/**
* Add a member.
*
* @param SHORT_TEXT The username.
* @param SHORT_TEXT The password.
* @param SHORT_TEXT The e-mail address.
* @param ?array A list of usergroups (NULL: default/current usergroups).
* @param ?integer Day of date of birth (NULL: unknown).
* @param ?integer Month of date of birth (NULL: unknown).
* @param ?integer Year of date of birth (NULL: unknown).
* @param array A map of custom field values (field-id=>value).
* @param ?ID_TEXT The member timezone (NULL: auto-detect).
* @param ?GROUP The member's primary (NULL: default).
* @param BINARY Whether the profile has been validated.
* @param ?TIME When the member joined (NULL: now).
* @param ?TIME When the member last visited (NULL: now).
* @param ID_TEXT The member's default theme.
* @param ?URLPATH The URL to the member's avatar (blank: none) (NULL: choose one automatically).
* @param LONG_TEXT The member's signature (blank: none).
* @param BINARY Whether the member is permanently banned.
* @param BINARY Whether posts are previewed before they are made.
* @param BINARY Whether the member's age may be shown.
* @param SHORT_TEXT The member's title (blank: get from primary).
* @param URLPATH The URL to the member's photo (blank: none).
* @param URLPATH The URL to the member's photo thumbnail (blank: none).
* @param BINARY Whether the member sees signatures in posts.
* @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config).
* @param ?LANGUAGE_NAME The member's language (NULL: auto detect).
* @param BINARY Whether the member allows e-mails via the site.
* @param BINARY Whether the member allows e-mails from staff via the site.
* @param LONG_TEXT Personal notes of the member.
* @param ?IP The member's IP address (NULL: IP address of current user).
* @param SHORT_TEXT The code required before the account becomes active (blank: already entered).
* @param boolean Whether to check details for correctness.
* @param ?ID_TEXT The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted).
* @param SHORT_TEXT The password salt (blank: password compatibility scheme does not use a salt / auto-generate).
* @param BINARY Whether the member likes to view zones without menus, when a choice is available.
* @param ?TIME The time the member last made a submission (NULL: set to now).
* @param ?AUTO_LINK Force an ID (NULL: don't force an ID)
* @param BINARY Whether the member username will be highlighted.
* @param SHORT_TEXT Usergroups that may PT the member.
* @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member.
* @return AUTO_LINK The ID of the new member.
*/
function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '')
{
if (is_null($auto_monitor_contrib_content)) {
$auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1;
}
if (is_null($password_compatibility_scheme)) {
if (get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
} else {
$password_compatibility_scheme = '';
}
}
if (is_null($language)) {
$language = '';
}
if (is_null($signature)) {
$signature = '';
}
if (is_null($title)) {
$title = '';
}
if (is_null($timezone)) {
$timezone = get_site_timezone();
}
if (is_null($allow_emails)) {
$allow_emails = 1;
}
if (is_null($allow_emails_from_staff)) {
$allow_emails_from_staff = 1;
}
if (is_null($personal_notes)) {
$personal_notes = '';
}
if (is_null($avatar_url)) {
if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) {
$avatar_url = '';
} else {
if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) {
require_code('themes2');
$codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']);
shuffle($codes);
$results = array();
foreach ($codes as $code) {
if (strpos($code, 'ocp_fanatic') !== false) {
continue;
}
$count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true)));
if (is_null($count)) {
$count = 0;
}
$results[$code] = $count;
}
@asort($results);
// @'d as type checker fails for some odd reason
$found_avatars = array_keys($results);
$avatar_url = find_theme_image(array_shift($found_avatars), true, true);
}
if (is_null($avatar_url)) {
$GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => ''));
// In case failure cached, gets very confusing
$avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
if (is_null($avatar_url)) {
$avatar_url = '';
}
}
}
}
if ($check_correctness) {
if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) {
ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL);
}
if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) {
require_code('type_validation');
if (!is_valid_email_address($email_address) && $email_address != '') {
warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
}
}
}
require_code('ocf_members');
require_code('ocf_groups');
if (is_null($last_submit_time)) {
$last_submit_time = time();
}
if (is_null($join_time)) {
$join_time = time();
}
if (is_null($last_visit_time)) {
$last_visit_time = time();
}
if (is_null($primary_group)) {
$primary_group = get_first_default_group();
// This is members
}
if (is_null($secondary_groups)) {
$secondary_groups = ocf_get_all_default_groups(false);
}
foreach ($secondary_groups as $_g_id => $g_id) {
if ($g_id == $primary_group) {
unset($secondary_groups[$_g_id]);
}
}
if (is_null($ip_address)) {
$ip_address = get_ip_address();
}
if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$salt = '';
}
if ($salt == '' && $password_compatibility_scheme == '') {
$salt = produce_salt();
$password_salted = md5($salt . md5($password));
} else {
$password_salted = $password;
}
// Supplement custom field values given with defaults, and check constraints
$all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups));
require_code('fields');
foreach ($all_fields as $field) {
$field_id = $field['id'];
if (array_key_exists($field_id, $custom_fields)) {
if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) {
access_denied('I_ERROR');
}
} else {
$custom_fields[$field_id] = '';
}
}
if (!addon_installed('unvalidated')) {
$validated = 1;
}
$map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL);
if (!is_null($id)) {
$map['id'] = $id;
}
$member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true);
if ($check_correctness) {
// If it was an invite/recommendation, award the referrer
if (addon_installed('recommend')) {
$inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time');
if (!is_null($inviter)) {
if (addon_installed('points')) {
require_code('points2');
require_lang('recommend');
system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter);
}
if (addon_installed('chat')) {
require_code('chat2');
buddy_add($inviter, $member_id);
buddy_add($member_id, $inviter);
}
}
}
}
$value = mixed();
// Store custom fields
$row = array('mf_member_id' => $member_id);
$all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
foreach ($custom_fields as $field_num => $value) {
if (!array_key_exists($field_num, $all_fields_types)) {
continue;
}
// Trying to set a field we're not allowed to (doesn't apply to our group)
$ob = get_fields_hook($all_fields_types[$field_num]);
list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]);
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field_num)] = $value;
}
// Set custom field row
$all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type'));
foreach ($all_fields_regardless as $field) {
if (!array_key_exists('field_' . strval($field['id']), $row)) {
$ob = get_fields_hook($field['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($field);
$value = '';
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field['id'])] = $value;
}
}
$GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row);
// Any secondary work
foreach ($secondary_groups as $g) {
if ($g != $primary_group) {
$GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1);
$GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1));
}
}
if ($check_correctness) {
if (function_exists('decache')) {
decache('side_stats');
}
}
return $member_id;
}
function handle_facebook_connection_login($current_logged_in_member)
{
if (!class_exists('ocp_tempcode')) {
return NULL;
}
if (is_guest($current_logged_in_member)) {
$current_logged_in_member = NULL;
// We are not a normal cookie login so ocPortal has loaded up a Guest session already in the expectation of keeping it. Unsetting it will force a rebind (existing session may be reused though)
require_code('users_inactive_occasionals');
set_session_id(-1);
}
// If already session-logged-in onto a Facebook account, don't bother doing anything
if (!is_null($current_logged_in_member) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($current_logged_in_member, 'm_password_compat_scheme') == 'facebook') {
return $current_logged_in_member;
}
// Who is this user, from Facebook's point of view?
global $FACEBOOK_CONNECT;
$facebook_uid = $FACEBOOK_CONNECT->getUser();
if (is_null($facebook_uid)) {
return $current_logged_in_member;
}
try {
$details = $FACEBOOK_CONNECT->api('/me');
} catch (Exception $e) {
return $current_logged_in_member;
}
$details2 = $FACEBOOK_CONNECT->api('/me', array('fields' => 'picture', 'type' => 'normal'));
if (!is_array($details) || !is_array($details2)) {
return $current_logged_in_member;
}
$details = array_merge($details, $details2);
if (!isset($details['name'])) {
return $current_logged_in_member;
}
$username = $details['name'];
$photo_url = array_key_exists('picture', $details) ? $details['picture'] : '';
if (is_array($photo_url)) {
$photo_url = $photo_url['data']['url'];
}
if ($photo_url != '') {
$photo_url = 'http://graph.facebook.com/' . strval($facebook_uid) . '/picture?type=large';
// In case URL changes
}
$avatar_url = $photo_url == '' ? mixed() : $photo_url;
$photo_thumb_url = '';
if ($photo_url != '') {
$photo_thumb_url = $photo_url;
}
$email_address = array_key_exists('email', $details) ? $details['email'] : '';
$timezone = mixed();
if (isset($details['timezone'])) {
require_code('temporal');
$timezone = convert_timezone_offset_to_formal_timezone($details['timezone']);
}
$language = mixed();
if (isset($details['locale'])) {
$language = strtoupper($details['locale']);
}
if ($language !== NULL) {
if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) {
$language = preg_replace('#\\_.*$#', '', $language);
if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) {
$language = '';
}
}
}
$dob = array_key_exists('birthday', $details) ? $details['birthday'] : '';
$dob_day = mixed();
$dob_month = mixed();
$dob_year = mixed();
if ($dob != '') {
$_dob = explode('/', $dob);
$dob_day = intval($_dob[1]);
$dob_month = intval($_dob[0]);
$dob_year = intval($_dob[2]);
}
// See if they have logged in before - i.e. have a synched account
$member_row = $GLOBALS['FORUM_DB']->query_select('f_members', array('*'), array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), 'ORDER BY id DESC', 1);
$member = array_key_exists(0, $member_row) ? $member_row[0]['id'] : NULL;
if (is_guest($member)) {
$member = NULL;
}
/*if (!is_null($member)) // Useful for debugging
{
require_code('ocf_members_action2');
ocf_delete_member($member);
$member=NULL;
}*/
// If logged in before using Facebook, see if they've changed their name or email or timezone on Facebook -- if so, try and update locally to match
if (!is_null($member)) {
if (!is_null($current_logged_in_member) && $current_logged_in_member !== NULL && !is_guest($current_logged_in_member) && $current_logged_in_member != $member) {
return $current_logged_in_member;
}
// User has an active login, and the Facebook account is bound to a DIFFERENT login. Take precedence to the other login that is active on top of this
$last_visit_time = $member[0]['m_last_visit_time'];
if ($timezone !== NULL) {
if (tz_time(time(), $timezone) == tz_time(time(), $member[0]['m_timezone_offset'])) {
$timezone = $member[0]['m_timezone_offset'];
}
// If equivalent, don't change
}
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $username));
if (!is_null($test)) {
$update_map = array('m_username' => $username, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year);
if ($email_address != '') {
$update_map['m_email_address'] = $email_address;
}
if ($avatar_url !== NULL && ($test == '' || strpos($test, 'facebook') !== false || strpos($test, 'fbcdn') !== false)) {
if ($timezone !== NULL) {
$update_map['m_timezone_offset'] = $timezone;
}
$update_map['m_avatar_url'] = $avatar_url;
$update_map['m_photo_url'] = $photo_url;
$update_map['m_photo_thumb_url'] = $photo_thumb_url;
}
$GLOBALS['FORUM_DB']->query_update('f_members', $update_map, array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => strval($facebook_uid)), '', 1);
if ($username != $member[0]['m_username']) {
// Fix cacheing for usernames
$to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username');
foreach ($to_fix as $fix) {
list($table, $field) = explode('/', $fix);
$GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $member[0]['m_username']));
}
}
}
}
// Not logged in before using Facebook, so we need to create an account, or bind to the active ocPortal login if there is one
$in_a_sane_place = get_page_name() != 'login' && (running_script('index') || running_script('execute_temp'));
// If we're in some weird script, or the login module UI, it's not a sane place, don't be doing account creation yet
if (is_null($member) && $in_a_sane_place) {
// Bind to existing ocPortal login?
if (!is_null($current_logged_in_member)) {
/*if (post_param_integer('associated_confirm',0)==0) Won't work because Facebook is currently done in JS and cookies force this. If user wishes to cancel they must go to http://www.facebook.com/settings?tab=applications and remove the app, then run a lost password reset.
{
$title=get_page_title('LOGIN_FACEBOOK_HEADER');
$message=do_lang_tempcode('LOGGED_IN_SURE_FACEBOOK',escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)));
$middle=do_template('YESNO_SCREEN',array('TITLE'=>$title,'TEXT'=>$message,'HIDDEN'=>form_input_hidden('associated_confirm','1'),'URL'=>get_self_url_easy()));
$tpl=globalise($middle,NULL,'',true);
$tpl->evaluate_echo();
exit();
}*/
$GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), array('id' => $current_logged_in_member), '', 1);
require_code('site');
require_lang('facebook');
attach_message(do_lang_tempcode('FACEBOOK_ACCOUNT_CONNECTED', escape_html(get_site_name()), escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)), array(escape_html($username))), 'inform');
return $current_logged_in_member;
}
// If we're still here, we have to create a new account...
// -------------------------------------------------------
$completion_form_submitted = post_param('email_address', '') != '';
// If there's a conflicting username, we may need to change it (suffix a number)
require_code('ocf_members_action2');
$username = get_username_from_human_name($username);
// Ask ocP to finish off the profile from the information presented in the POST environment (a standard mechanism in ocPortal, for third party logins of various kinds)
require_lang('ocf');
require_code('ocf_members');
require_code('ocf_groups');
require_code('ocf_members2');
require_code('ocf_members_action');
$_custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, 1);
if (!$completion_form_submitted && count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') {
$GLOBALS['FACEBOOK_FINISHING_PROFILE'] = true;
$middle = ocf_member_external_linker_ask($username, 'facebook', $email_address, $dob_day, $dob_month, $dob_year);
$tpl = globalise($middle, NULL, '', true);
$tpl->evaluate_echo();
exit;
} else {
$username = post_param('username', $username);
if (count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') {
// Was not auto-generated, so needs to be checked
ocf_check_name_valid($username, NULL, NULL);
}
$member = ocf_member_external_linker($username, $facebook_uid, 'facebook', false, $email_address, $dob_day, $dob_month, $dob_year, $timezone, $language, $avatar_url, $photo_url, $photo_thumb_url);
}
}
if (!is_null($member)) {
require_code('users_inactive_occasionals');
create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1');
// This will mark it as confirmed
}
return $member;
}
/**
* Find the first default group.
*
* @return GROUP The first default group.
*/
function get_first_default_group()
{
$default_groups = ocf_get_all_default_groups(true);
return array_pop($default_groups);
}
/**
* The actualiser for adding a member.
*
* @return tempcode The UI
*/
function step2()
{
$title = get_page_title('ADD_MEMBER');
// Read in data
$username = trim(post_param('username'));
$password = trim(post_param('password'));
/* $password_confirm=trim(post_param('password_confirm'));
if ($password!=$password_confirm) warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));*/
$email_address = trim(post_param('email_address', ''));
$dob_day = post_param_integer('dob_day', NULL);
$dob_month = post_param_integer('dob_month', NULL);
$dob_year = post_param_integer('dob_year', NULL);
$reveal_age = post_param_integer('reveal_age', 0);
$timezone = post_param('timezone', get_site_timezone());
$language = post_param('language', get_site_default_lang());
$allow_emails = post_param_integer('allow_emails', 0);
$allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
$custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true));
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
$validated = post_param_integer('validated', 0);
$primary_group = has_specific_permission(get_member(), 'assume_any_member') ? post_param_integer('primary_group') : NULL;
$theme = post_param('theme', '');
$views_signatures = post_param_integer('views_signatures', 0);
$preview_posts = post_param_integer('preview_posts', 0);
$auto_monitor_contrib_content = post_param_integer('auto_monitor_contrib_content', 0);
$pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : '';
$tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true);
$all_pt_allow = '';
foreach (array_keys($tmp_groups) as $key) {
if ($key != db_get_first_id()) {
if ($all_pt_allow != '') {
$all_pt_allow .= ',';
}
$all_pt_allow .= strval($key);
}
}
if ($pt_allow == $all_pt_allow) {
$pt_allow = '*';
}
$pt_rules_text = post_param('pt_rules_text', '');
breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu', do_lang_tempcode('MEMBERS')), array('_SELF:_SELF:misc', do_lang_tempcode('ADD_MEMBER'))));
breadcrumb_set_self(do_lang_tempcode('DETAILS'));
// Add member
$id = ocf_make_member($username, $password, $email_address, NULL, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), NULL, '', NULL, '', 0, $preview_posts, $reveal_age, '', '', '', $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, '', '', '', true, '', '', post_param_integer('zone_wide', 0), NULL, NULL, post_param_integer('highlighted_name', 0), $pt_allow, $pt_rules_text);
// Secondary groups
if (array_key_exists('secondary_groups', $_POST)) {
require_code('ocf_groups_action2');
$members_groups = array();
$group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
$groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL));
foreach ($_POST['secondary_groups'] as $group_id) {
$group = $groups[intval($group_id)];
if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) {
continue;
}
if (in_array($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1) {
ocf_add_member_to_group($id, $group['id']);
}
}
}
$special_links = array();
if (addon_installed('galleries')) {
require_lang('galleries');
$special_links[] = array('galleries', array('cms_galleries', array('type' => 'gimp', 'id' => $id), get_module_zone('cms_galleries')), do_lang('ADD_GALLERY'));
}
require_code('templates_donext');
return do_next_manager($title, do_lang_tempcode('SUCCESS'), NULL, NULL, array('_SELF', array('type' => 'misc'), '_SELF'), NULL, NULL, array('members', array('type' => 'view', 'id' => $id), get_module_zone('members')), array('members', array('type' => 'misc'), get_module_zone('members'), do_lang_tempcode('MEMBERS')), NULL, NULL, NULL, NULL, NULL, $special_links, NULL, NULL, NULL, NULL, do_lang_tempcode('MEMBERS'));
}
/**
* (LDAP helper for ocf_get_members_groups) Get a list of the usergroups a member is in (keys say the usergroups, values are irrelevant).
*
* @param ?MEMBER The member to find the usergroups of (NULL: current member).
* @return array The list (e.g. array(1=>1,2=>1,3=>1) for someone in (1,2,3)). The keys are all that matters, values are arbitrary.
*/
function ocf_get_members_groups_ldap($member_id)
{
$groups = array();
global $LDAP_CONNECTION;
$cn = ocf_member_ocfid_to_ldapcn($member_id);
if (get_option('ldap_is_windows') == '0') {
// Members under group (secondary)
$results = ldap_search($LDAP_CONNECTION, group_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(memberuid=' . ocp_ldap_escape($cn) . '))', array(group_property()), 1);
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
foreach ($entries as $key => $entry) {
if ($key === 'dn') {
$group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry['dn']), 'dn');
$group_id = ocf_group_ldapcn_to_ocfid($group_cn);
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
if (!is_numeric($key)) {
continue;
}
if (!array_key_exists(group_property(), $entry)) {
continue;
}
if (!array_key_exists(0, $entry[group_property()])) {
continue;
}
$group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry[group_property()][0]), group_property());
$group_id = ocf_group_ldapcn_to_ocfid($group_cn);
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
ldap_free_result($results);
// Groups under member (primary)
$results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('gidnumber'));
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
$group_id_use = NULL;
foreach ($entries as $key => $group) {
if (!is_numeric($key)) {
continue;
}
$group_id = ocf_group_ldapgid_to_ocfid($group['gidnumber'][0]);
if (!is_null($group_id)) {
$group_id_use = $group_id;
}
}
ldap_free_result($results);
if (is_null($group_id_use)) {
$group_id_use = get_first_default_group();
}
$groups[$group_id_use] = 1;
} else {
// Groups under member (Active Directory makes no distinction)
$results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('memberof'));
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
$group_id_use = NULL;
if (array_key_exists(0, $entries) && array_key_exists('memberof', $entries[0])) {
foreach ($entries[0]['memberof'] as $key => $group) {
if (!is_numeric($key)) {
continue;
}
$group_id = ocf_group_ldapcn_to_ocfid(ocf_long_cn_to_short_cn($group, group_property()));
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
}
ldap_free_result($results);
if (count($groups) == 0) {
$groups = array_flip(ocf_get_all_default_groups(true));
}
}
return $groups;
}
/**
* Get form fields for adding/editing/finishing a member profile.
*
* @param boolean Whether we are only handling the essential details of a profile.
* @param ?MEMBER The ID of the member we are handling (NULL: new member).
* @param ?array A list of usergroups (NULL: default/current usergroups).
* @param ?array A map of custom fields values (field-id=>value) (NULL: not known).
* @return array A pair: The form fields, Hidden fields (both Tempcode).
*/
function ocf_get_member_fields_profile($mini_mode = true, $member_id = NULL, $groups = NULL, $custom_fields = NULL)
{
$fields = new ocp_tempcode();
$hidden = new ocp_tempcode();
if (is_null($groups)) {
$groups = is_null($member_id) ? ocf_get_all_default_groups(true) : $GLOBALS['OCF_DRIVER']->get_members_groups($member_id);
}
$_custom_fields = ocf_get_all_custom_fields_match($groups, $mini_mode || is_null($member_id) || $member_id == get_member() || has_specific_permission(get_member(), 'view_any_profile_field') ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, NULL, NULL, NULL, 0, $mini_mode ? true : NULL);
$GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = true;
$field_groups = array();
require_code('fields');
foreach ($_custom_fields as $custom_field) {
// if (($custom_field['cf_locked']==0) || (!is_null($member_id)))
// {
$ob = get_fields_hook($custom_field['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($custom_field);
$existing_field = !is_null($custom_fields) && array_key_exists($custom_field['id'], $custom_fields);
if ($existing_field) {
$value = mixed();
$value = $custom_fields[$custom_field['id']];
if (is_float($value)) {
$value = float_to_raw_string($value, 10, true);
} elseif (is_integer($value)) {
$value = strval($value);
}
if (strpos($storage_type, '_trans') !== false) {
$value = is_null($value) || $value == 0 ? '' : get_translated_text($value, $GLOBALS['FORUM_DB']);
}
if ($custom_field['cf_encrypted'] == 1 && is_encryption_enabled()) {
$value = remove_magic_encryption_marker($value);
}
} else {
$value = $custom_field['cf_default'];
}
$result = new ocp_tempcode();
$_description = escape_html(get_translated_text($custom_field['cf_description'], $GLOBALS['FORUM_DB']));
$field_cat = '';
$matches = array();
if (strpos($custom_field['trans_name'], ': ') !== false) {
$field_cat = substr($custom_field['trans_name'], 0, strpos($custom_field['trans_name'], ': '));
if ($field_cat . ': ' == $custom_field['trans_name']) {
$custom_field['trans_name'] = $field_cat;
// Just been pulled out as heading, nothing after ": "
} else {
$custom_field['trans_name'] = substr($custom_field['trans_name'], strpos($custom_field['trans_name'], ': ') + 2);
}
} elseif (preg_match('#(^\\([A-Z][^\\)]*\\) )|( \\([A-Z][^\\)]*\\)$)#', $custom_field['trans_name'], $matches) != 0) {
$field_cat = trim($matches[0], '() ');
$custom_field['trans_name'] = str_replace($matches[0], '', $custom_field['trans_name']);
}
$result = $ob->get_field_inputter($custom_field['trans_name'], $_description, $custom_field, $value, !$existing_field);
if (!array_key_exists($field_cat, $field_groups)) {
$field_groups[$field_cat] = new ocp_tempcode();
}
if (is_array($result)) {
$field_groups[$field_cat]->attach($result[0]);
$hidden->attach($result[1]);
} else {
$field_groups[$field_cat]->attach($result);
}
$hidden->attach(form_input_hidden('label_for__custom_' . strval($custom_field['id']) . '_value', $custom_field['trans_name']));
// }
}
if (array_key_exists('', $field_groups)) {
$field_groups_blank = $field_groups[''];
unset($field_groups['']);
$field_groups = array_merge(array($field_groups_blank), $field_groups);
}
foreach ($field_groups as $field_group_title => $extra_fields) {
if (is_integer($field_group_title)) {
$field_group_title = $field_group_title == 0 ? '' : strval($field_group_title);
}
if ($field_group_title != '') {
$fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => $field_group_title)));
}
$fields->attach($extra_fields);
}
$GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = false;
return array($fields, $hidden);
}
/**
* Actualise the join form.
*
* @param boolean Whether to handle CAPTCHA (if enabled at all)
* @param boolean Whether to ask for intro messages (if enabled at all)
* @param boolean Whether to check for invites (if enabled at all)
* @param boolean Whether to check email-address restrictions (if enabled at all)
* @param boolean Whether to require staff confirmation (if enabled at all)
* @param boolean Whether to force email address validation (if enabled at all)
* @param boolean Whether to do COPPA checks (if enabled at all)
* @param boolean Whether to instantly log the user in
* @return array A tuple: Messages to show (currently nothing else in tuple)
*/
function ocf_join_actual($captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true, $confirm_if_enabled = true, $validate_if_enabled = true, $coppa_if_enabled = true, $instant_login = false)
{
ocf_require_all_forum_stuff();
require_css('ocf');
require_code('ocf_members_action');
require_code('ocf_members_action2');
// Read in data
$username = trim(post_param('username'));
ocf_check_name_valid($username, NULL, NULL, true);
// Adjusts username if needed
$password = trim(post_param('password'));
$password_confirm = trim(post_param('password_confirm'));
if ($password != $password_confirm) {
warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
}
$confirm_email_address = post_param('email_address_confirm', NULL);
$email_address = trim(post_param('email_address'));
if (!is_null($confirm_email_address)) {
if (trim($confirm_email_address) != $email_address) {
warn_exit(make_string_tempcode(escape_html(do_lang('EMAIL_ADDRESS_MISMATCH'))));
}
}
require_code('type_validation');
if (!is_valid_email_address($email_address)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
if ($invites_if_enabled) {
if (get_option('is_on_invites') == '1') {
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address, 'i_taken' => 0));
if (is_null($test)) {
warn_exit(do_lang_tempcode('NO_INVITE'));
}
}
$GLOBALS['FORUM_DB']->query_update('f_invites', array('i_taken' => 1), array('i_email_address' => $email_address, 'i_taken' => 0), '', 1);
}
$dob_day = post_param_integer('dob_day', NULL);
$dob_month = post_param_integer('dob_month', NULL);
$dob_year = post_param_integer('dob_year', NULL);
$reveal_age = post_param_integer('reveal_age', 0);
$timezone = post_param('timezone', get_users_timezone());
$language = post_param('language', get_site_default_lang());
$allow_emails = post_param_integer('allow_emails', 0);
$allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
$groups = ocf_get_all_default_groups(true);
// $groups will contain the built in default primary group too (it is not $secondary_groups)
$primary_group = post_param_integer('primary_group', NULL);
if ($primary_group !== NULL && !in_array($primary_group, $groups)) {
// Check security
$test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group));
if ($test == 1) {
$groups = ocf_get_all_default_groups(false);
// Get it so it does not include the built in default primary group
$groups[] = $primary_group;
// And add in the *chosen* primary group
} else {
$primary_group = NULL;
}
} else {
$primary_group = NULL;
}
if ($primary_group === NULL) {
$primary_group = get_first_default_group();
}
$custom_fields = ocf_get_all_custom_fields_match($groups, NULL, NULL, NULL, NULL, NULL, NULL, 0, true);
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
// Check that the given address isn't already used (if one_per_email_address on)
$member_id = NULL;
if ($one_per_email_address_if_enabled) {
if (get_option('one_per_email_address') == '1') {
$test = $GLOBALS['FORUM_DB']->query_select('f_members', array('id', 'm_username'), array('m_email_address' => $email_address), '', 1);
if (array_key_exists(0, $test)) {
if ($test[0]['m_username'] != $username) {
$reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword'));
warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate())));
}
$member_id = $test[0]['id'];
}
}
}
if ($captcha_if_enabled) {
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
}
if (addon_installed('ldap')) {
require_code('ocf_ldap');
if (ocf_is_ldap_member_potential($username)) {
warn_exit(do_lang_tempcode('DUPLICATE_JOIN_AUTH'));
}
}
// Add member
$skip_confirm = get_option('skip_email_confirm_join') == '1';
if (!$confirm_if_enabled) {
$skip_confirm = true;
}
$validated_email_confirm_code = $skip_confirm ? '' : strval(mt_rand(1, 32000));
$require_new_member_validation = get_option('require_new_member_validation') == '1';
if (!$validate_if_enabled) {
$require_new_member_validation = false;
}
$coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)) / 31536000.0 < 13.0;
if (!$coppa_if_enabled) {
$coppa = false;
}
$validated = $require_new_member_validation || $coppa ? 0 : 1;
if (is_null($member_id)) {
$member_id = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), time(), '', NULL, '', 0, get_option('default_preview_guests') == '1' ? 1 : 0, $reveal_age, '', '', '', 1, get_value('no_auto_notifications') === '1' ? 0 : 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), $validated_email_confirm_code, true, '', '');
}
// Send confirm mail
if (!$skip_confirm) {
$zone = get_module_zone('join');
if ($zone != '') {
$zone .= '/';
}
$_url = build_url(array('page' => 'join', 'type' => 'step4', 'email' => $email_address, 'code' => $validated_email_confirm_code), $zone, NULL, false, false, true);
$url = $_url->evaluate();
$_url_simple = build_url(array('page' => 'join', 'type' => 'step4'), $zone, NULL, false, false, true);
$url_simple = $_url_simple->evaluate();
$redirect = get_param('redirect', '');
if ($redirect != '') {
$url .= '&redirect=' . ocp_url_encode($redirect);
}
$message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $email_address, $validated_email_confirm_code), $language);
require_code('mail');
if (!$coppa) {
mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $language), $message, array($email_address), $username, '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true);
}
}
// Send COPPA mail
if ($coppa) {
$fields_done = do_lang('THIS_WITH_COMCODE', do_lang('USERNAME'), $username) . "\n\n";
foreach ($custom_fields as $custom_field) {
if ($custom_field['cf_type'] != 'upload') {
$fields_done .= do_lang('THIS_WITH_COMCODE', $custom_field['trans_name'], post_param('custom_' . $custom_field['id'] . '_value')) . "\n";
}
}
$_privacy_url = build_url(array('page' => 'privacy'), '_SEARCH', NULL, false, false, true);
$privacy_url = $_privacy_url->evaluate();
$message = do_lang('COPPA_MAIL', comcode_escape(get_option('site_name')), comcode_escape(get_option('privacy_fax')), array(comcode_escape(get_option('privacy_postal_address')), comcode_escape($fields_done), comcode_escape($privacy_url)), $language);
require_code('mail');
mail_wrap(do_lang('COPPA_JOIN_SUBJECT', $username, get_site_name(), NULL, $language), $message, array($email_address), $username);
}
// Send 'validate this member' notification
if ($require_new_member_validation) {
require_code('notifications');
$_validation_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true, 'tab__edit');
$validation_url = $_validation_url->evaluate();
$message = do_lang('VALIDATE_NEW_MEMBER_MAIL', comcode_escape($username), comcode_escape($validation_url), comcode_escape(strval($member_id)), get_site_default_lang());
dispatch_notification('ocf_member_needs_validation', NULL, do_lang('VALIDATE_NEW_MEMBER_SUBJECT', $username, NULL, NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
}
// Send new member notification
require_code('notifications');
$_member_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true);
$member_url = $_member_url->evaluate();
$message = do_lang('NEW_MEMBER_NOTIFICATION_MAIL', comcode_escape($username), comcode_escape(get_site_name()), array(comcode_escape($member_url), comcode_escape(strval($member_id))), get_site_default_lang());
dispatch_notification('ocf_new_member', NULL, do_lang('NEW_MEMBER_NOTIFICATION_MAIL_SUBJECT', $username, get_site_name(), NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
// Intro post
if ($intro_message_if_enabled) {
$forum_id = get_option('intro_forum_id');
if ($forum_id != '') {
if (!is_numeric($forum_id)) {
$_forum_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $forum_id));
if (is_null($_forum_id)) {
$forum_id = strval(db_get_first_id());
} else {
$forum_id = strval($_forum_id);
}
}
$intro_title = post_param('intro_title', '');
$intro_post = post_param('intro_post', '');
if ($intro_post != '') {
require_code('ocf_topics_action');
if ($intro_title == '') {
$intro_title = do_lang('INTRO_POST_DEFAULT', $username);
}
$topic_id = ocf_make_topic(intval($forum_id));
require_code('ocf_posts_action');
ocf_make_post($topic_id, $intro_title, $intro_post, 0, true, NULL, 0, NULL, NULL, NULL, $member_id);
}
}
}
// Alert user to situation
$message = new ocp_tempcode();
if ($coppa) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_COPPA'));
} elseif ($require_new_member_validation) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_VALIDATED', escape_html(get_custom_base_url())));
} elseif ($skip_confirm) {
if ($instant_login) {
require_code('users_active_actions');
handle_active_login($username);
$message->attach(do_lang_tempcode('OCF_LOGIN_AUTO'));
} else {
$_login_url = build_url(array('page' => 'login', 'redirect' => get_param('redirect', NULL)), get_module_zone('login'));
$login_url = $_login_url->evaluate();
$message->attach(do_lang_tempcode('OCF_LOGIN_INSTANT', escape_html($login_url)));
}
} else {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_INSTANT'));
}
$message = protect_from_escaping($message);
return array($message);
}
