/**
  * Checks a display name
  *
  * @return	@e void		[Outputs JSON to browser AJAX call]
  */
 protected function displayNameCheck()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $name = strtolower($this->convertAndMakeSafe($this->request['name'], 0));
     $name = str_replace("+", "+", $name);
     $member = array();
     $return = TRUE;
     $id = intval($this->request['member_id']);
     # Set member ID
     $id = $this->memberData['member_id'] ? $this->memberData['member_id'] : $id;
     //-----------------------------------------
     // Load member if required
     //-----------------------------------------
     if ($id != $this->memberData['member_id']) {
         $member = IPSMember::load($id, 'all');
     } else {
         $member = $this->member->fetchMemberData();
     }
     //-----------------------------------------
     // Test name
     //-----------------------------------------
     try {
         $return = IPSMember::getFunction()->checkNameExists($name, $member);
     } catch (Exception $error) {
         $_msg = $error->getMessage();
         if ($_msg == 'NO_MORE_CHANGES') {
             $this->returnString('nomorechanges');
             return;
         }
         # Really, we're not very interested why it didn't work at this point, so
         # just return with a 'found' string which will make a nice red cross and
         # force the user to choose another.
         $this->returnString('found');
         return;
     }
     //-----------------------------------------
     // So, what's it to be?
     //-----------------------------------------
     $this->returnString($return === TRUE ? 'found' : 'notfound');
 }
 /**
  * Create new member
  * Very basic functionality at this point.
  *
  * @access	public
  * @param	array 	Fields to save in the following format: array( 'members'      => array( 'email'     => '*****@*****.**',
  *																				         'joined'   => time() ),
  *															   'extendedProfile' => array( 'signature' => 'My signature' ) );
  *					Tables: members, pfields_content, profile_portal.
  *					You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]'
  * @param	bool	Flag to attempt to auto create a name if the desired is taken
  * @param	bool	Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet)
  * @return	array 	Final member Data including member_id
  *
  * EXCEPTION CODES
  * CUSTOM_FIELDS_EMPTY    - Custom fields were not populated
  * CUSTOM_FIELDS_INVALID  - Custom fields were invalid
  * CUSTOM_FIELDS_TOOBIG   - Custom fields too big
  */
 public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE)
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $finalTables = array();
     $password = '';
     $bitWiseFields = ipsRegistry::fetchBitWiseOptions('global');
     //-----------------------------------------
     // Remap tables if required
     //-----------------------------------------
     foreach ($tables as $table => $data) {
         $_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table;
         if ($_name == 'members') {
             /* Magic password field */
             $password = isset($data['password']) ? trim($data['password']) : IPSLib::makePassword();
             $md_5_password = md5($password);
             unset($data['password']);
         }
         $finalTables[$_name] = $data;
     }
     //-----------------------------------------
     // Custom profile field stuff
     //-----------------------------------------
     if (!$bypassCfields) {
         require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
         $fields = new customProfileFields();
         if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) {
             $fields->member_data = $finalTables['pfields_content'];
         }
         $_cfieldMode = 'normal';
         $fields->initData('edit');
         $fields->parseToSave($finalTables['pfields_content'], 'register');
         /* Check */
         if (count($fields->error_fields['empty'])) {
             //throw new Exception( 'CUSTOM_FIELDS_EMPTY' );
         }
         if (count($fields->error_fields['invalid'])) {
             //throw new Exception( 'CUSTOM_FIELDS_INVALID' );
         }
         if (count($fields->error_fields['toobig'])) {
             //throw new Exception( 'CUSTOM_FIELDS_TOOBIG' );
         }
     }
     //-----------------------------------------
     // Make sure the account doesn't exist
     //-----------------------------------------
     if ($finalTables['members']['email']) {
         $existing = IPSMember::load($finalTables['members']['email'], 'all');
         if ($existing['member_id']) {
             $existing['full'] = true;
             $existing['timenow'] = time();
             return $existing;
         }
     }
     //-----------------------------------------
     // Fix up usernames and display names
     //-----------------------------------------
     /* Ensure we have a display name */
     $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name'];
     //-----------------------------------------
     // Clean up characters
     //-----------------------------------------
     if ($finalTables['members']['name']) {
         $userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name');
         if ($userName['errors']) {
             $finalTables['members']['name'] = '';
         } else {
             $finalTables['members']['name'] = $userName['username'];
         }
     }
     if ($finalTables['members']['members_display_name']) {
         $displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']);
         if ($displayName['errors']) {
             $finalTables['members']['members_display_name'] = '';
         } else {
             $finalTables['members']['members_display_name'] = $displayName['members_display_name'];
         }
     }
     //-----------------------------------------
     // Remove some basic HTML tags
     //-----------------------------------------
     $finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']);
     $finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']);
     //-----------------------------------------
     // Make sure the names are unique
     //-----------------------------------------
     if ($finalTables['members']['members_display_name']) {
         try {
             if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) {
                 if ($autoCreateName === TRUE) {
                     /* Now, make sure we have a unique display name */
                     $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'"));
                     if ($max['max']) {
                         $_num = $max['max'] + 1;
                         $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num;
                     }
                 } else {
                     $finalTables['members']['members_display_name'] = '';
                 }
             }
         } catch (Exception $e) {
         }
     }
     if ($finalTables['members']['name']) {
         try {
             if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) {
                 if ($autoCreateName === TRUE) {
                     /* Now, make sure we have a unique username */
                     $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['name'])) . "%'"));
                     if ($max['max']) {
                         $_num = $max['max'] + 1;
                         $finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num;
                     }
                 } else {
                     $finalTables['members']['name'] = '';
                 }
             }
         } catch (Exception $e) {
         }
     }
     //-----------------------------------------
     // Populate member table(s)
     //-----------------------------------------
     $finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : '';
     $finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time();
     $finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined'];
     $finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group'];
     $finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address;
     $finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']);
     $finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey();
     $finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
     $finalTables['members']['view_sigs'] = 1;
     $finalTables['members']['email_pm'] = 1;
     $finalTables['members']['view_img'] = 1;
     $finalTables['members']['view_avs'] = 1;
     $finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']);
     $finalTables['members']['view_pop'] = 1;
     $finalTables['members']['msg_count_total'] = 0;
     $finalTables['members']['msg_count_new'] = 0;
     $finalTables['members']['msg_show_notification'] = 1;
     $finalTables['members']['coppa_user'] = 0;
     $finalTables['members']['auto_track'] = intval($finalTables['members']['auto_track']);
     $finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time();
     $finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time();
     $finalTables['members']['language'] = IPSLib::getDefaultLanguage();
     $finalTables['members']['members_editor_choice'] = ipsRegistry::$settings['ips_default_editor'];
     $finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5);
     $finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password);
     $finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : '';
     $finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : '';
     $finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0;
     $finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : '';
     $finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']);
     $finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']);
     //-----------------------------------------
     // Insert: MEMBERS
     //-----------------------------------------
     ipsRegistry::DB()->force_data_type = array('name' => 'string', 'members_l_username' => 'string', 'members_display_name' => 'string', 'members_l_display_name' => 'string', 'members_seo_name' => 'string', 'email' => 'string');
     /* Bitwise options */
     if (is_array($bitWiseFields['members'])) {
         $_freeze = array();
         foreach ($bitWiseFields['members'] as $field) {
             if (isset($finalTables['members'][$field])) {
                 /* Add to freezeable array */
                 $_freeze[$field] = $finalTables['members'][$field];
                 /* Remove it from the fields to save to DB */
                 unset($finalTables['members'][$field]);
             }
         }
         if (count($_freeze)) {
             $finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global');
         }
     }
     ipsRegistry::DB()->insert('members', $finalTables['members']);
     //-----------------------------------------
     // Get the member id
     //-----------------------------------------
     $finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId();
     //-----------------------------------------
     // Insert: PROFILE PORTAL
     //-----------------------------------------
     $finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id'];
     $finalTables['profile_portal']['pp_setting_count_friends'] = 1;
     $finalTables['profile_portal']['pp_setting_count_comments'] = 1;
     ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']);
     //-----------------------------------------
     // Insert into the custom profile fields DB
     //-----------------------------------------
     if (!$bypassCfields) {
         $fields->out_fields['member_id'] = $finalTables['members']['member_id'];
         ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
         ipsRegistry::DB()->insert('pfields_content', $fields->out_fields);
     } else {
         ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
         ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id']));
     }
     //-----------------------------------------
     // Insert into partial ID table
     //-----------------------------------------
     $full_account = false;
     if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) {
         $full_account = true;
     }
     if (!$full_account) {
         ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1));
     }
     //IPSMember::updateSearchIndex( $finalTables['members']['member_id'] );
     IPSLib::runMemberSync('onCreateAccount', $finalTables['members']);
     return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account));
 }
Beispiel #3
0
 /**
  * Convert a member
  *
  * @access	public
  * @param 	array		Basic data (id number, username, email, group, joined date, password)
  * @param 	array 		Data to insert to members table
  * @param 	array 		Data to insert to profile table
  * @param 	array 		Data to insert to custom profile fields table
  * @param 	string 		Path to avatars folder
  * @param 	string 		Path to profile pictures folder
  * @return 	boolean		Success or fail
  **/
 public function convertMember($info, $members, $profile, $custom, $pic_path = '', $groupLink = TRUE)
 {
     //-----------------------------------------
     // Make sure we have everything we need
     //-----------------------------------------
     if (!$info['id']) {
         $this->logError($info['id'], 'No ID number provided');
         return false;
     }
     if (!$info['username']) {
         $this->logError($info['id'], 'No username provided');
         return false;
     }
     if (!$info['email']) {
         // See Tracker Report #28874 for reasons why this got changed.
         $info['email'] = $info['id'] . '@' . time() . '.com';
         //$info['email'] = rand(1, 100).'@'.time().'.com';
         $this->logError($info['id'], 'No email address provided - member converted with ' . $info['email']);
     }
     // Check profile photo
     if (!is_writeable($this->settings['upload_dir'] . '/profile')) {
         $this->error($this->settings['upload_dir'] . '/profile is not writeable, cannot continue');
         return false;
     }
     //-----------------------------------------
     // Set some needed variables
     //-----------------------------------------
     $now = time();
     $joined = $info['joined'] ? $info['joined'] : $now;
     if ($info['md5pass']) {
         $salt = IPSMember::generatePasswordSalt(5);
         $hash = IPSMember::generateCompiledPasshash($salt, $info['md5pass']);
     } elseif ($info['plainpass']) {
         $salt = IPSMember::generatePasswordSalt(5);
         $hash = IPSMember::generateCompiledPasshash($salt, md5($info['plainpass']));
     } elseif ($info['pass_hash']) {
         $salt = $info['pass_salt'];
         $hash = $info['pass_hash'];
     } elseif ($info['password'] !== NULL) {
         $members['conv_password'] = $info['password'];
     } else {
         // give em a random pass, let's stop those posts by these users being lost and assigned to guests.
         $randPass = IPSMember::makePassword();
         $salt = IPSMember::generatePasswordSalt(5);
         $hash = IPSMember::generateCompiledPasshash($salt, $randPass);
         $this->logError($info['id'], 'No password provided. Member has still been converted with password: '******'email'], 'all');
     if ($duplicateMember['member_id']) {
         $this->logError($info['id'], "Duplicate member found. {$info['username']} has been merged with the account email {$duplicateMember['username']}");
         $this->addLink($duplicateMember['member_id'], $info['id'], 'members');
         $this->DB->update('conv_link', array('duplicate' => '1'), "type = 'members' AND app={$this->app['app_id']} AND foreign_id='{$info['id']}'");
         if ($info['posts'] > 0) {
             $this->DB->update('members', array('posts' => "posts+'{$info['posts']}'"), "member_id='{$duplicateMember['member_id']}'");
         }
         // we have a customavatar and the one we have on file does not match what we've been given, time to update it.
         if ($profile['photo_type'] == 'custom' and $duplicateMember['pp_main_photo'] != $profile['pp_main_photo']) {
             if ($profile['photo_data']) {
                 // open file for writing
                 if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) {
                     $this->logError($info['id'], 'Could not write to file.');
                 }
                 // Write image to our opened file.
                 if (fwrite($handle, $profile['photo_data']) === FALSE) {
                     $this->logError($info['id'], 'Could not write to file.');
                 }
                 // log it all into DB
                 $profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png';
             }
         }
         return TRUE;
     }
     //-----------------------------------------
     // Handle Names
     //-----------------------------------------
     // Apostrophe is an allowed character but needs converting
     $info['username'] = str_replace("'", '&#39;', $info['username']);
     $info['username'] = str_replace("!", '&#33;', $info['username']);
     // as is an excalamation point.
     $nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['username'], array(), 'name');
     // Check for illegal characters
     if ($nameCheck['errors']['username'] == ipsRegistry::getClass('class_localization')->words['reg_error_chars']) {
         // Illegal characters exist, clean them out with dashes
         $nameCheckMap['disallowed'] = array("'", "\"", "&#34;", "<", ">", "\\", "&#92;", "\$", "&#036;", "]", "[", ",", "|");
         $nameCheckMap['replace'] = array('&#39;', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-');
         $nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['username']);
         $this->logError($info['id'], "{$nameCheck['errors']['username']} with name {$info['username']}. Member has still been created but with username as {$nameCheck['username']}");
         // Now check for duplicate username.
         try {
             if (IPSMember::getFunction()->checkNameExists($nameCheck['username'], array(), 'name', true, true)) {
                 $t = time();
                 $this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['username']}. Member has still been created but with username as {$nameCheck['username']}{$t}");
                 $nameCheck['username'] = $nameCheck['username'] . $t;
             }
         } catch (Exception $e) {
             //-----------------------------------------
             // Name exists, let's return appropriately
             //-----------------------------------------
             switch ($e->getMessage()) {
                 default:
                     $this->logError($info['id'], "Unexpected error with name: {$info['username']}. Member was skipped.");
                     return false;
             }
         }
     } elseif ($nameCheck['errors']['username'] == 'reg_error_username_taken') {
         $nameCheck['username'] = $nameCheck['username'] . time();
         $this->logError($info['id'], "{$nameCheck['errors']['username']} with name: {$info['username']}. Member has still been created but with username as {$nameCheck['username']}");
     }
     $username = $displayname = $nameCheck['username'];
     // Begin check and clean for display name if provided.
     if (isset($info['displayname'])) {
         // Apostrophe is an allowed character but needs converting
         $info['displayname'] = str_replace("'", '&#39;', $info['displayname']);
         $displayname = NULL;
         $nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['displayname'], array(), 'members_display_name');
         if ($nameCheck['errors']['dname'] == str_replace('{chars}', ipsRegistry::$settings['username_characters'], ipsRegistry::$settings['username_errormsg'])) {
             $nameCheckMap['disallowed'] = array("'", "\"", "&#34;", "<", ">", "\\", "&#92;", "\$", "&#036;", "]", "[", ",", "|");
             $nameCheckMap['replace'] = array('&#39;', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-');
             $nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['members_display_name']);
             $this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}");
             // Now check for duplicate display name.
             try {
                 if (IPSMember::getFunction()->checkNameExists($nameCheck['members_display_name'], array(), 'members_display_name', true, true)) {
                     $t = time();
                     $this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['members_display_name']}. Member has still been created but with display name as {$nameCheck['members_display_name']}{$t}");
                     $nameCheck['members_display_name'] = $nameCheck['members_display_name'] . $t;
                 }
             } catch (Exception $e) {
                 //-----------------------------------------
                 // Name exists, let's return appropriately
                 //-----------------------------------------
                 switch ($e->getMessage()) {
                     default:
                         $this->logError($info['id'], "Unexpected error with display name: {$info['displayname']}. Member was skipped.");
                         return false;
                 }
             }
         } elseif ($nameCheck['errors']['dname'] == 'reg_error_username_taken') {
             $nameCheck['members_display_name'] = $nameCheck['members_display_name'] . time();
             $this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}");
         }
         $displayname = $nameCheck['members_display_name'];
     }
     // Check we have a path
     if (!$this->settings['upload_dir']) {
         $this->logError($info['id'], 'Your IP.Board uploads path has not been configured');
         return false;
     }
     //-----------------------------------------
     // Insert
     //-----------------------------------------
     $members['title'] = str_replace("'", '&#39;', $members['title']);
     //$members['member_id']				= $info['id'];
     $members['name'] = $username;
     $members['last_post'] = intval($members['last_post']);
     if (empty($info['member_group_id'])) {
         $members['member_group_id'] = $info['group'] ? $groupLink === TRUE ? $this->getLink($info['group'], 'groups') : $info['group'] : $this->settings['member_group'];
     } else {
         $members['member_group_id'] = $info['member_group_id'];
     }
     $members['email'] = $info['email'];
     $members['joined'] = $joined;
     $members['member_login_key'] = IPSMember::generateAutoLoginKey();
     $members['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
     $members['members_display_name'] = $displayname;
     $members['members_seo_name'] = IPSText::makeSeoTitle($displayname);
     $members['members_l_display_name'] = IPSText::mbstrtolower($displayname);
     $members['members_l_username'] = IPSText::mbstrtolower($username);
     $members['members_pass_hash'] = $hash;
     $members['members_pass_salt'] = $salt;
     $members['posts'] = $members['posts'] ? $members['posts'] : 0;
     $members['warn_level'] = (int) $members['warn_level'];
     // Sort out secondary groups
     if (!empty($info['secondary_groups'])) {
         // explode so we can loop through for the getLink
         $secondary_groups = explode(",", $info['secondary_groups']);
         $_secondary = array();
         if (!empty($secondary_groups)) {
             foreach ($secondary_groups as $group) {
                 if (!empty($group)) {
                     $newGroup = $this->getLink($group, 'groups', true);
                     if ($newGroup) {
                         $_secondary[] = $newGroup;
                     }
                 }
                 /**else
                 			{
                 				$this->logError($info['id'] .' - '. $group, 'empty secondary group id');
                 			}**/
             }
         }
         $members['mgroup_others'] = implode(",", $_secondary);
     }
     // Sneaky hack with the comments and friends
     if (!in_array('pp_setting_count_comments', $profile)) {
         $profile['pp_setting_count_comments'] = 1;
     }
     if (!in_array('pp_setting_count_friends', $profile)) {
         $profile['pp_setting_count_friends'] = 1;
     }
     // We better turn on allow_admin_mails if it isn't set
     $members['allow_admin_mails'] = isset($members['allow_admin_mails']) ? $members['allow_admin_mails'] : 1;
     // Fix up the birthday since STRICT complains..
     $members['bday_day'] = intval($members['bday_day']);
     $members['bday_month'] = intval($members['bday_month']);
     $members['bday_year'] = intval($members['bday_year']);
     // No idea why birthdays are messing up.., so I'll just hack this bit. - Alex
     // #020372 tracker
     if ($members['bday_year'] < 1900) {
         // Don't think we can really be this old ya know.
         $members['bday_day'] = 0;
         $members['bday_month'] = 0;
         $members['bday_year'] = 0;
     }
     // 3.1.3 dropped columns
     unset($members['email_pm']);
     // 3.2.0 Dropped columns
     unset($members['hide_email']);
     unset($members['view_avs']);
     // 3.3.0 Dropped columns
     unset($members['members_editor_choice']);
     // First member?
     if ($info['id'] != $this->memberData['member_id']) {
         if ($this->usingExtendedInserts) {
             // Add it to the extended insert array which runs on next()
             $this->extendedInserts['members'][] = $this->DB->compileInsertString($members);
             //$memberId = $members['member_id'];
             $memberId = $info['id'];
         } else {
             //unset( $members['member_id'] );
             $this->DB->insert('members', $members);
             $memberId = $this->DB->getInsertId();
             // Add a link
             $this->addLink($memberId, $info['id'], 'members');
         }
     } else {
         if ($this->usingExtendedInserts) {
             // Unset important information to stop locking us out
             $unset = array('member_id', 'members_pass_salt', 'members_pass_hash', 'name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'member_banned', 'conv_password', 'email', 'member_group_id');
             foreach ($unset as $k) {
                 unset($members[$k]);
             }
             $this->DB->update('members', $members, "member_id=" . $this->memberData['member_id']);
             $memberId = $this->memberData['member_id'];
             $this->logError($memberId, "<strong><span style='size: 1.15em;'>{$username} has been merged with {$this->memberData['members_display_name']}. This is because you are logged in as {$this->memberData['members_display_name']} and due to both members sharing the same ID. You are not running the conversion in 'merge' mode and therefore you WILL have to manually update this members name, email address, AND member group.</span></strong><br /><ul><li>Username: {$username}</li><li>Email Address: {$info['email']}</li></ul>");
         } else {
             //unset( $members['member_id'] );
             $this->DB->insert('members', $members);
             $memberId = $this->DB->getInsertId();
             // Add a link
             $this->addLink($memberId, $info['id'], 'members');
         }
     }
     // If user group is the auth group, add them to validating table.
     if ($members['member_group_id'] == $this->settings['auth_group'] && ($this->settings['reg_auth_type'] == 'user' || $this->settings['reg_auth_type'] == 'admin' || $this->settings['reg_auth_type'] == 'admin_user')) {
         //-----------------------------------------
         // We want to validate all reg's via email,
         // after email verificiation has taken place,
         // we restore their previous group and remove the validate_key
         //-----------------------------------------
         $validating = array('vid' => md5(uniqid()), 'member_id' => $memberId, 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'new_reg' => 1, 'ip_address' => $members['ip_address'], 'spam_flag' => 0);
         if ($this->usingExtendedInserts) {
             $this->extendedInserts['validating'][] = $this->DB->compileInsertString($validating);
         } else {
             $this->DB->insert('validating', $validating);
         }
     }
     $profile['pp_member_id'] = $memberId;
     // Defaults if not specified (prevents "Column Count Mismatches" in MySQL)
     $profile['pp_thumb_photo'] = $profile['pp_thumb_photo'] ? $profile['pp_thumb_photo'] : '';
     $profile['pp_main_photo'] = $profile['pp_main_photo'] ? $profile['pp_main_photo'] : '';
     $profile['pp_main_width'] = $profile['pp_main_width'] ? $profile['pp_main_width'] : 0;
     $profile['pp_main_height'] = $profile['pp_main_height'] ? $profile['pp_main_height'] : 0;
     $profile['pp_thumb_width'] = $profile['pp_thumb_width'] ? $profile['pp_thumb_width'] : 0;
     $profile['pp_thumb_height'] = $profile['pp_thumb_height'] ? $profile['pp_thumb_height'] : 0;
     //-----------------------------------------
     // Sort out uploaded avatars / photos
     //-----------------------------------------
     // we send profile_type of custom if we have a photo at all
     if ($profile['photo_type'] == 'custom') {
         if ($profile['photo_data']) {
             // open file for writing
             if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) {
                 $this->logError($info['id'], 'Could not write to file.');
             }
             // Write image to our opened file.
             if (fwrite($handle, $profile['photo_data']) === FALSE) {
                 $this->logError($info['id'], 'Could not write to file.');
             }
             // log it all into DB
             $profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png';
         }
     }
     if ($profile['photo_type'] == 'url') {
         // Make an attempt at fetching the remote pic. If not, log an error.
         $profile['pp_main_photo'] = '';
         if ($remote = @file_get_contents($profile['photo_location'])) {
             $image_dims = @getimagesize($profile['photo_location']);
             if ($image_dims[0]) {
                 $profile['photo_data'] = $remote;
                 $profile['photo_type'] = 'custom';
                 $profile['pp_main_photo'] = $profile['photo_location'];
                 if (!isset($profile['photo_filesize'])) {
                     $profile['photo_filesize'] = strlen($remote);
                 }
             } else {
                 $this->logError($info['id'], 'Remote picture file does not appear to be an image.');
             }
         } else {
             $this->logError($info['id'], 'Could not fetch remote picture file.');
         }
     }
     // Oops... I screwed up... workaround for now... will fix properly soon.
     if ($profile['photo_type'] != 'url' and $profile['photo_location'] and !$profile['pp_main_photo']) {
         $profile['pp_main_photo'] = $profile['photo_location'];
     }
     if (!is_dir($pic_path) and $profile['pp_main_photo'] and !$profile['photo_data']) {
         $this->logError($info['id'], 'Incorrect profile pictures path');
         //return false;
     }
     // Move em or create em
     if ($profile['pp_main_photo']) {
         //-----------------------------------------
         // Already a dir?
         //-----------------------------------------
         $upload_path = $this->settings['upload_dir'];
         $upload_dir;
         if (!file_exists($upload_path . "/profile")) {
             if (@mkdir($upload_path . "/profile", 0777)) {
                 @file_put_contents($upload_path . '/profile/index.html', '');
                 @chmod($upload_path . "/profile", 0777);
                 # Set path and dir correct
                 $upload_path .= "/profile";
                 $upload_dir = "profile/";
             } else {
                 # Set path and dir correct
                 $upload_dir = "";
             }
         } else {
             # Set path and dir correct
             $upload_path .= "/profile";
             $upload_dir = "profile/";
         }
         // What's the extension?
         $e = explode('.', $profile['pp_main_photo']);
         $extension = array_pop($e);
         // There's an issue with profile photo thumbnail rebuilds. Waiting on the deal with that issue before adjusting this.
         // For now, we'll just set the thumbnail the same as the main photo.
         $profile['pp_thumb_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
         if ($profile['photo_data']) {
             //$this->createFile($profile['pp_main_photo'], $profile['photo_data'], $profile['photo_filesize'], $this->settings['upload_dir']);
             $this->createFile("photo-{$memberId}.{$extension}", $profile['photo_data'], $profile['photo_filesize'], $upload_path);
             $profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
         } else {
             //$this->moveFiles(array($profile['pp_main_photo']), $profile_path, $this->settings['upload_dir']);
             $this->moveFiles(array($profile['pp_main_photo']), $pic_path, $upload_path);
             if ($upload_dir != '' && @rename($upload_path . "/{$profile['pp_main_photo']}", $upload_path . "/photo-{$memberId}.{$extension}")) {
                 $profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
             }
         }
         // Try and get width and height.
         $dimensions = @getimagesize($upload_dir . 'photo-' . $memberId . '.' . $extension);
         // Add some triple checks.
         $profile['pp_main_width'] = $dimensions[0] ? $dimensions[0] : 1;
         $profile['pp_main_height'] = $dimensions[1] ? $dimensions[1] : 1;
         $profile['pp_thumb_width'] = $dimensions[0] ? $dimensions[0] : 1;
         $profile['pp_thumb_height'] = $dimensions[1] ? $dimensions[1] : 1;
     }
     $profile['pp_photo_type'] = $profile['photo_type'];
     unset($profile['avatar_data']);
     unset($profile['photo_data']);
     unset($profile['photo_filesize']);
     unset($profile['avatar_filesize']);
     unset($profile['photo_type']);
     unset($profile['photo_location']);
     unset($profile['notes']);
     // need to stop fields which have been added by hooks getting through. See ticket 854980 as to why this is needed.
     if (is_array($profile)) {
         // set the fields we're allowed (I can't think of a better way of populating this array unfortunately)
         $allowedFields = array('pp_member_id', 'pp_last_visitors', 'pp_rating_hits', 'pp_rating_value', 'pp_rating_real', 'pp_main_photo', 'pp_main_width', 'pp_main_height', 'pp_thumb_photo', 'pp_thumb_width', 'pp_thumb_height', 'pp_setting_moderate_comments', 'pp_setting_moderate_friends', 'pp_setting_count_friends', 'pp_setting_count_comments', 'pp_setting_count_visitors', 'pp_about_me', 'pp_reputation_points', 'pp_gravatar', 'pp_photo_type', 'signature', 'avatar_location', 'avatar_size', 'avatar_type', 'pconversation_filters', 'fb_photo', 'fb_photo_thumb', 'fb_bwoptions', 'tc_last_sid_import', 'tc_photo', 'tc_bwoptions', 'pp_customization', 'pp_profile_update');
         foreach ($profile as $k => $v) {
             // not in allowed array? unset. (this stops fields from hooks making it through)
             if (!in_array($k, $allowedFields)) {
                 unset($profile[$k]);
             }
         }
     }
     // check if we passed in custom..
     $profileFields = array();
     $profileFields['member_id'] = $memberId;
     if (!empty($custom)) {
         $profileFields = array_merge($profileFields, $custom);
     }
     // First member?
     if ($info['id'] != $this->memberData['member_id']) {
         if ($this->usingExtendedInserts) {
             // Add it to the extended insert array which runs on next()
             $this->extendedInserts['profile_portal'][] = $this->DB->compileInsertString($profile);
             // Custom profile fields
             $this->extendedInserts['pfields_content'][] = $this->DB->compileInsertString($profileFields);
         } else {
             $this->DB->insert('profile_portal', $profile);
             $this->DB->insert('pfields_content', $profileFields);
         }
     } else {
         if ($this->usingExtendedInserts) {
             unset($profileFields['member_id']);
             unset($profile['pp_member_id']);
             $this->DB->update('profile_portal', $profile, "pp_member_id=" . $this->memberData['member_id']);
             $this->DB->update('pfields_content', $profileFields, "member_id=" . $this->memberData['member_id']);
         } else {
             $this->DB->insert('profile_portal', $profile);
             $this->DB->insert('pfields_content', $profileFields);
         }
     }
     // Conversion cycle complete
     return true;
 }
Beispiel #4
0
 /**
  * Update a user's login or display name
  *
  * @param	string		Field to update
  * @return	@e void		[Outputs to screen]
  */
 protected function save_member_name($field = 'members_display_name')
 {
     $member_id = intval($this->request['member_id']);
     $member = IPSMember::load($member_id);
     //-----------------------------------------
     // Allowed to edit administrators?
     //-----------------------------------------
     if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
         $this->registry->output->showError($this->lang->words['m_editadmin']);
     }
     if ($field == 'members_display_name') {
         $display_name = $this->request['display_name'];
         $display_name = str_replace("&#43;", "+", $display_name);
     } else {
         $display_name = $this->request['name'];
         $display_name = str_replace("&#43;", "+", $display_name);
         $display_name = str_replace('|', '&#124;', $display_name);
         $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name));
     }
     if ($this->settings['strip_space_chr']) {
         // use hexdec to convert between '0xAD' and chr
         $display_name = IPSText::removeControlCharacters($display_name);
     }
     if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", IPSText::UNhtmlspecialchars($display_name))) {
         $this->registry->output->showError($this->lang->words['m_displaynames']);
     }
     try {
         if (IPSMember::getFunction()->updateName($member_id, $display_name, $field, TRUE) === TRUE) {
             if ($field == 'members_display_name') {
                 ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name));
             } else {
                 ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name));
                 //-----------------------------------------
                 // If updating a name, and display names
                 //	disabled, update display name too
                 //-----------------------------------------
                 if (!ipsRegistry::$settings['auth_allow_dnames']) {
                     IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name', TRUE);
                 }
                 //-----------------------------------------
                 // I say, did we choose to email 'dis member?
                 //-----------------------------------------
                 if ($this->request['send_email'] == 1) {
                     //-----------------------------------------
                     // By golly, we did!
                     //-----------------------------------------
                     $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents'])));
                     $msg = str_replace("{old_name}", $member['name'], $msg);
                     $msg = str_replace("{new_name}", $display_name, $msg);
                     $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg);
                     $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg);
                     IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg));
                     IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj'];
                     IPSText::getTextClass('email')->to = $member['email'];
                     IPSText::getTextClass('email')->sendMail();
                 }
             }
             $this->cache->rebuildCache('stats', 'global');
         } else {
             # We should absolutely never get here. So this is a fail-safe, really to
             # prevent a "false" positive outcome for the end-user
             $this->registry->output->showError($this->lang->words['m_namealready']);
         }
     } catch (Exception $error) {
         //	$this->returnJsonError( $error->getMessage() );
         switch ($error->getMessage()) {
             case 'NO_USER':
                 $this->registry->output->showError($this->lang->words['m_noid']);
                 break;
             case 'NO_PERMISSION':
             case 'NO_NAME':
                 $this->registry->output->showError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length']));
                 break;
             case 'ILLEGAL_CHARS':
                 $this->registry->output->showError($this->lang->words['m_illegal']);
                 break;
             case 'USER_NAME_EXISTS':
                 $this->registry->output->showError($this->lang->words['m_namealready']);
                 break;
             default:
                 $this->registry->output->showError($error->getMessage());
                 break;
         }
     }
     $this->registry->output->global_message = $this->lang->words[$field . '_updated_success'];
     $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id);
 }
 /**
  * UserCP Save Form: Display Name
  *
  * @return	mixed	Array of errors / boolean true
  */
 public function saveFormDisplayname()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $members_display_name = trim($this->request['displayName']);
     $password_check = trim($this->request['displayPassword']);
     //-----------------------------------------
     // Check for blanks...
     //-----------------------------------------
     if (!$members_display_name or !$this->_isFBUser and !$password_check) {
         return array(0 => $this->lang->words['complete_entire_form']);
     }
     //-----------------------------------------
     // Check password
     //-----------------------------------------
     if (!$this->_isFBUser) {
         if ($this->_checkPassword($password_check) === FALSE) {
             return array(0 => $this->lang->words['current_pw_bad']);
         }
     }
     try {
         if (IPSMember::getFunction()->updateName($this->memberData['member_id'], $members_display_name, 'members_display_name') === TRUE) {
             $this->cache->rebuildCache('stats', 'global');
             return $this->showFormDisplayname('', $this->lang->words['dname_change_ok']);
         } else {
             # We should absolutely never get here. So this is a fail-safe, really to
             # prevent a "false" positive outcome for the end-user
             return array(0 => $this->lang->words['name_taken_change']);
         }
     } catch (Exception $error) {
         switch ($error->getMessage()) {
             case 'NO_MORE_CHANGES':
                 return array(0 => $this->lang->words['name_change_no_more']);
                 break;
             case 'NO_USER':
                 return array(0 => $this->lang->words['name_change_noload']);
                 break;
             case 'NO_PERMISSION':
                 return array(0 => $this->lang->words['name_change_noperm']);
             case 'NO_NAME':
                 return array(0 => sprintf($this->lang->words['name_change_tooshort'], $this->settings['max_user_name_length']));
                 break;
             case 'TOO_LONG':
                 return array(0 => sprintf($this->lang->words['name_change_tooshort'], $this->settings['max_user_name_length']));
                 break;
             case 'ILLEGAL_CHARS':
                 return array(0 => $this->lang->words['name_change_illegal']);
                 break;
             case 'USER_NAME_EXISTS':
                 return array(0 => $this->lang->words['name_change_taken']);
                 break;
             default:
                 return array(0 => $error->getMessage());
                 break;
         }
     }
     return TRUE;
 }
 /**
  * Update a member's avatar
  *
  * @access	private
  * @return	void		[Outputs to screen]
  * @author	Brandon Farber
  * @since	IPB3 / 9 June 2008
  */
 private function _processAvatar()
 {
     $member_id = intval($this->request['member_id']);
     try {
         IPSMember::getFunction()->saveNewAvatar($member_id);
     } catch (Exception $error) {
         switch ($error->getMessage()) {
             case 'NO_MEMBER_ID':
                 $this->registry->output->showError($this->lang->words['t_noid'], 11356);
                 break;
             case 'NO_PERMISSION':
                 $this->registry->output->showError($this->lang->words['t_permav'], 11357, true);
                 break;
             case 'UPLOAD_NO_IMAGE':
                 $this->registry->output->showError($this->lang->words['t_uploadfail1'], 11358);
                 break;
             case 'UPLOAD_INVALID_FILE_EXT':
                 $this->registry->output->showError($this->lang->words['t_uploadfail2'], 11359);
                 break;
             case 'UPLOAD_TOO_LARGE':
                 $this->registry->output->showError($this->lang->words['t_uploadfail3'], 11360);
                 break;
             case 'UPLOAD_CANT_BE_MOVED':
                 $this->registry->output->showError($this->lang->words['t_uploadfail4'], 11361);
                 break;
             case 'UPLOAD_NOT_IMAGE':
                 $this->registry->output->showError($this->lang->words['t_uploadfail5'], 2131, true);
                 break;
             case 'NO_AVATAR_TO_SAVE':
                 $this->registry->output->showError($this->lang->words['t_noav'], 11362);
                 break;
             case 'INVALID_FILE_EXT':
                 $this->registry->output->showError($this->lang->words['t_badavext'], 11362);
                 break;
         }
     }
     $this->registry->output->redirect($this->settings['_base_url'] . "app=members&amp;module=members&amp;section=members&amp;do=viewmember&amp;member_id={$this->request['member_id']}", $this->lang->words['t_avupdated']);
 }
 /**
  * Change account data
  *
  * @param	int		ID number
  * @param	string	md5( IPS Connect Key (see login method) . ID number )
  * @param	string	New username (blank means do not change)
  * @param	string	New displayname (blank means do not change)
  * @param	string	New email address (blank means do not change)
  * @param	string	New password, md5 encoded (blank means do not change)
  * @param	string	Redirect URL, Base64 encoded
  * @param	string	md5( IPS Connect Key . $redirect )
  * @return	mixed	If the redirect URL is provided, this function should redirect the user to that URL with a single paramater - 'status'
  *					If blank, will output to screen a JSON object with the same parameter
  *					Values:
  *						BAD_KEY				Invalid Key
  *						NO_USER				ID number not match any member account
  *						SUCCESS				Information changed successfully
  *						USERNAME_IN_USE		The chosen username was in use and as a result NO information was changed
  *						DISPLAYNAME_IN_USE	The chosen username was in use and as a result NO information was changed
  *						EMAIL_IN_USE		The chosen username was in use and as a result NO information was changed
  *						MISSING_DATA		No details to be changed were provided
  */
 public function change($id, $key, $username, $displayname, $email, $md5Password, $redirect, $redirectHash)
 {
     if ($key != md5($this->masterKey . $id)) {
         $this->_return(base64_encode($this->settings['board_url']), array('status' => 'BAD_KEY'));
     }
     $member = IPSMember::load(intval($id), 'none', 'id');
     if (!$member['member_id']) {
         $this->_return($redirect, array('status' => 'NO_USER'));
     }
     $update = array();
     if ($username) {
         if (IPSMember::getFunction()->checkNameExists($username, $member, 'name', TRUE)) {
             $this->_return($redirect, array('status' => 'USERNAME_IN_USE'));
         }
         $update['name'] = $username;
     }
     if ($displayname) {
         if (IPSMember::getFunction()->checkNameExists($displayname, $member, 'members_display_name', TRUE)) {
             $this->_return($redirect, array('status' => 'DISPLAYNAME_IN_USE'));
         }
         $update['members_display_name'] = $displayname;
     }
     if ($email) {
         if (IPSMember::checkByEmail($email)) {
             $this->_return($redirect, array('status' => 'EMAIL_IN_USE'));
         }
         $update['email'] = $email;
     }
     if (empty($update)) {
         if (!$md5Password) {
             $this->_return($redirect, array('status' => 'MISSING_DATA'));
         }
     } else {
         IPSMember::save($member['member_id'], array('members' => $update));
     }
     if ($md5Password) {
         IPSMember::updatePassword($member['member_id'], $md5Password);
     }
     if ($redirect) {
         $redirect = $redirectHash == md5($this->masterKey . $redirect) ? $redirect : base64_encode($this->settings['board_url']);
     }
     $this->_return($redirect, array('status' => 'SUCCESS'));
 }
 /**
  * Processes the registration form
  *
  * @access	public
  * @return	void
  */
 public function registerProcessForm()
 {
     $form_errors = array();
     $coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
     $in_password = trim($this->request['PassWord']);
     $in_email = strtolower(trim($this->request['EmailAddress']));
     $_SFS_FOUND = FALSE;
     /* Check */
     if ($this->settings['no_reg'] == 1) {
         $this->registry->output->showError('registration_disabled', 2016, true);
     }
     /* Custom profile field stuff */
     require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
     $custom_fields = new customProfileFields();
     $custom_fields->initData('edit');
     $custom_fields->parseToSave($this->request, 'register');
     /* Check */
     if ($custom_fields->error_messages) {
         $form_errors['general'] = $custom_fields->error_messages;
     }
     /* Check the email address */
     if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
         $form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
     }
     if (trim($this->request['PassWord_Check']) != $in_password) {
         $form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
     }
     /* Test email address */
     $this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two']));
     $this->request['EmailAddress'] = strtolower(trim($this->request['EmailAddress']));
     if (!IPSText::checkEmailAddress($this->request['EmailAddress_two'])) {
         $form_errors['email'][$this->lang->words['reg_error_email_invalid']] = $this->lang->words['reg_error_email_invalid'];
     } else {
         if ($in_email and $this->request['EmailAddress_two'] != $in_email) {
             $form_errors['email'][$this->lang->words['reg_error_email_nm']] = $this->lang->words['reg_error_email_nm'];
         }
     }
     /* Need username? */
     $uses_name = false;
     foreach ($this->cache->getCache('login_methods') as $method) {
         if ($method['login_user_id'] == 'username') {
             $uses_name = true;
         }
     }
     if (!$uses_name) {
         $_REQUEST['UserName'] = $_REQUEST['members_display_name'];
         $this->request['UserName'] = $this->request['members_display_name'];
     }
     /* Check the username */
     $user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['UserName'], array(), 'name');
     if ($this->settings['auth_allow_dnames']) {
         $disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
     }
     if (is_array($user_check['errors']) && count($user_check['errors'])) {
         foreach ($user_check['errors'] as $key => $error) {
             $form_errors[$key][] = $error;
         }
     }
     if ($this->settings['auth_allow_dnames'] and is_array($disp_check['errors']) && count($disp_check['errors'])) {
         foreach ($disp_check['errors'] as $key => $error) {
             $form_errors[$key][] = $error;
         }
     }
     /* CHECK 1: Any errors (missing fields, etc)? */
     if (count($form_errors)) {
         $this->registerForm($form_errors);
         return;
     }
     /* Is this email addy taken? */
     if (IPSMember::checkByEmail($in_email) == TRUE) {
         $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
     }
     /* Load handler... */
     require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
     $this->han_login = new han_login($this->registry);
     $this->han_login->init();
     $this->han_login->emailExistsCheck($in_email);
     if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
         $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
     }
     /* Are they banned [EMAIL]? */
     if (IPSMember::isBanned('email', $in_email) === TRUE) {
         $form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
     }
     /* Check the CAPTCHA */
     if ($this->settings['bot_antispam']) {
         if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
             $form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
         }
     }
     /* Check the Q and A */
     if ($this->settings['registration_qanda']) {
         $qanda = intval($this->request['qanda_id']);
         $pass = false;
         if ($qanda) {
             $data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
             if ($data['qa_id']) {
                 $answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
                 if (count($answers)) {
                     foreach ($answers as $answer) {
                         if (strtolower($answer) == strtolower($this->request['qa_answer'])) {
                             $pass = true;
                             break;
                         }
                     }
                 }
             }
         } else {
             //-----------------------------------------
             // Do we have any questions?
             //-----------------------------------------
             $data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
             if (!$data['questions']) {
                 $pass = true;
             }
         }
         if (!$pass) {
             $form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
         }
     }
     /* CHECK 2: Any errors ? */
     if (count($form_errors)) {
         $this->registerForm($form_errors);
         return;
     }
     /* Build up the hashes */
     $mem_group = $this->settings['member_group'];
     /* Are we asking the member or admin to preview? */
     if ($this->settings['reg_auth_type']) {
         $mem_group = $this->settings['auth_group'];
     } else {
         if ($coppa == 1) {
             $mem_group = $this->settings['auth_group'];
         }
     }
     /* Create member */
     $member = array('name' => $this->request['UserName'], 'password' => $in_password, 'members_display_name' => $this->settings['auth_allow_dnames'] ? $this->request['members_display_name'] : $this->request['UserName'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->request['dst']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'hide_email' => $this->request['allow_member_mail'] ? 0 : 1);
     /* Spam Service */
     $spamCode = 0;
     if ($this->settings['spam_service_enabled'] && $this->settings['spam_service_api_key']) {
         /* Query the service */
         $spamCode = IPSMember::querySpamService($in_email);
         /* Action to perform */
         $action = $this->settings['spam_service_action_' . $spamCode];
         /* Perform Action */
         switch ($action) {
             /* Proceed with registraction */
             case 1:
                 break;
                 /* Flag for admin approval */
             /* Flag for admin approval */
             case 2:
                 $member['member_group_id'] = $this->settings['auth_group'];
                 $this->settings['reg_auth_type'] = 'admin';
                 break;
                 /* Approve the account, but ban it */
             /* Approve the account, but ban it */
             case 3:
                 $member['member_banned'] = 1;
                 $member['member_group_id'] = $this->settings['banned_group'];
                 $this->settings['reg_auth_type'] = '';
                 break;
         }
     }
     //-----------------------------------------
     // Create the account
     //-----------------------------------------
     $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
     //-----------------------------------------
     // Login handler create account callback
     //-----------------------------------------
     $this->han_login->createAccount(array('email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name']));
     //-----------------------------------------
     // We'll just ignore if this fails - it shouldn't hold up IPB anyways
     //-----------------------------------------
     /*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
     		{
     			$this->registry->output->showError( 'han_login_create_failed', 2017, true );
     		}*/
     //-----------------------------------------
     // Validation
     //-----------------------------------------
     $validate_key = md5(IPSLib::makePassword() . time());
     $time = time();
     if ($coppa != 1) {
         if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
             //-----------------------------------------
             // We want to validate all reg's via email,
             // after email verificiation has taken place,
             // we restore their previous group and remove the validate_key
             //-----------------------------------------
             $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
             if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
                 IPSText::getTextClass('email')->getTemplate("reg_validate");
                 IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['base_url'] . "app=core&module=global&section=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global&section=register&do=05", 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key));
                 IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name'];
                 IPSText::getTextClass('email')->to = $member['email'];
                 IPSText::getTextClass('email')->sendMail();
                 $this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
             } else {
                 if ($this->settings['reg_auth_type'] == 'admin') {
                     $this->output = $this->registry->output->getTemplate('register')->showPreview($member);
                 }
             }
             if ($this->settings['new_reg_notify']) {
                 $date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
                 IPSText::getTextClass('email')->getTemplate('admin_newuser');
                 IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
                 IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
                 IPSText::getTextClass('email')->to = $this->settings['email_in'];
                 IPSText::getTextClass('email')->sendMail();
             }
             $this->registry->output->setTitle($this->lang->words['reg_success']);
             $this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
         } else {
             /* We don't want to preview, or get them to validate via email. */
             $stat_cache = $this->caches['stats'];
             if ($member['members_display_name'] and $member['member_id']) {
                 $stat_cache['last_mem_name'] = $member['members_display_name'];
                 $stat_cache['last_mem_id'] = $member['member_id'];
             }
             $stat_cache['mem_count'] += 1;
             $this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0));
             if ($this->settings['new_reg_notify']) {
                 $date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
                 IPSText::getTextClass('email')->getTemplate('admin_newuser');
                 IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
                 IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
                 IPSText::getTextClass('email')->to = $this->settings['email_in'];
                 IPSText::getTextClass('email')->sendMail();
             }
             IPSCookie::set('pass_hash', $member['member_login_key'], 1);
             IPSCookie::set('member_id', $member['member_id'], 1);
             //-----------------------------------------
             // Fix up session
             //-----------------------------------------
             $privacy = $this->request['Privacy'] ? 1 : 0;
             if ($member['g_hide_online_list']) {
                 $privacy = 1;
             }
             $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
             $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global&section=login&do=autologin&fromreg=1');
         }
     } else {
         /* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
         $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
         $this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&amp;module=global&amp;section=register&amp;do=12');
     }
 }
 /**
  * Manage validating members
  *
  * @access	private
  * @return	void		[Outputs to screen]
  */
 private function _manageValidating()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $ids = array();
     //-----------------------------------------
     // GET checkboxes
     //-----------------------------------------
     foreach ($this->request as $k => $v) {
         if (preg_match("/^mid_(\\d+)\$/", $k, $match)) {
             if ($v) {
                 $ids[] = $match[1];
             }
         }
     }
     $ids = IPSLib::cleanIntArray($ids);
     //-----------------------------------------
     // Check
     //-----------------------------------------
     if (count($ids) < 1) {
         $this->registry->output->showError($this->lang->words['t_nomemsel'], 11247);
     }
     //-----------------------------------------
     // APPROVE
     //-----------------------------------------
     if ($this->request['type'] == 'approve') {
         IPSText::getTextClass('email')->getTemplate("complete_reg");
         $approved = array();
         //-----------------------------------------
         // Get members
         //-----------------------------------------
         $this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.member_id, m.members_display_name, m.name, m.email, m.member_group_id', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left'))));
         $main = $this->DB->execute();
         while ($row = $this->DB->fetch($main)) {
             $approved[] = $row['name'];
             //-----------------------------------------
             // Only approve if the user is validating
             //-----------------------------------------
             if ($row['member_group_id'] != $this->settings['auth_group']) {
                 continue;
             }
             //-----------------------------------------
             // Don't approve if no real_group set
             //-----------------------------------------
             if (!$row['real_group']) {
                 //$row['real_group'] = $this->settings['member_group'];
                 continue;
             }
             //-----------------------------------------
             // We don't approve lost pass requests
             //-----------------------------------------
             if ($row['lost_pass'] == 1) {
                 continue;
             }
             try {
                 IPSMember::save($row['member_id'], array('core' => array('member_group_id' => $row['real_group'])));
             } catch (Exception $error) {
                 $this->registry->output->showError($error->getMessage(), 11247);
             }
             IPSText::getTextClass('email')->buildMessage(array());
             //-----------------------------------------
             // Using 'name' on purpose
             // @see http://forums./index.php?autocom=tracker&showissue=11564&view=findpost&p=45269
             //-----------------------------------------
             IPSText::getTextClass('email')->subject = sprintf($this->lang->words['subject__complete_reg'], $row['name'], $this->settings['board_name']);
             IPSText::getTextClass('email')->to = $row['email'];
             IPSText::getTextClass('email')->sendMail();
             IPSLib::runMemberSync('onGroupChange', $row['member_id'], $row['real_group']);
         }
         $this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")");
         ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_memregapp2'] . implode(", ", $approved));
         //-----------------------------------------
         // Stats to Update?
         //-----------------------------------------
         $this->cache->rebuildCache('stats', 'global');
         $this->registry->output->global_message = count($ids) . $this->lang->words['t_memregapp'];
         if ($this->request['_return']) {
             $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'app=members&module=members&section=members&do=viewmember&member_id=' . $this->request['_return']);
         }
         $this->_viewQueue('validating');
         return;
     } else {
         if ($this->request['type'] == 'resend') {
             $reset = array();
             $cant = array();
             $main_msgs = array();
             //-----------------------------------------
             // Get members
             //-----------------------------------------
             $this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.member_id, m.members_display_name, m.email, m.member_group_id', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left'))));
             $main = $this->DB->execute();
             while ($row = $this->DB->fetch($main)) {
                 if ($row['member_group_id'] != $this->settings['auth_group']) {
                     continue;
                 }
                 if ($row['lost_pass']) {
                     IPSText::getTextClass('email')->getTemplate("lost_pass");
                     IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['members_display_name'], 'THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=lostpass&do=sendform&uid=" . $row['member_id'] . "&aid=" . $val['vid'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=lostpass", 'EMAIL' => $row['email'], 'ID' => $row['member_id'], 'CODE' => $row['vid'], 'IP_ADDRESS' => $row['ip_address']));
                     IPSText::getTextClass('email')->subject = $this->lang->words['t_passwordrec'] . $this->settings['board_name'];
                     IPSText::getTextClass('email')->to = $row['email'];
                     IPSText::getTextClass('email')->sendMail();
                 } else {
                     if ($row['new_reg']) {
                         if ($row['user_verified']) {
                             $cant[] = $row['members_display_name'];
                             continue;
                         }
                         IPSText::getTextClass('email')->getTemplate("reg_validate");
                         IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=register&do=auto_validate&uid=" . $row['member_id'] . "&aid=" . $row['vid'], 'NAME' => $row['members_display_name'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=register&do=05", 'EMAIL' => $row['email'], 'ID' => $row['member_id'], 'CODE' => $row['vid']));
                         IPSText::getTextClass('email')->subject = $this->lang->words['t_regat'] . $this->settings['board_name'];
                         IPSText::getTextClass('email')->to = $row['email'];
                         IPSText::getTextClass('email')->sendMail();
                     } else {
                         if ($row['email_chg']) {
                             IPSText::getTextClass('email')->getTemplate("newemail");
                             IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['members_display_name'], 'THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=register&do=auto_validate&type=newemail&uid=" . $row['member_id'] . "&aid=" . $row['vid'], 'ID' => $row['member_id'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global&section=register&do=user_validate", 'CODE' => $row['vid']));
                             IPSText::getTextClass('email')->subject = $this->lang->words['t_emailchange'] . $this->settings['board_name'];
                             IPSText::getTextClass('email')->to = $row['email'];
                             IPSText::getTextClass('email')->sendMail();
                         }
                     }
                 }
                 $resent[] = $row['members_display_name'];
             }
             if (count($resent)) {
                 ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($resent) . $this->lang->words['tools_val_resent_log'] . implode(", ", $resent));
                 $main_msgs[] = count($resent) . $this->lang->words['t_vallog'] . implode(", ", $resent);
             }
             if (count($cant)) {
                 $main_msgs[] = $this->lang->words['t_valcannot'] . implode(", ", $cant);
             }
             $this->registry->output->global_message = count($main_msgs) ? implode("<br />", $main_msgs) : '';
             $this->_viewQueue('validating');
             return;
         } else {
             if ($this->request['type'] == 'ban') {
                 $this->DB->update('members', array('member_banned' => 1), "member_id IN(" . implode(",", $ids) . ")");
                 $this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")");
                 ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_membanned']);
                 $this->registry->output->global_message = count($ids) . $this->lang->words['t_membanned'];
                 $this->_viewQueue('validating');
                 return;
             } else {
                 if ($this->request['type'] == 'spam') {
                     /* Grab members */
                     $members = IPSMember::load($ids);
                     /* Load moderator's library */
                     require IPSLib::getAppDir('forums') . '/sources/classes/moderate.php';
                     $modLibrary = new moderatorLibrary($this->registry);
                     /* Load custom fields class */
                     require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
                     $fields = new customProfileFields();
                     /* Load language file */
                     $this->registry->getClass('class_localization')->loadLanguageFile(array('public_mod'), 'forums');
                     foreach ($members as $member_id => $member) {
                         $toSave = array('core' => array('bw_is_spammer' => 1, 'member_group_id' => $this->settings['member_group']));
                         /* Protected group? */
                         if (strstr(',' . $this->settings['warn_protected'] . ',', ',' . $member['member_group_id'] . ',')) {
                             continue;
                         }
                         /* What do to.. */
                         if ($this->settings['spm_option']) {
                             switch ($this->settings['spm_option']) {
                                 case 'disable':
                                     $toSave['core']['restrict_post'] = 1;
                                     $toSave['core']['members_disable_pm'] = 2;
                                     break;
                                 case 'unapprove':
                                     $toSave['core']['restrict_post'] = 1;
                                     $toSave['core']['members_disable_pm'] = 2;
                                     /* Unapprove posts and topics */
                                     $modLibrary->toggleApproveMemberContent($member_id, FALSE, 'all', intval($this->settings['spm_post_days']) * 24);
                                     break;
                                 case 'ban':
                                     /* Unapprove posts and topics */
                                     $modLibrary->toggleApproveMemberContent($member_id, FALSE, 'all', intval($this->settings['spm_post_days']) * 24);
                                     $toSave = array('core' => array('member_banned' => 1, 'title' => '', 'bw_is_spammer' => 1), 'extendedProfile' => array('signature' => '', 'pp_bio_content' => '', 'pp_about_me' => '', 'pp_status' => ''));
                                     //-----------------------------------------
                                     // Avatar
                                     //-----------------------------------------
                                     $toSave['extendedProfile']['avatar_location'] = "";
                                     $toSave['extendedProfile']['avatar_size'] = "";
                                     try {
                                         IPSMember::getFunction()->removeAvatar($member['member_id']);
                                     } catch (Exception $e) {
                                         // Maybe should show an error or something
                                     }
                                     //-----------------------------------------
                                     // Photo
                                     //-----------------------------------------
                                     IPSMember::getFunction()->removeUploadedPhotos($member['member_id']);
                                     $toSave['extendedProfile'] = array_merge($toSave['extendedProfile'], array('pp_main_photo' => '', 'pp_main_width' => '', 'pp_main_height' => '', 'pp_thumb_photo' => '', 'pp_thumb_width' => '', 'pp_thumb_height' => ''));
                                     //-----------------------------------------
                                     // Profile fields
                                     //-----------------------------------------
                                     $fields->member_data = $member;
                                     $fields->initData('edit');
                                     $fields->parseToSave(array());
                                     if (count($fields->out_fields)) {
                                         $toSave['customFields'] = $fields->out_fields;
                                     }
                                     //-----------------------------------------
                                     // Update signature content cache
                                     //-----------------------------------------
                                     IPSContentCache::update($member['member_id'], 'sig', '');
                                     break;
                             }
                         }
                         /* Send an email */
                         if ($this->settings['spm_notify'] and $this->settings['email_out'] != $this->memberData['email']) {
                             IPSText::getTextClass('email')->getTemplate('possibleSpammer');
                             IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->class_localization->getDate($member['joined'], 'LONG', 1), 'MEMBER_NAME' => $member['members_display_name'], 'IP' => $member['ip_address'], 'EMAIL' => $member['email'], 'LINK' => $this->registry->getClass('output')->buildSEOUrl("showuser="******"member_id IN(" . implode(",", $ids) . ")");
                         $this->registry->output->global_message = count($ids) . ' ' . $this->lang->words['t_setasspammers'];
                         $this->_viewQueue('validating');
                         return;
                     }
                 } else {
                     $denied = array();
                     $this->DB->build(array('select' => 'members_display_name', 'from' => 'members', 'where' => "member_id IN(" . implode(",", $ids) . ")"));
                     $this->DB->execute();
                     while ($r = $this->DB->fetch()) {
                         $denied[] = $r['members_display_name'];
                     }
                     try {
                         IPSMember::remove($ids);
                     } catch (Exception $error) {
                         $this->registry->output->showError($error->getMessage(), 11247);
                     }
                     ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_regdenied'] . implode(", ", $denied));
                     $this->registry->output->global_message = count($ids) . $this->lang->words['t_removedmem'];
                     $this->_viewQueue('validating');
                     return;
                 }
             }
         }
     }
 }
Beispiel #10
0
 /**
  * Function to resync a member's Twitter data
  *
  * @access	public
  * @param	mixed		Member Data in an array form (result of IPSMember::load( $id, 'all' ) ) or a member ID
  * @return	array 		Updated member data	
  *
  * EXCEPTION CODES:
  * NO_MEMBER		Member ID does not exist
  * NOT_LINKED		Member ID or data specified is not linked to a FB profile
  */
 public function syncMember($memberData)
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $exProfile = array();
     /* Do we need to load a member? */
     if (!is_array($memberData)) {
         $memberData = IPSMember::load(intval($memberData), 'all');
     }
     /* Got a member? */
     if (!$memberData['member_id']) {
         throw new Exception('NO_MEMBER');
     }
     /* Linked account? */
     if (!$memberData['twitter_id']) {
         throw new Exception('NOT_LINKED');
     }
     /* Not completed sign up ( no display name ) */
     if ($memberData['member_group_id'] == $this->settings['auth_group']) {
         return false;
     }
     /* Thaw Options */
     $bwOptions = IPSBWOptions::thaw($memberData['tc_bwoptions'], 'twitter');
     /* Grab the data */
     try {
         $this->resetApi($memberData['twitter_token'], $memberData['twitter_secret']);
         if ($this->isConnected()) {
             $user = $this->fetchUserData();
             /* Load library */
             if ($bwOptions['tc_s_pic']) {
                 $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/photo.php', 'classes_member_photo');
                 $photo = new $classToLoad($this->registry);
                 $photo->save($memberData, 'twitter');
             }
             if ($bwOptions['tc_s_aboutme']) {
                 $exProfile['pp_about_me'] = IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($user['description'], 'utf-8', IPS_DOC_CHAR_SET));
             }
             if ($bwOptions['tc_si_status'] and (isset($memberData['gbw_no_status_import']) and !$memberData['gbw_no_status_import']) and !$memberData['bw_no_status_update']) {
                 /* Fetch timeline */
                 $memberData['tc_last_sid_import'] = $memberData['tc_last_sid_import'] < 1 ? 100 : $memberData['tc_last_sid_import'];
                 $_updates = $this->fetchUserTimeline($user['id'], $memberData['tc_last_sid_import'], true);
                 /* Got any? */
                 if (count($_updates)) {
                     $update = array_shift($_updates);
                     if (is_array($update) and isset($update['text'])) {
                         /* Load status class */
                         if (!$this->registry->isClassLoaded('memberStatus')) {
                             $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/status.php', 'memberStatus');
                             $this->registry->setClass('memberStatus', new $classToLoad(ipsRegistry::instance()));
                         }
                         /* Set Author */
                         $this->registry->getClass('memberStatus')->setAuthor($memberData);
                         $this->registry->getClass('memberStatus')->setStatusOwner($memberData);
                         /* Convert if need be */
                         if (IPS_DOC_CHAR_SET != 'UTF-8') {
                             $update['text'] = IPSText::utf8ToEntities($update['text']);
                         }
                         /* Set Content */
                         $this->registry->getClass('memberStatus')->setContent(trim(IPSText::getTextClass('bbcode')->stripBadWords($update['text'])));
                         /* Set as imported */
                         $this->registry->getClass('memberStatus')->setIsImport(1);
                         /* Set creator */
                         $this->registry->getClass('memberStatus')->setCreator('twitter');
                         /* Can we reply? */
                         if ($this->registry->getClass('memberStatus')->canCreate()) {
                             $this->registry->getClass('memberStatus')->create();
                             $exProfile['tc_last_sid_import'] = $update['id'];
                         }
                     }
                 }
             }
             /* Allowed profile customization? */
             if ($bwOptions['tc_s_bgimg'] and ($user['profile_background_image_url'] or $user['profile_background_color']) and ($this->memberData['gbw_allow_customization'] and !$this->memberData['bw_disable_customization'])) {
                 /* remove bg images */
                 IPSMember::getFunction()->removeUploadedBackgroundImages($memberData['member_id']);
                 $exProfile['pp_customization'] = serialize(array('bg_url' => $user['profile_background_image_url'], 'type' => $user['profile_background_image_url'] ? 'url' : 'color', 'bg_color' => IPSText::alphanumericalClean($user['profile_background_color']), 'bg_tile' => intval($user['profile_background_tile'])));
             }
             /* Update member */
             IPSMember::save($memberData['member_id'], array('core' => array('tc_lastsync' => time()), 'extendedProfile' => $exProfile));
             /* merge and return */
             $memberData['tc_lastsync'] = time();
             $memberData = array_merge($memberData, $exProfile);
         }
     } catch (Exception $e) {
     }
     return $memberData;
 }
 /**
  * UserCP Save Form: Photo
  *
  * @access	public
  * @return	array	Errors
  */
 public function savePhoto()
 {
     //-----------------------------------------
     // Check to make sure that we can edit profiles..
     //-----------------------------------------
     if (!$this->memberData['g_edit_profile']) {
         $this->registry->getClass('output')->showError('members_profile_disabled', 1027);
     }
     //-----------------------------------------
     // Load lang file
     //-----------------------------------------
     $this->registry->class_localization->loadLanguageFile(array('public_profile'), 'members');
     //-----------------------------------------
     // Do upload...
     //-----------------------------------------
     $photo = IPSMember::getFunction()->uploadPhoto();
     if ($photo['status'] == 'fail') {
         return array(0 => $this->lang->words['pp_' . $photo['error']]);
     } else {
         IPSMember::save($this->memberData['member_id'], array('extendedProfile' => array('pp_main_photo' => $photo['final_location'], 'pp_main_width' => intval($photo['final_width']), 'pp_main_height' => intval($photo['final_height']), 'pp_thumb_photo' => $photo['t_final_location'], 'pp_thumb_width' => intval($photo['t_final_width']), 'pp_thumb_height' => intval($photo['t_final_height']))));
     }
     return TRUE;
 }
 /**
  * Show the form
  *
  * @access	protected
  * @return	void		[Outputs to screen]
  */
 protected function show()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $name = trim(IPSText::alphanumericalClean(ipsRegistry::$request['name']));
     $member_id = intval(ipsRegistry::$request['member_id']);
     $output = '';
     //-----------------------------------------
     // Get member data
     //-----------------------------------------
     $member = IPSMember::load($member_id, 'extendedProfile,customFields');
     //-----------------------------------------
     // Got a member?
     //-----------------------------------------
     if (!$member['member_id']) {
         $this->returnJsonError($this->lang->words['t_noid']);
     }
     //-----------------------------------------
     // Return the form
     //-----------------------------------------
     if (method_exists($this->html, $name)) {
         $output = $this->html->{$name}($member);
     } else {
         $save_to = '';
         $div_id = '';
         $form_field = '';
         $text = '';
         $description = '';
         $method = '';
         switch ($name) {
             /*case 'inline_warn_level':
             			$method			= 'inline_form_generic';
             			$save_to		= 'save_generic&amp;field=warn_level';
             			$div_id			= 'warn_level';
             			$form_field		= ipsRegistry::getClass('output')->formInput( "generic__field", $member['warn_level'] );
             			$text			= "Member Warn Level";
             			$description	= "Make adjustments to the member's overall warn level.  This does NOT add a warn log record - you should do so manually using the 'Add New Note' link if you wish to store a log of this adjustment";
             		break;*/
             case 'inline_avatar':
                 if (!$this->registry->getClass('class_permissions')->checkPermission('member_photo', 'members', 'members')) {
                     $this->returnJsonError($this->lang->words['m_nopermban']);
                 }
                 $form = array();
                 $form['avatar_url'] = ipsRegistry::getClass('output')->formInput("avatar_url", $member['avatar_type'] == 'url' ? $member['avatar_location'] : '');
                 $av_categories = array_merge(array(0 => array(0, $this->lang->words['m_selectcat'])), IPSMember::getFunction()->getHostedAvatarCategories());
                 $output = $this->html->inline_avatar_selector($member, $av_categories);
                 break;
         }
         if (!$output and $method and method_exists($html, $method)) {
             $output = $html->{$method}($member, $save_to, $div_id, $form_field, $text, $description);
         }
     }
     //-----------------------------------------
     // Print...
     //-----------------------------------------
     $this->returnHtml($output);
 }
 /**
  * Check the name or display name
  *
  * @access	public
  * @return	void		[Outputs to screen]
  */
 public function checkDisplayName($field = 'members_display_name')
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $this->registry->class_localization->loadLanguageFile(array('public_register'));
     $name = '';
     if (is_string($_POST['name'])) {
         $name = strtolower(trim(rawurldecode($_POST['name'])));
     }
     if (!$name) {
         $this->returnString(sprintf(ipsRegistry::getClass('class_localization')->words['reg_error_no_name'], ipsRegistry::$settings['max_user_name_length']));
     }
     /* Check the username */
     $user_check = IPSMember::getFunction()->cleanAndCheckName($name, array(), $field);
     $errorField = $field == 'members_display_name' ? 'dname' : 'username';
     $nameField = $field == 'members_display_name' ? 'members_display_name' : 'username';
     if (is_array($user_check['errors'][$errorField]) && count($user_check['errors'][$errorField])) {
         $this->returnString($user_check['errors'][$errorField][0]);
         return;
     } else {
         if ($user_check['errors'][$errorField]) {
             $this->returnString($user_check['errors'][$errorField]);
         } else {
             $this->returnString('notfound');
         }
     }
 }
    /**
     * Update a user's login or display name
     *
     * @access	protected
     * @param	string		Field to update
     * @return	void		[Outputs to screen]
     */
    protected function save_member_name($field = 'members_display_name')
    {
        $member_id = intval($this->request['member_id']);
        $member = IPSMember::load($member_id);
        //-----------------------------------------
        // Allowed to edit administrators?
        //-----------------------------------------
        if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
            $this->returnJsonError($this->lang->words['m_editadmin']);
            exit;
        }
        if ($field == 'members_display_name') {
            $display_name = $this->convertAndMakeSafe($_POST['display_name'], 1);
            $display_name = str_replace("&#43;", "+", $display_name);
        } else {
            $display_name = $this->convertAndMakeSafe($_POST['name'], 1);
            $display_name = str_replace("&#43;", "+", $display_name);
            $display_name = str_replace('|', '&#124;', $display_name);
            $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name));
        }
        if ($this->settings['strip_space_chr']) {
            // use hexdec to convert between '0xAD' and chr
            $display_name = IPSText::removeControlCharacters($display_name);
        }
        if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", str_replace('&#39;', "'", str_replace('&amp;', '&', $members_display_name)))) {
            $this->returnJsonError($this->lang->words['m_displaynames']);
        }
        try {
            if (IPSMember::getFunction()->updateName($member_id, $display_name, $field) === TRUE) {
                if ($field == 'members_display_name') {
                    ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name));
                } else {
                    ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name));
                    //-----------------------------------------
                    // If updating a name, and display names
                    //	disabled, update display name too
                    //-----------------------------------------
                    if (!ipsRegistry::$settings['auth_allow_dnames']) {
                        IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name');
                    }
                    //-----------------------------------------
                    // I say, did we choose to email 'dis member?
                    //-----------------------------------------
                    if ($this->request['send_email'] == 1) {
                        //-----------------------------------------
                        // By golly, we did!
                        //-----------------------------------------
                        $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents'])));
                        $msg = str_replace("{old_name}", $member['name'], $msg);
                        $msg = str_replace("{new_name}", $display_name, $msg);
                        $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg);
                        $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg);
                        IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg));
                        IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj'];
                        IPSText::getTextClass('email')->to = $member['email'];
                        IPSText::getTextClass('email')->sendMail();
                    }
                }
                $this->cache->rebuildCache('stats', 'global');
            } else {
                # We should absolutely never get here. So this is a fail-safe, really to
                # prevent a "false" positive outcome for the end-user
                $this->returnJsonError($this->lang->words['m_namealready']);
            }
        } catch (Exception $error) {
            $this->returnJsonError($error->getMessage());
            switch ($error->getMessage()) {
                case 'NO_USER':
                    $this->returnJsonError($this->lang->words['m_noid']);
                    break;
                case 'NO_PERMISSION':
                case 'NO_NAME':
                    $this->returnJsonError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length']));
                    break;
                case 'ILLEGAL_CHARS':
                    $this->returnJsonError($this->lang->words['m_illegal']);
                    break;
                case 'USER_NAME_EXISTS':
                    $this->returnJsonError($this->lang->words['m_namealready']);
                    break;
                default:
                    $this->returnJsonError($error->getMessage());
                    break;
            }
        }
        //-----------------------------------------
        // Load handler...
        //-----------------------------------------
        if ($field == 'name') {
            require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
            $han_login = new han_login($this->registry);
            $han_login->init();
            $han_login->changeName($member['name'], $display_name, $member['email']);
        } else {
            IPSLib::runMemberSync('onNameChange', $member_id, $display_name);
        }
        $__display_name = addslashes($display_name);
        $_string = <<<EOF
\t\t{
\t\t\t'success'      : true,
\t\t\t'display_name' : "{$__display_name}"
\t\t}
\t\t
EOF;
        $this->returnString($_string);
    }
 /**
  * Add a member [process]
  *
  * @access	private
  * @return	void		[Outputs to screen]
  */
 private function _memberDoAdd()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $in_username = trim($this->request['name']);
     $in_password = trim($this->request['password']);
     $in_email = trim(strtolower($this->request['email']));
     $members_display_name = trim($this->request['members_display_name']);
     $this->registry->output->global_message = '';
     //-----------------------------------------
     // Check form
     //-----------------------------------------
     foreach (array('name', 'password', 'email', 'member_group_id') as $field) {
         if (!$_POST[$field]) {
             $this->registry->output->showError($this->lang->words['m_completeform'], 11238);
         }
     }
     //-----------------------------------------
     // Check
     //-----------------------------------------
     if (!IPSText::checkEmailAddress($in_email)) {
         $this->registry->output->global_message = $this->lang->words['m_emailinv'];
     }
     $userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name');
     $displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name');
     if (count($userName['errors'])) {
         $this->registry->output->global_message .= '<p>' . $this->lang->words['sm_loginname'] . ' ' . $userName['errors']['username'] . '</p>';
     }
     if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) {
         $this->registry->output->global_message .= '<p>' . $this->lang->words['sm_display'] . ' ' . $displayName['errors']['dname'] . '</p>';
     }
     /* Errors? */
     if ($this->registry->output->global_message) {
         $this->_memberAddForm();
         return;
     }
     //-----------------------------------------
     // Load handler...
     //-----------------------------------------
     require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
     $this->han_login = new han_login($this->registry);
     $this->han_login->init();
     $this->han_login->emailExistsCheck($in_email);
     if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
         $this->registry->output->global_message = $this->lang->words['m_emailalready'];
         $this->_memberAddForm();
         return;
     }
     //-----------------------------------------
     // Allowed to add administrators?
     //-----------------------------------------
     if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) {
         $this->registry->output->global_message = $this->lang->words['m_addadmin'];
         $this->_memberAddForm();
         return;
     }
     $member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password);
     //-----------------------------------------
     // Create the account
     //-----------------------------------------
     $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
     //-----------------------------------------
     // Login handler create account callback
     //-----------------------------------------
     $this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name']));
     /*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
     		{
     			$this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details;
     			$this->_memberAddForm();
     			return;
     		}*/
     //-----------------------------------------
     // Restriction permissions stuff
     //-----------------------------------------
     if ($this->memberData['row_perm_cache']) {
         if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) {
             //-----------------------------------------
             // Copy restrictions...
             //-----------------------------------------
             $this->DB->insert('admin_permission_rows', array('row_member_id' => $member_id, 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time()));
         }
     }
     //-----------------------------------------
     // Send teh email (I love 'teh' as much as !!11!!1)
     //-----------------------------------------
     if ($this->request['sendemail']) {
         IPSText::getTextClass('email')->getTemplate("account_created");
         IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password));
         IPSText::getTextClass('email')->to = $member['email'];
         IPSText::getTextClass('email')->sendMail();
     }
     //-----------------------------------------
     // Stats
     //-----------------------------------------
     $this->cache->rebuildCache('stats', 'global');
     //-----------------------------------------
     // Log and bog?
     //-----------------------------------------
     ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name']));
     $this->registry->output->global_message = $this->lang->words['m_memadded'];
     $this->request['member_id'] = $member['member_id'];
     $this->_showAdminForm($member, array());
     $this->_memberView();
 }
Beispiel #16
0
 /**
  * Processes the registration form
  *
  * @return	@e void
  */
 public function registerProcessForm()
 {
     $this->_resetMember();
     $form_errors = array();
     $coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
     $in_password = trim($this->request['PassWord']);
     $in_email = strtolower(trim($this->request['EmailAddress']));
     /* Did we agree to the t&c? */
     if (!$this->request['agree_tos']) {
         $form_errors['tos'] = array($this->lang->words['must_agree_to_terms']);
     }
     /* Custom profile field stuff */
     $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
     $custom_fields = new $classToLoad();
     $custom_fields->initData('edit');
     $custom_fields->parseToSave($_POST, 'register');
     /* Check */
     if ($custom_fields->error_messages) {
         $form_errors['general'] = $custom_fields->error_messages;
     }
     /* Check the email address */
     if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
         $form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
     }
     if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) {
         $form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
     }
     /*
     There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
     elseif ( strlen( $in_password ) < 3 )
     {
     	$form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short'];
     }
     elseif ( strlen( $in_password ) > 32 )
     {
     	$form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long'];
     }
     */
     /* Check the username */
     $user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name');
     $disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
     if (is_array($user_check['errors']) && count($user_check['errors'])) {
         foreach ($user_check['errors'] as $key => $error) {
             $form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error;
         }
     }
     /* this duplicates username error above */
     /*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) )
     		{
     			foreach( $disp_check['errors'] as $key => $error )
     			{
     				$form_errors['dname'][ $error ]	= isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error;
     			}
     		}*/
     /* Is this email addy taken? */
     if (IPSMember::checkByEmail($in_email) == TRUE) {
         $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
     }
     /* Load handler... */
     $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
     $this->han_login = new $classToLoad($this->registry);
     $this->han_login->init();
     $this->han_login->emailExistsCheck($in_email);
     if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
         $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
     }
     /* Are they banned [EMAIL]? */
     if (IPSMember::isBanned('email', $in_email) === TRUE) {
         $form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
     }
     /* Check the CAPTCHA */
     if ($this->settings['bot_antispam_type'] != 'none') {
         if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
             $form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
         }
     }
     /* Check the Q and A */
     $qanda = intval($this->request['qanda_id']);
     $pass = true;
     if ($qanda) {
         $pass = false;
         $data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
         if ($data['qa_id']) {
             $answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
             if (count($answers)) {
                 foreach ($answers as $answer) {
                     $answer = trim($answer);
                     if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) {
                         $pass = true;
                         break;
                     }
                 }
             }
         }
     } else {
         //-----------------------------------------
         // Do we have any questions?
         //-----------------------------------------
         $data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
         if ($data['questions']) {
             $pass = false;
         }
     }
     if (!$pass) {
         $form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
     }
     /* CHECK 2: Any errors ? */
     if (count($form_errors)) {
         $this->registerForm($form_errors);
         return;
     }
     /* Build up the hashes */
     $mem_group = $this->settings['member_group'];
     /* Are we asking the member or admin to preview? */
     if ($this->settings['reg_auth_type']) {
         $mem_group = $this->settings['auth_group'];
     } else {
         if ($coppa == 1) {
             $mem_group = $this->settings['auth_group'];
         }
     }
     /* Create member */
     $member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id);
     /* Spam Service */
     $spamCode = 0;
     $_spamFlag = 0;
     if ($this->settings['spam_service_enabled']) {
         /* Query the service */
         $spamCode = IPSMember::querySpamService($in_email);
         /* Action to perform */
         $action = $this->settings['spam_service_action_' . $spamCode];
         /* Perform Action */
         switch ($action) {
             /* Proceed with registration */
             case 1:
                 break;
                 /* Flag for admin approval */
             /* Flag for admin approval */
             case 2:
                 $member['member_group_id'] = $this->settings['auth_group'];
                 $this->settings['reg_auth_type'] = 'admin';
                 $_spamFlag = 1;
                 break;
                 /* Approve the account, but ban it */
             /* Approve the account, but ban it */
             case 3:
                 $member['member_banned'] = 1;
                 $member['bw_is_spammer'] = 1;
                 $this->settings['reg_auth_type'] = '';
                 break;
                 /* Deny registration */
             /* Deny registration */
             case 4:
                 $this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200);
                 break;
         }
     }
     //-----------------------------------------
     // Create the account
     //-----------------------------------------
     $member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE);
     //-----------------------------------------
     // Login handler create account callback
     //-----------------------------------------
     $this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name']));
     //-----------------------------------------
     // We'll just ignore if this fails - it shouldn't hold up IPB anyways
     //-----------------------------------------
     /*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
     		{
     			$this->registry->output->showError( 'han_login_create_failed', 2017, true );
     		}*/
     //-----------------------------------------
     // Validation
     //-----------------------------------------
     $validate_key = md5(IPSMember::makePassword() . time());
     $time = time();
     if ($coppa != 1) {
         if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
             //-----------------------------------------
             // We want to validate all reg's via email,
             // after email verificiation has taken place,
             // we restore their previous group and remove the validate_key
             //-----------------------------------------
             $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag));
             if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
                 /* Send out the email. */
                 $message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global&section=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global&section=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key);
                 IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id));
                 IPSText::getTextClass('email')->buildPlainTextContent($message);
                 IPSText::getTextClass('email')->buildHtmlContent($message);
                 IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
                 IPSText::getTextClass('email')->to = $member['email'];
                 IPSText::getTextClass('email')->sendMail();
                 $this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
             } else {
                 if ($this->settings['reg_auth_type'] == 'admin') {
                     $this->output = $this->registry->output->getTemplate('register')->showPreview($member);
                 }
             }
             /* Only send new registration email if the member wasn't banned */
             if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
                 $date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
                 IPSText::getTextClass('email')->getTemplate('admin_newuser');
                 IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
                 IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
                 IPSText::getTextClass('email')->to = $this->settings['email_in'];
                 IPSText::getTextClass('email')->sendMail();
             }
             $this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']);
             $this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
         } else {
             /* We don't want to preview, or get them to validate via email. */
             $stat_cache = $this->cache->getCache('stats');
             if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) {
                 $stat_cache['last_mem_name'] = $member['members_display_name'];
                 $stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']);
                 $stat_cache['last_mem_id'] = $member['member_id'];
             }
             $stat_cache['mem_count'] += 1;
             $this->cache->setCache('stats', $stat_cache, array('array' => 1));
             /* Only send new registration email if the member wasn't banned */
             if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
                 $date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
                 IPSText::getTextClass('email')->getTemplate('admin_newuser');
                 IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
                 IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
                 IPSText::getTextClass('email')->to = $this->settings['email_in'];
                 IPSText::getTextClass('email')->sendMail();
             }
             IPSCookie::set('pass_hash', $member['member_login_key'], 1);
             IPSCookie::set('member_id', $member['member_id'], 1);
             //-----------------------------------------
             // Fix up session
             //-----------------------------------------
             $privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0;
             # Update value for onCompleteAccount call
             $member['login_anonymous'] = $privacy . '&1';
             $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
             IPSLib::runMemberSync('onCompleteAccount', $member);
             $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global&section=login&do=autologin&fromreg=1');
         }
     } else {
         /* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
         $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
         $this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&amp;module=global&amp;section=register&amp;do=12');
     }
 }
 /**
  * Create new member
  * Very basic functionality at this point.
  *
  * @param	array 	Fields to save in the following format: array( 'members'      => array( 'email'     => '*****@*****.**',
  *																				         'joined'   => time() ),
  *															   'extendedProfile' => array( 'signature' => 'My signature' ) );
  *					Tables: members, pfields_content, profile_portal.
  *					You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]'
  * @param	bool	Flag to attempt to auto create a name if the desired is taken
  * @param	bool	Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet)
  * @param	bool	Whether or not to recache the stats so as to update the board's last member data
  * @return	array 	Final member Data including member_id
  *
  * EXCEPTION CODES
  * CUSTOM_FIELDS_EMPTY    - Custom fields were not populated
  * CUSTOM_FIELDS_INVALID  - Custom fields were invalid
  * CUSTOM_FIELDS_TOOBIG   - Custom fields too big
  */
 public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE, $doStatsRecache = TRUE)
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $finalTables = array();
     $password = '';
     $plainPassword = '';
     $bitWiseFields = ipsRegistry::fetchBitWiseOptions('global');
     $md_5_password = '';
     //-----------------------------------------
     // Remap tables if required
     //-----------------------------------------
     foreach ($tables as $table => $data) {
         $_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table;
         if ($_name == 'members') {
             /* Magic password field */
             if (!empty($data['md5_hash_password'])) {
                 $md_5_password = trim($data['md5_hash_password']);
                 $plainPassword = null;
                 unset($data['md5_hash_password']);
             } else {
                 $password = isset($data['password']) ? trim($data['password']) : self::makePassword();
                 $plainPassword = $password;
                 $md_5_password = md5($password);
                 unset($data['password']);
             }
         }
         $finalTables[$_name] = $data;
     }
     //-----------------------------------------
     // Custom profile field stuff
     //-----------------------------------------
     if (!$bypassCfields) {
         $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
         $fields = new $classToLoad();
         if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) {
             $fields->member_data = $finalTables['pfields_content'];
         }
         $fields->initData('edit');
         $fields->parseToSave($finalTables['pfields_content'], 'register');
         /* Check */
         /*if( count( $fields->error_fields['empty'] ) )
         		{
         			throw new Exception( 'CUSTOM_FIELDS_EMPTY' );
         		}
         		
         		if( count( $fields->error_fields['invalid'] ) )
         		{
         			throw new Exception( 'CUSTOM_FIELDS_INVALID' );
         		}
         		
         		if( count( $fields->error_fields['toobig'] ) )
         		{
         			throw new Exception( 'CUSTOM_FIELDS_TOOBIG' );
         		}*/
     }
     //-----------------------------------------
     // Make sure the account doesn't exist
     //-----------------------------------------
     if ($finalTables['members']['email']) {
         if (IPSText::mbstrlen($finalTables['members']['email']) > 150 or strstr($finalTables['members']['email'], ' ')) {
             /* Allow it to be auto created */
             $finalTables['members']['email'] = false;
         } else {
             $existing = IPSMember::load($finalTables['members']['email'], 'all');
             if ($existing['member_id']) {
                 $existing['full'] = true;
                 $existing['timenow'] = time();
                 return $existing;
             }
         }
     }
     //-----------------------------------------
     // Fix up usernames and display names
     //-----------------------------------------
     /* Ensure we have a display name */
     if ($autoCreateName and $finalTables['members']['members_display_name'] !== FALSE) {
         $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name'];
     }
     //-----------------------------------------
     // Remove some basic HTML tags
     //-----------------------------------------
     if ($finalTables['members']['members_display_name']) {
         if (IPSText::mbstrlen($finalTables['members']['members_display_name']) > 255) {
             $finalTables['members']['members_display_name'] = false;
         }
         $finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']);
     }
     if ($finalTables['members']['name']) {
         if (IPSText::mbstrlen($finalTables['members']['name']) > 255) {
             $finalTables['members']['name'] = false;
         }
         $finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']);
     }
     //-----------------------------------------
     // Make sure the names are unique
     //-----------------------------------------
     /* Can specify display name of FALSE to force no entry to force partial member */
     if ($finalTables['members']['members_display_name'] !== FALSE) {
         try {
             if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) {
                 if ($autoCreateName === TRUE) {
                     /* Now, make sure we have a unique display name */
                     $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'"));
                     if ($max['max']) {
                         $_num = $max['max'] + 1;
                         $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num;
                     }
                 } else {
                     $finalTables['members']['members_display_name'] = '';
                 }
             }
         } catch (Exception $e) {
         }
     }
     if ($finalTables['members']['name']) {
         try {
             if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) {
                 if ($autoCreateName === TRUE) {
                     /* Now, make sure we have a unique username */
                     $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['name'])) . "%'"));
                     if ($max['max']) {
                         $_num = $max['max'] + 1;
                         $finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num;
                     }
                 } else {
                     $finalTables['members']['name'] = '';
                 }
             }
         } catch (Exception $e) {
         }
     }
     //-----------------------------------------
     // Clean up characters
     //-----------------------------------------
     if ($finalTables['members']['name']) {
         $userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name');
         if ($userName['errors']) {
             $finalTables['members']['name'] = $finalTables['members']['email'];
         } else {
             $finalTables['members']['name'] = $userName['username'];
         }
     }
     if ($finalTables['members']['members_display_name']) {
         $displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']);
         if ($displayName['errors']) {
             $finalTables['members']['members_display_name'] = '';
         } else {
             $finalTables['members']['members_display_name'] = $displayName['members_display_name'];
         }
     }
     //-----------------------------------------
     // Populate member table(s)
     //-----------------------------------------
     $finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : '';
     $finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time();
     $finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined'];
     $finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group'];
     $finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address;
     $finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']);
     $finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey();
     $finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
     $finalTables['members']['view_sigs'] = 1;
     $finalTables['members']['bday_day'] = intval($finalTables['members']['bday_day']);
     $finalTables['members']['bday_month'] = intval($finalTables['members']['bday_month']);
     $finalTables['members']['bday_year'] = intval($finalTables['members']['bday_year']);
     $finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']);
     $finalTables['members']['auto_track'] = $finalTables['members']['auto_track'] ? $finalTables['members']['auto_track'] : ipsRegistry::$settings['auto_track_method'];
     $finalTables['members']['msg_count_total'] = 0;
     $finalTables['members']['msg_count_new'] = 0;
     $finalTables['members']['msg_show_notification'] = 1;
     $finalTables['members']['coppa_user'] = 0;
     $finalTables['members']['auto_track'] = substr($finalTables['members']['auto_track'], 0, 50);
     $finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time();
     $finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time();
     $finalTables['members']['language'] = $finalTables['members']['language'] ? $finalTables['members']['language'] : IPSLib::getDefaultLanguage();
     $finalTables['members']['member_uploader'] = ipsRegistry::$settings['uploadFormType'] ? 'flash' : 'default';
     $finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5);
     $finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password);
     $finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : '';
     $finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : '';
     $finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0;
     $finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : '';
     $finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']);
     $finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']);
     //-----------------------------------------
     // Insert: MEMBERS
     //-----------------------------------------
     ipsRegistry::DB()->setDataType(array('name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'email'), 'string');
     /* Bitwise options */
     if (is_array($bitWiseFields['members'])) {
         $_freeze = array();
         foreach ($bitWiseFields['members'] as $field) {
             if (isset($finalTables['members'][$field])) {
                 /* Add to freezeable array */
                 $_freeze[$field] = $finalTables['members'][$field];
                 /* Remove it from the fields to save to DB */
                 unset($finalTables['members'][$field]);
             }
         }
         if (count($_freeze)) {
             $finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global');
         }
     }
     ipsRegistry::DB()->insert('members', $finalTables['members']);
     //-----------------------------------------
     // Get the member id
     //-----------------------------------------
     $finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId();
     //-----------------------------------------
     // Insert: PROFILE PORTAL
     //-----------------------------------------
     $finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id'];
     $finalTables['profile_portal']['pp_setting_count_friends'] = 1;
     $finalTables['profile_portal']['pp_setting_count_comments'] = 1;
     $finalTables['profile_portal']['pp_setting_count_visitors'] = 1;
     $finalTables['profile_portal']['pp_customization'] = serialize(array());
     foreach (array('pp_last_visitors', 'pp_about_me', 'signature', 'fb_photo', 'fb_photo_thumb', 'pconversation_filters') as $f) {
         $finalTables['profile_portal'][$f] = $finalTables['profile_portal'][$f] ? $finalTables['profile_portal'][$f] : '';
     }
     ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']);
     //-----------------------------------------
     // Insert into the custom profile fields DB
     //-----------------------------------------
     if (!$bypassCfields) {
         /* Check the website url field */
         $website_field = $fields->getFieldIDByKey('website');
         if ($website_field && $fields->out_fields['field_' . $website_field]) {
             if (stristr($fields->out_fields['field_' . $website_field], 'http://') === FALSE && stristr($fields->out_fields['field_' . $website_field], 'https://') === FALSE) {
                 $fields->out_fields['field_' . $website_field] = 'http://' . $fields->out_fields['field_' . $website_field];
             }
         }
         $fields->out_fields['member_id'] = $finalTables['members']['member_id'];
         ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
         ipsRegistry::DB()->insert('pfields_content', $fields->out_fields);
     } else {
         ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
         ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id']));
     }
     //-----------------------------------------
     // Insert into partial ID table
     //-----------------------------------------
     $full_account = false;
     if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) {
         $full_account = true;
     }
     if (!$full_account) {
         ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1));
     }
     /* Add plain password and run sync */
     $finalTables['members']['plainPassword'] = $plainPassword;
     IPSLib::runMemberSync('onCreateAccount', $finalTables['members']);
     /* Remove plain password */
     unset($finalTables['members']['plainPassword']);
     //-----------------------------------------
     // Recache our stats (Ticket 627608)
     //-----------------------------------------
     if ($doStatsRecache == TRUE) {
         ipsRegistry::cache()->rebuildCache('stats', 'global');
     }
     return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account));
 }
Beispiel #18
0
 /**
  * Check the name or display name
  *
  * @return	@e void		[Outputs to screen]
  */
 public function checkDisplayName($field = 'members_display_name')
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $this->registry->class_localization->loadLanguageFile(array('public_register'));
     $name = '';
     $member = array();
     if (is_string($_POST['name'])) {
         $name = trim(rawurldecode($_POST['name']));
         $name = IPSText::mbstrtolower($name);
     }
     if (!$name) {
         $this->returnString(sprintf(ipsRegistry::getClass('class_localization')->words['reg_error_no_name'], ipsRegistry::$settings['max_user_name_length']));
     }
     /* Bug where Twitter sets a username but you can't use it when you try and sign up with a new account using username as display name */
     if (!$this->memberData['member_id'] and $this->request['mpid']) {
         $reg = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . intval($this->request['mpid'])));
         if ($reg['partial_member_id']) {
             $member = IPSMember::load($reg['partial_member_id'], 'all');
         }
     }
     /* Check the username */
     $user_check = IPSMember::getFunction()->cleanAndCheckName($name, $member, $field);
     $errorField = $field == 'members_display_name' ? 'dname' : 'username';
     $nameField = $field == 'members_display_name' ? 'members_display_name' : 'username';
     if (is_array($user_check['errors'][$errorField]) && count($user_check['errors'][$errorField])) {
         $this->returnString(ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField][0]] ? ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField][0]] : $user_check['errors'][$errorField][0]);
         return;
     } else {
         if ($user_check['errors'][$errorField]) {
             $this->returnString(ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField]] ? ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField]] : $user_check['errors'][$errorField]);
         } else {
             $this->returnString('notfound');
         }
     }
 }
Beispiel #19
0
 /**
  * Add a member [process]
  *
  * @return	@e void
  */
 protected function _memberDoAdd()
 {
     /* Init vars */
     $in_username = trim($this->request['name']);
     $in_password = trim($this->request['password']);
     $in_email = trim(strtolower($this->request['email']));
     $members_display_name = $this->request['mirror_loginname'] ? $in_username : trim($this->request['members_display_name']);
     $this->registry->output->global_error = '';
     $this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
     /* Check erros */
     foreach (array('name', 'password', 'email', 'member_group_id') as $field) {
         if (!$_POST[$field]) {
             $this->registry->output->showError($this->lang->words['m_completeform'], 11238);
         }
     }
     //-----------------------------------------
     // Check
     //-----------------------------------------
     if (!IPSText::checkEmailAddress($in_email)) {
         $this->registry->output->global_error = $this->lang->words['m_emailinv'];
     }
     $userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name');
     $displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name');
     if (count($userName['errors'])) {
         $_message = $this->lang->words[$userName['errors']['username']] ? $this->lang->words[$userName['errors']['username']] : $userName['errors']['username'];
         $this->registry->output->global_error .= '<p>' . $this->lang->words['sm_loginname'] . ': ' . $_message . '</p>';
     }
     if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) {
         $_message = $this->lang->words[$displayName['errors']['dname']] ? $this->lang->words[$displayName['errors']['dname']] : $displayName['errors']['dname'];
         $this->registry->output->global_error .= '<p>' . $this->lang->words['sm_display'] . ': ' . $_message . '</p>';
     }
     /* Errors? */
     if ($this->registry->output->global_error) {
         $this->_memberAddForm();
         return;
     }
     //-----------------------------------------
     // Load handler...
     //-----------------------------------------
     $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
     $this->han_login = new $classToLoad($this->registry);
     $this->han_login->init();
     //-----------------------------------------
     // Only check local, else a user being in Converge
     // means that you can't manually add the user to the board
     //-----------------------------------------
     $email_check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . $in_email . "'"));
     if ($email_check['member_id']) {
         $this->registry->output->global_error = $this->lang->words['m_emailalready'];
         $this->_memberAddForm();
         return;
     }
     //$this->han_login->emailExistsCheck( $in_email );
     //if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'EMAIL_NOT_IN_USE' )
     //{
     //	$this->registry->output->global_message = $this->lang->words['m_emailalready'];
     //	$this->_memberAddForm();
     //	return;
     //}
     //-----------------------------------------
     // Allowed to add administrators?
     //-----------------------------------------
     if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) {
         $this->registry->output->global_error = $this->lang->words['m_addadmin'];
         $this->_memberAddForm();
         return;
     }
     $member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password, 'language' => IPSLib::getDefaultLanguage());
     //-----------------------------------------
     // Create the account
     //-----------------------------------------
     $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request), FALSE, FALSE, FALSE);
     //-----------------------------------------
     // Login handler create account callback
     //-----------------------------------------
     $this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name']));
     /*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
     		{
     			$this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details;
     			$this->_memberAddForm();
     			return;
     		}*/
     //-----------------------------------------
     // Restriction permissions stuff
     //-----------------------------------------
     if ($this->memberData['row_perm_cache']) {
         if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) {
             //-----------------------------------------
             // Copy restrictions...
             //-----------------------------------------
             $this->DB->insert('admin_permission_rows', array('row_member_id' => $member['member_id'], 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time()));
         }
     }
     //-----------------------------------------
     // Send teh email (I love 'teh' as much as !!11!!1)
     //-----------------------------------------
     if ($this->request['sendemail']) {
         IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("account_created"));
         IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password));
         IPSText::getTextClass('email')->to = $member['email'];
         IPSText::getTextClass('email')->sendMail();
     }
     //-----------------------------------------
     // Stats
     //-----------------------------------------
     $this->cache->rebuildCache('stats', 'global');
     $this->cache->rebuildCache('birthdays', 'calendar');
     //-----------------------------------------
     // Log and bog?
     //-----------------------------------------
     ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name']));
     $this->registry->output->global_message = $this->lang->words['m_memadded'];
     $this->request['member_id'] = $member['member_id'];
     $this->_showAdminForm($member, array());
     $this->_memberView();
 }
 /**
  * Authenticate the request
  *
  * @access	public
  * @param	string		Username
  * @param	string		Email Address
  * @param	string		Password
  * @return	boolean		Authentication successful
  */
 public function authenticate($username, $email_address, $password)
 {
     //-----------------------------------------
     // Check admin authentication request
     //-----------------------------------------
     if ($this->is_admin_auth) {
         $this->adminAuthLocal($username, $email_address, $password);
         if ($this->return_code == 'SUCCESS') {
             return true;
         }
     }
     //-----------------------------------------
     // Set some OpenID stuff
     //-----------------------------------------
     $this->auth_errors = array();
     $pape_policy_uris = array(PAPE_AUTH_MULTI_FACTOR_PHYSICAL, PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT);
     session_start();
     //-----------------------------------------
     // OK?
     //-----------------------------------------
     if (!$this->request['firstpass']) {
         $this->_doFirstPass();
     } else {
         $this->_checkFirstPass();
     }
     if (count($this->auth_errors)) {
         $this->return_code = $this->return_code ? $this->return_code : 'NO_USER';
         return false;
     }
     if (!$this->data_store['email']) {
         $this->return_code = 'NO_USER';
         return false;
     }
     $this->_loadMember($this->data_store['fullurl'], $this->data_store['email']);
     if ($this->member_data['member_id']) {
         $this->return_code = 'SUCCESS';
         if (strtolower(trim($this->data_store['email'])) != strtolower($this->member_data['email'])) {
             $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . strtolower(trim($this->data_store['email'])) . "'"));
             if ($check['member_id']) {
                 $this->data_store['email'] = $this->member_data['email'];
             }
         }
         //-----------------------------------------
         // Set Birthday fields if available
         //-----------------------------------------
         $dob = trim($this->data_store['dob']);
         $bday_day = 0;
         $bday_mon = 0;
         $bday_year = 0;
         if ($dob) {
             list($bday_year, $bday_mon, $bday_day) = explode('-', $dob);
         }
         $core = array('email' => trim($this->data_store['email']), 'bday_year' => $bday_year, 'bday_month' => $bday_mon, 'bday_day' => $bday_day, 'identity_url' => $this->data_store['fullurl']);
         //-----------------------------------------
         // Update the display name and name, if not taken
         //-----------------------------------------
         try {
             if (IPSMember::getFunction()->checkNameExists($this->data_store['nickname'], $this->member_data) === false) {
                 $core['members_display_name'] = trim($this->data_store['nickname']);
                 $core['members_l_display_name'] = strtolower(trim($this->data_store['nickname']));
                 //-----------------------------------------
                 // If our display name is changing, store record
                 //-----------------------------------------
                 if ($core['members_display_name'] != $this->member_data['members_display_name']) {
                     $this->DB->insert('dnames_change', array('dname_member_id' => $this->member_data['member_id'], 'dname_date' => time(), 'dname_ip_address' => $this->member->ip_address, 'dname_previous' => $this->member_data['members_display_name'], 'dname_current' => $core['members_display_name']));
                 }
                 $this->member_data['members_display_name'] = trim($this->data_store['nickname']);
                 $this->member_data['members_l_display_name'] = strtolower(trim($this->data_store['nickname']));
             }
         } catch (Exception $e) {
         }
         try {
             if (IPSMember::getFunction()->checkNameExists($this->data_store['nickname'], $this->member_data, 'name') === false) {
                 $core['name'] = trim($this->data_store['nickname']);
                 $core['members_l_username'] = strtolower(trim($this->data_store['nickname']));
                 $this->member_data['name'] = trim($this->data_store['nickname']);
                 $this->member_data['members_l_username'] = strtolower(trim($this->data_store['nickname']));
             }
         } catch (Exception $e) {
         }
         IPSMember::save($this->member_data['email'], array('core' => $core));
         $this->member_data['identity_url'] = $this->data_store['fullurl'];
         $this->member_data['email'] = trim($this->data_store['email']);
         $this->member_data['bday_year'] = $bday_year;
         $this->member_data['bday_month'] = $bday_month;
         $this->member_data['bday_day'] = $bday_day;
     } else {
         //-----------------------------------------
         // Set main fields
         //-----------------------------------------
         $email = trim($this->data_store['email']);
         $name = trim($this->data_store['nickname']);
         $dob = trim($this->data_store['dob']);
         $timenow = time();
         //-----------------------------------------
         // Set Birthday fields if available
         //-----------------------------------------
         $bday_day = 0;
         $bday_mon = 0;
         $bday_year = 0;
         if ($dob) {
             list($bday_year, $bday_mon, $bday_day) = explode('-', $dob);
         }
         if (strtolower(trim($this->data_store['email'])) != strtolower($this->member_data['email'])) {
             $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . strtolower(trim($this->data_store['email'])) . "'"));
             if ($check['member_id']) {
                 $email = '';
             }
         }
         if (strtolower(trim($this->data_store['nickname'])) != $this->member_data['members_l_username']) {
             $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "members_l_username='******'nickname'])) . "'"));
             if ($check['member_id']) {
                 $name = '';
             }
         }
         $this->member_data = $this->createLocalMember(array('members' => array('email' => $email, 'name' => $name, 'members_l_username' => strtolower($name), 'members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'joined' => time(), 'bday_day' => $bday_day, 'bday_month' => $bday_mon, 'bday_year' => $bday_year, 'members_created_remote' => 1, 'identity_url' => $this->data_store['fullurl']), 'profile_portal' => array()));
         $this->return_code = 'SUCCESS';
     }
     if ($this->data_store['referrer']) {
         $this->request['referer'] = $this->data_store['referrer'];
     }
     if ($this->data_store['cookiedate']) {
         $this->request['rememberMe'] = $this->data_store['cookiedate'];
     }
     if ($this->data_store['privacy']) {
         $this->request['anonymous'] = $this->data_store['privacy'];
     }
     return $this->return_code;
 }
 /**
  * Save the member updates
  *
  * @access	private
  * @return	void		Outputs error screen
  * @todo 	[Future] Determine what items should be editable and allow moderators to edit them
  */
 private function _doEditMember()
 {
     $member = $this->_checkAndGetMember();
     /* Get the signature */
     $signature = IPSText::getTextClass('editor')->processRawPost('Post');
     $aboutme = IPSText::getTextClass('editor')->processRawPost('aboutme');
     /* Parse the signature */
     IPSText::getTextClass('bbcode')->parse_smilies = 0;
     IPSText::getTextClass('bbcode')->parse_html = intval($this->settings['sig_allow_html']);
     IPSText::getTextClass('bbcode')->parse_bbcode = intval($this->settings['sig_allow_ibc']);
     IPSText::getTextClass('bbcode')->parsing_section = 'signatures';
     IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id'];
     IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others'];
     $signature = IPSText::getTextClass('bbcode')->preDbParse($signature);
     /* Parse the about me */
     IPSText::getTextClass('bbcode')->parse_smilies = $this->settings['aboutme_emoticons'];
     IPSText::getTextClass('bbcode')->parse_html = intval($this->settings['aboutme_html']);
     IPSText::getTextClass('bbcode')->parse_bbcode = intval($this->settings['aboutme_bbcode']);
     IPSText::getTextClass('bbcode')->parsing_section = 'aboutme';
     IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id'];
     IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others'];
     $aboutme = IPSText::getTextClass('bbcode')->preDbParse($aboutme);
     /* Add sig to the save array */
     $save['extendedProfile'] = array('signature' => $signature, 'pp_status' => trim($this->request['status']), 'pp_about_me' => $aboutme);
     $save['members'] = array('title' => $this->request['title']);
     if ($this->request['avatar'] == 1) {
         $save['extendedProfile']['avatar_location'] = "";
         $save['extendedProfile']['avatar_size'] = "";
         try {
             IPSMember::getFunction()->removeAvatar($member['member_id']);
         } catch (Exception $e) {
             // Maybe should show an error or something
         }
     }
     if ($this->request['photo'] == 1) {
         IPSMember::getFunction()->removeUploadedPhotos($member['member_id']);
         $save['extendedProfile'] = array_merge($save['extendedProfile'], array('pp_main_photo' => '', 'pp_main_width' => '', 'pp_main_height' => '', 'pp_thumb_photo' => '', 'pp_thumb_width' => '', 'pp_thumb_height' => ''));
     }
     //-----------------------------------------
     // Profile fields
     //-----------------------------------------
     require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
     $fields = new customProfileFields();
     $fields->member_data = $member;
     $fields->initData('edit');
     $fields->parseToSave($_POST);
     if (count($fields->out_fields)) {
         $save['customFields'] = $fields->out_fields;
     }
     //-----------------------------------------
     // Write it to the DB.
     //-----------------------------------------
     IPSMember::save($member['member_id'], $save);
     //-----------------------------------------
     // Update signature content cache
     //-----------------------------------------
     IPSContentCache::update($member['member_id'], 'sig', $save['extendedProfile']['signature']);
     //-----------------------------------------
     // Add a mod log entry and redirect
     //-----------------------------------------
     $this->_addModeratorLog($this->lang->words['acp_edited_profile'] . " {$member['members_display_name']}");
     $this->registry->output->redirectScreen($this->lang->words['acp_edited_profile'] . " {$member['members_display_name']}", $this->settings['base_url'] . "app=forums&amp;module=moderate&amp;section=moderate&do=editmember&auth_key={$this->member->form_hash}&mid={$member['member_id']}");
 }