| [ Index ] |
PHP Cross Reference of MyBB 1.8.36 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'member.php'); 14 define("ALLOWABLE_PAGE", "register,do_register,login,do_login,logout,lostpw,do_lostpw,activate,resendactivation,do_resendactivation,resetpassword,viewnotes"); 15 16 $nosession['avatar'] = 1; 17 18 $templatelist = "member_register,member_register_hiddencaptcha,member_register_coppa,member_register_agreement_coppa,member_register_agreement,member_register_customfield,member_register_requiredfields,member_profile_findthreads"; 19 $templatelist .= ",member_loggedin_notice,member_profile_away,member_register_regimage,member_register_regimage_recaptcha_invisible,member_register_regimage_nocaptcha,post_captcha_hcaptcha_invisible,post_captcha_hcaptcha,post_captcha_hidden,post_captcha,member_register_referrer"; 20 $templatelist .= ",member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_warninglevel_link,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions_manageban,member_profile_adminoptions,member_profile"; 21 $templatelist .= ",member_profile_signature,member_profile_avatar,member_profile_groupimage,member_referrals_link,member_profile_referrals,member_profile_website,member_profile_reputation_vote,member_activate,member_lostpw,member_register_additionalfields"; 22 $templatelist .= ",member_profile_modoptions_manageuser,member_profile_modoptions_editprofile,member_profile_modoptions_banuser,member_profile_modoptions_viewnotes,member_profile_modoptions_editnotes,member_profile_modoptions_purgespammer"; 23 $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,member_viewnotes"; 24 $templatelist .= ",member_register_question,member_register_question_refresh,usercp_options_timezone,usercp_options_timezone_option,usercp_options_language_option,member_profile_customfields_field_multi_item,member_profile_customfields_field_multi"; 25 $templatelist .= ",member_profile_contact_fields_google,member_profile_contact_fields_icq,member_profile_contact_fields_skype,member_profile_pm,member_profile_contact_details,member_profile_modoptions_manageban"; 26 $templatelist .= ",member_profile_banned_remaining,member_profile_addremove,member_emailuser_guest,member_register_day,usercp_options_tppselect_option,postbit_warninglevel_formatted,member_profile_userstar,member_profile_findposts"; 27 $templatelist .= ",usercp_options_tppselect,usercp_options_pppselect,member_resetpassword,member_login,member_profile_online,usercp_options_pppselect_option,postbit_reputation_formatted,member_emailuser,usercp_profile_profilefields_text"; 28 $templatelist .= ",member_profile_modoptions_ipaddress,member_profile_modoptions,member_profile_banned,member_register_language,member_resendactivation,usercp_profile_profilefields_checkbox,member_register_password,member_coppa_form"; 29 30 require_once "./global.php"; 31 require_once MYBB_ROOT."inc/functions_post.php"; 32 require_once MYBB_ROOT."inc/functions_user.php"; 33 require_once MYBB_ROOT."inc/class_parser.php"; 34 require_once MYBB_ROOT."inc/functions_modcp.php"; 35 $parser = new postParser; 36 37 // Load global language phrases 38 $lang->load("member"); 39 40 $mybb->input['action'] = $mybb->get_input('action'); 41 42 // Make navigation 43 switch($mybb->input['action']) 44 { 45 case "register": 46 case "do_register": 47 add_breadcrumb($lang->nav_register); 48 break; 49 case "activate": 50 add_breadcrumb($lang->nav_activate); 51 break; 52 case "resendactivation": 53 add_breadcrumb($lang->nav_resendactivation); 54 break; 55 case "lostpw": 56 add_breadcrumb($lang->nav_lostpw); 57 break; 58 case "resetpassword": 59 add_breadcrumb($lang->nav_resetpassword); 60 break; 61 case "login": 62 add_breadcrumb($lang->nav_login); 63 break; 64 case "emailuser": 65 add_breadcrumb($lang->nav_emailuser); 66 break; 67 } 68 69 if(($mybb->input['action'] == "register" || $mybb->input['action'] == "do_register") && $mybb->usergroup['cancp'] != 1) 70 { 71 if($mybb->settings['disableregs'] == 1) 72 { 73 error($lang->registrations_disabled); 74 } 75 if($mybb->user['uid'] != 0) 76 { 77 error($lang->error_alreadyregistered); 78 } 79 if($mybb->settings['betweenregstime'] && $mybb->settings['maxregsbetweentime']) 80 { 81 $time = TIME_NOW; 82 $datecut = $time-(60*60*$mybb->settings['betweenregstime']); 83 $query = $db->simple_select("users", "*", "regip=".$db->escape_binary($session->packedip)." AND regdate > '$datecut'"); 84 $regcount = $db->num_rows($query); 85 if($regcount >= $mybb->settings['maxregsbetweentime']) 86 { 87 $lang->error_alreadyregisteredtime = $lang->sprintf($lang->error_alreadyregisteredtime, $regcount, $mybb->settings['betweenregstime']); 88 error($lang->error_alreadyregisteredtime); 89 } 90 } 91 } 92 93 $fromreg = 0; 94 if($mybb->input['action'] == "do_register" && $mybb->request_method == "post") 95 { 96 $plugins->run_hooks("member_do_register_start"); 97 98 // Are checking how long it takes for users to register? 99 if($mybb->settings['regtime'] > 0) 100 { 101 // Is the field actually set? 102 if(isset($mybb->input['regtime'])) 103 { 104 // Check how long it took for this person to register 105 $timetook = TIME_NOW - $mybb->get_input('regtime', MyBB::INPUT_INT); 106 107 // See if they registered faster than normal 108 if($timetook < $mybb->settings['regtime']) 109 { 110 // This user registered pretty quickly, bot detected! 111 $lang->error_spam_deny_time = $lang->sprintf($lang->error_spam_deny_time, $mybb->settings['regtime'], $timetook); 112 error($lang->error_spam_deny_time); 113 } 114 } 115 else 116 { 117 error($lang->error_spam_deny); 118 } 119 } 120 121 // If we have hidden CATPCHA enabled and it's filled, deny registration 122 if($mybb->settings['hiddencaptchaimage']) 123 { 124 $string = $mybb->settings['hiddencaptchaimagefield']; 125 126 if(!empty($mybb->input[$string])) 127 { 128 error($lang->error_spam_deny); 129 } 130 } 131 132 if($mybb->settings['regtype'] == "randompass") 133 { 134 135 $password_length = (int)$mybb->settings['minpasswordlength']; 136 if($password_length < 8) 137 { 138 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 139 } 140 141 $mybb->input['password'] = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 142 $mybb->input['password2'] = $mybb->input['password']; 143 } 144 145 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 146 { 147 $usergroup = 5; 148 } 149 else 150 { 151 $usergroup = 2; 152 } 153 154 // Set up user handler. 155 require_once MYBB_ROOT."inc/datahandlers/user.php"; 156 $userhandler = new UserDataHandler("insert"); 157 158 $coppauser = 0; 159 if(isset($mybb->cookies['coppauser'])) 160 { 161 $coppauser = (int)$mybb->cookies['coppauser']; 162 } 163 164 // Set the data for the new user. 165 $user = array( 166 "username" => $mybb->get_input('username'), 167 "password" => $mybb->get_input('password'), 168 "password2" => $mybb->get_input('password2'), 169 "email" => $mybb->get_input('email'), 170 "email2" => $mybb->get_input('email2'), 171 "usergroup" => $usergroup, 172 "referrer" => $mybb->get_input('referrername'), 173 "timezone" => $mybb->get_input('timezoneoffset'), 174 "language" => $mybb->get_input('language'), 175 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 176 "regip" => $session->packedip, 177 "coppa_user" => $coppauser, 178 "regcheck1" => $mybb->get_input('regcheck1'), 179 "regcheck2" => $mybb->get_input('regcheck2'), 180 "registration" => true 181 ); 182 183 // Do we have a saved COPPA DOB? 184 if(isset($mybb->cookies['coppadob'])) 185 { 186 list($dob_day, $dob_month, $dob_year) = explode("-", $mybb->cookies['coppadob']); 187 $user['birthday'] = array( 188 "day" => $dob_day, 189 "month" => $dob_month, 190 "year" => $dob_year 191 ); 192 } 193 194 $user['options'] = array( 195 "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT), 196 "hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT), 197 "subscriptionmethod" => $mybb->get_input('subscriptionmethod', MyBB::INPUT_INT), 198 "receivepms" => $mybb->get_input('receivepms', MyBB::INPUT_INT), 199 "pmnotice" => $mybb->get_input('pmnotice', MyBB::INPUT_INT), 200 "pmnotify" => $mybb->get_input('pmnotify', MyBB::INPUT_INT), 201 "invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT), 202 "dstcorrection" => $mybb->get_input('dstcorrection') 203 ); 204 205 $userhandler->set_data($user); 206 207 $errors = array(); 208 209 if(!$userhandler->validate_user()) 210 { 211 $errors = $userhandler->get_friendly_errors(); 212 } 213 214 if($mybb->settings['enablestopforumspam_on_register']) 215 { 216 require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php'; 217 218 $stop_forum_spam_checker = new StopForumSpamChecker( 219 $plugins, 220 $mybb->settings['stopforumspam_min_weighting_before_spam'], 221 $mybb->settings['stopforumspam_check_usernames'], 222 $mybb->settings['stopforumspam_check_emails'], 223 $mybb->settings['stopforumspam_check_ips'], 224 $mybb->settings['stopforumspam_log_blocks'] 225 ); 226 227 try { 228 if($stop_forum_spam_checker->is_user_a_spammer($user['username'], $user['email'], get_ip())) 229 { 230 error($lang->sprintf($lang->error_stop_forum_spam_spammer, 231 $stop_forum_spam_checker->getErrorText(array( 232 'stopforumspam_check_usernames', 233 'stopforumspam_check_emails', 234 'stopforumspam_check_ips' 235 )))); 236 } 237 } 238 catch (Exception $e) 239 { 240 if($mybb->settings['stopforumspam_block_on_error']) 241 { 242 error($lang->error_stop_forum_spam_fetching); 243 } 244 } 245 } 246 247 if($mybb->settings['captchaimage']) 248 { 249 require_once MYBB_ROOT.'inc/class_captcha.php'; 250 $captcha = new captcha; 251 252 if($captcha->validate_captcha() == false) 253 { 254 // CAPTCHA validation failed 255 foreach($captcha->get_errors() as $error) 256 { 257 $errors[] = $error; 258 } 259 } 260 } 261 262 // If we have a security question, check to see if answer is correct 263 if($mybb->settings['securityquestion']) 264 { 265 $question_id = $db->escape_string($mybb->get_input('question_id')); 266 $answer = $db->escape_string($mybb->get_input('answer')); 267 268 $query = $db->query(" 269 SELECT q.*, s.sid 270 FROM ".TABLE_PREFIX."questionsessions s 271 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 272 WHERE q.active='1' AND s.sid='{$question_id}' 273 "); 274 if($db->num_rows($query) > 0) 275 { 276 $question = $db->fetch_array($query); 277 $valid_answers = explode("\n", $question['answer']); 278 $validated = 0; 279 280 foreach($valid_answers as $answers) 281 { 282 if(my_strtolower($answers) == my_strtolower($answer)) 283 { 284 $validated = 1; 285 } 286 } 287 288 if($validated != 1) 289 { 290 $update_question = array( 291 "incorrect" => $question['incorrect'] + 1 292 ); 293 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 294 295 $errors[] = $lang->error_question_wrong; 296 } 297 else 298 { 299 $update_question = array( 300 "correct" => $question['correct'] + 1 301 ); 302 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 303 } 304 305 $db->delete_query("questionsessions", "sid='{$question_id}'"); 306 } 307 } 308 309 $regerrors = ''; 310 if(!empty($errors)) 311 { 312 $username = htmlspecialchars_uni($mybb->get_input('username')); 313 $email = htmlspecialchars_uni($mybb->get_input('email')); 314 $email2 = htmlspecialchars_uni($mybb->get_input('email2')); 315 $referrername = htmlspecialchars_uni($mybb->get_input('referrername')); 316 317 $allownoticescheck = $hideemailcheck = $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 318 $receivepmscheck = $pmnoticecheck = $pmnotifycheck = $invisiblecheck = $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 319 320 if($mybb->get_input('allownotices', MyBB::INPUT_INT) == 1) 321 { 322 $allownoticescheck = "checked=\"checked\""; 323 } 324 325 if($mybb->get_input('hideemail', MyBB::INPUT_INT) == 1) 326 { 327 $hideemailcheck = "checked=\"checked\""; 328 } 329 330 if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 1) 331 { 332 $no_subscribe_selected = "selected=\"selected\""; 333 } 334 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 2) 335 { 336 $instant_email_subscribe_selected = "selected=\"selected\""; 337 } 338 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 3) 339 { 340 $instant_pm_subscribe_selected = "selected=\"selected\""; 341 } 342 else 343 { 344 $no_auto_subscribe_selected = "selected=\"selected\""; 345 } 346 347 if($mybb->get_input('receivepms', MyBB::INPUT_INT) == 1) 348 { 349 $receivepmscheck = "checked=\"checked\""; 350 } 351 352 if($mybb->get_input('pmnotice', MyBB::INPUT_INT) == 1) 353 { 354 $pmnoticecheck = " checked=\"checked\""; 355 } 356 357 if($mybb->get_input('pmnotify', MyBB::INPUT_INT) == 1) 358 { 359 $pmnotifycheck = "checked=\"checked\""; 360 } 361 362 if($mybb->get_input('invisible', MyBB::INPUT_INT) == 1) 363 { 364 $invisiblecheck = "checked=\"checked\""; 365 } 366 367 if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 2) 368 { 369 $dst_auto_selected = "selected=\"selected\""; 370 } 371 else if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 1) 372 { 373 $dst_enabled_selected = "selected=\"selected\""; 374 } 375 else 376 { 377 $dst_disabled_selected = "selected=\"selected\""; 378 } 379 380 $regerrors = inline_error($errors); 381 $mybb->input['action'] = "register"; 382 $fromreg = 1; 383 } 384 else 385 { 386 $user_info = $userhandler->insert_user(); 387 388 // Invalidate solved captcha 389 if($mybb->settings['captchaimage']) 390 { 391 $captcha->invalidate_captcha(); 392 } 393 394 if($mybb->settings['regtype'] != "randompass" && !isset($mybb->cookies['coppauser'])) 395 { 396 // Log them in 397 my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], null, true, "lax"); 398 } 399 400 if(isset($mybb->cookies['coppauser'])) 401 { 402 $lang->redirect_registered_coppa_activate = $lang->sprintf($lang->redirect_registered_coppa_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 403 my_unsetcookie("coppauser"); 404 my_unsetcookie("coppadob"); 405 $plugins->run_hooks("member_do_register_end"); 406 error($lang->redirect_registered_coppa_activate); 407 } 408 else if($mybb->settings['regtype'] == "verify") 409 { 410 $activationcode = random_str(); 411 $now = TIME_NOW; 412 $activationarray = array( 413 "uid" => $user_info['uid'], 414 "dateline" => TIME_NOW, 415 "code" => $activationcode, 416 "type" => "r" 417 ); 418 $db->insert_query("awaitingactivation", $activationarray); 419 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 420 switch($mybb->settings['username_method']) 421 { 422 case 0: 423 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 424 break; 425 case 1: 426 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 427 break; 428 case 2: 429 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 430 break; 431 default: 432 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 433 break; 434 } 435 my_mail($user_info['email'], $emailsubject, $emailmessage); 436 437 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 438 439 $plugins->run_hooks("member_do_register_end"); 440 441 error($lang->redirect_registered_activation); 442 } 443 else if($mybb->settings['regtype'] == "randompass") 444 { 445 $emailsubject = $lang->sprintf($lang->emailsubject_randompassword, $mybb->settings['bbname']); 446 switch($mybb->settings['username_method']) 447 { 448 case 0: 449 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 450 break; 451 case 1: 452 $emailmessage = $lang->sprintf($lang->email_randompassword1, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 453 break; 454 case 2: 455 $emailmessage = $lang->sprintf($lang->email_randompassword2, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 456 break; 457 default: 458 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 459 break; 460 } 461 my_mail($user_info['email'], $emailsubject, $emailmessage); 462 463 $plugins->run_hooks("member_do_register_end"); 464 465 error($lang->redirect_registered_passwordsent); 466 } 467 else if($mybb->settings['regtype'] == "admin") 468 { 469 $groups = $cache->read("usergroups"); 470 $admingroups = array(); 471 if(!empty($groups)) // Shouldn't be... 472 { 473 foreach($groups as $group) 474 { 475 if($group['cancp'] == 1) 476 { 477 $admingroups[] = (int)$group['gid']; 478 } 479 } 480 } 481 482 if(!empty($admingroups)) 483 { 484 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 485 foreach($admingroups as $admingroup) 486 { 487 switch($db->type) 488 { 489 case 'pgsql': 490 case 'sqlite': 491 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 492 break; 493 default: 494 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 495 break; 496 } 497 } 498 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 499 while($recipient = $db->fetch_array($q)) 500 { 501 // First we check if the user's a super admin: if yes, we don't care about permissions 502 $is_super_admin = is_super_admin($recipient['uid']); 503 if(!$is_super_admin) 504 { 505 // Include admin functions 506 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 507 { 508 continue; 509 } 510 511 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 512 513 // Verify if we have permissions to access user-users 514 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 515 if(function_exists("user_admin_permissions")) 516 { 517 // Get admin permissions 518 $adminperms = get_admin_permissions($recipient['uid']); 519 520 $permissions = user_admin_permissions(); 521 if(array_key_exists('users', $permissions['permissions']) && $adminperms['user']['users'] != 1) 522 { 523 continue; // No permissions 524 } 525 } 526 } 527 528 // Load language 529 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 530 { 531 $reset_lang = true; 532 $lang->set_language($recipient['language']); 533 $lang->load("member"); 534 } 535 536 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 537 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 538 my_mail($recipient['email'], $subject, $message); 539 } 540 541 // Reset language 542 if(isset($reset_lang)) 543 { 544 $lang->set_language($mybb->settings['bblanguage']); 545 $lang->load("member"); 546 } 547 } 548 549 $lang->redirect_registered_admin_activate = $lang->sprintf($lang->redirect_registered_admin_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 550 551 $plugins->run_hooks("member_do_register_end"); 552 553 error($lang->redirect_registered_admin_activate); 554 } 555 else if($mybb->settings['regtype'] == "both") 556 { 557 $groups = $cache->read("usergroups"); 558 $admingroups = array(); 559 if(!empty($groups)) // Shouldn't be... 560 { 561 foreach($groups as $group) 562 { 563 if($group['cancp'] == 1) 564 { 565 $admingroups[] = (int)$group['gid']; 566 } 567 } 568 } 569 570 if(!empty($admingroups)) 571 { 572 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 573 foreach($admingroups as $admingroup) 574 { 575 switch($db->type) 576 { 577 case 'pgsql': 578 case 'sqlite': 579 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 580 break; 581 default: 582 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 583 break; 584 } 585 } 586 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 587 while($recipient = $db->fetch_array($q)) 588 { 589 // First we check if the user's a super admin: if yes, we don't care about permissions 590 $is_super_admin = is_super_admin($recipient['uid']); 591 if(!$is_super_admin) 592 { 593 // Include admin functions 594 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 595 { 596 continue; 597 } 598 599 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 600 601 // Verify if we have permissions to access user-users 602 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 603 // Get admin permissions 604 $adminperms = get_admin_permissions($recipient['uid']); 605 if(empty($adminperms['user']['users']) || $adminperms['user']['users'] != 1) 606 { 607 continue; // No permissions 608 } 609 } 610 611 // Load language 612 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 613 { 614 $reset_lang = true; 615 $lang->set_language($recipient['language']); 616 $lang->load("member"); 617 } 618 619 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 620 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 621 my_mail($recipient['email'], $subject, $message); 622 } 623 624 // Reset language 625 if(isset($reset_lang)) 626 { 627 $lang->set_language($mybb->settings['bblanguage']); 628 $lang->load("member"); 629 } 630 } 631 632 $activationcode = random_str(); 633 $activationarray = array( 634 "uid" => $user_info['uid'], 635 "dateline" => TIME_NOW, 636 "code" => $activationcode, 637 "type" => "b" 638 ); 639 $db->insert_query("awaitingactivation", $activationarray); 640 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 641 switch($mybb->settings['username_method']) 642 { 643 case 0: 644 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 645 break; 646 case 1: 647 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 648 break; 649 case 2: 650 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 651 break; 652 default: 653 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 654 break; 655 } 656 my_mail($user_info['email'], $emailsubject, $emailmessage); 657 658 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 659 660 $plugins->run_hooks("member_do_register_end"); 661 662 error($lang->redirect_registered_activation); 663 } 664 else 665 { 666 $lang->redirect_registered = $lang->sprintf($lang->redirect_registered, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 667 668 $plugins->run_hooks("member_do_register_end"); 669 670 redirect("index.php", $lang->redirect_registered); 671 } 672 } 673 } 674 675 if($mybb->input['action'] == "coppa_form") 676 { 677 if(!$mybb->settings['faxno']) 678 { 679 $mybb->settings['faxno'] = " "; 680 } 681 682 $plugins->run_hooks("member_coppa_form"); 683 684 eval("\$coppa_form = \"".$templates->get("member_coppa_form")."\";"); 685 output_page($coppa_form); 686 } 687 688 if($mybb->input['action'] == "register") 689 { 690 $bdaysel = ''; 691 if($mybb->settings['coppa'] == "disabled") 692 { 693 $bdaysel = $bday2blank = ''; 694 } 695 $mybb->input['bday1'] = $mybb->get_input('bday1', MyBB::INPUT_INT); 696 for($day = 1; $day <= 31; ++$day) 697 { 698 $selected = ''; 699 if($mybb->input['bday1'] == $day) 700 { 701 $selected = " selected=\"selected\""; 702 } 703 704 eval("\$bdaysel .= \"".$templates->get("member_register_day")."\";"); 705 } 706 707 $mybb->input['bday2'] = $mybb->get_input('bday2', MyBB::INPUT_INT); 708 $bdaymonthsel = array(); 709 foreach(range(1, 12) as $number) 710 { 711 $bdaymonthsel[$number] = ''; 712 } 713 $bdaymonthsel[$mybb->input['bday2']] = "selected=\"selected\""; 714 $birthday_year = $mybb->get_input('bday3', MyBB::INPUT_INT); 715 716 if($birthday_year == 0) 717 { 718 $birthday_year = ''; 719 } 720 721 // Is COPPA checking enabled? 722 if($mybb->settings['coppa'] != "disabled" && !isset($mybb->input['step'])) 723 { 724 // Just selected DOB, we check 725 if($mybb->input['bday1'] && $mybb->input['bday2'] && $birthday_year) 726 { 727 my_unsetcookie("coppauser"); 728 729 $months = get_bdays($birthday_year); 730 if($mybb->input['bday2'] < 1 || $mybb->input['bday2'] > 12 || $birthday_year < (date("Y")-100) || $birthday_year > date("Y") || $mybb->input['bday1'] > $months[$mybb->input['bday2']-1]) 731 { 732 error($lang->error_invalid_birthday); 733 } 734 735 $bdaytime = @mktime(0, 0, 0, $mybb->input['bday2'], $mybb->input['bday1'], $birthday_year); 736 737 // Store DOB in cookie so we can save it with the registration 738 my_setcookie("coppadob", "{$mybb->input['bday1']}-{$mybb->input['bday2']}-{$birthday_year}", -1); 739 740 // User is <= 13, we mark as a coppa user 741 if($bdaytime >= mktime(0, 0, 0, my_date('n'), my_date('d'), my_date('Y')-13)) 742 { 743 my_setcookie("coppauser", 1, -0); 744 $under_thirteen = true; 745 } 746 $mybb->request_method = ""; 747 } 748 // Show DOB select form 749 else 750 { 751 $plugins->run_hooks("member_register_coppa"); 752 753 my_unsetcookie("coppauser"); 754 755 $coppa_desc = $mybb->settings['coppa'] == 'deny' ? $lang->coppa_desc_for_deny : $lang->coppa_desc; 756 eval("\$coppa = \"".$templates->get("member_register_coppa")."\";"); 757 output_page($coppa); 758 exit; 759 } 760 } 761 762 if((!isset($mybb->input['agree']) && !isset($mybb->input['regsubmit'])) && $fromreg == 0 || $mybb->request_method != "post") 763 { 764 $coppa_agreement = ''; 765 // Is this user a COPPA user? We need to show the COPPA agreement too 766 if($mybb->settings['coppa'] != "disabled" && ($mybb->cookies['coppauser'] == 1 || $under_thirteen)) 767 { 768 if($mybb->settings['coppa'] == "deny") 769 { 770 error($lang->error_need_to_be_thirteen); 771 } 772 $lang->coppa_agreement_1 = $lang->sprintf($lang->coppa_agreement_1, $mybb->settings['bbname']); 773 eval("\$coppa_agreement = \"".$templates->get("member_register_agreement_coppa")."\";"); 774 } 775 776 $plugins->run_hooks("member_register_agreement"); 777 778 eval("\$agreement = \"".$templates->get("member_register_agreement")."\";"); 779 output_page($agreement); 780 } 781 else 782 { 783 $plugins->run_hooks("member_register_start"); 784 785 // JS validator extra 786 if($mybb->settings['maxnamelength'] > 0 && $mybb->settings['minnamelength'] > 0) 787 { 788 $lang->js_validator_username_length = $lang->sprintf($lang->js_validator_username_length, $mybb->settings['minnamelength'], $mybb->settings['maxnamelength']); 789 } 790 791 if(isset($mybb->input['timezoneoffset'])) 792 { 793 $timezoneoffset = $mybb->get_input('timezoneoffset'); 794 } 795 else 796 { 797 $timezoneoffset = $mybb->settings['timezoneoffset']; 798 } 799 $tzselect = build_timezone_select("timezoneoffset", $timezoneoffset, true); 800 801 $stylelist = build_theme_select("style"); 802 803 if($mybb->settings['usertppoptions']) 804 { 805 $tppoptions = ''; 806 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 807 if(is_array($explodedtpp)) 808 { 809 foreach($explodedtpp as $val) 810 { 811 $val = trim($val); 812 $tpp_option = $lang->sprintf($lang->tpp_option, $val); 813 eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";"); 814 } 815 } 816 eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); 817 } 818 if($mybb->settings['userpppoptions']) 819 { 820 $pppoptions = ''; 821 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 822 if(is_array($explodedppp)) 823 { 824 foreach($explodedppp as $val) 825 { 826 $val = trim($val); 827 $ppp_option = $lang->sprintf($lang->ppp_option, $val); 828 eval("\$pppoptions .= \"".$templates->get("usercp_options_pppselect_option")."\";"); 829 } 830 } 831 eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";"); 832 } 833 if($mybb->settings['usereferrals'] == 1 && !$mybb->user['uid']) 834 { 835 if(isset($mybb->cookies['mybb']['referrer'])) 836 { 837 $query = $db->simple_select("users", "uid,username", "uid='".(int)$mybb->cookies['mybb']['referrer']."'"); 838 $ref = $db->fetch_array($query); 839 $ref['username'] = htmlspecialchars_uni($ref['username']); 840 $referrername = $ref['username']; 841 } 842 elseif(!empty($referrer)) 843 { 844 $query = $db->simple_select("users", "username", "uid='".(int)$referrer['uid']."'"); 845 $ref = $db->fetch_array($query); 846 $ref['username'] = htmlspecialchars_uni($ref['username']); 847 $referrername = $ref['username']; 848 } 849 elseif(!empty($referrername)) 850 { 851 $ref = get_user_by_username($referrername); 852 if(!$ref['uid']) 853 { 854 $errors[] = $lang->error_badreferrer; 855 } 856 } 857 else 858 { 859 $referrername = ''; 860 } 861 if(isset($quickreg)) 862 { 863 $refbg = "trow1"; 864 } 865 else 866 { 867 $refbg = "trow2"; 868 } 869 eval("\$referrer = \"".$templates->get("member_register_referrer")."\";"); 870 } 871 else 872 { 873 $referrer = ''; 874 } 875 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 876 // Custom profile fields baby! 877 $altbg = "trow1"; 878 $requiredfields = $customfields = ''; 879 880 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 881 { 882 $usergroup = 5; 883 } 884 else 885 { 886 $usergroup = 2; 887 } 888 889 $pfcache = $cache->read('profilefields'); 890 891 if(is_array($pfcache)) 892 { 893 $jsvar_reqfields = array(); 894 foreach($pfcache as $profilefield) 895 { 896 if($profilefield['required'] != 1 && $profilefield['registration'] != 1 || !is_member($profilefield['editableby'], array('usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $usergroup))) 897 { 898 continue; 899 } 900 901 $code = $select = $val = $options = $expoptions = $useropts = ''; 902 $seloptions = array(); 903 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 904 $thing = explode("\n", $profilefield['type'], 2); 905 $type = trim($thing[0]); 906 $options = isset($thing[1]) ? $thing[1] : null; 907 $select = ''; 908 $field = "fid{$profilefield['fid']}"; 909 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 910 $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); 911 if(!empty($errors) && isset($mybb->input['profile_fields'][$field])) 912 { 913 $userfield = $mybb->input['profile_fields'][$field]; 914 } 915 else 916 { 917 $userfield = ''; 918 } 919 if($type == "multiselect") 920 { 921 if(!empty($errors)) 922 { 923 $useropts = $userfield; 924 } 925 else 926 { 927 $useropts = explode("\n", $userfield); 928 } 929 if(is_array($useropts)) 930 { 931 foreach($useropts as $key => $val) 932 { 933 $seloptions[$val] = $val; 934 } 935 } 936 $expoptions = explode("\n", $options); 937 if(is_array($expoptions)) 938 { 939 foreach($expoptions as $key => $val) 940 { 941 $val = trim($val); 942 $val = str_replace("\n", "\\n", $val); 943 944 $sel = ""; 945 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 946 { 947 $sel = ' selected="selected"'; 948 } 949 950 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 951 } 952 if(!$profilefield['length']) 953 { 954 $profilefield['length'] = 3; 955 } 956 957 eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";"); 958 } 959 } 960 elseif($type == "select") 961 { 962 $expoptions = explode("\n", $options); 963 if(is_array($expoptions)) 964 { 965 foreach($expoptions as $key => $val) 966 { 967 $val = trim($val); 968 $val = str_replace("\n", "\\n", $val); 969 $sel = ""; 970 if($val == $userfield) 971 { 972 $sel = ' selected="selected"'; 973 } 974 975 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 976 } 977 if(!$profilefield['length']) 978 { 979 $profilefield['length'] = 1; 980 } 981 982 eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";"); 983 } 984 } 985 elseif($type == "radio") 986 { 987 $expoptions = explode("\n", $options); 988 if(is_array($expoptions)) 989 { 990 foreach($expoptions as $key => $val) 991 { 992 $checked = ""; 993 if($val == $userfield) 994 { 995 $checked = 'checked="checked"'; 996 } 997 998 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";"); 999 } 1000 } 1001 } 1002 elseif($type == "checkbox") 1003 { 1004 if(!empty($errors)) 1005 { 1006 $useropts = $userfield; 1007 } 1008 else 1009 { 1010 $useropts = explode("\n", $userfield); 1011 } 1012 if(is_array($useropts)) 1013 { 1014 foreach($useropts as $key => $val) 1015 { 1016 $seloptions[$val] = $val; 1017 } 1018 } 1019 $expoptions = explode("\n", $options); 1020 if(is_array($expoptions)) 1021 { 1022 foreach($expoptions as $key => $val) 1023 { 1024 $checked = ""; 1025 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 1026 { 1027 $checked = 'checked="checked"'; 1028 } 1029 1030 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); 1031 } 1032 } 1033 } 1034 elseif($type == "textarea") 1035 { 1036 $value = htmlspecialchars_uni($userfield); 1037 eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";"); 1038 } 1039 else 1040 { 1041 $value = htmlspecialchars_uni($userfield); 1042 $maxlength = ""; 1043 if($profilefield['maxlength'] > 0) 1044 { 1045 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 1046 } 1047 1048 eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); 1049 } 1050 1051 if($profilefield['required'] == 1) 1052 { 1053 // JS validator extra, choose correct selectors for everything except single select which always has value 1054 if($type != 'select') 1055 { 1056 $jsvar_reqfields[] = array( 1057 'type' => $type, 1058 'fid' => $field, 1059 ); 1060 } 1061 1062 eval("\$requiredfields .= \"".$templates->get("member_register_customfield")."\";"); 1063 } 1064 else 1065 { 1066 eval("\$customfields .= \"".$templates->get("member_register_customfield")."\";"); 1067 } 1068 } 1069 1070 if($requiredfields) 1071 { 1072 eval("\$requiredfields = \"".$templates->get("member_register_requiredfields")."\";"); 1073 } 1074 1075 if($customfields) 1076 { 1077 eval("\$customfields = \"".$templates->get("member_register_additionalfields")."\";"); 1078 } 1079 } 1080 1081 if(!isset($fromreg) || $fromreg == 0) 1082 { 1083 $allownoticescheck = "checked=\"checked\""; 1084 $hideemailcheck = ''; 1085 $receivepmscheck = "checked=\"checked\""; 1086 $pmnoticecheck = " checked=\"checked\""; 1087 $pmnotifycheck = ''; 1088 $invisiblecheck = ''; 1089 if($mybb->settings['dstcorrection'] == 1) 1090 { 1091 $enabledstcheck = "checked=\"checked\""; 1092 } 1093 $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 1094 $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 1095 $username = $email = $email2 = ''; 1096 $regerrors = ''; 1097 } 1098 // Spambot registration image thingy 1099 $captcha_html = 0; 1100 $regimage = ''; 1101 if($mybb->settings['captchaimage']) 1102 { 1103 require_once MYBB_ROOT.'inc/class_captcha.php'; 1104 $captcha = new captcha(true, "member_register_regimage"); 1105 1106 if($captcha->html) 1107 { 1108 $captcha_html = 1; 1109 $regimage = $captcha->html; 1110 } 1111 } 1112 1113 // Security Question 1114 $questionbox = ''; 1115 $question_exists = 0; 1116 if($mybb->settings['securityquestion']) 1117 { 1118 $sid = generate_question(); 1119 $query = $db->query(" 1120 SELECT q.question, s.sid 1121 FROM ".TABLE_PREFIX."questionsessions s 1122 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 1123 WHERE q.active='1' AND s.sid='{$sid}' 1124 "); 1125 if($db->num_rows($query) > 0) 1126 { 1127 $question_exists = 1; 1128 $question = $db->fetch_array($query); 1129 1130 //Set parser options for security question 1131 $parser_options = array( 1132 "allow_html" => 0, 1133 "allow_mycode" => 1, 1134 "allow_smilies" => 1, 1135 "allow_imgcode" => 1, 1136 "allow_videocode" => 1, 1137 "filter_badwords" => 1, 1138 "me_username" => 0, 1139 "shorten_urls" => 0, 1140 "highlight" => 0, 1141 ); 1142 1143 //Parse question 1144 $question['question'] = $parser->parse_message($question['question'], $parser_options); 1145 $question['sid'] = htmlspecialchars_uni($question['sid']); 1146 1147 $refresh = ''; 1148 // Total questions 1149 $q = $db->simple_select('questions', 'COUNT(qid) as num', 'active=1'); 1150 $num = $db->fetch_field($q, 'num'); 1151 if($num > 1) 1152 { 1153 eval("\$refresh = \"".$templates->get("member_register_question_refresh")."\";"); 1154 } 1155 1156 eval("\$questionbox = \"".$templates->get("member_register_question")."\";"); 1157 } 1158 } 1159 1160 $hiddencaptcha = ''; 1161 // Hidden CAPTCHA for Spambots 1162 if($mybb->settings['hiddencaptchaimage']) 1163 { 1164 $captcha_field = $mybb->settings['hiddencaptchaimagefield']; 1165 1166 eval("\$hiddencaptcha = \"".$templates->get("member_register_hiddencaptcha")."\";"); 1167 } 1168 if($mybb->settings['regtype'] != "randompass") 1169 { 1170 // JS validator extra 1171 $lang->js_validator_password_length = $lang->sprintf($lang->js_validator_password_length, $mybb->settings['minpasswordlength']); 1172 1173 // See if the board has "require complex passwords" enabled. 1174 if($mybb->settings['requirecomplexpasswords'] == 1) 1175 { 1176 $lang->password = $lang->complex_password = $lang->sprintf($lang->complex_password, $mybb->settings['minpasswordlength']); 1177 } 1178 eval("\$passboxes = \"".$templates->get("member_register_password")."\";"); 1179 } 1180 1181 $languages = $lang->get_languages(); 1182 $langoptions = $boardlanguage = ''; 1183 if(count($languages) > 1) 1184 { 1185 foreach($languages as $name => $language) 1186 { 1187 $language = htmlspecialchars_uni($language); 1188 1189 $sel = ''; 1190 if($mybb->get_input('language') == $name) 1191 { 1192 $sel = " selected=\"selected\""; 1193 } 1194 1195 eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";'); 1196 } 1197 1198 eval('$boardlanguage = "'.$templates->get('member_register_language').'";'); 1199 } 1200 1201 // Set the time so we can find automated signups 1202 $time = TIME_NOW; 1203 1204 $plugins->run_hooks("member_register_end"); 1205 1206 $jsvar_reqfields = json_encode($jsvar_reqfields); 1207 1208 $validator_javascript = "<script type=\"text/javascript\"> 1209 var regsettings = { 1210 requiredfields: '{$jsvar_reqfields}', 1211 minnamelength: '{$mybb->settings['minnamelength']}', 1212 maxnamelength: '{$mybb->settings['maxnamelength']}', 1213 minpasswordlength: '{$mybb->settings['minpasswordlength']}', 1214 captchaimage: '{$mybb->settings['captchaimage']}', 1215 captchahtml: '{$captcha_html}', 1216 securityquestion: '{$mybb->settings['securityquestion']}', 1217 questionexists: '{$question_exists}', 1218 requirecomplexpasswords: '{$mybb->settings['requirecomplexpasswords']}', 1219 regtype: '{$mybb->settings['regtype']}', 1220 hiddencaptchaimage: '{$mybb->settings['hiddencaptchaimage']}' 1221 }; 1222 1223 lang.js_validator_no_username = '{$lang->js_validator_no_username}'; 1224 lang.js_validator_username_length = '{$lang->js_validator_username_length}'; 1225 lang.js_validator_invalid_email = '{$lang->js_validator_invalid_email}'; 1226 lang.js_validator_email_match = '{$lang->js_validator_email_match}'; 1227 lang.js_validator_not_empty = '{$lang->js_validator_not_empty}'; 1228 lang.js_validator_password_length = '{$lang->js_validator_password_length}'; 1229 lang.js_validator_password_matches = '{$lang->js_validator_password_matches}'; 1230 lang.js_validator_no_image_text = '{$lang->js_validator_no_image_text}'; 1231 lang.js_validator_no_security_question = '{$lang->js_validator_no_security_question}'; 1232 lang.js_validator_bad_password_security = '{$lang->js_validator_bad_password_security}'; 1233 </script>\n"; 1234 1235 eval("\$registration = \"".$templates->get("member_register")."\";"); 1236 output_page($registration); 1237 } 1238 } 1239 1240 if($mybb->input['action'] == "activate") 1241 { 1242 $plugins->run_hooks("member_activate_start"); 1243 1244 if(isset($mybb->input['username'])) 1245 { 1246 $mybb->input['username'] = $mybb->get_input('username'); 1247 $options = array( 1248 'username_method' => $mybb->settings['username_method'], 1249 'fields' => '*', 1250 ); 1251 $user = get_user_by_username($mybb->input['username'], $options); 1252 if(!$user) 1253 { 1254 switch($mybb->settings['username_method']) 1255 { 1256 case 0: 1257 error($lang->error_invalidpworusername); 1258 break; 1259 case 1: 1260 error($lang->error_invalidpworusername1); 1261 break; 1262 case 2: 1263 error($lang->error_invalidpworusername2); 1264 break; 1265 default: 1266 error($lang->error_invalidpworusername); 1267 break; 1268 } 1269 } 1270 $uid = $user['uid']; 1271 } 1272 else 1273 { 1274 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1275 } 1276 if(isset($mybb->input['code']) && $user) 1277 { 1278 $query = $db->simple_select("awaitingactivation", "*", "uid='".$user['uid']."' AND (type='r' OR type='e' OR type='b')"); 1279 $activation = $db->fetch_array($query); 1280 if(!$activation['uid']) 1281 { 1282 error($lang->error_alreadyactivated); 1283 } 1284 if($activation['code'] !== $mybb->get_input('code')) 1285 { 1286 error($lang->error_badactivationcode); 1287 } 1288 1289 if($activation['type'] == "b" && $activation['validated'] == 1) 1290 { 1291 error($lang->error_alreadyvalidated); 1292 } 1293 1294 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND (type='r' OR type='e')"); 1295 1296 if($user['usergroup'] == 5 && $activation['type'] != "e" && $activation['type'] != "b") 1297 { 1298 $db->update_query("users", array("usergroup" => 2), "uid='".$user['uid']."'"); 1299 1300 $cache->update_awaitingactivation(); 1301 } 1302 if($activation['type'] == "e") 1303 { 1304 $newemail = array( 1305 "email" => $db->escape_string($activation['misc']), 1306 ); 1307 $db->update_query("users", $newemail, "uid='".$user['uid']."'"); 1308 $plugins->run_hooks("member_activate_emailupdated"); 1309 1310 redirect("usercp.php", $lang->redirect_emailupdated); 1311 } 1312 elseif($activation['type'] == "b") 1313 { 1314 $update = array( 1315 "validated" => 1, 1316 ); 1317 $db->update_query("awaitingactivation", $update, "uid='".$user['uid']."' AND type='b'"); 1318 $plugins->run_hooks("member_activate_emailactivated"); 1319 1320 redirect("index.php", $lang->redirect_accountactivated_admin, "", true); 1321 } 1322 else 1323 { 1324 $plugins->run_hooks("member_activate_accountactivated"); 1325 1326 redirect("index.php", $lang->redirect_accountactivated); 1327 } 1328 } 1329 else 1330 { 1331 $plugins->run_hooks("member_activate_form"); 1332 1333 $code = htmlspecialchars_uni($mybb->get_input('code')); 1334 1335 if(!isset($user['username'])) 1336 { 1337 $user['username'] = ''; 1338 } 1339 $user['username'] = htmlspecialchars_uni($user['username']); 1340 1341 eval("\$activate = \"".$templates->get("member_activate")."\";"); 1342 output_page($activate); 1343 } 1344 } 1345 1346 if($mybb->input['action'] == "do_resendactivation" && $mybb->request_method == "post") 1347 { 1348 $plugins->run_hooks("member_do_resendactivation_start"); 1349 1350 if($mybb->settings['regtype'] == "admin") 1351 { 1352 error($lang->error_activated_by_admin); 1353 } 1354 1355 $errors = array(); 1356 1357 if($mybb->settings['captchaimage']) 1358 { 1359 require_once MYBB_ROOT.'inc/class_captcha.php'; 1360 $captcha = new captcha; 1361 1362 if($captcha->validate_captcha() == false) 1363 { 1364 // CAPTCHA validation failed 1365 foreach($captcha->get_errors() as $error) 1366 { 1367 $errors[] = $error; 1368 } 1369 } 1370 } 1371 1372 $query = $db->query(" 1373 SELECT u.uid, u.username, u.usergroup, u.email, a.code, a.type, a.validated 1374 FROM ".TABLE_PREFIX."users u 1375 LEFT JOIN ".TABLE_PREFIX."awaitingactivation a ON (a.uid=u.uid AND (a.type='r' OR a.type='b')) 1376 WHERE u.email='".$db->escape_string($mybb->get_input('email'))."' 1377 "); 1378 $numusers = $db->num_rows($query); 1379 if($numusers < 1) 1380 { 1381 error($lang->error_invalidemail); 1382 } 1383 else 1384 { 1385 if(count($errors) == 0) 1386 { 1387 while($user = $db->fetch_array($query)) 1388 { 1389 if($user['type'] == "b" && $user['validated'] == 1) 1390 { 1391 error($lang->error_activated_by_admin); 1392 } 1393 1394 if($user['usergroup'] == 5) 1395 { 1396 if(!$user['code']) 1397 { 1398 $user['code'] = random_str(); 1399 $uid = $user['uid']; 1400 $awaitingarray = array( 1401 "uid" => $uid, 1402 "dateline" => TIME_NOW, 1403 "code" => $user['code'], 1404 "type" => $user['type'] 1405 ); 1406 $db->insert_query("awaitingactivation", $awaitingarray); 1407 } 1408 $username = $user['username']; 1409 $email = $user['email']; 1410 $activationcode = $user['code']; 1411 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 1412 switch($mybb->settings['username_method']) 1413 { 1414 case 0: 1415 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1416 break; 1417 case 1: 1418 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1419 break; 1420 case 2: 1421 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1422 break; 1423 default: 1424 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1425 break; 1426 } 1427 my_mail($email, $emailsubject, $emailmessage); 1428 } 1429 } 1430 1431 $plugins->run_hooks("member_do_resendactivation_end"); 1432 1433 redirect("index.php", $lang->redirect_activationresent); 1434 } 1435 else 1436 { 1437 $mybb->input['action'] = "resendactivation"; 1438 } 1439 } 1440 } 1441 1442 if($mybb->input['action'] == "resendactivation") 1443 { 1444 $plugins->run_hooks("member_resendactivation"); 1445 1446 if($mybb->settings['regtype'] == "admin") 1447 { 1448 error($lang->error_activated_by_admin); 1449 } 1450 1451 if($mybb->user['uid'] && $mybb->user['usergroup'] != 5) 1452 { 1453 error($lang->error_alreadyactivated); 1454 } 1455 1456 $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND type='b'"); 1457 $activation = $db->fetch_array($query); 1458 1459 if($activation['validated'] == 1) 1460 { 1461 error($lang->error_activated_by_admin); 1462 } 1463 1464 $captcha = ''; 1465 // Generate CAPTCHA? 1466 if($mybb->settings['captchaimage']) 1467 { 1468 require_once MYBB_ROOT.'inc/class_captcha.php'; 1469 $post_captcha = new captcha(true, "post_captcha"); 1470 1471 if($post_captcha->html) 1472 { 1473 $captcha = $post_captcha->html; 1474 } 1475 } 1476 1477 if(isset($errors) && count($errors) > 0) 1478 { 1479 $errors = inline_error($errors); 1480 $email = htmlspecialchars_uni($mybb->get_input('email')); 1481 } 1482 else 1483 { 1484 $errors = ''; 1485 $email = ''; 1486 } 1487 1488 $plugins->run_hooks("member_resendactivation_end"); 1489 1490 eval("\$activate = \"".$templates->get("member_resendactivation")."\";"); 1491 output_page($activate); 1492 } 1493 1494 if($mybb->input['action'] == "do_lostpw" && $mybb->request_method == "post") 1495 { 1496 $plugins->run_hooks("member_do_lostpw_start"); 1497 1498 $errors = array(); 1499 1500 if($mybb->settings['captchaimage']) 1501 { 1502 require_once MYBB_ROOT.'inc/class_captcha.php'; 1503 $captcha = new captcha; 1504 1505 if($captcha->validate_captcha() == false) 1506 { 1507 // CAPTCHA validation failed 1508 foreach($captcha->get_errors() as $error) 1509 { 1510 $errors[] = $error; 1511 } 1512 } 1513 } 1514 1515 $query = $db->simple_select("users", "*", "email='".$db->escape_string($mybb->get_input('email'))."'"); 1516 $numusers = $db->num_rows($query); 1517 if($numusers < 1) 1518 { 1519 error($lang->error_invalidemail); 1520 } 1521 else 1522 { 1523 if(count($errors) == 0) 1524 { 1525 while($user = $db->fetch_array($query)) 1526 { 1527 $db->delete_query("awaitingactivation", "uid='{$user['uid']}' AND type='p'"); 1528 $user['activationcode'] = random_str(30); 1529 $now = TIME_NOW; 1530 $uid = $user['uid']; 1531 $awaitingarray = array( 1532 "uid" => $user['uid'], 1533 "dateline" => TIME_NOW, 1534 "code" => $user['activationcode'], 1535 "type" => "p" 1536 ); 1537 $db->insert_query("awaitingactivation", $awaitingarray); 1538 $username = $user['username']; 1539 $email = $user['email']; 1540 $activationcode = $user['activationcode']; 1541 $emailsubject = $lang->sprintf($lang->emailsubject_lostpw, $mybb->settings['bbname']); 1542 switch($mybb->settings['username_method']) 1543 { 1544 case 0: 1545 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1546 break; 1547 case 1: 1548 $emailmessage = $lang->sprintf($lang->email_lostpw1, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1549 break; 1550 case 2: 1551 $emailmessage = $lang->sprintf($lang->email_lostpw2, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1552 break; 1553 default: 1554 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1555 break; 1556 } 1557 my_mail($email, $emailsubject, $emailmessage); 1558 } 1559 1560 $plugins->run_hooks("member_do_lostpw_end"); 1561 1562 redirect("index.php", $lang->redirect_lostpwsent, "", true); 1563 } 1564 else 1565 { 1566 $mybb->input['action'] = "lostpw"; 1567 } 1568 } 1569 } 1570 1571 if($mybb->input['action'] == "lostpw") 1572 { 1573 $plugins->run_hooks("member_lostpw"); 1574 1575 $captcha = ''; 1576 // Generate CAPTCHA? 1577 if($mybb->settings['captchaimage']) 1578 { 1579 require_once MYBB_ROOT.'inc/class_captcha.php'; 1580 $post_captcha = new captcha(true, "post_captcha"); 1581 1582 if($post_captcha->html) 1583 { 1584 $captcha = $post_captcha->html; 1585 } 1586 } 1587 1588 if(isset($errors) && count($errors) > 0) 1589 { 1590 $errors = inline_error($errors); 1591 $email = htmlspecialchars_uni($mybb->get_input('email')); 1592 } 1593 else 1594 { 1595 $errors = ''; 1596 $email = ''; 1597 } 1598 1599 eval("\$lostpw = \"".$templates->get("member_lostpw")."\";"); 1600 output_page($lostpw); 1601 } 1602 1603 if($mybb->input['action'] == "resetpassword") 1604 { 1605 $plugins->run_hooks("member_resetpassword_start"); 1606 1607 if(isset($mybb->input['username'])) 1608 { 1609 $mybb->input['username'] = $mybb->get_input('username'); 1610 $options = array( 1611 'username_method' => $mybb->settings['username_method'], 1612 'fields' => '*', 1613 ); 1614 $user = get_user_by_username($mybb->input['username'], $options); 1615 if(!$user) 1616 { 1617 switch($mybb->settings['username_method']) 1618 { 1619 case 0: 1620 error($lang->error_invalidpworusername); 1621 break; 1622 case 1: 1623 error($lang->error_invalidpworusername1); 1624 break; 1625 case 2: 1626 error($lang->error_invalidpworusername2); 1627 break; 1628 default: 1629 error($lang->error_invalidpworusername); 1630 break; 1631 } 1632 } 1633 } 1634 else 1635 { 1636 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1637 } 1638 1639 if(isset($mybb->input['code']) && $user) 1640 { 1641 $query = $db->simple_select("awaitingactivation", "code", "uid='".$user['uid']."' AND type='p'"); 1642 $activationcode = $db->fetch_field($query, 'code'); 1643 $now = TIME_NOW; 1644 if(!$activationcode || $activationcode !== $mybb->get_input('code')) 1645 { 1646 error($lang->error_badlostpwcode); 1647 } 1648 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND type='p'"); 1649 $username = $user['username']; 1650 1651 // Generate a new password, then update it 1652 $password_length = (int)$mybb->settings['minpasswordlength']; 1653 1654 if($password_length < 8) 1655 { 1656 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 1657 } 1658 1659 // Set up user handler. 1660 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1661 $userhandler = new UserDataHandler('update'); 1662 1663 while(!$userhandler->verify_password()) 1664 { 1665 $password = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 1666 1667 $userhandler->set_data(array( 1668 'uid' => $user['uid'], 1669 'username' => $user['username'], 1670 'email' => $user['email'], 1671 'password' => $password 1672 )); 1673 1674 $userhandler->set_validated(true); 1675 $userhandler->errors = array(); 1676 } 1677 1678 $userhandler->update_user(); 1679 1680 $logindetails = array( 1681 'salt' => $userhandler->data['salt'], 1682 'password' => $userhandler->data['saltedpw'], 1683 'loginkey' => $userhandler->data['loginkey'], 1684 ); 1685 1686 $email = $user['email']; 1687 1688 $plugins->run_hooks("member_resetpassword_process"); 1689 1690 $emailsubject = $lang->sprintf($lang->emailsubject_passwordreset, $mybb->settings['bbname']); 1691 $emailmessage = $lang->sprintf($lang->email_passwordreset, $username, $mybb->settings['bbname'], $password); 1692 my_mail($email, $emailsubject, $emailmessage); 1693 1694 $plugins->run_hooks("member_resetpassword_reset"); 1695 1696 error($lang->redirect_passwordreset); 1697 } 1698 else 1699 { 1700 $plugins->run_hooks("member_resetpassword_form"); 1701 1702 switch($mybb->settings['username_method']) 1703 { 1704 case 0: 1705 $lang_username = $lang->username; 1706 break; 1707 case 1: 1708 $lang_username = $lang->username1; 1709 break; 1710 case 2: 1711 $lang_username = $lang->username2; 1712 break; 1713 default: 1714 $lang_username = $lang->username; 1715 break; 1716 } 1717 1718 $code = htmlspecialchars_uni($mybb->get_input('code')); 1719 1720 $input_username = htmlspecialchars_uni($mybb->get_input('username')); 1721 1722 eval("\$activate = \"".$templates->get("member_resetpassword")."\";"); 1723 output_page($activate); 1724 } 1725 } 1726 1727 $do_captcha = $correct = false; 1728 $inline_errors = ""; 1729 if($mybb->input['action'] == "do_login" && $mybb->request_method == "post") 1730 { 1731 verify_post_check($mybb->get_input('my_post_key')); 1732 1733 $errors = array(); 1734 1735 $plugins->run_hooks("member_do_login_start"); 1736 1737 require_once MYBB_ROOT."inc/datahandlers/login.php"; 1738 $loginhandler = new LoginDataHandler("get"); 1739 1740 if($mybb->get_input('quick_password') && $mybb->get_input('quick_username')) 1741 { 1742 $mybb->input['password'] = $mybb->get_input('quick_password'); 1743 $mybb->input['username'] = $mybb->get_input('quick_username'); 1744 $mybb->input['remember'] = $mybb->get_input('quick_remember'); 1745 } 1746 1747 $user = array( 1748 'username' => $mybb->get_input('username'), 1749 'password' => $mybb->get_input('password'), 1750 'remember' => $mybb->get_input('remember'), 1751 'imagestring' => $mybb->get_input('imagestring') 1752 ); 1753 1754 $options = array( 1755 'fields' => 'loginattempts', 1756 'username_method' => (int)$mybb->settings['username_method'], 1757 ); 1758 1759 $user_loginattempts = get_user_by_username($user['username'], $options); 1760 if(!empty($user_loginattempts)) 1761 { 1762 $user['loginattempts'] = (int)$user_loginattempts['loginattempts']; 1763 } 1764 1765 $loginhandler->set_data($user); 1766 $validated = $loginhandler->validate_login(); 1767 1768 if(!$validated) 1769 { 1770 $mybb->input['action'] = "login"; 1771 $mybb->request_method = "get"; 1772 1773 $login_user_uid = 0; 1774 if(!empty($loginhandler->login_data)) 1775 { 1776 $login_user_uid = (int)$loginhandler->login_data['uid']; 1777 $user['loginattempts'] = (int)$loginhandler->login_data['loginattempts']; 1778 } 1779 1780 // Is a fatal call if user has had too many tries 1781 $logins = login_attempt_check($login_user_uid); 1782 1783 $db->update_query("users", array('loginattempts' => 'loginattempts+1'), "uid='".$login_user_uid."'", 1, true); 1784 1785 $errors = $loginhandler->get_friendly_errors(); 1786 1787 // If we need a captcha set it here 1788 if( 1789 $mybb->settings['failedcaptchalogincount'] > 0 && 1790 ( 1791 ( 1792 isset($user['loginattempts']) && 1793 $user['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1794 ) || 1795 ( 1796 isset($mybb->cookies['loginattempts']) && 1797 (int)$mybb->cookies['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1798 ) 1799 ) 1800 ) 1801 { 1802 $do_captcha = true; 1803 $correct = $loginhandler->captcha_verified; 1804 } 1805 } 1806 else if($validated && $loginhandler->captcha_verified == true) 1807 { 1808 // Successful login 1809 if($loginhandler->login_data['coppauser']) 1810 { 1811 error($lang->error_awaitingcoppa); 1812 } 1813 1814 $loginhandler->complete_login(); 1815 1816 $plugins->run_hooks("member_do_login_end"); 1817 1818 $mybb->input['url'] = $mybb->get_input('url'); 1819 1820 if(!empty($mybb->input['url']) && my_strpos(basename($mybb->input['url']), 'member.php') === false && !preg_match('#^javascript:#i', $mybb->input['url'])) 1821 { 1822 if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) 1823 { 1824 $mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']); 1825 } 1826 1827 $mybb->input['url'] = str_replace('&', '&', $mybb->input['url']); 1828 1829 if(my_strpos($mybb->input['url'], $mybb->settings['bburl'].'/') !== 0) 1830 { 1831 if(my_strpos($mybb->input['url'], '/') === 0) 1832 { 1833 $mybb->input['url'] = my_substr($mybb->input['url'], 1); 1834 } 1835 $url_segments = explode('/', $mybb->input['url']); 1836 $mybb->input['url'] = $mybb->settings['bburl'].'/'.end($url_segments); 1837 } 1838 1839 // Redirect to the URL if it is not member.php 1840 redirect($mybb->input['url'], $lang->redirect_loggedin); 1841 } 1842 else 1843 { 1844 1845 redirect("index.php", $lang->redirect_loggedin); 1846 } 1847 } 1848 1849 $plugins->run_hooks("member_do_login_end"); 1850 } 1851 1852 if($mybb->input['action'] == "login") 1853 { 1854 $plugins->run_hooks("member_login"); 1855 1856 $member_loggedin_notice = ""; 1857 if($mybb->user['uid'] != 0) 1858 { 1859 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 1860 $lang->already_logged_in = $lang->sprintf($lang->already_logged_in, build_profile_link($mybb->user['username'], $mybb->user['uid'])); 1861 eval("\$member_loggedin_notice = \"".$templates->get("member_loggedin_notice")."\";"); 1862 } 1863 1864 // Checks to make sure the user can login; they haven't had too many tries at logging in. 1865 // Is a fatal call if user has had too many tries. This particular check uses cookies, as a uid is not set yet 1866 // and we can't check loginattempts in the db 1867 login_attempt_check(); 1868 1869 // Redirect to the page where the user came from, but not if that was the login page. 1870 if(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], "action=login") === false) 1871 { 1872 $redirect_url = htmlentities($_SERVER['HTTP_REFERER']); 1873 } 1874 else 1875 { 1876 $redirect_url = ''; 1877 } 1878 1879 $captcha = ''; 1880 // Show captcha image for guests if enabled and only if we have to do 1881 if($mybb->settings['captchaimage'] && $do_captcha == true) 1882 { 1883 require_once MYBB_ROOT.'inc/class_captcha.php'; 1884 $login_captcha = new captcha(false, "post_captcha"); 1885 1886 if($login_captcha->type == captcha::DEFAULT_CAPTCHA) 1887 { 1888 if(!$correct) 1889 { 1890 $login_captcha->build_captcha(); 1891 } 1892 else 1893 { 1894 $captcha = $login_captcha->build_hidden_captcha(); 1895 } 1896 } 1897 elseif(in_array($login_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3))) 1898 { 1899 $login_captcha->build_recaptcha(); 1900 } 1901 elseif(in_array($login_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE))) 1902 { 1903 $login_captcha->build_hcaptcha(); 1904 } 1905 1906 if($login_captcha->html) 1907 { 1908 $captcha = $login_captcha->html; 1909 } 1910 } 1911 1912 $username = ""; 1913 $password = ""; 1914 if(isset($mybb->input['username']) && $mybb->request_method == "post") 1915 { 1916 $username = htmlspecialchars_uni($mybb->get_input('username')); 1917 } 1918 1919 if(isset($mybb->input['password']) && $mybb->request_method == "post") 1920 { 1921 $password = htmlspecialchars_uni($mybb->get_input('password')); 1922 } 1923 1924 if(!empty($errors)) 1925 { 1926 $mybb->input['action'] = "login"; 1927 $mybb->request_method = "get"; 1928 1929 $inline_errors = inline_error($errors); 1930 } 1931 1932 switch($mybb->settings['username_method']) 1933 { 1934 case 1: 1935 $lang->username = $lang->username1; 1936 break; 1937 case 2: 1938 $lang->username = $lang->username2; 1939 break; 1940 default: 1941 break; 1942 } 1943 1944 $plugins->run_hooks("member_login_end"); 1945 1946 eval("\$login = \"".$templates->get("member_login")."\";"); 1947 output_page($login); 1948 } 1949 1950 if($mybb->input['action'] == "logout") 1951 { 1952 $plugins->run_hooks("member_logout_start"); 1953 1954 if(!$mybb->user['uid']) 1955 { 1956 redirect("index.php", $lang->redirect_alreadyloggedout); 1957 } 1958 1959 // Check session ID if we have one 1960 if(isset($mybb->input['sid']) && $mybb->get_input('sid') !== $session->sid) 1961 { 1962 error($lang->error_notloggedout); 1963 } 1964 // Otherwise, check logoutkey 1965 else if(!isset($mybb->input['sid']) && $mybb->get_input('logoutkey') !== $mybb->user['logoutkey']) 1966 { 1967 error($lang->error_notloggedout); 1968 } 1969 1970 my_unsetcookie("mybbuser"); 1971 my_unsetcookie("sid"); 1972 1973 if($mybb->user['uid']) 1974 { 1975 $time = TIME_NOW; 1976 // Run this after the shutdown query from session system 1977 $db->shutdown_query("UPDATE ".TABLE_PREFIX."users SET lastvisit='{$time}', lastactive='{$time}' WHERE uid='{$mybb->user['uid']}'"); 1978 $db->delete_query("sessions", "sid = '{$session->sid}'"); 1979 } 1980 1981 $plugins->run_hooks("member_logout_end"); 1982 1983 redirect("index.php", $lang->redirect_loggedout); 1984 } 1985 1986 if($mybb->input['action'] == "viewnotes") 1987 { 1988 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 1989 $user = get_user($uid); 1990 1991 // Make sure we are looking at a real user here. 1992 if(!$user) 1993 { 1994 error($lang->error_nomember); 1995 } 1996 1997 if($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) 1998 { 1999 error_no_permission(); 2000 } 2001 2002 $user['username'] = htmlspecialchars_uni($user['username']); 2003 $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $user['username']); 2004 2005 $user['usernotes'] = nl2br(htmlspecialchars_uni($user['usernotes'])); 2006 2007 $plugins->run_hooks('member_viewnotes'); 2008 2009 eval("\$viewnotes = \"".$templates->get("member_viewnotes", 1, 0)."\";"); 2010 echo $viewnotes; 2011 exit; 2012 } 2013 2014 if($mybb->input['action'] == "profile") 2015 { 2016 if($mybb->usergroup['canviewprofiles'] == 0) 2017 { 2018 error_no_permission(); 2019 } 2020 2021 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 2022 if($uid) 2023 { 2024 $memprofile = get_user($uid); 2025 } 2026 elseif($mybb->user['uid']) 2027 { 2028 $memprofile = $mybb->user; 2029 } 2030 else 2031 { 2032 $memprofile = false; 2033 } 2034 2035 if(!$memprofile) 2036 { 2037 error($lang->error_nomember); 2038 } 2039 2040 $uid = $memprofile['uid']; 2041 2042 $plugins->run_hooks("member_profile_start"); 2043 2044 $me_username = $memprofile['username']; 2045 $memprofile['username'] = htmlspecialchars_uni($memprofile['username']); 2046 $lang->profile = $lang->sprintf($lang->profile, $memprofile['username']); 2047 2048 // Get member's permissions 2049 $memperms = user_permissions($memprofile['uid']); 2050 2051 // Set display group 2052 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 2053 2054 if(!$memprofile['displaygroup']) 2055 { 2056 $memprofile['displaygroup'] = $memprofile['usergroup']; 2057 } 2058 2059 $displaygroup = usergroup_displaygroup($memprofile['displaygroup']); 2060 if(is_array($displaygroup)) 2061 { 2062 $memperms = array_merge($memperms, $displaygroup); 2063 } 2064 2065 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $memprofile['username']); 2066 add_breadcrumb($lang->nav_profile); 2067 2068 $lang->users_forum_info = $lang->sprintf($lang->users_forum_info, $memprofile['username']); 2069 $lang->users_contact_details = $lang->sprintf($lang->users_contact_details, $memprofile['username']); 2070 $lang->send_pm = $lang->sprintf($lang->send_pm, $memprofile['username']); 2071 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2072 $lang->users_additional_info = $lang->sprintf($lang->users_additional_info, $memprofile['username']); 2073 $lang->users_signature = $lang->sprintf($lang->users_signature, $memprofile['username']); 2074 $lang->send_user_email = $lang->sprintf($lang->send_user_email, $memprofile['username']); 2075 2076 $useravatar = format_avatar($memprofile['avatar'], $memprofile['avatardimensions']); 2077 eval("\$avatar = \"".$templates->get("member_profile_avatar")."\";"); 2078 2079 $website = $sendemail = $sendpm = $contact_details = ''; 2080 2081 if(my_validate_url($memprofile['website']) && !is_member($mybb->settings['hidewebsite']) && $memperms['canchangewebsite'] == 1) 2082 { 2083 $memprofile['website'] = htmlspecialchars_uni($memprofile['website']); 2084 $bgcolor = alt_trow(); 2085 eval("\$website = \"".$templates->get("member_profile_website")."\";"); 2086 } 2087 2088 if($mybb->usergroup['cansendemail'] == 1 && $uid != $mybb->user['uid'] && $memprofile['hideemail'] != 1 && (my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false || $mybb->usergroup['cansendemailoverride'] != 0)) 2089 { 2090 $bgcolor = alt_trow(); 2091 eval("\$sendemail = \"".$templates->get("member_profile_email")."\";"); 2092 } 2093 2094 if($mybb->settings['enablepms'] != 0 && $uid != $mybb->user['uid'] && $mybb->usergroup['canusepms'] == 1 && (($memprofile['receivepms'] != 0 && $memperms['canusepms'] != 0 && my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false) || $mybb->usergroup['canoverridepm'] == 1)) 2095 { 2096 $bgcolor = alt_trow(); 2097 eval('$sendpm = "'.$templates->get("member_profile_pm").'";'); 2098 } 2099 2100 $contact_fields = array(); 2101 $any_contact_field = false; 2102 foreach(array('icq', 'skype', 'google') as $field) 2103 { 2104 $contact_fields[$field] = ''; 2105 $settingkey = 'allow'.$field.'field'; 2106 2107 if(!empty($memprofile[$field]) && is_member($mybb->settings[$settingkey], array('usergroup' => $memprofile['usergroup'], 'additionalgroups' => $memprofile['additionalgroups']))) 2108 { 2109 $any_contact_field = true; 2110 2111 if($field == 'icq') 2112 { 2113 $memprofile[$field] = (int)$memprofile[$field]; 2114 } 2115 else 2116 { 2117 $memprofile[$field] = htmlspecialchars_uni($memprofile[$field]); 2118 } 2119 $tmpl = 'member_profile_contact_fields_'.$field; 2120 2121 $bgcolors[$field] = alt_trow(); 2122 eval('$contact_fields[\''.$field.'\'] = "'.$templates->get($tmpl).'";'); 2123 } 2124 } 2125 2126 if($any_contact_field || $sendemail || $sendpm || $website) 2127 { 2128 eval('$contact_details = "'.$templates->get("member_profile_contact_details").'";'); 2129 } 2130 2131 $signature = ''; 2132 if($memprofile['signature'] && ($memprofile['suspendsignature'] == 0 || $memprofile['suspendsigtime'] < TIME_NOW) && !is_member($mybb->settings['hidesignatures']) && $memperms['canusesig'] && $memperms['canusesigxposts'] <= $memprofile['postnum']) 2133 { 2134 $sig_parser = array( 2135 "allow_html" => $mybb->settings['sightml'], 2136 "allow_mycode" => $mybb->settings['sigmycode'], 2137 "allow_smilies" => $mybb->settings['sigsmilies'], 2138 "allow_imgcode" => $mybb->settings['sigimgcode'], 2139 "me_username" => $me_username, 2140 "filter_badwords" => 1 2141 ); 2142 2143 if($memperms['signofollow']) 2144 { 2145 $sig_parser['nofollow_on'] = 1; 2146 } 2147 2148 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2149 { 2150 $sig_parser['allow_imgcode'] = 0; 2151 } 2152 2153 $memprofile['signature'] = $parser->parse_message($memprofile['signature'], $sig_parser); 2154 eval("\$signature = \"".$templates->get("member_profile_signature")."\";"); 2155 } 2156 2157 $daysreg = (TIME_NOW - $memprofile['regdate']) / (24*3600); 2158 2159 if($daysreg < 1) 2160 { 2161 $daysreg = 1; 2162 } 2163 2164 $stats = $cache->read("stats"); 2165 2166 // Format post count, per day count and percent of total 2167 $ppd = $memprofile['postnum'] / $daysreg; 2168 $ppd = round($ppd, 2); 2169 if($ppd > $memprofile['postnum']) 2170 { 2171 $ppd = $memprofile['postnum']; 2172 } 2173 2174 $numposts = $stats['numposts']; 2175 if($numposts == 0) 2176 { 2177 $post_percent = "0"; 2178 } 2179 else 2180 { 2181 $post_percent = $memprofile['postnum']*100/$numposts; 2182 $post_percent = round($post_percent, 2); 2183 } 2184 2185 if($post_percent > 100) 2186 { 2187 $post_percent = 100; 2188 } 2189 2190 // Format thread count, per day count and percent of total 2191 $tpd = $memprofile['threadnum'] / $daysreg; 2192 $tpd = round($tpd, 2); 2193 if($tpd > $memprofile['threadnum']) 2194 { 2195 $tpd = $memprofile['threadnum']; 2196 } 2197 2198 $numthreads = $stats['numthreads']; 2199 if($numthreads == 0) 2200 { 2201 $thread_percent = "0"; 2202 } 2203 else 2204 { 2205 $thread_percent = $memprofile['threadnum']*100/$numthreads; 2206 $thread_percent = round($thread_percent, 2); 2207 } 2208 2209 if($thread_percent > 100) 2210 { 2211 $thread_percent = 100; 2212 } 2213 2214 $findposts = $findthreads = ''; 2215 if($mybb->usergroup['cansearch'] == 1) 2216 { 2217 if(!empty($memprofile['postnum'])) 2218 { 2219 eval("\$findposts = \"".$templates->get("member_profile_findposts")."\";"); 2220 } 2221 if(!empty($memprofile['threadnum'])) 2222 { 2223 eval("\$findthreads = \"".$templates->get("member_profile_findthreads")."\";"); 2224 } 2225 } 2226 2227 $awaybit = ''; 2228 if($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0) 2229 { 2230 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2231 $awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']); 2232 if(!empty($memprofile['awayreason'])) 2233 { 2234 $reason = $parser->parse_badwords($memprofile['awayreason']); 2235 $awayreason = htmlspecialchars_uni($reason); 2236 } 2237 else 2238 { 2239 $awayreason = $lang->away_no_reason; 2240 } 2241 if($memprofile['returndate'] == '') 2242 { 2243 $returndate = "$lang->unknown"; 2244 } 2245 else 2246 { 2247 $returnhome = explode("-", $memprofile['returndate']); 2248 2249 // PHP native date functions use integers so timestamps for years after 2038 will not work 2250 // Thus we use adodb_mktime 2251 if($returnhome[2] >= 2038) 2252 { 2253 require_once MYBB_ROOT."inc/functions_time.php"; 2254 $returnmkdate = adodb_mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2255 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate, "", 1, true); 2256 } 2257 else 2258 { 2259 $returnmkdate = mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2260 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate); 2261 } 2262 2263 // If our away time has expired already, we should be back, right? 2264 if($returnmkdate < TIME_NOW) 2265 { 2266 $db->update_query('users', array('away' => '0', 'awaydate' => '0', 'returndate' => '', 'awayreason' => ''), 'uid=\''.(int)$memprofile['uid'].'\''); 2267 2268 // Update our status to "not away" 2269 $memprofile['away'] = 0; 2270 } 2271 } 2272 2273 // Check if our away status is set to 1, it may have been updated already (see a few lines above) 2274 if($memprofile['away'] == 1) 2275 { 2276 eval("\$awaybit = \"".$templates->get("member_profile_away")."\";"); 2277 } 2278 } 2279 2280 $memprofile['timezone'] = (float)$memprofile['timezone']; 2281 2282 if($memprofile['dst'] == 1) 2283 { 2284 $memprofile['timezone']++; 2285 if(my_substr($memprofile['timezone'], 0, 1) != "-") 2286 { 2287 $memprofile['timezone'] = "+{$memprofile['timezone']}"; 2288 } 2289 } 2290 2291 $memregdate = my_date($mybb->settings['dateformat'], $memprofile['regdate']); 2292 $memlocaldate = gmdate($mybb->settings['dateformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2293 $memlocaltime = gmdate($mybb->settings['timeformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2294 2295 $localtime = $lang->sprintf($lang->local_time_format, $memlocaldate, $memlocaltime); 2296 2297 if($memprofile['birthday']) 2298 { 2299 $membday = explode("-", $memprofile['birthday']); 2300 2301 if($memprofile['birthdayprivacy'] != 'none') 2302 { 2303 if($membday[0] && $membday[1] && $membday[2]) 2304 { 2305 $lang->membdayage = $lang->sprintf($lang->membdayage, get_age($memprofile['birthday'])); 2306 2307 $bdayformat = fix_mktime($mybb->settings['dateformat'], $membday[2]); 2308 $membday = mktime(0, 0, 0, $membday[1], $membday[0], $membday[2]); 2309 $membday = date($bdayformat, $membday); 2310 2311 $membdayage = $lang->membdayage; 2312 } 2313 elseif($membday[2]) 2314 { 2315 $membday = mktime(0, 0, 0, 1, 1, $membday[2]); 2316 $membday = date("Y", $membday); 2317 $membdayage = ''; 2318 } 2319 else 2320 { 2321 $membday = mktime(0, 0, 0, $membday[1], $membday[0], 0); 2322 $membday = date("F j", $membday); 2323 $membdayage = ''; 2324 } 2325 } 2326 2327 if($memprofile['birthdayprivacy'] == 'age') 2328 { 2329 $membday = $lang->birthdayhidden; 2330 } 2331 else if($memprofile['birthdayprivacy'] == 'none') 2332 { 2333 $membday = $lang->birthdayhidden; 2334 $membdayage = ''; 2335 } 2336 } 2337 else 2338 { 2339 $membday = $lang->not_specified; 2340 $membdayage = ''; 2341 } 2342 2343 // Get the user title for this user 2344 unset($stars); 2345 $usertitle = ''; 2346 $starimage = ''; 2347 if(trim($memprofile['usertitle']) != '') 2348 { 2349 // User has custom user title 2350 $usertitle = $memprofile['usertitle']; 2351 } 2352 elseif(trim($memperms['usertitle']) != '') 2353 { 2354 // User has group title 2355 $usertitle = $memperms['usertitle']; 2356 } 2357 else 2358 { 2359 if(!isset($usertitles)) 2360 { 2361 $usertitles = $cache->read('usertitles'); 2362 } 2363 2364 // No usergroup title so get a default one 2365 if(is_array($usertitles)) 2366 { 2367 foreach($usertitles as $title) 2368 { 2369 if($memprofile['postnum'] >= $title['posts']) 2370 { 2371 $usertitle = $title['title']; 2372 $stars = $title['stars']; 2373 $starimage = $title['starimage']; 2374 2375 break; 2376 } 2377 } 2378 } 2379 } 2380 2381 $usertitle = htmlspecialchars_uni($usertitle); 2382 2383 if($memperms['stars'] || $memperms['usertitle']) 2384 { 2385 // Set the number of stars if display group has constant number of stars 2386 $stars = $memperms['stars']; 2387 } 2388 elseif(!isset($stars)) 2389 { 2390 if(!isset($usertitles)) 2391 { 2392 $usertitles = $cache->read('usertitles'); 2393 } 2394 2395 // This is for cases where the user has a title, but the group has no defined number of stars (use number of stars as per default usergroups) 2396 if(is_array($usertitles)) 2397 { 2398 foreach($usertitles as $title) 2399 { 2400 if($memprofile['postnum'] >= $title['posts']) 2401 { 2402 $stars = $title['stars']; 2403 $starimage = $title['starimage']; 2404 break; 2405 } 2406 } 2407 } 2408 2409 if(!isset($stars)) 2410 { 2411 $stars = 0; 2412 } 2413 } 2414 2415 $groupimage = ''; 2416 if(!empty($memperms['image'])) 2417 { 2418 if(!empty($mybb->user['language'])) 2419 { 2420 $language = $mybb->user['language']; 2421 } 2422 else 2423 { 2424 $language = $mybb->settings['bblanguage']; 2425 } 2426 $memperms['image'] = str_replace("{lang}", $language, $memperms['image']); 2427 $memperms['image'] = str_replace("{theme}", $theme['imgdir'], $memperms['image']); 2428 eval("\$groupimage = \"".$templates->get("member_profile_groupimage")."\";"); 2429 } 2430 2431 if(empty($starimage)) 2432 { 2433 $starimage = $memperms['starimage']; 2434 } 2435 2436 if(!empty($starimage)) 2437 { 2438 // Only display stars if we have an image to use... 2439 $starimage = str_replace("{theme}", $theme['imgdir'], $starimage); 2440 $userstars = ''; 2441 for($i = 0; $i < $stars; ++$i) 2442 { 2443 eval("\$userstars .= \"".$templates->get("member_profile_userstar", 1, 0)."\";"); 2444 } 2445 } 2446 2447 // User is currently online and this user has permissions to view the user on the WOL 2448 $timesearch = TIME_NOW - $mybb->settings['wolcutoffmins']*60; 2449 $query = $db->simple_select("sessions", "location,nopermission", "uid='$uid' AND time>'{$timesearch}'", array('order_by' => 'time', 'order_dir' => 'DESC', 'limit' => 1)); 2450 $session = $db->fetch_array($query); 2451 2452 $timeonline = $lang->none_registered; 2453 $memlastvisitdate = $lang->lastvisit_never; 2454 $last_seen = max(array($memprofile['lastactive'], $memprofile['lastvisit'])); 2455 if(!empty($last_seen)) 2456 { 2457 // We have some stamp here 2458 if($memprofile['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $memprofile['uid'] != $mybb->user['uid']) 2459 { 2460 $memlastvisitdate = $lang->lastvisit_hidden; 2461 $online_status = $timeonline = $lang->timeonline_hidden; 2462 } 2463 else 2464 { 2465 $memlastvisitdate = my_date('relative', $last_seen); 2466 2467 if($memprofile['timeonline'] > 0) 2468 { 2469 $timeonline = nice_time($memprofile['timeonline']); 2470 } 2471 2472 // Online? 2473 if(!empty($session)) 2474 { 2475 // Fetch their current location 2476 $lang->load("online"); 2477 require_once MYBB_ROOT."inc/functions_online.php"; 2478 $activity = fetch_wol_activity($session['location'], $session['nopermission']); 2479 $location = build_friendly_wol_location($activity); 2480 $location_time = my_date($mybb->settings['timeformat'], $last_seen); 2481 2482 eval("\$online_status = \"".$templates->get("member_profile_online")."\";"); 2483 } 2484 } 2485 } 2486 2487 if(!isset($online_status)) 2488 { 2489 eval("\$online_status = \"".$templates->get("member_profile_offline")."\";"); 2490 } 2491 2492 // Reset the background colours to keep it inline 2493 $alttrow = 'trow1'; 2494 2495 // Build Referral 2496 $referrals = ''; 2497 if($mybb->settings['usereferrals'] == 1) 2498 { 2499 $bg_color = alt_trow(); 2500 2501 $uid = (int) $memprofile['uid']; 2502 $referral_count = $memprofile['referrals']; 2503 if ($referral_count > 0) { 2504 eval("\$memprofile['referrals'] = \"".$templates->get('member_referrals_link')."\";"); 2505 } 2506 2507 eval("\$referrals = \"".$templates->get('member_profile_referrals')."\";"); 2508 } 2509 2510 // Fetch the reputation for this user 2511 $reputation = ''; 2512 if($memperms['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 2513 { 2514 $bg_color = alt_trow(); 2515 $reputation = get_reputation($memprofile['reputation']); 2516 2517 // If this user has permission to give reputations show the vote link 2518 $vote_link = ''; 2519 if($mybb->usergroup['cangivereputations'] == 1 && $memprofile['uid'] != $mybb->user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep'])) 2520 { 2521 eval("\$vote_link = \"".$templates->get("member_profile_reputation_vote")."\";"); 2522 } 2523 2524 eval("\$reputation = \"".$templates->get("member_profile_reputation")."\";"); 2525 } 2526 2527 $warning_level = ''; 2528 if($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0))) 2529 { 2530 $bg_color = alt_trow(); 2531 2532 if($mybb->settings['maxwarningpoints'] < 1) 2533 { 2534 $mybb->settings['maxwarningpoints'] = 10; 2535 } 2536 2537 $warning_level = round($memprofile['warningpoints']/$mybb->settings['maxwarningpoints']*100); 2538 2539 if($warning_level > 100) 2540 { 2541 $warning_level = 100; 2542 } 2543 2544 $warning_level = get_colored_warning_level($warning_level); 2545 if($mybb->usergroup['canwarnusers'] != 0) 2546 { 2547 eval("\$warn_user = \"".$templates->get("member_profile_warn")."\";"); 2548 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel_link")."\";"); 2549 } 2550 else 2551 { 2552 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel")."\";"); 2553 } 2554 } 2555 2556 $bgcolor = $alttrow = 'trow1'; 2557 $customfields = $profilefields = ''; 2558 2559 $query = $db->simple_select("userfields", "*", "ufid = '{$uid}'"); 2560 $userfields = $db->fetch_array($query); 2561 2562 // If this user is an Administrator or a Moderator then we wish to show all profile fields 2563 $pfcache = $cache->read('profilefields'); 2564 2565 if(is_array($pfcache)) 2566 { 2567 foreach($pfcache as $customfield) 2568 { 2569 if($mybb->usergroup['cancp'] != 1 && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['canmodcp'] != 1 && !is_member($customfield['viewableby']) || !$customfield['profile']) 2570 { 2571 continue; 2572 } 2573 2574 $thing = explode("\n", $customfield['type'], "2"); 2575 $type = trim($thing[0]); 2576 2577 $customfieldval = $customfield_val = ''; 2578 $field = "fid{$customfield['fid']}"; 2579 2580 if(isset($userfields[$field])) 2581 { 2582 $useropts = explode("\n", $userfields[$field]); 2583 $customfieldval = $comma = ''; 2584 if(is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) 2585 { 2586 foreach($useropts as $val) 2587 { 2588 if($val != '') 2589 { 2590 eval("\$customfield_val .= \"".$templates->get("member_profile_customfields_field_multi_item")."\";"); 2591 } 2592 } 2593 if($customfield_val != '') 2594 { 2595 eval("\$customfieldval = \"".$templates->get("member_profile_customfields_field_multi")."\";"); 2596 } 2597 } 2598 else 2599 { 2600 $parser_options = array( 2601 "allow_html" => $customfield['allowhtml'], 2602 "allow_mycode" => $customfield['allowmycode'], 2603 "allow_smilies" => $customfield['allowsmilies'], 2604 "allow_imgcode" => $customfield['allowimgcode'], 2605 "allow_videocode" => $customfield['allowvideocode'], 2606 #"nofollow_on" => 1, 2607 "filter_badwords" => 1 2608 ); 2609 2610 if($customfield['type'] == "textarea") 2611 { 2612 $parser_options['me_username'] = $memprofile['username']; 2613 } 2614 else 2615 { 2616 $parser_options['nl2br'] = 0; 2617 } 2618 2619 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2620 { 2621 $parser_options['allow_imgcode'] = 0; 2622 } 2623 2624 $customfieldval = $parser->parse_message($userfields[$field], $parser_options); 2625 } 2626 } 2627 2628 if($customfieldval) 2629 { 2630 $customfield['name'] = htmlspecialchars_uni($customfield['name']); 2631 eval("\$customfields .= \"".$templates->get("member_profile_customfields_field")."\";"); 2632 $bgcolor = alt_trow(); 2633 } 2634 } 2635 } 2636 2637 if($customfields) 2638 { 2639 eval("\$profilefields = \"".$templates->get("member_profile_customfields")."\";"); 2640 } 2641 2642 $memprofile['postnum'] = my_number_format($memprofile['postnum']); 2643 $lang->ppd_percent_total = $lang->sprintf($lang->ppd_percent_total, my_number_format($ppd), $post_percent); 2644 2645 $memprofile['threadnum'] = my_number_format($memprofile['threadnum']); 2646 $lang->tpd_percent_total = $lang->sprintf($lang->tpd_percent_total, my_number_format($tpd), $thread_percent); 2647 2648 $formattedname = format_name($memprofile['username'], $memprofile['usergroup'], $memprofile['displaygroup']); 2649 2650 $bannedbit = ''; 2651 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1) 2652 { 2653 // Fetch details on their ban 2654 $query = $db->simple_select('banned b LEFT JOIN '.TABLE_PREFIX.'users a ON (b.admin=a.uid)', 'b.*, a.username AS adminuser', "b.uid='{$uid}'", array('limit' => 1)); 2655 2656 if($db->num_rows($query)) 2657 { 2658 $memban = $db->fetch_array($query); 2659 2660 if($memban['reason']) 2661 { 2662 $memban['reason'] = htmlspecialchars_uni($parser->parse_badwords($memban['reason'])); 2663 } 2664 else 2665 { 2666 $memban['reason'] = $lang->na; 2667 } 2668 2669 if($memban['lifted'] == 'perm' || $memban['lifted'] == '' || $memban['bantime'] == 'perm' || $memban['bantime'] == '---') 2670 { 2671 $banlength = $lang->permanent; 2672 $timeremaining = $lang->na; 2673 $banned_class = "normal_banned"; 2674 } 2675 else 2676 { 2677 // Set up the array of ban times. 2678 $bantimes = fetch_ban_times(); 2679 2680 $banlength = $bantimes[$memban['bantime']]; 2681 $remaining = $memban['lifted']-TIME_NOW; 2682 2683 $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 2684 2685 $banned_class = ''; 2686 if($remaining < 3600) 2687 { 2688 $banned_class = "high_banned"; 2689 } 2690 else if($remaining < 86400) 2691 { 2692 $banned_class = "moderate_banned"; 2693 } 2694 else if($remaining < 604800) 2695 { 2696 $banned_class = "low_banned"; 2697 } 2698 else 2699 { 2700 $banned_class = "normal_banned"; 2701 } 2702 } 2703 eval('$timeremaining = "'.$templates->get('member_profile_banned_remaining').'";'); 2704 2705 $memban['adminuser'] = build_profile_link(htmlspecialchars_uni($memban['adminuser']), $memban['admin']); 2706 2707 // Display a nice warning to the user 2708 eval('$bannedbit = "'.$templates->get('member_profile_banned').'";'); 2709 } 2710 else 2711 { 2712 // TODO: more specific output for converted/merged boards where no ban record is merged. 2713 $bannedbit = ''; 2714 } 2715 } 2716 2717 $adminoptions = ''; 2718 if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1) 2719 { 2720 if($memperms['isbannedgroup'] == 1) 2721 { 2722 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions_manageban")."\";"); 2723 } 2724 else 2725 { 2726 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions")."\";"); 2727 } 2728 } 2729 2730 $modoptions = $viewnotes = $editnotes = $editprofile = $banuser = $manageban = $manageuser = ''; 2731 $can_purge_spammer = purgespammer_show($memprofile['postnum'], $memprofile['usergroup'], $memprofile['uid']); 2732 if($mybb->usergroup['canmodcp'] == 1 || $can_purge_spammer) 2733 { 2734 if($mybb->usergroup['canuseipsearch'] == 1) 2735 { 2736 $memprofile['regip'] = my_inet_ntop($db->unescape_binary($memprofile['regip'])); 2737 $memprofile['lastip'] = my_inet_ntop($db->unescape_binary($memprofile['lastip'])); 2738 2739 eval("\$ipaddress = \"".$templates->get("member_profile_modoptions_ipaddress")."\";"); 2740 } 2741 2742 $memprofile['usernotes'] = nl2br(htmlspecialchars_uni($memprofile['usernotes'])); 2743 2744 if(!empty($memprofile['usernotes'])) 2745 { 2746 if(strlen($memprofile['usernotes']) > 100) 2747 { 2748 eval("\$viewnotes = \"".$templates->get("member_profile_modoptions_viewnotes")."\";"); 2749 $memprofile['usernotes'] = my_substr($memprofile['usernotes'], 0, 100)."... {$viewnotes}"; 2750 } 2751 } 2752 else 2753 { 2754 $memprofile['usernotes'] = $lang->no_usernotes; 2755 } 2756 2757 if($mybb->usergroup['caneditprofiles'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2758 { 2759 if(modcp_can_manage_user($memprofile['uid'])) 2760 { 2761 eval("\$editprofile = \"".$templates->get("member_profile_modoptions_editprofile")."\";"); 2762 eval("\$editnotes = \"".$templates->get("member_profile_modoptions_editnotes")."\";"); 2763 2764 } 2765 } 2766 2767 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2768 { 2769 eval("\$manageban = \"".$templates->get("member_profile_modoptions_manageban")."\";"); 2770 } 2771 elseif(modcp_can_manage_user($memprofile['uid']) && $mybb->usergroup['canbanusers'] == 1) 2772 { 2773 if(modcp_can_manage_user($memprofile['uid']) && $mybb->usergroup['canbanusers'] == 1) 2774 { 2775 eval("\$banuser = \"".$templates->get("member_profile_modoptions_banuser")."\";"); 2776 } 2777 } 2778 2779 $purgespammer = ''; 2780 if($can_purge_spammer) 2781 { 2782 eval("\$purgespammer = \"".$templates->get('member_profile_modoptions_purgespammer')."\";"); 2783 } 2784 2785 if(!empty($editprofile) || !empty($banuser) || !empty($manageban) || !empty($purgespammer)) 2786 { 2787 eval("\$manageuser = \"".$templates->get("member_profile_modoptions_manageuser")."\";"); 2788 } 2789 2790 eval("\$modoptions = \"".$templates->get("member_profile_modoptions")."\";"); 2791 } 2792 2793 $add_remove_options = array(); 2794 $buddy_options = $ignore_options = $report_options = ''; 2795 if($mybb->user['uid'] != $memprofile['uid'] && $mybb->user['uid'] != 0) 2796 { 2797 $buddy_list = explode(',', $mybb->user['buddylist']); 2798 $ignore_list = explode(',', $mybb->user['ignorelist']); 2799 2800 if(in_array($uid, $buddy_list)) 2801 { 2802 $add_remove_options = array('url' => "usercp.php?action=do_editlists&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_buddy_button', 'lang' => $lang->remove_from_buddy_list); 2803 } 2804 else 2805 { 2806 $add_remove_options = array('url' => "usercp.php?action=do_editlists&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_buddy_button', 'lang' => $lang->add_to_buddy_list); 2807 } 2808 2809 if(!in_array($uid, $ignore_list)) 2810 { 2811 eval("\$buddy_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Buddy 2812 } 2813 2814 if(in_array($uid, $ignore_list)) 2815 { 2816 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_ignore_button', 'lang' => $lang->remove_from_ignore_list); 2817 } 2818 else 2819 { 2820 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_ignore_button', 'lang' => $lang->add_to_ignore_list); 2821 } 2822 2823 if(!in_array($uid, $buddy_list)) 2824 { 2825 eval("\$ignore_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Ignore 2826 } 2827 2828 if(isset($memperms['canbereported']) && $memperms['canbereported'] == 1) 2829 { 2830 $reportable = true; 2831 $query = $db->simple_select("reportedcontent", "reporters", "reportstatus != '1' AND id = '{$memprofile['uid']}' AND type = 'profile'"); 2832 if($db->num_rows($query)) 2833 { 2834 $report = $db->fetch_array($query); 2835 $report['reporters'] = my_unserialize($report['reporters']); 2836 if(is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters'])) 2837 { 2838 $reportable = false; 2839 } 2840 } 2841 if($reportable) 2842 { 2843 $add_remove_options = array('url' => "javascript:Report.reportUser({$memprofile['uid']});", 'class' => 'report_user_button', 'lang' => $lang->report_user); 2844 eval("\$report_options = \"".$templates->get("member_profile_addremove")."\";"); // Report User 2845 } 2846 } 2847 } 2848 2849 $plugins->run_hooks("member_profile_end"); 2850 2851 eval("\$profile = \"".$templates->get("member_profile")."\";"); 2852 output_page($profile); 2853 } 2854 2855 if($mybb->input['action'] == "do_emailuser" && $mybb->request_method == "post") 2856 { 2857 // Verify incoming POST request 2858 verify_post_check($mybb->get_input('my_post_key')); 2859 2860 $plugins->run_hooks("member_do_emailuser_start"); 2861 2862 // Guests or those without permission can't email other users 2863 if($mybb->usergroup['cansendemail'] == 0) 2864 { 2865 error_no_permission(); 2866 } 2867 2868 // Check group limits 2869 if($mybb->usergroup['maxemails'] > 0) 2870 { 2871 if($mybb->user['uid'] > 0) 2872 { 2873 $user_check = "fromuid='{$mybb->user['uid']}'"; 2874 } 2875 else 2876 { 2877 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2878 } 2879 2880 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 2881 $sent_count = $db->fetch_field($query, "sent_count"); 2882 if($sent_count >= $mybb->usergroup['maxemails']) 2883 { 2884 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 2885 error($lang->error_max_emails_day); 2886 } 2887 } 2888 2889 // Check email flood control 2890 if($mybb->usergroup['emailfloodtime'] > 0) 2891 { 2892 if($mybb->user['uid'] > 0) 2893 { 2894 $user_check = "fromuid='{$mybb->user['uid']}'"; 2895 } 2896 else 2897 { 2898 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2899 } 2900 2901 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 2902 2903 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 2904 $last_email = $db->fetch_array($query); 2905 2906 // Users last email was within the flood time, show the error 2907 if(isset($last_email['mid'])) 2908 { 2909 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 2910 2911 if($remaining_time == 1) 2912 { 2913 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 2914 } 2915 elseif($remaining_time < 60) 2916 { 2917 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 2918 } 2919 elseif($remaining_time > 60 && $remaining_time < 120) 2920 { 2921 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 2922 } 2923 else 2924 { 2925 $remaining_time_minutes = ceil($remaining_time/60); 2926 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 2927 } 2928 2929 error($lang->error_emailflooding); 2930 } 2931 } 2932 2933 $query = $db->simple_select("users", "uid, username, email, hideemail", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 2934 $to_user = $db->fetch_array($query); 2935 2936 if(!$to_user['username']) 2937 { 2938 error($lang->error_invalidusername); 2939 } 2940 2941 if($to_user['hideemail'] != 0) 2942 { 2943 error($lang->error_hideemail); 2944 } 2945 2946 $errors = array(); 2947 2948 if($mybb->user['uid']) 2949 { 2950 $mybb->input['fromemail'] = $mybb->user['email']; 2951 $mybb->input['fromname'] = $mybb->user['username']; 2952 } 2953 2954 if(!validate_email_format($mybb->input['fromemail'])) 2955 { 2956 $errors[] = $lang->error_invalidfromemail; 2957 } 2958 2959 if(empty($mybb->input['fromname'])) 2960 { 2961 $errors[] = $lang->error_noname; 2962 } 2963 2964 if(empty($mybb->input['subject'])) 2965 { 2966 $errors[] = $lang->error_no_email_subject; 2967 } 2968 2969 if(empty($mybb->input['message'])) 2970 { 2971 $errors[] = $lang->error_no_email_message; 2972 } 2973 2974 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 2975 { 2976 require_once MYBB_ROOT.'inc/class_captcha.php'; 2977 $captcha = new captcha; 2978 2979 if($captcha->validate_captcha() == false) 2980 { 2981 // CAPTCHA validation failed 2982 foreach($captcha->get_errors() as $error) 2983 { 2984 $errors[] = $error; 2985 } 2986 } 2987 } 2988 2989 if(count($errors) == 0) 2990 { 2991 if($mybb->settings['mail_handler'] == 'smtp') 2992 { 2993 $from = $mybb->input['fromemail']; 2994 } 2995 else 2996 { 2997 $from = "{$mybb->input['fromname']} <{$mybb->input['fromemail']}>"; 2998 } 2999 3000 $message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->get_input('message')); 3001 my_mail($to_user['email'], $mybb->get_input('subject'), $message, '', '', '', false, 'text', '', $from); 3002 3003 if($mybb->settings['mail_logging'] > 0) 3004 { 3005 // Log the message 3006 $log_entry = array( 3007 "subject" => $db->escape_string($mybb->get_input('subject')), 3008 "message" => $db->escape_string($mybb->get_input('message')), 3009 "dateline" => TIME_NOW, 3010 "fromuid" => $mybb->user['uid'], 3011 "fromemail" => $db->escape_string($mybb->input['fromemail']), 3012 "touid" => $to_user['uid'], 3013 "toemail" => $db->escape_string($to_user['email']), 3014 "tid" => 0, 3015 "ipaddress" => $db->escape_binary($session->packedip), 3016 "type" => 1 3017 ); 3018 $db->insert_query("maillogs", $log_entry); 3019 } 3020 3021 $plugins->run_hooks("member_do_emailuser_end"); 3022 3023 redirect(get_profile_link($to_user['uid']), $lang->redirect_emailsent); 3024 } 3025 else 3026 { 3027 $mybb->input['action'] = "emailuser"; 3028 } 3029 } 3030 3031 if($mybb->input['action'] == "emailuser") 3032 { 3033 $plugins->run_hooks("member_emailuser_start"); 3034 3035 // Guests or those without permission can't email other users 3036 if($mybb->usergroup['cansendemail'] == 0) 3037 { 3038 error_no_permission(); 3039 } 3040 3041 // Check group limits 3042 if($mybb->usergroup['maxemails'] > 0) 3043 { 3044 if($mybb->user['uid'] > 0) 3045 { 3046 $user_check = "fromuid='{$mybb->user['uid']}'"; 3047 } 3048 else 3049 { 3050 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3051 } 3052 3053 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 3054 $sent_count = $db->fetch_field($query, "sent_count"); 3055 if($sent_count >= $mybb->usergroup['maxemails']) 3056 { 3057 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 3058 error($lang->error_max_emails_day); 3059 } 3060 } 3061 3062 // Check email flood control 3063 if($mybb->usergroup['emailfloodtime'] > 0) 3064 { 3065 if($mybb->user['uid'] > 0) 3066 { 3067 $user_check = "fromuid='{$mybb->user['uid']}'"; 3068 } 3069 else 3070 { 3071 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3072 } 3073 3074 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 3075 3076 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 3077 $last_email = $db->fetch_array($query); 3078 3079 // Users last email was within the flood time, show the error 3080 if(isset($last_email['mid'])) 3081 { 3082 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 3083 3084 if($remaining_time == 1) 3085 { 3086 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 3087 } 3088 elseif($remaining_time < 60) 3089 { 3090 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 3091 } 3092 elseif($remaining_time > 60 && $remaining_time < 120) 3093 { 3094 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 3095 } 3096 else 3097 { 3098 $remaining_time_minutes = ceil($remaining_time/60); 3099 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 3100 } 3101 3102 error($lang->error_emailflooding); 3103 } 3104 } 3105 3106 $query = $db->simple_select("users", "uid, username, email, hideemail, ignorelist", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 3107 $to_user = $db->fetch_array($query); 3108 3109 $to_user['username'] = htmlspecialchars_uni($to_user['username']); 3110 $lang->email_user = $lang->sprintf($lang->email_user, $to_user['username']); 3111 3112 if(!$to_user['uid']) 3113 { 3114 error($lang->error_invaliduser); 3115 } 3116 3117 if($to_user['hideemail'] != 0) 3118 { 3119 error($lang->error_hideemail); 3120 } 3121 3122 if($to_user['ignorelist'] && (my_strpos(",".$to_user['ignorelist'].",", ",".$mybb->user['uid'].",") !== false && $mybb->usergroup['cansendemailoverride'] != 1)) 3123 { 3124 error_no_permission(); 3125 } 3126 3127 if(isset($errors) && count($errors) > 0) 3128 { 3129 $errors = inline_error($errors); 3130 $fromname = htmlspecialchars_uni($mybb->get_input('fromname')); 3131 $fromemail = htmlspecialchars_uni($mybb->get_input('fromemail')); 3132 $subject = htmlspecialchars_uni($mybb->get_input('subject')); 3133 $message = htmlspecialchars_uni($mybb->get_input('message')); 3134 } 3135 else 3136 { 3137 $errors = ''; 3138 $fromname = ''; 3139 $fromemail = ''; 3140 $subject = ''; 3141 $message = ''; 3142 } 3143 3144 // Generate CAPTCHA? 3145 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 3146 { 3147 require_once MYBB_ROOT.'inc/class_captcha.php'; 3148 $post_captcha = new captcha(true, "post_captcha"); 3149 3150 if($post_captcha->html) 3151 { 3152 $captcha = $post_captcha->html; 3153 } 3154 } 3155 else 3156 { 3157 $captcha = ''; 3158 } 3159 3160 $from_email = ''; 3161 if($mybb->user['uid'] == 0) 3162 { 3163 eval("\$from_email = \"".$templates->get("member_emailuser_guest")."\";"); 3164 } 3165 3166 $plugins->run_hooks("member_emailuser_end"); 3167 3168 eval("\$emailuser = \"".$templates->get("member_emailuser")."\";"); 3169 output_page($emailuser); 3170 } 3171 3172 if($mybb->input['action'] == 'referrals') 3173 { 3174 $plugins->run_hooks('member_referrals_start'); 3175 3176 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 3177 if(!$uid) 3178 { 3179 error($lang->referrals_no_user_specified); 3180 } 3181 3182 $user = get_user($uid); 3183 if(!$user['$uid']) 3184 { 3185 error($lang->referrals_invalid_user); 3186 } 3187 3188 $lang->nav_referrals = $lang->sprintf($lang->nav_referrals, $user['username']); 3189 add_breadcrumb($lang->nav_referrals); 3190 3191 $query = $db->simple_select('users', 'COUNT(uid) AS total', "referrer='{$uid}'"); 3192 $referral_count = $db->fetch_field($query, 'total'); 3193 3194 $bg_color = 'trow1'; 3195 3196 if($referral_count == 0) 3197 { 3198 eval("\$referral_rows = \"".$templates->get('member_no_referrals')."\";"); 3199 } 3200 else 3201 { 3202 // Figure out if we need to display multiple pages. 3203 $perpage = 20; 3204 if ((int) $mybb->settings['referralsperpage']) { 3205 $perpage = (int) $mybb->settings['referralsperpage']; 3206 } 3207 3208 $page = 1; 3209 if($mybb->get_input('page', MyBB::INPUT_INT)) 3210 { 3211 $page = $mybb->get_input('page', MyBB::INPUT_INT); 3212 } 3213 3214 $pages = ceil($referral_count / $perpage); 3215 3216 if($page > $pages || $page <= 0) 3217 { 3218 $page = 1; 3219 } 3220 3221 if($page) 3222 { 3223 $start = ($page-1) * $perpage; 3224 } 3225 else 3226 { 3227 $start = 0; 3228 $page = 1; 3229 } 3230 3231 $multipage = multipage($referral_count, $perpage, $page, "member.php?action=referrals&uid={$uid}"); 3232 3233 foreach(get_user_referrals($uid, $start, $perpage) as $referral) 3234 { 3235 // Format user name link 3236 $username = htmlspecialchars_uni($referral['username']); 3237 $username = format_name($username, $referral['usergroup'], $referral['displaygroup']); 3238 $username = build_profile_link($username, $referral['uid']); 3239 3240 $regdate = my_date('normal', $referral['regdate']); 3241 3242 eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";"); 3243 3244 $bg_color = alt_trow(); 3245 } 3246 } 3247 3248 $plugins->run_hooks('member_referrals_end'); 3249 3250 eval("\$referrals = \"".$templates->get("member_referrals")."\";"); 3251 output_page($referrals); 3252 } 3253 3254 if(!$mybb->input['action']) 3255 { 3256 header("Location: index.php"); 3257 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |