/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $order = 0; // Actualiser if (post_param('submitting_settings_tab', NULL) !== NULL) { require_code('ocf_members_action2'); $is_ldap = ocf_is_ldap_member($member_id_of); $is_httpauth = ocf_is_httpauth_member($member_id_of); $is_remote = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_password_compat_scheme') == 'remote'; if ($is_ldap || $is_httpauth || $is_remote || $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'assume_any_member')) { $password = NULL; } else { $password = post_param('edit_password'); if ($password == '') { $password = NULL; } else { $password_confirm = trim(post_param('password_confirm')); if ($password != $password_confirm) { warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH')))); } } } $custom_fields = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id_of), $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'view_any_profile_field') ? 1 : NULL, $member_id_of != $member_id_viewing ? NULL : 1, $member_id_of != $member_id_viewing ? NULL : 1); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields, $member_id_of); $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : ''; $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); $all_pt_allow = ''; foreach (array_keys($tmp_groups) as $key) { if ($key != db_get_first_id()) { if ($all_pt_allow != '') { $all_pt_allow .= ','; } $all_pt_allow .= strval($key); } } if ($pt_allow == $all_pt_allow) { $pt_allow = '*'; } $pt_rules_text = post_param('pt_rules_text', NULL); if (has_specific_permission($member_id_viewing, 'member_maintenance')) { $validated = post_param_integer('validated', 0); $primary_group = $is_ldap || !has_specific_permission($member_id_viewing, 'assume_any_member') ? NULL : post_param_integer('primary_group', NULL); $is_perm_banned = post_param_integer('is_perm_banned', 0); $old_is_perm_banned = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_is_perm_banned'); if ($old_is_perm_banned != $is_perm_banned) { if ($is_perm_banned == 1) { ocf_ban_member($member_id_of); } else { ocf_unban_member($member_id_of); } } $highlighted_name = post_param_integer('highlighted_name', 0); if (has_specific_permission($member_id_viewing, 'probate_members')) { $on_probation_until = get_input_date('on_probation_until'); $current__on_probation_until = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_on_probation_until'); if ((is_null($on_probation_until) || $on_probation_until <= time()) && $current__on_probation_until > time()) { log_it('STOP_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $on_probation_until > time() && $current__on_probation_until <= time()) { log_it('START_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until > $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('REDUCE_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until < $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('EXTEND_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } } else { $on_probation_until = NULL; } } else { $validated = NULL; $primary_group = NULL; $highlighted_name = NULL; $on_probation_until = NULL; } if (has_actual_page_access($member_id_viewing, 'admin_ocf_join') || has_specific_permission($member_id_of, 'rename_self')) { $username = $is_ldap || $is_remote ? NULL : post_param('edit_username', NULL); } else { $username = NULL; } $email = post_param('email_address', NULL); if (!is_null($email)) { $email = trim($email); } $theme = post_param('theme', NULL); if ($is_remote) { $preview_posts = NULL; $zone_wide = NULL; $auto_monitor_contrib_content = NULL; $views_signatures = NULL; $timezone = NULL; } else { $preview_posts = post_param_integer('preview_posts', 0); $zone_wide = post_param_integer('zone_wide', 0); $auto_monitor_contrib_content = NULL; //post_param_integer('auto_monitor_contrib_content',0); Moved to notifications tab $views_signatures = post_param_integer('views_signatures', 0); $timezone = post_param('timezone', get_site_timezone()); } ocf_edit_member($member_id_of, $email, $preview_posts, post_param_integer('dob_day', -1), post_param_integer('dob_month', -1), post_param_integer('dob_year', -1), $timezone, $primary_group, $actual_custom_fields, $theme, post_param_integer('reveal_age', 0), $views_signatures, $auto_monitor_contrib_content, post_param('language', NULL), post_param_integer('allow_emails', 0), post_param_integer('allow_emails_from_staff', 0), $validated, $username, $password, $zone_wide, $highlighted_name, $pt_allow, $pt_rules_text, $on_probation_until); if (!array_key_exists('secondary_groups', $_POST)) { $_POST['secondary_groups'] = array(); } require_code('ocf_groups_action2'); $members_groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id_of); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL)); foreach ($_POST['secondary_groups'] as $group_id) { $group = $groups[intval($group_id)]; if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission($member_id_viewing, 'see_hidden_groups')) { continue; } if (!in_array($group['id'], $members_groups) && (has_specific_permission($member_id_viewing, 'assume_any_member') || $group['g_open_membership'] == 1)) { ocf_add_member_to_group($member_id_of, $group['id']); } } foreach ($members_groups as $group_id) { if (!in_array(strval($group_id), $_POST['secondary_groups'])) { ocf_member_leave_group($group_id, $member_id_of); } } $GLOBALS['FORUM_DB']->query('DELETE FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_known_login_ips WHERE i_member_id=' . strval($member_id_of) . ' AND ' . db_string_not_equal_to('i_val_code', '')); // So any re-confirms can happen if (addon_installed('awards')) { require_code('awards'); handle_award_setting('member', strval($member_id_of)); } attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } // UI $title = do_lang_tempcode('SETTINGS'); $myrow = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id_of); if (is_null($myrow)) { warn_exit(do_lang_tempcode('USER_NO_EXIST')); } require_code('ocf_members_action2'); list($fields, $hidden) = ocf_get_member_fields_settings(false, $member_id_of, NULL, $myrow['m_email_address'], $myrow['m_preview_posts'], $myrow['m_dob_day'], $myrow['m_dob_month'], $myrow['m_dob_year'], get_users_timezone($member_id_of), $myrow['m_theme'], $myrow['m_reveal_age'], $myrow['m_views_signatures'], $myrow['m_auto_monitor_contrib_content'], $myrow['m_language'], $myrow['m_allow_emails'], $myrow['m_allow_emails_from_staff'], $myrow['m_validated'], $myrow['m_primary_group'], $myrow['m_username'], $myrow['m_is_perm_banned'], '', $myrow['m_zone_wide'], $myrow['m_highlighted_name'], $myrow['m_pt_allow'], get_translated_text($myrow['m_pt_rules_text'], $GLOBALS['FORUM_DB']), $myrow['m_on_probation_until']); // Awards? if (addon_installed('awards')) { require_code('awards'); $fields->attach(get_award_fields('member', strval($member_id_of))); } $redirect = get_param('redirect', NULL); if (!is_null($redirect)) { $hidden->attach(form_input_hidden('redirect', $redirect)); } $hidden->attach(form_input_hidden('submitting_settings_tab', '1')); $javascript = "\n\t\t\tvar form=document.getElementById('email_address').form;\n\t\t\tform.prior_profile_edit_submit=form.onsubmit;\n\t\t\tform.onsubmit=function()\n\t\t\t\t{\n\t\t\t\t\tif (typeof form.elements['edit_password']!='undefined')\n\t\t\t\t\t{\n\t\t\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['edit_password'].value))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (typeof form.prior_profile_edit_submit!='undefined' && form.prior_profile_edit_submit) return form.prior_profile_edit_submit();\n\t\t\t\t\treturn true;\n\t\t\t\t};\n\t\t"; $text = ''; return array($title, $fields, $text, $javascript, $order, $hidden); }
/** * Add a member. * * @param SHORT_TEXT The username. * @param SHORT_TEXT The password. * @param SHORT_TEXT The e-mail address. * @param ?array A list of usergroups (NULL: default/current usergroups). * @param ?integer Day of date of birth (NULL: unknown). * @param ?integer Month of date of birth (NULL: unknown). * @param ?integer Year of date of birth (NULL: unknown). * @param array A map of custom field values (field-id=>value). * @param ?ID_TEXT The member timezone (NULL: auto-detect). * @param ?GROUP The member's primary (NULL: default). * @param BINARY Whether the profile has been validated. * @param ?TIME When the member joined (NULL: now). * @param ?TIME When the member last visited (NULL: now). * @param ID_TEXT The member's default theme. * @param ?URLPATH The URL to the member's avatar (blank: none) (NULL: choose one automatically). * @param LONG_TEXT The member's signature (blank: none). * @param BINARY Whether the member is permanently banned. * @param BINARY Whether posts are previewed before they are made. * @param BINARY Whether the member's age may be shown. * @param SHORT_TEXT The member's title (blank: get from primary). * @param URLPATH The URL to the member's photo (blank: none). * @param URLPATH The URL to the member's photo thumbnail (blank: none). * @param BINARY Whether the member sees signatures in posts. * @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config). * @param ?LANGUAGE_NAME The member's language (NULL: auto detect). * @param BINARY Whether the member allows e-mails via the site. * @param BINARY Whether the member allows e-mails from staff via the site. * @param LONG_TEXT Personal notes of the member. * @param ?IP The member's IP address (NULL: IP address of current user). * @param SHORT_TEXT The code required before the account becomes active (blank: already entered). * @param boolean Whether to check details for correctness. * @param ?ID_TEXT The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted). * @param SHORT_TEXT The password salt (blank: password compatibility scheme does not use a salt / auto-generate). * @param BINARY Whether the member likes to view zones without menus, when a choice is available. * @param ?TIME The time the member last made a submission (NULL: set to now). * @param ?AUTO_LINK Force an ID (NULL: don't force an ID) * @param BINARY Whether the member username will be highlighted. * @param SHORT_TEXT Usergroups that may PT the member. * @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member. * @return AUTO_LINK The ID of the new member. */ function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '') { if (is_null($auto_monitor_contrib_content)) { $auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1; } if (is_null($password_compatibility_scheme)) { if (get_value('no_password_hashing') === '1') { $password_compatibility_scheme = 'plain'; } else { $password_compatibility_scheme = ''; } } if (is_null($language)) { $language = ''; } if (is_null($signature)) { $signature = ''; } if (is_null($title)) { $title = ''; } if (is_null($timezone)) { $timezone = get_site_timezone(); } if (is_null($allow_emails)) { $allow_emails = 1; } if (is_null($allow_emails_from_staff)) { $allow_emails_from_staff = 1; } if (is_null($personal_notes)) { $personal_notes = ''; } if (is_null($avatar_url)) { if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) { $avatar_url = ''; } else { if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) { require_code('themes2'); $codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']); shuffle($codes); $results = array(); foreach ($codes as $code) { if (strpos($code, 'ocp_fanatic') !== false) { continue; } $count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true))); if (is_null($count)) { $count = 0; } $results[$code] = $count; } @asort($results); // @'d as type checker fails for some odd reason $found_avatars = array_keys($results); $avatar_url = find_theme_image(array_shift($found_avatars), true, true); } if (is_null($avatar_url)) { $GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => '')); // In case failure cached, gets very confusing $avatar_url = find_theme_image('ocf_default_avatars/default', true, true); if (is_null($avatar_url)) { $avatar_url = ''; } } } } if ($check_correctness) { if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) { ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL); } if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) { require_code('type_validation'); if (!is_valid_email_address($email_address) && $email_address != '') { warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address))); } } } require_code('ocf_members'); require_code('ocf_groups'); if (is_null($last_submit_time)) { $last_submit_time = time(); } if (is_null($join_time)) { $join_time = time(); } if (is_null($last_visit_time)) { $last_visit_time = time(); } if (is_null($primary_group)) { $primary_group = get_first_default_group(); // This is members } if (is_null($secondary_groups)) { $secondary_groups = ocf_get_all_default_groups(false); } foreach ($secondary_groups as $_g_id => $g_id) { if ($g_id == $primary_group) { unset($secondary_groups[$_g_id]); } } if (is_null($ip_address)) { $ip_address = get_ip_address(); } if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') { $password_compatibility_scheme = 'plain'; $salt = ''; } if ($salt == '' && $password_compatibility_scheme == '') { $salt = produce_salt(); $password_salted = md5($salt . md5($password)); } else { $password_salted = $password; } // Supplement custom field values given with defaults, and check constraints $all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups)); require_code('fields'); foreach ($all_fields as $field) { $field_id = $field['id']; if (array_key_exists($field_id, $custom_fields)) { if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) { access_denied('I_ERROR'); } } else { $custom_fields[$field_id] = ''; } } if (!addon_installed('unvalidated')) { $validated = 1; } $map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL); if (!is_null($id)) { $map['id'] = $id; } $member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true); if ($check_correctness) { // If it was an invite/recommendation, award the referrer if (addon_installed('recommend')) { $inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time'); if (!is_null($inviter)) { if (addon_installed('points')) { require_code('points2'); require_lang('recommend'); system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter); } if (addon_installed('chat')) { require_code('chat2'); buddy_add($inviter, $member_id); buddy_add($member_id, $inviter); } } } } $value = mixed(); // Store custom fields $row = array('mf_member_id' => $member_id); $all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields); foreach ($custom_fields as $field_num => $value) { if (!array_key_exists($field_num, $all_fields_types)) { continue; } // Trying to set a field we're not allowed to (doesn't apply to our group) $ob = get_fields_hook($all_fields_types[$field_num]); list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]); if (strpos($storage_type, '_trans') !== false) { $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']); } $row['field_' . strval($field_num)] = $value; } // Set custom field row $all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type')); foreach ($all_fields_regardless as $field) { if (!array_key_exists('field_' . strval($field['id']), $row)) { $ob = get_fields_hook($field['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($field); $value = ''; if (strpos($storage_type, '_trans') !== false) { $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']); } $row['field_' . strval($field['id'])] = $value; } } $GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row); // Any secondary work foreach ($secondary_groups as $g) { if ($g != $primary_group) { $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1); $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1)); } } if ($check_correctness) { if (function_exists('decache')) { decache('side_stats'); } } return $member_id; }
function handle_facebook_connection_login($current_logged_in_member) { if (!class_exists('ocp_tempcode')) { return NULL; } if (is_guest($current_logged_in_member)) { $current_logged_in_member = NULL; // We are not a normal cookie login so ocPortal has loaded up a Guest session already in the expectation of keeping it. Unsetting it will force a rebind (existing session may be reused though) require_code('users_inactive_occasionals'); set_session_id(-1); } // If already session-logged-in onto a Facebook account, don't bother doing anything if (!is_null($current_logged_in_member) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($current_logged_in_member, 'm_password_compat_scheme') == 'facebook') { return $current_logged_in_member; } // Who is this user, from Facebook's point of view? global $FACEBOOK_CONNECT; $facebook_uid = $FACEBOOK_CONNECT->getUser(); if (is_null($facebook_uid)) { return $current_logged_in_member; } try { $details = $FACEBOOK_CONNECT->api('/me'); } catch (Exception $e) { return $current_logged_in_member; } $details2 = $FACEBOOK_CONNECT->api('/me', array('fields' => 'picture', 'type' => 'normal')); if (!is_array($details) || !is_array($details2)) { return $current_logged_in_member; } $details = array_merge($details, $details2); if (!isset($details['name'])) { return $current_logged_in_member; } $username = $details['name']; $photo_url = array_key_exists('picture', $details) ? $details['picture'] : ''; if (is_array($photo_url)) { $photo_url = $photo_url['data']['url']; } if ($photo_url != '') { $photo_url = 'http://graph.facebook.com/' . strval($facebook_uid) . '/picture?type=large'; // In case URL changes } $avatar_url = $photo_url == '' ? mixed() : $photo_url; $photo_thumb_url = ''; if ($photo_url != '') { $photo_thumb_url = $photo_url; } $email_address = array_key_exists('email', $details) ? $details['email'] : ''; $timezone = mixed(); if (isset($details['timezone'])) { require_code('temporal'); $timezone = convert_timezone_offset_to_formal_timezone($details['timezone']); } $language = mixed(); if (isset($details['locale'])) { $language = strtoupper($details['locale']); } if ($language !== NULL) { if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = preg_replace('#\\_.*$#', '', $language); if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = ''; } } } $dob = array_key_exists('birthday', $details) ? $details['birthday'] : ''; $dob_day = mixed(); $dob_month = mixed(); $dob_year = mixed(); if ($dob != '') { $_dob = explode('/', $dob); $dob_day = intval($_dob[1]); $dob_month = intval($_dob[0]); $dob_year = intval($_dob[2]); } // See if they have logged in before - i.e. have a synched account $member_row = $GLOBALS['FORUM_DB']->query_select('f_members', array('*'), array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), 'ORDER BY id DESC', 1); $member = array_key_exists(0, $member_row) ? $member_row[0]['id'] : NULL; if (is_guest($member)) { $member = NULL; } /*if (!is_null($member)) // Useful for debugging { require_code('ocf_members_action2'); ocf_delete_member($member); $member=NULL; }*/ // If logged in before using Facebook, see if they've changed their name or email or timezone on Facebook -- if so, try and update locally to match if (!is_null($member)) { if (!is_null($current_logged_in_member) && $current_logged_in_member !== NULL && !is_guest($current_logged_in_member) && $current_logged_in_member != $member) { return $current_logged_in_member; } // User has an active login, and the Facebook account is bound to a DIFFERENT login. Take precedence to the other login that is active on top of this $last_visit_time = $member[0]['m_last_visit_time']; if ($timezone !== NULL) { if (tz_time(time(), $timezone) == tz_time(time(), $member[0]['m_timezone_offset'])) { $timezone = $member[0]['m_timezone_offset']; } // If equivalent, don't change } $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $username)); if (!is_null($test)) { $update_map = array('m_username' => $username, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year); if ($email_address != '') { $update_map['m_email_address'] = $email_address; } if ($avatar_url !== NULL && ($test == '' || strpos($test, 'facebook') !== false || strpos($test, 'fbcdn') !== false)) { if ($timezone !== NULL) { $update_map['m_timezone_offset'] = $timezone; } $update_map['m_avatar_url'] = $avatar_url; $update_map['m_photo_url'] = $photo_url; $update_map['m_photo_thumb_url'] = $photo_thumb_url; } $GLOBALS['FORUM_DB']->query_update('f_members', $update_map, array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => strval($facebook_uid)), '', 1); if ($username != $member[0]['m_username']) { // Fix cacheing for usernames $to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username'); foreach ($to_fix as $fix) { list($table, $field) = explode('/', $fix); $GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $member[0]['m_username'])); } } } } // Not logged in before using Facebook, so we need to create an account, or bind to the active ocPortal login if there is one $in_a_sane_place = get_page_name() != 'login' && (running_script('index') || running_script('execute_temp')); // If we're in some weird script, or the login module UI, it's not a sane place, don't be doing account creation yet if (is_null($member) && $in_a_sane_place) { // Bind to existing ocPortal login? if (!is_null($current_logged_in_member)) { /*if (post_param_integer('associated_confirm',0)==0) Won't work because Facebook is currently done in JS and cookies force this. If user wishes to cancel they must go to http://www.facebook.com/settings?tab=applications and remove the app, then run a lost password reset. { $title=get_page_title('LOGIN_FACEBOOK_HEADER'); $message=do_lang_tempcode('LOGGED_IN_SURE_FACEBOOK',escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member))); $middle=do_template('YESNO_SCREEN',array('TITLE'=>$title,'TEXT'=>$message,'HIDDEN'=>form_input_hidden('associated_confirm','1'),'URL'=>get_self_url_easy())); $tpl=globalise($middle,NULL,'',true); $tpl->evaluate_echo(); exit(); }*/ $GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), array('id' => $current_logged_in_member), '', 1); require_code('site'); require_lang('facebook'); attach_message(do_lang_tempcode('FACEBOOK_ACCOUNT_CONNECTED', escape_html(get_site_name()), escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)), array(escape_html($username))), 'inform'); return $current_logged_in_member; } // If we're still here, we have to create a new account... // ------------------------------------------------------- $completion_form_submitted = post_param('email_address', '') != ''; // If there's a conflicting username, we may need to change it (suffix a number) require_code('ocf_members_action2'); $username = get_username_from_human_name($username); // Ask ocP to finish off the profile from the information presented in the POST environment (a standard mechanism in ocPortal, for third party logins of various kinds) require_lang('ocf'); require_code('ocf_members'); require_code('ocf_groups'); require_code('ocf_members2'); require_code('ocf_members_action'); $_custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, 1); if (!$completion_form_submitted && count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { $GLOBALS['FACEBOOK_FINISHING_PROFILE'] = true; $middle = ocf_member_external_linker_ask($username, 'facebook', $email_address, $dob_day, $dob_month, $dob_year); $tpl = globalise($middle, NULL, '', true); $tpl->evaluate_echo(); exit; } else { $username = post_param('username', $username); if (count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { // Was not auto-generated, so needs to be checked ocf_check_name_valid($username, NULL, NULL); } $member = ocf_member_external_linker($username, $facebook_uid, 'facebook', false, $email_address, $dob_day, $dob_month, $dob_year, $timezone, $language, $avatar_url, $photo_url, $photo_thumb_url); } } if (!is_null($member)) { require_code('users_inactive_occasionals'); create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1'); // This will mark it as confirmed } return $member; }
/** * Standard modular run function for search results. * * @param string Search string * @param boolean Whether to only do a META (tags) search * @param ID_TEXT Order direction * @param integer Start position in total results * @param integer Maximum results to return in total * @param boolean Whether only to search titles (as opposed to both titles and content) * @param string Where clause that selects the content according to the main search string (SQL query fragment) (blank: full-text search) * @param SHORT_TEXT Username/Author to match for * @param ?MEMBER Member-ID to match for (NULL: unknown) * @param TIME Cutoff date * @param string The sort type (gets remapped to a field in this function) * @set title add_date * @param integer Limit to this number of results * @param string What kind of boolean search to do * @set or and * @param string Where constraints known by the main search code (SQL query fragment) * @param string Comma-separated list of categories to search under * @param boolean Whether it is a boolean search * @return array List of maps (template, orderer) */ function run($content, $only_search_meta, $direction, $max, $start, $only_titles, $content_where, $author, $author_id, $cutoff, $sort, $limit_to, $boolean_operator, $where_clause, $search_under, $boolean_search) { unset($limit_to); if (get_forum_type() != 'ocf') { return array(); } require_code('ocf_members'); $remapped_orderer = ''; switch ($sort) { case 'title': $remapped_orderer = 'm_username'; break; case 'add_date': $remapped_orderer = 'm_join_time'; break; case 'relevance': case 'rating': break; default: $remapped_orderer = preg_replace('#[^\\w]#', '', $sort); break; } require_lang('ocf'); // Calculate our where clause (search) if ($author != '') { $where_clause .= ' AND '; $where_clause .= db_string_equal_to('m_username', $author); } if (!is_null($cutoff)) { $where_clause .= ' AND '; $where_clause .= 'm_join_time>' . strval($cutoff); } $raw_fields = array('m_username'); $trans_fields = array(); $rows = ocf_get_all_custom_fields_match(NULL, 1, 1); $table = ''; require_code('fields'); $non_trans_fields = 0; foreach ($rows as $i => $row) { $ob = get_fields_hook($row['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($row); if (strpos($storage_type, '_trans') === false) { $non_trans_fields++; } } $index_issue = $non_trans_fields > 16; foreach ($rows as $i => $row) { $ob = get_fields_hook($row['cf_type']); list(, , $storage_type) = $ob->get_field_value_row_bits($row); $param = get_param('option_' . strval($row['id']), ''); if ($param != '') { $where_clause .= ' AND '; if (db_has_full_text($GLOBALS['SITE_DB']->connection_read) && method_exists($GLOBALS['SITE_DB']->static_ob, 'db_has_full_text_boolean') && $GLOBALS['SITE_DB']->static_ob->db_has_full_text_boolean() && !is_under_radar($param)) { $temp = db_full_text_assemble('"' . $param . '"', true); } else { $temp = db_like_assemble($param); } if ($row['cf_type'] == 'short_trans' || $row['cf_type'] == 'long_trans') { $where_clause .= preg_replace('#\\?#', 't' . strval(count($trans_fields) + 1) . '.text_original', $temp); } else { $where_clause .= preg_replace('#\\?#', 'field_' . strval($row['id']), $temp); } } if (strpos($storage_type, '_trans') === false) { $raw_fields[] = 'field_' . strval($row['id']); } else { $trans_fields[] = 'field_' . strval($row['id']); } } $age_range = get_param('option__age_range', get_param('option__age_range_from', '') . '-' . get_param('option__age_range_to', '')); if ($age_range != '' && $age_range != '-') { $bits = explode('-', $age_range); if (count($bits) == 2) { $lower = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[0])); $upper = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[1])); $where_clause .= ' AND '; $where_clause .= '(m_dob_year<' . $lower . ' OR m_dob_year=' . $lower . ' AND (m_dob_month<' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day<=' . date('d') . '))'; $where_clause .= ' AND '; $where_clause .= '(m_dob_year>' . $upper . ' OR m_dob_year=' . $upper . ' AND (m_dob_month>' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day>=' . date('d') . '))'; } if (either_param_integer('option__photo_thumb_url', 0) == 1) { $where_clause .= ' AND '; $where_clause .= db_string_not_equal_to('m_photo_thumb_url', ''); } } $user_group = get_param('option__user_group', ''); if ($user_group != '') { $bits = explode(',', $user_group); $where_clause .= ' AND '; $group_where_clause = ''; foreach ($bits as $i => $bit) { $group = intval($bit); $table .= ' LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_group_members g' . strval($i) . ' ON (g' . strval($i) . '.gm_group_id=' . strval($group) . ' AND g' . strval($i) . '.gm_member_id=r.id)'; if ($group_where_clause != '') { $group_where_clause .= ' OR '; } $group_where_clause .= 'g' . strval($i) . '.gm_validated=1 OR m_primary_group=' . strval($group); } $where_clause .= '(' . $group_where_clause . ')'; } if (!has_specific_permission(get_member(), 'see_unvalidated')) { $where_clause .= ' AND '; $where_clause .= 'm_validated=1'; } // Calculate and perform query $rows = get_search_rows(NULL, NULL, $content, $boolean_search, $boolean_operator, $only_search_meta, $direction, $max, $start, $only_titles, 'f_members r JOIN ' . get_table_prefix() . 'f_member_custom_fields a ON r.id=a.mf_member_id' . $table, array('!', 'm_signature') + $trans_fields, $where_clause, $content_where, $remapped_orderer, 'r.*,a.*,r.id AS id', $raw_fields); $out = array(); foreach ($rows as $i => $row) { /*if ($user_group!='') { $bits=explode(',',$user_group); $ok=false; $groups=$GLOBALS['FORUM_DRIVER']->get_members_groups($row['id']); foreach ($bits as $bit) { if (in_array($user_group,$groups)) $ok=true; } if (!$ok) continue; }*/ if (!is_guest($row['id'])) { $out[$i]['data'] = $row; if ($remapped_orderer != '' && array_key_exists($remapped_orderer, $row)) { $out[$i]['orderer'] = $row[$remapped_orderer]; } elseif (substr($remapped_orderer, 0, 7) == '_rating') { $out[$i]['orderer'] = $row['compound_rating']; } } else { $out[$i]['data'] = NULL; } unset($rows[$i]); } return $out; }
/** * The actualiser for adding a member. * * @return tempcode The UI */ function step2() { $title = get_page_title('ADD_MEMBER'); // Read in data $username = trim(post_param('username')); $password = trim(post_param('password')); /* $password_confirm=trim(post_param('password_confirm')); if ($password!=$password_confirm) warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));*/ $email_address = trim(post_param('email_address', '')); $dob_day = post_param_integer('dob_day', NULL); $dob_month = post_param_integer('dob_month', NULL); $dob_year = post_param_integer('dob_year', NULL); $reveal_age = post_param_integer('reveal_age', 0); $timezone = post_param('timezone', get_site_timezone()); $language = post_param('language', get_site_default_lang()); $allow_emails = post_param_integer('allow_emails', 0); $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0); $custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true)); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields); $validated = post_param_integer('validated', 0); $primary_group = has_specific_permission(get_member(), 'assume_any_member') ? post_param_integer('primary_group') : NULL; $theme = post_param('theme', ''); $views_signatures = post_param_integer('views_signatures', 0); $preview_posts = post_param_integer('preview_posts', 0); $auto_monitor_contrib_content = post_param_integer('auto_monitor_contrib_content', 0); $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : ''; $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); $all_pt_allow = ''; foreach (array_keys($tmp_groups) as $key) { if ($key != db_get_first_id()) { if ($all_pt_allow != '') { $all_pt_allow .= ','; } $all_pt_allow .= strval($key); } } if ($pt_allow == $all_pt_allow) { $pt_allow = '*'; } $pt_rules_text = post_param('pt_rules_text', ''); breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu', do_lang_tempcode('MEMBERS')), array('_SELF:_SELF:misc', do_lang_tempcode('ADD_MEMBER')))); breadcrumb_set_self(do_lang_tempcode('DETAILS')); // Add member $id = ocf_make_member($username, $password, $email_address, NULL, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), NULL, '', NULL, '', 0, $preview_posts, $reveal_age, '', '', '', $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, '', '', '', true, '', '', post_param_integer('zone_wide', 0), NULL, NULL, post_param_integer('highlighted_name', 0), $pt_allow, $pt_rules_text); // Secondary groups if (array_key_exists('secondary_groups', $_POST)) { require_code('ocf_groups_action2'); $members_groups = array(); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL)); foreach ($_POST['secondary_groups'] as $group_id) { $group = $groups[intval($group_id)]; if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) { continue; } if (in_array($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1) { ocf_add_member_to_group($id, $group['id']); } } } $special_links = array(); if (addon_installed('galleries')) { require_lang('galleries'); $special_links[] = array('galleries', array('cms_galleries', array('type' => 'gimp', 'id' => $id), get_module_zone('cms_galleries')), do_lang('ADD_GALLERY')); } require_code('templates_donext'); return do_next_manager($title, do_lang_tempcode('SUCCESS'), NULL, NULL, array('_SELF', array('type' => 'misc'), '_SELF'), NULL, NULL, array('members', array('type' => 'view', 'id' => $id), get_module_zone('members')), array('members', array('type' => 'misc'), get_module_zone('members'), do_lang_tempcode('MEMBERS')), NULL, NULL, NULL, NULL, NULL, $special_links, NULL, NULL, NULL, NULL, do_lang_tempcode('MEMBERS')); }
/** * Get the ID for a CPF if we only know the title. Warning: Only use this with custom code, never core code! It assumes a single language and that fields aren't renamed. * * @param SHORT_TEXT The title. * @return ?AUTO_LINK The ID (NULL: could not find). */ function find_cpf_field_id($title) { $fields_to_show = ocf_get_all_custom_fields_match(NULL); foreach ($fields_to_show as $field_to_show) { if ($field_to_show['trans_name'] == $title) { return $field_to_show['id']; } } return NULL; }
/** * Edit a member. * * @param AUTO_LINK The ID of the member. * @param ?SHORT_TEXT The e-mail address. (NULL: don't change) * @param ?BINARY Whether posts are previewed before they are made. (NULL: don't change) * @param ?integer Day of date of birth. (NULL: don't change) (-1: deset) * @param ?integer Month of date of birth. (NULL: don't change) (-1: deset) * @param ?integer Year of date of birth. (NULL: don't change) (-1: deset) * @param ?ID_TEXT The member timezone. (NULL: don't change) * @param ?GROUP The members primary (NULL: don't change). * @param array A map of custom fields values (field-id=>value). * @param ?ID_TEXT The members default theme. (NULL: don't change) * @param ?BINARY Whether the members age may be shown. (NULL: don't change) * @param ?BINARY Whether the member sees signatures in posts. (NULL: don't change) * @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to. (NULL: don't change) * @param ?LANGUAGE_NAME The members language. (NULL: don't change) * @param ?BINARY Whether the member allows e-mails via the site. (NULL: don't change) * @param ?BINARY Whether the member allows e-mails from staff via the site. (NULL: don't change) * @param ?BINARY Whether the profile has been validated (NULL: do not change this). (NULL: don't change) * @param ?string The username. (NULL: don't change) * @param ?string The password. (NULL: don't change) * @param ?BINARY Whether the member likes to view zones without menus, when a choice is available. (NULL: don't change) * @param ?BINARY Whether the member username will be highlighted. (NULL: don't change) * @param ?SHORT_TEXT Usergroups that may PT the member. (NULL: don't change) * @param ?LONG_TEXT Rules that other members must agree to before they may start a PT with the member. (NULL: don't change) * @param ?TIME When the member is on probation until (NULL: don't change) * @param ?TIME When the member joined (NULL: don't change) * @param ?URLPATH Avatar (NULL: don't change) * @param ?LONG_TEXT Signature (NULL: don't change) * @param ?BINARY Banned status (NULL: don't change) * @param ?URLPATH Photo URL (NULL: don't change) * @param ?URLPATH URL of thumbnail of photo (NULL: don't change) * @param ?SHORT_TEXT Password salt (NULL: don't change) * @param ?ID_TEXT Password compatibility scheme (NULL: don't change) * @param boolean Whether to skip security checks and most of the change-triggered emails */ function ocf_edit_member($member_id, $email_address, $preview_posts, $dob_day, $dob_month, $dob_year, $timezone, $primary_group, $custom_fields, $theme, $reveal_age, $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, $validated = NULL, $username = NULL, $password = NULL, $zone_wide = 1, $highlighted_name = NULL, $pt_allow = '*', $pt_rules_text = '', $on_probation_until = NULL, $join_time = NULL, $avatar_url = NULL, $signature = NULL, $is_perm_banned = NULL, $photo_url = NULL, $photo_thumb_url = NULL, $salt = NULL, $password_compatibility_scheme = NULL, $skip_checks = false) { require_code('type_validation'); if (!$skip_checks) { $old_email_address = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_email_address'); if (!is_null($email_address) && ($email_address != '' || $old_email_address != '' && !has_specific_permission(get_member(), 'member_maintenance')) && !is_valid_email_address($email_address)) { warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address))); } } if (!is_null($username) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_password_compat_scheme') != 'remote') { if (!$skip_checks) { ocf_check_name_valid($username, $member_id, $password); require_code('urls2'); suggest_new_idmoniker_for('members', 'view', strval($member_id), $username); } } // Supplement custom field values given with defaults, and check constraints $all_fields = ocf_get_all_custom_fields_match($GLOBALS['OCF_DRIVER']->get_members_groups($member_id)); foreach ($all_fields as $field) { $field_id = $field['id']; if (array_key_exists($field_id, $custom_fields)) { if (!$skip_checks) { if ($field['cf_public_view'] == 0 && $member_id != get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) { access_denied('I_ERROR'); } if ($field['cf_owner_view'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) { access_denied('I_ERROR'); } if ($field['cf_owner_set'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) { access_denied('I_ERROR'); } } } } // Set custom profile field values $all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields); $changes = array(); foreach ($custom_fields as $field => $value) { if (!array_key_exists($field, $all_fields_types)) { continue; } // Trying to set a field we're not allowed to (doesn't apply to our group) $change = ocf_set_custom_field($member_id, $field, $value, $all_fields_types[$field], true); if (!is_null($change)) { $changes = array_merge($changes, $change); } } if (count($changes) != 0) { $GLOBALS['FORUM_DB']->query_update('f_member_custom_fields', $changes, array('mf_member_id' => $member_id), '', 1); } $old_primary_group = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_primary_group'); $_pt_rules_text = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pt_rules_text'); $_signature = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_signature'); $update = array(); if (!is_null($theme)) { $update['m_theme'] = $theme; } if (!is_null($preview_posts)) { $update['m_preview_posts'] = $preview_posts; } if (!is_null($dob_day)) { $update['m_dob_day'] = $dob_day == -1 ? NULL : $dob_day; } if (!is_null($dob_month)) { $update['m_dob_month'] = $dob_month == -1 ? NULL : $dob_month; } if (!is_null($dob_year)) { $update['m_dob_year'] = $dob_year == -1 ? NULL : $dob_year; } if (!is_null($timezone)) { $update['m_timezone_offset'] = $timezone; } if (!is_null($reveal_age)) { $update['m_reveal_age'] = $reveal_age; } if (!is_null($email_address)) { $update['m_email_address'] = $email_address; } if (!is_null($views_signatures)) { $update['m_views_signatures'] = $views_signatures; } if (!is_null($auto_monitor_contrib_content)) { $update['m_auto_monitor_contrib_content'] = $auto_monitor_contrib_content; } if (!is_null($language)) { $update['m_language'] = $language; } if (!is_null($allow_emails)) { $update['m_allow_emails'] = $allow_emails; } if (!is_null($allow_emails_from_staff)) { $update['m_allow_emails_from_staff'] = $allow_emails_from_staff; } if (!is_null($zone_wide)) { $update['m_zone_wide'] = $zone_wide; } if (!is_null($pt_allow)) { $update['m_pt_allow'] = $pt_allow; } if (!is_null($pt_rules_text)) { $update['m_pt_rules_text'] = lang_remap_comcode($_pt_rules_text, $pt_rules_text, $GLOBALS['FORUM_DB']); } if ($skip_checks || has_specific_permission(get_member(), 'probate_members')) { $update['m_on_probation_until'] = $on_probation_until; } if (!is_null($join_time)) { $update['m_join_time'] = $join_time; } if (!is_null($avatar_url)) { $update['m_avatar_url'] = $avatar_url; } if (!is_null($signature)) { $update['m_signature'] = lang_remap_comcode($_signature, $signature, $GLOBALS['FORUM_DB']); } if (!is_null($is_perm_banned)) { $update['m_is_perm_banned'] = $is_perm_banned; } if (!is_null($photo_url)) { $update['m_photo_url'] = $photo_url; } if (!is_null($photo_thumb_url)) { $update['m_photo_thumb_url'] = $photo_thumb_url; } $old_username = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_username'); if (!is_null($username) && $username != $old_username && ($skip_checks || has_actual_page_access(get_member(), 'admin_ocf_join') || has_specific_permission($member_id, 'rename_self'))) { $update['m_username'] = $username; // Reassign personal galleries if (addon_installed('galleries')) { require_lang('galleries'); $personal_galleries = $GLOBALS['SITE_DB']->query('SELECT fullname,parent_id FROM ' . get_table_prefix() . 'galleries WHERE name LIKE \'member_' . strval($member_id) . '_%\''); foreach ($personal_galleries as $gallery) { $parent_title = get_translated_text($GLOBALS['SITE_DB']->query_value('galleries', 'fullname', array('name' => $gallery['parent_id']))); if (get_translated_text($gallery['fullname']) == do_lang('PERSONAL_GALLERY_OF', $old_username, $parent_title)) { lang_remap($gallery['fullname'], do_lang('PERSONAL_GALLERY_OF', $username, $parent_title), $GLOBALS['FORUM_DB']); } } } require_code('notifications'); $subject = do_lang('USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_lang($member_id)); $mail = do_lang('USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_lang($member_id)); dispatch_notification('ocf_username_changed', NULL, $subject, $mail, array($member_id)); $subject = do_lang('STAFF_USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_site_default_lang()); $mail = do_lang('STAFF_USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_site_default_lang()); dispatch_notification('ocf_username_changed_staff', NULL, $subject, $mail); // Fix cacheing for usernames $to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username'); foreach ($to_fix as $fix) { list($table, $field) = explode('/', $fix); $GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $old_username)); } } if (!is_null($password)) { if (is_null($password_compatibility_scheme) && get_value('no_password_hashing') === '1') { $password_compatibility_scheme = 'plain'; $update['m_password_change_code'] = ''; $salt = ''; } if (!is_null($salt) || !is_null($password_compatibility_scheme)) { if (!is_null($salt)) { $update['m_pass_salt'] = $salt; } if (!is_null($password_compatibility_scheme)) { $update['m_password_compat_scheme'] = $password_compatibility_scheme; } $update['m_pass_hash_salted'] = $password; } else { $update['m_password_change_code'] = ''; $salt = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pass_salt'); $update['m_pass_hash_salted'] = md5($salt . md5($password)); $update['m_password_compat_scheme'] = ''; } if (!$skip_checks) { $part_b = ''; if (!has_actual_page_access(get_member(), 'admin_ocf_join')) { $part_b = do_lang('PASSWORD_CHANGED_MAIL_BODY_2', get_ip_address()); } $mail = do_lang('PASSWORD_CHANGED_MAIL_BODY', get_site_name(), $part_b, NULL, get_lang($member_id)); $old_email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address'); if ($old_email_address != $email_address) { $GLOBALS['FORUM_DB']->query_update('f_invites', array('i_email_address' => $old_email_address), array('i_email_address' => $email_address)); } if ($member_id == get_member() || get_value('disable_password_change_mails_for_staff') !== '1') { if (get_page_name() != 'admin_ocf_join') { require_code('notifications'); dispatch_notification('ocf_password_changed', NULL, do_lang('PASSWORD_CHANGED_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($member_id)), $mail, array($member_id), NULL, 2); } } } } if (!is_null($validated)) { $update['m_validated_email_confirm_code'] = ''; if (addon_installed('unvalidated')) { $update['m_validated'] = $validated; } } if (!is_null($highlighted_name)) { $update['m_highlighted_name'] = $highlighted_name; } if (!is_null($primary_group)) { $update['m_primary_group'] = $primary_group; } $old_validated = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_validated'); $GLOBALS['FORUM_DB']->query_update('f_members', $update, array('id' => $member_id), '', 1); if (get_member() != $member_id) { log_it('EDIT_MEMBER_PROFILE', strval($member_id), $username); } if ($old_validated == 0 && $validated == 1) { require_code('mail'); $_login_url = build_url(array('page' => 'login'), get_module_zone('login'), NULL, false, false, true); $login_url = $_login_url->evaluate(); mail_wrap(do_lang('VALIDATED_MEMBER_SUBJECT', get_site_name(), NULL, get_lang($member_id)), do_lang('MEMBER_VALIDATED', get_site_name(), $username, $login_url, get_lang($member_id)), array($email_address), $username); } // Decache from run-time cache unset($GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED[$member_id]); unset($GLOBALS['MEMBER_CACHE_FIELD_MAPPINGS'][$member_id]); unset($GLOBALS['TIMEZONE_MEMBER_CACHE'][$member_id]); unset($GLOBALS['USER_NAME_CACHE'][$member_id]); }
/** * Actualise the join form. * * @param boolean Whether to handle CAPTCHA (if enabled at all) * @param boolean Whether to ask for intro messages (if enabled at all) * @param boolean Whether to check for invites (if enabled at all) * @param boolean Whether to check email-address restrictions (if enabled at all) * @param boolean Whether to require staff confirmation (if enabled at all) * @param boolean Whether to force email address validation (if enabled at all) * @param boolean Whether to do COPPA checks (if enabled at all) * @param boolean Whether to instantly log the user in * @return array A tuple: Messages to show (currently nothing else in tuple) */ function ocf_join_actual($captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true, $confirm_if_enabled = true, $validate_if_enabled = true, $coppa_if_enabled = true, $instant_login = false) { ocf_require_all_forum_stuff(); require_css('ocf'); require_code('ocf_members_action'); require_code('ocf_members_action2'); // Read in data $username = trim(post_param('username')); ocf_check_name_valid($username, NULL, NULL, true); // Adjusts username if needed $password = trim(post_param('password')); $password_confirm = trim(post_param('password_confirm')); if ($password != $password_confirm) { warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH')))); } $confirm_email_address = post_param('email_address_confirm', NULL); $email_address = trim(post_param('email_address')); if (!is_null($confirm_email_address)) { if (trim($confirm_email_address) != $email_address) { warn_exit(make_string_tempcode(escape_html(do_lang('EMAIL_ADDRESS_MISMATCH')))); } } require_code('type_validation'); if (!is_valid_email_address($email_address)) { warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS')); } if ($invites_if_enabled) { if (get_option('is_on_invites') == '1') { $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address, 'i_taken' => 0)); if (is_null($test)) { warn_exit(do_lang_tempcode('NO_INVITE')); } } $GLOBALS['FORUM_DB']->query_update('f_invites', array('i_taken' => 1), array('i_email_address' => $email_address, 'i_taken' => 0), '', 1); } $dob_day = post_param_integer('dob_day', NULL); $dob_month = post_param_integer('dob_month', NULL); $dob_year = post_param_integer('dob_year', NULL); $reveal_age = post_param_integer('reveal_age', 0); $timezone = post_param('timezone', get_users_timezone()); $language = post_param('language', get_site_default_lang()); $allow_emails = post_param_integer('allow_emails', 0); $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0); $groups = ocf_get_all_default_groups(true); // $groups will contain the built in default primary group too (it is not $secondary_groups) $primary_group = post_param_integer('primary_group', NULL); if ($primary_group !== NULL && !in_array($primary_group, $groups)) { // Check security $test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group)); if ($test == 1) { $groups = ocf_get_all_default_groups(false); // Get it so it does not include the built in default primary group $groups[] = $primary_group; // And add in the *chosen* primary group } else { $primary_group = NULL; } } else { $primary_group = NULL; } if ($primary_group === NULL) { $primary_group = get_first_default_group(); } $custom_fields = ocf_get_all_custom_fields_match($groups, NULL, NULL, NULL, NULL, NULL, NULL, 0, true); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields); // Check that the given address isn't already used (if one_per_email_address on) $member_id = NULL; if ($one_per_email_address_if_enabled) { if (get_option('one_per_email_address') == '1') { $test = $GLOBALS['FORUM_DB']->query_select('f_members', array('id', 'm_username'), array('m_email_address' => $email_address), '', 1); if (array_key_exists(0, $test)) { if ($test[0]['m_username'] != $username) { $reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword')); warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate()))); } $member_id = $test[0]['id']; } } } if ($captcha_if_enabled) { if (addon_installed('captcha')) { require_code('captcha'); enforce_captcha(); } } if (addon_installed('ldap')) { require_code('ocf_ldap'); if (ocf_is_ldap_member_potential($username)) { warn_exit(do_lang_tempcode('DUPLICATE_JOIN_AUTH')); } } // Add member $skip_confirm = get_option('skip_email_confirm_join') == '1'; if (!$confirm_if_enabled) { $skip_confirm = true; } $validated_email_confirm_code = $skip_confirm ? '' : strval(mt_rand(1, 32000)); $require_new_member_validation = get_option('require_new_member_validation') == '1'; if (!$validate_if_enabled) { $require_new_member_validation = false; } $coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)) / 31536000.0 < 13.0; if (!$coppa_if_enabled) { $coppa = false; } $validated = $require_new_member_validation || $coppa ? 0 : 1; if (is_null($member_id)) { $member_id = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), time(), '', NULL, '', 0, get_option('default_preview_guests') == '1' ? 1 : 0, $reveal_age, '', '', '', 1, get_value('no_auto_notifications') === '1' ? 0 : 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), $validated_email_confirm_code, true, '', ''); } // Send confirm mail if (!$skip_confirm) { $zone = get_module_zone('join'); if ($zone != '') { $zone .= '/'; } $_url = build_url(array('page' => 'join', 'type' => 'step4', 'email' => $email_address, 'code' => $validated_email_confirm_code), $zone, NULL, false, false, true); $url = $_url->evaluate(); $_url_simple = build_url(array('page' => 'join', 'type' => 'step4'), $zone, NULL, false, false, true); $url_simple = $_url_simple->evaluate(); $redirect = get_param('redirect', ''); if ($redirect != '') { $url .= '&redirect=' . ocp_url_encode($redirect); } $message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $email_address, $validated_email_confirm_code), $language); require_code('mail'); if (!$coppa) { mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $language), $message, array($email_address), $username, '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true); } } // Send COPPA mail if ($coppa) { $fields_done = do_lang('THIS_WITH_COMCODE', do_lang('USERNAME'), $username) . "\n\n"; foreach ($custom_fields as $custom_field) { if ($custom_field['cf_type'] != 'upload') { $fields_done .= do_lang('THIS_WITH_COMCODE', $custom_field['trans_name'], post_param('custom_' . $custom_field['id'] . '_value')) . "\n"; } } $_privacy_url = build_url(array('page' => 'privacy'), '_SEARCH', NULL, false, false, true); $privacy_url = $_privacy_url->evaluate(); $message = do_lang('COPPA_MAIL', comcode_escape(get_option('site_name')), comcode_escape(get_option('privacy_fax')), array(comcode_escape(get_option('privacy_postal_address')), comcode_escape($fields_done), comcode_escape($privacy_url)), $language); require_code('mail'); mail_wrap(do_lang('COPPA_JOIN_SUBJECT', $username, get_site_name(), NULL, $language), $message, array($email_address), $username); } // Send 'validate this member' notification if ($require_new_member_validation) { require_code('notifications'); $_validation_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true, 'tab__edit'); $validation_url = $_validation_url->evaluate(); $message = do_lang('VALIDATE_NEW_MEMBER_MAIL', comcode_escape($username), comcode_escape($validation_url), comcode_escape(strval($member_id)), get_site_default_lang()); dispatch_notification('ocf_member_needs_validation', NULL, do_lang('VALIDATE_NEW_MEMBER_SUBJECT', $username, NULL, NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED); } // Send new member notification require_code('notifications'); $_member_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true); $member_url = $_member_url->evaluate(); $message = do_lang('NEW_MEMBER_NOTIFICATION_MAIL', comcode_escape($username), comcode_escape(get_site_name()), array(comcode_escape($member_url), comcode_escape(strval($member_id))), get_site_default_lang()); dispatch_notification('ocf_new_member', NULL, do_lang('NEW_MEMBER_NOTIFICATION_MAIL_SUBJECT', $username, get_site_name(), NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED); // Intro post if ($intro_message_if_enabled) { $forum_id = get_option('intro_forum_id'); if ($forum_id != '') { if (!is_numeric($forum_id)) { $_forum_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $forum_id)); if (is_null($_forum_id)) { $forum_id = strval(db_get_first_id()); } else { $forum_id = strval($_forum_id); } } $intro_title = post_param('intro_title', ''); $intro_post = post_param('intro_post', ''); if ($intro_post != '') { require_code('ocf_topics_action'); if ($intro_title == '') { $intro_title = do_lang('INTRO_POST_DEFAULT', $username); } $topic_id = ocf_make_topic(intval($forum_id)); require_code('ocf_posts_action'); ocf_make_post($topic_id, $intro_title, $intro_post, 0, true, NULL, 0, NULL, NULL, NULL, $member_id); } } } // Alert user to situation $message = new ocp_tempcode(); if ($coppa) { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_COPPA')); } elseif ($require_new_member_validation) { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_VALIDATED', escape_html(get_custom_base_url()))); } elseif ($skip_confirm) { if ($instant_login) { require_code('users_active_actions'); handle_active_login($username); $message->attach(do_lang_tempcode('OCF_LOGIN_AUTO')); } else { $_login_url = build_url(array('page' => 'login', 'redirect' => get_param('redirect', NULL)), get_module_zone('login')); $login_url = $_login_url->evaluate(); $message->attach(do_lang_tempcode('OCF_LOGIN_INSTANT', escape_html($login_url))); } } else { if (!$skip_confirm) { $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL')); } $message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_INSTANT')); } $message = protect_from_escaping($message); return array($message); }