| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 // Disallow direct access to this file for security reasons 13 if(!defined("IN_MYBB")) 14 { 15 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 16 } 17 18 // should also have a 'view coppa awaiting activation' view 19 require_once MYBB_ROOT."inc/functions_upload.php"; 20 21 22 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 23 24 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 25 { 26 $sub_tabs['browse_users'] = array( 27 'title' => $lang->browse_users, 28 'link' => "index.php?module=user-users", 29 'description' => $lang->browse_users_desc 30 ); 31 32 $sub_tabs['find_users'] = array( 33 'title' => $lang->find_users, 34 'link' => "index.php?module=user-users&action=search", 35 'description' => $lang->find_users_desc 36 ); 37 38 $sub_tabs['create_user'] = array( 39 'title' => $lang->create_user, 40 'link' => "index.php?module=user-users&action=add", 41 'description' => $lang->create_user_desc 42 ); 43 44 $sub_tabs['merge_users'] = array( 45 'title' => $lang->merge_users, 46 'link' => "index.php?module=user-users&action=merge", 47 'description' => $lang->merge_users_desc 48 ); 49 } 50 51 $user_view_fields = array( 52 "avatar" => array( 53 "title" => $lang->avatar, 54 "width" => "24", 55 "align" => "" 56 ), 57 58 "username" => array( 59 "title" => $lang->username, 60 "width" => "", 61 "align" => "" 62 ), 63 64 "email" => array( 65 "title" => $lang->email, 66 "width" => "", 67 "align" => "center" 68 ), 69 70 "usergroup" => array( 71 "title" => $lang->primary_group, 72 "width" => "", 73 "align" => "center" 74 ), 75 76 "additionalgroups" => array( 77 "title" => $lang->additional_groups, 78 "width" => "", 79 "align" => "center" 80 ), 81 82 "regdate" => array( 83 "title" => $lang->registered, 84 "width" => "", 85 "align" => "center" 86 ), 87 88 "lastactive" => array( 89 "title" => $lang->last_active, 90 "width" => "", 91 "align" => "center" 92 ), 93 94 "postnum" => array( 95 "title" => $lang->post_count, 96 "width" => "", 97 "align" => "center" 98 ), 99 100 "reputation" => array( 101 "title" => $lang->reputation, 102 "width" => "", 103 "align" => "center" 104 ), 105 106 "warninglevel" => array( 107 "title" => $lang->warning_level, 108 "width" => "", 109 "align" => "center" 110 ), 111 112 "regip" => array( 113 "title" => $lang->registration_ip, 114 "width" => "", 115 "align" => "center" 116 ), 117 118 "lastip" => array( 119 "title" => $lang->last_known_ip, 120 "width" => "", 121 "align" => "center" 122 ), 123 124 "controls" => array( 125 "title" => $lang->controls, 126 "width" => "", 127 "align" => "center" 128 ) 129 ); 130 131 $sort_options = array( 132 "username" => $lang->username, 133 "regdate" => $lang->registration_date, 134 "lastactive" => $lang->last_active, 135 "numposts" => $lang->post_count, 136 "reputation" => $lang->reputation, 137 "warninglevel" => $lang->warning_level 138 ); 139 140 $plugins->run_hooks("admin_user_users_begin"); 141 142 // Initialise the views manager for user based views 143 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 144 if($mybb->input['action'] == "views") 145 { 146 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 147 } 148 149 if($mybb->input['action'] == "avatar_gallery") 150 { 151 $plugins->run_hooks("admin_user_users_avatar_gallery"); 152 153 $user = get_user($mybb->input['uid']); 154 if(!$user['uid']) 155 { 156 exit; 157 } 158 159 // We've selected a new avatar for this user! 160 if(isset($mybb->input['avatar'])) 161 { 162 if(!verify_post_check($mybb->input['my_post_key'])) 163 { 164 echo $lang->invalid_post_verify_key2; 165 exit; 166 } 167 168 $mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']); 169 170 if(file_exists("../".$mybb->settings['avatardir']."/".$mybb->input['avatar'])) 171 { 172 $dimensions = @getimagesize("../".$mybb->settings['avatardir']."/".$mybb->input['avatar']); 173 $updated_avatar = array( 174 "avatar" => $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar'].'?dateline='.TIME_NOW), 175 "avatardimensions" => "{$dimensions[0]}|{$dimensions[1]}", 176 "avatartype" => "gallery" 177 ); 178 179 $db->update_query("users", $updated_avatar, "uid='".$user['uid']."'"); 180 181 $plugins->run_hooks("admin_user_users_avatar_gallery_commit"); 182 183 // Log admin action 184 log_admin_action($user['uid'], $user['username']); 185 } 186 remove_avatars($user['uid']); 187 // Now a tad of javascript to submit the parent window form 188 echo "<script type=\"text/javascript\">window.parent.submitUserForm();</script>"; 189 exit; 190 } 191 192 echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; 193 echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"; 194 echo "<head profile=\"http://gmpg.org/xfn/1\">\n"; 195 echo " <title>{$lang->avatar_gallery}</title>\n"; 196 echo " <link rel=\"stylesheet\" href=\"styles/".$page->style."/main.css\" type=\"text/css\" />\n"; 197 echo " <link rel=\"stylesheet\" href=\"styles/".$page->style."/avatar_gallery.css\" type=\"text/css\" />\n"; 198 echo " <script type=\"text/javascript\" src=\"../jscripts/prototype.js\"></script>\n"; 199 echo " <script type=\"text/javascript\" src=\"../jscripts/general.js\"></script>\n"; 200 echo "</head>\n"; 201 echo "<body id=\"avatar_gallery\">\n"; 202 203 // Sanitize incoming path if we have one 204 $gallery = ''; 205 if(isset($mybb->input['gallery'])) 206 { 207 $gallery = str_replace(array("..", "\x0"), "", $mybb->input['gallery']); 208 } 209 210 $breadcrumb = "<a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}\">Default Gallery</a>"; 211 212 $mybb->settings['avatardir'] = "../".$mybb->settings['avatardir']; 213 214 if(!is_dir($mybb->settings['avatardir']) && is_dir(MYBB_ROOT."/images/avatars/")) 215 { 216 $mybb->settings['avatardir'] = "../images/avatars/"; 217 } 218 219 // Within a gallery 220 if(!empty($gallery)) 221 { 222 $path = $gallery."/"; 223 $real_path = $mybb->settings['avatardir']."/".$path; 224 if(is_dir($real_path)) 225 { 226 // Build friendly gallery breadcrumb 227 $gallery_path = explode("/", $gallery); 228 foreach($gallery_path as $key => $url_bit) 229 { 230 if($breadcrumb_url) $breadcrumb_url .= "/"; 231 $breadcrumb_url .= $url_bit; 232 $gallery_name = str_replace(array("_", "%20"), " ", $url_bit); 233 $gallery_name = ucwords($gallery_name); 234 235 if($gallery_path[$key+1]) 236 { 237 $breadcrumb .= " » <a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&gallery={$breadcrumb_url}\">{$gallery_name}</a>"; 238 } 239 else 240 { 241 $breadcrumb .= " » {$gallery_name}"; 242 } 243 } 244 } 245 else 246 { 247 exit; 248 } 249 } 250 else 251 { 252 $path = ""; 253 $real_path = $mybb->settings['avatardir']; 254 } 255 256 // Get a listing of avatars/directories within this gallery 257 $sub_galleries = $avatars = array(); 258 $files = @scandir($real_path); 259 260 if(is_array($files)) 261 { 262 foreach($files as $file) 263 { 264 if($file == "." || $file == ".." || $file == ".svn") 265 { 266 continue; 267 } 268 269 // Build friendly name 270 $friendly_name = str_replace(array("_", "%20"), " ", $file); 271 $friendly_name = ucwords($friendly_name); 272 if(is_dir($real_path."/".$file)) 273 { 274 // Only add this gallery if there are avatars or galleries inside it (no empty directories!) 275 $has = 0; 276 $dh = @opendir($real_path."/".$file); 277 while(false !== ($sub_file = readdir($dh))) 278 { 279 if(preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $sub_file) || is_dir($real_path."/".$file."/".$sub_file)) 280 { 281 $has = 1; 282 break; 283 } 284 } 285 @closedir($dh); 286 if($has == 1) 287 { 288 $sub_galleries[] = array( 289 "path" => $path.$file, 290 "friendly_name" => $friendly_name 291 ); 292 } 293 } 294 else if(preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $file)) 295 { 296 $friendly_name = preg_replace("#\.(jpg|jpeg|gif|bmp|png)$#i", "", $friendly_name); 297 298 // Fetch dimensions 299 $dimensions = @getimagesize($real_path."/".$file); 300 301 $avatars[] = array( 302 "path" => $path.$file, 303 "friendly_name" => $friendly_name, 304 "width" => $dimensions[0], 305 "height" => $dimensions[1] 306 ); 307 } 308 } 309 } 310 311 require_once MYBB_ROOT."inc/functions_image.php"; 312 313 // Now we're done, we can simply show our gallery page 314 echo "<div id=\"gallery_breadcrumb\">{$breadcrumb}</div>\n"; 315 echo "<div id=\"gallery\">\n"; 316 echo "<ul id=\"galleries\">\n"; 317 if(is_array($sub_galleries)) 318 { 319 foreach($sub_galleries as $gallery) 320 { 321 if(!$gallery['thumb']) 322 { 323 $gallery['thumb'] = "styles/{$page->style}/images/avatar_gallery.gif"; 324 $gallery['thumb_width'] = 64; 325 $gallery['thumb_height'] = 64; 326 } 327 else 328 { 329 $gallery['thumb'] = "{$mybb->settings['avatardir']}/{$gallery['thumb']}"; 330 } 331 $scaled_dimensions = scale_image($gallery['thumb_width'], $gallery['thumb_height'], 80, 80); 332 $top = ceil((80-$scaled_dimensions['height'])/2); 333 $left = ceil((80-$scaled_dimensions['width'])/2); 334 echo "<li><a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&gallery={$gallery['path']}\"><span class=\"image\"><img src=\"{$gallery['thumb']}\" alt=\"\" style=\"margin-top: {$top}px;\" height=\"{$scaled_dimensions['height']}\" width=\"{$scaled_dimensions['width']}\"></span><span class=\"title\">{$gallery['friendly_name']}</span></a></li>\n"; 335 } 336 } 337 echo "</ul>\n"; 338 // Build the list of any actual avatars we have 339 echo "<ul id=\"avatars\">\n"; 340 if(is_array($avatars)) 341 { 342 foreach($avatars as $avatar) 343 { 344 $scaled_dimensions = scale_image($avatar['width'], $avatar['height'], 80, 80); 345 $top = ceil((80-$scaled_dimensions['height'])/2); 346 $left = ceil((80-$scaled_dimensions['width'])/2); 347 echo "<li><a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&avatar={$avatar['path']}&my_post_key={$mybb->post_code}\"><span class=\"image\"><img src=\"{$mybb->settings['avatardir']}/{$avatar['path']}\" alt=\"\" style=\"margin-top: {$top}px;\" height=\"{$scaled_dimensions['height']}\" width=\"{$scaled_dimensions['width']}\" /></span><span class=\"title\">{$avatar['friendly_name']}</span></a></li>\n"; 348 } 349 } 350 echo "</ul>\n"; 351 echo "</div>"; 352 echo "</body>"; 353 echo "</html>"; 354 exit; 355 } 356 357 if($mybb->input['action'] == "activate_user") 358 { 359 $plugins->run_hooks("admin_user_users_coppa_activate"); 360 361 if(!verify_post_check($mybb->input['my_post_key'])) 362 { 363 flash_message($lang->invalid_post_verify_key2, 'error'); 364 admin_redirect("index.php?module=user-users"); 365 } 366 367 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 368 $user = $db->fetch_array($query); 369 370 // Does the user not exist? 371 if(!$user['uid'] || $user['usergroup'] != 5) 372 { 373 flash_message($lang->error_invalid_user, 'error'); 374 admin_redirect("index.php?module=user-users"); 375 } 376 377 $updated_user['usergroup'] = $user['usergroup']; 378 379 // Update 380 if($user['coppauser']) 381 { 382 $updated_user = array( 383 "coppauser" => 0 384 ); 385 } 386 else 387 { 388 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 389 } 390 391 // Move out of awaiting activation if they're in it. 392 if($user['usergroup'] == 5) 393 { 394 $updated_user['usergroup'] = 2; 395 } 396 397 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 398 399 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 400 401 // Log admin action 402 log_admin_action($user['uid'], $user['username']); 403 404 if($mybb->input['from'] == "home") 405 { 406 if($user['coppauser']) 407 { 408 $message = $lang->success_coppa_activated; 409 } 410 else 411 { 412 $message = $lang->success_activated; 413 } 414 415 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 416 } 417 else 418 { 419 if($user['coppauser']) 420 { 421 flash_message($lang->success_coppa_activated, 'success'); 422 } 423 else 424 { 425 flash_message($lang->success_activated, 'success'); 426 } 427 } 428 429 if($admin_session['data']['last_users_url']) 430 { 431 $url = $admin_session['data']['last_users_url']; 432 update_admin_session('last_users_url', ''); 433 434 if($mybb->input['from'] == "home") 435 { 436 update_admin_session('from', 'home'); 437 } 438 } 439 else 440 { 441 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 442 } 443 444 admin_redirect($url); 445 } 446 447 if($mybb->input['action'] == "add") 448 { 449 $plugins->run_hooks("admin_user_users_add"); 450 451 if($mybb->request_method == "post") 452 { 453 // Determine the usergroup stuff 454 if(is_array($mybb->input['additionalgroups'])) 455 { 456 foreach($mybb->input['additionalgroups'] as $key => $gid) 457 { 458 if($gid == $mybb->input['usergroup']) 459 { 460 unset($mybb->input['additionalgroups'][$key]); 461 } 462 } 463 $additionalgroups = implode(",", $mybb->input['additionalgroups']); 464 } 465 else 466 { 467 $additionalgroups = ''; 468 } 469 470 // Set up user handler. 471 require_once MYBB_ROOT."inc/datahandlers/user.php"; 472 $userhandler = new UserDataHandler('insert'); 473 474 // Set the data for the new user. 475 $new_user = array( 476 "uid" => $mybb->input['uid'], 477 "username" => $mybb->input['username'], 478 "password" => $mybb->input['password'], 479 "password2" => $mybb->input['confirm_password'], 480 "email" => $mybb->input['email'], 481 "email2" => $mybb->input['email'], 482 "usergroup" => $mybb->input['usergroup'], 483 "additionalgroups" => $additionalgroups, 484 "displaygroup" => $mybb->input['displaygroup'], 485 "profile_fields" => $mybb->input['profile_fields'], 486 "profile_fields_editable" => true, 487 ); 488 489 // Set the data of the user in the datahandler. 490 $userhandler->set_data($new_user); 491 $errors = ''; 492 493 // Validate the user and get any errors that might have occurred. 494 if(!$userhandler->validate_user()) 495 { 496 $errors = $userhandler->get_friendly_errors(); 497 } 498 else 499 { 500 $user_info = $userhandler->insert_user(); 501 502 $plugins->run_hooks("admin_user_users_add_commit"); 503 504 // Log admin action 505 log_admin_action($user_info['uid'], $user_info['username']); 506 507 flash_message($lang->success_user_created, 'success'); 508 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 509 } 510 } 511 512 // Fetch custom profile fields - only need required profile fields here 513 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 514 while($profile_field = $db->fetch_array($query)) 515 { 516 $profile_fields['required'][] = $profile_field; 517 } 518 519 $page->add_breadcrumb_item($lang->create_user); 520 $page->output_header($lang->create_user); 521 522 $form = new Form("index.php?module=user-users&action=add", "post"); 523 524 $page->output_nav_tabs($sub_tabs, 'create_user'); 525 526 // If we have any error messages, show them 527 if($errors) 528 { 529 $page->output_inline_error($errors); 530 } 531 else 532 { 533 $mybb->input = array( 534 "usergroup" => 2 535 ); 536 } 537 538 $form_container = new FormContainer($lang->required_profile_info); 539 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 540 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->input['password'], array('id' => 'password', 'autocomplete' => 'off')), 'password'); 541 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->input['confirm_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 542 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 543 544 $display_group_options[0] = $lang->use_primary_user_group; 545 $options = array(); 546 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 547 while($usergroup = $db->fetch_array($query)) 548 { 549 $options[$usergroup['gid']] = $usergroup['title']; 550 $display_group_options[$usergroup['gid']] = $usergroup['title']; 551 } 552 553 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 554 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 555 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 556 557 // Output custom profile fields - required 558 output_custom_profile_fields($profile_fields['required'], $mybb->input['profile_fields'], $form_container, $form); 559 560 $form_container->end(); 561 $buttons[] = $form->generate_submit_button($lang->save_user); 562 $form->output_submit_wrapper($buttons); 563 564 $form->end(); 565 $page->output_footer(); 566 } 567 568 if($mybb->input['action'] == "edit") 569 { 570 $plugins->run_hooks("admin_user_users_edit"); 571 572 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 573 $user = $db->fetch_array($query); 574 575 // Does the user not exist? 576 if(!$user['uid']) 577 { 578 flash_message($lang->error_invalid_user, 'error'); 579 admin_redirect("index.php?module=user-users"); 580 } 581 582 if($mybb->request_method == "post") 583 { 584 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 585 { 586 flash_message($lang->error_no_perms_super_admin, 'error'); 587 admin_redirect("index.php?module=user-users"); 588 } 589 590 // Determine the usergroup stuff 591 if(is_array($mybb->input['additionalgroups'])) 592 { 593 foreach($mybb->input['additionalgroups'] as $key => $gid) 594 { 595 if($gid == $mybb->input['usergroup']) 596 { 597 unset($mybb->input['additionalgroups'][$key]); 598 } 599 } 600 $additionalgroups = implode(",", $mybb->input['additionalgroups']); 601 } 602 else 603 { 604 $additionalgroups = ''; 605 } 606 607 // Set up user handler. 608 require_once MYBB_ROOT."inc/datahandlers/user.php"; 609 $userhandler = new UserDataHandler('update'); 610 611 // Set the data for the new user. 612 $updated_user = array( 613 "uid" => $mybb->input['uid'], 614 "username" => $mybb->input['username'], 615 "email" => $mybb->input['email'], 616 "email2" => $mybb->input['email'], 617 "usergroup" => $mybb->input['usergroup'], 618 "additionalgroups" => $additionalgroups, 619 "displaygroup" => $mybb->input['displaygroup'], 620 "postnum" => $mybb->input['postnum'], 621 "usertitle" => $mybb->input['usertitle'], 622 "timezone" => $mybb->input['timezone'], 623 "language" => $mybb->input['language'], 624 "profile_fields" => $mybb->input['profile_fields'], 625 "profile_fields_editable" => true, 626 "website" => $mybb->input['website'], 627 "icq" => $mybb->input['icq'], 628 "aim" => $mybb->input['aim'], 629 "yahoo" => $mybb->input['yahoo'], 630 "msn" => $mybb->input['msn'], 631 "birthday" => array( 632 "day" => $mybb->input['bday1'], 633 "month" => $mybb->input['bday2'], 634 "year" => $mybb->input['bday3'] 635 ), 636 "style" => $mybb->input['style'], 637 "signature" => $mybb->input['signature'], 638 "dateformat" => intval($mybb->input['dateformat']), 639 "timeformat" => intval($mybb->input['timeformat']), 640 "language" => $mybb->input['language'], 641 "usernotes" => $mybb->input['usernotes'] 642 ); 643 644 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 645 { 646 if($user['coppauser'] == 1) 647 { 648 $updated_user['coppa_user'] = 0; 649 } 650 } 651 if($mybb->input['new_password']) 652 { 653 $updated_user['password'] = $mybb->input['new_password']; 654 $updated_user['password2'] = $mybb->input['confirm_new_password']; 655 } 656 657 $updated_user['options'] = array( 658 "allownotices" => $mybb->input['allownotices'], 659 "hideemail" => $mybb->input['hideemail'], 660 "subscriptionmethod" => $mybb->input['subscriptionmethod'], 661 "invisible" => $mybb->input['invisible'], 662 "dstcorrection" => $mybb->input['dstcorrection'], 663 "threadmode" => $mybb->input['threadmode'], 664 "showsigs" => $mybb->input['showsigs'], 665 "showavatars" => $mybb->input['showavatars'], 666 "showquickreply" => $mybb->input['showquickreply'], 667 "receivepms" => $mybb->input['receivepms'], 668 "receivefrombuddy" => $mybb->input['receivefrombuddy'], 669 "pmnotice" => $mybb->input['pmnotice'], 670 "daysprune" => $mybb->input['daysprune'], 671 "showcodebuttons" => intval($mybb->input['showcodebuttons']), 672 "pmnotify" => $mybb->input['pmnotify'], 673 "showredirect" => $mybb->input['showredirect'] 674 ); 675 676 if($mybb->settings['usertppoptions']) 677 { 678 $updated_user['options']['tpp'] = intval($mybb->input['tpp']); 679 } 680 681 if($mybb->settings['userpppoptions']) 682 { 683 $updated_user['options']['ppp'] = intval($mybb->input['ppp']); 684 } 685 686 // Set the data of the user in the datahandler. 687 $userhandler->set_data($updated_user); 688 $errors = ''; 689 690 // Validate the user and get any errors that might have occurred. 691 if(!$userhandler->validate_user()) 692 { 693 $errors = $userhandler->get_friendly_errors(); 694 } 695 else 696 { 697 // Are we removing an avatar from this user? 698 if($mybb->input['remove_avatar']) 699 { 700 $extra_user_updates = array( 701 "avatar" => "", 702 "avatardimensions" => "", 703 "avatartype" => "" 704 ); 705 remove_avatars($user['uid']); 706 } 707 708 // Are we uploading a new avatar? 709 if($_FILES['avatar_upload']['name']) 710 { 711 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 712 if($avatar['error']) 713 { 714 $errors = array($avatar['error']); 715 } 716 else 717 { 718 if($avatar['width'] > 0 && $avatar['height'] > 0) 719 { 720 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 721 } 722 $extra_user_updates = array( 723 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 724 "avatardimensions" => $avatar_dimensions, 725 "avatartype" => "upload" 726 ); 727 } 728 } 729 // Are we setting a new avatar from a URL? 730 else if($mybb->input['avatar_url'] && $mybb->input['avatar_url'] != $user['avatar']) 731 { 732 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 733 $mybb->input['avatar_url'] = htmlspecialchars_uni($mybb->input['avatar_url']); 734 $ext = get_extension($mybb->input['avatar_url']); 735 736 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 737 $file = fetch_remote_file($mybb->input['avatar_url']); 738 if(!$file) 739 { 740 $avatar_error = $lang->error_invalidavatarurl; 741 } 742 else 743 { 744 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 745 $fp = @fopen($tmp_name, "wb"); 746 if(!$fp) 747 { 748 $avatar_error = $lang->error_invalidavatarurl; 749 } 750 else 751 { 752 fwrite($fp, $file); 753 fclose($fp); 754 list($width, $height, $type) = @getimagesize($tmp_name); 755 @unlink($tmp_name); 756 echo $type; 757 if(!$type) 758 { 759 $avatar_error = $lang->error_invalidavatarurl; 760 } 761 } 762 } 763 764 if(empty($avatar_error)) 765 { 766 if($width && $height && $mybb->settings['maxavatardims'] != "") 767 { 768 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 769 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 770 { 771 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 772 $avatar_error = $lang->error_avatartoobig; 773 } 774 } 775 } 776 777 if(empty($avatar_error)) 778 { 779 if($width > 0 && $height > 0) 780 { 781 $avatar_dimensions = intval($width)."|".intval($height); 782 } 783 $extra_user_updates = array( 784 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 785 "avatardimensions" => $avatar_dimensions, 786 "avatartype" => "remote" 787 ); 788 remove_avatars($user['uid']); 789 } 790 else 791 { 792 $errors = array($avatar_error); 793 } 794 } 795 796 // Moderator "Options" (suspend signature, suspend/moderate posting) 797 $moderator_options = array( 798 1 => array( 799 "action" => "suspendsignature", // The moderator action we're performing 800 "period" => "action_period", // The time period we've selected from the dropdown box 801 "time" => "action_time", // The time we've entered 802 "update_field" => "suspendsignature", // The field in the database to update if true 803 "update_length" => "suspendsigtime" // The length of suspension field in the database 804 ), 805 2 => array( 806 "action" => "moderateposting", 807 "period" => "modpost_period", 808 "time" => "modpost_time", 809 "update_field" => "moderateposts", 810 "update_length" => "moderationtime" 811 ), 812 3 => array( 813 "action" => "suspendposting", 814 "period" => "suspost_period", 815 "time" => "suspost_time", 816 "update_field" => "suspendposting", 817 "update_length" => "suspensiontime" 818 ) 819 ); 820 821 require_once MYBB_ROOT."inc/functions_warnings.php"; 822 foreach($moderator_options as $option) 823 { 824 if(!$mybb->input[$option['action']]) 825 { 826 if($user[$option['update_field']] == 1) 827 { 828 // We're revoking the suspension 829 $extra_user_updates[$option['update_field']] = 0; 830 $extra_user_updates[$option['update_length']] = 0; 831 } 832 833 // Skip this option if we haven't selected it 834 continue; 835 } 836 837 if($mybb->input[$option['action']]) 838 { 839 if(intval($mybb->input[$option['time']]) == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 840 { 841 // User has selected a type of ban, but not entered a valid time frame 842 $string = $option['action']."_error"; 843 $errors[] = $lang->$string; 844 } 845 846 if(!is_array($errors)) 847 { 848 $suspend_length = fetch_time_length(intval($mybb->input[$option['time']]), $mybb->input[$option['period']]); 849 850 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 851 { 852 // We already have a suspension, but entered a new time 853 if($suspend_length == "-1") 854 { 855 // Permanent ban on action 856 $extra_user_updates[$option['update_length']] = 0; 857 } 858 elseif($suspend_length && $suspend_length != "-1") 859 { 860 // Temporary ban on action 861 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 862 } 863 } 864 elseif(!$user[$option['update_field']]) 865 { 866 // New suspension for this user... bad user! 867 $extra_user_updates[$option['update_field']] = 1; 868 if($suspend_length == "-1") 869 { 870 $extra_user_updates[$option['update_length']] = 0; 871 } 872 else 873 { 874 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 875 } 876 } 877 } 878 } 879 } 880 881 if($extra_user_updates['moderateposts'] && $extra_user_updates['suspendposting']) 882 { 883 $errors[] = $lang->suspendmoderate_error; 884 } 885 886 if(!$errors) 887 { 888 $user_info = $userhandler->update_user(); 889 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 890 891 // if we're updating the user's signature preferences, do so now 892 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 893 { 894 $update_signature = array( 895 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 896 ); 897 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 898 } 899 900 $plugins->run_hooks("admin_user_users_edit_commit"); 901 902 // Log admin action 903 log_admin_action($user['uid'], $mybb->input['username']); 904 905 flash_message($lang->success_user_updated, 'success'); 906 admin_redirect("index.php?module=user-users"); 907 } 908 } 909 } 910 911 if(!$errors) 912 { 913 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 914 $mybb->input = $user; 915 916 $options = array( 917 'bday1', 'bday2', 'bday3', 918 'new_password', 'confirm_new_password', 919 'action_time', 'action_period', 920 'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time' 921 ); 922 923 foreach($options as $option) 924 { 925 if(!isset($mybb->input[$option])) 926 { 927 $mybb->input[$option] = ''; 928 } 929 } 930 931 // We need to fetch this users profile field values 932 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 933 $mybb->input['profile_fields'] = $db->fetch_array($query); 934 } 935 936 if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3']) 937 { 938 $mybb->input['bday'][0] = $mybb->input['bday1']; 939 $mybb->input['bday'][1] = $mybb->input['bday2']; 940 $mybb->input['bday'][2] = intval($mybb->input['bday3']); 941 } 942 else 943 { 944 $mybb->input['bday'] = array(0, 0, ''); 945 946 if($user['birthday']) 947 { 948 $mybb->input['bday'] = explode('-', $user['birthday']); 949 } 950 } 951 952 // Fetch custom profile fields 953 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 954 while($profile_field = $db->fetch_array($query)) 955 { 956 if($profile_field['required'] == 1) 957 { 958 $profile_fields['required'][] = $profile_field; 959 } 960 else 961 { 962 $profile_fields['optional'][] = $profile_field; 963 } 964 } 965 966 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 967 $page->output_header($lang->edit_user); 968 969 $sub_tabs['edit_user'] = array( 970 'title' => $lang->edit_user, 971 'description' => $lang->edit_user_desc 972 ); 973 974 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 975 echo "<script type=\"text/javascript\">\n function submitUserForm() { $('tab_overview').up('FORM').submit(); }</script>\n"; 976 977 $page->output_nav_tabs($sub_tabs, 'edit_user'); 978 979 // If we have any error messages, show them 980 if($errors) 981 { 982 $page->output_inline_error($errors); 983 } 984 985 // Is this user a COPPA user? We show a warning & activate link 986 if($user['coppauser']) 987 { 988 echo $lang->sprintf($lang->warning_coppa_user, $user['uid']); 989 } 990 991 $tabs = array( 992 "overview" => $lang->overview, 993 "profile" => $lang->profile, 994 "settings" => $lang->account_settings, 995 "signature" => $lang->signature, 996 "avatar" => $lang->avatar, 997 "modoptions" => $lang->mod_options 998 ); 999 $page->output_tab_control($tabs); 1000 1001 // 1002 // OVERVIEW 1003 // 1004 echo "<div id=\"tab_overview\">\n"; 1005 $table = new Table; 1006 $table->construct_header($lang->avatar, array('class' => 'align_center')); 1007 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 1008 1009 // Avatar 1010 $avatar_dimensions = explode("|", $user['avatardimensions']); 1011 if($user['avatar']) 1012 { 1013 if($user['avatardimensions']) 1014 { 1015 require_once MYBB_ROOT."inc/functions_image.php"; 1016 list($width, $height) = explode("|", $user['avatardimensions']); 1017 $scaled_dimensions = scale_image($width, $height, 120, 120); 1018 } 1019 else 1020 { 1021 $scaled_dimensions = array( 1022 "width" => 120, 1023 "height" => 120 1024 ); 1025 } 1026 if (!stristr($user['avatar'], 'http://')) 1027 { 1028 $user['avatar'] = "../{$user['avatar']}\n"; 1029 } 1030 } 1031 else 1032 { 1033 $user['avatar'] = "styles/{$page->style}/images/default_avatar.gif"; 1034 $scaled_dimensions = array( 1035 "width" => 120, 1036 "height" => 120 1037 ); 1038 } 1039 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 1040 if($user['lastactive']) 1041 { 1042 $last_active = my_date($mybb->settings['dateformat'], $user['lastactive']).", ".my_date($mybb->settings['timeformat'], $user['lastactive']); 1043 } 1044 else 1045 { 1046 $last_active = $lang->never; 1047 } 1048 $reg_date = my_date($mybb->settings['dateformat'], $user['regdate']).", ".my_date($mybb->settings['timeformat'], $user['regdate']); 1049 if($user['dst'] == 1) 1050 { 1051 $timezone = $user['timezone']+1; 1052 } 1053 else 1054 { 1055 $timezone = $user['timezone']; 1056 } 1057 $local_time = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)).", ".gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1058 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1059 $posts_per_day = 0; 1060 if($days_registered > 0) 1061 { 1062 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1063 if($posts_per_day > $user['postnum']) 1064 { 1065 $posts_per_day = $user['postnum']; 1066 } 1067 } 1068 $stats = $cache->read("stats"); 1069 $posts = $stats['numposts']; 1070 if($posts == 0) 1071 { 1072 $percent_posts = "0"; 1073 } 1074 else 1075 { 1076 $percent_posts = round($user['postnum']*100/$posts, 2); 1077 } 1078 1079 $user_permissions = user_permissions($user['uid']); 1080 1081 // Fetch the reputation for this user 1082 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1083 { 1084 $reputation = get_reputation($user['reputation']); 1085 } 1086 else 1087 { 1088 $reputation = "-"; 1089 } 1090 1091 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1092 { 1093 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1094 if($warning_level > 100) 1095 { 1096 $warning_level = 100; 1097 } 1098 $warning_level = get_colored_warning_level($warning_level); 1099 } 1100 1101 $age = $lang->na; 1102 if($user['birthday']) 1103 { 1104 $age = get_age($user['birthday']); 1105 } 1106 1107 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1108 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1109 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1110 $table->construct_row(); 1111 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1112 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$local_time}"); 1113 $table->construct_row(); 1114 $table->construct_cell("<strong>{$lang->posts}:</strong> {$user['postnum']}"); 1115 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1116 $table->construct_row(); 1117 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1118 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1119 $table->construct_row(); 1120 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1121 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1122 $table->construct_row(); 1123 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> {$user['regip']}"); 1124 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> {$user['lastip']}"); 1125 $table->construct_row(); 1126 1127 $table->output("{$lang->user_overview}: {$user['username']}"); 1128 echo "</div>\n"; 1129 1130 // 1131 // PROFILE 1132 // 1133 echo "<div id=\"tab_profile\">\n"; 1134 1135 $form_container = new FormContainer($lang->required_profile_info.": {$user['username']}"); 1136 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1137 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1138 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1139 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1140 1141 $display_group_options[0] = $lang->use_primary_user_group; 1142 $options = array(); 1143 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1144 while($usergroup = $db->fetch_array($query)) 1145 { 1146 $options[$usergroup['gid']] = $usergroup['title']; 1147 $display_group_options[$usergroup['gid']] = $usergroup['title']; 1148 } 1149 1150 if(!is_array($mybb->input['additionalgroups'])) 1151 { 1152 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1153 } 1154 1155 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 1156 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1157 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 1158 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_text_box('postnum', $mybb->input['postnum'], array('id' => 'postnum')), 'postnum'); 1159 1160 // Output custom profile fields - required 1161 if(!isset($profile_fields['required'])) 1162 { 1163 $profile_fields['required'] = array(); 1164 } 1165 output_custom_profile_fields($profile_fields['required'], $mybb->input['profile_fields'], $form_container, $form); 1166 1167 $form_container->end(); 1168 1169 $form_container = new FormContainer($lang->optional_profile_info.": {$user['username']}"); 1170 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->input['usertitle'], array('id' => 'usertitle')), 'usertitle'); 1171 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->input['website'], array('id' => 'website')), 'website'); 1172 $form_container->output_row($lang->icq_number, "", $form->generate_text_box('icq', $mybb->input['icq'], array('id' => 'icq')), 'icq'); 1173 $form_container->output_row($lang->aim_handle, "", $form->generate_text_box('aim', $mybb->input['aim'], array('id' => 'aim')), 'aim'); 1174 $form_container->output_row($lang->yahoo_messanger_handle, "", $form->generate_text_box('yahoo', $mybb->input['yahoo'], array('id' => 'yahoo')), 'yahoo'); 1175 $form_container->output_row($lang->msn_messanger_handle, "", $form->generate_text_box('msn', $mybb->input['msn'], array('id' => 'msn')), 'msn'); 1176 1177 // Birthday 1178 $birthday_days = array(0 => ''); 1179 for($i = 1; $i <= 31; $i++) 1180 { 1181 $birthday_days[$i] = $i; 1182 } 1183 1184 $birthday_months = array( 1185 0 => '', 1186 1 => $lang->january, 1187 2 => $lang->february, 1188 3 => $lang->march, 1189 4 => $lang->april, 1190 5 => $lang->may, 1191 6 => $lang->june, 1192 7 => $lang->july, 1193 8 => $lang->august, 1194 9 => $lang->september, 1195 10 => $lang->october, 1196 11 => $lang->november, 1197 12 => $lang->december 1198 ); 1199 1200 $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day')); 1201 $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month')); 1202 $birthday_row .= ' '.$form->generate_text_box('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 3em;')); 1203 1204 $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday'); 1205 1206 // Output custom profile fields - optional 1207 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1208 1209 $form_container->end(); 1210 echo "</div>\n"; 1211 1212 // 1213 // ACCOUNT SETTINGS 1214 // 1215 1216 // Plugin hook note - we should add hooks in above each output_row for the below so users can add their own options to each group :> 1217 1218 echo "<div id=\"tab_settings\">\n"; 1219 $form_container = new FormContainer($lang->account_settings.": {$user['username']}"); 1220 $login_options = array( 1221 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->input['invisible'])), 1222 ); 1223 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1224 1225 if($mybb->input['pmnotice'] > 1) 1226 { 1227 $mybb->input['pmnotice'] = 1; 1228 } 1229 1230 $messaging_options = array( 1231 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->input['allownotices'])), 1232 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->input['hideemail'])), 1233 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->input['receivepms'])), 1234 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->input['receivefrombuddy'])), 1235 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->input['pmnotice'])), 1236 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->input['pmnotify'])), 1237 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_email_notification, $lang->instant_email_notification), $mybb->input['subscriptionmethod'], array('id' => 'subscriptionmethod')) 1238 ); 1239 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1240 1241 $date_format_options = array($lang->use_default); 1242 foreach($date_formats as $key => $format) 1243 { 1244 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1245 } 1246 1247 $time_format_options = array($lang->use_default); 1248 foreach($time_formats as $key => $format) 1249 { 1250 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1251 } 1252 1253 $date_options = array( 1254 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->input['dateformat'], array('id' => 'dateformat')), 1255 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->input['timeformat'], array('id' => 'timeformat')), 1256 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->input['timezone']), 1257 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->input['dstcorrection'], array('id' => 'dstcorrection')) 1258 ); 1259 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1260 1261 1262 $tpp_options = array($lang->use_default); 1263 if($mybb->settings['usertppoptions']) 1264 { 1265 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1266 if(is_array($explodedtpp)) 1267 { 1268 foreach($explodedtpp as $tpp) 1269 { 1270 if($tpp <= 0) continue; 1271 $tpp_options[$tpp] = $tpp; 1272 } 1273 } 1274 } 1275 1276 $thread_age_options = array( 1277 0 => $lang->use_default, 1278 1 => $lang->show_threads_last_day, 1279 5 => $lang->show_threads_last_5_days, 1280 10 => $lang->show_threads_last_10_days, 1281 20 => $lang->show_threads_last_20_days, 1282 50 => $lang->show_threads_last_50_days, 1283 75 => $lang->show_threads_last_75_days, 1284 100 => $lang->show_threads_last_100_days, 1285 365 => $lang->show_threads_last_year, 1286 9999 => $lang->show_all_threads 1287 ); 1288 1289 $forum_options = array( 1290 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->input['tpp'], array('id' => 'tpp')), 1291 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->input['daysprune'], array('id' => 'daysprune')) 1292 ); 1293 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1294 1295 $ppp_options = array($lang->use_default); 1296 if($mybb->settings['userpppoptions']) 1297 { 1298 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1299 if(is_array($explodedppp)) 1300 { 1301 foreach($explodedppp as $ppp) 1302 { 1303 if($ppp <= 0) continue; 1304 $ppp_options[$ppp] = $ppp; 1305 } 1306 } 1307 } 1308 1309 $thread_options = array( 1310 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->input['showsigs'])), 1311 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->input['showavatars'])), 1312 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->input['showquickreply'])), 1313 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->input['ppp'], array('id' => 'ppp')), 1314 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1315 ); 1316 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1317 1318 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1319 1320 $other_options = array( 1321 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->input['showredirect'])), 1322 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->input['showcodebuttons'])), 1323 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->input['style'], 0, "", true), 1324 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->input['language'], array('id' => 'language')) 1325 ); 1326 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1327 1328 $form_container->end(); 1329 echo "</div>\n"; 1330 1331 // 1332 // SIGNATURE EDITOR 1333 // 1334 $signature_editor = $form->generate_text_area("signature", $mybb->input['signature'], array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'width: 95%')); 1335 $sig_smilies = $lang->off; 1336 if($mybb->settings['sigsmilies'] == 1) 1337 { 1338 $sig_smilies = $lang->on; 1339 } 1340 $sig_mycode = $lang->off; 1341 if($mybb->settings['sigmycode'] == 1) 1342 { 1343 $sig_mycode = $lang->on; 1344 $signature_editor .= build_mycode_inserter("signature"); 1345 } 1346 $sig_html = $lang->off; 1347 if($mybb->settings['sightml'] == 1) 1348 { 1349 $sig_html = $lang->on; 1350 } 1351 $sig_imgcode = $lang->off; 1352 if($mybb->settings['sigimgcode'] == 1) 1353 { 1354 $sig_imgcode = $lang->on; 1355 } 1356 echo "<div id=\"tab_signature\">\n"; 1357 $form_container = new FormContainer("{$lang->signature}: {$user['username']}"); 1358 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1359 1360 $periods = array( 1361 "hours" => $lang->expire_hours, 1362 "days" => $lang->expire_days, 1363 "weeks" => $lang->expire_weeks, 1364 "months" => $lang->expire_months, 1365 "never" => $lang->expire_permanent 1366 ); 1367 1368 // Are we already suspending the signature? 1369 if($mybb->input['suspendsignature']) 1370 { 1371 $sig_checked = 1; 1372 1373 // Display how much time is left on the ban for the user to extend it 1374 if($user['suspendsigtime'] == "0") 1375 { 1376 // Permanent 1377 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1378 } 1379 else 1380 { 1381 // There's a limit to the suspension! 1382 $expired = my_date($mybb->settings['dateformat'], $user['suspendsigtime'])." @ ".my_date($mybb->settings['timeformat'], $user['suspendsigtime']); 1383 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired); 1384 } 1385 $user_suspend_info = ' 1386 <tr> 1387 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1388 </tr>'; 1389 } 1390 else 1391 { 1392 $sig_checked = 0; 1393 $user_suspend_info = ''; 1394 } 1395 1396 $actions = ' 1397 <script type="text/javascript"> 1398 <!-- 1399 var sig_checked = "'.$sig_checked.'"; 1400 1401 function toggleAction() 1402 { 1403 if($("suspend_action").visible() == true) 1404 { 1405 $("suspend_action").hide(); 1406 } 1407 else 1408 { 1409 $("suspend_action").show(); 1410 } 1411 } 1412 // --> 1413 </script> 1414 1415 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1416 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1417 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1418 <table cellpadding="4">'.$user_suspend_info.' 1419 <tr> 1420 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1421 <td>'.$form->generate_text_box('action_time', $mybb->input['action_time'], array('style' => 'width: 2em;')).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1422 </tr> 1423 </table> 1424 </dd> 1425 </dl> 1426 1427 <script type="text/javascript"> 1428 <!-- 1429 if(sig_checked == 0) 1430 { 1431 $("suspend_action").hide(); 1432 } 1433 // --> 1434 </script>'; 1435 1436 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1437 1438 $signature_options = array( 1439 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1440 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1441 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1442 ); 1443 1444 $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options)); 1445 1446 $form_container->end(); 1447 echo "</div>\n"; 1448 1449 // 1450 // AVATAR MANAGER 1451 // 1452 echo "<div id=\"tab_avatar\">\n"; 1453 $table = new Table; 1454 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1455 1456 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1457 1458 $avatar_url = ''; 1459 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1460 { 1461 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1462 } 1463 else if($user['avatartype'] == "gallery" || stristr($user['avatar'], $mybb->settings['avatardir'])) 1464 { 1465 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_gallery_avatar}</strong>"; 1466 } 1467 elseif($user['avatartype'] == "remote" || my_strpos(my_strtolower($user['avatar']), "http://") !== false) 1468 { 1469 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1470 $avatar_url = $user['avatar']; 1471 } 1472 1473 if($errors) 1474 { 1475 $avatar_url = $mybb->input['avatar_url']; 1476 } 1477 1478 if($mybb->settings['maxavatardims'] != "") 1479 { 1480 list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 1481 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1482 } 1483 1484 if($mybb->settings['avatarsize']) 1485 { 1486 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1487 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1488 } 1489 1490 if($user['avatar']) 1491 { 1492 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1493 } 1494 1495 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1496 $table->construct_row(); 1497 1498 $table->output($lang->avatar.": {$user['username']}"); 1499 1500 // Custom avatar 1501 if($mybb->settings['avatarresizing'] == "auto") 1502 { 1503 $auto_resize = $lang->avatar_auto_resize; 1504 } 1505 else if($mybb->settings['avatarresizing'] == "user") 1506 { 1507 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1508 } 1509 $form_container = new FormContainer($lang->specify_custom_avatar); 1510 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1511 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1512 $form_container->end(); 1513 1514 // Select an image from the gallery 1515 echo "<div class=\"border_wrapper\">"; 1516 echo "<div class=\"title\">.. {$lang->or_select_avatar_gallery}</div>"; 1517 echo "<iframe src=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}\" width=\"100%\" height=\"350\" frameborder=\"0\"></iframe>"; 1518 echo "</div>"; 1519 echo "</div>"; 1520 1521 // 1522 // MODERATOR OPTIONS 1523 // 1524 $periods = array( 1525 "hours" => $lang->expire_hours, 1526 "days" => $lang->expire_days, 1527 "weeks" => $lang->expire_weeks, 1528 "months" => $lang->expire_months, 1529 "never" => $lang->expire_permanent 1530 ); 1531 1532 echo "<div id=\"tab_modoptions\">\n"; 1533 $form_container = new FormContainer($lang->mod_options.": {$user['username']}"); 1534 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1535 1536 // Mod posts 1537 // Generate check box 1538 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1539 1540 // Do we have any existing suspensions here? 1541 $existing_info = ''; 1542 if($user['moderateposts'] || ($mybb->input['moderateposting'] && !empty($errors))) 1543 { 1544 $mybb->input['moderateposting'] = 1; 1545 if($user['moderationtime'] != 0) 1546 { 1547 $expired = my_date($mybb->settings['dateformat'], $user['moderationtime']).", ".my_date($mybb->settings['timeformat'], $user['moderationtime']); 1548 $existing_info = $lang->sprintf($lang->moderate_length, $expired); 1549 } 1550 else 1551 { 1552 $existing_info = $lang->moderated_perm; 1553 } 1554 } 1555 1556 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_text_box("modpost_time", $mybb->input['modpost_time'], array('style' => 'width: 2em;')).' '.$modpost_options.'</div>'; 1557 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, $user['username']); 1558 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->input['moderateposting'])), $lang->moderate_posts_info, $modpost_div); 1559 1560 // Suspend posts 1561 // Generate check box 1562 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->input['suspost_period'], array('id' => 'suspost_period')); 1563 1564 // Do we have any existing suspensions here? 1565 if($user['suspendposting'] || ($mybb->input['suspendposting'] && !empty($errors))) 1566 { 1567 $mybb->input['suspendposting'] = 1; 1568 1569 if($user['suspensiontime'] == 0 || $mybb->input['suspost_period'] == "never") 1570 { 1571 $existing_info = $lang->suspended_perm; 1572 } 1573 else 1574 { 1575 $suspost_date = my_date($mybb->settings['dateformat'], $user['suspensiontime'])." ".my_date($mybb->settings['timeformat'], $user['suspensiontime']); 1576 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date); 1577 } 1578 } 1579 1580 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_text_box("suspost_time", $mybb->input['suspost_time'], array('style' => 'width: 2em;')).' '.$suspost_options.'</div>'; 1581 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, $user['username']); 1582 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->input['suspendposting'])), $lang->suspend_posts_info, $suspost_div); 1583 1584 1585 $form_container->end(); 1586 echo "</div>\n"; 1587 1588 $buttons[] = $form->generate_submit_button($lang->save_user); 1589 $form->output_submit_wrapper($buttons); 1590 1591 $form->end(); 1592 1593 echo '<script type="text/javascript"> 1594 <!-- 1595 1596 function toggleBox(action) 1597 { 1598 if(action == "modpost") 1599 { 1600 $("suspendposting").checked = false; 1601 $("suspost").hide(); 1602 1603 if($("moderateposting").checked == true) 1604 { 1605 $("modpost").show(); 1606 } 1607 else if($("moderateposting").checked == false) 1608 { 1609 $("modpost").hide(); 1610 } 1611 } 1612 else if(action == "suspost") 1613 { 1614 $("moderateposting").checked = false; 1615 $("modpost").hide(); 1616 1617 if($("suspendposting").checked == true) 1618 { 1619 $("suspost").show(); 1620 } 1621 else if($("suspendposting").checked == false) 1622 { 1623 $("suspost").hide(); 1624 } 1625 } 1626 } 1627 1628 if($("moderateposting").checked == false) 1629 { 1630 $("modpost").hide(); 1631 } 1632 else 1633 { 1634 $("modpost").show(); 1635 } 1636 1637 if($("suspendposting").checked == false) 1638 { 1639 $("suspost").hide(); 1640 } 1641 else 1642 { 1643 $("suspost").show(); 1644 } 1645 1646 // --> 1647 </script>'; 1648 1649 $page->output_footer(); 1650 } 1651 1652 if($mybb->input['action'] == "delete") 1653 { 1654 $plugins->run_hooks("admin_user_users_delete"); 1655 1656 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 1657 $user = $db->fetch_array($query); 1658 1659 // Does the user not exist? 1660 if(!$user['uid']) 1661 { 1662 flash_message($lang->error_invalid_user, 'error'); 1663 admin_redirect("index.php?module=user-users"); 1664 } 1665 1666 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1667 { 1668 flash_message($lang->error_no_perms_super_admin, 'error'); 1669 admin_redirect("index.php?module=user-users"); 1670 } 1671 1672 // User clicked no 1673 if($mybb->input['no']) 1674 { 1675 admin_redirect("index.php?module=user-users"); 1676 } 1677 1678 if($mybb->request_method == "post") 1679 { 1680 // Delete the user 1681 $db->delete_query("userfields", "ufid='{$user['uid']}'"); 1682 $db->delete_query("privatemessages", "uid='{$user['uid']}'"); 1683 $db->delete_query("events", "uid='{$user['uid']}'"); 1684 $db->delete_query("forumsubscriptions", "uid='{$user['uid']}'"); 1685 $db->delete_query("threadsubscriptions", "uid='{$user['uid']}'"); 1686 $db->delete_query("sessions", "uid='{$user['uid']}'"); 1687 $db->delete_query("banned", "uid='{$user['uid']}'"); 1688 $db->delete_query("threadratings", "uid='{$user['uid']}'"); 1689 $db->delete_query("users", "uid='{$user['uid']}'"); 1690 $db->delete_query("joinrequests", "uid='{$user['uid']}'"); 1691 $db->delete_query("warnings", "uid='{$user['uid']}'"); 1692 $db->delete_query("reputation", "uid='{$user['uid']}' OR adduid='{$user['uid']}'"); 1693 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 1694 $db->delete_query("posts", "uid = '{$user['uid']}' AND visible = '-2'"); 1695 $db->delete_query("threads", "uid = '{$user['uid']}' AND visible = '-2'"); 1696 1697 // Update forum stats 1698 update_stats(array('numusers' => '-1')); 1699 1700 // Update forums & threads if user is the lastposter 1701 $db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'"); 1702 $db->update_query("forums", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'"); 1703 $db->update_query("threads", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'"); 1704 1705 // Did this user have an uploaded avatar? 1706 if($user['avatartype'] == "upload") 1707 { 1708 // Removes the ./ at the beginning the timestamp on the end... 1709 @unlink("../".substr($user['avatar'], 2, -20)); 1710 } 1711 1712 // Was this user a moderator? 1713 if(is_moderator($user['uid'])) 1714 { 1715 $db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'"); 1716 $cache->update_moderators(); 1717 } 1718 1719 $plugins->run_hooks("admin_user_users_delete_commit"); 1720 1721 // Log admin action 1722 log_admin_action($user['uid'], $user['username']); 1723 1724 flash_message($lang->success_user_deleted, 'success'); 1725 admin_redirect("index.php?module=user-users"); 1726 } 1727 else 1728 { 1729 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1730 } 1731 } 1732 1733 if($mybb->input['action'] == "referrers") 1734 { 1735 $plugins->run_hooks("admin_user_users_referrers"); 1736 1737 $page->add_breadcrumb_item($lang->show_referrers); 1738 $page->output_header($lang->show_referrers); 1739 1740 $sub_tabs['referrers'] = array( 1741 'title' => $lang->show_referrers, 1742 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1743 'description' => $lang->show_referrers_desc 1744 ); 1745 1746 $page->output_nav_tabs($sub_tabs, 'referrers'); 1747 1748 // Fetch default admin view 1749 $default_view = fetch_default_view("user"); 1750 if(!$default_view) 1751 { 1752 $default_view = "0"; 1753 } 1754 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1755 $admin_view = $db->fetch_array($query); 1756 1757 if($mybb->input['type']) 1758 { 1759 $admin_view['view_type'] = $mybb->input['type']; 1760 } 1761 1762 $admin_view['conditions'] = unserialize($admin_view['conditions']); 1763 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1764 1765 $view = build_users_view($admin_view); 1766 1767 // No referred users 1768 if(!$view) 1769 { 1770 $table = new Table; 1771 $table->construct_cell($lang->error_no_referred_users); 1772 $table->construct_row(); 1773 $table->output($lang->show_referrers); 1774 } 1775 else 1776 { 1777 echo $view; 1778 } 1779 1780 $page->output_footer(); 1781 } 1782 1783 if($mybb->input['action'] == "ipaddresses") 1784 { 1785 $plugins->run_hooks("admin_user_users_ipaddresses"); 1786 1787 $page->add_breadcrumb_item($lang->ip_addresses); 1788 $page->output_header($lang->ip_addresses); 1789 1790 $sub_tabs['ipaddresses'] = array( 1791 'title' => $lang->show_ip_addresses, 1792 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1793 'description' => $lang->show_ip_addresses_desc 1794 ); 1795 1796 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1797 1798 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1799 $user = $db->fetch_array($query); 1800 1801 // Log admin action 1802 log_admin_action($user['uid'], $user['username']); 1803 1804 $table = new Table; 1805 1806 $table->construct_header($lang->ip_address); 1807 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1808 1809 if(empty($user['lastip'])) 1810 { 1811 $user['lastip'] = $lang->unknown; 1812 $controls = ''; 1813 } 1814 else 1815 { 1816 $popup = new PopupMenu("user_last", $lang->options); 1817 $popup->add_item($lang->show_users_regged_with_ip, 1818 "index.php?module=user-users&action=search&results=1&conditions=".urlencode(serialize(array("regip" => $user['lastip'])))); 1819 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $user['lastip'])))); 1820 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['lastip']}', 'iplookup', 500, 250); return false;"); 1821 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1822 $controls = $popup->fetch(); 1823 } 1824 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> {$user['lastip']}"); 1825 $table->construct_cell($controls, array('class' => "align_center")); 1826 $table->construct_row(); 1827 1828 if(empty($user['regip'])) 1829 { 1830 $user['regip'] = $lang->unknown; 1831 $controls = ''; 1832 } 1833 else 1834 { 1835 $popup = new PopupMenu("user_reg", $lang->options); 1836 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("regip" => $user['regip'])))); 1837 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $user['regip'])))); 1838 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['regip']}', 'iplookup', 500, 250); return false;"); 1839 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1840 $controls = $popup->fetch(); 1841 } 1842 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> {$user['regip']}"); 1843 $table->construct_cell($controls, array('class' => "align_center")); 1844 $table->construct_row(); 1845 1846 $counter = 0; 1847 1848 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1849 while($ip = $db->fetch_array($query)) 1850 { 1851 ++$counter; 1852 $popup = new PopupMenu("id_{$counter}", $lang->options); 1853 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("regip" => $ip['ipaddress'])))); 1854 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $ip['ipaddress'])))); 1855 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$ip['ipaddress']}', 'iplookup', 500, 250); return false;"); 1856 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1857 $controls = $popup->fetch(); 1858 1859 $table->construct_cell($ip['ipaddress']); 1860 $table->construct_cell($controls, array('class' => "align_center")); 1861 $table->construct_row(); 1862 } 1863 1864 $table->output($lang->ip_address_for." {$user['username']}"); 1865 1866 $page->output_footer(); 1867 } 1868 1869 if($mybb->input['action'] == "merge") 1870 { 1871 $plugins->run_hooks("admin_user_users_merge"); 1872 1873 if($mybb->request_method == "post") 1874 { 1875 $query = $db->simple_select("users", "*", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['source_username']))."'"); 1876 $source_user = $db->fetch_array($query); 1877 if(!$source_user['uid']) 1878 { 1879 $errors[] = $lang->error_invalid_user_source; 1880 } 1881 1882 $query = $db->simple_select("users", "*", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['destination_username']))."'"); 1883 $destination_user = $db->fetch_array($query); 1884 if(!$destination_user['uid']) 1885 { 1886 $errors[] = $lang->error_invalid_user_destination; 1887 } 1888 1889 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1890 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1891 { 1892 flash_message($lang->error_no_perms_super_admin, 'error'); 1893 admin_redirect("index.php?module=user-users"); 1894 } 1895 1896 if($source_user['uid'] == $destination_user['uid']) 1897 { 1898 $errors[] = $lang->error_cannot_merge_same_account; 1899 } 1900 1901 if(empty($errors)) 1902 { 1903 // Begin to merge the accounts 1904 $uid_update = array( 1905 "uid" => $destination_user['uid'] 1906 ); 1907 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1908 $existing_admin_options = $db->fetch_field($query, "uid"); 1909 1910 // Only carry over admin options/permissions if we don't already have them 1911 if(!$existing_admin_options) 1912 { 1913 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1914 } 1915 1916 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1917 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1918 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1919 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1920 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1921 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 1922 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 1923 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 1924 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 1925 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 1926 $db->update_query("reportedposts", $uid_update, "uid='{$source_user['uid']}'"); 1927 $db->update_query("threadratings", $uid_update, "uid='{$source_user['uid']}'"); 1928 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 1929 $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'"); 1930 $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'"); 1931 $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'"); 1932 $db->delete_query("sessions", "uid='{$source_user['uid']}'"); 1933 1934 // Is the source user a moderator? 1935 if($groupscache[$source_user['usergroup']]['canmodcp']) 1936 { 1937 $db->delete_query("moderators", "id='{$source_user['uid']}' AND isgroup = '0'"); 1938 1939 // Update the moderator cache... 1940 $cache->update_moderators(); 1941 } 1942 1943 // Banning 1944 $db->update_query("banned", array('admin' => $destination_user['uid']), "admin = '{$source_user['uid']}'"); 1945 1946 // Merging Reputation 1947 // First, let's change all the details over to our new user... 1948 $rep_update = array( 1949 "adduid" => $destination_user['uid'], 1950 "uid" => $destination_user['uid'] 1951 ); 1952 $db->update_query("reputation", $rep_update, "adduid = '".$source_user['uid']."' OR uid = '".$source_user['uid']."'"); 1953 1954 // Now that all the repuation is merged, figure out what to do with this user's comments... 1955 $options = array( 1956 "order_by" => "uid", 1957 "order_dir" => "ASC" 1958 ); 1959 1960 $to_remove = array(); 1961 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'"); 1962 while($rep = $db->fetch_array($query)) 1963 { 1964 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 1965 { 1966 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 1967 $to_remove[] = $rep['rid']; 1968 } 1969 1970 // Remove comments or posts liked by "me" 1971 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 1972 { 1973 if(!in_array($rep['rid'], $to_remove)) 1974 { 1975 $to_remove[] = $rep['rid']; 1976 continue; 1977 } 1978 } 1979 1980 $last_result = array( 1981 "rid" => $rep['rid'], 1982 "uid" => $rep['uid'] 1983 ); 1984 } 1985 1986 // Remove any reputations we've selected to remove... 1987 if(!empty($to_remove)) 1988 { 1989 $imp = implode(",", $to_remove); 1990 $db->delete_query("reputation", "rid IN (".$imp.")"); 1991 } 1992 1993 // Calculate the new reputation for this user... 1994 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 1995 $total_reputation = $db->fetch_field($query, "total_rep"); 1996 1997 $db->update_query("users", array('reputation' => intval($total_reputation)), "uid='{$destination_user['uid']}'"); 1998 1999 // Calculate warning points 2000 $query = $db->query(" 2001 SELECT SUM(points) as warn_lev 2002 FROM ".TABLE_PREFIX."warnings 2003 WHERE uid='{$source_user['uid']}' AND expired='0' 2004 "); 2005 $original_warn_level = $db->fetch_field($query, "warn_lev"); 2006 2007 $query = $db->query(" 2008 SELECT SUM(points) as warn_lev 2009 FROM ".TABLE_PREFIX."warnings 2010 WHERE uid='{$destination_user['uid']}' AND expired='0' 2011 "); 2012 $new_warn_level = $db->fetch_field($query, "warn_lev"); 2013 $db->update_query("users", array("warningpoints" => intval($original_warn_level + $new_warn_level)), "uid='{$destination_user['uid']}'"); 2014 2015 // Additional updates for non-uid fields 2016 $last_poster = array( 2017 "lastposteruid" => $destination_user['uid'], 2018 "lastposter" => $db->escape_string($destination_user['username']) 2019 ); 2020 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2021 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 2022 $edit_uid = array( 2023 "edituid" => $destination_user['uid'] 2024 ); 2025 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 2026 2027 $from_uid = array( 2028 "fromid" => $destination_user['uid'] 2029 ); 2030 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 2031 $to_uid = array( 2032 "toid" => $destination_user['uid'] 2033 ); 2034 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 2035 2036 // Delete the old user 2037 $db->delete_query("users", "uid='{$source_user['uid']}'"); 2038 $db->delete_query("banned", "uid='{$source_user['uid']}'"); 2039 2040 // Did the old user have an uploaded avatar? 2041 if($source_user['avatartype'] == "upload") 2042 { 2043 // Removes the ./ at the beginning the timestamp on the end... 2044 @unlink("../".substr($source_user['avatar'], 2, -20)); 2045 } 2046 2047 // Get a list of forums where post count doesn't apply 2048 $fids = array(); 2049 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 2050 while($fid = $db->fetch_field($query, "fid")) 2051 { 2052 $fids[] = $fid; 2053 } 2054 2055 $fids_not_in = ''; 2056 if(!empty($fids)) 2057 { 2058 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 2059 } 2060 2061 // Update user post count 2062 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 2063 $num = $db->fetch_array($query); 2064 $updated_count = array( 2065 "postnum" => $num['postnum'] 2066 ); 2067 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 2068 2069 // Use the earliest registration date 2070 if($destination_user['regdate'] > $source_user['regdate']) 2071 { 2072 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 2073 } 2074 2075 update_stats(array('numusers' => '-1')); 2076 2077 $plugins->run_hooks("admin_user_users_merge_commit"); 2078 2079 // Log admin action 2080 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 2081 2082 // Redirect! 2083 flash_message("<strong>{$source_user['username']}</strong> {$lang->success_merged} {$destination_user['username']}", "success"); 2084 admin_redirect("index.php?module=user-users"); 2085 exit; 2086 } 2087 } 2088 2089 $page->add_breadcrumb_item($lang->merge_users); 2090 $page->output_header($lang->merge_users); 2091 2092 $page->output_nav_tabs($sub_tabs, 'merge_users'); 2093 2094 // If we have any error messages, show them 2095 if($errors) 2096 { 2097 $page->output_inline_error($errors); 2098 } 2099 2100 $form = new Form("index.php?module=user-users&action=merge", "post"); 2101 2102 $form_container = new FormContainer($lang->merge_users); 2103 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->input['source_username'], array('id' => 'source_username')), 'source_username'); 2104 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->input['destination_username'], array('id' => 'destination_username')), 'destination_username'); 2105 $form_container->end(); 2106 2107 // Autocompletion for usernames 2108 echo ' 2109 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 2110 <script type="text/javascript"> 2111 <!-- 2112 new autoComplete("source_username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 2113 new autoComplete("destination_username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 2114 // --> 2115 </script>'; 2116 2117 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 2118 $form->output_submit_wrapper($buttons); 2119 $form->end(); 2120 2121 $page->output_footer(); 2122 } 2123 2124 if($mybb->input['action'] == "search") 2125 { 2126 $plugins->run_hooks("admin_user_users_search"); 2127 2128 if($mybb->request_method == "post" || $mybb->input['results'] == 1) 2129 { 2130 // Build view options from incoming search options 2131 if($mybb->input['vid']) 2132 { 2133 $query = $db->simple_select("adminviews", "*", "vid='".intval($mybb->input['vid'])."'"); 2134 $admin_view = $db->fetch_array($query); 2135 // View does not exist or this view is private and does not belong to the current user 2136 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2137 { 2138 unset($admin_view); 2139 } 2140 } 2141 2142 if($mybb->input['search_id'] && $admin_session['data']['user_views'][$mybb->input['search_id']]) 2143 { 2144 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 2145 unset($admin_view['extra_sql']); 2146 } 2147 else 2148 { 2149 // Don't have a view? Fetch the default 2150 if(!$admin_view['vid']) 2151 { 2152 $default_view = fetch_default_view("user"); 2153 if(!$default_view) 2154 { 2155 $default_view = "0"; 2156 } 2157 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2158 $admin_view = $db->fetch_array($query); 2159 } 2160 } 2161 2162 // Override specific parts of the view 2163 unset($admin_view['vid']); 2164 2165 if($mybb->input['type']) 2166 { 2167 $admin_view['view_type'] = $mybb->input['type']; 2168 } 2169 2170 if($mybb->input['conditions']) 2171 { 2172 $admin_view['conditions'] = $mybb->input['conditions']; 2173 } 2174 2175 if($mybb->input['sortby']) 2176 { 2177 $admin_view['sortby'] = $mybb->input['sortby']; 2178 } 2179 2180 if(intval($mybb->input['perpage'])) 2181 { 2182 $admin_view['perpage'] = $mybb->input['perpage']; 2183 } 2184 2185 if($mybb->input['order']) 2186 { 2187 $admin_view['sortorder'] = $mybb->input['order']; 2188 } 2189 2190 if($mybb->input['displayas']) 2191 { 2192 $admin_view['view_type'] = $mybb->input['displayas']; 2193 } 2194 2195 if($mybb->input['profile_fields']) 2196 { 2197 $admin_view['custom_profile_fields'] = $mybb->input['profile_fields']; 2198 } 2199 2200 $results = build_users_view($admin_view); 2201 2202 if($results) 2203 { 2204 $page->output_header($lang->find_users); 2205 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2206 $page->output_nav_tabs($sub_tabs, 'find_users'); 2207 echo $results; 2208 $page->output_footer(); 2209 } 2210 else 2211 { 2212 if($mybb->input['from'] == "home") 2213 { 2214 flash_message($lang->error_no_users_found, 'error'); 2215 admin_redirect("index.php"); 2216 exit; 2217 } 2218 else 2219 { 2220 $errors[] = $lang->error_no_users_found; 2221 } 2222 } 2223 } 2224 2225 $page->add_breadcrumb_item($lang->find_users); 2226 $page->output_header($lang->find_users); 2227 2228 $page->output_nav_tabs($sub_tabs, 'find_users'); 2229 2230 // If we have any error messages, show them 2231 if($errors) 2232 { 2233 $page->output_inline_error($errors); 2234 } 2235 2236 if(!$mybb->input['displayas']) 2237 { 2238 $mybb->input['displayas'] = "card"; 2239 } 2240 2241 $form = new Form("index.php?module=user-users&action=search", "post"); 2242 2243 user_search_conditions($mybb->input, $form); 2244 2245 $form_container = new FormContainer($lang->display_options); 2246 $sort_directions = array( 2247 "asc" => $lang->ascending, 2248 "desc" => $lang->descending 2249 ); 2250 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->input['order'], array('id' => 'order')), 'sortby'); 2251 $form_container->output_row($lang->results_per_page, "", $form->generate_text_box('perpage', $mybb->input['perpage'], array('id' => 'perpage')), 'perpage'); 2252 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->input['displayas'] != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->input['displayas'] == "card" ? true : false)))); 2253 $form_container->end(); 2254 2255 $buttons[] = $form->generate_submit_button($lang->find_users); 2256 $form->output_submit_wrapper($buttons); 2257 $form->end(); 2258 2259 $page->output_footer(); 2260 } 2261 2262 if($mybb->input['action'] == "inline_edit") 2263 { 2264 $plugins->run_hooks("admin_user_users_inline"); 2265 2266 if($mybb->input['vid'] || $mybb->cookies['acp_view']) 2267 { 2268 // We have a custom view 2269 if(!$mybb->cookies['acp_view']) 2270 { 2271 // Set a cookie 2272 my_setcookie("acp_view", $mybb->input['vid'], 60); 2273 } 2274 elseif($mybb->cookies['acp_view']) 2275 { 2276 // We already have a cookie, so let's use it... 2277 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2278 } 2279 2280 $vid_url = "&vid=".$mybb->input['vid']; 2281 } 2282 2283 // First, collect the user IDs that we're performing the moderation on 2284 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2285 foreach($ids as $id) 2286 { 2287 if($id != '') 2288 { 2289 $selected[] = intval($id); 2290 } 2291 } 2292 2293 // If there isn't anything to select, then output an error 2294 if(!is_array($selected)) 2295 { 2296 if($mybb->input['inline_action'] != "multilift" && $mybb->request_method != "post") 2297 { 2298 $errors[] = $lang->error_inline_no_users_selected; 2299 } 2300 } 2301 2302 if($errors) 2303 { 2304 // Don't show views, but show the user list if there's errors 2305 $inline = true; 2306 $mybb->input['action'] = ''; 2307 } 2308 else 2309 { 2310 // Let's continue! 2311 // Verify incoming POST request 2312 if(!verify_post_check($mybb->input['my_post_key'])) 2313 { 2314 flash_message($lang->invalid_post_verify_key2, 'error'); 2315 admin_redirect("index.php?module=user-user"); 2316 } 2317 $sub_tabs['manage_users'] = array( 2318 "title" => $lang->manage_users, 2319 "link" => "./", 2320 "description" => $lang->manage_users_desc 2321 ); 2322 $page->add_breadcrumb_item($lang->manage_users); 2323 2324 if(!is_array($selected)) 2325 { 2326 // Not selected any users, show error 2327 flash_message($lang->error_inline_no_users_selected, 'error'); 2328 admin_redirect("index.php?module=user-users".$vid_url); 2329 } 2330 2331 switch($mybb->input['inline_action']) 2332 { 2333 case 'multiactivate': 2334 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2335 if(is_array($selected)) 2336 { 2337 $sql_array = implode(",", $selected); 2338 $query = $db->simple_select("users", "uid", "usergroup = '5' AND uid IN (".$sql_array.")"); 2339 while($user = $db->fetch_array($query)) 2340 { 2341 $to_update[] = $user['uid']; 2342 } 2343 } 2344 2345 if(is_array($to_update)) 2346 { 2347 $sql_array = implode(",", $to_update); 2348 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2349 2350 // Action complete, grab stats and show success message - redirect user 2351 $to_update_count = count($to_update); 2352 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2353 2354 if($to_update_count != count($selected)) 2355 { 2356 // The update count is different to how many we selected! 2357 $not_updated_count = count($selected) - $to_update_count; 2358 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2359 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2360 } 2361 2362 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2363 log_admin_action($to_update_count); // Add to adminlog 2364 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2365 2366 flash_message($lang->inline_activated, 'success'); 2367 admin_redirect("index.php?module=user-users".$vid_url); 2368 } 2369 else 2370 { 2371 // Nothing was updated, show an error 2372 flash_message($lang->inline_activated_failed, 'error'); 2373 admin_redirect("index.php?module=user-users".$vid_url); 2374 } 2375 break; 2376 case 'multilift': 2377 // Get the users that are banned, and check that they have been selected 2378 if($mybb->input['no']) 2379 { 2380 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2381 } 2382 2383 if($mybb->request_method == "post") 2384 { 2385 $sql_array = implode(",", $selected); 2386 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2387 $to_be_unbanned = $db->num_rows($query); 2388 while($ban = $db->fetch_array($query)) 2389 { 2390 $updated_group = array( 2391 "usergroup" => $ban['oldgroup'], 2392 "additionalgroups" => $ban['oldadditionalgroups'], 2393 "displaygroup" => $ban['olddisplaygroup'] 2394 ); 2395 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2396 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2397 } 2398 2399 $cache->update_banned(); 2400 $cache->update_moderators(); 2401 2402 $mybb->input['action'] = "inline_lift"; 2403 log_admin_action($to_be_unbanned); 2404 my_unsetcookie("inlinemod_useracp"); 2405 2406 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2407 flash_message($lang->success_ban_lifted, 'success'); 2408 admin_redirect("index.php?module=user-users".$vid_url); 2409 } 2410 else 2411 { 2412 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2413 } 2414 2415 break; 2416 case 'multiban': 2417 if($mybb->input['processed'] == 1) 2418 { 2419 // We've posted ban information! 2420 // Build an array of users to ban, =D 2421 $sql_array = implode(",", $selected); 2422 // Build a cache array for this users that have been banned already 2423 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2424 while($user = $db->fetch_array($query)) 2425 { 2426 $bannedcache[] = "u_".$user['uid']; 2427 } 2428 2429 // Collect the users 2430 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2431 2432 if($mybb->input['bantime'] == '---') 2433 { 2434 $lifted = 0; 2435 } 2436 else 2437 { 2438 $lifted = ban_date2timestamp($mybb->input['bantime']); 2439 } 2440 2441 $banned_count = 0; 2442 while($user = $db->fetch_array($query)) 2443 { 2444 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2445 { 2446 // We remove ourselves and Super Admins from the mix 2447 continue; 2448 } 2449 2450 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2451 { 2452 // User already has a ban, update it! 2453 $update_array = array( 2454 "admin" => intval($mybb->user['uid']), 2455 "dateline" => TIME_NOW, 2456 "bantime" => $db->escape_string($mybb->input['bantime']), 2457 "lifted" => $db->escape_string($lifted), 2458 "reason" => $db->escape_string($mybb->input['reason']) 2459 ); 2460 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2461 } 2462 else 2463 { 2464 // Not currently banned - insert the ban 2465 $insert_array = array( 2466 'uid' => $user['uid'], 2467 'gid' => intval($mybb->input['usergroup']), 2468 'oldgroup' => $user['usergroup'], 2469 'oldadditionalgroups' => $user['additionalgroups'], 2470 'olddisplaygroup' => $user['displaygroup'], 2471 'admin' => intval($mybb->user['uid']), 2472 'dateline' => TIME_NOW, 2473 'bantime' => $db->escape_string($mybb->input['bantime']), 2474 'lifted' => $db->escape_string($lifted), 2475 'reason' => $db->escape_string($mybb->input['reason']) 2476 ); 2477 $db->insert_query('banned', $insert_array); 2478 } 2479 2480 // Moved the user to the 'Banned' Group 2481 $update_array = array( 2482 'usergroup' => 7, 2483 'displaygroup' => 0, 2484 'additionalgroups' => '', 2485 ); 2486 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2487 2488 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2489 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2490 2491 $cache->update_banned(); 2492 ++$banned_count; 2493 } 2494 $mybb->input['action'] = "inline_banned"; 2495 log_admin_action($banned_count, $lifted); 2496 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2497 2498 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2499 flash_message($lang->users_banned, 'success'); 2500 admin_redirect("index.php?module=user-users".$vid_url); 2501 } 2502 2503 $page->output_header($lang->manage_users); 2504 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2505 2506 // Provide the user with a warning of what they're about to do 2507 $table = new Table; 2508 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2509 $table->construct_cell($lang->mass_ban_info); 2510 $table->construct_row(); 2511 $table->output($lang->important); 2512 2513 // If there's any errors, display inline 2514 if($errors) 2515 { 2516 $page->output_inline_error($errors); 2517 } 2518 2519 $form = new Form("index.php?module=user-users", "post"); 2520 echo $form->generate_hidden_field('action', 'inline_edit'); 2521 echo $form->generate_hidden_field('inline_action', 'multiban'); 2522 echo $form->generate_hidden_field('processed', '1'); 2523 2524 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2525 $form_container->output_row($lang->ban_reason, "", $form->generate_text_box('reason', $mybb->input['reason'], array('id' => 'reason')), 'reason'); 2526 $ban_times = fetch_ban_times(); 2527 foreach($ban_times as $time => $period) 2528 { 2529 if($time != '---') 2530 { 2531 $friendly_time = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time)); 2532 $period = "{$period} ({$friendly_time})"; 2533 } 2534 $length_list[$time] = $period; 2535 } 2536 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 2537 $form_container->end(); 2538 2539 $buttons[] = $form->generate_submit_button($lang->ban_users); 2540 $form->output_submit_wrapper($buttons); 2541 $form->end(); 2542 $page->output_footer(); 2543 break; 2544 case 'multidelete': 2545 if($mybb->input['no']) 2546 { 2547 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2548 } 2549 else 2550 { 2551 if($mybb->input['processed'] == 1) 2552 { 2553 // Admin wants these users, gone! 2554 $sql_array = implode(",", $selected); 2555 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2556 $to_be_deleted = $db->num_rows($query); 2557 while($user = $db->fetch_array($query)) 2558 { 2559 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2560 { 2561 // Remove me and super admins 2562 continue; 2563 } 2564 else 2565 { 2566 // Run delete queries 2567 $db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'"); 2568 $db->delete_query("userfields", "ufid='{$user['uid']}'"); 2569 $db->delete_query("privatemessages", "uid='{$user['uid']}'"); 2570 $db->delete_query("events", "uid='{$user['uid']}'"); 2571 $db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'"); 2572 $db->delete_query("forumsubscriptions", "uid='{$user['uid']}'"); 2573 $db->delete_query("threadsubscriptions", "uid='{$user['uid']}'"); 2574 $db->delete_query("sessions", "uid='{$user['uid']}'"); 2575 $db->delete_query("banned", "uid='{$user['uid']}'"); 2576 $db->delete_query("threadratings", "uid='{$user['uid']}'"); 2577 $db->delete_query("users", "uid='{$user['uid']}'"); 2578 $db->delete_query("joinrequests", "uid='{$user['uid']}'"); 2579 $db->delete_query("warnings", "uid='{$user['uid']}'"); 2580 } 2581 } 2582 // Update forum stats, remove the cookie and redirect the user 2583 update_stats(array('numusers' => '-'.$to_be_deleted.'')); 2584 my_unsetcookie("inlinemod_useracp"); 2585 $mybb->input['action'] = "inline_delete"; 2586 log_admin_action($to_be_deleted); 2587 2588 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2589 flash_message($lang->users_deleted, 'success'); 2590 admin_redirect("index.php?module=user-users".$vid_url); 2591 } 2592 2593 $to_be_deleted = count($selected); 2594 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2595 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2596 } 2597 break; 2598 case 'multiprune': 2599 if($mybb->input['processed'] == 1) 2600 { 2601 if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set']) 2602 { 2603 $errors[] = $lang->multi_selected_dates; 2604 } 2605 2606 $day = intval($mybb->input['day']); 2607 $month = intval($mybb->input['month']); 2608 $year = intval($mybb->input['year']); 2609 2610 // Selected a date - check if the date the user entered is valid 2611 if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) 2612 { 2613 // Is the date sort of valid? 2614 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2615 { 2616 $errors[] = $lang->incorrect_date; 2617 } 2618 2619 // Check the month 2620 $months = get_bdays($year); 2621 if($day > $months[$month]-1) 2622 { 2623 $errors[] = $lang->incorrect_date; 2624 } 2625 2626 // Check the year 2627 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2628 { 2629 $errors[] = $lang->incorrect_date; 2630 } 2631 2632 if(!$errors) 2633 { 2634 // No errors, so let's continue and set the date to delete from 2635 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2636 } 2637 } 2638 elseif($mybb->input['set'] > 0) 2639 { 2640 // Set options 2641 // For this purpose, 1 month = 31 days 2642 $base_time = 24 * 60 * 60; 2643 2644 switch($mybb->input['set']) 2645 { 2646 case '1': 2647 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2648 break; 2649 case '2': 2650 $threshold = $base_time * 93; // 3 months = 31 days * 3 2651 break; 2652 case '3': 2653 $threshold = $base_time * 183; // 6 months = 365 days / 2 2654 break; 2655 case '4': 2656 $threshold = $base_time * 365; // 1 year = 365 days 2657 break; 2658 case '5': 2659 $threshold = $base_time * 548; // 18 months = 365 + 183 2660 break; 2661 case '6': 2662 $threshold = $base_time * 730; // 2 years = 365 * 2 2663 break; 2664 } 2665 2666 if(!$threshold) 2667 { 2668 // An option was entered that isn't in the dropdown box 2669 $errors[] = $lang->no_set_option; 2670 } 2671 else 2672 { 2673 $date = TIME_NOW - $threshold; 2674 } 2675 } 2676 else 2677 { 2678 $errors[] = $lang->no_prune_option; 2679 } 2680 2681 if(!$errors) 2682 { 2683 $sql_array = implode(",", $selected); 2684 $prune_array = array(); 2685 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2686 while($user = $db->fetch_array($query)) 2687 { 2688 // Protect Super Admins 2689 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2690 { 2691 continue; 2692 } 2693 2694 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2695 if($return_array && is_array($return_array)) 2696 { 2697 $prune_array = array_merge_recursive($prune_array, $return_array); 2698 } 2699 } 2700 2701 // No posts were found for the user, return error 2702 if(!is_array($prune_array) || count($prune_array) == 0) 2703 { 2704 flash_message($lang->prune_fail, 'error'); 2705 admin_redirect("index.php?module=user-users".$vid_url); 2706 } 2707 2708 // Require the rebuild functions 2709 require_once MYBB_ROOT.'/inc/functions.php'; 2710 require_once MYBB_ROOT.'/inc/functions_rebuild.php'; 2711 2712 // We've finished deleting user's posts, so let's delete the threads 2713 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2714 { 2715 foreach($prune_array['to_delete'] as $tid) 2716 { 2717 $db->delete_query("threads", "tid='$tid'"); 2718 $db->delete_query("threads", "closed='moved|$tid'"); 2719 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2720 $db->delete_query("polls", "tid='$tid'"); 2721 $db->delete_query("threadsread", "tid='$tid'"); 2722 $db->delete_query("threadratings", "tid='$tid'"); 2723 } 2724 } 2725 2726 // After deleting threads, rebuild the thread counters for the affected threads 2727 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2728 { 2729 $sql_array = implode(",", $prune_array['thread_update']); 2730 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2731 while($thread = $db->fetch_array($query)) 2732 { 2733 rebuild_thread_counters($thread['tid']); 2734 } 2735 } 2736 2737 // After updating thread counters, update the affected forum counters 2738 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2739 { 2740 $sql_array = implode(",", $prune_array['forum_update']); 2741 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2742 while($forum = $db->fetch_array($query)) 2743 { 2744 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2745 if($looped_forum == $forum['fid']) 2746 { 2747 continue; 2748 } 2749 $looped_forum = $forum['fid']; 2750 rebuild_forum_counters($forum['fid']); 2751 } 2752 } 2753 2754 //log_admin_action(); 2755 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2756 flash_message($lang->prune_complete, 'success'); 2757 admin_redirect("index.php?module=user-users".$vid_url); 2758 } 2759 } 2760 2761 $page->output_header($lang->manage_users); 2762 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2763 2764 // Display a table warning 2765 $table = new Table; 2766 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2767 $table->construct_cell($lang->mass_prune_info); 2768 $table->construct_row(); 2769 $table->output($lang->important); 2770 2771 if($errors) 2772 { 2773 $page->output_inline_error($errors); 2774 } 2775 2776 // Display the prune options 2777 $form = new Form("index.php?module=user-users", "post"); 2778 echo $form->generate_hidden_field('action', 'inline_edit'); 2779 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2780 echo $form->generate_hidden_field('processed', '1'); 2781 2782 $form_container = new FormContainer($lang->mass_prune_posts); 2783 2784 // Generate a list of days (1 - 31) 2785 $day_options = array(); 2786 $day_options[] = " "; 2787 for($i = 1; $i <= 31; ++$i) 2788 { 2789 $day_options[] = $i; 2790 } 2791 2792 // Generate a list of months (1 - 12) 2793 $month_options = array(); 2794 $month_options[] = " "; 2795 for($i = 1; $i <= 12; ++$i) 2796 { 2797 $string = "month_{$i}"; 2798 $month_options[] = $lang->$string; 2799 } 2800 $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']); 2801 $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']); 2802 $year_box = $form->generate_text_box('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;')); 2803 2804 $prune_select = $date_box.$month_box.$year_box; 2805 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2806 2807 // Generate the set date box 2808 $set_options = array(); 2809 $set_options[] = $lang->set_an_option; 2810 for($i = 1; $i <= 6; ++$i) 2811 { 2812 $string = "option_{$i}"; 2813 $set_options[] = $lang->$string; 2814 } 2815 2816 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set'); 2817 $form_container->end(); 2818 2819 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2820 $form->output_submit_wrapper($buttons); 2821 $form->end(); 2822 $page->output_footer(); 2823 break; 2824 case 'multiusergroup': 2825 if($mybb->input['processed'] == 1) 2826 { 2827 // Determine additional usergroups 2828 if(is_array($mybb->input['additionalgroups'])) 2829 { 2830 foreach($mybb->input['additionalgroups'] as $key => $gid) 2831 { 2832 if($gid == $mybb->input['usergroup']) 2833 { 2834 unset($mybb->input['additionalgroups'][$key]); 2835 } 2836 } 2837 $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups'])); 2838 } 2839 else 2840 { 2841 $additionalgroups = ''; 2842 } 2843 2844 // Create an update array 2845 $update_array = array( 2846 "usergroup" => intval($mybb->input['usergroup']), 2847 "additionalgroups" => $additionalgroups, 2848 "displaygroup" => intval($mybb->input['displaygroup']) 2849 ); 2850 2851 // Do the usergroup update for all those selected 2852 // If the a selected user is a super admin, don't update that user 2853 foreach($selected as $user) 2854 { 2855 if(!is_super_admin($user)) 2856 { 2857 $users_to_update[] = $user; 2858 } 2859 } 2860 2861 $to_update_count = count($users_to_update); 2862 if($to_update_count > 0 && is_array($users_to_update)) 2863 { 2864 // Update the users in the database 2865 $sql = implode(",", $users_to_update); 2866 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 2867 2868 // Redirect the admin... 2869 $mybb->input['action'] = "inline_usergroup"; 2870 log_admin_action($to_update_count); 2871 my_unsetcookie("inlinemod_useracp"); 2872 flash_message($lang->success_mass_usergroups, 'success'); 2873 admin_redirect("index.php?module=user-users".$vid_url); 2874 } 2875 else 2876 { 2877 // They tried to edit super admins! Uh-oh! 2878 $errors[] = $lang->no_usergroup_changed; 2879 } 2880 } 2881 2882 $page->output_header($lang->manage_users); 2883 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2884 2885 // Display a table warning 2886 $table = new Table; 2887 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 2888 $table->construct_cell($lang->usergroup_info); 2889 $table->construct_row(); 2890 $table->output($lang->important); 2891 2892 if($errors) 2893 { 2894 $page->output_inline_error($errors); 2895 } 2896 2897 // Display the usergroup options 2898 $form = new Form("index.php?module=user-users", "post"); 2899 echo $form->generate_hidden_field('action', 'inline_edit'); 2900 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 2901 echo $form->generate_hidden_field('processed', '1'); 2902 2903 $form_container = new FormContainer($lang->mass_usergroups); 2904 2905 // Usergroups 2906 $display_group_options[0] = $lang->use_primary_user_group; 2907 $options = array(); 2908 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 2909 while($usergroup = $db->fetch_array($query)) 2910 { 2911 $options[$usergroup['gid']] = $usergroup['title']; 2912 $display_group_options[$usergroup['gid']] = $usergroup['title']; 2913 } 2914 2915 if(!is_array($mybb->input['additionalgroups'])) 2916 { 2917 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 2918 } 2919 2920 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 2921 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 2922 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 2923 2924 $form_container->end(); 2925 2926 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 2927 $form->output_submit_wrapper($buttons); 2928 $form->end(); 2929 $page->output_footer(); 2930 break; 2931 } 2932 } 2933 } 2934 2935 if(!$mybb->input['action']) 2936 { 2937 $plugins->run_hooks("admin_user_users_start"); 2938 2939 $page->output_header($lang->browse_users); 2940 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2941 2942 $page->output_nav_tabs($sub_tabs, 'browse_users'); 2943 2944 if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) 2945 { 2946 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 2947 unset($admin_view['extra_sql']); 2948 } 2949 else 2950 { 2951 // Showing a specific view 2952 if(isset($mybb->input['vid'])) 2953 { 2954 $query = $db->simple_select("adminviews", "*", "vid='".intval($mybb->input['vid'])."'"); 2955 $admin_view = $db->fetch_array($query); 2956 // View does not exist or this view is private and does not belong to the current user 2957 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2958 { 2959 unset($admin_view); 2960 } 2961 } 2962 2963 // Don't have a view? Fetch the default 2964 if(!isset($admin_view)) 2965 { 2966 $default_view = fetch_default_view("user"); 2967 if(!$default_view) 2968 { 2969 $default_view = "0"; 2970 } 2971 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2972 $admin_view = $db->fetch_array($query); 2973 } 2974 } 2975 2976 // Fetch a list of all of the views for this user 2977 $popup = new PopupMenu("views", $lang->views); 2978 2979 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 2980 while($view = $db->fetch_array($query)) 2981 { 2982 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 2983 } 2984 $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views"); 2985 $admin_view['popup'] = $popup->fetch(); 2986 2987 if(isset($mybb->input['type'])) 2988 { 2989 $admin_view['view_type'] = $mybb->input['type']; 2990 } 2991 2992 $results = build_users_view($admin_view); 2993 2994 if(!$results) 2995 { 2996 // If we came from the home page and clicked on the "Activate Users" link, send them back to here 2997 if($admin_session['data']['from'] == "home") 2998 { 2999 flash_message($admin_session['data']['flash_message2']['message'], $admin_session['data']['flash_message2']['type']); 3000 update_admin_session('flash_message2', ''); 3001 update_admin_session('from', ''); 3002 admin_redirect("index.php"); 3003 exit; 3004 } 3005 else 3006 { 3007 $errors[] = $lang->error_no_users_found; 3008 } 3009 } 3010 3011 // If we have any error messages, show them 3012 if($errors) 3013 { 3014 if($inline != true) 3015 { 3016 echo "<div style=\"display: inline; float: right;\">{$admin_view['popup']}</div><br />\n"; 3017 } 3018 $page->output_inline_error($errors); 3019 } 3020 3021 echo $results; 3022 3023 $page->output_footer(); 3024 } 3025 3026 function build_users_view($view) 3027 { 3028 global $mybb, $db, $cache, $lang, $user_view_fields, $page; 3029 3030 $view_title = ''; 3031 if($view['title']) 3032 { 3033 $title_string = "view_title_{$view['vid']}"; 3034 3035 if($lang->$title_string) 3036 { 3037 $view['title'] = $lang->$title_string; 3038 } 3039 3040 $view_title .= " (".htmlspecialchars_uni($view['title']).")"; 3041 } 3042 3043 // Build the URL to this view 3044 if(!isset($view['url'])) 3045 { 3046 $view['url'] = "index.php?module=user-users"; 3047 } 3048 if(!is_array($view['conditions'])) 3049 { 3050 $view['conditions'] = unserialize($view['conditions']); 3051 } 3052 if(!is_array($view['fields'])) 3053 { 3054 $view['fields'] = unserialize($view['fields']); 3055 } 3056 if(!is_array($view['custom_profile_fields'])) 3057 { 3058 $view['custom_profile_fields'] = unserialize($view['custom_profile_fields']); 3059 } 3060 if(isset($mybb->input['username'])) 3061 { 3062 $view['conditions']['username'] = $mybb->input['username']; 3063 } 3064 if($view['vid']) 3065 { 3066 $view['url'] .= "&vid={$view['vid']}"; 3067 } 3068 else 3069 { 3070 // If this is a custom view we need to save everything ready to pass it on from page to page 3071 global $admin_session; 3072 if(!$mybb->input['search_id']) 3073 { 3074 $search_id = md5(random_str()); 3075 $admin_session['data']['user_views'][$search_id] = $view; 3076 update_admin_session('user_views', $admin_session['data']['user_views']); 3077 $mybb->input['search_id'] = $search_id; 3078 } 3079 $view['url'] .= "&search_id=".htmlspecialchars_uni($mybb->input['search_id']); 3080 } 3081 3082 if(isset($mybb->input['username'])) 3083 { 3084 $view['url'] .= "&username=".urlencode(htmlspecialchars_uni($mybb->input['username'])); 3085 } 3086 3087 if(!isset($admin_session['data']['last_users_view']) || $admin_session['data']['last_users_view'] != str_replace("&", "&", $view['url'])) 3088 { 3089 update_admin_session('last_users_url', str_replace("&", "&", $view['url'])); 3090 } 3091 3092 if(isset($view['conditions']['referrer'])){ 3093 $view['url'] .= "&action=referrers&uid=".htmlspecialchars_uni($view['conditions']['referrer']); 3094 } 3095 3096 // Do we not have any views? 3097 if(empty($view)) 3098 { 3099 return false; 3100 } 3101 3102 $table = new Table; 3103 3104 // Build header for table based view 3105 if($view['view_type'] != "card") 3106 { 3107 foreach($view['fields'] as $field) 3108 { 3109 if(!$user_view_fields[$field]) 3110 { 3111 continue; 3112 } 3113 $view_field = $user_view_fields[$field]; 3114 $field_options = array(); 3115 if($view_field['width']) 3116 { 3117 $field_options['width'] = $view_field['width']; 3118 } 3119 if($view_field['align']) 3120 { 3121 $field_options['class'] = "align_".$view_field['align']; 3122 } 3123 $table->construct_header($view_field['title'], $field_options); 3124 } 3125 $table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />"); // Create a header for the "select" boxes 3126 } 3127 3128 $search_sql = '1=1'; 3129 3130 // Build the search SQL for users 3131 3132 // List of valid LIKE search fields 3133 $user_like_fields = array("username", "email", "website", "icq", "aim", "yahoo", "msn", "signature", "usertitle"); 3134 foreach($user_like_fields as $search_field) 3135 { 3136 if(!empty($view['conditions'][$search_field]) && !$view['conditions'][$search_field.'_blank']) 3137 { 3138 $search_sql .= " AND u.{$search_field} LIKE '%".$db->escape_string_like($view['conditions'][$search_field])."%'"; 3139 } 3140 else if(!empty($view['conditions'][$search_field.'_blank'])) 3141 { 3142 $search_sql .= " AND u.{$search_field} != ''"; 3143 } 3144 } 3145 3146 // EXACT matching fields 3147 $user_exact_fields = array("referrer"); 3148 foreach($user_exact_fields as $search_field) 3149 { 3150 if(!empty($view['conditions'][$search_field])) 3151 { 3152 $search_sql .= " AND u.{$search_field}='".$db->escape_string($view['conditions'][$search_field])."'"; 3153 } 3154 } 3155 3156 // LESS THAN or GREATER THAN 3157 $direction_fields = array("postnum"); 3158 foreach($direction_fields as $search_field) 3159 { 3160 $direction_field = $search_field."_dir"; 3161 if(!empty($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) 3162 { 3163 switch($view['conditions'][$direction_field]) 3164 { 3165 case "greater_than": 3166 $direction = ">"; 3167 break; 3168 case "less_than": 3169 $direction = "<"; 3170 break; 3171 default: 3172 $direction = "="; 3173 } 3174 $search_sql .= " AND u.{$search_field}{$direction}'".$db->escape_string($view['conditions'][$search_field])."'"; 3175 } 3176 } 3177 3178 // Registration searching 3179 $reg_fields = array("regdate"); 3180 foreach($reg_fields as $search_field) 3181 { 3182 if(!empty($view['conditions'][$search_field]) && intval($view['conditions'][$search_field])) 3183 { 3184 $threshold = TIME_NOW - (intval($view['conditions'][$search_field]) * 24 * 60 * 60); 3185 3186 $search_sql .= " AND u.{$search_field} >= '{$threshold}'"; 3187 } 3188 } 3189 3190 // IP searching 3191 $ip_fields = array("regip", "lastip"); 3192 foreach($ip_fields as $search_field) 3193 { 3194 if(!empty($view['conditions'][$search_field])) 3195 { 3196 // IPv6 IP 3197 if(strpos($view['conditions'][$search_field], ":") !== false) 3198 { 3199 $view['conditions'][$search_field] = str_replace("*", "%", $view['conditions'][$search_field]); 3200 $ip_sql = "{$search_field} LIKE '".$db->escape_string($view['conditions'][$search_field])."'"; 3201 } 3202 else 3203 { 3204 $ip_range = fetch_longipv4_range($view['conditions'][$search_field]); 3205 if(!is_array($ip_range)) 3206 { 3207 $ip_sql = "long{$search_field}='{$ip_range}'"; 3208 } 3209 else 3210 { 3211 $ip_sql = "long{$search_field} > '{$ip_range[0]}' AND long{$search_field} < '{$ip_range[1]}'"; 3212 } 3213 } 3214 $search_sql .= " AND {$ip_sql}"; 3215 } 3216 } 3217 3218 // Post IP searching 3219 if(!empty($view['conditions']['postip'])) 3220 { 3221 // IPv6 IP 3222 if(strpos($view['conditions']['postip'], ":") !== false) 3223 { 3224 $view['conditions']['postip'] = str_replace("*", "%", $view['conditions']['postip']); 3225 $ip_sql = "ipaddress LIKE '".$db->escape_string($view['conditions']['postip'])."'"; 3226 } 3227 else 3228 { 3229 $ip_range = fetch_longipv4_range($view['conditions']['postip']); 3230 if(!is_array($ip_range)) 3231 { 3232 $ip_sql = "longipaddress='{$ip_range}'"; 3233 } 3234 else 3235 { 3236 $ip_sql = "longipaddress > '{$ip_range[0]}' AND longipaddress < '{$ip_range[1]}'"; 3237 } 3238 } 3239 $ip_uids = array(0); 3240 $query = $db->simple_select("posts", "uid", $ip_sql); 3241 while($uid = $db->fetch_field($query, "uid")) 3242 { 3243 $ip_uids[] = $uid; 3244 } 3245 $search_sql .= " AND u.uid IN(".implode(',', $ip_uids).")"; 3246 unset($ip_uids); 3247 } 3248 3249 // Custom Profile Field searching 3250 if($view['custom_profile_fields']) 3251 { 3252 $userfield_sql = '1=1'; 3253 foreach($view['custom_profile_fields'] as $column => $input) 3254 { 3255 if(is_array($input)) 3256 { 3257 foreach($input as $value => $text) 3258 { 3259 if($value == $column) 3260 { 3261 $value = $text; 3262 } 3263 3264 if($value == $lang->na) 3265 { 3266 continue; 3267 } 3268 3269 if(strpos($column, '_blank') !== false) 3270 { 3271 $column = str_replace('_blank', '', $column); 3272 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3273 } 3274 else 3275 { 3276 $userfield_sql .= ' AND '.$db->escape_string($column)."='".$db->escape_string($value)."'"; 3277 } 3278 } 3279 } 3280 else if(!empty($input)) 3281 { 3282 if($input == $lang->na) 3283 { 3284 continue; 3285 } 3286 3287 if(strpos($column, '_blank') !== false) 3288 { 3289 $column = str_replace('_blank', '', $column); 3290 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3291 } 3292 else 3293 { 3294 $userfield_sql .= ' AND '.$db->escape_string($column)." LIKE '%".$db->escape_string($input)."%'"; 3295 } 3296 } 3297 } 3298 3299 if($userfield_sql != '1=1') 3300 { 3301 $userfield_uids = array(0); 3302 $query = $db->simple_select("userfields", "ufid", $userfield_sql); 3303 while($userfield = $db->fetch_array($query)) 3304 { 3305 $userfield_uids[] = $userfield['ufid']; 3306 } 3307 $search_sql .= " AND u.uid IN(".implode(',', $userfield_uids).")"; 3308 unset($userfield_uids); 3309 } 3310 } 3311 3312 // Usergroup based searching 3313 if(isset($view['conditions']['usergroup'])) 3314 { 3315 if(!is_array($view['conditions']['usergroup'])) 3316 { 3317 $view['conditions']['usergroup'] = array($view['conditions']['usergroup']); 3318 } 3319 3320 foreach($view['conditions']['usergroup'] as $usergroup) 3321 { 3322 $usergroup = intval($usergroup); 3323 3324 if(!$usergroup) 3325 { 3326 continue; 3327 } 3328 3329 switch($db->type) 3330 { 3331 case "pgsql": 3332 case "sqlite": 3333 $additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'"; 3334 break; 3335 default: 3336 $additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'"; 3337 } 3338 } 3339 3340 $search_sql .= " AND (u.usergroup IN (".implode(",", array_map('intval', $view['conditions']['usergroup'])).") {$additional_sql})"; 3341 } 3342 3343 // COPPA users only? 3344 if(isset($view['conditions']['coppa'])) 3345 { 3346 $search_sql .= " AND u.coppauser=1 AND u.usergroup=5"; 3347 } 3348 3349 // Extra SQL? 3350 if(isset($view['extra_sql'])) 3351 { 3352 $search_sql .= $view['extra_sql']; 3353 } 3354 3355 // Lets fetch out how many results we have 3356 $query = $db->query(" 3357 SELECT COUNT(u.uid) AS num_results 3358 FROM ".TABLE_PREFIX."users u 3359 WHERE {$search_sql} 3360 "); 3361 $num_results = $db->fetch_field($query, "num_results"); 3362 3363 // No matching results then return false 3364 if(!$num_results) 3365 { 3366 return false; 3367 } 3368 // Generate the list of results 3369 else 3370 { 3371 if(!$view['perpage']) 3372 { 3373 $view['perpage'] = 20; 3374 } 3375 $view['perpage'] = intval($view['perpage']); 3376 3377 // Establish which page we're viewing and the starting index for querying 3378 // Establish which page we're viewing and the starting index for querying 3379 if(!isset($mybb->input['page'])) 3380 { 3381 $mybb->input['page'] = 1; 3382 } 3383 else 3384 { 3385 $mybb->input['page'] = intval($mybb->input['page']); 3386 } 3387 3388 if($mybb->input['page']) 3389 { 3390 $start = ($mybb->input['page'] - 1) * $view['perpage']; 3391 } 3392 else 3393 { 3394 $start = 0; 3395 $mybb->input['page'] = 1; 3396 } 3397 3398 $from_bit = ""; 3399 if(isset($mybb->input['from']) && $mybb->input['from'] == "home") 3400 { 3401 $from_bit = "&from=home"; 3402 } 3403 3404 switch($view['sortby']) 3405 { 3406 case "regdate": 3407 case "lastactive": 3408 case "postnum": 3409 case "reputation": 3410 $view['sortby'] = $db->escape_string($view['sortby']); 3411 break; 3412 case "numposts": 3413 $view['sortby'] = "postnum"; 3414 break; 3415 case "warninglevel": 3416 $view['sortby'] = "warningpoints"; 3417 break; 3418 default: 3419 $view['sortby'] = "username"; 3420 } 3421 3422 if($view['sortorder'] != "desc") 3423 { 3424 $view['sortorder'] = "asc"; 3425 } 3426 3427 $usergroups = $cache->read("usergroups"); 3428 3429 // Fetch matching users 3430 $query = $db->query(" 3431 SELECT u.* 3432 FROM ".TABLE_PREFIX."users u 3433 WHERE {$search_sql} 3434 ORDER BY {$view['sortby']} {$view['sortorder']} 3435 LIMIT {$start}, {$view['perpage']} 3436 "); 3437 $users = ''; 3438 while($user = $db->fetch_array($query)) 3439 { 3440 $comma = $groups_list = ''; 3441 $user['view']['username'] = "<a href=\"index.php?module=user-users&action=edit&uid={$user['uid']}\">".format_name($user['username'], $user['usergroup'], $user['displaygroup'])."</a>"; 3442 $user['view']['usergroup'] = $usergroups[$user['usergroup']]['title']; 3443 if($user['additionalgroups']) 3444 { 3445 $additional_groups = explode(",", $user['additionalgroups']); 3446 3447 foreach($additional_groups as $group) 3448 { 3449 $groups_list .= "{$comma}{$usergroups[$group]['title']}"; 3450 $comma = $lang->comma; 3451 } 3452 } 3453 if(!$groups_list) 3454 { 3455 $groups_list = $lang->none; 3456 } 3457 $user['view']['additionalgroups'] = "<small>{$groups_list}</small>"; 3458 $user['view']['email'] = "<a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"; 3459 $user['view']['regdate'] = my_date($mybb->settings['dateformat'], $user['regdate']).", ".my_date($mybb->settings['timeformat'], $user['regdate']); 3460 $user['view']['lastactive'] = my_date($mybb->settings['dateformat'], $user['lastactive']).", ".my_date($mybb->settings['timeformat'], $user['lastactive']); 3461 3462 // Build popup menu 3463 $popup = new PopupMenu("user_{$user['uid']}", $lang->options); 3464 $popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}"); 3465 $popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username"); 3466 3467 if($user['usergroup'] == 5) 3468 { 3469 if($user['coppauser']) 3470 { 3471 $popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3472 } 3473 else 3474 { 3475 $popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}"); 3476 } 3477 } 3478 3479 $popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')"); 3480 $popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}"); 3481 $popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}"); 3482 $popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username=".urlencode(htmlspecialchars_uni($user['username']))); 3483 $user['view']['controls'] = $popup->fetch(); 3484 3485 // Fetch the reputation for this user 3486 if($usergroups[$user['usergroup']]['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 3487 { 3488 $user['view']['reputation'] = get_reputation($user['reputation']); 3489 } 3490 else 3491 { 3492 $reputation = "-"; 3493 } 3494 3495 if($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) 3496 { 3497 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3498 if($warning_level > 100) 3499 { 3500 $warning_level = 100; 3501 } 3502 $user['view']['warninglevel'] = get_colored_warning_level($warning_level); 3503 } 3504 3505 if($user['avatar'] && !stristr($user['avatar'], 'http://')) 3506 { 3507 $user['avatar'] = "../{$user['avatar']}"; 3508 } 3509 if($view['view_type'] == "card") 3510 { 3511 $scaled_avatar = fetch_scaled_avatar($user, 80, 80); 3512 } 3513 else 3514 { 3515 $scaled_avatar = fetch_scaled_avatar($user, 34, 34); 3516 } 3517 if(!$user['avatar']) 3518 { 3519 $user['avatar'] = "styles/{$page->style}/images/default_avatar.gif"; 3520 } 3521 $user['view']['avatar'] = "<img src=\"".htmlspecialchars_uni($user['avatar'])."\" alt=\"\" width=\"{$scaled_avatar['width']}\" height=\"{$scaled_avatar['height']}\" />"; 3522 3523 if($view['view_type'] == "card") 3524 { 3525 $users .= build_user_view_card($user, $view, $i); 3526 } 3527 else 3528 { 3529 build_user_view_table($user, $view, $table); 3530 } 3531 } 3532 3533 // If card view, we need to output the results 3534 if($view['view_type'] == "card") 3535 { 3536 $table->construct_cell($users); 3537 $table->construct_row(); 3538 } 3539 } 3540 3541 if(!isset($view['table_id'])) 3542 { 3543 $view['table_id'] = "users_list"; 3544 } 3545 3546 $switch_view = "<div class=\"float_right\">"; 3547 $switch_url = $view['url']; 3548 if($mybb->input['page'] > 0) 3549 { 3550 $switch_url .= "&page=".intval($mybb->input['page']); 3551 } 3552 if($view['view_type'] != "card") 3553 { 3554 $switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>"; 3555 } 3556 else 3557 { 3558 $switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>"; 3559 } 3560 $switch_view .= "</div>"; 3561 3562 // Do we need to construct the pagination? 3563 if($num_results > $view['perpage']) 3564 { 3565 $pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url']."&type={$view['view_type']}"); 3566 $search_class = "float_right"; 3567 $search_style = ""; 3568 } 3569 else 3570 { 3571 $search_class = ''; 3572 $search_style = "text-align: right;"; 3573 } 3574 3575 $search_action = $view['url']; 3576 // stop &username= in the query string 3577 if($view_upos = strpos($search_action, '&username=')) 3578 { 3579 $search_action = substr($search_action, 0, $view_upos); 3580 } 3581 $search_action = str_replace("&", "&", $search_action); 3582 $search = new Form(htmlspecialchars_uni($search_action), 'post', 'search_form', 0, '', true); 3583 $built_view = $search->construct_return; 3584 $built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">"; 3585 $built_view .= $search->generate_hidden_field('action', 'search')."\n"; 3586 if(isset($view['conditions']['username'])) 3587 { 3588 $default_class = ''; 3589 $value = $view['conditions']['username']; 3590 } 3591 else 3592 { 3593 $default_class = "search_default"; 3594 $value = $lang->search_for_user; 3595 } 3596 $built_view .= $search->generate_text_box('username', $value, array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small"))."\n"; 3597 $built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n"; 3598 if($view['popup']) 3599 { 3600 $built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n"; 3601 } 3602 $built_view .= "<script type='text/javascript'> 3603 var form = document.getElementById('search_form'); 3604 form.onsubmit = function() { 3605 var search = document.getElementById('search_keywords'); 3606 if(search.value == '' || search.value == '".addcslashes($lang->search_for_user, "'")."') 3607 { 3608 search.focus(); 3609 return false; 3610 } 3611 } 3612 3613 var search = document.getElementById('search_keywords'); 3614 search.onfocus = function() 3615 { 3616 if(this.value == '".addcslashes($lang->search_for_user, "'")."') 3617 { 3618 $(this).removeClassName('search_default'); 3619 this.value = ''; 3620 } 3621 } 3622 search.onblur = function() 3623 { 3624 if(this.value == '') 3625 { 3626 $(this).addClassName('search_default'); 3627 this.value = '".addcslashes($lang->search_for_user, "'")."'; 3628 } 3629 } 3630 // fix the styling used if we have a different default value 3631 if(search.value != '".addcslashes($lang->search_for_user, "'")."') 3632 { 3633 $(search).removeClassName('search_default'); 3634 } 3635 </script>\n"; 3636 $built_view .= "</div>\n"; 3637 3638 // Autocompletion for usernames 3639 $built_view .= ' 3640 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 3641 <script type="text/javascript"> 3642 <!-- 3643 new autoComplete("search_keywords", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 3644 // --> 3645 </script>'; 3646 3647 $built_view .= $search->end(); 3648 3649 if(isset($pagination)) 3650 { 3651 $built_view .= $pagination; 3652 } 3653 if($view['view_type'] != "card") 3654 { 3655 $checkbox = ''; 3656 } 3657 else 3658 { 3659 $checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> "; 3660 } 3661 $built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']); 3662 if(isset($pagination)) 3663 { 3664 $built_view .= $pagination; 3665 } 3666 3667 $built_view .= ' 3668 <script type="text/javascript" src="'.$mybb->settings['bburl'].'/jscripts/inline_moderation.js?ver=1400"></script> 3669 <form action="index.php?module=user-users" method="post"> 3670 <input type="hidden" name="my_post_key" value="'.$mybb->post_code.'" /> 3671 <input type="hidden" name="action" value="inline_edit" /> 3672 <div class="float_right"><span class="smalltext"><strong>'.$lang->inline_edit.'</strong></span> 3673 <select name="inline_action" class="inline_select"> 3674 <option value="multiactivate">'.$lang->inline_activate.'</option> 3675 <option value="multiban">'.$lang->inline_ban.'</option> 3676 <option value="multiusergroup">'.$lang->inline_usergroup.'</option> 3677 <option value="multidelete">'.$lang->inline_delete.'</option> 3678 <option value="multiprune">'.$lang->inline_prune.'</option> 3679 </select> 3680 <input type="submit" class="button" name="go" value="'.$lang->go.' (0)" id="inline_go" /> 3681 <input type="button" onclick="javascript:inlineModeration.clearChecked();" value="'.$lang->clear.'" class="button" /> 3682 </div> 3683 </form> 3684 <br style="clear: both;" /> 3685 <script type="text/javascript"> 3686 <!-- 3687 var go_text = "'.$lang->go.'"; 3688 var all_text = "1"; 3689 var inlineType = "user"; 3690 var inlineId = "acp"; 3691 // --> 3692 </script>'; 3693 3694 return $built_view; 3695 } 3696 3697 function build_user_view_card($user, $view, &$i) 3698 { 3699 global $user_view_fields; 3700 3701 ++$i; 3702 if($i == 3) 3703 { 3704 $i = 1; 3705 } 3706 3707 // Loop through fields user wants to show 3708 foreach($view['fields'] as $field) 3709 { 3710 if(!$user_view_fields[$field]) 3711 { 3712 continue; 3713 } 3714 3715 $view_field = $user_view_fields[$field]; 3716 3717 // Special conditions for avatar 3718 if($field == "avatar") 3719 { 3720 $avatar = $user['view']['avatar']; 3721 } 3722 else if($field == "controls") 3723 { 3724 $controls = $user['view']['controls']; 3725 } 3726 // Otherwise, just user data 3727 else if($field != "username") 3728 { 3729 if(isset($user['view'][$field])) 3730 { 3731 $value = $user['view'][$field]; 3732 } 3733 else 3734 { 3735 $value = $user[$field]; 3736 } 3737 3738 if($field == "postnum") 3739 { 3740 $value = my_number_format($value); 3741 } 3742 3743 $user_details[] = "<strong>{$view_field['title']}:</strong> {$value}"; 3744 } 3745 3746 } 3747 // Floated to the left or right? 3748 if($i == 1) 3749 { 3750 $float = "left"; 3751 } 3752 else 3753 { 3754 $float = "right"; 3755 } 3756 3757 // And build the final card 3758 $card = "<fieldset id=\"uid_{$user['uid']}\" style=\"width: 47%; float: {$float};\">\n"; 3759 $card .= "<legend><input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('uid_{$user['uid']}').toggleClassName('inline_selected');\" /> {$user['view']['username']}</legend>\n"; 3760 if($avatar) 3761 { 3762 $card .= "<div class=\"user_avatar\">{$avatar}</div>\n"; 3763 } 3764 if($user_details) 3765 { 3766 $card .= "<div class=\"user_details\">".implode("<br />", $user_details)."</div>\n"; 3767 } 3768 if($controls) 3769 { 3770 $card .= "<div class=\"float_right\" style=\"padding: 4px;\">{$controls}</div>\n"; 3771 } 3772 $card .= "</fieldset>"; 3773 return $card; 3774 3775 } 3776 3777 function build_user_view_table($user, $view, &$table) 3778 { 3779 global $user_view_fields; 3780 3781 foreach($view['fields'] as $field) 3782 { 3783 if(!$user_view_fields[$field]) 3784 { 3785 continue; 3786 } 3787 $view_field = $user_view_fields[$field]; 3788 $field_options = array(); 3789 if($view_field['align']) 3790 { 3791 $field_options['class'] = "align_".$view_field['align']; 3792 } 3793 if($user['view'][$field]) 3794 { 3795 $value = $user['view'][$field]; 3796 } 3797 else 3798 { 3799 $value = $user[$field]; 3800 } 3801 $table->construct_cell($value, $field_options); 3802 } 3803 3804 $table->construct_cell("<input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('uid_{$user['uid']}').toggleClassName('inline_selected');\" />"); 3805 3806 $table->construct_row(); 3807 } 3808 3809 function fetch_scaled_avatar($user, $max_width=80, $max_height=80) 3810 { 3811 $scaled_dimensions = array( 3812 "width" => $max_width, 3813 "height" => $max_height, 3814 ); 3815 3816 if($user['avatar']) 3817 { 3818 if($user['avatardimensions']) 3819 { 3820 require_once MYBB_ROOT."inc/functions_image.php"; 3821 list($width, $height) = explode("|", $user['avatardimensions']); 3822 $scaled_dimensions = scale_image($width, $height, $max_width, $max_height); 3823 } 3824 } 3825 3826 return array("width" => $scaled_dimensions['width'], "height" => $scaled_dimensions['height']); 3827 } 3828 3829 function output_custom_profile_fields($fields, $values, &$form_container, &$form, $search=false) 3830 { 3831 global $lang; 3832 3833 if(!is_array($fields)) 3834 { 3835 return; 3836 } 3837 foreach($fields as $profile_field) 3838 { 3839 $profile_field['type'] = htmlspecialchars_uni($profile_field['type']); 3840 list($type, $options) = explode("\n", $profile_field['type'], 2); 3841 $type = trim($type); 3842 $field_name = "fid{$profile_field['fid']}"; 3843 3844 switch($type) 3845 { 3846 case "multiselect": 3847 if(!is_array($values[$field_name])) 3848 { 3849 $user_options = explode("\n", $values[$field_name]); 3850 } 3851 else 3852 { 3853 $user_options = $values[$field_name]; 3854 } 3855 3856 foreach($user_options as $val) 3857 { 3858 $selected_options[$val] = $val; 3859 } 3860 3861 $select_options = explode("\n", $options); 3862 $options = array(); 3863 if($search == true) 3864 { 3865 $select_options[''] = $lang->na; 3866 } 3867 3868 foreach($select_options as $val) 3869 { 3870 $val = trim($val); 3871 $options[$val] = $val; 3872 } 3873 if(!$profile_field['length']) 3874 { 3875 $profile_field['length'] = 3; 3876 } 3877 $code = $form->generate_select_box("profile_fields[{$field_name}][]", $options, $selected_options, array('id' => "profile_field_{$field_name}", 'multiple' => true, 'size' => $profile_field['length'])); 3878 break; 3879 case "select": 3880 $select_options = array(); 3881 if($search == true) 3882 { 3883 $select_options[''] = $lang->na; 3884 } 3885 $select_options += explode("\n", $options); 3886 $options = array(); 3887 foreach($select_options as $val) 3888 { 3889 $val = trim($val); 3890 $options[$val] = $val; 3891 } 3892 if(!$profile_field['length']) 3893 { 3894 $profile_field['length'] = 1; 3895 } 3896 if($search == true) 3897 { 3898 $code = $form->generate_select_box("profile_fields[{$field_name}][{$field_name}]", $options, $values[$field_name], array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 3899 } 3900 else 3901 { 3902 $code = $form->generate_select_box("profile_fields[{$field_name}]", $options, $values[$field_name], array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 3903 } 3904 break; 3905 case "radio": 3906 $radio_options = array(); 3907 if($search == true) 3908 { 3909 $radio_options[''] = $lang->na; 3910 } 3911 $radio_options += explode("\n", $options); 3912 foreach($radio_options as $val) 3913 { 3914 $val = trim($val); 3915 $code .= $form->generate_radio_button("profile_fields[{$field_name}]", $val, $val, array('id' => "profile_field_{$field_name}", 'checked' => ($val == $values[$field_name] ? true : false)))."<br />"; 3916 } 3917 break; 3918 case "checkbox": 3919 if(!is_array($values[$field_name])) 3920 { 3921 $user_options = explode("\n", $values[$field_name]); 3922 } 3923 else 3924 { 3925 $user_options = $values[$field_name]; 3926 } 3927 foreach($user_options as $val) 3928 { 3929 $selected_options[$val] = $val; 3930 } 3931 $select_options = array(); 3932 if($search == true) 3933 { 3934 $select_options[''] = $lang->na; 3935 } 3936 $select_options += explode("\n", $options); 3937 foreach($select_options as $val) 3938 { 3939 $val = trim($val); 3940 $code .= $form->generate_check_box("profile_fields[{$field_name}][]", $val, $val, array('id' => "profile_field_{$field_name}", 'checked' => ($val == $selected_options[$val] ? true : false)))."<br />"; 3941 } 3942 break; 3943 case "textarea": 3944 $extra = ''; 3945 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 3946 { 3947 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 3948 } 3949 3950 $code = $form->generate_text_area("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'rows' => 6, 'cols' => 50)).$extra; 3951 break; 3952 default: 3953 $extra = ''; 3954 if(isset($mybb->input['action']) && $mybb->input['action'] == "search") 3955 { 3956 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 3957 } 3958 3959 $code = $form->generate_text_box("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'maxlength' => $profile_field['maxlength'], 'length' => $profile_field['length'])).$extra; 3960 break; 3961 } 3962 3963 $form_container->output_row($profile_field['name'], $profile_field['description'], $code, "", array('id' => "profile_field_{$field_name}")); 3964 $code = $user_options = $selected_options = $radio_options = $val = $options = ''; 3965 } 3966 } 3967 3968 function user_search_conditions($input=array(), &$form) 3969 { 3970 global $mybb, $db, $lang; 3971 3972 if(!$input) 3973 { 3974 $input = $mybb->input; 3975 } 3976 3977 if(!is_array($input['conditions'])) 3978 { 3979 $input['conditions'] = unserialize($input['conditions']); 3980 } 3981 3982 if(!is_array($input['profile_fields'])) 3983 { 3984 $input['profile_fields'] = unserialize($input['profile_fields']); 3985 } 3986 3987 if(!is_array($input['fields'])) 3988 { 3989 $input['fields'] = unserialize($input['fields']); 3990 } 3991 3992 $form_container = new FormContainer($lang->find_users_where); 3993 $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username'); 3994 $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email'); 3995 3996 $options = array(); 3997 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3998 while($usergroup = $db->fetch_array($query)) 3999 { 4000 $options[$usergroup['gid']] = $usergroup['title']; 4001 } 4002 4003 $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups'); 4004 4005 $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website'))." {$lang->or} ".$form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website'); 4006 $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq'))." {$lang->or} ".$form->generate_check_box('conditions[icq_blank]', 1, $lang->is_not_blank, array('id' => 'icq_blank', 'checked' => $input['conditions']['icq_blank'])), 'icq'); 4007 $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim'))." {$lang->or} ".$form->generate_check_box('conditions[aim_blank]', 1, $lang->is_not_blank, array('id' => 'aim_blank', 'checked' => $input['conditions']['aim_blank'])), 'aim'); 4008 $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo'))." {$lang->or} ".$form->generate_check_box('conditions[yahoo_blank]', 1, $lang->is_not_blank, array('id' => 'yahoo_blank', 'checked' => $input['conditions']['yahoo_blank'])), 'yahoo'); 4009 $form_container->output_row($lang->msn_contains, "", $form->generate_text_box('conditions[msn]', $input['conditions']['msn'], array('id' => 'msn'))." {$lang->or} ".$form->generate_check_box('conditions[msn_blank]', 1, $lang->is_not_blank, array('id' => 'msn_blank', 'checked' => $input['conditions']['msn_blank'])), 'msn'); 4010 $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature'))." {$lang->or} ".$form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature'); 4011 $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle'))." {$lang->or} ".$form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle'); 4012 $greater_options = array( 4013 "greater_than" => $lang->greater_than, 4014 "is_exactly" => $lang->is_exactly, 4015 "less_than" => $lang->less_than 4016 ); 4017 $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir'))." ".$form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts'); 4018 4019 $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')).' '.$lang->days, 'regdate'); 4020 $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip'); 4021 $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip'); 4022 $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip'); 4023 4024 $form_container->end(); 4025 4026 // Custom profile fields go here 4027 $form_container = new FormContainer($lang->custom_profile_fields_match); 4028 4029 // Fetch custom profile fields 4030 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 4031 while($profile_field = $db->fetch_array($query)) 4032 { 4033 if($profile_field['required'] == 1) 4034 { 4035 $profile_fields['required'][] = $profile_field; 4036 } 4037 else 4038 { 4039 $profile_fields['optional'][] = $profile_field; 4040 } 4041 } 4042 4043 output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true); 4044 output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true); 4045 4046 $form_container->end(); 4047 4048 // Autocompletion for usernames 4049 echo ' 4050 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 4051 <script type="text/javascript"> 4052 <!-- 4053 new autoComplete("username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 4054 // --> 4055 </script>'; 4056 } 4057 4058 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |