function forum_get($fid)
{
if (!is_numeric($fid)) {
return false;
}
if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) {
return false;
}
if (!($db = db::get())) {
return false;
}
$sql = "SELECT FID, WEBTAG, OWNER_UID, DATABASE_NAME, DEFAULT_FORUM, ";
$sql .= "ACCESS_LEVEL, FORUM_PASSWD FROM FORUMS WHERE FID = '{$fid}'";
if (!($result = $db->query($sql))) {
return false;
}
if ($result->num_rows == 0) {
return false;
}
$forum_get_array = $result->fetch_assoc();
$forum_get_array['FORUM_SETTINGS'] = array();
if (isset($forum_get_array['OWNER_UID']) && $forum_get_array['OWNER_UID'] > 0) {
if ($forum_leader = user_get_logon($forum_get_array['OWNER_UID'])) {
$forum_get_array['FORUM_SETTINGS']['forum_leader'] = $forum_leader;
}
}
$sql = "SELECT SNAME, SVALUE FROM FORUM_SETTINGS WHERE FID = '{$fid}'";
if (!($result = $db->query($sql))) {
return false;
}
while ($forum_data = $result->fetch_assoc()) {
$forum_get_array['FORUM_SETTINGS'][$forum_data['SNAME']] = $forum_data['SVALUE'];
}
return $forum_get_array;
}
if (isset($_POST['delete_user_confirm'])) {
if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0, 0)) {
html_draw_error(gettext("You do not have permission to use this section."), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
$delete_content = isset($_POST['delete_content']) && $_POST['delete_content'] == 'Y';
if (admin_delete_user($uid, $delete_content)) {
html_draw_top("title={$page_title}", 'class=window_title');
html_display_msg(gettext("Delete User"), gettext("User Successfully Deleted"), 'admin_users.php', 'get', array('back' => gettext("Back")), false, '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed To Delete User"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
} else {
if (isset($_POST['delete_posts_confirm'])) {
if ($user_logon = user_get_logon($uid)) {
if (admin_delete_users_posts($uid)) {
admin_add_log_entry(DELETE_ALL_USER_POSTS, array($user_logon));
html_draw_top("title={$page_title}", 'class=window_title');
html_display_msg(gettext("Delete posts"), gettext("Posts were successfully deleted"), 'admin_user.php', 'get', array('back' => gettext("Back")), false, '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed to delete user's posts"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
}
} else {
if (isset($_POST['user_perm_submit'])) {
$valid = true;
if (forum_check_webtag_available($webtag)) {
// Local user permissions
$redirect_uri .= "&sort_by={$sort_by}&sort_dir={$sort_dir}&filter={$filter}";
$redirect_uri .= "&user_search=%s&kicked=true";
header_redirect(sprintf($redirect_uri, htmlentities_array($user_search)));
exit;
}
}
}
} else {
if ($_POST['action'] == ADMIN_USER_OPTION_APPROVE) {
if (forum_get_setting('require_user_approval', 'Y')) {
$valid = true;
if (isset($_POST['user_update']) && is_array($_POST['user_update'])) {
$approve_users = array_filter(array_keys($_POST['user_update']), 'is_numeric');
$approved_user_success_array = array();
foreach ($approve_users as $user_uid) {
if ($valid && ($user_logon = user_get_logon($user_uid))) {
if (admin_approve_user($user_uid)) {
email_send_user_approved_notification($user_uid);
} else {
$error_msg_array[] = sprintf(gettext("Failed to approve user %s"), $user_logon);
$valid = false;
}
}
}
if ($valid) {
$redirect_uri = "admin_users.php?webtag={$webtag}&page={$page}";
$redirect_uri .= "&sort_by={$sort_by}&sort_dir={$sort_dir}&filter={$filter}";
$redirect_uri .= "&user_search=%s&approved=true";
header_redirect(sprintf($redirect_uri, htmlentities_array($user_search)));
exit;
}
foreach ($_POST['add_user'] as $uid) {
if (!perm_user_in_group($uid, $gid)) {
perm_add_user_to_group($uid, $gid);
if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) {
admin_add_log_entry(ADD_USER_TO_GROUP, array($user_logon, $group_name));
}
}
}
}
}
if (isset($_POST['remove'])) {
if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) {
foreach ($_POST['remove_user'] as $uid) {
if (perm_user_in_group($uid, $gid)) {
perm_remove_user_from_group($uid, $gid);
if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) {
admin_add_log_entry(REMOVE_USER_FROM_GROUP, array($user_logon, $group_name));
}
}
}
}
}
if (!($group = perm_get_group($gid))) {
html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back")));
}
html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s - Add/Remove Users'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css'));
$group_users_array = perm_group_get_users($gid, $start_main);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}", html_style_image('separator'), "", gettext("Add/Remove Users"), "</h1>\n";
if (isset($_GET['added'])) {
html_display_success_msg(gettext("Successfully added group. Add users to this group by searching for them below."), '800', 'center');
} else {
}
}
}
if ($valid) {
$ret = rawurlencode($ret);
$user_search = rawurlencode($user_search);
header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&added=true");
exit;
}
}
} else {
if (isset($_POST['remove'])) {
$valid = true;
if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) {
foreach ($_POST['remove_user'] as $remove_user_uid) {
if ($user_logon = user_get_logon($remove_user_uid)) {
if (user_update_forums($remove_user_uid, $forum_fid, FORUM_USER_DISALLOWED)) {
$forum_name = forum_get_name($forum_fid);
admin_add_log_entry(CHANGE_FORUM_ACCESS, array($forum_name, $user_logon));
} else {
$error_msg_array[] = sprintf(gettext("Failed to remove permissions from user '%s'"), $user_logon);
$valid = false;
}
}
}
if ($valid) {
$ret = rawurlencode($ret);
$user_search = rawurlencode($user_search);
header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&removed=true");
exit;
}
function light_message_display($tid, $message, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_poll = false, $is_preview = false)
{
$perm_is_moderator = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid);
$post_edit_time = forum_get_setting('post_edit_time', null, 0);
$post_edit_grace_period = forum_get_setting('post_edit_grace_period', null, 0);
$webtag = get_webtag();
forum_check_webtag_available($webtag);
if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) {
return;
}
if ((!isset($message['CONTENT']) || $message['CONTENT'] == "") && !$is_preview) {
light_message_display_deleted($tid, isset($message['PID']) ? $message['PID'] : 0);
return;
}
$from_user_permissions = perm_get_user_permissions($message['FROM_UID']);
if ($_SESSION['UID'] != $message['FROM_UID']) {
if ($from_user_permissions & USER_PERM_WORMED && !$perm_is_moderator) {
light_message_display_deleted($tid, $message['PID']);
return;
}
}
if (!$is_preview && !isset($message['APPROVED'])) {
light_message_display_approval_req($tid, $message['PID']);
return;
}
if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) {
light_message_display_deleted($tid, $message['PID']);
return;
}
if (isset($message['RECIPIENTS']) && sizeof($message['RECIPIENTS']) == 1) {
$recipient = array_slice(array_values($message['RECIPIENTS']), 0, 1);
if (isset($recipient['RELATIONSHIP']) && $recipient['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) {
light_message_display_deleted($tid, $message['PID']);
return;
}
}
if (!$is_preview && isset($message['MOVED_TID']) && isset($message['MOVED_PID'])) {
light_message_display_moved($message);
return;
}
if (isset($_SESSION['IMAGES_TO_LINKS']) && $_SESSION['IMAGES_TO_LINKS'] == 'Y') {
$message['CONTENT'] = message_images_to_links($message['CONTENT']);
}
if (mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226)) && $limit_text) {
$cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226)));
$cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg);
$message['CONTENT'] = fix_html($cut_msg);
$message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n";
$message['CONTENT'] .= "<a href=\"ldisplay.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"message_full_view\">" . gettext("View full message") . ".</a>";
}
if ($in_list && isset($message['PID'])) {
echo "<a name=\"a{$tid}_{$message['PID']}\"></a>";
}
if ($in_list && isset($message['PID'])) {
echo "<div class=\"message\" id=\"message_{$tid}_{$message['PID']}\">\n";
} else {
echo "<div class=\"message\">\n";
}
echo "<div class=\"message_header\">\n";
echo "<div class=\"message_from\">\n";
echo gettext("From"), ": ", word_filter_add_ob_tags(format_user_name($message['FROM_LOGON'], $message['FROM_NICKNAME']), true);
if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_FRIEND) {
echo html_style_image('friend', gettext("Friend"));
} else {
if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED) {
echo html_style_image('enemy', gettext("Ignored user"));
}
}
// If the user posting a poll is ignored, remove ignored status for this message only so the poll can be seen
if ($is_poll && $message['PID'] == 1 && isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED) {
$message['RELATIONSHIP'] -= USER_IGNORED;
}
if (isset($message['RELATIONSHIP']) && $message['RELATIONSHIP'] & USER_IGNORED && $limit_text && $_SESSION['UID'] > 0) {
echo "<span class=\"message_ignored\">", gettext("Ignored message"), "</span>\n";
} else {
if ($in_list) {
if ($from_user_permissions & USER_PERM_WORMED) {
echo gettext("Wormed user");
}
echo "<span class=\"message_time\">", format_date_time($message['CREATED']), "</span>\n";
}
}
echo "<div class=\"clearer\"></div>\n";
echo "</div>";
echo "<div class=\"message_to\">", gettext("To"), ": ";
if (isset($message['RECIPIENTS']) && sizeof($message['RECIPIENTS']) > 0) {
foreach ($message['RECIPIENTS'] as $recipient) {
if (isset($recipient['RELATIONSHIP']) && $recipient['RELATIONSHIP'] & USER_IGNORED_COMPLETELY) {
continue;
}
echo word_filter_add_ob_tags(format_user_name($recipient['LOGON'], $recipient['NICKNAME']), true), "\n";
if (isset($recipient['VIEWED']) && $recipient['VIEWED'] > 0) {
echo "<span>", html_style_image('post_read', sprintf(gettext("Read: %s"), format_date_time($recipient['VIEWED']))), "</span>\n";
} else {
if ($is_preview == false) {
echo "<span>", html_style_image('post_unread', gettext("Unread Message")), "</span>\n";
}
}
}
} else {
echo gettext('ALL');
}
if ($in_list && $msg_count > 0) {
echo "<span class=\"message_count\">", sprintf(gettext("%s of %s"), $message['PID'], $msg_count), "</span>";
}
echo "<div class=\"clearer\"></div>\n";
echo "</div>\n";
echo "</div>\n";
if (!$is_poll || isset($message['PID']) && $message['PID'] > 1) {
$message['CONTENT'] = message_apply_formatting($message['CONTENT'], true);
}
if ($limit_text && mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226))) {
$cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226)));
$cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg);
$message['CONTENT'] = fix_html($cut_msg);
$message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n<p align=\"center\"><a href=\"display.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" target=\"_self\">" . gettext("View full message") . "</a>";
}
$message['CONTENT'] = light_spoiler_enable($message['CONTENT']);
if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) {
$message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT'], false);
}
if ($is_preview || !isset($message['RELATIONSHIP']) || !($message['RELATIONSHIP'] & USER_IGNORED)) {
if ($in_list && $msg_count > 0) {
echo "<div class=\"message_links\">\n";
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\">{$tid}.{$message['PID']}</a>";
if ($message['REPLY_TO_PID'] > 0) {
echo " ", gettext("In reply to"), " ";
if (intval($message['REPLY_TO_PID']) >= intval($first_msg)) {
echo "<a href=\"#a{$tid}_{$message['REPLY_TO_PID']}\" target=\"_self\">{$tid}.{$message['REPLY_TO_PID']}</a>";
} else {
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\">{$tid}.{$message['REPLY_TO_PID']}</a>";
}
}
echo "</div>\n";
} else {
echo "<div class=\"message_links\"> </div>\n";
}
echo "<div class=\"message_body\">\n";
echo $message['CONTENT'];
if (!$is_preview && isset($message['EDITED'])) {
if ($post_edit_grace_period == 0 || $message['EDITED'] - $message['CREATED'] > $post_edit_grace_period * MINUTE_IN_SECONDS) {
if (($edit_user = user_get_logon($message['EDITED_BY'])) !== false) {
echo "<div class=\"edit_text\">", sprintf(gettext("EDITED: %s by %s"), format_date_time($message['EDITED']), $edit_user), "</div>\n";
}
}
}
if (!$is_preview && isset($message['APPROVED']) && isset($message['APPROVED_BY'])) {
if ($message['APPROVED_BY'] != $message['FROM_UID'] && ($approved_user = user_get_logon($message['APPROVED_BY'])) !== false) {
echo "<div class=\"edit_text\">", sprintf(gettext("APPROVED: %s by %s"), format_date_time($message['APPROVED']), $approved_user), "</div>\n";
}
}
echo "</div>\n";
if (isset($message['ATTACHMENTS']) && sizeof($message['ATTACHMENTS']) > 0) {
if (($attachments_array = attachments_get($message['FROM_UID'], $message['ATTACHMENTS'])) !== false) {
echo "<div class=\"message_attachments\">\n";
echo " <span>", gettext("Attachments"), ":</span>\n";
echo " <ul>\n";
foreach ($attachments_array as $attachment) {
if (($attachment_link = light_attachments_make_link($attachment)) !== false) {
echo "<li>", html_style_image('attach'), $attachment_link, "</li>\n";
}
}
echo " </ul>\n";
echo "</div>\n";
}
}
if (!$is_preview && $msg_count > 0) {
$links_array = array();
if (!$closed && session::check_perm(USER_PERM_POST_CREATE, $folder_fid)) {
$links_array[] = "<a href=\"lpost.php?webtag={$webtag}&reply_to={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"reply\">" . html_style_image('post') . gettext("Reply") . "</a>";
}
if ($_SESSION['UID'] == $message['FROM_UID'] && session::check_perm(USER_PERM_POST_DELETE, $folder_fid) && !session::check_perm(USER_PERM_PILLORIED, 0) || $perm_is_moderator) {
$links_array[] = "<a href=\"ldelete.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"delete\">" . html_style_image('delete') . gettext("Delete") . "</a>";
}
if (!session::check_perm(USER_PERM_PILLORIED, 0) && ($_SESSION['UID'] != $message['FROM_UID'] && $from_user_permissions & USER_PERM_PILLORIED || $_SESSION['UID'] == $message['FROM_UID']) && session::check_perm(USER_PERM_POST_EDIT, $folder_fid) && ($post_edit_time == 0 || time() - $message['CREATED'] < $post_edit_time * HOUR_IN_SECONDS) && forum_get_setting('allow_post_editing', 'Y') || $perm_is_moderator) {
if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) {
$links_array[] = "<a href=\"ledit.php?webtag={$webtag}&msg={$tid}.{$message['PID']}&return_msg={$tid}.{$first_msg}\" class=\"edit\">" . html_style_image('edit') . gettext("Edit") . "</a>";
}
}
if (sizeof($links_array) > 0) {
echo "<div class=\"message_footer\">\n";
echo " <div class=\"message_footer_links\">", implode(' ', $links_array), "</div>\n";
echo " <div class=\"message_vote_form\" data-msg=\"{$tid}.{$message['PID']}\">\n";
echo " ", light_message_get_vote_form_html($message), "\n";
echo " </div>\n";
echo "</div>\n";
}
} else {
echo "<div class=\"message_footer_links\"></div>\n";
}
}
echo "</div>";
}
function message_display_deleted($tid, $pid, $message, $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page)
{
echo "<div align=\"center\">";
echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n";
echo " <tr>\n";
if ($in_list && !$is_preview) {
message_display_navigation($tid, $pid, $first_msg, $msg_count, $posts_per_page);
}
echo " <td align=\"left\">\n";
echo " <table width=\"100%\" class=\"box\" cellpadding=\"0\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
if (isset($message['EDITED']) && $message['EDITED'] > 0) {
if ($edit_user = user_get_logon($message['EDITED_BY'])) {
$message_delete_time = format_time($message['EDITED']);
echo " <td align=\"left\">", sprintf(gettext("Message %s.%s deleted %s by %s"), $tid, $pid, $message_delete_time, $edit_user), "</td>\n";
} else {
echo " <td align=\"left\">", sprintf(gettext("Message %s.%s was deleted"), $tid, $pid), "</td>\n";
}
} else {
echo " <td align=\"left\">", sprintf(gettext("Message %s.%s was deleted"), $tid, $pid), "</td>\n";
}
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
if ($in_list && !$is_preview) {
message_display_navigation($tid, $message['PID'], $first_msg, $msg_count, $posts_per_page);
}
echo " </tr>\n";
echo "</table>\n";
echo "</div>\n";
echo $in_list ? "<br />\n" : '';
}
if (isset($_POST['delete_user_confirm'])) {
if (!session::check_perm(USER_PERM_ADMIN_TOOLS, 0, 0)) {
html_draw_error(gettext("You do not have permission to use this section."), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
$delete_content = isset($_POST['delete_content']) && $_POST['delete_content'] == 'Y';
if (admin_delete_user($uid, $delete_content)) {
html_draw_top(array('title' => $page_title, 'class' => 'window_title', 'main_css' => 'admin.css'));
html_display_msg(gettext("Delete User"), gettext("User Successfully Deleted"), 'admin_users.php', 'get', array('back' => gettext("Back")), array(), '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed To Delete User"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
} else {
if (isset($_POST['delete_posts_confirm'])) {
if (($user_logon = user_get_logon($uid)) !== false) {
if (admin_delete_users_posts($uid)) {
admin_add_log_entry(DELETE_ALL_USER_POSTS, array($user_logon));
html_draw_top(array('title' => $page_title, 'class' => 'window_title', 'main_css' => 'admin.css'));
html_display_msg(gettext("Delete posts"), gettext("Posts were successfully deleted"), 'admin_user.php', 'get', array('back' => gettext("Back")), array(), '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed to delete user's posts"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
}
} else {
if (isset($_POST['user_perm_submit'])) {
$valid = true;
if (forum_check_webtag_available($webtag)) {
// Local user permissions
// Required includes
require_once BH_INCLUDE_PATH . 'attachments.inc.php';
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'profile.inc.php';
require_once BH_INCLUDE_PATH . 'user.inc.php';
require_once BH_INCLUDE_PATH . 'user_profile.inc.php';
require_once BH_INCLUDE_PATH . 'user_rel.inc.php';
require_once BH_INCLUDE_PATH . 'word_filter.inc.php';
// End Required includes
$uid = null;
$logon = null;
if (isset($_GET['uid']) && is_numeric($_GET['uid'])) {
$uid = $_GET['uid'];
if (!($logon = user_get_logon($uid))) {
html_draw_error(gettext("Unknown user"));
}
} else {
if (isset($_GET['logon']) && strlen(trim($_GET['logon'])) > 0) {
$logon = trim($_GET['logon']);
if (($user_array = user_get_by_logon($logon)) !== false) {
$uid = $user_array['UID'];
}
}
}
if (!isset($uid)) {
html_draw_error(gettext("No user specified."));
}
// Get the Profile Sections.
$profile_sections = profile_sections_get();
$split_type = $_POST['split_type'];
if ($split_result = thread_split($tid, $split_start, $split_type, $error_str)) {
post_add_edit_text($tid, 1);
admin_add_log_entry(THREAD_SPLIT, $split_result);
} else {
$error_msg_array[] = $error_str;
$valid = false;
}
}
}
}
}
}
if (isset($_POST['t_to_uid_in_thread']) && is_numeric($_POST['t_to_uid_in_thread']) && isset($_POST['deluser_con']) && $_POST['deluser_con'] == "Y") {
$del_user_uid = $_POST['t_to_uid_in_thread'];
if ($user_logon = user_get_logon($del_user_uid)) {
if (thread_delete_by_user($tid, $del_user_uid)) {
post_add_edit_text($tid, 1);
admin_add_log_entry(DELETE_USER_THREAD_POSTS, array($tid, $thread_data['TITLE'], $user_logon));
} else {
$error_msg_array[] = sprintf(gettext("Failed to delete posts by selected user"), $user_logon);
$valid = false;
}
}
}
if (isset($_POST['delete_thread']) && in_array($_POST['delete_thread'], $thread_delete_valid_types)) {
if (isset($_POST['delete_thread_confirm']) && $_POST['delete_thread_confirm'] == "Y") {
$delete_thread = $_POST['delete_thread'];
if (thread_delete($tid, $delete_thread)) {
post_add_edit_text($tid, 1);
admin_add_log_entry(DELETE_THREAD, array($tid, $thread_data['TITLE']));
function light_message_display($tid, $message, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_poll = false, $is_preview = false)
{
$perm_is_moderator = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid);
$post_edit_time = forum_get_setting('post_edit_time', null, 0);
$post_edit_grace_period = forum_get_setting('post_edit_grace_period', null, 0);
$webtag = get_webtag();
$attachments_array = array();
$image_attachments_array = array();
if (($uid = session::get_value('UID')) === false) {
return;
}
if ((!isset($message['CONTENT']) || $message['CONTENT'] == "") && !$is_preview) {
light_message_display_deleted($tid, isset($message['PID']) ? $message['PID'] : 0);
return;
}
$from_user_permissions = perm_get_user_permissions($message['FROM_UID']);
if ($uid != $message['FROM_UID']) {
if ($from_user_permissions & USER_PERM_WORMED && !$perm_is_moderator) {
light_message_display_deleted($tid, $message['PID']);
return;
}
}
if (!isset($message['FROM_RELATIONSHIP'])) {
$message['FROM_RELATIONSHIP'] = 0;
}
if (!isset($message['TO_RELATIONSHIP'])) {
$message['TO_RELATIONSHIP'] = 0;
}
if ($message['TO_RELATIONSHIP'] & USER_IGNORED_COMPLETELY || $message['FROM_RELATIONSHIP'] & USER_IGNORED_COMPLETELY) {
light_message_display_deleted($tid, $message['PID']);
return;
}
if (forum_get_setting('require_post_approval', 'Y') && $message['FROM_UID'] != $uid) {
if (isset($message['APPROVED']) && $message['APPROVED'] == 0 && !$perm_is_moderator) {
light_message_display_approval_req($tid, $message['PID']);
return;
}
}
// OUTPUT MESSAGE ----------------------------------------------------------
if (!$is_preview && $message['MOVED_TID'] > 0 && $message['MOVED_PID'] > 0) {
$post_link = "<a href=\"messages.php?webtag={$webtag}&msg=%s.%s\" target=\"_self\">%s</a>";
$post_link = sprintf($post_link, $message['MOVED_TID'], $message['MOVED_PID'], gettext("here"));
light_html_display_warning_msg(gettext("<b>Thread Split:</b> This post has been moved %s"), $post_link);
return;
}
if ($in_list) {
echo "<a name=\"a{$tid}_{$message['PID']}\"></a>";
}
echo "<div class=\"message\">\n";
if (session::get_value('IMAGES_TO_LINKS') == 'Y') {
$message['CONTENT'] = preg_replace('/<a([^>]*)href="([^"]*)"([^\\>]*)><img[^>]*src="([^"]*)"[^>]*><\\/a>/iu', '[img: <a\\1href="\\2"\\3>\\4</a>]', $message['CONTENT']);
$message['CONTENT'] = preg_replace('/<img[^>]*src="([^"]*)"[^>]*>/iu', '[img: <a href="\\1">\\1</a>]', $message['CONTENT']);
$message['CONTENT'] = preg_replace('/<embed[^>]*src="([^"]*)"[^>]*>/iu', '[object: <a href="\\1">\\1</a>]', $message['CONTENT']);
}
if (mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226)) && $limit_text) {
$cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226)));
$cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg);
$message['CONTENT'] = fix_html($cut_msg);
$message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n";
$message['CONTENT'] .= "<a href=\"ldisplay.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"message_full_view\">" . gettext("View full message") . ".</a>";
}
echo "<div class=\"message_header\">\n";
echo "<div class=\"message_from\">\n";
echo "", gettext("From"), ": ", word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true);
if ($message['FROM_RELATIONSHIP'] & USER_FRIEND) {
echo "<span class=\"user_friend\" title=\"", gettext("Friend"), "\">[F]</span>";
} else {
if ($message['FROM_RELATIONSHIP'] & USER_IGNORED) {
echo "<span class=\"user_enemy\" title=\"", gettext("Ignored user"), "\">[E]</span>";
}
}
// If the user posting a poll is ignored, remove ignored status for this message only so the poll can be seen
if ($is_poll && $message['PID'] == 1 && $message['FROM_RELATIONSHIP'] & USER_IGNORED) {
$message['FROM_RELATIONSHIP'] -= USER_IGNORED;
}
if ($message['FROM_RELATIONSHIP'] & USER_IGNORED && $limit_text) {
echo gettext("Ignored message");
} else {
if ($in_list) {
if ($from_user_permissions & USER_PERM_WORMED) {
echo gettext("Wormed user");
}
echo "<span class=\"message_time\">", format_time($message['CREATED']), "</span>\n";
}
}
echo "<div class=\"clearer\"></div>\n";
echo "</div>";
echo "<div class=\"message_to\">\n";
if ($message['TLOGON'] != gettext("ALL") && $message['TO_UID'] != 0) {
echo "", gettext("To"), ": ", word_filter_add_ob_tags(format_user_name($message['TLOGON'], $message['TNICK']), true);
if ($message['TO_RELATIONSHIP'] & USER_FRIEND) {
echo "<span class=\"user_friend\" title=\"", gettext("Friend"), "\">[F]</span>";
} else {
if ($message['TO_RELATIONSHIP'] & USER_IGNORED) {
echo "<span class=\"user_enemy\" title=\"", gettext("Ignored user"), "\">[E]</span>";
}
}
if (!$is_preview) {
if (isset($message['VIEWED']) && $message['VIEWED'] > 0) {
echo "<span class=\"message_read\">", format_time($message['VIEWED']), "</span>";
} else {
echo "<span class=\"message_unread\" title=\"", gettext("Unread"), "\"></span>";
}
}
} else {
echo "", gettext("To"), ": ", gettext("ALL"), "";
}
if ($in_list && $msg_count > 0) {
echo "<span class=\"message_count\">", sprintf(gettext("%s of %s"), $message['PID'], $msg_count), "</span>";
}
echo "<div class=\"clearer\"></div>\n";
echo "</div>\n";
echo "</div>\n";
echo "<div class=\"message_links\">\n";
if ($in_list && $msg_count > 0) {
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\">{$tid}.{$message['PID']}</a>";
if ($message['REPLY_TO_PID'] > 0) {
echo " ", gettext("In reply to"), " ";
if (intval($message['REPLY_TO_PID']) >= intval($first_msg)) {
echo "<a href=\"#a{$tid}_{$message['REPLY_TO_PID']}\" target=\"_self\">{$tid}.{$message['REPLY_TO_PID']}</a>";
} else {
echo "<a href=\"lmessages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\">{$tid}.{$message['REPLY_TO_PID']}</a>";
}
}
}
echo "</div>\n";
if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) {
$message['CONTENT'] = message_apply_formatting($message['CONTENT'], true);
}
$message['CONTENT'] = light_spoiler_enable($message['CONTENT']);
if ($is_poll !== true) {
$message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT']);
}
echo "<div class=\"message_body\">\n";
echo $message['CONTENT'];
if (isset($message['EDITED']) && $message['EDITED'] > 0) {
if ($post_edit_grace_period == 0 || $message['EDITED'] - $message['CREATED'] > $post_edit_grace_period * MINUTE_IN_SECONDS) {
if ($edit_user = user_get_logon($message['EDITED_BY'])) {
echo "<div class=\"edit_text\">", sprintf(gettext("EDITED: %s by %s"), format_time($message['EDITED']), $edit_user), "</div>\n";
}
}
}
echo "</div>\n";
if ($tid != 0 && isset($message['PID']) || isset($message['AID'])) {
$aid = isset($message['AID']) ? $message['AID'] : attachments_get_id($tid, $message['PID']);
if (attachments_get($message['FROM_UID'], $aid, $attachments_array, $image_attachments_array)) {
if (sizeof($attachments_array) > 0) {
echo "<div class=\"message_attachments\">\n";
echo " <span>", gettext("Attachments"), ":</span>\n";
echo " <ul>\n";
foreach ($attachments_array as $attachment) {
if ($attachment_link = light_attachments_make_link($attachment)) {
echo "<li>", $attachment_link, "</li>\n";
}
}
echo " </ul>\n";
echo "</div>\n";
}
if (sizeof($image_attachments_array) > 0) {
echo "<div class=\"message_attachments\">\n";
echo " <span>", gettext("Image Attachments"), ":</span>\n";
echo " <ul>\n";
foreach ($image_attachments_array as $attachment) {
if ($attachment_link = light_attachments_make_link($attachment)) {
echo "<li>", $attachment_link, "</li>\n";
}
}
echo " </ul>\n";
echo "</div>\n";
}
}
}
if (!$is_preview && $msg_count > 0) {
$links_array = array();
if (!$closed && session::check_perm(USER_PERM_POST_CREATE, $folder_fid)) {
$links_array[] = "<a href=\"lpost.php?webtag={$webtag}&replyto={$tid}.{$message['PID']}\" class=\"reply\">" . gettext("Reply") . "</a>";
}
if ($uid == $message['FROM_UID'] && session::check_perm(USER_PERM_POST_DELETE, $folder_fid) && !session::check_perm(USER_PERM_PILLORIED, 0) || $perm_is_moderator) {
$links_array[] = "<a href=\"ldelete.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"delete\">" . gettext("Delete") . "</a>";
}
if (!session::check_perm(USER_PERM_PILLORIED, 0) && ($uid != $message['FROM_UID'] && $from_user_permissions & USER_PERM_PILLORIED || $uid == $message['FROM_UID']) && session::check_perm(USER_PERM_POST_EDIT, $folder_fid) && ($post_edit_time == 0 || time() - $message['CREATED'] < $post_edit_time * HOUR_IN_SECONDS) && forum_get_setting('allow_post_editing', 'Y') || $perm_is_moderator) {
if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) {
$links_array[] = "<a href=\"ledit.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" class=\"edit\">" . gettext("Edit") . "</a>";
}
}
if (sizeof($links_array) > 0) {
echo "<div class=\"message_footer_links\">", implode(' ', $links_array), "</div>\n";
}
} else {
echo "<div class=\"message_footer_links\"></div>\n";
}
echo "</div>";
}
function admin_delete_user($uid, $delete_content = false)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($uid)) {
return false;
}
if (!is_bool($delete_content)) {
$delete_content = false;
}
// Constants for deleting PM data
$pm_inbox_items = PM_INBOX_ITEMS;
$pm_sent_items = PM_SENT_ITEMS;
$pm_outbox_items = PM_OUTBOX_ITEMS;
$pm_saved_out = PM_SAVED_OUT;
$pm_saved_in = PM_SAVED_IN;
$pm_draft_items = PM_DRAFT_ITEMS;
$current_datetime = date(MYSQL_DATETIME, time());
// UID of current user
$admin_uid = session::get_value('UID');
// Before we delete we verify the user account exists and that
// the user is not the current user account.
if (($user_logon = user_get_logon($uid)) && $admin_uid != $uid) {
// Check to see if we're also deleting the user's content.
if ($delete_content === true) {
// Get a list of available forums
if ($forum_table_prefix_array = forum_get_all_prefixes()) {
// Loop through all forums and delete all the user data from every forum.
foreach ($forum_table_prefix_array as $forum_table_prefix) {
// Delete log entries created by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}ADMIN_LOG` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Links created by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Link Votes made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_VOTE` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Link Comments made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_COMMENT` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Poll Votes made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_POLL_VOTES` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Relationship data for the user and relationships
// with this user made by other users.
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PEER` WHERE UID = '{$uid}' OR PEER_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete folder preferences set by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_FOLDER` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Preferences
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PREFS` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Profile.
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PROFILE` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Signature
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_SIG` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Thread Read Data
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_THREAD` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Tracking data (Post Count, etc.)
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_TRACK` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Word Filter Entries made by user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}WORD_FILTER` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Polls created by user
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET POLL_FLAG = 'N', ";
$sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE BY_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete threads started by the user where
// the thread only contains a single post.
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET DELETED = 'Y', ";
$sql .= "MODIFIED = CAST('{$current_datetime}' AS DATETIME) WHERE BY_UID = '{$uid}' ";
$sql .= "AND LENGTH = 1";
if (!$db->query($sql)) {
return false;
}
// Delete content of posts made by this user
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST_CONTENT` POST_CONTENT ";
$sql .= "LEFT JOIN `{$forum_table_prefix}POST` POST ON (POST.TID = POST_CONTENT.TID ";
$sql .= "AND POST.PID = POST_CONTENT.PID) SET POST_CONTENT.CONTENT = NULL ";
$sql .= "WHERE POST.FROM_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Mark posts made by this user as approved so they don't appear in the
// approval queue.
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST` ";
$sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), ";
$sql .= "APPROVED_BY = '{$admin_uid}' WHERE FROM_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
}
}
// Delete Dictionary entries added by user
$sql = "DELETE QUICK FROM DICTIONARY WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User Group Entries related to this user.
$sql = "DELETE QUICK FROM GROUP_USERS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's PM Content
$sql = "DELETE QUICK FROM PM_CONTENT USING PM_CONTENT ";
$sql .= "LEFT JOIN PM ON (PM.MID = PM_CONTENT.MID) ";
$sql .= "WHERE ((PM.TYPE & {$pm_inbox_items} > 0) AND PM.TO_UID = '{$uid}') ";
$sql .= "OR ((PM.TYPE & {$pm_sent_items} > 0) AND PM.FROM_UID = '{$uid}' AND PM.SMID = 0) ";
$sql .= "OR ((PM.TYPE & {$pm_outbox_items} > 0) AND PM.FROM_UID = '{$uid}') ";
$sql .= "OR ((PM.TYPE & {$pm_saved_out} > 0) AND PM.FROM_UID = '{$uid}') ";
$sql .= "OR ((PM.TYPE & {$pm_saved_in} > 0) AND PM.TO_UID = '{$uid}') ";
$sql .= "OR ((PM.TYPE & {$pm_draft_items} > 0) AND PM.FROM_UID = '{$uid}') ";
if (!$db->query($sql)) {
return false;
}
// Delete User's PMs.
$sql = "DELETE QUICK FROM PM WHERE ((TYPE & {$pm_inbox_items} > 0) ";
$sql .= "AND TO_UID = '{$uid}') OR ((TYPE & {$pm_sent_items} > 0) ";
$sql .= "AND FROM_UID = '{$uid}' AND SMID = 0) OR ((TYPE & {$pm_outbox_items} > 0) ";
$sql .= "AND FROM_UID = '{$uid}') OR ((TYPE & {$pm_saved_out} > 0) ";
$sql .= "AND FROM_UID = '{$uid}') OR ((TYPE & {$pm_saved_in} > 0) ";
$sql .= "AND TO_UID = '{$uid}') OR ((TYPE & {$pm_draft_items} > 0) ";
$sql .= "AND FROM_UID = '{$uid}') ";
if (!$db->query($sql)) {
return false;
}
// Delete User's PM Search Results
$sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Attachments (doesn't remove the physical files).
$sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Search Results.
$sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Sessions
$sql = "DELETE QUICK FROM SESSIONS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Forum Preferences and Permissions
$sql = "DELETE QUICK FROM USER_FORUM WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's History Data (Logon, Nickname, Email address changes)
$sql = "DELETE QUICK FROM USER_HISTORY WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Global Preferences
$sql = "DELETE QUICK FROM USER_PREFS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Visitor Log Data
$sql = "DELETE QUICK FROM VISITOR_LOG WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Add a log entry to show what we've done.
admin_add_log_entry(DELETE_USER_DATA, array($uid, $user_logon));
}
// Delete the User account.
$sql = "DELETE QUICK FROM USER WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Add a log entry to show what we've done.
admin_add_log_entry(DELETE_USER, array($user_logon));
return true;
}
return false;
}
function admin_delete_user($uid, $delete_content = false)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($uid)) {
return false;
}
if (!is_bool($delete_content)) {
$delete_content = false;
}
$current_datetime = date(MYSQL_DATETIME, time());
// Mark as read cut off
$modified_cutoff_datetime = forum_get_unread_cutoff_datetime();
// UID of current user
if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) {
return false;
}
// Before we delete we verify the user account exists and that
// the user is not the current user account.
if (($user_logon = user_get_logon($uid)) && $_SESSION['UID'] != $uid) {
// Check to see if we're also deleting the user's content.
if ($delete_content === true) {
// Get a list of available forums
if (($forum_table_prefix_array = forum_get_all_prefixes()) !== false) {
// Loop through all forums and delete all the user data from every forum.
foreach ($forum_table_prefix_array as $forum_table_prefix) {
// Delete log entries created by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}ADMIN_LOG` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Links created by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Link Votes made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_VOTE` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Link Comments made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}LINKS_COMMENT` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Poll Votes made by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_POLL_VOTES` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Relationship data for the user and relationships
// with this user made by other users.
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PEER` WHERE UID = '{$uid}' OR PEER_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete folder preferences set by the user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_FOLDER` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Preferences
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PREFS` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Profile.
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_PROFILE` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Signature
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_SIG` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Thread Read Data
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_THREAD` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Tracking data (Post Count, etc.)
$sql = "DELETE QUICK FROM `{$forum_table_prefix}USER_TRACK` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Word Filter Entries made by user
$sql = "DELETE QUICK FROM `{$forum_table_prefix}WORD_FILTER` WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete Polls created by user
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET POLL_FLAG = 'N', ";
$sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
$sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete threads started by the user where
// the thread only contains a single post.
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}THREAD` SET DELETED = 'Y', ";
$sql .= "MODIFIED = IF(MODIFIED < CAST('{$modified_cutoff_datetime}' AS DATETIME), ";
$sql .= "MODIFIED, CAST('{$current_datetime}' AS DATETIME)) WHERE BY_UID = '{$uid}' ";
$sql .= "AND LENGTH = 1";
if (!$db->query($sql)) {
return false;
}
// Delete content of posts made by this user
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST_CONTENT` POST_CONTENT ";
$sql .= "LEFT JOIN `{$forum_table_prefix}POST` POST ON (POST.TID = POST_CONTENT.TID ";
$sql .= "AND POST.PID = POST_CONTENT.PID) SET POST_CONTENT.CONTENT = NULL ";
$sql .= "WHERE POST.FROM_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Mark posts made by this user as approved so they don't appear in the
// approval queue.
$sql = "UPDATE LOW_PRIORITY `{$forum_table_prefix}POST` ";
$sql .= "SET APPROVED = CAST('{$current_datetime}' AS DATETIME), ";
$sql .= "APPROVED_BY = '{$_SESSION['UID']}' WHERE FROM_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
}
}
// Delete User Group Entries related to this user.
$sql = "DELETE QUICK FROM GROUP_USERS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Remove all PM_TYPE records
$sql = "DELETE QUICK FROM PM_TYPE WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Remove all PM_RECIPIENT records
$sql = "DELETE QUICK FROM PM_RECIPIENT WHERE TO_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete any PMs from this user.
$sql = "DELETE QUICK FROM PM WHERE FROM_UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Remove any PMs that have no recipients.
$sql = "DELETE QUICK FROM PM, PM_CONTENT USING PM ";
$sql .= "LEFT JOIN PM_CONTENT ON (PM_CONTENT.MID = PM.MID) ";
$sql .= "LEFT JOIN PM_RECIPIENT ON (PM_RECIPIENT.MID = PM.MID) ";
$sql .= "LEFT JOIN PM_TYPE ON (PM_TYPE.MID = PM.MID) ";
$sql .= "WHERE PM_TYPE.MID IS NULL OR PM_RECIPIENT.MID IS NULL";
if (!$db->query($sql)) {
return false;
}
// Delete all the attachments uploaded by the user.
$sql = "SELECT HASH FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'";
if (!($result = $db->query($sql))) {
return false;
}
while (($attachment_data = $result->fetch_assoc()) !== null) {
attachments_delete($attachment_data['HASH']);
}
// Delete User's PM Search Results
$sql = "DELETE QUICK FROM PM_SEARCH_RESULTS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Attachments (doesn't remove the physical files).
$sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Search Results.
$sql = "DELETE QUICK FROM SEARCH_RESULTS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Sessions
$sql = "DELETE QUICK FROM SESSIONS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Forum Preferences and Permissions
$sql = "DELETE QUICK FROM USER_FORUM WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's History Data (Logon, Nickname, Email address changes)
$sql = "DELETE QUICK FROM USER_HISTORY WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Global Preferences
$sql = "DELETE QUICK FROM USER_PERM WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Global Preferences
$sql = "DELETE QUICK FROM USER_PREFS WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Delete User's Visitor Log Data
$sql = "DELETE QUICK FROM VISITOR_LOG WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Add a log entry to show what we've done.
admin_add_log_entry(DELETE_USER_DATA, array($uid, $user_logon));
}
// Delete the User account.
$sql = "DELETE QUICK FROM USER WHERE UID = '{$uid}'";
if (!$db->query($sql)) {
return false;
}
// Add a log entry to show what we've done.
admin_add_log_entry(DELETE_USER, array($user_logon));
return true;
}
return false;
}
}
}
}
if ($valid) {
$ret = rawurlencode($ret);
$user_search = rawurlencode($user_search);
header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&added=true");
exit;
}
}
} else {
if (isset($_POST['remove'])) {
$valid = true;
if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) {
foreach ($_POST['remove_user'] as $remove_user_uid) {
if (($user_logon = user_get_logon($remove_user_uid)) !== false) {
if (user_update_forums($remove_user_uid, $forum_fid, FORUM_USER_DISALLOWED)) {
$forum_name = forum_get_name($forum_fid);
admin_add_log_entry(CHANGE_FORUM_ACCESS, array($forum_name, $user_logon));
} else {
$error_msg_array[] = sprintf(gettext("Failed to remove permissions from user '%s'"), $user_logon);
$valid = false;
}
}
}
if ($valid) {
$ret = rawurlencode($ret);
$user_search = rawurlencode($user_search);
header_redirect("admin_forum_access.php?webtag={$webtag}&user_search={$user_search}&ret={$ret}&removed=true");
exit;
}
