid'])
1759      {
1760          flash_message($lang->error_invalid_user, 'error');
1761          admin_redirect("index.php?module=user-users");
1762      }
1763  
1764      if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
1765      {
1766          flash_message($lang->error_no_perms_super_admin, 'error');
1767          admin_redirect("index.php?module=user-users");
1768      }
1769  
1770      // User clicked no
1771      if($mybb->get_input('no'))
1772      {
1773          admin_redirect("index.php?module=user-users");
1774      }
1775  
1776      $plugins->run_hooks("admin_user_users_delete");
1777  
1778      if($mybb->request_method == "post")
1779      {
1780          $plugins->run_hooks("admin_user_users_delete_commit");
1781  
1782          // Set up user handler.
1783          require_once  MYBB_ROOT.'inc/datahandlers/user.php';
1784          $userhandler = new UserDataHandler('delete');
1785  
1786          // Delete the user
1787          if(!$userhandler->delete_user($user['uid']))
1788          {
1789              flash_message($lang->error_cannot_delete_user, 'error');
1790              admin_redirect("index.php?module=user-users");
1791          }
1792  
1793          $cache->update_awaitingactivation();
1794  
1795          $plugins->run_hooks("admin_user_users_delete_commit_end");
1796  
1797          log_admin_action($user['uid'], $user['username']);
1798  
1799          flash_message($lang->success_user_deleted, 'success');
1800          admin_redirect("index.php?module=user-users");
1801      }
1802      else
1803      {
1804          $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation);
1805      }
1806  }
1807  
1808  if($mybb->input['action'] == "referrers")
1809  {
1810      $page->add_breadcrumb_item($lang->show_referrers);
1811      $page->output_header($lang->show_referrers);
1812  
1813      $sub_tabs['referrers'] = array(
1814          'title' => $lang->show_referrers,
1815          'link' => "index.php?module=user-users&amp;action=referrers&amp;uid={$mybb->input['uid']}",
1816          'description' => $lang->show_referrers_desc
1817      );
1818  
1819      $plugins->run_hooks("admin_user_users_referrers");
1820  
1821      $page->output_nav_tabs($sub_tabs, 'referrers');
1822  
1823      // Fetch default admin view
1824      $default_view = fetch_default_view("user");
1825      if(!$default_view)
1826      {
1827          $default_view = "0";
1828      }
1829      $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
1830      $admin_view = $db->fetch_array($query);
1831  
1832      if($mybb->input['type'])
1833      {
1834          $admin_view['view_type'] = $mybb->input['type'];
1835      }
1836  
1837      $admin_view['conditions'] = my_unserialize($admin_view['conditions']);
1838      $admin_view['conditions']['referrer'] = $mybb->input['uid'];
1839  
1840      $view = build_users_view($admin_view);
1841  
1842      // No referred users
1843      if(!$view)
1844      {
1845          $table = new Table;
1846          $table->construct_cell($lang->error_no_referred_users);
1847          $table->construct_row();
1848          $table->output($lang->show_referrers);
1849      }
1850      else
1851      {
1852          echo $view;
1853      }
1854  
1855      $page->output_footer();
1856  }
1857  
1858  if($mybb->input['action'] == "ipaddresses")
1859  {
1860      $page->add_breadcrumb_item($lang->ip_addresses);
1861      $page->output_header($lang->ip_addresses);
1862  
1863      $sub_tabs['ipaddresses'] = array(
1864          'title' => $lang->show_ip_addresses,
1865          'link' => "index.php?module=user-users&amp;action=ipaddresses&amp;uid={$mybb->input['uid']}",
1866          'description' => $lang->show_ip_addresses_desc
1867      );
1868  
1869      $plugins->run_hooks("admin_user_users_ipaddresses");
1870  
1871      $page->output_nav_tabs($sub_tabs, 'ipaddresses');
1872  
1873      $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1));
1874      $user = $db->fetch_array($query);
1875  
1876      // Log admin action
1877      log_admin_action($user['uid'], $user['username']);
1878  
1879      $table = new Table;
1880  
1881      $table->construct_header($lang->ip_address);
1882      $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center"));
1883  
1884      if(empty($user['lastip']))
1885      {
1886          $user['lastip'] = $lang->unknown;
1887          $controls = '';
1888      }
1889      else
1890      {
1891          $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip']));
1892          $popup = new PopupMenu("user_last", $lang->options);
1893          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;action=search&amp;results=1&amp;conditions[regip]=".$user['lastip']);
1894          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['lastip']);
1895          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}', null, true); return false;");
1896          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['lastip']}");
1897          $controls = $popup->fetch();
1898      }
1899      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']);
1900      $table->construct_cell($controls, array('class' => "align_center"));
1901      $table->construct_row();
1902  
1903      if(empty($user['regip']))
1904      {
1905          $user['regip'] = $lang->unknown;
1906          $controls = '';
1907      }
1908      else
1909      {
1910          $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip']));
1911          $popup = new PopupMenu("user_reg", $lang->options);
1912          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$user['regip']);
1913          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['regip']);
1914          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}', null, true); return false;");
1915          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['regip']}");
1916          $controls = $popup->fetch();
1917      }
1918      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']);
1919      $table->construct_cell($controls, array('class' => "align_center"));
1920      $table->construct_row();
1921  
1922      $counter = 0;
1923  
1924      $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'");
1925      while($ip = $db->fetch_array($query))
1926      {
1927          ++$counter;
1928          $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress']));
1929          $popup = new PopupMenu("id_{$counter}", $lang->options);
1930          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$ip['ipaddress']);
1931          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$ip['ipaddress']);
1932          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;");
1933          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$ip['ipaddress']}");
1934          $controls = $popup->fetch();
1935  
1936          $table->construct_cell($ip['ipaddress']);
1937          $table->construct_cell($controls, array('class' => "align_center"));
1938          $table->construct_row();
1939      }
1940  
1941      $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username']));
1942  
1943      $page->output_footer();
1944  }
1945  
1946  if($mybb->input['action'] == "merge")
1947  {
1948      $plugins->run_hooks("admin_user_users_merge");
1949  
1950      if($mybb->request_method == "post")
1951      {
1952          foreach(array('source', 'destination') as $target)
1953          {
1954              ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*'));
1955              if(empty(${$target.'_user'}['uid']))
1956              {
1957                  $errors[] = $lang->{'error_invalid_user_'.$target};
1958              }
1959          }
1960  
1961          // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action
1962          if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid'])))
1963          {
1964              flash_message($lang->error_no_perms_super_admin, 'error');
1965              admin_redirect("index.php?module=user-users");
1966          }
1967  
1968          if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid']))
1969          {
1970              $errors[] = $lang->error_cannot_merge_same_account;
1971          }
1972  
1973          if(empty($errors))
1974          {
1975              // Begin to merge the accounts
1976              $uid_update = array(
1977                  "uid" => $destination_user['uid']
1978              );
1979              $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'");
1980              $existing_admin_options = $db->fetch_field($query, "uid");
1981  
1982              // Only carry over admin options/permissions if we don't already have them
1983              if(!$existing_admin_options)
1984              {
1985                  $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'");
1986              }
1987  
1988              $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'");
1989              $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'");
1990              $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'");
1991              $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
1992              $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
1993              $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'");
1994              $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'");
1995              $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'");
1996              $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'");
1997              $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'");
1998              $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'");
1999              $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'");
2000              $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'");
2001              $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'");
2002              $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'");
2003  
2004              // Thread ratings
2005              merge_thread_ratings($source_user['uid'], $destination_user['uid']);
2006  
2007              // Banning
2008              $db->update_query("banned", array('admin' => $destination_user['uid']), "admin = '{$source_user['uid']}'");
2009  
2010              // Carry over referrals
2011              $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'");
2012              // If destination user has no referrer but source does and source user was not referred by destination user
2013              // or destination user was referred by the source user
2014              if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid'])
2015              {
2016                  $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'");
2017              }
2018              $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'");
2019              $new_referrals = $db->fetch_field($query, "total_referrals");
2020              $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'");
2021  
2022              // Merging Reputation
2023              // First, let's change all the details over to our new user...
2024              $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'");
2025              $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'");
2026  
2027              // Now that all the repuation is merged, figure out what to do with this user's comments...
2028              $options = array(
2029                  "order_by" => "uid",
2030                  "order_dir" => "ASC"
2031              );
2032  
2033              $to_remove = array();
2034              $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options);
2035              while($rep = $db->fetch_array($query))
2036              {
2037                  if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid'])
2038                  {
2039                      // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment
2040                      $to_remove[] = $rep['rid'];
2041                  }
2042  
2043                  // Remove comments or posts liked by "me"
2044                  if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid'])
2045                  {
2046                      if(!in_array($rep['rid'], $to_remove))
2047                      {
2048                          $to_remove[] = $rep['rid'];
2049                          continue;
2050                      }
2051                  }
2052  
2053                  $last_result = array(
2054                      "rid" => $rep['rid'],
2055                      "uid" => $rep['uid']
2056                  );
2057              }
2058  
2059              // Remove any reputations we've selected to remove...
2060              if(!empty($to_remove))
2061              {
2062                  $imp = implode(",", $to_remove);
2063                  $db->delete_query("reputation", "rid IN (".$imp.")");
2064              }
2065  
2066              // Calculate the new reputation for this user...
2067              $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'");
2068              $total_reputation = $db->fetch_field($query, "total_rep");
2069  
2070              $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'");
2071  
2072              // Calculate warning points
2073              $query = $db->query("
2074                  SELECT SUM(points) as warn_lev
2075                  FROM ".TABLE_PREFIX."warnings
2076                  WHERE uid='{$source_user['uid']}' AND expired='0'
2077              ");
2078              $original_warn_level = $db->fetch_field($query, "warn_lev");
2079  
2080              $query = $db->query("
2081                  SELECT SUM(points) as warn_lev
2082                  FROM ".TABLE_PREFIX."warnings
2083                  WHERE uid='{$destination_user['uid']}' AND expired='0'
2084              ");
2085              $new_warn_level = $db->fetch_field($query, "warn_lev");
2086              $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'");
2087  
2088              // Additional updates for non-uid fields
2089              $last_poster = array(
2090                  "lastposteruid" => $destination_user['uid'],
2091                  "lastposter" => $db->escape_string($destination_user['username'])
2092              );
2093              $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'");
2094              $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'");
2095              $edit_uid = array(
2096                  "edituid" => $destination_user['uid']
2097              );
2098              $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'");
2099  
2100              $from_uid = array(
2101                  "fromid" => $destination_user['uid']
2102              );
2103              $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'");
2104              $to_uid = array(
2105                  "toid" => $destination_user['uid']
2106              );
2107              $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'");
2108  
2109              // Buddy/ignore lists
2110              $destination_buddies = explode(',', $destination_user['buddylist']);
2111              $source_buddies = explode(',', $source_user['buddylist']);
2112              $buddies = array_unique(array_merge($source_buddies, $destination_buddies));
2113              // Make sure the new buddy list doesn't contain either users
2114              $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid']));
2115  
2116              $destination_ignored = explode(',', $destination_user['ignorelist']);
2117              $source_ignored = explode(',', $destination_user['ignorelist']);
2118              $ignored = array_unique(array_merge($source_ignored, $destination_ignored));
2119              // ... and the same for the new ignore list
2120              $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid']));
2121  
2122              // Remove any ignored users from the buddy list
2123              $buddies = array_diff($buddies_array, $ignored_array);
2124              // implode the arrays so we get a nice neat list for each
2125              $buddies = trim(implode(',', $buddies), ',');
2126              $ignored = trim(implode(',', $ignored_array), ',');
2127  
2128              $lists = array(
2129                  "buddylist" => $buddies,
2130                  "ignorelist" => $ignored
2131              );
2132              $db->update_query("users", $lists, "uid='{$destination_user['uid']}'");
2133  
2134              // Get a list of forums where post count doesn't apply
2135              $fids = array();
2136              $query = $db->simple_select("forums", "fid", "usepostcounts=0");
2137              while($fid = $db->fetch_field($query, "fid"))
2138              {
2139                  $fids[] = $fid;
2140              }
2141  
2142              $fids_not_in = '';
2143              if(!empty($fids))
2144              {
2145                  $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")";
2146              }
2147  
2148              // Update user post count
2149              $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2150              $num = $db->fetch_array($query);
2151              $updated_count = array(
2152                  "postnum" => $num['postnum']
2153              );
2154              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2155  
2156              // Update user thread count
2157              $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2158              $num = $db->fetch_array($query);
2159              $updated_count = array(
2160                  "threadnum" => $num['threadnum']
2161              );
2162              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2163  
2164              // Use the earliest registration date
2165              if($destination_user['regdate'] > $source_user['regdate'])
2166              {
2167                  $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'");
2168              }
2169  
2170              $plugins->run_hooks("admin_user_users_merge_commit");
2171  
2172              // Set up user handler.
2173              require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2174              $userhandler = new UserDataHandler('delete');
2175  
2176              // Delete the old user
2177              $userhandler->delete_user($source_user['uid']);
2178  
2179              $cache->update_awaitingactivation();
2180  
2181              // Log admin action
2182              log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']);
2183  
2184              // Redirect!
2185              $username = htmlspecialchars_uni($source_user['username']);
2186              $destination_username = htmlspecialchars_uni($destination_user['username']);
2187              flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success");
2188              admin_redirect("index.php?module=user-users");
2189              exit;
2190          }
2191      }
2192  
2193      $page->add_breadcrumb_item($lang->merge_users);
2194      $page->output_header($lang->merge_users);
2195  
2196      $page->output_nav_tabs($sub_tabs, 'merge_users');
2197  
2198      // If we have any error messages, show them
2199      if($errors)
2200      {
2201          $page->output_inline_error($errors);
2202      }
2203  
2204      $form = new Form("index.php?module=user-users&amp;action=merge", "post");
2205  
2206      $form_container = new FormContainer($lang->merge_users);
2207      $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username');
2208      $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username');
2209      $form_container->end();
2210  
2211      // Autocompletion for usernames
2212      echo '
2213      <link rel="stylesheet" href="../jscripts/select2/select2.css">
2214      <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script>
2215      <script type="text/javascript">
2216      <!--
2217      $("#source_username").select2({
2218          placeholder: "'.$lang->search_for_a_user.'",
2219          minimumInputLength: 2,
2220          multiple: false,
2221          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2222              url: "../xmlhttp.php?action=get_users",
2223              dataType: \'json\',
2224              data: function (term, page) {
2225                  return {
2226                      query: term // search term
2227                  };
2228              },
2229              results: function (data, page) { // parse the results into the format expected by Select2.
2230                  // since we are using custom formatting functions we do not need to alter remote JSON data
2231                  return {results: data};
2232              }
2233          },
2234          initSelection: function(element, callback) {
2235              var query = $(element).val();
2236              if (query !== "") {
2237                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2238                      data: {
2239                          query: query
2240                      },
2241                      dataType: "json"
2242                  }).done(function(data) { callback(data); });
2243              }
2244          }
2245      });
2246      $("#destination_username").select2({
2247          placeholder: "'.$lang->search_for_a_user.'",
2248          minimumInputLength: 2,
2249          multiple: false,
2250          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2251              url: "../xmlhttp.php?action=get_users",
2252              dataType: \'json\',
2253              data: function (term, page) {
2254                  return {
2255                      query: term // search term
2256                  };
2257              },
2258              results: function (data, page) { // parse the results into the format expected by Select2.
2259                  // since we are using custom formatting functions we do not need to alter remote JSON data
2260                  return {results: data};
2261              }
2262          },
2263          initSelection: function(element, callback) {
2264              var query = $(element).val();
2265              if (query !== "") {
2266                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2267                      data: {
2268                          query: query
2269                      },
2270                      dataType: "json"
2271                  }).done(function(data) { callback(data); });
2272              }
2273          }
2274      });
2275      // -->
2276      </script>';
2277  
2278      $buttons[] = $form->generate_submit_button($lang->merge_user_accounts);
2279      $form->output_submit_wrapper($buttons);
2280      $form->end();
2281  
2282      $page->output_footer();
2283  }
2284  
2285  if($mybb->input['action'] == "search")
2286  {
2287      $plugins->run_hooks("admin_user_users_search");
2288  
2289      if($mybb->request_method == "post" || $mybb->get_input('results') == 1)
2290      {
2291          // Build view options from incoming search options
2292          if($mybb->get_input('vid'))
2293          {
2294              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
2295              $admin_view = $db->fetch_array($query);
2296              // View does not exist or this view is private and does not belong to the current user
2297              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
2298              {
2299                  unset($admin_view);
2300              }
2301          }
2302  
2303          if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')])
2304          {
2305              $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')];
2306              unset($admin_view['extra_sql']);
2307          }
2308  
2309          // Don't have a view? Fetch the default
2310          if(!isset($admin_view) || !$admin_view['vid'])
2311          {
2312              $default_view = fetch_default_view("user");
2313              if(!$default_view)
2314              {
2315                  $default_view = "0";
2316              }
2317              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
2318              $admin_view = $db->fetch_array($query);
2319          }
2320  
2321          // Override specific parts of the view
2322          unset($admin_view['vid']);
2323  
2324          if($mybb->get_input('type'))
2325          {
2326              $admin_view['view_type'] = $mybb->get_input('type');
2327          }
2328  
2329          if(!empty($mybb->input['conditions']))
2330          {
2331              $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY);
2332          }
2333  
2334          if($mybb->get_input('sortby'))
2335          {
2336              $admin_view['sortby'] = $mybb->get_input('sortby');
2337          }
2338  
2339          if($mybb->get_input('perpage', MyBB::INPUT_INT))
2340          {
2341              $admin_view['perpage'] = $mybb->get_input('perpage');
2342          }
2343  
2344          if($mybb->get_input('order'))
2345          {
2346              $admin_view['sortorder'] = $mybb->get_input('order');
2347          }
2348  
2349          if($mybb->get_input('displayas'))
2350          {
2351              $admin_view['view_type'] = $mybb->get_input('displayas');
2352          }
2353  
2354          if(!empty($mybb->input['profile_fields']))
2355          {
2356              $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
2357          }
2358  
2359          $plugins->run_hooks("admin_user_users_search_commit");
2360  
2361          $results = build_users_view($admin_view);
2362  
2363          if($results)
2364          {
2365              $page->output_header($lang->find_users);
2366              echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
2367              $page->output_nav_tabs($sub_tabs, 'find_users');
2368              echo $results;
2369              $page->output_footer();
2370          }
2371          else
2372          {
2373              if($mybb->get_input('from') == "home")
2374              {
2375                  flash_message($lang->error_no_users_found, 'error');
2376                  admin_redirect("index.php");
2377                  exit;
2378              }
2379              else
2380              {
2381                  $errors[] = $lang->error_no_users_found;
2382              }
2383          }
2384      }
2385  
2386      $page->add_breadcrumb_item($lang->find_users);
2387      $page->output_header($lang->find_users);
2388  
2389      $page->output_nav_tabs($sub_tabs, 'find_users');
2390  
2391      // If we have any error messages, show them
2392      if($errors)
2393      {
2394          $page->output_inline_error($errors);
2395      }
2396  
2397      if(!$mybb->get_input('displayas'))
2398      {
2399          $mybb->input['displayas'] = "card";
2400      }
2401  
2402      $form = new Form("index.php?module=user-users&amp;action=search", "post");
2403  
2404      user_search_conditions($mybb->input, $form);
2405  
2406      $form_container = new FormContainer($lang->display_options);
2407      $sort_directions = array(
2408          "asc" => $lang->ascending,
2409          "desc" => $lang->descending
2410      );
2411      $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby');
2412      $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage');
2413      $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false))));
2414      $form_container->end();
2415  
2416      $buttons[] = $form->generate_submit_button($lang->find_users);
2417      $form->output_submit_wrapper($buttons);
2418      $form->end();
2419  
2420      $page->output_footer();
2421  }
2422  
2423  if($mybb->input['action'] == "inline_edit")
2424  {
2425      $plugins->run_hooks("admin_user_users_inline");
2426  
2427      if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view']))
2428      {
2429          // We have a custom view
2430          if(empty($mybb->cookies['acp_view']))
2431          {
2432              // Set a cookie
2433              my_setcookie("acp_view", $mybb->input['vid'], 60);
2434          }
2435          else
2436          {
2437              // We already have a cookie, so let's use it...
2438              $mybb->input['vid'] = $mybb->cookies['acp_view'];
2439          }
2440  
2441          $vid_url = "&amp;vid=".$mybb->get_input('vid');
2442      }
2443      else
2444      {
2445          $vid_url = null;
2446      }
2447  
2448      // First, collect the user IDs that we're performing the moderation on
2449      $selected = array();
2450      if(isset($mybb->cookies['inlinemod_useracp']))
2451      {
2452          $ids = explode("|", $mybb->cookies['inlinemod_useracp']);
2453          foreach($ids as $id)
2454          {
2455              if($id != '')
2456              {
2457                  $selected[] = (int)$id;
2458              }
2459          }
2460      }
2461  
2462      // Verify incoming POST request
2463      if(!verify_post_check($mybb->get_input('my_post_key')))
2464      {
2465          flash_message($lang->invalid_post_verify_key2, 'error');
2466          admin_redirect("index.php?module=user-user");
2467      }
2468      $sub_tabs['manage_users'] = array(
2469          "title" => $lang->manage_users,
2470          "link" => "./",
2471          "description" => $lang->manage_users_desc
2472      );
2473      $page->add_breadcrumb_item($lang->manage_users);
2474  
2475      if(empty($selected))
2476      {
2477          // Not selected any users, show error
2478          flash_message($lang->error_inline_no_users_selected, 'error');
2479          admin_redirect("index.php?module=user-users".$vid_url);
2480      }
2481  
2482      switch($mybb->input['inline_action'])
2483      {
2484          case 'multiactivate':
2485              // Run through the activating users, so that users already registered (but have been selected) aren't affected
2486              if(is_array($selected))
2487              {
2488                  $sql_array = implode(",", $selected);
2489                  $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")");
2490                  $user_mail_data = array();
2491                  while($user = $db->fetch_array($query))
2492                  {
2493                      $to_update[] = $user['uid'];
2494                      $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']);
2495                  }
2496              }
2497  
2498              $plugins->run_hooks("admin_user_multiactivate", $to_update);
2499  
2500              if(isset($to_update) && is_array($to_update))
2501              {
2502                  $sql_array = implode(",", $to_update);
2503                  $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")");
2504  
2505                  $cache->update_awaitingactivation();
2506  
2507                  // send activation mail
2508                  foreach($user_mail_data as $mail_data)
2509                  {
2510                      $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
2511                      my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
2512                  }
2513  
2514                  // Action complete, grab stats and show success message - redirect user
2515                  $to_update_count = count($to_update);
2516                  $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count));
2517  
2518                  if(is_array($selected) && $to_update_count != count($selected))
2519                  {
2520                      // The update count is different to how many we selected!
2521                      $not_updated_count = count($selected) - $to_update_count;
2522                      $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count));
2523                      $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message
2524                  }
2525  
2526                  $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog
2527                  log_admin_action($to_update_count); // Add to adminlog
2528                  my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected
2529  
2530                  flash_message($lang->inline_activated, 'success');
2531                  admin_redirect("index.php?module=user-users".$vid_url);
2532              }
2533              else
2534              {
2535                  // Nothing was updated, show an error
2536                  flash_message($lang->inline_activated_failed, 'error');
2537                  admin_redirect("index.php?module=user-users".$vid_url);
2538              }
2539              break;
2540          case 'multilift':
2541              // Get the users that are banned, and check that they have been selected
2542              if($mybb->get_input('no'))
2543              {
2544                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No'
2545              }
2546  
2547              if($mybb->request_method == "post")
2548              {
2549                  $sql_array = implode(",", $selected);
2550                  $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")");
2551                  $to_be_unbanned = $db->num_rows($query);
2552                  while($ban = $db->fetch_array($query))
2553                  {
2554                      $updated_group = array(
2555                          "usergroup" => $ban['oldgroup'],
2556                          "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']),
2557                          "displaygroup" => $ban['olddisplaygroup']
2558                      );
2559                      $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'");
2560                      $db->delete_query("banned", "uid = '".$ban['uid']."'");
2561                  }
2562  
2563                  $cache->update_moderators();
2564  
2565                  $mybb->input['action'] = "inline_lift";
2566                  log_admin_action($to_be_unbanned);
2567                  my_unsetcookie("inlinemod_useracp");
2568  
2569                  $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned));
2570                  flash_message($lang->success_ban_lifted, 'success');
2571                  admin_redirect("index.php?module=user-users".$vid_url);
2572              }
2573              else
2574              {
2575                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift", $lang->confirm_multilift);
2576              }
2577  
2578              break;
2579          case 'multiban':
2580              if($mybb->input['processed'] == 1)
2581              {
2582                  // We've posted ban information!
2583                  // Build an array of users to ban, =D
2584                  $sql_array = implode(",", $selected);
2585                  // Build a cache array for this users that have been banned already
2586                  $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")");
2587                  while($user = $db->fetch_array($query))
2588                  {
2589                      $bannedcache[] = "u_".$user['uid'];
2590                  }
2591  
2592                  // Collect the users
2593                  $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")");
2594  
2595                  if($mybb->input['bantime'] == '---')
2596                  {
2597                      $lifted = 0;
2598                  }
2599                  else
2600                  {
2601                      $lifted = ban_date2timestamp($mybb->input['bantime']);
2602                  }
2603  
2604                  $reason = my_substr($mybb->input['reason'], 0, 255);
2605  
2606                  $banned_count = 0;
2607                  while($user = $db->fetch_array($query))
2608                  {
2609                      if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid']))
2610                      {
2611                          // We remove ourselves and Super Admins from the mix
2612                          continue;
2613                      }
2614  
2615                      if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache))
2616                      {
2617                          // User already has a ban, update it!
2618                          $update_array = array(
2619                              "admin" => (int)$mybb->user['uid'],
2620                              "dateline" => TIME_NOW,
2621                              "bantime" => $db->escape_string($mybb->input['bantime']),
2622                              "lifted" => $db->escape_string($lifted),
2623                              "reason" => $db->escape_string($reason)
2624                          );
2625                          $db->update_query("banned", $update_array, "uid = '".$user['uid']."'");
2626                      }
2627                      else
2628                      {
2629                          // Not currently banned - insert the ban
2630                          $insert_array = array(
2631                              'uid' => $user['uid'],
2632                              'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
2633                              'oldgroup' => $user['usergroup'],
2634                              'oldadditionalgroups' => $db->escape_string($user['additionalgroups']),
2635                              'olddisplaygroup' => $user['displaygroup'],
2636                              'admin' => (int)$mybb->user['uid'],
2637                              'dateline' => TIME_NOW,
2638                              'bantime' => $db->escape_string($mybb->input['bantime']),
2639                              'lifted' => $db->escape_string($lifted),
2640                              'reason' => $db->escape_string($reason)
2641                          );
2642                          $db->insert_query('banned', $insert_array);
2643                      }
2644  
2645                      // Moved the user to the 'Banned' Group
2646                      $update_array = array(
2647                          'usergroup' => 7,
2648                          'displaygroup' => 0,
2649                          'additionalgroups' => '',
2650                      );
2651                      $db->update_query('users', $update_array, "uid = '{$user['uid']}'");
2652  
2653                      $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'");
2654                      $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'");
2655  
2656                      ++$banned_count;
2657                  }
2658                  $mybb->input['action'] = "inline_banned";
2659                  log_admin_action($banned_count, $lifted);
2660                  my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them
2661  
2662                  $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count);
2663                  flash_message($lang->users_banned, 'success');
2664                  admin_redirect("index.php?module=user-users".$vid_url);
2665              }
2666  
2667              $page->output_header($lang->manage_users);
2668              $page->output_nav_tabs($sub_tabs, 'manage_users');
2669  
2670              // Provide the user with a warning of what they're about to do
2671              $table = new Table;
2672              $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected));
2673              $table->construct_cell($lang->mass_ban_info);
2674              $table->construct_row();
2675              $table->output($lang->important);
2676  
2677              // If there's any errors, display inline
2678              if($errors)
2679              {
2680                  $page->output_inline_error($errors);
2681              }
2682  
2683              $form = new Form("index.php?module=user-users", "post");
2684              echo $form->generate_hidden_field('action', 'inline_edit');
2685              echo $form->generate_hidden_field('inline_action', 'multiban');
2686              echo $form->generate_hidden_field('processed', '1');
2687  
2688              $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift&amp;my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban);
2689              $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason');
2690              $ban_times = fetch_ban_times();
2691              foreach($ban_times as $time => $period)
2692              {
2693                  if($time != '---')
2694                  {
2695                      $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time));
2696                      $period = "{$period} ({$friendly_time})";
2697                  }
2698                  $length_list[$time] = $period;
2699              }
2700              $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime');
2701              $form_container->end();
2702  
2703              $buttons[] = $form->generate_submit_button($lang->ban_users);
2704              $form->output_submit_wrapper($buttons);
2705              $form->end();
2706              $page->output_footer();
2707              break;
2708          case 'multidelete':
2709              if($mybb->get_input('no'))
2710              {
2711                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No
2712              }
2713              else
2714              {
2715                  if($mybb->input['processed'] == 1)
2716                  {
2717                      // Set up user handler.
2718                      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2719                      $userhandler = new UserDataHandler('delete');
2720  
2721                      // Delete users
2722                      $deleted = $userhandler->delete_user($selected);
2723                      $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users
2724  
2725                      // Update forum stats, remove the cookie and redirect the user
2726                      my_unsetcookie("inlinemod_useracp");
2727                      $mybb->input['action'] = "inline_delete";
2728                      log_admin_action($to_be_deleted);
2729  
2730                      $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted);
2731  
2732                      $cache->update_awaitingactivation();
2733  
2734                      flash_message($lang->users_deleted, 'success');
2735                      admin_redirect("index.php?module=user-users".$vid_url);
2736                  }
2737  
2738                  $to_be_deleted = count($selected);
2739                  $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted));
2740                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multidelete&amp;my_post_key={$mybb->post_code}&amp;processed=1", $lang->confirm_multidelete);
2741              }
2742              break;
2743          case 'multiprune':
2744              if($mybb->input['processed'] == 1)
2745              {
2746                  if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set'])
2747                  {
2748                      $errors[] = $lang->multi_selected_dates;
2749                  }
2750  
2751                  $day = $mybb->get_input('day', MyBB::INPUT_INT);
2752                  $month = $mybb->get_input('month', MyBB::INPUT_INT);
2753                  $year = $mybb->get_input('year', MyBB::INPUT_INT);
2754  
2755                  // Selected a date - check if the date the user entered is valid
2756                  if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year'])
2757                  {
2758                      // Is the date sort of valid?
2759                      if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29))
2760                      {
2761                          $errors[] = $lang->incorrect_date;
2762                      }
2763  
2764                      // Check the month
2765                      $months = get_bdays($year);
2766                      if($day > $months[$month-1])
2767                      {
2768                          $errors[] = $lang->incorrect_date;
2769                      }
2770  
2771                      // Check the year
2772                      if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y"))
2773                      {
2774                          $errors[] = $lang->incorrect_date;
2775                      }
2776  
2777                      if(!$errors)
2778                      {
2779                          // No errors, so let's continue and set the date to delete from
2780                          $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp
2781                      }
2782                  }
2783                  elseif($mybb->input['set'] > 0)
2784                  {
2785                      // Set options
2786                      // For this purpose, 1 month = 31 days
2787                      $base_time = 24 * 60 * 60;
2788  
2789                      switch($mybb->input['set'])
2790                      {
2791                          case '1':
2792                              $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms
2793                              break;
2794                          case '2':
2795                              $threshold = $base_time * 93; // 3 months = 31 days * 3
2796                              break;
2797                          case '3':
2798                              $threshold = $base_time * 183; // 6 months = 365 days / 2
2799                              break;
2800                          case '4':
2801                              $threshold = $base_time * 365; // 1 year = 365 days
2802                              break;
2803                          case '5':
2804                              $threshold = $base_time * 548; // 18 months = 365 + 183
2805                              break;
2806                          case '6':
2807                              $threshold = $base_time * 730; // 2 years = 365 * 2
2808                              break;
2809                      }
2810  
2811                      if(!$threshold)
2812                      {
2813                          // An option was entered that isn't in the dropdown box
2814                          $errors[] = $lang->no_set_option;
2815                      }
2816                      else
2817                      {
2818                          $date = TIME_NOW - $threshold;
2819                      }
2820                  }
2821                  else
2822                  {
2823                      $errors[] = $lang->no_prune_option;
2824                  }
2825  
2826                  if(!$errors)
2827                  {
2828                      $sql_array = implode(",", $selected);
2829                      $prune_array = array();
2830                      $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")");
2831                      while($user = $db->fetch_array($query))
2832                      {
2833                          // Protect Super Admins
2834                          if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid']))
2835                          {
2836                              continue;
2837                          }
2838  
2839                          $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete
2840                          if($return_array && is_array($return_array))
2841                          {
2842                              $prune_array = array_merge_recursive($prune_array, $return_array);
2843                          }
2844                      }
2845  
2846                      $plugins->run_hooks("admin_user_multiprune_threads", $prune_array);
2847  
2848                      // No posts were found for the user, return error
2849                      if(!is_array($prune_array) || count($prune_array) == 0)
2850                      {
2851                          flash_message($lang->prune_fail, 'error');
2852                          admin_redirect("index.php?module=user-users".$vid_url);
2853                      }
2854  
2855                      // Require the rebuild functions
2856                      require_once  MYBB_ROOT.'/inc/functions.php';
2857                      require_once  MYBB_ROOT.'/inc/functions_rebuild.php';
2858  
2859                      // We've finished deleting user's posts, so let's delete the threads
2860                      if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0)
2861                      {
2862                          foreach($prune_array['to_delete'] as $tid)
2863                          {
2864                              $db->delete_query("threads", "tid='$tid'");
2865                              $db->delete_query("threads", "closed='moved|$tid'");
2866                              $db->delete_query("threadsubscriptions", "tid='$tid'");
2867                              $db->delete_query("polls", "tid='$tid'");
2868                              $db->delete_query("threadsread", "tid='$tid'");
2869                              $db->delete_query("threadratings", "tid='$tid'");
2870                          }
2871                      }
2872  
2873                      // After deleting threads, rebuild the thread counters for the affected threads
2874                      if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0)
2875                      {
2876                          $sql_array = implode(",", $prune_array['thread_update']);
2877                          $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc'));
2878                          while($thread = $db->fetch_array($query))
2879                          {
2880                              rebuild_thread_counters($thread['tid']);
2881                          }
2882                      }
2883  
2884                      // After updating thread counters, update the affected forum counters
2885                      if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0)
2886                      {
2887                          $sql_array = implode(",", $prune_array['forum_update']);
2888                          $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc'));
2889                          while($forum = $db->fetch_array($query))
2890                          {
2891                              // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update
2892                              if($looped_forum == $forum['fid'])
2893                              {
2894                                  continue;
2895                              }
2896                              $looped_forum = $forum['fid'];
2897                              rebuild_forum_counters($forum['fid']);
2898                          }
2899                      }
2900  
2901                      //log_admin_action();
2902                      my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie
2903                      flash_message($lang->prune_complete, 'success');
2904                      admin_redirect("index.php?module=user-users".$vid_url);
2905                  }
2906              }
2907  
2908              $page->output_header($lang->manage_users);
2909              $page->output_nav_tabs($sub_tabs, 'manage_users');
2910  
2911              // Display a table warning
2912              $table = new Table;
2913              $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected));
2914              $table->construct_cell($lang->mass_prune_info);
2915              $table->construct_row();
2916              $table->output($lang->important);
2917  
2918              if($errors)
2919              {
2920                  $page->output_inline_error($errors);
2921              }
2922  
2923              // Display the prune options
2924              $form = new Form("index.php?module=user-users", "post");
2925              echo $form->generate_hidden_field('action', 'inline_edit');
2926              echo $form->generate_hidden_field('inline_action', 'multiprune');
2927              echo $form->generate_hidden_field('processed', '1');
2928  
2929              $form_container = new FormContainer($lang->mass_prune_posts);
2930  
2931              // Generate a list of days (1 - 31)
2932              $day_options = array();
2933              $day_options[] = "&nbsp;";
2934              for($i = 1; $i <= 31; ++$i)
2935              {
2936                  $day_options[] = $i;
2937              }
2938  
2939              // Generate a list of months (1 - 12)
2940              $month_options = array();
2941              $month_options[] = "&nbsp;";
2942              for($i = 1; $i <= 12; ++$i)
2943              {
2944                  $string = "month_{$i}";
2945                  $month_options[] = $lang->$string;
2946              }
2947              $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']);
2948              $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']);
2949              $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0));
2950  
2951              $prune_select = $date_box.$month_box.$year_box;
2952              $form_container->output_row($lang->manual_date, "", $prune_select, 'date');
2953  
2954              // Generate the set date box
2955              $set_options = array();
2956              $set_options[] = $lang->set_an_option;
2957              for($i = 1; $i <= 6; ++$i)
2958              {
2959                  $string = "option_{$i}";
2960                  $set_options[] = $lang->$string;
2961              }
2962  
2963              $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set');
2964              $form_container->end();
2965  
2966              $buttons[] = $form->generate_submit_button($lang->prune_posts);
2967              $form->output_submit_wrapper($buttons);
2968              $form->end();
2969              $page->output_footer();
2970              break;
2971          case 'multiusergroup':
2972              if($mybb->input['processed'] == 1)
2973              {
2974                  // Determine additional usergroups
2975                  if(is_array($mybb->input['additionalgroups']))
2976                  {
2977                      foreach($mybb->input['additionalgroups'] as $key => $gid)
2978                      {
2979                          if($gid == $mybb->input['usergroup'])
2980                          {
2981                              unset($mybb->input['additionalgroups'][$key]);
2982                          }
2983                      }
2984  
2985                      $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
2986                  }
2987                  else
2988                  {
2989                      $additionalgroups = '';
2990                  }
2991  
2992                  // Create an update array
2993                  $update_array = array(
2994                      "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT),
2995                      "additionalgroups" => $additionalgroups,
2996                      "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT)
2997                  );
2998  
2999                  // Create an admin_user_multiusergroup hook array
3000                  $hook_params = array(
3001                      "selected" => &$selected,
3002                      "update_array" => &$update_array
3003                  );
3004  
3005                  $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params);
3006  
3007                  // Do the usergroup update for all those selected
3008                  // If the a selected user is a super admin, don't update that user
3009                  $users_to_update = array();
3010                  foreach($selected as $user)
3011                  {
3012                      if(!is_super_admin($user))
3013                      {
3014                          $users_to_update[] = $user;
3015                      }
3016                  }
3017  
3018                  $to_update_count = count($users_to_update);
3019                  if($to_update_count > 0)
3020                  {
3021                      // Update the users in the database
3022                      $sql = implode(",", $users_to_update);
3023                      $db->update_query("users", $update_array, "uid IN (".$sql.")");
3024  
3025                      // Redirect the admin...
3026                      $mybb->input['action'] = "inline_usergroup";
3027                      log_admin_action($to_update_count);
3028                      my_unsetcookie("inlinemod_useracp");
3029                      flash_message($lang->success_mass_usergroups, 'success');
3030                      admin_redirect("index.php?module=user-users".$vid_url);
3031                  }
3032                  else
3033                  {
3034                      // They tried to edit super admins! Uh-oh!
3035                      $errors[] = $lang->no_usergroup_changed;
3036                  }
3037              }
3038  
3039              $page->output_header($lang->manage_users);
3040              $page->output_nav_tabs($sub_tabs, 'manage_users');
3041  
3042              // Display a table warning
3043              $table = new Table;
3044              $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected));
3045              $table->construct_cell($lang->usergroup_info);
3046              $table->construct_row();
3047              $table->output($lang->important);
3048  
3049              if($errors)
3050              {
3051                  $page->output_inline_error($errors);
3052              }
3053  
3054              // Display the usergroup options
3055              $form = new Form("index.php?module=user-users", "post");
3056              echo $form->generate_hidden_field('action', 'inline_edit');
3057              echo $form->generate_hidden_field('inline_action', 'multiusergroup');
3058              echo $form->generate_hidden_field('processed', '1');
3059  
3060              $form_container = new FormContainer($lang->mass_usergroups);
3061  
3062              // Usergroups
3063              $display_group_options[0] = $lang->use_primary_user_group;
3064              $options = array();
3065              $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
3066              while($usergroup = $db->fetch_array($query))
3067              {
3068                  $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3069                  $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3070              }
3071  
3072              if(!is_array($mybb->input['additionalgroups']))
3073              {
3074                  $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']);
3075              }
3076  
3077              $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup');
3078              $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
3079              $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup');
3080  
3081              $form_container->end();
3082  
3083              $buttons[] = $form->generate_submit_button($lang->alter_usergroups);
3084              $form->output_submit_wrapper($buttons);
3085              $form->end();
3086              $page->output_footer();
3087              break;
3088      }
3089  }
3090  
3091  if(!$mybb->input['action'])
3092  {
3093      $plugins->run_hooks("admin_user_users_start");
3094  
3095      $page->output_header($lang->browse_users);
3096      echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
3097  
3098      $page->output_nav_tabs($sub_tabs, 'browse_users');
3099  
3100      if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']])
3101      {
3102          $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']];
3103          unset($admin_view['extra_sql']);
3104      }
3105      else
3106      {
3107          // Showing a specific view
3108          if(isset($mybb->input['vid']))
3109          {
3110              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
3111              $admin_view = $db->fetch_array($query);
3112              // View does not exist or this view is private and does not belong to the current user
3113              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
3114              {
3115                  unset($admin_view);
3116              }
3117          }
3118  
3119          // Don't have a view? Fetch the default
3120          if(!isset($admin_view))
3121          {
3122              $default_view = fetch_default_view("user");
3123              if(!$default_view)
3124              {
3125                  $default_view = "0";
3126              }
3127              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
3128              $admin_view = $db->fetch_array($query);
3129          }
3130      }
3131  
3132      // Fetch a list of all of the views for this user
3133      $popup = new PopupMenu("views", $lang->views);
3134  
3135      $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title"));
3136      while($view = $db->fetch_array($query))
3137      {
3138          $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&amp;vid={$view['vid']}");
3139      }
3140      $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&amp;action=views");
3141      $admin_view['popup'] = $popup->fetch();
3142  
3143      if(isset($mybb->input['type']))
3144      {
3145          $admin_view['view_type'] = $mybb->input['type'];
3146      }
3147  
3148      $results = build_users_view($admin_view);
3149  
3150      if(!$results)
3151      {
3152          // If we came from the home page and clicked on the "Activate Users" link, send them back to here
3153          if(