| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'member.php'); 14 define("ALLOWABLE_PAGE", "register,do_register,login,do_login,logout,lostpw,do_lostpw,activate,resendactivation,do_resendactivation,resetpassword,viewnotes"); 15 16 $nosession['avatar'] = 1; 17 18 $templatelist = "member_register,member_register_hiddencaptcha,member_register_coppa,member_register_agreement_coppa,member_register_agreement,member_register_customfield,member_register_requiredfields,member_profile_findthreads"; 19 $templatelist .= ",member_loggedin_notice,member_profile_away,member_register_regimage,member_register_regimage_recaptcha_invisible,member_register_regimage_nocaptcha,post_captcha_hcaptcha_invisible,post_captcha_hcaptcha,post_captcha_hidden,post_captcha,member_register_referrer"; 20 $templatelist .= ",member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_warninglevel_link,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions_manageban,member_profile_adminoptions,member_profile"; 21 $templatelist .= ",member_profile_signature,member_profile_avatar,member_profile_groupimage,member_referrals_link,member_profile_referrals,member_profile_website,member_profile_reputation_vote,member_activate,member_lostpw,member_register_additionalfields"; 22 $templatelist .= ",member_profile_modoptions_manageuser,member_profile_modoptions_editprofile,member_profile_modoptions_banuser,member_profile_modoptions_viewnotes,member_profile_modoptions_editnotes,member_profile_modoptions_purgespammer"; 23 $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,member_viewnotes"; 24 $templatelist .= ",member_register_question,member_register_question_refresh,usercp_options_timezone,usercp_options_timezone_option,usercp_options_language_option,member_profile_customfields_field_multi_item,member_profile_customfields_field_multi"; 25 $templatelist .= ",member_profile_contact_fields_google,member_profile_contact_fields_icq,member_profile_contact_fields_skype,member_profile_pm,member_profile_contact_details,member_profile_modoptions_manageban"; 26 $templatelist .= ",member_profile_banned_remaining,member_profile_addremove,member_emailuser_guest,member_register_day,usercp_options_tppselect_option,postbit_warninglevel_formatted,member_profile_userstar,member_profile_findposts"; 27 $templatelist .= ",usercp_options_tppselect,usercp_options_pppselect,member_resetpassword,member_login,member_profile_online,usercp_options_pppselect_option,postbit_reputation_formatted,member_emailuser,usercp_profile_profilefields_text"; 28 $templatelist .= ",member_profile_modoptions_ipaddress,member_profile_modoptions,member_profile_banned,member_register_language,member_resendactivation,usercp_profile_profilefields_checkbox,member_register_password,member_coppa_form"; 29 30 require_once "./global.php"; 31 require_once MYBB_ROOT."inc/functions_post.php"; 32 require_once MYBB_ROOT."inc/functions_user.php"; 33 require_once MYBB_ROOT."inc/class_parser.php"; 34 require_once MYBB_ROOT."inc/functions_modcp.php"; 35 $parser = new postParser; 36 37 // Load global language phrases 38 $lang->load("member"); 39 40 $mybb->input['action'] = $mybb->get_input('action'); 41 42 // Make navigation 43 switch($mybb->input['action']) 44 { 45 case "register": 46 case "do_register": 47 add_breadcrumb($lang->nav_register); 48 break; 49 case "activate": 50 add_breadcrumb($lang->nav_activate); 51 break; 52 case "resendactivation": 53 add_breadcrumb($lang->nav_resendactivation); 54 break; 55 case "lostpw": 56 add_breadcrumb($lang->nav_lostpw); 57 break; 58 case "resetpassword": 59 add_breadcrumb($lang->nav_resetpassword); 60 break; 61 case "login": 62 add_breadcrumb($lang->nav_login); 63 break; 64 case "emailuser": 65 add_breadcrumb($lang->nav_emailuser); 66 break; 67 } 68 69 if(($mybb->input['action'] == "register" || $mybb->input['action'] == "do_register") && $mybb->usergroup['cancp'] != 1) 70 { 71 if($mybb->settings['disableregs'] == 1) 72 { 73 error($lang->registrations_disabled); 74 } 75 if($mybb->user['uid'] != 0) 76 { 77 error($lang->error_alreadyregistered); 78 } 79 if($mybb->settings['betweenregstime'] && $mybb->settings['maxregsbetweentime']) 80 { 81 $time = TIME_NOW; 82 $datecut = $time-(60*60*$mybb->settings['betweenregstime']); 83 $query = $db->simple_select("users", "*", "regip=".$db->escape_binary($session->packedip)." AND regdate > '$datecut'"); 84 $regcount = $db->num_rows($query); 85 if($regcount >= $mybb->settings['maxregsbetweentime']) 86 { 87 $lang->error_alreadyregisteredtime = $lang->sprintf($lang->error_alreadyregisteredtime, $regcount, $mybb->settings['betweenregstime']); 88 error($lang->error_alreadyregisteredtime); 89 } 90 } 91 } 92 93 $fromreg = 0; 94 if($mybb->input['action'] == "do_register" && $mybb->request_method == "post") 95 { 96 $plugins->run_hooks("member_do_register_start"); 97 98 // Are checking how long it takes for users to register? 99 if($mybb->settings['regtime'] > 0) 100 { 101 // Is the field actually set? 102 if(isset($mybb->input['regtime'])) 103 { 104 // Check how long it took for this person to register 105 $timetook = TIME_NOW - $mybb->get_input('regtime', MyBB::INPUT_INT); 106 107 // See if they registered faster than normal 108 if($timetook < $mybb->settings['regtime']) 109 { 110 // This user registered pretty quickly, bot detected! 111 $lang->error_spam_deny_time = $lang->sprintf($lang->error_spam_deny_time, $mybb->settings['regtime'], $timetook); 112 error($lang->error_spam_deny_time); 113 } 114 } 115 else 116 { 117 error($lang->error_spam_deny); 118 } 119 } 120 121 // If we have hidden CATPCHA enabled and it's filled, deny registration 122 if($mybb->settings['hiddencaptchaimage']) 123 { 124 $string = $mybb->settings['hiddencaptchaimagefield']; 125 126 if(!empty($mybb->input[$string])) 127 { 128 error($lang->error_spam_deny); 129 } 130 } 131 132 if($mybb->settings['regtype'] == "randompass") 133 { 134 135 $password_length = (int)$mybb->settings['minpasswordlength']; 136 if($password_length < 8) 137 { 138 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 139 } 140 141 $mybb->input['password'] = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 142 $mybb->input['password2'] = $mybb->input['password']; 143 } 144 145 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 146 { 147 $usergroup = 5; 148 } 149 else 150 { 151 $usergroup = 2; 152 } 153 154 // Set up user handler. 155 require_once MYBB_ROOT."inc/datahandlers/user.php"; 156 $userhandler = new UserDataHandler("insert"); 157 158 $coppauser = 0; 159 if(isset($mybb->cookies['coppauser'])) 160 { 161 $coppauser = (int)$mybb->cookies['coppauser']; 162 } 163 164 // Set the data for the new user. 165 $user = array( 166 "username" => $mybb->get_input('username'), 167 "password" => $mybb->get_input('password'), 168 "password2" => $mybb->get_input('password2'), 169 "email" => $mybb->get_input('email'), 170 "email2" => $mybb->get_input('email2'), 171 "usergroup" => $usergroup, 172 "referrer" => $mybb->get_input('referrername'), 173 "timezone" => $mybb->get_input('timezoneoffset'), 174 "language" => $mybb->get_input('language'), 175 "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), 176 "regip" => $session->packedip, 177 "coppa_user" => $coppauser, 178 "regcheck1" => $mybb->get_input('regcheck1'), 179 "regcheck2" => $mybb->get_input('regcheck2'), 180 "registration" => true 181 ); 182 183 // Do we have a saved COPPA DOB? 184 if(isset($mybb->cookies['coppadob'])) 185 { 186 list($dob_day, $dob_month, $dob_year) = explode("-", $mybb->cookies['coppadob']); 187 $user['birthday'] = array( 188 "day" => $dob_day, 189 "month" => $dob_month, 190 "year" => $dob_year 191 ); 192 } 193 194 $user['options'] = array( 195 "allownotices" => $mybb->get_input('allownotices', MyBB::INPUT_INT), 196 "hideemail" => $mybb->get_input('hideemail', MyBB::INPUT_INT), 197 "subscriptionmethod" => $mybb->get_input('subscriptionmethod', MyBB::INPUT_INT), 198 "receivepms" => $mybb->get_input('receivepms', MyBB::INPUT_INT), 199 "pmnotice" => $mybb->get_input('pmnotice', MyBB::INPUT_INT), 200 "pmnotify" => $mybb->get_input('pmnotify', MyBB::INPUT_INT), 201 "invisible" => $mybb->get_input('invisible', MyBB::INPUT_INT), 202 "dstcorrection" => $mybb->get_input('dstcorrection') 203 ); 204 205 $userhandler->set_data($user); 206 207 $errors = array(); 208 209 if(!$userhandler->validate_user()) 210 { 211 $errors = $userhandler->get_friendly_errors(); 212 } 213 214 if($mybb->settings['enablestopforumspam_on_register']) 215 { 216 require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php'; 217 218 $stop_forum_spam_checker = new StopForumSpamChecker( 219 $plugins, 220 $mybb->settings['stopforumspam_min_weighting_before_spam'], 221 $mybb->settings['stopforumspam_check_usernames'], 222 $mybb->settings['stopforumspam_check_emails'], 223 $mybb->settings['stopforumspam_check_ips'], 224 $mybb->settings['stopforumspam_log_blocks'] 225 ); 226 227 try { 228 if($stop_forum_spam_checker->is_user_a_spammer($user['username'], $user['email'], get_ip())) 229 { 230 error($lang->sprintf($lang->error_stop_forum_spam_spammer, 231 $stop_forum_spam_checker->getErrorText(array( 232 'stopforumspam_check_usernames', 233 'stopforumspam_check_emails', 234 'stopforumspam_check_ips' 235 )))); 236 } 237 } 238 catch (Exception $e) 239 { 240 if($mybb->settings['stopforumspam_block_on_error']) 241 { 242 error($lang->error_stop_forum_spam_fetching); 243 } 244 } 245 } 246 247 if($mybb->settings['captchaimage']) 248 { 249 require_once MYBB_ROOT.'inc/class_captcha.php'; 250 $captcha = new captcha; 251 252 if($captcha->validate_captcha() == false) 253 { 254 // CAPTCHA validation failed 255 foreach($captcha->get_errors() as $error) 256 { 257 $errors[] = $error; 258 } 259 } 260 } 261 262 // If we have a security question, check to see if answer is correct 263 if($mybb->settings['securityquestion']) 264 { 265 $question_id = $db->escape_string($mybb->get_input('question_id')); 266 $answer = $db->escape_string($mybb->get_input('answer')); 267 268 $query = $db->query(" 269 SELECT q.*, s.sid 270 FROM ".TABLE_PREFIX."questionsessions s 271 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 272 WHERE q.active='1' AND s.sid='{$question_id}' 273 "); 274 if($db->num_rows($query) > 0) 275 { 276 $question = $db->fetch_array($query); 277 $valid_answers = explode("\n", $question['answer']); 278 $validated = 0; 279 280 foreach($valid_answers as $answers) 281 { 282 if(my_strtolower($answers) == my_strtolower($answer)) 283 { 284 $validated = 1; 285 } 286 } 287 288 if($validated != 1) 289 { 290 $update_question = array( 291 "incorrect" => $question['incorrect'] + 1 292 ); 293 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 294 295 $errors[] = $lang->error_question_wrong; 296 } 297 else 298 { 299 $update_question = array( 300 "correct" => $question['correct'] + 1 301 ); 302 $db->update_query("questions", $update_question, "qid='{$question['qid']}'"); 303 } 304 305 $db->delete_query("questionsessions", "sid='{$question_id}'"); 306 } 307 } 308 309 $regerrors = ''; 310 if(!empty($errors)) 311 { 312 $username = htmlspecialchars_uni($mybb->get_input('username')); 313 $email = htmlspecialchars_uni($mybb->get_input('email')); 314 $email2 = htmlspecialchars_uni($mybb->get_input('email2')); 315 $referrername = htmlspecialchars_uni($mybb->get_input('referrername')); 316 317 $allownoticescheck = $hideemailcheck = $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 318 $receivepmscheck = $pmnoticecheck = $pmnotifycheck = $invisiblecheck = $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 319 320 if($mybb->get_input('allownotices', MyBB::INPUT_INT) == 1) 321 { 322 $allownoticescheck = "checked=\"checked\""; 323 } 324 325 if($mybb->get_input('hideemail', MyBB::INPUT_INT) == 1) 326 { 327 $hideemailcheck = "checked=\"checked\""; 328 } 329 330 if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 1) 331 { 332 $no_subscribe_selected = "selected=\"selected\""; 333 } 334 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 2) 335 { 336 $instant_email_subscribe_selected = "selected=\"selected\""; 337 } 338 else if($mybb->get_input('subscriptionmethod', MyBB::INPUT_INT) == 3) 339 { 340 $instant_pm_subscribe_selected = "selected=\"selected\""; 341 } 342 else 343 { 344 $no_auto_subscribe_selected = "selected=\"selected\""; 345 } 346 347 if($mybb->get_input('receivepms', MyBB::INPUT_INT) == 1) 348 { 349 $receivepmscheck = "checked=\"checked\""; 350 } 351 352 if($mybb->get_input('pmnotice', MyBB::INPUT_INT) == 1) 353 { 354 $pmnoticecheck = " checked=\"checked\""; 355 } 356 357 if($mybb->get_input('pmnotify', MyBB::INPUT_INT) == 1) 358 { 359 $pmnotifycheck = "checked=\"checked\""; 360 } 361 362 if($mybb->get_input('invisible', MyBB::INPUT_INT) == 1) 363 { 364 $invisiblecheck = "checked=\"checked\""; 365 } 366 367 if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 2) 368 { 369 $dst_auto_selected = "selected=\"selected\""; 370 } 371 else if($mybb->get_input('dstcorrection', MyBB::INPUT_INT) == 1) 372 { 373 $dst_enabled_selected = "selected=\"selected\""; 374 } 375 else 376 { 377 $dst_disabled_selected = "selected=\"selected\""; 378 } 379 380 $regerrors = inline_error($errors); 381 $mybb->input['action'] = "register"; 382 $fromreg = 1; 383 } 384 else 385 { 386 $user_info = $userhandler->insert_user(); 387 388 // Invalidate solved captcha 389 if($mybb->settings['captchaimage']) 390 { 391 $captcha->invalidate_captcha(); 392 } 393 394 if($mybb->settings['regtype'] != "randompass" && empty($mybb->cookies['coppauser'])) 395 { 396 // Log them in 397 my_setcookie("mybbuser", $user_info['uid']."_".$user_info['loginkey'], null, true, "lax"); 398 } 399 400 if(!empty($mybb->cookies['coppauser'])) 401 { 402 $lang->redirect_registered_coppa_activate = $lang->sprintf($lang->redirect_registered_coppa_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 403 my_unsetcookie("coppauser"); 404 my_unsetcookie("coppadob"); 405 $plugins->run_hooks("member_do_register_end"); 406 error($lang->redirect_registered_coppa_activate); 407 } 408 else if($mybb->settings['regtype'] == "verify") 409 { 410 $activationcode = random_str(); 411 $now = TIME_NOW; 412 $activationarray = array( 413 "uid" => $user_info['uid'], 414 "dateline" => TIME_NOW, 415 "code" => $activationcode, 416 "type" => "r" 417 ); 418 $db->insert_query("awaitingactivation", $activationarray); 419 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 420 switch($mybb->settings['username_method']) 421 { 422 case 0: 423 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 424 break; 425 case 1: 426 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 427 break; 428 case 2: 429 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 430 break; 431 default: 432 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 433 break; 434 } 435 my_mail($user_info['email'], $emailsubject, $emailmessage); 436 437 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 438 439 $plugins->run_hooks("member_do_register_end"); 440 441 error($lang->redirect_registered_activation); 442 } 443 else if($mybb->settings['regtype'] == "randompass") 444 { 445 $emailsubject = $lang->sprintf($lang->emailsubject_randompassword, $mybb->settings['bbname']); 446 switch($mybb->settings['username_method']) 447 { 448 case 0: 449 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 450 break; 451 case 1: 452 $emailmessage = $lang->sprintf($lang->email_randompassword1, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 453 break; 454 case 2: 455 $emailmessage = $lang->sprintf($lang->email_randompassword2, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 456 break; 457 default: 458 $emailmessage = $lang->sprintf($lang->email_randompassword, $user['username'], $mybb->settings['bbname'], $user_info['username'], $mybb->get_input('password')); 459 break; 460 } 461 my_mail($user_info['email'], $emailsubject, $emailmessage); 462 463 $plugins->run_hooks("member_do_register_end"); 464 465 error($lang->redirect_registered_passwordsent); 466 } 467 else if($mybb->settings['regtype'] == "admin") 468 { 469 $groups = $cache->read("usergroups"); 470 $admingroups = array(); 471 if(!empty($groups)) // Shouldn't be... 472 { 473 foreach($groups as $group) 474 { 475 if($group['cancp'] == 1) 476 { 477 $admingroups[] = (int)$group['gid']; 478 } 479 } 480 } 481 482 if(!empty($admingroups)) 483 { 484 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 485 foreach($admingroups as $admingroup) 486 { 487 switch($db->type) 488 { 489 case 'pgsql': 490 case 'sqlite': 491 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 492 break; 493 default: 494 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 495 break; 496 } 497 } 498 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 499 while($recipient = $db->fetch_array($q)) 500 { 501 // First we check if the user's a super admin: if yes, we don't care about permissions 502 $is_super_admin = is_super_admin($recipient['uid']); 503 if(!$is_super_admin) 504 { 505 // Include admin functions 506 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 507 { 508 continue; 509 } 510 511 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 512 513 // Verify if we have permissions to access user-users 514 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 515 if(function_exists("user_admin_permissions")) 516 { 517 // Get admin permissions 518 $adminperms = get_admin_permissions($recipient['uid']); 519 520 $permissions = user_admin_permissions(); 521 if(array_key_exists('users', $permissions['permissions']) && $adminperms['user']['users'] != 1) 522 { 523 continue; // No permissions 524 } 525 } 526 } 527 528 // Load language 529 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 530 { 531 $reset_lang = true; 532 $lang->set_language($recipient['language']); 533 $lang->load("member"); 534 } 535 536 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 537 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 538 my_mail($recipient['email'], $subject, $message); 539 } 540 541 // Reset language 542 if(isset($reset_lang)) 543 { 544 $lang->set_language($mybb->settings['bblanguage']); 545 $lang->load("member"); 546 } 547 } 548 549 $lang->redirect_registered_admin_activate = $lang->sprintf($lang->redirect_registered_admin_activate, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 550 551 $plugins->run_hooks("member_do_register_end"); 552 553 error($lang->redirect_registered_admin_activate); 554 } 555 else if($mybb->settings['regtype'] == "both") 556 { 557 $groups = $cache->read("usergroups"); 558 $admingroups = array(); 559 if(!empty($groups)) // Shouldn't be... 560 { 561 foreach($groups as $group) 562 { 563 if($group['cancp'] == 1) 564 { 565 $admingroups[] = (int)$group['gid']; 566 } 567 } 568 } 569 570 if(!empty($admingroups)) 571 { 572 $sqlwhere = 'usergroup IN ('.implode(',', $admingroups).')'; 573 foreach($admingroups as $admingroup) 574 { 575 switch($db->type) 576 { 577 case 'pgsql': 578 case 'sqlite': 579 $sqlwhere .= " OR ','||additionalgroups||',' LIKE '%,{$admingroup},%'"; 580 break; 581 default: 582 $sqlwhere .= " OR CONCAT(',',additionalgroups,',') LIKE '%,{$admingroup},%'"; 583 break; 584 } 585 } 586 $q = $db->simple_select('users', 'uid,username,email,language', $sqlwhere); 587 while($recipient = $db->fetch_array($q)) 588 { 589 // First we check if the user's a super admin: if yes, we don't care about permissions 590 $is_super_admin = is_super_admin($recipient['uid']); 591 if(!$is_super_admin) 592 { 593 // Include admin functions 594 if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php")) 595 { 596 continue; 597 } 598 599 require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"; 600 601 // Verify if we have permissions to access user-users 602 require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/user/module_meta.php"; 603 // Get admin permissions 604 $adminperms = get_admin_permissions($recipient['uid']); 605 if(empty($adminperms['user']['users']) || $adminperms['user']['users'] != 1) 606 { 607 continue; // No permissions 608 } 609 } 610 611 // Load language 612 if($recipient['language'] != $lang->language && $lang->language_exists($recipient['language'])) 613 { 614 $reset_lang = true; 615 $lang->set_language($recipient['language']); 616 $lang->load("member"); 617 } 618 619 $subject = $lang->sprintf($lang->newregistration_subject, $mybb->settings['bbname']); 620 $message = $lang->sprintf($lang->newregistration_message, $recipient['username'], $mybb->settings['bbname'], $user['username']); 621 my_mail($recipient['email'], $subject, $message); 622 } 623 624 // Reset language 625 if(isset($reset_lang)) 626 { 627 $lang->set_language($mybb->settings['bblanguage']); 628 $lang->load("member"); 629 } 630 } 631 632 $activationcode = random_str(); 633 $activationarray = array( 634 "uid" => $user_info['uid'], 635 "dateline" => TIME_NOW, 636 "code" => $activationcode, 637 "type" => "b" 638 ); 639 $db->insert_query("awaitingactivation", $activationarray); 640 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 641 switch($mybb->settings['username_method']) 642 { 643 case 0: 644 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 645 break; 646 case 1: 647 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 648 break; 649 case 2: 650 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 651 break; 652 default: 653 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user_info['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user_info['uid'], $activationcode); 654 break; 655 } 656 my_mail($user_info['email'], $emailsubject, $emailmessage); 657 658 $lang->redirect_registered_activation = $lang->sprintf($lang->redirect_registered_activation, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 659 660 $plugins->run_hooks("member_do_register_end"); 661 662 error($lang->redirect_registered_activation); 663 } 664 else 665 { 666 $lang->redirect_registered = $lang->sprintf($lang->redirect_registered, $mybb->settings['bbname'], htmlspecialchars_uni($user_info['username'])); 667 668 $plugins->run_hooks("member_do_register_end"); 669 670 redirect("index.php", $lang->redirect_registered); 671 } 672 } 673 } 674 675 if($mybb->input['action'] == "coppa_form") 676 { 677 if(!$mybb->settings['faxno']) 678 { 679 $mybb->settings['faxno'] = " "; 680 } 681 682 $plugins->run_hooks("member_coppa_form"); 683 684 eval("\$coppa_form = \"".$templates->get("member_coppa_form")."\";"); 685 output_page($coppa_form); 686 } 687 688 if($mybb->input['action'] == "register") 689 { 690 $bdaysel = ''; 691 if($mybb->settings['coppa'] == "disabled") 692 { 693 $bdaysel = $bday2blank = ''; 694 } 695 $mybb->input['bday1'] = $mybb->get_input('bday1', MyBB::INPUT_INT); 696 for($day = 1; $day <= 31; ++$day) 697 { 698 $selected = ''; 699 if($mybb->input['bday1'] == $day) 700 { 701 $selected = " selected=\"selected\""; 702 } 703 704 eval("\$bdaysel .= \"".$templates->get("member_register_day")."\";"); 705 } 706 707 $mybb->input['bday2'] = $mybb->get_input('bday2', MyBB::INPUT_INT); 708 $bdaymonthsel = array(); 709 foreach(range(1, 12) as $number) 710 { 711 $bdaymonthsel[$number] = ''; 712 } 713 $bdaymonthsel[$mybb->input['bday2']] = "selected=\"selected\""; 714 $birthday_year = $mybb->get_input('bday3', MyBB::INPUT_INT); 715 716 if($birthday_year == 0) 717 { 718 $birthday_year = ''; 719 } 720 721 $under_thirteen = false; 722 723 // Is COPPA checking enabled? 724 if($mybb->settings['coppa'] != "disabled" && !isset($mybb->input['step'])) 725 { 726 // Just selected DOB, we check 727 if($mybb->input['bday1'] && $mybb->input['bday2'] && $birthday_year) 728 { 729 my_unsetcookie("coppauser"); 730 731 $months = get_bdays($birthday_year); 732 if($mybb->input['bday2'] < 1 || $mybb->input['bday2'] > 12 || $birthday_year < (date("Y")-100) || $birthday_year > date("Y") || $mybb->input['bday1'] > $months[$mybb->input['bday2']-1]) 733 { 734 error($lang->error_invalid_birthday); 735 } 736 737 $bdaytime = @mktime(0, 0, 0, $mybb->input['bday2'], $mybb->input['bday1'], $birthday_year); 738 739 // Store DOB in cookie so we can save it with the registration 740 my_setcookie("coppadob", "{$mybb->input['bday1']}-{$mybb->input['bday2']}-{$birthday_year}", -1); 741 742 // User is <= 13, we mark as a coppa user 743 if($bdaytime >= mktime(0, 0, 0, my_date('n'), my_date('d'), my_date('Y')-13)) 744 { 745 my_setcookie("coppauser", 1, -0); 746 $under_thirteen = true; 747 } 748 else 749 { 750 my_setcookie("coppauser", 0, -0); 751 } 752 $mybb->request_method = ""; 753 } 754 // Show DOB select form 755 else 756 { 757 $plugins->run_hooks("member_register_coppa"); 758 759 my_unsetcookie("coppauser"); 760 761 $coppa_desc = $mybb->settings['coppa'] == 'deny' ? $lang->coppa_desc_for_deny : $lang->coppa_desc; 762 eval("\$coppa = \"".$templates->get("member_register_coppa")."\";"); 763 output_page($coppa); 764 exit; 765 } 766 } 767 768 if((!isset($mybb->input['agree']) && !isset($mybb->input['regsubmit'])) && $fromreg == 0 || $mybb->request_method != "post") 769 { 770 $coppa_agreement = ''; 771 // Is this user a COPPA user? We need to show the COPPA agreement too 772 if($mybb->settings['coppa'] != "disabled" && (!empty($mybb->cookies['coppauser']) || $under_thirteen)) 773 { 774 if($mybb->settings['coppa'] == "deny") 775 { 776 error($lang->error_need_to_be_thirteen); 777 } 778 $lang->coppa_agreement_1 = $lang->sprintf($lang->coppa_agreement_1, $mybb->settings['bbname']); 779 eval("\$coppa_agreement = \"".$templates->get("member_register_agreement_coppa")."\";"); 780 } 781 782 $plugins->run_hooks("member_register_agreement"); 783 784 eval("\$agreement = \"".$templates->get("member_register_agreement")."\";"); 785 output_page($agreement); 786 } 787 else 788 { 789 $plugins->run_hooks("member_register_start"); 790 791 // JS validator extra 792 if($mybb->settings['maxnamelength'] > 0 && $mybb->settings['minnamelength'] > 0) 793 { 794 $lang->js_validator_username_length = $lang->sprintf($lang->js_validator_username_length, $mybb->settings['minnamelength'], $mybb->settings['maxnamelength']); 795 } 796 797 if(isset($mybb->input['timezoneoffset'])) 798 { 799 $timezoneoffset = $mybb->get_input('timezoneoffset'); 800 } 801 else 802 { 803 $timezoneoffset = $mybb->settings['timezoneoffset']; 804 } 805 $tzselect = build_timezone_select("timezoneoffset", $timezoneoffset, true); 806 807 $stylelist = build_theme_select("style"); 808 809 if($mybb->settings['usertppoptions']) 810 { 811 $tppoptions = ''; 812 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 813 if(is_array($explodedtpp)) 814 { 815 foreach($explodedtpp as $val) 816 { 817 $val = trim($val); 818 $tpp_option = $lang->sprintf($lang->tpp_option, $val); 819 eval("\$tppoptions .= \"".$templates->get("usercp_options_tppselect_option")."\";"); 820 } 821 } 822 eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); 823 } 824 if($mybb->settings['userpppoptions']) 825 { 826 $pppoptions = ''; 827 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 828 if(is_array($explodedppp)) 829 { 830 foreach($explodedppp as $val) 831 { 832 $val = trim($val); 833 $ppp_option = $lang->sprintf($lang->ppp_option, $val); 834 eval("\$pppoptions .= \"".$templates->get("usercp_options_pppselect_option")."\";"); 835 } 836 } 837 eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";"); 838 } 839 if($mybb->settings['usereferrals'] == 1 && !$mybb->user['uid']) 840 { 841 if(isset($mybb->cookies['mybb']['referrer'])) 842 { 843 $query = $db->simple_select("users", "uid,username", "uid='".(int)$mybb->cookies['mybb']['referrer']."'"); 844 $ref = $db->fetch_array($query); 845 $ref['username'] = htmlspecialchars_uni($ref['username']); 846 $referrername = $ref['username']; 847 } 848 elseif(!empty($referrer)) 849 { 850 $query = $db->simple_select("users", "username", "uid='".(int)$referrer['uid']."'"); 851 $ref = $db->fetch_array($query); 852 $ref['username'] = htmlspecialchars_uni($ref['username']); 853 $referrername = $ref['username']; 854 } 855 elseif(!empty($referrername)) 856 { 857 $ref = get_user_by_username($referrername); 858 if(!$ref) 859 { 860 $errors[] = $lang->error_badreferrer; 861 } 862 } 863 else 864 { 865 $referrername = ''; 866 } 867 if(isset($quickreg)) 868 { 869 $refbg = "trow1"; 870 } 871 else 872 { 873 $refbg = "trow2"; 874 } 875 eval("\$referrer = \"".$templates->get("member_register_referrer")."\";"); 876 } 877 else 878 { 879 $referrer = ''; 880 } 881 $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY); 882 // Custom profile fields baby! 883 $altbg = "trow1"; 884 $requiredfields = $customfields = ''; 885 886 if($mybb->settings['regtype'] == "verify" || $mybb->settings['regtype'] == "admin" || $mybb->settings['regtype'] == "both" || $mybb->get_input('coppa', MyBB::INPUT_INT) == 1) 887 { 888 $usergroup = 5; 889 } 890 else 891 { 892 $usergroup = 2; 893 } 894 895 $pfcache = $cache->read('profilefields'); 896 897 if(is_array($pfcache)) 898 { 899 $jsvar_reqfields = array(); 900 foreach($pfcache as $profilefield) 901 { 902 if($profilefield['required'] != 1 && $profilefield['registration'] != 1 || !is_member($profilefield['editableby'], array('usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $usergroup))) 903 { 904 continue; 905 } 906 907 $code = $select = $val = $options = $expoptions = $useropts = ''; 908 $seloptions = array(); 909 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 910 $thing = explode("\n", $profilefield['type'], 2); 911 $type = trim($thing[0]); 912 $options = isset($thing[1]) ? $thing[1] : null; 913 $select = ''; 914 $field = "fid{$profilefield['fid']}"; 915 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 916 $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); 917 if(!empty($errors) && isset($mybb->input['profile_fields'][$field])) 918 { 919 $userfield = $mybb->input['profile_fields'][$field]; 920 } 921 else 922 { 923 $userfield = ''; 924 } 925 if($type == "multiselect") 926 { 927 if(!empty($errors)) 928 { 929 $useropts = $userfield; 930 } 931 else 932 { 933 $useropts = explode("\n", $userfield); 934 } 935 if(is_array($useropts)) 936 { 937 foreach($useropts as $key => $val) 938 { 939 $seloptions[$val] = $val; 940 } 941 } 942 $expoptions = explode("\n", $options); 943 if(is_array($expoptions)) 944 { 945 foreach($expoptions as $key => $val) 946 { 947 $val = trim($val); 948 $val = str_replace("\n", "\\n", $val); 949 950 $sel = ""; 951 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 952 { 953 $sel = ' selected="selected"'; 954 } 955 956 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 957 } 958 if(!$profilefield['length']) 959 { 960 $profilefield['length'] = 3; 961 } 962 963 eval("\$code = \"".$templates->get("usercp_profile_profilefields_multiselect")."\";"); 964 } 965 } 966 elseif($type == "select") 967 { 968 $expoptions = explode("\n", $options); 969 if(is_array($expoptions)) 970 { 971 foreach($expoptions as $key => $val) 972 { 973 $val = trim($val); 974 $val = str_replace("\n", "\\n", $val); 975 $sel = ""; 976 if($val == $userfield) 977 { 978 $sel = ' selected="selected"'; 979 } 980 981 eval("\$select .= \"".$templates->get("usercp_profile_profilefields_select_option")."\";"); 982 } 983 if(!$profilefield['length']) 984 { 985 $profilefield['length'] = 1; 986 } 987 988 eval("\$code = \"".$templates->get("usercp_profile_profilefields_select")."\";"); 989 } 990 } 991 elseif($type == "radio") 992 { 993 $expoptions = explode("\n", $options); 994 if(is_array($expoptions)) 995 { 996 foreach($expoptions as $key => $val) 997 { 998 $checked = ""; 999 if($val == $userfield) 1000 { 1001 $checked = 'checked="checked"'; 1002 } 1003 1004 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_radio")."\";"); 1005 } 1006 } 1007 } 1008 elseif($type == "checkbox") 1009 { 1010 if(!empty($errors)) 1011 { 1012 $useropts = $userfield; 1013 } 1014 else 1015 { 1016 $useropts = explode("\n", $userfield); 1017 } 1018 if(is_array($useropts)) 1019 { 1020 foreach($useropts as $key => $val) 1021 { 1022 $seloptions[$val] = $val; 1023 } 1024 } 1025 $expoptions = explode("\n", $options); 1026 if(is_array($expoptions)) 1027 { 1028 foreach($expoptions as $key => $val) 1029 { 1030 $checked = ""; 1031 if(isset($seloptions[$val]) && $val == $seloptions[$val]) 1032 { 1033 $checked = 'checked="checked"'; 1034 } 1035 1036 eval("\$code .= \"".$templates->get("usercp_profile_profilefields_checkbox")."\";"); 1037 } 1038 } 1039 } 1040 elseif($type == "textarea") 1041 { 1042 $value = htmlspecialchars_uni($userfield); 1043 eval("\$code = \"".$templates->get("usercp_profile_profilefields_textarea")."\";"); 1044 } 1045 else 1046 { 1047 $value = htmlspecialchars_uni($userfield); 1048 $maxlength = ""; 1049 if($profilefield['maxlength'] > 0) 1050 { 1051 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 1052 } 1053 1054 eval("\$code = \"".$templates->get("usercp_profile_profilefields_text")."\";"); 1055 } 1056 1057 if($profilefield['required'] == 1) 1058 { 1059 // JS validator extra, choose correct selectors for everything except single select which always has value 1060 if($type != 'select') 1061 { 1062 $jsvar_reqfields[] = array( 1063 'type' => $type, 1064 'fid' => $field, 1065 ); 1066 } 1067 1068 eval("\$requiredfields .= \"".$templates->get("member_register_customfield")."\";"); 1069 } 1070 else 1071 { 1072 eval("\$customfields .= \"".$templates->get("member_register_customfield")."\";"); 1073 } 1074 } 1075 1076 if($requiredfields) 1077 { 1078 eval("\$requiredfields = \"".$templates->get("member_register_requiredfields")."\";"); 1079 } 1080 1081 if($customfields) 1082 { 1083 eval("\$customfields = \"".$templates->get("member_register_additionalfields")."\";"); 1084 } 1085 } 1086 1087 if(!isset($fromreg) || $fromreg == 0) 1088 { 1089 $allownoticescheck = "checked=\"checked\""; 1090 $hideemailcheck = ''; 1091 $receivepmscheck = "checked=\"checked\""; 1092 $pmnoticecheck = " checked=\"checked\""; 1093 $pmnotifycheck = ''; 1094 $invisiblecheck = ''; 1095 if($mybb->settings['dstcorrection'] == 1) 1096 { 1097 $enabledstcheck = "checked=\"checked\""; 1098 } 1099 $no_auto_subscribe_selected = $instant_email_subscribe_selected = $instant_pm_subscribe_selected = $no_subscribe_selected = ''; 1100 $dst_auto_selected = $dst_enabled_selected = $dst_disabled_selected = ''; 1101 $username = $email = $email2 = ''; 1102 $regerrors = ''; 1103 } 1104 // Spambot registration image thingy 1105 $captcha_html = 0; 1106 $regimage = ''; 1107 if($mybb->settings['captchaimage']) 1108 { 1109 require_once MYBB_ROOT.'inc/class_captcha.php'; 1110 $captcha = new captcha(true, "member_register_regimage"); 1111 1112 if($captcha->html) 1113 { 1114 $captcha_html = 1; 1115 $regimage = $captcha->html; 1116 } 1117 } 1118 1119 // Security Question 1120 $questionbox = ''; 1121 $question_exists = 0; 1122 if($mybb->settings['securityquestion']) 1123 { 1124 $sid = generate_question(); 1125 $query = $db->query(" 1126 SELECT q.question, s.sid 1127 FROM ".TABLE_PREFIX."questionsessions s 1128 LEFT JOIN ".TABLE_PREFIX."questions q ON (q.qid=s.qid) 1129 WHERE q.active='1' AND s.sid='{$sid}' 1130 "); 1131 if($db->num_rows($query) > 0) 1132 { 1133 $question_exists = 1; 1134 $question = $db->fetch_array($query); 1135 1136 //Set parser options for security question 1137 $parser_options = array( 1138 "allow_html" => 0, 1139 "allow_mycode" => 1, 1140 "allow_smilies" => 1, 1141 "allow_imgcode" => 1, 1142 "allow_videocode" => 1, 1143 "filter_badwords" => 1, 1144 "me_username" => 0, 1145 "shorten_urls" => 0, 1146 "highlight" => 0, 1147 ); 1148 1149 //Parse question 1150 $question['question'] = $parser->parse_message($question['question'], $parser_options); 1151 $question['sid'] = htmlspecialchars_uni($question['sid']); 1152 1153 $refresh = ''; 1154 // Total questions 1155 $q = $db->simple_select('questions', 'COUNT(qid) as num', 'active=1'); 1156 $num = $db->fetch_field($q, 'num'); 1157 if($num > 1) 1158 { 1159 eval("\$refresh = \"".$templates->get("member_register_question_refresh")."\";"); 1160 } 1161 1162 eval("\$questionbox = \"".$templates->get("member_register_question")."\";"); 1163 } 1164 } 1165 1166 $hiddencaptcha = ''; 1167 // Hidden CAPTCHA for Spambots 1168 if($mybb->settings['hiddencaptchaimage']) 1169 { 1170 $captcha_field = $mybb->settings['hiddencaptchaimagefield']; 1171 1172 eval("\$hiddencaptcha = \"".$templates->get("member_register_hiddencaptcha")."\";"); 1173 } 1174 if($mybb->settings['regtype'] != "randompass") 1175 { 1176 // JS validator extra 1177 $lang->js_validator_password_length = $lang->sprintf($lang->js_validator_password_length, $mybb->settings['minpasswordlength']); 1178 1179 // See if the board has "require complex passwords" enabled. 1180 if($mybb->settings['requirecomplexpasswords'] == 1) 1181 { 1182 $lang->password = $lang->complex_password = $lang->sprintf($lang->complex_password, $mybb->settings['minpasswordlength']); 1183 } 1184 eval("\$passboxes = \"".$templates->get("member_register_password")."\";"); 1185 } 1186 1187 $languages = $lang->get_languages(); 1188 $langoptions = $boardlanguage = ''; 1189 if(count($languages) > 1) 1190 { 1191 foreach($languages as $name => $language) 1192 { 1193 $language = htmlspecialchars_uni($language); 1194 1195 $sel = ''; 1196 if($mybb->get_input('language') == $name) 1197 { 1198 $sel = " selected=\"selected\""; 1199 } 1200 1201 eval('$langoptions .= "'.$templates->get('usercp_options_language_option').'";'); 1202 } 1203 1204 eval('$boardlanguage = "'.$templates->get('member_register_language').'";'); 1205 } 1206 1207 // Set the time so we can find automated signups 1208 $time = TIME_NOW; 1209 1210 $plugins->run_hooks("member_register_end"); 1211 1212 $jsvar_reqfields = json_encode($jsvar_reqfields); 1213 1214 $validator_javascript = "<script type=\"text/javascript\"> 1215 var regsettings = { 1216 requiredfields: '{$jsvar_reqfields}', 1217 minnamelength: '{$mybb->settings['minnamelength']}', 1218 maxnamelength: '{$mybb->settings['maxnamelength']}', 1219 minpasswordlength: '{$mybb->settings['minpasswordlength']}', 1220 captchaimage: '{$mybb->settings['captchaimage']}', 1221 captchahtml: '{$captcha_html}', 1222 securityquestion: '{$mybb->settings['securityquestion']}', 1223 questionexists: '{$question_exists}', 1224 requirecomplexpasswords: '{$mybb->settings['requirecomplexpasswords']}', 1225 regtype: '{$mybb->settings['regtype']}', 1226 hiddencaptchaimage: '{$mybb->settings['hiddencaptchaimage']}' 1227 }; 1228 1229 lang.js_validator_no_username = '{$lang->js_validator_no_username}'; 1230 lang.js_validator_username_length = '{$lang->js_validator_username_length}'; 1231 lang.js_validator_invalid_email = '{$lang->js_validator_invalid_email}'; 1232 lang.js_validator_email_match = '{$lang->js_validator_email_match}'; 1233 lang.js_validator_not_empty = '{$lang->js_validator_not_empty}'; 1234 lang.js_validator_password_length = '{$lang->js_validator_password_length}'; 1235 lang.js_validator_password_matches = '{$lang->js_validator_password_matches}'; 1236 lang.js_validator_no_image_text = '{$lang->js_validator_no_image_text}'; 1237 lang.js_validator_no_security_question = '{$lang->js_validator_no_security_question}'; 1238 lang.js_validator_bad_password_security = '{$lang->js_validator_bad_password_security}'; 1239 </script>\n"; 1240 1241 eval("\$registration = \"".$templates->get("member_register")."\";"); 1242 output_page($registration); 1243 } 1244 } 1245 1246 if($mybb->input['action'] == "activate") 1247 { 1248 $plugins->run_hooks("member_activate_start"); 1249 1250 if(isset($mybb->input['username'])) 1251 { 1252 $mybb->input['username'] = $mybb->get_input('username'); 1253 $options = array( 1254 'username_method' => $mybb->settings['username_method'], 1255 'fields' => '*', 1256 ); 1257 $user = get_user_by_username($mybb->input['username'], $options); 1258 if(!$user) 1259 { 1260 switch($mybb->settings['username_method']) 1261 { 1262 case 0: 1263 error($lang->error_invalidpworusername); 1264 break; 1265 case 1: 1266 error($lang->error_invalidpworusername1); 1267 break; 1268 case 2: 1269 error($lang->error_invalidpworusername2); 1270 break; 1271 default: 1272 error($lang->error_invalidpworusername); 1273 break; 1274 } 1275 } 1276 $uid = $user['uid']; 1277 } 1278 else 1279 { 1280 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1281 } 1282 if(isset($mybb->input['code']) && $user) 1283 { 1284 $query = $db->simple_select("awaitingactivation", "*", "uid='".$user['uid']."' AND (type='r' OR type='e' OR type='b')"); 1285 $activation = $db->fetch_array($query); 1286 if(!$activation) 1287 { 1288 error($lang->error_alreadyactivated); 1289 } 1290 if($activation['code'] !== $mybb->get_input('code')) 1291 { 1292 error($lang->error_badactivationcode); 1293 } 1294 1295 if($activation['type'] == "b" && $activation['validated'] == 1) 1296 { 1297 error($lang->error_alreadyvalidated); 1298 } 1299 1300 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND (type='r' OR type='e')"); 1301 1302 if($user['usergroup'] == 5 && $activation['type'] != "e" && $activation['type'] != "b") 1303 { 1304 $db->update_query("users", array("usergroup" => 2), "uid='".$user['uid']."'"); 1305 1306 $cache->update_awaitingactivation(); 1307 } 1308 if($activation['type'] == "e") 1309 { 1310 $newemail = array( 1311 "email" => $db->escape_string($activation['misc']), 1312 ); 1313 $db->update_query("users", $newemail, "uid='".$user['uid']."'"); 1314 $plugins->run_hooks("member_activate_emailupdated"); 1315 1316 redirect("usercp.php", $lang->redirect_emailupdated); 1317 } 1318 elseif($activation['type'] == "b") 1319 { 1320 $update = array( 1321 "validated" => 1, 1322 ); 1323 $db->update_query("awaitingactivation", $update, "uid='".$user['uid']."' AND type='b'"); 1324 $plugins->run_hooks("member_activate_emailactivated"); 1325 1326 redirect("index.php", $lang->redirect_accountactivated_admin, "", true); 1327 } 1328 else 1329 { 1330 $plugins->run_hooks("member_activate_accountactivated"); 1331 1332 redirect("index.php", $lang->redirect_accountactivated); 1333 } 1334 } 1335 else 1336 { 1337 $plugins->run_hooks("member_activate_form"); 1338 1339 $code = htmlspecialchars_uni($mybb->get_input('code')); 1340 1341 if(!isset($user['username'])) 1342 { 1343 $user['username'] = ''; 1344 } 1345 $user['username'] = htmlspecialchars_uni($user['username']); 1346 1347 eval("\$activate = \"".$templates->get("member_activate")."\";"); 1348 output_page($activate); 1349 } 1350 } 1351 1352 if($mybb->input['action'] == "do_resendactivation" && $mybb->request_method == "post") 1353 { 1354 $plugins->run_hooks("member_do_resendactivation_start"); 1355 1356 if($mybb->settings['regtype'] == "admin") 1357 { 1358 error($lang->error_activated_by_admin); 1359 } 1360 1361 $errors = array(); 1362 1363 if($mybb->settings['captchaimage']) 1364 { 1365 require_once MYBB_ROOT.'inc/class_captcha.php'; 1366 $captcha = new captcha; 1367 1368 if($captcha->validate_captcha() == false) 1369 { 1370 // CAPTCHA validation failed 1371 foreach($captcha->get_errors() as $error) 1372 { 1373 $errors[] = $error; 1374 } 1375 } 1376 } 1377 1378 $query = $db->query(" 1379 SELECT u.uid, u.username, u.usergroup, u.email, a.code, a.type, a.validated 1380 FROM ".TABLE_PREFIX."users u 1381 LEFT JOIN ".TABLE_PREFIX."awaitingactivation a ON (a.uid=u.uid AND (a.type='r' OR a.type='b')) 1382 WHERE u.email='".$db->escape_string($mybb->get_input('email'))."' 1383 "); 1384 $numusers = $db->num_rows($query); 1385 if($numusers < 1) 1386 { 1387 error($lang->error_invalidemail); 1388 } 1389 else 1390 { 1391 if(count($errors) == 0) 1392 { 1393 while($user = $db->fetch_array($query)) 1394 { 1395 if($user['type'] == "b" && $user['validated'] == 1) 1396 { 1397 error($lang->error_activated_by_admin); 1398 } 1399 1400 if($user['usergroup'] == 5) 1401 { 1402 if(!$user['code']) 1403 { 1404 $user['code'] = random_str(); 1405 $uid = $user['uid']; 1406 $awaitingarray = array( 1407 "uid" => $uid, 1408 "dateline" => TIME_NOW, 1409 "code" => $user['code'], 1410 "type" => $user['type'] 1411 ); 1412 $db->insert_query("awaitingactivation", $awaitingarray); 1413 } 1414 $username = $user['username']; 1415 $email = $user['email']; 1416 $activationcode = $user['code']; 1417 $emailsubject = $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']); 1418 switch($mybb->settings['username_method']) 1419 { 1420 case 0: 1421 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1422 break; 1423 case 1: 1424 $emailmessage = $lang->sprintf($lang->email_activateaccount1, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1425 break; 1426 case 2: 1427 $emailmessage = $lang->sprintf($lang->email_activateaccount2, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1428 break; 1429 default: 1430 $emailmessage = $lang->sprintf($lang->email_activateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $user['uid'], $activationcode); 1431 break; 1432 } 1433 my_mail($email, $emailsubject, $emailmessage); 1434 } 1435 } 1436 1437 $plugins->run_hooks("member_do_resendactivation_end"); 1438 1439 redirect("index.php", $lang->redirect_activationresent); 1440 } 1441 else 1442 { 1443 $mybb->input['action'] = "resendactivation"; 1444 } 1445 } 1446 } 1447 1448 if($mybb->input['action'] == "resendactivation") 1449 { 1450 $plugins->run_hooks("member_resendactivation"); 1451 1452 if($mybb->settings['regtype'] == "admin") 1453 { 1454 error($lang->error_activated_by_admin); 1455 } 1456 1457 if($mybb->user['uid'] && $mybb->user['usergroup'] != 5) 1458 { 1459 error($lang->error_alreadyactivated); 1460 } 1461 1462 $query = $db->simple_select("awaitingactivation", "*", "uid='".$mybb->user['uid']."' AND type='b'"); 1463 $activation = $db->fetch_array($query); 1464 1465 if($activation && $activation['validated'] == 1) 1466 { 1467 error($lang->error_activated_by_admin); 1468 } 1469 1470 $captcha = ''; 1471 // Generate CAPTCHA? 1472 if($mybb->settings['captchaimage']) 1473 { 1474 require_once MYBB_ROOT.'inc/class_captcha.php'; 1475 $post_captcha = new captcha(true, "post_captcha"); 1476 1477 if($post_captcha->html) 1478 { 1479 $captcha = $post_captcha->html; 1480 } 1481 } 1482 1483 if(isset($errors) && count($errors) > 0) 1484 { 1485 $errors = inline_error($errors); 1486 $email = htmlspecialchars_uni($mybb->get_input('email')); 1487 } 1488 else 1489 { 1490 $errors = ''; 1491 $email = ''; 1492 } 1493 1494 $plugins->run_hooks("member_resendactivation_end"); 1495 1496 eval("\$activate = \"".$templates->get("member_resendactivation")."\";"); 1497 output_page($activate); 1498 } 1499 1500 if($mybb->input['action'] == "do_lostpw" && $mybb->request_method == "post") 1501 { 1502 $plugins->run_hooks("member_do_lostpw_start"); 1503 1504 $errors = array(); 1505 1506 if($mybb->settings['captchaimage']) 1507 { 1508 require_once MYBB_ROOT.'inc/class_captcha.php'; 1509 $captcha = new captcha; 1510 1511 if($captcha->validate_captcha() == false) 1512 { 1513 // CAPTCHA validation failed 1514 foreach($captcha->get_errors() as $error) 1515 { 1516 $errors[] = $error; 1517 } 1518 } 1519 } 1520 1521 $query = $db->simple_select("users", "*", "email='".$db->escape_string($mybb->get_input('email'))."'"); 1522 $numusers = $db->num_rows($query); 1523 if($numusers < 1) 1524 { 1525 error($lang->error_invalidemail); 1526 } 1527 else 1528 { 1529 if(count($errors) == 0) 1530 { 1531 while($user = $db->fetch_array($query)) 1532 { 1533 $db->delete_query("awaitingactivation", "uid='{$user['uid']}' AND type='p'"); 1534 $user['activationcode'] = random_str(30); 1535 $now = TIME_NOW; 1536 $uid = $user['uid']; 1537 $awaitingarray = array( 1538 "uid" => $user['uid'], 1539 "dateline" => TIME_NOW, 1540 "code" => $user['activationcode'], 1541 "type" => "p" 1542 ); 1543 $db->insert_query("awaitingactivation", $awaitingarray); 1544 $username = $user['username']; 1545 $email = $user['email']; 1546 $activationcode = $user['activationcode']; 1547 $emailsubject = $lang->sprintf($lang->emailsubject_lostpw, $mybb->settings['bbname']); 1548 switch($mybb->settings['username_method']) 1549 { 1550 case 0: 1551 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1552 break; 1553 case 1: 1554 $emailmessage = $lang->sprintf($lang->email_lostpw1, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1555 break; 1556 case 2: 1557 $emailmessage = $lang->sprintf($lang->email_lostpw2, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1558 break; 1559 default: 1560 $emailmessage = $lang->sprintf($lang->email_lostpw, $username, $mybb->settings['bbname'], $mybb->settings['bburl'], $uid, $activationcode); 1561 break; 1562 } 1563 my_mail($email, $emailsubject, $emailmessage); 1564 } 1565 1566 $plugins->run_hooks("member_do_lostpw_end"); 1567 1568 redirect("index.php", $lang->redirect_lostpwsent, "", true); 1569 } 1570 else 1571 { 1572 $mybb->input['action'] = "lostpw"; 1573 } 1574 } 1575 } 1576 1577 if($mybb->input['action'] == "lostpw") 1578 { 1579 $plugins->run_hooks("member_lostpw"); 1580 1581 $captcha = ''; 1582 // Generate CAPTCHA? 1583 if($mybb->settings['captchaimage']) 1584 { 1585 require_once MYBB_ROOT.'inc/class_captcha.php'; 1586 $post_captcha = new captcha(true, "post_captcha"); 1587 1588 if($post_captcha->html) 1589 { 1590 $captcha = $post_captcha->html; 1591 } 1592 } 1593 1594 if(isset($errors) && count($errors) > 0) 1595 { 1596 $errors = inline_error($errors); 1597 $email = htmlspecialchars_uni($mybb->get_input('email')); 1598 } 1599 else 1600 { 1601 $errors = ''; 1602 $email = ''; 1603 } 1604 1605 eval("\$lostpw = \"".$templates->get("member_lostpw")."\";"); 1606 output_page($lostpw); 1607 } 1608 1609 if($mybb->input['action'] == "resetpassword") 1610 { 1611 $plugins->run_hooks("member_resetpassword_start"); 1612 1613 if(isset($mybb->input['username'])) 1614 { 1615 $mybb->input['username'] = $mybb->get_input('username'); 1616 $options = array( 1617 'username_method' => $mybb->settings['username_method'], 1618 'fields' => '*', 1619 ); 1620 $user = get_user_by_username($mybb->input['username'], $options); 1621 if(!$user) 1622 { 1623 switch($mybb->settings['username_method']) 1624 { 1625 case 0: 1626 error($lang->error_invalidpworusername); 1627 break; 1628 case 1: 1629 error($lang->error_invalidpworusername1); 1630 break; 1631 case 2: 1632 error($lang->error_invalidpworusername2); 1633 break; 1634 default: 1635 error($lang->error_invalidpworusername); 1636 break; 1637 } 1638 } 1639 } 1640 else 1641 { 1642 $user = get_user($mybb->get_input('uid', MyBB::INPUT_INT)); 1643 } 1644 1645 if(isset($mybb->input['code']) && $user) 1646 { 1647 $query = $db->simple_select("awaitingactivation", "code", "uid='".$user['uid']."' AND type='p'"); 1648 $activationcode = $db->fetch_field($query, 'code'); 1649 $now = TIME_NOW; 1650 if(!$activationcode || $activationcode !== $mybb->get_input('code')) 1651 { 1652 error($lang->error_badlostpwcode); 1653 } 1654 $db->delete_query("awaitingactivation", "uid='".$user['uid']."' AND type='p'"); 1655 $username = $user['username']; 1656 1657 // Generate a new password, then update it 1658 $password_length = (int)$mybb->settings['minpasswordlength']; 1659 1660 if($password_length < 8) 1661 { 1662 $password_length = min(8, (int)$mybb->settings['maxpasswordlength']); 1663 } 1664 1665 // Set up user handler. 1666 require_once MYBB_ROOT.'inc/datahandlers/user.php'; 1667 $userhandler = new UserDataHandler('update'); 1668 1669 do 1670 { 1671 $password = random_str($password_length, $mybb->settings['requirecomplexpasswords']); 1672 1673 $userhandler->set_data(array( 1674 'uid' => $user['uid'], 1675 'username' => $user['username'], 1676 'email' => $user['email'], 1677 'password' => $password 1678 )); 1679 1680 $userhandler->set_validated(true); 1681 $userhandler->errors = array(); 1682 } while(!$userhandler->verify_password()); 1683 1684 $userhandler->update_user(); 1685 1686 $logindetails = array( 1687 'salt' => $userhandler->data['salt'], 1688 'password' => $userhandler->data['password'], 1689 'loginkey' => $userhandler->data['loginkey'], 1690 ); 1691 1692 $email = $user['email']; 1693 1694 $plugins->run_hooks("member_resetpassword_process"); 1695 1696 $emailsubject = $lang->sprintf($lang->emailsubject_passwordreset, $mybb->settings['bbname']); 1697 $emailmessage = $lang->sprintf($lang->email_passwordreset, $username, $mybb->settings['bbname'], $password); 1698 my_mail($email, $emailsubject, $emailmessage); 1699 1700 $plugins->run_hooks("member_resetpassword_reset"); 1701 1702 error($lang->redirect_passwordreset); 1703 } 1704 else 1705 { 1706 $plugins->run_hooks("member_resetpassword_form"); 1707 1708 switch($mybb->settings['username_method']) 1709 { 1710 case 0: 1711 $lang_username = $lang->username; 1712 break; 1713 case 1: 1714 $lang_username = $lang->username1; 1715 break; 1716 case 2: 1717 $lang_username = $lang->username2; 1718 break; 1719 default: 1720 $lang_username = $lang->username; 1721 break; 1722 } 1723 1724 $code = htmlspecialchars_uni($mybb->get_input('code')); 1725 1726 $input_username = htmlspecialchars_uni($mybb->get_input('username')); 1727 1728 eval("\$activate = \"".$templates->get("member_resetpassword")."\";"); 1729 output_page($activate); 1730 } 1731 } 1732 1733 $do_captcha = $correct = false; 1734 $inline_errors = ""; 1735 if($mybb->input['action'] == "do_login" && $mybb->request_method == "post") 1736 { 1737 verify_post_check($mybb->get_input('my_post_key')); 1738 1739 $errors = array(); 1740 1741 $plugins->run_hooks("member_do_login_start"); 1742 1743 require_once MYBB_ROOT."inc/datahandlers/login.php"; 1744 $loginhandler = new LoginDataHandler("get"); 1745 1746 if($mybb->get_input('quick_password') && $mybb->get_input('quick_username')) 1747 { 1748 $mybb->input['password'] = $mybb->get_input('quick_password'); 1749 $mybb->input['username'] = $mybb->get_input('quick_username'); 1750 $mybb->input['remember'] = $mybb->get_input('quick_remember'); 1751 } 1752 1753 $user = array( 1754 'username' => $mybb->get_input('username'), 1755 'password' => $mybb->get_input('password'), 1756 'remember' => $mybb->get_input('remember'), 1757 'imagestring' => $mybb->get_input('imagestring') 1758 ); 1759 1760 $options = array( 1761 'fields' => 'loginattempts', 1762 'username_method' => (int)$mybb->settings['username_method'], 1763 ); 1764 1765 $user_loginattempts = get_user_by_username($user['username'], $options); 1766 if(!empty($user_loginattempts)) 1767 { 1768 $user['loginattempts'] = (int)$user_loginattempts['loginattempts']; 1769 } 1770 1771 $loginhandler->set_data($user); 1772 $validated = $loginhandler->validate_login(); 1773 1774 if(!$validated) 1775 { 1776 $mybb->input['action'] = "login"; 1777 $mybb->request_method = "get"; 1778 1779 $login_user_uid = 0; 1780 if(!empty($loginhandler->login_data)) 1781 { 1782 $login_user_uid = (int)$loginhandler->login_data['uid']; 1783 $user['loginattempts'] = (int)$loginhandler->login_data['loginattempts']; 1784 } 1785 1786 // Is a fatal call if user has had too many tries 1787 $logins = login_attempt_check($login_user_uid); 1788 1789 $db->update_query("users", array('loginattempts' => 'loginattempts+1'), "uid='".$login_user_uid."'", 1, true); 1790 1791 $errors = $loginhandler->get_friendly_errors(); 1792 1793 // If we need a captcha set it here 1794 if( 1795 $mybb->settings['failedcaptchalogincount'] > 0 && 1796 ( 1797 ( 1798 isset($user['loginattempts']) && 1799 $user['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1800 ) || 1801 ( 1802 isset($mybb->cookies['loginattempts']) && 1803 (int)$mybb->cookies['loginattempts'] > $mybb->settings['failedcaptchalogincount'] 1804 ) 1805 ) 1806 ) 1807 { 1808 $do_captcha = true; 1809 $correct = $loginhandler->captcha_verified; 1810 } 1811 } 1812 else if($validated && $loginhandler->captcha_verified == true) 1813 { 1814 // Successful login 1815 if($loginhandler->login_data['coppauser']) 1816 { 1817 error($lang->error_awaitingcoppa); 1818 } 1819 1820 $loginhandler->complete_login(); 1821 1822 $plugins->run_hooks("member_do_login_end"); 1823 1824 $mybb->input['url'] = $mybb->get_input('url'); 1825 1826 if(!empty($mybb->input['url']) && my_strpos(basename($mybb->input['url']), 'member.php') === false && !preg_match('#^javascript:#i', $mybb->input['url'])) 1827 { 1828 if((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) 1829 { 1830 $mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']); 1831 } 1832 1833 $mybb->input['url'] = str_replace('&', '&', $mybb->input['url']); 1834 1835 if(my_strpos($mybb->input['url'], $mybb->settings['bburl'].'/') !== 0) 1836 { 1837 if(my_strpos($mybb->input['url'], '/') === 0) 1838 { 1839 $mybb->input['url'] = my_substr($mybb->input['url'], 1); 1840 } 1841 $url_segments = explode('/', $mybb->input['url']); 1842 $mybb->input['url'] = $mybb->settings['bburl'].'/'.end($url_segments); 1843 } 1844 1845 // Redirect to the URL if it is not member.php 1846 redirect($mybb->input['url'], $lang->redirect_loggedin); 1847 } 1848 else 1849 { 1850 1851 redirect("index.php", $lang->redirect_loggedin); 1852 } 1853 } 1854 1855 $plugins->run_hooks("member_do_login_end"); 1856 } 1857 1858 if($mybb->input['action'] == "login") 1859 { 1860 $plugins->run_hooks("member_login"); 1861 1862 $member_loggedin_notice = ""; 1863 if($mybb->user['uid'] != 0) 1864 { 1865 $mybb->user['username'] = htmlspecialchars_uni($mybb->user['username']); 1866 $lang->already_logged_in = $lang->sprintf($lang->already_logged_in, build_profile_link($mybb->user['username'], $mybb->user['uid'])); 1867 eval("\$member_loggedin_notice = \"".$templates->get("member_loggedin_notice")."\";"); 1868 } 1869 1870 // Checks to make sure the user can login; they haven't had too many tries at logging in. 1871 // Is a fatal call if user has had too many tries. This particular check uses cookies, as a uid is not set yet 1872 // and we can't check loginattempts in the db 1873 login_attempt_check(); 1874 1875 // Redirect to the page where the user came from, but not if that was the login page. 1876 if(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], "action=login") === false) 1877 { 1878 $redirect_url = htmlentities($_SERVER['HTTP_REFERER']); 1879 } 1880 else 1881 { 1882 $redirect_url = ''; 1883 } 1884 1885 $captcha = ''; 1886 // Show captcha image for guests if enabled and only if we have to do 1887 if($mybb->settings['captchaimage'] && $do_captcha == true) 1888 { 1889 require_once MYBB_ROOT.'inc/class_captcha.php'; 1890 $login_captcha = new captcha(false, "post_captcha"); 1891 1892 if($login_captcha->type == captcha::DEFAULT_CAPTCHA) 1893 { 1894 if(!$correct) 1895 { 1896 $login_captcha->build_captcha(); 1897 } 1898 else 1899 { 1900 $captcha = $login_captcha->build_hidden_captcha(); 1901 } 1902 } 1903 elseif(in_array($login_captcha->type, array(captcha::NOCAPTCHA_RECAPTCHA, captcha::RECAPTCHA_INVISIBLE, captcha::RECAPTCHA_V3))) 1904 { 1905 $login_captcha->build_recaptcha(); 1906 } 1907 elseif(in_array($login_captcha->type, array(captcha::HCAPTCHA, captcha::HCAPTCHA_INVISIBLE))) 1908 { 1909 $login_captcha->build_hcaptcha(); 1910 } 1911 1912 if($login_captcha->html) 1913 { 1914 $captcha = $login_captcha->html; 1915 } 1916 } 1917 1918 $username = ""; 1919 $password = ""; 1920 if(isset($mybb->input['username']) && $mybb->request_method == "post") 1921 { 1922 $username = htmlspecialchars_uni($mybb->get_input('username')); 1923 } 1924 1925 if(isset($mybb->input['password']) && $mybb->request_method == "post") 1926 { 1927 $password = htmlspecialchars_uni($mybb->get_input('password')); 1928 } 1929 1930 if(!empty($errors)) 1931 { 1932 $mybb->input['action'] = "login"; 1933 $mybb->request_method = "get"; 1934 1935 $inline_errors = inline_error($errors); 1936 } 1937 1938 switch($mybb->settings['username_method']) 1939 { 1940 case 1: 1941 $lang->username = $lang->username1; 1942 break; 1943 case 2: 1944 $lang->username = $lang->username2; 1945 break; 1946 default: 1947 break; 1948 } 1949 1950 $plugins->run_hooks("member_login_end"); 1951 1952 eval("\$login = \"".$templates->get("member_login")."\";"); 1953 output_page($login); 1954 } 1955 1956 if($mybb->input['action'] == "logout") 1957 { 1958 $plugins->run_hooks("member_logout_start"); 1959 1960 if(!$mybb->user['uid']) 1961 { 1962 redirect("index.php", $lang->redirect_alreadyloggedout); 1963 } 1964 1965 // Check session ID if we have one 1966 if(isset($mybb->input['sid']) && $mybb->get_input('sid') !== $session->sid) 1967 { 1968 error($lang->error_notloggedout); 1969 } 1970 // Otherwise, check logoutkey 1971 else if(!isset($mybb->input['sid']) && $mybb->get_input('logoutkey') !== $mybb->user['logoutkey']) 1972 { 1973 error($lang->error_notloggedout); 1974 } 1975 1976 my_unsetcookie("mybbuser"); 1977 my_unsetcookie("sid"); 1978 1979 if($mybb->user['uid']) 1980 { 1981 $time = TIME_NOW; 1982 // Run this after the shutdown query from session system 1983 $db->shutdown_query("UPDATE ".TABLE_PREFIX."users SET lastvisit='{$time}', lastactive='{$time}' WHERE uid='{$mybb->user['uid']}'"); 1984 $db->delete_query("sessions", "sid = '{$session->sid}'"); 1985 } 1986 1987 $plugins->run_hooks("member_logout_end"); 1988 1989 redirect("index.php", $lang->redirect_loggedout); 1990 } 1991 1992 if($mybb->input['action'] == "viewnotes") 1993 { 1994 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 1995 $user = get_user($uid); 1996 1997 // Make sure we are looking at a real user here. 1998 if(!$user) 1999 { 2000 error($lang->error_nomember); 2001 } 2002 2003 if($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) 2004 { 2005 error_no_permission(); 2006 } 2007 2008 $user['username'] = htmlspecialchars_uni($user['username']); 2009 $lang->view_notes_for = $lang->sprintf($lang->view_notes_for, $user['username']); 2010 2011 $user['usernotes'] = nl2br(htmlspecialchars_uni($user['usernotes'])); 2012 2013 $plugins->run_hooks('member_viewnotes'); 2014 2015 eval("\$viewnotes = \"".$templates->get("member_viewnotes", 1, 0)."\";"); 2016 echo $viewnotes; 2017 exit; 2018 } 2019 2020 if($mybb->input['action'] == "profile") 2021 { 2022 if($mybb->usergroup['canviewprofiles'] == 0) 2023 { 2024 error_no_permission(); 2025 } 2026 2027 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 2028 if($uid) 2029 { 2030 $memprofile = get_user($uid); 2031 } 2032 elseif($mybb->user['uid']) 2033 { 2034 $memprofile = $mybb->user; 2035 } 2036 else 2037 { 2038 $memprofile = false; 2039 } 2040 2041 if(!$memprofile) 2042 { 2043 error($lang->error_nomember); 2044 } 2045 2046 $uid = $memprofile['uid']; 2047 2048 $plugins->run_hooks("member_profile_start"); 2049 2050 $me_username = $memprofile['username']; 2051 $memprofile['username'] = htmlspecialchars_uni($memprofile['username']); 2052 $lang->profile = $lang->sprintf($lang->profile, $memprofile['username']); 2053 2054 // Get member's permissions 2055 $memperms = user_permissions($memprofile['uid']); 2056 2057 // Set display group 2058 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 2059 2060 if(!$memprofile['displaygroup']) 2061 { 2062 $memprofile['displaygroup'] = $memprofile['usergroup']; 2063 } 2064 2065 $displaygroup = usergroup_displaygroup($memprofile['displaygroup']); 2066 if(is_array($displaygroup)) 2067 { 2068 $memperms = array_merge($memperms, $displaygroup); 2069 } 2070 2071 $lang->nav_profile = $lang->sprintf($lang->nav_profile, $memprofile['username']); 2072 add_breadcrumb($lang->nav_profile); 2073 2074 $lang->users_forum_info = $lang->sprintf($lang->users_forum_info, $memprofile['username']); 2075 $lang->users_contact_details = $lang->sprintf($lang->users_contact_details, $memprofile['username']); 2076 $lang->send_pm = $lang->sprintf($lang->send_pm, $memprofile['username']); 2077 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2078 $lang->users_additional_info = $lang->sprintf($lang->users_additional_info, $memprofile['username']); 2079 $lang->users_signature = $lang->sprintf($lang->users_signature, $memprofile['username']); 2080 $lang->send_user_email = $lang->sprintf($lang->send_user_email, $memprofile['username']); 2081 2082 $useravatar = format_avatar($memprofile['avatar'], $memprofile['avatardimensions']); 2083 eval("\$avatar = \"".$templates->get("member_profile_avatar")."\";"); 2084 2085 $website = $sendemail = $sendpm = $contact_details = ''; 2086 2087 if(my_validate_url($memprofile['website']) && !is_member($mybb->settings['hidewebsite']) && $memperms['canchangewebsite'] == 1) 2088 { 2089 $memprofile['website'] = htmlspecialchars_uni($memprofile['website']); 2090 $bgcolor = alt_trow(); 2091 eval("\$website = \"".$templates->get("member_profile_website")."\";"); 2092 } 2093 2094 if($mybb->usergroup['cansendemail'] == 1 && $uid != $mybb->user['uid'] && $memprofile['hideemail'] != 1 && (my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false || $mybb->usergroup['cansendemailoverride'] != 0)) 2095 { 2096 $bgcolor = alt_trow(); 2097 eval("\$sendemail = \"".$templates->get("member_profile_email")."\";"); 2098 } 2099 2100 if($mybb->settings['enablepms'] != 0 && $uid != $mybb->user['uid'] && $mybb->usergroup['canusepms'] == 1 && (($memprofile['receivepms'] != 0 && $memperms['canusepms'] != 0 && my_strpos(",".$memprofile['ignorelist'].",", ",".$mybb->user['uid'].",") === false) || $mybb->usergroup['canoverridepm'] == 1)) 2101 { 2102 $bgcolor = alt_trow(); 2103 eval('$sendpm = "'.$templates->get("member_profile_pm").'";'); 2104 } 2105 2106 $contact_fields = array(); 2107 $any_contact_field = false; 2108 foreach(array('icq', 'skype', 'google') as $field) 2109 { 2110 $contact_fields[$field] = ''; 2111 $settingkey = 'allow'.$field.'field'; 2112 2113 if(!empty($memprofile[$field]) && is_member($mybb->settings[$settingkey], array('usergroup' => $memprofile['usergroup'], 'additionalgroups' => $memprofile['additionalgroups']))) 2114 { 2115 $any_contact_field = true; 2116 2117 if($field == 'icq') 2118 { 2119 $memprofile[$field] = (int)$memprofile[$field]; 2120 } 2121 else 2122 { 2123 $memprofile[$field] = htmlspecialchars_uni($memprofile[$field]); 2124 } 2125 $tmpl = 'member_profile_contact_fields_'.$field; 2126 2127 $bgcolors[$field] = alt_trow(); 2128 eval('$contact_fields[\''.$field.'\'] = "'.$templates->get($tmpl).'";'); 2129 } 2130 } 2131 2132 if($any_contact_field || $sendemail || $sendpm || $website) 2133 { 2134 eval('$contact_details = "'.$templates->get("member_profile_contact_details").'";'); 2135 } 2136 2137 $signature = ''; 2138 if($memprofile['signature'] && ($memprofile['suspendsignature'] == 0 || $memprofile['suspendsigtime'] < TIME_NOW) && !is_member($mybb->settings['hidesignatures']) && $memperms['canusesig'] && $memperms['canusesigxposts'] <= $memprofile['postnum']) 2139 { 2140 $sig_parser = array( 2141 "allow_html" => $mybb->settings['sightml'], 2142 "allow_mycode" => $mybb->settings['sigmycode'], 2143 "allow_smilies" => $mybb->settings['sigsmilies'], 2144 "allow_imgcode" => $mybb->settings['sigimgcode'], 2145 "me_username" => $me_username, 2146 "filter_badwords" => 1 2147 ); 2148 2149 if($memperms['signofollow']) 2150 { 2151 $sig_parser['nofollow_on'] = 1; 2152 } 2153 2154 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2155 { 2156 $sig_parser['allow_imgcode'] = 0; 2157 } 2158 2159 $memprofile['signature'] = $parser->parse_message($memprofile['signature'], $sig_parser); 2160 eval("\$signature = \"".$templates->get("member_profile_signature")."\";"); 2161 } 2162 2163 $daysreg = (TIME_NOW - $memprofile['regdate']) / (24*3600); 2164 2165 if($daysreg < 1) 2166 { 2167 $daysreg = 1; 2168 } 2169 2170 $stats = $cache->read("stats"); 2171 2172 // Format post count, per day count and percent of total 2173 $ppd = $memprofile['postnum'] / $daysreg; 2174 $ppd = round($ppd, 2); 2175 if($ppd > $memprofile['postnum']) 2176 { 2177 $ppd = $memprofile['postnum']; 2178 } 2179 2180 $numposts = $stats['numposts']; 2181 if($numposts == 0) 2182 { 2183 $post_percent = "0"; 2184 } 2185 else 2186 { 2187 $post_percent = $memprofile['postnum']*100/$numposts; 2188 $post_percent = round($post_percent, 2); 2189 } 2190 2191 if($post_percent > 100) 2192 { 2193 $post_percent = 100; 2194 } 2195 2196 // Format thread count, per day count and percent of total 2197 $tpd = $memprofile['threadnum'] / $daysreg; 2198 $tpd = round($tpd, 2); 2199 if($tpd > $memprofile['threadnum']) 2200 { 2201 $tpd = $memprofile['threadnum']; 2202 } 2203 2204 $numthreads = $stats['numthreads']; 2205 if($numthreads == 0) 2206 { 2207 $thread_percent = "0"; 2208 } 2209 else 2210 { 2211 $thread_percent = $memprofile['threadnum']*100/$numthreads; 2212 $thread_percent = round($thread_percent, 2); 2213 } 2214 2215 if($thread_percent > 100) 2216 { 2217 $thread_percent = 100; 2218 } 2219 2220 $findposts = $findthreads = ''; 2221 if($mybb->usergroup['cansearch'] == 1) 2222 { 2223 if(!empty($memprofile['postnum'])) 2224 { 2225 eval("\$findposts = \"".$templates->get("member_profile_findposts")."\";"); 2226 } 2227 if(!empty($memprofile['threadnum'])) 2228 { 2229 eval("\$findthreads = \"".$templates->get("member_profile_findthreads")."\";"); 2230 } 2231 } 2232 2233 $awaybit = ''; 2234 if($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0) 2235 { 2236 $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); 2237 $awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']); 2238 if(!empty($memprofile['awayreason'])) 2239 { 2240 $reason = $parser->parse_badwords($memprofile['awayreason']); 2241 $awayreason = htmlspecialchars_uni($reason); 2242 } 2243 else 2244 { 2245 $awayreason = $lang->away_no_reason; 2246 } 2247 if($memprofile['returndate'] == '') 2248 { 2249 $returndate = "$lang->unknown"; 2250 } 2251 else 2252 { 2253 $returnhome = explode("-", $memprofile['returndate']); 2254 2255 // PHP native date functions use integers so timestamps for years after 2038 will not work 2256 // Thus we use adodb_mktime 2257 if($returnhome[2] >= 2038) 2258 { 2259 require_once MYBB_ROOT."inc/functions_time.php"; 2260 $returnmkdate = adodb_mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2261 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate, "", 1, true); 2262 } 2263 else 2264 { 2265 $returnmkdate = mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); 2266 $returndate = my_date($mybb->settings['dateformat'], $returnmkdate); 2267 } 2268 2269 // If our away time has expired already, we should be back, right? 2270 if($returnmkdate < TIME_NOW) 2271 { 2272 $db->update_query('users', array('away' => '0', 'awaydate' => '0', 'returndate' => '', 'awayreason' => ''), 'uid=\''.(int)$memprofile['uid'].'\''); 2273 2274 // Update our status to "not away" 2275 $memprofile['away'] = 0; 2276 } 2277 } 2278 2279 // Check if our away status is set to 1, it may have been updated already (see a few lines above) 2280 if($memprofile['away'] == 1) 2281 { 2282 eval("\$awaybit = \"".$templates->get("member_profile_away")."\";"); 2283 } 2284 } 2285 2286 $memprofile['timezone'] = (float)$memprofile['timezone']; 2287 2288 if($memprofile['dst'] == 1) 2289 { 2290 $memprofile['timezone']++; 2291 if(my_substr($memprofile['timezone'], 0, 1) != "-") 2292 { 2293 $memprofile['timezone'] = "+{$memprofile['timezone']}"; 2294 } 2295 } 2296 2297 $memregdate = my_date($mybb->settings['dateformat'], $memprofile['regdate']); 2298 $memlocaldate = gmdate($mybb->settings['dateformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2299 $memlocaltime = gmdate($mybb->settings['timeformat'], TIME_NOW + ($memprofile['timezone'] * 3600)); 2300 2301 $localtime = $lang->sprintf($lang->local_time_format, $memlocaldate, $memlocaltime); 2302 2303 if($memprofile['birthday']) 2304 { 2305 $membday = explode("-", $memprofile['birthday']); 2306 2307 if($memprofile['birthdayprivacy'] != 'none') 2308 { 2309 if($membday[0] && $membday[1] && $membday[2]) 2310 { 2311 $lang->membdayage = $lang->sprintf($lang->membdayage, get_age($memprofile['birthday'])); 2312 2313 $bdayformat = fix_mktime($mybb->settings['dateformat'], $membday[2]); 2314 $membday = mktime(0, 0, 0, $membday[1], $membday[0], $membday[2]); 2315 $membday = date($bdayformat, $membday); 2316 2317 $membdayage = $lang->membdayage; 2318 } 2319 elseif($membday[2]) 2320 { 2321 $membday = mktime(0, 0, 0, 1, 1, $membday[2]); 2322 $membday = date("Y", $membday); 2323 $membdayage = ''; 2324 } 2325 else 2326 { 2327 $membday = mktime(0, 0, 0, $membday[1], $membday[0], 0); 2328 $membday = date("F j", $membday); 2329 $membdayage = ''; 2330 } 2331 } 2332 2333 if($memprofile['birthdayprivacy'] == 'age') 2334 { 2335 $membday = $lang->birthdayhidden; 2336 } 2337 else if($memprofile['birthdayprivacy'] == 'none') 2338 { 2339 $membday = $lang->birthdayhidden; 2340 $membdayage = ''; 2341 } 2342 } 2343 else 2344 { 2345 $membday = $lang->not_specified; 2346 $membdayage = ''; 2347 } 2348 2349 // Get the user title for this user 2350 unset($stars); 2351 $usertitle = ''; 2352 $starimage = ''; 2353 if(trim($memprofile['usertitle']) != '') 2354 { 2355 // User has custom user title 2356 $usertitle = $memprofile['usertitle']; 2357 } 2358 elseif(trim($memperms['usertitle']) != '') 2359 { 2360 // User has group title 2361 $usertitle = $memperms['usertitle']; 2362 } 2363 else 2364 { 2365 if(!isset($usertitles)) 2366 { 2367 $usertitles = $cache->read('usertitles'); 2368 } 2369 2370 // No usergroup title so get a default one 2371 if(is_array($usertitles)) 2372 { 2373 foreach($usertitles as $title) 2374 { 2375 if($memprofile['postnum'] >= $title['posts']) 2376 { 2377 $usertitle = $title['title']; 2378 $stars = $title['stars']; 2379 $starimage = $title['starimage']; 2380 2381 break; 2382 } 2383 } 2384 } 2385 } 2386 2387 $usertitle = htmlspecialchars_uni($usertitle); 2388 2389 if($memperms['stars'] || $memperms['usertitle']) 2390 { 2391 // Set the number of stars if display group has constant number of stars 2392 $stars = $memperms['stars']; 2393 } 2394 elseif(!isset($stars)) 2395 { 2396 if(!isset($usertitles)) 2397 { 2398 $usertitles = $cache->read('usertitles'); 2399 } 2400 2401 // This is for cases where the user has a title, but the group has no defined number of stars (use number of stars as per default usergroups) 2402 if(is_array($usertitles)) 2403 { 2404 foreach($usertitles as $title) 2405 { 2406 if($memprofile['postnum'] >= $title['posts']) 2407 { 2408 $stars = $title['stars']; 2409 $starimage = $title['starimage']; 2410 break; 2411 } 2412 } 2413 } 2414 2415 if(!isset($stars)) 2416 { 2417 $stars = 0; 2418 } 2419 } 2420 2421 $groupimage = ''; 2422 if(!empty($memperms['image'])) 2423 { 2424 if(!empty($mybb->user['language'])) 2425 { 2426 $language = $mybb->user['language']; 2427 } 2428 else 2429 { 2430 $language = $mybb->settings['bblanguage']; 2431 } 2432 $memperms['image'] = str_replace("{lang}", $language, $memperms['image']); 2433 $memperms['image'] = str_replace("{theme}", $theme['imgdir'], $memperms['image']); 2434 eval("\$groupimage = \"".$templates->get("member_profile_groupimage")."\";"); 2435 } 2436 2437 if(empty($starimage)) 2438 { 2439 $starimage = $memperms['starimage']; 2440 } 2441 2442 if(!empty($starimage)) 2443 { 2444 // Only display stars if we have an image to use... 2445 $starimage = str_replace("{theme}", $theme['imgdir'], $starimage); 2446 $userstars = ''; 2447 for($i = 0; $i < $stars; ++$i) 2448 { 2449 eval("\$userstars .= \"".$templates->get("member_profile_userstar", 1, 0)."\";"); 2450 } 2451 } 2452 2453 // User is currently online and this user has permissions to view the user on the WOL 2454 $timesearch = TIME_NOW - $mybb->settings['wolcutoffmins']*60; 2455 $query = $db->simple_select("sessions", "location,nopermission", "uid='$uid' AND time>'{$timesearch}'", array('order_by' => 'time', 'order_dir' => 'DESC', 'limit' => 1)); 2456 $session = $db->fetch_array($query); 2457 2458 $timeonline = $lang->none_registered; 2459 $memlastvisitdate = $lang->lastvisit_never; 2460 $last_seen = max(array($memprofile['lastactive'], $memprofile['lastvisit'])); 2461 if(!empty($last_seen)) 2462 { 2463 // We have some stamp here 2464 if($memprofile['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $memprofile['uid'] != $mybb->user['uid']) 2465 { 2466 $memlastvisitdate = $lang->lastvisit_hidden; 2467 $online_status = $timeonline = $lang->timeonline_hidden; 2468 } 2469 else 2470 { 2471 $memlastvisitdate = my_date('relative', $last_seen); 2472 2473 if($memprofile['timeonline'] > 0) 2474 { 2475 $timeonline = nice_time($memprofile['timeonline']); 2476 } 2477 2478 // Online? 2479 if(!empty($session)) 2480 { 2481 // Fetch their current location 2482 $lang->load("online"); 2483 require_once MYBB_ROOT."inc/functions_online.php"; 2484 $activity = fetch_wol_activity($session['location'], $session['nopermission']); 2485 $location = build_friendly_wol_location($activity); 2486 $location_time = my_date($mybb->settings['timeformat'], $last_seen); 2487 2488 eval("\$online_status = \"".$templates->get("member_profile_online")."\";"); 2489 } 2490 } 2491 } 2492 2493 if(!isset($online_status)) 2494 { 2495 eval("\$online_status = \"".$templates->get("member_profile_offline")."\";"); 2496 } 2497 2498 // Reset the background colours to keep it inline 2499 $alttrow = 'trow1'; 2500 2501 // Build Referral 2502 $referrals = ''; 2503 if($mybb->settings['usereferrals'] == 1) 2504 { 2505 $bg_color = alt_trow(); 2506 2507 $uid = (int) $memprofile['uid']; 2508 $referral_count = $memprofile['referrals']; 2509 if ($referral_count > 0) { 2510 eval("\$memprofile['referrals'] = \"".$templates->get('member_referrals_link')."\";"); 2511 } 2512 2513 eval("\$referrals = \"".$templates->get('member_profile_referrals')."\";"); 2514 } 2515 2516 // Fetch the reputation for this user 2517 $reputation = ''; 2518 if($memperms['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 2519 { 2520 $bg_color = alt_trow(); 2521 $reputation = get_reputation($memprofile['reputation']); 2522 2523 // If this user has permission to give reputations show the vote link 2524 $vote_link = ''; 2525 if($mybb->usergroup['cangivereputations'] == 1 && $memprofile['uid'] != $mybb->user['uid'] && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep'])) 2526 { 2527 eval("\$vote_link = \"".$templates->get("member_profile_reputation_vote")."\";"); 2528 } 2529 2530 eval("\$reputation = \"".$templates->get("member_profile_reputation")."\";"); 2531 } 2532 2533 $warning_level = ''; 2534 if($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0))) 2535 { 2536 $bg_color = alt_trow(); 2537 2538 if($mybb->settings['maxwarningpoints'] < 1) 2539 { 2540 $mybb->settings['maxwarningpoints'] = 10; 2541 } 2542 2543 $warning_level = round($memprofile['warningpoints']/$mybb->settings['maxwarningpoints']*100); 2544 2545 if($warning_level > 100) 2546 { 2547 $warning_level = 100; 2548 } 2549 2550 $warning_level = get_colored_warning_level($warning_level); 2551 if($mybb->usergroup['canwarnusers'] != 0) 2552 { 2553 eval("\$warn_user = \"".$templates->get("member_profile_warn")."\";"); 2554 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel_link")."\";"); 2555 } 2556 else 2557 { 2558 eval("\$warning_level = \"".$templates->get("member_profile_warninglevel")."\";"); 2559 } 2560 } 2561 2562 $bgcolor = $alttrow = 'trow1'; 2563 $customfields = $profilefields = ''; 2564 2565 $query = $db->simple_select("userfields", "*", "ufid = '{$uid}'"); 2566 $userfields = $db->fetch_array($query); 2567 2568 // If this user is an Administrator or a Moderator then we wish to show all profile fields 2569 $pfcache = $cache->read('profilefields'); 2570 2571 if(is_array($pfcache)) 2572 { 2573 foreach($pfcache as $customfield) 2574 { 2575 if($mybb->usergroup['cancp'] != 1 && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['canmodcp'] != 1 && !is_member($customfield['viewableby']) || !$customfield['profile']) 2576 { 2577 continue; 2578 } 2579 2580 $thing = explode("\n", $customfield['type'], "2"); 2581 $type = trim($thing[0]); 2582 2583 $customfieldval = $customfield_val = ''; 2584 $field = "fid{$customfield['fid']}"; 2585 2586 if(isset($userfields[$field])) 2587 { 2588 $useropts = explode("\n", $userfields[$field]); 2589 $customfieldval = $comma = ''; 2590 if(is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) 2591 { 2592 foreach($useropts as $val) 2593 { 2594 if($val != '') 2595 { 2596 eval("\$customfield_val .= \"".$templates->get("member_profile_customfields_field_multi_item")."\";"); 2597 } 2598 } 2599 if($customfield_val != '') 2600 { 2601 eval("\$customfieldval = \"".$templates->get("member_profile_customfields_field_multi")."\";"); 2602 } 2603 } 2604 else 2605 { 2606 $parser_options = array( 2607 "allow_html" => $customfield['allowhtml'], 2608 "allow_mycode" => $customfield['allowmycode'], 2609 "allow_smilies" => $customfield['allowsmilies'], 2610 "allow_imgcode" => $customfield['allowimgcode'], 2611 "allow_videocode" => $customfield['allowvideocode'], 2612 #"nofollow_on" => 1, 2613 "filter_badwords" => 1 2614 ); 2615 2616 if($customfield['type'] == "textarea") 2617 { 2618 $parser_options['me_username'] = $memprofile['username']; 2619 } 2620 else 2621 { 2622 $parser_options['nl2br'] = 0; 2623 } 2624 2625 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 2626 { 2627 $parser_options['allow_imgcode'] = 0; 2628 } 2629 2630 $customfieldval = $parser->parse_message($userfields[$field], $parser_options); 2631 } 2632 } 2633 2634 if($customfieldval) 2635 { 2636 $customfield['name'] = htmlspecialchars_uni($customfield['name']); 2637 eval("\$customfields .= \"".$templates->get("member_profile_customfields_field")."\";"); 2638 $bgcolor = alt_trow(); 2639 } 2640 } 2641 } 2642 2643 if($customfields) 2644 { 2645 eval("\$profilefields = \"".$templates->get("member_profile_customfields")."\";"); 2646 } 2647 2648 $memprofile['postnum'] = my_number_format($memprofile['postnum']); 2649 $lang->ppd_percent_total = $lang->sprintf($lang->ppd_percent_total, my_number_format($ppd), $post_percent); 2650 2651 $memprofile['threadnum'] = my_number_format($memprofile['threadnum']); 2652 $lang->tpd_percent_total = $lang->sprintf($lang->tpd_percent_total, my_number_format($tpd), $thread_percent); 2653 2654 $formattedname = format_name($memprofile['username'], $memprofile['usergroup'], $memprofile['displaygroup']); 2655 2656 $bannedbit = ''; 2657 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1) 2658 { 2659 // Fetch details on their ban 2660 $query = $db->simple_select('banned b LEFT JOIN '.TABLE_PREFIX.'users a ON (b.admin=a.uid)', 'b.*, a.username AS adminuser', "b.uid='{$uid}'", array('limit' => 1)); 2661 2662 if($db->num_rows($query)) 2663 { 2664 $memban = $db->fetch_array($query); 2665 2666 if($memban['reason']) 2667 { 2668 $memban['reason'] = htmlspecialchars_uni($parser->parse_badwords($memban['reason'])); 2669 } 2670 else 2671 { 2672 $memban['reason'] = $lang->na; 2673 } 2674 2675 if($memban['lifted'] == 'perm' || $memban['lifted'] == '' || $memban['bantime'] == 'perm' || $memban['bantime'] == '---') 2676 { 2677 $banlength = $lang->permanent; 2678 $timeremaining = $lang->na; 2679 $banned_class = "normal_banned"; 2680 } 2681 else 2682 { 2683 // Set up the array of ban times. 2684 $bantimes = fetch_ban_times(); 2685 2686 $banlength = $bantimes[$memban['bantime']]; 2687 $remaining = $memban['lifted']-TIME_NOW; 2688 2689 $timeremaining = nice_time($remaining, array('short' => 1, 'seconds' => false)).""; 2690 2691 $banned_class = ''; 2692 if($remaining < 3600) 2693 { 2694 $banned_class = "high_banned"; 2695 } 2696 else if($remaining < 86400) 2697 { 2698 $banned_class = "moderate_banned"; 2699 } 2700 else if($remaining < 604800) 2701 { 2702 $banned_class = "low_banned"; 2703 } 2704 else 2705 { 2706 $banned_class = "normal_banned"; 2707 } 2708 } 2709 eval('$timeremaining = "'.$templates->get('member_profile_banned_remaining').'";'); 2710 2711 $memban['adminuser'] = build_profile_link(htmlspecialchars_uni($memban['adminuser']), $memban['admin']); 2712 2713 // Display a nice warning to the user 2714 eval('$bannedbit = "'.$templates->get('member_profile_banned').'";'); 2715 } 2716 else 2717 { 2718 // TODO: more specific output for converted/merged boards where no ban record is merged. 2719 $bannedbit = ''; 2720 } 2721 } 2722 2723 $adminoptions = ''; 2724 if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1) 2725 { 2726 if($memperms['isbannedgroup'] == 1) 2727 { 2728 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions_manageban")."\";"); 2729 } 2730 else 2731 { 2732 eval("\$adminoptions = \"".$templates->get("member_profile_adminoptions")."\";"); 2733 } 2734 } 2735 2736 $modoptions = $viewnotes = $editnotes = $editprofile = $banuser = $manageban = $manageuser = ''; 2737 $can_purge_spammer = purgespammer_show($memprofile['postnum'], $memprofile['usergroup'], $memprofile['uid']); 2738 if($mybb->usergroup['canmodcp'] == 1 || $can_purge_spammer) 2739 { 2740 if($mybb->usergroup['canuseipsearch'] == 1) 2741 { 2742 $memprofile['regip'] = my_inet_ntop($db->unescape_binary($memprofile['regip'])); 2743 $memprofile['lastip'] = my_inet_ntop($db->unescape_binary($memprofile['lastip'])); 2744 2745 eval("\$ipaddress = \"".$templates->get("member_profile_modoptions_ipaddress")."\";"); 2746 } 2747 2748 $memprofile['usernotes'] = nl2br(htmlspecialchars_uni($memprofile['usernotes'])); 2749 2750 if(!empty($memprofile['usernotes'])) 2751 { 2752 if(strlen($memprofile['usernotes']) > 100) 2753 { 2754 eval("\$viewnotes = \"".$templates->get("member_profile_modoptions_viewnotes")."\";"); 2755 $memprofile['usernotes'] = my_substr($memprofile['usernotes'], 0, 100)."... {$viewnotes}"; 2756 } 2757 } 2758 else 2759 { 2760 $memprofile['usernotes'] = $lang->no_usernotes; 2761 } 2762 2763 if($mybb->usergroup['caneditprofiles'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2764 { 2765 if(modcp_can_manage_user($memprofile['uid'])) 2766 { 2767 eval("\$editprofile = \"".$templates->get("member_profile_modoptions_editprofile")."\";"); 2768 eval("\$editnotes = \"".$templates->get("member_profile_modoptions_editnotes")."\";"); 2769 2770 } 2771 } 2772 2773 if($memperms['isbannedgroup'] == 1 && $mybb->usergroup['canbanusers'] == 1 && modcp_can_manage_user($memprofile['uid'])) 2774 { 2775 eval("\$manageban = \"".$templates->get("member_profile_modoptions_manageban")."\";"); 2776 } 2777 elseif(modcp_can_manage_user($memprofile['uid']) && $mybb->usergroup['canbanusers'] == 1) 2778 { 2779 if(modcp_can_manage_user($memprofile['uid']) && $mybb->usergroup['canbanusers'] == 1) 2780 { 2781 eval("\$banuser = \"".$templates->get("member_profile_modoptions_banuser")."\";"); 2782 } 2783 } 2784 2785 $purgespammer = ''; 2786 if($can_purge_spammer) 2787 { 2788 eval("\$purgespammer = \"".$templates->get('member_profile_modoptions_purgespammer')."\";"); 2789 } 2790 2791 if(!empty($editprofile) || !empty($banuser) || !empty($manageban) || !empty($purgespammer)) 2792 { 2793 eval("\$manageuser = \"".$templates->get("member_profile_modoptions_manageuser")."\";"); 2794 } 2795 2796 eval("\$modoptions = \"".$templates->get("member_profile_modoptions")."\";"); 2797 } 2798 2799 $add_remove_options = array(); 2800 $buddy_options = $ignore_options = $report_options = ''; 2801 if($mybb->user['uid'] != $memprofile['uid'] && $mybb->user['uid'] != 0) 2802 { 2803 $buddy_list = explode(',', $mybb->user['buddylist']); 2804 $ignore_list = explode(',', $mybb->user['ignorelist']); 2805 2806 if(in_array($uid, $buddy_list)) 2807 { 2808 $add_remove_options = array('url' => "usercp.php?action=do_editlists&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_buddy_button', 'lang' => $lang->remove_from_buddy_list); 2809 } 2810 else 2811 { 2812 $add_remove_options = array('url' => "usercp.php?action=do_editlists&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_buddy_button', 'lang' => $lang->add_to_buddy_list); 2813 } 2814 2815 if(!in_array($uid, $ignore_list)) 2816 { 2817 eval("\$buddy_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Buddy 2818 } 2819 2820 if(in_array($uid, $ignore_list)) 2821 { 2822 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&delete={$uid}&my_post_key={$mybb->post_code}", 'class' => 'remove_ignore_button', 'lang' => $lang->remove_from_ignore_list); 2823 } 2824 else 2825 { 2826 $add_remove_options = array('url' => "usercp.php?action=do_editlists&manage=ignored&add_username=".urlencode($memprofile['username'])."&my_post_key={$mybb->post_code}", 'class' => 'add_ignore_button', 'lang' => $lang->add_to_ignore_list); 2827 } 2828 2829 if(!in_array($uid, $buddy_list)) 2830 { 2831 eval("\$ignore_options = \"".$templates->get("member_profile_addremove")."\";"); // Add/Remove Ignore 2832 } 2833 2834 if(isset($memperms['canbereported']) && $memperms['canbereported'] == 1) 2835 { 2836 $reportable = true; 2837 $query = $db->simple_select("reportedcontent", "reporters", "reportstatus != '1' AND id = '{$memprofile['uid']}' AND type = 'profile'"); 2838 if($db->num_rows($query)) 2839 { 2840 $report = $db->fetch_array($query); 2841 $report['reporters'] = my_unserialize($report['reporters']); 2842 if(is_array($report['reporters']) && in_array($mybb->user['uid'], $report['reporters'])) 2843 { 2844 $reportable = false; 2845 } 2846 } 2847 if($reportable) 2848 { 2849 $add_remove_options = array('url' => "javascript:Report.reportUser({$memprofile['uid']});", 'class' => 'report_user_button', 'lang' => $lang->report_user); 2850 eval("\$report_options = \"".$templates->get("member_profile_addremove")."\";"); // Report User 2851 } 2852 } 2853 } 2854 2855 $plugins->run_hooks("member_profile_end"); 2856 2857 eval("\$profile = \"".$templates->get("member_profile")."\";"); 2858 output_page($profile); 2859 } 2860 2861 if($mybb->input['action'] == "do_emailuser" && $mybb->request_method == "post") 2862 { 2863 // Verify incoming POST request 2864 verify_post_check($mybb->get_input('my_post_key')); 2865 2866 $plugins->run_hooks("member_do_emailuser_start"); 2867 2868 // Guests or those without permission can't email other users 2869 if($mybb->usergroup['cansendemail'] == 0) 2870 { 2871 error_no_permission(); 2872 } 2873 2874 // Check group limits 2875 if($mybb->usergroup['maxemails'] > 0) 2876 { 2877 if($mybb->user['uid'] > 0) 2878 { 2879 $user_check = "fromuid='{$mybb->user['uid']}'"; 2880 } 2881 else 2882 { 2883 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2884 } 2885 2886 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 2887 $sent_count = $db->fetch_field($query, "sent_count"); 2888 if($sent_count >= $mybb->usergroup['maxemails']) 2889 { 2890 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 2891 error($lang->error_max_emails_day); 2892 } 2893 } 2894 2895 // Check email flood control 2896 if($mybb->usergroup['emailfloodtime'] > 0) 2897 { 2898 if($mybb->user['uid'] > 0) 2899 { 2900 $user_check = "fromuid='{$mybb->user['uid']}'"; 2901 } 2902 else 2903 { 2904 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 2905 } 2906 2907 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 2908 2909 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 2910 $last_email = $db->fetch_array($query); 2911 2912 // Users last email was within the flood time, show the error 2913 if(isset($last_email['mid'])) 2914 { 2915 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 2916 2917 if($remaining_time == 1) 2918 { 2919 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 2920 } 2921 elseif($remaining_time < 60) 2922 { 2923 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 2924 } 2925 elseif($remaining_time > 60 && $remaining_time < 120) 2926 { 2927 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 2928 } 2929 else 2930 { 2931 $remaining_time_minutes = ceil($remaining_time/60); 2932 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 2933 } 2934 2935 error($lang->error_emailflooding); 2936 } 2937 } 2938 2939 $query = $db->simple_select("users", "uid, username, email, hideemail", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 2940 $to_user = $db->fetch_array($query); 2941 2942 if(!$to_user['username']) 2943 { 2944 error($lang->error_invalidusername); 2945 } 2946 2947 if($to_user['hideemail'] != 0) 2948 { 2949 error($lang->error_hideemail); 2950 } 2951 2952 $errors = array(); 2953 2954 if($mybb->user['uid']) 2955 { 2956 $mybb->input['fromemail'] = $mybb->user['email']; 2957 $mybb->input['fromname'] = $mybb->user['username']; 2958 } 2959 2960 if(!validate_email_format($mybb->input['fromemail'])) 2961 { 2962 $errors[] = $lang->error_invalidfromemail; 2963 } 2964 2965 if(empty($mybb->input['fromname'])) 2966 { 2967 $errors[] = $lang->error_noname; 2968 } 2969 2970 if(empty($mybb->input['subject'])) 2971 { 2972 $errors[] = $lang->error_no_email_subject; 2973 } 2974 2975 if(empty($mybb->input['message'])) 2976 { 2977 $errors[] = $lang->error_no_email_message; 2978 } 2979 2980 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 2981 { 2982 require_once MYBB_ROOT.'inc/class_captcha.php'; 2983 $captcha = new captcha; 2984 2985 if($captcha->validate_captcha() == false) 2986 { 2987 // CAPTCHA validation failed 2988 foreach($captcha->get_errors() as $error) 2989 { 2990 $errors[] = $error; 2991 } 2992 } 2993 } 2994 2995 if(count($errors) == 0) 2996 { 2997 if($mybb->settings['mail_handler'] == 'smtp') 2998 { 2999 $from = $mybb->input['fromemail']; 3000 } 3001 else 3002 { 3003 $from = "{$mybb->input['fromname']} <{$mybb->input['fromemail']}>"; 3004 } 3005 3006 $message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->get_input('message')); 3007 my_mail($to_user['email'], $mybb->get_input('subject'), $message, '', '', '', false, 'text', '', $from); 3008 3009 if($mybb->settings['mail_logging'] > 0) 3010 { 3011 // Log the message 3012 $log_entry = array( 3013 "subject" => $db->escape_string($mybb->get_input('subject')), 3014 "message" => $db->escape_string($mybb->get_input('message')), 3015 "dateline" => TIME_NOW, 3016 "fromuid" => $mybb->user['uid'], 3017 "fromemail" => $db->escape_string($mybb->input['fromemail']), 3018 "touid" => $to_user['uid'], 3019 "toemail" => $db->escape_string($to_user['email']), 3020 "tid" => 0, 3021 "ipaddress" => $db->escape_binary($session->packedip), 3022 "type" => 1 3023 ); 3024 $db->insert_query("maillogs", $log_entry); 3025 } 3026 3027 $plugins->run_hooks("member_do_emailuser_end"); 3028 3029 redirect(get_profile_link($to_user['uid']), $lang->redirect_emailsent); 3030 } 3031 else 3032 { 3033 $mybb->input['action'] = "emailuser"; 3034 } 3035 } 3036 3037 if($mybb->input['action'] == "emailuser") 3038 { 3039 $plugins->run_hooks("member_emailuser_start"); 3040 3041 // Guests or those without permission can't email other users 3042 if($mybb->usergroup['cansendemail'] == 0) 3043 { 3044 error_no_permission(); 3045 } 3046 3047 // Check group limits 3048 if($mybb->usergroup['maxemails'] > 0) 3049 { 3050 if($mybb->user['uid'] > 0) 3051 { 3052 $user_check = "fromuid='{$mybb->user['uid']}'"; 3053 } 3054 else 3055 { 3056 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3057 } 3058 3059 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 3060 $sent_count = $db->fetch_field($query, "sent_count"); 3061 if($sent_count >= $mybb->usergroup['maxemails']) 3062 { 3063 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 3064 error($lang->error_max_emails_day); 3065 } 3066 } 3067 3068 // Check email flood control 3069 if($mybb->usergroup['emailfloodtime'] > 0) 3070 { 3071 if($mybb->user['uid'] > 0) 3072 { 3073 $user_check = "fromuid='{$mybb->user['uid']}'"; 3074 } 3075 else 3076 { 3077 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 3078 } 3079 3080 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 3081 3082 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 3083 $last_email = $db->fetch_array($query); 3084 3085 // Users last email was within the flood time, show the error 3086 if(isset($last_email['mid'])) 3087 { 3088 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 3089 3090 if($remaining_time == 1) 3091 { 3092 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 3093 } 3094 elseif($remaining_time < 60) 3095 { 3096 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 3097 } 3098 elseif($remaining_time > 60 && $remaining_time < 120) 3099 { 3100 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 3101 } 3102 else 3103 { 3104 $remaining_time_minutes = ceil($remaining_time/60); 3105 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 3106 } 3107 3108 error($lang->error_emailflooding); 3109 } 3110 } 3111 3112 $query = $db->simple_select("users", "uid, username, email, hideemail, ignorelist", "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'"); 3113 $to_user = $db->fetch_array($query); 3114 3115 $to_user['username'] = htmlspecialchars_uni($to_user['username']); 3116 $lang->email_user = $lang->sprintf($lang->email_user, $to_user['username']); 3117 3118 if(!$to_user['uid']) 3119 { 3120 error($lang->error_invaliduser); 3121 } 3122 3123 if($to_user['hideemail'] != 0) 3124 { 3125 error($lang->error_hideemail); 3126 } 3127 3128 if($to_user['ignorelist'] && (my_strpos(",".$to_user['ignorelist'].",", ",".$mybb->user['uid'].",") !== false && $mybb->usergroup['cansendemailoverride'] != 1)) 3129 { 3130 error_no_permission(); 3131 } 3132 3133 if(isset($errors) && count($errors) > 0) 3134 { 3135 $errors = inline_error($errors); 3136 $fromname = htmlspecialchars_uni($mybb->get_input('fromname')); 3137 $fromemail = htmlspecialchars_uni($mybb->get_input('fromemail')); 3138 $subject = htmlspecialchars_uni($mybb->get_input('subject')); 3139 $message = htmlspecialchars_uni($mybb->get_input('message')); 3140 } 3141 else 3142 { 3143 $errors = ''; 3144 $fromname = ''; 3145 $fromemail = ''; 3146 $subject = ''; 3147 $message = ''; 3148 } 3149 3150 // Generate CAPTCHA? 3151 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 3152 { 3153 require_once MYBB_ROOT.'inc/class_captcha.php'; 3154 $post_captcha = new captcha(true, "post_captcha"); 3155 3156 if($post_captcha->html) 3157 { 3158 $captcha = $post_captcha->html; 3159 } 3160 } 3161 else 3162 { 3163 $captcha = ''; 3164 } 3165 3166 $from_email = ''; 3167 if($mybb->user['uid'] == 0) 3168 { 3169 eval("\$from_email = \"".$templates->get("member_emailuser_guest")."\";"); 3170 } 3171 3172 $plugins->run_hooks("member_emailuser_end"); 3173 3174 eval("\$emailuser = \"".$templates->get("member_emailuser")."\";"); 3175 output_page($emailuser); 3176 } 3177 3178 if($mybb->input['action'] == 'referrals') 3179 { 3180 $plugins->run_hooks('member_referrals_start'); 3181 3182 $uid = $mybb->get_input('uid', MyBB::INPUT_INT); 3183 if(!$uid) 3184 { 3185 error($lang->referrals_no_user_specified); 3186 } 3187 3188 $user = get_user($uid); 3189 if(!$user['$uid']) 3190 { 3191 error($lang->referrals_invalid_user); 3192 } 3193 3194 $lang->nav_referrals = $lang->sprintf($lang->nav_referrals, $user['username']); 3195 add_breadcrumb($lang->nav_referrals); 3196 3197 $query = $db->simple_select('users', 'COUNT(uid) AS total', "referrer='{$uid}'"); 3198 $referral_count = $db->fetch_field($query, 'total'); 3199 3200 $bg_color = 'trow1'; 3201 3202 if($referral_count == 0) 3203 { 3204 eval("\$referral_rows = \"".$templates->get('member_no_referrals')."\";"); 3205 } 3206 else 3207 { 3208 // Figure out if we need to display multiple pages. 3209 $perpage = 20; 3210 if ((int) $mybb->settings['referralsperpage']) { 3211 $perpage = (int) $mybb->settings['referralsperpage']; 3212 } 3213 3214 $page = 1; 3215 if($mybb->get_input('page', MyBB::INPUT_INT)) 3216 { 3217 $page = $mybb->get_input('page', MyBB::INPUT_INT); 3218 } 3219 3220 $pages = ceil($referral_count / $perpage); 3221 3222 if($page > $pages || $page <= 0) 3223 { 3224 $page = 1; 3225 } 3226 3227 if($page) 3228 { 3229 $start = ($page-1) * $perpage; 3230 } 3231 else 3232 { 3233 $start = 0; 3234 $page = 1; 3235 } 3236 3237 $multipage = multipage($referral_count, $perpage, $page, "member.php?action=referrals&uid={$uid}"); 3238 3239 foreach(get_user_referrals($uid, $start, $perpage) as $referral) 3240 { 3241 // Format user name link 3242 $username = htmlspecialchars_uni($referral['username']); 3243 $username = format_name($username, $referral['usergroup'], $referral['displaygroup']); 3244 $username = build_profile_link($username, $referral['uid']); 3245 3246 $regdate = my_date('normal', $referral['regdate']); 3247 3248 eval("\$referral_rows .= \"".$templates->get('member_referral_row')."\";"); 3249 3250 $bg_color = alt_trow(); 3251 } 3252 } 3253 3254 $plugins->run_hooks('member_referrals_end'); 3255 3256 eval("\$referrals = \"".$templates->get("member_referrals")."\";"); 3257 output_page($referrals); 3258 } 3259 3260 if(!$mybb->input['action']) 3261 { 3262 header("Location: index.php"); 3263 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |