$delete_content = isset($_POST['delete_content']) && $_POST['delete_content'] == 'Y';
if (admin_delete_user($uid, $delete_content)) {
html_draw_top("title={$page_title}", 'class=window_title');
html_display_msg(gettext("Delete User"), gettext("User Successfully Deleted"), 'admin_users.php', 'get', array('back' => gettext("Back")), false, '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed To Delete User"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
} else {
if (isset($_POST['delete_posts_confirm'])) {
if ($user_logon = user_get_logon($uid)) {
if (admin_delete_users_posts($uid)) {
admin_add_log_entry(DELETE_ALL_USER_POSTS, array($user_logon));
html_draw_top("title={$page_title}", 'class=window_title');
html_display_msg(gettext("Delete posts"), gettext("Posts were successfully deleted"), 'admin_user.php', 'get', array('back' => gettext("Back")), false, '_self', 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Failed to delete user's posts"), 'admin_user.php', 'get', array('back' => gettext("Back")), array('uid' => $uid), '_self', 'center');
}
}
} else {
if (isset($_POST['user_perm_submit'])) {
$valid = true;
if (forum_check_webtag_available($webtag)) {
// Local user permissions
$new_user_perms = (double) 0;
$t_admintools = (double) isset($_POST['t_admintools']) ? $_POST['t_admintools'] : 0;
$t_banned = (double) isset($_POST['t_banned']) ? $_POST['t_banned'] : 0;
$t_wormed = (double) isset($_POST['t_wormed']) ? $_POST['t_wormed'] : 0;
require_once BH_INCLUDE_PATH . 'db.inc.php';
require_once BH_INCLUDE_PATH . 'email.inc.php';
require_once BH_INCLUDE_PATH . 'form.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'lang.inc.php';
require_once BH_INCLUDE_PATH . 'logon.inc.php';
require_once BH_INCLUDE_PATH . 'user.inc.php';
// Array for holding error messages
$error_msg_array = array();
if (isset($_POST['request'])) {
if (isset($_POST['logon'])) {
$logon = mb_strtoupper($_POST['logon']);
if (email_send_pw_reminder($logon)) {
html_draw_top(sprintf('title=%s', gettext("Password reset e-mail sent")), 'class=window_title');
html_display_msg(gettext("Password reset e-mail sent"), gettext("You should shortly receive an e-mail containing instructions for resetting your password."), 'logon.php', 'get', array('back' => gettext("Back")), false, '_self', 'center');
html_draw_bottom();
exit;
} else {
$error_msg_array[] = gettext("Could not send password reminder. Please contact the forum owner.");
}
} else {
$error_msg_array[] = gettext("A valid username is required");
}
}
html_draw_top(sprintf('title=%s', gettext("Forgot password")), 'class=window_title');
echo "<h1>", gettext("Forgot password"), "</h1>";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '450', 'center');
}
echo "<br />\n";
if ($_REQUEST['mark_read_type'] == THREAD_MARK_READ_FOLDER && (isset($folder) && is_numeric($folder))) {
if (threads_mark_folder_read($folder)) {
header_redirect("thread_list.php?webtag={$webtag}&mode={$mode}&folder={$folder}&mark_read_success=true");
exit;
} else {
$error_msg_array[] = gettext("Failed to mark selected threads as read");
$valid = false;
}
}
}
}
}
} else {
unset($_REQUEST['mark_read_submit'], $_REQUEST['mark_read_confirm']);
html_draw_top();
html_display_msg(gettext("Confirm"), gettext("Are you sure you want to mark the selected threads as read?"), 'thread_list.php', 'post', array('mark_read_submit' => gettext("Confirm"), 'cancel' => gettext("Cancel")), array_merge($_REQUEST, array('mark_read_confirm' => 'Y')));
html_draw_bottom();
exit;
}
}
}
// Output XHTML header
html_draw_top('thread_list.js');
// Fetch the UID for the thread type functions below.
$uid = session::get_value('UID');
// Fetch the right threads for whichever mode is selected
switch ($mode) {
case UNREAD_DISCUSSIONS:
list($thread_info, $folder_order, $thread_count) = threads_get_unread($uid, $folder, $page);
break;
case UNREAD_DISCUSSIONS_TO_ME:
if (forum_get_setting('require_email_confirmation', 'Y')) {
if (email_send_user_confirmation($new_uid)) {
perm_user_apply_email_confirmation($new_uid);
html_draw_top(sprintf("title=%s", gettext("User Registration")));
html_display_msg(gettext("Successfully created user account"), gettext("Your user account has been created but before you can start posting you must confirm your email address. Please check your email for a link that will allow you to confirm your address."), 'index.php', 'get', array('continue' => gettext("Continue")), array('final_uri' => $final_uri), '_top', 'center');
html_draw_bottom();
exit;
} else {
html_draw_top(sprintf("title=%s", gettext("User Registration")));
html_display_msg(gettext("Successfully created user account"), gettext("Your user account has been created but the required confirmation email was not sent. Please contact the forum owner to rectify this. In this meantime please click the continue button to login."), 'index.php', 'get', array('continue' => gettext("Continue")), array('final_uri' => $final_uri), '_top', 'center');
html_draw_bottom();
exit;
}
} else {
html_draw_top(sprintf("title=%s", gettext("User Registration")));
html_display_msg(gettext("Successfully created user account"), gettext("Your user account has been created successfully! Click the continue button below to login"), 'index.php', 'get', array('continue' => gettext("Continue")), array('final_uri' => $final_uri), '_top', 'center');
html_draw_bottom();
exit;
}
} else {
$error_msg_array[] = gettext("Error creating user record");
$valid = false;
}
}
}
html_draw_top(sprintf('title=%s', gettext("User Registration")), 'emoticons.js', 'register.js', "basetarget={$frame_top_target}", 'class=window_title');
echo "<h1>", gettext("User Registration"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '600', 'center');
}
if (isset($user_agree_rules) && $user_agree_rules == 'Y') {
function html_draw_error($error_msg, $href = false, $method = 'get', $button_array = false, $var_array = false, $target = "_self", $align = "left", $id = false)
{
html_draw_top(gettext('Error'));
html_display_msg(gettext("Error"), $error_msg, $href, $method, $button_array, $var_array, $target, $align, $id);
html_draw_bottom();
exit;
}
if (isset($_POST['pm_delete_confirm']) && $_POST['pm_delete_confirm'] == 'Y') {
if (pm_delete_messages($process_messages)) {
if (in_array($mid, $process_messages)) {
header_redirect("pm_messages.php?webtag={$webtag}&folder={$current_folder}&page={$page}&deleted=true#message");
exit;
} else {
header_redirect("pm_messages.php?webtag={$webtag}&mid={$mid}&folder={$current_folder}&page={$page}&deleted=true#message");
exit;
}
} else {
$error_msg_array[] = gettext("Failed to delete selected messages");
$valid = false;
}
} else {
html_draw_top(sprintf("title=%s", gettext("Delete Message")), 'class=window_title');
html_display_msg(gettext("Delete"), gettext("Are you sure you want to delete all of the selected messages?"), "pm_messages.php", 'post', array('pm_option_submit' => gettext("Yes"), 'back' => gettext("No")), array('folder' => $current_folder, 'page' => $page, 'process' => $process_messages, 'pm_delete_messages' => gettext("Delete"), 'pm_delete_confirm' => 'Y'), '_self', 'center');
html_draw_bottom();
exit;
}
} else {
$error_msg_array[] = gettext("You must select some messages to process");
$valid = false;
}
} else {
if (isset($_POST['pm_save_messages'])) {
$valid = true;
if (isset($_POST['process']) && is_array($_POST['process'])) {
$process_messages = array_filter($_POST['process'], 'is_numeric');
} else {
$process_messages = array();
}
function html_draw_error($message, $href = null, $method = 'get', array $buttons = array(), array $vars = array(), $target = "_self", $align = "left", $id = null)
{
html_draw_top(array('title' => gettext('Error')));
html_display_msg(gettext("Error"), $message, $href, $method, $buttons, $vars, $target, $align, $id);
html_draw_bottom();
exit;
}
$error_msg_array[] = gettext("Password must not contain HTML tags");
$valid = false;
}
if (mb_strlen(trim($_POST['pw'])) < 6) {
$error_msg_array[] = gettext("Password must be a minimum of 6 characters long");
$valid = false;
}
if ($pw != $cpw) {
$error_msg_array[] = gettext("Passwords do not match");
$valid = false;
}
}
if ($valid) {
if (user_reset_password($uid, $pw, $key)) {
html_draw_top(array('title' => gettext('Password changed'), 'class' => 'window_title'));
html_display_msg(gettext("Password changed"), gettext("Your password has been changed."), 'index.php', 'get', array('continue' => gettext("Continue")), array(), '_top');
html_draw_bottom();
exit;
} else {
$error_msg_array[] = gettext("Update failed");
$valid = false;
}
}
}
if (isset($_REQUEST['u']) && isset($_REQUEST['h'])) {
$uid = $_GET['u'];
$key = $_GET['h'];
} else {
html_draw_error(gettext("Required information not found"));
}
if (!($user = user_get_by_passhash($uid, $key))) {
html_display_msg(gettext("Delete Thread"), gettext("Thread was successfully deleted"), 'discussion.php', 'get', array('continue' => gettext("Continue")), false, html_get_frame_name('main'), 'center');
html_draw_bottom();
exit;
} else {
$error_msg_array[] = gettext("Failed to delete thread.");
$valid = false;
}
}
}
if (isset($_POST['undelete_thread']) && $_POST['undelete_thread'] == "Y") {
if (isset($_POST['undelete_thread_confirm']) && $_POST['undelete_thread_confirm'] == "Y") {
if (thread_undelete($tid)) {
post_add_edit_text($tid, 1);
admin_add_log_entry(UNDELETE_THREAD, array($tid, $thread_data['TITLE']));
html_draw_top(sprintf('title=%s', gettext("Undelete Thread")), 'class=window_title');
html_display_msg(gettext("Undelete Thread"), gettext("Thread was successfully undeleted"), 'thread_options.php', 'get', array('back' => gettext("Back")), array('msg' => $msg), '_self', 'center');
html_draw_bottom();
exit;
} else {
$error_msg_array[] = gettext("Failed to un-delete thread");
$valid = false;
}
}
}
}
if ($valid) {
header_redirect("thread_options.php?webtag={$webtag}&msg={$msg}&updated=true");
exit;
}
}
if ($thread_data['DELETED'] == 'N') {
$use_email_addr = true;
} else {
$use_email_addr = false;
}
if (!user_allow_email($to_user['UID'])) {
$error_msg_array[] = sprintf(gettext("%s has opted out of email contact"), word_filter_add_ob_tags(format_user_name($to_user['LOGON'], $to_user['NICKNAME']), true));
$valid = false;
}
if (!email_address_valid($to_user['EMAIL'])) {
$error_msg_array[] = sprintf(gettext("%s has an invalid email address"), word_filter_add_ob_tags(format_user_name($to_user['LOGON'], $to_user['NICKNAME']), true));
$valid = false;
}
if ($valid) {
if (email_send_message_to_user($to_uid, $uid, $subject, $message, $use_email_addr)) {
html_draw_top(sprintf('title=%s', gettext("Email result")), 'pm_popup_disabled', 'class=window_title');
html_display_msg(gettext("Message sent"), gettext("Message sent successfully."), 'email.php', 'post', array('close' => gettext("Close")), array('to_uid' => $to_uid), false, 'center');
html_draw_bottom();
exit;
} else {
html_draw_error(gettext("Mail system failure. Message not sent."));
exit;
}
}
}
html_draw_top(sprintf('title=%s', sprintf(gettext("Send Email to %s"), htmlentities_array(format_user_name($to_user['LOGON'], $to_user['NICKNAME'])))), 'pm_popup_disabled', 'class=window_title');
echo "<h1>", sprintf(gettext("Send Email to %s"), htmlentities_array(format_user_name($to_user['LOGON'], $to_user['NICKNAME']))), "</h1>\n";
echo "<br />";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"f_email\" action=\"email.php\" method=\"post\">\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " ", form_input_hidden("to_uid", htmlentities_array($to_uid)), "\n";
}
} else {
$error_msg_array[] = gettext("Link approval failed");
}
} else {
if (isset($_POST['delete'])) {
if (links_delete($lid)) {
if (session::check_perm(USER_PERM_FOLDER_MODERATE, 0) && $link['UID'] != session::get_value('UID')) {
admin_add_log_entry(DELETE_LINK, array($lid));
}
if (preg_match("/^links_detail.php/u", $ret) > 0) {
header_redirect("links_detail.php?webtag={$webtag}&lid={$lid}&link_approve_success={$lid}");
exit;
} else {
html_draw_top(sprintf('title=%s', gettext("Approve Link")), 'class=window_title');
html_display_msg(gettext("Approve Link"), sprintf(gettext("Successfully deleted link"), $lid), "admin_link_approve.php", 'get', array('back' => gettext("Back")), array('ret' => $ret), '_self', 'center');
html_draw_bottom();
exit;
}
} else {
$error_msg_array[] = gettext("Error deleting link");
}
}
}
html_draw_top(sprintf('title=%s', gettext("Admin - Approve Link")), 'class=window_title', "post.js", "resize_width=86%");
echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Approve Link"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '86%', 'left');
}
echo "<br />\n";
echo "<div align=\"center\">\n";
} else {
$error_msg_array[] = gettext("Post approval failed.");
}
} else {
if (isset($_POST['delete'])) {
if (post_delete($tid, $pid)) {
post_add_edit_text($tid, $pid);
if (session::check_perm(USER_PERM_FOLDER_MODERATE, $t_fid) && $preview_message['FROM_UID'] != session::get_value('UID')) {
admin_add_log_entry(DELETE_POST, array($t_fid, $tid, $pid));
}
if (preg_match("/^messages.php/", basename($ret)) > 0) {
header_redirect("messages.php?webtag={$webtag}&msg={$msg}&delete_success={$msg}");
exit;
} else {
html_draw_top(sprintf('title=%s', gettext("Delete posts")), 'class=window_title');
html_display_msg(gettext("Delete posts"), sprintf(gettext("Successfully deleted post %s"), $msg), "admin_post_approve.php", 'get', array('back' => gettext("Back")), array('ret' => $ret), '_self', 'center');
html_draw_bottom();
exit;
}
} else {
$error_msg_array[] = gettext("Error deleting post");
}
}
}
html_draw_top(sprintf('title=%s', gettext("Admin - Approve Post")), 'class=window_title', "post.js", "resize_width=720");
echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Approve Post"), "</h1>\n";
if ($preview_message['TO_UID'] == 0) {
$preview_message['TLOGON'] = gettext("ALL");
$preview_message['TNICK'] = gettext("ALL");
} else {
$preview_tuser = user_get($preview_message['TO_UID']);
// Update basic settings in USER table
if (user_update($profile_uid, $user_info_new['LOGON'], $user_info_new['NICKNAME'], $user_info_new['EMAIL'])) {
// If email confirmation is requied and the user has changed
// their email address we need to get them to confirm the
// change by sending them another email.
if ($profile_uid == $_SESSION['UID'] && $admin_edit === false) {
if (forum_get_setting('require_email_confirmation', 'Y') && $user_info_new['EMAIL'] != $user_info['EMAIL']) {
if (email_send_changed_email_confirmation($profile_uid)) {
perm_user_apply_email_confirmation($profile_uid);
html_draw_top(array('title' => gettext('My Controls - User Details - Email address has been changed'), 'class' => 'window_title'));
html_display_msg(gettext("Email address has been changed"), gettext("Your email address has been changed and a new confirmation email has been sent. Please check and read the email for further instructions."), 'index.php', 'get', array('continue' => gettext("Continue")), array(), '_top');
html_draw_bottom();
exit;
} else {
html_draw_top(array('title' => gettext("Error")));
html_display_msg(gettext("Email address has been changed"), gettext("You have changed your email address, but we were unable to send a confirmation request. Please contact the forum owner for assistance."), 'index.php', 'get', array('continue' => gettext("Continue")), array(), '_top');
html_draw_bottom();
exit;
}
}
}
// Force redirect to prevent refreshing the page prompting to user to resubmit form data.
if ($admin_edit === true) {
header_redirect("admin_user.php?webtag={$webtag}&uid={$profile_uid}&profile_updated=true");
exit;
} else {
header_redirect("edit_prefs.php?webtag={$webtag}&updated=true");
exit;
}
} else {
$error_msg_array[] = gettext("Some or all of your user preferences could not be updated. Please try again later.");
}
if ($process_valid && links_delete($delete_lid)) {
admin_add_log_entry(DELETE_LINK, array($delete_lid));
} else {
$valid = false;
}
}
if ($valid) {
header_redirect("admin_link_approve.php?webtag={$webtag}&page={$page}&delete_success=true");
exit;
} else {
$error_msg_array[] = gettext("Failed to delete some links");
}
} else {
html_draw_top(array('title' => gettext('Delete Links'), 'class' => 'window_title'));
html_display_msg(gettext("Delete"), gettext("Are you sure you want to delete all of the selected links?"), "admin_link_approve.php", 'post', array('delete_links' => gettext("Yes"), 'back' => gettext("No")), array('page' => $page, 'process' => $process_links, 'delete_confirm' => 'Y'), '_self', 'center');
html_draw_bottom();
exit;
}
} else {
$error_msg_array[] = gettext("You must select some links to delete");
$valid = false;
}
}
}
html_draw_top(array('title' => gettext('Admin - Link Approval Queue'), 'class' => 'window_title', 'main_css' => 'admin.css'));
$link_approval_array = admin_get_link_approval_queue($page);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Link Approval Queue"), "</h1>\n";
if (isset($_GET['link_approve_success']) && is_numeric($_GET['link_approve_success'])) {
html_display_success_msg(sprintf(gettext("Successfully approved link %s"), $_GET['link_approve_success']), '86%', 'center');
} else {
}
if (isset($_GET['h']) && is_md5($_GET['h'])) {
$key = $_GET['h'];
}
if (isset($_GET['resend']) && isset($uid)) {
if (email_send_user_confirmation($uid)) {
html_draw_top(sprintf('title=%s', gettext("Email confirmation")), 'class=window_title');
html_display_msg(gettext("Email confirmation"), gettext("Confirmation email has been resent."));
html_draw_bottom();
exit;
}
html_draw_error(gettext("Confirmation email failed to send. Please contact the forum owner to rectify this."));
}
if (!isset($uid) || !isset($key)) {
html_draw_error(gettext("Required information not found"));
}
$frame_top_target = html_get_top_frame_name();
if ($user = user_get_by_passhash($uid, $key)) {
if (perm_user_cancel_email_confirmation($uid)) {
html_draw_top(sprintf('title=%s', gettext("Email confirmation")), 'class=window_title');
html_display_msg(gettext("Email confirmation"), gettext("Thank you for confirming your email address. You may now login and start posting immediately."), 'index.php', 'post', array('submit' => gettext("Continue")), false, $frame_top_target, 'center');
html_draw_bottom();
} else {
html_draw_top(sprintf("title=%s", gettext("Error")));
html_display_msg(gettext("Email confirmation"), gettext("Email confirmation has failed, please try again later. If you encounter this error multiple times please contact the forum owner or a moderator for assistance."), 'index.php', 'post', array('submit' => gettext("Continue")), false, $frame_top_target, 'center');
html_draw_bottom();
}
html_draw_bottom();
} else {
html_draw_error(gettext("Required information not found"));
}
