mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00
Code Issues Releases Wiki Activity

This is a mass commit ... expect trouble! Changes made here are primarily to how login is handled, schema changes necessary!

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@4970 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2004-09-01 15:47:46 +00:00
parent 3c8e36b458
commit 070cbefa46
27 changed files with 1785 additions and 2654 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
phpBB/includes/functions.php
View File

@@ -7,8 +7,8 @@
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : <20> 2001,2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
@@ -91,8 +91,8 @@ function gen_rand_string($num_chars)
{
$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
list($usec, $sec) = explode(' ', microtime());
mt_srand($sec * $usec);
list($usec, $sec) = explode(' ', microtime());
mt_srand($sec * $usec);
$max_chars = count($chars) - 1;
$rand_str = '';
@@ -147,7 +147,7 @@ function parse_text_display($text, $text_rules)
$bbcode->bbcode_second_pass($text, $bbcode_uid, $bbcode_bitfield);
}
// If we allow users to disable display of emoticons we'll need an appropriate
// If we allow users to disable display of emoticons we'll need an appropriate
// check and preg_replace here
if ($allow_smilies)
{
@@ -160,7 +160,7 @@ function parse_text_display($text, $text_rules)
return $text;
}
// Create forum rules for given forum
// Create forum rules for given forum
function generate_forum_rules($forum_data)
{
if (!$forum_data['forum_rules'] && !$forum_data['forum_rules_link'])
@@ -270,7 +270,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
global $config, $template, $db, $phpEx, $SID;
// Have we disabled the display of moderators? If so, then return
// from whence we came ...
// from whence we came ...
if (empty($config['load_moderators']))
{
return;
@@ -293,7 +293,7 @@ function get_moderators(&$forum_moderators, $forum_id = false)
while ($row = $db->sql_fetchrow($result))
{
$forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="groupcp.' . $phpEx . $SID . '&amp;g=' . $row['group_id'] . '">' . $row['groupname'] . '</a>';
$forum_moderators[$row['forum_id']][] = (!empty($row['user_id'])) ? '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $row['user_id'] . '">' . $row['username'] . '</a>' : '<a href="memberlist.' . $phpEx . $SID . '&amp;mode=group&amp;g=' . $row['group_id'] . '">' . $row['groupname'] . '</a>';
}
$db->sql_freeresult($result);
@@ -405,7 +405,7 @@ function make_jumpbox($action, $forum_id = false, $select_all = false, $acl_list
$iteration++;
$display_jumpbox = true;
}
if ($row['left_id'] < $right)
{
$padding++;
@@ -455,7 +455,7 @@ function language_select($default = '')
{
global $db;
$sql = 'SELECT lang_iso, lang_local_name
$sql = 'SELECT lang_iso, lang_local_name
FROM ' . LANG_TABLE . '
ORDER BY lang_english_name';
$result = $db->sql_query($sql);
@@ -478,7 +478,7 @@ function style_select($default = '', $all = false)
$sql_where = (!$all) ? 'WHERE style_active = 1 ' : '';
$sql = 'SELECT style_id, style_name
FROM ' . STYLES_TABLE . "
FROM ' . STYLES_TABLE . "
$sql_where
ORDER BY style_name";
$result = $db->sql_query($sql);
@@ -601,7 +601,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
{
if ($_GET['unwatch'] == $mode)
{
login_box($user->cur_page);
login_box();
}
}
else
@@ -624,7 +624,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
{
global $config, $db, $user;
if ($user->data['user_id'] == ANONYMOUS)
{
return;
@@ -645,12 +645,12 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
case 'mark':
if ($config['load_db_lastread'])
{
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . '
$sql = 'SELECT forum_id
FROM ' . FORUMS_TRACK_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')';
$result = $db->sql_query($sql);
$sql_update = array();
while ($row = $db->sql_fetchrow($result))
{
@@ -661,7 +661,7 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
if (sizeof($sql_update))
{
$sql = 'UPDATE ' . FORUMS_TRACK_TABLE . "
SET mark_time = $current_time
SET mark_time = $current_time
WHERE user_id = " . $user->data['user_id'] . '
AND forum_id IN (' . implode(', ', $sql_update) . ')';
$db->sql_query($sql);
@@ -723,14 +723,14 @@ function markread($mode, $forum_id = 0, $topic_id = 0, $marktime = false)
case 'topic':
$forum_id = (int) $forum_id[0];
// Mark a topic as read
if ($config['load_db_lastread'] || ($config['load_db_track'] && $type == TRACK_POSTED))
{
$sql = 'UPDATE ' . TOPICS_TRACK_TABLE . "
SET mark_type = $type, mark_time = $current_time
WHERE topic_id = $topic_id
AND user_id = " . $user->data['user_id'] . "
AND user_id = " . $user->data['user_id'] . "
AND mark_time < $current_time";
if (!$db->sql_query($sql) || !$db->sql_affectedrows())
{
@@ -905,7 +905,7 @@ function obtain_icons(&$icons)
{
// Topic icons
$sql = 'SELECT *
FROM ' . ICONS_TABLE . '
FROM ' . ICONS_TABLE . '
ORDER BY icons_order';
$result = $db->sql_query($sql);
@@ -993,14 +993,14 @@ function obtain_attach_extensions(&$extensions)
$extensions[$extension]['download_mode'] = (int) $row['download_mode'];
$extensions[$extension]['upload_icon'] = trim($row['upload_icon']);
$extensions[$extension]['max_filesize'] = (int) $row['max_filesize'];
$allowed_forums = ($row['allowed_forums']) ? unserialize(trim($row['allowed_forums'])) : array();
if ($row['allow_in_pm'])
{
$allowed_forums = array_merge($allowed_forums, array(0));
}
// Store allowed extensions forum wise
$extensions['_allowed_'][$extension] = (!sizeof($allowed_forums)) ? 0 : $allowed_forums;
}
@@ -1074,7 +1074,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
{
return false;
}
$confirm = false;
if (isset($_POST['confirm']))
{
@@ -1095,14 +1095,14 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
{
return false;
}
return true;
}
else if ($check)
{
return false;
}
$s_hidden_fields = '<input type="hidden" name="user_id" value="' . $user->data['user_id'] . '" /><input type="hidden" name="sess" value="' . $user->session_id . '" /><input type="hidden" name="sid" value="' . $SID . '" />';
// generate activation key
@@ -1130,7 +1130,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
'S_CONFIRM_ACTION' => $user->cur_page . ((strpos($user->cur_page, '?') !== false) ? '&' : '?') . 'confirm_key=' . $confirm_key,
'S_HIDDEN_FIELDS' => $hidden . $s_hidden_fields)
);
$sql = 'UPDATE ' . USERS_TABLE . " SET user_last_confirm_key = '" . $db->sql_escape($confirm_key) . "'
WHERE user_id = " . $user->data['user_id'];
$db->sql_query($sql);
@@ -1139,25 +1139,28 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
}
// Generate login box or verify password
function login_box($s_action, $s_hidden_fields = '', $login_explain = '', $ucp_login = false)
function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true)
{
global $SID, $db, $user, $template, $auth, $phpEx, $phpbb_root_path;
$err = '';
if (isset($_POST['login']))
{
$username = request_var('username', '');
$password = request_var('password', '');
$autologin = (!empty($_POST['autologin'])) ? TRUE : FALSE;
$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
$admin = ($admin) ? 1 : 0;
if (($result = $auth->login($username, $password, $autologin, $viewonline)) === true)
// If authentication is successful we redirect user to previous page
if (($result = $auth->login($username, $password, $autologin, $viewonline, $admin)) === true)
{
// TODO
// Force change password ... plugin for EVENT_LOGIN in future
// but for now we'll do it here
$redirect = request_var('redirect', "index.$phpEx$SID");
meta_refresh(3, $redirect);
return true;
$message = (($l_success) ? $l_success : $user->lang['LOGIN_REDIRECT']) . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $redirect . '">', '</a> ');
trigger_error($message);
}
// If we get a non-numeric (e.g. string) value we output an error
@@ -1170,19 +1173,35 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '', $ucp_l
$err = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR'];
}
$s_hidden_fields .= ($ucp_login && !empty($_SERVER['HTTP_REFERER'])) ? '<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['HTTP_REFERER']) . '" />' : '<input type="hidden" name="redirect" value="' . $s_action . '" />';
if (!$redirect)
{
$split_page = array();
preg_match_all('#^.*?([a-z]+?)\.' . $phpEx . '\?(.*?)$#i', $user->page, $split_page, PREG_SET_ORDER);
// No script name set? Assume index
if (empty($split_page[0][1]))
{
$split_page[0][1] = 'index';
}
// Current page correctly formatted for (login) redirects
$redirect = htmlspecialchars($split_page[0][1] . '.' . $phpEx . $SID . ((!empty($split_page[0][2])) ? '&' . $split_page[0][2] : ''));
}
$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $redirect . '" />';
$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $SID . '" />';
$template->assign_vars(array(
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $login_explain,
'LOGIN_ERROR' => $err,
'LOGIN_EXPLAIN' => $l_explain,
'U_SEND_PASSWORD' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=sendpassword",
'U_TERMS_USE' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=terms",
'U_PRIVACY' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=privacy",
'U_TERMS_USE' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=terms",
'U_PRIVACY' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=privacy",
'S_LOGIN_ACTION' => "{$phpbb_root_path}ucp.$phpEx$SID&amp;mode=login",
'S_HIDDEN_FIELDS' => $s_hidden_fields)
'S_DISPLAY_FULL_LOGIN' => ($s_display) ? true : false,
'S_LOGIN_ACTION' => $redirect_page,
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
page_header($user->lang['LOGIN']);
@@ -1203,7 +1222,7 @@ function login_forum_box(&$forum_data)
$password = request_var('password', '');
$sql = 'SELECT forum_id
FROM ' . FORUMS_ACCESS_TABLE . '
FROM ' . FORUMS_ACCESS_TABLE . '
WHERE forum_id = ' . $forum_data['forum_id'] . '
AND user_id = ' . $user->data['user_id'] . "
AND session_id = '$user->session_id'";
@@ -1219,7 +1238,7 @@ function login_forum_box(&$forum_data)
if ($password)
{
// Remove expired authorised sessions
$sql = 'SELECT session_id
$sql = 'SELECT session_id
FROM ' . SESSIONS_TABLE;
$result = $db->sql_query($sql);
@@ -1344,7 +1363,7 @@ function extension_allowed($forum_id, $extension)
{
return true;
}
return (!in_array($forum_id, $check)) ? false : true;
}
else
@@ -1410,7 +1429,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
if (!defined('HEADER_INC'))
{
if (defined('IN_ADMIN'))
if (defined('IN_ADMIN') && !empty($user->data['session_admin']))
{
adm_page_header('', '', false);
}
@@ -1425,7 +1444,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
$display_header = (!isset($display_header)) ? false : (bool) $display_header;
$show_prev_info = (!isset($show_prev_info)) ? true : (bool) $show_prev_info;
if (defined('IN_ADMIN'))
if (defined('IN_ADMIN') && !empty($user->data['session_admin']))
{
adm_page_message($msg_title, $msg_text, $display_header, $show_prev_info);
adm_page_footer();
@@ -1445,6 +1464,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
}
exit;
break;
default:
if (defined('DEBUG_EXTRA'))
{
@@ -1503,7 +1523,7 @@ function page_header($page_title = '')
$reading_sql = "AND s.session_page LIKE '%f=$f%'";
}
$sql = 'SELECT u.username, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_allow_viewonline
$sql = 'SELECT u.username, u.user_id, u.user_type, u.user_allow_viewonline, u.user_colour, s.session_ip, s.session_viewonline
FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s
WHERE s.session_time >= ' . (time() - (intval($config['load_online_time']) * 60)) . "
$reading_sql
@@ -1666,8 +1686,9 @@ function page_header($page_title = '')
'SITENAME' => $config['sitename'],
'SITE_DESCRIPTION' => $config['site_desc'],
'PAGE_TITLE' => $page_title,
'SCRIPT_NAME' => substr($user->page, 0, strpos($user->page, '.')),
'LAST_VISIT_DATE' => sprintf($user->lang['YOU_LAST_VISIT'], $s_last_visit),
'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time())),
'CURRENT_TIME' => sprintf($user->lang['CURRENT_TIME'], $user->format_date(time(), false, true)),
'TOTAL_USERS_ONLINE' => $l_online_users,
'LOGGED_IN_USER_LIST' => $online_userlist,
'RECORD_USERS' => $l_online_record,
@@ -1676,8 +1697,8 @@ function page_header($page_title = '')
'SID' => $SID,
'L_LOGIN_LOGOUT' => $l_login_logout,
'L_INDEX' => $user->lang['FORUM_INDEX'],
'L_ONLINE_EXPLAIN' => $l_online_time,
'L_INDEX' => $user->lang['FORUM_INDEX'],
'L_ONLINE_EXPLAIN' => $l_online_time,
'U_PRIVATEMSGS' => "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&mode=" . (($user->data['user_new_privmsg'] || $l_privmsgs_text_unread) ? 'unread' : 'view_messages'),
'U_RETURN_INBOX' => "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&folder=inbox",
@@ -1685,7 +1706,6 @@ function page_header($page_title = '')
'U_MEMBERLIST' => "{$phpbb_root_path}memberlist.$phpEx$SID",
'U_VIEWONLINE' => "{$phpbb_root_path}viewonline.$phpEx$SID",
'U_MEMBERSLIST' => "{$phpbb_root_path}memberlist.$phpEx$SID",
'U_GROUP_CP' => "{$phpbb_root_path}groupcp.$phpEx$SID",
'U_LOGIN_LOGOUT' => $u_login_logout,
'U_INDEX' => "{$phpbb_root_path}index.$phpEx$SID",
'U_SEARCH' => "{$phpbb_root_path}search.$phpEx$SID",
@@ -1700,24 +1720,24 @@ function page_header($page_title = '')
'S_USER_LOGGED_IN' => ($user->data['user_id'] != ANONYMOUS) ? true : false,
'S_USER_PM_POPUP' => $user->optionget('popuppm'),
'S_USER_LANG' => $user->data['user_lang'],
'S_USER_LANG' => $user->data['user_lang'],
'S_USER_BROWSER' => (isset($user->data['session_browser'])) ? $user->data['session_browser'] : $user->lang['UNKNOWN_BROWSER'],
'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'],
'S_CONTENT_ENCODING' => $user->lang['ENCODING'],
'S_CONTENT_DIR_LEFT' => $user->lang['LEFT'],
'S_CONTENT_DIR_RIGHT' => $user->lang['RIGHT'],
'S_TIMEZONE' => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
'S_DISPLAY_ONLINE_LIST' => (!empty($config['load_online'])) ? 1 : 0,
'S_DISPLAY_SEARCH' => (!empty($config['load_search'])) ? 1 : 0,
'S_DISPLAY_PM' => (!empty($config['allow_privmsg'])) ? 1 : 0,
'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,
'S_TIMEZONE' => ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
'S_DISPLAY_ONLINE_LIST' => (!empty($config['load_online'])) ? 1 : 0,
'S_DISPLAY_SEARCH' => (!empty($config['load_search'])) ? 1 : 0,
'S_DISPLAY_PM' => (!empty($config['allow_privmsg'])) ? 1 : 0,
'S_DISPLAY_MEMBERLIST' => (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,
'S_NEW_PM' => ($s_privmsg_new) ? 1 : 0,
'T_THEME_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme',
'T_TEMPLATE_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['template_path'] . '/template',
'T_IMAGESET_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['imageset_path'] . '/imageset',
'T_THEME_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme',
'T_TEMPLATE_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['template_path'] . '/template',
'T_IMAGESET_PATH' => "{$phpbb_root_path}styles/" . $user->theme['primary']['imageset_path'] . '/imageset',
'T_STYLESHEET_LINK' => (!$user->theme['primary']['theme_storedb']) ? "{$phpbb_root_path}styles/" . $user->theme['primary']['theme_path'] . '/theme/stylesheet.css' : "{$phpbb_root_path}style.$phpEx?sid=$user->session_id&amp;id=" . $user->theme['primary']['theme_id'],
'T_STYLESHEET_NAME' => $user->theme['primary']['theme_name'],
'T_STYLESHEET_NAME' => $user->theme['primary']['theme_name'],
'T_THEME_DATA' => (!$user->theme['primary']['theme_storedb']) ? '' : $user->theme['primary']['theme_data'])
);
@@ -1757,7 +1777,7 @@ function page_footer()
$template->assign_vars(array(
'PHPBB_VERSION' => $config['version'],
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'DEBUG_OUTPUT' => (defined('DEBUG')) ? $debug_output : '',
'U_ACP' => ($auth->acl_get('a_') && $user->data['user_id'] != ANONYMOUS) ? "adm/index.$phpEx?sid=" . $user->data['session_id'] : '')
);

88
phpBB/includes/session.php
View File

@@ -30,28 +30,9 @@ class session
$current_time = time();
$this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : $_ENV['HTTP_USER_AGENT'];
$this->page = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : $_ENV['REQUEST_URI'];
$split_page = array();
preg_match_all('#^.*?([a-z]+?)\.' . $phpEx . '\?sid=[a-z0-9]*?(&.*)?$#i', $this->page, $split_page, PREG_SET_ORDER);
// Take care of SID
if (!isset($split_page[0][1]))
{
$split_page[0][1] = substr(strrchr($this->page, '/'), 1);
}
// Page for session_page value
$this->page = $split_page[0][1] . ((isset($split_page[0][2])) ? $split_page[0][2] : '');
$this->page = preg_replace('#^.*?\/?(\/adm\/)?([a-z]+?\.' . $phpEx . '\?)sid=[a-z0-9]*&?(.*?)$#i', '\1\2\3', $this->page);
$this->page .= (isset($_POST['f'])) ? 'f=' . intval($_POST['f']) : '';
// Current page correctly formatted for (login) redirects
$this->cur_page = str_replace('&amp;', '&', htmlspecialchars($split_page[0][1] . '.' . $phpEx . ((isset($split_page[0][2])) ? '?' . $split_page[0][2] : '')));
// Current page filename for use in template (index, viewtopic, viewforum...)
$this->current_page_filename = $split_page[0][1];
unset($split_page);
if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data']))
{
$sessiondata = (!empty($_COOKIE[$config['cookie_name'] . '_data'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : array();
@@ -145,12 +126,13 @@ class session
}
// Create a new session
function create(&$user_id, &$autologin, $set_autologin = false, $viewonline = 1)
function create(&$user_id, &$autologin, $set_autologin = false, $viewonline = 1, $admin = 0)
{
global $SID, $db, $config;
$sessiondata = array();
$current_time = time();
$current_user = $this->data['user_id'];
$bot = false;
// Pull bot information from DB and loop through it
@@ -290,38 +272,45 @@ class session
// Create or update the session
$db->sql_return_on_error(true);
$sql = 'UPDATE ' . SESSIONS_TABLE . "
SET session_user_id = $user_id, session_last_visit = " . $this->data['session_last_visit'] . ", session_start = $current_time, session_time = $current_time, session_browser = '" . $db->sql_escape($this->browser) . "', session_page = '" . $db->sql_escape($this->page) . "', session_allow_viewonline = $viewonline
$sql_ary = array(
'session_user_id' => (int) $user_id,
'session_start' => (int) $current_time,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $current_time,
'session_browser' => (string) $this->browser,
'session_page' => (string) $this->page,
'session_viewonline' => (int) $viewonline,
'session_admin' => (int) $admin,
);
$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
if ($this->session_id == '' || !$db->sql_query($sql) || !$db->sql_affectedrows())
{
$db->sql_return_on_error(false);
$this->session_id = md5(uniqid($this->ip));
$sql = 'INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'session_id' => (string) $this->session_id,
'session_user_id' => (int) $user_id,
'session_start' => (int) $current_time,
'session_last_visit' => (int) $this->data['session_last_visit'],
'session_time' => (int) $current_time,
'session_ip' => (string) $this->ip,
'session_browser' => (string) $this->browser,
'session_page' => (string) $this->page,
'session_allow_viewonline' => (int) $viewonline
));
$db->sql_query($sql);
$sql_ary['session_id'] = (string) $this->session_id;
$db->sql_query('INSERT INTO ' . SESSIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
}
$db->sql_return_on_error(false);
if (!$bot)
{
$this->data['session_id'] = $this->session_id;
$sessiondata['autologinid'] = ($autologin && $user_id != ANONYMOUS) ? $autologin : '';
$sessiondata['userid'] = $user_id;
// Don't set cookies if we're an admin re-authenticating
if (!$admin || ($admin && $current_user == ANONYMOUS))
{
$sessiondata['userid'] = $user_id;
$sessiondata['autologinid'] = ($autologin && $user_id != ANONYMOUS) ? $autologin : '';
$this->set_cookie('data', serialize($sessiondata), $current_time + 31536000);
$this->set_cookie('sid', $this->session_id, 0);
}
$this->set_cookie('data', serialize($sessiondata), $current_time + 31536000);
$this->set_cookie('sid', $this->session_id, 0);
$SID = '?sid=' . $this->session_id;
if ($this->data['user_id'] != ANONYMOUS)
@@ -359,12 +348,12 @@ class session
AND session_user_id = " . $this->data['user_id'];
$db->sql_query($sql);
$this->session_id = '';
// Reset some basic data immediately
$this->session_id = $this->data['username'] = '';
$this->data['user_id'] = ANONYMOUS;
$this->data['session_admin'] = 0;
if ($this->data['user_id'] != ANONYMOUS)
{
// Trigger EVENT_END_SESSION
}
// Trigger EVENT_END_SESSION
return true;
}
@@ -544,7 +533,7 @@ class user extends session
$this->add_lang($lang_set);
unset($lang_set);
if (!empty($_GET['style']) && $auth->acl_get('a_styles'))
{
global $SID;
@@ -690,7 +679,7 @@ class user extends session
// $lang == $this->lang
// $help == $this->help
// - add appropiate variables here, name them as they are used within the language file...
if (!$use_db)
{
require($this->lang_path . (($use_help) ? 'help_' : '') . "$lang_file.$phpEx");
@@ -1159,9 +1148,9 @@ class auth
}
// Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
function login($username, $password, $autologin = false, $viewonline = 1)
function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0)
{
global $config, $user, $phpbb_root_path, $phpEx;
global $config, $db, $user, $phpbb_root_path, $phpEx;
$method = trim($config['auth_method']);
@@ -1182,8 +1171,7 @@ class auth
$autologin = (!empty($autologin)) ? md5($password) : '';
// Trigger EVENT_LOGIN
return $user->create($login['user_id'], $autologin, true, $viewonline);
return $user->create($login['user_id'], $autologin, true, $viewonline, $admin);
}
}

126
phpBB/includes/ucp/ucp_groups.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : ucp_groups.php
// STARTED : Sun Jun 6, 2004
// COPYRIGHT : <20> 2001, 2004 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_groups extends module
{
function ucp_groups($id, $mode)
{
global $config, $db, $user, $auth, $SID, $template, $phpbb_root_path, $phpEx;
$user->add_lang('groups');
$submit = (!empty($_POST['submit'])) ? true : false;
$delete = (!empty($_POST['delete'])) ? true : false;
$error = $data = array();
switch ($mode)
{
case 'membership':
$sql = 'SELECT g.group_id, g.group_name, g.group_description, g.group_type, ug.group_leader, ug.user_pending
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
$group_id_ary = array();
$leader_count = $member_count = $pending_count = 0;
while ($row = $db->sql_fetchrow($result))
{
$block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member');
$template->assign_block_vars($block, array(
'GROUP_ID' => $row['group_id'],
'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? $row['group_description'] : $user->lang['GROUP_IS_SPECIAL'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'U_VIEW_GROUP' => "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'],
'S_GROUP_DEFAULT' => ($row['group_id'] == $user->data['group_id']) ? true : false,
'S_ROW_COUNT' => ${$block . '_count'}++,)
);
$group_id_ary[] = $row['group_id'];
}
$db->sql_freeresult($result);
// Hide hidden groups unless user is an admin with group privileges
$sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_description, group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id NOT IN (' . implode(', ', $group_id_ary) . ")
AND group_type $sql_and
ORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$nonmember_count = 0;
while ($row = $db->sql_fetchrow($result))
{
$template->assign_block_vars('nonmember', array(
'GROUP_ID' => $row['group_id'],
'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
'GROUP_DESC' => $row['group_description'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true,
'U_VIEW_GROUP' => "memberlist.$phpEx$SID&amp;mode=group&amp;g=" . $row['group_id'],
'S_ROW_COUNT' => $nonmember_count++,)
);
}
$db->sql_freeresult($result);
$template->assign_vars(array(
'S_CHANGE_DEFAULT' => ($auth->acl_get('u_chggrp')) ? true : false,
'S_LEADER_COUNT' => $leader_count,
'S_MEMBER_COUNT' => $member_count,
'S_PENDING_COUNT' => $pending_count,
'S_NONMEMBER_COUNT' => $nonmember_count,)
);
break;
case 'manage':
break;
}
$this->display($user->lang['UCP_GROUPS'], 'ucp_groups_' . $mode . '.html');
}
}
/*
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template('group_request', $moderator['user_lang']);
$emailer->email_address($moderator['user_email']);
$emailer->set_subject();//$lang['Group_request']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'GROUP_MODERATOR' => $moderator['username'],
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_GROUPCP' => $server_url . '?' . 'g' . "=$group_id&validate=true")
);
$emailer->send();
$emailer->reset();
*/
?>

174
phpBB/includes/ucp/ucp_prefs.php
View File

@@ -7,11 +7,11 @@
// STARTED : Mon May 19, 2003
// COPYRIGHT : <20> 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_prefs extends module
class ucp_prefs extends module
{
function ucp_prefs($id, $mode)
{
@@ -28,18 +28,18 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'dateformat' => (string) $config['default_dateformat'],
'lang' => (string) $config['default_lang'],
'tz' => (float) $config['board_timezone'],
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
'style' => (int) $config['default_style'],
'dst' => (bool) $config['board_dst'],
'viewemail' => false,
'massemail' => true,
'hideonline' => false,
'notifymethod' => 0,
'notifypm' => true,
'popuppm' => false,
'allowpm' => true,
);
foreach ($var_ary as $var => $default)
@@ -48,7 +48,7 @@ class ucp_prefs extends module
}
$var_ary = array(
'dateformat' => array('string', false, 3, 15),
'dateformat' => array('string', false, 3, 15),
'lang' => array('match', false, '#^[a-z_]{2,}$#i'),
'tz' => array('num', false, -13, 13),
);
@@ -63,13 +63,13 @@ class ucp_prefs extends module
if (!sizeof($error))
{
$sql_ary = array(
'user_allow_pm' => $allowpm,
'user_allow_viewemail' => $viewemail,
'user_allow_massemail' => $massemail,
'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$hideonline : $user->data['user_allow_viewonline'],
'user_notify_type' => $notifymethod,
'user_allow_pm' => $allowpm,
'user_allow_viewemail' => $viewemail,
'user_allow_massemail' => $massemail,
'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$hideonline : $user->data['user_allow_viewonline'],
'user_notify_type' => $notifymethod,
'user_notify_pm' => $notifypm,
'user_options' => $user->data['user_options'],
'user_options' => $user->data['user_options'],
'user_dst' => $dst,
'user_dateformat' => $dateformat,
@@ -78,7 +78,7 @@ class ucp_prefs extends module
'user_style' => $style,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -117,34 +117,34 @@ class ucp_prefs extends module
$style = (isset($style)) ? $style : $user->data['user_style'];
$tz = (isset($tz)) ? $tz : $user->data['user_timezone'];
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'VIEW_EMAIL_YES' => $view_email_yes,
'VIEW_EMAIL_NO' => $view_email_no,
'ADMIN_EMAIL_YES' => $mass_email_yes,
'ADMIN_EMAIL_NO' => $mass_email_no,
'HIDE_ONLINE_YES' => $hide_online_yes,
'HIDE_ONLINE_NO' => $hide_online_no,
'ALLOW_PM_YES' => $allow_pm_yes,
'ALLOW_PM_NO' => $allow_pm_no,
'NOTIFY_PM_YES' => $notify_pm_yes,
'NOTIFY_PM_NO' => $notify_pm_no,
'POPUP_PM_YES' => $popup_pm_yes,
'POPUP_PM_NO' => $popup_pm_no,
'DST_YES' => $dst_yes,
'DST_NO' => $dst_no,
'NOTIFY_EMAIL' => ($notifymethod == NOTIFY_EMAIL) ? 'checked="checked"' : '',
'NOTIFY_IM' => ($notifymethod == NOTIFY_IM) ? 'checked="checked"' : '',
'NOTIFY_BOTH' => ($notifymethod == NOTIFY_BOTH) ? 'checked="checked"' : '',
'VIEW_EMAIL_YES' => $view_email_yes,
'VIEW_EMAIL_NO' => $view_email_no,
'ADMIN_EMAIL_YES' => $mass_email_yes,
'ADMIN_EMAIL_NO' => $mass_email_no,
'HIDE_ONLINE_YES' => $hide_online_yes,
'HIDE_ONLINE_NO' => $hide_online_no,
'ALLOW_PM_YES' => $allow_pm_yes,
'ALLOW_PM_NO' => $allow_pm_no,
'NOTIFY_PM_YES' => $notify_pm_yes,
'NOTIFY_PM_NO' => $notify_pm_no,
'POPUP_PM_YES' => $popup_pm_yes,
'POPUP_PM_NO' => $popup_pm_no,
'DST_YES' => $dst_yes,
'DST_NO' => $dst_no,
'NOTIFY_EMAIL' => ($notifymethod == NOTIFY_EMAIL) ? 'checked="checked"' : '',
'NOTIFY_IM' => ($notifymethod == NOTIFY_IM) ? 'checked="checked"' : '',
'NOTIFY_BOTH' => ($notifymethod == NOTIFY_BOTH) ? 'checked="checked"' : '',
'DATE_FORMAT' => $dateformat,
'DATE_FORMAT' => $dateformat,
'S_LANG_OPTIONS' => language_select($lang),
'S_LANG_OPTIONS' => language_select($lang),
'S_STYLE_OPTIONS' => style_select($style),
'S_TZ_OPTIONS' => tz_select($tz),
'S_CAN_HIDE_ONLINE' => true,
'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false,
'S_CAN_HIDE_ONLINE' => true,
'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false,
)
);
break;
@@ -154,16 +154,16 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'sk' => (string) 't',
'sd' => (string) 'd',
'sk' => (string) 't',
'sd' => (string) 'd',
'st' => 0,
'images' => true,
'flash' => false,
'smilies' => true,
'sigs' => true,
'avatars' => true,
'wordcensor'=> false,
'images' => true,
'flash' => false,
'smilies' => true,
'sigs' => true,
'avatars' => true,
'wordcensor'=> false,
);
foreach ($var_ary as $var => $default)
@@ -172,8 +172,8 @@ class ucp_prefs extends module
}
$var_ary = array(
'sk' => array('string', false, 1, 1),
'sd' => array('string', false, 1, 1),
'sk' => array('string', false, 1, 1),
'sd' => array('string', false, 1, 1),
);
$error = validate_data($data, $var_ary);
@@ -193,13 +193,13 @@ class ucp_prefs extends module
}
$sql_ary = array(
'user_options' => $user->data['user_options'],
'user_options' => $user->data['user_options'],
'user_sortby_type' => $sk,
'user_sortby_dir' => $sd,
'user_show_days' => $st,
'user_show_days' => $st,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -242,25 +242,25 @@ class ucp_prefs extends module
$wordcensor_yes = ($wordcensor) ? ' checked="checked"' : '';
$wordcensor_no = (!$wordcensor) ? ' checked="checked"' : '';
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'VIEW_IMAGES_YES' => $images_yes,
'VIEW_IMAGES_NO' => $images_no,
'VIEW_FLASH_YES' => $flash_yes,
'VIEW_FLASH_NO' => $flash_no,
'VIEW_SMILIES_YES' => $smilies_yes,
'VIEW_SMILIES_NO' => $smilies_no,
'VIEW_SIGS_YES' => $sigs_yes,
'VIEW_SIGS_NO' => $sigs_no,
'VIEW_AVATARS_YES' => $avatars_yes,
'VIEW_IMAGES_YES' => $images_yes,
'VIEW_IMAGES_NO' => $images_no,
'VIEW_FLASH_YES' => $flash_yes,
'VIEW_FLASH_NO' => $flash_no,
'VIEW_SMILIES_YES' => $smilies_yes,
'VIEW_SMILIES_NO' => $smilies_no,
'VIEW_SIGS_YES' => $sigs_yes,
'VIEW_SIGS_NO' => $sigs_no,
'VIEW_AVATARS_YES' => $avatars_yes,
'VIEW_AVATARS_NO' => $avatars_no,
'DISABLE_CENSORS_YES' => $wordcensor_yes,
'DISABLE_CENSORS_YES' => $wordcensor_yes,
'DISABLE_CENSORS_NO' => $wordcensor_no,
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors')) ? true : false,
'S_SELECT_SORT_DAYS' => $s_limit_days,
'S_SELECT_SORT_KEY' => $s_sort_key,
'S_SELECT_SORT_KEY' => $s_sort_key,
'S_SELECT_SORT_DIR' => $s_sort_dir)
);
@@ -271,11 +271,11 @@ class ucp_prefs extends module
if ($submit)
{
$var_ary = array(
'bbcode' => true,
'html' => false,
'bbcode' => true,
'html' => false,
'smilies' => true,
'sig' => true,
'notify' => false,
'sig' => true,
'notify' => false,
);
foreach ($var_ary as $var => $default)
@@ -295,7 +295,7 @@ class ucp_prefs extends module
'user_notify' => $notify,
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -305,7 +305,7 @@ class ucp_prefs extends module
trigger_error($message);
}
}
$bbcode = (isset($bbcode)) ? $bbcode : $user->optionget('bbcode');
$bbcode_yes = ($bbcode) ? ' checked="checked"' : '';
$bbcode_no = (!$bbcode) ? ' checked="checked"' : '';
@@ -322,24 +322,24 @@ class ucp_prefs extends module
$notify_yes = ($notify) ? ' checked="checked"' : '';
$notify_no = (!$notify) ? ' checked="checked"' : '';
$template->assign_vars(array(
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'DEFAULT_BBCODE_YES' => $bbcode_yes,
'DEFAULT_BBCODE_NO' => $bbcode_no,
'DEFAULT_HTML_YES' => $html_yes,
'DEFAULT_HTML_NO' => $html_no,
'DEFAULT_SMILIES_YES' => $smilies_yes,
'DEFAULT_SMILIES_NO' => $smilies_no,
'DEFAULT_SIG_YES' => $sig_yes,
'DEFAULT_SIG_NO' => $sig_no,
'DEFAULT_NOTIFY_YES' => $notify_yes,
'DEFAULT_BBCODE_YES' => $bbcode_yes,
'DEFAULT_BBCODE_NO' => $bbcode_no,
'DEFAULT_HTML_YES' => $html_yes,
'DEFAULT_HTML_NO' => $html_no,
'DEFAULT_SMILIES_YES' => $smilies_yes,
'DEFAULT_SMILIES_NO' => $smilies_no,
'DEFAULT_SIG_YES' => $sig_yes,
'DEFAULT_SIG_NO' => $sig_no,
'DEFAULT_NOTIFY_YES' => $notify_yes,
'DEFAULT_NOTIFY_NO' => $notify_no,)
);
break;
}
$template->assign_vars(array(
$template->assign_vars(array(
'L_TITLE' => $user->lang['UCP_PREFS_' . strtoupper($mode)],
'S_HIDDEN_FIELDS' => $s_hidden_fields,

215
phpBB/includes/ucp/ucp_profile.php
View File

@@ -7,8 +7,8 @@
// STARTED : Mon May 19, 2003
// COPYRIGHT : <20> 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class ucp_profile extends module
@@ -31,12 +31,12 @@ class ucp_profile extends module
if ($submit)
{
$var_ary = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
foreach ($var_ary as $var => $default)
@@ -46,15 +46,15 @@ class ucp_profile extends module
$var_ary = array(
'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', $username)),
'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'new_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'cur_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'new_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'cur_password' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
'email' => array(
array('string', false, 6, 60),
array('email', $email)),
'email_confirm' => array('string', true, 6, 60),
array('string', false, 6, 60),
array('email', $email)),
'email_confirm' => array('string', true, 6, 60),
);
$error = validate_data($data, $var_ary);
@@ -79,11 +79,11 @@ class ucp_profile extends module
if (!sizeof($error))
{
$sql_ary = array(
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => time(),
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => time(),
);
if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
@@ -128,7 +128,7 @@ class ucp_profile extends module
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
FROM ' . USERS_TABLE . '
WHERE user_id IN (' . implode(', ', $admin_ary[0]['a_user']) .')';
$result = $db->sql_query($sql);
@@ -159,8 +159,8 @@ class ucp_profile extends module
);
}
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -181,17 +181,17 @@ class ucp_profile extends module
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'CUR_PASSWORD' => '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang['CHANGE_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_FORCE_PASSWORD' => ($config['chg_passforce'] && $this->data['user_passchg'] < time() - $config['chg_passforce']) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang['CHANGE_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_FORCE_PASSWORD' => ($config['chg_passforce'] && $this->data['user_passchg'] < time() - $config['chg_passforce']) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
'S_CHANGE_EMAIL' => ($auth->acl_get('u_chgemail')) ? true : false,
'S_CHANGE_PASSWORD' => ($auth->acl_get('u_chgpasswd')) ? true : false)
);
@@ -207,12 +207,12 @@ class ucp_profile extends module
if ($submit)
{
$var_ary = array(
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'location' => (string) '',
'occupation' => (string) '',
'interests' => (string) '',
@@ -228,20 +228,20 @@ class ucp_profile extends module
$var_ary = array(
'icq' => array(
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
'aim' => array('string', true, 5, 255),
'msn' => array('string', true, 5, 255),
array('string', true, 3, 15),
array('match', true, '#^[0-9]+$#i')),
'aim' => array('string', true, 5, 255),
'msn' => array('string', true, 5, 255),
'jabber' => array(
array('string', true, 5, 255),
array('string', true, 5, 255),
array('match', true, '#^[a-z0-9\.\-_\+]+?@(.*?\.)*?[a-z0-9\-_]+?\.[a-z]{2,4}(/.*)?$#i')),
'yim' => array('string', true, 5, 255),
'yim' => array('string', true, 5, 255),
'website' => array(
array('string', true, 12, 255),
array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
'location' => array('string', true, 2, 255),
'occupation' => array('string', true, 2, 500),
'interests' => array('string', true, 2, 500),
array('string', true, 12, 255),
array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
'location' => array('string', true, 2, 255),
'occupation' => array('string', true, 2, 500),
'interests' => array('string', true, 2, 500),
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
@@ -269,7 +269,7 @@ class ucp_profile extends module
'user_birthday' => sprintf('%2d-%2d-%4d', $bday_day, $bday_month, $bday_year),
);
$sql = 'UPDATE ' . USERS_TABLE . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -277,7 +277,7 @@ class ucp_profile extends module
// Update Custom Fields
if (sizeof($cp_data))
{
$sql = 'UPDATE ' . PROFILE_DATA_TABLE . '
$sql = 'UPDATE ' . PROFILE_DATA_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $cp_data) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -333,21 +333,21 @@ class ucp_profile extends module
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,)
);
// Get additional profile fields and assign them to the template block var 'profile_fields'
$user->get_profile_fields($user->data['user_id']);
@@ -360,11 +360,11 @@ class ucp_profile extends module
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
$var_ary = array(
'enable_html' => (bool) $config['allow_html'],
'enable_bbcode' => (bool) $config['allow_bbcode'],
'enable_html' => (bool) $config['allow_html'],
'enable_bbcode' => (bool) $config['allow_bbcode'],
'enable_smilies' => (bool) $config['allow_smilies'],
'enable_urls' => true,
'signature' => (string) $user->data['user_sig'],
'enable_urls' => true,
'signature' => (string) $user->data['user_sig'],
);
@@ -388,13 +388,13 @@ class ucp_profile extends module
$message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies);
$sql_ary = array(
'user_sig' => (string) $message_parser->message,
'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
'user_sig' => (string) $message_parser->message,
'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
'user_sig_bbcode_bitfield' => (int) $message_parser->bbcode_bitfield
);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -430,21 +430,20 @@ class ucp_profile extends module
$signature_preview = str_replace("\n", '<br />', censor_text($signature_preview));
}
$html_status = ($config['allow_html']) ? true : false;
$bbcode_status = ($config['allow_bbcode']) ? true : false;
$smilies_status = ($config['allow_smilies']) ? true : false;
$html_status = ($config['allow_html']) ? true : false;
$bbcode_status = ($config['allow_bbcode']) ? true : false;
$smilies_status = ($config['allow_smilies']) ? true : false;
// NOTE: allow_img and allow_flash do not exist in config table
$img_status = ($config['allow_img']) ? true : false;
$flash_status = ($config['allow_flash']) ? true : false;
$img_status = ($config['allow_img']) ? true : false;
$flash_status = ($config['allow_flash']) ? true : false;
decode_text($signature, $user->data['user_sig_bbcode_uid']);
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'SIGNATURE' => $signature,
'SIGNATURE_PREVIEW' => $signature_preview,
'SIGNATURE_PREVIEW' => $signature_preview,
'S_HTML_CHECKED' => (!$enable_html) ? 'checked="checked"' : '',
'S_BBCODE_CHECKED' => (!$enable_bbcode) ? 'checked="checked"' : '',
'S_SMILIES_CHECKED' => (!$enable_smilies) ? 'checked="checked"' : '',
@@ -456,10 +455,10 @@ class ucp_profile extends module
'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
'S_HTML_ALLOWED' => $config['allow_html'],
'S_BBCODE_ALLOWED' => $config['allow_bbcode'],
'S_HTML_ALLOWED' => $config['allow_html'],
'S_BBCODE_ALLOWED' => $config['allow_bbcode'],
'S_SMILIES_ALLOWED' => $config['allow_smilies'],)
);
break;
@@ -469,16 +468,16 @@ class ucp_profile extends module
$display_gallery = (isset($_POST['displaygallery'])) ? true : false;
$avatar_category = request_var('category', '');
// Can we upload?
// Can we upload?
$can_upload = ($config['allow_avatar_upload'] && file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false;
if ($submit)
{
$var_ary = array(
'uploadurl' => (string) '',
'remotelink' => (string) '',
'uploadurl' => (string) '',
'remotelink' => (string) '',
'width' => (string) '',
'height' => (string) '',
'height' => (string) '',
);
foreach ($var_ary as $var => $default)
@@ -487,10 +486,10 @@ class ucp_profile extends module
}
$var_ary = array(
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
'uploadurl' => array('string', true, 5, 255),
'remotelink' => array('string', true, 5, 255),
'width' => array('string', true, 1, 3),
'height' => array('string', true, 1, 3),
);
$error = validate_data($data, $var_ary);
@@ -519,14 +518,14 @@ class ucp_profile extends module
if (sizeof($data))
{
$sql_ary = array(
'user_avatar' => $filename,
'user_avatar_type' => $type,
'user_avatar_width' => $width,
'user_avatar_height' => $height,
'user_avatar' => $filename,
'user_avatar_type' => $type,
'user_avatar_width' => $width,
'user_avatar_height' => $height,
);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user->data['user_id'];
$db->sql_query($sql);
@@ -565,11 +564,11 @@ class ucp_profile extends module
}
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'S_FORM_ENCTYPE' => ($can_upload) ? ' enctype="multipart/form-data"' : '',
'S_FORM_ENCTYPE' => ($can_upload) ? ' enctype="multipart/form-data"' : '',
'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)),)
);
@@ -611,16 +610,16 @@ class ucp_profile extends module
else
{
$template->assign_vars(array(
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'S_UPLOAD_AVATAR_FILE' => $can_upload,
'S_UPLOAD_AVATAR_URL' => $can_upload,
'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false,
'S_UPLOAD_AVATAR_URL' => $can_upload,
'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false,
'S_GALLERY_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false,
'S_AVATAR_CAT_OPTIONS' => $s_categories,
'S_AVATAR_CAT_OPTIONS' => $s_categories,
'S_AVATAR_PAGE_OPTIONS' => $s_pages,)
);
}