/** * Check to see if a member deserves promotion, and handle it. * * @param ?MEMBER The member (NULL: current member). */ function ocf_member_handle_promotion($member_id = NULL) { if (!addon_installed('points')) { return; } if (get_page_name() == 'admin_import') { return; } if (is_null($member_id)) { $member_id = get_member(); } require_code('ocf_members'); if (ocf_is_ldap_member($member_id)) { return; } require_code('points'); $total_points = total_points($member_id); $groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id, false, true); $or_list = ''; foreach ($groups as $id) { if ($or_list != '') { $or_list .= ' OR '; } $or_list .= 'id=' . strval($id); } $promotions = $GLOBALS['FORUM_DB']->query('SELECT id,g_promotion_target FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_groups WHERE (' . $or_list . ') AND g_promotion_target IS NOT NULL AND g_promotion_threshold<=' . strval((int) $total_points) . ' ORDER BY g_promotion_threshold'); $promotes_today = array(); foreach ($promotions as $promotion) { $_p = $promotion['g_promotion_target']; if (!array_key_exists($_p, $groups) && !array_key_exists($_p, $promotes_today)) { // If it is our primary if ($GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_primary_group') == $promotion['id']) { $GLOBALS['FORUM_DB']->query_update('f_members', array('m_primary_group' => $_p), array('id' => $member_id), '', 1); } else { $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $_p), '', 1); $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_validated' => 1, 'gm_member_id' => $member_id, 'gm_group_id' => $_p), false, true); $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $promotion['id']), '', 1); // It's a transition, so remove old membership } // Carefully update run-time cacheing global $USERS_GROUPS_CACHE; foreach (array(true, false) as $a) { foreach (array(true, false) as $b) { if (isset($USERS_GROUPS_CACHE[$member_id][$a][$b])) { $groups = $USERS_GROUPS_CACHE[$member_id][$a][$b]; $pos = array_search($_p, $groups); if ($pos !== false) { unset($groups[$pos]); } $groups[] = $promotion['id']; $USERS_GROUPS_CACHE[$member_id][$a][$b] = $groups; } } } $promotes_today[$_p] = 1; } } if (count($promotes_today) != 0) { $name = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_username'); log_it('MEMBER_PROMOTED_AUTOMATICALLY', strval($member_id), $name); } }
/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $order = 0; // Actualiser if (post_param('submitting_settings_tab', NULL) !== NULL) { require_code('ocf_members_action2'); $is_ldap = ocf_is_ldap_member($member_id_of); $is_httpauth = ocf_is_httpauth_member($member_id_of); $is_remote = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_password_compat_scheme') == 'remote'; if ($is_ldap || $is_httpauth || $is_remote || $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'assume_any_member')) { $password = NULL; } else { $password = post_param('edit_password'); if ($password == '') { $password = NULL; } else { $password_confirm = trim(post_param('password_confirm')); if ($password != $password_confirm) { warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH')))); } } } $custom_fields = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id_of), $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'view_any_profile_field') ? 1 : NULL, $member_id_of != $member_id_viewing ? NULL : 1, $member_id_of != $member_id_viewing ? NULL : 1); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields, $member_id_of); $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : ''; $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); $all_pt_allow = ''; foreach (array_keys($tmp_groups) as $key) { if ($key != db_get_first_id()) { if ($all_pt_allow != '') { $all_pt_allow .= ','; } $all_pt_allow .= strval($key); } } if ($pt_allow == $all_pt_allow) { $pt_allow = '*'; } $pt_rules_text = post_param('pt_rules_text', NULL); if (has_specific_permission($member_id_viewing, 'member_maintenance')) { $validated = post_param_integer('validated', 0); $primary_group = $is_ldap || !has_specific_permission($member_id_viewing, 'assume_any_member') ? NULL : post_param_integer('primary_group', NULL); $is_perm_banned = post_param_integer('is_perm_banned', 0); $old_is_perm_banned = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_is_perm_banned'); if ($old_is_perm_banned != $is_perm_banned) { if ($is_perm_banned == 1) { ocf_ban_member($member_id_of); } else { ocf_unban_member($member_id_of); } } $highlighted_name = post_param_integer('highlighted_name', 0); if (has_specific_permission($member_id_viewing, 'probate_members')) { $on_probation_until = get_input_date('on_probation_until'); $current__on_probation_until = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_on_probation_until'); if ((is_null($on_probation_until) || $on_probation_until <= time()) && $current__on_probation_until > time()) { log_it('STOP_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $on_probation_until > time() && $current__on_probation_until <= time()) { log_it('START_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until > $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('REDUCE_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until < $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('EXTEND_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } } else { $on_probation_until = NULL; } } else { $validated = NULL; $primary_group = NULL; $highlighted_name = NULL; $on_probation_until = NULL; } if (has_actual_page_access($member_id_viewing, 'admin_ocf_join') || has_specific_permission($member_id_of, 'rename_self')) { $username = $is_ldap || $is_remote ? NULL : post_param('edit_username', NULL); } else { $username = NULL; } $email = post_param('email_address', NULL); if (!is_null($email)) { $email = trim($email); } $theme = post_param('theme', NULL); if ($is_remote) { $preview_posts = NULL; $zone_wide = NULL; $auto_monitor_contrib_content = NULL; $views_signatures = NULL; $timezone = NULL; } else { $preview_posts = post_param_integer('preview_posts', 0); $zone_wide = post_param_integer('zone_wide', 0); $auto_monitor_contrib_content = NULL; //post_param_integer('auto_monitor_contrib_content',0); Moved to notifications tab $views_signatures = post_param_integer('views_signatures', 0); $timezone = post_param('timezone', get_site_timezone()); } ocf_edit_member($member_id_of, $email, $preview_posts, post_param_integer('dob_day', -1), post_param_integer('dob_month', -1), post_param_integer('dob_year', -1), $timezone, $primary_group, $actual_custom_fields, $theme, post_param_integer('reveal_age', 0), $views_signatures, $auto_monitor_contrib_content, post_param('language', NULL), post_param_integer('allow_emails', 0), post_param_integer('allow_emails_from_staff', 0), $validated, $username, $password, $zone_wide, $highlighted_name, $pt_allow, $pt_rules_text, $on_probation_until); if (!array_key_exists('secondary_groups', $_POST)) { $_POST['secondary_groups'] = array(); } require_code('ocf_groups_action2'); $members_groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id_of); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL)); foreach ($_POST['secondary_groups'] as $group_id) { $group = $groups[intval($group_id)]; if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission($member_id_viewing, 'see_hidden_groups')) { continue; } if (!in_array($group['id'], $members_groups) && (has_specific_permission($member_id_viewing, 'assume_any_member') || $group['g_open_membership'] == 1)) { ocf_add_member_to_group($member_id_of, $group['id']); } } foreach ($members_groups as $group_id) { if (!in_array(strval($group_id), $_POST['secondary_groups'])) { ocf_member_leave_group($group_id, $member_id_of); } } $GLOBALS['FORUM_DB']->query('DELETE FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_known_login_ips WHERE i_member_id=' . strval($member_id_of) . ' AND ' . db_string_not_equal_to('i_val_code', '')); // So any re-confirms can happen if (addon_installed('awards')) { require_code('awards'); handle_award_setting('member', strval($member_id_of)); } attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } // UI $title = do_lang_tempcode('SETTINGS'); $myrow = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id_of); if (is_null($myrow)) { warn_exit(do_lang_tempcode('USER_NO_EXIST')); } require_code('ocf_members_action2'); list($fields, $hidden) = ocf_get_member_fields_settings(false, $member_id_of, NULL, $myrow['m_email_address'], $myrow['m_preview_posts'], $myrow['m_dob_day'], $myrow['m_dob_month'], $myrow['m_dob_year'], get_users_timezone($member_id_of), $myrow['m_theme'], $myrow['m_reveal_age'], $myrow['m_views_signatures'], $myrow['m_auto_monitor_contrib_content'], $myrow['m_language'], $myrow['m_allow_emails'], $myrow['m_allow_emails_from_staff'], $myrow['m_validated'], $myrow['m_primary_group'], $myrow['m_username'], $myrow['m_is_perm_banned'], '', $myrow['m_zone_wide'], $myrow['m_highlighted_name'], $myrow['m_pt_allow'], get_translated_text($myrow['m_pt_rules_text'], $GLOBALS['FORUM_DB']), $myrow['m_on_probation_until']); // Awards? if (addon_installed('awards')) { require_code('awards'); $fields->attach(get_award_fields('member', strval($member_id_of))); } $redirect = get_param('redirect', NULL); if (!is_null($redirect)) { $hidden->attach(form_input_hidden('redirect', $redirect)); } $hidden->attach(form_input_hidden('submitting_settings_tab', '1')); $javascript = "\n\t\t\tvar form=document.getElementById('email_address').form;\n\t\t\tform.prior_profile_edit_submit=form.onsubmit;\n\t\t\tform.onsubmit=function()\n\t\t\t\t{\n\t\t\t\t\tif (typeof form.elements['edit_password']!='undefined')\n\t\t\t\t\t{\n\t\t\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['edit_password'].value))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (typeof form.prior_profile_edit_submit!='undefined' && form.prior_profile_edit_submit) return form.prior_profile_edit_submit();\n\t\t\t\t\treturn true;\n\t\t\t\t};\n\t\t"; $text = ''; return array($title, $fields, $text, $javascript, $order, $hidden); }
/** * Mass-load details for a list of members into memory, to reduce queries when we access it later. * * @param array List of members. */ function ocf_cache_member_details($members) { require_code('ocf_members'); $member_or_list = ''; foreach ($members as $member) { if ($member_or_list != '') { $member_or_list .= ' OR '; } $member_or_list .= 'm.id=' . strval((int) $member); } if ($member_or_list != '') { $member_rows = $GLOBALS['FORUM_DB']->query('SELECT m.*,text_parsed AS signature FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members m LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'translate t ON ' . db_string_equal_to('language', user_lang()) . ' AND m.m_signature=t.id WHERE ' . $member_or_list); global $TABLE_LANG_FIELDS; $member_rows_2 = $GLOBALS['FORUM_DB']->query('SELECT f.* FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_custom_fields f WHERE ' . str_replace('m.id', 'mf_member_id', $member_or_list), NULL, NULL, false, false, array_key_exists('f_member_custom_fields', $TABLE_LANG_FIELDS) ? $TABLE_LANG_FIELDS['f_member_custom_fields'] : array()); $member_rows_3 = $GLOBALS['FORUM_DB']->query('SELECT gm_group_id,gm_member_id FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_group_members WHERE gm_validated=1 AND (' . str_replace('m.id', 'gm_member_id', $member_or_list) . ')'); global $MEMBER_CACHE_FIELD_MAPPINGS, $GROUP_MEMBERS_CACHE, $SIGNATURES_CACHE; $found_groups = array(); foreach ($member_rows as $row) { $GLOBALS['OCF_DRIVER']->MEMBER_ROWS_CACHED[$row['id']] = $row; if (!ocf_is_ldap_member($row['id'])) { // Primary $pg = $GLOBALS['OCF_DRIVER']->get_member_row_field($row['id'], 'm_primary_group'); $found_groups[$pg] = 1; $GROUP_MEMBERS_CACHE[$row['id']][false][false] = array($pg => 1); } // Signature if (get_page_name() != 'search' && !is_null($row['signature']) && $row['signature'] != '' && $row['m_signature'] != 0) { $SIGNATURES_CACHE[$row['id']] = new ocp_tempcode(); if (!$SIGNATURES_CACHE[$row['id']]->from_assembly($row['signature'], true)) { unset($SIGNATURES_CACHE[$row['id']]); } } } foreach ($member_rows_2 as $row) { $MEMBER_CACHE_FIELD_MAPPINGS[$row['mf_member_id']] = $row; } foreach ($member_rows_3 as $row) { if (!ocf_is_ldap_member($row['gm_member_id'])) { $GROUP_MEMBERS_CACHE[$row['gm_member_id']][false][false][$row['gm_group_id']] = 1; $found_groups[$row['gm_group_id']] = 1; } } require_code('ocf_groups'); ocf_ensure_groups_cached(array_keys($found_groups)); } }
/** * Find if the given member id and password is valid. If username is NULL, then the member id is used instead. * All authorisation, cookies, and form-logins, are passed through this function. * Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login. * * @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed) * @param ?MEMBER The member id (NULL: use member name) * @param MD5 The md5-hashed password * @param string The raw password * @param boolean Whether this is a cookie login, determines how the hashed password is treated for the value passed in * @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set */ function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false) { $out = array(); $out['id'] = NULL; require_code('ocf_members'); require_code('ocf_groups'); if (!function_exists('require_lang')) { require_code('lang'); } if (!function_exists('do_lang_tempcode')) { require_code('tempcode'); } if (!function_exists('require_lang')) { return $out; } require_lang('ocf'); require_code('mail'); $skip_auth = false; if ($userid === NULL) { $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_username', $username), 1); if (!array_key_exists(0, $rows) && get_option('one_per_email_address') == '1') { $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_email_address', $username) . ' ORDER BY id ASC', 1); } if (array_key_exists(0, $rows)) { $this->MEMBER_ROWS_CACHED[$rows[0]['id']] = $rows[0]; $userid = $rows[0]['id']; } } else { $rows[0] = $this->get_member_row($userid); } // LDAP to the rescue if we couldn't get a row global $LDAP_CONNECTION; if (!array_key_exists(0, $rows) && $LDAP_CONNECTION !== NULL && $userid === NULL) { // See if LDAP has it -- if so, we can add $test = ocf_is_on_ldap($username); if (!$test) { $out['error'] = is_null($username) ? do_lang_tempcode('USER_NO_EXIST') : do_lang_tempcode('_USER_NO_EXIST', escape_html($username)); return $out; } $test_auth = ocf_ldap_authorise_login($username, $password_raw); if ($test_auth['m_pass_hash_salted'] == '!!!') { $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } if ($test) { require_code('ocf_members_action'); require_code('ocf_members_action2'); $completion_form_submitted = trim(post_param('email_address', '')) != ''; if (!$completion_form_submitted && get_value('no_finish_profile') !== '1') { @ob_end_clean(); if (!function_exists('do_header')) { require_code('site'); } $middle = ocf_member_external_linker_ask($username, 'ldap', ocf_ldap_guess_email($username)); $tpl = globalise($middle, NULL, '', true); $tpl->evaluate_echo(); exit; } else { $userid = ocf_member_external_linker($username, uniqid('', true), 'ldap'); $row = $this->get_member_row($userid); } } } if (!array_key_exists(0, $rows) || $rows[0] === NULL) { $out['error'] = is_null($username) ? do_lang_tempcode('USER_NO_EXIST') : do_lang_tempcode('_USER_NO_EXIST', escape_html($username)); return $out; } $row = $rows[0]; // Now LDAP can kick in and get the correct hash if (ocf_is_ldap_member($userid)) { //$rows[0]['m_pass_hash_salted']=ocf_get_ldap_hash($userid); // Doesn't exist any more? This is a special case - the 'LDAP member' exists in our DB, but not LDAP. It has been deleted from LDAP or LDAP server has jumped /*if (is_null($rows[0]['m_pass_hash_salted'])) { $out['error']=(do_lang_tempcode('_USER_NO_EXIST',$username)); return $out; } No longer appropriate with new authentication mode - instead we just have to give an invalid password message */ $row = array_merge($row, ocf_ldap_authorise_login($username, $password_hashed)); } if (addon_installed('unvalidated')) { if ($row['m_validated'] == 0) { $out['error'] = do_lang_tempcode('USER_NOT_VALIDATED_STAFF'); return $out; } } if ($row['m_validated_email_confirm_code'] != '') { $out['error'] = do_lang_tempcode('USER_NOT_VALIDATED_EMAIL'); return $out; } if ($this->is_banned($row['id'])) { $out['error'] = do_lang_tempcode('USER_BANNED'); return $out; } // Check password if (!$skip_auth) { // Choose a compatibility screen. // Note that almost all cookie logins are the same. This is because the cookie logins use OCF cookies, regardless of compatibility scheme. $password_compatibility_scheme = $row['m_password_compat_scheme']; switch ($password_compatibility_scheme) { case 'remote': // This will work too - we're logging in with the username of a remote profile, so no resynching will happen // This will work too - we're logging in with the username of a remote profile, so no resynching will happen case '': // ocPortal style salted MD5 algorithm if ($cookie_login) { if ($password_hashed !== $row['m_pass_hash_salted']) { require_code('tempcode'); // This can be incidental even in fast AJAX scripts, if an old invalid cookie is present, so we need tempcode for do_lang_tempcode $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } } else { if (md5($row['m_pass_salt'] . $password_hashed) !== $row['m_pass_hash_salted']) { $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } } break; case 'plain': if ($password_hashed !== md5($row['m_pass_hash_salted'])) { $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } break; case 'md5': // Old style plain md5 (also works if both are unhashed: used for LDAP) if ($password_hashed !== $row['m_pass_hash_salted'] && $password_hashed != '!!!') { $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } break; /* case 'httpauth': // This is handled in get_member() */ break; case 'ldap': if ($password_hashed !== $row['m_pass_hash_salted']) { $out['error'] = do_lang_tempcode('USER_BAD_PASSWORD'); return $out; } break; default: $path = get_file_base() . '/sources_custom/hooks/systems/ocf_auth/' . $password_compatibility_scheme . '.php'; if (!file_exists($path)) { $path = get_file_base() . '/sources/hooks/systems/ocf_auth/' . $password_compatibility_scheme . '.php'; } if (!file_exists($path)) { $out['error'] = do_lang_tempcode('UNKNOWN_AUTH_SCHEME_IN_DB'); return $out; } require_code('hooks/systems/ocf_auth/' . $password_compatibility_scheme); $ob = object_factory('Hook_ocf_auth_' . $password_compatibility_scheme); $error = $ob->auth($username, $userid, $password_hashed, $password_raw, $cookie_login, $row); if (!is_null($error)) { $out['error'] = $error; return $out; } break; } } // Ok, authorised basically, but we need to see if this is a valid login IP if (ocf_get_best_group_property($this->get_members_groups($row['id']), 'enquire_on_new_ips') == 1) { global $SENT_OUT_VALIDATE_NOTICE; $ip = get_ip_address(3); $test2 = $this->connection->query_value_null_ok('f_member_known_login_ips', 'i_val_code', array('i_member_id' => $row['id'], 'i_ip' => $ip)); if ((is_null($test2) || $test2 != '') && !compare_ip_address($ip, $row['m_ip_address'])) { if (!$SENT_OUT_VALIDATE_NOTICE) { if (!is_null($test2)) { $this->connection->query_delete('f_member_known_login_ips', array('i_member_id' => $row['id'], 'i_ip' => $ip), '', 1); } $code = !is_null($test2) ? $test2 : uniqid('', true); $this->connection->query_insert('f_member_known_login_ips', array('i_val_code' => $code, 'i_member_id' => $row['id'], 'i_ip' => $ip)); $url = find_script('validateip') . '?code=' . $code; $url_simple = find_script('validateip'); require_code('comcode'); $mail = do_lang('IP_VERIFY_MAIL', comcode_escape($url), comcode_escape(get_ip_address()), array($url_simple, $code), get_lang($row['id'])); $email_address = $row['m_email_address']; if ($email_address == '') { $email_address = get_option('staff_address'); } if (running_script('index')) { mail_wrap(do_lang('IP_VERIFY_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($row['id'])), $mail, array($email_address), $row['m_username'], '', '', 1); } $SENT_OUT_VALIDATE_NOTICE = true; } $out['error'] = do_lang_tempcode('REQUIRES_IP_VALIDATION'); return $out; } } $this->ocf_flood_control($row['id']); $out['id'] = $row['id']; return $out; }
/** * The UI and actualisation for sending out the confirm email. * * @return tempcode The UI */ function step2() { $title = get_page_title('RESET_PASSWORD'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('RESET_PASSWORD')))); breadcrumb_set_self(do_lang_tempcode('START')); $username = trim(post_param('username', '')); $email_address = trim(post_param('email_address', '')); if ($username == '' && $email_address == '') { warn_exit(do_lang_tempcode('PASSWORD_RESET_ERROR')); } if ($username != '') { $member = $GLOBALS['FORUM_DRIVER']->get_member_from_username($username); } else { $member = $GLOBALS['FORUM_DRIVER']->get_member_from_email_address($email_address); } if (is_null($member)) { warn_exit(do_lang_tempcode('PASSWORD_RESET_ERROR_2')); } $username = $GLOBALS['FORUM_DRIVER']->get_username($member); if ($GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_password_compat_scheme') == '' && has_specific_permission($member, 'disable_lost_passwords') && !$GLOBALS['IS_ACTUALLY_ADMIN']) { warn_exit(do_lang_tempcode('NO_RESET_ACCESS')); } if ($GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_password_compat_scheme') == 'remote') { warn_exit(do_lang_tempcode('NO_PASSWORD_RESET_REMOTE', ocp_srv('HTTP_HOST'))); } if ($GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_password_compat_scheme') == 'httpauth') { warn_exit(do_lang_tempcode('NO_PASSWORD_RESET_HTTPAUTH')); } $is_ldap = ocf_is_ldap_member($member); $is_httpauth = ocf_is_httpauth_member($member); if ($is_ldap) { warn_exit(do_lang_tempcode('EXT_NO_PASSWORD_CHANGE')); } $code = mt_rand(0, mt_getrandmax()); $GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_change_code' => strval($code)), array('id' => $member), '', 1); $email = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_email_address'); if ($email == '') { warn_exit(do_lang_tempcode('MEMBER_NO_EMAIL_ADDRESS_RESET_TO')); } log_it('RESET_PASSWORD', strval($member), strval($code)); // Send confirm mail $zone = get_module_zone('lostpassword'); $_url = build_url(array('page' => 'lostpassword', 'type' => 'step3', 'code' => $code, 'member' => $member), $zone, NULL, false, false, true); $url = $_url->evaluate(); $_url_simple = build_url(array('page' => 'lostpassword', 'type' => 'step3', 'code' => NULL, 'username' => NULL, 'member' => NULL), $zone, NULL, false, false, true); $url_simple = $_url_simple->evaluate(); $message = do_lang('RESET_PASSWORD_TEXT', comcode_escape(get_site_name()), comcode_escape($username), array(comcode_escape($url), $url_simple, strval($member), strval($code)), get_lang($member)); require_code('mail'); mail_wrap(do_lang('RESET_PASSWORD', NULL, NULL, NULL, get_lang($member)), $message, array($email), $GLOBALS['FORUM_DRIVER']->get_username($member), '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true); breadcrumb_set_self(do_lang_tempcode('DONE')); return inform_screen($title, do_lang_tempcode('RESET_CODE_MAILED')); }
/** * Get a list of the usergroups a member is in (keys say the usergroups, values are irrelevant). * * @param ?MEMBER The member to find the usergroups of (NULL: current member). * @param boolean Whether to skip looking at secret usergroups. * @param boolean Whether to take probation into account * @return array Reverse list (e.g. array(1=>1,2=>1,3=>1) for someone in (1,2,3)). */ function ocf_get_members_groups($member_id = NULL, $skip_secret = false, $handle_probation = true) { if (is_guest($member_id)) { $ret = array(); $ret[db_get_first_id()] = 1; return $ret; } if (is_null($member_id)) { $member_id = get_member(); } if ($handle_probation) { $opt = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_on_probation_until'); if (!is_null($opt) && $opt > time()) { global $PROBATION_GROUP; if (is_null($PROBATION_GROUP)) { $probation_group = get_option('probation_usergroup'); $PROBATION_GROUP = $GLOBALS['FORUM_DB']->query_value_null_ok('f_groups g LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'translate t ON t.id=g.g_name', 'g.id', array('text_original' => $probation_group)); if (is_null($PROBATION_GROUP)) { $PROBATION_GROUP = false; } } if ($PROBATION_GROUP !== false) { return array($PROBATION_GROUP => 1); } } } $skip_secret = $skip_secret && (!function_exists('get_member') || $member_id != get_member()) && (!function_exists('has_specific_permission') || !has_specific_permission(get_member(), 'see_hidden_groups')); global $GROUP_MEMBERS_CACHE; if (isset($GROUP_MEMBERS_CACHE[$member_id][$skip_secret][$handle_probation])) { return $GROUP_MEMBERS_CACHE[$member_id][$skip_secret][$handle_probation]; } $groups = array(); // Now implicit usergroup hooks $hooks = find_all_hooks('systems', 'ocf_implicit_usergroups'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/ocf_implicit_usergroups/' . $hook); $ob = object_factory('Hook_implicit_usergroups_' . $hook); if ($ob->is_member_within($member_id)) { $groups[$ob->get_bound_group_id()] = 1; } } require_code('ocf_members'); if (!function_exists('ocf_is_ldap_member') || !ocf_is_ldap_member($member_id)) { $_groups = $GLOBALS['FORUM_DB']->query_select('f_group_members m LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_groups g ON g.id=m.gm_group_id', array('gm_group_id', 'g_hidden'), array('gm_member_id' => $member_id, 'gm_validated' => 1), 'ORDER BY g.g_order'); foreach ($_groups as $group) { $groups[$group['gm_group_id']] = 1; } if (!isset($GLOBALS['OCF_DRIVER'])) { if (method_exists($GLOBALS['FORUM_DRIVER'], 'forum_layer_initialise')) { $GLOBALS['FORUM_DRIVER']->forum_layer_initialise(); } } $primary_group = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_primary_group'); if (is_null($primary_group)) { $primary_group = db_get_first_id(); } $groups[$primary_group] = 1; foreach (array_keys($groups) as $group_id) { $groups[$group_id] = 1; } $GROUP_MEMBERS_CACHE[$member_id][false][$handle_probation] = $groups; $groups2 = $groups; foreach ($_groups as $group) { if ($group['g_hidden'] == 1) { unset($groups2[$group['gm_group_id']]); } } $GROUP_MEMBERS_CACHE[$member_id][true][$handle_probation] = $groups2; if ($skip_secret) { $groups = $groups2; } } else { $groups = ocf_get_members_groups_ldap($member_id); $GROUP_MEMBERS_CACHE[$member_id][false][$handle_probation] = $groups; $GROUP_MEMBERS_CACHE[$member_id][true][$handle_probation] = $groups; // Mirror to f_group_members table, so direct queries will also get it (we need to do listings of group members, for instance) $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id)); foreach (array_keys($groups) as $group_id) { $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $group_id), '', 1); $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $group_id, 'gm_member_id' => $member_id, 'gm_validated' => 1)); } } return $groups; }
/** * Get the primary of a member (supports consulting of LDAP). * * @param MEMBER The member. * @return GROUP The primary. */ function ocf_get_member_primary_group($member_id) { global $PRIMARY_GROUP_MEMBERS; if (array_key_exists($member_id, $PRIMARY_GROUP_MEMBERS)) { return $PRIMARY_GROUP_MEMBERS[$member_id]; } if (ocf_is_ldap_member($member_id)) { ocf_ldap_get_member_primary_group($member_id); } else { $PRIMARY_GROUP_MEMBERS[$member_id] = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_primary_group'); } return $PRIMARY_GROUP_MEMBERS[$member_id]; }
/** * Set whether a member that has applied to be in a, may be in it, and inform them of the decision. * * @param GROUP The usergroup. * @param MEMBER The prospective member. * @param boolean Whether the member is being declined membership. * @param string The reason given for declining. */ function ocf_member_validate_into_group($group_id, $prospective_member_id, $decline = false, $reason = '') { if (ocf_is_ldap_member($prospective_member_id)) { return; } require_code('notifications'); $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $prospective_member_id, 'gm_group_id' => $group_id), '', 1); $name = ocf_get_group_name($group_id); if (!$decline) { $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $group_id, 'gm_member_id' => $prospective_member_id, 'gm_validated' => 1)); $mail = do_lang('GROUP_ACCEPTED_MAIL', get_site_name(), $name, NULL, get_lang($prospective_member_id)); $subject = do_lang('GROUP_ACCEPTED_MAIL_SUBJECT', $name, NULL, NULL, get_lang($prospective_member_id)); } else { if ($reason != '') { $mail = do_lang('GROUP_DECLINED_MAIL_REASON', comcode_escape(get_site_name()), comcode_escape($name), comcode_escape($reason), get_lang($prospective_member_id)); } else { $mail = do_lang('GROUP_DECLINED_MAIL', comcode_escape(get_site_name()), comcode_escape($name), NULL, get_lang($prospective_member_id)); } $subject = do_lang('GROUP_DECLINED_MAIL_SUBJECT', $name, NULL, NULL, get_lang($prospective_member_id)); } dispatch_notification('ocf_group_declined', NULL, $subject, $mail, array($prospective_member_id)); }
/** * Get form fields for adding/editing/finishing a member profile. * * @param boolean Whether we are only handling the essential details of a profile. * @param ?MEMBER The ID of the member we are handling (NULL: new member). * @param ?array A list of usergroups (NULL: default/current usergroups). * @param SHORT_TEXT The e-mail address. * @param BINARY Whether posts are previewed before they are made. * @param ?integer Day of date of birth (NULL: not known). * @param ?integer Month of date of birth (NULL: not known). * @param ?integer Year of date of birth (NULL: not known). * @param ?ID_TEXT The member timezone (NULL: site default). * @param ?ID_TEXT The members default theme (NULL: not known). * @param BINARY Whether the members age may be shown. * @param BINARY Whether the member sees signatures in posts. * @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config). * @param ?LANGUAGE_NAME The members language (NULL: auto detect). * @param BINARY Whether the member allows e-mails via the site. * @param BINARY Whether the member allows e-mails from staff via the site. * @param BINARY Whether the profile has been validated. * @param ?GROUP The members primary (NULL: not known). * @param SHORT_TEXT The username. * @param BINARY Whether the member is permanently banned. * @param ID_TEXT The special type of profile this is (blank: not a special type). * @param BINARY Whether the member likes to view zones without menus, when a choice is available. * @param BINARY Whether the member username will be highlighted. * @param SHORT_TEXT Usergroups that may PT the member. * @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member. * @param ?TIME When the member is on probation until (NULL: just finished probation / or effectively was never on it) * @return array A pair: The form fields, Hidden fields (both Tempcode). */ function ocf_get_member_fields_settings($mini_mode = true, $member_id = NULL, $groups = NULL, $email_address = '', $preview_posts = 0, $dob_day = NULL, $dob_month = NULL, $dob_year = NULL, $timezone = NULL, $theme = NULL, $reveal_age = 1, $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $validated = 1, $primary_group = NULL, $username = '', $is_perm_banned = 0, $special_type = '', $zone_wide = 1, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '', $on_probation_until = NULL) { if (is_null($auto_monitor_contrib_content)) { $auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1; } $hidden = new ocp_tempcode(); if (has_actual_page_access(get_member(), 'admin_ocf_join')) { $dob_optional = true; } else { $dob_optional = get_option('no_dob_ask') == '2'; } if ($member_id === $GLOBALS['OCF_DRIVER']->get_guest_id()) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } require_code('form_templates'); require_code('encryption'); if ($special_type == '' && !is_null($member_id)) { if (ocf_is_ldap_member($member_id)) { $special_type = 'ldap'; } if (ocf_is_httpauth_member($member_id)) { $special_type = 'httpauth'; } if ($GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_password_compat_scheme') == 'remote') { $special_type = 'remote'; } } if (is_null($groups)) { $groups = is_null($member_id) ? ocf_get_all_default_groups(true) : $GLOBALS['OCF_DRIVER']->get_members_groups($member_id); } $fields = new ocp_tempcode(); // Human name / Username if ($special_type != 'ldap' && $special_type != 'remote' && $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_password_compat_scheme') != 'facebook') { if (is_null($member_id) || has_actual_page_access(get_member(), 'admin_ocf_join') || has_specific_permission($member_id, 'rename_self')) { if (get_option('signup_fullname') == '1') { $fields->attach(form_input_line(do_lang_tempcode('NAME'), do_lang_tempcode('_DESCRIPTION_NAME'), is_null($member_id) ? 'username' : 'edit_username', $username, true)); } else { $prohibit_username_whitespace = get_option('prohibit_username_whitespace', true); if ($prohibit_username_whitespace == '1') { $fields->attach(form_input_codename(do_lang_tempcode('USERNAME'), do_lang_tempcode('DESCRIPTION_USERNAME'), is_null($member_id) ? 'username' : 'edit_username', $username, true)); } else { $fields->attach(form_input_line(do_lang_tempcode('USERNAME'), do_lang_tempcode('DESCRIPTION_USERNAME'), is_null($member_id) ? 'username' : 'edit_username', $username, true)); } } } } // Password if ($special_type == '') { if (is_null($member_id) || $member_id == get_member() || has_specific_permission(get_member(), 'assume_any_member')) { $fields->attach(form_input_password(do_lang_tempcode('PASSWORD'), do_lang_tempcode('DESCRIPTION_PASSWORD' . (!is_null($member_id) ? '_EDIT' : '')), is_null($member_id) ? 'password' : 'edit_password', $mini_mode)); $fields->attach(form_input_password(do_lang_tempcode('CONFIRM_PASSWORD'), '', 'password_confirm', $mini_mode)); } } // E-mail address if ($email_address == '') { $email_address = trim(get_param('email_address', '')); } if ($special_type != 'remote') { $fields->attach(form_input_email(do_lang_tempcode('EMAIL_ADDRESS'), get_option('skip_email_confirm_join') == '1' ? new ocp_tempcode() : do_lang_tempcode('MUST_BE_REAL_ADDRESS'), 'email_address', $email_address, !has_specific_permission(get_member(), 'member_maintenance'))); if (is_null($member_id) && $email_address == '' && get_option('skip_email_confirm_join') == '0') { $fields->attach(form_input_email(do_lang_tempcode('CONFIRM_EMAIL_ADDRESS'), '', 'email_address_confirm', '', !has_specific_permission(get_member(), 'member_maintenance'))); } } // DOB $default_time = is_null($dob_month) ? NULL : usertime_to_utctime(mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)); if (get_option('no_dob_ask') != '1') { $fields->attach(form_input_date(do_lang_tempcode(get_option('no_dob_ask') == '2' ? 'BIRTHDAY' : 'DATE_OF_BIRTH'), '', 'dob', $dob_optional, false, false, $default_time, -130)); if (addon_installed('ocf_forum')) { $fields->attach(form_input_tick(do_lang_tempcode('RELATED_FIELD', do_lang_tempcode('REVEAL_AGE')), do_lang_tempcode('DESCRIPTION_REVEAL_AGE'), 'reveal_age', $reveal_age == 1)); } } // Work out what options we need to present $doing_international = get_option('allow_international') == '1' && $special_type != 'remote'; $_langs = find_all_langs(); $doing_langs = multi_lang() && $special_type != 'remote'; $doing_email_option = get_option('allow_email_disable') == '1'; $doing_email_from_staff_option = get_option('allow_email_from_staff_disable') == '1'; $unspecced_width_zone_exists = $GLOBALS['SITE_DB']->query_value_null_ok('zones', 'zone_name', array('zone_wide' => NULL)); $unspecced_theme_zone_exists = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . get_table_prefix() . 'zones WHERE ' . db_string_equal_to('zone_theme', '') . ' OR ' . db_string_equal_to('zone_theme', '-1')); $doing_wide_option = $special_type != 'remote' && !is_null($unspecced_width_zone_exists) && !$mini_mode; $doing_theme_option = $unspecced_theme_zone_exists != 0 && !$mini_mode; $doing_local_forum_options = addon_installed('ocf_forum') && $special_type != 'remote' && !$mini_mode; if ($doing_international || $doing_langs || $doing_email_option || $doing_wide_option || $doing_theme_option || $doing_local_forum_options) { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('FORCE_OPEN' => is_null($member_id) ? true : NULL, 'TITLE' => do_lang_tempcode('SETTINGS')))); } require_lang('config'); // Timezones, if enabled if ($doing_international) { $timezone_list = nice_get_timezone_list($timezone); $fields->attach(form_input_list(do_lang_tempcode('TIME_ZONE'), do_lang_tempcode('DESCRIPTION_TIMEZONE_MEMBER'), 'timezone', $timezone_list)); } // Language choice, if we have multiple languages on site if ($doing_langs) { $lang_list = new ocp_tempcode(); $no_lang_set = is_null($language) || $language == ''; $allow_no_lang_set = get_value('allow_no_lang_selection') === '1'; if ($allow_no_lang_set) { $lang_list->attach(form_input_list_entry('', $no_lang_set, do_lang_tempcode('UNSET'))); } else { if ($no_lang_set) { $language = user_lang(); } } $lang_list->attach(nice_get_langs($language)); $fields->attach(form_input_list(do_lang_tempcode('LANGUAGE'), '', 'language', $lang_list, NULL, false, !$allow_no_lang_set)); } // Email privacy if ($doing_email_option) { $fields->attach(form_input_tick(do_lang_tempcode('ALLOW_EMAILS'), do_lang_tempcode('DESCRIPTION_ALLOW_EMAILS'), 'allow_emails', $allow_emails == 1)); } if ($doing_email_from_staff_option) { $fields->attach(form_input_tick(do_lang_tempcode('ALLOW_EMAILS_FROM_STAFF'), do_lang_tempcode('DESCRIPTION_ALLOW_EMAILS_FROM_STAFF'), 'allow_emails_from_staff', $allow_emails_from_staff == 1)); } if (!$mini_mode) { // Wide-option, if we have any zones giving a choice require_lang('zones'); if ($doing_wide_option) { $fields->attach(form_input_tick(do_lang_tempcode('WIDE'), do_lang_tempcode('DESCRIPTION_MEMBER_ZONE_WIDE'), 'zone_wide', $zone_wide == 1)); } // Theme, if we have any zones giving a choice require_code('themes2'); $entries = nice_get_themes($theme, false, false, 'RELY_SITE_DEFAULT'); require_lang('themes'); if ($doing_theme_option) { $fields->attach(form_input_list(do_lang_tempcode('THEME'), do_lang_tempcode('DESCRIPTION_THEME'), 'theme', $entries)); } // Various forum options if (addon_installed('ocf_forum')) { if ($special_type != 'remote') { if (get_option('forced_preview_option') == '1') { $fields->attach(form_input_tick(do_lang_tempcode('PREVIEW_POSTS'), do_lang_tempcode('DESCRIPTION_PREVIEW_POSTS'), 'preview_posts', $preview_posts == 1)); } if (get_value('disable_views_sigs_option') !== '1') { if (addon_installed('ocf_signatures')) { $fields->attach(form_input_tick(do_lang_tempcode('VIEWS_SIGNATURES'), do_lang_tempcode('DESCRIPTION_VIEWS_SIGNATURES'), 'views_signatures', $views_signatures == 1)); } } else { $hidden->attach(form_input_hidden('views_signatures', '1')); } //$fields->attach(form_input_tick(do_lang_tempcode('AUTO_NOTIFICATION_CONTRIB_CONTENT'),do_lang_tempcode('DESCRIPTION_AUTO_NOTIFICATION_CONTRIB_CONTENT'),'auto_monitor_contrib_content',$auto_monitor_contrib_content==1)); $usergroup_list = new ocp_tempcode(); $lgroups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); foreach ($lgroups as $key => $val) { if ($key != db_get_first_id()) { $usergroup_list->attach(form_input_list_entry(strval($key), $pt_allow == '*' || count(array_intersect(array(strval($key)), explode(',', $pt_allow))) != 0, $val)); } } if (get_value('disable_pt_restrict') !== '1') { $fields->attach(form_input_multi_list(do_lang_tempcode('PT_ALLOW'), addon_installed('chat') ? do_lang_tempcode('PT_ALLOW_DESCRIPTION_CHAT') : do_lang_tempcode('PT_ALLOW_DESCRIPTION'), 'pt_allow', $usergroup_list)); $fields->attach(form_input_text_comcode(do_lang_tempcode('PT_RULES_TEXT'), do_lang_tempcode('PT_RULES_TEXT_DESCRIPTION'), 'pt_rules_text', $pt_rules_text, false)); } } } // Prepare list of usergroups, if maybe we are gonna let (a) usergroup-change field(s) $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $rows = $GLOBALS['FORUM_DB']->query_select('f_groups', array('id', 'g_name', 'g_hidden', 'g_open_membership'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL, 'ORDER BY g_order'); $_groups = new ocp_tempcode(); $default_primary_group = get_first_default_group(); $current_primary_group = NULL; foreach ($rows as $group) { if ($group['id'] != db_get_first_id()) { $selected = $group['id'] == $primary_group || is_null($primary_group) && $group['id'] == $default_primary_group; if ($selected) { $current_primary_group = $group['id']; } $_groups->attach(form_input_list_entry(strval($group['id']), $selected, get_translated_text($group['g_name'], $GLOBALS['FORUM_DB']))); } } // Some admin options... if (has_specific_permission(get_member(), 'member_maintenance')) { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('MEMBER_ACCESS')))); // Probation if (has_specific_permission(get_member(), 'probate_members')) { $fields->attach(form_input_date(do_lang_tempcode('ON_PROBATION_UNTIL'), do_lang_tempcode('DESCRIPTION_ON_PROBATION_UNTIL'), 'on_probation_until', true, is_null($on_probation_until) || $on_probation_until <= time(), true, $on_probation_until, 2)); } // Primary usergroup if ($special_type != 'ldap') { if (has_specific_permission(get_member(), 'assume_any_member')) { if (is_null($member_id) || !$GLOBALS['FORUM_DRIVER']->is_super_admin($member_id) || count($GLOBALS['FORUM_DRIVER']->member_group_query($GLOBALS['FORUM_DRIVER']->get_super_admin_groups(), 2)) > 1) { $fields->attach(form_input_list(do_lang_tempcode('PRIMARY_GROUP'), do_lang_tempcode('DESCRIPTION_PRIMARY_GROUP'), 'primary_group', $_groups)); } } } } // Secondary usergroups if ($special_type != 'ldap') { $_groups2 = new ocp_tempcode(); $members_groups = is_null($member_id) ? array() : $GLOBALS['OCF_DRIVER']->get_members_groups($member_id, false, false); foreach ($rows as $group) { if ($group['g_hidden'] == 1 && !array_key_exists($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) { continue; } if ($group['id'] != db_get_first_id() && $group['id'] != $current_primary_group && (array_key_exists($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1)) { $selected = array_key_exists($group['id'], $members_groups); $_groups2->attach(form_input_list_entry(strval($group['id']), $selected, get_translated_text($group['g_name'], $GLOBALS['FORUM_DB']))); } } $sec_url = build_url(array('page' => 'groups', 'type' => 'misc'), get_module_zone('groups')); if (!$_groups2->is_empty()) { $fields->attach(form_input_multi_list(do_lang_tempcode('SECONDARY_GROUP_MEMBERSHIP'), do_lang_tempcode('DESCRIPTION_SECONDARY_GROUP', escape_html($sec_url->evaluate())), 'secondary_groups', $_groups2)); } } // Special admin options if (has_specific_permission(get_member(), 'member_maintenance')) { if ($validated == 0) { $validated = get_param_integer('validated', 0); if ($validated == 1) { attach_message(do_lang_tempcode('WILL_BE_VALIDATED_WHEN_SAVING')); } } if (addon_installed('unvalidated')) { $fields->attach(form_input_tick(do_lang_tempcode('VALIDATED'), do_lang_tempcode('DESCRIPTION_MEMBER_VALIDATED'), 'validated', $validated == 1)); } if (get_value('disable_highlight_name') !== '1') { $fields->attach(form_input_tick(do_lang_tempcode('HIGHLIGHTED_NAME'), do_lang_tempcode(addon_installed('pointstore') ? 'DESCRIPTION_HIGHLIGHTED_NAME_P' : 'DESCRIPTION_HIGHLIGHTED_NAME'), 'highlighted_name', $highlighted_name == 1)); } if (!is_null($member_id) && $member_id != get_member()) { // Can't ban someone new, and can't ban yourself $fields->attach(form_input_tick(do_lang_tempcode('_BANNED'), do_lang_tempcode('DESCRIPTION_MEMBER_BANNED'), 'is_perm_banned', $is_perm_banned == 1)); } } } return array($fields, $hidden); }