function qa_create_new_user($email, $password, $handle, $level = QA_USER_LEVEL_BASIC, $confirmed = false) { require_once QA_INCLUDE_DIR . 'qa-db-users.php'; require_once QA_INCLUDE_DIR . 'qa-db-points.php'; require_once QA_INCLUDE_DIR . 'qa-app-options.php'; require_once QA_INCLUDE_DIR . 'qa-app-emails.php'; require_once QA_INCLUDE_DIR . 'qa-app-cookies.php'; $userid = qa_db_user_create($email, $password, $handle, $level, qa_remote_ip_address()); qa_db_points_update_ifuser($userid, null); qa_db_uapprovecount_update(); if ($confirmed) { qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, true); } if (qa_opt('show_notice_welcome')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_WELCOME_NOTICE, true); } $custom = qa_opt('show_custom_welcome') ? trim(qa_opt('custom_welcome')) : ''; if (qa_opt('confirm_user_emails') && $level < QA_USER_LEVEL_EXPERT && !$confirmed) { $confirm = strtr(qa_lang('emails/welcome_confirm'), array('^url' => qa_get_new_confirm_url($userid, $handle))); if (qa_opt('confirm_user_required')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_CONFIRM, true); } } else { $confirm = ''; } if (qa_opt('moderate_users') && qa_opt('approve_user_required') && $level < QA_USER_LEVEL_EXPERT) { qa_db_user_set_flag($userid, QA_USER_FLAGS_MUST_APPROVE, true); } qw_send_notification($userid, $email, $handle, qa_lang('emails/welcome_subject'), nl2br(qa_lang('emails/welcome_body')), array('^password' => isset($password) ? qa_lang('main/hidden') : qa_lang('users/password_to_set'), '^url' => qa_opt('site_url'), '^custom' => strlen($custom) ? $custom . "\n\n" : '', '^confirm' => $confirm)); qa_report_event('u_register', $userid, $handle, qa_cookie_get(), array('email' => $email, 'level' => $level)); return $userid; }
if ($doconfirms) { qa_send_new_confirm($userid); } } } if (qa_opt('allow_private_messages')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_MESSAGES, !$inmessages); } if (qa_opt('allow_user_walls')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_WALL_POSTS, !$inwallposts); } if (qa_opt('mailing_enabled')) { qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_MAILINGS, !$inmailings); } qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, $inavatar == 'uploaded'); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, $inavatar == 'gravatar'); if (is_array(@$_FILES['file']) && $_FILES['file']['size']) { require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; switch (qa_user_permit_error(null, QA_LIMIT_UPLOADS)) { case 'limit': $errors['avatar'] = qa_lang('main/upload_limit'); break; default: $errors['avatar'] = qa_lang('users/no_permission'); break; case false: qa_limits_increment($userid, QA_LIMIT_UPLOADS); $toobig = qa_image_file_too_big($_FILES['file']['tmp_name'], qa_opt('avatar_store_size')); if ($toobig) { $errors['avatar'] = qa_lang_sub('main/image_too_big_x_pc', (int) ($toobig * 100)); } elseif (!qa_set_user_avatar($userid, file_get_contents($_FILES['file']['tmp_name']), $useraccount['avatarblobid'])) {
if (empty($errors)) { qa_redirect(qa_request()); } list($useraccount, $userprofile) = qa_db_select_with_pending(qa_db_user_account_selectspec($userid, true), qa_db_user_profile_selectspec($userid, true)); } } if (isset($maxlevelassign) && $useraccount['level'] < QA_USER_LEVEL_MODERATOR) { if (qa_clicked('doblock')) { require_once QA_INCLUDE_DIR . 'qa-db-users.php'; qa_db_user_set_flag($userid, QA_USER_FLAGS_USER_BLOCKED, true); qa_report_event('u_block', $loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), array('userid' => $userid, 'handle' => $useraccount['handle'])); qa_redirect(qa_request()); } if (qa_clicked('dounblock')) { require_once QA_INCLUDE_DIR . 'qa-db-users.php'; qa_db_user_set_flag($userid, QA_USER_FLAGS_USER_BLOCKED, false); qa_report_event('u_unblock', $loginuserid, qa_get_logged_in_handle(), qa_cookie_get(), array('userid' => $userid, 'handle' => $useraccount['handle'])); qa_redirect(qa_request()); } if (qa_clicked('dohideall') && !qa_user_permit_error('permit_hide_show')) { require_once QA_INCLUDE_DIR . 'qa-db-admin.php'; require_once QA_INCLUDE_DIR . 'qa-app-posts.php'; $postids = qa_db_get_user_visible_postids($userid); foreach ($postids as $postid) { qa_post_set_hidden($postid, true, $loginuserid); } qa_redirect(qa_request()); } if (qa_clicked('dodelete') && $loginlevel >= QA_USER_LEVEL_ADMIN) { require_once QA_INCLUDE_DIR . 'qa-app-users-edit.php'; qa_delete_user($userid);
of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. More about this license: http://www.question2answer.org/license.php */ require_once QA_INCLUDE_DIR . 'qa-app-users.php'; require_once QA_INCLUDE_DIR . 'qa-db-notices.php'; require_once QA_INCLUDE_DIR . 'qa-db-users.php'; $noticeid = qa_post_text('noticeid'); if (!qa_check_form_security_code('notice-' . $noticeid, qa_post_text('code'))) { echo "QA_AJAX_RESPONSE\n0\n" . qa_lang('misc/form_security_reload'); } else { if ($noticeid == 'visitor') { setcookie('qa_noticed', 1, time() + 86400 * 3650, '/', QA_COOKIE_DOMAIN); } else { $userid = qa_get_logged_in_userid(); if ($noticeid == 'welcome') { qa_db_user_set_flag($userid, QA_USER_FLAGS_WELCOME_NOTICE, false); } else { qa_db_usernotice_delete($userid, $noticeid); } } echo "QA_AJAX_RESPONSE\n1"; } /* Omit PHP closing tag to help avoid accidental output */
qa_db_user_set($userid, 'avatarblobid', null); qa_db_user_set($userid, 'avatarwidth', null); qa_db_user_set($userid, 'avatarheight', null); qa_delete_blob($useraccount['avatarblobid']); } } if ($fieldseditable) { $filterhandle = $handle; // we're not filtering the handle... $errors = qa_handle_email_filter($filterhandle, $inemail, $useraccount); unset($errors['handle']); // ...and we don't care about any errors in it if (!isset($errors['email'])) { if ($inemail != $useraccount['email']) { qa_db_user_set($userid, 'email', $inemail); qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false); } } if (count($inprofile)) { $filtermodules = qa_load_modules_with('filter', 'filter_profile'); foreach ($filtermodules as $filtermodule) { $filtermodule->filter_profile($inprofile, $errors, $useraccount, $userprofile); } } foreach ($userfields as $userfield) { if (!isset($errors[$userfield['fieldid']])) { qa_db_user_profile_set($userid, $userfield['title'], $inprofile[$userfield['fieldid']]); } } if (count($errors)) { $userediting = true;
// Check the code and unsubscribe the user if appropriate $unsubscribed = false; $loginuserid = qa_get_logged_in_userid(); $incode = trim(qa_get('c')); // trim to prevent passing in blank values to match uninitiated DB rows $inhandle = qa_get('u'); if (!empty($inhandle)) { // match based on code and handle provided on URL $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false)); if (strtolower(trim(@$userinfo['emailcode'])) == strtolower($incode)) { qa_db_user_set_flag($userinfo['userid'], QA_USER_FLAGS_NO_MAILINGS, true); $unsubscribed = true; } } if (!$unsubscribed && isset($loginuserid)) { // as a backup, also unsubscribe logged in user qa_db_user_set_flag($loginuserid, QA_USER_FLAGS_NO_MAILINGS, true); $unsubscribed = true; } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('users/unsubscribe_title'); if ($unsubscribed) { $qa_content['error'] = strtr(qa_lang_html('users/unsubscribe_complete'), array('^0' => qa_html(qa_opt('site_title')), '^1' => '<a href="' . qa_path_html('account') . '">', '^2' => '</a>')); } else { $qa_content['error'] = qa_insert_login_links(qa_lang_html('users/unsubscribe_wrong_log_in'), 'unsubscribe'); } return $qa_content; /* Omit PHP closing tag to help avoid accidental output */
function qa_set_user_avatar($userid, $imagedata, $oldblobid = null) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } require_once QA_INCLUDE_DIR . 'qa-util-image.php'; $imagedata = qa_image_constrain_data($imagedata, $width, $height, qa_opt('avatar_store_size')); if (isset($imagedata)) { require_once QA_INCLUDE_DIR . 'qa-db-blobs.php'; $newblobid = qa_db_blob_create($imagedata, 'jpeg', null, $userid, null, qa_remote_ip_address()); if (isset($newblobid)) { qa_db_user_set($userid, 'avatarblobid', $newblobid); qa_db_user_set($userid, 'avatarwidth', $width); qa_db_user_set($userid, 'avatarheight', $height); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, true); qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, false); if (isset($oldblobid)) { qa_db_blob_delete($oldblobid); } return true; } } return false; }
function qa_check_page_clicks() { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } global $qa_page_error_html; if (qa_is_http_post()) { foreach ($_POST as $field => $value) { if (strpos($field, 'vote_') === 0) { // voting... @(list($dummy, $postid, $vote, $anchor) = explode('_', $field)); if (isset($postid) && isset($vote)) { if (!qa_check_form_security_code('vote', qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { require_once QA_INCLUDE_DIR . 'app/votes.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; $userid = qa_get_logged_in_userid(); $post = qa_db_select_with_pending(qa_db_full_post_selectspec($userid, $postid)); $qa_page_error_html = qa_vote_error_html($post, $vote, $userid, qa_request()); if (!$qa_page_error_html) { qa_vote_set($post, $userid, qa_get_logged_in_handle(), qa_cookie_get(), $vote); qa_redirect(qa_request(), $_GET, null, null, $anchor); } break; } } } elseif (strpos($field, 'favorite_') === 0) { // favorites... @(list($dummy, $entitytype, $entityid, $favorite) = explode('_', $field)); if (isset($entitytype) && isset($entityid) && isset($favorite)) { if (!qa_check_form_security_code('favorite-' . $entitytype . '-' . $entityid, qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { require_once QA_INCLUDE_DIR . 'app/favorites.php'; qa_user_favorite_set(qa_get_logged_in_userid(), qa_get_logged_in_handle(), qa_cookie_get(), $entitytype, $entityid, $favorite); qa_redirect(qa_request(), $_GET); } } } elseif (strpos($field, 'notice_') === 0) { // notices... @(list($dummy, $noticeid) = explode('_', $field)); if (isset($noticeid)) { if (!qa_check_form_security_code('notice-' . $noticeid, qa_post_text('code'))) { $qa_page_error_html = qa_lang_html('misc/form_security_again'); } else { if ($noticeid == 'visitor') { setcookie('qa_noticed', 1, time() + 86400 * 3650, '/', QA_COOKIE_DOMAIN); } elseif ($noticeid == 'welcome') { require_once QA_INCLUDE_DIR . 'db/users.php'; qa_db_user_set_flag(qa_get_logged_in_userid(), QA_USER_FLAGS_WELCOME_NOTICE, false); } else { require_once QA_INCLUDE_DIR . 'db/notices.php'; qa_db_usernotice_delete(qa_get_logged_in_userid(), $noticeid); } qa_redirect(qa_request(), $_GET); } } } } } }
if (!isset($errors['email'])) { if ($inemail != $useraccount['email']) { qa_db_user_set($qa_login_userid, 'email', $inemail); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false); $isconfirmed = false; if ($doconfirms) { qa_send_new_confirm($qa_login_userid); } } } qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NO_MESSAGES, !$inmessages); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_SHOW_AVATAR, $inavatar == 'uploaded'); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_SHOW_GRAVATAR, $inavatar == 'gravatar'); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_ANNOUNCEMENTS, !$innotifyan); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_QUESTIONS, !$innotifyq); qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_ANSWERS, !$innotifya); if (is_array(@$_FILES['file']) && $_FILES['file']['size']) { require_once QA_INCLUDE_DIR . 'qa-app-limits.php'; switch (qa_user_permit_error(null, 'U')) { case 'limit': $errors['avatar'] = qa_lang('main/upload_limit'); break; default: $errors['avatar'] = qa_lang('users/no_permission'); break; case false: qa_limits_increment($qa_login_userid, 'U'); $toobig = qa_image_file_too_big($_FILES['file']['tmp_name'], qa_opt('avatar_store_size')); if ($toobig) { $errors['avatar'] = qa_lang_sub('main/image_too_big_x_pc', (int) ($toobig * 100)); } elseif (!qa_set_user_avatar($qa_login_userid, file_get_contents($_FILES['file']['tmp_name']), $useraccount['avatarblobid'])) {