| [ Index ] |
PHP Cross Reference of MyBB 1.8.40 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 // Disallow direct access to this file for security reasons 12 if(!defined("IN_MYBB")) 13 { 14 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 15 } 16 17 require_once MYBB_ROOT."inc/functions_upload.php"; 18 19 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 20 21 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 22 { 23 $sub_tabs['browse_users'] = array( 24 'title' => $lang->browse_users, 25 'link' => "index.php?module=user-users", 26 'description' => $lang->browse_users_desc 27 ); 28 29 $sub_tabs['find_users'] = array( 30 'title' => $lang->find_users, 31 'link' => "index.php?module=user-users&action=search", 32 'description' => $lang->find_users_desc 33 ); 34 35 $sub_tabs['create_user'] = array( 36 'title' => $lang->create_user, 37 'link' => "index.php?module=user-users&action=add", 38 'description' => $lang->create_user_desc 39 ); 40 41 $sub_tabs['merge_users'] = array( 42 'title' => $lang->merge_users, 43 'link' => "index.php?module=user-users&action=merge", 44 'description' => $lang->merge_users_desc 45 ); 46 } 47 48 $user_view_fields = array( 49 "avatar" => array( 50 "title" => $lang->avatar, 51 "width" => "24", 52 "align" => "" 53 ), 54 55 "username" => array( 56 "title" => $lang->username, 57 "width" => "", 58 "align" => "" 59 ), 60 61 "email" => array( 62 "title" => $lang->email, 63 "width" => "", 64 "align" => "center" 65 ), 66 67 "usergroup" => array( 68 "title" => $lang->primary_group, 69 "width" => "", 70 "align" => "center" 71 ), 72 73 "additionalgroups" => array( 74 "title" => $lang->additional_groups, 75 "width" => "", 76 "align" => "center" 77 ), 78 79 "regdate" => array( 80 "title" => $lang->registered, 81 "width" => "", 82 "align" => "center" 83 ), 84 85 "lastactive" => array( 86 "title" => $lang->last_active, 87 "width" => "", 88 "align" => "center" 89 ), 90 91 "postnum" => array( 92 "title" => $lang->post_count, 93 "width" => "", 94 "align" => "center" 95 ), 96 97 "threadnum" => array( 98 "title" => $lang->thread_count, 99 "width" => "", 100 "align" => "center" 101 ), 102 103 "reputation" => array( 104 "title" => $lang->reputation, 105 "width" => "", 106 "align" => "center" 107 ), 108 109 "warninglevel" => array( 110 "title" => $lang->warning_level, 111 "width" => "", 112 "align" => "center" 113 ), 114 115 "regip" => array( 116 "title" => $lang->registration_ip, 117 "width" => "", 118 "align" => "center" 119 ), 120 121 "lastip" => array( 122 "title" => $lang->last_known_ip, 123 "width" => "", 124 "align" => "center" 125 ), 126 127 "controls" => array( 128 "title" => $lang->controls, 129 "width" => "", 130 "align" => "center" 131 ) 132 ); 133 134 $sort_options = array( 135 "username" => $lang->username, 136 "regdate" => $lang->registration_date, 137 "lastactive" => $lang->last_active, 138 "numposts" => $lang->post_count, 139 "reputation" => $lang->reputation, 140 "warninglevel" => $lang->warning_level 141 ); 142 143 $plugins->run_hooks("admin_user_users_begin"); 144 145 // Initialise the views manager for user based views 146 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 147 if($mybb->input['action'] == "views") 148 { 149 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 150 } 151 152 if($mybb->input['action'] == 'iplookup') 153 { 154 $mybb->input['ipaddress'] = $mybb->get_input('ipaddress'); 155 $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress'])); 156 $ipaddress_location = $lang->na; 157 $ipaddress_host_name = $lang->na; 158 $modcp_ipsearch_misc_info = ''; 159 if(!strstr($mybb->input['ipaddress'], "*")) 160 { 161 // Return GeoIP information if it is available to us 162 if(function_exists('geoip_record_by_name')) 163 { 164 $ip_record = @geoip_record_by_name($mybb->input['ipaddress']); 165 if($ip_record) 166 { 167 $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name'])); 168 if($ip_record['city']) 169 { 170 $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city'])); 171 } 172 } 173 } 174 175 if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP)) 176 { 177 $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress'])); 178 179 // gethostbyaddr returns the same ip on failure 180 if($ipaddress_host_name == $mybb->input['ipaddress']) 181 { 182 $ipaddress_host_name = $lang->na; 183 } 184 } 185 } 186 187 ?> 188 <div class="modal"> 189 <div style="overflow-y: auto; max-height: 400px;"> 190 191 <?php 192 193 $table = new Table(); 194 195 $table->construct_cell($lang->ipaddress_host_name.":"); 196 $table->construct_cell($ipaddress_host_name); 197 $table->construct_row(); 198 199 $table->construct_cell($lang->ipaddress_location.":"); 200 $table->construct_cell($ipaddress_location); 201 $table->construct_row(); 202 203 $table->output($lang->ipaddress_misc_info); 204 205 ?> 206 </div> 207 </div> 208 <?php 209 } 210 211 if($mybb->input['action'] == "activate_user") 212 { 213 if(!verify_post_check($mybb->get_input('my_post_key'))) 214 { 215 flash_message($lang->invalid_post_verify_key2, 'error'); 216 admin_redirect("index.php?module=user-users"); 217 } 218 219 $user = get_user($mybb->input['uid']); 220 221 // Does the user not exist? 222 if(!$user || $user['usergroup'] != 5) 223 { 224 flash_message($lang->error_invalid_user, 'error'); 225 admin_redirect("index.php?module=user-users"); 226 } 227 228 $plugins->run_hooks("admin_user_users_coppa_activate"); 229 230 $updated_user['usergroup'] = $user['usergroup']; 231 232 // Update 233 if($user['coppauser']) 234 { 235 $updated_user = array( 236 "coppauser" => 0 237 ); 238 } 239 else 240 { 241 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 242 } 243 244 // Move out of awaiting activation if they're in it. 245 if($user['usergroup'] == 5) 246 { 247 $updated_user['usergroup'] = 2; 248 } 249 250 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 251 252 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 253 254 $cache->update_awaitingactivation(); 255 256 $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 257 my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 258 259 // Log admin action 260 log_admin_action($user['uid'], $user['username']); 261 262 if($mybb->input['from'] == "home") 263 { 264 if($user['coppauser']) 265 { 266 $message = $lang->success_coppa_activated; 267 } 268 else 269 { 270 $message = $lang->success_activated; 271 } 272 273 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 274 } 275 else 276 { 277 if($user['coppauser']) 278 { 279 flash_message($lang->success_coppa_activated, 'success'); 280 } 281 else 282 { 283 flash_message($lang->success_activated, 'success'); 284 } 285 } 286 287 if($admin_session['data']['last_users_url']) 288 { 289 $url = $admin_session['data']['last_users_url']; 290 update_admin_session('last_users_url', ''); 291 292 if($mybb->input['from'] == "home") 293 { 294 update_admin_session('from', 'home'); 295 } 296 } 297 else 298 { 299 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 300 } 301 302 $plugins->run_hooks("admin_user_users_coppa_end"); 303 304 admin_redirect($url); 305 } 306 307 if($mybb->input['action'] == "add") 308 { 309 $plugins->run_hooks("admin_user_users_add"); 310 311 if($mybb->request_method == "post") 312 { 313 // Determine the usergroup stuff 314 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 315 { 316 foreach($mybb->input['additionalgroups'] as $key => $gid) 317 { 318 if($gid == $mybb->input['usergroup']) 319 { 320 unset($mybb->input['additionalgroups'][$key]); 321 } 322 } 323 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 324 } 325 else 326 { 327 $additionalgroups = ''; 328 } 329 330 // Set up user handler. 331 require_once MYBB_ROOT."inc/datahandlers/user.php"; 332 $userhandler = new UserDataHandler('insert'); 333 334 // Set the data for the new user. 335 $new_user = array( 336 "uid" => $mybb->get_input('uid'), 337 "username" => $mybb->get_input('username'), 338 "password" => $mybb->get_input('password'), 339 "password2" => $mybb->get_input('confirm_password'), 340 "email" => $mybb->get_input('email'), 341 "email2" => $mybb->get_input('email'), 342 "usergroup" => $mybb->get_input('usergroup'), 343 "additionalgroups" => $additionalgroups, 344 "displaygroup" => $mybb->get_input('displaygroup'), 345 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 346 "profile_fields_editable" => true, 347 ); 348 349 // Set the data of the user in the datahandler. 350 $userhandler->set_data($new_user); 351 $errors = ''; 352 353 // Validate the user and get any errors that might have occurred. 354 if(!$userhandler->validate_user()) 355 { 356 $errors = $userhandler->get_friendly_errors(); 357 } 358 else 359 { 360 $user_info = $userhandler->insert_user(); 361 362 $plugins->run_hooks("admin_user_users_add_commit"); 363 364 // Log admin action 365 log_admin_action($user_info['uid'], $user_info['username']); 366 367 flash_message($lang->success_user_created, 'success'); 368 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 369 } 370 } 371 372 // Fetch custom profile fields - only need required profile fields here 373 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 374 375 $profile_fields = array( 376 'required' => array(), 377 'optional' => array(), 378 ); 379 while($profile_field = $db->fetch_array($query)) 380 { 381 $profile_fields['required'][] = $profile_field; 382 } 383 384 $page->add_breadcrumb_item($lang->create_user); 385 $page->output_header($lang->create_user); 386 387 $form = new Form("index.php?module=user-users&action=add", "post"); 388 389 $page->output_nav_tabs($sub_tabs, 'create_user'); 390 391 // If we have any error messages, show them 392 if($errors) 393 { 394 $page->output_inline_error($errors); 395 } 396 else 397 { 398 $mybb->input = array_merge($mybb->input, array('usergroup' => 2)); 399 } 400 401 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 402 403 $form_container = new FormContainer($lang->required_profile_info); 404 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username'); 405 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password'); 406 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password'); 407 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email'); 408 409 $display_group_options[0] = $lang->use_primary_user_group; 410 $options = array(); 411 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 412 while($usergroup = $db->fetch_array($query)) 413 { 414 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 415 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 416 } 417 418 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 419 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 420 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 421 422 // Output custom profile fields - required 423 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 424 425 $form_container->end(); 426 $buttons[] = $form->generate_submit_button($lang->save_user); 427 $form->output_submit_wrapper($buttons); 428 429 $form->end(); 430 $page->output_footer(); 431 } 432 433 if($mybb->input['action'] == "edit") 434 { 435 $user = get_user($mybb->input['uid']); 436 437 // Does the user not exist? 438 if(!$user) 439 { 440 flash_message($lang->error_invalid_user, 'error'); 441 admin_redirect("index.php?module=user-users"); 442 } 443 444 $plugins->run_hooks("admin_user_users_edit"); 445 446 if($mybb->request_method == "post") 447 { 448 $plugins->run_hooks("admin_user_users_edit_start"); 449 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 450 { 451 flash_message($lang->error_no_perms_super_admin, 'error'); 452 admin_redirect("index.php?module=user-users"); 453 } 454 455 // Determine the usergroup stuff 456 if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups'])) 457 { 458 foreach($mybb->input['additionalgroups'] as $key => $gid) 459 { 460 if($gid == $mybb->input['usergroup']) 461 { 462 unset($mybb->input['additionalgroups'][$key]); 463 } 464 } 465 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 466 } 467 else 468 { 469 $additionalgroups = ''; 470 } 471 472 $returndate = ""; 473 if(!empty($mybb->input['away_day'])) 474 { 475 $awaydate = TIME_NOW; 476 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 477 if(!$mybb->input['away_month']) 478 { 479 $mybb->input['away_month'] = my_date('n', $awaydate); 480 } 481 if(!$mybb->input['away_year']) 482 { 483 $mybb->input['away_year'] = my_date('Y', $awaydate); 484 } 485 486 $return_month = (int)substr($mybb->input['away_month'], 0, 2); 487 $return_day = (int)substr($mybb->input['away_day'], 0, 2); 488 $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999); 489 490 // Check if return date is after the away date. 491 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 492 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 493 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 494 { 495 $away_in_past = true; 496 } 497 498 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 499 } 500 501 // Set up user handler. 502 require_once MYBB_ROOT."inc/datahandlers/user.php"; 503 $userhandler = new UserDataHandler('update'); 504 505 // Set the data for the new user. 506 $updated_user = array( 507 "uid" => $mybb->get_input('uid'), 508 "username" => $mybb->get_input('username'), 509 "email" => $mybb->get_input('email'), 510 "email2" => $mybb->get_input('email'), 511 "usergroup" => $mybb->get_input('usergroup'), 512 "additionalgroups" => $additionalgroups, 513 "displaygroup" => $mybb->get_input('displaygroup'), 514 "postnum" => $mybb->get_input('postnum'), 515 "threadnum" => $mybb->get_input('threadnum'), 516 "usertitle" => $mybb->get_input('usertitle'), 517 "timezone" => $mybb->get_input('timezone'), 518 "language" => $mybb->get_input('language'), 519 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 520 "profile_fields_editable" => true, 521 "website" => $mybb->get_input('website'), 522 "birthday" => array( 523 "day" => $mybb->get_input('bday1'), 524 "month" => $mybb->get_input('bday2'), 525 "year" => $mybb->get_input('bday3') 526 ), 527 "style" => $mybb->get_input('style'), 528 "signature" => $mybb->get_input('signature'), 529 "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT), 530 "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT), 531 "usernotes" => $mybb->get_input('usernotes'), 532 "away" => array( 533 "away" => $mybb->get_input('away'), 534 "date" => TIME_NOW, 535 "returndate" => $returndate, 536 "awayreason" => $mybb->get_input('awayreason') 537 ) 538 ); 539 540 if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5) 541 { 542 if($user['coppauser'] == 1) 543 { 544 $updated_user['coppa_user'] = 0; 545 } 546 } 547 if($mybb->get_input('new_password')) 548 { 549 $updated_user['password'] = $mybb->get_input('new_password'); 550 $updated_user['password2'] = $mybb->get_input('confirm_new_password'); 551 } 552 553 $updated_user['options'] = array( 554 "allownotices" => $mybb->get_input('allownotices'), 555 "hideemail" => $mybb->get_input('hideemail'), 556 "subscriptionmethod" => $mybb->get_input('subscriptionmethod'), 557 "invisible" => $mybb->get_input('invisible'), 558 "dstcorrection" => $mybb->get_input('dstcorrection'), 559 "threadmode" => $mybb->get_input('threadmode'), 560 "classicpostbit" => $mybb->get_input('classicpostbit'), 561 "showimages" => $mybb->get_input('showimages'), 562 "showvideos" => $mybb->get_input('showvideos'), 563 "showsigs" => $mybb->get_input('showsigs'), 564 "showavatars" => $mybb->get_input('showavatars'), 565 "showquickreply" => $mybb->get_input('showquickreply'), 566 "receivepms" => $mybb->get_input('receivepms'), 567 "receivefrombuddy" => $mybb->get_input('receivefrombuddy'), 568 "pmnotice" => $mybb->get_input('pmnotice'), 569 "daysprune" => $mybb->get_input('daysprune'), 570 "showcodebuttons" => $mybb->get_input('showcodebuttons'), 571 "sourceeditor" => $mybb->get_input('sourceeditor'), 572 "pmnotify" => $mybb->get_input('pmnotify'), 573 "buddyrequestspm" => $mybb->get_input('buddyrequestspm'), 574 "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'), 575 "showredirect" => $mybb->get_input('showredirect') 576 ); 577 578 if($mybb->settings['usertppoptions']) 579 { 580 $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT); 581 } 582 583 if($mybb->settings['userpppoptions']) 584 { 585 $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT); 586 } 587 588 // Set the data of the user in the datahandler. 589 $userhandler->set_data($updated_user); 590 $errors = array(); 591 592 // Validate the user and get any errors that might have occurred. 593 if(!$userhandler->validate_user()) 594 { 595 $errors = $userhandler->get_friendly_errors(); 596 } 597 else 598 { 599 // Are we removing an avatar from this user? 600 if($mybb->get_input('remove_avatar')) 601 { 602 $extra_user_updates = array( 603 "avatar" => "", 604 "avatardimensions" => "", 605 "avatartype" => "" 606 ); 607 remove_avatars($user['uid']); 608 } 609 610 // Are we uploading a new avatar? 611 if($_FILES['avatar_upload']['name']) 612 { 613 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 614 if($avatar['error']) 615 { 616 $errors = array($avatar['error']); 617 } 618 else 619 { 620 if($avatar['width'] > 0 && $avatar['height'] > 0) 621 { 622 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 623 } 624 $extra_user_updates = array( 625 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 626 "avatardimensions" => $avatar_dimensions, 627 "avatartype" => "upload" 628 ); 629 } 630 } 631 // Are we setting a new avatar from a URL? 632 else if(!empty($mybb->input['avatar_url']) && $mybb->input['avatar_url'] != $user['avatar']) 633 { 634 if(!$mybb->settings['allowremoteavatars']) 635 { 636 $errors = array($lang->error_remote_avatar_not_allowed); 637 } 638 else 639 { 640 if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false) 641 { 642 // Gravatar 643 $email = md5(strtolower(trim($mybb->input['avatar_url']))); 644 645 $s = ''; 646 if(!$mybb->settings['maxavatardims']) 647 { 648 $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits 649 } 650 651 // Because Gravatars are square, hijack the width 652 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 653 654 $s = "?s={$maxwidth}"; 655 $maxheight = (int)$maxwidth; 656 657 $extra_user_updates = array( 658 "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}", 659 "avatardimensions" => "{$maxheight}|{$maxheight}", 660 "avatartype" => "gravatar" 661 ); 662 } 663 else 664 { 665 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 666 $ext = get_extension($mybb->input['avatar_url']); 667 668 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 669 $file = fetch_remote_file($mybb->input['avatar_url']); 670 if(!$file) 671 { 672 $avatar_error = $lang->error_invalidavatarurl; 673 } 674 else 675 { 676 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 677 $fp = @fopen($tmp_name, "wb"); 678 if(!$fp) 679 { 680 $avatar_error = $lang->error_invalidavatarurl; 681 } 682 else 683 { 684 fwrite($fp, $file); 685 fclose($fp); 686 list($width, $height, $type) = @getimagesize($tmp_name); 687 @unlink($tmp_name); 688 echo $type; 689 if(!$type) 690 { 691 $avatar_error = $lang->error_invalidavatarurl; 692 } 693 } 694 } 695 696 if(empty($avatar_error)) 697 { 698 if($width && $height && $mybb->settings['maxavatardims'] != "") 699 { 700 list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 701 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 702 { 703 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 704 $avatar_error = $lang->error_avatartoobig; 705 } 706 } 707 } 708 709 if(empty($avatar_error)) 710 { 711 if($width > 0 && $height > 0) 712 { 713 $avatar_dimensions = (int)$width."|".(int)$height; 714 } 715 $extra_user_updates = array( 716 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 717 "avatardimensions" => $avatar_dimensions, 718 "avatartype" => "remote" 719 ); 720 remove_avatars($user['uid']); 721 } 722 else 723 { 724 $errors = array($avatar_error); 725 } 726 } 727 } 728 } 729 730 // Moderator "Options" (suspend signature, suspend/moderate posting) 731 $moderator_options = array( 732 1 => array( 733 "action" => "suspendsignature", // The moderator action we're performing 734 "period" => "action_period", // The time period we've selected from the dropdown box 735 "time" => "action_time", // The time we've entered 736 "update_field" => "suspendsignature", // The field in the database to update if true 737 "update_length" => "suspendsigtime" // The length of suspension field in the database 738 ), 739 2 => array( 740 "action" => "moderateposting", 741 "period" => "modpost_period", 742 "time" => "modpost_time", 743 "update_field" => "moderateposts", 744 "update_length" => "moderationtime" 745 ), 746 3 => array( 747 "action" => "suspendposting", 748 "period" => "suspost_period", 749 "time" => "suspost_time", 750 "update_field" => "suspendposting", 751 "update_length" => "suspensiontime" 752 ) 753 ); 754 755 require_once MYBB_ROOT."inc/functions_warnings.php"; 756 foreach($moderator_options as $option) 757 { 758 if(empty($mybb->input[$option['action']])) 759 { 760 if($user[$option['update_field']] == 1) 761 { 762 // We're revoking the suspension 763 $extra_user_updates[$option['update_field']] = 0; 764 $extra_user_updates[$option['update_length']] = 0; 765 } 766 767 // Skip this option if we haven't selected it 768 continue; 769 } 770 else 771 { 772 if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 773 { 774 // User has selected a type of ban, but not entered a valid time frame 775 $string = $option['action']."_error"; 776 $errors[] = $lang->$string; 777 } 778 779 if(!is_array($errors)) 780 { 781 $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]); 782 783 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 784 { 785 // We already have a suspension, but entered a new time 786 if($suspend_length == "-1") 787 { 788 // Permanent ban on action 789 $extra_user_updates[$option['update_length']] = 0; 790 } 791 elseif($suspend_length && $suspend_length != "-1") 792 { 793 // Temporary ban on action 794 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 795 } 796 } 797 elseif(!$user[$option['update_field']]) 798 { 799 // New suspension for this user... bad user! 800 $extra_user_updates[$option['update_field']] = 1; 801 if($suspend_length == "-1") 802 { 803 $extra_user_updates[$option['update_length']] = 0; 804 } 805 else 806 { 807 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 808 } 809 } 810 } 811 } 812 } 813 814 if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting'])) 815 { 816 $errors[] = $lang->suspendmoderate_error; 817 } 818 819 if(isset($away_in_past)) 820 { 821 $errors[] = $lang->error_acp_return_date_past; 822 } 823 824 if(!$errors) 825 { 826 $user_info = $userhandler->update_user(); 827 828 $plugins->run_hooks("admin_user_users_edit_commit_start"); 829 830 if(!empty($extra_user_updates)) 831 { 832 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 833 } 834 835 // if we're updating the user's signature preferences, do so now 836 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 837 { 838 $update_signature = array( 839 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 840 ); 841 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 842 } 843 844 $plugins->run_hooks("admin_user_users_edit_commit"); 845 846 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 847 { 848 $cache->update_awaitingactivation(); 849 } 850 851 // Log admin action 852 log_admin_action($user['uid'], $mybb->input['username']); 853 854 flash_message($lang->success_user_updated, 'success'); 855 admin_redirect("index.php?module=user-users"); 856 } 857 $plugins->run_hooks("admin_user_users_edit_end"); 858 } 859 } 860 861 if(!$errors) 862 { 863 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 864 $mybb->input = array_merge($mybb->input, $user); 865 866 $options = array( 867 'bday1', 'bday2', 'bday3', 868 'new_password', 'confirm_new_password', 869 'action_time', 'action_period', 870 'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time' 871 ); 872 873 foreach($options as $option) 874 { 875 if(!isset($input_user[$option])) 876 { 877 $mybb->input[$option] = ''; 878 } 879 } 880 881 // We need to fetch this users profile field values 882 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 883 $mybb->input['profile_fields'] = $db->fetch_array($query); 884 } 885 886 if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3']) 887 { 888 $mybb->input['bday'][0] = $mybb->input['bday1']; 889 $mybb->input['bday'][1] = $mybb->input['bday2']; 890 $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT); 891 } 892 else 893 { 894 $mybb->input['bday'] = array(0, 0, ''); 895 896 if($user['birthday']) 897 { 898 $mybb->input['bday'] = explode('-', $user['birthday']); 899 } 900 } 901 902 if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year')) 903 { 904 $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT); 905 } 906 else 907 { 908 $mybb->input['away_day'] = 0; 909 $mybb->input['away_month'] = 0; 910 $mybb->input['away_year'] = ''; 911 912 if($user['returndate']) 913 { 914 list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']); 915 } 916 } 917 918 // Fetch custom profile fields 919 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 920 921 $profile_fields = array( 922 'required' => array(), 923 'optional' => array(), 924 ); 925 while($profile_field = $db->fetch_array($query)) 926 { 927 if($profile_field['required'] == 1) 928 { 929 $profile_fields['required'][] = $profile_field; 930 } 931 else 932 { 933 $profile_fields['optional'][] = $profile_field; 934 } 935 } 936 937 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 938 939 $page->extra_header .= <<<EOF 940 941 <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" /> 942 <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1840"></script> 943 <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1837"></script> 944 <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1840"></script> 945 EOF; 946 $page->output_header($lang->edit_user); 947 948 $sub_tabs['edit_user'] = array( 949 'title' => $lang->edit_user, 950 'description' => $lang->edit_user_desc 951 ); 952 953 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 954 955 $page->output_nav_tabs($sub_tabs, 'edit_user'); 956 957 // If we have any error messages, show them 958 if($errors) 959 { 960 $page->output_inline_error($errors); 961 } 962 963 // Is this user a COPPA user? We show a warning & activate link 964 if($user['coppauser']) 965 { 966 echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code); 967 } 968 969 $tabs = array( 970 "overview" => $lang->overview, 971 "profile" => $lang->profile, 972 "settings" => $lang->account_settings, 973 "signature" => $lang->signature, 974 "avatar" => $lang->avatar, 975 "modoptions" => $lang->mod_options 976 ); 977 $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs); 978 $page->output_tab_control($tabs); 979 980 // 981 // OVERVIEW 982 // 983 echo "<div id=\"tab_overview\">\n"; 984 $table = new Table; 985 $table->construct_header($lang->avatar, array('class' => 'align_center')); 986 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 987 988 // Avatar 989 $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']); 990 if($user['avatardimensions']) 991 { 992 require_once MYBB_ROOT."inc/functions_image.php"; 993 list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']); 994 $scaled_dimensions = scale_image($width, $height, 120, 120); 995 } 996 else 997 { 998 $scaled_dimensions = array( 999 "width" => 120, 1000 "height" => 120 1001 ); 1002 } 1003 if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars'])) 1004 { 1005 if(!my_validate_url($user['avatar'])) 1006 { 1007 $avatar = format_avatar($user['avatar'], $user['avatardimensions']); 1008 $user['avatar'] = $avatar['image']; 1009 } 1010 } 1011 else 1012 { 1013 if(my_validate_url($mybb->settings['useravatar'])) 1014 { 1015 $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1016 } 1017 else 1018 { 1019 $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']); 1020 } 1021 } 1022 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 1023 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 1024 if(!empty($last_seen)) 1025 { 1026 $last_active = my_date('relative', $last_seen); 1027 } 1028 else 1029 { 1030 $last_active = $lang->never; 1031 } 1032 $reg_date = my_date('relative', $user['regdate']); 1033 if($user['dst'] == 1) 1034 { 1035 $timezone = (float)$user['timezone']+1; 1036 } 1037 else 1038 { 1039 $timezone = (float)$user['timezone']; 1040 } 1041 $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)); 1042 $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1043 1044 $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time); 1045 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1046 $posts_per_day = 0; 1047 if($days_registered > 0) 1048 { 1049 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1050 if($posts_per_day > $user['postnum']) 1051 { 1052 $posts_per_day = $user['postnum']; 1053 } 1054 } 1055 $posts_per_day = my_number_format($posts_per_day); 1056 1057 $stats = $cache->read("stats"); 1058 $posts = $stats['numposts']; 1059 if($posts == 0) 1060 { 1061 $percent_posts = "0"; 1062 } 1063 else 1064 { 1065 $percent_posts = round($user['postnum']*100/$posts, 2); 1066 } 1067 1068 $user_permissions = user_permissions($user['uid']); 1069 1070 // Fetch the reputation for this user 1071 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1072 { 1073 $reputation = get_reputation($user['reputation']); 1074 } 1075 else 1076 { 1077 $reputation = "-"; 1078 } 1079 1080 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1081 { 1082 if($mybb->settings['maxwarningpoints'] < 1) 1083 { 1084 $mybb->settings['maxwarningpoints'] = 10; 1085 } 1086 1087 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1088 if($warning_level > 100) 1089 { 1090 $warning_level = 100; 1091 } 1092 $warning_level = get_colored_warning_level($warning_level); 1093 } 1094 else 1095 { 1096 $warning_level = "-"; 1097 } 1098 1099 $age = $lang->na; 1100 if($user['birthday']) 1101 { 1102 $age = get_age($user['birthday']); 1103 } 1104 1105 $postnum = my_number_format($user['postnum']); 1106 1107 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1108 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1109 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1110 $table->construct_row(); 1111 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1112 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}"); 1113 $table->construct_row(); 1114 $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}"); 1115 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1116 $table->construct_row(); 1117 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1118 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1119 $table->construct_row(); 1120 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1121 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1122 $table->construct_row(); 1123 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip']))); 1124 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip']))); 1125 $table->construct_row(); 1126 1127 $username = htmlspecialchars_uni($user['username']); 1128 $table->output("{$lang->user_overview}: {$username}"); 1129 $plugins->run_hooks("admin_user_users_edit_overview"); 1130 echo "</div>\n"; 1131 1132 // 1133 // PROFILE 1134 // 1135 echo "<div id=\"tab_profile\">\n"; 1136 1137 $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username'])); 1138 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1139 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1140 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1141 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1142 1143 $display_group_options[0] = $lang->use_primary_user_group; 1144 $options = array(); 1145 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1146 while($usergroup = $db->fetch_array($query)) 1147 { 1148 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1149 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 1150 } 1151 1152 if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups'])) 1153 { 1154 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1155 } 1156 1157 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 1158 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1159 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup'); 1160 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum'); 1161 $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum'); 1162 1163 // Output custom profile fields - required 1164 if(!isset($profile_fields['required'])) 1165 { 1166 $profile_fields['required'] = array(); 1167 } 1168 output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form); 1169 1170 $form_container->end(); 1171 1172 $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username'])); 1173 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle'); 1174 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website'); 1175 1176 // Birthday 1177 $birthday_days = array(0 => ''); 1178 for($i = 1; $i <= 31; $i++) 1179 { 1180 $birthday_days[$i] = $i; 1181 } 1182 1183 $birthday_months = array( 1184 0 => '', 1185 1 => $lang->january, 1186 2 => $lang->february, 1187 3 => $lang->march, 1188 4 => $lang->april, 1189 5 => $lang->may, 1190 6 => $lang->june, 1191 7 => $lang->july, 1192 8 => $lang->august, 1193 9 => $lang->september, 1194 10 => $lang->october, 1195 11 => $lang->november, 1196 12 => $lang->december 1197 ); 1198 1199 $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day')); 1200 $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month')); 1201 $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0)); 1202 1203 $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday'); 1204 1205 // Output custom profile fields - optional 1206 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1207 1208 $form_container->end(); 1209 1210 1211 if($mybb->settings['allowaway'] != 0) 1212 { 1213 $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username'])); 1214 $awaycheck = array(false, true); 1215 if($mybb->input['away'] == 1) 1216 { 1217 $awaycheck = array(true, false); 1218 } 1219 $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away'); 1220 $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason'); 1221 1222 //Return date (we can use the arrays from birthday) 1223 $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day')); 1224 $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month')); 1225 $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0)); 1226 1227 $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date'); 1228 1229 $form_container->end(); 1230 } 1231 1232 $plugins->run_hooks("admin_user_users_edit_profile"); 1233 echo "</div>\n"; 1234 1235 // 1236 // ACCOUNT SETTINGS 1237 // 1238 1239 echo "<div id=\"tab_settings\">\n"; 1240 $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username'])); 1241 $login_options = array( 1242 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))), 1243 ); 1244 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1245 1246 if($mybb->get_input('pmnotice') > 1) 1247 { 1248 $mybb->input['pmnotice'] = 1; 1249 } 1250 1251 $messaging_options = array( 1252 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))), 1253 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))), 1254 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))), 1255 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))), 1256 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))), 1257 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))), 1258 $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))), 1259 $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))), 1260 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod')) 1261 ); 1262 1263 // Allow plugins to add messaging options 1264 $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options); 1265 1266 // Output messaging options 1267 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1268 1269 $date_format_options = array($lang->use_default); 1270 foreach($date_formats as $key => $format) 1271 { 1272 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1273 } 1274 1275 $time_format_options = array($lang->use_default); 1276 foreach($time_formats as $key => $format) 1277 { 1278 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1279 } 1280 1281 $date_options = array( 1282 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')), 1283 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')), 1284 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')), 1285 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection')) 1286 ); 1287 1288 // Allow plugins to add date options 1289 $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options); 1290 1291 // Output date options 1292 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1293 1294 1295 $tpp_options = array($lang->use_default); 1296 if($mybb->settings['usertppoptions']) 1297 { 1298 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1299 if(is_array($explodedtpp)) 1300 { 1301 foreach($explodedtpp as $tpp) 1302 { 1303 if($tpp <= 0) continue; 1304 $tpp_options[$tpp] = $tpp; 1305 } 1306 } 1307 } 1308 1309 $thread_age_options = array( 1310 0 => $lang->use_default, 1311 1 => $lang->show_threads_last_day, 1312 5 => $lang->show_threads_last_5_days, 1313 10 => $lang->show_threads_last_10_days, 1314 20 => $lang->show_threads_last_20_days, 1315 50 => $lang->show_threads_last_50_days, 1316 75 => $lang->show_threads_last_75_days, 1317 100 => $lang->show_threads_last_100_days, 1318 365 => $lang->show_threads_last_year, 1319 9999 => $lang->show_all_threads 1320 ); 1321 1322 $forum_options = array( 1323 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')), 1324 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune')) 1325 ); 1326 1327 // Allow plugins to add forum options 1328 $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options); 1329 1330 // Output forum options 1331 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1332 1333 $ppp_options = array($lang->use_default); 1334 if($mybb->settings['userpppoptions']) 1335 { 1336 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1337 if(is_array($explodedppp)) 1338 { 1339 foreach($explodedppp as $ppp) 1340 { 1341 if($ppp <= 0) continue; 1342 $ppp_options[$ppp] = $ppp; 1343 } 1344 } 1345 } 1346 1347 $thread_options = array( 1348 $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))), 1349 $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))), 1350 $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))), 1351 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))), 1352 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))), 1353 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))), 1354 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')), 1355 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1356 ); 1357 1358 // Allow plugins to add thread options 1359 $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options); 1360 1361 // Output thread options 1362 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1363 1364 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1365 1366 $other_options = array( 1367 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))), 1368 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))), 1369 $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))), 1370 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true), 1371 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language')) 1372 ); 1373 1374 // Allow plugins to add other options 1375 $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options); 1376 1377 // Output other options 1378 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1379 1380 $form_container->end(); 1381 $plugins->run_hooks("admin_user_users_edit_settings"); 1382 echo "</div>\n"; 1383 1384 // 1385 // SIGNATURE EDITOR 1386 // 1387 $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%')); 1388 $sig_smilies = $lang->off; 1389 if($mybb->settings['sigsmilies'] == 1) 1390 { 1391 $sig_smilies = $lang->on; 1392 } 1393 $sig_mycode = $lang->off; 1394 if($mybb->settings['sigmycode'] == 1) 1395 { 1396 $sig_mycode = $lang->on; 1397 $signature_editor .= build_mycode_inserter("signature"); 1398 } 1399 $sig_html = $lang->off; 1400 if($mybb->settings['sightml'] == 1) 1401 { 1402 $sig_html = $lang->on; 1403 } 1404 $sig_imgcode = $lang->off; 1405 if($mybb->settings['sigimgcode'] == 1) 1406 { 1407 $sig_imgcode = $lang->on; 1408 } 1409 echo "<div id=\"tab_signature\">\n"; 1410 $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username'])); 1411 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1412 1413 $periods = array( 1414 "hours" => $lang->expire_hours, 1415 "days" => $lang->expire_days, 1416 "weeks" => $lang->expire_weeks, 1417 "months" => $lang->expire_months, 1418 "never" => $lang->expire_permanent 1419 ); 1420 1421 // Are we already suspending the signature? 1422 if($mybb->get_input('suspendsignature')) 1423 { 1424 $sig_checked = 1; 1425 1426 // Display how much time is left on the ban for the user to extend it 1427 if($user['suspendsigtime'] == "0") 1428 { 1429 // Permanent 1430 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1431 } 1432 else 1433 { 1434 // There's a limit to the suspension! 1435 $remaining = $user['suspendsigtime']-TIME_NOW; 1436 $expired = nice_time($remaining, array('seconds' => false)); 1437 1438 $color = 'inherit'; 1439 if($remaining < 3600) 1440 { 1441 $color = 'red'; 1442 } 1443 elseif($remaining < 86400) 1444 { 1445 $color = 'maroon'; 1446 } 1447 elseif($remaining < 604800) 1448 { 1449 $color = 'green'; 1450 } 1451 1452 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color); 1453 } 1454 $user_suspend_info = ' 1455 <tr> 1456 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1457 </tr>'; 1458 } 1459 else 1460 { 1461 $sig_checked = 0; 1462 $user_suspend_info = ''; 1463 } 1464 1465 $actions = ' 1466 <script type="text/javascript"> 1467 <!-- 1468 var sig_checked = "'.$sig_checked.'"; 1469 1470 function toggleAction() 1471 { 1472 if($("#suspend_action").is(\':visible\')) 1473 { 1474 $("#suspend_action").hide(); 1475 } 1476 else 1477 { 1478 $("#suspend_action").show(); 1479 } 1480 } 1481 // --> 1482 </script> 1483 1484 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1485 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1486 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1487 <table cellpadding="4">'.$user_suspend_info.' 1488 <tr> 1489 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1490 <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1491 </tr> 1492 </table> 1493 </dd> 1494 </dl> 1495 1496 <script type="text/javascript"> 1497 <!-- 1498 if(sig_checked == 0) 1499 { 1500 $("#suspend_action").hide(); 1501 } 1502 // --> 1503 </script>'; 1504 1505 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1506 1507 $signature_options = array( 1508 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1509 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1510 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1511 ); 1512 1513 $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options)); 1514 1515 $form_container->end(); 1516 $plugins->run_hooks("admin_user_users_edit_signatur"); 1517 echo "</div>\n"; 1518 1519 // 1520 // AVATAR MANAGER 1521 // 1522 echo "<div id=\"tab_avatar\">\n"; 1523 $table = new Table; 1524 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1525 1526 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1527 1528 $avatar_url = ''; 1529 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1530 { 1531 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1532 } 1533 elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar'])) 1534 { 1535 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1536 $avatar_url = $user['avatar']; 1537 } 1538 1539 if($errors) 1540 { 1541 if(isset($mybb->input['avatar_url'])) 1542 { 1543 $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']); 1544 } 1545 } 1546 1547 if($mybb->settings['maxavatardims'] != "") 1548 { 1549 list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims'])); 1550 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1551 } 1552 1553 if($mybb->settings['avatarsize']) 1554 { 1555 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1556 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1557 } 1558 1559 if($user['avatar']) 1560 { 1561 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1562 } 1563 1564 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1565 $table->construct_row(); 1566 1567 $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username'])); 1568 1569 // Custom avatar 1570 if($mybb->settings['avatarresizing'] == "auto") 1571 { 1572 $auto_resize = $lang->avatar_auto_resize; 1573 } 1574 else if($mybb->settings['avatarresizing'] == "user") 1575 { 1576 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1577 } 1578 $form_container = new FormContainer($lang->specify_custom_avatar); 1579 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1580 if($mybb->settings['allowremoteavatars']) 1581 { 1582 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1583 } 1584 $form_container->end(); 1585 $plugins->run_hooks("admin_user_users_edit_avatar"); 1586 echo "</div>\n"; 1587 1588 // 1589 // MODERATOR OPTIONS 1590 // 1591 $periods = array( 1592 "hours" => $lang->expire_hours, 1593 "days" => $lang->expire_days, 1594 "weeks" => $lang->expire_weeks, 1595 "months" => $lang->expire_months, 1596 "never" => $lang->expire_permanent 1597 ); 1598 1599 echo "<div id=\"tab_modoptions\">\n"; 1600 $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username'])); 1601 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1602 1603 // Mod posts 1604 // Generate check box 1605 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1606 1607 // Do we have any existing suspensions here? 1608 $existing_info = ''; 1609 if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors))) 1610 { 1611 $mybb->input['moderateposting'] = 1; 1612 if($user['moderationtime'] != 0) 1613 { 1614 $remaining = $user['moderationtime']-TIME_NOW; 1615 $expired = nice_time($remaining, array('seconds' => false)); 1616 1617 $color = 'inherit'; 1618 if($remaining < 3600) 1619 { 1620 $color = 'red'; 1621 } 1622 elseif($remaining < 86400) 1623 { 1624 $color = 'maroon'; 1625 } 1626 elseif($remaining < 604800) 1627 { 1628 $color = 'green'; 1629 } 1630 1631 $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color); 1632 } 1633 else 1634 { 1635 $existing_info = $lang->moderated_perm; 1636 } 1637 } 1638 1639 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>'; 1640 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username'])); 1641 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div); 1642 1643 // Suspend posts 1644 // Generate check box 1645 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period')); 1646 1647 // Do we have any existing suspensions here? 1648 if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors))) 1649 { 1650 $mybb->input['suspendposting'] = 1; 1651 1652 if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never") 1653 { 1654 $existing_info = $lang->suspended_perm; 1655 } 1656 else 1657 { 1658 $remaining = $user['suspensiontime']-TIME_NOW; 1659 $suspost_date = nice_time($remaining, array('seconds' => false)); 1660 1661 $color = 'inherit'; 1662 if($remaining < 3600) 1663 { 1664 $color = 'red'; 1665 } 1666 elseif($remaining < 86400) 1667 { 1668 $color = 'maroon'; 1669 } 1670 elseif($remaining < 604800) 1671 { 1672 $color = 'green'; 1673 } 1674 1675 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color); 1676 } 1677 } 1678 1679 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>'; 1680 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username'])); 1681 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div); 1682 1683 1684 $form_container->end(); 1685 $plugins->run_hooks("admin_user_users_edit_moderator_options"); 1686 echo "</div>\n"; 1687 1688 $plugins->run_hooks("admin_user_users_edit_graph"); 1689 1690 $buttons[] = $form->generate_submit_button($lang->save_user); 1691 $form->output_submit_wrapper($buttons); 1692 1693 $form->end(); 1694 1695 echo '<script type="text/javascript"> 1696 <!-- 1697 1698 function toggleBox(action) 1699 { 1700 if(action == "modpost") 1701 { 1702 $("#suspendposting").attr("checked", false); 1703 $("#suspost").hide(); 1704 1705 if($("#moderateposting").is(":checked") == true) 1706 { 1707 $("#modpost").show(); 1708 } 1709 else if($("#moderateposting").is(":checked") == false) 1710 { 1711 $("#modpost").hide(); 1712 } 1713 } 1714 else if(action == "suspost") 1715 { 1716 $("#moderateposting").attr("checked", false); 1717 $("#modpost").hide(); 1718 1719 if($("#suspendposting").is(":checked") == true) 1720 { 1721 $("#suspost").show(); 1722 } 1723 else if($("#suspendposting").is(":checked") == false) 1724 { 1725 $("#suspost").hide(); 1726 } 1727 } 1728 } 1729 1730 if($("#moderateposting").is(":checked") == false) 1731 { 1732 $("#modpost").hide(); 1733 } 1734 else 1735 { 1736 $("#modpost").show(); 1737 } 1738 1739 if($("#suspendposting").is(":checked") == false) 1740 { 1741 $("#suspost").hide(); 1742 } 1743 else 1744 { 1745 $("#suspost").show(); 1746 } 1747 1748 // --> 1749 </script>'; 1750 1751 $page->output_footer(); 1752 } 1753 1754 if($mybb->input['action'] == "delete") 1755 { 1756 $user = get_user($mybb->input['uid']); 1757 1758 // Does the user not exist? 1759 if(!$user) 1760 { 1761 flash_message($lang->error_invalid_user, 'error'); 1762 admin_redirect("index.php?module=user-users"); 1763 } 1764 1765 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1766 { 1767 flash_message($lang->error_no_perms_super_admin, 'error'); 1768 admin_redirect("index.php?module=user-users"); 1769 } 1770 1771 // User clicked no 1772 if($mybb->get_input('no')) 1773 { 1774 admin_redirect("index.php?module=user-users"); 1775 } 1776 1777 $plugins->run_hooks("admin_user_users_delete"); 1778 1779 if($mybb->request_method == "post") 1780 { 1781 $plugins->run_hooks("admin_user_users_delete_commit"); 1782 1783 // Set up user handler. 1784 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1785 $userhandler = new UserDataHandler('delete'); 1786 1787 // Delete the user 1788 if(!$userhandler->delete_user($user['uid'])) 1789 { 1790 flash_message($lang->error_cannot_delete_user, 'error'); 1791 admin_redirect("index.php?module=user-users"); 1792 } 1793 1794 $cache->update_awaitingactivation(); 1795 1796 $plugins->run_hooks("admin_user_users_delete_commit_end"); 1797 1798 log_admin_action($user['uid'], $user['username']); 1799 1800 flash_message($lang->success_user_deleted, 'success'); 1801 admin_redirect("index.php?module=user-users"); 1802 } 1803 else 1804 { 1805 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1806 } 1807 } 1808 1809 if($mybb->input['action'] == "referrers") 1810 { 1811 $page->add_breadcrumb_item($lang->show_referrers); 1812 $page->output_header($lang->show_referrers); 1813 1814 $sub_tabs['referrers'] = array( 1815 'title' => $lang->show_referrers, 1816 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1817 'description' => $lang->show_referrers_desc 1818 ); 1819 1820 $plugins->run_hooks("admin_user_users_referrers"); 1821 1822 $page->output_nav_tabs($sub_tabs, 'referrers'); 1823 1824 // Fetch default admin view 1825 $default_view = fetch_default_view("user"); 1826 if(!$default_view) 1827 { 1828 $default_view = "0"; 1829 } 1830 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1831 $admin_view = $db->fetch_array($query); 1832 1833 if(!empty($mybb->input['type'])) 1834 { 1835 $admin_view['view_type'] = $mybb->input['type']; 1836 } 1837 1838 $admin_view['conditions'] = my_unserialize($admin_view['conditions']); 1839 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1840 1841 $view = build_users_view($admin_view); 1842 1843 // No referred users 1844 if(!$view) 1845 { 1846 $table = new Table; 1847 $table->construct_cell($lang->error_no_referred_users); 1848 $table->construct_row(); 1849 $table->output($lang->show_referrers); 1850 } 1851 else 1852 { 1853 echo $view; 1854 } 1855 1856 $page->output_footer(); 1857 } 1858 1859 if($mybb->input['action'] == "ipaddresses") 1860 { 1861 $page->add_breadcrumb_item($lang->ip_addresses); 1862 $page->output_header($lang->ip_addresses); 1863 1864 $sub_tabs['ipaddresses'] = array( 1865 'title' => $lang->show_ip_addresses, 1866 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1867 'description' => $lang->show_ip_addresses_desc 1868 ); 1869 1870 $plugins->run_hooks("admin_user_users_ipaddresses"); 1871 1872 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1873 1874 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1875 $user = $db->fetch_array($query); 1876 1877 // Log admin action 1878 log_admin_action($user['uid'], $user['username']); 1879 1880 $table = new Table; 1881 1882 $table->construct_header($lang->ip_address); 1883 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1884 1885 if(empty($user['lastip'])) 1886 { 1887 $user['lastip'] = $lang->unknown; 1888 $controls = ''; 1889 } 1890 else 1891 { 1892 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 1893 $popup = new PopupMenu("user_last", $lang->options); 1894 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&action=search&results=1&conditions[regip]=".$user['lastip']); 1895 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['lastip']); 1896 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['lastip']}', null, true); return false;"); 1897 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1898 $controls = $popup->fetch(); 1899 } 1900 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']); 1901 $table->construct_cell($controls, array('class' => "align_center")); 1902 $table->construct_row(); 1903 1904 if(empty($user['regip'])) 1905 { 1906 $user['regip'] = $lang->unknown; 1907 $controls = ''; 1908 } 1909 else 1910 { 1911 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 1912 $popup = new PopupMenu("user_reg", $lang->options); 1913 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$user['regip']); 1914 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$user['regip']); 1915 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$user['regip']}', null, true); return false;"); 1916 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1917 $controls = $popup->fetch(); 1918 } 1919 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']); 1920 $table->construct_cell($controls, array('class' => "align_center")); 1921 $table->construct_row(); 1922 1923 $counter = 0; 1924 1925 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1926 while($ip = $db->fetch_array($query)) 1927 { 1928 ++$counter; 1929 $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress'])); 1930 $popup = new PopupMenu("id_{$counter}", $lang->options); 1931 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions[regip]=".$ip['ipaddress']); 1932 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions[postip]=".$ip['ipaddress']); 1933 $popup->add_item($lang->info_on_ip, "index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;"); 1934 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1935 $controls = $popup->fetch(); 1936 1937 $table->construct_cell($ip['ipaddress']); 1938 $table->construct_cell($controls, array('class' => "align_center")); 1939 $table->construct_row(); 1940 } 1941 1942 $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username'])); 1943 1944 $page->output_footer(); 1945 } 1946 1947 if($mybb->input['action'] == "merge") 1948 { 1949 $plugins->run_hooks("admin_user_users_merge"); 1950 1951 if($mybb->request_method == "post") 1952 { 1953 foreach(array('source', 'destination') as $target) 1954 { 1955 ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*')); 1956 if(empty(${$target.'_user'}['uid'])) 1957 { 1958 $errors[] = $lang->{'error_invalid_user_'.$target}; 1959 } 1960 } 1961 1962 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1963 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1964 { 1965 flash_message($lang->error_no_perms_super_admin, 'error'); 1966 admin_redirect("index.php?module=user-users"); 1967 } 1968 1969 if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid'])) 1970 { 1971 $errors[] = $lang->error_cannot_merge_same_account; 1972 } 1973 1974 if(empty($errors)) 1975 { 1976 // Begin to merge the accounts 1977 $uid_update = array( 1978 "uid" => $destination_user['uid'] 1979 ); 1980 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1981 $existing_admin_options = $db->fetch_field($query, "uid"); 1982 1983 // Only carry over admin options/permissions if we don't already have them 1984 if(!$existing_admin_options) 1985 { 1986 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1987 } 1988 1989 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1990 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1991 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1992 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1993 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1994 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 1995 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 1996 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 1997 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 1998 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 1999 $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'"); 2000 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 2001 $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'"); 2002 $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'"); 2003 $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'"); 2004 2005 // Thread ratings 2006 merge_thread_ratings($source_user['uid'], $destination_user['uid']); 2007 2008 // Banning 2009 switch($db->type) 2010 { 2011 case 'mysql': 2012 case 'mysqli': 2013 $where = "`admin` = '{$source_user['uid']}'"; 2014 break; 2015 default: 2016 $where = "admin = '{$source_user['uid']}'"; 2017 break; 2018 } 2019 $db->update_query("banned", array('admin' => $destination_user['uid']), $where); 2020 2021 // Carry over referrals 2022 $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'"); 2023 // If destination user has no referrer but source does and source user was not referred by destination user 2024 // or destination user was referred by the source user 2025 if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid']) 2026 { 2027 $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'"); 2028 } 2029 $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'"); 2030 $new_referrals = $db->fetch_field($query, "total_referrals"); 2031 $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'"); 2032 2033 // Merging Reputation 2034 // First, let's change all the details over to our new user... 2035 $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'"); 2036 $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'"); 2037 2038 // Now that all the repuation is merged, figure out what to do with this user's comments... 2039 $options = array( 2040 "order_by" => "uid", 2041 "order_dir" => "ASC" 2042 ); 2043 2044 $to_remove = array(); 2045 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options); 2046 while($rep = $db->fetch_array($query)) 2047 { 2048 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 2049 { 2050 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 2051 $to_remove[] = $rep['rid']; 2052 } 2053 2054 // Remove comments or posts liked by "me" 2055 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 2056 { 2057 if(!in_array($rep['rid'], $to_remove)) 2058 { 2059 $to_remove[] = $rep['rid']; 2060 continue; 2061 } 2062 } 2063 2064 $last_result = array( 2065 "rid" => $rep['rid'], 2066 "uid" => $rep['uid'] 2067 ); 2068 } 2069 2070 // Remove any reputations we've selected to remove... 2071 if(!empty($to_remove)) 2072 { 2073 $imp = implode(",", $to_remove); 2074 $db->delete_query("reputation", "rid IN (".$imp.")"); 2075 } 2076 2077 // Calculate the new reputation for this user... 2078 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 2079 $total_reputation = $db->fetch_field($query, "total_rep"); 2080 2081 $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'"); 2082 2083 // Calculate warning points 2084 $query = $db->query(" 2085 SELECT SUM(points) as warn_lev 2086 FROM ".TABLE_PREFIX."warnings 2087 WHERE uid='{$source_user['uid']}' AND expired='0' 2088 "); 2089 $original_warn_level = $db->fetch_field($query, "warn_lev"); 2090 2091 $query = $db->query(" 2092 SELECT SUM(points) as warn_lev 2093 FROM ".TABLE_PREFIX."warnings 2094 WHERE uid='{$destination_user['uid']}' AND expired='0' 2095 "); 2096 $new_warn_level = $db->fetch_field($query, "warn_lev"); 2097 $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'"); 2098 2099 // Additional updates for non-uid fields 2100 $last_poster = array( 2101 "lastposteruid" => $destination_user['uid'], 2102 "lastposter" => $db->escape_string($destination_user['username']) 2103 ); 2104 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2105 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2106 $edit_uid = array( 2107 "edituid" => $destination_user['uid'] 2108 ); 2109 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 2110 2111 $from_uid = array( 2112 "fromid" => $destination_user['uid'] 2113 ); 2114 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 2115 $to_uid = array( 2116 "toid" => $destination_user['uid'] 2117 ); 2118 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 2119 2120 // Buddy/ignore lists 2121 $destination_buddies = explode(',', $destination_user['buddylist']); 2122 $source_buddies = explode(',', $source_user['buddylist']); 2123 $buddies = array_unique(array_merge($source_buddies, $destination_buddies)); 2124 // Make sure the new buddy list doesn't contain either users 2125 $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid'])); 2126 2127 $destination_ignored = explode(',', $destination_user['ignorelist']); 2128 $source_ignored = explode(',', $destination_user['ignorelist']); 2129 $ignored = array_unique(array_merge($source_ignored, $destination_ignored)); 2130 // ... and the same for the new ignore list 2131 $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid'])); 2132 2133 // Remove any ignored users from the buddy list 2134 $buddies = array_diff($buddies_array, $ignored_array); 2135 // implode the arrays so we get a nice neat list for each 2136 $buddies = trim(implode(',', $buddies), ','); 2137 $ignored = trim(implode(',', $ignored_array), ','); 2138 2139 $lists = array( 2140 "buddylist" => $buddies, 2141 "ignorelist" => $ignored 2142 ); 2143 $db->update_query("users", $lists, "uid='{$destination_user['uid']}'"); 2144 2145 // Get a list of forums where post count doesn't apply 2146 $fids = array(); 2147 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 2148 while($fid = $db->fetch_field($query, "fid")) 2149 { 2150 $fids[] = $fid; 2151 } 2152 2153 $fids_not_in = ''; 2154 if(!empty($fids)) 2155 { 2156 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 2157 } 2158 2159 // Update user post count 2160 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2161 $num = $db->fetch_array($query); 2162 $updated_count = array( 2163 "postnum" => $num['postnum'] 2164 ); 2165 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2166 2167 // Update user thread count 2168 $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2169 $num = $db->fetch_array($query); 2170 $updated_count = array( 2171 "threadnum" => $num['threadnum'] 2172 ); 2173 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2174 2175 // Use the earliest registration date 2176 if($destination_user['regdate'] > $source_user['regdate']) 2177 { 2178 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 2179 } 2180 2181 $plugins->run_hooks("admin_user_users_merge_commit"); 2182 2183 // Set up user handler. 2184 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2185 $userhandler = new UserDataHandler('delete'); 2186 2187 // Delete the old user 2188 $userhandler->delete_user($source_user['uid']); 2189 2190 $cache->update_awaitingactivation(); 2191 2192 // Log admin action 2193 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 2194 2195 // Redirect! 2196 $username = htmlspecialchars_uni($source_user['username']); 2197 $destination_username = htmlspecialchars_uni($destination_user['username']); 2198 flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success"); 2199 admin_redirect("index.php?module=user-users"); 2200 exit; 2201 } 2202 } 2203 2204 $page->add_breadcrumb_item($lang->merge_users); 2205 $page->output_header($lang->merge_users); 2206 2207 $page->output_nav_tabs($sub_tabs, 'merge_users'); 2208 2209 // If we have any error messages, show them 2210 if($errors) 2211 { 2212 $page->output_inline_error($errors); 2213 } 2214 2215 $form = new Form("index.php?module=user-users&action=merge", "post"); 2216 2217 $form_container = new FormContainer($lang->merge_users); 2218 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username'); 2219 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username'); 2220 $form_container->end(); 2221 2222 // Autocompletion for usernames 2223 echo ' 2224 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 2225 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 2226 <script type="text/javascript"> 2227 <!-- 2228 $("#source_username").select2({ 2229 placeholder: "'.$lang->search_for_a_user.'", 2230 minimumInputLength: 2, 2231 multiple: false, 2232 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2233 url: "../xmlhttp.php?action=get_users", 2234 dataType: \'json\', 2235 data: function (term, page) { 2236 return { 2237 query: term // search term 2238 }; 2239 }, 2240 results: function (data, page) { // parse the results into the format expected by Select2. 2241 // since we are using custom formatting functions we do not need to alter remote JSON data 2242 return {results: data}; 2243 } 2244 }, 2245 initSelection: function(element, callback) { 2246 var query = $(element).val(); 2247 if (query !== "") { 2248 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2249 data: { 2250 query: query 2251 }, 2252 dataType: "json" 2253 }).done(function(data) { callback(data); }); 2254 } 2255 } 2256 }); 2257 $("#destination_username").select2({ 2258 placeholder: "'.$lang->search_for_a_user.'", 2259 minimumInputLength: 2, 2260 multiple: false, 2261 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 2262 url: "../xmlhttp.php?action=get_users", 2263 dataType: \'json\', 2264 data: function (term, page) { 2265 return { 2266 query: term // search term 2267 }; 2268 }, 2269 results: function (data, page) { // parse the results into the format expected by Select2. 2270 // since we are using custom formatting functions we do not need to alter remote JSON data 2271 return {results: data}; 2272 } 2273 }, 2274 initSelection: function(element, callback) { 2275 var query = $(element).val(); 2276 if (query !== "") { 2277 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 2278 data: { 2279 query: query 2280 }, 2281 dataType: "json" 2282 }).done(function(data) { callback(data); }); 2283 } 2284 } 2285 }); 2286 // --> 2287 </script>'; 2288 2289 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 2290 $form->output_submit_wrapper($buttons); 2291 $form->end(); 2292 2293 $page->output_footer(); 2294 } 2295 2296 if($mybb->input['action'] == "search") 2297 { 2298 $plugins->run_hooks("admin_user_users_search"); 2299 2300 if($mybb->request_method == "post" || $mybb->get_input('results') == 1) 2301 { 2302 // Build view options from incoming search options 2303 if($mybb->get_input('vid')) 2304 { 2305 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 2306 $admin_view = $db->fetch_array($query); 2307 // View does not exist or this view is private and does not belong to the current user 2308 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2309 { 2310 unset($admin_view); 2311 } 2312 } 2313 2314 if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')]) 2315 { 2316 $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')]; 2317 unset($admin_view['extra_sql']); 2318 } 2319 2320 // Don't have a view? Fetch the default 2321 if(!isset($admin_view) || !$admin_view['vid']) 2322 { 2323 $default_view = fetch_default_view("user"); 2324 if(!$default_view) 2325 { 2326 $default_view = "0"; 2327 } 2328 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2329 $admin_view = $db->fetch_array($query); 2330 } 2331 2332 // Override specific parts of the view 2333 unset($admin_view['vid']); 2334 2335 if($mybb->get_input('type')) 2336 { 2337 $admin_view['view_type'] = $mybb->get_input('type'); 2338 } 2339 2340 if(!empty($mybb->input['conditions'])) 2341 { 2342 $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY); 2343 } 2344 2345 if($mybb->get_input('sortby')) 2346 { 2347 $admin_view['sortby'] = $mybb->get_input('sortby'); 2348 } 2349 2350 if($mybb->get_input('perpage', MyBB::INPUT_INT)) 2351 { 2352 $admin_view['perpage'] = $mybb->get_input('perpage'); 2353 } 2354 2355 if($mybb->get_input('order')) 2356 { 2357 $admin_view['sortorder'] = $mybb->get_input('order'); 2358 } 2359 2360 if($mybb->get_input('displayas')) 2361 { 2362 $admin_view['view_type'] = $mybb->get_input('displayas'); 2363 } 2364 2365 if(!empty($mybb->input['profile_fields'])) 2366 { 2367 $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 2368 } 2369 2370 $plugins->run_hooks("admin_user_users_search_commit"); 2371 2372 $results = build_users_view($admin_view); 2373 2374 if($results) 2375 { 2376 $page->output_header($lang->find_users); 2377 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2378 $page->output_nav_tabs($sub_tabs, 'find_users'); 2379 echo $results; 2380 $page->output_footer(); 2381 } 2382 else 2383 { 2384 if($mybb->get_input('from') == "home") 2385 { 2386 flash_message($lang->error_no_users_found, 'error'); 2387 admin_redirect("index.php"); 2388 exit; 2389 } 2390 else 2391 { 2392 $errors[] = $lang->error_no_users_found; 2393 } 2394 } 2395 } 2396 2397 $page->add_breadcrumb_item($lang->find_users); 2398 $page->output_header($lang->find_users); 2399 2400 $page->output_nav_tabs($sub_tabs, 'find_users'); 2401 2402 // If we have any error messages, show them 2403 if($errors) 2404 { 2405 $page->output_inline_error($errors); 2406 } 2407 2408 if(!$mybb->get_input('displayas')) 2409 { 2410 $mybb->input['displayas'] = "card"; 2411 } 2412 2413 $form = new Form("index.php?module=user-users&action=search", "post"); 2414 2415 user_search_conditions($mybb->input, $form); 2416 2417 $form_container = new FormContainer($lang->display_options); 2418 $sort_directions = array( 2419 "asc" => $lang->ascending, 2420 "desc" => $lang->descending 2421 ); 2422 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby'); 2423 $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage'); 2424 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false)))); 2425 $form_container->end(); 2426 2427 $buttons[] = $form->generate_submit_button($lang->find_users); 2428 $form->output_submit_wrapper($buttons); 2429 $form->end(); 2430 2431 $page->output_footer(); 2432 } 2433 2434 if($mybb->input['action'] == "inline_edit") 2435 { 2436 $plugins->run_hooks("admin_user_users_inline"); 2437 2438 if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view'])) 2439 { 2440 // We have a custom view 2441 if(empty($mybb->cookies['acp_view'])) 2442 { 2443 // Set a cookie 2444 my_setcookie("acp_view", $mybb->input['vid'], 60); 2445 } 2446 else 2447 { 2448 // We already have a cookie, so let's use it... 2449 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2450 } 2451 2452 $vid_url = "&vid=".$mybb->get_input('vid'); 2453 } 2454 else 2455 { 2456 $vid_url = null; 2457 } 2458 2459 // First, collect the user IDs that we're performing the moderation on 2460 $selected = array(); 2461 if(isset($mybb->cookies['inlinemod_useracp'])) 2462 { 2463 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2464 foreach($ids as $id) 2465 { 2466 if($id != '') 2467 { 2468 $selected[] = (int)$id; 2469 } 2470 } 2471 } 2472 2473 // Verify incoming POST request 2474 if(!verify_post_check($mybb->get_input('my_post_key'))) 2475 { 2476 flash_message($lang->invalid_post_verify_key2, 'error'); 2477 admin_redirect("index.php?module=user-user"); 2478 } 2479 $sub_tabs['manage_users'] = array( 2480 "title" => $lang->manage_users, 2481 "link" => "./", 2482 "description" => $lang->manage_users_desc 2483 ); 2484 $page->add_breadcrumb_item($lang->manage_users); 2485 2486 if(empty($selected)) 2487 { 2488 // Not selected any users, show error 2489 flash_message($lang->error_inline_no_users_selected, 'error'); 2490 admin_redirect("index.php?module=user-users".$vid_url); 2491 } 2492 2493 switch($mybb->input['inline_action']) 2494 { 2495 case 'multiactivate': 2496 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2497 if(is_array($selected)) 2498 { 2499 $sql_array = implode(",", $selected); 2500 $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")"); 2501 $user_mail_data = array(); 2502 while($user = $db->fetch_array($query)) 2503 { 2504 $to_update[] = $user['uid']; 2505 $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']); 2506 } 2507 } 2508 2509 $plugins->run_hooks("admin_user_multiactivate", $to_update); 2510 2511 if(isset($to_update) && is_array($to_update)) 2512 { 2513 $sql_array = implode(",", $to_update); 2514 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2515 2516 $cache->update_awaitingactivation(); 2517 2518 // send activation mail 2519 foreach($user_mail_data as $mail_data) 2520 { 2521 $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); 2522 my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message); 2523 } 2524 2525 // Action complete, grab stats and show success message - redirect user 2526 $to_update_count = count($to_update); 2527 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2528 2529 if(is_array($selected) && $to_update_count != count($selected)) 2530 { 2531 // The update count is different to how many we selected! 2532 $not_updated_count = count($selected) - $to_update_count; 2533 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2534 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2535 } 2536 2537 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2538 log_admin_action($to_update_count); // Add to adminlog 2539 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2540 2541 flash_message($lang->inline_activated, 'success'); 2542 admin_redirect("index.php?module=user-users".$vid_url); 2543 } 2544 else 2545 { 2546 // Nothing was updated, show an error 2547 flash_message($lang->inline_activated_failed, 'error'); 2548 admin_redirect("index.php?module=user-users".$vid_url); 2549 } 2550 break; 2551 case 'multilift': 2552 // Get the users that are banned, and check that they have been selected 2553 if($mybb->get_input('no')) 2554 { 2555 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2556 } 2557 2558 if($mybb->request_method == "post") 2559 { 2560 $sql_array = implode(",", $selected); 2561 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2562 $to_be_unbanned = $db->num_rows($query); 2563 while($ban = $db->fetch_array($query)) 2564 { 2565 $updated_group = array( 2566 "usergroup" => $ban['oldgroup'], 2567 "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']), 2568 "displaygroup" => $ban['olddisplaygroup'] 2569 ); 2570 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2571 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2572 } 2573 2574 $cache->update_moderators(); 2575 2576 $mybb->input['action'] = "inline_lift"; 2577 log_admin_action($to_be_unbanned); 2578 my_unsetcookie("inlinemod_useracp"); 2579 2580 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2581 flash_message($lang->success_ban_lifted, 'success'); 2582 admin_redirect("index.php?module=user-users".$vid_url); 2583 } 2584 else 2585 { 2586 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2587 } 2588 2589 break; 2590 case 'multiban': 2591 if($mybb->get_input('processed', MyBB::INPUT_INT) == 1) 2592 { 2593 // We've posted ban information! 2594 // Build an array of users to ban, =D 2595 $sql_array = implode(",", $selected); 2596 // Build a cache array for this users that have been banned already 2597 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2598 while($user = $db->fetch_array($query)) 2599 { 2600 $bannedcache[] = "u_".$user['uid']; 2601 } 2602 2603 // Collect the users 2604 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2605 2606 if($mybb->get_input('bantime') == '---') 2607 { 2608 $lifted = 0; 2609 } 2610 else 2611 { 2612 $lifted = ban_date2timestamp($mybb->get_input('bantime')); 2613 } 2614 2615 $reason = my_substr($mybb->get_input('reason'), 0, 255); 2616 2617 $banned_count = 0; 2618 while($user = $db->fetch_array($query)) 2619 { 2620 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2621 { 2622 // We remove ourselves and Super Admins from the mix 2623 continue; 2624 } 2625 2626 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2627 { 2628 // User already has a ban, update it! 2629 $update_array = array( 2630 "admin" => (int)$mybb->user['uid'], 2631 "dateline" => TIME_NOW, 2632 "bantime" => $db->escape_string($mybb->get_input('bantime')), 2633 "lifted" => $db->escape_string($lifted), 2634 "reason" => $db->escape_string($reason) 2635 ); 2636 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2637 } 2638 else 2639 { 2640 // Not currently banned - insert the ban 2641 $insert_array = array( 2642 'uid' => $user['uid'], 2643 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 2644 'oldgroup' => $user['usergroup'], 2645 'oldadditionalgroups' => $db->escape_string($user['additionalgroups']), 2646 'olddisplaygroup' => $user['displaygroup'], 2647 'admin' => (int)$mybb->user['uid'], 2648 'dateline' => TIME_NOW, 2649 'bantime' => $db->escape_string($mybb->get_input('bantime')), 2650 'lifted' => $db->escape_string($lifted), 2651 'reason' => $db->escape_string($reason) 2652 ); 2653 $db->insert_query('banned', $insert_array); 2654 } 2655 2656 // Moved the user to the 'Banned' Group 2657 $update_array = array( 2658 'usergroup' => 7, 2659 'displaygroup' => 0, 2660 'additionalgroups' => '', 2661 ); 2662 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2663 2664 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2665 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2666 2667 ++$banned_count; 2668 } 2669 $mybb->input['action'] = "inline_banned"; 2670 log_admin_action($banned_count, $lifted); 2671 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2672 2673 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2674 flash_message($lang->users_banned, 'success'); 2675 admin_redirect("index.php?module=user-users".$vid_url); 2676 } 2677 2678 $page->output_header($lang->manage_users); 2679 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2680 2681 // Provide the user with a warning of what they're about to do 2682 $table = new Table; 2683 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2684 $table->construct_cell($lang->mass_ban_info); 2685 $table->construct_row(); 2686 $table->output($lang->important); 2687 2688 // If there's any errors, display inline 2689 if($errors) 2690 { 2691 $page->output_inline_error($errors); 2692 } 2693 2694 $form = new Form("index.php?module=user-users", "post"); 2695 echo $form->generate_hidden_field('action', 'inline_edit'); 2696 echo $form->generate_hidden_field('inline_action', 'multiban'); 2697 echo $form->generate_hidden_field('processed', '1'); 2698 2699 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2700 $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->get_input('reason'), array('id' => 'reason', 'maxlength' => '255')), 'reason'); 2701 $ban_times = fetch_ban_times(); 2702 foreach($ban_times as $time => $period) 2703 { 2704 if($time != '---') 2705 { 2706 $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time)); 2707 $period = "{$period} ({$friendly_time})"; 2708 } 2709 $length_list[$time] = $period; 2710 } 2711 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->get_input('bantime'), array('id' => 'bantime')), 'bantime'); 2712 $form_container->end(); 2713 2714 $buttons[] = $form->generate_submit_button($lang->ban_users); 2715 $form->output_submit_wrapper($buttons); 2716 $form->end(); 2717 $page->output_footer(); 2718 break; 2719 case 'multidelete': 2720 if($mybb->get_input('no')) 2721 { 2722 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2723 } 2724 else 2725 { 2726 if(isset($mybb->input['processed'])) 2727 { 2728 // Set up user handler. 2729 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 2730 $userhandler = new UserDataHandler('delete'); 2731 2732 // Delete users 2733 $deleted = $userhandler->delete_user($selected); 2734 $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users 2735 2736 // Update forum stats, remove the cookie and redirect the user 2737 my_unsetcookie("inlinemod_useracp"); 2738 $mybb->input['action'] = "inline_delete"; 2739 log_admin_action($to_be_deleted); 2740 2741 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2742 2743 $cache->update_awaitingactivation(); 2744 2745 flash_message($lang->users_deleted, 'success'); 2746 admin_redirect("index.php?module=user-users".$vid_url); 2747 } 2748 2749 $to_be_deleted = count($selected); 2750 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2751 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2752 } 2753 break; 2754 case 'multiprune': 2755 $day = $mybb->get_input('day', MyBB::INPUT_INT); 2756 $month = $mybb->get_input('month', MyBB::INPUT_INT); 2757 $year = $mybb->get_input('year', MyBB::INPUT_INT); 2758 2759 if($mybb->get_input('processed', MyBB::INPUT_INT) == 1) 2760 { 2761 if(($day || $month || $year) && $mybb->get_input('set', MyBB::INPUT_INT)) 2762 { 2763 $errors[] = $lang->multi_selected_dates; 2764 } 2765 2766 // Selected a date - check if the date the user entered is valid 2767 if($day || $month || $year) 2768 { 2769 // Is the date sort of valid? 2770 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2771 { 2772 $errors[] = $lang->incorrect_date; 2773 } 2774 2775 // Check the month 2776 $months = get_bdays($year); 2777 if($day > $months[$month-1]) 2778 { 2779 $errors[] = $lang->incorrect_date; 2780 } 2781 2782 // Check the year 2783 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2784 { 2785 $errors[] = $lang->incorrect_date; 2786 } 2787 2788 if(!$errors) 2789 { 2790 // No errors, so let's continue and set the date to delete from 2791 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2792 } 2793 } 2794 elseif($mybb->get_input('set', MyBB::INPUT_INT) > 0) 2795 { 2796 // Set options 2797 // For this purpose, 1 month = 31 days 2798 $base_time = 24 * 60 * 60; 2799 2800 switch($mybb->get_input('set', MyBB::INPUT_INT)) 2801 { 2802 case '1': 2803 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2804 break; 2805 case '2': 2806 $threshold = $base_time * 93; // 3 months = 31 days * 3 2807 break; 2808 case '3': 2809 $threshold = $base_time * 183; // 6 months = 365 days / 2 2810 break; 2811 case '4': 2812 $threshold = $base_time * 365; // 1 year = 365 days 2813 break; 2814 case '5': 2815 $threshold = $base_time * 548; // 18 months = 365 + 183 2816 break; 2817 case '6': 2818 $threshold = $base_time * 730; // 2 years = 365 * 2 2819 break; 2820 } 2821 2822 if(!$threshold) 2823 { 2824 // An option was entered that isn't in the dropdown box 2825 $errors[] = $lang->no_set_option; 2826 } 2827 else 2828 { 2829 $date = TIME_NOW - $threshold; 2830 } 2831 } 2832 else 2833 { 2834 $errors[] = $lang->no_prune_option; 2835 } 2836 2837 if(!$errors) 2838 { 2839 $sql_array = implode(",", $selected); 2840 $prune_array = array(); 2841 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2842 while($user = $db->fetch_array($query)) 2843 { 2844 // Protect Super Admins 2845 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2846 { 2847 continue; 2848 } 2849 2850 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2851 if($return_array && is_array($return_array)) 2852 { 2853 $prune_array = array_merge_recursive($prune_array, $return_array); 2854 } 2855 } 2856 2857 $plugins->run_hooks("admin_user_multiprune_threads", $prune_array); 2858 2859 // No posts were found for the user, return error 2860 if(!is_array($prune_array) || count($prune_array) == 0) 2861 { 2862 flash_message($lang->prune_fail, 'error'); 2863 admin_redirect("index.php?module=user-users".$vid_url); 2864 } 2865 2866 // Require the rebuild functions 2867 require_once MYBB_ROOT.'/inc/functions.php'; 2868 require_once MYBB_ROOT.'/inc/functions_rebuild.php'; 2869 2870 // We've finished deleting user's posts, so let's delete the threads 2871 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2872 { 2873 foreach($prune_array['to_delete'] as $tid) 2874 { 2875 $db->delete_query("threads", "tid='$tid'"); 2876 $db->delete_query("threads", "closed='moved|$tid'"); 2877 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2878 $db->delete_query("polls", "tid='$tid'"); 2879 $db->delete_query("threadsread", "tid='$tid'"); 2880 $db->delete_query("threadratings", "tid='$tid'"); 2881 } 2882 } 2883 2884 // After deleting threads, rebuild the thread counters for the affected threads 2885 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2886 { 2887 $sql_array = implode(",", $prune_array['thread_update']); 2888 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2889 while($thread = $db->fetch_array($query)) 2890 { 2891 rebuild_thread_counters($thread['tid']); 2892 } 2893 } 2894 2895 // After updating thread counters, update the affected forum counters 2896 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2897 { 2898 $sql_array = implode(",", $prune_array['forum_update']); 2899 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2900 while($forum = $db->fetch_array($query)) 2901 { 2902 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2903 if($looped_forum == $forum['fid']) 2904 { 2905 continue; 2906 } 2907 $looped_forum = $forum['fid']; 2908 rebuild_forum_counters($forum['fid']); 2909 } 2910 } 2911 2912 //log_admin_action(); 2913 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2914 flash_message($lang->prune_complete, 'success'); 2915 admin_redirect("index.php?module=user-users".$vid_url); 2916 } 2917 } 2918 2919 $page->output_header($lang->manage_users); 2920 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2921 2922 // Display a table warning 2923 $table = new Table; 2924 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2925 $table->construct_cell($lang->mass_prune_info); 2926 $table->construct_row(); 2927 $table->output($lang->important); 2928 2929 if($errors) 2930 { 2931 $page->output_inline_error($errors); 2932 } 2933 2934 // Display the prune options 2935 $form = new Form("index.php?module=user-users", "post"); 2936 echo $form->generate_hidden_field('action', 'inline_edit'); 2937 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2938 echo $form->generate_hidden_field('processed', '1'); 2939 2940 $form_container = new FormContainer($lang->mass_prune_posts); 2941 2942 // Generate a list of days (1 - 31) 2943 $day_options = array(); 2944 $day_options[] = " "; 2945 for($i = 1; $i <= 31; ++$i) 2946 { 2947 $day_options[] = $i; 2948 } 2949 2950 // Generate a list of months (1 - 12) 2951 $month_options = array(); 2952 $month_options[] = " "; 2953 for($i = 1; $i <= 12; ++$i) 2954 { 2955 $string = "month_{$i}"; 2956 $month_options[] = $lang->$string; 2957 } 2958 $date_box = $form->generate_select_box('day', $day_options, $mybb->get_input('day', MyBB::INPUT_INT)); 2959 $month_box = $form->generate_select_box('month', $month_options, $mybb->get_input('month', MyBB::INPUT_INT)); 2960 $year_box = $form->generate_numeric_field('year', $mybb->get_input('year', MyBB::INPUT_INT), array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0)); 2961 2962 $prune_select = $date_box.$month_box.$year_box; 2963 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2964 2965 // Generate the set date box 2966 $set_options = array(); 2967 $set_options[] = $lang->select_an_option; 2968 for($i = 1; $i <= 6; ++$i) 2969 { 2970 $string = "option_{$i}"; 2971 $set_options[] = $lang->$string; 2972 } 2973 2974 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->get_input('set', MyBB::INPUT_INT)), 'set'); 2975 $form_container->end(); 2976 2977 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2978 $form->output_submit_wrapper($buttons); 2979 $form->end(); 2980 $page->output_footer(); 2981 break; 2982 case 'multiusergroup': 2983 if($mybb->get_input('processed', \MyBB::INPUT_INT) === 1) 2984 { 2985 // Determine additional usergroups 2986 if(is_array($mybb->input['additionalgroups'])) 2987 { 2988 foreach($mybb->input['additionalgroups'] as $key => $gid) 2989 { 2990 if($gid == $mybb->input['usergroup']) 2991 { 2992 unset($mybb->input['additionalgroups'][$key]); 2993 } 2994 } 2995 2996 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 2997 } 2998 else 2999 { 3000 $additionalgroups = ''; 3001 } 3002 3003 // Create an update array 3004 $update_array = array( 3005 "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT), 3006 "additionalgroups" => $additionalgroups, 3007 "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT) 3008 ); 3009 3010 // Create an admin_user_multiusergroup hook array 3011 $hook_params = array( 3012 "selected" => &$selected, 3013 "update_array" => &$update_array 3014 ); 3015 3016 $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params); 3017 3018 // Do the usergroup update for all those selected 3019 // If the a selected user is a super admin, don't update that user 3020 $users_to_update = array(); 3021 foreach($selected as $user) 3022 { 3023 if(!is_super_admin($user)) 3024 { 3025 $users_to_update[] = $user; 3026 } 3027 } 3028 3029 $to_update_count = count($users_to_update); 3030 if($to_update_count > 0) 3031 { 3032 // Update the users in the database 3033 $sql = implode(",", $users_to_update); 3034 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 3035 3036 // Redirect the admin... 3037 $mybb->input['action'] = "inline_usergroup"; 3038 log_admin_action($to_update_count); 3039 my_unsetcookie("inlinemod_useracp"); 3040 flash_message($lang->success_mass_usergroups, 'success'); 3041 admin_redirect("index.php?module=user-users".$vid_url); 3042 } 3043 else 3044 { 3045 // They tried to edit super admins! Uh-oh! 3046 $errors[] = $lang->no_usergroup_changed; 3047 } 3048 } 3049 3050 $page->output_header($lang->manage_users); 3051 $page->output_nav_tabs($sub_tabs, 'manage_users'); 3052 3053 // Display a table warning 3054 $table = new Table; 3055 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 3056 $table->construct_cell($lang->usergroup_info); 3057 $table->construct_row(); 3058 $table->output($lang->important); 3059 3060 if($errors) 3061 { 3062 $page->output_inline_error($errors); 3063 } 3064 3065 // Display the usergroup options 3066 $form = new Form("index.php?module=user-users", "post"); 3067 echo $form->generate_hidden_field('action', 'inline_edit'); 3068 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 3069 echo $form->generate_hidden_field('processed', '1'); 3070 3071 $form_container = new FormContainer($lang->mass_usergroups); 3072 3073 // Usergroups 3074 $display_group_options[0] = $lang->use_primary_user_group; 3075 $options = array(); 3076 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3077 while($usergroup = $db->fetch_array($query)) 3078 { 3079 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3080 $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 3081 } 3082 3083 if(!$mybb->get_input('additionalgroups', \MyBB::INPUT_ARRAY)) 3084 { 3085 $mybb->input['additionalgroups'] = explode(',', $mybb->get_input('additionalgroups')); 3086 } 3087 3088 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup'); 3089 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 3090 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup', MyBB::INPUT_INT), array('id' => 'displaygroup')), 'displaygroup'); 3091 3092 $form_container->end(); 3093 3094 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 3095 $form->output_submit_wrapper($buttons); 3096 $form->end(); 3097 $page->output_footer(); 3098 break; 3099 } 3100 } 3101 3102 if(!$mybb->input['action']) 3103 { 3104 $plugins->run_hooks("admin_user_users_start"); 3105 3106 $page->output_header($lang->browse_users); 3107 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 3108 3109 $page->output_nav_tabs($sub_tabs, 'browse_users'); 3110 3111 if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) 3112 { 3113 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 3114 unset($admin_view['extra_sql']); 3115 } 3116 else 3117 { 3118 // Showing a specific view 3119 if(isset($mybb->input['vid'])) 3120 { 3121 $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'"); 3122 $admin_view = $db->fetch_array($query); 3123 // View does not exist or this view is private and does not belong to the current user 3124 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 3125 { 3126 unset($admin_view); 3127 } 3128 } 3129 3130 // Don't have a view? Fetch the default 3131 if(!isset($admin_view)) 3132 { 3133 $default_view = fetch_default_view("user"); 3134 if(!$default_view) 3135 { 3136 $default_view = "0"; 3137 } 3138 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 3139 $admin_view = $db->fetch_array($query); 3140 } 3141 } 3142 3143 // Fetch a list of all of the views for this user 3144 $popup = new PopupMenu("views", $lang->views); 3145 3146 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 3147 while($view = $db->fetch_array($query)) 3148 { 3149 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 3150 } 3151 $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views"); 3152 $admin_view['popup'] = $popup->fetch(); 3153 3154 if(isset($mybb->input['type'])) 3155 { 3156 $admin_view['view_type'] = $mybb->input['type']; 3157 } 3158 3159 $results = build_users_view($admin_view); 3160 3161 if(!$results) 3162 { 3163 // If we came from the home page and clicked on the "Activate Users" link, send them back to here 3164 if($admin_session['data']['from'] == "home") 3165 { 3166 flash_message($admin_session['data']['flash_message2']['message'], $admin_session['data']['flash_message2']['type']); 3167 update_admin_session('flash_message2', ''); 3168 update_admin_session('from', ''); 3169 admin_redirect("index.php"); 3170 exit; 3171 } 3172 else 3173 { 3174 $errors[] = $lang->error_no_users_found; 3175 } 3176 } 3177 3178 // If we have any error messages, show them 3179 if($errors) 3180 { 3181 if($inline != true) 3182 { 3183 echo "<div style=\"display: inline; float: right;\">{$admin_view['popup']}</div><br />\n"; 3184 } 3185 $page->output_inline_error($errors); 3186 } 3187 3188 echo $results; 3189 3190 $page->output_footer(); 3191 } 3192 3193 /** 3194 * @param array $view 3195 * 3196 * @return string 3197 */ 3198 function build_users_view($view) 3199 { 3200 global $mybb, $db, $cache, $lang, $user_view_fields, $page; 3201 3202 if($view['view_type'] != 'card') 3203 { 3204 $view['view_type'] = 'table'; 3205 } 3206 3207 $view_title = ''; 3208 if($view['title']) 3209 { 3210 if(isset($view['vid'])) 3211 { 3212 $title_string = "view_title_{$view['vid']}"; 3213 3214 if(isset($lang->$title_string)) 3215 { 3216 $view['title'] = $lang->$title_string; 3217 } 3218 } 3219 3220 $view_title .= " (".htmlspecialchars_uni($view['title']).")"; 3221 } 3222 3223 // Build the URL to this view 3224 if(!isset($view['url'])) 3225 { 3226 $view['url'] = "index.php?module=user-users"; 3227 } 3228 if(!is_array($view['conditions'])) 3229 { 3230 $view['conditions'] = my_unserialize($view['conditions']); 3231 } 3232 if(!is_array($view['fields'])) 3233 { 3234 $view['fields'] = my_unserialize($view['fields']); 3235 } 3236 if(!is_array($view['custom_profile_fields'])) 3237 { 3238 $view['custom_profile_fields'] = my_unserialize($view['custom_profile_fields']); 3239 } 3240 if(isset($mybb->input['username'])) 3241 { 3242 $view['conditions']['username'] = $mybb->input['username']; 3243 $view['url'] .= "&username=".urlencode(htmlspecialchars_uni($mybb->input['username'])); 3244 } 3245 if(!empty($view['vid'])) 3246 { 3247 $view['url'] .= "&vid={$view['vid']}"; 3248 } 3249 else 3250 { 3251 // If this is a custom view we need to save everything ready to pass it on from page to page 3252 global $admin_session; 3253 if(empty($mybb->input['search_id'])) 3254 { 3255 $search_id = md5(random_str()); 3256 $admin_session['data']['user_views'][$search_id] = $view; 3257 update_admin_session('user_views', $admin_session['data']['user_views']); 3258 $mybb->input['search_id'] = $search_id; 3259 } 3260 $view['url'] .= "&search_id=".htmlspecialchars_uni($mybb->input['search_id']); 3261 } 3262 3263 if(!isset($admin_session['data']['last_users_view']) || $admin_session['data']['last_users_view'] != str_replace("&", "&", $view['url'])) 3264 { 3265 update_admin_session('last_users_url', str_replace("&", "&", $view['url'])); 3266 } 3267 3268 if(isset($view['conditions']['referrer'])){ 3269 $view['url'] .= "&action=referrers&uid=".htmlspecialchars_uni($view['conditions']['referrer']); 3270 } 3271 3272 // Do we not have any views? 3273 if(empty($view)) 3274 { 3275 return false; 3276 } 3277 3278 $table = new Table; 3279 3280 // Build header for table based view 3281 if($view['view_type'] != "card") 3282 { 3283 foreach($view['fields'] as $field) 3284 { 3285 if(!$user_view_fields[$field]) 3286 { 3287 continue; 3288 } 3289 $view_field = $user_view_fields[$field]; 3290 $field_options = array(); 3291 if($view_field['width']) 3292 { 3293 $field_options['width'] = $view_field['width']; 3294 } 3295 if($view_field['align']) 3296 { 3297 $field_options['class'] = "align_".$view_field['align']; 3298 } 3299 $table->construct_header($view_field['title'], $field_options); 3300 } 3301 $table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />"); // Create a header for the "select" boxes 3302 } 3303 3304 $search_sql = '1=1'; 3305 3306 // Build the search SQL for users 3307 3308 // List of valid LIKE search fields 3309 $user_like_fields = array("username", "email", "website", "signature", "usertitle"); 3310 foreach($user_like_fields as $search_field) 3311 { 3312 if(!empty($view['conditions'][$search_field]) && empty($view['conditions'][$search_field.'_blank'])) 3313 { 3314 $search_sql .= " AND u.{$search_field} LIKE '%".$db->escape_string_like($view['conditions'][$search_field])."%'"; 3315 } 3316 else if(!empty($view['conditions'][$search_field.'_blank'])) 3317 { 3318 $search_sql .= " AND u.{$search_field} != ''"; 3319 } 3320 } 3321 3322 // EXACT matching fields 3323 $user_exact_fields = array("referrer"); 3324 foreach($user_exact_fields as $search_field) 3325 { 3326 if(!empty($view['conditions'][$search_field])) 3327 { 3328 $search_sql .= " AND u.{$search_field}='".$db->escape_string($view['conditions'][$search_field])."'"; 3329 } 3330 } 3331 3332 // LESS THAN or GREATER THAN 3333 $direction_fields = array("postnum", "threadnum"); 3334 foreach($direction_fields as $search_field) 3335 { 3336 $direction_field = $search_field."_dir"; 3337 if(isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) 3338 { 3339 switch($view['conditions'][$direction_field]) 3340 { 3341 case "greater_than": 3342 $direction = ">"; 3343 break; 3344 case "less_than": 3345 $direction = "<"; 3346 break; 3347 default: 3348 $direction = "="; 3349 } 3350 $search_sql .= " AND u.{$search_field}{$direction}'".$db->escape_string($view['conditions'][$search_field])."'"; 3351 } 3352 } 3353 3354 // Registration searching 3355 $reg_fields = array("regdate"); 3356 foreach($reg_fields as $search_field) 3357 { 3358 if(!empty($view['conditions'][$search_field]) && (int)$view['conditions'][$search_field]) 3359 { 3360 $threshold = TIME_NOW - ((int)$view['conditions'][$search_field] * 24 * 60 * 60); 3361 3362 $search_sql .= " AND u.{$search_field} >= '{$threshold}'"; 3363 } 3364 } 3365 3366 // IP searching 3367 $ip_fields = array("regip", "lastip"); 3368 foreach($ip_fields as $search_field) 3369 { 3370 if(!empty($view['conditions'][$search_field])) 3371 { 3372 $ip_range = fetch_ip_range($view['conditions'][$search_field]); 3373 if(!is_array($ip_range)) 3374 { 3375 $ip_sql = "{$search_field}=".$db->escape_binary($ip_range); 3376 } 3377 else 3378 { 3379 $ip_sql = "{$search_field} BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); 3380 } 3381 $search_sql .= " AND {$ip_sql}"; 3382 } 3383 } 3384 3385 // Post IP searching 3386 if(!empty($view['conditions']['postip'])) 3387 { 3388 $ip_range = fetch_ip_range($view['conditions']['postip']); 3389 if(!is_array($ip_range)) 3390 { 3391 $ip_sql = "ipaddress=".$db->escape_binary($ip_range); 3392 } 3393 else 3394 { 3395 $ip_sql = "ipaddress BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]); 3396 } 3397 $ip_uids = array(0); 3398 $query = $db->simple_select("posts", "uid", $ip_sql); 3399 while($uid = $db->fetch_field($query, "uid")) 3400 { 3401 $ip_uids[] = $uid; 3402 } 3403 $search_sql .= " AND u.uid IN(".implode(',', $ip_uids).")"; 3404 unset($ip_uids); 3405 } 3406 3407 // Custom Profile Field searching 3408 if($view['custom_profile_fields']) 3409 { 3410 $userfield_sql = '1=1'; 3411 foreach($view['custom_profile_fields'] as $column => $input) 3412 { 3413 if(!preg_match('/^fid[0-9]+(_blank)?$/', $column)) 3414 { 3415 continue; 3416 } 3417 3418 if(is_array($input)) 3419 { 3420 foreach($input as $value => $text) 3421 { 3422 if($value == $column) 3423 { 3424 $value = $text; 3425 } 3426 3427 if($value == $lang->na) 3428 { 3429 continue; 3430 } 3431 3432 if(strpos($column, '_blank') !== false) 3433 { 3434 $column = str_replace('_blank', '', $column); 3435 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3436 } 3437 else 3438 { 3439 $userfield_sql .= ' AND '.$db->escape_string($column)."='".$db->escape_string($value)."'"; 3440 } 3441 } 3442 } 3443 else if(!empty($input)) 3444 { 3445 if($input == $lang->na) 3446 { 3447 continue; 3448 } 3449 3450 if(strpos($column, '_blank') !== false) 3451 { 3452 $column = str_replace('_blank', '', $column); 3453 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3454 } 3455 else 3456 { 3457 $userfield_sql .= ' AND '.$db->escape_string($column)." LIKE '%".$db->escape_string_like($input)."%'"; 3458 } 3459 } 3460 } 3461 3462 if($userfield_sql != '1=1') 3463 { 3464 $userfield_uids = array(0); 3465 $query = $db->simple_select("userfields", "ufid", $userfield_sql); 3466 while($userfield = $db->fetch_array($query)) 3467 { 3468 $userfield_uids[] = $userfield['ufid']; 3469 } 3470 $search_sql .= " AND u.uid IN(".implode(',', $userfield_uids).")"; 3471 unset($userfield_uids); 3472 } 3473 } 3474 3475 // Usergroup based searching 3476 if(isset($view['conditions']['usergroup'])) 3477 { 3478 if(!is_array($view['conditions']['usergroup'])) 3479 { 3480 $view['conditions']['usergroup'] = array($view['conditions']['usergroup']); 3481 } 3482 3483 foreach($view['conditions']['usergroup'] as $usergroup) 3484 { 3485 $usergroup = (int)$usergroup; 3486 3487 if(!$usergroup) 3488 { 3489 continue; 3490 } 3491 3492 $additional_sql = ''; 3493 3494 switch($db->type) 3495 { 3496 case "pgsql": 3497 case "sqlite": 3498 $additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'"; 3499 break; 3500 default: 3501 $additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'"; 3502 } 3503 } 3504 3505 $search_sql .= " AND (u.usergroup IN (".implode(",", array_map('intval', $view['conditions']['usergroup'])).") {$additional_sql})"; 3506 } 3507 3508 // COPPA users only? 3509 if(isset($view['conditions']['coppa'])) 3510 { 3511 $search_sql .= " AND u.coppauser=1 AND u.usergroup=5"; 3512 } 3513 3514 // Extra SQL? 3515 if(isset($view['extra_sql'])) 3516 { 3517 $search_sql .= $view['extra_sql']; 3518 } 3519 3520 // Lets fetch out how many results we have 3521 $query = $db->query(" 3522 SELECT COUNT(u.uid) AS num_results 3523 FROM ".TABLE_PREFIX."users u 3524 WHERE {$search_sql} 3525 "); 3526 $num_results = $db->fetch_field($query, "num_results"); 3527 3528 // No matching results then return false 3529 if(!$num_results) 3530 { 3531 return false; 3532 } 3533 // Generate the list of results 3534 else 3535 { 3536 if(!$view['perpage']) 3537 { 3538 $view['perpage'] = 20; 3539 } 3540 $view['perpage'] = (int)$view['perpage']; 3541 3542 // Establish which page we're viewing and the starting index for querying 3543 if(!isset($mybb->input['page'])) 3544 { 3545 $mybb->input['page'] = 1; 3546 } 3547 else 3548 { 3549 $mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT); 3550 } 3551 3552 if($mybb->input['page']) 3553 { 3554 $start = ($mybb->input['page'] - 1) * $view['perpage']; 3555 $pages = ceil($num_results / $view['perpage']); 3556 if($mybb->input['page'] > $pages) 3557 { 3558 $start = 0; 3559 $mybb->input['page'] = 1; 3560 } 3561 } 3562 else 3563 { 3564 $start = 0; 3565 $mybb->input['page'] = 1; 3566 } 3567 3568 $from_bit = ""; 3569 if(isset($mybb->input['from']) && $mybb->input['from'] == "home") 3570 { 3571 $from_bit = "&from=home"; 3572 } 3573 3574 switch($view['sortby']) 3575 { 3576 case "regdate": 3577 case "lastactive": 3578 case "postnum": 3579 case "reputation": 3580 $view['sortby'] = $db->escape_string($view['sortby']); 3581 break; 3582 case "numposts": 3583 $view['sortby'] = "postnum"; 3584 break; 3585 case "numthreads": 3586 $view['sortby'] = "threadnum"; 3587 break; 3588 case "warninglevel": 3589 $view['sortby'] = "warningpoints"; 3590 break; 3591 default: 3592 $view['sortby'] = "username"; 3593 } 3594 3595 if($view['sortorder'] != "desc") 3596 { 3597 $view['sortorder'] = "asc"; 3598 } 3599 3600 $usergroups = $cache->read("usergroups"); 3601 3602 // Fetch matching users 3603 $query = $db->query(" 3604 SELECT u.* 3605 FROM ".TABLE_PREFIX."users u 3606 WHERE {$search_sql} 3607 ORDER BY {$view['sortby']} {$view['sortorder']} 3608 LIMIT {$start}, {$view['perpage']} 3609 "); 3610 $users = ''; 3611 while($user = $db->fetch_array($query)) 3612 { 3613 $comma = $groups_list = ''; 3614 $user['username'] = htmlspecialchars_uni($user['username']); 3615 $user['view']['username'] = "<a href=\"index.php?module=user-users&action=edit&uid={$user['uid']}\">".format_name($user['username'], $user['usergroup'], $user['displaygroup'])."</a>"; 3616 $user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']); 3617 if($user['additionalgroups']) 3618 { 3619 $additional_groups = explode(",", $user['additionalgroups']); 3620 3621 foreach($additional_groups as $group) 3622 { 3623 $groups_list .= $comma.htmlspecialchars_uni($usergroups[$group]['title']); 3624 $comma = $lang->comma; 3625 } 3626 } 3627 if(!$groups_list) 3628 { 3629 $groups_list = $lang->none; 3630 } 3631 $user['view']['additionalgroups'] = "<small>{$groups_list}</small>"; 3632 $user['view']['email'] = "<a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"; 3633 $user['view']['regdate'] = my_date('relative', $user['regdate']); 3634 $last_seen = max(array($user['lastactive'], $user['lastvisit'])); 3635 if(!empty($last_seen)) 3636 { 3637 $user['view']['lastactive'] = my_date('relative', $last_seen); 3638 } 3639 else 3640 { 3641 $user['view']['lastactive'] = $lang->never; 3642 } 3643 3644 // Build popup menu 3645 $popup = new PopupMenu("user_{$user['uid']}", $lang->options); 3646 $popup->add_item($lang->view_profile, $mybb->settings['bburl'].'/'.get_profile_link($user['uid'])); 3647 $popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}"); 3648 3649 // Banning options... is this user banned? 3650 if($usergroups[$user['usergroup']]['isbannedgroup'] == 1) 3651 { 3652 // Yes, so do we want to edit the ban or pardon his crime? 3653 $popup->add_item($lang->edit_ban, "index.php?module=user-banning&uid={$user['uid']}#username"); 3654 $popup->add_item($lang->lift_ban, "index.php?module=user-banning&action=lift&uid={$user['uid']}&my_post_key={$mybb->post_code}"); 3655 } 3656 else 3657 { 3658 // Not banned... but soon maybe! 3659 $popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username"); 3660 } 3661 3662 if($user['usergroup'] == 5) 3663 { 3664 if($user['coppauser']) 3665 { 3666 $popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3667 } 3668 else 3669 { 3670 $popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3671 } 3672 } 3673 3674 $popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')"); 3675 $popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}"); 3676 $popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}"); 3677 $popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username=".urlencode($user['username'])); 3678 $user['view']['controls'] = $popup->fetch(); 3679 3680 // Fetch the reputation for this user 3681 if($usergroups[$user['usergroup']]['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 3682 { 3683 $user['view']['reputation'] = get_reputation($user['reputation']); 3684 } 3685 else 3686 { 3687 $reputation = "-"; 3688 } 3689 3690 if($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) 3691 { 3692 if($mybb->settings['maxwarningpoints'] < 1) 3693 { 3694 $mybb->settings['maxwarningpoints'] = 10; 3695 } 3696 3697 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3698 if($warning_level > 100) 3699 { 3700 $warning_level = 100; 3701 } 3702 $user['view']['warninglevel'] = get_colored_warning_level($warning_level); 3703 } 3704 3705 if($view['view_type'] == "card") 3706 { 3707 $max_dimensions = '80x80'; 3708 } 3709 else 3710 { 3711 $max_dimensions = '34x34'; 3712 } 3713 3714 $avatar = format_avatar($user['avatar'], $user['avatardimensions'], $max_dimensions); 3715 3716 $user['view']['avatar'] = "<img src=\"".$avatar['image']."\" alt=\"\" {$avatar['width_height']} />"; 3717 3718 // Convert IP's to readable 3719 $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip'])); 3720 $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip'])); 3721 3722 if($view['view_type'] == "card") 3723 { 3724 $users .= build_user_view_card($user, $view, $i); 3725 } 3726 else 3727 { 3728 build_user_view_table($user, $view, $table); 3729 } 3730 } 3731 3732 // If card view, we need to output the results 3733 if($view['view_type'] == "card") 3734 { 3735 $table->construct_cell($users); 3736 $table->construct_row(); 3737 } 3738 } 3739 3740 if(!isset($view['table_id'])) 3741 { 3742 $view['table_id'] = "users_list"; 3743 } 3744 3745 $switch_view = "<div class=\"float_right\">"; 3746 $switch_url = $view['url']; 3747 if($mybb->input['page'] > 0) 3748 { 3749 $switch_url .= "&page=".$mybb->get_input('page', MyBB::INPUT_INT); 3750 } 3751 if($view['view_type'] != "card") 3752 { 3753 $switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>"; 3754 } 3755 else 3756 { 3757 $switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>"; 3758 } 3759 $switch_view .= "</div>"; 3760 3761 // Do we need to construct the pagination? 3762 if($num_results > $view['perpage']) 3763 { 3764 $view_type = htmlspecialchars_uni($view['view_type']); 3765 $pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url']."&type={$view_type}"); 3766 $search_class = "float_right"; 3767 $search_style = ""; 3768 } 3769 else 3770 { 3771 $search_class = ''; 3772 $search_style = "text-align: right;"; 3773 } 3774 3775 $search_action = $view['url']; 3776 // stop &username= in the query string 3777 if($view_upos = strpos($search_action, '&username=')) 3778 { 3779 $search_action = substr($search_action, 0, $view_upos); 3780 } 3781 $search_action = str_replace("&", "&", $search_action); 3782 $search = new Form(htmlspecialchars_uni($search_action), 'post', 'search_form', 0, '', true); 3783 $built_view = $search->construct_return; 3784 $built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">"; 3785 $built_view .= $search->generate_hidden_field('action', 'search')."\n"; 3786 if(isset($view['conditions']['username'])) 3787 { 3788 $default_class = ''; 3789 $value = $view['conditions']['username']; 3790 } 3791 else 3792 { 3793 $default_class = "search_default"; 3794 $value = $lang->search_for_user; 3795 } 3796 $built_view .= $search->generate_text_box('username', htmlspecialchars_uni($value), array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small"))."\n"; 3797 $built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n"; 3798 if(!empty($view['popup'])) 3799 { 3800 $built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n"; 3801 } 3802 $built_view .= "<script type=\"text/javascript\"> 3803 var form = $(\"#search_form\"); 3804 form.on('submit', function() { 3805 var search = $('#search_keywords'); 3806 if(search.val() == '' || search.val() == '".addcslashes($lang->search_for_user, "'")."') 3807 { 3808 search.trigger('focus'); 3809 return false; 3810 } 3811 }); 3812 3813 var search = $(\"#search_keywords\"); 3814 search.on('focus', function() 3815 { 3816 var searched_focus = $(this); 3817 if(searched_focus.val() == '".addcslashes($lang->search_for_user, "'")."') 3818 { 3819 searched_focus.removeClass(\"search_default\"); 3820 searched_focus.val(\"\"); 3821 } 3822 }).on('blur', function() 3823 { 3824 var searched_blur = $(this); 3825 if(searched_blur.val() == \"\") 3826 { 3827 searched_blur.addClass('search_default'); 3828 searched_blur.val('".addcslashes($lang->search_for_user, "'")."'); 3829 } 3830 }); 3831 3832 // fix the styling used if we have a different default value 3833 if(search.val() != '".addcslashes($lang->search_for_user, "'")."') 3834 { 3835 $(search).removeClass('search_default'); 3836 } 3837 </script>\n"; 3838 $built_view .= "</div>\n"; 3839 3840 // Autocompletion for usernames 3841 // TODO Select2 3842 3843 $built_view .= $search->end(); 3844 3845 if(isset($pagination)) 3846 { 3847 $built_view .= $pagination; 3848 } 3849 if($view['view_type'] != "card") 3850 { 3851 $checkbox = ''; 3852 } 3853 else 3854 { 3855 $checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> "; 3856 } 3857 $built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']); 3858 if(isset($pagination)) 3859 { 3860 $built_view .= $pagination; 3861 } 3862 3863 $built_view .= ' 3864 <script type="text/javascript" src="'.$mybb->settings['bburl'].'/jscripts/inline_moderation.js?ver=1838"></script> 3865 <form action="index.php?module=user-users" method="post"> 3866 <input type="hidden" name="my_post_key" value="'.$mybb->post_code.'" /> 3867 <input type="hidden" name="action" value="inline_edit" /> 3868 <div class="float_right"><span class="smalltext"><strong>'.$lang->inline_edit.'</strong></span> 3869 <select name="inline_action"> 3870 <option value="multiactivate">'.$lang->inline_activate.'</option> 3871 <option value="multiban">'.$lang->inline_ban.'</option> 3872 <option value="multiusergroup">'.$lang->inline_usergroup.'</option> 3873 <option value="multidelete">'.$lang->inline_delete.'</option> 3874 <option value="multiprune">'.$lang->inline_prune.'</option> 3875 </select> 3876 <input type="submit" class="submit_button inline_element" name="go" value="'.$lang->go.' (0)" id="inline_go" /> 3877 <input type="button" onclick="javascript:inlineModeration.clearChecked();" value="'.$lang->clear.'" class="submit_button inline_element" /> 3878 </div> 3879 </form> 3880 <br style="clear: both;" /> 3881 <script type="text/javascript"> 3882 <!-- 3883 var go_text = "'.$lang->go.'"; 3884 var all_text = "1"; 3885 var inlineType = "user"; 3886 var inlineId = "acp"; 3887 // --> 3888 </script>'; 3889 3890 return $built_view; 3891 } 3892 3893 /** 3894 * @param array $user 3895 * @param array $view 3896 * @param int $i 3897 * 3898 * @return string 3899 */ 3900 function build_user_view_card($user, $view, &$i) 3901 { 3902 global $user_view_fields; 3903 3904 ++$i; 3905 if($i == 3) 3906 { 3907 $i = 1; 3908 } 3909 3910 // Loop through fields user wants to show 3911 foreach($view['fields'] as $field) 3912 { 3913 if(!$user_view_fields[$field]) 3914 { 3915 continue; 3916 } 3917 3918 $view_field = $user_view_fields[$field]; 3919 3920 // Special conditions for avatar 3921 if($field == "avatar") 3922 { 3923 $avatar = $user['view']['avatar']; 3924 } 3925 else if($field == "controls") 3926 { 3927 $controls = $user['view']['controls']; 3928 } 3929 // Otherwise, just user data 3930 else if($field != "username") 3931 { 3932 if(isset($user['view'][$field])) 3933 { 3934 $value = $user['view'][$field]; 3935 } 3936 else 3937 { 3938 $value = $user[$field]; 3939 } 3940 3941 if($field == "postnum") 3942 { 3943 $value = my_number_format($value); 3944 } 3945 3946 $user_details[] = "<strong>{$view_field['title']}:</strong> {$value}"; 3947 } 3948 3949 } 3950 // Floated to the left or right? 3951 if($i == 1) 3952 { 3953 $float = "left"; 3954 } 3955 else 3956 { 3957 $float = "right"; 3958 } 3959 3960 // And build the final card 3961 $uname = ""; 3962 if(in_array('username', $view['fields'])) 3963 { 3964 $uname = $user['view']['username']; 3965 } 3966 $card = "<fieldset id=\"uid_{$user['uid']}\" style=\"width: 47%; float: {$float};\">\n"; 3967 $card .= "<legend><input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" /> {$uname}</legend>\n"; 3968 if(!empty($avatar)) 3969 { 3970 $card .= "<div class=\"user_avatar\">{$avatar}</div>\n"; 3971 } 3972 if(!empty($user_details)) 3973 { 3974 $card .= "<div class=\"user_details\">".implode("<br />", $user_details)."</div>\n"; 3975 } 3976 if(!empty($controls)) 3977 { 3978 $card .= "<div class=\"float_right\" style=\"padding: 4px;\">{$controls}</div>\n"; 3979 } 3980 $card .= "</fieldset>"; 3981 return $card; 3982 3983 } 3984 3985 /** 3986 * @param array $user 3987 * @param array $view 3988 * @param DefaultTable $table 3989 */ 3990 function build_user_view_table($user, $view, &$table) 3991 { 3992 global $user_view_fields; 3993 3994 foreach($view['fields'] as $field) 3995 { 3996 if(!$user_view_fields[$field]) 3997 { 3998 continue; 3999 } 4000 $view_field = $user_view_fields[$field]; 4001 $field_options = array(); 4002 if(($view_field['align'])) 4003 { 4004 $field_options['class'] = "align_".$view_field['align']; 4005 } 4006 if(!empty($user['view'][$field])) 4007 { 4008 $value = $user['view'][$field]; 4009 } 4010 else 4011 { 4012 $value = $user[$field]; 4013 } 4014 4015 if($field == "postnum") 4016 { 4017 $value = my_number_format($user[$field]); 4018 } 4019 $table->construct_cell($value, $field_options); 4020 } 4021 4022 $table->construct_cell("<input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" />"); 4023 4024 $table->construct_row(); 4025 } 4026 4027 /** 4028 * @param array $fields 4029 * @param array $values 4030 * @param DefaultFormContainer $form_container 4031 * @param DefaultForm $form 4032 * @param bool $search 4033 */ 4034 function output_custom_profile_fields($fields, $values, &$form_container, &$form, $search=false) 4035 { 4036 global $lang, $mybb; 4037 4038 if(!is_array($fields)) 4039 { 4040 return; 4041 } 4042 foreach($fields as $profile_field) 4043 { 4044 $profile_field['name'] = htmlspecialchars_uni($profile_field['name']); 4045 $profile_field['description'] = htmlspecialchars_uni($profile_field['description']); 4046 4047 $type_data = explode("\n", $profile_field['type'], 2); 4048 $type = $type_data[0]; 4049 $options = !empty($type_data[1]) ? $type_data[1] : null; 4050 4051 $type = trim($type); 4052 $field_name = "fid{$profile_field['fid']}"; 4053 4054 if(!isset($values[$field_name])) 4055 { 4056 $values[$field_name] = ''; 4057 } 4058 if(!isset($values[$field_name.'_blank'])) 4059 { 4060 $values[$field_name.'_blank'] = ''; 4061 } 4062 4063 switch($type) 4064 { 4065 case "multiselect": 4066 $selected_options = array(); 4067 if(!is_array($values[$field_name])) 4068 { 4069 $user_options = explode("\n", $values[$field_name]); 4070 } 4071 else 4072 { 4073 $user_options = $values[$field_name]; 4074 } 4075 4076 4077 foreach($user_options as $val) 4078 { 4079 $selected_options[$val] = htmlspecialchars_uni($val); 4080 } 4081 4082 $select_options = explode("\n", $options); 4083 $options = array(); 4084 if($search == true) 4085 { 4086 $select_options[''] = $lang->na; 4087 } 4088 4089 foreach($select_options as $val) 4090 { 4091 $val = htmlspecialchars_uni(trim($val)); 4092 $options[$val] = $val; 4093 } 4094 if(!$profile_field['length']) 4095 { 4096 $profile_field['length'] = 3; 4097 } 4098 $code = $form->generate_select_box("profile_fields[{$field_name}][]", $options, $selected_options, array('id' => "profile_field_{$field_name}", 'multiple' => true, 'size' => $profile_field['length'])); 4099 break; 4100 case "select": 4101 $select_options = array(); 4102 if($search == true) 4103 { 4104 $select_options[''] = $lang->na; 4105 } 4106 $select_options += explode("\n", $options); 4107 $options = array(); 4108 foreach($select_options as $val) 4109 { 4110 $val = htmlspecialchars_uni(trim($val)); 4111 $options[$val] = $val; 4112 } 4113 if(!$profile_field['length']) 4114 { 4115 $profile_field['length'] = 1; 4116 } 4117 if($search == true) 4118 { 4119 $code = $form->generate_select_box("profile_fields[{$field_name}][{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 4120 } 4121 else 4122 { 4123 $code = $form->generate_select_box("profile_fields[{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 4124 } 4125 break; 4126 case "radio": 4127 $radio_options = array(); 4128 if($search == true) 4129 { 4130 $radio_options[''] = $lang->na; 4131 } 4132 $radio_options += explode("\n", $options); 4133 $code = ''; 4134 foreach($radio_options as $val) 4135 { 4136 $val = trim($val); 4137 $code .= $form->generate_radio_button("profile_fields[{$field_name}]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => ($val == $values[$field_name] ? true : false)))."<br />"; 4138 } 4139 break; 4140 case "checkbox": 4141 $select_options = array(); 4142 if(!is_array($values[$field_name])) 4143 { 4144 $user_options = explode("\n", $values[$field_name]); 4145 } 4146 else 4147 { 4148 $user_options = $values[$field_name]; 4149 } 4150 4151 $selected_options = array(); 4152 foreach($user_options as $val) 4153 { 4154 $selected_options[$val] = $val; 4155 } 4156 4157 if($search == true) 4158 { 4159 $select_options[''] = $lang->na; 4160 } 4161 $select_options += explode("\n", $options); 4162 $code = ''; 4163 foreach($select_options as $val) 4164 { 4165 $val = trim($val); 4166 $code .= $form->generate_check_box("profile_fields[{$field_name}][]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => (isset($selected_options[$val]) && $val == $selected_options[$val] ? true : false)))."<br />"; 4167 } 4168 break; 4169 case "textarea": 4170 $extra = ''; 4171 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 4172 { 4173 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 4174 } 4175 4176 $code = $form->generate_text_area("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'rows' => 6, 'cols' => 50)).$extra; 4177 break; 4178 default: 4179 $extra = ''; 4180 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 4181 { 4182 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 4183 } 4184 4185 $code = $form->generate_text_box("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'maxlength' => $profile_field['maxlength'], 'length' => $profile_field['length'])).$extra; 4186 break; 4187 } 4188 4189 $form_container->output_row($profile_field['name'], $profile_field['description'], $code, "", array('id' => "profile_field_{$field_name}")); 4190 $code = $user_options = $selected_options = $radio_options = $val = $options = ''; 4191 } 4192 } 4193 4194 /** 4195 * @param array $input 4196 * @param DefaultForm $form 4197 */ 4198 function user_search_conditions($input, &$form) 4199 { 4200 global $mybb, $db, $lang; 4201 4202 if(!$input) 4203 { 4204 $input = $mybb->input; 4205 } 4206 4207 if(empty($input['conditions'])) 4208 { 4209 $input['conditions'] = array(); 4210 } 4211 4212 if(!is_array($input['conditions'])) 4213 { 4214 $input['conditions'] = (array)my_unserialize($input['conditions']); 4215 } 4216 4217 $array = array('username', 'email', 'usergroup', 'website', 'website_blank', 'signature', 'signature_blank', 'usertitle', 'usertitle_blank', 'postnum_dir', 'postnum', 'threadnum_dir', 'threadnum', 'regdate', 'regip', 'lastip', 'postip'); 4218 foreach($array as $condition) 4219 { 4220 if(!isset($input['conditions'][$condition])) 4221 { 4222 $input['conditions'][$condition] = ''; 4223 } 4224 } 4225 4226 if(empty($input['profile_fields'])) 4227 { 4228 $input['profile_fields'] = array(); 4229 } 4230 4231 if(!is_array($input['profile_fields'])) 4232 { 4233 $input['profile_fields'] = (array)my_unserialize($input['profile_fields']); 4234 } 4235 4236 if(empty($input['fields'])) 4237 { 4238 $input['fields'] = array(); 4239 } 4240 4241 if(!is_array($input['fields'])) 4242 { 4243 $input['fields'] = (array)my_unserialize($input['fields']); 4244 } 4245 4246 $form_container = new FormContainer($lang->find_users_where); 4247 $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', htmlspecialchars_uni($input['conditions']['username']), array('id' => 'username')), 'username'); 4248 $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email'); 4249 4250 $options = array(); 4251 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 4252 while($usergroup = $db->fetch_array($query)) 4253 { 4254 $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); 4255 } 4256 4257 $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups'); 4258 4259 $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website'))." {$lang->or} ".$form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website'); 4260 $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature'))." {$lang->or} ".$form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature'); 4261 $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle'))." {$lang->or} ".$form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle'); 4262 $greater_options = array( 4263 "greater_than" => $lang->greater_than, 4264 "is_exactly" => $lang->is_exactly, 4265 "less_than" => $lang->less_than 4266 ); 4267 $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir'))." ".$form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts'); 4268 $form_container->output_row($lang->thread_count_is, "", $form->generate_select_box('conditions[threadnum_dir]', $greater_options, $input['conditions']['threadnum_dir'], array('id' => 'numthreads_dir'))." ".$form->generate_text_box('conditions[threadnum]', $input['conditions']['threadnum'], array('id' => 'numthreads')), 'numthreads'); 4269 4270 $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')).' '.$lang->days, 'regdate'); 4271 $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip'); 4272 $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip'); 4273 $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip'); 4274 4275 $form_container->end(); 4276 4277 // Custom profile fields go here 4278 $form_container = new FormContainer($lang->custom_profile_fields_match); 4279 4280 // Fetch custom profile fields 4281 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 4282 4283 $profile_fields = array( 4284 'required' => array(), 4285 'optional' => array(), 4286 ); 4287 while($profile_field = $db->fetch_array($query)) 4288 { 4289 if($profile_field['required'] == 1) 4290 { 4291 $profile_fields['required'][] = $profile_field; 4292 } 4293 else 4294 { 4295 $profile_fields['optional'][] = $profile_field; 4296 } 4297 } 4298 4299 output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true); 4300 output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true); 4301 4302 $form_container->end(); 4303 4304 // Autocompletion for usernames 4305 echo ' 4306 <link rel="stylesheet" href="../jscripts/select2/select2.css"> 4307 <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> 4308 <script type="text/javascript"> 4309 <!-- 4310 $("#username").select2({ 4311 placeholder: "'.$lang->search_for_a_user.'", 4312 minimumInputLength: 2, 4313 multiple: false, 4314 ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper 4315 url: "../xmlhttp.php?action=get_users", 4316 dataType: \'json\', 4317 data: function (term, page) { 4318 return { 4319 query: term // search term 4320 }; 4321 }, 4322 results: function (data, page) { // parse the results into the format expected by Select2. 4323 // since we are using custom formatting functions we do not need to alter remote JSON data 4324 return {results: data}; 4325 } 4326 }, 4327 initSelection: function(element, callback) { 4328 var query = $(element).val(); 4329 if (query !== "") { 4330 $.ajax("../xmlhttp.php?action=get_users&getone=1", { 4331 data: { 4332 query: query 4333 }, 4334 dataType: "json" 4335 }).done(function(data) { callback(data); }); 4336 } 4337 } 4338 }); 4339 // --> 4340 </script>'; 4341 } 4342 4343 /** 4344 * @param int $source_uid 4345 * @param int $destination_uid 4346 */ 4347 function merge_thread_ratings($source_uid, $destination_uid) 4348 { 4349 global $db; 4350 4351 $source_ratings = $dest_threads = $delete_list = $decrement_list = array(); 4352 4353 // Get all thread ratings from both accounts 4354 $query = $db->simple_select('threadratings', 'tid, uid, rid, rating', "uid IN ({$destination_uid}, {$source_uid})"); 4355 while($rating = $db->fetch_array($query)) 4356 { 4357 if($rating['uid'] == $destination_uid) 4358 { 4359 $dest_threads[] = $rating['tid']; 4360 } 4361 else 4362 { 4363 $source_ratings[] = $rating; 4364 } 4365 } 4366 4367 // If there are duplicates, mark them for deletion 4368 foreach($source_ratings as $rating) 4369 { 4370 if(in_array($rating['tid'], $dest_threads)) 4371 { 4372 $delete_list[] = $rating['rid']; 4373 $decrement_list[$rating['tid']][] = (int) $rating['rating']; 4374 } 4375 } 4376 4377 // Attribute all of the source user's ratings to the destination user 4378 $db->update_query("threadratings", array("uid" => $destination_uid), "uid='{$source_uid}'"); 4379 4380 // Remove ratings previously given to recently acquired threads 4381 $query = $db->query(" 4382 SELECT tr.rid, tr.rating, t.tid 4383 FROM {$db->table_prefix}threadratings tr 4384 LEFT JOIN {$db->table_prefix}threads t ON (t.tid=tr.tid) 4385 WHERE tr.uid='{$destination_uid}' AND tr.uid=t.uid 4386 "); 4387 while($rating = $db->fetch_array($query)) 4388 { 4389 $delete_list[] = $rating['rid']; 4390 $decrement_list[$rating['tid']][] = (int) $rating['rating']; 4391 } 4392 4393 // Delete the duplicate/disallowed ratings 4394 if(!empty($delete_list)) 4395 { 4396 $imp = implode(',', $delete_list); 4397 $db->delete_query('threadratings', "rid IN ({$imp})"); 4398 } 4399 4400 // Correct the thread rating counters 4401 if(!empty($decrement_list)) 4402 { 4403 foreach($decrement_list as $tid => $ratings) 4404 { 4405 if(is_array($ratings)) 4406 { 4407 $db->update_query('threads', array('numratings' => 'numratings-'.count($ratings), 'totalratings' => 'totalratings-'.array_sum($ratings)), "tid='{$tid}'", 1, true); 4408 } 4409 } 4410 } 4411 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |