| [ Index ] |
PHP Cross Reference of MyBB |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id$ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'usercp.php'); 14 15 $templatelist = "usercp,usercp_nav,usercp_profile,usercp_changename,usercp_email,usercp_password,usercp_subscriptions_thread,forumbit_depth2_forum_lastpost,usercp_forumsubscriptions_forum"; 16 $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups"; 17 $templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,usercp_usergroups_leader_usergroup,usercp_usergroups_leader,usercp_currentavatar,usercp_reputation"; 18 $templatelist .= ",usercp_attachments_attachment,usercp_attachments,usercp_profile_away,usercp_profile_customfield,usercp_profile_profilefields,usercp_profile_customtitle,usercp_forumsubscriptions_none"; 19 $templatelist .= ",usercp_forumsubscriptions,usercp_subscriptions_none,usercp_subscriptions,usercp_options_pms_from_buddys,usercp_options_tppselect,usercp_options_pppselect,usercp_options"; 20 $templatelist .= ",usercp_nav_editsignature,usercp_referrals,usercp_notepad,usercp_latest_threads_threads,forumdisplay_thread_gotounread,usercp_latest_threads,usercp_subscriptions_remove"; 21 $templatelist .= ",usercp_editsig_suspended,usercp_editsig,usercp_avatar_gallery_avatar,usercp_avatar_gallery_blankblock,usercp_avatar_gallery_noavatars,usercp_avatar_gallery,usercp_avatar_current"; 22 $templatelist .= ",usercp_avatar,usercp_editlists_userusercp_editlists,usercp_drafts_draft,usercp_drafts_none,usercp_drafts_submit,usercp_drafts,usercp_usergroups_joingroup,usercp_attachments_none"; 23 $templatelist .= ",usercp_warnings_warning,usercp_warnings,usercp_latest_subscribed_threads,usercp_latest_subscribed,usercp_nav_messenger_tracking,multipage_prevpage,multipage_start,multipage_end"; 24 $templatelist .= ",multipage_nextpage,multipage,multipage_page_current,codebuttons,smilieinsert_getmore,smilieinsert"; 25 26 require_once "./global.php"; 27 require_once MYBB_ROOT."inc/functions_post.php"; 28 require_once MYBB_ROOT."inc/functions_user.php"; 29 require_once MYBB_ROOT."inc/class_parser.php"; 30 $parser = new postParser; 31 32 // Load global language phrases 33 $lang->load("usercp"); 34 35 if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) 36 { 37 error_no_permission(); 38 } 39 40 if(!$mybb->user['pmfolders']) 41 { 42 $mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash; 43 $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'"); 44 } 45 46 $errors = ''; 47 48 if(!isset($mybb->input['action'])) 49 { 50 $mybb->input['action'] = ''; 51 } 52 53 $collapse_options = array('usercppms', 'usercpprofile', 'usercpmisc'); 54 foreach($collapse_options as $option) 55 { 56 if(!isset($collapsedimg[$option])) 57 { 58 $collapsedimg[$option] = ''; 59 } 60 if(!isset($collapsed[$option.'_e'])) 61 { 62 $collapsed[$option.'_e'] = ''; 63 } 64 } 65 66 usercp_menu(); 67 68 $plugins->run_hooks("usercp_start"); 69 if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") 70 { 71 $parser_options = array( 72 'allow_html' => $mybb->settings['sightml'], 73 'filter_badwords' => 1, 74 'allow_mycode' => $mybb->settings['sigmycode'], 75 'allow_smilies' => $mybb->settings['sigsmilies'], 76 'allow_imgcode' => $mybb->settings['sigimgcode'], 77 "filter_badwords" => 1 78 ); 79 $parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options); 80 if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) && 81 substr_count($parsed_sig, "<img") > 0) || 82 (($mybb->settings['sigimgcode'] == 1 || $mybb->settings['sigsmilies'] == 1) && 83 substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']) 84 ) 85 { 86 if($mybb->settings['sigimgcode'] == 1) 87 { 88 $imgsallowed = $mybb->settings['maxsigimages']; 89 } 90 else 91 { 92 $imgsallowed = 0; 93 } 94 $lang->too_many_sig_images2 = $lang->sprintf($lang->too_many_sig_images2, $imgsallowed); 95 $error = inline_error($lang->too_many_sig_images." ".$lang->too_many_sig_images2); 96 $mybb->input['preview'] = 1; 97 } 98 else if($mybb->settings['siglength'] > 0) 99 { 100 if($mybb->settings['sigcountmycode'] == 0) 101 { 102 $parsed_sig = $parser->text_parse_message($mybb->input['signature']); 103 } 104 else 105 { 106 $parsed_sig = $mybb->input['signature']; 107 } 108 $parsed_sig = preg_replace("#\s#", "", $parsed_sig); 109 $sig_length = my_strlen($parsed_sig); 110 if($sig_length > $mybb->settings['siglength']) 111 { 112 $lang->sig_too_long = $lang->sprintf($lang->sig_too_long, $mybb->settings['siglength']); 113 if($sig_length - $mybb->settings['siglength'] > 1) 114 { 115 $lang->sig_too_long .= $lang->sprintf($lang->sig_remove_chars_plural, $sig_length-$mybb->settings['siglength']); 116 } 117 else 118 { 119 $lang->sig_too_long .= $lang->sig_remove_chars_singular; 120 } 121 $error = inline_error($lang->sig_too_long); 122 } 123 } 124 if($error || $mybb->input['preview']) 125 { 126 $mybb->input['action'] = "editsig"; 127 } 128 } 129 130 // Make navigation 131 add_breadcrumb($lang->nav_usercp, "usercp.php"); 132 133 switch($mybb->input['action']) 134 { 135 case "profile": 136 case "do_profile": 137 add_breadcrumb($lang->ucp_nav_profile); 138 break; 139 case "options": 140 case "do_options": 141 add_breadcrumb($lang->nav_options); 142 break; 143 case "email": 144 case "do_email": 145 add_breadcrumb($lang->nav_email); 146 break; 147 case "password": 148 case "do_password": 149 add_breadcrumb($lang->nav_password); 150 break; 151 case "changename": 152 case "do_changename": 153 add_breadcrumb($lang->nav_changename); 154 break; 155 case "subscriptions": 156 add_breadcrumb($lang->ucp_nav_subscribed_threads); 157 break; 158 case "forumsubscriptions": 159 add_breadcrumb($lang->ucp_nav_forum_subscriptions); 160 break; 161 case "editsig": 162 case "do_editsig": 163 add_breadcrumb($lang->nav_editsig); 164 break; 165 case "avatar": 166 case "do_avatar": 167 add_breadcrumb($lang->nav_avatar); 168 break; 169 case "notepad": 170 case "do_notepad": 171 add_breadcrumb($lang->ucp_nav_notepad); 172 break; 173 case "editlists": 174 case "do_editlists": 175 add_breadcrumb($lang->ucp_nav_editlists); 176 break; 177 case "drafts": 178 add_breadcrumb($lang->ucp_nav_drafts); 179 break; 180 case "usergroups": 181 add_breadcrumb($lang->ucp_nav_usergroups); 182 break; 183 case "attachments": 184 add_breadcrumb($lang->ucp_nav_attachments); 185 break; 186 } 187 188 if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post") 189 { 190 // Verify incoming POST request 191 verify_post_check($mybb->input['my_post_key']); 192 193 $plugins->run_hooks("usercp_do_profile_start"); 194 195 if($mybb->input['away'] == 1 && $mybb->settings['allowaway'] != 0) 196 { 197 $awaydate = TIME_NOW; 198 if($mybb->input['awayday']) 199 { 200 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 201 if(!$mybb->input['awaymonth']) 202 { 203 $mybb->input['awaymonth'] = my_date('n', $awaydate); 204 } 205 if(!$mybb->input['awayyear']) 206 { 207 $mybb->input['awayyear'] = my_date('Y', $awaydate); 208 } 209 210 $return_month = intval(substr($mybb->input['awaymonth'], 0, 2)); 211 $return_day = intval(substr($mybb->input['awayday'], 0, 2)); 212 $return_year = min(intval($mybb->input['awayyear']), 9999); 213 214 // Check if return date is after the away date. 215 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 216 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 217 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 218 { 219 error($lang->error_usercp_return_date_past); 220 } 221 222 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 223 } 224 else 225 { 226 $returndate = ""; 227 } 228 $away = array( 229 "away" => 1, 230 "date" => $awaydate, 231 "returndate" => $returndate, 232 "awayreason" => $mybb->input['awayreason'] 233 ); 234 } 235 else 236 { 237 $away = array( 238 "away" => 0, 239 "date" => '', 240 "returndate" => '', 241 "awayreason" => '' 242 ); 243 } 244 245 $bday = array( 246 "day" => $mybb->input['bday1'], 247 "month" => $mybb->input['bday2'], 248 "year" => $mybb->input['bday3'] 249 ); 250 251 // Set up user handler. 252 require_once "inc/datahandlers/user.php"; 253 $userhandler = new UserDataHandler("update"); 254 255 $user = array( 256 "uid" => $mybb->user['uid'], 257 "website" => $mybb->input['website'], 258 "icq" => intval($mybb->input['icq']), 259 "aim" => $mybb->input['aim'], 260 "yahoo" => $mybb->input['yahoo'], 261 "msn" => $mybb->input['msn'], 262 "birthday" => $bday, 263 "birthdayprivacy" => $mybb->input['birthdayprivacy'], 264 "away" => $away, 265 "profile_fields" => $mybb->input['profile_fields'] 266 ); 267 268 if($mybb->usergroup['cancustomtitle'] == 1) 269 { 270 if($mybb->input['usertitle'] != '') 271 { 272 $user['usertitle'] = $mybb->input['usertitle']; 273 } 274 else if($mybb->input['reverttitle']) 275 { 276 $user['usertitle'] = ''; 277 } 278 } 279 $userhandler->set_data($user); 280 281 if(!$userhandler->validate_user()) 282 { 283 $errors = $userhandler->get_friendly_errors(); 284 285 // Set allowed value otherwise select options disappear 286 if(in_array($lang->userdata_invalid_birthday_privacy, $errors)) 287 { 288 $mybb->input['birthdayprivacy'] = 'none'; 289 } 290 291 $errors = inline_error($errors); 292 $mybb->input['action'] = "profile"; 293 } 294 else 295 { 296 $userhandler->update_user(); 297 298 $plugins->run_hooks("usercp_do_profile_end"); 299 redirect("usercp.php", $lang->redirect_profileupdated); 300 } 301 } 302 303 if($mybb->input['action'] == "profile") 304 { 305 if($errors) 306 { 307 $user = $mybb->input; 308 $bday = array(); 309 $bday[0] = $mybb->input['bday1']; 310 $bday[1] = $mybb->input['bday2']; 311 $bday[2] = intval($mybb->input['bday3']); 312 } 313 else 314 { 315 $user = $mybb->user; 316 $bday = explode("-", $user['birthday']); 317 } 318 319 $plugins->run_hooks("usercp_profile_start"); 320 321 $bdaysel = ''; 322 for($i = 1; $i <= 31; ++$i) 323 { 324 if($bday[0] == $i) 325 { 326 $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 327 } 328 else 329 { 330 $bdaydaysel .= "<option value=\"$i\">$i</option>\n"; 331 } 332 } 333 $bdaymonthsel[$bday[1]] = 'selected="selected"'; 334 335 $bdayprivacysel = ''; 336 if($user['birthdayprivacy'] == 'all' || !$user['birthdayprivacy']) 337 { 338 $bdayprivacysel .= "<option value=\"all\" selected=\"selected\">{$lang->birthdayprivacyall}</option>\n"; 339 $bdayprivacysel .= "<option value=\"none\">{$lang->birthdayprivacynone}</option>\n"; 340 $bdayprivacysel .= "<option value=\"age\">{$lang->birthdayprivacyage}</option>"; 341 } 342 else if($user['birthdayprivacy'] == 'none') 343 { 344 $bdayprivacysel .= "<option value=\"all\">{$lang->birthdayprivacyall}</option>\n"; 345 $bdayprivacysel .= "<option value=\"none\" selected=\"selected\">{$lang->birthdayprivacynone}</option>\n"; 346 $bdayprivacysel .= "<option value=\"age\">{$lang->birthdayprivacyage}</option>"; 347 } 348 else if($user['birthdayprivacy'] == 'age') 349 { 350 $bdayprivacysel .= "<option value=\"all\">{$lang->birthdayprivacyall}</option>\n"; 351 $bdayprivacysel .= "<option value=\"none\">{$lang->birthdayprivacynone}</option>\n"; 352 $bdayprivacysel .= "<option value=\"age\" selected=\"selected\">{$lang->birthdayprivacyage}</option>"; 353 } 354 355 if($user['website'] == "" || $user['website'] == "http://") 356 { 357 $user['website'] = "http://"; 358 } 359 else 360 { 361 $user['website'] = htmlspecialchars_uni($user['website']); 362 } 363 364 if($user['icq'] != "0") 365 { 366 $user['icq'] = intval($user['icq']); 367 } 368 if($user['icq'] == 0) 369 { 370 $user['icq'] = ""; 371 } 372 if($errors) 373 { 374 $user['msn'] = htmlspecialchars_uni($user['msn']); 375 $user['aim'] = htmlspecialchars_uni($user['aim']); 376 $user['yahoo'] = htmlspecialchars_uni($user['yahoo']); 377 } 378 if($mybb->settings['allowaway'] != 0) 379 { 380 if($errors) 381 { 382 if($user['away'] == 1) 383 { 384 $awaycheck[1] = "checked=\"checked\""; 385 } 386 else 387 { 388 $awaycheck[0] = "checked=\"checked\""; 389 } 390 $returndate = array(); 391 $returndate[0] = $mybb->input['awayday']; 392 $returndate[1] = $mybb->input['awaymonth']; 393 $returndate[2] = intval($mybb->input['awayyear']); 394 $user['awayreason'] = htmlspecialchars_uni($mybb->input['awayreason']); 395 } 396 else 397 { 398 $user['awayreason'] = htmlspecialchars_uni($user['awayreason']); 399 if($mybb->user['away'] == 1) 400 { 401 $awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']); 402 $awaycheck[1] = "checked=\"checked\""; 403 $awaynotice = $lang->sprintf($lang->away_notice_away, $awaydate); 404 } 405 else 406 { 407 $awaynotice = $lang->away_notice; 408 $awaycheck[0] = "checked=\"checked\""; 409 } 410 $returndate = explode("-", $mybb->user['returndate']); 411 } 412 $returndatesel = ''; 413 for($i = 1; $i <= 31; ++$i) 414 { 415 if($returndate[0] == $i) 416 { 417 $returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 418 } 419 else 420 { 421 $returndatesel .= "<option value=\"$i\">$i</option>\n"; 422 } 423 } 424 $returndatemonthsel[$returndate[1]] = "selected"; 425 426 eval("\$awaysection = \"".$templates->get("usercp_profile_away")."\";"); 427 } 428 // Custom profile fields baby! 429 $altbg = "trow1"; 430 $requiredfields = ''; 431 $customfields = ''; 432 $query = $db->simple_select("profilefields", "*", "editable=1", array('order_by' => 'disporder')); 433 while($profilefield = $db->fetch_array($query)) 434 { 435 // Does this field have a minimum post count? 436 if($profilefield['postnum'] && $profilefield['postnum'] > $user['postnum']) 437 { 438 continue; 439 } 440 441 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 442 $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); 443 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 444 $thing = explode("\n", $profilefield['type'], "2"); 445 $type = $thing[0]; 446 $options = $thing[1]; 447 $field = "fid{$profilefield['fid']}"; 448 $select = ''; 449 if($errors) 450 { 451 $userfield = $mybb->input['profile_fields'][$field]; 452 } 453 else 454 { 455 $userfield = $user[$field]; 456 } 457 if($type == "multiselect") 458 { 459 if($errors) 460 { 461 $useropts = $userfield; 462 } 463 else 464 { 465 $useropts = explode("\n", $userfield); 466 } 467 if(is_array($useropts)) 468 { 469 foreach($useropts as $key => $val) 470 { 471 $val = htmlspecialchars_uni($val); 472 $seloptions[$val] = $val; 473 } 474 } 475 $expoptions = explode("\n", $options); 476 if(is_array($expoptions)) 477 { 478 foreach($expoptions as $key => $val) 479 { 480 $val = trim($val); 481 $val = str_replace("\n", "\\n", $val); 482 483 $sel = ""; 484 if($val == $seloptions[$val]) 485 { 486 $sel = " selected=\"selected\""; 487 } 488 $select .= "<option value=\"$val\"$sel>$val</option>\n"; 489 } 490 if(!$profilefield['length']) 491 { 492 $profilefield['length'] = 3; 493 } 494 $code = "<select name=\"profile_fields[$field][]\" size=\"{$profilefield['length']}\" multiple=\"multiple\">$select</select>"; 495 } 496 } 497 elseif($type == "select") 498 { 499 $expoptions = explode("\n", $options); 500 if(is_array($expoptions)) 501 { 502 foreach($expoptions as $key => $val) 503 { 504 $val = trim($val); 505 $val = str_replace("\n", "\\n", $val); 506 $sel = ""; 507 if($val == htmlspecialchars_uni($userfield)) 508 { 509 $sel = " selected=\"selected\""; 510 } 511 $select .= "<option value=\"$val\"$sel>$val</option>"; 512 } 513 if(!$profilefield['length']) 514 { 515 $profilefield['length'] = 1; 516 } 517 $code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>"; 518 } 519 } 520 elseif($type == "radio") 521 { 522 $expoptions = explode("\n", $options); 523 if(is_array($expoptions)) 524 { 525 foreach($expoptions as $key => $val) 526 { 527 $checked = ""; 528 if($val == $userfield) 529 { 530 $checked = " checked=\"checked\""; 531 } 532 $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 533 } 534 } 535 } 536 elseif($type == "checkbox") 537 { 538 if($errors) 539 { 540 $useropts = $userfield; 541 } 542 else 543 { 544 $useropts = explode("\n", $userfield); 545 } 546 if(is_array($useropts)) 547 { 548 foreach($useropts as $key => $val) 549 { 550 $seloptions[$val] = $val; 551 } 552 } 553 $expoptions = explode("\n", $options); 554 if(is_array($expoptions)) 555 { 556 foreach($expoptions as $key => $val) 557 { 558 $checked = ""; 559 if($val == $seloptions[$val]) 560 { 561 $checked = " checked=\"checked\""; 562 } 563 $code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 564 } 565 } 566 } 567 elseif($type == "textarea") 568 { 569 $value = htmlspecialchars_uni($userfield); 570 $code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>"; 571 } 572 else 573 { 574 $value = htmlspecialchars_uni($userfield); 575 $maxlength = ""; 576 if($profilefield['maxlength'] > 0) 577 { 578 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 579 } 580 $code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />"; 581 } 582 if($profilefield['required'] == 1) 583 { 584 eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 585 } 586 else 587 { 588 eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 589 } 590 $altbg = alt_trow(); 591 $code = ""; 592 $select = ""; 593 $val = ""; 594 $options = ""; 595 $expoptions = ""; 596 $useropts = ""; 597 $seloptions = ""; 598 } 599 if($customfields) 600 { 601 eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); 602 } 603 604 if($mybb->usergroup['cancustomtitle'] == 1) 605 { 606 if($mybb->usergroup['usertitle'] == "") 607 { 608 $defaulttitle = ''; 609 $usertitles = $cache->read('usertitles'); 610 611 foreach($usertitles as $title) 612 { 613 if($title['posts'] <= $mybb->user['postnum']) 614 { 615 $defaulttitle = $title['title']; 616 break; 617 } 618 } 619 } 620 else 621 { 622 $defaulttitle = $mybb->usergroup['usertitle']; 623 } 624 625 if(trim($user['usertitle']) == '') 626 { 627 $lang->current_custom_usertitle = ''; 628 } 629 else 630 { 631 if($errors) 632 { 633 $newtitle = htmlspecialchars_uni($user['usertitle']); 634 $user['usertitle'] = $mybb->user['usertitle']; 635 } 636 } 637 eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";"); 638 } 639 else 640 { 641 $customtitle = ""; 642 } 643 644 $plugins->run_hooks("usercp_profile_end"); 645 646 eval("\$editprofile = \"".$templates->get("usercp_profile")."\";"); 647 output_page($editprofile); 648 } 649 650 if($mybb->input['action'] == "do_options" && $mybb->request_method == "post") 651 { 652 // Verify incoming POST request 653 verify_post_check($mybb->input['my_post_key']); 654 655 $plugins->run_hooks("usercp_do_options_start"); 656 657 // Set up user handler. 658 require_once MYBB_ROOT."inc/datahandlers/user.php"; 659 $userhandler = new UserDataHandler("update"); 660 661 $user = array( 662 "uid" => $mybb->user['uid'], 663 "style" => intval($mybb->input['style']), 664 "dateformat" => intval($mybb->input['dateformat']), 665 "timeformat" => intval($mybb->input['timeformat']), 666 "timezone" => $db->escape_string($mybb->input['timezoneoffset']), 667 "language" => $mybb->input['language'] 668 ); 669 670 $user['options'] = array( 671 "allownotices" => $mybb->input['allownotices'], 672 "hideemail" => $mybb->input['hideemail'], 673 "subscriptionmethod" => $mybb->input['subscriptionmethod'], 674 "invisible" => $mybb->input['invisible'], 675 "dstcorrection" => $mybb->input['dstcorrection'], 676 "threadmode" => $mybb->input['threadmode'], 677 "showsigs" => $mybb->input['showsigs'], 678 "showavatars" => $mybb->input['showavatars'], 679 "showquickreply" => $mybb->input['showquickreply'], 680 "receivepms" => $mybb->input['receivepms'], 681 "pmnotice" => $mybb->input['pmnotice'], 682 "receivefrombuddy" => $mybb->input['receivefrombuddy'], 683 "daysprune" => $mybb->input['daysprune'], 684 "showcodebuttons" => intval($mybb->input['showcodebuttons']), 685 "pmnotify" => $mybb->input['pmnotify'], 686 "showredirect" => $mybb->input['showredirect'], 687 "classicpostbit" => $mybb->input['classicpostbit'] 688 ); 689 690 if($mybb->settings['usertppoptions']) 691 { 692 $user['options']['tpp'] = intval($mybb->input['tpp']); 693 } 694 695 if($mybb->settings['userpppoptions']) 696 { 697 $user['options']['ppp'] = intval($mybb->input['ppp']); 698 } 699 700 $userhandler->set_data($user); 701 702 703 if(!$userhandler->validate_user()) 704 { 705 $errors = $userhandler->get_friendly_errors(); 706 $errors = inline_error($errors); 707 $mybb->input['action'] = "options"; 708 } 709 else 710 { 711 $userhandler->update_user(); 712 713 $plugins->run_hooks("usercp_do_options_end"); 714 715 redirect("usercp.php", $lang->redirect_optionsupdated); 716 } 717 } 718 719 if($mybb->input['action'] == "options") 720 { 721 $plugins->run_hooks("usercp_options_start"); 722 723 if($errors != '') 724 { 725 $user = $mybb->input; 726 } 727 else 728 { 729 $user = $mybb->user; 730 } 731 $languages = $lang->get_languages(); 732 $langoptions = ''; 733 foreach($languages as $lname => $language) 734 { 735 $sel = ""; 736 if($user['language'] == $lname) 737 { 738 $sel = " selected=\"selected\""; 739 } 740 $langoptions .= "<option value=\"$lname\"$sel>".htmlspecialchars_uni($language)."</option>\n"; 741 } 742 743 // Lets work out which options the user has selected and check the boxes 744 if($user['allownotices'] == 1) 745 { 746 $allownoticescheck = "checked=\"checked\""; 747 } 748 else 749 { 750 $allownoticescheck = ""; 751 } 752 753 if($user['invisible'] == 1) 754 { 755 $invisiblecheck = "checked=\"checked\""; 756 } 757 else 758 { 759 $invisiblecheck = ""; 760 } 761 762 if($user['hideemail'] == 1) 763 { 764 $hideemailcheck = "checked=\"checked\""; 765 } 766 else 767 { 768 $hideemailcheck = ""; 769 } 770 771 if($user['subscriptionmethod'] == 1) 772 { 773 $no_email_subscribe_selected = "selected=\"selected\""; 774 } 775 else if($user['subscriptionmethod'] == 2) 776 { 777 $instant_email_subscribe_selected = "selected=\"selected\""; 778 } 779 else 780 781 { 782 $no_subscribe_selected = "selected=\"selected\""; 783 } 784 785 if($user['showsigs'] == 1) 786 { 787 $showsigscheck = "checked=\"checked\""; 788 } 789 else 790 { 791 $showsigscheck = ""; 792 } 793 794 if($user['showavatars'] == 1) 795 { 796 $showavatarscheck = "checked=\"checked\""; 797 } 798 else 799 { 800 $showavatarscheck = ""; 801 } 802 803 if($user['showquickreply'] == 1) 804 { 805 $showquickreplycheck = "checked=\"checked\""; 806 } 807 else 808 { 809 $showquickreplycheck = ""; 810 } 811 812 if($user['receivepms'] == 1) 813 { 814 $receivepmscheck = "checked=\"checked\""; 815 } 816 else 817 { 818 $receivepmscheck = ""; 819 } 820 821 if($user['receivefrombuddy'] == 1) 822 { 823 $receivefrombuddycheck = "checked=\"checked\""; 824 } 825 else 826 { 827 $receivefrombuddycheck = ""; 828 } 829 830 if($user['pmnotice'] == 1 || $user['pmnotice'] == 2) 831 { 832 $pmnoticecheck = " checked=\"checked\""; 833 } 834 else 835 { 836 $pmnoticecheck = ""; 837 } 838 839 if($user['dstcorrection'] == 2) 840 { 841 $dst_auto_selected = "selected=\"selected\""; 842 } 843 else if($user['dstcorrection'] == 1) 844 { 845 $dst_enabled_selected = "selected=\"selected\""; 846 } 847 else 848 { 849 $dst_disabled_selected = "selected=\"selected\""; 850 } 851 852 if($user['showcodebuttons'] == 1) 853 { 854 $showcodebuttonscheck = "checked=\"checked\""; 855 } 856 else 857 { 858 $showcodebuttonscheck = ""; 859 } 860 861 if($user['showredirect'] != 0) 862 { 863 $showredirectcheck = "checked=\"checked\""; 864 } 865 else 866 { 867 $showredirectcheck = ""; 868 } 869 870 if($user['pmnotify'] != 0) 871 { 872 $pmnotifycheck = "checked=\"checked\""; 873 } 874 else 875 { 876 $pmnotifycheck = ''; 877 } 878 879 880 if($user['threadmode'] != "threaded" && $user['threadmode'] != "linear") 881 { 882 $user['threadmode'] = ''; // Leave blank to show default 883 } 884 885 if($user['classicpostbit'] != 0) 886 { 887 $classicpostbitcheck = "checked=\"checked\""; 888 } 889 else 890 { 891 $classicpostbitcheck = ''; 892 } 893 894 895 $date_format_options = "<option value=\"0\">{$lang->use_default}</option>"; 896 foreach($date_formats as $key => $format) 897 { 898 if($user['dateformat'] == $key) 899 { 900 $date_format_options .= "<option value=\"$key\" selected=\"selected\">".my_date($format, TIME_NOW, "", 0)."</option>"; 901 } 902 else 903 { 904 $date_format_options .= "<option value=\"$key\">".my_date($format, TIME_NOW, "", 0)."</option>"; 905 } 906 } 907 908 $time_format_options = "<option value=\"0\">{$lang->use_default}</option>"; 909 foreach($time_formats as $key => $format) 910 { 911 if($user['timeformat'] == $key) 912 { 913 $time_format_options .= "<option value=\"$key\" selected=\"selected\">".my_date($format, TIME_NOW, "", 0)."</option>"; 914 } 915 else 916 { 917 $time_format_options .= "<option value=\"$key\">".my_date($format, TIME_NOW, "", 0)."</option>"; 918 } 919 } 920 921 $tzselect = build_timezone_select("timezoneoffset", $mybb->user['timezone'], true); 922 923 if($mybb->settings['allowbuddyonly'] == 1) 924 { 925 eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";"); 926 } 927 928 $threadview[$user['threadmode']] = 'selected="selected"'; 929 $daysprunesel[$user['daysprune']] = 'selected="selected"'; 930 $stylelist = build_theme_select("style", $user['style']); 931 if($mybb->settings['usertppoptions']) 932 { 933 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 934 $tppoptions = ''; 935 if(is_array($explodedtpp)) 936 { 937 foreach($explodedtpp as $key => $val) 938 { 939 $val = trim($val); 940 $selected = ""; 941 if($user['tpp'] == $val) 942 { 943 $selected = "selected=\"selected\""; 944 } 945 $tppoptions .= "<option value=\"$val\" $selected>".$lang->sprintf($lang->tpp_option, $val)."</option>\n"; 946 } 947 } 948 eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); 949 } 950 if($mybb->settings['userpppoptions']) 951 { 952 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 953 $pppoptions = ''; 954 if(is_array($explodedppp)) 955 { 956 foreach($explodedppp as $key => $val) 957 { 958 $val = trim($val); 959 $selected = ""; 960 if($user['ppp'] == $val) 961 { 962 $selected = "selected=\"selected\""; 963 } 964 $pppoptions .= "<option value=\"$val\" $selected>".$lang->sprintf($lang->ppp_option, $val)."</option>\n"; 965 } 966 } 967 eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";"); 968 } 969 970 $plugins->run_hooks("usercp_options_end"); 971 972 eval("\$editprofile = \"".$templates->get("usercp_options")."\";"); 973 output_page($editprofile); 974 } 975 976 if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") 977 { 978 // Verify incoming POST request 979 verify_post_check($mybb->input['my_post_key']); 980 981 $errors = array(); 982 983 $plugins->run_hooks("usercp_do_email_start"); 984 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) 985 { 986 $errors[] = $lang->error_invalidpassword; 987 } 988 else 989 { 990 // Set up user handler. 991 require_once "inc/datahandlers/user.php"; 992 $userhandler = new UserDataHandler("update"); 993 994 $user = array( 995 "uid" => $mybb->user['uid'], 996 "email" => $mybb->input['email'], 997 "email2" => $mybb->input['email2'] 998 ); 999 1000 $userhandler->set_data($user); 1001 1002 if(!$userhandler->validate_user()) 1003 { 1004 $errors = $userhandler->get_friendly_errors(); 1005 } 1006 else 1007 { 1008 if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1) 1009 { 1010 $activationcode = random_str(); 1011 $now = TIME_NOW; 1012 $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); 1013 $newactivation = array( 1014 "uid" => $mybb->user['uid'], 1015 "dateline" => TIME_NOW, 1016 "code" => $activationcode, 1017 "type" => "e", 1018 "oldgroup" => $mybb->user['usergroup'], 1019 "misc" => $db->escape_string($mybb->input['email']) 1020 ); 1021 $db->insert_query("awaitingactivation", $newactivation); 1022 1023 $username = $mybb->user['username']; 1024 $uid = $mybb->user['uid']; 1025 $lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']); 1026 $lang->email_changeemail = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']); 1027 my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail); 1028 1029 $plugins->run_hooks("usercp_do_email_verify"); 1030 error($lang->redirect_changeemail_activation); 1031 } 1032 else 1033 { 1034 $userhandler->update_user(); 1035 $plugins->run_hooks("usercp_do_email_changed"); 1036 redirect("usercp.php", $lang->redirect_emailupdated); 1037 } 1038 } 1039 } 1040 if(count($errors) > 0) 1041 { 1042 $mybb->input['action'] = "email"; 1043 $errors = inline_error($errors); 1044 } 1045 } 1046 1047 if($mybb->input['action'] == "email") 1048 { 1049 // Coming back to this page after one or more errors were experienced, show fields the user previously entered (with the exception of the password) 1050 if($errors) 1051 { 1052 $email = htmlspecialchars_uni($mybb->input['email']); 1053 $email2 = htmlspecialchars_uni($mybb->input['email2']); 1054 } 1055 else 1056 { 1057 $email = $email2 = ''; 1058 } 1059 1060 $plugins->run_hooks("usercp_email"); 1061 1062 eval("\$changemail = \"".$templates->get("usercp_email")."\";"); 1063 output_page($changemail); 1064 } 1065 1066 if($mybb->input['action'] == "do_password" && $mybb->request_method == "post") 1067 { 1068 // Verify incoming POST request 1069 verify_post_check($mybb->input['my_post_key']); 1070 1071 $errors = array(); 1072 1073 $plugins->run_hooks("usercp_do_password_start"); 1074 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false) 1075 { 1076 $errors[] = $lang->error_invalidpassword; 1077 } 1078 else 1079 { 1080 // Set up user handler. 1081 require_once "inc/datahandlers/user.php"; 1082 $userhandler = new UserDataHandler("update"); 1083 1084 $user = array( 1085 "uid" => $mybb->user['uid'], 1086 "password" => $mybb->input['password'], 1087 "password2" => $mybb->input['password2'] 1088 ); 1089 1090 $userhandler->set_data($user); 1091 1092 if(!$userhandler->validate_user()) 1093 { 1094 $errors = $userhandler->get_friendly_errors(); 1095 } 1096 else 1097 { 1098 $userhandler->update_user(); 1099 my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']); 1100 $plugins->run_hooks("usercp_do_password_end"); 1101 redirect("usercp.php", $lang->redirect_passwordupdated); 1102 } 1103 } 1104 if(count($errors) > 0) 1105 { 1106 $mybb->input['action'] = "password"; 1107 $errors = inline_error($errors); 1108 } 1109 } 1110 1111 if($mybb->input['action'] == "password") 1112 { 1113 $plugins->run_hooks("usercp_password"); 1114 1115 eval("\$editpassword = \"".$templates->get("usercp_password")."\";"); 1116 output_page($editpassword); 1117 } 1118 1119 if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") 1120 { 1121 // Verify incoming POST request 1122 verify_post_check($mybb->input['my_post_key']); 1123 1124 $plugins->run_hooks("usercp_do_changename_start"); 1125 if($mybb->usergroup['canchangename'] != 1) 1126 { 1127 error_no_permission(); 1128 } 1129 1130 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) 1131 { 1132 $errors[] = $lang->error_invalidpassword; 1133 } 1134 else 1135 { 1136 // Set up user handler. 1137 require_once "inc/datahandlers/user.php"; 1138 $userhandler = new UserDataHandler("update"); 1139 1140 $user = array( 1141 "uid" => $mybb->user['uid'], 1142 "username" => $mybb->input['username'] 1143 ); 1144 1145 $userhandler->set_data($user); 1146 1147 if(!$userhandler->validate_user()) 1148 { 1149 $errors = $userhandler->get_friendly_errors(); 1150 } 1151 else 1152 { 1153 $userhandler->update_user(); 1154 $plugins->run_hooks("usercp_do_changename_end"); 1155 redirect("usercp.php", $lang->redirect_namechanged); 1156 1157 } 1158 } 1159 if(count($errors) > 0) 1160 { 1161 $errors = inline_error($errors); 1162 $mybb->input['action'] = "changename"; 1163 } 1164 } 1165 1166 if($mybb->input['action'] == "changename") 1167 { 1168 $plugins->run_hooks("usercp_changename_start"); 1169 if($mybb->usergroup['canchangename'] != 1) 1170 { 1171 error_no_permission(); 1172 } 1173 1174 $plugins->run_hooks("usercp_changename_end"); 1175 1176 eval("\$changename = \"".$templates->get("usercp_changename")."\";"); 1177 output_page($changename); 1178 } 1179 1180 if($mybb->input['action'] == "do_subscriptions") 1181 { 1182 // Verify incoming POST request 1183 verify_post_check($mybb->input['my_post_key']); 1184 1185 $plugins->run_hooks("usercp_do_subscriptions_start"); 1186 1187 if(!is_array($mybb->input['check'])) 1188 { 1189 error($lang->no_subscriptions_selected); 1190 } 1191 1192 // Clean input - only accept integers thanks! 1193 $mybb->input['check'] = array_map('intval', $mybb->input['check']); 1194 $tids = implode(",", $mybb->input['check']); 1195 1196 // Deleting these subscriptions? 1197 if($mybb->input['do'] == "delete") 1198 { 1199 $db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'"); 1200 } 1201 // Changing subscription type 1202 else 1203 { 1204 if($mybb->input['do'] == "no_notification") 1205 { 1206 $new_notification = 0; 1207 } 1208 else if($mybb->input['do'] == "instant_notification") 1209 { 1210 $new_notification = 1; 1211 } 1212 1213 // Update 1214 $update_array = array("notification" => $new_notification); 1215 $db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'"); 1216 } 1217 1218 // Done, redirect 1219 redirect("usercp.php?action=subscriptions", $lang->redirect_subscriptions_updated); 1220 } 1221 1222 if($mybb->input['action'] == "subscriptions") 1223 { 1224 $plugins->run_hooks("usercp_subscriptions_start"); 1225 1226 // Thread visiblity 1227 $visible = "AND t.visible != 0"; 1228 if(is_moderator() == true) 1229 { 1230 $visible = ''; 1231 } 1232 1233 // Do Multi Pages 1234 $query = $db->query(" 1235 SELECT COUNT(ts.tid) as threads 1236 FROM ".TABLE_PREFIX."threadsubscriptions ts 1237 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid) 1238 WHERE ts.uid = '".$mybb->user['uid']."' {$visible} 1239 "); 1240 $threadcount = $db->fetch_field($query, "threads"); 1241 1242 if(!$mybb->settings['threadsperpage']) 1243 { 1244 $mybb->settings['threadsperpage'] = 20; 1245 } 1246 1247 $perpage = $mybb->settings['threadsperpage']; 1248 $page = intval($mybb->input['page']); 1249 if($page > 0) 1250 { 1251 $start = ($page-1) * $perpage; 1252 $pages = $threadcount / $perpage; 1253 $pages = ceil($pages); 1254 if($page > $pages || $page <= 0) 1255 { 1256 $start = 0; 1257 $page = 1; 1258 } 1259 } 1260 else 1261 { 1262 $start = 0; 1263 $page = 1; 1264 } 1265 $end = $start + $perpage; 1266 $lower = $start+1; 1267 $upper = $end; 1268 if($upper > $threadcount) 1269 { 1270 $upper = $threadcount; 1271 } 1272 $multipage = multipage($threadcount, $perpage, $page, "usercp.php?action=subscriptions"); 1273 $fpermissions = forum_permissions(); 1274 1275 // Fetch subscriptions 1276 $query = $db->query(" 1277 SELECT s.*, t.*, t.username AS threadusername, u.username, p.displaystyle AS threadprefix 1278 FROM ".TABLE_PREFIX."threadsubscriptions s 1279 LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) 1280 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 1281 LEFT JOIN ".TABLE_PREFIX."threadprefixes p ON (p.pid=t.prefix) 1282 WHERE s.uid='".$mybb->user['uid']."' {$visible} 1283 ORDER BY t.lastpost DESC 1284 LIMIT $start, $perpage 1285 "); 1286 while($subscription = $db->fetch_array($query)) 1287 { 1288 $forumpermissions = $fpermissions[$subscription['fid']]; 1289 1290 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || ($forumpermissions['canonlyviewownthreads'] != 0 && $subscription['uid'] != $mybb->user['uid'])) 1291 { 1292 // Hmm, you don't have permission to view this thread - unsubscribe! 1293 $del_subscriptions[] = $subscription['sid']; 1294 } 1295 else if($subscription['tid']) 1296 { 1297 $subscriptions[$subscription['tid']] = $subscription; 1298 } 1299 } 1300 1301 if(is_array($del_subscriptions)) 1302 { 1303 $sids = implode(',', $del_subscriptions); 1304 1305 if($sids) 1306 { 1307 $db->delete_query("threadsubscriptions", "sid IN ({$sids}) AND uid='{$mybb->user['uid']}'"); 1308 } 1309 1310 $threadcount = $threadcount - count($del_subscriptions); 1311 1312 if($threadcount < 0) 1313 { 1314 $threadcount = 0; 1315 } 1316 } 1317 1318 if(is_array($subscriptions)) 1319 { 1320 $tids = implode(",", array_keys($subscriptions)); 1321 1322 if($mybb->user['uid'] == 0) 1323 { 1324 // Build a forum cache. 1325 $query = $db->query(" 1326 SELECT fid 1327 FROM ".TABLE_PREFIX."forums 1328 WHERE active != 0 1329 ORDER BY pid, disporder 1330 "); 1331 1332 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); 1333 } 1334 else 1335 { 1336 // Build a forum cache. 1337 $query = $db->query(" 1338 SELECT f.fid, fr.dateline AS lastread 1339 FROM ".TABLE_PREFIX."forums f 1340 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1341 WHERE f.active != 0 1342 ORDER BY pid, disporder 1343 "); 1344 } 1345 1346 while($forum = $db->fetch_array($query)) 1347 { 1348 if($mybb->user['uid'] == 0) 1349 { 1350 if($forumsread[$forum['fid']]) 1351 { 1352 $forum['lastread'] = $forumsread[$forum['fid']]; 1353 } 1354 } 1355 $readforums[$forum['fid']] = $forum['lastread']; 1356 } 1357 1358 // Check participation by the current user in any of these threads - for 'dot' folder icons 1359 if($mybb->settings['dotfolders'] != 0) 1360 { 1361 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 1362 while($post = $db->fetch_array($query)) 1363 { 1364 $subscriptions[$post['tid']]['doticon'] = 1; 1365 } 1366 } 1367 1368 // Read threads 1369 if($mybb->settings['threadreadcut'] > 0) 1370 { 1371 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 1372 while($readthread = $db->fetch_array($query)) 1373 { 1374 $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; 1375 } 1376 } 1377 1378 $icon_cache = $cache->read("posticons"); 1379 1380 // Now we can build our subscription list 1381 foreach($subscriptions as $thread) 1382 { 1383 $bgcolor = alt_trow(); 1384 1385 $folder = ''; 1386 $prefix = ''; 1387 1388 // If this thread has a prefix, insert a space between prefix and subject 1389 if($thread['prefix'] != 0) 1390 { 1391 $thread['threadprefix'] .= ' '; 1392 } 1393 1394 // Sanitize 1395 $thread['subject'] = $parser->parse_badwords($thread['subject']); 1396 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 1397 1398 // Build our links 1399 $thread['threadlink'] = get_thread_link($thread['tid']); 1400 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 1401 1402 // Fetch the thread icon if we have one 1403 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 1404 { 1405 $icon = $icon_cache[$thread['icon']]; 1406 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 1407 } 1408 else 1409 { 1410 $icon = " "; 1411 } 1412 1413 // Determine the folder 1414 $folder = ''; 1415 $folder_label = ''; 1416 1417 if($thread['doticon']) 1418 { 1419 $folder = "dot_"; 1420 $folder_label .= $lang->icon_dot; 1421 } 1422 1423 $gotounread = ''; 1424 $isnew = 0; 1425 $donenew = 0; 1426 $lastread = 0; 1427 1428 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 1429 { 1430 $forum_read = $readforums[$thread['fid']]; 1431 1432 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 1433 if($forum_read == 0 || $forum_read < $read_cutoff) 1434 { 1435 $forum_read = $read_cutoff; 1436 } 1437 } 1438 else 1439 { 1440 $forum_read = $forumsread[$thread['fid']]; 1441 } 1442 1443 if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) 1444 { 1445 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 1446 } 1447 1448 if($thread['lastpost'] > $cutoff) 1449 { 1450 if($thread['lastread']) 1451 { 1452 $lastread = $thread['lastread']; 1453 } 1454 else 1455 { 1456 $lastread = 1; 1457 } 1458 } 1459 1460 if(!$lastread) 1461 { 1462 $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); 1463 if($readcookie > $forum_read) 1464 { 1465 $lastread = $readcookie; 1466 } 1467 else 1468 { 1469 $lastread = $forum_read; 1470 } 1471 } 1472 1473 if($lastread && $lastread < $thread['lastpost']) 1474 { 1475 $folder .= "new"; 1476 $folder_label .= $lang->icon_new; 1477 $new_class = "subject_new"; 1478 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 1479 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 1480 $unreadpost = 1; 1481 } 1482 else 1483 { 1484 $folder_label .= $lang->icon_no_new; 1485 $new_class = "subject_old"; 1486 } 1487 1488 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 1489 { 1490 $folder .= "hot"; 1491 $folder_label .= $lang->icon_hot; 1492 } 1493 1494 if($thread['closed'] == 1) 1495 { 1496 $folder .= "lock"; 1497 $folder_label .= $lang->icon_lock; 1498 } 1499 1500 $folder .= "folder"; 1501 1502 if($thread['visible'] == 0) 1503 { 1504 $bgcolor = "trow_shaded"; 1505 } 1506 1507 // Build last post info 1508 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 1509 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 1510 $lastposter = $thread['lastposter']; 1511 $lastposteruid = $thread['lastposteruid']; 1512 1513 // Don't link to guest's profiles (they have no profile). 1514 if($lastposteruid == 0) 1515 { 1516 $lastposterlink = $lastposter; 1517 } 1518 else 1519 { 1520 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 1521 } 1522 1523 $thread['replies'] = my_number_format($thread['replies']); 1524 $thread['views'] = my_number_format($thread['views']); 1525 1526 // What kind of notification type do we have here? 1527 switch($thread['notification']) 1528 { 1529 case "1": // Instant 1530 $notification_type = $lang->instant_notification; 1531 break; 1532 default: // No notification 1533 $notification_type = $lang->no_notification; 1534 } 1535 1536 eval("\$threads .= \"".$templates->get("usercp_subscriptions_thread")."\";"); 1537 } 1538 1539 // Provide remove options 1540 eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";"); 1541 } 1542 else 1543 { 1544 eval("\$threads = \"".$templates->get("usercp_subscriptions_none")."\";"); 1545 } 1546 1547 $plugins->run_hooks("usercp_subscriptions_end"); 1548 1549 eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); 1550 output_page($subscriptions); 1551 } 1552 1553 if($mybb->input['action'] == "forumsubscriptions") 1554 { 1555 $plugins->run_hooks("usercp_forumsubscriptions_start"); 1556 1557 if($mybb->user['uid'] == 0) 1558 { 1559 // Build a forum cache. 1560 $query = $db->query(" 1561 SELECT fid 1562 FROM ".TABLE_PREFIX."forums 1563 WHERE active != 0 1564 ORDER BY pid, disporder 1565 "); 1566 1567 $forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); 1568 } 1569 else 1570 { 1571 // Build a forum cache. 1572 $query = $db->query(" 1573 SELECT f.fid, fr.dateline AS lastread 1574 FROM ".TABLE_PREFIX."forums f 1575 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1576 WHERE f.active != 0 1577 ORDER BY pid, disporder 1578 "); 1579 } 1580 1581 while($forum = $db->fetch_array($query)) 1582 { 1583 if($mybb->user['uid'] == 0) 1584 { 1585 if($forumsread[$forum['fid']]) 1586 { 1587 $forum['lastread'] = $forumsread[$forum['fid']]; 1588 } 1589 } 1590 $readforums[$forum['fid']] = $forum['lastread']; 1591 } 1592 1593 $fpermissions = forum_permissions(); 1594 require_once MYBB_ROOT."inc/functions_forumlist.php"; 1595 1596 $query = $db->query(" 1597 SELECT fs.*, f.*, t.subject AS lastpostsubject, fr.dateline AS lastread 1598 FROM ".TABLE_PREFIX."forumsubscriptions fs 1599 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid = fs.fid) 1600 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = f.lastposttid) 1601 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1602 WHERE f.type='f' AND fs.uid='".$mybb->user['uid']."' 1603 ORDER BY f.name ASC 1604 "); 1605 1606 $forums = ''; 1607 while($forum = $db->fetch_array($query)) 1608 { 1609 $forum_url = get_forum_link($forum['fid']); 1610 $forumpermissions = $fpermissions[$forum['fid']]; 1611 1612 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) 1613 { 1614 continue; 1615 } 1616 1617 $lightbulb = get_forum_lightbulb(array('open' => $forum['open'], 'lastread' => $forum['lastread']), array('lastpost' => $forum['lastpost'])); 1618 $folder = $lightbulb['folder']; 1619 1620 if($forumpermissions['canonlyviewownthreads'] != 0) 1621 { 1622 $posts = '-'; 1623 $threads = '-'; 1624 } 1625 else 1626 { 1627 $posts = my_number_format($forum['posts']); 1628 $threads = my_number_format($forum['threads']); 1629 } 1630 1631 if($forum['lastpost'] == 0 || $forum['lastposter'] == "") 1632 { 1633 $lastpost = "<div align=\"center\">{$lang->never}</div>"; 1634 } 1635 // Hide last post 1636 elseif($forumpermissions['canonlyviewownthreads'] != 0 && $forum['lastposteruid'] != $mybb->user['uid']) 1637 { 1638 $lastpost = "<div align=\"center\">{$lang->na}</div>"; 1639 } 1640 else 1641 { 1642 $forum['lastpostsubject'] = $parser->parse_badwords($forum['lastpostsubject']); 1643 $lastpost_date = my_date($mybb->settings['dateformat'], $forum['lastpost']); 1644 $lastpost_time = my_date($mybb->settings['timeformat'], $forum['lastpost']); 1645 $lastposttid = $forum['lastposttid']; 1646 $lastposter = $forum['lastposter']; 1647 $lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']); 1648 $lastpost_subject = htmlspecialchars_uni($forum['lastpostsubject']); 1649 if(my_strlen($lastpost_subject) > 25) 1650 { 1651 $lastpost_subject = my_substr($lastpost_subject, 0, 25) . "..."; 1652 } 1653 $lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost"); 1654 eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";"); 1655 } 1656 1657 if($mybb->settings['showdescriptions'] == 0) 1658 { 1659 $forum['description'] = ""; 1660 } 1661 1662 eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";"); 1663 } 1664 1665 if(!$forums) 1666 { 1667 eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";"); 1668 } 1669 1670 $plugins->run_hooks("usercp_forumsubscriptions_end"); 1671 1672 eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); 1673 output_page($forumsubscriptions); 1674 } 1675 1676 if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") 1677 { 1678 // Verify incoming POST request 1679 verify_post_check($mybb->input['my_post_key']); 1680 1681 $plugins->run_hooks("usercp_do_editsig_start"); 1682 1683 // User currently has a suspended signature 1684 if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) 1685 { 1686 error_no_permission(); 1687 } 1688 1689 if($mybb->input['updateposts'] == "enable") 1690 { 1691 $update_signature = array( 1692 "includesig" => 1 1693 ); 1694 $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'"); 1695 } 1696 elseif($mybb->input['updateposts'] == "disable") 1697 { 1698 $update_signature = array( 1699 "includesig" => 0 1700 ); 1701 $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'"); 1702 } 1703 $new_signature = array( 1704 "signature" => $db->escape_string($mybb->input['signature']) 1705 ); 1706 $plugins->run_hooks("usercp_do_editsig_process"); 1707 $db->update_query("users", $new_signature, "uid='".$mybb->user['uid']."'"); 1708 $plugins->run_hooks("usercp_do_editsig_end"); 1709 redirect("usercp.php?action=editsig", $lang->redirect_sigupdated); 1710 1711 } 1712 1713 if($mybb->input['action'] == "editsig") 1714 { 1715 $plugins->run_hooks("usercp_editsig_start"); 1716 if($mybb->input['preview'] && !$error) 1717 { 1718 $sig = $mybb->input['signature']; 1719 $template = "usercp_editsig_preview"; 1720 } 1721 elseif(!$error) 1722 { 1723 $sig = $mybb->user['signature']; 1724 $template = "usercp_editsig_current"; 1725 } 1726 else if($error) 1727 { 1728 $sig = $mybb->input['signature']; 1729 $template = false; 1730 } 1731 1732 if($mybb->user['suspendsignature'] && ($mybb->user['suspendsigtime'] == 0 || $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] > TIME_NOW)) 1733 { 1734 // User currently has no signature and they're suspended 1735 error($lang->sig_suspended); 1736 } 1737 1738 if($mybb->usergroup['canusesig'] != 1) 1739 { 1740 // Usergroup has no permission to use this facility 1741 error_no_permission(); 1742 } 1743 else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts']) 1744 { 1745 // Usergroup can use this facility, but only after x posts 1746 error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts'])); 1747 } 1748 1749 if($sig && $template) 1750 { 1751 $sig_parser = array( 1752 "allow_html" => $mybb->settings['sightml'], 1753 "allow_mycode" => $mybb->settings['sigmycode'], 1754 "allow_smilies" => $mybb->settings['sigsmilies'], 1755 "allow_imgcode" => $mybb->settings['sigimgcode'], 1756 "me_username" => $mybb->user['username'], 1757 "filter_badwords" => 1 1758 ); 1759 1760 $sigpreview = $parser->parse_message($sig, $sig_parser); 1761 eval("\$signature = \"".$templates->get($template)."\";"); 1762 } 1763 1764 // User has a current signature, so let's display it (but show an error message) 1765 if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW) 1766 { 1767 $plugins->run_hooks("usercp_editsig_end"); 1768 1769 // User either doesn't have permission, or has their signature suspended 1770 eval("\$editsig = \"".$templates->get("usercp_editsig_suspended")."\";"); 1771 } 1772 else 1773 { 1774 // User is allowed to edit their signature 1775 if($mybb->settings['sigsmilies'] == 1) 1776 { 1777 $sigsmilies = $lang->on; 1778 $smilieinserter = build_clickable_smilies(); 1779 } 1780 else 1781 { 1782 $sigsmilies = $lang->off; 1783 } 1784 if($mybb->settings['sigmycode'] == 1) 1785 { 1786 $sigmycode = $lang->on; 1787 } 1788 else 1789 { 1790 $sigmycode = $lang->off; 1791 } 1792 if($mybb->settings['sightml'] == 1) 1793 { 1794 $sightml = $lang->on; 1795 } 1796 else 1797 { 1798 $sightml = $lang->off; 1799 } 1800 if($mybb->settings['sigimgcode'] == 1) 1801 { 1802 $sigimgcode = $lang->on; 1803 } 1804 else 1805 { 1806 $sigimgcode = $lang->off; 1807 } 1808 $sig = htmlspecialchars_uni($sig); 1809 $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']); 1810 1811 if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0) 1812 { 1813 $codebuttons = build_mycode_inserter("signature"); 1814 } 1815 1816 $plugins->run_hooks("usercp_editsig_end"); 1817 1818 eval("\$editsig = \"".$templates->get("usercp_editsig")."\";"); 1819 } 1820 1821 output_page($editsig); 1822 } 1823 1824 if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 1825 { 1826 // Verify incoming POST request 1827 verify_post_check($mybb->input['my_post_key']); 1828 1829 $plugins->run_hooks("usercp_do_avatar_start"); 1830 require_once MYBB_ROOT."inc/functions_upload.php"; 1831 1832 $avatar_error = ""; 1833 1834 if($mybb->input['remove']) // remove avatar 1835 { 1836 $updated_avatar = array( 1837 "avatar" => "", 1838 "avatardimensions" => "", 1839 "avatartype" => "" 1840 ); 1841 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1842 remove_avatars($mybb->user['uid']); 1843 } 1844 elseif($mybb->input['gallery']) // Gallery avatar 1845 { 1846 if(empty($mybb->input['avatar'])) 1847 { 1848 $avatar_error = $lang->error_noavatar; 1849 } 1850 1851 $mybb->input['gallery'] = str_replace(array("./", ".."), "", $mybb->input['gallery']); 1852 $mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']); 1853 1854 if(empty($avatar_error)) 1855 { 1856 if($mybb->input['gallery'] == "default") 1857 { 1858 $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']); 1859 } 1860 else 1861 { 1862 $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']); 1863 } 1864 1865 if(file_exists($avatarpath)) 1866 { 1867 $dimensions = @getimagesize($avatarpath); 1868 1869 $updated_avatar = array( 1870 "avatar" => $avatarpath.'?dateline='.TIME_NOW, 1871 "avatardimensions" => "{$dimensions[0]}|{$dimensions[1]}", 1872 "avatartype" => "gallery" 1873 ); 1874 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1875 } 1876 remove_avatars($mybb->user['uid']); 1877 } 1878 } 1879 elseif($_FILES['avatarupload']['name']) // upload avatar 1880 { 1881 if($mybb->usergroup['canuploadavatars'] == 0) 1882 { 1883 error_no_permission(); 1884 } 1885 $avatar = upload_avatar(); 1886 if($avatar['error']) 1887 { 1888 $avatar_error = $avatar['error']; 1889 } 1890 else 1891 { 1892 if($avatar['width'] > 0 && $avatar['height'] > 0) 1893 { 1894 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 1895 } 1896 $updated_avatar = array( 1897 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 1898 "avatardimensions" => $avatar_dimensions, 1899 "avatartype" => "upload" 1900 ); 1901 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1902 } 1903 } 1904 else // remote avatar 1905 { 1906 $mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); 1907 $ext = get_extension($mybb->input['avatarurl']); 1908 1909 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 1910 $file = fetch_remote_file($mybb->input['avatarurl']); 1911 if(!$file) 1912 { 1913 $avatar_error = $lang->error_invalidavatarurl; 1914 } 1915 else 1916 { 1917 $tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 1918 $fp = @fopen($tmp_name, "wb"); 1919 if(!$fp) 1920 { 1921 $avatar_error = $lang->error_invalidavatarurl; 1922 } 1923 else 1924 { 1925 fwrite($fp, $file); 1926 fclose($fp); 1927 list($width, $height, $type) = @getimagesize($tmp_name); 1928 @unlink($tmp_name); 1929 if(!$type) 1930 { 1931 $avatar_error = $lang->error_invalidavatarurl; 1932 } 1933 } 1934 } 1935 1936 if(empty($avatar_error)) 1937 { 1938 if($width && $height && $mybb->settings['maxavatardims'] != "") 1939 { 1940 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 1941 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 1942 { 1943 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 1944 $avatar_error = $lang->error_avatartoobig; 1945 } 1946 } 1947 } 1948 1949 if(empty($avatar_error)) 1950 { 1951 if($width > 0 && $height > 0) 1952 { 1953 $avatar_dimensions = intval($width)."|".intval($height); 1954 } 1955 $updated_avatar = array( 1956 "avatar" => $db->escape_string($mybb->input['avatarurl'].'?dateline='.TIME_NOW), 1957 "avatardimensions" => $avatar_dimensions, 1958 "avatartype" => "remote" 1959 ); 1960 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1961 remove_avatars($mybb->user['uid']); 1962 } 1963 } 1964 1965 if(empty($avatar_error)) 1966 { 1967 $plugins->run_hooks("usercp_do_avatar_end"); 1968 redirect("usercp.php", $lang->redirect_avatarupdated); 1969 } 1970 else 1971 { 1972 $mybb->input['action'] = "avatar"; 1973 $avatar_error = inline_error($avatar_error); 1974 } 1975 } 1976 1977 if($mybb->input['action'] == "avatar") 1978 { 1979 $plugins->run_hooks("usercp_avatar_start"); 1980 // Get a listing of available galleries 1981 $gallerylist['default'] = $lang->default_gallery; 1982 $avatardir = @opendir($mybb->settings['avatardir']); 1983 while($dir = @readdir($avatardir)) 1984 { 1985 if(is_dir($mybb->settings['avatardir']."/$dir") && substr($dir, 0, 1) != ".") 1986 { 1987 $gallerylist[$dir] = str_replace("_", " ", $dir); 1988 } 1989 } 1990 @closedir($avatardir); 1991 natcasesort($gallerylist); 1992 reset($gallerylist); 1993 $galleries = ''; 1994 foreach($gallerylist as $dir => $friendlyname) 1995 { 1996 if($dir == $mybb->input['gallery']) 1997 { 1998 $activegallery = $friendlyname; 1999 $selected = "selected=\"selected\""; 2000 } 2001 $galleries .= "<option value=\"$dir\" $selected>$friendlyname</option>\n"; 2002 $selected = ""; 2003 } 2004 2005 // Check to see if we're in a gallery or not 2006 if($activegallery) 2007 { 2008 $gallery = str_replace("..", "", $mybb->input['gallery']); 2009 $lang->avatars_in_gallery = $lang->sprintf($lang->avatars_in_gallery, $activegallery); 2010 // Get a listing of avatars in this gallery 2011 $avatardir = $mybb->settings['avatardir']; 2012 if($gallery != "default") 2013 { 2014 $avatardir .= "/$gallery"; 2015 } 2016 $opendir = opendir($avatardir); 2017 while($avatar = @readdir($opendir)) 2018 { 2019 $avatarpath = $avatardir."/".$avatar; 2020 if(is_file($avatarpath) && preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $avatar)) 2021 { 2022 $avatars[] = $avatar; 2023 } 2024 } 2025 @closedir($opendir); 2026 2027 if(is_array($avatars)) 2028 { 2029 natcasesort($avatars); 2030 reset($avatars); 2031 $count = 0; 2032 $avatarlist = "<tr>\n"; 2033 foreach($avatars as $avatar) 2034 { 2035 $avatarpath = $avatardir."/".$avatar; 2036 $avatarname = preg_replace("#\.(jpg|jpeg|gif|bmp|png)$#i", "", $avatar); 2037 $avatarname = ucwords(str_replace("_", " ", $avatarname)); 2038 if($mybb->user['avatar'] == $avatarpath) 2039 { 2040 $checked = "checked=\"checked\""; 2041 } 2042 if($count == 5) 2043 { 2044 $avatarlist .= "</tr>\n<tr>\n"; 2045 $count = 0; 2046 } 2047 ++$count; 2048 eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_avatar")."\";"); 2049 } 2050 if($count != 0) 2051 { 2052 for($i = $count; $i <= 5; ++$i) 2053 { 2054 eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_blankblock")."\";"); 2055 } 2056 } 2057 } 2058 else 2059 { 2060 eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";"); 2061 } 2062 2063 $plugins->run_hooks("usercp_avatar_end"); 2064 2065 eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";"); 2066 output_page($gallery); 2067 } 2068 // Show main avatar page 2069 else 2070 { 2071 if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath'])) 2072 { 2073 $avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>"; 2074 } 2075 elseif($mybb->user['avatartype'] == "gallery" || stristr($mybb->user['avatar'], $mybb->settings['avatardir'])) 2076 { 2077 $avatarmsg = "<br /><strong>".$lang->using_gallery_avatar."</strong>"; 2078 } 2079 elseif($mybb->user['avatartype'] == "remote" || my_strpos(my_strtolower($mybb->user['avatar']), "http://") !== false) 2080 { 2081 $avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>"; 2082 $avatarurl = htmlspecialchars_uni($mybb->user['avatar']); 2083 } 2084 $urltoavatar = htmlspecialchars_uni($mybb->user['avatar']); 2085 if($mybb->user['avatar']) 2086 { 2087 $avatar_dimensions = explode("|", $mybb->user['avatardimensions']); 2088 if($avatar_dimensions[0] && $avatar_dimensions[1]) 2089 { 2090 $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; 2091 } 2092 eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";"); 2093 $colspan = 1; 2094 } 2095 else 2096 { 2097 $colspan = 2; 2098 } 2099 if($mybb->settings['maxavatardims'] != "") 2100 { 2101 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 2102 $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); 2103 } 2104 if($mybb->settings['avatarsize']) 2105 { 2106 $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); 2107 $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize); 2108 } 2109 if($mybb->settings['avatarresizing'] == "auto") 2110 { 2111 $auto_resize = "<br /><span class=\"smalltext\">{$lang->avatar_auto_resize_note}</span>\n"; 2112 } 2113 else if($mybb->settings['avatarresizing'] == "user") 2114 { 2115 $auto_resize = "<br /><span class=\"smalltext\"><input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->avatar_auto_resize_option}</label></span>"; 2116 } 2117 2118 $plugins->run_hooks("usercp_avatar_end"); 2119 2120 eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); 2121 output_page($avatar); 2122 } 2123 } 2124 2125 if($mybb->input['action'] == "do_editlists") 2126 { 2127 // Verify incoming POST request 2128 verify_post_check($mybb->input['my_post_key']); 2129 2130 $plugins->run_hooks("usercp_do_editlists_start"); 2131 2132 $existing_users = array(); 2133 $selected_list = array(); 2134 if($mybb->input['manage'] == "ignored") 2135 { 2136 if($mybb->user['ignorelist']) 2137 { 2138 $existing_users = explode(",", $mybb->user['ignorelist']); 2139 } 2140 2141 if($mybb->user['buddylist']) 2142 { 2143 // Create a list of buddies... 2144 $selected_list = explode(",", $mybb->user['buddylist']); 2145 } 2146 } 2147 else 2148 { 2149 if($mybb->user['buddylist']) 2150 { 2151 $existing_users = explode(",", $mybb->user['buddylist']); 2152 } 2153 2154 if($mybb->user['ignorelist']) 2155 { 2156 // Create a list of ignored users 2157 $selected_list = explode(",", $mybb->user['ignorelist']); 2158 } 2159 } 2160 2161 $error_message = ""; 2162 $message = ""; 2163 2164 // Adding one or more users to this list 2165 if($mybb->input['add_username']) 2166 { 2167 // Split up any usernames we have 2168 $found_users = 0; 2169 $adding_self = false; 2170 $users = explode(",", $mybb->input['add_username']); 2171 $users = array_map("trim", $users); 2172 $users = array_unique($users); 2173 foreach($users as $key => $username) 2174 { 2175 if(empty($username)) 2176 { 2177 unset($users[$key]); 2178 continue; 2179 } 2180 2181 if(my_strtoupper($mybb->user['username']) == my_strtoupper($username)) 2182 { 2183 $adding_self = true; 2184 unset($users[$key]); 2185 continue; 2186 } 2187 $users[$key] = $db->escape_string($username); 2188 } 2189 2190 // Fetch out new users 2191 if(count($users) > 0) 2192 { 2193 $query = $db->simple_select("users", "uid", "LOWER(username) IN ('".my_strtolower(implode("','", $users))."')"); 2194 while($user = $db->fetch_array($query)) 2195 { 2196 ++$found_users; 2197 2198 // Make sure we're not adding a duplicate 2199 if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list)) 2200 { 2201 if($mybb->input['manage'] == "ignored") 2202 { 2203 $error_message = "ignore"; 2204 } 2205 else 2206 { 2207 $error_message = "buddy"; 2208 } 2209 2210 // On another list? 2211 $string = "users_already_on_".$error_message."_list"; 2212 if(in_array($user['uid'], $selected_list)) 2213 { 2214 $string .= "_alt"; 2215 } 2216 2217 $error_message = $lang->$string; 2218 array_pop($users); // To maintain a proper count when we call count($users) 2219 continue; 2220 } 2221 2222 $existing_users[] = $user['uid']; 2223 } 2224 } 2225 2226 if($found_users < count($users)) 2227 { 2228 if($error_message) 2229 { 2230 $error_message .= "<br />"; 2231 } 2232 2233 $error_message .= $lang->invalid_user_selected; 2234 } 2235 2236 if(($adding_self != true || ($adding_self == true && count($users) > 0)) && ($error_message == "" || count($users) > 1)) 2237 { 2238 if($mybb->input['manage'] == "ignored") 2239 { 2240 $message = $lang->users_added_to_ignore_list; 2241 } 2242 else 2243 { 2244 $message = $lang->users_added_to_buddy_list; 2245 } 2246 } 2247 2248 if($adding_self == true) 2249 { 2250 if($mybb->input['manage'] == "ignored") 2251 { 2252 $error_message = $lang->cant_add_self_to_ignore_list; 2253 } 2254 else 2255 { 2256 $error_message = $lang->cant_add_self_to_buddy_list; 2257 } 2258 } 2259 2260 if(count($existing_users) == 0) 2261 { 2262 $message = ""; 2263 } 2264 } 2265 2266 // Removing a user from this list 2267 else if($mybb->input['delete']) 2268 { 2269 // Check if user exists on the list 2270 $key = array_search($mybb->input['delete'], $existing_users); 2271 if($key !== false) 2272 { 2273 unset($existing_users[$key]); 2274 $user = get_user($mybb->input['delete']); 2275 if($mybb->input['manage'] == "ignored") 2276 { 2277 $message = $lang->removed_from_ignore_list; 2278 } 2279 else 2280 { 2281 $message = $lang->removed_from_buddy_list; 2282 } 2283 $message = $lang->sprintf($message, $user['username']); 2284 } 2285 } 2286 2287 // Now we have the new list, so throw it all back together 2288 $new_list = implode(",", $existing_users); 2289 2290 // And clean it up a little to ensure there is no possibility of bad values 2291 $new_list = preg_replace("#,{2,}#", ",", $new_list); 2292 $new_list = preg_replace("#[^0-9,]#", "", $new_list); 2293 2294 if(my_substr($new_list, 0, 1) == ",") 2295 { 2296 $new_list = my_substr($new_list, 1); 2297 } 2298 if(my_substr($new_list, -1) == ",") 2299 { 2300 $new_list = my_substr($new_list, 0, my_strlen($new_list)-2); 2301 } 2302 2303 // And update 2304 $user = array(); 2305 if($mybb->input['manage'] == "ignored") 2306 { 2307 $user['ignorelist'] = $db->escape_string($new_list); 2308 $mybb->user['ignorelist'] = $user['ignorelist']; 2309 } 2310 else 2311 { 2312 $user['buddylist'] = $db->escape_string($new_list); 2313 $mybb->user['buddylist'] = $user['buddylist']; 2314 } 2315 2316 $db->update_query("users", $user, "uid='".$mybb->user['uid']."'"); 2317 2318 $plugins->run_hooks("usercp_do_editlists_end"); 2319 2320 // Ajax based request, throw new list to browser 2321 if($mybb->input['ajax']) 2322 { 2323 if($mybb->input['manage'] == "ignored") 2324 { 2325 $list = "ignore"; 2326 } 2327 else 2328 { 2329 $list = "buddy"; 2330 } 2331 2332 if($message) 2333 { 2334 $message_js = "var success = document.createElement('div'); var element = \$('{$list}_list'); element.parentNode.insertBefore(success, element); success.innerHTML = '{$message}'; success.className = 'success_message'; window.setTimeout(function() { Element.remove(success) }, 5000);"; 2335 } 2336 2337 if($error_message) 2338 { 2339 $message_js .= " var error = document.createElement('div'); var element = \$('{$list}_list'); element.parentNode.insertBefore(error, element); error.innerHTML = '{$error_message}'; error.className = 'error_message'; window.setTimeout(function() { Element.remove(error) }, 5000);"; 2340 } 2341 2342 if($mybb->input['delete']) 2343 { 2344 header("Content-type: text/javascript"); 2345 echo "Element.remove('{$mybb->input['manage']}_{$mybb->input['delete']}');\n"; 2346 if($new_list == "") 2347 { 2348 echo "\$('{$mybb->input['manage']}_count').innerHTML = '0';\n"; 2349 if($mybb->input['manage'] == "ignored") 2350 { 2351 echo "\$('ignore_list').innerHTML = '<li>{$lang->ignore_list_empty}</li>';\n"; 2352 } 2353 else 2354 { 2355 echo "\$('buddy_list').innerHTML = '<li>{$lang->buddy_list_empty}</li>';\n"; 2356 } 2357 } 2358 else 2359 { 2360 echo "\$('{$mybb->input['manage']}_count').innerHTML = '".count(explode(",", $new_list))."';\n"; 2361 } 2362 echo $message_js; 2363 exit; 2364 } 2365 $mybb->input['action'] = "editlists"; 2366 } 2367 else 2368 { 2369 if($error_message) 2370 { 2371 $message .= "<br />".$error_message; 2372 } 2373 redirect("usercp.php?action=editlists#{$mybb->input['manage']}", $message); 2374 } 2375 } 2376 2377 if($mybb->input['action'] == "editlists") 2378 { 2379 $plugins->run_hooks("usercp_editlists_start"); 2380 2381 $timecut = TIME_NOW - $mybb->settings['wolcutoff']; 2382 2383 // Fetch out buddies 2384 $buddy_count = 0; 2385 if($mybb->user['buddylist']) 2386 { 2387 $type = "buddy"; 2388 $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username")); 2389 while($user = $db->fetch_array($query)) 2390 { 2391 $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); 2392 if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) 2393 { 2394 $status = "online"; 2395 } 2396 else 2397 { 2398 $status = "offline"; 2399 } 2400 eval("\$buddy_list .= \"".$templates->get("usercp_editlists_user")."\";"); 2401 ++$buddy_count; 2402 } 2403 } 2404 2405 $lang->current_buddies = $lang->sprintf($lang->current_buddies, $buddy_count); 2406 if(!$buddy_list) 2407 { 2408 $buddy_list = "<li>{$lang->buddy_list_empty}</li>"; 2409 } 2410 2411 // Fetch out ignore list users 2412 $ignore_count = 0; 2413 if($mybb->user['ignorelist']) 2414 { 2415 $type = "ignored"; 2416 $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username")); 2417 while($user = $db->fetch_array($query)) 2418 { 2419 $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); 2420 if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) 2421 { 2422 $status = "online"; 2423 } 2424 else 2425 { 2426 $status = "offline"; 2427 } 2428 eval("\$ignore_list .= \"".$templates->get("usercp_editlists_user")."\";"); 2429 ++$ignore_count; 2430 } 2431 } 2432 2433 $lang->current_ignored_users = $lang->sprintf($lang->current_ignored_users, $ignore_count); 2434 if(!$ignore_list) 2435 { 2436 $ignore_list = "<li>{$lang->ignore_list_empty}</li>"; 2437 } 2438 2439 // If an AJAX request from buddy management, echo out whatever the new list is. 2440 if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) 2441 { 2442 if($mybb->input['manage'] == "ignored") 2443 { 2444 echo $ignore_list; 2445 echo "<script type=\"text/javascript\"> $('ignored_count').innerHTML = '{$ignore_count}'; {$message_js}</script>"; 2446 } 2447 else 2448 { 2449 echo $buddy_list; 2450 echo "<script type=\"text/javascript\"> $('buddy_count').innerHTML = '{$buddy_count}'; {$message_js}</script>"; 2451 } 2452 exit; 2453 } 2454 2455 $plugins->run_hooks("usercp_editlists_end"); 2456 2457 eval("\$listpage = \"".$templates->get("usercp_editlists")."\";"); 2458 output_page($listpage); 2459 } 2460 2461 if($mybb->input['action'] == "drafts") 2462 { 2463 $plugins->run_hooks("usercp_drafts_start"); 2464 // Show a listing of all of the current 'draft' posts or threads the user has. 2465 $drafts = ''; 2466 $query = $db->query(" 2467 SELECT p.subject, p.pid, t.tid, t.subject AS threadsubject, t.fid, f.name AS forumname, p.dateline, t.visible AS threadvisible, p.visible AS postvisible 2468 FROM ".TABLE_PREFIX."posts p 2469 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 2470 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) 2471 WHERE p.uid='".$mybb->user['uid']."' AND p.visible='-2' 2472 ORDER BY p.dateline DESC 2473 "); 2474 while($draft = $db->fetch_array($query)) 2475 { 2476 $trow = alt_trow(); 2477 if($draft['threadvisible'] == 1) // We're looking at a draft post 2478 { 2479 $detail = $lang->thread." <a href=\"".get_thread_link($draft['tid'])."\">".htmlspecialchars_uni($draft['threadsubject'])."</a>"; 2480 $editurl = "newreply.php?action=editdraft&pid={$draft['pid']}"; 2481 $id = $draft['pid']; 2482 $type = "post"; 2483 } 2484 elseif($draft['threadvisible'] == -2) // We're looking at a draft thread 2485 { 2486 $detail = $lang->forum." <a href=\"".get_forum_link($draft['fid'])."\">{$draft['forumname']}</a>"; 2487 $editurl = "newthread.php?action=editdraft&tid={$draft['tid']}"; 2488 $id = $draft['tid']; 2489 $type = "thread"; 2490 } 2491 $draft['subject'] = htmlspecialchars_uni($draft['subject']); 2492 $savedate = my_date($mybb->settings['dateformat'], $draft['dateline']); 2493 $savetime = my_date($mybb->settings['timeformat'], $draft['dateline']); 2494 eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";"); 2495 } 2496 if(!$drafts) 2497 { 2498 eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";"); 2499 $disable_delete_drafts = 'disabled="disabled"'; 2500 } 2501 else 2502 { 2503 eval("\$draftsubmit = \"".$templates->get("usercp_drafts_submit")."\";"); 2504 $disable_delete_drafts = ''; 2505 } 2506 2507 $query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); 2508 $count = $db->fetch_array($query); 2509 $draftcount = "(".my_number_format($count['draftcount']).")"; 2510 2511 $plugins->run_hooks("usercp_drafts_end"); 2512 2513 eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";"); 2514 output_page($draftlist); 2515 2516 } 2517 if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") 2518 { 2519 // Verify incoming POST request 2520 verify_post_check($mybb->input['my_post_key']); 2521 2522 $plugins->run_hooks("usercp_do_drafts_start"); 2523 if(!$mybb->input['deletedraft']) 2524 { 2525 error($lang->no_drafts_selected); 2526 } 2527 $pidin = array(); 2528 $tidin = array(); 2529 foreach($mybb->input['deletedraft'] as $id => $val) 2530 { 2531 if($val == "post") 2532 { 2533 $pidin[] = "'".intval($id)."'"; 2534 } 2535 elseif($val == "thread") 2536 { 2537 $tidin[] = "'".intval($id)."'"; 2538 } 2539 } 2540 if($tidin) 2541 { 2542 $tidin = implode(",", $tidin); 2543 $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); 2544 $tidinp = "OR tid IN ($tidin)"; 2545 } 2546 if($pidin || $tidinp) 2547 { 2548 if($pidin) 2549 { 2550 $pidin = implode(",", $pidin); 2551 $pidinq = "pid IN ($pidin)"; 2552 } 2553 else 2554 { 2555 $pidinq = "1=0"; 2556 } 2557 $db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'"); 2558 } 2559 $plugins->run_hooks("usercp_do_drafts_end"); 2560 redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted); 2561 } 2562 if($mybb->input['action'] == "usergroups") 2563 { 2564 $plugins->run_hooks("usercp_usergroups_start"); 2565 $ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; 2566 2567 // Changing our display group 2568 if($mybb->input['displaygroup']) 2569 { 2570 // Verify incoming POST request 2571 verify_post_check($mybb->input['my_post_key']); 2572 2573 if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) 2574 { 2575 error($lang->not_member_of_group); 2576 } 2577 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'"); 2578 $dispgroup = $db->fetch_array($query); 2579 if($dispgroup['candisplaygroup'] != 1) 2580 { 2581 error($lang->cannot_set_displaygroup); 2582 } 2583 $db->update_query("users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'"); 2584 $cache->update_moderators(); 2585 $plugins->run_hooks("usercp_usergroups_change_displaygroup"); 2586 redirect("usercp.php?action=usergroups", $lang->display_group_changed); 2587 exit; 2588 } 2589 2590 // Leaving a group 2591 if($mybb->input['leavegroup']) 2592 { 2593 // Verify incoming POST request 2594 verify_post_check($mybb->input['my_post_key']); 2595 2596 if(my_strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false) 2597 { 2598 error($lang->not_member_of_group); 2599 } 2600 if($mybb->user['usergroup'] == $mybb->input['leavegroup']) 2601 { 2602 error($lang->cannot_leave_primary_group); 2603 } 2604 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['leavegroup'])."'"); 2605 $usergroup = $db->fetch_array($query); 2606 if($usergroup['type'] != 4 && $usergroup['type'] != 3) 2607 { 2608 error($lang->cannot_leave_group); 2609 } 2610 leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']); 2611 $plugins->run_hooks("usercp_usergroups_leave_group"); 2612 redirect("usercp.php?action=usergroups", $lang->left_group); 2613 exit; 2614 } 2615 2616 // Joining a group 2617 if($mybb->input['joingroup']) 2618 { 2619 // Verify incoming POST request 2620 verify_post_check($mybb->input['my_post_key']); 2621 2622 $mybb->input['joingroup'] = intval($mybb->input['joingroup']); 2623 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'"); 2624 $usergroup = $db->fetch_array($query); 2625 2626 if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid']) 2627 { 2628 error($lang->cannot_join_group); 2629 } 2630 2631 if(my_strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false) 2632 { 2633 error($lang->already_member_of_group); 2634 } 2635 2636 $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".intval($mybb->input['joingroup'])."'"); 2637 $joinrequest = $db->fetch_array($query); 2638 if($joinrequest['rid']) 2639 { 2640 error($lang->already_sent_join_request); 2641 } 2642 if($mybb->input['do'] == "joingroup" && $usergroup['type'] == 4) 2643 { 2644 $reason = utf8_handle_4byte_string($mybb->input['reason']); 2645 $reason = $db->escape_string($reason); 2646 $now = TIME_NOW; 2647 $joinrequest = array( 2648 "uid" => $mybb->user['uid'], 2649 "gid" => intval($mybb->input['joingroup']), 2650 "reason" => $reason, 2651 "dateline" => TIME_NOW 2652 ); 2653 2654 $db->insert_query("joinrequests", $joinrequest); 2655 $plugins->run_hooks("usercp_usergroups_join_group_request"); 2656 redirect("usercp.php?action=usergroups", $lang->group_join_requestsent); 2657 exit; 2658 } 2659 elseif($usergroup['type'] == 4) 2660 { 2661 $joingroup = $mybb->input['joingroup']; 2662 eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";"); 2663 output_page($joinpage); 2664 exit(); 2665 } 2666 else 2667 { 2668 join_usergroup($mybb->user['uid'], $mybb->input['joingroup']); 2669 $plugins->run_hooks("usercp_usergroups_join_group"); 2670 redirect("usercp.php?action=usergroups", $lang->joined_group); 2671 } 2672 } 2673 // Show listing of various group related things 2674 2675 // List of usergroup leaders 2676 $query = $db->query(" 2677 SELECT g.*, u.username, u.displaygroup, u.usergroup 2678 FROM ".TABLE_PREFIX."groupleaders g 2679 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=g.uid) 2680 ORDER BY u.username ASC 2681 "); 2682 while($leader = $db->fetch_array($query)) 2683 { 2684 $groupleaders[$leader['gid']][$leader['uid']] = $leader; 2685 } 2686 2687 // List of groups this user is a leader of 2688 $groupsledlist = ''; 2689 2690 2691 switch($db->type) 2692 { 2693 case "pgsql": 2694 case "sqlite": 2695 $query = $db->query(" 2696 SELECT g.title, g.gid, g.type, COUNT(DISTINCT u.uid) AS users, COUNT(DISTINCT j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers 2697 FROM ".TABLE_PREFIX."groupleaders l 2698 LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) 2699 LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid)) 2700 LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) 2701 WHERE l.uid='".$mybb->user['uid']."' 2702 GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers 2703 "); 2704 break; 2705 default: 2706 $query = $db->query(" 2707 SELECT g.title, g.gid, g.type, COUNT(DISTINCT u.uid) AS users, COUNT(DISTINCT j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers 2708 FROM ".TABLE_PREFIX."groupleaders l 2709 LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) 2710 LEFT JOIN ".TABLE_PREFIX."users u ON(((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid)) 2711 LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) 2712 WHERE l.uid='".$mybb->user['uid']."' 2713 GROUP BY l.gid 2714 "); 2715 } 2716 2717 while($usergroup = $db->fetch_array($query)) 2718 { 2719 $memberlistlink = $moderaterequestslink = ''; 2720 $memberlistlink = " [<a href=\"managegroup.php?gid=".$usergroup['gid']."\">".$lang->view_members."</a>]"; 2721 if($usergroup['type'] != 4) 2722 { 2723 $usergroup['joinrequests'] = '--'; 2724 } 2725 if($usergroup['joinrequests'] > 0 && $usergroup['canmanagerequests'] == 1) 2726 { 2727 $moderaterequestslink = " [<a href=\"managegroup.php?action=joinrequests&gid={$usergroup['gid']}\">{$lang->view_requests}</a>]"; 2728 } 2729 $groupleader[$usergroup['gid']] = 1; 2730 $trow = alt_trow(); 2731 eval("\$groupsledlist .= \"".$templates->get("usercp_usergroups_leader_usergroup")."\";"); 2732 } 2733 if($groupsledlist) 2734 { 2735 eval("\$leadinggroups = \"".$templates->get("usercp_usergroups_leader")."\";"); 2736 } 2737 2738 // Fetch the list of groups the member is in 2739 // Do the primary group first 2740 $query = $db->simple_select("usergroups", "*", "gid='".$mybb->user['usergroup']."'"); 2741 $usergroup = $db->fetch_array($query); 2742 $leavelink = "<div style=\"text-align:center;\"><span class=\"smalltext\">{$lang->usergroup_leave_primary}</span></div>"; 2743 $trow = alt_trow(); 2744 if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup']) 2745 { 2746 $displaycode = " ({$lang->display_group})"; 2747 } 2748 elseif($usergroup['candisplaygroup'] == 1) 2749 { 2750 $displaycode = " (<a href=\"usercp.php?action=usergroups&displaygroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->set_as_display_group}</a>)"; 2751 } 2752 else 2753 { 2754 $displaycode = ''; 2755 } 2756 2757 eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); 2758 $showmemberof = false; 2759 if($mybb->user['additionalgroups']) 2760 { 2761 $query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title')); 2762 while($usergroup = $db->fetch_array($query)) 2763 { 2764 $showmemberof = true; 2765 2766 if($groupleader[$usergroup['gid']]) 2767 { 2768 $leavelink = "<div style=\"text-align: center;\"><span class=\"smalltext\">$lang->usergroup_leave_leader</span></div>"; 2769 } 2770 elseif($usergroup['type'] != 4 && $usergroup['type'] != 3) 2771 { 2772 $leavelink = "<div style=\"text-align: center;\"><span class=\"smalltext\">{$lang->usergroup_cannot_leave}</span></div>"; 2773 } 2774 else 2775 { 2776 $leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>"; 2777 } 2778 if($usergroup['description']) 2779 { 2780 $description = "<br /><span class=\"smalltext\">".$usergroup['description']."</span>"; 2781 } 2782 else 2783 { 2784 $description = ''; 2785 } 2786 if(!$usergroup['usertitle']) 2787 { 2788 // fetch title here 2789 } 2790 $trow = alt_trow(); 2791 if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup']) 2792 { 2793 $displaycode = " ({$lang->display_group})"; 2794 } 2795 elseif($usergroup['candisplaygroup'] == 1) 2796 { 2797 $displaycode = "(<a href=\"usercp.php?action=usergroups&displaygroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->set_as_display_group}</a>)"; 2798 } 2799 else 2800 { 2801 $displaycode = ''; 2802 } 2803 eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); 2804 } 2805 } 2806 eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";"); 2807 2808 // List of groups this user has applied for but has not been accepted in to 2809 $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); 2810 while($request = $db->fetch_array($query)) 2811 { 2812 $appliedjoin[$request['gid']] = $request['dateline']; 2813 } 2814 2815 // Fetch list of groups the member can join 2816 $existinggroups = $mybb->user['usergroup']; 2817 if($mybb->user['additionalgroups']) 2818 { 2819 $existinggroups .= ",".$mybb->user['additionalgroups']; 2820 } 2821 2822 $joinablegroups = ''; 2823 $query = $db->simple_select("usergroups", "*", "(type='3' OR type='4') AND gid NOT IN ($existinggroups)", array('order_by' => 'title')); 2824 while($usergroup = $db->fetch_array($query)) 2825 { 2826 $trow = alt_trow(); 2827 if($usergroup['description']) 2828 { 2829 $description = "<br /><span class=\"smallfont\">".$usergroup['description']."</span>"; 2830 } 2831 else 2832 { 2833 $description = ''; 2834 } 2835 2836 // Moderating join requests? 2837 if($usergroup['type'] == 4) 2838 { 2839 $conditions = $lang->usergroup_joins_moderated; 2840 } 2841 else 2842 { 2843 $conditions = $lang->usergroup_joins_anyone; 2844 } 2845 2846 if($appliedjoin[$usergroup['gid']]) 2847 { 2848 $applydate = my_date($mybb->settings['dateformat'], $appliedjoin[$usergroup['gid']]); 2849 $applytime = my_date($mybb->settings['timeformat'], $appliedjoin[$usergroup['gid']]); 2850 $joinlink = $lang->sprintf($lang->join_group_applied, $applydate, $applytime); 2851 } 2852 else 2853 { 2854 $joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->join_group}</a>"; 2855 } 2856 2857 $usergroupleaders = ''; 2858 if($groupleaders[$usergroup['gid']]) 2859 { 2860 $comma = ''; 2861 $usergroupleaders = ''; 2862 foreach($groupleaders[$usergroup['gid']] as $leader) 2863 { 2864 $leader['username'] = format_name($leader['username'], $leader['usergroup'], $leader['displaygroup']); 2865 $usergroupleaders .= $comma.build_profile_link($leader['username'], $leader['uid']); 2866 $comma = $lang->comma; 2867 } 2868 $usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders; 2869 } 2870 2871 if(my_strpos($usergroupleaders, $mybb->user['username']) === false) 2872 { 2873 // User is already a leader of the group, so don't show as a "Join Group" 2874 eval("\$joinablegrouplist .= \"".$templates->get("usercp_usergroups_joinable_usergroup")."\";"); 2875 } 2876 } 2877 if($joinablegrouplist) 2878 { 2879 eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";"); 2880 } 2881 2882 $plugins->run_hooks("usercp_usergroups_end"); 2883 2884 eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";"); 2885 output_page($groupmemberships); 2886 } 2887 if($mybb->input['action'] == "attachments") 2888 { 2889 $plugins->run_hooks("usercp_attachments_start"); 2890 require_once MYBB_ROOT."inc/functions_upload.php"; 2891 2892 $attachments = ''; 2893 2894 // Pagination 2895 if(!$mybb->settings['threadsperpage']) 2896 { 2897 $mybb->settings['threadsperpage'] = 20; 2898 } 2899 2900 $perpage = $mybb->settings['threadsperpage']; 2901 $page = intval($mybb->input['page']); 2902 2903 if(intval($mybb->input['page']) > 0) 2904 { 2905 $start = ($page-1) *$perpage; 2906 } 2907 else 2908 { 2909 $start = 0; 2910 $page = 1; 2911 } 2912 2913 $end = $start + $perpage; 2914 $lower = $start+1; 2915 2916 $query = $db->query(" 2917 SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject 2918 FROM ".TABLE_PREFIX."attachments a 2919 LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) 2920 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 2921 WHERE a.uid='".$mybb->user['uid']."' 2922 ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} 2923 "); 2924 2925 $bandwidth = $totaldownloads = 0; 2926 while($attachment = $db->fetch_array($query)) 2927 { 2928 if($attachment['dateline'] && $attachment['tid']) 2929 { 2930 $attachment['subject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['subject'])); 2931 $attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); 2932 $attachment['threadlink'] = get_thread_link($attachment['tid']); 2933 $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject'])); 2934 2935 $size = get_friendly_size($attachment['filesize']); 2936 $icon = get_attachment_icon(get_extension($attachment['filename'])); 2937 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 2938 2939 $sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']); 2940 $attachdate = my_date($mybb->settings['dateformat'], $attachment['dateline']); 2941 $attachtime = my_date($mybb->settings['timeformat'], $attachment['dateline']); 2942 $altbg = alt_trow(); 2943 2944 eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";"); 2945 2946 // Add to bandwidth total 2947 $bandwidth += ($attachment['filesize'] * $attachment['downloads']); 2948 $totaldownloads += $attachment['downloads']; 2949 } 2950 else 2951 { 2952 // This little thing delets attachments without a thread/post 2953 remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); 2954 } 2955 } 2956 2957 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); 2958 $usage = $db->fetch_array($query); 2959 $totalusage = $usage['ausage']; 2960 $totalattachments = $usage['acount']; 2961 $friendlyusage = get_friendly_size($totalusage); 2962 if($mybb->usergroup['attachquota']) 2963 { 2964 $percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%"; 2965 $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024); 2966 $usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments); 2967 } 2968 else 2969 { 2970 $percent = $lang->unlimited; 2971 $attachquota = $lang->unlimited; 2972 $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); 2973 } 2974 2975 $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments"); 2976 $bandwidth = get_friendly_size($bandwidth); 2977 2978 if(!$attachments) 2979 { 2980 eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); 2981 $usagenote = ''; 2982 } 2983 2984 $plugins->run_hooks("usercp_attachments_end"); 2985 2986 eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); 2987 output_page($manageattachments); 2988 } 2989 2990 if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") 2991 { 2992 // Verify incoming POST request 2993 verify_post_check($mybb->input['my_post_key']); 2994 2995 $plugins->run_hooks("usercp_do_attachments_start"); 2996 require_once MYBB_ROOT."inc/functions_upload.php"; 2997 if(!is_array($mybb->input['attachments'])) 2998 { 2999 error($lang->no_attachments_selected); 3000 } 3001 $aids = implode(',', array_map('intval', $mybb->input['attachments'])); 3002 $query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'"); 3003 while($attachment = $db->fetch_array($query)) 3004 { 3005 remove_attachment($attachment['pid'], '', $attachment['aid']); 3006 } 3007 $plugins->run_hooks("usercp_do_attachments_end"); 3008 redirect("usercp.php?action=attachments", $lang->attachments_deleted); 3009 } 3010 3011 if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post") 3012 { 3013 // Verify incoming POST request 3014 verify_post_check($mybb->input['my_post_key']); 3015 3016 // Cap at 60,000 chars; text will allow up to 65535? 3017 if(my_strlen($mybb->input['notepad']) > 60000) 3018 { 3019 $mybb->input['notepad'] = my_substr($mybb->input['notepad'], 0, 60000); 3020 } 3021 3022 $plugins->run_hooks("usercp_do_notepad_start"); 3023 $db->update_query("users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'"); 3024 $plugins->run_hooks("usercp_do_notepad_end"); 3025 redirect("usercp.php", $lang->redirect_notepadupdated); 3026 } 3027 3028 if(!$mybb->input['action']) 3029 { 3030 // Get posts per day 3031 $daysreg = (TIME_NOW - $mybb->user['regdate']) / (24*3600); 3032 3033 if($daysreg < 1) 3034 { 3035 $daysreg = 1; 3036 } 3037 3038 $perday = $mybb->user['postnum'] / $daysreg; 3039 $perday = round($perday, 2); 3040 if($perday > $mybb->user['postnum']) 3041 { 3042 $perday = $mybb->user['postnum']; 3043 } 3044 3045 $stats = $cache->read("stats"); 3046 $posts = $stats['numposts']; 3047 if($posts == 0) 3048 { 3049 $percent = "0"; 3050 } 3051 else 3052 { 3053 $percent = $mybb->user['postnum']*100/$posts; 3054 $percent = round($percent, 2); 3055 } 3056 3057 $lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent); 3058 $usergroup = $groupscache[$mybb->user['usergroup']]['title']; 3059 3060 $colspan = 1; 3061 if($mybb->user['avatar']) 3062 { 3063 $avatar_dimensions = explode("|", $mybb->user['avatardimensions']); 3064 if($avatar_dimensions[0] && $avatar_dimensions[1]) 3065 { 3066 $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; 3067 } 3068 $mybb->user['avatar'] = htmlspecialchars_uni($mybb->user['avatar']); 3069 eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";"); 3070 $colspan = 2; 3071 } 3072 else 3073 { 3074 $avatar = ''; 3075 } 3076 $regdate = my_date($mybb->settings['dateformat'].", ".$mybb->settings['timeformat'], $mybb->user['regdate']); 3077 3078 if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin") 3079 { 3080 $usergroup .= "<br />(<a href=\"member.php?action=resendactivation\">$lang->resend_activation</a>)"; 3081 } 3082 // Make reputations row 3083 $reputations = ''; 3084 if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 3085 { 3086 $reputation_link = get_reputation($mybb->user['reputation']); 3087 eval("\$reputation = \"".$templates->get("usercp_reputation")."\";"); 3088 } 3089 3090 $latest_warnings = ''; 3091 if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0) 3092 { 3093 $warning_level = round($mybb->user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3094 if($warning_level > 100) 3095 { 3096 $warning_level = 100; 3097 } 3098 3099 if($mybb->user['warningpoints'] > $mybb->settings['maxwarningpoints']) 3100 { 3101 $mybb->user['warningpoints'] = $mybb->settings['maxwarningpoints']; 3102 } 3103 3104 if($warning_level > 0) 3105 { 3106 expire_warnings(); 3107 3108 $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $mybb->user['warningpoints'], $mybb->settings['maxwarningpoints']); 3109 // Fetch latest warnings 3110 $query = $db->query(" 3111 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 3112 FROM ".TABLE_PREFIX."warnings w 3113 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 3114 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 3115 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 3116 WHERE w.uid='{$mybb->user['uid']}' 3117 ORDER BY w.expired ASC, w.dateline DESC 3118 LIMIT 5 3119 "); 3120 while($warning = $db->fetch_array($query)) 3121 { 3122 $post_link = ""; 3123 if($warning['post_subject']) 3124 { 3125 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 3126 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 3127 $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"".get_post_link($warning['pid'])."\">{$warning['post_subject']}</a></small>"; 3128 } 3129 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 3130 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 3131 if($warning['type_title']) 3132 { 3133 $warning_type = $warning['type_title']; 3134 } 3135 else 3136 { 3137 $warning_type = $warning['title']; 3138 } 3139 $warning_type = htmlspecialchars_uni($warning_type); 3140 if($warning['points'] > 0) 3141 { 3142 $warning['points'] = "+{$warning['points']}"; 3143 } 3144 $points = $lang->sprintf($lang->warning_points, $warning['points']); 3145 3146 // Figure out expiration time 3147 if($warning['daterevoked']) 3148 { 3149 $expires = $lang->warning_revoked; 3150 } 3151 elseif($warning['expired']) 3152 { 3153 $expires = $lang->already_expired; 3154 } 3155 elseif($warning['expires'] == 0) 3156 { 3157 $expires = $lang->never; 3158 } 3159 else 3160 { 3161 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 3162 } 3163 3164 $alt_bg = alt_trow(); 3165 eval("\$warnings .= \"".$templates->get("usercp_warnings_warning")."\";"); 3166 } 3167 if($warnings) 3168 { 3169 eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";"); 3170 } 3171 } 3172 } 3173 3174 // Format username 3175 $username = format_name($mybb->user['username'], $mybb->user['usergroup'], $mybb->user['displaygroup']); 3176 $username = build_profile_link($username, $mybb->user['uid']); 3177 3178 // Format post numbers 3179 $mybb->user['posts'] = my_number_format($mybb->user['postnum']); 3180 3181 // Build referral link 3182 if($mybb->settings['usereferrals'] == 1) 3183 { 3184 $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']); 3185 eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); 3186 } 3187 3188 // User Notepad 3189 $plugins->run_hooks("usercp_notepad_start"); 3190 $mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); 3191 eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";"); 3192 $plugins->run_hooks("usercp_notepad_end"); 3193 3194 // Thread Subscriptions with New Posts 3195 $latest_subscribed = ''; 3196 $query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); 3197 if($db->num_rows($query)) 3198 { 3199 $visible = "AND t.visible != 0"; 3200 if(is_moderator() == true) 3201 { 3202 $visible = ''; 3203 } 3204 3205 $query = $db->query(" 3206 SELECT s.*, t.*, t.username AS threadusername, u.username 3207 FROM ".TABLE_PREFIX."threadsubscriptions s 3208 LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) 3209 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 3210 WHERE s.uid='".$mybb->user['uid']."' {$visible} 3211 ORDER BY t.lastpost DESC 3212 LIMIT 0, 10 3213 "); 3214 3215 $fpermissions = forum_permissions(); 3216 while($subscription = $db->fetch_array($query)) 3217 { 3218 $forumpermissions = $fpermissions[$subscription['fid']]; 3219 if($forumpermissions['canview'] != 0 && $forumpermissions['canviewthreads'] != 0 && ($forumpermissions['canonlyviewownthreads'] == 0 || $subscription['uid'] == $mybb->user['uid'])) 3220 { 3221 $subscriptions[$subscription['tid']] = $subscription; 3222 } 3223 } 3224 3225 if(is_array($subscriptions)) 3226 { 3227 $tids = implode(",", array_keys($subscriptions)); 3228 3229 // Checking read 3230 if($mybb->settings['threadreadcut'] > 0) 3231 { 3232 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3233 while($readthread = $db->fetch_array($query)) 3234 { 3235 if($readthread['dateline'] >= $subscriptions[$readthread['tid']]['lastpost']) 3236 { 3237 unset($subscriptions[$readthread['tid']]); // If it's already been read, then don't display the thread 3238 } 3239 else 3240 { 3241 $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; 3242 } 3243 } 3244 } 3245 3246 if($subscriptions) 3247 { 3248 if($mybb->settings['dotfolders'] != 0) 3249 { 3250 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3251 while($post = $db->fetch_array($query)) 3252 { 3253 $subscriptions[$post['tid']]['doticon'] = 1; 3254 } 3255 } 3256 3257 $icon_cache = $cache->read("posticons"); 3258 3259 foreach($subscriptions as $thread) 3260 { 3261 $folder = ''; 3262 $folder_label = ''; 3263 $gotounread = ''; 3264 3265 if($thread['tid']) 3266 { 3267 $bgcolor = alt_trow(); 3268 $thread['subject'] = $parser->parse_badwords($thread['subject']); 3269 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 3270 $thread['threadlink'] = get_thread_link($thread['tid']); 3271 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 3272 3273 // If this thread has a prefix... 3274 if($thread['prefix'] != 0) 3275 { 3276 $query = $db->simple_select('threadprefixes', 'prefix, displaystyle', "pid='{$thread['prefix']}'"); 3277 $threadprefix = $db->fetch_array($query); 3278 3279 $thread['displayprefix'] = $threadprefix['displaystyle'].' '; 3280 } 3281 else 3282 { 3283 $thread['displayprefix'] = ''; 3284 } 3285 3286 // Icons 3287 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 3288 { 3289 $icon = $icon_cache[$thread['icon']]; 3290 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 3291 } 3292 else 3293 { 3294 $icon = " "; 3295 } 3296 3297 if($thread['doticon']) 3298 { 3299 $folder = "dot_"; 3300 $folder_label .= $lang->icon_dot; 3301 } 3302 3303 // Check to see which icon we display 3304 if($thread['lastread'] && $thread['lastread'] < $thread['lastpost']) 3305 { 3306 $folder .= "new"; 3307 $folder_label .= $lang->icon_new; 3308 $new_class = "subject_new"; 3309 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 3310 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 3311 } 3312 else 3313 { 3314 $folder_label .= $lang->icon_no_new; 3315 $new_class = "subject_old"; 3316 } 3317 3318 $folder .= "folder"; 3319 3320 if($thread['visible'] == 0) 3321 { 3322 $bgcolor = "trow_shaded"; 3323 } 3324 3325 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 3326 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 3327 $lastposter = $thread['lastposter']; 3328 $lastposteruid = $thread['lastposteruid']; 3329 3330 if($lastposteruid == 0) 3331 { 3332 $lastposterlink = $lastposter; 3333 } 3334 else 3335 { 3336 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 3337 } 3338 3339 $thread['replies'] = my_number_format($thread['replies']); 3340 $thread['views'] = my_number_format($thread['views']); 3341 $thread['author'] = build_profile_link($thread['username'], $thread['uid']); 3342 3343 eval("\$latest_subscribed_threads .= \"".$templates->get("usercp_latest_subscribed_threads")."\";"); 3344 } 3345 } 3346 eval("\$latest_subscribed = \"".$templates->get("usercp_latest_subscribed")."\";"); 3347 } 3348 } 3349 } 3350 3351 // User's Latest Threads 3352 3353 // Get unviewable forums 3354 $f_perm_sql = ''; 3355 $unviewable_forums = get_unviewable_forums(); 3356 if($unviewable_forums) 3357 { 3358 $f_perm_sql = "AND t.fid NOT IN (".$unviewable_forums.")"; 3359 } 3360 3361 $visible = " AND t.visible != 0"; 3362 if(is_moderator() == true) 3363 { 3364 $visible = ''; 3365 } 3366 3367 $query = $db->query(" 3368 SELECT t.*, t.username AS threadusername, u.username 3369 FROM ".TABLE_PREFIX."threads t 3370 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 3371 WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible != '-2' {$visible} {$f_perm_sql} 3372 ORDER BY t.lastpost DESC 3373 LIMIT 0, 5 3374 "); 3375 3376 // Figure out whether we can view these threads... 3377 $threadcache = array(); 3378 $fpermissions = forum_permissions(); 3379 while($thread = $db->fetch_array($query)) 3380 { 3381 // Moderated, and not moderator? 3382 if($thread['visible'] == 0 && is_moderator($thread['fid']) === false) 3383 { 3384 continue; 3385 } 3386 3387 $forumpermissions = $fpermissions[$thread['fid']]; 3388 if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0) 3389 { 3390 $threadcache[$thread['tid']] = $thread; 3391 } 3392 } 3393 3394 if(!empty($threadcache)) 3395 { 3396 $tids = implode(",", array_keys($threadcache)); 3397 3398 // Read Forums 3399 $query = $db->query(" 3400 SELECT f.fid, fr.dateline AS lastread 3401 FROM ".TABLE_PREFIX."forums f 3402 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 3403 WHERE f.active != 0 3404 ORDER BY pid, disporder 3405 "); 3406 while($forum = $db->fetch_array($query)) 3407 { 3408 $readforums[$forum['fid']] = $forum['lastread']; 3409 } 3410 3411 // Threads being read? 3412 if($mybb->settings['threadreadcut'] > 0) 3413 { 3414 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3415 while($readthread = $db->fetch_array($query)) 3416 { 3417 $threadcache[$readthread['tid']]['lastread'] = $readthread['dateline']; 3418 } 3419 } 3420 3421 // Icon Stuff 3422 if($mybb->settings['dotfolders'] != 0) 3423 { 3424 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3425 while($post = $db->fetch_array($query)) 3426 { 3427 $threadcache[$post['tid']]['doticon'] = 1; 3428 } 3429 } 3430 3431 $icon_cache = $cache->read("posticons"); 3432 3433 // Run the threads... 3434 $latest_threads_threads = ''; 3435 foreach($threadcache as $thread) 3436 { 3437 if($thread['tid']) 3438 { 3439 $bgcolor = alt_trow(); 3440 $folder = ''; 3441 $folder_label = ''; 3442 $prefix = ''; 3443 $gotounread = ''; 3444 $isnew = 0; 3445 $donenew = 0; 3446 $lastread = 0; 3447 3448 // If this thread has a prefix... 3449 if($thread['prefix'] != 0) 3450 { 3451 $query = $db->simple_select('threadprefixes', 'prefix, displaystyle', "pid='{$thread['prefix']}'"); 3452 $threadprefix = $db->fetch_array($query); 3453 3454 $thread['displayprefix'] = $threadprefix['displaystyle'].' '; 3455 } 3456 else 3457 { 3458 $thread['displayprefix'] = ''; 3459 } 3460 3461 $thread['subject'] = $parser->parse_badwords($thread['subject']); 3462 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 3463 $thread['threadlink'] = get_thread_link($thread['tid']); 3464 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 3465 3466 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 3467 { 3468 $icon = $icon_cache[$thread['icon']]; 3469 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 3470 } 3471 else 3472 { 3473 $icon = " "; 3474 } 3475 3476 if($mybb->settings['threadreadcut'] > 0) 3477 { 3478 $forum_read = $readforums[$thread['fid']]; 3479 3480 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 3481 if($forum_read == 0 || $forum_read < $read_cutoff) 3482 { 3483 $forum_read = $read_cutoff; 3484 } 3485 } 3486 3487 if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) 3488 { 3489 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 3490 } 3491 3492 $cutoff = 0; 3493 if($thread['lastpost'] > $cutoff) 3494 { 3495 if($thread['lastread']) 3496 { 3497 $lastread = $thread['lastread']; 3498 } 3499 } 3500 3501 if(!$lastread) 3502 { 3503 $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); 3504 if($readcookie > $forum_read) 3505 { 3506 $lastread = $readcookie; 3507 } 3508 else 3509 { 3510 $lastread = $forum_read; 3511 } 3512 } 3513 3514 // Folder Icons 3515 if($thread['doticon']) 3516 { 3517 $folder = "dot_"; 3518 $folder_label .= $lang->icon_dot; 3519 } 3520 3521 if($thread['lastpost'] > $lastread && $lastread) 3522 { 3523 $folder .= "new"; 3524 $folder_label .= $lang->icon_new; 3525 $new_class = "subject_new"; 3526 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 3527 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 3528 $unreadpost = 1; 3529 } 3530 else 3531 { 3532 $folder_label .= $lang->icon_no_new; 3533 $new_class = "subject_old"; 3534 } 3535 3536 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 3537 { 3538 $folder .= "hot"; 3539 $folder_label .= $lang->icon_hot; 3540 } 3541 3542 // Is our thread visible? 3543 if($thread['visible'] == 0) 3544 { 3545 $bgcolor = 'trow_shaded'; 3546 } 3547 3548 if($thread['closed'] == 1) 3549 { 3550 $folder .= "lock"; 3551 $folder_label .= $lang->icon_lock; 3552 } 3553 3554 $folder .= "folder"; 3555 3556 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 3557 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 3558 $lastposter = $thread['lastposter']; 3559 $lastposteruid = $thread['lastposteruid']; 3560 3561 if($lastposteruid == 0) 3562 { 3563 $lastposterlink = $lastposter; 3564 } 3565 else 3566 { 3567 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 3568 } 3569 3570 $thread['replies'] = my_number_format($thread['replies']); 3571 $thread['views'] = my_number_format($thread['views']); 3572 $thread['author'] = build_profile_link($thread['username'], $thread['uid']); 3573 3574 eval("\$latest_threads_threads .= \"".$templates->get("usercp_latest_threads_threads")."\";"); 3575 } 3576 } 3577 3578 eval("\$latest_threads = \"".$templates->get("usercp_latest_threads")."\";"); 3579 } 3580 3581 $plugins->run_hooks("usercp_end"); 3582 3583 eval("\$usercp = \"".$templates->get("usercp")."\";"); 3584 output_page($usercp); 3585 } 3586 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Oct 8 19:19:50 2013 | Cross-referenced by PHPXref 0.7.1 |