mirror of
https://github.com/e107inc/e107.git
synced 2025-08-01 20:30:39 +02:00
Start of generic user data validation, kill references to user_realm field
This commit is contained in:
@@ -11,8 +11,8 @@
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/class2.php,v $
|
||||
| $Revision: 1.86 $
|
||||
| $Date: 2008-12-19 22:56:22 $
|
||||
| $Revision: 1.87 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
@@ -1446,7 +1446,6 @@ function init_session()
|
||||
define('USEREMAIL', $result['user_email']);
|
||||
define('USER', true);
|
||||
define('USERCLASS', $result['user_class']);
|
||||
define('USERREALM', $result['user_realm']);
|
||||
define('USERVIEWED', $result['user_viewed']);
|
||||
define('USERIMAGE', $result['user_image']);
|
||||
define('USERPHOTO', $result['user_sess']);
|
||||
|
@@ -1,20 +1,18 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system
|
||||
|
|
||||
| <20>Steve Dunstan 2001-2002
|
||||
| http://e107.org
|
||||
| jalist@e107.org
|
||||
|
|
||||
| Released under the terms and conditions of the
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
|
||||
| $Revision: 1.17 $
|
||||
| $Date: 2008-07-03 21:23:39 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* Administration Area - Users
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
|
||||
* $Revision: 1.18 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
require_once("../class2.php");
|
||||
|
||||
@@ -48,12 +46,14 @@ if (isset($_POST['useraction']) && $_POST['useraction'] == 'userclass')
|
||||
|
||||
$e_sub_cat = 'users';
|
||||
$user = new users;
|
||||
require_once("auth.php");
|
||||
require_once('auth.php');
|
||||
|
||||
require_once(e_HANDLER."form_handler.php");
|
||||
require_once(e_HANDLER."userclass_class.php");
|
||||
require_once(e_HANDLER.'form_handler.php');
|
||||
require_once(e_HANDLER.'userclass_class.php');
|
||||
require_once(e_HANDLER.'user_handler.php');
|
||||
$user_info = new UserHandler;
|
||||
require_once(e_HANDLER.'validator_class.php');
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
|
||||
$userMethods = new UserHandler;
|
||||
$user_data = array();
|
||||
|
||||
$rs = new form;
|
||||
@@ -106,7 +106,7 @@ if(isset($_POST['resend_to_all']))
|
||||
// ------- Test Email. --------------
|
||||
if (isset($_POST['test_mail']))
|
||||
{
|
||||
require_once(e_HANDLER."mail_validation_class.php");
|
||||
require_once(e_HANDLER.'mail_validation_class.php');
|
||||
list($adminuser,$adminhost) = split ("@", SITEADMINEMAIL);
|
||||
$validator = new email_validation_class;
|
||||
$validator->localuser= $adminuser;
|
||||
@@ -141,20 +141,27 @@ if (isset($_POST['test_mail']))
|
||||
// ------- Update Options. --------------
|
||||
if (isset($_POST['update_options']))
|
||||
{
|
||||
$pref['avatar_upload'] = (FILE_UPLOADS ? $_POST['avatar_upload'] : 0);
|
||||
$pref['im_width'] = $_POST['im_width'];
|
||||
$pref['im_height'] = $_POST['im_height'];
|
||||
$pref['photo_upload'] = (FILE_UPLOADS ? $_POST['photo_upload'] : 0);
|
||||
$pref['del_unv'] = $_POST['del_unv'];
|
||||
$pref['profile_rate'] = $_POST['profile_rate'];
|
||||
$pref['profile_comments'] = $_POST['profile_comments'];
|
||||
$pref['track_online'] = $_POST['track_online'];
|
||||
$pref['force_userupdate'] = $_POST['force_userupdate'];
|
||||
$pref['memberlist_access'] = $_POST['memberlist_access'];
|
||||
save_prefs();
|
||||
unset($_POST['update_options']); // So we don't log it
|
||||
$admin_log->log_event('USET_03',$tp->toDB(implode('; ',$_POST)),E_LOG_INFORMATIVE);
|
||||
$user->show_message(USRLAN_1);
|
||||
$temp = array();
|
||||
$temp['avatar_upload'] = (FILE_UPLOADS ? $_POST['avatar_upload'] : 0);
|
||||
$temp['im_width'] = $_POST['im_width'];
|
||||
$temp['im_height'] = $_POST['im_height'];
|
||||
$temp['photo_upload'] = (FILE_UPLOADS ? $_POST['photo_upload'] : 0);
|
||||
$temp['del_unv'] = $_POST['del_unv'];
|
||||
$temp['profile_rate'] = $_POST['profile_rate'];
|
||||
$temp['profile_comments'] = $_POST['profile_comments'];
|
||||
$temp['track_online'] = $_POST['track_online'];
|
||||
$temp['force_userupdate'] = $_POST['force_userupdate'];
|
||||
$temp['memberlist_access'] = $_POST['memberlist_access'];
|
||||
$temp['user_new_period'] = $_POST['user_new_period'];
|
||||
if ($admin_log->logArrayDiffs($temp, $pref, 'USET_03'))
|
||||
{
|
||||
save_prefs(); // Only save if changes
|
||||
$user->show_message(USRLAN_1);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user->show_message(USRLAN_193);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -184,136 +191,89 @@ if (isset($_POST['prune']))
|
||||
// ------- Quick Add User --------------
|
||||
if (isset($_POST['adduser']))
|
||||
{
|
||||
$e107cache->clear("online_menu_member_total");
|
||||
$e107cache->clear("online_menu_member_newest");
|
||||
if (!$_POST['ac'] == md5(ADMINPWCHANGE))
|
||||
{
|
||||
exit;
|
||||
}
|
||||
|
||||
$user_data = array(); // Assemble the data into an array
|
||||
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
$displayname = strip_tags($_POST['name']);
|
||||
if (($displayname != strip_tags($_POST['name'])) || (strstr($_POST['name'], "#") || strstr($_POST['name'], "=")))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_92);
|
||||
$error = TRUE;
|
||||
}
|
||||
$displayname = trim(str_replace(" ", "", $displayname));
|
||||
if ($displayname == "Anonymous")
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_65);
|
||||
$error = TRUE;
|
||||
}
|
||||
if ((strlen($displayname) > varset($pref['displayname_maxlength'],15)) || (strlen($displayname) < 2))
|
||||
{
|
||||
message_handler('P_ALERT',USRLAN_154);
|
||||
$error = TRUE;
|
||||
}
|
||||
if ($sql->db_Count("user", "(*)", "WHERE user_name='".$displayname."' "))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_66);
|
||||
$error = TRUE;
|
||||
}
|
||||
$e107cache->clear('online_menu_member_total');
|
||||
$e107cache->clear('online_menu_member_newest');
|
||||
|
||||
$error = FALSE;
|
||||
|
||||
if (isset($_POST['generateloginname']))
|
||||
{
|
||||
$loginname = $user_info->generateUserLogin($pref['predefinedLoginName']);
|
||||
$_POST['loginname'] = $userMethods->generateUserLogin($pref['predefinedLoginName']);
|
||||
}
|
||||
else
|
||||
{
|
||||
$loginname = trim(preg_replace('/ |\#|\=|\$/', "", strip_tags($_POST['loginname'])));
|
||||
if ($loginname != $_POST['loginname'])
|
||||
{
|
||||
message_handler('P_ALERT',USRLAN_152);
|
||||
$error = TRUE;
|
||||
}
|
||||
}
|
||||
if ((strlen($loginname) > varset($pref['loginname_maxlength'],30)) || (strlen($loginname) < 3))
|
||||
{
|
||||
message_handler('P_ALERT',USRLAN_154);
|
||||
$error = TRUE;
|
||||
}
|
||||
if ($sql->db_Count("user", "(*)", "WHERE user_loginname='".$loginname."' "))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_153);
|
||||
$error = TRUE;
|
||||
}
|
||||
|
||||
|
||||
if (isset($_POST['generatepassword']))
|
||||
{
|
||||
$_POST['password1'] = $user_info->generateRandomString('**********'); // 10-char password should be enough
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($_POST['password1'] != $_POST['password2'])
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_67);
|
||||
$error = TRUE;
|
||||
}
|
||||
$_POST['password1'] = $userMethods->generateRandomString('**********'); // 10-char password should be enough
|
||||
$_POST['password2'] = $_POST['password1'];
|
||||
}
|
||||
|
||||
if ($_POST['name'] == "" || $_POST['password1'] == "" || $_POST['password2'] = "")
|
||||
// Now validate everything
|
||||
$allData = validatorClass::validateFields($_POST,$userMethods->userVettingInfo, TRUE); // Do basic validation
|
||||
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
|
||||
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
|
||||
$userMethods->userValidation($allData); // Do user-specific DB checks
|
||||
if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password']))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_68);
|
||||
$error = TRUE;
|
||||
$allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT;
|
||||
}
|
||||
if (!check_email($_POST['email']))
|
||||
if (!check_class($pref['displayname_class'], $allData['validate']['user_class']))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_69);
|
||||
$error = TRUE;
|
||||
if ($allData['validate']['user_name'] != $allData['validate']['user_loginname'])
|
||||
{
|
||||
$allData['errors']['user_name'] = ERR_FIELDS_DIFFERENT;
|
||||
}
|
||||
}
|
||||
if ($sql->db_Count("user", "(*)", "WHERE user_email='".$_POST['email']."' AND user_ban='1' "))
|
||||
|
||||
if (count($allData['errors']))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_147);
|
||||
$error = TRUE;
|
||||
}
|
||||
if ($sql->db_Count("banlist", "(*)", "WHERE banlist_ip='".$_POST['email']."'"))
|
||||
{
|
||||
message_handler("P_ALERT", USRLAN_148);
|
||||
$error = TRUE;
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
$temp = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
|
||||
message_handler('P_ALERT', $temp);
|
||||
$error = TRUE;
|
||||
}
|
||||
|
||||
// Always save some of the entered data - then we can redisplay on error
|
||||
$user_data['user_name'] = $displayname;
|
||||
$user_data['user_loginname'] = $loginname;
|
||||
$user_data['user_class'] = implode(",", $_POST['userclass']);
|
||||
$user_data['user_email'] = $tp->toDB($_POST['email']);
|
||||
$user_data['user_hideemail'] = 1;
|
||||
$user_data['user_login'] = $tp->toDB($_POST['realname']);
|
||||
$user_data = $allData['validate'];
|
||||
|
||||
if (!$error)
|
||||
{
|
||||
$user_data['user_password'] = $user_info->HashPassword($_POST['password1'],$loginname);
|
||||
$user_data['user_join'] = time();
|
||||
$user_data['user_lastvisit'] = 0;
|
||||
$user_data['user_currentvisit'] = 0;
|
||||
$user_data['user_pwchange'] = 0;
|
||||
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
|
||||
{
|
||||
// Add to admin log
|
||||
$admin_log->log_event('USET_02',"UName: {$user_data['user_name']}; Email: {$user_data['user_email']}",E_LOG_INFORMATIVE);
|
||||
// Add to user audit trail
|
||||
$admin_log->user_audit(USER_AUDIT_ADD_ADMIN,$user_data, 0,$user_data['user_loginname']);
|
||||
if (isset($_POST['sendconfemail']))
|
||||
{ // Send confirmation email to user
|
||||
require_once(e_HANDLER.'mail.php');
|
||||
$e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$_POST['password1']),USRLAN_185).USRLAN_186;
|
||||
if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'',''))
|
||||
{
|
||||
$message = USRLAN_188;
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = USRLAN_189;
|
||||
}
|
||||
$message = '';
|
||||
$user_data['user_password'] = $userMethods->HashPassword($_POST['password1'],$loginname);
|
||||
$user_data['user_join'] = time();
|
||||
if ($userMethods->needEmailPassword())
|
||||
{ // Save separate password encryption for use with email address
|
||||
$user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($_POST['password1'], $user_data['user_email'])));
|
||||
}
|
||||
$userMethods->addNonDefaulted($user_data);
|
||||
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
|
||||
{
|
||||
// Add to admin log
|
||||
$admin_log->log_event('USET_02',"UName: {$user_data['user_name']}; Email: {$user_data['user_email']}",E_LOG_INFORMATIVE);
|
||||
// Add to user audit trail
|
||||
$admin_log->user_audit(USER_AUDIT_ADD_ADMIN,$user_data, 0,$user_data['user_loginname']);
|
||||
if (isset($_POST['sendconfemail']))
|
||||
{ // Send confirmation email to user
|
||||
require_once(e_HANDLER.'mail.php');
|
||||
$e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$_POST['password1']),USRLAN_185).USRLAN_186;
|
||||
if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'',''))
|
||||
{
|
||||
$message = USRLAN_188.'<br /><br />';
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = USRLAN_189.'<br /><br />';
|
||||
}
|
||||
}
|
||||
$message .= str_replace('--NAME--',$user_data['user_name'], USRLAN_174) ;
|
||||
if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname;
|
||||
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$_POST['password1'];
|
||||
|
||||
unset($user_data); // Don't recycle the data once the user's been accepted without error
|
||||
}
|
||||
if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname;
|
||||
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$_POST['password1'];
|
||||
}
|
||||
}
|
||||
if (isset($message)) $user->show_message($message);
|
||||
}
|
||||
@@ -599,24 +559,25 @@ $unverified = $sql -> db_Count("user", "(*)", "WHERE user_ban = 2");
|
||||
if (!e_QUERY) $action = "main";
|
||||
switch ($action)
|
||||
{
|
||||
case "unverified" :
|
||||
$user->show_existing_users($action, $sub_action, $id, $from, $amount);
|
||||
break;
|
||||
case "unverified" :
|
||||
$user->show_existing_users($action, $sub_action, $id, $from, $amount);
|
||||
break;
|
||||
|
||||
case "options" :
|
||||
$user->show_prefs();
|
||||
break;
|
||||
case "options" :
|
||||
$user->show_prefs();
|
||||
break;
|
||||
|
||||
case "prune" :
|
||||
$user->show_prune();
|
||||
break;
|
||||
case "prune" :
|
||||
$user->show_prune();
|
||||
break;
|
||||
|
||||
case "create" :
|
||||
$user->add_user($user_data);
|
||||
break;
|
||||
case "create" :
|
||||
$userMethods->deleteExpired(); // Remove time-expired users
|
||||
$user->add_user($user_data);
|
||||
break;
|
||||
|
||||
default :
|
||||
$user->show_existing_users($action, $sub_action, $id, $from, $amount);
|
||||
default :
|
||||
$user->show_existing_users($action, $sub_action, $id, $from, $amount);
|
||||
}
|
||||
|
||||
|
||||
@@ -631,7 +592,7 @@ class users
|
||||
|
||||
function show_existing_users($action, $sub_action, $id, $from, $amount)
|
||||
{
|
||||
global $sql, $rs, $ns, $tp, $mySQLdefaultdb,$pref,$unverified;
|
||||
global $sql, $rs, $ns, $tp, $mySQLdefaultdb,$pref,$unverified, $userMethods;
|
||||
// save the display choices.
|
||||
if(isset($_POST['searchdisp']))
|
||||
{
|
||||
@@ -648,7 +609,8 @@ class users
|
||||
$search_display = explode("|",$pref['admin_user_disp']);
|
||||
}
|
||||
|
||||
if ($sql->db_Select("userclass_classes")) {
|
||||
if ($sql->db_Select("userclass_classes"))
|
||||
{
|
||||
while ($row = $sql->db_Fetch())
|
||||
{
|
||||
$class[$row['userclass_id']] = $tp->toHTML($row['userclass_name'],"","defs,emotes_off, no_make_clickable");
|
||||
@@ -660,12 +622,12 @@ class users
|
||||
if (isset($_POST['searchquery']) && $_POST['searchquery'] != "")
|
||||
{
|
||||
$_POST['searchquery'] = $tp->toDB(trim($_POST['searchquery']));
|
||||
$query = "WHERE ".
|
||||
$query = "WHERE ".
|
||||
$query .= (strpos($_POST['searchquery'], "@") !== FALSE) ? "user_email REGEXP('".$_POST['searchquery']."') OR ": "";
|
||||
$query .= (strpos($_POST['searchquery'], ".") !== FALSE) ? "user_ip REGEXP('".$_POST['searchquery']."') OR ": "";
|
||||
foreach($search_display as $disp)
|
||||
{
|
||||
$query .= "$disp REGEXP('".$_POST['searchquery']."') OR ";
|
||||
$query .= $disp." REGEXP('".$_POST['searchquery']."') OR ";
|
||||
}
|
||||
$query .= "user_login REGEXP('".$_POST['searchquery']."') OR ";
|
||||
$query .= "user_name REGEXP('".$_POST['searchquery']."') ";
|
||||
@@ -674,7 +636,9 @@ class users
|
||||
$query .= " AND user_ban = 2 ";
|
||||
}
|
||||
$query .= " ORDER BY user_id";
|
||||
} else {
|
||||
}
|
||||
else
|
||||
{
|
||||
$query = "";
|
||||
if($action == 'unverified')
|
||||
{
|
||||
@@ -684,75 +648,42 @@ class users
|
||||
}
|
||||
|
||||
// $user_total = db_Count($table, $fields = '(*)',
|
||||
$qry_insert = "SELECT u.*, ue.* FROM #user AS u LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id ";
|
||||
|
||||
if ($user_total = $sql->db_Select_gen($qry_insert. $query)) {
|
||||
$qry_insert = "SELECT u.*, ue.* FROM #user AS u LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id ";
|
||||
|
||||
if ($user_total = $sql->db_Select_gen($qry_insert. $query))
|
||||
{
|
||||
$text .= "<table class='fborder' style='".ADMIN_WIDTH."'>
|
||||
<tr>
|
||||
<td style='width:5%' class='fcaption'><a href='".e_SELF."?main.user_id.".($id == "desc" ? "asc" : "desc").".$from'>ID</a></td>
|
||||
<td style='width:10%' class='fcaption'><a href='".e_SELF."?main.user_ban.".($id == "desc" ? "asc" : "desc").".$from'>".USRLAN_79."</a></td>";
|
||||
|
||||
|
||||
// Search Display Column header.
|
||||
$display_lan = array(
|
||||
'user_id' => DUSRLAN_1,
|
||||
'user_name' => DUSRLAN_2,
|
||||
'user_loginname' => DUSRLAN_3,
|
||||
'user_customtitle' => DUSRLAN_4,
|
||||
'user_password' => DUSRLAN_5,
|
||||
'user_sess' => DUSRLAN_6,
|
||||
'user_email' => DUSRLAN_7,
|
||||
'user_homepage' => DUSRLAN_8,
|
||||
'user_icq' => DUSRLAN_9,
|
||||
'user_aim' => DUSRLAN_10,
|
||||
'user_msn' => DUSRLAN_11,
|
||||
'user_location' => DUSRLAN_12,
|
||||
'user_birthday' => DUSRLAN_13,
|
||||
'user_signature' => DUSRLAN_14,
|
||||
'user_image' => DUSRLAN_15,
|
||||
'user_timezone' => DUSRLAN_16,
|
||||
'user_hideemail' => DUSRLAN_17,
|
||||
'user_join' => DUSRLAN_18,
|
||||
'user_lastvisit' => DUSRLAN_19,
|
||||
'user_currentvisit' => DUSRLAN_20,
|
||||
'user_lastpost' => DUSRLAN_21,
|
||||
'user_chats' => DUSRLAN_22,
|
||||
'user_comments' => DUSRLAN_23,
|
||||
'user_forums' => DUSRLAN_24,
|
||||
'user_ip' => DUSRLAN_25,
|
||||
'user_ban' => DUSRLAN_26,
|
||||
'user_prefs' => DUSRLAN_27,
|
||||
'user_new' => DUSRLAN_28,
|
||||
'user_viewed' => DUSRLAN_29,
|
||||
'user_visits' => DUSRLAN_30,
|
||||
'user_admin' => DUSRLAN_31,
|
||||
'user_login' => DUSRLAN_32,
|
||||
'user_class' => DUSRLAN_33,
|
||||
'user_perms' => DUSRLAN_34,
|
||||
'user_realm' => DUSRLAN_35,
|
||||
'user_pwchange' => DUSRLAN_36,
|
||||
'user_xup' => DUSRLAN_37
|
||||
);
|
||||
|
||||
foreach($search_display as $disp){
|
||||
if (isset($display_lan[$disp])) {
|
||||
<tr>
|
||||
<td style='width:5%' class='fcaption'><a href='".e_SELF."?main.user_id.".($id == "desc" ? "asc" : "desc").".$from'>ID</a></td>
|
||||
<td style='width:10%' class='fcaption'><a href='".e_SELF."?main.user_ban.".($id == "desc" ? "asc" : "desc").".$from'>".USRLAN_79."</a></td>";
|
||||
|
||||
|
||||
// Search Display Column header.
|
||||
$display_lan = $userMethods->getNiceNames(TRUE); // List of field names and descriptive names
|
||||
foreach($search_display as $disp)
|
||||
{
|
||||
if (isset($display_lan[$disp]))
|
||||
{
|
||||
$text .= "<td style='width:15%' class='fcaption'><a href='".e_SELF."?main.$disp.".($id == "desc" ? "asc" : "desc").".$from'>".$display_lan[$disp]."</a></td>";
|
||||
} else {
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= "<td style='width:15%' class='fcaption'><a href='".e_SELF."?main.$disp.".($id == "desc" ? "asc" : "desc").".$from'>".ucwords(str_replace("_"," ",$disp))."</a></td>";
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------------------
|
||||
|
||||
|
||||
// ------------------------------
|
||||
|
||||
$text .= " <td style='width:30%' class='fcaption'>".LAN_OPTIONS."</td>
|
||||
</tr>";
|
||||
|
||||
while ($row = $sql->db_Fetch()) {
|
||||
</tr>";
|
||||
|
||||
while ($row = $sql->db_Fetch())
|
||||
{
|
||||
extract($row);
|
||||
$text .= "<tr>
|
||||
<td style='width:5%; text-align:center' class='forumheader3'>$user_id</td>
|
||||
<td style='width:5%; text-align:center' class='forumheader3'>{$user_id}</td>
|
||||
<td style='width:10%' class='forumheader3'>";
|
||||
|
||||
|
||||
if ($user_perms == "0") {
|
||||
$text .= "<div class='fcaption' style='padding-left:3px;padding-right:3px;text-align:center;white-space:nowrap'>".LAN_MAINADMIN."</div>";
|
||||
}
|
||||
@@ -770,95 +701,96 @@ class users
|
||||
} else {
|
||||
$text .= " ";
|
||||
}
|
||||
|
||||
|
||||
$text .= "</td>";
|
||||
|
||||
|
||||
|
||||
// Display Chosen options -------------------------------------
|
||||
|
||||
$datefields = array("user_lastpost","user_lastvisit","user_join","user_currentvisit");
|
||||
$boleanfields = array("user_admin","user_hideemail","user_ban");
|
||||
|
||||
foreach($search_display as $disp)
|
||||
{
|
||||
$text .= "<td style='white-space:nowrap' class='forumheader3'>";
|
||||
if($disp == "user_class")
|
||||
{
|
||||
if ($user_class)
|
||||
{
|
||||
$tmp = explode(",", $user_class);
|
||||
while (list($key, $class_id) = each($tmp))
|
||||
|
||||
|
||||
|
||||
// Display Chosen options
|
||||
|
||||
$datefields = array("user_lastpost","user_lastvisit","user_join","user_currentvisit");
|
||||
$boleanfields = array("user_admin","user_hideemail","user_ban");
|
||||
|
||||
foreach($search_display as $disp)
|
||||
{
|
||||
$text .= ($class[$class_id] ? $class[$class_id]."<br />\n" : "");
|
||||
$text .= "<td style='white-space:nowrap' class='forumheader3'>";
|
||||
if($disp == "user_class")
|
||||
{
|
||||
if ($user_class)
|
||||
{
|
||||
$tmp = explode(",", $user_class);
|
||||
while (list($key, $class_id) = each($tmp))
|
||||
{
|
||||
$text .= ($class[$class_id] ? $class[$class_id]."<br />\n" : "");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= " ";
|
||||
}
|
||||
}
|
||||
elseif (in_array($disp,$boleanfields))
|
||||
{
|
||||
$text .= ($row[$disp]) ? ADMIN_TRUE_ICON : "";
|
||||
}
|
||||
elseif(in_array($disp,$datefields))
|
||||
{
|
||||
$text .= ($row[$disp]) ? strftime($pref['shortdate'],$row[$disp])." " : " ";
|
||||
}
|
||||
elseif($disp == "user_name")
|
||||
{
|
||||
$text .= "<a href='".e_BASE."user.php?id.{$row['user_id']}'>{$row['user_name']}</a>";
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= $row[$disp]." ";
|
||||
}
|
||||
if(!in_array($disp,$boleanfields) && isset($prev[$disp]) && $row[$disp] == $prev[$disp] && $prev[$disp] != "")
|
||||
{ // show matches
|
||||
$text .= " <b>*</b>";
|
||||
}
|
||||
|
||||
$text .= "</td>";
|
||||
$prev[$disp] = $row[$disp];
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= " ";
|
||||
}
|
||||
}elseif(in_array($disp,$boleanfields))
|
||||
{
|
||||
$text .= ($row[$disp]) ? ADMIN_TRUE_ICON : "";
|
||||
}
|
||||
elseif(in_array($disp,$datefields))
|
||||
{
|
||||
$text .= ($row[$disp]) ? strftime($pref['shortdate'],$row[$disp])." " : " ";
|
||||
}
|
||||
elseif($disp == "user_name")
|
||||
{
|
||||
$text .= "<a href='".e_BASE."user.php?id.{$row['user_id']}'>{$row['user_name']}</a>";
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= $row[$disp]." ";
|
||||
}
|
||||
if(!in_array($disp,$boleanfields) && isset($prev[$disp]) && $row[$disp] == $prev[$disp] && $prev[$disp] != "")
|
||||
{ // show matches
|
||||
$text .= " <b>*</b>";
|
||||
}
|
||||
|
||||
$text .= "</td>";
|
||||
$prev[$disp] = $row[$disp];
|
||||
}
|
||||
// -------------------------------------------------------------
|
||||
// -------------------------------------------------------------
|
||||
$qry = (e_QUERY) ? "?".e_QUERY : "";
|
||||
$text .= "
|
||||
<td style='width:30%;text-align:center' class='forumheader3'>
|
||||
<form method='post' action='".e_SELF.$qry."'>
|
||||
<div>
|
||||
|
||||
|
||||
<input type='hidden' name='userid' value='{$user_id}' />
|
||||
<input type='hidden' name='userip' value='{$user_ip}' />
|
||||
<select name='useraction' onchange='this.form.submit()' class='tbox' style='width:75%'>
|
||||
<option selected='selected' value=''> </option>";
|
||||
|
||||
|
||||
if ($user_perms != "0")
|
||||
{
|
||||
$text .= "<option value='userinfo'>".USRLAN_80."</option>
|
||||
<option value='usersettings'>".LAN_EDIT."</option>";
|
||||
switch ($user_ban)
|
||||
{
|
||||
case 0 :
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>\n";
|
||||
break;
|
||||
case 1 : // Banned user
|
||||
$text .= "<option value='unban'>".USRLAN_33."</option>\n";
|
||||
break;
|
||||
case 2 : // Unverified
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>
|
||||
<option value='verify'>".USRLAN_32."</option>
|
||||
<option value='resend'>".USRLAN_112."</option>
|
||||
<option value='test'>".USRLAN_118."</option>";
|
||||
break;
|
||||
case 3 : // Bounced
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>
|
||||
<option value='reqverify'>".USRLAN_181."</option>
|
||||
<option value='verify'>".USRLAN_182."</option>
|
||||
<option value='test'>".USRLAN_118."</option>";
|
||||
break;
|
||||
default :
|
||||
}
|
||||
<option value='usersettings'>".LAN_EDIT."</option>";
|
||||
switch ($user_ban)
|
||||
{
|
||||
case 0 :
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>\n";
|
||||
break;
|
||||
case 1 : // Banned user
|
||||
$text .= "<option value='unban'>".USRLAN_33."</option>\n";
|
||||
break;
|
||||
case 2 : // Unverified
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>
|
||||
<option value='verify'>".USRLAN_32."</option>
|
||||
<option value='resend'>".USRLAN_112."</option>
|
||||
<option value='test'>".USRLAN_118."</option>";
|
||||
break;
|
||||
case 3 : // Bounced
|
||||
$text .= "<option value='ban'>".USRLAN_30."</option>
|
||||
<option value='reqverify'>".USRLAN_181."</option>
|
||||
<option value='verify'>".USRLAN_182."</option>
|
||||
<option value='test'>".USRLAN_118."</option>";
|
||||
break;
|
||||
default :
|
||||
}
|
||||
if (!$user_admin && !$user_ban && $user_ban != 2 && getperms('3'))
|
||||
{
|
||||
$text .= "<option value='admin'>".USRLAN_35."</option>\n";
|
||||
@@ -867,7 +799,6 @@ class users
|
||||
{
|
||||
$text .= "<option value='unadmin'>".USRLAN_34."</option>\n";
|
||||
}
|
||||
|
||||
}
|
||||
if ($user_perms == "0" && !getperms("0"))
|
||||
{
|
||||
@@ -877,7 +808,7 @@ class users
|
||||
{
|
||||
$text .= "<option value='userclass'>".USRLAN_36."</option>\n";
|
||||
}
|
||||
|
||||
|
||||
if ($user_perms != "0")
|
||||
{
|
||||
$text .= "<option value='deluser'>".LAN_DELETE."</option>\n";
|
||||
@@ -888,7 +819,8 @@ class users
|
||||
$text .= "</table>";
|
||||
}
|
||||
|
||||
if($action == "unverified"){
|
||||
if($action == "unverified")
|
||||
{
|
||||
$text .= "
|
||||
<div style='text-align:center'>
|
||||
<br />
|
||||
@@ -899,13 +831,13 @@ class users
|
||||
$text .= " <input type='submit' class='button' name='resend_to_all' value=\"".USRLAN_144."\" />
|
||||
</form>
|
||||
</div>";
|
||||
|
||||
}
|
||||
|
||||
|
||||
$users = (e_QUERY != "unverified") ? $sql->db_Count("user"): $unverified;
|
||||
|
||||
if ($users > $amount && !$_POST['searchquery']) {
|
||||
if ($users > $amount && !$_POST['searchquery'])
|
||||
{
|
||||
$parms = "{$users},{$amount},{$from},".e_SELF."?".(e_QUERY ? "$action.$sub_action.$id." : "main.user_id.desc.")."[FROM]";
|
||||
$text .= "<br />".$tp->parseTemplate("{NEXTPREV={$parms}}");
|
||||
}
|
||||
@@ -920,34 +852,37 @@ class users
|
||||
$text .= "<div style='cursor:pointer' onclick=\"expandit('sdisp')\">".LAN_DISPLAYOPT."</div>";
|
||||
$text .= "<div id='sdisp' style='padding-top:4px;display:none;text-align:center;margin-left:auto;margin-right:auto'>
|
||||
<table class='forumheader3' style='width:95%'>";
|
||||
/*
|
||||
$fields = mysql_list_fields($mySQLdefaultdb, MPREFIX."user");
|
||||
$columns = mysql_num_fields($fields);
|
||||
for ($i = 0; $i < $columns; $i++) {
|
||||
for ($i = 0; $i < $columns; $i++)
|
||||
{
|
||||
$fname[] = mysql_field_name($fields, $i);
|
||||
}
|
||||
|
||||
*/
|
||||
$fname = array_keys($display_lan);
|
||||
// include extended fields in the list.
|
||||
$sql -> db_Select("user_extended_struct");
|
||||
while($row = $sql-> db_Fetch())
|
||||
{
|
||||
$fname[] = "user_".$row['user_extended_struct_name'];
|
||||
$fname[] = "user_".$row['user_extended_struct_name'];
|
||||
}
|
||||
$m = 0;
|
||||
foreach($fname as $fcol)
|
||||
{
|
||||
if($m == 0)
|
||||
{
|
||||
$text .= "<tr>";
|
||||
}
|
||||
$checked = (in_array($fcol,$search_display)) ? "checked='checked'" : "";
|
||||
$text .= "<td style='text-align:left; padding:0px'>";
|
||||
$text .= "<input type='checkbox' name='searchdisp[]' value='".$fcol."' $checked />".str_replace("user_","",$fcol) . "</td>\n";
|
||||
$m++;
|
||||
if($m == 5)
|
||||
{
|
||||
$text .= "</tr>";
|
||||
$m = 0;
|
||||
}
|
||||
if($m == 0)
|
||||
{
|
||||
$text .= "<tr>";
|
||||
}
|
||||
$checked = (in_array($fcol,$search_display)) ? "checked='checked'" : "";
|
||||
$text .= "<td style='text-align:left; padding:0px'>";
|
||||
$text .= "<input type='checkbox' name='searchdisp[]' value='".$fcol."' $checked />".str_replace("user_","",$fcol) . "</td>\n";
|
||||
$m++;
|
||||
if($m == 5)
|
||||
{
|
||||
$text .= "</tr>";
|
||||
$m = 0;
|
||||
}
|
||||
}
|
||||
|
||||
$text .= "</table></div>
|
||||
@@ -1008,72 +943,83 @@ class users
|
||||
$text = "<div style='text-align:center'>
|
||||
<form method='post' action='".e_SELF."?".e_QUERY."'>
|
||||
<table style='".ADMIN_WIDTH."' class='fborder'>
|
||||
<colgroup>
|
||||
<col style='width:60%' />
|
||||
<col style='width:40%' />
|
||||
</colgroup>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_44.":</td>
|
||||
<td style='width:50%' class='forumheader3'>". ($pref['avatar_upload'] ? "<input name='avatar_upload' type='radio' value='1' checked='checked' />".LAN_YES." <input name='avatar_upload' type='radio' value='0' />".LAN_NO : "<input name='avatar_upload' type='radio' value='1' />".LAN_YES." <input name='avatar_upload' type='radio' value='0' checked='checked' />".LAN_NO). (!FILE_UPLOADS ? " <span class='smalltext'>(".USRLAN_58.")</span>" : "")."
|
||||
<td class='forumheader3'>".USRLAN_44.":</td>
|
||||
<td class='forumheader3'>". ($pref['avatar_upload'] ? "<input name='avatar_upload' type='radio' value='1' checked='checked' />".LAN_YES." <input name='avatar_upload' type='radio' value='0' />".LAN_NO : "<input name='avatar_upload' type='radio' value='1' />".LAN_YES." <input name='avatar_upload' type='radio' value='0' checked='checked' />".LAN_NO). (!FILE_UPLOADS ? " <span class='smalltext'>(".USRLAN_58.")</span>" : "")."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_53.":</td>
|
||||
<td style='width:50%' class='forumheader3'>". ($pref['photo_upload'] ? "<input name='photo_upload' type='radio' value='1' checked='checked' />".LAN_YES." <input name='photo_upload' type='radio' value='0' />".LAN_NO : "<input name='photo_upload' type='radio' value='1' />".LAN_YES." <input name='photo_upload' type='radio' value='0' checked='checked' />".LAN_NO). (!FILE_UPLOADS ? " <span class='smalltext'>(".USRLAN_58.")</span>" : "")."
|
||||
<td class='forumheader3'>".USRLAN_53.":</td>
|
||||
<td class='forumheader3'>". ($pref['photo_upload'] ? "<input name='photo_upload' type='radio' value='1' checked='checked' />".LAN_YES." <input name='photo_upload' type='radio' value='0' />".LAN_NO : "<input name='photo_upload' type='radio' value='1' />".LAN_YES." <input name='photo_upload' type='radio' value='0' checked='checked' />".LAN_NO). (!FILE_UPLOADS ? " <span class='smalltext'>(".USRLAN_58.")</span>" : "")."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_47.":</td>
|
||||
<td style='width:50%' class='forumheader3'>
|
||||
<td class='forumheader3'>".USRLAN_47.":</td>
|
||||
<td class='forumheader3'>
|
||||
<input class='tbox' type='text' name='im_width' size='10' value='".$pref['im_width']."' maxlength='5' /> (".USRLAN_48.")
|
||||
</td></tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_49.":</td>
|
||||
<td style='width:50%' class='forumheader3'>
|
||||
<td class='forumheader3'>".USRLAN_49.":</td>
|
||||
<td class='forumheader3'>
|
||||
<input class='tbox' type='text' name='im_height' size='10' value='".$pref['im_height']."' maxlength='5' /> (".USRLAN_50.")
|
||||
</td></tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_126.":</td>
|
||||
<td style='width:50%;vertical-align:top' class='forumheader3'>". ($pref['profile_rate'] ? "<input name='profile_rate' type='radio' value='1' checked='checked' />".LAN_YES." <input name='profile_rate' type='radio' value='0' />".LAN_NO : "<input name='profile_rate' type='radio' value='1' />".LAN_YES." <input name='profile_rate' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
<td class='forumheader3'>".USRLAN_126.":</td>
|
||||
<td style='vertical-align:top' class='forumheader3'>". ($pref['profile_rate'] ? "<input name='profile_rate' type='radio' value='1' checked='checked' />".LAN_YES." <input name='profile_rate' type='radio' value='0' />".LAN_NO : "<input name='profile_rate' type='radio' value='1' />".LAN_YES." <input name='profile_rate' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_127.":</td>
|
||||
<td style='width:50%;vertical-align:top' class='forumheader3'>". ($pref['profile_comments'] ? "<input name='profile_comments' type='radio' value='1' checked='checked' />".LAN_YES." <input name='profile_comments' type='radio' value='0' />".LAN_NO : "<input name='profile_comments' type='radio' value='1' />".LAN_YES." <input name='profile_comments' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
<td class='forumheader3'>".USRLAN_127.":</td>
|
||||
<td style='vertical-align:top' class='forumheader3'>". ($pref['profile_comments'] ? "<input name='profile_comments' type='radio' value='1' checked='checked' />".LAN_YES." <input name='profile_comments' type='radio' value='0' />".LAN_NO : "<input name='profile_comments' type='radio' value='1' />".LAN_YES." <input name='profile_comments' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%;vertical-align:top' class='forumheader3'>".USRLAN_133.":<br /><span class='smalltext'>".USRLAN_134."</span></td>
|
||||
<td style='width:50%;vertical-align:top' class='forumheader3'>". ($pref['force_userupdate'] ? "<input name='force_userupdate' type='radio' value='1' checked='checked' />".LAN_YES." <input name='force_userupdate' type='radio' value='0' />".LAN_NO : "<input name='force_userupdate' type='radio' value='1' />".LAN_YES." <input name='force_userupdate' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
<td style='vertical-align:top' class='forumheader3'>".USRLAN_133.":<br /><span class='smalltext'>".USRLAN_134."</span></td>
|
||||
<td style='vertical-align:top' class='forumheader3'>". ($pref['force_userupdate'] ? "<input name='force_userupdate' type='radio' value='1' checked='checked' />".LAN_YES." <input name='force_userupdate' type='radio' value='0' />".LAN_NO : "<input name='force_userupdate' type='radio' value='1' />".LAN_YES." <input name='force_userupdate' type='radio' value='0' checked='checked' />".LAN_NO)."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
|
||||
<tr>
|
||||
<td style='width:50%;vertical-align:top' class='forumheader3'>".USRLAN_93."<br /><span class='smalltext'>".USRLAN_94."</span></td>
|
||||
<td style='width:50%' class='forumheader3'>
|
||||
<td style='vertical-align:top' class='forumheader3'>".USRLAN_93."<br /><span class='smalltext'>".USRLAN_94."</span></td>
|
||||
<td class='forumheader3'>
|
||||
<input class='tbox' type='text' name='del_unv' size='10' value='".$pref['del_unv']."' maxlength='5' /> ".USRLAN_95."
|
||||
</td></tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_130."<br /><span class='smalltext'>".USRLAN_131."</span></td>
|
||||
<td style='width:50%' class='forumheader3'>
|
||||
<td class='forumheader3'>".USRLAN_130."<br /><span class='smalltext'>".USRLAN_131."</span></td>
|
||||
<td class='forumheader3'>
|
||||
<input type='checkbox' name='track_online' value='1'".($pref['track_online'] ? " checked='checked'" : "")." /> ".USRLAN_132."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
|
||||
<tr>
|
||||
<td style='width:50%' class='forumheader3'>".USRLAN_146.":</td>
|
||||
<td style='width:50%' class='forumheader3'><select name='memberlist_access' class='tbox'>\n";
|
||||
<td class='forumheader3'>".USRLAN_146.":</td>
|
||||
<td class='forumheader3'><select name='memberlist_access' class='tbox'>\n";
|
||||
$text .= $e_userclass->vetted_tree('memberlist_access',array($e_userclass,'select'), $pref['memberlist_access'], "public,member,guest,admin,main,classes,nobody");
|
||||
$text .= "</select>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
|
||||
<tr>
|
||||
<td style='vertical-align:top' class='forumheader3'>".USRLAN_190."<br /><span class='smalltext'>".USRLAN_191."</span></td>
|
||||
<td class='forumheader3'>
|
||||
<input class='tbox' type='text' name='user_new_period' size='10' value='".varset($pref['user_new_period'],0)."' maxlength='5' /> ".USRLAN_192."
|
||||
</td></tr>
|
||||
|
||||
<tr>
|
||||
<td colspan='2' style='text-align:center' class='forumheader'>
|
||||
<input class='button' type='submit' name='update_options' value='".USRLAN_51."' />
|
||||
@@ -1136,14 +1082,14 @@ class users
|
||||
<tr>
|
||||
<td style='width:30%' class='forumheader3'>".USRLAN_61."</td>
|
||||
<td style='width:70%' class='forumheader3'>
|
||||
".$rs->form_text("name", 40, varset($user_data['user_name'],""), 30)."
|
||||
".$rs->form_text('username', 40, varset($user_data['user_name'],""), 30)."
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td style='width:30%' class='forumheader3'>".USRLAN_128."</td>
|
||||
<td style='width:70%' class='forumheader3'>
|
||||
".$rs->form_text("loginname", 40, varset($user_data['user_loginname'],""), 30)."
|
||||
".$rs->form_text('loginname', 40, varset($user_data['user_loginname'],""), 30)."
|
||||
".$rs->form_checkbox('generateloginname',1,varset($pref['predefinedLoginName'],FALSE)).USRLAN_170."
|
||||
</td>
|
||||
</tr>
|
||||
@@ -1177,7 +1123,7 @@ class users
|
||||
|
||||
|
||||
if (!isset($user_data['user_class'])) $user_data['user_class'] = varset($pref['initial_user_classes'],'');
|
||||
$temp = $e_userclass->vetted_tree('userclass',array($e_userclass,'checkbox_desc'), $user_data['user_class'], 'classes');
|
||||
$temp = $e_userclass->vetted_tree('class',array($e_userclass,'checkbox_desc'), $user_data['user_class'], 'classes');
|
||||
|
||||
|
||||
if ($temp)
|
||||
@@ -1191,7 +1137,7 @@ class users
|
||||
$text .= "
|
||||
<tr style='vertical-align:top'>
|
||||
<td colspan='2' style='text-align:center' class='forumheader'>
|
||||
<input class='button' type='checkbox' name='sendconfemail' value='1' />".USRLAN_151."
|
||||
<input class='button' type='checkbox' name='sendconfemail' value='1' />".USRLAN_181."
|
||||
</td></tr>
|
||||
<tr style='vertical-align:top'>
|
||||
<td colspan='2' style='text-align:center' class='forumheader'>
|
||||
@@ -1245,7 +1191,7 @@ class users
|
||||
{
|
||||
// echo str_replace("\n","<br>",$message);
|
||||
$admin_log->log_event('USET_11',str_replace(array('--ID--','--NAME--','--EMAIL--'),array($id,$name,$email),USRLAN_167),E_LOG_INFORMATIVE);
|
||||
$this->show_message(USRLAN_140.": <a href='mailto:".$email."?body=".$return_address."' title=\"".DUSRLAN_7."\" >".$name."</a> (".$row['user_language'].") ");
|
||||
$this->show_message(USRLAN_140.": <a href='mailto:".$email."?body=".$return_address."' title=\"".LAN_USER_08."\" >".$name."</a> (".$row['user_language'].") ");
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@@ -1,5 +1,5 @@
|
||||
//USAGE: {EXTENDED=<field_name>.[text|value|icon|text_value].<user_id>}
|
||||
//EXAMPLE: {EXTENDED=user_gender.value.5} will show the value of the extended field user_gender for user #5
|
||||
//USAGE: {USER_EXTENDED=<field_name>.[text|value|icon|text_value].<user_id>}
|
||||
//EXAMPLE: {USER_EXTENDED=user_gender.value.5} will show the value of the extended field user_gender for user #5
|
||||
include(e_LANGUAGEDIR.e_LANGUAGE."/lan_user_extended.php");
|
||||
$parms = explode(".", $parm);
|
||||
global $currentUser, $tp, $loop_uid, $e107, $imode, $sc_style;
|
||||
@@ -64,15 +64,15 @@ if($parms[1] == 'text_value')
|
||||
|
||||
if ($parms[1] == 'text')
|
||||
{
|
||||
$text_val = $ueStruct["user_".$parms[0]]['user_extended_struct_text'];
|
||||
if($text_val)
|
||||
{
|
||||
return (defined($text_val) ? constant($text_val) : $text_val);
|
||||
}
|
||||
else
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
$text_val = $ueStruct["user_".$parms[0]]['user_extended_struct_text'];
|
||||
if($text_val)
|
||||
{
|
||||
return (defined($text_val) ? constant($text_val) : $text_val);
|
||||
}
|
||||
else
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
if ($parms[1] == 'icon')
|
||||
|
@@ -12,8 +12,8 @@
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $
|
||||
| $Revision: 1.18 $
|
||||
| $Date: 2008-06-13 20:20:21 $
|
||||
| $Revision: 1.19 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
@@ -173,7 +173,7 @@ class userlogin
|
||||
}
|
||||
|
||||
|
||||
$userpass = ''; // Finished with any plaintext password - can get rid of it
|
||||
$userpass = ''; // Finished with any plaintext password - can get rid of it
|
||||
|
||||
|
||||
$ret = $e_event->trigger("preuserlogin", $username);
|
||||
@@ -197,53 +197,30 @@ class userlogin
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// User login definitely accepted here
|
||||
|
||||
|
||||
if($user_xup)
|
||||
{
|
||||
$this->update_xup($user_id, $user_xup);
|
||||
}
|
||||
|
||||
|
||||
$cookieval = $user_id.".".md5($lode['user_password']); // (Use extra md5 on cookie value to obscure hashed value for password)
|
||||
if ($pref['user_tracking'] == "session")
|
||||
{
|
||||
$_SESSION[$pref['cookie_name']] = $cookieval;
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($autologin == 1)
|
||||
{ // Cookie valid for up to 30 days
|
||||
cookie($pref['cookie_name'], $cookieval, (time() + 3600 * 24 * 30));
|
||||
}
|
||||
else
|
||||
{
|
||||
cookie($pref['cookie_name'], $cookieval);
|
||||
}
|
||||
}
|
||||
|
||||
// User login definitely accepted here
|
||||
$cookieval = $user_info->makeUserCookie($lode,$autologin);
|
||||
|
||||
|
||||
// Calculate class membership - needed for a couple of things
|
||||
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
|
||||
$class_list = explode(',',$lode['user_class']);
|
||||
if ($lode['user_admin'] && strlen($lode['user_perms']))
|
||||
{
|
||||
$class_list[] = e_UC_ADMIN;
|
||||
if (strpos($lode['user_perms'],'0') === 0)
|
||||
{
|
||||
$class_list[] = e_UC_MAINADMIN;
|
||||
}
|
||||
}
|
||||
$class_list[] = e_UC_MEMBER;
|
||||
$class_list[] = e_UC_PUBLIC;
|
||||
$class_list = $user_info->addCommonClasses($lode, TRUE);
|
||||
|
||||
$user_logging_opts = array_flip(explode(',',varset($pref['user_audit_opts'],'')));
|
||||
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'],''),$class_list))
|
||||
{ // Need to note in user audit trail
|
||||
$admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
|
||||
$admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
|
||||
}
|
||||
|
||||
$edata_li = array("user_id" => $user_id, "user_name" => $username, 'class_list' => implode(',',$class_list), 'remember_me' => $autologin);
|
||||
$edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list), 'remember_me' => $autologin);
|
||||
$e_event->trigger("login", $edata_li);
|
||||
|
||||
if($_E107['cli'])
|
||||
@@ -251,6 +228,19 @@ class userlogin
|
||||
return $cookieval;
|
||||
}
|
||||
|
||||
if (in_array(e_UC_NEWUSER,$class_list))
|
||||
{
|
||||
if (time() > ($lode['user_join'] + (varset($pref['user_new_period'],0)*86400)))
|
||||
{ // 'New user' probationary period expired - we can take them out of the class
|
||||
$lode['user_class'] = $e107->user_class->ucRemove(e_UC_NEWUSER, $lode['user_class']);
|
||||
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login new user complete",$lode['user_class'],FALSE,FALSE);
|
||||
$sql->db_UpdateArray('user',array('user_class' => $lode['user_class']), 'WHERE `user_id`='.$lode['user_id']);
|
||||
unset($class_list[e_UC_NEWUSER]);
|
||||
$edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list));
|
||||
$e_event->trigger('userNotNew', $edata_li);
|
||||
}
|
||||
}
|
||||
|
||||
$redir = e_SELF;
|
||||
if (e_QUERY) $redir .= '?'.str_replace('&','&',e_QUERY);
|
||||
if (isset($pref['frontpage_force']) && is_array($pref['frontpage_force']))
|
||||
|
@@ -11,9 +11,9 @@
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_handlers/user_extended_class.php,v $
|
||||
| $Revision: 1.19 $
|
||||
| $Date: 2008-12-18 15:28:59 $
|
||||
| $Author: mcfly_e107 $
|
||||
| $Revision: 1.20 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
|
||||
@@ -80,9 +80,9 @@ class e107_user_extended
|
||||
$this->reserved_names = array (
|
||||
'id', 'name', 'loginname', 'customtitle', 'password',
|
||||
'sess', 'email', 'signature', 'image', 'hideemail',
|
||||
'join', 'lastvisit', 'currentvisit', 'lastpost', 'chats',
|
||||
'join', 'lastvisit', 'currentvisit', 'chats',
|
||||
'comments', 'forums', 'ip', 'ban', 'prefs', 'viewed',
|
||||
'visits', 'admin', 'login', 'class', 'perms', 'realm', 'pwchange',
|
||||
'visits', 'admin', 'login', 'class', 'perms', 'pwchange',
|
||||
'xup'
|
||||
);
|
||||
|
||||
|
@@ -1,32 +1,34 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system
|
||||
|
|
||||
| <20>Steve Dunstan 2001-2002
|
||||
| http://e107.org
|
||||
| jalist@e107.org
|
||||
|
|
||||
| Released under the terms and conditions of the
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_handlers/user_handler.php,v $
|
||||
| $Revision: 1.2 $
|
||||
| $Date: 2008-08-26 19:45:12 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* Handler - user-related functions
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/e107_handlers/user_handler.php,v $
|
||||
* $Revision: 1.3 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
USER HANDLER CLASS - manages login and various user functions
|
||||
|
||||
Vetting routines TODO:
|
||||
user_sess processing
|
||||
user_image processing
|
||||
user_xup processing - nothing special?
|
||||
*/
|
||||
|
||||
|
||||
if (!defined('e107_INIT')) { exit; }
|
||||
|
||||
|
||||
// Codes for `user_ban` field (not all used ATM)
|
||||
define('USER_VALIDATED',0);
|
||||
define('USER_BANNED',1);
|
||||
define('USER_REGISTERED_NOT_VALIDATED',2);
|
||||
@@ -46,17 +48,69 @@ define('PASSWORD_VALID',TRUE);
|
||||
define ('PASSWORD_DEFAULT_TYPE',PASSWORD_E107_MD5);
|
||||
//define ('PASSWORD_DEFAULT_TYPE',PASSWORD_E107_SALT);
|
||||
|
||||
// Required language file - if not loaded elsewhere, uncomment next line
|
||||
//include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
|
||||
|
||||
class UserHandler
|
||||
{
|
||||
var $userVettingInfo = array();
|
||||
var $preferred = PASSWORD_DEFAULT_TYPE; // Preferred password format
|
||||
var $passwordOpts = 0; // Copy of pref
|
||||
var $passwordEmail = FALSE; // True if can use email address to log in
|
||||
var $otherFields = array();
|
||||
|
||||
// Constructor
|
||||
function UserHandler()
|
||||
{
|
||||
global $pref;
|
||||
|
||||
/*
|
||||
Table of vetting methods for user data - lists every field whose value could be set manually.
|
||||
Valid 'vetMethod' values (use comma separated list for multiple vetting):
|
||||
0 - Null method
|
||||
1 - Check for duplicates
|
||||
2 - Check against $pref['signup_disallow_text']
|
||||
|
||||
Index is the destination field name. If the source index name is different, specify 'srcName' in the array.
|
||||
|
||||
Possible processing options:
|
||||
'doToDB' - passes final value through $tp->toDB()
|
||||
'stripTags' - strips HTML tags from the value (not an error if there are some)
|
||||
'minLength' - minimum length (in utf-8 characters) for the string
|
||||
'maxLength' - minimum length (in utf-8 characters) for the string
|
||||
'longTrim' - if set, and the string exceeds maxLength, its trimmed
|
||||
'enablePref' - value is processed only if the named $pref evaluates to true; otherwise any input is discarded without error
|
||||
*/
|
||||
$this->userVettingInfo = array(
|
||||
'user_name' => array('niceName'=> LAN_USER_01, 'vetMethod' => '1,2', 'vetParam' => 'signup_disallow_text', 'srcName' => 'username', 'stripTags' => TRUE, 'stripChars' => '/ |\#|\=|\$/', fixedBlock => 'anonymous', 'minLength' => 2, 'maxLength' => varset($pref['displayname_maxlength'],15)), // Display name
|
||||
'user_loginname' => array('niceName'=> LAN_USER_02, 'vetMethod' => '1', 'vetParam' => '', 'srcName' => 'loginname', 'stripTags' => TRUE, 'stripChars' => '/ |\#|\=|\$/', 'minLength' => 2, 'maxLength' => varset($pref['loginname_maxlength'],30)), // User name
|
||||
'user_login' => array('niceName'=> LAN_USER_03, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'realname', 'dbClean' => 'toDB'), // Real name (no real vetting)
|
||||
'user_customtitle' => array('niceName'=> LAN_USER_04, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'customtitle', 'dbClean' => 'toDB', 'enablePref' => 'signup_option_customtitle'), // No real vetting
|
||||
'user_password' => array('niceName'=> LAN_USER_05, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'password1', 'minLength' => varset($pref['signup_pass_len'],1)),
|
||||
'user_sess' => array('niceName'=> LAN_USER_06, 'vetMethod' => '0', 'vetParam' => '', 'dbClean' => 'toDB'), // Photo
|
||||
'user_image' => array('niceName'=> LAN_USER_07, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'image', 'dbClean' => 'toDB'), // Avatar
|
||||
'user_email' => array('niceName'=> LAN_USER_08, 'vetMethod' => '1', 'vetParam' => '', 'srcName' => 'email', 'dbClean' => 'toDB'),
|
||||
'user_signature' => array('niceName'=> LAN_USER_09, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'signature', 'dbClean' => 'toDB'),
|
||||
'user_hideemail' => array('niceName'=> LAN_USER_10, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'hideemail', 'dbClean' => 'intval'),
|
||||
'user_xup' => array('niceName'=> LAN_USER_11, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'user_xup', 'dbClean' => 'toDB'),
|
||||
'user_class' => array('niceName'=> LAN_USER_12, 'vetMethod' => '0', 'vetParam' => '', 'srcName' => 'class', 'dataType' => '1')
|
||||
);
|
||||
|
||||
$this->otherFields = array(
|
||||
'user_join' => LAN_USER_14,
|
||||
'user_lastvisit' => LAN_USER_15,
|
||||
'user_currentvisit' => LAN_USER_16,
|
||||
'user_comments' => LAN_USER_17,
|
||||
'user_ip' => LAN_USER_18,
|
||||
'user_ban' => LAN_USER_19,
|
||||
'user_prefs' => LAN_USER_20,
|
||||
'user_visits' => LAN_USER_21,
|
||||
'user_admin' => LAN_USER_22,
|
||||
'user_perms' => LAN_USER_23,
|
||||
'user_pwchange' => LAN_USER_24
|
||||
// user_chats int(10) unsigned NOT NULL default '0',
|
||||
);
|
||||
|
||||
$this->passwordOpts = varset($pref['passwordEncoding'],0);
|
||||
$this->passwordEmail = varset($pref['allowEmailLogin'],FALSE);
|
||||
switch ($this->passwordOpts)
|
||||
@@ -142,17 +196,26 @@ class UserHandler
|
||||
// Returns TRUE if change required, FALSE otherwise
|
||||
function isPasswordRequired($fieldName)
|
||||
{
|
||||
if ($this->preferred == PASSWORD_E107_MD5) return FALSE;
|
||||
switch ($fieldName)
|
||||
{
|
||||
case 'user_email' :
|
||||
return $this->passwordEmail;
|
||||
case 'user_loginname' :
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
if ($this->preferred == PASSWORD_E107_MD5) return FALSE;
|
||||
switch ($fieldName)
|
||||
{
|
||||
case 'user_email' :
|
||||
return $this->passwordEmail;
|
||||
case 'user_loginname' :
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Determines whether its necessary to store a separate password for email address validation
|
||||
function needEmailPassword()
|
||||
{
|
||||
if ($this->preferred == PASSWORD_E107_MD5) return FALSE;
|
||||
if ($this->passwordEmail) return TRUE;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
// Checks whether the password value can be converted to the current default
|
||||
// Returns TRUE if conversion possible.
|
||||
@@ -250,7 +313,7 @@ class UserHandler
|
||||
function make_email_query($email, $fieldname = 'banlist_ip')
|
||||
{
|
||||
global $tp;
|
||||
$tmp = strtolower($tp -> toDB(trim(substr($email, strrpos($email, "@")+1))));
|
||||
$tmp = strtolower($tp -> toDB(trim(substr($email, strrpos($email, "@")+1)))); // Pull out the domain name
|
||||
if ($tmp == '') return FALSE;
|
||||
if (strpos($tmp,'.') === FALSE) return FALSE;
|
||||
$em = array_reverse(explode('.',$tmp));
|
||||
@@ -259,103 +322,13 @@ class UserHandler
|
||||
foreach ($em as $e)
|
||||
{
|
||||
$line = '.'.$e.$line;
|
||||
$out[] = $fieldname."='*{$line}'";
|
||||
$out[] = '`'.$fieldname."`='*{$line}'";
|
||||
}
|
||||
return implode(' OR ',$out);
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Validate a standard user field (for length, acceptable characters etc).
|
||||
// Returns TRUE if totally acceptable
|
||||
// If $justStrip is FALSE, returns FALSE for an unacceptable value
|
||||
// If $justStrip is TRUE, usually returns a new value (based on that passed) which does validate - usually characters stripped, length trimmed etc
|
||||
// Note: will return FALSE for some input values regardless of the setting of $justStrip
|
||||
// Currently coded to always return TRUE if field name not recognised
|
||||
function validateField($fieldName,$fieldValue, $justStrip = FALSE)
|
||||
{
|
||||
global $pref;
|
||||
$newValue = $fieldValue;
|
||||
switch ($fieldName)
|
||||
{
|
||||
case 'user_loginname' :
|
||||
$newValue = trim(preg_replace('/ |\#|\=|\$/', "", strip_tags($fieldValue)));
|
||||
$newValue = substr($newValue,0,varset($pref['loginname_maxlength'],30));
|
||||
if (strlen($newValue) < 2) return FALSE; // Always an error if a short string
|
||||
break;
|
||||
case 'user_password' :
|
||||
if (strlen($fieldValue) < $pref['signup_pass_len']) return FALSE;
|
||||
break;
|
||||
}
|
||||
if ($justStrip)
|
||||
{
|
||||
return $newValue;
|
||||
}
|
||||
else
|
||||
{
|
||||
return ($newValue == $fieldValue);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Takes an array of $_POST fields whose first characters match $prefix, and passes them through the validateField routine
|
||||
// Returns three arrays - one of validated results, one of failed fields and one of errors corresponding to the failed fields
|
||||
function validatePostList($prefix = '', $doToDB = TRUE, $justStrip = FALSE)
|
||||
{
|
||||
global $tp;
|
||||
$ret = array('validate' => array(), 'failed' => array(), 'errors' => array());
|
||||
foreach ($_POST as $k => $v)
|
||||
{
|
||||
if (($prefix == '') || (strpos($k,$prefix) === 0))
|
||||
{ // Field to validate
|
||||
$result = $this->validateField($k,$v,$justStrip);
|
||||
if ($result === FALSE)
|
||||
{ // error
|
||||
$ret['failed'][$k] = $v;
|
||||
$ret['errors'][$k] = TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($doToTB) $result = $tp->toDB($result);
|
||||
$ret['validate'][$k] = $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
// Takes an array of $_POST field names specified in comma-separated form in $fieldlist (blank = 'all'), and passes them through the validateField routine
|
||||
// Returns three arrays - one of validated results, one of failed fields and one of errors corresponding to the failed fields
|
||||
function validatePostFields($fieldList = '', $doToDB = TRUE, $justStrip = FALSE)
|
||||
{
|
||||
global $tp;
|
||||
$ret = array('validate' => array(), 'failed' => array(), 'errors' => array());
|
||||
if ($fieldList == '')
|
||||
{
|
||||
$fieldArray = array_keys($_POST);
|
||||
}
|
||||
else
|
||||
{
|
||||
$fieldArray = explode(',',$fieldList);
|
||||
}
|
||||
foreach ($fieldArray as $k)
|
||||
{
|
||||
$k = trim($k);
|
||||
$result = $this->validateField($k,$_POST[$k],$justStrip);
|
||||
if ($result === FALSE)
|
||||
{ // error
|
||||
$ret['failed'][$k] = $_POST[$k];
|
||||
$ret['errors'][$k] = TRUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($doToTB) $result = $tp->toDB($result);
|
||||
$ret['validate'][$k] = $result;
|
||||
}
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
function makeUserCookie($lode,$autologin = FALSE)
|
||||
{
|
||||
global $pref;
|
||||
@@ -377,6 +350,188 @@ class UserHandler
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Generate an array of all the basic classes a user belongs to
|
||||
// if $asArray TRUE, returns results in an array; else as a comma-separated string
|
||||
// If $incInherited is TRUE, includes inherited classes
|
||||
function addCommonClasses($userData, $asArray = FALSE, $incInherited = FALSE)
|
||||
{
|
||||
if ($incInherited)
|
||||
{
|
||||
$classList = array();
|
||||
global $e_userclass;
|
||||
if (!isset($e_userclass) && !is_object($e_userclass))
|
||||
{
|
||||
require_once(e_HANDLER."userclass_class.php");
|
||||
$e_userclass = new user_class;
|
||||
}
|
||||
$classList = $e_userclass->get_all_user_classes($var['user_class']);
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($userData['user_class'] != '') $classList = explode(',',$userData['user_class']);
|
||||
}
|
||||
foreach (array(e_UC_MEMBER, e_UC_READONLY, e_UC_PUBLIC) as $c)
|
||||
{
|
||||
if (!in_array($c,$classList))
|
||||
{
|
||||
$classList[] = $c;
|
||||
}
|
||||
}
|
||||
if ((varset($userData['user_admin'],0) == 1) && strlen($userData['user_perms']))
|
||||
{
|
||||
$classList[] = e_UC_ADMIN;
|
||||
if (strpos($userData['user_perms'],'0') === 0)
|
||||
{
|
||||
$classList[] = e_UC_MAINADMIN;
|
||||
}
|
||||
}
|
||||
if ($asArray) return $classList;
|
||||
return implode(',',$classList);
|
||||
}
|
||||
|
||||
|
||||
// Return an array of descriptive names for each field in the user DB. If $all is false, just returns the modifiable ones. Else returns all
|
||||
function getNiceNames($all = FALSE)
|
||||
{
|
||||
// $ret = array('user_id' => LAN_USER_13);
|
||||
foreach ($this->userVettingInfo as $k => $v)
|
||||
{
|
||||
$ret[$k] = $v['niceName'];
|
||||
}
|
||||
if ($all)
|
||||
{
|
||||
$ret = array_merge($ret, $this->otherFields);
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
//===================================================
|
||||
// User Field validation
|
||||
//===================================================
|
||||
|
||||
/* $_POST field names:
|
||||
|
||||
DB signup usersettings quick add function
|
||||
------------------------------------------------------------------------------
|
||||
user_id - user_id - Unique user ID
|
||||
user_name name username username Display name
|
||||
user_loginname loginname loginname loginname User name (login name)
|
||||
user_customtitle - customtitle - Custom title
|
||||
user_password password1 password1 password1 Password (prior to encoding)
|
||||
password2 password2 password1 (Check password field)
|
||||
user_sess * - Photo (file on server)
|
||||
user_email email email email Email address
|
||||
email_confirm
|
||||
user_signature signature signature - User signature
|
||||
user_image image image* - Avatar (may be external URL or file on server)
|
||||
user_hideemail hideemail hideemail - Flag to hide user's email address
|
||||
user_login realname realname realname User Real name
|
||||
user_xup xupexist user_xup - XUP file link
|
||||
user_class class class userclass User class (array on form)
|
||||
|
||||
user_loginname may be auto-generated
|
||||
* avatar (user_image) and photo (user_sess) may be uploaded files
|
||||
|
||||
Following fields auto-filled in code as required:
|
||||
user_join
|
||||
user_lastvisit
|
||||
user_currentvisit
|
||||
user_chats
|
||||
user_comments
|
||||
user_forums
|
||||
user_ip
|
||||
user_ban
|
||||
user_prefs
|
||||
user_viewed
|
||||
user_visits
|
||||
user_admin
|
||||
user_perms
|
||||
user_pwchange
|
||||
|
||||
*/
|
||||
// Function does validation specific to user data. Updates the $targetData array as appropriate.
|
||||
// Returns TRUE if nothing updated; FALSE if errors found (only checks data previously passed as good)
|
||||
function userValidation(&$targetData)
|
||||
{
|
||||
global $e107, $pref;
|
||||
$u_sql = new db;
|
||||
$ret = TRUE;
|
||||
if (isset($targetData['validate']['user_email']))
|
||||
{
|
||||
$v = trim($targetData['validate']['user_email']); // Always check email address if its entered
|
||||
if ($v == '')
|
||||
{
|
||||
$errMsg = ERR_MISSING_VALUE;
|
||||
}
|
||||
elseif (!check_email($v))
|
||||
{
|
||||
$errMsg = ERR_INVALID_EMAIL;
|
||||
}
|
||||
elseif ($u_sql->db_Count('user', '(*)', "WHERE `user_email`='".$v."' AND `user_ban`=1 "))
|
||||
{
|
||||
$errMsg = ERR_BANNED_USER;
|
||||
}
|
||||
else
|
||||
{ // See if email address banned
|
||||
$wc = $this->make_email_query($v); // Generate the query for the ban list
|
||||
if ($wc) { $wc = "`banlist_ip`='{$v}' OR ".$wc; }
|
||||
if (($wc === FALSE) || !$e107->check_ban($wc, FALSE, TRUE))
|
||||
{
|
||||
echo "Email banned<br />";
|
||||
$errMsg = ERR_BANNED_EMAIL;
|
||||
}
|
||||
}
|
||||
if ($errMsg)
|
||||
{
|
||||
unset($targetData['validate']['user_email']); // Remove the valid entry
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!isset($targetData['errors']['user_email']) && !varset($pref['disable_emailcheck'],FALSE))
|
||||
{ // We may have already picked up an error on the email address - or it may be allowed to be empty
|
||||
$errMsg = ERR_MISSING_VALUE;
|
||||
}
|
||||
}
|
||||
if ($errMsg)
|
||||
{ // Update the error
|
||||
$targetData['errors']['user_email'] = $errMsg;
|
||||
$targetData['failed']['user_email'] = $v;
|
||||
$ret = FALSE;
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
// Given an array of user data intended to be written to the DB, adds empty strings (or other default value) for any field which doesn't have a default in the SQL definition.
|
||||
// (Avoids problems with MySQL in STRICT mode.).
|
||||
// Returns TRUE if additions made, FALSE if no change.
|
||||
function addNonDefaulted(&$userInfo)
|
||||
{
|
||||
$nonDefaulted = array('user_signature' => '', 'user_prefs' => '', 'user_class' => '', 'user_perms' => '');
|
||||
$ret = FALSE;
|
||||
foreach ($nonDefaulted as $k => $v)
|
||||
{
|
||||
if (!isset($userInfo[$k]))
|
||||
{
|
||||
$userInfo[$k] = $v;
|
||||
$ret = TRUE;
|
||||
}
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
// Delete time-expired partial registrations from the user DB
|
||||
function deleteExpired()
|
||||
{
|
||||
global $pref, $sql;
|
||||
if (isset($pref['del_unv']) && $pref['del_unv'] && $pref['user_reg_veri'] != 2)
|
||||
{
|
||||
$threshold=(time() - ($pref['del_unv'] * 60));
|
||||
$sql->db_Delete("user", "user_ban = 2 AND user_join < '{$threshold}' ");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
?>
|
||||
|
@@ -11,9 +11,9 @@
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $
|
||||
| $Revision: 1.23 $
|
||||
| $Date: 2008-12-12 22:39:17 $
|
||||
| $Author: secretr $
|
||||
| $Revision: 1.24 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
|
||||
@@ -26,7 +26,7 @@ if (!defined('e107_INIT')) { exit; }
|
||||
|
||||
require_once(e_HANDLER.'arraystorage_class.php');
|
||||
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_userclass.php");
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_userclass.php');
|
||||
|
||||
|
||||
/*
|
||||
@@ -39,10 +39,9 @@ define("e_UC_MEMBER", 253);
|
||||
define("e_UC_ADMIN", 254);
|
||||
define("e_UC_NOBODY", 255);
|
||||
*/
|
||||
// Move these definitions to class2.php later if they're adopted
|
||||
define("e_UC_ADMINMOD",249);
|
||||
define("e_UC_MODS",248);
|
||||
//define("e_UC_USERS",247);
|
||||
define('e_UC_ADMINMOD',249);
|
||||
define('e_UC_MODS',248);
|
||||
define('e_UC_NEWUSER',247); // Users in 'probationary' period
|
||||
define('e_UC_SPECIAL_BASE',245); // Assign class IDs 245 and above for fixed/special purposes
|
||||
|
||||
define('UC_CLASS_ICON_DIR','userclasses/'); // Directory for userclass icons
|
||||
@@ -77,11 +76,12 @@ class user_class
|
||||
e_UC_MEMBER => UC_LAN_3,
|
||||
e_UC_ADMIN => UC_LAN_5,
|
||||
e_UC_MAINADMIN => UC_LAN_6,
|
||||
e_UC_READONLY => UC_LAN_4
|
||||
e_UC_READONLY => UC_LAN_4,
|
||||
e_UC_NEWUSER => UC_LAN_9
|
||||
);
|
||||
|
||||
$this->text_class_link = array('public' => e_UC_PUBLIC, 'guest' => e_UC_GUEST, 'nobody' => e_UC_NOBODY, 'member' => e_UC_MEMBER,
|
||||
'admin' => e_UC_ADMIN, 'main' => e_UC_MAINADMIN, 'readonly' => e_UC_READONLY);
|
||||
'admin' => e_UC_ADMIN, 'main' => e_UC_MAINADMIN, 'readonly' => e_UC_READONLY, 'new' => e_UC_NEWUSER);
|
||||
|
||||
$this->readTree(TRUE); // Initialise the classes on entry
|
||||
}
|
||||
@@ -121,8 +121,18 @@ class user_class
|
||||
{
|
||||
if (!isset($this->class_tree[$c]) && ($c != e_UC_PUBLIC))
|
||||
{
|
||||
// $this->class_tree[$c]['userclass_parent'] = (($c == e_UC_MEMBER) || ($c == e_UC_NOBODY)) ? e_UC_PUBLIC : e_UC_MEMBER;
|
||||
$this->class_tree[$c]['userclass_parent'] = (($c == e_UC_ADMIN) || ($c == e_UC_MAINADMIN)) ? e_UC_MEMBER : e_UC_PUBLIC ;
|
||||
switch ($c)
|
||||
{
|
||||
case e_UC_ADMIN :
|
||||
case e_UC_MAINADMIN :
|
||||
$this->class_tree[$c]['userclass_parent'] = e_UC_NOBODY;
|
||||
break;
|
||||
case e_UC_NEWUSER :
|
||||
$this->class_tree[$c]['userclass_parent'] = e_UC_MEMBER;
|
||||
break;
|
||||
default :
|
||||
$this->class_tree[$c]['userclass_parent'] = e_UC_PUBLIC;
|
||||
}
|
||||
$this->class_tree[$c]['userclass_id'] = $c;
|
||||
$this->class_tree[$c]['userclass_name'] = $d;
|
||||
$this->class_tree[$c]['userclass_description'] = 'Fixed class';
|
||||
@@ -236,6 +246,7 @@ class user_class
|
||||
readonly
|
||||
admin
|
||||
main - main admin
|
||||
new - new users
|
||||
classes - shows all classes
|
||||
matchclass - if 'classes' is set, this option will only show the classes that the user is a member of
|
||||
language - list of languages.
|
||||
@@ -250,9 +261,9 @@ class user_class
|
||||
*/
|
||||
function uc_dropdown($fieldname, $curval = 0, $optlist = "", $extra_js = '')
|
||||
{
|
||||
global $pref;
|
||||
global $pref;
|
||||
|
||||
$show_classes = $this->uc_required_class_list($optlist);
|
||||
$show_classes = $this->uc_required_class_list($optlist);
|
||||
|
||||
$text = '';
|
||||
foreach ($show_classes as $k => $v)
|
||||
@@ -328,7 +339,7 @@ class user_class
|
||||
// if (isset($opt_arr[$k]) || isset($opt_arr['force']))
|
||||
if (isset($opt_arr[$k]))
|
||||
{
|
||||
$ret[$v] = $just_ids ? '1' : $this->fixed_classes[$v];
|
||||
$ret[$v] = $just_ids ? '1' : $this->fixed_classes[$v];
|
||||
}
|
||||
}
|
||||
|
||||
@@ -362,7 +373,7 @@ class user_class
|
||||
$ret[e_UC_READONLY] = $this->class_tree[e_UC_READONLY]['userclass_description'];
|
||||
}
|
||||
*/
|
||||
return $ret;
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
@@ -421,44 +432,44 @@ class user_class
|
||||
$current_value is a single class number for single-select dropdown; comma separated array of class numbers for checkbox list or multi-select
|
||||
$optlist works the same as for other class displays
|
||||
*/
|
||||
function vetted_sub_tree($treename, $callback,$listnum,$nest_level,$current_value, $perms)
|
||||
{
|
||||
$ret = '';
|
||||
$nest_level++;
|
||||
foreach ($this->class_tree[$listnum]['class_children'] as $p)
|
||||
function vetted_sub_tree($treename, $callback,$listnum,$nest_level,$current_value, $perms)
|
||||
{
|
||||
// Looks like we don't need to differentiate between function and class calls
|
||||
if (isset($perms[$p]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, $p,$current_value,$nest_level);
|
||||
}
|
||||
$ret .= $this->vetted_sub_tree($treename, $callback,$p,$nest_level,$current_value, $perms);
|
||||
$ret = '';
|
||||
$nest_level++;
|
||||
foreach ($this->class_tree[$listnum]['class_children'] as $p)
|
||||
{
|
||||
// Looks like we don't need to differentiate between function and class calls
|
||||
if (isset($perms[$p]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, $p,$current_value,$nest_level);
|
||||
}
|
||||
$ret .= $this->vetted_sub_tree($treename, $callback,$p,$nest_level,$current_value, $perms);
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
function vetted_tree($treename, $callback='', $current_value='', $optlist = '')
|
||||
{
|
||||
$ret = '';
|
||||
if (!$callback) $callback=array($this,'select');
|
||||
$current_value = str_replace(' ','',$current_value); // Simplifies parameter passing for the tidy-minded
|
||||
function vetted_tree($treename, $callback='', $current_value='', $optlist = '')
|
||||
{
|
||||
$ret = '';
|
||||
if (!$callback) $callback=array($this,'select');
|
||||
$current_value = str_replace(' ','',$current_value); // Simplifies parameter passing for the tidy-minded
|
||||
|
||||
$perms = $this->uc_required_class_list($optlist,TRUE); // List of classes which we can display
|
||||
if (isset($perms[e_UC_BLANK]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, e_UC_BLANK, $current_value,0);
|
||||
$perms = $this->uc_required_class_list($optlist,TRUE); // List of classes which we can display
|
||||
if (isset($perms[e_UC_BLANK]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, e_UC_BLANK, $current_value,0);
|
||||
}
|
||||
foreach ($this->class_parents as $p)
|
||||
{
|
||||
if (isset($perms[$p]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, $p,$current_value,0);
|
||||
}
|
||||
$ret .= $this->vetted_sub_tree($treename, $callback,$p,0, $current_value, $perms);
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
foreach ($this->class_parents as $p)
|
||||
{
|
||||
if (isset($perms[$p]))
|
||||
{
|
||||
$ret .= call_user_func($callback,$treename, $p,$current_value,0);
|
||||
}
|
||||
$ret .= $this->vetted_sub_tree($treename, $callback,$p,0, $current_value, $perms);
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
// Callback for vetted_tree - Creates the option list for a selection box
|
||||
@@ -595,6 +606,20 @@ class user_class
|
||||
return FALSE; // not found
|
||||
}
|
||||
|
||||
|
||||
// Utility to remove a specified class ID from the default comma-separated list
|
||||
function ucRemove($classID, $from, $asArray = FALSE)
|
||||
{
|
||||
$tmp = array_flip(explode(',',$from));
|
||||
if (isset($tmp[$classID]))
|
||||
{
|
||||
unset($tmp[$classID]);
|
||||
}
|
||||
$tmp = array_keys($tmp);
|
||||
if ($asArray) { return $tmp; }
|
||||
return implode(',',$tmp);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
Return all users in a particular class or set of classes.
|
||||
@@ -1162,6 +1187,12 @@ class user_class_admin extends user_class
|
||||
'userclass_editclass' => e_UC_MAINADMIN,
|
||||
'userclass_parent' => e_UC_ADMINMOD,
|
||||
'userclass_visibility' => e_UC_MEMBER
|
||||
),
|
||||
array('userclass_id' => e_UC_NEWUSER, 'userclass_name' => UC_LAN_9,
|
||||
'userclass_description' => UCSLAN_87,
|
||||
'userclass_editclass' => e_UC_MAINADMIN,
|
||||
'userclass_parent' => e_UC_MEMBER,
|
||||
'userclass_visibility' => e_UC_ADMIN
|
||||
)
|
||||
);
|
||||
|
||||
|
378
e107_handlers/validator_class.php
Normal file
378
e107_handlers/validator_class.php
Normal file
@@ -0,0 +1,378 @@
|
||||
<?php
|
||||
/*
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* Handler - general purpose validation functions
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/e107_handlers/validator_class.php,v $
|
||||
* $Revision: 1.1 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
|
||||
// List of error numbers which may be returned from validation
|
||||
define('ERR_MISSING_VALUE','01');
|
||||
define('ERR_UNEXPECTED_VALUE','02');
|
||||
define('ERR_INVALID_CHARS', '03');
|
||||
define('ERR_TOO_SHORT', '04');
|
||||
define('ERR_TOO_LONG', '05');
|
||||
define('ERR_DUPLICATE', '06');
|
||||
define('ERR_DISALLOWED_TEXT', '07');
|
||||
define('ERR_FIELD_DISABLED', '08');
|
||||
define('ERR_INVALID_WORD', '09');
|
||||
define('ERR_PASSWORDS_DIFFERENT', '10');
|
||||
define('ERR_BANNED_EMAIL', '11');
|
||||
define('ERR_INVALID_EMAIL', '12');
|
||||
define('ERR_ARRAY_EXPECTED', '13');
|
||||
define('ERR_BANNED_USER', '14');
|
||||
define('ERR_FIELDS_DIFFERENT', '15');
|
||||
define('ERR_CODE_ERROR', '16');
|
||||
define('ERR_TOO_LOW', '17');
|
||||
define('ERR_TOO_HIGH', '18');
|
||||
|
||||
|
||||
/*
|
||||
The validator functions use an array of parameters for each variable to be validated.
|
||||
|
||||
The index of the parameter array is the destination field name.
|
||||
|
||||
Possible processing options:
|
||||
'srcname' - specifies the array index of the source data, where its different to the destination index
|
||||
'dbClean' - method for preparing the value to write to the DB (done as final step before returning). Options are:
|
||||
- 'toDB' - passes final value through $tp->toDB()
|
||||
- 'intval' - makes an integer
|
||||
'stripTags' - strips HTML tags from the value (not an error if there are some)
|
||||
'minLength' - minimum length (in utf-8 characters) for the string
|
||||
'maxLength' - minimum length (in utf-8 characters) for the string
|
||||
'minVal' - lowest allowed value for numerics
|
||||
'maxVal' - highest allowed value for numerics
|
||||
'longTrim' - if set, and the string exceeds maxLength, its trimmed
|
||||
'enablePref' - value is processed only if the named $pref evaluates to true; otherwise any input is discarded without error
|
||||
'dataType' - selects special processing methods:
|
||||
1 - array of numerics (e.g. class membership)
|
||||
|
||||
In general, only define an option if its to be used
|
||||
*/
|
||||
|
||||
|
||||
class validatorClass
|
||||
{
|
||||
// Passed an array of 'source' fields and an array of definitions to validate. The definition may include the name of a validation function.
|
||||
// Returns three arrays - one of validated results, one of failed fields and one of errors corresponding to the failed fields
|
||||
// Normally processes only those source fields it finds (and for which it has a definition). If $addDefaults is true, sets defaults for those that have
|
||||
// ...one and aren't otherwise defined.
|
||||
function validateFields(&$sourceFields, &$definitions, $addDefaults = FALSE)
|
||||
{
|
||||
global $tp, $pref;
|
||||
$ret = array('validate' => array(), 'failed' => array(), 'errors' => array());
|
||||
foreach ($definitions as $dest => $defs)
|
||||
{
|
||||
$errNum = 0; // Start with no error
|
||||
$src = varset($defs['srcName'],$dest); // Set source field name
|
||||
if (!isset($sourceFields[$src]))
|
||||
{
|
||||
if ($addDefaults)
|
||||
{
|
||||
if (isset($defs['default']))
|
||||
{
|
||||
$ret['validate'] = $defs['default']; // Set default value if one is specified
|
||||
} //...otherwise don't add the value at all
|
||||
}
|
||||
else
|
||||
{
|
||||
$ret['errors'][$dest] = ERR_MISSING_VALUE; // No source value
|
||||
}
|
||||
}
|
||||
else
|
||||
{ // Got a field we want, and some data to validate here
|
||||
$value = $sourceFields[$src];
|
||||
if (!$errNum && isset($defs['enablePref']))
|
||||
{ // Only process this field if a specified pref enables it
|
||||
if (!varsettrue($pref[$options['enablePref']]))
|
||||
{
|
||||
continue; // Just loop to the next field - ignore this one.
|
||||
}
|
||||
}
|
||||
if (!$errNum && isset($defs['stripTags']))
|
||||
{
|
||||
$newValue = trim(strip_tags($value));
|
||||
if ($newValue <> $value)
|
||||
{
|
||||
$errNum = ERR_INVALID_CHARS;
|
||||
}
|
||||
$value = $newValue;
|
||||
}
|
||||
if (!$errNum && isset($defs['stripChars']))
|
||||
{
|
||||
$newValue = trim(preg_replace($defs['stripChars'], "", $value));
|
||||
if ($newValue <> $value)
|
||||
{
|
||||
$errNum = ERR_INVALID_CHARS;
|
||||
}
|
||||
$value = $newValue;
|
||||
}
|
||||
if (!$errNum && isset($defs['minLength']) && $tp->uStrLen($value) < $defs['minLength'])
|
||||
{
|
||||
if ($value == '')
|
||||
{
|
||||
$errNum = ERR_MISSING_VALUE;
|
||||
}
|
||||
else
|
||||
{
|
||||
$errNum = ERR_TOO_SHORT;
|
||||
}
|
||||
}
|
||||
if (!$errNum && isset($defs['maxLength']) && $tp->uStrLen($value) > $defs['maxLength'])
|
||||
{
|
||||
if (varsettrue($defs['longtrim']))
|
||||
{
|
||||
$value = substr($value,0,$defs['maxLength']);
|
||||
}
|
||||
else
|
||||
{
|
||||
$errNum = ERR_TOO_LONG;
|
||||
}
|
||||
}
|
||||
if (!$errnum && isset($defs['minVal']) && ($value < $defs['minVal']))
|
||||
{
|
||||
$errNum = ERR_TOO_LOW;
|
||||
}
|
||||
if (!$errnum && isset($defs['maxVal']) && ($value < $defs['maxVal']))
|
||||
{
|
||||
$errNum = ERR_TOO_HIGH;
|
||||
}
|
||||
if (!$errNum && isset($defs['fixedBlock']))
|
||||
{
|
||||
$newValue = $tp->uStrToLower($value);
|
||||
$temp = explode(',',$defs['fixedBlock']);
|
||||
foreach ($temp as $t)
|
||||
{
|
||||
if ($newValue == $tp->uStrToLower($t))
|
||||
{
|
||||
$errNum = ERR_INVALID_WORD;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$errNum && isset($defs['dataType']))
|
||||
{
|
||||
switch ($defs['dataType'])
|
||||
{
|
||||
case 1 : // Assumes we're passed an array variable to be turned into a comma-separated list of integers
|
||||
if (is_array($value))
|
||||
{
|
||||
$temp = array();
|
||||
foreach ($value as $v)
|
||||
{
|
||||
$temp[] = intval($v);
|
||||
}
|
||||
$value = implode(',',array_unique($temp));
|
||||
}
|
||||
else
|
||||
{
|
||||
$errNum = ERR_ARRAY_EXPECTED;
|
||||
}
|
||||
default :
|
||||
$errNum = ERR_CODE_ERROR; // Pick up bad values
|
||||
}
|
||||
}
|
||||
if (!$errNum)
|
||||
{
|
||||
if (isset($defs['dbClean']))
|
||||
{
|
||||
switch ($defs['dbClean'])
|
||||
{
|
||||
case 'toDB' :
|
||||
$value = $tp->toDB($value);
|
||||
break;
|
||||
case 'intval' :
|
||||
$value = intval($value);
|
||||
break;
|
||||
default :
|
||||
echo "Invalid dbClean method: {$defs['dbClean']}<br />"; // Debug message
|
||||
}
|
||||
}
|
||||
$ret['validate'][$dest] = $value; // Success!!
|
||||
}
|
||||
}
|
||||
if ($errNum)
|
||||
{ // error to report
|
||||
$ret['errors'][$dest] = $errNum;
|
||||
$ret['failed'][$dest] = $sourceFields[$src]; // Save value with error
|
||||
}
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
// Validate data against a DB table
|
||||
// Inspects the passed array of user data (not necessarily containing all possible fields) and validates against the DB where appropriate.
|
||||
// Just skips over fields for which we don't have a validation routine without an error
|
||||
// The target array is as returned from validateFields(), so has 'validate', 'failed' and 'errors' first-level sub-arrays
|
||||
// All the 'vetting methods' begin 'vet', and don't overlap with validateFields(), so the same definition array may be used for both
|
||||
// Similarly, error numbers don't overlap with validateFields()
|
||||
// Typically checks for unacceptable duplicates, banned users etc
|
||||
// Any errors are reflected by updating the passed array.
|
||||
// Returns TRUE if all data validates, FALSE if any field fails to validate. Checks all fields which are present, regardless
|
||||
// For some things we need to know the user_id of the data being validated, so may return an error if that isn't specified
|
||||
|
||||
Parameters:
|
||||
'vetMethod' - see list below. To use more than one method, specify comma-separated
|
||||
'vetParam' - possible parameter for some vet methods
|
||||
|
||||
Valid 'vetMethod' values (use comma separated list for multiple vetting):
|
||||
0 - Null method
|
||||
1 - Check for duplicates - field name in table must be the same as array index unless 'dbFieldName' specifies otherwise
|
||||
2 - Check against the comma-separated wordlist in the $pref named in vetParam['signup_disallow_text']
|
||||
|
||||
*/
|
||||
function dbValidateArray(&$targetData, &$definitions, $targetTable, $userID = 0)
|
||||
{
|
||||
global $pref;
|
||||
$u_sql = new db;
|
||||
$allOK = TRUE;
|
||||
$userID = intval($userID); // Precautionary
|
||||
if (!$targetTable) return FALSE;
|
||||
foreach ($targetData['validate'] as $f => $v)
|
||||
{
|
||||
$errMsg = '';
|
||||
if (isset($definitions[$f]))
|
||||
{
|
||||
$options = $definitions[$f]; // Validation options to use
|
||||
if (isset($options['vetMethod']))
|
||||
{
|
||||
$toDo = explode(',',$options['vetMethod']);
|
||||
foreach ($toDo as $vm)
|
||||
{
|
||||
switch ($vm)
|
||||
{
|
||||
case 0 : // Shouldn't get this - just do nothing if we do
|
||||
break;
|
||||
case 1 : // Check for duplicates.
|
||||
if ($v == '')
|
||||
{
|
||||
$errMsg = ERR_MISSING_VALUE;
|
||||
break;
|
||||
}
|
||||
$field = varset($options['dbFieldName'],$f);
|
||||
if ($temp = $u_sql->db_Count($targetTable, "(*)", "WHERE `{$f}`='".$v."' AND `user_id` != ".$userID))
|
||||
{
|
||||
$errMsg = ERR_DUPLICATE;
|
||||
}
|
||||
// echo "Duplicate check: {$f} = {$v} Result: {$temp}<br />";
|
||||
break;
|
||||
case 2 : // Check against $pref
|
||||
if (isset($options['vetParam']) && isset($pref[$options['vetParam']]))
|
||||
{
|
||||
$tmp = explode(",", $pref[$options['vetParam']]);
|
||||
foreach($tmp as $disallow)
|
||||
{
|
||||
if(stristr($v, trim($disallow)))
|
||||
{
|
||||
$errMsg = ERR_DISALLOWED_TEXT;
|
||||
}
|
||||
}
|
||||
unset($tmp);
|
||||
}
|
||||
break;
|
||||
default :
|
||||
echo 'Invalid vetMethod: '.$options['vetMethod'].'<br />'; // Really a debug aid - should never get here
|
||||
}
|
||||
if ($errMsg) { break; } // Just trap first error
|
||||
}
|
||||
// Add in other validation methods here
|
||||
}
|
||||
}
|
||||
if ($errMsg)
|
||||
{ // Update the error
|
||||
$targetData['errors'][$f] = $errMsg;
|
||||
$targetData['failed'][$f] = $v;
|
||||
unset($targetData['validate'][$f]); // Remove the valid entry
|
||||
$allOK = FALSE;
|
||||
}
|
||||
}
|
||||
return $allOK;
|
||||
}
|
||||
|
||||
|
||||
// Given a comma-separated string of required fields, and an array of data, adds an error message for each field which doesn't already have an entry.
|
||||
// Returns TRUE if no changes (which doesn't mean there are no errors - other routines may have found them). FALSE if new errors
|
||||
function checkMandatory($fieldList, &$target)
|
||||
{
|
||||
$fields = explode(',', $fieldList);
|
||||
$allOK = TRUE;
|
||||
foreach ($fields as $f)
|
||||
{
|
||||
if (!isset($target['validate'][$f]) && !isset($target['errors'][$f]))
|
||||
{
|
||||
$allOK = FALSE;
|
||||
$targetData['errors'][$f] = ERR_MISSING_VALUE;
|
||||
}
|
||||
}
|
||||
return $allOK;
|
||||
}
|
||||
|
||||
|
||||
// Given two arrays, returns an array of those elements in $input which are different from the corresponding element in $refs.
|
||||
// If $addMissing == TRUE, includes any element in $input for which there isn't a corresponding element in $refs
|
||||
function findChanges(&$input, &$refs, $addMissing = FALSE)
|
||||
{
|
||||
$ret = array();
|
||||
foreach ($input as $k => $v)
|
||||
{
|
||||
if (isset($refs[$k]))
|
||||
{
|
||||
if ($refs[$k] != $v) { $ret[$k] = $v; }
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($addMissing) { $ret[$k] = $v; }
|
||||
}
|
||||
}
|
||||
return $ret;
|
||||
}
|
||||
|
||||
|
||||
// Given a vetted array of variables, generates a list of errors using the specified format string.
|
||||
// %n is the error number (as stored on the array)
|
||||
// %t is the corresponding error message, made by concatenating $constPrefix and the error number to form a constant (e.g. $constPrefix = 'USER_ERROR_')
|
||||
// %v calls up the entered value
|
||||
// %f is the field name
|
||||
// %x is the 'nice name' - possible if parameter list passed. Otherwise field name added
|
||||
// $EOL is inserted after all messages except the last.
|
||||
// If $EOL is an empty string, returns an array of messages.
|
||||
function makeErrorList($vars, $constPrefix, $format = '%n - %x %t: %v', $EOL = '<br />', $niceNames = NULL)
|
||||
{
|
||||
if (count($vars['errors']) == 0) return '';
|
||||
$eList = array();
|
||||
$checkNice = ($niceNames != NULL) && is_array($niceNames);
|
||||
foreach ($vars['errors'] as $f => $n)
|
||||
{
|
||||
$curLine = $format;
|
||||
$curLine = str_replace('%n', $n, $curLine);
|
||||
$curLine = str_replace('%t', constant($constPrefix.$n), $curLine);
|
||||
$curLine = str_replace('%v', $vars['failed'][$f],$curLine); // Possibly this should have some protection added
|
||||
$curLine = str_replace('%f', $f, $curLine);
|
||||
if ($checkNice & isset($niceNames[$f]['niceName']))
|
||||
{
|
||||
$curLine = str_replace('%x', $niceNames[$f]['niceName'], $curLine);
|
||||
}
|
||||
else
|
||||
{
|
||||
$curLine = str_replace('%x', $f, $curLine); // Just use the field name
|
||||
}
|
||||
$eList[] = $curLine;
|
||||
}
|
||||
if ($EOL == '') return $eList;
|
||||
return implode($EOL, $eList);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
?>
|
@@ -4,8 +4,8 @@
|
||||
| e107 website system - Language File.
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_userclass2.php,v $
|
||||
| $Revision: 1.6 $
|
||||
| $Date: 2008-11-29 21:16:54 $
|
||||
| $Revision: 1.7 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
@@ -95,6 +95,11 @@ define('UCSLAN_83', 'Classes in group');
|
||||
define('UCSLAN_84', ' (Group)');
|
||||
define('UCSLAN_85', 'You have assigned all available classes; please reassign one which is not in use');
|
||||
define('UCSLAN_86', 'Some settings not allowed for admin classes - they have been set to defaults. ');
|
||||
define('UCSLAN_87', 'Recently joined users');
|
||||
define('UCSLAN_88', '');
|
||||
define('UCSLAN_89', '');
|
||||
define('UCSLAN_90', '');
|
||||
define('UCSLAN_91', '');
|
||||
|
||||
|
||||
define("UCSLAN_UPDATE", 'Update');
|
||||
|
@@ -1,13 +1,18 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system - Language File.
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_users.php,v $
|
||||
| $Revision: 1.11 $
|
||||
| $Date: 2008-07-03 21:23:47 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* Language file - user admin
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_users.php,v $
|
||||
* $Revision: 1.12 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
define("USRLAN_1", "Options Saved.");
|
||||
define("USRLAN_3", "now listed an Administrator - to set permissions please go to the");
|
||||
@@ -155,6 +160,7 @@ define("USRLAN_152", "Clear bounce and Activate");
|
||||
define("USRLAN_153", "Delete non-bounce emails");
|
||||
define("USRLAN_154", "Clear email for checked");
|
||||
define("USRLAN_155", "Total {TOTAL} emails found. {DELCOUNT} deleted through options.<br />{DELUSER} users marked as 'bounced' (out of {FOUND} emails)");
|
||||
define("USRLAN_156", "Email address is already in use");
|
||||
|
||||
define('USRLAN_160', 'Total --COUNT-- users of type --TYPE-- pruned');
|
||||
define('USRLAN_161', 'User ID --UID-- name --NAME-- banned');
|
||||
@@ -170,12 +176,12 @@ define('USRLAN_170', 'Random user name');
|
||||
define('USRLAN_171', 'Random password');
|
||||
define('USRLAN_172', 'Password set');
|
||||
define('USRLAN_173', 'Login name set');
|
||||
define('USRLAN_174', '');
|
||||
define('USRLAN_174', 'User name --NAME-- created');
|
||||
define('USRLAN_175', '');
|
||||
|
||||
define('USRLAN_179', "User banned: ");
|
||||
define('USRLAN_180', "IP address of {IP} appears on whitelist; IP not banned.");
|
||||
define('USRLAN_181', "Send confirmation email with password to new user");
|
||||
define('USRLAN_179', 'User banned: ');
|
||||
define('USRLAN_180', 'IP address of {IP} appears on whitelist; IP not banned.');
|
||||
define('USRLAN_181', 'Send confirmation email with password to new user');
|
||||
define('USRLAN_182', 'Invalid characters in login name');
|
||||
define('USRLAN_183', 'That login name already in use');
|
||||
define('USRLAN_184', 'Length of login name outside limits');
|
||||
@@ -186,49 +192,19 @@ define('USRLAN_187', 'Access to website: ');
|
||||
define('USRLAN_188', 'Email sent successfully');
|
||||
define('USRLAN_189', 'Error sending email');
|
||||
|
||||
define("LAN_MAINADMIN","Main Admin");
|
||||
define("LAN_ADMIN","Admin");
|
||||
define("LAN_NOTVERIFIED","Not Verified");
|
||||
define("LAN_BANNED","Banned");
|
||||
define("LAN_BOUNCED","Bounced");
|
||||
define('USRLAN_190', 'New user probationary period (days)');
|
||||
define('USRLAN_191', '(admin can impose restrictions during this period in some areas)');
|
||||
define('USRLAN_192', 'days');
|
||||
define('USRLAN_193', 'Nothing changed - not saved');
|
||||
define('USRLAN_194', '');
|
||||
define('USRLAN_195', '');
|
||||
|
||||
define("DUSRLAN_1", "ID");
|
||||
define("DUSRLAN_2", "Display Name");
|
||||
define("DUSRLAN_3", "Username");
|
||||
define("DUSRLAN_4", "Custom Title");
|
||||
define("DUSRLAN_5", "Password");
|
||||
define("DUSRLAN_6", "Photo");
|
||||
define("DUSRLAN_7", "Email");
|
||||
define("DUSRLAN_8", "Website");
|
||||
define("DUSRLAN_9", "ICQ");
|
||||
define("DUSRLAN_10", "AIM");
|
||||
define("DUSRLAN_11", "MSN");
|
||||
define("DUSRLAN_12", "Location");
|
||||
define("DUSRLAN_13", "Birthday");
|
||||
define("DUSRLAN_14", "Signature");
|
||||
define("DUSRLAN_15", "Avatar");
|
||||
define("DUSRLAN_16", "Timezone");
|
||||
define("DUSRLAN_17", "Hide Email");
|
||||
define("DUSRLAN_18", "Join Date");
|
||||
define("DUSRLAN_19", "Last Visit");
|
||||
define("DUSRLAN_20", "Current Visit");
|
||||
define("DUSRLAN_21", "Last Post");
|
||||
define("DUSRLAN_22", "Chatbox Posts");
|
||||
define("DUSRLAN_23", "Comments");
|
||||
define("DUSRLAN_24", "Forum Posts");
|
||||
define("DUSRLAN_25", "IP");
|
||||
define("DUSRLAN_26", "Ban");
|
||||
define("DUSRLAN_27", "Prefs");
|
||||
define("DUSRLAN_28", "New");
|
||||
define("DUSRLAN_29", "Viewed");
|
||||
define("DUSRLAN_30", "Visits");
|
||||
define("DUSRLAN_31", "Admin");
|
||||
define("DUSRLAN_32", "Real Name");
|
||||
define("DUSRLAN_33", "User Class");
|
||||
define("DUSRLAN_34", "Perms");
|
||||
define("DUSRLAN_35", "Tracked threads");
|
||||
define("DUSRLAN_36", "Password Change");
|
||||
define("DUSRLAN_37", "XUP");
|
||||
|
||||
define('LAN_MAINADMIN','Main Admin');
|
||||
define('LAN_ADMIN','Admin');
|
||||
define('LAN_NOTVERIFIED','Not Verified');
|
||||
define('LAN_BANNED','Banned');
|
||||
define('LAN_BOUNCED','Bounced');
|
||||
|
||||
|
||||
?>
|
@@ -1,13 +1,18 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system - Language File.
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_signup.php,v $
|
||||
| $Revision: 1.12 $
|
||||
| $Date: 2008-07-30 19:46:30 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* Language file - User signup
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_signup.php,v $
|
||||
* $Revision: 1.13 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
define("PAGE_NAME", "Register");
|
||||
define("LAN_7", "Display Name: ");
|
||||
|
@@ -4,8 +4,8 @@
|
||||
| e107 website system - Language File.
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_userclass.php,v $
|
||||
| $Revision: 1.2 $
|
||||
| $Date: 2008-12-17 21:02:30 $
|
||||
| $Revision: 1.3 $
|
||||
| $Date: 2008-12-21 11:07:58 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
@@ -18,5 +18,6 @@ define("UC_LAN_5", "Admin");
|
||||
define("UC_LAN_6", "Main Admin");
|
||||
define('UC_LAN_7', 'Forum Moderators');
|
||||
define('UC_LAN_8','Admins and Mods');
|
||||
define('UC_LAN_9','New Users');
|
||||
|
||||
?>
|
146
signup.php
146
signup.php
@@ -1,36 +1,30 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system
|
||||
|
|
||||
| <20>Steve Dunstan 2001-2008
|
||||
| http://e107.org
|
||||
| jalist@e107.org
|
||||
|
|
||||
| Released under the terms and conditions of the
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/signup.php,v $
|
||||
| $Revision: 1.26 $
|
||||
| $Date: 2008-12-17 20:26:51 $
|
||||
| $Author: e107steved $
|
||||
+----------------------------------------------------------------------------+
|
||||
* e107 website system
|
||||
*
|
||||
* Copyright (C) 2001-2008 e107 Inc (e107.org)
|
||||
* Released under the terms and conditions of the
|
||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||
*
|
||||
* User signup
|
||||
*
|
||||
* $Source: /cvs_backup/e107_0.8/signup.php,v $
|
||||
* $Revision: 1.27 $
|
||||
* $Date: 2008-12-21 11:07:58 $
|
||||
* $Author: e107steved $
|
||||
*
|
||||
*/
|
||||
|
||||
require_once("class2.php");
|
||||
$qs = explode(".", e_QUERY);
|
||||
if($qs[0] != "activate")
|
||||
{ // multi-language fix.
|
||||
e107_include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_signup.php");
|
||||
e107_include_once(e_LANGUAGEDIR."English/lan_signup.php");
|
||||
e107_include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_usersettings.php");
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_signup.php");
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_usersettings.php");
|
||||
}
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related language defines
|
||||
|
||||
|
||||
if (isset($pref['del_unv']) && $pref['del_unv'] && $pref['user_reg_veri'] != 2)
|
||||
{
|
||||
$threshold=(time() - ($pref['del_unv'] * 60));
|
||||
$sql->db_Delete("user", "user_ban = 2 AND user_join < '{$threshold}' ");
|
||||
}
|
||||
|
||||
include_once(e_HANDLER."user_extended_class.php");
|
||||
$usere = new e107_user_extended;
|
||||
@@ -38,6 +32,7 @@ require_once(e_HANDLER."calendar/calendar_class.php");
|
||||
$cal = new DHTML_Calendar(true);
|
||||
require_once(e_HANDLER.'user_handler.php');
|
||||
$user_info = new UserHandler;
|
||||
$user_info->deleteExpired(); // Delete time-expired partial registrations
|
||||
|
||||
if (is_readable(THEME."signup_template.php"))
|
||||
{
|
||||
@@ -74,76 +69,76 @@ if(e_QUERY == "resend" && !USER && ($pref['user_reg_veri'] == 1))
|
||||
}
|
||||
|
||||
if($_POST['submit_resend'])
|
||||
{ // Action user's submitted information
|
||||
// 'resend_email' - user name or email address actually used to sign up
|
||||
// 'resend_newemail' - corrected email address
|
||||
// 'resend_password' - password (required if changing email address)
|
||||
{ // Action user's submitted information
|
||||
// 'resend_email' - user name or email address actually used to sign up
|
||||
// 'resend_newemail' - corrected email address
|
||||
// 'resend_password' - password (required if changing email address)
|
||||
|
||||
if($_POST['resend_email'] && !$new_email && $sql->db_Select_gen("SELECT * FROM #user WHERE user_ban=0 AND user_sess='' AND (user_loginname= \"".$tp->toDB($_POST['resend_email'])."\" OR user_name = \"".$tp->toDB($_POST['resend_email'])."\" OR user_email = \"".$clean_email."\" ) "))
|
||||
{ // Account already activated
|
||||
{ // Account already activated
|
||||
$ns -> tablerender(LAN_SIGNUP_40,LAN_SIGNUP_41."<br />");
|
||||
require_once(FOOTERF);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
// Start by looking up the user
|
||||
if(!$sql->db_Select("user", "*", "(user_loginname = \"".$tp->toDB($_POST['resend_email'])."\" OR user_name = \"".$tp->toDB($_POST['resend_email'])."\" OR user_email = \"".$clean_email."\" ) AND user_ban=".USER_REGISTERED_NOT_VALIDATED." AND user_sess !='' LIMIT 1"))
|
||||
{
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
message_handler("ALERT",LAN_SIGNUP_64); // email (or other info) not valid.
|
||||
exit;
|
||||
}
|
||||
$row = $sql -> db_Fetch();
|
||||
// We should have a user record here
|
||||
|
||||
if(trim($_POST['resend_password']) !="" && $new_email)
|
||||
{ // Need to change the email address - check password to make sure
|
||||
if ($user_info->CheckPassword($_POST['resend_password'], $row['user_loginname'], $row['user_password']) === TRUE)
|
||||
// Start by looking up the user
|
||||
if(!$sql->db_Select("user", "*", "(user_loginname = \"".$tp->toDB($_POST['resend_email'])."\" OR user_name = \"".$tp->toDB($_POST['resend_email'])."\" OR user_email = \"".$clean_email."\" ) AND user_ban=".USER_REGISTERED_NOT_VALIDATED." AND user_sess !='' LIMIT 1"))
|
||||
{
|
||||
if($sql->db_Update("user", "user_email='".$new_email."' WHERE user_id = '".$row['user_id']."' LIMIT 1 "))
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
message_handler("ALERT",LAN_SIGNUP_64); // email (or other info) not valid.
|
||||
exit;
|
||||
}
|
||||
$row = $sql -> db_Fetch();
|
||||
// We should have a user record here
|
||||
|
||||
if(trim($_POST['resend_password']) !="" && $new_email)
|
||||
{ // Need to change the email address - check password to make sure
|
||||
if ($user_info->CheckPassword($_POST['resend_password'], $row['user_loginname'], $row['user_password']) === TRUE)
|
||||
{
|
||||
if($sql->db_Update("user", "user_email='".$new_email."' WHERE user_id = '".$row['user_id']."' LIMIT 1 "))
|
||||
{
|
||||
$row['user_email'] = $new_email;
|
||||
$row['user_email'] = $new_email;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
message_handler("ALERT",LAN_SIGNUP_52); // Incorrect Password.
|
||||
exit;
|
||||
require_once(e_HANDLER."message_handler.php");
|
||||
message_handler("ALERT",LAN_SIGNUP_52); // Incorrect Password.
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Now send the email - got some valid info
|
||||
$_POST['password1'] = "xxxxxxxxx";
|
||||
$_POST['loginname'] = $row['user_loginname'];
|
||||
$_POST['name'] = $row['user_name'];
|
||||
$nid = $row['user_id'];
|
||||
$u_key = $row['user_sess'];
|
||||
|
||||
// Now send the email - got some valid info
|
||||
$_POST['password1'] = "xxxxxxxxx";
|
||||
$_POST['loginname'] = $row['user_loginname'];
|
||||
$_POST['name'] = $row['user_name'];
|
||||
$nid = $row['user_id'];
|
||||
$u_key = $row['user_sess'];
|
||||
$eml = render_email();
|
||||
$mailheader_e107id = $nid;
|
||||
require_once(e_HANDLER."mail.php");
|
||||
|
||||
$eml = render_email();
|
||||
$mailheader_e107id = $nid;
|
||||
require_once(e_HANDLER."mail.php");
|
||||
$do_log['signup_action'] = LAN_SIGNUP_63;
|
||||
|
||||
$do_log['signup_action'] = LAN_SIGNUP_63;
|
||||
|
||||
if(!sendemail($row['user_email'], $eml['subject'], $eml['message'], $row['user_name'], "", "", $eml['attachments'], $eml['cc'], $eml['bcc'], $returnpath, $returnreceipt,$eml['inline-images']))
|
||||
{
|
||||
$ns -> tablerender(LAN_ERROR,LAN_SIGNUP_42);
|
||||
$do_log['signup_result'] = LAN_SIGNUP_62;
|
||||
}
|
||||
else
|
||||
{
|
||||
$ns -> tablerender(LAN_SIGNUP_43,LAN_SIGNUP_44." ".$row['user_email']." - ".LAN_SIGNUP_45."<br /><br />");
|
||||
$do_log['signup_result'] = LAN_SIGNUP_61;
|
||||
}
|
||||
// Now log this (log will ignore if its disabled)
|
||||
$admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,$row['user_id'],$row['user_name']);
|
||||
require_once(FOOTERF);
|
||||
exit;
|
||||
}
|
||||
if(!sendemail($row['user_email'], $eml['subject'], $eml['message'], $row['user_name'], "", "", $eml['attachments'], $eml['cc'], $eml['bcc'], $returnpath, $returnreceipt,$eml['inline-images']))
|
||||
{
|
||||
$ns -> tablerender(LAN_ERROR,LAN_SIGNUP_42);
|
||||
$do_log['signup_result'] = LAN_SIGNUP_62;
|
||||
}
|
||||
else
|
||||
{
|
||||
$ns -> tablerender(LAN_SIGNUP_43,LAN_SIGNUP_44." ".$row['user_email']." - ".LAN_SIGNUP_45."<br /><br />");
|
||||
$do_log['signup_result'] = LAN_SIGNUP_61;
|
||||
}
|
||||
// Now log this (log will ignore if its disabled)
|
||||
$admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,$row['user_id'],$row['user_name']);
|
||||
require_once(FOOTERF);
|
||||
exit;
|
||||
}
|
||||
elseif(!$_POST['submit_resend'])
|
||||
{ // Display form to get info from user
|
||||
{ // Display form to get info from user
|
||||
$text .= "<div style='text-align:center'>
|
||||
<form method='post' action='".e_SELF."?resend' name='resend_form'>
|
||||
<table style='".USER_WIDTH."' class='fborder'>
|
||||
@@ -188,7 +183,7 @@ if(e_QUERY == "resend" && !USER && ($pref['user_reg_veri'] == 1))
|
||||
|
||||
// ------------------------------------------------------------------
|
||||
|
||||
if(!$_POST) // Notice Removal.
|
||||
if(!$_POST)
|
||||
{
|
||||
|
||||
$error = "";
|
||||
@@ -381,7 +376,7 @@ if (isset($_POST['register']))
|
||||
$error = TRUE;
|
||||
}
|
||||
|
||||
if($_POST['xupexist'])
|
||||
if (varsettrue($pref['xup_enabled']) && varsettrue($_POST['xupexist']))
|
||||
{
|
||||
require_once(e_HANDLER."xml_class.php");
|
||||
$xml = new parseXml;
|
||||
@@ -585,7 +580,6 @@ global $db_debug;
|
||||
|
||||
// Check Email against banlist.
|
||||
$wc = $tp -> toDB("*".trim(substr($_POST['email'], strpos($_POST['email'], "@"))));
|
||||
// if ($do_email_validate && $sql->db_Select("banlist", "*", "banlist_ip='".$_POST['email']."' OR banlist_ip='{$wc}'"))
|
||||
if ($do_email_validate && !$e107->check_ban("banlist_ip='".$_POST['email']."' OR banlist_ip='{$wc}'",FALSE,TRUE))
|
||||
{
|
||||
$email_address_OK = FALSE;
|
||||
|
781
usersettings.php
781
usersettings.php
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user