Ejemplo n.º 1
0
     print_stop_message2('invalid_user_specified');
 }
 if ($vbulletin->GPC['useprofilepic']) {
     $vbulletin->input->clean_gpc('f', 'upload', vB_Cleaner::TYPE_FILE);
     require_once DIR . '/includes/class_upload.php';
     $upload = new vB_Upload_Userpic($vbulletin);
     $upload->data = new vB_Datamanager_Userpic_Profilepic($vbulletin, vB_DataManager_Constants::ERRTYPE_CP, 'userpic');
     $upload->image =& vB_Image::instance();
     $upload->userinfo =& $userinfo;
     cache_permissions($userinfo, false);
     // user's group doesn't have permission to use custom avatars so set override
     if (!($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'])) {
         // init user datamanager
         $userdata = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
         $userdata->set_existing($userinfo);
         $userdata->set_bitfield('adminoptions', 'adminprofilepic', 1);
         $userdata->save();
         unset($userdata);
     }
     if ($vbulletin->GPC['resize']) {
         if ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic']) {
             $upload->maxwidth = $userinfo['permissions']['profilepicmaxwidth'];
             $upload->maxheight = $userinfo['permissions']['profilepicmaxheight'];
             #$upload->maxuploadsize = $userinfo['permissions']['profilepicmaxsize'];
             #$upload->allowanimation = ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cananimateprofilepic']) ? true : false;
         }
     }
     if (!$upload->process_upload($vbulletin->GPC['profilepicurl'])) {
         print_stop_message2(array('there_were_errors_encountered_with_your_upload_x', $upload->fetch_error()));
     }
 } else {
Ejemplo n.º 2
0
 /**
  * Update avatar
  *
  * @param integer $userid User ID whose avatar is going to be updated
  * @param integer $avatarid Predefined avatar ID. -1 means to remove avatar
  *				from the user. 0 means use custom avatar defined in $avatardata
  * @param array $data Avatar data. It should be an array contains
  *			  the following items: 'filename', 'width', 'height', 'filedata', 'location'
  */
 public function updateAvatar($userid, $avatarid, $data = array(), $cropped = false)
 {
     $userContext = vB::getUserContext();
     $currentUserId = $userContext->fetchUserId();
     $userid = intval($userid);
     if ($userid <= 0 and $currentUserId) {
         $userid = $currentUserId;
     }
     // Check if current user canadminusers
     try {
         $this->checkHasAdminPermission('canadminusers');
     } catch (Exception $e) {
         // No. Then we need to do something here.
         if ($currentUserId != $userid) {
             // If current user isn't the same as passed $userid
             throw new vB_Exception_Api('no_permission');
         }
     }
     $useavatar = $avatarid == -1 ? 0 : 1;
     $bf_ugp_genericpermissions = vB::getDatastore()->getValue('bf_ugp_genericpermissions');
     $userinfo = vB_User::fetchUserInfo(intval($userid));
     if (!$userinfo) {
         throw new vB_Exception_Api('invalid_user_specified');
     }
     // init user datamanager
     $userdata = new vB_Datamanager_User(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
     $userdata->set_existing($userinfo);
     if ($useavatar) {
         if (!$avatarid) {
             $userpic = new vB_DataManager_Userpic(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
             // user's group doesn't have permission to use custom avatars so set override
             if (!$this->userContext->hasPermission('genericpermissions', 'canuseavatar')) {
                 // init user datamanager
                 $userdata->set_bitfield('adminoptions', 'adminavatar', 1);
             }
             $userpic->set('userid', $userinfo['userid']);
             $userpic->set('dateline', vB::getRequest()->getTimeNow());
             $userpic->set('width', $data['width']);
             $userpic->set('height', $data['height']);
             if (empty($data['extension'])) {
                 $filebits = explode('.', $data['filename']);
                 $data['extension'] = end($filebits);
             }
             $userpic->set('extension', $data['extension']);
             if (vB::getDatastore()->getOption('usefileavatar')) {
                 $avatarpath = vB::getDatastore()->getOption('avatarpath');
                 $prev_dir = getcwd();
                 chdir(DIR);
                 $oldavatarfilename = "avatar{$userid}_{$userinfo['avatarrevision']}.{$data['extension']}";
                 $avatarrevision = $userinfo['avatarrevision'] + 1;
                 $avatarfilename = "avatar{$userid}_{$avatarrevision}.{$data['extension']}";
                 @unlink($avatarpath . '/' . $oldavatarfilename);
                 @unlink($avatarpath . '/thumbs/' . $oldavatarfilename);
                 $avatarres = @fopen("{$avatarpath}/{$avatarfilename}", 'wb');
                 $userpic->set('filename', $avatarfilename);
                 fwrite($avatarres, $data['filedata']);
                 @fclose($avatarres);
                 if (!empty($data['filedata_thumb'])) {
                     $thumbres = @fopen("{$avatarpath}/thumbs/{$avatarfilename}", 'wb');
                     fwrite($thumbres, $data['filedata_thumb']);
                     @fclose($thumbres);
                     $userpic->set('width_thumb', $data['width_thumb']);
                     $userpic->set('height_thumb', $data['height_thumb']);
                 }
                 chdir($prev_dir);
                 $userpic->set('filesize', $data['filesize']);
                 $userdata->set('avatarrevision', $userinfo['avatarrevision'] + 1);
             } else {
                 $avatarfilename = "avatar{$userid}_{$userinfo['avatarrevision']}.{$data['extension']}";
                 $userpic->setr('filedata', $data['filedata']);
                 $userpic->set('filename', $avatarfilename);
                 $imageHandler = vB_Image::instance();
                 if (!$cropped) {
                     $thumb = $imageHandler->fetchThumbNail($data['name'], $data['location']);
                 }
                 if (!$cropped) {
                     $userpic->set('filedata_thumb', $thumb['filedata']);
                     $userpic->set('width_thumb', $thumb['width']);
                     $userpic->set('height_thumb', $thumb['height']);
                 } else {
                     $userpic->set('filedata_thumb', $data['filedata_thumb']);
                     $userpic->set('width_thumb', $data['width_thumb']);
                     $userpic->set('height_thumb', $data['height_thumb']);
                 }
             }
             $userpic->save();
         } else {
             // predefined avatar
             $userpic = new vB_DataManager_Userpic_Avatar(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
             $userpic->condition = array('userid' => $userinfo['userid']);
             $userpic->delete();
             if ($userpic->has_errors(false)) {
                 throw $userpic->get_exception();
             }
         }
     } else {
         // not using an avatar
         $avatarid = 0;
         $userpic = new vB_DataManager_Userpic_Avatar(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
         $userpic->condition = array('userid' => $userinfo['userid']);
         $userpic->delete();
         if ($userpic->has_errors(false)) {
             throw $userpic->get_exception();
         }
     }
     $userdata->set('avatarid', $avatarid);
     if (!$userdata->save()) {
         throw $userpic->get_exception();
     }
     unset($this->avatarsCache['avatar'][$userid]);
     unset($this->avatarsCache['thumb'][$userid]);
     return true;
 }
Ejemplo n.º 3
0
 $userdata->set_existing($userinfo);
 if ($useavatar) {
     if (!$vbulletin->GPC['avatarid']) {
         // custom avatar
         $vbulletin->input->clean_gpc('f', 'upload', vB_Cleaner::TYPE_FILE);
         require_once DIR . '/includes/class_upload.php';
         $upload = new vB_Upload_Userpic($vbulletin);
         $upload->data = new vB_DataManager_Userpic_Avatar($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
         $object =& vB_DataManager_Userpic::fetch_library($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
         $upload->data->validfields = array_merge($object->validfields, $upload->data->validfields);
         $upload->image =& vB_Image::instance();
         $upload->userinfo =& $userinfo;
         cache_permissions($userinfo, false);
         // user's group doesn't have permission to use custom avatars so set override
         if (!($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar'])) {
             $userdata->set_bitfield('adminoptions', 'adminavatar', 1);
         }
         if (($userinfo['permissions']['avatarmaxwidth'] > 0 or $userinfo['permissions']['avatarmaxheight'] > 0) and ($vbulletin->GPC['resize'] or !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']))) {
             $upload->maxwidth = $userinfo['permissions']['avatarmaxwidth'];
             $upload->maxheight = $userinfo['permissions']['avatarmaxheight'];
         }
         if (!$upload->process_upload($vbulletin->GPC['avatarurl'])) {
             print_modcp_stop_message2(array('there_were_errors_encountered_with_your_upload_x', $upload->fetch_error()));
         }
     } else {
         // predefined avatar
         $userpic = new vB_DataManager_Userpic_Avatar($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
         $userpic->condition = "userid = " . $userinfo['userid'];
         $userpic->delete();
     }
 } else {
Ejemplo n.º 4
0
            } else {
                if ($oldcache["{$userid}"]["{$nodeid}"] != '-1' and $val == '-1') {
                    vB::getDbAssertor()->delete('access', array('nodeid' => $nodeid, 'userid' => $userid));
                } else {
                    vB::getDbAssertor()->update('access', array(accessmask => $val), array('nodeid' => $nodeid, 'userid' => $userid));
                }
            }
        }
        $userinfo = array('userid' => $userid, 'masks' => 0);
        $query = vB::getDbAssertor()->assertQuery('fetchAccessMaskForUser', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'userid' => $userid));
        if ($query and $query->valid()) {
            $userinfo = $query->current();
        }
        $userdm = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
        $userdm->set_existing($userinfo);
        $userdm->set_bitfield('options', 'hasaccessmask', $userinfo['masks'] ? true : false);
        $userdm->save();
        unset($userdm);
    }
    /** @todo update this when subscriptions are implemented */
    //	if (!empty($userlist))
    //	{
    //		require_once(DIR . '/includes/functions_databuild.php');
    //		update_subscriptions($userlist);
    //	}
    print_stop_message2('saved_user_channel_access_successfully', 'accessmask', array('do' => 'modify'));
}
// ###################### Start reset all access masks for forum #######################
if ($_REQUEST['do'] == 'resetchannel') {
    $vbulletin->input->clean_array_gpc('r', array('nodeid' => vB_Cleaner::TYPE_INT));
    verify_cp_sessionhash();
 /**
  * Removes user subscription
  *
  * @param	int		The id of the subscription
  * @param	int		The userid the subscription is to be removed from
  * @param int		The id of the sub-subscriptionid
  * @param bool		Update user.adminoptions from subscription.adminoption (keep avatars)
  *
  */
 function delete_user_subscription($subscriptionid, $userid, $subid = -1, $adminoption = false)
 {
     $subscriptionid = intval($subscriptionid);
     $userid = intval($userid);
     $this->cache_user_subscriptions();
     $sub =& $this->subscriptioncache["{$subscriptionid}"];
     $user = vB::getDbAssertor()->getRow('fetchUsersSubscriptions', array('userid' => $userid, 'subscriptionid' => $subscriptionid, 'adminoption' => $adminoption));
     if ($user['userid'] and $sub['subscriptionid']) {
         $this->cache_user_subscriptions();
         $sub =& $this->subscriptioncache["{$subscriptionid}"];
         $tmp = unserialize($sub['cost']);
         if ($subid != -1 and is_array($tmp["{$subid}"])) {
             $sub = array_merge($sub, $tmp["{$subid}"]);
             $units_full = array('D' => 'day', 'W' => 'week', 'M' => 'month', 'Y' => 'year');
             switch ($sub['units']) {
                 case 'D':
                     $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'], date('Y', $user['expirydate']));
                     break;
                 case 'W':
                     $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'] * 7, date('Y', $user['expirydate']));
                     break;
                 case 'M':
                     $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']) - $sub['length'], date('j', $user['expirydate']), date('Y', $user['expirydate']));
                     break;
                 case 'Y':
                     $new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']), date('Y', $user['expirydate']) - $sub['length']);
                     break;
             }
             if ($new_expires > TIMENOW) {
                 // new expiration is still after today so just decremement and return
                 vB::getDbAssertor()->update('vBForum:subscriptionlog', array('expirydate' => $new_expires), array('subscriptionid' => $subscriptionid, 'userid' => $userid));
                 return;
             }
         }
         unset($tmp);
         $userdm = new vB_Datamanager_User($this->registry, vB_DataManager_Constants::ERRTYPE_SILENT);
         $userdm->set_existing($user);
         if ($adminoption) {
             if ($user['hascustomavatar'] and $sub['adminavatar']) {
                 $userdm->set_bitfield('adminoptions', 'adminavatar', 1);
             }
             if ($user['hasprofilepic'] and $sub['adminprofilepic']) {
                 $userdm->set_bitfield('adminoptions', 'adminprofilepic', 1);
             }
         }
         //access masks
         if (!empty($sub['forums'])) {
             if ($old_sub_masks = @unserialize($sub['forums']) and is_array($old_sub_masks)) {
                 // old format is serialized array with forumids for keys
                 $access_forums = array_keys($old_sub_masks);
             } else {
                 // new format is comma-delimited string
                 $access_forums = explode(',', $sub['forums']);
             }
             if ($access_forums) {
                 vB::getDbAssertor()->delete('access', array('nodeid' => $access_forums, 'userid' => $userid));
             }
         }
         // TODO: Restore the line when Access Masks is implemented
         //			$countaccess = vB::getDbAssertor()->getRow('masks', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_COUNT, 'userid' => $userid));
         $membergroupids = array_diff(fetch_membergroupids_array($user, false), fetch_membergroupids_array($sub, false));
         $update_userban = false;
         if ($sub['nusergroupid'] == $user['usergroupid'] and $user['usergroupid'] != $user['pusergroupid']) {
             // check if there are other active subscriptions that set the same primary usergroup
             $subids = array(0);
             foreach ($this->subscriptioncache as $subcheck) {
                 if ($subcheck['nusergroupid'] == $user['usergroupid'] and $subcheck['subscriptionid'] != $subscriptionid) {
                     $subids[] = $subcheck['subscriptionid'];
                 }
             }
             if (!empty($subids)) {
                 $activesub = vB::getDbAssertor()->getRow('vBForum:subscriptionlog', array('userid' => $userid, 'subscriptionid' => $subids), array('field' => 'expirydate', 'direction' => vB_dB_Query::SORT_DESC));
             }
             if ($activesub) {
                 // there is at least one active subscription with the same primary usergroup, so alter its resetgroup
                 vB::getDbAssertor()->update('vBForum:subscriptionlog', array('pusergroupid' => $user['pusergroupid']), array('subscriptionlogid' => $activesub['subscriptionlogid']));
                 // don't touch usertitle/displaygroup
                 $user['pusergroupid'] = $user['usergroupid'];
                 $sub['nusergroupid'] = 0;
             } else {
                 $userdm->set('usergroupid', $user['pusergroupid']);
             }
         } else {
             if ($user['isbanned'] and $user['busergroupid'] == $sub['nusergroupid']) {
                 $update_userban = true;
                 $userbansql['usergroupid'] = $user['pusergroupid'];
             }
         }
         $groups = iif(!empty($sub['membergroupids']), $sub['membergroupids'] . ',') . $sub['nusergroupid'];
         if (in_array($user['displaygroupid'], explode(',', $groups))) {
             // they're displaying as one of the usergroups in the subscription
             $user['displaygroupid'] = 0;
         } else {
             if ($user['isbanned'] and in_array($user['bandisplaygroupid'], explode(',', $groups))) {
                 $update_userban = true;
                 $userbansql['displaygroupid'] = 0;
             }
         }
         // do their old groups still allow custom titles?
         $reset_title = false;
         if ($user['customtitle'] == 2) {
             $groups = empty($membergroupids) ? array() : $membergroupids;
             $groups[] = $user['pusergroupid'];
             $bf_ugp_genericpermissions = vB::get_datastore()->get_value('bf_ugp_genericpermissions');
             $usergroup = vB::getDbAssertor()->getRow('usergroup', array(vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'usergroupid', 'value' => $groups, vB_Db_Query::OPERATOR_KEY => vB_Db_Query::OPERATOR_EQ), array('field' => 'genericpermissions', 'value' => $bf_ugp_genericpermissions['canusecustomtitle'], vB_Db_Query::OPERATOR_KEY => vB_Db_Query::OPERATOR_AND))));
             if (empty($usergroup['usergroupid'])) {
                 // no custom group any more lets set it back to the default
                 $reset_title = true;
             }
         }
         if ($sub['nusergroupid'] > 0 and $user['customtitle'] == 0 or $reset_title) {
             // they need a default title
             $usergroup = vB::getDbAssertor()->getRow('usergroup', array('usergroupid' => $user['pusergroupid']));
             if (empty($usergroup['usertitle'])) {
                 // should be a title based on minposts it seems then
                 $usergroup = vB::getDbAssertor()->getRow('usertitle', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'minposts', 'value' => $user[posts], vB_dB_Query::OPERATOR_KEY => vB_dB_Query::OPERATOR_LTE))), array('field' => 'minposts', 'direction' => vB_dB_Query::SORT_DESC));
             }
             if ($user['isbanned']) {
                 $update_userban = true;
                 $userbansql['customtitle'] = 0;
                 $userbansql['usertitle'] = $usergroup['usertitle'];
             } else {
                 $userdm->set('customtitle', 0);
                 $userdm->set('usertitle', $usergroup['usertitle']);
             }
         }
         $userdm->set('membergroupids', implode($membergroupids, ','));
         //			$userdm->set_bitfield('options', 'hasaccessmask', ($countaccess['count'] ? true : false));
         $userdm->set('displaygroupid', $user['displaygroupid']);
         $userdm->save();
         unset($userdm);
         vB::getDbAssertor()->update('vBForum:subscriptionlog', array('status' => 0), array('subscriptionid' => $subscriptionid, 'userid' => $userid));
         if ($update_userban) {
             vB::getDbAssertor()->update('userban', $userbansql, array('subscriptionid' => $subscriptionid, 'userid' => $user['userid']));
         }
         $mysubs = vB::getDbAssertor()->assertQuery('vBForum:subscriptionlog', array('status' => 1, 'userid' => $userid));
         foreach ($mysubs as $mysub) {
             $this->build_user_subscription($mysub['subscriptionid'], -1, $userid, $mysub['regdate'], $mysub['expirydate']);
         }
         // Legacy Hook 'paidsub_delete' Removed //
     }
 }
Ejemplo n.º 6
0
/**
 * (Re)Generates an Activation ID for a user
 *
 * @param	integer	User's ID
 * @param	integer	The group to move the user to when they are activated
 * @param	integer	0 for Normal Activation, 1 for Forgotten Password
 * @param	boolean	Whether this is an email change or not
 *
 * @return	string	The Activation ID
 *
 */
function build_user_activation_id($userid, $usergroupid, $type, $emailchange = 0)
{
    global $vbulletin;
    if ($usergroupid == 3 or $usergroupid == 0) {
        // stop them getting stuck in email confirmation group forever :)
        $usergroupid = 2;
    }
    vB::getDbAssertor()->assertQuery('useractivation', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'userid' => $userid, 'type' => $type));
    $activateid = fetch_random_string(40);
    /*insert query*/
    vB::getDbAssertor()->assertQuery('user_replaceuseractivation', array('userid' => $userid, 'timenow' => vB::getRequest()->getTimeNow(), 'activateid' => $activateid, 'type' => $type, 'usergroupid' => $usergroupid, 'emailchange' => intval($emailchange)));
    if ($userinfo = vB_User::fetchUserinfo($userid)) {
        $userdata = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_SILENT);
        $userdata->set_existing($userinfo);
        $userdata->set_bitfield('options', 'noactivationmails', 0);
        $userdata->save();
    }
    return $activateid;
}