mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-11 03:04:09 +02:00
Code Issues Releases Wiki Activity

- now username changes should work as desired

Browse Source 
- removed some extract() calls


git-svn-id: file:///svn/phpbb/trunk@6517 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-10-22 13:32:33 +00:00
parent 44ea780de6
commit 22129be21f
12 changed files with 172 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
phpBB/includes/ucp/ucp_profile.php
View File

@@ -33,20 +33,20 @@ class ucp_profile
{
case 'reg_details':
$data = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
if ($submit)
{
$var_ary = array(
'username' => $user->data['username'],
'email' => $user->data['user_email'],
'email_confirm' => (string) '',
'new_password' => (string) '',
'cur_password' => (string) '',
'password_confirm' => (string) '',
);
foreach ($var_ary as $var => $default)
foreach ($data as $var => $default)
{
$data[$var] = request_var($var, $default);
$data[$var] = ($var == 'username') ? request_var($var, $default, true) : request_var($var, $default);
}
// Do not check cur_password, it is the old one.
@@ -70,26 +70,24 @@ class ucp_profile
}
$error = validate_data($data, $var_ary);
extract($data);
unset($data);
if ($auth->acl_get('u_chgpasswd') && $new_password && $password_confirm != $new_password)
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
{
$error[] = 'NEW_PASSWORD_ERROR';
}
if (($new_password || ($auth->acl_get('u_chgemail') && $email != $user->data['user_email']) || ($username != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && md5($cur_password) != $user->data['user_password'])
if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && md5($data['cur_password']) != $user->data['user_password'])
{
$error[] = 'CUR_PASSWORD_ERROR';
}
// Only check the new password against the previous password if there have been no errors
if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $new_password && md5($new_password) == $user->data['user_password'])
if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && md5($data['new_password']) == $user->data['user_password'])
{
$error[] = 'SAME_PASSWORD_ERROR';
}
if ($auth->acl_get('u_chgemail') && $email != $user->data['user_email'] && $email_confirm != $email)
if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email'])
{
$error[] = 'NEW_EMAIL_ERROR';
}
@@ -97,31 +95,31 @@ class ucp_profile
if (!sizeof($error))
{
$sql_ary = array(
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $username : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($username) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $email : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($email)) . strlen($email) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $new_password) ? md5($new_password) : $user->data['user_password'],
'user_passchg' => ($auth->acl_get('u_chgpasswd') && $new_password) ? time() : 0,
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'],
'user_email_hash' => ($auth->acl_get('u_chgemail')) ? crc32(strtolower($data['email'])) . strlen($data['email']) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? md5($data['new_password']) : $user->data['user_password'],
'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0,
);
if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $username != $user->data['username'])
if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username'])
{
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $username);
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']);
}
if ($auth->acl_get('u_chgpasswd') && $new_password && md5($new_password) != $user->data['user_password'])
if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && md5($data['new_password']) != $user->data['user_password'])
{
$user->reset_login_keys();
add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $username);
add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']);
}
if ($auth->acl_get('u_chgemail') && $email != $user->data['user_email'])
if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'])
{
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email);
add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']);
}
if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
if ($config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
@@ -138,7 +136,7 @@ class ucp_profile
$messenger->template($template_file, $user->data['user_lang']);
$messenger->replyto($config['board_contact']);
$messenger->to($email, $username);
$messenger->to($data['email'], $data['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
@@ -147,7 +145,7 @@ class ucp_profile
$messenger->assign_vars(array(
'SITENAME' => $config['sitename'],
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
@@ -157,12 +155,21 @@ class ucp_profile
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
// Grab an array of user_id's with a_user permissions
// Grab an array of user_id's with a_user permissions ... these users can activate a user
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
// Also include founders
$where_sql = ' WHERE user_type = ' . USER_FOUNDER;
if (sizeof($admin_ary))
{
$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
}
$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
WHERE ' . $db->sql_in_set('user_id', $admin_ary[0]['a_user']);
FROM ' . USERS_TABLE . ' ' .
$where_sql;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@@ -173,7 +180,7 @@ class ucp_profile
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
'USERNAME' => html_entity_decode($username),
'USERNAME' => html_entity_decode($username, ENT_QUOTES, 'UTF-8'),
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
@@ -202,9 +209,9 @@ class ucp_profile
}
// Need to update config, forum, topic, posting, messages, etc.
if ($username != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])
if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])
{
user_update_name($user->data['username'], $username);
user_update_name($user->data['username'], $data['username']);
}
meta_refresh(3, $this->u_action);
@@ -222,10 +229,10 @@ class ucp_profile
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => (isset($username)) ? $username : $user->data['username'],
'EMAIL' => (isset($email)) ? $email : $user->data['user_email'],
'PASSWORD_CONFIRM' => (isset($password_confirm)) ? $password_confirm : '',
'NEW_PASSWORD' => (isset($new_password)) ? $new_password : '',
'USERNAME' => $data['username'],
'EMAIL' => $data['email'],
'PASSWORD_CONFIRM' => $data['password_confirm'],
'NEW_PASSWORD' => $data['new_password'],
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
@@ -246,24 +253,29 @@ class ucp_profile
$cp_data = $cp_error = array();
$data = array(
'icq' => (string) $user->data['user_icq'],
'aim' => (string) $user->data['user_aim'],
'msn' => (string) $user->data['user_msnm'],
'yim' => (string) $user->data['user_yim'],
'jabber' => (string) $user->data['user_jabber'],
'website' => (string) $user->data['user_website'],
'location' => (string) $user->data['user_from'],
'occupation' => (string) $user->data['user_occ'],
'interests' => (string) $user->data['user_interests'],
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
if ($user->data['user_birthday'])
{
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
}
if ($submit)
{
$var_ary = array(
'icq' => (string) '',
'aim' => (string) '',
'msn' => (string) '',
'yim' => (string) '',
'jabber' => (string) '',
'website' => (string) '',
'location' => (string) '',
'occupation' => (string) '',
'interests' => (string) '',
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
);
foreach ($var_ary as $var => $default)
foreach ($data as $var => $default)
{
$data[$var] = (in_array($var, array('location', 'occupation', 'interests'))) ? request_var($var, $default, true) : request_var($var, $default);
}
@@ -290,8 +302,6 @@ class ucp_profile
);
$error = validate_data($data, $var_ary);
extract($data);
unset($data);
// validate custom profile fields
$cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error);
@@ -304,16 +314,16 @@ class ucp_profile
if (!sizeof($error))
{
$sql_ary = array(
'user_icq' => $icq,
'user_aim' => $aim,
'user_msnm' => $msn,
'user_yim' => $yim,
'user_jabber' => $jabber,
'user_website' => $website,
'user_from' => $location,
'user_occ' => $occupation,
'user_interests'=> $interests,
'user_birthday' => sprintf('%2d-%2d-%4d', $bday_day, $bday_month, $bday_year),
'user_icq' => $data['icq'],
'user_aim' => $data['aim'],
'user_msnm' => $data['msn'],
'user_yim' => $data['yim'],
'user_jabber' => $data['jabber'],
'user_website' => $data['website'],
'user_from' => $data['location'],
'user_occ' => $data['occupation'],
'user_interests'=> $data['interests'],
'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
);
$sql = 'UPDATE ' . USERS_TABLE . '
@@ -351,38 +361,26 @@ class ucp_profile
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
if (!isset($bday_day))
{
if ($user->data['user_birthday'])
{
list($bday_day, $bday_month, $bday_year) = explode('-', $user->data['user_birthday']);
}
else
{
$bday_day = $bday_month = $bday_year = 0;
}
}
$s_birthday_day_options = '<option value="0"' . ((!$bday_day) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 32; $i++)
{
$selected = ($i == $bday_day) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
$s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
}
$s_birthday_month_options = '<option value="0"' . ((!$bday_month) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 13; $i++)
{
$selected = ($i == $bday_month) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
$s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
}
$s_birthday_year_options = '';
$now = getdate();
$s_birthday_year_options = '<option value="0"' . ((!$bday_year) ? ' selected="selected"' : '') . '>--</option>';
$s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
for ($i = $now['year'] - 100; $i < $now['year']; $i++)
{
$selected = ($i == $bday_year) ? ' selected="selected"' : '';
$selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
$s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
}
unset($now);
@@ -390,15 +388,15 @@ class ucp_profile
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'ICQ' => (isset($icq)) ? $icq : $user->data['user_icq'],
'YIM' => (isset($yim)) ? $yim : $user->data['user_yim'],
'AIM' => (isset($aim)) ? $aim : $user->data['user_aim'],
'MSN' => (isset($msn)) ? $msn : $user->data['user_msnm'],
'JABBER' => (isset($jabber)) ? $jabber : $user->data['user_jabber'],
'WEBSITE' => (isset($website)) ? $website : $user->data['user_website'],
'LOCATION' => (isset($location)) ? $location : $user->data['user_from'],
'OCCUPATION'=> (isset($occupation)) ? $occupation : $user->data['user_occ'],
'INTERESTS' => (isset($interests)) ? $interests : $user->data['user_interests'],
'ICQ' => $data['icq'],
'YIM' => $data['yim'],
'AIM' => $data['aim'],
'MSN' => $data['msn'],
'JABBER' => $data['jabber'],
'WEBSITE' => $data['website'],
'LOCATION' => $data['location'],
'OCCUPATION'=> $data['occupation'],
'INTERESTS' => $data['interests'],
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
@@ -607,9 +605,6 @@ class ucp_profile
trigger_error($message);
}
extract($data);
unset($data);
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
}
@@ -653,8 +648,8 @@ class ucp_profile
$template->assign_vars(array(
'AVATAR' => $avatar_img,
'AVATAR_SIZE' => $config['avatar_filesize'],
'WIDTH' => (isset($width)) ? $width : $user->data['user_avatar_width'],
'HEIGHT' => (isset($height)) ? $height : $user->data['user_avatar_height'],
'WIDTH' => (isset($data['width'])) ? $data['width'] : $user->data['user_avatar_width'],
'HEIGHT' => (isset($data['height'])) ? $data['height'] : $user->data['user_avatar_height'],
'S_UPLOAD_AVATAR_FILE' => $can_upload,
'S_UPLOAD_AVATAR_URL' => $can_upload,