print_stop_message2('invalid_user_specified');
}
if ($vbulletin->GPC['useprofilepic']) {
$vbulletin->input->clean_gpc('f', 'upload', vB_Cleaner::TYPE_FILE);
require_once DIR . '/includes/class_upload.php';
$upload = new vB_Upload_Userpic($vbulletin);
$upload->data = new vB_Datamanager_Userpic_Profilepic($vbulletin, vB_DataManager_Constants::ERRTYPE_CP, 'userpic');
$upload->image =& vB_Image::instance();
$upload->userinfo =& $userinfo;
cache_permissions($userinfo, false);
// user's group doesn't have permission to use custom avatars so set override
if (!($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'])) {
// init user datamanager
$userdata = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$userdata->set_existing($userinfo);
$userdata->set_bitfield('adminoptions', 'adminprofilepic', 1);
$userdata->save();
unset($userdata);
}
if ($vbulletin->GPC['resize']) {
if ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic']) {
$upload->maxwidth = $userinfo['permissions']['profilepicmaxwidth'];
$upload->maxheight = $userinfo['permissions']['profilepicmaxheight'];
#$upload->maxuploadsize = $userinfo['permissions']['profilepicmaxsize'];
#$upload->allowanimation = ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cananimateprofilepic']) ? true : false;
}
}
if (!$upload->process_upload($vbulletin->GPC['profilepicurl'])) {
print_stop_message2(array('there_were_errors_encountered_with_your_upload_x', $upload->fetch_error()));
}
} else {
/**
* Update avatar
*
* @param integer $userid User ID whose avatar is going to be updated
* @param integer $avatarid Predefined avatar ID. -1 means to remove avatar
* from the user. 0 means use custom avatar defined in $avatardata
* @param array $data Avatar data. It should be an array contains
* the following items: 'filename', 'width', 'height', 'filedata', 'location'
*/
public function updateAvatar($userid, $avatarid, $data = array(), $cropped = false)
{
$userContext = vB::getUserContext();
$currentUserId = $userContext->fetchUserId();
$userid = intval($userid);
if ($userid <= 0 and $currentUserId) {
$userid = $currentUserId;
}
// Check if current user canadminusers
try {
$this->checkHasAdminPermission('canadminusers');
} catch (Exception $e) {
// No. Then we need to do something here.
if ($currentUserId != $userid) {
// If current user isn't the same as passed $userid
throw new vB_Exception_Api('no_permission');
}
}
$useavatar = $avatarid == -1 ? 0 : 1;
$bf_ugp_genericpermissions = vB::getDatastore()->getValue('bf_ugp_genericpermissions');
$userinfo = vB_User::fetchUserInfo(intval($userid));
if (!$userinfo) {
throw new vB_Exception_Api('invalid_user_specified');
}
// init user datamanager
$userdata = new vB_Datamanager_User(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
$userdata->set_existing($userinfo);
if ($useavatar) {
if (!$avatarid) {
$userpic = new vB_DataManager_Userpic(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
// user's group doesn't have permission to use custom avatars so set override
if (!$this->userContext->hasPermission('genericpermissions', 'canuseavatar')) {
// init user datamanager
$userdata->set_bitfield('adminoptions', 'adminavatar', 1);
}
$userpic->set('userid', $userinfo['userid']);
$userpic->set('dateline', vB::getRequest()->getTimeNow());
$userpic->set('width', $data['width']);
$userpic->set('height', $data['height']);
if (empty($data['extension'])) {
$filebits = explode('.', $data['filename']);
$data['extension'] = end($filebits);
}
$userpic->set('extension', $data['extension']);
if (vB::getDatastore()->getOption('usefileavatar')) {
$avatarpath = vB::getDatastore()->getOption('avatarpath');
$prev_dir = getcwd();
chdir(DIR);
$oldavatarfilename = "avatar{$userid}_{$userinfo['avatarrevision']}.{$data['extension']}";
$avatarrevision = $userinfo['avatarrevision'] + 1;
$avatarfilename = "avatar{$userid}_{$avatarrevision}.{$data['extension']}";
@unlink($avatarpath . '/' . $oldavatarfilename);
@unlink($avatarpath . '/thumbs/' . $oldavatarfilename);
$avatarres = @fopen("{$avatarpath}/{$avatarfilename}", 'wb');
$userpic->set('filename', $avatarfilename);
fwrite($avatarres, $data['filedata']);
@fclose($avatarres);
if (!empty($data['filedata_thumb'])) {
$thumbres = @fopen("{$avatarpath}/thumbs/{$avatarfilename}", 'wb');
fwrite($thumbres, $data['filedata_thumb']);
@fclose($thumbres);
$userpic->set('width_thumb', $data['width_thumb']);
$userpic->set('height_thumb', $data['height_thumb']);
}
chdir($prev_dir);
$userpic->set('filesize', $data['filesize']);
$userdata->set('avatarrevision', $userinfo['avatarrevision'] + 1);
} else {
$avatarfilename = "avatar{$userid}_{$userinfo['avatarrevision']}.{$data['extension']}";
$userpic->setr('filedata', $data['filedata']);
$userpic->set('filename', $avatarfilename);
$imageHandler = vB_Image::instance();
if (!$cropped) {
$thumb = $imageHandler->fetchThumbNail($data['name'], $data['location']);
}
if (!$cropped) {
$userpic->set('filedata_thumb', $thumb['filedata']);
$userpic->set('width_thumb', $thumb['width']);
$userpic->set('height_thumb', $thumb['height']);
} else {
$userpic->set('filedata_thumb', $data['filedata_thumb']);
$userpic->set('width_thumb', $data['width_thumb']);
$userpic->set('height_thumb', $data['height_thumb']);
}
}
$userpic->save();
} else {
// predefined avatar
$userpic = new vB_DataManager_Userpic_Avatar(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
$userpic->condition = array('userid' => $userinfo['userid']);
$userpic->delete();
if ($userpic->has_errors(false)) {
throw $userpic->get_exception();
}
}
} else {
// not using an avatar
$avatarid = 0;
$userpic = new vB_DataManager_Userpic_Avatar(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED);
$userpic->condition = array('userid' => $userinfo['userid']);
$userpic->delete();
if ($userpic->has_errors(false)) {
throw $userpic->get_exception();
}
}
$userdata->set('avatarid', $avatarid);
if (!$userdata->save()) {
throw $userpic->get_exception();
}
unset($this->avatarsCache['avatar'][$userid]);
unset($this->avatarsCache['thumb'][$userid]);
return true;
}
$userdata->set_existing($userinfo);
if ($useavatar) {
if (!$vbulletin->GPC['avatarid']) {
// custom avatar
$vbulletin->input->clean_gpc('f', 'upload', vB_Cleaner::TYPE_FILE);
require_once DIR . '/includes/class_upload.php';
$upload = new vB_Upload_Userpic($vbulletin);
$upload->data = new vB_DataManager_Userpic_Avatar($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$object =& vB_DataManager_Userpic::fetch_library($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$upload->data->validfields = array_merge($object->validfields, $upload->data->validfields);
$upload->image =& vB_Image::instance();
$upload->userinfo =& $userinfo;
cache_permissions($userinfo, false);
// user's group doesn't have permission to use custom avatars so set override
if (!($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar'])) {
$userdata->set_bitfield('adminoptions', 'adminavatar', 1);
}
if (($userinfo['permissions']['avatarmaxwidth'] > 0 or $userinfo['permissions']['avatarmaxheight'] > 0) and ($vbulletin->GPC['resize'] or !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']))) {
$upload->maxwidth = $userinfo['permissions']['avatarmaxwidth'];
$upload->maxheight = $userinfo['permissions']['avatarmaxheight'];
}
if (!$upload->process_upload($vbulletin->GPC['avatarurl'])) {
print_modcp_stop_message2(array('there_were_errors_encountered_with_your_upload_x', $upload->fetch_error()));
}
} else {
// predefined avatar
$userpic = new vB_DataManager_Userpic_Avatar($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$userpic->condition = "userid = " . $userinfo['userid'];
$userpic->delete();
}
} else {
} else {
if ($oldcache["{$userid}"]["{$nodeid}"] != '-1' and $val == '-1') {
vB::getDbAssertor()->delete('access', array('nodeid' => $nodeid, 'userid' => $userid));
} else {
vB::getDbAssertor()->update('access', array(accessmask => $val), array('nodeid' => $nodeid, 'userid' => $userid));
}
}
}
$userinfo = array('userid' => $userid, 'masks' => 0);
$query = vB::getDbAssertor()->assertQuery('fetchAccessMaskForUser', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'userid' => $userid));
if ($query and $query->valid()) {
$userinfo = $query->current();
}
$userdm = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$userdm->set_existing($userinfo);
$userdm->set_bitfield('options', 'hasaccessmask', $userinfo['masks'] ? true : false);
$userdm->save();
unset($userdm);
}
/** @todo update this when subscriptions are implemented */
// if (!empty($userlist))
// {
// require_once(DIR . '/includes/functions_databuild.php');
// update_subscriptions($userlist);
// }
print_stop_message2('saved_user_channel_access_successfully', 'accessmask', array('do' => 'modify'));
}
// ###################### Start reset all access masks for forum #######################
if ($_REQUEST['do'] == 'resetchannel') {
$vbulletin->input->clean_array_gpc('r', array('nodeid' => vB_Cleaner::TYPE_INT));
verify_cp_sessionhash();
/**
* Removes user subscription
*
* @param int The id of the subscription
* @param int The userid the subscription is to be removed from
* @param int The id of the sub-subscriptionid
* @param bool Update user.adminoptions from subscription.adminoption (keep avatars)
*
*/
function delete_user_subscription($subscriptionid, $userid, $subid = -1, $adminoption = false)
{
$subscriptionid = intval($subscriptionid);
$userid = intval($userid);
$this->cache_user_subscriptions();
$sub =& $this->subscriptioncache["{$subscriptionid}"];
$user = vB::getDbAssertor()->getRow('fetchUsersSubscriptions', array('userid' => $userid, 'subscriptionid' => $subscriptionid, 'adminoption' => $adminoption));
if ($user['userid'] and $sub['subscriptionid']) {
$this->cache_user_subscriptions();
$sub =& $this->subscriptioncache["{$subscriptionid}"];
$tmp = unserialize($sub['cost']);
if ($subid != -1 and is_array($tmp["{$subid}"])) {
$sub = array_merge($sub, $tmp["{$subid}"]);
$units_full = array('D' => 'day', 'W' => 'week', 'M' => 'month', 'Y' => 'year');
switch ($sub['units']) {
case 'D':
$new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'], date('Y', $user['expirydate']));
break;
case 'W':
$new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']) - $sub['length'] * 7, date('Y', $user['expirydate']));
break;
case 'M':
$new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']) - $sub['length'], date('j', $user['expirydate']), date('Y', $user['expirydate']));
break;
case 'Y':
$new_expires = mktime(date('H', $user['expirydate']), date('i', $user['expirydate']), date('s', $user['expirydate']), date('n', $user['expirydate']), date('j', $user['expirydate']), date('Y', $user['expirydate']) - $sub['length']);
break;
}
if ($new_expires > TIMENOW) {
// new expiration is still after today so just decremement and return
vB::getDbAssertor()->update('vBForum:subscriptionlog', array('expirydate' => $new_expires), array('subscriptionid' => $subscriptionid, 'userid' => $userid));
return;
}
}
unset($tmp);
$userdm = new vB_Datamanager_User($this->registry, vB_DataManager_Constants::ERRTYPE_SILENT);
$userdm->set_existing($user);
if ($adminoption) {
if ($user['hascustomavatar'] and $sub['adminavatar']) {
$userdm->set_bitfield('adminoptions', 'adminavatar', 1);
}
if ($user['hasprofilepic'] and $sub['adminprofilepic']) {
$userdm->set_bitfield('adminoptions', 'adminprofilepic', 1);
}
}
//access masks
if (!empty($sub['forums'])) {
if ($old_sub_masks = @unserialize($sub['forums']) and is_array($old_sub_masks)) {
// old format is serialized array with forumids for keys
$access_forums = array_keys($old_sub_masks);
} else {
// new format is comma-delimited string
$access_forums = explode(',', $sub['forums']);
}
if ($access_forums) {
vB::getDbAssertor()->delete('access', array('nodeid' => $access_forums, 'userid' => $userid));
}
}
// TODO: Restore the line when Access Masks is implemented
// $countaccess = vB::getDbAssertor()->getRow('masks', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_COUNT, 'userid' => $userid));
$membergroupids = array_diff(fetch_membergroupids_array($user, false), fetch_membergroupids_array($sub, false));
$update_userban = false;
if ($sub['nusergroupid'] == $user['usergroupid'] and $user['usergroupid'] != $user['pusergroupid']) {
// check if there are other active subscriptions that set the same primary usergroup
$subids = array(0);
foreach ($this->subscriptioncache as $subcheck) {
if ($subcheck['nusergroupid'] == $user['usergroupid'] and $subcheck['subscriptionid'] != $subscriptionid) {
$subids[] = $subcheck['subscriptionid'];
}
}
if (!empty($subids)) {
$activesub = vB::getDbAssertor()->getRow('vBForum:subscriptionlog', array('userid' => $userid, 'subscriptionid' => $subids), array('field' => 'expirydate', 'direction' => vB_dB_Query::SORT_DESC));
}
if ($activesub) {
// there is at least one active subscription with the same primary usergroup, so alter its resetgroup
vB::getDbAssertor()->update('vBForum:subscriptionlog', array('pusergroupid' => $user['pusergroupid']), array('subscriptionlogid' => $activesub['subscriptionlogid']));
// don't touch usertitle/displaygroup
$user['pusergroupid'] = $user['usergroupid'];
$sub['nusergroupid'] = 0;
} else {
$userdm->set('usergroupid', $user['pusergroupid']);
}
} else {
if ($user['isbanned'] and $user['busergroupid'] == $sub['nusergroupid']) {
$update_userban = true;
$userbansql['usergroupid'] = $user['pusergroupid'];
}
}
$groups = iif(!empty($sub['membergroupids']), $sub['membergroupids'] . ',') . $sub['nusergroupid'];
if (in_array($user['displaygroupid'], explode(',', $groups))) {
// they're displaying as one of the usergroups in the subscription
$user['displaygroupid'] = 0;
} else {
if ($user['isbanned'] and in_array($user['bandisplaygroupid'], explode(',', $groups))) {
$update_userban = true;
$userbansql['displaygroupid'] = 0;
}
}
// do their old groups still allow custom titles?
$reset_title = false;
if ($user['customtitle'] == 2) {
$groups = empty($membergroupids) ? array() : $membergroupids;
$groups[] = $user['pusergroupid'];
$bf_ugp_genericpermissions = vB::get_datastore()->get_value('bf_ugp_genericpermissions');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array(vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'usergroupid', 'value' => $groups, vB_Db_Query::OPERATOR_KEY => vB_Db_Query::OPERATOR_EQ), array('field' => 'genericpermissions', 'value' => $bf_ugp_genericpermissions['canusecustomtitle'], vB_Db_Query::OPERATOR_KEY => vB_Db_Query::OPERATOR_AND))));
if (empty($usergroup['usergroupid'])) {
// no custom group any more lets set it back to the default
$reset_title = true;
}
}
if ($sub['nusergroupid'] > 0 and $user['customtitle'] == 0 or $reset_title) {
// they need a default title
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('usergroupid' => $user['pusergroupid']));
if (empty($usergroup['usertitle'])) {
// should be a title based on minposts it seems then
$usergroup = vB::getDbAssertor()->getRow('usertitle', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'minposts', 'value' => $user[posts], vB_dB_Query::OPERATOR_KEY => vB_dB_Query::OPERATOR_LTE))), array('field' => 'minposts', 'direction' => vB_dB_Query::SORT_DESC));
}
if ($user['isbanned']) {
$update_userban = true;
$userbansql['customtitle'] = 0;
$userbansql['usertitle'] = $usergroup['usertitle'];
} else {
$userdm->set('customtitle', 0);
$userdm->set('usertitle', $usergroup['usertitle']);
}
}
$userdm->set('membergroupids', implode($membergroupids, ','));
// $userdm->set_bitfield('options', 'hasaccessmask', ($countaccess['count'] ? true : false));
$userdm->set('displaygroupid', $user['displaygroupid']);
$userdm->save();
unset($userdm);
vB::getDbAssertor()->update('vBForum:subscriptionlog', array('status' => 0), array('subscriptionid' => $subscriptionid, 'userid' => $userid));
if ($update_userban) {
vB::getDbAssertor()->update('userban', $userbansql, array('subscriptionid' => $subscriptionid, 'userid' => $user['userid']));
}
$mysubs = vB::getDbAssertor()->assertQuery('vBForum:subscriptionlog', array('status' => 1, 'userid' => $userid));
foreach ($mysubs as $mysub) {
$this->build_user_subscription($mysub['subscriptionid'], -1, $userid, $mysub['regdate'], $mysub['expirydate']);
}
// Legacy Hook 'paidsub_delete' Removed //
}
}
/**
* (Re)Generates an Activation ID for a user
*
* @param integer User's ID
* @param integer The group to move the user to when they are activated
* @param integer 0 for Normal Activation, 1 for Forgotten Password
* @param boolean Whether this is an email change or not
*
* @return string The Activation ID
*
*/
function build_user_activation_id($userid, $usergroupid, $type, $emailchange = 0)
{
global $vbulletin;
if ($usergroupid == 3 or $usergroupid == 0) {
// stop them getting stuck in email confirmation group forever :)
$usergroupid = 2;
}
vB::getDbAssertor()->assertQuery('useractivation', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'userid' => $userid, 'type' => $type));
$activateid = fetch_random_string(40);
/*insert query*/
vB::getDbAssertor()->assertQuery('user_replaceuseractivation', array('userid' => $userid, 'timenow' => vB::getRequest()->getTimeNow(), 'activateid' => $activateid, 'type' => $type, 'usergroupid' => $usergroupid, 'emailchange' => intval($emailchange)));
if ($userinfo = vB_User::fetchUserinfo($userid)) {
$userdata = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_SILENT);
$userdata->set_existing($userinfo);
$userdata->set_bitfield('options', 'noactivationmails', 0);
$userdata->save();
}
return $activateid;
}