function setting_save($data) { global $_CLASS, $_CORE_CONFIG; foreach ($data as $section => $option) { foreach ($option as $name => $value) { if (isset($_CORE_CONFIG[$section][$name]) && $value != $_CORE_CONFIG[$section][$name]) { set_core_config($section, $name, $value, false); } } } $_CLASS['core_cache']->destroy('core_config'); }
function admin_save($data) { global $_CLASS, $_CORE_CONFIG; foreach ($data as $section => $option) { foreach ($option as $db_name => $data_op) { $value = get_variable($data_op['post_name'], 'POST', false); if ($value != $_CORE_CONFIG[$section][$db_name]) { set_core_config($section, $db_name, $value, false); } } } $_CLASS['core_cache']->destroy('core_config'); }
function install() { global $_CLASS; $_CLASS['core_db']->table_create('start', QUICK_MESSAGE_TABLE); $_CLASS['core_db']->add_table_field_int('message_id', array('max' => 16000000, 'auto_increment' => true)); $_CLASS['core_db']->add_table_field_text('message_text', 200); $_CLASS['core_db']->add_table_field_int('message_time', array('max' => 200000000)); $_CLASS['core_db']->add_table_field_int('poster_id', array('max' => 16000000)); $_CLASS['core_db']->add_table_field_char('poster_name', 80); $_CLASS['core_db']->add_table_field_char('poster_ip', 18); $_CLASS['core_db']->add_table_index('message_id', 'primary'); $_CLASS['core_db']->add_table_index('message_time'); $_CLASS['core_db']->table_create('commit'); // use set config ? set_core_config('quick_message', 'anonymous_posting', 2, false, true); set_core_config('quick_message', 'delete_time', 300, false, true); set_core_config('quick_message', 'height', 200, false, true); set_core_config('quick_message', 'last_post_check', 150, false, true); set_core_config('quick_message', 'length_max', 150, false, true); $_CLASS['core_cache']->destroy('core_config'); $array = array('message_text' => 'Lets do this !', 'message_time' => (int) $_CLASS['core_user']->time, 'poster_id' => 0, 'poster_name' => (string) '', 'poster_ip' => (string) ''); $_CLASS['core_db']->query('INSERT INTO ' . QUICK_MESSAGE_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $array)); return true; }
} if (empty($error)) { require_once SITE_FILE_ROOT . 'includes/tables.php'; require_once SITE_FILE_ROOT . 'includes/cache/cache.php'; require_once SITE_FILE_ROOT . 'includes/cache/cache_' . $acm_type . '.php'; load_class(false, 'core_cache', 'cache_' . $acm_type); set_core_config('global', 'site_name', $site_name, false); set_core_config('server', 'site_domain', $site_domain, false); set_core_config('server', 'site_path', $site_path, false); set_core_config('server', 'site_port', $site_port, false); set_core_config('email', 'site_email', $email, false); set_core_config('server', 'cookie_domain', $cookie_domain, false); set_core_config('server', 'cookie_path', $cookie_path, false); set_core_config('server', 'cookie_name', $cookie_name, false); set_core_config('server', 'site_secure', 0, false); set_core_config('user', 'newest_username', $username, true); $user_update = array('username' => $username, 'user_password' => encode_password($password, 'md5'), 'user_password_encoding' => 'md5', 'user_email' => $email); $_CLASS['core_db']->query('UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $user_update) . ' WHERE user_id = 2'); $_CLASS['core_template']->assign_array(array('admin_link' => generate_link(false, array('full' => true, 'sid' => false, 'admin' => true)), 'username' => $username)); $_CLASS['core_template']->display('installer/complete.html'); script_close(); } $_CLASS['core_template']->assign_array(array('site_name' => $site_name, 'site_domain' => $site_domain, 'site_path' => $site_path, 'site_port' => $site_port, 'cookie_domain' => $cookie_domain, 'cookie_path' => $cookie_path, 'cookie_name' => $cookie_name, 'username' => $username, 'password' => $password, 'password_confirm' => $password_confirm, 'email' => $email, 'email_confirm' => $email_confirm, 'error' => empty($error) ? false : implode('<br/>', $error), 'config_content' => $config_content)); $_CLASS['core_template']->display('installer/stage3.html'); script_close(); } if ($stage === 3) { if ($db_layer && in_array($db_layer, array_keys($database_array))) { load_class(SITE_FILE_ROOT . 'includes/db/' . $db_layer . '.php', 'core_db', 'db_' . $db_layer); $site_db = array(); $site_db['type'] = $db_layer;
$error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID'); } if (!$tz || !in_array($tz, tz_array())) { $tz = null; } if (empty($error)) { $password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']); if (!$password) { //do some admin contact thing here die('Try again later'); } $data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => (int) $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang == $_CORE_CONFIG['global']['default_lang'] ? null : $lang, 'user_type' => USER_NORMAL, 'user_status' => STATUS_ACTIVE, 'user_act_key' => null, 'user_ip' => ''); user_add($data); set_core_config('user', 'newest_user_id', $data['user_id'], false); set_core_config('user', 'newest_username', $data['username'], false); set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1); trigger_error('USER_ADDED'); } } $_CLASS['core_template']->assign_array(array('COPPA' => isset($coppa) ? $coppa : false, 'EMAIL' => isset($email) ? $email : '', 'ERROR' => empty($error) ? false : implode('<br />', $error), 'PASSWORD' => isset($password) ? $password : '', 'USERNAME' => isset($username) ? $username : '', 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'S_ACTION' => generate_link('users&mode=add_user', array('admin' => true)))); $_CLASS['core_display']->display(false, 'admin/users/add.html'); break; case 'bots': if ($id && isset($_REQUEST['option'])) { require_once $site_file_root . 'includes/functions_user.php'; $sql = 'SELECT user_id, user_type, user_status FROM ' . USERS_TABLE . ' WHERE user_id = ' . $id; $result = $_CLASS['core_db']->query($sql); $row = $_CLASS['core_db']->fetch_row_assoc($result); $_CLASS['core_db']->free_result($result);
function ucp_register($id, $mode) { global $site_file_root, $config, $_CLASS, $_CORE_CONFIG; $coppa = isset($_REQUEST['coppa']) ? (int) $_REQUEST['coppa'] : null; $submit = isset($_POST['submit']); if ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_DISABLE || ($coppa || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) && !$_CORE_CONFIG['email']['email_enable']) { trigger_error('UCP_REGISTER_DISABLE'); } $_CLASS['core_template']->assign('S_UCP_ACTION', generate_link('Control_Panel&mode=register')); $error = $data = array(); $s_hidden_fields = ''; if (!isset($_POST['agreed'])) { if ($_CORE_CONFIG['user']['coppa_enable'] && is_null($coppa)) { $now = explode(':', gmdate('m:j:Y')); $coppa_birthday = $_CLASS['core_user']->format_date(mktime(12, 0, 0, $now[0], $now[1], $now[2] - 13), 'D M d, Y'); $_CLASS['core_template']->assign_array(array('L_COPPA_NO' => sprintf($_CLASS['core_user']->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($_CLASS['core_user']->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => generate_link('Control_Panel&mode=register&coppa=0'), 'U_COPPA_YES' => generate_link('Control_Panel&mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_REGISTER_ACTION' => generate_link('Control_Panel&mode=register'))); } else { $s_hidden_fields .= '<input type="hidden" name="coppa" value="' . $coppa . '" />'; $_CLASS['core_template']->assign_array(array('S_SHOW_COPPA' => false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_REGISTER_ACTION' => generate_link('Control_Panel&mode=register'))); } $this->display($_CLASS['core_user']->lang['REGISTER'], 'ucp_agreement.html'); script_close(); } if ($submit) { require_once $site_file_root . 'includes/functions_user.php'; $error = array(); $username = get_variable('username', 'POST', false); $password = get_variable('password', 'POST', false); $email = get_variable('email', 'POST', false); $email_confirm = get_variable('email_confirm', 'POST', ''); //when we add this make sure to confirm that it's one of the installed langs $lang = $_CORE_CONFIG['global']['default_lang']; $tz = get_variable('tz', 'POST', false); if (strpos($username, "\n")) { die; } $username_validate = validate_username($username); if ($username_validate !== true) { $error[] = $_CLASS['core_user']->get_lang($username_validate); } if (!$password || $password !== get_variable('password_confirm', 'POST', '')) { $error[] = $_CLASS['core_user']->get_lang('PASSWORD_ERROR'); } if (!$email || $email !== $email_confirm) { $error[] = $_CLASS['core_user']->get_lang('EMAIL_ERROR'); } elseif (!check_email($email)) { $error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID'); } if (!$tz || !in_array($tz, tz_array())) { $tz = null; } if ($_CORE_CONFIG['user']['enable_confirm']) { $confirmation_code = $_CLASS['core_user']->session_data_get('confirmation_code'); $confirm_code = trim(get_variable('confirm_code', 'POST', false)); if (!$confirm_code || !$confirmation_code || $confirm_code != $confirmation_code) { $error[] = $_CLASS['core_user']->get_lang('CONFIRM_CODE_WRONG'); } // we don't need this any more $_CLASS['core_user']->user_data_kill('confirmation_code'); } if (empty($error)) { $password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']); if (!$password) { //do some admin contact thing here die('Activation disabled: Passwaord encoding problem'); } if ($coppa || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) { if (!$_CORE_CONFIG['email']['email_enable']) { //do some admin contact thing here die('Activation disabled: Email Disabled'); } $user_status = STATUS_PENDING; $user_act_key = generate_string(10); if ($coppa) { $message = $_CLASS['core_user']->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } elseif ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF) { $message = $_CLASS['core_user']->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } elseif ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) { $message = $_CLASS['core_user']->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } } else { $user_status = STATUS_ACTIVE; $user_act_key = null; $email_template = 'user_welcome'; $message = $_CLASS['core_user']->lang['ACCOUNT_ADDED']; } $data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => (string) $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang ? (string) $lang : null, 'user_type' => USER_NORMAL, 'user_status' => (int) $user_status, 'user_act_key' => (string) $user_act_key, 'user_ip' => (string) $_CLASS['core_user']->ip); user_add($data); if ($data['user_status'] === STATUS_ACTIVE) { set_core_config('user', 'newest_user_id', $data['user_id'], false); set_core_config('user', 'newest_username', $data['username'], false); set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1, false); } require_once $site_file_root . 'includes/mailer.php'; $mailer = new core_mailer(); $mailer->to($email, $username); $mailer->subject($subject); $_CLASS['core_template']->assign_array(array('SITENAME' => $_CORE_CONFIG['global']['site_name'], 'WELCOME_MSG' => sprintf($_CLASS['core_user']->lang['WELCOME_SUBJECT'], $_CORE_CONFIG['global']['site_name']), 'USERNAME' => $username, 'PASSWORD' => $password, 'EMAIL_SIG' => '', 'U_ACTIVATE' => generate_link('system&mode=activate&user_id=' . $data['user_id'] . '&key=' . $user_act_key, array('sid' => false, 'full' => true)))); if ($coppa) { $_CLASS['core_template']->assign_array(array('FAX_INFO' => $_CORE_CONFIG['user']['coppa_fax'], 'MAIL_INFO' => $_CORE_CONFIG['user']['coppa_mail'], 'EMAIL_ADDRESS' => $email, 'SITENAME' => $_CORE_CONFIG['global']['site_name'])); } $mailer->message = trim($_CLASS['core_template']->display('modules/Control_Panel/email/' . $email_template, true)); $mailer->send(); $message = $message . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_INDEX'], '<a href="' . generate_link() . '">', '</a>'); trigger_error($message); } } $s_hidden_fields .= '<input type="hidden" name="coppa" value="' . $coppa . '" />'; $s_hidden_fields .= '<input type="hidden" name="agreed" value="true" />'; if ($_CORE_CONFIG['user']['enable_confirm']) { $_CLASS['core_user']->session_data_set('confirmation_code', generate_string(6)); $confirm_image = '<img src="' . generate_link('system&mode=confirmation_image') . '" alt="" title="" />'; } else { $confirm_image = false; } if ($submit) { if ($_CORE_CONFIG['user']['max_reg_attempts']) { $attempts = (int) $_CLASS['core_user']->session_data_get('reg_attempts', 0); if ($attempts > $_CORE_CONFIG['user']['max_reg_attempts']) { trigger_error($_CLASS['core_user']->lang['TOO_MANY_REGISTERS']); } $_CLASS['core_user']->session_data_get('reg_attempts', $attempts + 1); } } switch ($_CORE_CONFIG['user']['activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $_CLASS['core_user']->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $_CLASS['core_user']->lang['UCP_ADMIN_ACTIVATE']; break; default: $l_reg_cond = ''; break; } $user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\\w]+' => 'USERNAME_ALPHA_ONLY', '[\\w_\\+\\. \\-\\[\\]]+' => 'USERNAME_ALPHA_SPACERS'); $_CLASS['core_template']->assign_array(array('ERROR' => empty($error) ? false : implode('<br />', $error), 'USERNAME' => isset($username) ? $username : '', 'PASSWORD' => isset($password) ? $password : '', 'EMAIL' => isset($email) ? $email : '', 'EMAIL_CONFIRM' => isset($email_confirm) ? $email_confirm : '', 'CONFIRM_IMG' => $confirm_image, 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'L_CONFIRM_EXPLAIN' => sprintf($_CLASS['core_user']->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlentities($config['board_contact']) . '">', '</a>'), 'L_ITEMS_REQUIRED' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($_CLASS['core_user']->lang[$user_char_ary[$_CORE_CONFIG['user']['allow_name_chars']] . '_EXPLAIN'], $_CORE_CONFIG['user']['min_name_chars'], $_CORE_CONFIG['user']['max_name_chars']), 'L_NEW_PASSWORD_EXPLAIN' => sprintf($_CLASS['core_user']->lang['NEW_PASSWORD_EXPLAIN'], $_CORE_CONFIG['user']['min_pass_chars'], $_CORE_CONFIG['user']['max_pass_chars']), 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => generate_link("Control_Panel&mode=register"))); $this->display($_CLASS['core_user']->lang['REGISTER'], 'ucp_register.html'); }
function activate() { global $_CLASS; $user_id = get_variable('user_id', 'GET', 0, 'integer'); $key = get_variable('key', 'GET', false); if (!$user_id || !$key) { trigger_error('CANT_ACTIVATED'); } $sql = 'SELECT username, user_status, user_group, user_new_password, user_new_password_encoding, user_act_key FROM ' . USERS_TABLE . " WHERE user_id = {$user_id} AND user_type = " . USER_NORMAL; $result = $_CLASS['core_db']->sql_query($sql); $row = $_CLASS['core_db']->sql_fetchrow($result); $_CLASS['core_db']->sql_freeresult($result); if (!$row) { trigger_error('NO_USER'); } if ($row['user_status'] != USER_UNACTIVATED && !$row['user_new_password']) { trigger_error($row['user_status'] == USER_ACTIVE ? 'ALREADY_ACTIVATED' : 'CANT_ACTIVATED'); } if ($row['user_act_key'] != $key) { trigger_error('WRONG_ACTIVATION_KEY'); } $sql_ary = array('user_act_key' => null, 'user_new_password' => null, 'user_new_password_encoding' => null); if ($row['user_status'] != USER_UNACTIVATED) { $sql_ary += array('user_password' => $row['user_new_password'], 'user_password_encoding' => $row['user_new_password_encoding']); } else { include_once $site_file_root . 'includes/functions_user.php'; user_activate($user_id); set_core_config('user', 'newest_user_id', $row['user_id'], false); set_core_config('user', 'newest_username', $row['username'], false); } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $row['user_id']; $result = $_CLASS['core_db']->sql_query($sql); }
function activate() { global $_CLASS, $_CORE_CONFIG; $user_id = get_variable('user_id', 'GET', false, 'integer'); $key = get_variable('key', 'GET', false); if (!$user_id || !$key) { trigger_error('CANT_ACTIVATED'); } $sql = 'SELECT username, user_status, user_group, user_new_password, user_new_password_encoding, user_act_key FROM ' . USERS_TABLE . " WHERE user_id = {$user_id} AND user_type = " . USER_NORMAL; $result = $_CLASS['core_db']->query($sql); $row = $_CLASS['core_db']->fetch_row_assoc($result); $_CLASS['core_db']->free_result($result); if (!$row) { trigger_error('NO_USER'); } settype($row['user_status'], 'int'); if ($row['user_status'] !== STATUS_PENDING && !$row['user_new_password']) { trigger_error($row['user_status'] === STATUS_ACTIVE ? 'ALREADY_ACTIVATED' : 'CANT_ACTIVATED'); } if ($row['user_act_key'] !== $key) { trigger_error('WRONG_ACTIVATION_KEY'); } $sql_ary = array('user_act_key' => null, 'user_new_password' => null, 'user_new_password_encoding' => null); if ($row['user_status'] === STATUS_PENDING) { include_once SITE_FILE_ROOT . 'includes/functions_user.php'; user_activate($user_id); set_core_config('user', 'newest_user_id', $row['user_id'], false); set_core_config('user', 'newest_username', $row['username'], false); set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1, false); } else { $sql_ary += array('user_password' => $row['user_new_password'], 'user_password_encoding' => $row['user_new_password_encoding']); } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user_id; $result = $_CLASS['core_db']->query($sql); $message = $row['user_status'] === STATUS_PENDING ? $_CLASS['core_user']->get_lang('ACCOUNT_ACTIVE') : $_CLASS['core_user']->get_lang('PASSWORD_ACTIVATED'); trigger_error($message . '<br /><br />' . sprintf($_CLASS['core_user']->get_lang('RETURN_INDEX'), '<a href="' . generate_link() . '">', '</a>')); }
function user_disable($user_id, $update_stats = true) { global $_CLASS, $_CORE_CONFIG; $user_id = is_array($user_id) ? $user_id : array($user_id); if (check_user_id($user_id) === false) { return; } // hook here -- maybe ? $_CLASS['core_db']->transaction(); // disabled the user first $sql = 'UPDATE ' . CORE_USERS_TABLE . ' SET user_status = ' . STATUS_DISABLED . ' WHERE user_id IN (' . implode(', ', $user_id) . ') AND user_type <>' . USER_GUEST; $_CLASS['core_db']->query($sql); // Now we disable the user in his active groups $sql = 'UPDATE ' . CORE_GROUPS_MEMBERS_TABLE . ' SET member_status = ' . STATUS_DISABLED . ' WHERE user_id IN (' . implode(', ', $user_id) . ') AND member_status = ' . STATUS_ACTIVE; $_CLASS['core_db']->query($sql); $sql = 'DELETE FROM ' . CORE_SESSIONS_AUTOLOGIN_TABLE . ' WHERE user_id IN (' . implode(', ', $user_id) . ")"; $_CLASS['core_db']->query($sql); if ($update_stats) { if (in_array($_CORE_CONFIG['user']['newest_user_id'], $user_id)) { $sql = 'SELECT user_id, username FROM ' . CORE_USERS_TABLE . ' WHERE user_type = ' . USER_NORMAL . ' AND user_status = ' . STATUS_ACTIVE . ' ORDER BY user_reg_date'; $result = $_CLASS['core_db']->query_limit($sql, 1); $row = $_CLASS['core_db']->fetch_row_assoc($result); $_CLASS['core_db']->free_result($result); set_core_config('user', 'newest_user_id', $row['user_id'], false); set_core_config('user', 'newest_username', $row['username'], false); } $total_users = $_CORE_CONFIG['user']['total_users'] - count($user_id); set_core_config('user', 'total_users', $total_users, false); $_CLASS['core_cache']->destroy('core_config'); } $_CLASS['core_db']->transaction('commit'); }