First cut of usersettings changes using common validation routines; more shared LANs, eliminate unused LANs

2025-07-31 20:00:37 +02:00 · 2008-12-28 22:37:43 +00:00
parent 641dba3b2e
commit 5d25c47657
15 changed files with 844 additions and 895 deletions
--- a/class2.php
+++ b/class2.php
@@ -9,9 +9,9 @@
 * General purpose file
 *
 * $Source: /cvs_backup/e107_0.8/class2.php,v $
-* $Revision: 1.90 $
+* $Revision: 1.91 $
-* $Date: 2008-12-22 03:15:04 $
+* $Date: 2008-12-28 22:37:42 $
-* $Author: mcfly_e107 $
+* $Author: e107steved $
 *
 */
 //
@@ -1282,6 +1282,7 @@ function get_user_data($uid, $extra = '')
 	}
 	//===========================================================
 	$var['user_baseclasslist'] = $var['user_class'];			// Keep track of which base classes are in DB
 	// Now look up the 'inherited' user classes
 	$var['user_class'] = $e107->user_class->get_all_user_classes($var['user_class']);
--- a/e107_files/shortcode/batch/usersettings_shortcodes.php
+++ b/e107_files/shortcode/batch/usersettings_shortcodes.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_files/shortcode/batch/usersettings_shortcodes.php,v $
-|     $Revision: 1.9 $
+|     $Revision: 1.10 $
-|     $Date: 2008-01-15 21:57:31 $
+|     $Date: 2008-12-28 22:37:42 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -49,7 +49,7 @@ SC_END
 SC_BEGIN CUSTOMTITLE
 global $rs, $curVal, $pref;
-if ($pref['signup_option_customtitle'] || ADMIN)
+if ($pref['signup_option_customtitle'])
 {
 	return $rs->form_text("customtitle", 40, $curVal['user_customtitle'], 100, "tbox");
 }
@@ -98,7 +98,7 @@ SC_BEGIN HIDEEMAIL
 global $rs, $curVal;
 if($parm == 'radio')
 {
-	return ($curVal['user_hideemail'] ? $rs->form_radio("hideemail", 1, 1)." ".LAN_416."&nbsp;&nbsp;".$rs->form_radio("hideemail", 0)." ".LAN_417 : $rs->form_radio("hideemail", 1)." ".LAN_416."&nbsp;&nbsp;".$rs->form_radio("hideemail", 0, 1)." ".LAN_417);
+	return ($curVal['user_hideemail'] ? $rs->form_radio("hideemail", 1, 1)." ".LAN_YES."&nbsp;&nbsp;".$rs->form_radio("hideemail", 0)." ".LAN_NO : $rs->form_radio("hideemail", 1)." ".LAN_YES."&nbsp;&nbsp;".$rs->form_radio("hideemail", 0, 1)." ".LAN_NO);
 }
 SC_END
@@ -110,7 +110,7 @@ if(ADMIN && $curVal['user_id'] != USERID)
 	return "";
 }
 if (!is_object($e_userclass)) $e_userclass = new user_class;
-$ucList = explode(',',$e_userclass->get_editable_classes());			// List of classes which this user can edit
+$ucList = $e_userclass->get_editable_classes(USERCLASS_LIST, TRUE);			// List of classes which this user can edit (as array)
 $ret = '';
 if(!count($ucList)) return;
@@ -120,8 +120,9 @@ if(!count($ucList)) return;
    if (check_class($cid, $curVal['user_class'])) $is_checked[$cid] = $cid;
 	if(isset($_POST['class']))
 	{
-	  $is_checked[$cid] = in_array($cid, $_POST['class']);
+//	  $is_checked[$cid] = in_array($cid, $_POST['class']);
 	}
  }
  $inclass = implode(',',$is_checked);
@@ -161,7 +162,7 @@ SC_END
 SC_BEGIN AVATAR_CHOOSE
 $ret = "
-<input class='button' type ='button' style=' cursor:pointer' size='30' value='".LAN_403."' onclick='expandit(this)' />
+<input class='button' type ='button' style=' cursor:pointer' size='30' value='".LAN_USET_38."' onclick='expandit(this)' />
 <div style='display:none' >";
 $avatarlist[0] = "";
 $handle = opendir(e_IMAGE."avatars/");
--- a/e107_handlers/e_parse_class.php
+++ b/e107_handlers/e_parse_class.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_handlers/e_parse_class.php,v $
-|     $Revision: 1.45 $
+|     $Revision: 1.46 $
-|     $Date: 2008-11-16 19:58:42 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -313,6 +313,7 @@ class e_parse
 	function parseTemplate($text, $parseSCFiles = TRUE, $extraCodes = "") {
 		$this->sch_load();
 		return $this->e_sc->parseCodes($text, $parseSCFiles, $extraCodes);
 	}
--- a/e107_handlers/user_extended_class.php
+++ b/e107_handlers/user_extended_class.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_handlers/user_extended_class.php,v $
-|     $Revision: 1.20 $
+|     $Revision: 1.21 $
-|     $Date: 2008-12-21 11:07:58 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -82,7 +82,7 @@ class e107_user_extended
 		'sess', 'email', 'signature', 'image', 'hideemail',
 		'join', 'lastvisit', 'currentvisit', 'chats',
 		'comments', 'forums', 'ip', 'ban', 'prefs', 'viewed',
-		'visits', 'admin', 'login', 'class', 'perms', 'pwchange',
+		'visits', 'admin', 'login', 'class', 'baseclasslist', 'perms', 'pwchange',
 		'xup'
 		);
@@ -94,32 +94,78 @@ class e107_user_extended
 	}
 	// Validate a single extended user field
 	// $val is whatever the user entered.
 	// $params is the field definition
 	// Return FALSE if acceptable, TRUE if fail , error message on regex fail if the message is defined
 	function user_extended_validate_entry($val, $params)
 	{
-	  global $tp;
+		global $tp;
-	  $parms = explode("^,^", $params['user_extended_struct_parms']);
+		$parms = explode("^,^", $params['user_extended_struct_parms']);
-	  $requiredField = $params['user_extended_struct_required'] == 1;
+		$requiredField = $params['user_extended_struct_required'] == 1;
-	  $regex = $tp->toText($parms[1]);
+		$regex = $tp->toText($parms[1]);
-	  $regexfail = $tp->toText($parms[2]);
+		$regexfail = $tp->toText($parms[2]);
-      if (defined($regexfail)) { $regexfail = constant($regexfail); }
+		if (defined($regexfail)) { $regexfail = constant($regexfail); }
-	  if($val == '' && $requiredField) return TRUE;
+		if($val == '' && $requiredField) return TRUE;
-	  switch ($type)
+		switch ($type)
-	  {
+		{
-		case EUF_DATE :
+			case EUF_DATE :
-		  if ($requiredField && ($val == '0000-00-00')) return TRUE;
+				if ($requiredField && ($val == '0000-00-00')) return TRUE;
-		  break;
+				break;
-	  }
+		}
-	  if($regex != "" && $val != "")
+		if($regex != "" && $val != "")
-	  {
+		{
-		if(!preg_match($regex, $val)) return $regexfail ? $regexfail : TRUE;
+			if(!preg_match($regex, $val)) return $regexfail ? $regexfail : TRUE;
-	  }
+		}
-	  return FALSE;			// Pass by default here
+		return FALSE;			// Pass by default here
 	}
 	// Validate all user-modifable extended user fields which are presented.
 	// $inArray is the input data (usually from $_POST or $_POST['ue'], although doesn't have to be) - may have 'surplus' values
 	// $hideArray is a set of possible 'hide' flags
 	function userExtendedValidateAll($inArray, $hideArray)
 	{
 		global $tp;
 		$extList = $this->user_extended_get_fieldList();			// Filter this more later
 		$eufVals = array();		// 'Answer' array
 		$hideFlags = array();
 		foreach ($extList as $k => $defs)
 		{
 			$f = 'user_'.$defs['user_extended_struct_name'];
 			if (isset($inArray[$f]))
 			{	// Only allow valid keys
 				$val = $inArray[$f];
 				$err = $this->user_extended_validate_entry($val, $defs);
 				if ($err === true)
 				{  // General error - usually empty field; could be unacceptable value, or regex fail and no error message defined
 					$eufVals['errortext'][$f] = str_replace('--SOMETHING--',$tp->toHtml($defs['user_extended_struct_text'],FALSE,'defs'),LAN_USER_75);
 					$eufVals['errors'][$f] = ERR_GENERIC;
 				}
 				elseif ($err)
 				{	// Specific error message returned - usually regex fail
 					$eufVals['errortext'][$f] = $err;
 					$eufVals['errors'][$f] = ERR_GENERIC;
 				}
 				elseif (!$err)
 				{
 					$eufVals['validate'][$f] = $tp->toDB($val);
 				}
 				if (isset($hideArray[$f]))
 				{
 					$hideFlags[] = $f;
 				}
 			}
 		}
 		$hidden_fields = implode("^", $hideFlags);
 		if ($hidden_fields != "")
 		{
 			$hidden_fields = "^".$hidden_fields."^";
 		}
 		$eufVals['validate']['user_hidden_fields'] = $hidden_fields;
 		return $eufVals;
 	}
 	function user_extended_get_categories($byID = TRUE)
 	{
@@ -151,7 +197,7 @@ class e107_user_extended
 		$more = ($cat) ? " AND user_extended_struct_parent = ".intval($cat)." " : "";
 		if($sql->db_Select("user_extended_struct", "*", "user_extended_struct_type > 0 AND user_extended_struct_text != '_system_' {$more} ORDER BY user_extended_struct_order ASC"))
 		{
-			while($row = $sql->db_Fetch())
+			while($row = $sql->db_Fetch(MYSQL_ASSOC))
 			{
 				$ret[$row['user_extended_struct_parent']][] = $row;
 			}
@@ -166,7 +212,7 @@ class e107_user_extended
 		$more = ($cat != '') ? " AND user_extended_struct_parent = ".intval($cat)." " : "";
 		if($sql->db_Select("user_extended_struct", "*", "user_extended_struct_type > 0 AND user_extended_struct_text != '_system_' {$more} ORDER BY user_extended_struct_order ASC"))
 		{
-			while($row = $sql->db_Fetch())
+			while($row = $sql->db_Fetch(MYSQL_ASSOC))
 			{
 				$ret[$row[$indexField]] = $row;
 			}
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@@ -9,8 +9,8 @@
 * Handler - user-related functions
 *
 * $Source: /cvs_backup/e107_0.8/e107_handlers/user_handler.php,v $
- * $Revision: 1.4 $
+ * $Revision: 1.5 $
- * $Date: 2008-12-21 22:17:05 $
+ * $Date: 2008-12-28 22:37:43 $
 * $Author: e107steved $
 *
 */
@@ -74,7 +74,11 @@ class UserHandler
 	Index is the destination field name. If the source index name is different, specify 'srcName' in the array.
 	Possible processing options:
-		'doToDB'		- passes final value through $tp->toDB()
+		'dbClean'		- 'sanitising' method for final value:
 							- 'toDB' - passes final value through $tp->toDB()
 							- 'intval' - converts to an integer
 							- 'image'  - checks image for size
 							- 'avatar' - checks an image in the avatars directory
 		'stripTags'		- strips HTML tags from the value (not an error if there are some)
 		'minLength'		- minimum length (in utf-8 characters) for the string
 		'maxLength'		- minimum length (in utf-8 characters) for the string
@@ -86,9 +90,9 @@ class UserHandler
 		'user_loginname' => array('niceName'=> LAN_USER_02, 'vetMethod' => '1', 'vetParam' => '', 'srcName' => 'loginname', 'stripTags' => TRUE, 'stripChars' => '/&nbsp;|\#|\=|\$/', 'minLength' => 2, 'maxLength' => varset($pref['loginname_maxlength'],30)),			// User name
 		'user_login' => array('niceName'=> LAN_USER_03, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'realname', 'dbClean' => 'toDB'),				// Real name (no real vetting)
 		'user_customtitle' => array('niceName'=> LAN_USER_04, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'customtitle', 'dbClean' => 'toDB', 'enablePref' => 'signup_option_customtitle'),		// No real vetting
-		'user_password' => array('niceName'=> LAN_USER_05, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'password1', 'minLength' => varset($pref['signup_pass_len'],1)),
+		'user_password' => array('niceName'=> LAN_USER_05, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'password1', 'dataType' => 2, 'minLength' => varset($pref['signup_pass_len'],1)),
-		'user_sess' => array('niceName'=> LAN_USER_06, 'vetMethod' => '0', 'vetParam' => '', 'dbClean' => 'toDB'),				// Photo
+		'user_sess' => array('niceName'=> LAN_USER_06, 'vetMethod' => '0', 'vetParam' => '', 'stripChars' => "#\"|'|(|)#", 'dbClean' => 'image', 'imagePath' => e_FILE.'public/avatars/', 'maxHeight' => varset($pref['im_height'], 100), 'maxWidth' => varset($pref['im_width'], 120)),				// Photo
-		'user_image' => array('niceName'=> LAN_USER_07, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'image', 'dbClean' => 'toDB'),				// Avatar
+		'user_image' => array('niceName'=> LAN_USER_07, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'image', 'stripChars' => "#\"|'|(|)#", 'dbClean' => 'avatar', 'maxHeight' => varset($pref['im_height'], 100), 'maxWidth' => varset($pref['im_width'], 120)),				// Avatar
 		'user_email' => array('niceName'=> LAN_USER_08, 'vetMethod' => '1,3', 'vetParam' => '', 'srcName' => 'email', 'dbClean' => 'toDB'),
 		'user_signature' => array('niceName'=> LAN_USER_09, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'signature', 'dbClean' => 'toDB'),
 		'user_hideemail' => array('niceName'=> LAN_USER_10, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'hideemail', 'dbClean' => 'intval'),
@@ -335,18 +339,18 @@ class UserHandler
 		$cookieval = $lode['user_id'].".".md5($lode['user_password']);		// (Use extra md5 on cookie value to obscure hashed value for password)
 		if ($pref['user_tracking'] == "session")
 		{
-		  $_SESSION[$pref['cookie_name']] = $cookieval;
+			$_SESSION[$pref['cookie_name']] = $cookieval;
 		} 
 		else 
 		{
-		  if ($autologin == 1) 
+			if ($autologin == 1) 
-		  {	// Cookie valid for up to 30 days
+			{	// Cookie valid for up to 30 days
-			cookie($pref['cookie_name'], $cookieval, (time() + 3600 * 24 * 30));
+				cookie($pref['cookie_name'], $cookieval, (time() + 3600 * 24 * 30));
-		  } 
+			} 
-		  else 
+			else 
-		  {
+			{
-			cookie($pref['cookie_name'], $cookieval);
+				cookie($pref['cookie_name'], $cookieval);
-		  }
+			}
 		}
 	}
@@ -528,8 +532,8 @@ Following fields auto-filled in code as required:
 		global $pref, $sql;
 		if (isset($pref['del_unv']) && $pref['del_unv'] && $pref['user_reg_veri'] != 2)
 		{
-			$threshold=(time() - ($pref['del_unv'] * 60));
+			$threshold= intval(time() - ($pref['del_unv'] * 60));
-			$sql->db_Delete("user", "user_ban = 2 AND user_join < '{$threshold}' ");
+			$sql->db_Delete('user', 'user_ban = 2 AND user_join < '.$threshold);
 		}
 	}
 }
--- a/e107_handlers/userclass_class.php
+++ b/e107_handlers/userclass_class.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $
-|     $Revision: 1.24 $
+|     $Revision: 1.25 $
-|     $Date: 2008-12-21 11:07:58 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -173,43 +173,91 @@ class user_class
 	// Given the list of 'base' classes a user belongs to, returns a comma separated list including ancestors. Duplicates stripped
-  function get_all_user_classes($start_list)
+	function get_all_user_classes($start_list)
  {
    $is = array();
    $start_array = explode(',', $start_list);
 	foreach ($start_array as $sa)
 	{	// Merge in latest values - should eliminate duplicates as it goes
 	  if (isset($this->class_tree[$sa]))
 	  {
 		$is = array_merge($is,explode(',',$this->class_tree[$sa]['userclass_accum']));
 	  }
 	}
 	return implode(',',array_unique($is));
  }
  // Returns a list of user classes which can be edited by the specified classlist (defaults to current user's classes)
  function get_editable_classes($class_list = USERCLASS_LIST)
  {
    $ret = array();
 	$blockers = array(e_UC_PUBLIC => 1, e_UC_READONLY => 1, e_UC_MEMBER => 1, e_UC_NOBODY => 1, e_UC_GUEST => 1);
 	$possibles = array_flip(explode(',',$class_list));
 //	unset($possibles[e_UC_PUBLIC]);
 	unset($possibles[e_UC_READONLY]);
 	foreach ($this->class_tree as $uc => $uv)
 	{
-	  if (!isset($blockers[$uc]))
+		$is = array();
-	  {
+		$start_array = explode(',', $start_list);
-		$ec = $this->class_tree[$uc]['userclass_editclass'];
+		foreach ($start_array as $sa)
-//	  echo "Check class: {$uc} editclass {$ec}  in array: ".(isset($possibles[$ec]) ? 'yes' : 'no').'<br />';
+		{	// Merge in latest values - should eliminate duplicates as it goes
-		if (isset($possibles[$ec]))
+			if (isset($this->class_tree[$sa]))
-		{
+			{
-	      $ret[] = $uc;
+				$is = array_merge($is,explode(',',$this->class_tree[$sa]['userclass_accum']));
 			}
 		}
-	  }
+		return implode(',',array_unique($is));
 	}
 	// Returns a list of user classes which can be edited by the specified classlist (defaults to current user's classes)
 	function get_editable_classes($class_list = USERCLASS_LIST, $asArray = FALSE)
 	{
 		$ret = array();
 		$blockers = array(e_UC_PUBLIC => 1, e_UC_READONLY => 1, e_UC_MEMBER => 1, e_UC_NOBODY => 1, e_UC_GUEST => 1, e_UC_NEWUSER => 1);
 		$possibles = array_flip(explode(',',$class_list));
 		unset($possibles[e_UC_READONLY]);
 		foreach ($this->class_tree as $uc => $uv)
 		{
 			if (!isset($blockers[$uc]))
 			{
 				$ec = $uv['userclass_editclass'];
 				if (isset($possibles[$ec]))
 				{
 //					echo $uc."  {$ec}  {$uv['userclass_description']}<br />";
 					$ret[] = $uc;
 				}
 			}
 		}
 		if ($asArray) { return $ret; }
 		return implode(',',$ret);
 	}
 	// Combines the selected editable classes into the main class list for a user.
 	// $combined - the complete list of current class memberships
 	// $possible - the classes which are being edited
 	// $actual - the actual membership of the editable classes
 	// All classes may be passed as comma-separated lists or arrays
 	function mergeClassLists($combined, $possible, $actual, $asArray = FALSE)
 	{
 		if (!is_array($combined)) { $combined = explode(',',$combined);  }
 		if (!is_array($possible)) { $possible = explode(',',$possible);  }
 		if (!is_array($actual)) 	{ $actual = explode(',',$actual);  }
 		$combined = array_flip($combined);
 		foreach ($possible as $p)
 		{
 			if (in_array($p,$actual))
 			{	// Class must be in final array
 				$combined[$p] = 1;
 			}
 			else
 			{
 				unset($combined[$p]);
 			}
 		}
 		$combined = array_keys($combined);
 		if ($asArray) { return $combined; }
 		return implode(',', $combined);
 	}
 	function stripFixedClasses($inClasses)
 	{
 		$asArray = TRUE;
 		if (!is_array($inClasses))
 		{
 			$asArray = FALSE;
 			$inClasses = explode(',',$inClasses);
 		}
 		$inClasses = array_flip($inClasses);
 		foreach ($this->fixed_classes as $k => $v)
 		{
 			if (isset($inClasses[$k])) { unset($inClasses[$k]); }
 		}
 		$inClasses = array_keys($inClasses);
 		if ($asArray) { return ($inClasses); }
 		return implode(',',$inClasses);
 	}
 	return implode(',',$ret);
  }
  // Given a comma separated list, returns the minimum number of class memberships required to achieve this (i.e. strips classes 'above' another in the tree)
--- a/e107_handlers/validator_class.php
+++ b/e107_handlers/validator_class.php
@@ -9,8 +9,8 @@
 * Handler - general purpose validation functions
 *
 * $Source: /cvs_backup/e107_0.8/e107_handlers/validator_class.php,v $
- * $Revision: 1.2 $
+ * $Revision: 1.3 $
- * $Date: 2008-12-21 22:17:05 $
+ * $Date: 2008-12-28 22:37:43 $
 * $Author: e107steved $
 *
 */
@@ -35,6 +35,8 @@ define('ERR_CODE_ERROR', '16');
 define('ERR_TOO_LOW', '17');
 define('ERR_TOO_HIGH', '18');
 define('ERR_GENERIC', '19');				// This requires coder-defined error text
 define('ERR_IMAGE_TOO_WIDE', '20');
 define('ERR_IMAGE_TOO_HIGH', '21');
 /*
@@ -45,8 +47,10 @@ The validator functions use an array of parameters for each variable to be valid
 	Possible processing options:
 		'srcname'		- specifies the array index of the source data, where its different to the destination index
 		'dbClean'		- method for preparing the value to write to the DB (done as final step before returning). Options are:
-							- 'toDB'		- passes final value through $tp->toDB()
+							- 'toDB' 	- passes final value through $tp->toDB()
-							- 'intval'		- makes an integer
+							- 'intval' 	- converts to an integer
 							- 'image'  	- checks image for size
 							- 'avatar' 	- checks an image in the avatars directory
 		'stripTags'		- strips HTML tags from the value (not an error if there are some)
 		'minLength'		- minimum length (in utf-8 characters) for the string
 		'maxLength'		- minimum length (in utf-8 characters) for the string
@@ -94,7 +98,7 @@ class validatorClass
 				$value = $sourceFields[$src];
 				if (!$errNum && isset($defs['enablePref']))
 				{	// Only process this field if a specified pref enables it
-					if (!varsettrue($pref[$options['enablePref']]))
+					if (!varsettrue($pref[$defs['enablePref']]))
 					{
 						continue;			// Just loop to the next field - ignore this one.
 					}
@@ -113,11 +117,12 @@ class validatorClass
 					$newValue = trim(preg_replace($defs['stripChars'], "", $value));
 					if ($newValue <> $value)
 					{
 						echo "Invalid: {$newValue} :: {$value}<br />";
 						$errNum = ERR_INVALID_CHARS;
 					}
 					$value = $newValue;
 				}
-				if (!$errNum && isset($defs['minLength']) && $tp->uStrLen($value) < $defs['minLength'])
+				if (!$errNum && isset($defs['minLength']) && ($tp->uStrLen($value) < $defs['minLength']))
 				{
 					if ($value == '')
 					{
@@ -179,6 +184,13 @@ class validatorClass
 								$errNum = ERR_ARRAY_EXPECTED;
 							}
 							break;
 						case 2 :		// Assumes we're processing a dual password field - array name for second value is one more than for first
 							$src2 = substr($src,0,-1).(substr($src,-1,1) + 1);
 							if (!isset($sourceFields[$src2]) || ($sourceFields[$src2] != $value))
 							{
 								$errNum = ERR_PASSWORDS_DIFFERENT;
 							}
 							break;
 						default :
 							$errNum = ERR_CODE_ERROR;		// Pick up bad values
 					}
@@ -195,6 +207,43 @@ class validatorClass
 							case 'intval' :
 								$value = intval($value);
 								break;
 							case 'avatar' :			// Special case of an image - may be found in the avatars directory
 								if (preg_match('#[0-9\._]#', $value))
 								{
 									if (strpos('-upload-', $value) === 0)
 									{
 										$img = e_FILE.'public/avatars/'.$value;		// Its a server-stored image
 									}
 									else
 									{
 										$img = $value;			// Its a remote image
 									}
 								}
 												// Deliberately fall through into normal image processing
 							case 'image' :			// File is an image name.  $img may be set if we fall through from 'avatar' option - its the 'true' path to the image
 								if (!isset($img) && isset($defs['imagePath']))
 								{
 									$img = $defs['imagePath'].$value;
 								}
 								$img = varset($img,$value);
 								if ($size = getimagesize($img))
 								{
 									// echo "Image {$img} size: {$size[0]} x {$size[1]}<br />";
 									if (isset($defs['maxWidth']) && $size[0] > $defs['maxWidth'])
 									{		// Image too wide
 										$errNum = ERR_IMAGE_TOO_WIDE;
 									}
 									if (isset($defs['maxHeight']) && $size[1] > $defs['maxHeight'])
 									{		// Image too high
 										$errNum = ERR_IMAGE_TOO_HIGH;
 									}
 								}
 								else
 								{
 									// echo "Image {$img} not found or cannot size - original value {$value}<br />";
 								}
 								unset($img);
 								break;
 							default :
 								echo "Invalid dbClean method: {$defs['dbClean']}<br />";	// Debug message
 						}
@@ -205,7 +254,14 @@ class validatorClass
 			if ($errNum)
 			{  // error to report
 				$ret['errors'][$dest] = $errNum;
-				$ret['failed'][$dest] = $sourceFields[$src];		// Save value with error
+				if ($defs['dataType'] == 2)
 				{
 					$ret['failed'][$dest] = str_repeat('*',strlen($sourceFields[$src]));		// Save value with error - obfuscated
 				}
 				else
 				{
 					$ret['failed'][$dest] = $sourceFields[$src];		// Save value with error
 				}
 			}
 		}
 		return $ret;
@@ -384,7 +440,7 @@ class validatorClass
 			{
 				$curLine = str_replace('%t', constant($constPrefix.$n), $curLine);		// Standard messages
 			}
-			$curLine = str_replace('%v', $vars['failed'][$f],$curLine);			// Possibly this should have some protection added
+			$curLine = str_replace('%v', htmlentities($vars['failed'][$f]),$curLine);
 			$curLine = str_replace('%f', $f, $curLine);
 			if ($checkNice & isset($niceNames[$f]['niceName']))
 			{
--- a/e107_languages/English/English.php
+++ b/e107_languages/English/English.php
@@ -4,50 +4,44 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/English.php,v $
-|     $Revision: 1.8 $
+|     $Revision: 1.9 $
-|     $Date: 2008-12-21 22:17:05 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
 setlocale(LC_ALL, 'en');
-define("CORE_LC", 'en');
+define('CORE_LC', 'en');
-define("CORE_LC2", 'gb');
+define('CORE_LC2', 'gb');
 // define("TEXTDIRECTION","rtl");
-define("CHARSET", "utf-8");  // for a true multi-language site. :)
+define('CHARSET', 'utf-8');  // for a true multi-language site. :)
-define("CORE_LAN1","Error : theme is missing.\\n\\nChange the used themes in your preferences (admin area) or upload files of the current theme on the server.");
+define('CORE_LAN1',"Error : theme is missing.\\n\\nChange the used themes in your preferences (admin area) or upload files for the current theme to the server.");
-
+define('CORE_LAN2'," \\1 wrote:");// "\\1" represents the username.
-//v.616
+define('CORE_LAN3', 'file attachment disabled');				// Not used in 0.8
-define("CORE_LAN2"," \\1 wrote:");// "\\1" represents the username.
+define('CORE_LAN4', 'Please delete install.php from your server');
-define("CORE_LAN3","file attachment disabled");
+define('CORE_LAN5', 'if you do not there is a potential security risk to your website');
-
+define('CORE_LAN6', 'The flood protection on this site has been activated and you are warned that if you carry on requesting pages you could be banned.');
-//v0.7+
+define('CORE_LAN7', 'Core is attempting to restore prefs from automatic backup.');
-define("CORE_LAN4", "Please delete install.php from your server");
+define('CORE_LAN8', 'Core Prefs Error');
-define("CORE_LAN5", "if you do not there is a potential security risk to your website");
+define('CORE_LAN9', 'Core could not restore from automatic backup. Execution halted.');
-
+define('CORE_LAN10', 'Corrupted cookie detected - logged out.');
 // v0.7.6
 define("CORE_LAN6", "The flood protection on this site has been activated and you are warned that if you carry on requesting pages you could be banned.");
 define("CORE_LAN7", "Core is attempting to restore prefs from automatic backup.");
 define("CORE_LAN8", "Core Prefs Error");
 define("CORE_LAN9", "Core could not restore from automatic backup. Execution halted.");
 define("CORE_LAN10", "Corrupted cookie detected - logged out.");
 // Footer
-define("CORE_LAN11", "Render time: ");
+define('CORE_LAN11', 'Render time: ');
-define("CORE_LAN12", " sec (");
+define('CORE_LAN12', ' sec (');
-define("CORE_LAN13", "% of that for queries) ");
+define('CORE_LAN13', '% of that for queries) ');
-define("CORE_LAN14", "%2.3f cpu sec (%2.2f%% load, %2.3f startup). Clock: ");
+define('CORE_LAN14', '%2.3f cpu sec (%2.2f%% load, %2.3f startup). Clock: ');
-define("CORE_LAN15", "DB queries: ");
+define('CORE_LAN15', 'DB queries: ');
-define("CORE_LAN16", "Memory: ");
+define('CORE_LAN16', 'Memory: ');
 // img.bb
 define('CORE_LAN17', '[ image disabled ]');
 define('CORE_LAN18', 'Image: ');
-define("CORE_LAN_B", "B");
+define('CORE_LAN_B', 'B');
-define("CORE_LAN_KB", "kB");
+define('CORE_LAN_KB', 'kB');
-define("CORE_LAN_MB", "MB");
+define('CORE_LAN_MB', 'MB');
-define("CORE_LAN_GB", "GB");
+define('CORE_LAN_GB', 'GB');
-define("CORE_LAN_TB", "TB");
+define('CORE_LAN_TB', 'TB');
 define('LAN_WARNING', 'Warning!');
@@ -56,6 +50,8 @@ define('LAN_ANONYMOUS', 'Anonymous');
 define('LAN_EMAIL_SUBS', '-email-');
 define('LAN_YES', 'Yes');
 define('LAN_NO', 'No');
 define('LAN_OK', 'OK');
 define('LAN_CONTINUE', 'Continue');
 define('LAN_ENTER', 'Enter');
 ?>
--- a/e107_languages/English/lan_signup.php
+++ b/e107_languages/English/lan_signup.php
@@ -9,8 +9,8 @@
 * Language file - User signup
 *
 * $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_signup.php,v $
- * $Revision: 1.14 $
+ * $Revision: 1.15 $
- * $Date: 2008-12-21 22:17:05 $
+ * $Date: 2008-12-28 22:37:43 $
 * $Author: e107steved $
 *
 */
@@ -44,8 +44,8 @@ define("LAN_SIGNUP_2", "chars.");
 define("LAN_SIGNUP_3", "Code verification failed.");
 define("LAN_SIGNUP_4", "Your password must be at least ");
 define("LAN_SIGNUP_5", " characters long.");
-define("LAN_SIGNUP_6", "Your ");
+//define("LAN_SIGNUP_6", "Your ");			See LAN_USER_75
-define("LAN_SIGNUP_7", " is required");
+//define("LAN_SIGNUP_7", " is required");	See LAN_USER_75
 define("LAN_SIGNUP_8", "Thank you!");
 define("LAN_SIGNUP_9", "Unable to proceed.");
 //define("LAN_SIGNUP_10", "Yes");
@@ -66,7 +66,7 @@ define("LAN_SIGNUP_24", "Thank you for registering at");
 define("LAN_SIGNUP_25", "Upload your avatar");
 define("LAN_SIGNUP_26", "Upload your photograph");
 define("LAN_SIGNUP_27", "Show");
-define("LAN_SIGNUP_28", "choice of Content/Mail-lists");
+//define("LAN_SIGNUP_28", "choice of Content/Mail-lists");		Now LAN_USER_73
 define("LAN_SIGNUP_29", "A verification email will be sent to the email address you enter here so it must be valid.");
 define("LAN_SIGNUP_30", "If you do not wish to display your email address on this site, please select 'Yes' for the 'Hide email address?' option.");
 define("LAN_SIGNUP_31", "URL to your XUP file");
@@ -100,7 +100,7 @@ define("LAN_SIGNUP_59","**** If the link doesn't work, please check that part of
 define('LAN_SIGNUP_60','Signup email resend requested');
 define('LAN_SIGNUP_61','Send succeeded');
 define('LAN_SIGNUP_62','Send failed');
-define('LAN_SIGNUP_63','Password reset email resent requested');
+define('LAN_SIGNUP_63','Password reset email resend requested');
 define('LAN_SIGNUP_64','That doesn\'t appear to be valid user information');
 define('LAN_SIGNUP_65','You have been assigned the following login name');
 define('LAN_SIGNUP_66','Please make a note of it.');
@@ -123,8 +123,8 @@ define('LAN_SIGNUP_82', 'the name that you use to login');						// LAN_10
 define('LAN_SIGNUP_83', 'Password: ');											// LAN_17
 define('LAN_SIGNUP_84', 'Re-type Password: ');									// LAN_111
 define('LAN_SIGNUP_85', 'Usernames and passwords are <b>case-sensitive</b>.');	// LAN_400
-define('LAN_SIGNUP_86', 'Email Address: ');										// LAN_112
+//define('LAN_SIGNUP_86', 'Email Address: ');										// LAN_112 = LAN_USER_60
-define('LAN_SIGNUP_87', 'Hide email address?: ');								// LAN_113
+//define('LAN_SIGNUP_87', 'Hide email address?: ');								// LAN_113 = LAN_USER_83
 //define('LAN_SIGNUP_88', 'This will prevent your email address from being displayed on site');	// LAN_114
 define('LAN_SIGNUP_89', 'Display Name: ');										// LAN_7
 define('LAN_SIGNUP_90', 'the name that will be displayed on site');				// LAN_8
--- a/e107_languages/English/lan_user.php
+++ b/e107_languages/English/lan_user.php
@@ -9,8 +9,8 @@
 * Language file - user-related (many generic definitions)
 *
 * $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_user.php,v $
- * $Revision: 1.3 $
+ * $Revision: 1.4 $
- * $Date: 2008-12-21 22:17:05 $
+ * $Date: 2008-12-28 22:37:43 $
 * $Author: e107steved $
 *
 */
@@ -36,7 +36,7 @@ define('LAN_USER_02','Login Name');
 define('LAN_USER_03','Real Name');
 define('LAN_USER_04','Custom title');
 define('LAN_USER_05','Password');
-define('LAN_USER_06','Photo');
+define('LAN_USER_06','Photograph');
 define('LAN_USER_07','Avatar');
 define('LAN_USER_08','Email address');
 define('LAN_USER_09','Signature');
@@ -87,10 +87,10 @@ define('LAN_USER_56', 'Registered members: ');					// LAN_138
 define('LAN_USER_57', 'Order: ');								// LAN_139
 define('LAN_USER_58', 'Member');								// LAN_142
 define('LAN_USER_59', 'Joined');								// LAN_145
-define('LAN_USER_60', 'Email Address');							// LAN_112
+define('LAN_USER_60', 'Email Address: ');						// LAN_112
 define('LAN_USER_61', 'Rating');								// LAN_406
 define('LAN_USER_62', 'Send Private Message');					// LAN_425
-define('LAN_USER_63', 'Real Name');								// LAN_308
+define('LAN_USER_63', 'Real Name: ');							// LAN_308
 define('LAN_USER_64', 'Site Stats');							// LAN_403
 define('LAN_USER_65', 'Last visit');							// LAN_404
 define('LAN_USER_66', 'Visits to site since registration');		// LAN_146
@@ -98,8 +98,22 @@ define('LAN_USER_67', 'Chatbox posts');							// LAN_147
 define('LAN_USER_68', 'Comments posted');						// LAN_148
 define('LAN_USER_69', 'Forum posts');							// LAN_149
 define('LAN_USER_70', 'Show');									// LAN_419
-define('LAN_USER_71', 'Signature');								// LAN_120
+define('LAN_USER_71', 'Signature: ');							// LAN_120
 define('LAN_USER_72', 'Avatar: ');								// LAN_121
 define('LAN_USER_73', 'choice of Content/Mail-lists');
 define('LAN_USER_74', 'Custom Title');
 define('LAN_USER_75', 'Your --SOMETHING-- is required');		// Replaces LAN_SIGNUP_6, LAN_SIGNUP_7 combination
 define('LAN_USER_76', 'Subscribed to');							// LAN_USET_5
 define('LAN_USER_77', 'Your password must be at least --COUNT-- characters long.');	// Replaces LAN_SIGNUP_4, LAN_SIGNUP_5 combination
 define('LAN_USER_78', 'Min.');									// LAN_SIGNUP_1
 define('LAN_USER_79', 'chars.');								// LAN_SIGNUP_2
 define('LAN_USER_80', 'the name displayed on site');			// LAN_8
 define('LAN_USER_81', 'Username: ');							// LAN_9
 define('LAN_USER_82', 'the name you use to login to the site');	// LAN_10
 define('LAN_USER_83', 'Hide email address?: ');					// LAN_113
 define('LAN_USER_84', 'This will prevent your email address from being displayed on site');	// LAN_114
 define('LAN_USER_85', 'If you want to change your user name, you must ask a site administrator');
 define('LAN_USER_86', 'Maximum avatar size is --WIDTH-- x --HEIGHT-- pixels');
 // Error messages for when user data is missing. Done this way so that other code can override the default messages
@@ -122,7 +136,9 @@ if (!defined('USER_ERR_16')) { define('USER_ERR_16','Software error');  }
 if (!defined('USER_ERR_17')) { define('USER_ERR_17','Value too low');  }
 if (!defined('USER_ERR_18')) { define('USER_ERR_18','Value too high');  }
 if (!defined('USER_ERR_19')) { define('USER_ERR_19','General error');  }
-if (!defined('USER_ERR_20')) { define('USER_ERR_20','Unspecified error');  }
+if (!defined('USER_ERR_20')) { define('USER_ERR_20','Image too wide');  }
 if (!defined('USER_ERR_21')) { define('USER_ERR_21','Image too high');  }
 if (!defined('USER_ERR_22')) { define('USER_ERR_22','Unspecified error');  }
 ?>
--- a/e107_languages/English/lan_usersettings.php
+++ b/e107_languages/English/lan_usersettings.php
@@ -4,98 +4,75 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_usersettings.php,v $
-|     $Revision: 1.14 $
+|     $Revision: 1.15 $
-|     $Date: 2008-12-21 22:17:05 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
 define("PAGE_NAME", "User Settings");
-define("LAN_7", "Display Name: ");
+/*
-define("LAN_8", "the name displayed on site");
+LANs rationalised - some common ones now in lan_user.php. Old numbers generally cross-referenced
-define("LAN_9", "Username: ");
+// define("LAN_7", "Display Name: ");		See LAN_USER_01
 define("LAN_10", "the name you use to login to the site");
 define("LAN_11", "the name you use to login to the site - this cannot be changed, please contact an administrator if it needs to be changed for security purposes");
-define("LAN_20", "Error");
+//define("LAN_20", "Error");
 define("LAN_105", "The two passwords do not match");
 define("LAN_106", "That doesn't appear to be a valid email address");
-define("LAN_112", "Email Address: ");
+//define("LAN_112", "Email Address: ");		see LAN_USER_60
 define("LAN_113", "Hide email address?: ");
 define("LAN_114", "This will prevent your email address from being displayed on site");
 define("LAN_119", "Location: ");
 //define("LAN_120", "Signature: ");
 //define("LAN_121", "Avatar: ");
 define("LAN_144", "Website URL: ");
-define("LAN_150", "Settings updated and saved into database.");
+//define("LAN_151", "OK");
 define("LAN_151", "OK");
 define("LAN_152", "New Password: ");
 define("LAN_153", "Re-type New Password: ");
 define("LAN_154", "Save Settings");
 define("LAN_155", "Update User Settings");
 define("LAN_185", "You left the password field blank ");
-define("LAN_308", "Real Name: ");
+//define("LAN_308", "Real Name: ");
 define("LAN_401", "Leave blank to keep existing password");
 define("LAN_402", "Type path or choose avatar");
 define("LAN_403", "Choose avatar");
 define("LAN_404", "Please note: Any image uploaded to this server that is deemed inappropriate by the administrators will be deleted immediately.");
 define("LAN_410", "Settings for");
 define("LAN_411", "Update Your Settings");
 define("LAN_412", "Change Your Password");
 define("LAN_413", "Choose An Avatar");
-define("LAN_414", "Upload Your Photograph");
+//define("LAN_416", "Yes");
-define("LAN_415", "Upload your Avatar");
+//define("LAN_417", "No");
 define("LAN_416", "Yes");
 define("LAN_417", "No");
 define("LAN_418", "Registration Information");
 define("LAN_419", "Personal / Contact Information");
-define("LAN_420", "Avatar");
+//define("LAN_420", "Avatar");			LAN_USER_07
-define("LAN_421", "Choose site-stored avatar");
+//define("LAN_425", "Photograph");		LAN_USER_06
-define("LAN_422", "Use remote avatar");
+//define("LAN_427", "Submit ...");
-define("LAN_423", "Please type full address to image");
+//define("LAN_428", "News Item");
-define("LAN_424", "Click button to see avatars stored on this site");
+//define("LAN_429", "Link");
-define("LAN_425", "Photograph");
+//define("LAN_430", "Download");
-define("LAN_426", "This will be shown on your profile page");
+//define("LAN_431", "Article");
-define("LAN_427", "Submit ...");
+//define("LAN_432", "Review");
 define("LAN_428", "News Item");
 define("LAN_429", "Link");
 define("LAN_430", "Download");
 define("LAN_431", "Article");
 define("LAN_432", "Review");
-define("LAN_433", "URL to your XUP file");
+//define("LAN_435", "XML User Protocol file");	// LAN_USER_11
 define("LAN_434", "what's this?");
 define("LAN_435", "XML User Protocol file");
-define("LAN_SIGNUP_1", "Min.");
+//define("LAN_SIGNUP_1", "Min.");		See LAN_USER_78
-define("LAN_SIGNUP_2", "chars.");
+//define("LAN_SIGNUP_2", "chars.");	See LAN_USER_79
-define("LAN_SIGNUP_4", "Your password must be at least ");
+//define("LAN_SIGNUP_4", "Your password must be at least ");	See LAN_USER_77
-define("LAN_SIGNUP_5", " characters long.");
+//define("LAN_SIGNUP_5", " characters long.");			See LAN_USER_77
-define("LAN_SIGNUP_6", "Your ");
+//define("LAN_SIGNUP_6", "Your ");				See LAN_USER_75
-define("LAN_SIGNUP_7", " is required");
+//define("LAN_SIGNUP_7", " is required");		See LAN_USER_75
-// v.616
+//define("LAN_CUSTOMTITLE", "Custom Title");		See LAN_USER_04
 define("LAN_CUSTOMTITLE", "Custom Title");
 //define("LAN_ICQNUMBER", "ICQ number must contain only numbers");
 //v.617
 define("LAN_408", "A user with that email address already exists. ");
 */
 define("MAX_AVWIDTH", "Maximum avatar size (wxh) is ");
 define("MAX_AVHEIGHT", " x ");
 // define("GIF_RESIZE", "Please resize gif image or convert to different format");
-define("RESIZE_NOT_SUPPORTED", "Resize method not supported by this server. Please resize image or choose another. File has been deleted.");
+//define("RESIZE_NOT_SUPPORTED", "Resize method not supported by this server. Please resize image or choose another. File has been deleted.");
 // v0.7
 define("LAN_USET_1", "Your avatar is too wide");
 define("LAN_USET_2", "Maximum allowable width is");
 define("LAN_USET_3", "Your avatar is too high");
 define("LAN_USET_4", "Maximum allowable height is");
-define("LAN_USET_5", "Subscribed to");
+//define("LAN_USET_5", "Subscribed to");					// Now LAN_USER_76
-define("LAN_USET_6", "Subscribe to our mailing-list(s) and/or sections of this site.");
+//define("LAN_USET_6", "Subscribe to our mailing-list(s) and/or sections of this site.");		Now LAN_USER_73
 define("LAN_USET_7", "Miscellaneous");
 define("LAN_USET_8", "User Signature");
 define("LAN_USET_9", "Some of the required fields (marked with a *) are missing from your settings.");
@@ -108,14 +85,30 @@ define("LAN_USET_15", "Display name too long. Please choose another");
 define("LAN_USET_16", "Tick box to delete existing photo without uploading another");
 define("LAN_USET_17", "Display name already used. Please choose another");
 define('LAN_USET_18', 'User data changed by admin: --ID--, login name: --LOGNAME--');
-define('LAN_USET_19', 'Custom Title');
+//define('LAN_USET_19', 'Custom Title');			Now LAN_USER_74
 define('LAN_USET_20', 'You must also change the user\'s password if you are changing their login name or email address');
 define('LAN_USET_21', 'Please validate the changes by re-entering your password: ');
 define('LAN_USET_22', 'Invalid password!');
-define('LAN_USET_23', '');
+define('LAN_USET_23', 'Leave blank to keep existing password');		// LAN_401
-define('LAN_USET_24', '');
+define('LAN_USET_24', 'New Password: ');							// LAN_152
-define('LAN_USET_25', '');
+define('LAN_USET_25', 'Re-type New Password: ');					// LAN_153
 define('LAN_USET_26', 'Upload your Avatar');						// LAN_415
 define('LAN_USET_27', 'Upload Your Photograph');					// LAN_414
 define('LAN_USET_28', 'This will be shown on your profile page');	// LAN_426
 define('LAN_USET_29', 'URL to your XUP file');						// LAN_433
 define('LAN_USET_30', 'what\'s this?');								// LAN_434
 define('LAN_USET_31', 'Registration Information');					// LAN_418
 define('LAN_USET_32', 'Please note: Any image uploaded to this server that is deemed inappropriate by the administrators will be deleted immediately.');	// LAN_404
 define('LAN_USET_33', 'Choose site-stored avatar');					// LAN_421
 define('LAN_USET_34', 'Use remote avatar');							// LAN_422
 define('LAN_USET_35', 'Please type full address to image');			// LAN_423
 define('LAN_USET_36', 'Click button to see avatars stored on this site');	// LAN_424
 define('LAN_USET_37', 'Save Settings');								// LAN_154
 define('LAN_USET_38', 'Choose avatar');								// LAN_403
 define('LAN_USET_39', 'Update User Settings');						// LAN_155
 define('LAN_USET_40', 'The two passwords do not match');			// LAN_105
 define('LAN_USET_41', 'Settings updated and saved into database.');	// LAN_150
 define('LAN_USET_42', '');
 define('LAN_ENTER', 'Enter');
 ?>
--- a/e107_themes/templates/signup_template.php
+++ b/e107_themes/templates/signup_template.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_themes/templates/signup_template.php,v $
-|     $Revision: 1.11 $
+|     $Revision: 1.12 $
-|     $Date: 2008-12-21 22:17:05 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -53,8 +53,8 @@ if(!defined($USERCLASS_SUBSCRIBE_START))
 {
 $USERCLASS_SUBSCRIBE_START = "
 <tr>
-<td class='forumheader3' style='width:30%;vertical-align:top'>".LAN_USET_5." ".req($pref['signup_option_class'])."
+<td class='forumheader3' style='width:30%;vertical-align:top'>".LAN_USER_76." ".req($pref['signup_option_class'])."
-<br /><span class='smalltext'>".LAN_USET_6."</span></td>
+<br /><span class='smalltext'>".LAN_USER_73."</span></td>
 <td class='forumheader3' style='width:70%'>
 <table style='".USER_WIDTH."'>
 ";
@@ -276,7 +276,7 @@ $SIGNUP_BODY = "
 </tr>
 <tr>
-<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_86."{SIGNUP_IS_MANDATORY=email}</td>
+<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_USER_60."{SIGNUP_IS_MANDATORY=email}</td>
 <td class='forumheader3' style='width:70%'>
 {SIGNUP_EMAIL}
 </td>
@@ -290,7 +290,7 @@ $SIGNUP_BODY = "
 </tr>
 <tr>
-<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_87."</td>
+<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_USER_83."</td>
 <td class='forumheader3' style='width:70%'>
 {SIGNUP_HIDE_EMAIL}
 </td>
--- a/e107_themes/templates/usersettings_template.php
+++ b/e107_themes/templates/usersettings_template.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_themes/templates/usersettings_template.php,v $
-|     $Revision: 1.5 $
+|     $Revision: 1.6 $
-|     $Date: 2008-01-15 21:57:53 $
+|     $Date: 2008-12-28 22:37:43 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -24,14 +24,14 @@ global $usersettings_shortcodes, $pref;
 $sc_style['CUSTOMTITLE']['pre'] = "
 <tr>
-<td style='width:40%' class='forumheader3'>".LAN_CUSTOMTITLE.":</td>
+<td style='width:40%' class='forumheader3'>".LAN_USER_04.":</td>
 <td style='width:60%' class='forumheader2'>
 ";
 $sc_style['CUSTOMTITLE']['post'] = "</td></tr>";
 $sc_style['PASSWORD1']['pre'] = "
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_152."<br /><span class='smalltext'>".LAN_401."</span></td>
+	<td style='width:40%' class='forumheader3'>".LAN_USET_24."<br /><span class='smalltext'>".LAN_USET_23."</span></td>
 	<td style='width:60%' class='forumheader2'>
 ";
@@ -40,7 +40,7 @@ $sc_style['PASSWORD2']['pre'] = "
 	</tr>
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_153."<br /><span class='smalltext'>".LAN_401."</span></td>
+	<td style='width:40%' class='forumheader3'>".LAN_USET_25."<br /><span class='smalltext'>".LAN_USET_23."</span></td>
 	<td style='width:60%' class='forumheader2'>
 ";
 $sc_style['PASSWORD2']['post'] = "
@@ -48,29 +48,29 @@ $sc_style['PASSWORD2']['post'] = "
 	</tr>
 ";
-$sc_style['PASSWORD_LEN']['pre'] = "<br /><span class='smalltext'>  (".LAN_SIGNUP_1." ";
+$sc_style['PASSWORD_LEN']['pre'] = "<br /><span class='smalltext'>  (".LAN_USER_78." ";
-$sc_style['PASSWORD_LEN']['post'] = " ".LAN_SIGNUP_2.")</span>";
+$sc_style['PASSWORD_LEN']['post'] = " ".LAN_USER_79.")</span>";
 $sc_style['USERCLASSES']['pre'] = "<tr>
-<td style='width:40%;vertical-align:top' class='forumheader3'>".LAN_USET_5.":".req($pref['signup_option_class'])."
+<td style='width:40%;vertical-align:top' class='forumheader3'>".LAN_USER_76.":".req($pref['signup_option_class'])."
-<br /><span class='smalltext'>".LAN_USET_6."</span>
+<br /><span class='smalltext'>".LAN_USER_73."</span>
 </td>
 <td style='width:60%' class='forumheader2'>";
 $sc_style['USERCLASSES']['post'] = "</td></tr>";
 $sc_style['AVATAR_UPLOAD']['pre'] = "<tr>
-<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_415."<br /></td>
+<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_USET_26."<br /></td>
 <td style='width:60%' class='forumheader2'>
 ";
 $sc_style['AVATAR_UPLOAD']['post'] = "</td></tr>";
 $sc_style['PHOTO_UPLOAD']['pre'] = "
 <tr>
-<td colspan='2' class='forumheader'>".LAN_425."</td>
+<td colspan='2' class='forumheader'>".LAN_USER_06."</td>
 </tr>
 <tr>
-<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_414."<br /><span class='smalltext'>".LAN_426."</span></td>
+<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_USET_27."<br /><span class='smalltext'>".LAN_USET_28."</span></td>
 <td style='width:60%' class='forumheader2'><span class='smalltext'>
 ";
 $sc_style['PHOTO_UPLOAD']['post'] = "</span></td></tr>";
@@ -78,10 +78,10 @@ $sc_style['PHOTO_UPLOAD']['post'] = "</span></td></tr>";
 $sc_style['XUP']['pre'] = "
 <tr>
-<td colspan='2' class='forumheader'>".LAN_435."</td>
+<td colspan='2' class='forumheader'>".LAN_USER_11."</td>
 </tr>
 <tr>
-<td style='width:20%; vertical-align:top' class='forumheader3'>".LAN_433."<br /><span class='smalltext'><a href='http://e107.org/generate_xup.php' rel='external'>".LAN_434."</a></span></td>
+<td style='width:20%; vertical-align:top' class='forumheader3'>".LAN_USET_29."<br /><span class='smalltext'><a href='http://e107.org/generate_xup.php' rel='external'>".LAN_USET_30."</a></span></td>
 <td style='width:80%' class='forumheader2'>
 ";
 $sc_style['XUP']['post'] = "</td></tr>";
@@ -104,25 +104,25 @@ $USERSETTINGS_EDIT = "
 	<table style='".USER_WIDTH."' class='fborder'>
 	<tr>
-	<td colspan='2' class='forumheader'>".LAN_418."</td>
+	<td colspan='2' class='forumheader'>".LAN_USET_31."</td>
 	</tr>
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_7."<br /><span class='smalltext'>".LAN_8."</span></td>
+	<td style='width:40%' class='forumheader3'>".LAN_USER_01."<br /><span class='smalltext'>".LAN_USER_80."</span></td>
 	<td style='width:60%' class='forumheader2'>
 	{USERNAME}
 	</td>
 	</tr>
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_9."<br /><span class='smalltext'>".LAN_10."</span></td>
+	<td style='width:40%' class='forumheader3'>".LAN_USER_81."<br /><span class='smalltext'>".LAN_USER_82."</span></td>
 	<td style='width:60%' class='forumheader2'>
 	{LOGINNAME}
 	</td>
 	</tr>
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_308.req($pref['signup_option_realname'])."</td>
+	<td style='width:40%' class='forumheader3'>".LAN_USER_63.req($pref['signup_option_realname'])."</td>
 	<td style='width:60%' class='forumheader2'>
 	{REALNAME}
 	</td>
@@ -135,14 +135,14 @@ $USERSETTINGS_EDIT = "
 	{PASSWORD2}
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_112.req(!$pref['disable_emailcheck'])."</td>
+	<td style='width:40%' class='forumheader3'>".LAN_USER_60.req(!$pref['disable_emailcheck'])."</td>
 	<td style='width:60%' class='forumheader2'>
 	{EMAIL}
 	</td>
 	</tr>
 	<tr>
-	<td style='width:40%' class='forumheader3'>".LAN_113."<br /><span class='smalltext'>".LAN_114."</span></td>
+	<td style='width:40%' class='forumheader3'>".LAN_USER_83."<br /><span class='smalltext'>".LAN_USER_84."</span></td>
 	<td style='width:60%' class='forumheader2'><span class='defaulttext'>
 	{HIDEEMAIL=radio}
 	</span>
@@ -154,7 +154,7 @@ $USERSETTINGS_EDIT = "
 	<tr><td colspan='2' class='forumheader'>".LAN_USET_8."</td></tr>
 	<tr>
-	<td style='width:40%;vertical-align:top' class='forumheader3'>".LAN_120.req($pref['signup_option_signature'])."</td>
+	<td style='width:40%;vertical-align:top' class='forumheader3'>".LAN_USER_71.req($pref['signup_option_signature'])."</td>
 	<td style='width:60%' class='forumheader2'>
 	{SIGNATURE=cols=58&rows=4}
 	<br />
@@ -163,22 +163,22 @@ $USERSETTINGS_EDIT = "
 	</tr>
 	<tr>
-	<td colspan='2' class='forumheader'>".LAN_420."</td>
+	<td colspan='2' class='forumheader'>".LAN_USER_07."</td>
 	</tr>
 	<tr>
-	<td colspan='2' class='forumheader3' style='text-align:center'>".LAN_404.($pref['im_width'] || $pref['im_height'] ? "<br />".($pref['im_width'] ? MAX_AVWIDTH.$pref['im_width']." pixels. " : "").($pref['im_height'] ? MAX_AVHEIGHT.$pref['im_height']." pixels." : "") : "")."</td>
+	<td colspan='2' class='forumheader3' style='text-align:center'>".LAN_USET_32.($pref['im_width'] || $pref['im_height'] ? "<br />".str_replace(array('--WIDTH--','--HEIGHT--'), array($pref['im_width'], $pref['im_height']), LAN_USER_86) : "")."</td>
 	</tr>
 	<tr>
-	<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_422.req($pref['signup_option_image'])."<br /><span class='smalltext'>".LAN_423."</span></td>
+	<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_USET_34.req($pref['signup_option_image'])."<br /><span class='smalltext'>".LAN_USET_35."</span></td>
 	<td style='width:60%' class='forumheader2'>
 	{AVATAR_REMOTE}
 	</td>
 	</tr>
 	<tr>
-	<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_421."<br /><span class='smalltext'>".LAN_424."</span></td>
+	<td style='width:40%; vertical-align:top' class='forumheader3'>".LAN_USET_33."<br /><span class='smalltext'>".LAN_USET_36."</span></td>
 	<td style='width:60%' class='forumheader2'>
 	{AVATAR_CHOOSE}
 	</td>
@@ -189,7 +189,7 @@ $USERSETTINGS_EDIT = "
 	{XUP}
 	<tr style='vertical-align:top'>
-	<td colspan='2' style='text-align:center' class='forumheader'><input class='button' type='submit' name='updatesettings' value='".LAN_154."' /></td>
+	<td colspan='2' style='text-align:center' class='forumheader'><input class='button' type='submit' name='updatesettings' value='".LAN_USET_37."' /></td>
 	</tr>
 	</table>
 	</div>
--- a/signup.php
+++ b/signup.php
@@ -9,8 +9,8 @@
 * User signup
 *
 * $Source: /cvs_backup/e107_0.8/signup.php,v $
- * $Revision: 1.28 $
+ * $Revision: 1.29 $
- * $Date: 2008-12-21 22:17:05 $
+ * $Date: 2008-12-28 22:37:42 $
 * $Author: e107steved $
 *
 */
@@ -21,7 +21,7 @@ $qs = explode(".", e_QUERY);
 if($qs[0] != 'activate')
 {   // multi-language fix.
 	include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_signup.php");
-	include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_usersettings.php");
+//	include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_usersettings.php");		Shouldn't need this now
 }
 include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');		// Generic user-related language defines
@@ -443,15 +443,15 @@ if (isset($_POST['register']))
 		else
 		{
 			$savePassword = $_POST['password1'];	// May need in plaintext later
 			unset($_POST['password1']);				// Restrict the scope of this
 			unset($_POST['password2']);
 		}
 		unset($_POST['password1']);					// Restrict the scope of this
 		unset($_POST['password2']);
 		$allData['user_ip'] = $e107->getip();
 		// check for multiple signups from the same IP address.
-		if($ipcount = $sql->db_Select("user", "*", "user_ip='".$allData['user_ip']."' and user_ban !='2' "))
+		if($ipcount = $sql->db_Select('user', '*', "user_ip='".$allData['user_ip']."' and user_ban !='2' "))
 		{
 			if($ipcount >= $pref['signup_maxip'] && trim($pref['signup_maxip']) != "")
 			{
@@ -473,83 +473,55 @@ if (isset($_POST['register']))
 		// Verify Custom Signup options if selected - need specific loop since the need for them is configuration-dependent
-		$signup_option_title = array(LAN_USER_63, LAN_USER_71, LAN_USER_72, LAN_SIGNUP_28);
+		$signup_option_title = array(LAN_USER_63, LAN_USER_71, LAN_USER_72, LAN_USER_73, LAN_USER_74);
-		$signup_option_names = array("realname", "signature", "image", "class");
+		$signup_option_names = array('realname', 'signature', 'image', 'class', 'customtitle');
 		foreach($signup_option_names as $key => $value)
 		{
 			if ($pref['signup_option_'.$value] == 2 && !isset($alldata['validate']['user_'.$value]) && !isset($alldata['errors']['user_'.$value]))
 			{
 				$alldata['errors']['user_'.$value] = ERR_GENERIC;
-				$alldata['errortext']['user_'.$value] = LAN_SIGNUP_6.$signup_option_title[$key].LAN_SIGNUP_7;
+				$alldata['errortext']['user_'.$value] = str_replace('--SOMETHING--',$signup_option_title[$key],LAN_USER_75);
 			}
 		}
-		// Extended Field validation
+		// Validate Extended User Fields.
 		$extList = $usere->user_extended_get_fieldList();
 		$eufVals = array();
-	
+		if (isset($_POST['ue']))
 		foreach($extList as $ext)
 		{
-			$eufName = 'user_'.$ext['user_extended_struct_name'];
+			$eufVals = $ue->userExtendedValidateAll($_POST['ue'], varset($_POST['hide'],array()));		// Validate the extended user fields
 			if(isset($_POST['ue'][$eufName]))
 			{
 				$newval = trim($_POST['ue'][$eufName]);		// use $tp->toDB()  ??
 	//			echo "Vetting field ".'user_'.$ext['user_extended_struct_name'].": {$newval} = ".trim($_POST['ue']['user_'.$ext['user_extended_struct_name']])."<br />";
 				if($ext['user_extended_struct_required'] == 1 && (($newval == "") || (($ext['user_extended_struct_type'] == 7) && ($newval == '0000-00-00')) ))
 				{	// Required field not present
 					$_ftext = (defined($ext['user_extended_struct_text']) ? constant($ext['user_extended_struct_text']) : $ext['user_extended_struct_text']);
 					$error_message .= LAN_SIGNUP_6.$_ftext.LAN_SIGNUP_7."\\n";
 					$error = TRUE;
 				}
 				else
 				{
 					$parms = explode("^,^", $ext['user_extended_struct_parms']);
 					$regex = (isset($parms[1]) ? $tp->toText($parms[1]) : "");
 					$regexfail = (isset($parms[2]) ? trim($tp->toText($parms[2])) : "");
 					if($regexfail == "")
 					{
 						$regexfail = $ext['user_extended_struct_name']." ".LAN_SIGNUP_53;
 					}
 					if(defined($regexfail)) {$regexfail = constant($regexfail);}
 					if($regex != "" && $newval != "" && !preg_match($regex, $newval))
 					{
 						$error_message .= $regexfail."\\n";
 						$error = TRUE;
 					}
 					else
 					{
 						$eufVals[$eufName] = $newval;
 					}
 				}
 			}
 		}
 		// Determine whether we have an error
 		$error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])));
 		// All validated here - handle any errors
-		if (count($allData['errors']))
+		if ($error)
 		{
 			require_once(e_HANDLER."message_handler.php");
-			$temp = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
+			$temp = array();
-			message_handler('P_ALERT', $temp.'<br />'.$error_message);
+			if (count($allData['errors']))
-			$error = TRUE;
+			{
 				$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
 			}
 			if (varsettrue($eufData['errors']))
 			{
 				$temp[] = validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
 			}
 			if ($error_message) { $temp[] = $error_message; }
 			message_handler('P_ALERT', implode('<br />', $temp));
 		}
 	}		// End of data validation
 	if($error_message)
 	{
 		message_handler("P_ALERT", $error_message);
 		$error_message = '';
 	}
 	// ========== End of verification.. ==============
 	// If no errors, we can enter the new member in the DB
 	// At this point we have two data arrays:
 	//		$allData['validate'] - the 'core' user data
-	//		$eufVals - any extended user fields
+	//		$eufVals['validate'] - any extended user fields
 	if (!$error)
 	{
@@ -566,8 +538,8 @@ if (isset($_POST['register']))
 		}
-		$u_key = md5(uniqid(rand(), 1));				// Key for signup completion
+		$u_key = md5(uniqid(rand(), 1));					// Key for signup completion
-		$allData['validate']['user_sess'] = $u_key;				// Validation key
+		$allData['validate']['user_sess'] = $u_key;			// Validation key
 		// Work out all user classes
 		$intClasses = array();
@@ -613,10 +585,10 @@ if (isset($_POST['register']))
 		// Actually write data to DB
 		$nid = $sql->db_Insert("user", $allData['validate']);
-		if(count($eufVals))
+		if (isset($eufVals['validate']) && count($eufVals['validate']))
 		{
 			$sql->db_Select_gen("INSERT INTO `#user_extended` (user_extended_id) values ('{$nid}')");
-			$sql->db_UpdateArray("user_extended", $eufVals." WHERE `user_extended_id` = ".intval($nid));
+			$sql->db_UpdateArray("user_extended", $eufVals['validate']." WHERE `user_extended_id` = ".intval($nid));
 		}
 		if (SIGNUP_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Signup new user",array_merge($allData['validate'],$eufVals) ,FALSE,LOG_TO_ROLLING);
--- a/usersettings.php
+++ b/usersettings.php