/** * Delete member(s) * * @access public * @param mixed [Integer] member ID or [Array] array of member ids * @param boolean Check if request is from an admin * @return boolean Action completed successfully */ public static function remove($id, $check_admin = true) { //----------------------------------------- // INIT //----------------------------------------- $tmp_mids = array(); $emails = array(); //----------------------------------------- // Sort out thingie //----------------------------------------- if (is_array($id)) { $id = IPSLib::cleanIntArray($id); $mids = ' IN (' . implode(",", $id) . ')'; } else { $mids = ' = ' . intval($id); } //----------------------------------------- // Get accounts and check IDS //----------------------------------------- ipsRegistry::DB()->build(array('select' => 'm.member_id, m.name, m.member_group_id, m.email', 'from' => array('members' => 'm'), 'where' => 'm.member_id' . $mids, 'add_join' => array(array('select' => 'g.g_access_cp', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.member_group_id', 'type' => 'left')))); ipsRegistry::DB()->execute(); while ($r = ipsRegistry::DB()->fetch()) { //----------------------------------------- // Non root admin attempting to edit root admin? //----------------------------------------- if ($check_admin) { if (!ipsRegistry::member()->getProperty('g_access_cp')) { if ($r['g_access_cp']) { continue; } } } $tmp_mids[] = $r['member_id']; $emails[] = $r['email']; self::_removeFromCache($r['member_id']); } if (!count($tmp_mids)) { return false; } $mids = ' IN (' . implode(",", $tmp_mids) . ')'; //----------------------------------------- // Get avatars / photo //----------------------------------------- $delete_files = array(); ipsRegistry::DB()->build(array('select' => '*', 'from' => 'profile_portal', 'where' => 'pp_member_id' . $mids)); ipsRegistry::DB()->execute(); while ($r = ipsRegistry::DB()->fetch()) { if ($r['pp_main_photo']) { $delete_files[] = $r['pp_main_photo']; } if ($r['pp_thumb_photo']) { $delete_files[] = $r['pp_thumb_photo']; } if ($r['avatar_type'] == 'upload' and $r['avatar_location']) { $delete_files[] = $r['avatar_location']; } } //----------------------------------------- // Take care of forum stuff //----------------------------------------- ipsRegistry::DB()->update('posts', array('author_id' => 0), "author_id" . $mids); ipsRegistry::DB()->update('topics', array('starter_id' => 0), "starter_id" . $mids); ipsRegistry::DB()->update('announcements', array('announce_member_id' => 0), "announce_member_id" . $mids); ipsRegistry::DB()->update('attachments', array('attach_member_id' => 0), "attach_member_id" . $mids); ipsRegistry::DB()->update('polls', array('starter_id' => 0), "starter_id" . $mids); //ipsRegistry::DB()->update( 'topic_ratings' , array( 'rating_member_id' => 0 ), "rating_member_id" . $mids ); ipsRegistry::DB()->update('voters', array('member_id' => 0), "member_id" . $mids); ipsRegistry::DB()->update('forums', array('last_poster_name' => ''), "last_poster_id" . $mids); ipsRegistry::DB()->update('forums', array('seo_last_name' => ''), "last_poster_id" . $mids); ipsRegistry::DB()->update('forums', array('last_poster_id' => 0), "last_poster_id" . $mids); //----------------------------------------- // Clean up profile stuff //----------------------------------------- ipsRegistry::DB()->update('profile_comments', array('comment_by_member_id' => 0), "comment_by_member_id" . $mids); ipsRegistry::DB()->update('profile_ratings', array('rating_by_member_id' => 0), "rating_by_member_id" . $mids); ipsRegistry::DB()->delete('profile_comments', "comment_for_member_id" . $mids); ipsRegistry::DB()->delete('profile_ratings', "rating_for_member_id" . $mids); ipsRegistry::DB()->delete('profile_portal', "pp_member_id" . $mids); ipsRegistry::DB()->delete('profile_portal_views', "views_member_id" . $mids); ipsRegistry::DB()->delete('profile_friends', "friends_member_id" . $mids); ipsRegistry::DB()->delete('profile_friends', "friends_friend_id" . $mids); ipsRegistry::DB()->delete('dnames_change', "dname_member_id" . $mids); //----------------------------------------- // Delete member... //----------------------------------------- ipsRegistry::DB()->delete('pfields_content', "member_id" . $mids); ipsRegistry::DB()->delete('members_partial', "partial_member_id" . $mids); ipsRegistry::DB()->delete('moderators', "member_id" . $mids); ipsRegistry::DB()->delete('sessions', "member_id" . $mids); ipsRegistry::DB()->delete('warn_logs', "wlog_mid" . $mids); ipsRegistry::DB()->update('warn_logs', array('wlog_addedby' => 0), "wlog_addedby" . $mids); //----------------------------------------- // Update admin stuff //----------------------------------------- ipsRegistry::DB()->delete('admin_permission_rows', "row_id_type='member' AND row_id" . $mids); ipsRegistry::DB()->delete('core_sys_cp_sessions', 'session_member_id' . $mids); ipsRegistry::DB()->update('upgrade_history', array('upgrade_mid' => 0), "upgrade_mid" . $mids); //----------------------------------------- // Fix up member messages... //----------------------------------------- ipsRegistry::DB()->delete('message_topic_user_map', 'map_user_id' . $mids); ipsRegistry::DB()->update('message_posts', array('msg_author_id' => 0), 'msg_author_id' . $mids); ipsRegistry::DB()->update('message_topics', array('mt_starter_id' => 0), 'mt_starter_id' . $mids); ipsRegistry::DB()->delete('ignored_users', "ignore_owner_id" . $mids . " or ignore_ignore_id" . $mids); //----------------------------------------- // Delete subs, views, markers //----------------------------------------- ipsRegistry::DB()->delete('tracker', "member_id" . $mids); ipsRegistry::DB()->delete('forum_tracker', "member_id" . $mids); ipsRegistry::DB()->delete('core_item_markers', "item_member_id" . $mids); //----------------------------------------- // Delete from validating.. //----------------------------------------- ipsRegistry::DB()->delete('validating', "member_id" . $mids); ipsRegistry::DB()->delete('members', "member_id" . $mids); //----------------------------------------- // Delete avatars / photos //----------------------------------------- if (count($delete_files)) { foreach ($delete_files as $file) { @unlink(ipsRegistry::$settings['upload_dir'] . "/" . $file); } } //----------------------------------------- // Member Sync //----------------------------------------- IPSLib::runMemberSync('onDelete', $mids); /* Remove from cache */ IPSContentCache::drop('sig', $tmp_mids); //----------------------------------------- // Get current stats... //----------------------------------------- ipsRegistry::cache()->rebuildCache('stats', 'global'); ipsRegistry::cache()->rebuildCache('moderators', 'global'); }
/** * Update a user's login or display name * * @access protected * @param string Field to update * @return void [Outputs to screen] */ protected function save_member_name($field = 'members_display_name') { $member_id = intval($this->request['member_id']); $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->returnJsonError($this->lang->words['m_editadmin']); exit; } if ($field == 'members_display_name') { $display_name = $this->convertAndMakeSafe($_POST['display_name'], 1); $display_name = str_replace("+", "+", $display_name); } else { $display_name = $this->convertAndMakeSafe($_POST['name'], 1); $display_name = str_replace("+", "+", $display_name); $display_name = str_replace('|', '|', $display_name); $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name)); } if ($this->settings['strip_space_chr']) { // use hexdec to convert between '0xAD' and chr $display_name = IPSText::removeControlCharacters($display_name); } if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", str_replace(''', "'", str_replace('&', '&', $members_display_name)))) { $this->returnJsonError($this->lang->words['m_displaynames']); } try { if (IPSMember::getFunction()->updateName($member_id, $display_name, $field) === TRUE) { if ($field == 'members_display_name') { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name)); } else { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name)); //----------------------------------------- // If updating a name, and display names // disabled, update display name too //----------------------------------------- if (!ipsRegistry::$settings['auth_allow_dnames']) { IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name'); } //----------------------------------------- // I say, did we choose to email 'dis member? //----------------------------------------- if ($this->request['send_email'] == 1) { //----------------------------------------- // By golly, we did! //----------------------------------------- $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents']))); $msg = str_replace("{old_name}", $member['name'], $msg); $msg = str_replace("{new_name}", $display_name, $msg); $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg); $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg); IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg)); IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } } $this->cache->rebuildCache('stats', 'global'); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user $this->returnJsonError($this->lang->words['m_namealready']); } } catch (Exception $error) { $this->returnJsonError($error->getMessage()); switch ($error->getMessage()) { case 'NO_USER': $this->returnJsonError($this->lang->words['m_noid']); break; case 'NO_PERMISSION': case 'NO_NAME': $this->returnJsonError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': $this->returnJsonError($this->lang->words['m_illegal']); break; case 'USER_NAME_EXISTS': $this->returnJsonError($this->lang->words['m_namealready']); break; default: $this->returnJsonError($error->getMessage()); break; } } //----------------------------------------- // Load handler... //----------------------------------------- if ($field == 'name') { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->changeName($member['name'], $display_name, $member['email']); } else { IPSLib::runMemberSync('onNameChange', $member_id, $display_name); } $__display_name = addslashes($display_name); $_string = <<<EOF \t\t{ \t\t\t'success' : true, \t\t\t'display_name' : "{$__display_name}" \t\t} \t\t EOF; $this->returnString($_string); }
/** * Updates member's DB row name or members_display_name * * @todo [Future] Separate out forum specific stuff (moderators, etc) and move into hooks * * @param string Member id * @param string New name * @param string Field to update (name or display name) * @return mixed True if update successful, otherwise exception or false * * Error Codes: * NO_USER Could not load the user * NO_PERMISSION This user cannot change their display name at all * NO_MORE_CHANGES The user cannot change their display name again in this time period * NO_NAME No display name (or shorter than 3 chars was given) * ILLEGAL_CHARS The display name contains illegal characters * USER_NAME_EXISTS The username already exists */ public function updateName($member_id, $name, $field = 'members_display_name', $discount = FALSE) { //----------------------------------------- // Load the member //----------------------------------------- $member = IPSMember::load($member_id); $_seoName = IPSText::makeSeoTitle($name); if (!$member['member_id']) { throw new Exception("NO_USER"); } //----------------------------------------- // Make sure name does not exist //----------------------------------------- try { if ($this->checkNameExists($name, $member, $field) === TRUE) { throw new Exception("USER_NAME_EXISTS"); } else { if ($field == 'members_display_name') { $this->DB->setDataType(array('dname_previous', 'dname_current'), 'string'); if ($member['members_display_name'] != $name) { $this->DB->insert('dnames_change', array('dname_member_id' => $member_id, 'dname_date' => time(), 'dname_ip_address' => $member['ip_address'], 'dname_previous' => $member['members_display_name'], 'dname_current' => $name, 'dname_discount' => $discount ? 1 : 0)); } //----------------------------------------- // Still here? Change it then //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => mb_strtolower($name), 'members_seo_name' => $_seoName))); $this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string'); $this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->setDataType(array('member_name', 'seo_name'), 'string'); $this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']); $this->DB->setDataType(array('starter_name', 'seo_first_name'), 'string'); $this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']); $this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string'); $this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->update('posts', array('author_name' => $name), "author_id=" . $member['member_id']); /* Update archived posts */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer'); $archiveWriter = new $classToLoad(); $archiveWriter->setApp('forums'); $archiveWriter->update(array('archive_author_name' => $name), 'archive_author_id=' . $member['member_id']); } else { //----------------------------------------- // If one gets here, one can assume that the new name is correct for one, er...one. // So, lets do the converteroo //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('name' => $name, 'members_l_username' => mb_strtolower($name)))); $this->DB->setDataType('member_name', 'string'); $this->DB->update('moderators', array('member_name' => $name), "member_id=" . $member['member_id']); if (!$this->settings['auth_allow_dnames']) { //----------------------------------------- // Not using sep. display names? //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => mb_strtolower($name), 'members_seo_name' => $_seoName))); $this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string'); $this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->setDataType(array('member_name', 'seo_name'), 'string'); $this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']); $this->DB->setDataType(array('starter_name', 'seo_first_name'), 'string'); $this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']); $this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string'); $this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->update('posts', array('author_name' => $name), "author_id=" . $member['member_id']); /* Update archived posts */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer'); $archiveWriter = new $classToLoad(); $archiveWriter->setApp('forums'); $archiveWriter->update(array('archive_author_name' => $name), 'archive_author_id=' . $member['member_id']); } } //----------------------------------------- // Recache moderators //----------------------------------------- $this->registry->cache()->rebuildCache('moderators', 'forums'); //----------------------------------------- // Recache announcements //----------------------------------------- $this->registry->cache()->rebuildCache('announcements', 'forums'); //----------------------------------------- // Stats to Update? //----------------------------------------- $this->registry->cache()->rebuildCache('stats', 'core'); $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $han_login = new $classToLoad($this->registry); $han_login->init(); $han_login->changeName($member[$field], $name, $member['email'], $member, $field); IPSLib::runMemberSync('onNameChange', $member['member_id'], $name); return TRUE; } } catch (Exception $error) { throw new Exception($error->getMessage()); } }
/** * Merge two members * * @return @e void [Redirects to member account] * @author Brandon Farber */ protected function _completeMerge() { if (!$this->request['confirm']) { $member = IPSMember::load($this->request['member_id']); //----------------------------------------- // Load member //----------------------------------------- $newMember = NULL; $_newMember = NULL; /* Name */ if ($this->request['name']) { $newMember = IPSMember::load($this->request['name'], '', 'displayname'); $_newMember = $newMember['member_id']; } /* Email */ if ($this->request['email']) { $newMember = IPSMember::load($this->request['email'], '', 'email'); if ($_newMember !== NULL and $_newMember != $newMember['member_id']) { $this->registry->output->global_error = $this->lang->words['err_transfer_badmulti']; $this->_mergeForm(); return false; } $_newMember = $newMember['member_id']; } /* ID */ if ($this->request['target_id']) { $newMember = IPSMember::load(intval($this->request['target_id']), '', 'id'); if ($_newMember !== NULL and $_newMember != $newMember['member_id']) { $this->registry->output->global_error = $this->lang->words['err_transfer_badmulti']; $this->_mergeForm(); return false; } $_newMember = $newMember['member_id']; } if (!$newMember['member_id']) { $this->registry->output->global_error = $this->lang->words['no_merge_id']; $this->_mergeForm(); return false; } $member2 = $newMember; if (!$member['member_id'] or !$member2['member_id']) { $this->registry->output->global_error = $this->lang->words['no_merge_id']; $this->_mergeForm(); return false; } //----------------------------------------- // Output //----------------------------------------- $this->registry->output->html .= $this->html->mergeConfirm($member, $newMember); } else { $member = IPSMember::load($this->request['member_id']); $member2 = IPSMember::load($this->request['member_id2']); if (!$member['member_id'] or !$member2['member_id']) { $this->registry->output->global_error = $this->lang->words['no_merge_id']; $this->_mergeForm(); return false; } //----------------------------------------- // Take care of forum stuff //----------------------------------------- $this->DB->update('posts', array('author_name' => $member['members_display_name'], 'author_id' => $member['member_id']), "author_id=" . $member2['member_id']); $this->DB->update('topics', array('starter_name' => $member['members_display_name'], 'seo_first_name' => $member['members_seo_name'], 'starter_id' => $member['member_id']), "starter_id=" . $member2['member_id']); $this->DB->update('topics', array('last_poster_name' => $member['members_display_name'], 'seo_last_name' => $member['members_seo_name'], 'last_poster_id' => $member['member_id']), "last_poster_id=" . $member2['member_id']); $this->DB->update('announcements', array('announce_member_id' => $member['member_id']), "announce_member_id=" . $member2['member_id']); $this->DB->update('attachments', array('attach_member_id' => $member['member_id']), "attach_member_id=" . $member2['member_id']); $this->DB->update('polls', array('starter_id' => $member['member_id']), "starter_id=" . $member2['member_id']); $this->DB->update('topic_ratings', array('rating_member_id' => $member['member_id']), "rating_member_id=" . $member2['member_id']); $this->DB->update('moderators', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); $this->DB->update('forums', array('last_poster_name' => $member['members_display_name'], 'seo_last_name' => $member['members_seo_name'], 'last_poster_id' => $member['member_id']), "last_poster_id=" . $member2['member_id']); $this->DB->update('core_share_links_log', array('log_member_id' => $member['member_id']), "log_member_id=" . $member2['member_id']); $this->DB->update('core_soft_delete_log', array('sdl_obj_member_id' => $member['member_id']), "sdl_obj_member_id=" . $member2['member_id']); $this->DB->update('rss_import', array('rss_import_mid' => $member['member_id']), "rss_import_mid=" . $member2['member_id']); $this->DB->update('core_tags', array('tag_member_id' => $member['member_id']), "tag_member_id=" . $member2['member_id']); /* Update archived posts */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer'); $archiveWriter = new $classToLoad(); $archiveWriter->setApp('forums'); $archiveWriter->update(array('archive_author_id' => $member['member_id'], 'archive_author_name' => $member['members_display_name']), 'archive_author_id=' . $member2['member_id']); //----------------------------------------- // Clean up profile stuff //----------------------------------------- $this->DB->update('profile_portal_views', array('views_member_id' => $member['member_id']), "views_member_id=" . $member2['member_id']); $this->DB->update('members_warn_logs', array('wl_member' => $member['member_id']), "wl_member=" . $member2['member_id']); $this->DB->update('members_warn_logs', array('wl_moderator' => $member['member_id']), "wl_moderator=" . $member2['member_id']); $this->DB->update('dnames_change', array('dname_member_id' => $member['member_id']), "dname_member_id=" . $member2['member_id']); $this->DB->update('mobile_notifications', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); $this->DB->update('inline_notifications', array('notify_to_id' => $member['member_id']), "notify_to_id=" . $member2['member_id']); $this->DB->update('inline_notifications', array('notify_from_id' => $member['member_id']), "notify_from_id=" . $member2['member_id']); //----------------------------------------- // Statuses //----------------------------------------- $this->DB->update('member_status_actions', array('action_member_id' => $member['member_id']), "action_member_id=" . $member2['member_id']); $this->DB->update('member_status_actions', array('action_status_owner' => $member['member_id']), "action_status_owner=" . $member2['member_id']); $this->DB->update('member_status_replies', array('reply_member_id' => $member['member_id']), "reply_member_id=" . $member2['member_id']); $this->DB->update('member_status_updates', array('status_member_id' => $member['member_id']), "status_member_id=" . $member2['member_id']); $this->DB->update('member_status_updates', array('status_author_id' => $member['member_id']), "status_author_id=" . $member2['member_id']); $statusUpdates = array(); $this->DB->build(array('select' => 'status_id', 'from' => 'member_status_updates', 'where' => 'status_member_id=' . $member['member_id'])); $res = $this->DB->execute(); while ($r = $this->DB->fetch($res)) { $this->registry->getClass('memberStatus')->rebuildStatus($r); } //----------------------------------------- // Update admin stuff //----------------------------------------- $this->DB->update('upgrade_history', array('upgrade_mid' => $member['member_id']), "upgrade_mid=" . $member2['member_id']); $this->DB->update('admin_logs', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); $this->DB->update('error_logs', array('log_member' => $member['member_id']), "log_member=" . $member2['member_id']); $this->DB->update('moderator_logs', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); $this->DB->update('rc_comments', array('comment_by' => $member['member_id']), "comment_by=" . $member2['member_id']); $this->DB->update('rc_reports', array('report_by' => $member['member_id']), "report_by=" . $member2['member_id']); $this->DB->update('rc_reports_index', array('updated_by' => $member['member_id']), "updated_by=" . $member2['member_id']); $this->DB->update('rc_reports_index', array('exdat1' => $member['member_id']), "seotemplate='showuser' AND exdat1=" . $member2['member_id']); $this->DB->update('reputation_cache', array('type_id' => $member['member_id']), "type='member' AND type_id=" . $member2['member_id']); $this->DB->update('reputation_index', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); //----------------------------------------- // Fix up member messages... //----------------------------------------- $this->DB->update('message_posts', array('msg_author_id' => $member['member_id']), 'msg_author_id=' . $member2['member_id']); $this->DB->update('message_topics', array('mt_starter_id' => $member['member_id']), 'mt_starter_id=' . $member2['member_id']); $this->DB->update('message_topics', array('mt_to_member_id' => $member['member_id']), 'mt_to_member_id=' . $member2['member_id']); //----------------------------------------- // Stuff that can't have duplicates //----------------------------------------- //----------------------------------------- // Likes - also invalidates likes cache //----------------------------------------- /* Followed stuffs */ require_once IPS_ROOT_PATH . 'sources/classes/like/composite.php'; /*noLibHook*/ $like = classes_like::bootstrap('core', 'default'); $like->updateMemberId($member2['member_id'], $member['member_id']); //----------------------------------------- // Poll votes //----------------------------------------- $voters = array(); $this->DB->build(array('select' => 'tid', 'from' => 'voters', 'where' => 'member_id=' . $member['member_id'])); $this->DB->execute(); while ($r = $this->DB->fetch()) { $voters[] = $r['tid']; } if (count($voters)) { $this->DB->update('voters', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id'] . " AND tid NOT IN(" . implode(',', $voters) . ")"); } else { $this->DB->update('voters', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']); } //----------------------------------------- // Profile ratings //----------------------------------------- $ratingsFor = array(); $ratingsGot = array(); $this->DB->build(array('select' => 'rating_by_member_id,rating_for_member_id', 'from' => 'profile_ratings', 'where' => 'rating_by_member_id=' . $member['member_id'] . ' OR rating_for_member_id=' . $member['member_id'])); $this->DB->execute(); while ($r = $this->DB->fetch()) { if ($r['rating_by_member_id'] == $member['member_id']) { $ratingsFor[] = $r['rating_for_member_id']; } if ($r['rating_for_member_id'] == $member['member_id']) { $ratingsGot[] = $r['rating_by_member_id']; } } if (count($ratingsFor)) { $this->DB->update('profile_ratings', array('rating_by_member_id' => $member['member_id']), "rating_by_member_id=" . $member2['member_id'] . " AND rating_for_member_id NOT IN(" . implode(',', $ratingsFor) . ")"); } else { $this->DB->update('profile_ratings', array('rating_by_member_id' => $member['member_id']), "rating_by_member_id=" . $member2['member_id']); } if (count($ratingsGot)) { $this->DB->update('profile_ratings', array('rating_for_member_id' => $member['member_id']), "rating_for_member_id=" . $member2['member_id'] . " AND rating_by_member_id NOT IN(" . implode(',', $ratingsGot) . ")"); } else { $this->DB->update('profile_ratings', array('rating_for_member_id' => $member['member_id']), "rating_for_member_id=" . $member2['member_id']); } //----------------------------------------- // Profile friends //----------------------------------------- $myFriends = array(); $friendsMy = array(); $this->DB->build(array('select' => 'friends_member_id,friends_friend_id', 'from' => 'profile_friends', 'where' => 'friends_member_id=' . $member['member_id'] . ' OR friends_friend_id=' . $member['member_id'])); $this->DB->execute(); while ($r = $this->DB->fetch()) { if ($r['friends_member_id'] == $member['member_id']) { $myFriends[] = $r['friends_friend_id']; } if ($r['friends_friend_id'] == $member['member_id']) { $friendsMy[] = $r['friends_member_id']; } } if (count($myFriends)) { $this->DB->update('profile_friends', array('friends_member_id' => $member['member_id']), "friends_member_id=" . $member2['member_id'] . " AND friends_friend_id NOT IN(" . implode(',', $myFriends) . ")"); } else { $this->DB->update('profile_friends', array('friends_member_id' => $member['member_id']), "friends_member_id=" . $member2['member_id']); } if (count($friendsMy)) { $this->DB->update('profile_friends', array('friends_friend_id' => $member['member_id']), "friends_friend_id=" . $member2['member_id'] . " AND friends_member_id NOT IN(" . implode(',', $friendsMy) . ")"); } else { $this->DB->update('profile_friends', array('friends_friend_id' => $member['member_id']), "friends_friend_id=" . $member2['member_id']); } //----------------------------------------- // Ignored users //----------------------------------------- $myIgnored = array(); $ignoredMe = array(); $this->DB->build(array('select' => 'ignore_owner_id,ignore_ignore_id', 'from' => 'ignored_users', 'where' => 'ignore_owner_id=' . $member['member_id'] . ' OR ignore_ignore_id=' . $member['member_id'])); $this->DB->execute(); while ($r = $this->DB->fetch()) { if ($r['ignore_owner_id'] == $member['member_id']) { $myIgnored[] = $r['ignore_ignore_id']; } if ($r['ignore_ignore_id'] == $member['member_id']) { $ignoredMe[] = $r['ignore_owner_id']; } } if (count($myIgnored)) { $this->DB->update('ignored_users', array('ignore_owner_id' => $member['member_id']), "ignore_owner_id=" . $member2['member_id'] . " AND ignore_ignore_id NOT IN(" . implode(',', $myIgnored) . ")"); } else { $this->DB->update('ignored_users', array('ignore_owner_id' => $member['member_id']), "ignore_owner_id=" . $member2['member_id']); } if (count($ignoredMe)) { $this->DB->update('ignored_users', array('ignore_ignore_id' => $member['member_id']), "ignore_ignore_id=" . $member2['member_id'] . " AND ignore_owner_id NOT IN(" . implode(',', $ignoredMe) . ")"); } else { $this->DB->update('ignored_users', array('ignore_ignore_id' => $member['member_id']), "ignore_ignore_id=" . $member2['member_id']); } //----------------------------------------- // Message topic mapping //----------------------------------------- $pms = array(); $this->DB->build(array('select' => 'map_topic_id', 'from' => 'message_topic_user_map', 'where' => 'map_user_id=' . $member['member_id'])); $this->DB->execute(); while ($r = $this->DB->fetch()) { $pms[] = $r['map_topic_id']; } if (count($pms)) { $this->DB->update('message_topic_user_map', array('map_user_id' => $member['member_id']), "map_user_id=" . $member2['member_id'] . " AND map_topic_id NOT IN(" . implode(',', $pms) . ")"); } else { $this->DB->update('message_topic_user_map', array('map_user_id' => $member['member_id']), 'map_user_id=' . $member2['member_id']); } //----------------------------------------- // Admin permissions //----------------------------------------- $count = $this->DB->buildAndFetch(array('select' => 'row_id', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $member['member_id'])); if (!$count['row_id']) { $this->DB->update('admin_permission_rows', array('row_id' => $member['member_id']), "row_id_type='member' AND row_id=" . $member2['member_id']); } //----------------------------------------- // Member Sync //----------------------------------------- try { IPSMember::save($member['member_id'], array('core' => array('posts' => $member['posts'] + $member2['posts'], 'warn_level' => $member['warn_level'] + $member2['warn_level'], 'warn_lastwarn' => $member2['warn_lastwarn'] > $member['warn_lastwarn'] ? $member2['warn_lastwarn'] : $member['warn_lastwarn'], 'last_post' => $member2['last_post'] > $member['last_post'] ? intval($member2['last_post']) : intval($member['last_post']), 'last_visit' => $member2['last_visit'] > $member['last_visit'] ? $member2['last_visit'] : $member['last_visit']), 'extendedProfile' => array('pp_reputation_points' => $member['pp_reputation_points'] + $member2['pp_reputation_points']))); } catch (Exception $error) { $this->registry->output->showError($error->getMessage(), 11247); } IPSLib::runMemberSync('onMerge', $member, $member2); //----------------------------------------- // Delete member 2 //----------------------------------------- IPSMember::remove($member2['member_id'], false); //----------------------------------------- // Get current stats... //----------------------------------------- $this->cache->rebuildCache('stats', 'global'); $this->cache->rebuildCache('moderators', 'forums'); $this->cache->rebuildCache('announcements', 'forums'); //----------------------------------------- // Admin logs //----------------------------------------- $this->registry->adminFunctions->saveAdminLog(sprintf($this->lang->words['merged_accounts_log'], $member2['members_display_name'], $member['members_display_name'])); //----------------------------------------- // Redirect //----------------------------------------- $this->registry->output->global_message = $this->lang->words['merged_members']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . "module=members&section=members&do=viewmember&member_id=" . $member['member_id']); } }
/** * Completes the connection * * @access public * @return redirect */ public function finishLogin() { /* From reg flag */ if ($_REQUEST['code']) { /* Load oAuth */ require_once IPS_KERNEL_PATH . 'facebook/facebookoauth.php'; /*noLibHook*/ $this->_oauth = new FacebookOAuth(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, FACEBOOK_CALLBACK, $this->extendedPerms); /* Load API */ require_once IPS_KERNEL_PATH . 'facebook/facebook.php'; /*noLibHook*/ $this->_api = new Facebook(array('appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET, 'cookie' => true)); /* Ensure URL is correct */ $_urlExtra = ''; if ($_REQUEST['key']) { $_urlExtra .= '&key=' . $_REQUEST['key']; } if ($_REQUEST['_reg']) { $_urlExtra .= '&_reg=1'; } /* Update callback url */ $this->_oauth->setCallBackUrl(FACEBOOK_CALLBACK . $_urlExtra); /* Generate oAuth token */ $rToken = $this->_oauth->getAccessToken($_REQUEST['code']); if (is_string($rToken)) { try { $_userData = $this->_api->api('me', array('access_token' => $rToken)); } catch (Exception $e) { /* Try re-authorising */ if (stristr($e->getMessage(), 'invalid')) { $this->redirectToConnectPage(); } } /* A little gymnastics */ $this->_userData = $_userData; $_userData = $this->fetchUserData($rToken); /* Got a member linked already? */ $_member = IPSMember::load($_userData['id'], 'all', 'fb_uid'); /* Not connected, check email address */ if (!$_member['member_id'] and $_userData['email']) { $_member = IPSMember::load($_userData['email'], 'all', 'email'); /* We do have an existing account, so trash email forcing user to sign up with new */ if ($_member['member_id']) { /* Update row */ IPSMember::save($_member['member_id'], array('core' => array('fb_uid' => $_userData['id'], 'fb_token' => $rToken))); } } if ($_member['member_id']) { $memberData = $_member; /* Ensure user's row is up to date */ IPSMember::save($memberData['member_id'], array('core' => array('fb_token' => $rToken))); /* Here, so log us in!! */ /* changed by denchu 26/12/12 */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { /* No? Create a new member */ foreach (array('fbc_s_pic', 'fbc_s_status', 'fbc_s_aboutme') as $field) { $toSave[$field] = 1; } $fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook'); $safeFBName = IPS_DOC_CHAR_SET != 'UTF-8' ? IPSText::utf8ToEntities($_userData['name']) : $_userData['name']; /* Make sure usernames are safe */ if ($this->settings['username_characters']) { $check_against = preg_quote($this->settings['username_characters'], "/"); $check_against = str_replace('\\-', '-', $check_against); $safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName); } /* Check ban filters? */ if (IPSMember::isBanned('email', $_userData['email']) or IPSMember::isBanned('name', $safeFBName)) { $this->registry->output->showError('you_are_banned', 1090003); } $displayName = $this->settings['fb_realname'] == 'enforced' ? $safeFBName : ''; /* From reg, so create new account properly */ $toSave = array('core' => array('name' => IPSText::parseCleanValue($safeFBName), 'members_display_name' => IPSText::parseCleanValue($displayName), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $_userData['email'], 'fb_uid' => $_userData['id'], 'time_offset' => $_userData['timezone'], 'members_auto_dst' => 1, 'fb_token' => $rToken), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['about'], 'utf-8', IPS_DOC_CHAR_SET)), 'fb_bwoptions' => $fb_bwoptions)); $memberData = IPSMember::create($toSave, FALSE, FALSE, TRUE); if (!$memberData['member_id']) { throw new Exception('CREATION_FAIL'); } /* Sync up photo */ $this->syncMember($memberData['member_id']); $pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id'])); if ($pmember['partial_member_id']) { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']); } else { /* Already got a display name */ if ($displayName) { /* Here, so log us in!! */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); IPSLib::runMemberSync('onCompleteAccount', $memberData); if ($this->settings['new_reg_notify']) { $this->registry->class_localization->loadLanguageFile(array('public_register'), 'core'); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser")); IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName)); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { throw new Exception('CREATION_FAIL'); } } } } else { throw new Exception('CREATION_FAIL'); } } else { /* Need to re-auth */ } }
/** * Processes the registration form * * @return @e void */ public function registerProcessForm() { $this->_resetMember(); $form_errors = array(); $coppa = $this->request['coppa_user'] == 1 ? 1 : 0; $in_password = trim($this->request['PassWord']); $in_email = strtolower(trim($this->request['EmailAddress'])); /* Did we agree to the t&c? */ if (!$this->request['agree_tos']) { $form_errors['tos'] = array($this->lang->words['must_agree_to_terms']); } /* Custom profile field stuff */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $custom_fields = new $classToLoad(); $custom_fields->initData('edit'); $custom_fields->parseToSave($_POST, 'register'); /* Check */ if ($custom_fields->error_messages) { $form_errors['general'] = $custom_fields->error_messages; } /* Check the email address */ if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) { $form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email']; } if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) { $form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match']; } /* There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770 elseif ( strlen( $in_password ) < 3 ) { $form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short']; } elseif ( strlen( $in_password ) > 32 ) { $form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long']; } */ /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name'); $disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name'); if (is_array($user_check['errors']) && count($user_check['errors'])) { foreach ($user_check['errors'] as $key => $error) { $form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error; } } /* this duplicates username error above */ /*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) ) { foreach( $disp_check['errors'] as $key => $error ) { $form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error; } }*/ /* Is this email addy taken? */ if (IPSMember::checkByEmail($in_email) == TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Load handler... */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->emailExistsCheck($in_email); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Are they banned [EMAIL]? */ if (IPSMember::isBanned('email', $in_email) === TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban']; } /* Check the CAPTCHA */ if ($this->settings['bot_antispam_type'] != 'none') { if ($this->registry->getClass('class_captcha')->validate() !== TRUE) { $form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code']; } } /* Check the Q and A */ $qanda = intval($this->request['qanda_id']); $pass = true; if ($qanda) { $pass = false; $data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda)); if ($data['qa_id']) { $answers = explode("\n", str_replace("\r", "", $data['qa_answers'])); if (count($answers)) { foreach ($answers as $answer) { $answer = trim($answer); if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) { $pass = true; break; } } } } } else { //----------------------------------------- // Do we have any questions? //----------------------------------------- $data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer')); if ($data['questions']) { $pass = false; } } if (!$pass) { $form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a']; } /* CHECK 2: Any errors ? */ if (count($form_errors)) { $this->registerForm($form_errors); return; } /* Build up the hashes */ $mem_group = $this->settings['member_group']; /* Are we asking the member or admin to preview? */ if ($this->settings['reg_auth_type']) { $mem_group = $this->settings['auth_group']; } else { if ($coppa == 1) { $mem_group = $this->settings['auth_group']; } } /* Create member */ $member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id); /* Spam Service */ $spamCode = 0; $_spamFlag = 0; if ($this->settings['spam_service_enabled']) { /* Query the service */ $spamCode = IPSMember::querySpamService($in_email); /* Action to perform */ $action = $this->settings['spam_service_action_' . $spamCode]; /* Perform Action */ switch ($action) { /* Proceed with registration */ case 1: break; /* Flag for admin approval */ /* Flag for admin approval */ case 2: $member['member_group_id'] = $this->settings['auth_group']; $this->settings['reg_auth_type'] = 'admin'; $_spamFlag = 1; break; /* Approve the account, but ban it */ /* Approve the account, but ban it */ case 3: $member['member_banned'] = 1; $member['bw_is_spammer'] = 1; $this->settings['reg_auth_type'] = ''; break; /* Deny registration */ /* Deny registration */ case 4: $this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200); break; } } //----------------------------------------- // Create the account //----------------------------------------- $member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE); //----------------------------------------- // Login handler create account callback //----------------------------------------- $this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name'])); //----------------------------------------- // We'll just ignore if this fails - it shouldn't hold up IPB anyways //----------------------------------------- /*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) ) { $this->registry->output->showError( 'han_login_create_failed', 2017, true ); }*/ //----------------------------------------- // Validation //----------------------------------------- $validate_key = md5(IPSMember::makePassword() . time()); $time = time(); if ($coppa != 1) { if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') { //----------------------------------------- // We want to validate all reg's via email, // after email verificiation has taken place, // we restore their previous group and remove the validate_key //----------------------------------------- $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag)); if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') { /* Send out the email. */ $message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id)); IPSText::getTextClass('email')->buildPlainTextContent($message); IPSText::getTextClass('email')->buildHtmlContent($message); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); $this->output = $this->registry->output->getTemplate('register')->showAuthorize($member); } else { if ($this->settings['reg_auth_type'] == 'admin') { $this->output = $this->registry->output->getTemplate('register')->showPreview($member); } } /* Only send new registration email if the member wasn't banned */ if ($this->settings['new_reg_notify'] and !$member['member_banned']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } $this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']); $this->registry->output->addNavigation($this->lang->words['nav_reg'], ''); } else { /* We don't want to preview, or get them to validate via email. */ $stat_cache = $this->cache->getCache('stats'); if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) { $stat_cache['last_mem_name'] = $member['members_display_name']; $stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']); $stat_cache['last_mem_id'] = $member['member_id']; } $stat_cache['mem_count'] += 1; $this->cache->setCache('stats', $stat_cache, array('array' => 1)); /* Only send new registration email if the member wasn't banned */ if ($this->settings['new_reg_notify'] and !$member['member_banned']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } IPSCookie::set('pass_hash', $member['member_login_key'], 1); IPSCookie::set('member_id', $member['member_id'], 1); //----------------------------------------- // Fix up session //----------------------------------------- $privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0; # Update value for onCompleteAccount call $member['login_anonymous'] = $privacy . '&1'; $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy)); IPSLib::runMemberSync('onCompleteAccount', $member); $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1'); } } else { /* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */ $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'])); $this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12'); } }
/** * Log a user out * * @param integer Flag to check md5 key * @return mixed Error message or array [0=immediate|redirect, 1=words to show, 2=URL to send to] */ public function doLogout($check_key = true) { //----------------------------------------- // INIT //----------------------------------------- if ($check_key) { $key = $this->request['k']; # Check for funny business if ($key != $this->member->form_hash) { $this->registry->getClass('output')->showError('bad_logout_key', 2012); } } //----------------------------------------- // Set some cookies //----------------------------------------- IPSCookie::set("member_id", "0", 1, 0, FALSE, TRUE); IPSCookie::set("pass_hash", "0", 1, 0, FALSE, TRUE); if (IPSCookie::get("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'))) { IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '0', 1, 0, FALSE, FALSE); } //----------------------------------------- // IPS Connect //----------------------------------------- foreach ($this->caches['login_methods'] as $k => $data) { if ($data['login_folder_name'] == 'ipsconnect' and $data['login_enabled']) { $ipsConnectSettings = unserialize($data['login_custom_config']); IPSCookie::set("ipsconnect_" . md5($ipsConnectSettings['master_url']), '0', 1, 0, FALSE, FALSE); } } if (is_array($_COOKIE)) { foreach ($_COOKIE as $cookie => $value) { if (stripos($cookie, $this->settings['cookie_id'] . 'ipbforumpass') !== false and !strstr($value, 'mobileApp')) { IPSCookie::set(str_replace($this->settings['cookie_id'], "", $cookie), '-', -1); } } } //----------------------------------------- // Do it.. //----------------------------------------- $this->member->sessionClass()->convertMemberToGuest(); $privacy = intval(IPSMember::isLoggedInAnon($this->memberData)); IPSMember::save($this->memberData['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => IPS_UNIX_TIME_NOW))); //----------------------------------------- // Logout callbacks... //----------------------------------------- IPSLib::runMemberSync('onLogOut', $this->memberData); $this->han_login->logoutCallback($this->memberData); //----------------------------------------- // Return.. //----------------------------------------- $url = ""; if ($this->request['return'] and $this->request['return'] != "") { $return = urldecode($this->request['return']); if (strpos($return, "http://") === 0) { return array('immediate', '', $return); } } return array('redirect', $this->lang->words['thanks_for_logout'], $this->settings['board_url']); }
/** * Save new email and/or pass * * @return @e void */ protected function _saveForm() { if (!$this->request['email'] and !$this->request['password']) { $this->registry->output->global_error = $this->lang->words['change_nothing_update']; $this->_showForm(); return; } if ($this->request['email']) { if (!$this->request['email_confirm']) { $this->registry->output->global_error = $this->lang->words['change_both_fields']; $this->_showForm(); return; } else { if ($this->request['email'] != $this->request['email_confirm']) { $this->registry->output->global_error = $this->lang->words['change_not_match']; $this->_showForm(); return; } } $email = trim($this->request['email']); if (!IPSText::checkEmailAddress($email)) { $this->registry->output->global_error = $this->lang->words['bad_email_supplied']; $this->_showForm(); return; } $email_check = IPSMember::load(strtolower($email)); if ($email_check['member_id']) { if ($email_check['member_id'] == $this->memberData['member_id']) { $this->registry->output->global_error = $this->lang->words['already_using_email']; } else { $this->registry->output->global_error = $this->lang->words['change_email_already_used']; } $this->_showForm(); return; } //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $han_login = new $classToLoad($this->registry); $han_login->init(); $han_login->changeEmail(trim(strtolower($this->memberData['email'])), trim(strtolower($email)), $this->memberData); IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($email), $this->memberData['email']); IPSMember::save($this->memberData['member_id'], array('core' => array('email' => strtolower($email)))); ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['changed_email'], $email)); } if ($this->request['password']) { if (!$this->request['password_confirm']) { $this->registry->output->global_error = $this->lang->words['change_both_fields']; $this->_showForm(); return; } else { if ($this->request['password'] != $this->request['password_confirm']) { $this->registry->output->global_error = $this->lang->words['change_not_match_pw']; $this->_showForm(); return; } } $password = $this->request['password']; $salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5)); $key = IPSMember::generateAutoLoginKey(); $md5_once = md5(trim($password)); $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $han_login = new $classToLoad($this->registry); $han_login->init(); $han_login->changePass($this->memberData['email'], $md5_once, $password, $this->memberData); IPSMember::save($this->memberData['member_id'], array('core' => array('members_pass_salt' => $salt, 'member_login_key' => $key))); IPSMember::updatePassword($this->memberData['member_id'], $md5_once); IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $password); ipsRegistry::getClass('adminFunctions')->saveAdminLog($this->lang->words['changed_password']); } $this->registry->output->global_message = $this->lang->words['details_updated']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url']); }
/** * Attempt to automatically log a user in * * @access public * @return array [0=Words to display,1=URL to send to] */ public function autoLogin() { /* Verify the login */ $this->han_login->verifyLogin(); /* Lang Bits */ $true_words = $this->lang->words['logged_in']; $false_words = $this->lang->words['not_logged_in']; $method = 'no_show'; /* Register Redirect */ if ($this->request['fromreg'] == 1) { $true_words = $this->lang->words['reg_log_in']; $false_words = $this->lang->words['reg_not_log_in']; $method = 'show'; } else { if ($this->request['fromemail'] == 1) { $true_words = $this->lang->words['email_log_in']; $false_words = $this->lang->words['email_not_log_in']; $method = 'show'; } else { if ($this->request['frompass'] == 1) { $true_words = $this->lang->words['pass_log_in']; $false_words = $this->lang->words['pass_not_log_in']; $method = 'show'; } } } if ($this->memberData['member_id']) { /* Member Sync */ IPSLib::runMemberSync('onLogin', $this->memberData); if (!$this->request['fromreg']) { IPSCookie::set('session_id', '0', -1); } if ($method == 'show') { $this->registry->getClass('output')->redirectScreen($true_words, $this->settings['base_url']); } else { $this->registry->getClass('output')->silentRedirect($this->settings['board_url'] . '/index.php'); } } else { if ($method == 'show') { $this->registry->getClass('output')->redirectScreen($false_words, $this->settings['base_url'] . 'app=core&module=global§ion=login'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=login'); } } }
/** * Flag an account as spammer * * @param int|array $member Member Data * @param array $marker The person marking this person a spammer * @param bool $resetLastMember If FALSE skips resetting the last registered member * @return void */ public static function flagMemberAsSpammer($member, $marker = NULL, $resetLastMember = TRUE) { //----------------------------------------- // Init //----------------------------------------- /* Load Member */ if (!is_array($member)) { $member = self::load($member); } /* Load moderator library (we'll need this to unapprove posts and log) */ $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/moderate.php', 'moderatorLibrary', 'forums'); $modLibrary = new $classToLoad(ipsRegistry::instance()); //----------------------------------------- // Do it //----------------------------------------- $toSave = array(); $toSave['core']['bw_is_spammer'] = TRUE; /* Shut off twitter/FB status importing */ $bwOptions = IPSBWOptions::thaw($member['tc_bwoptions'], 'twitter'); $bwOptions['tc_si_status'] = 0; $twitter = IPSBWOptions::freeze($bwOptions, 'twitter'); $bwOptions = IPSBWOptions::thaw($member['fb_bwoptions'], 'facebook'); $bwOptions['fbc_si_status'] = 0; $facebook = IPSBWOptions::freeze($bwOptions, 'facebook'); $toSave['extendedProfile']['tc_bwoptions'] = $twitter; $toSave['extendedProfile']['fb_bwoptions'] = $facebook; /* Do any disabling, unapproving, banning - no breaks here since if we ban, we also want to unapprove posts, etc. */ /* Note that there are DELIBERATELY no breaks in this switch since the options are cascading (if you ban, you also want to unapprove content) */ switch (ipsRegistry::$settings['spm_option']) { /* Empty profile and ban account */ case 'ban': // ban $toSave['core']['member_banned'] = TRUE; // wipe data $toSave['core']['title'] = ''; $toSave['extendedProfile']['signature'] = ''; $toSave['extendedProfile']['pp_about_me'] = ''; // wipe photo $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/photo.php', 'classes_member_photo'); $photos = new $classToLoad(ipsRegistry::instance()); $photos->remove($member['member_id']); // wipe custom fields $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $fields = new $classToLoad(); $fields->member_data = $member; $fields->initData('edit'); $fields->parseToSave(array()); if (count($fields->out_fields)) { $toSave['customFields'] = $fields->out_fields; } // wipe signature IPSContentCache::update($member['member_id'], 'sig', ''); /* Unapprove posts */ /* Unapprove posts */ case 'unapprove': $modLibrary->deleteMemberContent($member['member_id'], 'all', intval(ipsRegistry::$settings['spm_post_days']) * 24); /* Disable Post/PM permission */ /* Disable Post/PM permission */ case 'disable': $toSave['core']['restrict_post'] = 1; $toSave['core']['members_disable_pm'] = 2; } self::save($member['member_id'], $toSave); //----------------------------------------- // Run memberSync //----------------------------------------- IPSLib::runMemberSync('onSetAsSpammer', array_merge($member, $toSave)); //----------------------------------------- // Let the admin know if necessary //----------------------------------------- if ($marker !== NULL and ipsRegistry::$settings['spm_notify'] and ipsRegistry::$settings['email_in'] != $marker['email']) { ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_mod'), 'forums'); ipsRegistry::getClass('class_localization')->loadLanguageFile(array('admin_member'), 'members'); IPSText::getTextClass('email')->getTemplate('possibleSpammer'); IPSText::getTextClass('email')->buildMessage(array('DATE' => ipsRegistry::getClass('class_localization')->getDate($member['joined'], 'LONG', 1), 'MEMBER_NAME' => $member['members_display_name'], 'IP' => $member['ip_address'], 'EMAIL' => $member['email'], 'LINK' => ipsRegistry::getClass('output')->buildSEOUrl("showuser=" . $member['member_id'], 'public', $member['members_seo_name'], 'showuser'))); IPSText::getTextClass('email')->subject = sprintf(ipsRegistry::getClass('class_localization')->words['new_registration_email_spammer'], ipsRegistry::$settings['board_name']); IPSText::getTextClass('email')->to = ipsRegistry::$settings['email_in']; IPSText::getTextClass('email')->sendMail(); } /* Reset last member? */ if ($resetLastMember) { self::resetLastRegisteredMember(); } //----------------------------------------- // Let IPS know //----------------------------------------- if (ipsRegistry::$settings['spam_service_send_to_ips']) { self::querySpamService($member['email'], $member['ip_address'], 'markspam'); } //----------------------------------------- // Log //----------------------------------------- ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_modcp'), 'core'); $modLibrary->addModerateLog(0, 0, 0, 0, ipsRegistry::getClass('class_localization')->words['flag_spam_done'] . ': ' . $member['member_id'] . ' - ' . $member['email']); }
/** * Approve member(s) * * @note Exceptions CAN bubble up, so you should still capture exceptions from calls to this method * @param array Array of member ids * @return string Confirmation message */ public function approveMembers($ids) { $approved = array(); //----------------------------------------- // Get members //----------------------------------------- $this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left')))); $main = $this->DB->execute(); while ($row = $this->DB->fetch($main)) { $approved[] = $row['name']; //----------------------------------------- // Only approve if the user is validating //----------------------------------------- if ($row['member_group_id'] != $this->settings['auth_group']) { $row['real_group'] = $row['member_group_id']; // Let's still "validate", but leave them in the group they're in //continue; } //----------------------------------------- // Don't approve if no real_group set //----------------------------------------- if (!$row['real_group']) { //$row['real_group'] = $this->settings['member_group']; continue; } //----------------------------------------- // We don't approve lost pass requests //----------------------------------------- if ($row['lost_pass'] == 1) { continue; } if ($row['real_group'] != $row['member_group_id']) { IPSMember::save($row['member_id'], array('core' => array('member_group_id' => $row['real_group']))); } IPSText::getTextClass('email')->buildMessage(array()); //----------------------------------------- // Using 'name' on purpose // @link http://forums.invisionpower.com/index.php?autocom=tracker&showissue=11564&view=findpost&p=45269 //----------------------------------------- IPSText::getTextClass('email')->getTemplate('complete_reg', $row['language']); IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['name'])); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['subject__complete_reg'], $row['name'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $row['email']; IPSText::getTextClass('email')->sendMail(); IPSLib::runMemberSync('onCompleteAccount', $row); IPSLib::runMemberSync('onGroupChange', $row['member_id'], $row['real_group'], $row['member_group_id']); } $this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")"); //----------------------------------------- // Stats to Update? //----------------------------------------- $this->cache->rebuildCache('stats', 'global'); $message = sprintf($this->lang->words['t_memregapp2'], count($ids), implode(", ", $approved)); ipsRegistry::getClass('adminFunctions')->saveAdminLog($message); return $message; }
/** * Unapprove email change request * * @access private * @return void [Outputs to screen] */ private function _emailUnapprove() { //----------------------------------------- // GET member //----------------------------------------- if (!$this->request['mid']) { $this->registry->output->showError($this->lang->words['t_noemailloc'], 11249); } $member = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'email_chg=1 AND member_id=' . intval($this->request['mid']))); if (!$member['vid']) { $this->registry->output->showError($this->lang->words['t_noemailloc'], 11250); } $this->DB->delete("validating", "vid='{$member['vid']}'"); try { IPSMember::save($member['member_id'], array('core' => array('email' => $member['prev_email'], 'member_group_id' => $member['real_group']))); } catch (Exception $error) { $this->registry->output->showError($error->getMessage(), 11247); } IPSLib::runMemberSync('onGroupChange', $member['member_id'], $member['real_group']); ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['t_emailchangeun'], $member['member_id'])); $this->registry->output->global_message = sprintf($this->lang->words['t_emailchangeun'], $member['member_id']); $this->_viewQueue('validating'); }
/** * Wrapper for loginAuthenticate - returns more information * * @access public * @return mixed array [0=Words to show, 1=URL to send to, 2=error message language key] */ public function verifyLogin() { $url = ""; $member = array(); $username = ''; $email = ''; $password = trim($this->request['password']); $errors = ''; $core = array(); //----------------------------------------- // Is this a username or email address? //----------------------------------------- if (IPSText::checkEmailAddress($this->request['username'])) { $email = $this->request['username']; } else { $username = $this->request['username']; } //----------------------------------------- // Check auth //----------------------------------------- $this->loginAuthenticate($username, $email, $password); $member = $this->member_data; //----------------------------------------- // Check return code... //----------------------------------------- if ($this->return_code != 'SUCCESS') { if ($this->return_code == 'MISSING_DATA') { return array(null, null, 'complete_form'); } if ($this->return_code == 'ACCOUNT_LOCKED') { $extra = "<!-- -->"; if ($this->settings['ipb_bruteforce_unlock']) { if ($this->account_unlock) { $time = time() - $this->account_unlock; $time = $this->settings['ipb_bruteforce_period'] - ceil($time / 60) > 0 ? $this->settings['ipb_bruteforce_period'] - ceil($time / 60) : 1; } } return array(null, null, 'bruteforce_account_unlock', $time); } else { if ($this->return_code == 'WRONG_OPENID') { return array(null, null, 'wrong_openid'); } else { if ($this->return_code == 'FLAGGED_REMOTE') { return array(null, null, 'flagged_remote'); } else { return array(null, null, 'wrong_auth'); } } } } //----------------------------------------- // Is this a partial member? // Not completed their sign in? //----------------------------------------- if ($member['members_created_remote'] and isset($member['full']) and !$member['full']) { return array($this->lang->words['partial_login'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=complete_login&mid=' . $member['member_id'] . '&key=' . $member['timenow']); } //----------------------------------------- // Generate a new log in key //----------------------------------------- $_ok = 1; $_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0; $_sticky = $_time ? 0 : 1; $_days = $_time ? $this->settings['login_key_expire'] : 365; if ($this->settings['login_change_key'] or !$member['member_login_key'] or $this->settings['login_key_expire'] and time() > $member['member_login_key_expire']) { $member['member_login_key'] = IPSMember::generateAutoLoginKey(); $core['member_login_key'] = $member['member_login_key']; $core['member_login_key_expire'] = $_time; } //----------------------------------------- // Cookie me softly? //----------------------------------------- if ($this->request['rememberMe']) { IPSCookie::set("member_id", $member['member_id'], 1); IPSCookie::set("pass_hash", $member['member_login_key'], $_sticky, $_days); } else { IPSCookie::set("member_id", $member['member_id'], 0); IPSCookie::set("pass_hash", $member['member_login_key'], 0); } //----------------------------------------- // Remove any COPPA cookies previously set //----------------------------------------- IPSCookie::set("coppa", '0', 0); //----------------------------------------- // Update profile if IP addr missing //----------------------------------------- if ($member['ip_address'] == "" or $member['ip_address'] == '127.0.0.1') { $core['ip_address'] = $this->member->ip_address; } //----------------------------------------- // Create / Update session //----------------------------------------- $privacy = $this->request['anonymous'] ? 1 : 0; if ($member['g_hide_online_list']) { $privacy = 1; } $session_id = $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy)); if ($this->request['referer'] and $this->request['referer'] and $this->request['section'] != 'register') { if (stripos($this->request['referer'], 'section=register') or stripos($this->request['referer'], 'section=login') or stripos($this->request['referer'], 'section=lostpass') or stripos($this->request['referer'], CP_DIRECTORY . '/')) { $url = $this->settings['base_url'] . '?'; } else { $url = str_replace('&', '&', $this->request['referer']); $url = preg_replace("#s=(\\w){32}#", "", $url); if ($this->member->session_type != 'cookie') { $url = $this->settings['board_url'] . '/index.php?s=' . $session_id; } } } else { $url = $this->settings['base_url'] . '?'; } //----------------------------------------- // Set our privacy status //----------------------------------------- $core['login_anonymous'] = intval($privacy) . '&1'; $core['failed_logins'] = ''; $core['failed_login_count'] = 0; IPSMember::save($member['member_id'], array('core' => $core)); //----------------------------------------- // Clear out any passy change stuff //----------------------------------------- $this->DB->delete('validating', 'member_id=' . $this->memberData['member_id'] . ' AND lost_pass=1'); //----------------------------------------- // Redirect them to either the board // index, or where they came from //----------------------------------------- if ($this->request['return']) { $return = urldecode($this->request['return']); if (strpos($return, "http://") === 0) { return array($this->lang->words['partial_login'], $return); } } //----------------------------------------- // Still here? //----------------------------------------- /* Member Sync */ IPSLib::runMemberSync('onLogin', $member); return array($this->lang->words['partial_login'], $url); }
/** * Completes the connection * * @access public * @return redirect * */ public function finishLogin() { /* From reg flag */ if ($_REQUEST['code']) { /* Reset api to ensure user is not logged in */ $this->resetApi(); /* Ensure URL is correct */ $_urlExtra = ''; if ($_REQUEST['key']) { $_urlExtra .= '&key=' . $_REQUEST['key']; } if ($_REQUEST['reg']) { $_urlExtra .= '®=1'; } /* Update callback url */ $this->_api->setVariable('authorize_callback_uri', VKONTAKTE_CALLBACK . $_urlExtra); /* Generate oAuth token */ $rToken = $this->_api->getAccessToken(); if (is_string($rToken)) { try { $oAuthSession = $this->_api->getSession(); $r = $this->_api->api('getProfiles', 'GET', array('uids' => $oAuthSession['user_id'], 'fields' => 'uid,first_name,last_name,nickname,photo,photo_medium,photo_big,timezone,sex,nickname,activity')); $_userData = array_pop($r['response']); } catch (Exception $e) { } /* A little gymnastics */ $this->_userData = $_userData; $this->_userData['photo'] = $_userData['photo_big']; /* Got a member linked already? */ $_member = IPSMember::load($_userData['uid'], 'all', 'vk_uid'); if ($_member['member_id']) { $memberData = $_member; /* Ensure user's row is up to date */ IPSMember::save($memberData['member_id'], array('core' => array('vk_token' => $rToken))); /* Here, so log us in!! */ /* changed by denchu 26/12/12 */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { /* No? Create a new member */ foreach (array('vc_s_pic', 'vc_s_status') as $field) { $toSave[$field] = 1; } $vk_bwoptions = IPSBWOptions::freeze($toSave, 'vkontakte'); $safeName = IPSText::convertCharsets($_userData['first_name'] . ' ' . $_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET); $displayName = $this->settings['fb_realname'] == 'enforced' ? $safeName : ''; //$displayName = ( ! $this->settings['auth_allow_dnames'] ) ? $safeName : FALSE; /* Make sure usernames are safe */ if ($this->settings['username_characters']) { $check_against = preg_quote($this->settings['username_characters'], "/"); $check_against = str_replace('\\-', '-', $check_against); $safeName = preg_replace('/[^' . $check_against . ']+/i', '', $safeName); } if (IPSText::mbstrlen($safeName) > $this->settings['max_user_name_length']) { $safeName = mb_substr(IPSText::convertCharsets($_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET), 0, $this->settings['max_user_name_length'], 'UTF-8'); } /* Check ban filters? */ if (IPSMember::isBanned('name', $safeName)) { $this->registry->output->showError('you_are_banned', 1090003); } /* From reg, so create new account properly */ $toSave = array('core' => array('name' => $safeName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['vk_mgid'] ? $this->settings['vk_mgid'] : $this->settings['member_group'], 'email' => '', 'vk_uid' => $_userData['uid'], 'time_offset' => $_userData['timezone'], 'vk_token' => $rToken), 'extendedProfile' => array('vk_bwoptions' => $vk_bwoptions)); $memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE); if (!$memberData['member_id']) { throw new Exception('CREATION_FAIL'); } /* Sync up photo */ $this->syncMember($memberData['member_id']); $pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id'])); if ($pmember['partial_member_id']) { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']); } else { /* Already got a display name */ if ($displayName) { /* Here, so log us in!! */ /* changed by denchu 26/12/12*/ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); IPSLib::runMemberSync('onCompleteAccount', $memberData); if ($this->settings['new_reg_notify']) { $this->registry->class_localization->loadLanguageFile(array('public_register'), 'core'); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser")); IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName)); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } else { throw new Exception('CREATION_FAIL'); } } } } else { throw new Exception('CREATION_FAIL'); } } }
/** * Validates a lost password request * * @return @e void */ public function lostPasswordValidate() { /* Check for input and it's in a valid format. */ $in_user_id = intval(trim(urldecode($this->request['uid']))); $in_validate_key = IPSText::md5Clean(trim(urldecode($this->request['aid']))); /* Check Input */ if (!$in_validate_key) { $this->registry->output->showError('validation_key_incorrect', 1015); } if (!preg_match('/^(?:\\d){1,}$/', $in_user_id)) { $this->registry->output->showError('uid_key_incorrect', 1016); } /* Attempt to get the profile of the requesting user */ $member = IPSMember::load($in_user_id); if (!$member['member_id']) { $this->registry->output->showError('lostpass_no_member', 1017); } /* Get validating info.. */ $validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . ' and lost_pass=1')); if (!$validate['member_id']) { $this->registry->output->showError('lostpass_not_validating', 1018); } if ($validate['new_reg'] == 1 && $this->settings['reg_auth_type'] == "admin") { $this->registry->output->showError('lostpass_new_reg', 4010, true); } if ($validate['vid'] != $in_validate_key) { $this->registry->output->showError('lostpass_key_wrong', 1019); } else { /* On the same page? */ if ($validate['lost_pass'] != 1) { $this->registry->output->showError('lostpass_not_lostpass', 4011, true); } /* Send a new random password? */ if ($this->settings['lp_method'] == 'random') { //----------------------------------------- // INIT //----------------------------------------- $save_array = array(); //----------------------------------------- // Generate a new random password //----------------------------------------- $new_pass = IPSMember::makePassword(); //----------------------------------------- // Generate a new salt //----------------------------------------- $salt = IPSMember::generatePasswordSalt(5); $salt = str_replace('\\', "\\\\", $salt); //----------------------------------------- // New log in key //----------------------------------------- $key = IPSMember::generateAutoLoginKey(); //----------------------------------------- // Update... //----------------------------------------- $save_array['members_pass_salt'] = $salt; $save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass)); $save_array['member_login_key'] = $key; $save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24; $save_array['failed_logins'] = null; $save_array['failed_login_count'] = 0; //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member); //if ( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' ) //{ // $this->registry->output->showError( $this->lang->words['lostpass_external_fail'], 2013 ); //} IPSMember::save($member['member_id'], array('members' => $save_array)); /* Password has been changed! */ IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass); //----------------------------------------- // Send out the email... //----------------------------------------- $message = array('NAME' => $member['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildUrl('app=core&module=usercp&tab=core&area=email', 'publicNoSession'), 'PASSWORD' => $new_pass, 'LOGIN' => $this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login', 'publicNoSession'), 'USERNAME' => $member['name'], 'EMAIL' => $member['email'], 'ID' => $member['member_id']); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("lost_pass_email_pass", $member['language'])); IPSText::getTextClass('email')->buildPlainTextContent($message); IPSText::getTextClass('email')->buildHtmlContent($message); IPSText::getTextClass('email')->subject = $this->lang->words['lp_random_pass_subject'] . ' ' . $this->settings['board_name']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); $this->registry->output->setTitle($this->lang->words['activation_form'] . ' - ' . ipsRegistry::$settings['board_name']); $this->output = $this->registry->getClass('output')->getTemplate('register')->showLostPassWaitRandom($member); } else { if ($_POST['pass1'] == "") { $this->registry->output->showError('pass_blank', 10184); } if ($_POST['pass2'] == "") { $this->registry->output->showError('pass_blank', 10185); } $pass_a = trim($this->request['pass1']); $pass_b = trim($this->request['pass2']); /* There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770 if( strlen( $pass_a ) < 3 ) { $this->registry->output->showError( 'pass_too_short', 10186 ); } */ if ($pass_a != $pass_b) { $this->registry->output->showError('pass_no_match', 10187); } $new_pass = md5($pass_a); /* Update Member Array */ $save_array = array(); /* Generate a new salt */ $salt = IPSMember::generatePasswordSalt(5); $salt = str_replace('\\', "\\\\", $salt); /* New log in key */ $key = IPSMember::generateAutoLoginKey(); /* Update Array */ $save_array['members_pass_salt'] = $salt; $save_array['members_pass_hash'] = md5(md5($salt) . $new_pass); $save_array['member_login_key'] = $key; $save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24; $save_array['failed_logins'] = null; $save_array['failed_login_count'] = 0; /* Change the password */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->changePass($member['email'], $new_pass, $pass_a, $member); //----------------------------------------- // We'll ignore any remote errors //----------------------------------------- /*if( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' ) { // Pass not changed remotely }*/ /* Update the member */ IPSMember::save($member['member_id'], array('members' => $save_array)); /* Password has been changed! */ IPSLib::runMemberSync('onPassChange', $member['member_id'], $pass_a); /* Remove "dead" validation */ $this->DB->delete('validating', "vid='{$validate['vid']}' OR (member_id={$member['member_id']} AND lost_pass=1)"); $this->registry->output->silentRedirect($this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login&do=autologin&frompass=1')); } } }
/** * Edit a member [process] * * @return @e void */ protected function _memberDoEdit() { //----------------------------------------- // INIT //----------------------------------------- $this->request['member_id'] = intval($this->request['member_id']); //----------------------------------------- // Send to form if this isn't a POST request //----------------------------------------- if ($this->request['request_method'] != 'post') { $this->_memberView(); return; } //----------------------------------------- // Auth check... //----------------------------------------- ipsRegistry::getClass('adminFunctions')->checkSecurityKey($this->request['secure_key']); //----------------------------------------- // Load and config the std/rte editors //----------------------------------------- IPSText::getTextClass('editor')->from_acp = 1; //----------------------------------------- // Get member //----------------------------------------- $member = IPSMember::load($this->request['member_id'], 'all'); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['member_id'] != $this->memberData['member_id'] and $member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin')) { $this->registry->output->global_message = $this->lang->words['m_editadmin']; $this->_memberView(); return; } //----------------------------------------- // Allowed to change an admin's groups? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin1')) { $same = false; if ($this->request['member_group_id'] == $member['member_group_id']) { $member['mgroup_others'] = IPSText::cleanPermString($member['mgroup_others']); $omgroups = $member['mgroup_others'] ? explode(',', $member['mgroup_others']) : array(); $groups = $this->request['mgroup_others'] ? $this->request['mgroup_others'] : array(); if (!count(array_diff($omgroups, $groups)) and !count(array_diff($groups, $omgroups))) { $same = true; } } if (!$same) { $this->registry->output->global_message = $this->lang->words['m_admindemote']; $this->_memberView(); return; } } //----------------------------------------- // What about promoting to admin? //----------------------------------------- if (!$member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin2')) { $groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array(); $groups[] = intval($this->request['member_group_id']); foreach ($groups as $group_id) { if ($this->caches['group_cache'][$group_id]['g_access_cp']) { $this->registry->output->global_message = $this->lang->words['m_adminpromote']; $this->_memberView(); return; } } } //----------------------------------------- // What about moving member in general? //----------------------------------------- if ($this->request['member_group_id'] != $member['member_group_id'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move')) { $this->registry->output->global_message = $this->lang->words['m_movemembers']; $this->_memberView(); return; } //----------------------------------------- // Restricted? //----------------------------------------- $restricted = (is_array($this->registry->getClass('class_permissions')->restrictions_row) and count($this->registry->getClass('class_permissions')->restrictions_row)) ? true : false; /* Load editor stuff */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/editor/composite.php', 'classes_editor_composite'); $_editor = new $classToLoad(); /* Load parser */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/text/parser.php', 'classes_text_parser'); $parser = new $classToLoad(); /* Get signature */ $_editor->setAllowBbcode(true); $_editor->setAllowSmilies(false); $_editor->setIsHtml($this->request['bw_html_sig'] && $member['g_dohtml']); $_editor->setAllowHtml($member['g_dohtml']); $_editor->setBbcodeSection('signatures'); $signature = $_editor->process($_POST['signature']); $cacheSignature = $parser->display($signature); /* About me editor */ $_editor->setAllowBbcode(true); $_editor->setAllowSmilies(true); $_editor->setAllowHtml($member['g_dohtml']); $_editor->setBbcodeSection('aboutme'); $aboutme = $_editor->process($_POST['aboutme']); //----------------------------------------- // Ok? Load interface and child classes //----------------------------------------- $additionalCore = array(); $additionalExtended = array(); $additionalMCache = array(); IPSLib::loadInterface('admin/member_form.php'); foreach (IPSLib::getEnabledApplications() as $app_dir => $app_data) { if (is_file(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php')) { $_class = IPSLib::loadLibrary(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php', 'admin_member_form__' . $app_dir, $app_dir); $_object = new $_class($this->registry); $remote = $_object->getForSave(); $additionalCore = is_array($remote['core']) ? array_merge($remote['core'], $additionalCore) : $additionalCore; $additionalExtended = is_array($remote['extendedProfile']) ? array_merge($remote['extendedProfile'], $additionalExtended) : $additionalExtended; $additionalMCache = is_array($remote['member_cache']) ? array_merge($remote['member_cache'], $additionalMCache) : $additionalMCache; } } //----------------------------------------- // Fix custom title // @see http://forums.invisionpower.com/index.php?app=tracker&showissue=17383 //----------------------------------------- $memberTitle = $this->request['title']; $rankCache = ipsRegistry::cache()->getCache('ranks'); if (is_array($rankCache) && count($rankCache)) { foreach ($rankCache as $k => $v) { if ($member['posts'] >= $v['POSTS']) { /* If this is the title passed to us from the form, we didn't have a custom title */ if ($v['TITLE'] == $memberTitle) { $memberTitle = ''; } break; } } } //----------------------------------------- // Start array //----------------------------------------- $newMember = array('member_group_id' => intval($this->request['member_group_id']), 'title' => $memberTitle, 'time_offset' => floatval($this->request['time_offset']), 'members_auto_dst' => intval($this->request['dstCheck']), 'dst_in_use' => intval($this->request['dstOption']), 'language' => $this->request['language'], 'skin' => intval($this->request['skin']), 'allow_admin_mails' => intval($this->request['allow_admin_mails']), 'view_sigs' => intval($this->request['view_sigs']), 'posts' => intval($this->request['posts']), 'bday_day' => intval($this->request['bday_day']), 'bday_month' => intval($this->request['bday_month']), 'bday_year' => intval($this->request['bday_year']), 'warn_level' => intval($this->request['warn_level']), 'members_disable_pm' => intval($this->request['members_disable_pm']), 'mgroup_others' => $this->request['mgroup_others'] ? ',' . implode(",", $this->request['mgroup_others']) . ',' : '', 'members_bitoptions' => IPSBWOPtions::freeze($this->request, 'members', 'global'), 'member_uploader' => $this->request['member_uploader']); //----------------------------------------- // Notifications library //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/member/notifications.php', 'notifications'); $notifyLibrary = new $classToLoad($this->registry); $notifyLibrary->setMember($member); //----------------------------------------- // Show the form //----------------------------------------- $_basicOptions = array(array('email', $this->lang->words['notopt__email']), array('inline', $this->lang->words['notopt__inline']), array('mobile', $this->lang->words['notopt__mobile'])); $_configOptions = $notifyLibrary->getNotificationData(); $_notifyConfig = $notifyLibrary->getMemberNotificationConfig($newMember); $_defaultConfig = $notifyLibrary->getDefaultNotificationConfig(); $_saveConfig = array(); foreach ($_configOptions as $option) { $_saveConfig[$option['key']] = array(); $_saveConfig[$option['key']]['selected'] = array(); //----------------------------------------- // Loop through and mark what we selected. // Do not allow changing of stuff from disable_override // and disabled, however //----------------------------------------- if (is_array($this->request['config_' . $option['key']]) and count($this->request['config_' . $option['key']])) { foreach ($this->request['config_' . $option['key']] as $_selected) { if (!is_array($_defaultConfig[$option['key']]['disabled']) or !in_array($_selected, $_defaultConfig[$option['key']]['disabled'])) { $_saveConfig[$option['key']]['selected'][] = $_selected; } } } if ($_defaultConfig[$option['key']]['disable_override']) { $_saveConfig[$option['key']]['selected'] = $_defaultConfig[$option['key']]['selected']; } } //----------------------------------------- // Save //----------------------------------------- IPSMember::packMemberCache($member['member_id'], array_merge($additionalMCache, array('notifications' => $_saveConfig, 'show_notification_popup' => intval($this->request['show_notification_popup']))), $member['members_cache']); //----------------------------------------- // Topic preferences //----------------------------------------- $_trackChoice = ''; if ($this->request['auto_track']) { if (in_array($this->request['auto_track_method'], array('none', 'immediate', 'offline', 'daily', 'weekly'))) { $_trackChoice = $this->request['auto_track_method']; } } $newMember['auto_track'] = $_trackChoice; //----------------------------------------- // Custom profile field stuff //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $fields = new $classToLoad(); $fields->initData('edit'); $fields->parseToSave($_POST); /* Check the website url field */ $website_field = $fields->getFieldIDByKey('website'); if ($website_field && $fields->out_fields['field_' . $website_field]) { if (stristr($fields->out_fields['field_' . $website_field], 'http://') === FALSE && stristr($fields->out_fields['field_' . $website_field], 'https://') === FALSE) { $fields->out_fields['field_' . $website_field] = 'http://' . $fields->out_fields['field_' . $website_field]; } } //----------------------------------------- // Throw to the DB //----------------------------------------- IPSMember::save($this->request['member_id'], array('core' => array_merge($newMember, $additionalCore), 'extendedProfile' => array_merge(array('pp_about_me' => $aboutme, 'signature' => $signature, 'pp_reputation_points' => intval($this->request['pp_reputation_points']), 'pp_setting_count_visitors' => intval($this->request['pp_setting_count_visitors']), 'pp_setting_count_comments' => intval($this->request['pp_setting_count_comments']), 'pp_setting_count_friends' => intval($this->request['pp_setting_count_friends']), 'pp_setting_moderate_comments' => intval($this->request['pp_setting_moderate_comments']), 'pp_setting_moderate_friends' => intval($this->request['pp_setting_moderate_friends']), 'pp_customization' => $this->request['removeCustomization'] ? serialize(array()) : $member['pp_customization']), $additionalExtended), 'customFields' => count($fields->out_fields) ? $fields->out_fields : array())); if ($member['member_group_id'] != $newMember['member_group_id']) { IPSLib::runMemberSync('onGroupChange', $this->request['member_id'], $newMember['member_group_id'], $member['member_group_id']); //----------------------------------------- // Remove restrictions if member demoted // Commenting out as this may cause more problems than it's worth // e.g. if you had accidentally changed their group, you'd need to reconfigure all restrictions //----------------------------------------- /*if( !$this->caches['group_cache'][ $newMember['member_group_id'] ]['g_access_cp'] ) { $this->DB->delete( 'admin_permission_rows', 'row_id=' . $member['member_id'] . " AND row_id_type='member'" ); }*/ //----------------------------------------- // Restriction permissions stuff //----------------------------------------- $is_admin = 0; $groups = ipsRegistry::cache()->getCache('group_cache'); if (is_array($this->request['mgroup_others']) and count($this->request['mgroup_others'])) { foreach ($this->request['mgroup_others'] as $omg) { if ($groups[intval($omg)]['g_access_cp']) { $is_admin = 1; break; } } } if ($groups[intval($this->request['member_group_id'])]['g_access_cp']) { $is_admin = 1; } if ($is_admin && $restricted) { //------------------------------------------------- // Copy restrictions if they do not have any yet... //------------------------------------------------- $check = $this->DB->buildAndFetch(array('select' => 'row_updated', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $this->request['member_id'])); if (!$check['row_updated']) { $this->DB->replace('admin_permission_rows', array('row_id' => $this->request['member_id'], 'row_id_type' => 'member', 'row_perm_cache' => serialize($this->registry->getClass('class_permissions')->restrictions_row), 'row_updated' => time()), array('row_id', 'row_id_type')); } } } //----------------------------------------- // Moved from validating group? //----------------------------------------- if ($member['member_group_id'] == $this->settings['auth_group']) { if ($this->request['member_group_id'] != $this->settings['auth_group']) { //----------------------------------------- // Yes... //----------------------------------------- $this->DB->delete('validating', "member_id=" . $this->request['member_id']); } } /* Update cache */ IPSContentCache::update($this->request['member_id'], 'sig', $cacheSignature); /* Rebuild birthday cache */ $this->cache->rebuildCache('birthdays', 'calendar'); //----------------------------------------- // Redirect //----------------------------------------- ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_editedlog'], $member['members_display_name'])); $this->registry->output->global_message = $this->lang->words['m_edited']; if ($is_admin) { if (!$restricted) { $member = IPSMember::load($member['member_id']); $this->_showAdminForm($member, array()); $this->_memberView(); } else { $this->registry->output->global_message = $this->lang->words['m_edited_restricted']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&member_id=' . $this->request['member_id']); } } else { $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&member_id=' . $this->request['member_id']); } }
/** * Edit a member [process] * * @access private * @return void [Outputs to screen] */ private function _memberDoEdit() { //----------------------------------------- // INIT //----------------------------------------- $this->request['member_id'] = intval($this->request['member_id']); //----------------------------------------- // Auth check... //----------------------------------------- ipsRegistry::getClass('adminFunctions')->checkSecurityKey($this->request['secure_key']); //----------------------------------------- // Load and config the std/rte editors //----------------------------------------- IPSText::getTextClass('editor')->from_acp = 1; //----------------------------------------- // Get member //----------------------------------------- $member = IPSMember::load($this->request['member_id'], 'all'); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['member_id'] != $this->memberData['member_id'] and $member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin')) { $this->registry->output->global_message = $this->lang->words['m_editadmin']; $this->_memberView(); return; } //----------------------------------------- // Allowed to change an admin's groups? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin1')) { $same = false; if ($this->request['member_group_id'] == $member['member_group_id']) { $omgroups = explode(',', IPSText::cleanPermString($member['mgroup_others'])); $groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array(); if (!count(array_diff($omgroups, $groups))) { $same = true; } } if (!$same) { $this->registry->output->global_message = $this->lang->words['m_admindemote']; $this->_memberView(); return; } } //----------------------------------------- // What about promoting to admin? //----------------------------------------- if (!$member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin2')) { $groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array(); $groups[] = intval($this->request['member_group_id']); foreach ($groups as $group_id) { if ($this->caches['group_cache'][$group_id]['g_access_cp']) { $this->registry->output->global_message = $this->lang->words['m_adminpromote']; $this->_memberView(); return; } } } if ($this->request['identity_url']) { $account = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "identity_url='" . trim($this->request['identity_url']) . "' AND member_id<>" . $member['member_id'])); if ($account['member_id']) { $this->registry->output->global_message = $this->lang->words['identity_url_inuse']; $this->_memberView(); return; } } //----------------------------------------- // Convert sig //----------------------------------------- $signature = IPSText::getTextClass('editor')->processRawPost('signature'); IPSText::getTextClass('bbcode')->parse_smilies = 0; IPSText::getTextClass('bbcode')->parse_bbcode = $this->settings['sig_allow_ibc']; IPSText::getTextClass('bbcode')->parse_html = $this->settings['sig_allow_html']; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parsing_section = 'signatures'; $signature = IPSText::getTextClass('bbcode')->preDbParse($signature); $cacheSignature = IPSText::getTextClass('bbcode')->preDisplayParse($signature); //----------------------------------------- // And 'About Me' //----------------------------------------- $aboutme = IPSText::getTextClass('editor')->processRawPost('aboutme'); IPSText::getTextClass('bbcode')->parse_smilies = $this->settings['aboutme_emoticons']; IPSText::getTextClass('bbcode')->parse_bbcode = $this->settings['aboutme_bbcode']; IPSText::getTextClass('bbcode')->parse_html = $this->settings['aboutme_html']; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parsing_section = 'aboutme'; $aboutme = IPSText::getTextClass('bbcode')->preDbParse($aboutme); //----------------------------------------- // Ok? Load interface and child classes //----------------------------------------- $additionalCore = array(); $additionalExtended = array(); IPSLib::loadInterface('admin/member_form.php'); foreach (ipsRegistry::$applications as $app_dir => $app_data) { if (!IPSLib::appIsInstalled($app_dir)) { continue; } if (file_exists(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php')) { require_once IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php'; $_class = 'admin_member_form__' . $app_dir; $_object = new $_class($this->registry); $remote = $_object->getForSave(); $additionalCore = array_merge($remote['core'], $additionalCore); $additionalExtended = array_merge($remote['extendedProfile'], $additionalExtended); } } //----------------------------------------- // Fix custom title // @see http://forums./index.php?app=tracker&showissue=17383 //----------------------------------------- $memberTitle = $this->request['title']; $rankCache = ipsRegistry::cache()->getCache('ranks'); if (is_array($rankCache) && count($rankCache)) { foreach ($rankCache as $k => $v) { if ($member['posts'] >= $v['POSTS']) { /* If this is the title passed to us from the form, we didn't have a custom title */ if ($v['TITLE'] == $memberTitle) { $memberTitle = ''; } break; } } } $newMember = array('member_group_id' => intval($this->request['member_group_id']), 'title' => $memberTitle, 'time_offset' => floatval($this->request['time_offset']), 'language' => $this->request['language'], 'skin' => intval($this->request['skin']), 'hide_email' => intval($this->request['hide_email']), 'allow_admin_mails' => intval($this->request['allow_admin_mails']), 'view_sigs' => intval($this->request['view_sigs']), 'view_pop' => intval($this->request['view_pop']), 'email_pm' => intval($this->request['email_pm']), 'posts' => intval($this->request['posts']), 'bday_day' => intval($this->request['bday_day']), 'bday_month' => intval($this->request['bday_month']), 'bday_year' => intval($this->request['bday_year']), 'warn_level' => intval($this->request['warn_level']), 'members_disable_pm' => intval($this->request['members_disable_pm']), 'mgroup_others' => $_POST['mgroup_others'] ? ',' . implode(",", $_POST['mgroup_others']) . ',' : '', 'identity_url' => trim($this->request['identity_url'])); //----------------------------------------- // Throw to the DB //----------------------------------------- IPSMember::save($this->request['member_id'], array('core' => array_merge($newMember, $additionalCore), 'extendedProfile' => array_merge(array('pp_gender' => $this->request['pp_gender'] == 'male' ? 'male' : ($this->request['pp_gender'] == 'female' ? 'female' : ''), 'pp_bio_content' => IPSText::mbsubstr(nl2br($this->request['pp_bio_content']), 0, 300), 'pp_about_me' => $aboutme, 'signature' => $signature, 'pp_reputation_points' => intval($this->request['pp_reputation_points']), 'pp_status' => $this->request['pp_status'], 'pp_setting_count_visitors' => intval($this->request['pp_setting_count_visitors']), 'pp_setting_count_comments' => intval($this->request['pp_setting_count_comments']), 'pp_setting_count_friends' => intval($this->request['pp_setting_count_friends']), 'pp_setting_notify_comments' => $this->request['pp_setting_notify_comments'], 'pp_setting_notify_friend' => $this->request['pp_setting_notify_friend'], 'pp_setting_moderate_comments' => intval($this->request['pp_setting_moderate_comments']), 'pp_setting_moderate_friends' => intval($this->request['pp_setting_moderate_friends'])), $additionalExtended))); if ($member['member_group_id'] != $newMember['member_group_id']) { IPSLib::runMemberSync('onGroupChange', $this->request['member_id'], $newMember['member_group_id']); //----------------------------------------- // Remove restrictions if member demoted // Commenting out as this may cause more problems than it's worth // e.g. if you had accidentally changed their group, you'd need to reconfigure all restrictions //----------------------------------------- /*if( !$this->caches['group_cache'][ $newMember['member_group_id'] ]['g_access_cp'] ) { $this->DB->delete( 'admin_permission_rows', 'row_id=' . $member['member_id'] . " AND row_id_type='member'" ); }*/ } //----------------------------------------- // Restriction permissions stuff //----------------------------------------- if (is_array($this->registry->getClass('class_permissions')->restrictions_row) and count($this->registry->getClass('class_permissions')->restrictions_row)) { $is_admin = 0; $groups = ipsRegistry::cache()->getCache('group_cache'); if (is_array($this->request['mgroup_others']) and count($this->request['mgroup_others'])) { foreach ($this->request['mgroup_others'] as $omg) { if ($groups[intval($omg)]['g_access_cp']) { $is_admin = 1; break; } } } if ($groups[intval($this->request['member_group_id'])]['g_access_cp']) { $is_admin = 1; } if ($is_admin) { //------------------------------------------------- // Copy restrictions if they do not have any yet... //------------------------------------------------- $check = $this->DB->buildAndFetch(array('select' => 'row_updated', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $this->request['member_id'])); if (!$check['row_updated']) { $this->DB->replace('admin_permission_rows', array('row_id' => $this->request['member_id'], 'row_id_type' => 'member', 'row_perm_cache' => serialize($this->registry->getClass('class_permissions')->restrictions_row), 'row_updated' => time()), array('row_id', 'row_id_type')); } } } //----------------------------------------- // Moved from validating group? //----------------------------------------- if ($member['member_group_id'] == $this->settings['auth_group']) { if ($this->request['member_group_id'] != $this->settings['auth_group']) { //----------------------------------------- // Yes... //----------------------------------------- $this->DB->delete('validating', "member_id=" . $this->request['member_id']); } } //----------------------------------------- // Custom profile field stuff //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $fields = new customProfileFields(); $fields->initData('edit'); $fields->parseToSave($_POST); //----------------------------------------- // Custom profile field stuff //----------------------------------------- if (count($fields->out_fields)) { //----------------------------------------- // Do we already have an entry in // the content table? //----------------------------------------- $test = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'pfields_content', 'where' => 'member_id=' . $this->request['member_id'])); if ($test['member_id']) { //----------------------------------------- // We have it, so simply update //----------------------------------------- $this->DB->force_data_type = array(); foreach ($fields->out_fields as $_field => $_data) { $this->DB->force_data_type[$_field] = 'string'; } $this->DB->update('pfields_content', $fields->out_fields, 'member_id=' . $this->request['member_id']); } else { $this->DB->force_data_type = array(); foreach ($fields->out_fields as $_field => $_data) { $this->DB->force_data_type[$_field] = 'string'; } $fields->out_fields['member_id'] = $this->request['member_id']; $this->DB->insert('pfields_content', $fields->out_fields); } } /* Update cache */ IPSContentCache::update($this->request['member_id'], 'sig', $cacheSignature); //----------------------------------------- // Redirect //----------------------------------------- ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_editedlog'], $member['members_display_name'])); $this->registry->output->global_message = $this->lang->words['m_edited']; $newMember['member_id'] = $this->request['member_id']; $newMember['members_display_name'] = $member['members_display_name']; $triggerGroups = $member['mgroup_others'] ? implode(',', array_merge(is_array($member['mgroup_others']) ? $member['mgroup_others'] : array(), array($member['member_group_id']))) : $member['member_group_id']; //$this->_memberView(); $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&trigger=' . $triggerGroups . '&member_id=' . $this->request['member_id']); }
/** * UserCP Save Form: Email Address * * @return mixed Array of errors / boolean true */ public function saveFormEmailPassword() { //----------------------------------------- // INIT //----------------------------------------- $_emailOne = strtolower(trim($this->request['in_email_1'])); $_emailTwo = strtolower(trim($this->request['in_email_2'])); $cur_pass = trim($this->request['current_pass']); $new_pass = trim($this->request['new_pass_1']); $chk_pass = trim($this->request['new_pass_2']); $isRemote = (!$this->memberData['bw_local_password_set'] and $this->memberData['members_created_remote']) ? true : false; if ($cur_pass or $new_pass) { if ($this->memberData['g_access_cp']) { return array(0 => $this->lang->words['admin_emailpassword']); } if ($isRemote === false and (!$_POST['current_pass'] or empty($new_pass) or empty($chk_pass))) { return array(0 => $this->lang->words['complete_entire_form']); } //----------------------------------------- // Do the passwords actually match? //----------------------------------------- if ($new_pass != $chk_pass) { return array(0 => $this->lang->words['passwords_not_matchy']); } //----------------------------------------- // Check password... //----------------------------------------- if ($isRemote === false) { if ($this->_checkPassword($cur_pass) !== TRUE) { return array(0 => $this->lang->words['current_pw_bad']); } } else { /* This is INIT in _checkPassword */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); } //----------------------------------------- // Create new password... //----------------------------------------- $md5_pass = md5($new_pass); //----------------------------------------- // han_login was loaded during check_password //----------------------------------------- $this->han_login->changePass($this->memberData['email'], $md5_pass, $new_pass, $this->memberData); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') { return array(0 => $this->lang->words['hanlogin_pw_failed']); } //----------------------------------------- // Update the DB //----------------------------------------- IPSMember::updatePassword($this->memberData['email'], $md5_pass); IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $new_pass); //----------------------------------------- // Update members log in key... //----------------------------------------- $key = IPSMember::generateAutoLoginKey(); IPSMember::save($this->memberData['member_id'], array('core' => array('member_login_key' => $key, 'bw_local_password_set' => 1))); $this->ok_message = $this->lang->words['pw_change_successful']; } if ($_emailOne or $_emailTwo) { //----------------------------------------- // Do not allow validating members to change // email when admin validation is on // @see http://community.invisionpower.com/tracker/issue-19964-loophole-in-registration-procedure/ //----------------------------------------- if ($this->memberData['member_group_id'] == $this->settings['auth_group'] and in_array($this->settings['reg_auth_type'], array('admin', 'admin_user'))) { $this->registry->output->showError($this->lang->words['admin_val_no_email_chg'], 10190); } //----------------------------------------- // Check input //----------------------------------------- if ($this->memberData['g_access_cp']) { return array(0 => $this->lang->words['admin_emailpassword']); } if (!$_POST['in_email_1'] or !$_POST['in_email_2']) { return array(0 => $this->lang->words['complete_entire_form']); } //----------------------------------------- // Check password... //----------------------------------------- if (!$this->_isFBUser) { if ($this->_checkPassword($this->request['password']) === FALSE) { return array(0 => $this->lang->words['current_pw_bad']); } } //----------------------------------------- // Test email addresses //----------------------------------------- if ($_emailOne != $_emailTwo) { return array(0 => $this->lang->words['emails_no_matchy']); } if (IPSText::checkEmailAddress($_emailOne) !== TRUE) { return array(0 => $this->lang->words['email_not_valid']); } //----------------------------------------- // Is this email addy taken? //----------------------------------------- if (IPSMember::checkByEmail($_emailOne) == TRUE) { return array(0 => $this->lang->words['email_is_taken']); } //----------------------------------------- // Load ban filters //----------------------------------------- $banfilters = array(); $this->DB->build(array('select' => '*', 'from' => 'banfilters')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $banfilters[$r['ban_type']][] = $r['ban_content']; } //----------------------------------------- // Check in banned list //----------------------------------------- if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) { foreach ($banfilters['email'] as $email) { $email = str_replace('\\*', '.*', preg_quote($email, "/")); if (preg_match("/^{$email}\$/i", $_emailOne)) { return array(0 => $this->lang->words['email_is_taken']); } } } //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) { return array(0 => $this->lang->words['email_is_taken']); } $this->han_login->changeEmail($this->memberData['email'], $_emailOne, $this->memberData); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') { return array(0 => $this->lang->words['email_is_taken']); } //----------------------------------------- // Want a new validation? NON ADMINS ONLY //----------------------------------------- if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) { //----------------------------------------- // Remove any existing entries //----------------------------------------- $_previous = $this->DB->buildAndFetch(array('select' => 'prev_email, real_group', 'from' => 'validating', 'where' => "member_id={$this->memberData['member_id']} AND email_chg=1")); if ($_previous['prev_email']) { $this->DB->delete('validating', "member_id={$this->memberData['member_id']} AND email_chg=1"); $this->memberData['email'] = $_previous['prev_email']; $this->memberData['member_group_id'] = $_previous['real_group']; } $validate_key = md5(IPSMember::makePassword() . time()); //----------------------------------------- // Update the new email, but enter a validation key // and put the member in "awaiting authorisation" // and send an email.. //----------------------------------------- $db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->member->ip_address, 'prev_email' => $this->memberData['email']); if ($this->memberData['member_group_id'] != $this->settings['auth_group']) { $db_str['real_group'] = $this->memberData['member_group_id']; } $this->DB->insert('validating', $db_str); IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']); IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne))); //----------------------------------------- // Update their session with the new member group //----------------------------------------- if ($this->member->session_id) { $this->member->sessionClass()->convertMemberToGuest(); } //----------------------------------------- // Kill the cookies to stop auto log in //----------------------------------------- IPSCookie::set('pass_hash', '-1', 0); IPSCookie::set('member_id', '-1', 0); IPSCookie::set('session_id', '-1', 0); //----------------------------------------- // Dispatch the mail, and return to the activate form. //----------------------------------------- IPSText::getTextClass('email')->getTemplate("newemail"); IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'publicNoSession', 'false'), 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=07", 'publicNoSession', 'false'), 'CODE' => $validate_key)); IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name']; IPSText::getTextClass('email')->to = $_emailOne; IPSText::getTextClass('email')->sendMail(); $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global&section=register&do=07'); } else { //----------------------------------------- // No authorisation needed, change email addy and return //----------------------------------------- IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']); IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne))); //----------------------------------------- // Add to OK message //----------------------------------------- $this->ok_message = $this->lang->words['ok_email_changed']; } } return TRUE; }
/** * Updates member's DB row name or members_display_name * * @todo [Future] Separate out forum specific stuff (moderators, etc) and move into hooks * @access public * @param string Member id * @param string New name * @param string Field to update (name or display name) * @return mixed True if update successful, otherwise exception or false * Error Codes: * NO_USER Could not load the user * NO_PERMISSION This user cannot change their display name at all * NO_MORE_CHANGES The user cannot change their display name again in this time period * NO_NAME No display name (or shorter than 3 chars was given) * ILLEGAL_CHARS The display name contains illegal characters * USER_NAME_EXISTS The username already exists */ public function updateName($member_id, $name, $field = 'members_display_name') { //----------------------------------------- // Load the member //----------------------------------------- $member = IPSMember::load($member_id); $_seoName = IPSText::makeSeoTitle($name); if (!$member['member_id']) { throw new Exception("NO_USER"); } //----------------------------------------- // Make sure name does not exist //----------------------------------------- try { if ($this->checkNameExists($name, $member, $field) === TRUE) { throw new Exception("USER_NAME_EXISTS"); } else { if ($field == 'members_display_name') { $this->DB->force_data_type = array('dname_previous' => 'string', 'dname_current' => 'string'); $this->DB->insert('dnames_change', array('dname_member_id' => $member_id, 'dname_date' => time(), 'dname_ip_address' => $member['ip_address'], 'dname_previous' => $member['members_display_name'], 'dname_current' => $name)); //----------------------------------------- // Still here? Change it then //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'members_seo_name' => $_seoName))); $this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string'); $this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->force_data_type = array('member_name' => 'string', 'seo_name' => 'string'); $this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']); $this->DB->force_data_type = array('starter_name' => 'string', 'seo_first_name' => 'string'); $this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']); $this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string'); $this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); } else { //----------------------------------------- // If one gets here, one can assume that the new name is correct for one, er...one. // So, lets do the converteroo //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('name' => $name, 'members_l_username' => strtolower($name), 'members_seo_name' => $_seoName))); $this->DB->force_data_type = array('member_name' => 'string'); $this->DB->update('moderators', array('member_name' => $name), "member_id=" . $member['member_id']); if (!$this->settings['auth_allow_dnames']) { //----------------------------------------- // Not using sep. display names? //----------------------------------------- IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'members_seo_name' => $_seoName))); $this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string'); $this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); $this->DB->force_data_type = array('member_name' => 'string', 'seo_name' => 'string'); $this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']); $this->DB->force_data_type = array('starter_name' => 'string', 'seo_first_name' => 'string'); $this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']); $this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string'); $this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']); } } //----------------------------------------- // Recache moderators //----------------------------------------- $this->registry->cache()->rebuildCache('moderators', 'forums'); //----------------------------------------- // Recache announcements //----------------------------------------- $this->registry->cache()->rebuildCache('announcements', 'forums'); //----------------------------------------- // Stats to Update? //----------------------------------------- $this->registry->cache()->rebuildCache('stats', 'core'); IPSLib::runMemberSync('onNameChange', $member['member_id'], $name); return TRUE; } } catch (Exception $error) { throw new Exception($error->getMessage()); } }
/** * Change a member's password * * @return @e void [Outputs to screen] */ protected function save_password() { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval($this->request['member_id']); $password = IPSText::parseCleanValue($_POST['password']); $password2 = IPSText::parseCleanValue($_POST['password2']); $new_key = intval($this->request['new_key']); $new_salt = intval($this->request['new_salt']); $salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5)); $key = IPSMember::generateAutoLoginKey(); $md5_once = md5(trim($password)); //----------------------------------------- // AJAX debug //----------------------------------------- IPSDebug::fireBug('info', array('Password: '******'password_nogood']); } if ($password != $password2) { $this->registry->output->showError($this->lang->words['m_passmatch']); } //----------------------------------------- // Get member //----------------------------------------- $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->registry->output->showError($this->lang->words['m_editadmin']); } //----------------------------------------- // Check Converge: Password //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $han_login = new $classToLoad($this->registry); $han_login->init(); $han_login->changePass($member['email'], $md5_once, $password, $member); /*if ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) { $this->returnJsonError( $this->lang->words['m_passchange']); exit(); }*/ //----------------------------------------- // Local DB //----------------------------------------- $update = array(); if ($new_salt) { $update['members_pass_salt'] = $salt; } if ($new_key) { $update['member_login_key'] = $key; } if (count($update)) { IPSMember::save($member_id, array('core' => $update)); } IPSMember::updatePassword($member_id, $md5_once); IPSLib::runMemberSync('onPassChange', $member_id, $password); ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_passlog'], $member_id)); $this->registry->output->global_message = $this->lang->words['pw_updated_success']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id); }
/** * Displays the registration form * * @access public * @param array $form_errors * @return void */ public function registerForm($form_errors = array()) { /* INIT */ $final_errors = array(); if ($this->settings['no_reg'] == 1) { $this->registry->output->showError('registration_disabled', 10123); } $coppa = IPSCookie::get('coppa'); if ($coppa == 'yes') { $this->registry->output->showError('awaiting_coppa', 10124); } $this->settings['username_errormsg'] = str_replace('{chars}', $this->settings['username_characters'], $this->settings['username_errormsg']); /* Read T&Cs yet? */ if (!$this->request['termsread']) { if ($this->memberData['member_id']) { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $this->han_login = new han_login($this->registry); $this->han_login->init(); //----------------------------------------- // Set some cookies //----------------------------------------- IPSCookie::set("member_id", "0"); IPSCookie::set("pass_hash", "0"); IPSCookie::set("anonlogin", "-1"); if (is_array($_COOKIE)) { foreach ($_COOKIE as $cookie => $value) { if (stripos($cookie, $this->settings['cookie_id'] . "ipbforum") !== false) { IPSCookie::set(str_replace($this->settings['cookie_id'], "", $match[0]), '-', -1); } } } //----------------------------------------- // Logout callbacks... //----------------------------------------- $this->han_login->logoutCallback(); //----------------------------------------- // Do it.. //----------------------------------------- $this->member->sessionClass()->convertMemberToGuest(); list($privacy, $loggedin) = explode('&', $this->memberData['login_anonymous']); IPSMember::save($this->memberData['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => time()))); } /* Continue */ $cache = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'core_sys_conf_settings', 'where' => "conf_key='reg_rules'")); $text = $cache['conf_value'] ? $cache['conf_value'] : $cache['conf_default']; /* Load the Parser */ IPSText::getTextClass('bbcode')->bypass_badwords = 1; IPSText::getTextClass('bbcode')->parse_smilies = 1; IPSText::getTextClass('bbcode')->parse_html = 1; IPSText::getTextClass('bbcode')->parse_bbcode = 1; IPSText::getTextClass('bbcode')->parsing_section = 'global'; $text = IPSText::getTextClass('bbcode')->preDbParse($text); $text = IPSText::getTextClass('bbcode')->preDisplayParse($text); $this->registry->output->setTitle($this->lang->words['registration_form']); $this->registry->output->addNavigation($this->lang->words['registration_form'], ''); $this->output .= $this->registry->output->getTemplate('register')->registerShowTerms($text, $coppa); return; } else { /* Did we agree to the t&c? */ if (!$this->request['agree_to_terms']) { $this->registry->output->showError('must_agree_to_terms', 10125); } } /* Do we have another URL that one needs to visit to register? */ $this->DB->build(array('select' => '*', 'from' => 'login_methods', 'where' => 'login_enabled=1')); $this->DB->execute(); while ($r = $this->DB->fetch()) { if ($r['login_register_url']) { $this->registry->output->silentRedirect($r['login_register_url']); exit; } } /* Continue... */ if ($this->settings['reg_auth_type']) { if ($this->settings['reg_auth_type'] == 'admin_user' or $this->settings['reg_auth_type'] == 'user') { $this->lang->words['std_text'] .= "<br />" . $this->lang->words['email_validate_text']; } /* User then admin? */ if ($this->settings['reg_auth_type'] == 'admin_user') { $this->lang->words['std_text'] .= "<br />" . $this->lang->words['user_admin_validation']; } if ($this->settings['reg_auth_type'] == 'admin') { $this->lang->words['std_text'] .= "<br />" . $this->lang->words['just_admin_validation']; } } $captchaHTML = ''; $qandaHTML = ''; $this->cache->updateCacheWithoutSaving('_hasStep3', 0); /* Q and A Challenge */ if ($this->settings['registration_qanda']) { // Grab a random question... $question = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'order' => 'rand()', 'limit' => array(1))); if (count($question)) { $qandaHTML = $this->registry->output->getTemplate('global_other')->questionAndAnswer($question); } } /* Custom Profile Fields */ $custom_fields_out = array('required', 'optional'); require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $custom_fields = new customProfileFields(); $custom_fields->member_data = $member; $custom_fields->initData('edit'); $custom_fields->parseToEdit('register'); if (count($custom_fields->out_fields)) { $this->cache->updateCacheWithoutSaving('_hasStep3', 1); foreach ($custom_fields->out_fields as $id => $form_element) { if ($custom_fields->cache_data[$id]['pf_not_null'] == 1) { $ftype = 'required'; } else { $ftype = 'optional'; } $custom_fields_out[$ftype][] = array('name' => $custom_fields->field_names[$id], 'desc' => $custom_fields->field_desc[$id], 'field' => $form_element, 'id' => $id, 'error' => $error, 'type' => $custom_fields->cache_data[$id]['pf_type']); } } /* CAPTCHA */ if ($this->settings['bot_antispam']) { $captchaHTML = $this->registry->getClass('class_captcha')->getTemplate(); } $this->registry->output->setTitle($this->lang->words['registration_form']); $this->registry->output->addNavigation($this->lang->words['registration_form'], ''); /* Other errors */ $final_errors = array('username' => NULL, 'dname' => NULL, 'password' => NULL, 'email' => NULL); foreach (array('username', 'dname', 'password', 'email') as $thing) { if (isset($form_errors[$thing]) and is_array($form_errors[$thing]) and count($form_errors[$thing])) { $final_errors[$thing] = implode("<br />", $form_errors[$thing]); } } $this->request['UserName'] = $this->request['UserName'] ? $this->request['UserName'] : ''; $this->request['PassWord'] = $this->request['PassWord'] ? $this->request['PassWord'] : ''; $this->request['EmailAddress'] = $this->request['EmailAddress'] ? $this->request['EmailAddress'] : ''; $this->request['EmailAddress_two'] = $this->request['EmailAddress_two'] ? $this->request['EmailAddress_two'] : ''; $this->request['PassWord_Check'] = $this->request['PassWord_Check'] ? $this->request['PassWord_Check'] : ''; $this->request['members_display_name'] = $this->request['members_display_name'] ? $this->request['members_display_name'] : ''; $this->request['time_offset'] = $this->request['time_offset'] ? $this->request['time_offset'] : ''; $this->request['allow_member_mail'] = $this->request['allow_member_mail'] ? $this->request['allow_member_mail'] : ''; $this->request['dst'] = $this->request['dst'] ? $this->request['dst'] : ''; /* Time zone... */ $this->registry->class_localization->loadLanguageFile(array('public_usercp'), 'core'); $time_select = array(); foreach ($this->lang->words as $k => $v) { if (strpos($k, "time_") === 0) { $k = str_replace("time_", '', $k); if (preg_match("/^[\\-\\d\\.]+\$/", $k)) { $time_select[$k] = $v; } } } ksort($time_select); /* set default.. */ $this->request['time_offset'] = $this->request['time_offset'] ? $this->request['time_offset'] : $this->settings['time_offset']; /* Need username? */ $uses_name = false; foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_user_id'] == 'username') { $uses_name = true; } } /* Get form HTML */ $this->output .= $this->registry->output->getTemplate('register')->registerForm($form_errors['general'], array('TEXT' => $this->lang->words['std_text'], 'coppa_user' => $coppa, 'captchaHTML' => $captchaHTML, 'qandaHTML' => $qandaHTML, 'requireName' => $uses_name), $final_errors, $time_select, $custom_fields_out); /* Run the member sync module */ IPSLib::runMemberSync('onRegisterForm'); }
public function changePW($newPass, $member, $currentPass = false) { //----------------------------------------- // INIT //----------------------------------------- $save_array = array(); //----------------------------------------- // Generate a new random password //----------------------------------------- $new_pass = IPSText::parseCleanValue(urldecode($newPass)); //----------------------------------------- // Generate a new salt //----------------------------------------- $salt = IPSMember::generatePasswordSalt(5); $salt = str_replace('\\', "\\\\", $salt); //----------------------------------------- // New log in key //----------------------------------------- $key = IPSMember::generateAutoLoginKey(); //----------------------------------------- // Update... //----------------------------------------- $save_array['members_pass_salt'] = $salt; $save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass)); $save_array['member_login_key'] = $key; $save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24; $save_array['failed_logins'] = null; $save_array['failed_login_count'] = 0; //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member); IPSMember::save($member['member_id'], array('members' => $save_array)); IPSMember::updatePassword($member['member_id'], md5($new_pass)); IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass); }
/** * Wrapper for loginAuthenticate - returns more information * * @return mixed array [0=Words to show, 1=URL to send to, 2=error message language key] */ public function verifyLogin() { $url = ""; $member = array(); $username = ''; $email = ''; $password = trim($this->request['ips_password']); $errors = ''; $core = array(); $mobileSSO = false; $memberData = $this->registry->member()->fetchMemberData(); /* Mobile app + sso */ if ($memberData['userAgentType'] == 'mobileApp') { $file = IPS_ROOT_PATH . 'sources/classes/session/ssoMobileAppLogIn.php'; if (is_file($file)) { require_once $file; if (class_exists('ssoMobileAppLogIn')) { $mobileSSO = true; $logIn = new ssoMobileAppLogIn($this->registry); $done = $logIn->authenticate($this->request['ips_username'], $password); $this->return_code = $done['code']; $this->member_data = IPSMember::load(intval($done['memberId'])); $member = $this->member_data; } } } /* No mobile log in? Log in normally */ if (!$mobileSSO) { //----------------------------------------- // Is this a username or email address? //----------------------------------------- if (IPSText::checkEmailAddress($this->request['ips_username'])) { $email = $this->request['ips_username']; } else { $username = $this->request['ips_username']; } //----------------------------------------- // Check auth //----------------------------------------- $this->loginAuthenticate($username, $email, $password); $member = $this->member_data; } //----------------------------------------- // Check return code... //----------------------------------------- if ($this->return_code != 'SUCCESS') { if ($this->return_code == 'MISSING_DATA') { return array(null, null, 'complete_form'); } if ($this->return_code == 'ACCOUNT_LOCKED') { $extra = "<!-- -->"; if ($this->settings['ipb_bruteforce_unlock']) { if ($this->account_unlock) { $time = time() - $this->account_unlock; $time = $this->settings['ipb_bruteforce_period'] - ceil($time / 60) > 0 ? $this->settings['ipb_bruteforce_period'] - ceil($time / 60) : 1; } } return array(null, null, $this->settings['ipb_bruteforce_unlock'] ? 'bruteforce_account_unlock' : 'bruteforce_account_lock', $time); } else { if ($this->return_code == 'MISSING_EXTENSIONS') { return array(null, null, 'missing_extensions'); } else { if ($this->return_code == 'FLAGGED_REMOTE') { return array(null, null, 'flagged_remote'); } else { if ($this->return_code == 'VALIDATING') { if ($this->revalidate_url == 'ADMIN_VALIDATION') { return array(null, null, 'validating_remote', ipsRegistry::getClass('class_localization')->words['admin_validation_msg']); } else { return array(null, null, 'validating_remote', "<a href='{$this->revalidate_url}' target='_blank'>" . ipsRegistry::getClass('class_localization')->words['resend_val'] . "</a>"); } } else { return array(null, null, 'wrong_auth'); } } } } } //----------------------------------------- // Is this a partial member? // Not completed their sign in? //----------------------------------------- if ($member['members_created_remote'] and isset($member['full']) and !$member['full']) { return array($this->registry->getClass('class_localization')->words['partial_login'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=complete_login&mid=' . $member['member_id'] . '&key=' . $member['timenow']); } //----------------------------------------- // Generate a new log in key //----------------------------------------- $_ok = 1; $_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0; $_sticky = $_time ? 0 : 1; $_days = $_time ? $this->settings['login_key_expire'] : 365; if (!$member['member_login_key'] or $this->settings['login_key_expire'] and time() > $member['member_login_key_expire']) { $member['member_login_key'] = IPSMember::generateAutoLoginKey(); $core['member_login_key'] = $member['member_login_key']; $core['member_login_key_expire'] = $_time; } //----------------------------------------- // Cookie me softly? //----------------------------------------- if ($this->request['rememberMe']) { IPSCookie::set("member_id", $member['member_id'], 1, 0, FALSE, TRUE); IPSCookie::set("pass_hash", $member['member_login_key'], $_sticky, $_days, FALSE, TRUE); IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '1', $_sticky, $_days, FALSE, FALSE); } else { // Ticket 824266 // IPSCookie::set( "member_id" , $member['member_id'], 0 ); // IPSCookie::set( "pass_hash" , $member['member_login_key'], 0 ); IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '1', 0, 0, FALSE, FALSE); } //----------------------------------------- // Remove any COPPA cookies previously set //----------------------------------------- IPSCookie::set("coppa", '0', 0); //----------------------------------------- // Update profile if IP addr missing //----------------------------------------- if ($member['ip_address'] == "" or $member['ip_address'] == '127.0.0.1') { $core['ip_address'] = $this->registry->member()->ip_address; } //----------------------------------------- // Create / Update session //----------------------------------------- $privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['anonymous']) ? 1 : 0; $session_id = $this->registry->member()->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy)); if (!empty($this->request['referer']) and $this->request['section'] != 'register') { if (stripos($this->request['referer'], 'section=register') or stripos($this->request['referer'], 'section=login') or stripos($this->request['referer'], 'section=lostpass') or stripos($this->request['referer'], CP_DIRECTORY . '/')) { $url = $this->settings['base_url']; } else { $url = str_replace('&', '&', $this->request['referer']); if ($this->registry->member()->session_type == 'cookie') { $url = preg_replace('#s=(\\w){32}#', "", $url); } } } else { $url = $this->settings['base_url']; } //----------------------------------------- // Set our privacy status //----------------------------------------- $core['login_anonymous'] = intval($privacy) . '&1'; $core['failed_logins'] = ''; $core['failed_login_count'] = 0; IPSMember::save($member['member_id'], array('core' => $core)); //----------------------------------------- // Clear out any passy change stuff //----------------------------------------- $this->DB->delete('validating', 'member_id=' . $this->registry->member()->getProperty('member_id') . ' AND lost_pass=1'); //----------------------------------------- // Run member sync //----------------------------------------- $member['plainPassword'] = $password; IPSLib::runMemberSync('onLogin', $member); unset($member['plainPassword']); //----------------------------------------- // Redirect them to either the board // index, or where they came from //----------------------------------------- if (!empty($this->request['return'])) { $return = urldecode($this->request['return']); if (strpos($return, "http://") === 0 || strpos($return, "https://") === 0) { return array($this->registry->getClass('class_localization')->words['partial_login'], $return); } } //----------------------------------------- // Still here? //----------------------------------------- return array($this->registry->getClass('class_localization')->words['partial_login'], $url); }
/** * Create a local member account [public interface] * * @access public * @param array Member Information [members,pfields,profile_portal] * @return array New member information */ public function createLocalMember($member) { $member['members']['members_created_remote'] = true; $member['members']['members_display_name'] = $member['members']['members_display_name'] ? $member['members']['members_display_name'] : $member['members']['name']; // #38703 timezone when registering $member['members']['time_offset'] = $member['members']['time_offset'] ? $member['members']['time_offset'] : $this->settings['time_offset']; $_return = IPSMember::create($member, FALSE, FALSE, TRUE); $this->cache->rebuildCache('stats', 'global'); if ($_return['full']) { IPSLib::runMemberSync('onCompleteAccount', $_return); } return $_return; }
/** * Process Logout * * @param int ID number * @param string md5( IPS Connect Key (see login method) . ID number ) * @param string Redirect URL, Base64 encoded * @param string md5( IPS Connect Key . $redirect ) * @return mixed If the redirect URL is provided, this function should redirect the user to that URL * If blank, will output blank screen */ public function logout($id, $key, $redirect, $redirectHash) { if ($key != md5($this->masterKey . $id)) { $this->_return(base64_encode($this->settings['board_url'])); } IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '0', 1, 0, FALSE, FALSE); $member = IPSMember::load(intval($id), 'none', 'id'); if ($member['member_id']) { IPSCookie::set("member_id", "0"); IPSCookie::set("pass_hash", "0"); if (is_array($_COOKIE)) { foreach ($_COOKIE as $cookie => $value) { if (stripos($cookie, $this->settings['cookie_id'] . 'ipbforumpass') !== false and !strstr($value, 'mobileApp')) { IPSCookie::set(str_replace($this->settings['cookie_id'], "", $cookie), '-', -1); } } } $this->member->sessionClass()->convertMemberToGuest(); $privacy = intval(IPSMember::isLoggedInAnon($member)); IPSMember::save($member['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => IPS_UNIX_TIME_NOW))); IPSLib::runMemberSync('onLogOut', $member); $this->han_login->logoutCallback($member); /* Run any custom code */ $this->_runCustom('logout', array($member)); } if ($redirect) { $redirect = $redirectHash == md5($this->masterKey . $redirect) ? $redirect : base64_encode($this->settings['board_url']); } $this->_return($redirect); }
/** * UserCP Save Form: Email Address * * @access public * @return mixed Array of errors / boolean true */ public function saveFormEmail() { //----------------------------------------- // INIT //----------------------------------------- $_emailOne = strtolower(trim($this->request['in_email_1'])); $_emailTwo = strtolower(trim($this->request['in_email_2'])); $captchaInput = trim(ipsRegistry::$request['captchaInput']); $captchaUniqueID = trim(ipsRegistry::$request['captchaUniqueID']); //----------------------------------------- // Check input //----------------------------------------- if ($this->memberData['g_access_cp']) { return array(0 => $this->lang->words['admin_emailpassword']); } if (!$_POST['in_email_1'] or !$_POST['in_email_2']) { return array(0 => $this->lang->words['complete_entire_form']); } //----------------------------------------- // Check password... //----------------------------------------- if (!$this->_isFBUser) { if ($this->_checkPassword($this->request['password']) === FALSE) { return array(0 => $this->lang->words['current_pw_bad']); } } //----------------------------------------- // Test email addresses //----------------------------------------- if ($_emailOne != $_emailTwo) { return array(0 => $this->lang->words['emails_no_matchy']); } if (IPSText::checkEmailAddress($_emailOne) !== TRUE) { return array(0 => $this->lang->words['email_not_valid']); } //----------------------------------------- // Is this email addy taken? //----------------------------------------- if (IPSMember::checkByEmail($_emailOne) == TRUE) { return array(0 => $this->lang->words['email_is_taken']); } //----------------------------------------- // Load ban filters //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'banfilters')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $banfilters[$r['ban_type']][] = $r['ban_content']; } //----------------------------------------- // Check in banned list //----------------------------------------- if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) { foreach ($banfilters['email'] as $email) { $email = str_replace('\\*', '.*', preg_quote($email, "/")); if (preg_match("/^{$email}\$/i", $_emailOne)) { return array(0 => $this->lang->words['email_is_taken']); } } } //----------------------------------------- // Anti bot flood... //----------------------------------------- if ($this->settings['bot_antispam']) { if ($this->registry->getClass('class_captcha')->validate() !== TRUE) { return array(0 => $this->lang->words['captcha_email_invalid']); } } //----------------------------------------- // Load handler... //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $this->han_login = new han_login($this->registry); $this->han_login->init(); if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) { return array(0 => $this->lang->words['email_is_taken']); } $this->han_login->changeEmail($this->memberData['email'], $_emailOne); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') { return array(0 => $this->lang->words['email_is_taken']); } //----------------------------------------- // Require new validation? NON ADMINS ONLY //----------------------------------------- if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) { $validate_key = md5(IPSLib::makePassword() . time()); //----------------------------------------- // Update the new email, but enter a validation key // and put the member in "awaiting authorisation" // and send an email.. //----------------------------------------- $db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->request['IP_ADDRESS'], 'prev_email' => $this->memberData['email']); if ($this->memberData['member_group_id'] != $this->settings['auth_group']) { $db_str['real_group'] = $this->memberData['member_group_id']; } $this->DB->insert('validating', $db_str); IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne))); IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne)); //----------------------------------------- // Update their session with the new member group //----------------------------------------- if ($this->member->session_id) { $this->member->sessionClass()->convertMemberToGuest(); } //----------------------------------------- // Kill the cookies to stop auto log in //----------------------------------------- IPSCookie::set('pass_hash', '-1', 0); IPSCookie::set('member_id', '-1', 0); IPSCookie::set('session_id', '-1', 0); //----------------------------------------- // Dispatch the mail, and return to the activate form. //----------------------------------------- IPSText::getTextClass('email')->getTemplate("newemail"); IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=07", 'CODE' => $validate_key)); IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name']; IPSText::getTextClass('email')->to = $_emailOne; IPSText::getTextClass('email')->sendMail(); $this->registry->getClass('output')->redirectScreen($this->lang->words['ce_redirect'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=07'); } else { //----------------------------------------- // No authorisation needed, change email addy and return //----------------------------------------- IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne))); IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne)); //----------------------------------------- // Add to OK message //----------------------------------------- $this->ok_message = $this->lang->words['ok_email_changed']; return TRUE; } }