/** * Add a member. * * @param SHORT_TEXT The username. * @param SHORT_TEXT The password. * @param SHORT_TEXT The e-mail address. * @param ?array A list of usergroups (NULL: default/current usergroups). * @param ?integer Day of date of birth (NULL: unknown). * @param ?integer Month of date of birth (NULL: unknown). * @param ?integer Year of date of birth (NULL: unknown). * @param array A map of custom field values (field-id=>value). * @param ?ID_TEXT The member timezone (NULL: auto-detect). * @param ?GROUP The member's primary (NULL: default). * @param BINARY Whether the profile has been validated. * @param ?TIME When the member joined (NULL: now). * @param ?TIME When the member last visited (NULL: now). * @param ID_TEXT The member's default theme. * @param ?URLPATH The URL to the member's avatar (blank: none) (NULL: choose one automatically). * @param LONG_TEXT The member's signature (blank: none). * @param BINARY Whether the member is permanently banned. * @param BINARY Whether posts are previewed before they are made. * @param BINARY Whether the member's age may be shown. * @param SHORT_TEXT The member's title (blank: get from primary). * @param URLPATH The URL to the member's photo (blank: none). * @param URLPATH The URL to the member's photo thumbnail (blank: none). * @param BINARY Whether the member sees signatures in posts. * @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config). * @param ?LANGUAGE_NAME The member's language (NULL: auto detect). * @param BINARY Whether the member allows e-mails via the site. * @param BINARY Whether the member allows e-mails from staff via the site. * @param LONG_TEXT Personal notes of the member. * @param ?IP The member's IP address (NULL: IP address of current user). * @param SHORT_TEXT The code required before the account becomes active (blank: already entered). * @param boolean Whether to check details for correctness. * @param ?ID_TEXT The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted). * @param SHORT_TEXT The password salt (blank: password compatibility scheme does not use a salt / auto-generate). * @param BINARY Whether the member likes to view zones without menus, when a choice is available. * @param ?TIME The time the member last made a submission (NULL: set to now). * @param ?AUTO_LINK Force an ID (NULL: don't force an ID) * @param BINARY Whether the member username will be highlighted. * @param SHORT_TEXT Usergroups that may PT the member. * @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member. * @return AUTO_LINK The ID of the new member. */ function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '') { if (is_null($auto_monitor_contrib_content)) { $auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1; } if (is_null($password_compatibility_scheme)) { if (get_value('no_password_hashing') === '1') { $password_compatibility_scheme = 'plain'; } else { $password_compatibility_scheme = ''; } } if (is_null($language)) { $language = ''; } if (is_null($signature)) { $signature = ''; } if (is_null($title)) { $title = ''; } if (is_null($timezone)) { $timezone = get_site_timezone(); } if (is_null($allow_emails)) { $allow_emails = 1; } if (is_null($allow_emails_from_staff)) { $allow_emails_from_staff = 1; } if (is_null($personal_notes)) { $personal_notes = ''; } if (is_null($avatar_url)) { if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) { $avatar_url = ''; } else { if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) { require_code('themes2'); $codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']); shuffle($codes); $results = array(); foreach ($codes as $code) { if (strpos($code, 'ocp_fanatic') !== false) { continue; } $count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true))); if (is_null($count)) { $count = 0; } $results[$code] = $count; } @asort($results); // @'d as type checker fails for some odd reason $found_avatars = array_keys($results); $avatar_url = find_theme_image(array_shift($found_avatars), true, true); } if (is_null($avatar_url)) { $GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => '')); // In case failure cached, gets very confusing $avatar_url = find_theme_image('ocf_default_avatars/default', true, true); if (is_null($avatar_url)) { $avatar_url = ''; } } } } if ($check_correctness) { if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) { ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL); } if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) { require_code('type_validation'); if (!is_valid_email_address($email_address) && $email_address != '') { warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address))); } } } require_code('ocf_members'); require_code('ocf_groups'); if (is_null($last_submit_time)) { $last_submit_time = time(); } if (is_null($join_time)) { $join_time = time(); } if (is_null($last_visit_time)) { $last_visit_time = time(); } if (is_null($primary_group)) { $primary_group = get_first_default_group(); // This is members } if (is_null($secondary_groups)) { $secondary_groups = ocf_get_all_default_groups(false); } foreach ($secondary_groups as $_g_id => $g_id) { if ($g_id == $primary_group) { unset($secondary_groups[$_g_id]); } } if (is_null($ip_address)) { $ip_address = get_ip_address(); } if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') { $password_compatibility_scheme = 'plain'; $salt = ''; } if ($salt == '' && $password_compatibility_scheme == '') { $salt = produce_salt(); $password_salted = md5($salt . md5($password)); } else { $password_salted = $password; } // Supplement custom field values given with defaults, and check constraints $all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups)); require_code('fields'); foreach ($all_fields as $field) { $field_id = $field['id']; if (array_key_exists($field_id, $custom_fields)) { if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) { access_denied('I_ERROR'); } } else { $custom_fields[$field_id] = ''; } } if (!addon_installed('unvalidated')) { $validated = 1; } $map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL); if (!is_null($id)) { $map['id'] = $id; } $member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true); if ($check_correctness) { // If it was an invite/recommendation, award the referrer if (addon_installed('recommend')) { $inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time'); if (!is_null($inviter)) { if (addon_installed('points')) { require_code('points2'); require_lang('recommend'); system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter); } if (addon_installed('chat')) { require_code('chat2'); buddy_add($inviter, $member_id); buddy_add($member_id, $inviter); } } } } $value = mixed(); // Store custom fields $row = array('mf_member_id' => $member_id); $all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields); foreach ($custom_fields as $field_num => $value) { if (!array_key_exists($field_num, $all_fields_types)) { continue; } // Trying to set a field we're not allowed to (doesn't apply to our group) $ob = get_fields_hook($all_fields_types[$field_num]); list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]); if (strpos($storage_type, '_trans') !== false) { $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']); } $row['field_' . strval($field_num)] = $value; } // Set custom field row $all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type')); foreach ($all_fields_regardless as $field) { if (!array_key_exists('field_' . strval($field['id']), $row)) { $ob = get_fields_hook($field['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($field); $value = ''; if (strpos($storage_type, '_trans') !== false) { $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']); } $row['field_' . strval($field['id'])] = $value; } } $GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row); // Any secondary work foreach ($secondary_groups as $g) { if ($g != $primary_group) { $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1); $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1)); } } if ($check_correctness) { if (function_exists('decache')) { decache('side_stats'); } } return $member_id; }
function handle_facebook_connection_login($current_logged_in_member) { if (!class_exists('ocp_tempcode')) { return NULL; } if (is_guest($current_logged_in_member)) { $current_logged_in_member = NULL; // We are not a normal cookie login so ocPortal has loaded up a Guest session already in the expectation of keeping it. Unsetting it will force a rebind (existing session may be reused though) require_code('users_inactive_occasionals'); set_session_id(-1); } // If already session-logged-in onto a Facebook account, don't bother doing anything if (!is_null($current_logged_in_member) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($current_logged_in_member, 'm_password_compat_scheme') == 'facebook') { return $current_logged_in_member; } // Who is this user, from Facebook's point of view? global $FACEBOOK_CONNECT; $facebook_uid = $FACEBOOK_CONNECT->getUser(); if (is_null($facebook_uid)) { return $current_logged_in_member; } try { $details = $FACEBOOK_CONNECT->api('/me'); } catch (Exception $e) { return $current_logged_in_member; } $details2 = $FACEBOOK_CONNECT->api('/me', array('fields' => 'picture', 'type' => 'normal')); if (!is_array($details) || !is_array($details2)) { return $current_logged_in_member; } $details = array_merge($details, $details2); if (!isset($details['name'])) { return $current_logged_in_member; } $username = $details['name']; $photo_url = array_key_exists('picture', $details) ? $details['picture'] : ''; if (is_array($photo_url)) { $photo_url = $photo_url['data']['url']; } if ($photo_url != '') { $photo_url = 'http://graph.facebook.com/' . strval($facebook_uid) . '/picture?type=large'; // In case URL changes } $avatar_url = $photo_url == '' ? mixed() : $photo_url; $photo_thumb_url = ''; if ($photo_url != '') { $photo_thumb_url = $photo_url; } $email_address = array_key_exists('email', $details) ? $details['email'] : ''; $timezone = mixed(); if (isset($details['timezone'])) { require_code('temporal'); $timezone = convert_timezone_offset_to_formal_timezone($details['timezone']); } $language = mixed(); if (isset($details['locale'])) { $language = strtoupper($details['locale']); } if ($language !== NULL) { if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = preg_replace('#\\_.*$#', '', $language); if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = ''; } } } $dob = array_key_exists('birthday', $details) ? $details['birthday'] : ''; $dob_day = mixed(); $dob_month = mixed(); $dob_year = mixed(); if ($dob != '') { $_dob = explode('/', $dob); $dob_day = intval($_dob[1]); $dob_month = intval($_dob[0]); $dob_year = intval($_dob[2]); } // See if they have logged in before - i.e. have a synched account $member_row = $GLOBALS['FORUM_DB']->query_select('f_members', array('*'), array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), 'ORDER BY id DESC', 1); $member = array_key_exists(0, $member_row) ? $member_row[0]['id'] : NULL; if (is_guest($member)) { $member = NULL; } /*if (!is_null($member)) // Useful for debugging { require_code('ocf_members_action2'); ocf_delete_member($member); $member=NULL; }*/ // If logged in before using Facebook, see if they've changed their name or email or timezone on Facebook -- if so, try and update locally to match if (!is_null($member)) { if (!is_null($current_logged_in_member) && $current_logged_in_member !== NULL && !is_guest($current_logged_in_member) && $current_logged_in_member != $member) { return $current_logged_in_member; } // User has an active login, and the Facebook account is bound to a DIFFERENT login. Take precedence to the other login that is active on top of this $last_visit_time = $member[0]['m_last_visit_time']; if ($timezone !== NULL) { if (tz_time(time(), $timezone) == tz_time(time(), $member[0]['m_timezone_offset'])) { $timezone = $member[0]['m_timezone_offset']; } // If equivalent, don't change } $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $username)); if (!is_null($test)) { $update_map = array('m_username' => $username, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year); if ($email_address != '') { $update_map['m_email_address'] = $email_address; } if ($avatar_url !== NULL && ($test == '' || strpos($test, 'facebook') !== false || strpos($test, 'fbcdn') !== false)) { if ($timezone !== NULL) { $update_map['m_timezone_offset'] = $timezone; } $update_map['m_avatar_url'] = $avatar_url; $update_map['m_photo_url'] = $photo_url; $update_map['m_photo_thumb_url'] = $photo_thumb_url; } $GLOBALS['FORUM_DB']->query_update('f_members', $update_map, array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => strval($facebook_uid)), '', 1); if ($username != $member[0]['m_username']) { // Fix cacheing for usernames $to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username'); foreach ($to_fix as $fix) { list($table, $field) = explode('/', $fix); $GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $member[0]['m_username'])); } } } } // Not logged in before using Facebook, so we need to create an account, or bind to the active ocPortal login if there is one $in_a_sane_place = get_page_name() != 'login' && (running_script('index') || running_script('execute_temp')); // If we're in some weird script, or the login module UI, it's not a sane place, don't be doing account creation yet if (is_null($member) && $in_a_sane_place) { // Bind to existing ocPortal login? if (!is_null($current_logged_in_member)) { /*if (post_param_integer('associated_confirm',0)==0) Won't work because Facebook is currently done in JS and cookies force this. If user wishes to cancel they must go to http://www.facebook.com/settings?tab=applications and remove the app, then run a lost password reset. { $title=get_page_title('LOGIN_FACEBOOK_HEADER'); $message=do_lang_tempcode('LOGGED_IN_SURE_FACEBOOK',escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member))); $middle=do_template('YESNO_SCREEN',array('TITLE'=>$title,'TEXT'=>$message,'HIDDEN'=>form_input_hidden('associated_confirm','1'),'URL'=>get_self_url_easy())); $tpl=globalise($middle,NULL,'',true); $tpl->evaluate_echo(); exit(); }*/ $GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), array('id' => $current_logged_in_member), '', 1); require_code('site'); require_lang('facebook'); attach_message(do_lang_tempcode('FACEBOOK_ACCOUNT_CONNECTED', escape_html(get_site_name()), escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)), array(escape_html($username))), 'inform'); return $current_logged_in_member; } // If we're still here, we have to create a new account... // ------------------------------------------------------- $completion_form_submitted = post_param('email_address', '') != ''; // If there's a conflicting username, we may need to change it (suffix a number) require_code('ocf_members_action2'); $username = get_username_from_human_name($username); // Ask ocP to finish off the profile from the information presented in the POST environment (a standard mechanism in ocPortal, for third party logins of various kinds) require_lang('ocf'); require_code('ocf_members'); require_code('ocf_groups'); require_code('ocf_members2'); require_code('ocf_members_action'); $_custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, 1); if (!$completion_form_submitted && count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { $GLOBALS['FACEBOOK_FINISHING_PROFILE'] = true; $middle = ocf_member_external_linker_ask($username, 'facebook', $email_address, $dob_day, $dob_month, $dob_year); $tpl = globalise($middle, NULL, '', true); $tpl->evaluate_echo(); exit; } else { $username = post_param('username', $username); if (count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { // Was not auto-generated, so needs to be checked ocf_check_name_valid($username, NULL, NULL); } $member = ocf_member_external_linker($username, $facebook_uid, 'facebook', false, $email_address, $dob_day, $dob_month, $dob_year, $timezone, $language, $avatar_url, $photo_url, $photo_thumb_url); } } if (!is_null($member)) { require_code('users_inactive_occasionals'); create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1'); // This will mark it as confirmed } return $member; }
/** * Find the first default group. * * @return GROUP The first default group. */ function get_first_default_group() { $default_groups = ocf_get_all_default_groups(true); return array_pop($default_groups); }
/** * The actualiser for adding a member. * * @return tempcode The UI */ function step2() { $title = get_page_title('ADD_MEMBER'); // Read in data $username = trim(post_param('username')); $password = trim(post_param('password')); /* $password_confirm=trim(post_param('password_confirm')); if ($password!=$password_confirm) warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));*/ $email_address = trim(post_param('email_address', '')); $dob_day = post_param_integer('dob_day', NULL); $dob_month = post_param_integer('dob_month', NULL); $dob_year = post_param_integer('dob_year', NULL); $reveal_age = post_param_integer('reveal_age', 0); $timezone = post_param('timezone', get_site_timezone()); $language = post_param('language', get_site_default_lang()); $allow_emails = post_param_integer('allow_emails', 0); $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0); $custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true)); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields); $validated = post_param_integer('validated', 0); $primary_group = has_specific_permission(get_member(), 'assume_any_member') ? post_param_integer('primary_group') : NULL; $theme = post_param('theme', ''); $views_signatures = post_param_integer('views_signatures', 0); $preview_posts = post_param_integer('preview_posts', 0); $auto_monitor_contrib_content = post_param_integer('auto_monitor_contrib_content', 0); $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : ''; $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); $all_pt_allow = ''; foreach (array_keys($tmp_groups) as $key) { if ($key != db_get_first_id()) { if ($all_pt_allow != '') { $all_pt_allow .= ','; } $all_pt_allow .= strval($key); } } if ($pt_allow == $all_pt_allow) { $pt_allow = '*'; } $pt_rules_text = post_param('pt_rules_text', ''); breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu', do_lang_tempcode('MEMBERS')), array('_SELF:_SELF:misc', do_lang_tempcode('ADD_MEMBER')))); breadcrumb_set_self(do_lang_tempcode('DETAILS')); // Add member $id = ocf_make_member($username, $password, $email_address, NULL, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), NULL, '', NULL, '', 0, $preview_posts, $reveal_age, '', '', '', $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, '', '', '', true, '', '', post_param_integer('zone_wide', 0), NULL, NULL, post_param_integer('highlighted_name', 0), $pt_allow, $pt_rules_text); // Secondary groups if (array_key_exists('secondary_groups', $_POST)) { require_code('ocf_groups_action2'); $members_groups = array(); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL)); foreach ($_POST['secondary_groups'] as $group_id) { $group = $groups[intval($group_id)]; if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) { continue; } if (in_array($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1) { ocf_add_member_to_group($id, $group['id']); } } } $special_links = array(); if (addon_installed('galleries')) { require_lang('galleries'); $special_links[] = array('galleries', array('cms_galleries', array('type' => 'gimp', 'id' => $id), get_module_zone('cms_galleries')), do_lang('ADD_GALLERY')); } require_code('templates_donext'); return do_next_manager($title, do_lang_tempcode('SUCCESS'), NULL, NULL, array('_SELF', array('type' => 'misc'), '_SELF'), NULL, NULL, array('members', array('type' => 'view', 'id' => $id), get_module_zone('members')), array('members', array('type' => 'misc'), get_module_zone('members'), do_lang_tempcode('MEMBERS')), NULL, NULL, NULL, NULL, NULL, $special_links, NULL, NULL, NULL, NULL, do_lang_tempcode('MEMBERS')); }
/** * (LDAP helper for ocf_get_members_groups) Get a list of the usergroups a member is in (keys say the usergroups, values are irrelevant). * * @param ?MEMBER The member to find the usergroups of (NULL: current member). * @return array The list (e.g. array(1=>1,2=>1,3=>1) for someone in (1,2,3)). The keys are all that matters, values are arbitrary. */ function ocf_get_members_groups_ldap($member_id) { $groups = array(); global $LDAP_CONNECTION; $cn = ocf_member_ocfid_to_ldapcn($member_id); if (get_option('ldap_is_windows') == '0') { // Members under group (secondary) $results = ldap_search($LDAP_CONNECTION, group_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(memberuid=' . ocp_ldap_escape($cn) . '))', array(group_property()), 1); $entries = ldap_get_entries($LDAP_CONNECTION, $results); foreach ($entries as $key => $entry) { if ($key === 'dn') { $group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry['dn']), 'dn'); $group_id = ocf_group_ldapcn_to_ocfid($group_cn); if (!is_null($group_id)) { $groups[$group_id] = 1; } } if (!is_numeric($key)) { continue; } if (!array_key_exists(group_property(), $entry)) { continue; } if (!array_key_exists(0, $entry[group_property()])) { continue; } $group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry[group_property()][0]), group_property()); $group_id = ocf_group_ldapcn_to_ocfid($group_cn); if (!is_null($group_id)) { $groups[$group_id] = 1; } } ldap_free_result($results); // Groups under member (primary) $results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('gidnumber')); $entries = ldap_get_entries($LDAP_CONNECTION, $results); $group_id_use = NULL; foreach ($entries as $key => $group) { if (!is_numeric($key)) { continue; } $group_id = ocf_group_ldapgid_to_ocfid($group['gidnumber'][0]); if (!is_null($group_id)) { $group_id_use = $group_id; } } ldap_free_result($results); if (is_null($group_id_use)) { $group_id_use = get_first_default_group(); } $groups[$group_id_use] = 1; } else { // Groups under member (Active Directory makes no distinction) $results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('memberof')); $entries = ldap_get_entries($LDAP_CONNECTION, $results); $group_id_use = NULL; if (array_key_exists(0, $entries) && array_key_exists('memberof', $entries[0])) { foreach ($entries[0]['memberof'] as $key => $group) { if (!is_numeric($key)) { continue; } $group_id = ocf_group_ldapcn_to_ocfid(ocf_long_cn_to_short_cn($group, group_property())); if (!is_null($group_id)) { $groups[$group_id] = 1; } } } ldap_free_result($results); if (count($groups) == 0) { $groups = array_flip(ocf_get_all_default_groups(true)); } } return $groups; }
/** * Get form fields for adding/editing/finishing a member profile. * * @param boolean Whether we are only handling the essential details of a profile. * @param ?MEMBER The ID of the member we are handling (NULL: new member). * @param ?array A list of usergroups (NULL: default/current usergroups). * @param ?array A map of custom fields values (field-id=>value) (NULL: not known). * @return array A pair: The form fields, Hidden fields (both Tempcode). */ function ocf_get_member_fields_profile($mini_mode = true, $member_id = NULL, $groups = NULL, $custom_fields = NULL) { $fields = new ocp_tempcode(); $hidden = new ocp_tempcode(); if (is_null($groups)) { $groups = is_null($member_id) ? ocf_get_all_default_groups(true) : $GLOBALS['OCF_DRIVER']->get_members_groups($member_id); } $_custom_fields = ocf_get_all_custom_fields_match($groups, $mini_mode || is_null($member_id) || $member_id == get_member() || has_specific_permission(get_member(), 'view_any_profile_field') ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, $mini_mode || is_null($member_id) || $member_id != get_member() ? NULL : 1, NULL, NULL, NULL, 0, $mini_mode ? true : NULL); $GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = true; $field_groups = array(); require_code('fields'); foreach ($_custom_fields as $custom_field) { // if (($custom_field['cf_locked']==0) || (!is_null($member_id))) // { $ob = get_fields_hook($custom_field['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($custom_field); $existing_field = !is_null($custom_fields) && array_key_exists($custom_field['id'], $custom_fields); if ($existing_field) { $value = mixed(); $value = $custom_fields[$custom_field['id']]; if (is_float($value)) { $value = float_to_raw_string($value, 10, true); } elseif (is_integer($value)) { $value = strval($value); } if (strpos($storage_type, '_trans') !== false) { $value = is_null($value) || $value == 0 ? '' : get_translated_text($value, $GLOBALS['FORUM_DB']); } if ($custom_field['cf_encrypted'] == 1 && is_encryption_enabled()) { $value = remove_magic_encryption_marker($value); } } else { $value = $custom_field['cf_default']; } $result = new ocp_tempcode(); $_description = escape_html(get_translated_text($custom_field['cf_description'], $GLOBALS['FORUM_DB'])); $field_cat = ''; $matches = array(); if (strpos($custom_field['trans_name'], ': ') !== false) { $field_cat = substr($custom_field['trans_name'], 0, strpos($custom_field['trans_name'], ': ')); if ($field_cat . ': ' == $custom_field['trans_name']) { $custom_field['trans_name'] = $field_cat; // Just been pulled out as heading, nothing after ": " } else { $custom_field['trans_name'] = substr($custom_field['trans_name'], strpos($custom_field['trans_name'], ': ') + 2); } } elseif (preg_match('#(^\\([A-Z][^\\)]*\\) )|( \\([A-Z][^\\)]*\\)$)#', $custom_field['trans_name'], $matches) != 0) { $field_cat = trim($matches[0], '() '); $custom_field['trans_name'] = str_replace($matches[0], '', $custom_field['trans_name']); } $result = $ob->get_field_inputter($custom_field['trans_name'], $_description, $custom_field, $value, !$existing_field); if (!array_key_exists($field_cat, $field_groups)) { $field_groups[$field_cat] = new ocp_tempcode(); } if (is_array($result)) { $field_groups[$field_cat]->attach($result[0]); $hidden->attach($result[1]); } else { $field_groups[$field_cat]->attach($result); } $hidden->attach(form_input_hidden('label_for__custom_' . strval($custom_field['id']) . '_value', $custom_field['trans_name'])); // } } if (array_key_exists('', $field_groups)) { $field_groups_blank = $field_groups['']; unset($field_groups['']); $field_groups = array_merge(array($field_groups_blank), $field_groups); } foreach ($field_groups as $field_group_title => $extra_fields) { if (is_integer($field_group_title)) { $field_group_title = $field_group_title == 0 ? '' : strval($field_group_title); } if ($field_group_title != '') { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => $field_group_title))); } $fields->attach($extra_fields); } $GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK'] = false; return array($fields, $hidden); }
/** * Actualise the join form. * * @param boolean Whether to handle CAPTCHA (if enabled at all) * @param boolean Whether to ask for intro messages (if enabled at all) * @param boolean Whether to check for invites (if enabled at all) * @param boolean Whether to check email-address restrictions (if enabled at all) * @param boolean Whether to require staff confirmation (if enabled at all) * @param boolean Whether to force email address validation (if enabled at all) * @param boolean Whether to do COPPA checks (if enabled at all) * @param boolean Whether to instantly log the user in * @return array A tuple: Messages to show (currently nothing else in tuple) */ function ocf_join_actual($captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true, $confirm_if_enabled = true, $validate_if_enabled = true, $coppa_if_enabled = true, $instant_login = false) { ocf_require_all_forum_stuff(); require_css('ocf'); require_code('ocf_members_action'); require_code('ocf_members_action2'); // Read in data $username = trim(post_param('username')); ocf_check_name_valid($username, NULL, NULL, true); // Adjusts username if needed $password = trim(post_param('password')); $password_confirm = trim(post_param('password_confirm')); if ($password != $password_confirm) { warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH')))); } $confirm_email_address = post_param('email_address_confirm', NULL); $email_address = trim(post_param('email_address')); if (!is_null($confirm_email_address)) { if (trim($confirm_email_address) != $email_address) { warn_exit(make_string_tempcode(escape_html(do_lang('EMAIL_ADDRESS_MISMATCH')))); } } require_code('type_validation'); if (!is_valid_email_address($email_address)) { warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS')); } if ($invites_if_enabled) { if (get_option('is_on_invites') == '1') { $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address, 'i_taken' => 0)); if (is_null($test)) { warn_exit(do_lang_tempcode('NO_INVITE')); } } $GLOBALS['FORUM_DB']->query_update('f_invites', array('i_taken' => 1), array('i_email_address' => $email_address, 'i_taken' => 0), '', 1); } $dob_day = post_param_integer('dob_day', NULL); $dob_month = post_param_integer('dob_month', NULL); $dob_year = post_param_integer('dob_year', NULL); $reveal_age = post_param_integer('reveal_age', 0); $timezone = post_param('timezone', get_users_timezone()); $language = post_param('language', get_site_default_lang()); $allow_emails = post_param_integer('allow_emails', 0); $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0); $groups = ocf_get_all_default_groups(true); // $groups will contain the built in default primary group too (it is not $secondary_groups) $primary_group = post_param_integer('primary_group', NULL); if ($primary_group !== NULL && !in_array($primary_group, $groups)) { // Check security $test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group)); if ($test == 1) { $groups = ocf_get_all_default_groups(false); // Get it so it does not include the built in default primary group $groups[] = $primary_group; // And add in the *chosen* primary group } else { $primary_group = NULL; } } else { $primary_group = NULL; } if ($primary_group === NULL) { $primary_group = get_first_default_group(); } $custom_fields = ocf_get_all_custom_fields_match($groups, NULL, NULL, NULL, NULL, NULL, NULL, 0, true); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields); // Check that the given address isn't already used (if one_per_email_address on) $member_id = NULL; if ($one_per_email_address_if_enabled) { if (get_option('one_per_email_address') == '1') { $test = $GLOBALS['FORUM_DB']->query_select('f_members', array('id', 'm_username'), array('m_email_address' => $email_address), '', 1); if (array_key_exists(0, $test)) { if ($test[0]['m_username'] != $username) { $reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword')); warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate()))); } $member_id = $test[0]['id']; } } } if ($captcha_if_enabled) { if (addon_installed('captcha')) { require_code('captcha'); enforce_captcha(); } } if (addon_installed('ldap')) { require_code('ocf_ldap'); if (ocf_is_ldap_member_potential($username)) { warn_exit(do_lang_tempcode('DUPLICATE_JOIN_AUTH')); } } // Add member $skip_confirm = get_option('skip_email_confirm_join') == '1'; if (!$confirm_if_enabled) { $skip_confirm = true; } $validated_email_confirm_code = $skip_confirm ? '' : strval(mt_rand(1, 32000)); $require_new_member_validation = get_option('require_new_member_validation') == '1'; if (!$validate_if_enabled) { $require_new_member_validation = false; } $coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)) / 31536000.0 < 13.0; if (!$coppa_if_enabled) { $coppa = false; } $validated = $require_new_member_validation || $coppa ? 0 : 1; if (is_null($member_id)) { $member_id = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), time(), '', NULL, '', 0, get_option('default_preview_guests') == '1' ? 1 : 0, $reveal_age, '', '', '', 1, get_value('no_auto_notifications') === '1' ? 0 : 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), $validated_email_confirm_code, true, '', ''); } // Send confirm mail if (!$skip_confirm) { $zone = get_module_zone('join'); if ($zone != '') { $zone .= '/'; } $_url = build_url(array('page' => 'join', 'type' => 'step4', 'email' => $email_address, 'code' => $validated_email_confirm_code), $zone, NULL, false, false, true); $url = $_url->evaluate(); $_url_simple = build_url(array('page' => 'join', 'type' => 'step4'), $zone, NULL, false, false, true); $url_simple = $_url_simple->evaluate(); $redirect = get_param('redirect', ''); if ($redirect != '') { $url .= '&redirect=' . ocp_url_encode($redirect); } $message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $email_address, $validated_email_confirm_code), $language); require_code('mail'); if (!$coppa) { mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $language), $message, array($email_address), $username, '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true); } } // Send COPPA mail if ($coppa) { $fields_done = do_lang('THIS_WITH_COMCODE', do_lang('USERNAME'), $username) . "\n\n"; foreach ($custom_fields as $custom_field) { if ($custom_field['cf_type'] != 'upload') { $fields_done .= do_lang('THIS_WITH_COMCODE', $custom_field['trans_name'], post_param('custom_' . $custom_field['id'] . '_value')) . "\n"; } } $_privacy_url = build_url(array('page' => 'privacy'), '_SEARCH', NULL, false, false, true); $privacy_url = $_privacy_url->evaluate(); $message = do_lang('COPPA_MAIL', comcode_escape(get_option('site_name')), comcode_escape(get_option('privacy_fax')), array(comcode_escape(get_option('privacy_postal_address')), comcode_escape($fields_done), comcode_escape($privacy_url)), $language); require_code('mail'); mail_wrap(do_lang('COPPA_JOIN_SUBJECT', $username, get_site_name(), NULL, $language), $message, array($email_address), $username); } // Send 'validate this member' notification if ($require_new_member_validation) { require_code('notifications'); $_validation_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true, 'tab__edit'); $validation_url = $_validation_url->evaluate(); $message = do_lang('VALIDATE_NEW_MEMBER_MAIL', comcode_escape($username), comcode_escape($validation_url), comcode_escape(strval($member_id)), get_site_default_lang()); dispatch_notification('ocf_member_needs_validation', NULL, do_lang('VALIDATE_NEW_MEMBER_SUBJECT', $username, NULL, NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED); } // Send new member notification require_code('notifications'); $_member_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true); $member_url = $_member_url->evaluate(); $message = do_lang('NEW_MEMBER_NOTIFICATION_MAIL', comcode_escape($username), comcode_escape(get_site_name()), array(comcode_escape($member_url), comcode_escape(strval($member_id))), get_site_default_lang()); dispatch_notification('ocf_new_member', NULL, do_lang('NEW_MEMBER_NOTIFICATION_MAIL_SUBJECT', $username, get_site_name(), NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED); // Intro post if ($intro_message_if_enabled) { $forum_id = get_option('intro_forum_id'); if ($forum_id != '') { if (!is_numeric($forum_id)) { $_forum_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $forum_id)); if (is_null($_forum_id)) { $forum_id = strval(db_get_first_id()); } else { $forum_id = strval($_forum_id); } } $intro_title = post_param('intro_title', ''); $intro_post = post_param('intro_post', ''); if ($intro_post != '') { require_code('ocf_topics_action'); if ($intro_title == '') { $intro_title = do_lang('INTRO_POST_DEFAULT', $username); } $topic_id = ocf_make_topic(intval($forum_id)); require_code('ocf_posts_action'); ocf_make_post($topic_id, $intro_title, $intro_post, 0, true, NULL, 0, NULL, NULL, NULL, $member_id); } } } // Alert user to situation $message = new ocp_tempcode(); if ($coppa) { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_COPPA')); } elseif ($require_new_member_validation) { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_VALIDATED', escape_html(get_custom_base_url()))); } elseif ($skip_confirm) { if ($instant_login) { require_code('users_active_actions'); handle_active_login($username); $message->attach(do_lang_tempcode('OCF_LOGIN_AUTO')); } else { $_login_url = build_url(array('page' => 'login', 'redirect' => get_param('redirect', NULL)), get_module_zone('login')); $login_url = $_login_url->evaluate(); $message->attach(do_lang_tempcode('OCF_LOGIN_INSTANT', escape_html($login_url))); } } else { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_INSTANT')); } $message = protect_from_escaping($message); return array($message); }