/**
* Standard modular render function for profile tabs edit hooks.
*
* @param MEMBER The ID of the member who is being viewed
* @param MEMBER The ID of the member who is doing the viewing
* @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later
* @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set)
*/
function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false)
{
$order = 0;
// Actualiser
if (post_param('submitting_settings_tab', NULL) !== NULL) {
require_code('ocf_members_action2');
$is_ldap = ocf_is_ldap_member($member_id_of);
$is_httpauth = ocf_is_httpauth_member($member_id_of);
$is_remote = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_password_compat_scheme') == 'remote';
if ($is_ldap || $is_httpauth || $is_remote || $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'assume_any_member')) {
$password = NULL;
} else {
$password = post_param('edit_password');
if ($password == '') {
$password = NULL;
} else {
$password_confirm = trim(post_param('password_confirm'));
if ($password != $password_confirm) {
warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
}
}
}
$custom_fields = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id_of), $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'view_any_profile_field') ? 1 : NULL, $member_id_of != $member_id_viewing ? NULL : 1, $member_id_of != $member_id_viewing ? NULL : 1);
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields, $member_id_of);
$pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : '';
$tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true);
$all_pt_allow = '';
foreach (array_keys($tmp_groups) as $key) {
if ($key != db_get_first_id()) {
if ($all_pt_allow != '') {
$all_pt_allow .= ',';
}
$all_pt_allow .= strval($key);
}
}
if ($pt_allow == $all_pt_allow) {
$pt_allow = '*';
}
$pt_rules_text = post_param('pt_rules_text', NULL);
if (has_specific_permission($member_id_viewing, 'member_maintenance')) {
$validated = post_param_integer('validated', 0);
$primary_group = $is_ldap || !has_specific_permission($member_id_viewing, 'assume_any_member') ? NULL : post_param_integer('primary_group', NULL);
$is_perm_banned = post_param_integer('is_perm_banned', 0);
$old_is_perm_banned = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_is_perm_banned');
if ($old_is_perm_banned != $is_perm_banned) {
if ($is_perm_banned == 1) {
ocf_ban_member($member_id_of);
} else {
ocf_unban_member($member_id_of);
}
}
$highlighted_name = post_param_integer('highlighted_name', 0);
if (has_specific_permission($member_id_viewing, 'probate_members')) {
$on_probation_until = get_input_date('on_probation_until');
$current__on_probation_until = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_on_probation_until');
if ((is_null($on_probation_until) || $on_probation_until <= time()) && $current__on_probation_until > time()) {
log_it('STOP_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
} elseif (!is_null($on_probation_until) && $on_probation_until > time() && $current__on_probation_until <= time()) {
log_it('START_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
} elseif (!is_null($on_probation_until) && $current__on_probation_until > $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) {
log_it('REDUCE_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
} elseif (!is_null($on_probation_until) && $current__on_probation_until < $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) {
log_it('EXTEND_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
}
} else {
$on_probation_until = NULL;
}
} else {
$validated = NULL;
$primary_group = NULL;
$highlighted_name = NULL;
$on_probation_until = NULL;
}
if (has_actual_page_access($member_id_viewing, 'admin_ocf_join') || has_specific_permission($member_id_of, 'rename_self')) {
$username = $is_ldap || $is_remote ? NULL : post_param('edit_username', NULL);
} else {
$username = NULL;
}
$email = post_param('email_address', NULL);
if (!is_null($email)) {
$email = trim($email);
}
$theme = post_param('theme', NULL);
if ($is_remote) {
$preview_posts = NULL;
$zone_wide = NULL;
$auto_monitor_contrib_content = NULL;
$views_signatures = NULL;
$timezone = NULL;
} else {
$preview_posts = post_param_integer('preview_posts', 0);
$zone_wide = post_param_integer('zone_wide', 0);
$auto_monitor_contrib_content = NULL;
//post_param_integer('auto_monitor_contrib_content',0); Moved to notifications tab
$views_signatures = post_param_integer('views_signatures', 0);
$timezone = post_param('timezone', get_site_timezone());
}
ocf_edit_member($member_id_of, $email, $preview_posts, post_param_integer('dob_day', -1), post_param_integer('dob_month', -1), post_param_integer('dob_year', -1), $timezone, $primary_group, $actual_custom_fields, $theme, post_param_integer('reveal_age', 0), $views_signatures, $auto_monitor_contrib_content, post_param('language', NULL), post_param_integer('allow_emails', 0), post_param_integer('allow_emails_from_staff', 0), $validated, $username, $password, $zone_wide, $highlighted_name, $pt_allow, $pt_rules_text, $on_probation_until);
if (!array_key_exists('secondary_groups', $_POST)) {
$_POST['secondary_groups'] = array();
}
require_code('ocf_groups_action2');
$members_groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id_of);
$group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
$groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL));
foreach ($_POST['secondary_groups'] as $group_id) {
$group = $groups[intval($group_id)];
if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission($member_id_viewing, 'see_hidden_groups')) {
continue;
}
if (!in_array($group['id'], $members_groups) && (has_specific_permission($member_id_viewing, 'assume_any_member') || $group['g_open_membership'] == 1)) {
ocf_add_member_to_group($member_id_of, $group['id']);
}
}
foreach ($members_groups as $group_id) {
if (!in_array(strval($group_id), $_POST['secondary_groups'])) {
ocf_member_leave_group($group_id, $member_id_of);
}
}
$GLOBALS['FORUM_DB']->query('DELETE FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_known_login_ips WHERE i_member_id=' . strval($member_id_of) . ' AND ' . db_string_not_equal_to('i_val_code', ''));
// So any re-confirms can happen
if (addon_installed('awards')) {
require_code('awards');
handle_award_setting('member', strval($member_id_of));
}
attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform');
}
if ($leave_to_ajax_if_possible) {
return NULL;
}
// UI
$title = do_lang_tempcode('SETTINGS');
$myrow = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id_of);
if (is_null($myrow)) {
warn_exit(do_lang_tempcode('USER_NO_EXIST'));
}
require_code('ocf_members_action2');
list($fields, $hidden) = ocf_get_member_fields_settings(false, $member_id_of, NULL, $myrow['m_email_address'], $myrow['m_preview_posts'], $myrow['m_dob_day'], $myrow['m_dob_month'], $myrow['m_dob_year'], get_users_timezone($member_id_of), $myrow['m_theme'], $myrow['m_reveal_age'], $myrow['m_views_signatures'], $myrow['m_auto_monitor_contrib_content'], $myrow['m_language'], $myrow['m_allow_emails'], $myrow['m_allow_emails_from_staff'], $myrow['m_validated'], $myrow['m_primary_group'], $myrow['m_username'], $myrow['m_is_perm_banned'], '', $myrow['m_zone_wide'], $myrow['m_highlighted_name'], $myrow['m_pt_allow'], get_translated_text($myrow['m_pt_rules_text'], $GLOBALS['FORUM_DB']), $myrow['m_on_probation_until']);
// Awards?
if (addon_installed('awards')) {
require_code('awards');
$fields->attach(get_award_fields('member', strval($member_id_of)));
}
$redirect = get_param('redirect', NULL);
if (!is_null($redirect)) {
$hidden->attach(form_input_hidden('redirect', $redirect));
}
$hidden->attach(form_input_hidden('submitting_settings_tab', '1'));
$javascript = "\n\t\t\tvar form=document.getElementById('email_address').form;\n\t\t\tform.prior_profile_edit_submit=form.onsubmit;\n\t\t\tform.onsubmit=function()\n\t\t\t\t{\n\t\t\t\t\tif (typeof form.elements['edit_password']!='undefined')\n\t\t\t\t\t{\n\t\t\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['edit_password'].value))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (typeof form.prior_profile_edit_submit!='undefined' && form.prior_profile_edit_submit) return form.prior_profile_edit_submit();\n\t\t\t\t\treturn true;\n\t\t\t\t};\n\t\t";
$text = '';
return array($title, $fields, $text, $javascript, $order, $hidden);
}
/**
* Add a member.
*
* @param SHORT_TEXT The username.
* @param SHORT_TEXT The password.
* @param SHORT_TEXT The e-mail address.
* @param ?array A list of usergroups (NULL: default/current usergroups).
* @param ?integer Day of date of birth (NULL: unknown).
* @param ?integer Month of date of birth (NULL: unknown).
* @param ?integer Year of date of birth (NULL: unknown).
* @param array A map of custom field values (field-id=>value).
* @param ?ID_TEXT The member timezone (NULL: auto-detect).
* @param ?GROUP The member's primary (NULL: default).
* @param BINARY Whether the profile has been validated.
* @param ?TIME When the member joined (NULL: now).
* @param ?TIME When the member last visited (NULL: now).
* @param ID_TEXT The member's default theme.
* @param ?URLPATH The URL to the member's avatar (blank: none) (NULL: choose one automatically).
* @param LONG_TEXT The member's signature (blank: none).
* @param BINARY Whether the member is permanently banned.
* @param BINARY Whether posts are previewed before they are made.
* @param BINARY Whether the member's age may be shown.
* @param SHORT_TEXT The member's title (blank: get from primary).
* @param URLPATH The URL to the member's photo (blank: none).
* @param URLPATH The URL to the member's photo thumbnail (blank: none).
* @param BINARY Whether the member sees signatures in posts.
* @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config).
* @param ?LANGUAGE_NAME The member's language (NULL: auto detect).
* @param BINARY Whether the member allows e-mails via the site.
* @param BINARY Whether the member allows e-mails from staff via the site.
* @param LONG_TEXT Personal notes of the member.
* @param ?IP The member's IP address (NULL: IP address of current user).
* @param SHORT_TEXT The code required before the account becomes active (blank: already entered).
* @param boolean Whether to check details for correctness.
* @param ?ID_TEXT The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted).
* @param SHORT_TEXT The password salt (blank: password compatibility scheme does not use a salt / auto-generate).
* @param BINARY Whether the member likes to view zones without menus, when a choice is available.
* @param ?TIME The time the member last made a submission (NULL: set to now).
* @param ?AUTO_LINK Force an ID (NULL: don't force an ID)
* @param BINARY Whether the member username will be highlighted.
* @param SHORT_TEXT Usergroups that may PT the member.
* @param LONG_TEXT Rules that other members must agree to before they may start a PT with the member.
* @return AUTO_LINK The ID of the new member.
*/
function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '')
{
if (is_null($auto_monitor_contrib_content)) {
$auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1;
}
if (is_null($password_compatibility_scheme)) {
if (get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
} else {
$password_compatibility_scheme = '';
}
}
if (is_null($language)) {
$language = '';
}
if (is_null($signature)) {
$signature = '';
}
if (is_null($title)) {
$title = '';
}
if (is_null($timezone)) {
$timezone = get_site_timezone();
}
if (is_null($allow_emails)) {
$allow_emails = 1;
}
if (is_null($allow_emails_from_staff)) {
$allow_emails_from_staff = 1;
}
if (is_null($personal_notes)) {
$personal_notes = '';
}
if (is_null($avatar_url)) {
if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) {
$avatar_url = '';
} else {
if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) {
require_code('themes2');
$codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']);
shuffle($codes);
$results = array();
foreach ($codes as $code) {
if (strpos($code, 'ocp_fanatic') !== false) {
continue;
}
$count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true)));
if (is_null($count)) {
$count = 0;
}
$results[$code] = $count;
}
@asort($results);
// @'d as type checker fails for some odd reason
$found_avatars = array_keys($results);
$avatar_url = find_theme_image(array_shift($found_avatars), true, true);
}
if (is_null($avatar_url)) {
$GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => ''));
// In case failure cached, gets very confusing
$avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
if (is_null($avatar_url)) {
$avatar_url = '';
}
}
}
}
if ($check_correctness) {
if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) {
ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL);
}
if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) {
require_code('type_validation');
if (!is_valid_email_address($email_address) && $email_address != '') {
warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
}
}
}
require_code('ocf_members');
require_code('ocf_groups');
if (is_null($last_submit_time)) {
$last_submit_time = time();
}
if (is_null($join_time)) {
$join_time = time();
}
if (is_null($last_visit_time)) {
$last_visit_time = time();
}
if (is_null($primary_group)) {
$primary_group = get_first_default_group();
// This is members
}
if (is_null($secondary_groups)) {
$secondary_groups = ocf_get_all_default_groups(false);
}
foreach ($secondary_groups as $_g_id => $g_id) {
if ($g_id == $primary_group) {
unset($secondary_groups[$_g_id]);
}
}
if (is_null($ip_address)) {
$ip_address = get_ip_address();
}
if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$salt = '';
}
if ($salt == '' && $password_compatibility_scheme == '') {
$salt = produce_salt();
$password_salted = md5($salt . md5($password));
} else {
$password_salted = $password;
}
// Supplement custom field values given with defaults, and check constraints
$all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups));
require_code('fields');
foreach ($all_fields as $field) {
$field_id = $field['id'];
if (array_key_exists($field_id, $custom_fields)) {
if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) {
access_denied('I_ERROR');
}
} else {
$custom_fields[$field_id] = '';
}
}
if (!addon_installed('unvalidated')) {
$validated = 1;
}
$map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL);
if (!is_null($id)) {
$map['id'] = $id;
}
$member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true);
if ($check_correctness) {
// If it was an invite/recommendation, award the referrer
if (addon_installed('recommend')) {
$inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time');
if (!is_null($inviter)) {
if (addon_installed('points')) {
require_code('points2');
require_lang('recommend');
system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter);
}
if (addon_installed('chat')) {
require_code('chat2');
buddy_add($inviter, $member_id);
buddy_add($member_id, $inviter);
}
}
}
}
$value = mixed();
// Store custom fields
$row = array('mf_member_id' => $member_id);
$all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
foreach ($custom_fields as $field_num => $value) {
if (!array_key_exists($field_num, $all_fields_types)) {
continue;
}
// Trying to set a field we're not allowed to (doesn't apply to our group)
$ob = get_fields_hook($all_fields_types[$field_num]);
list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]);
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field_num)] = $value;
}
// Set custom field row
$all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type'));
foreach ($all_fields_regardless as $field) {
if (!array_key_exists('field_' . strval($field['id']), $row)) {
$ob = get_fields_hook($field['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($field);
$value = '';
if (strpos($storage_type, '_trans') !== false) {
$value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
}
$row['field_' . strval($field['id'])] = $value;
}
}
$GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row);
// Any secondary work
foreach ($secondary_groups as $g) {
if ($g != $primary_group) {
$GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1);
$GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1));
}
}
if ($check_correctness) {
if (function_exists('decache')) {
decache('side_stats');
}
}
return $member_id;
}
function handle_facebook_connection_login($current_logged_in_member)
{
if (!class_exists('ocp_tempcode')) {
return NULL;
}
if (is_guest($current_logged_in_member)) {
$current_logged_in_member = NULL;
// We are not a normal cookie login so ocPortal has loaded up a Guest session already in the expectation of keeping it. Unsetting it will force a rebind (existing session may be reused though)
require_code('users_inactive_occasionals');
set_session_id(-1);
}
// If already session-logged-in onto a Facebook account, don't bother doing anything
if (!is_null($current_logged_in_member) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($current_logged_in_member, 'm_password_compat_scheme') == 'facebook') {
return $current_logged_in_member;
}
// Who is this user, from Facebook's point of view?
global $FACEBOOK_CONNECT;
$facebook_uid = $FACEBOOK_CONNECT->getUser();
if (is_null($facebook_uid)) {
return $current_logged_in_member;
}
try {
$details = $FACEBOOK_CONNECT->api('/me');
} catch (Exception $e) {
return $current_logged_in_member;
}
$details2 = $FACEBOOK_CONNECT->api('/me', array('fields' => 'picture', 'type' => 'normal'));
if (!is_array($details) || !is_array($details2)) {
return $current_logged_in_member;
}
$details = array_merge($details, $details2);
if (!isset($details['name'])) {
return $current_logged_in_member;
}
$username = $details['name'];
$photo_url = array_key_exists('picture', $details) ? $details['picture'] : '';
if (is_array($photo_url)) {
$photo_url = $photo_url['data']['url'];
}
if ($photo_url != '') {
$photo_url = 'http://graph.facebook.com/' . strval($facebook_uid) . '/picture?type=large';
// In case URL changes
}
$avatar_url = $photo_url == '' ? mixed() : $photo_url;
$photo_thumb_url = '';
if ($photo_url != '') {
$photo_thumb_url = $photo_url;
}
$email_address = array_key_exists('email', $details) ? $details['email'] : '';
$timezone = mixed();
if (isset($details['timezone'])) {
require_code('temporal');
$timezone = convert_timezone_offset_to_formal_timezone($details['timezone']);
}
$language = mixed();
if (isset($details['locale'])) {
$language = strtoupper($details['locale']);
}
if ($language !== NULL) {
if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) {
$language = preg_replace('#\\_.*$#', '', $language);
if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) {
$language = '';
}
}
}
$dob = array_key_exists('birthday', $details) ? $details['birthday'] : '';
$dob_day = mixed();
$dob_month = mixed();
$dob_year = mixed();
if ($dob != '') {
$_dob = explode('/', $dob);
$dob_day = intval($_dob[1]);
$dob_month = intval($_dob[0]);
$dob_year = intval($_dob[2]);
}
// See if they have logged in before - i.e. have a synched account
$member_row = $GLOBALS['FORUM_DB']->query_select('f_members', array('*'), array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), 'ORDER BY id DESC', 1);
$member = array_key_exists(0, $member_row) ? $member_row[0]['id'] : NULL;
if (is_guest($member)) {
$member = NULL;
}
/*if (!is_null($member)) // Useful for debugging
{
require_code('ocf_members_action2');
ocf_delete_member($member);
$member=NULL;
}*/
// If logged in before using Facebook, see if they've changed their name or email or timezone on Facebook -- if so, try and update locally to match
if (!is_null($member)) {
if (!is_null($current_logged_in_member) && $current_logged_in_member !== NULL && !is_guest($current_logged_in_member) && $current_logged_in_member != $member) {
return $current_logged_in_member;
}
// User has an active login, and the Facebook account is bound to a DIFFERENT login. Take precedence to the other login that is active on top of this
$last_visit_time = $member[0]['m_last_visit_time'];
if ($timezone !== NULL) {
if (tz_time(time(), $timezone) == tz_time(time(), $member[0]['m_timezone_offset'])) {
$timezone = $member[0]['m_timezone_offset'];
}
// If equivalent, don't change
}
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $username));
if (!is_null($test)) {
$update_map = array('m_username' => $username, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year);
if ($email_address != '') {
$update_map['m_email_address'] = $email_address;
}
if ($avatar_url !== NULL && ($test == '' || strpos($test, 'facebook') !== false || strpos($test, 'fbcdn') !== false)) {
if ($timezone !== NULL) {
$update_map['m_timezone_offset'] = $timezone;
}
$update_map['m_avatar_url'] = $avatar_url;
$update_map['m_photo_url'] = $photo_url;
$update_map['m_photo_thumb_url'] = $photo_thumb_url;
}
$GLOBALS['FORUM_DB']->query_update('f_members', $update_map, array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => strval($facebook_uid)), '', 1);
if ($username != $member[0]['m_username']) {
// Fix cacheing for usernames
$to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username');
foreach ($to_fix as $fix) {
list($table, $field) = explode('/', $fix);
$GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $member[0]['m_username']));
}
}
}
}
// Not logged in before using Facebook, so we need to create an account, or bind to the active ocPortal login if there is one
$in_a_sane_place = get_page_name() != 'login' && (running_script('index') || running_script('execute_temp'));
// If we're in some weird script, or the login module UI, it's not a sane place, don't be doing account creation yet
if (is_null($member) && $in_a_sane_place) {
// Bind to existing ocPortal login?
if (!is_null($current_logged_in_member)) {
/*if (post_param_integer('associated_confirm',0)==0) Won't work because Facebook is currently done in JS and cookies force this. If user wishes to cancel they must go to http://www.facebook.com/settings?tab=applications and remove the app, then run a lost password reset.
{
$title=get_page_title('LOGIN_FACEBOOK_HEADER');
$message=do_lang_tempcode('LOGGED_IN_SURE_FACEBOOK',escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)));
$middle=do_template('YESNO_SCREEN',array('TITLE'=>$title,'TEXT'=>$message,'HIDDEN'=>form_input_hidden('associated_confirm','1'),'URL'=>get_self_url_easy()));
$tpl=globalise($middle,NULL,'',true);
$tpl->evaluate_echo();
exit();
}*/
$GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), array('id' => $current_logged_in_member), '', 1);
require_code('site');
require_lang('facebook');
attach_message(do_lang_tempcode('FACEBOOK_ACCOUNT_CONNECTED', escape_html(get_site_name()), escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)), array(escape_html($username))), 'inform');
return $current_logged_in_member;
}
// If we're still here, we have to create a new account...
// -------------------------------------------------------
$completion_form_submitted = post_param('email_address', '') != '';
// If there's a conflicting username, we may need to change it (suffix a number)
require_code('ocf_members_action2');
$username = get_username_from_human_name($username);
// Ask ocP to finish off the profile from the information presented in the POST environment (a standard mechanism in ocPortal, for third party logins of various kinds)
require_lang('ocf');
require_code('ocf_members');
require_code('ocf_groups');
require_code('ocf_members2');
require_code('ocf_members_action');
$_custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, 1);
if (!$completion_form_submitted && count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') {
$GLOBALS['FACEBOOK_FINISHING_PROFILE'] = true;
$middle = ocf_member_external_linker_ask($username, 'facebook', $email_address, $dob_day, $dob_month, $dob_year);
$tpl = globalise($middle, NULL, '', true);
$tpl->evaluate_echo();
exit;
} else {
$username = post_param('username', $username);
if (count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') {
// Was not auto-generated, so needs to be checked
ocf_check_name_valid($username, NULL, NULL);
}
$member = ocf_member_external_linker($username, $facebook_uid, 'facebook', false, $email_address, $dob_day, $dob_month, $dob_year, $timezone, $language, $avatar_url, $photo_url, $photo_thumb_url);
}
}
if (!is_null($member)) {
require_code('users_inactive_occasionals');
create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1');
// This will mark it as confirmed
}
return $member;
}
/**
* Standard modular run function for search results.
*
* @param string Search string
* @param boolean Whether to only do a META (tags) search
* @param ID_TEXT Order direction
* @param integer Start position in total results
* @param integer Maximum results to return in total
* @param boolean Whether only to search titles (as opposed to both titles and content)
* @param string Where clause that selects the content according to the main search string (SQL query fragment) (blank: full-text search)
* @param SHORT_TEXT Username/Author to match for
* @param ?MEMBER Member-ID to match for (NULL: unknown)
* @param TIME Cutoff date
* @param string The sort type (gets remapped to a field in this function)
* @set title add_date
* @param integer Limit to this number of results
* @param string What kind of boolean search to do
* @set or and
* @param string Where constraints known by the main search code (SQL query fragment)
* @param string Comma-separated list of categories to search under
* @param boolean Whether it is a boolean search
* @return array List of maps (template, orderer)
*/
function run($content, $only_search_meta, $direction, $max, $start, $only_titles, $content_where, $author, $author_id, $cutoff, $sort, $limit_to, $boolean_operator, $where_clause, $search_under, $boolean_search)
{
unset($limit_to);
if (get_forum_type() != 'ocf') {
return array();
}
require_code('ocf_members');
$remapped_orderer = '';
switch ($sort) {
case 'title':
$remapped_orderer = 'm_username';
break;
case 'add_date':
$remapped_orderer = 'm_join_time';
break;
case 'relevance':
case 'rating':
break;
default:
$remapped_orderer = preg_replace('#[^\\w]#', '', $sort);
break;
}
require_lang('ocf');
// Calculate our where clause (search)
if ($author != '') {
$where_clause .= ' AND ';
$where_clause .= db_string_equal_to('m_username', $author);
}
if (!is_null($cutoff)) {
$where_clause .= ' AND ';
$where_clause .= 'm_join_time>' . strval($cutoff);
}
$raw_fields = array('m_username');
$trans_fields = array();
$rows = ocf_get_all_custom_fields_match(NULL, 1, 1);
$table = '';
require_code('fields');
$non_trans_fields = 0;
foreach ($rows as $i => $row) {
$ob = get_fields_hook($row['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($row);
if (strpos($storage_type, '_trans') === false) {
$non_trans_fields++;
}
}
$index_issue = $non_trans_fields > 16;
foreach ($rows as $i => $row) {
$ob = get_fields_hook($row['cf_type']);
list(, , $storage_type) = $ob->get_field_value_row_bits($row);
$param = get_param('option_' . strval($row['id']), '');
if ($param != '') {
$where_clause .= ' AND ';
if (db_has_full_text($GLOBALS['SITE_DB']->connection_read) && method_exists($GLOBALS['SITE_DB']->static_ob, 'db_has_full_text_boolean') && $GLOBALS['SITE_DB']->static_ob->db_has_full_text_boolean() && !is_under_radar($param)) {
$temp = db_full_text_assemble('"' . $param . '"', true);
} else {
$temp = db_like_assemble($param);
}
if ($row['cf_type'] == 'short_trans' || $row['cf_type'] == 'long_trans') {
$where_clause .= preg_replace('#\\?#', 't' . strval(count($trans_fields) + 1) . '.text_original', $temp);
} else {
$where_clause .= preg_replace('#\\?#', 'field_' . strval($row['id']), $temp);
}
}
if (strpos($storage_type, '_trans') === false) {
$raw_fields[] = 'field_' . strval($row['id']);
} else {
$trans_fields[] = 'field_' . strval($row['id']);
}
}
$age_range = get_param('option__age_range', get_param('option__age_range_from', '') . '-' . get_param('option__age_range_to', ''));
if ($age_range != '' && $age_range != '-') {
$bits = explode('-', $age_range);
if (count($bits) == 2) {
$lower = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[0]));
$upper = strval(intval(date('Y', utctime_to_usertime())) - intval($bits[1]));
$where_clause .= ' AND ';
$where_clause .= '(m_dob_year<' . $lower . ' OR m_dob_year=' . $lower . ' AND (m_dob_month<' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day<=' . date('d') . '))';
$where_clause .= ' AND ';
$where_clause .= '(m_dob_year>' . $upper . ' OR m_dob_year=' . $upper . ' AND (m_dob_month>' . date('m') . ' OR m_dob_month=' . date('m') . ' AND m_dob_day>=' . date('d') . '))';
}
if (either_param_integer('option__photo_thumb_url', 0) == 1) {
$where_clause .= ' AND ';
$where_clause .= db_string_not_equal_to('m_photo_thumb_url', '');
}
}
$user_group = get_param('option__user_group', '');
if ($user_group != '') {
$bits = explode(',', $user_group);
$where_clause .= ' AND ';
$group_where_clause = '';
foreach ($bits as $i => $bit) {
$group = intval($bit);
$table .= ' LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_group_members g' . strval($i) . ' ON (g' . strval($i) . '.gm_group_id=' . strval($group) . ' AND g' . strval($i) . '.gm_member_id=r.id)';
if ($group_where_clause != '') {
$group_where_clause .= ' OR ';
}
$group_where_clause .= 'g' . strval($i) . '.gm_validated=1 OR m_primary_group=' . strval($group);
}
$where_clause .= '(' . $group_where_clause . ')';
}
if (!has_specific_permission(get_member(), 'see_unvalidated')) {
$where_clause .= ' AND ';
$where_clause .= 'm_validated=1';
}
// Calculate and perform query
$rows = get_search_rows(NULL, NULL, $content, $boolean_search, $boolean_operator, $only_search_meta, $direction, $max, $start, $only_titles, 'f_members r JOIN ' . get_table_prefix() . 'f_member_custom_fields a ON r.id=a.mf_member_id' . $table, array('!', 'm_signature') + $trans_fields, $where_clause, $content_where, $remapped_orderer, 'r.*,a.*,r.id AS id', $raw_fields);
$out = array();
foreach ($rows as $i => $row) {
/*if ($user_group!='')
{
$bits=explode(',',$user_group);
$ok=false;
$groups=$GLOBALS['FORUM_DRIVER']->get_members_groups($row['id']);
foreach ($bits as $bit)
{
if (in_array($user_group,$groups)) $ok=true;
}
if (!$ok) continue;
}*/
if (!is_guest($row['id'])) {
$out[$i]['data'] = $row;
if ($remapped_orderer != '' && array_key_exists($remapped_orderer, $row)) {
$out[$i]['orderer'] = $row[$remapped_orderer];
} elseif (substr($remapped_orderer, 0, 7) == '_rating') {
$out[$i]['orderer'] = $row['compound_rating'];
}
} else {
$out[$i]['data'] = NULL;
}
unset($rows[$i]);
}
return $out;
}
/**
* The actualiser for adding a member.
*
* @return tempcode The UI
*/
function step2()
{
$title = get_page_title('ADD_MEMBER');
// Read in data
$username = trim(post_param('username'));
$password = trim(post_param('password'));
/* $password_confirm=trim(post_param('password_confirm'));
if ($password!=$password_confirm) warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));*/
$email_address = trim(post_param('email_address', ''));
$dob_day = post_param_integer('dob_day', NULL);
$dob_month = post_param_integer('dob_month', NULL);
$dob_year = post_param_integer('dob_year', NULL);
$reveal_age = post_param_integer('reveal_age', 0);
$timezone = post_param('timezone', get_site_timezone());
$language = post_param('language', get_site_default_lang());
$allow_emails = post_param_integer('allow_emails', 0);
$allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
$custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true));
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
$validated = post_param_integer('validated', 0);
$primary_group = has_specific_permission(get_member(), 'assume_any_member') ? post_param_integer('primary_group') : NULL;
$theme = post_param('theme', '');
$views_signatures = post_param_integer('views_signatures', 0);
$preview_posts = post_param_integer('preview_posts', 0);
$auto_monitor_contrib_content = post_param_integer('auto_monitor_contrib_content', 0);
$pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : '';
$tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true);
$all_pt_allow = '';
foreach (array_keys($tmp_groups) as $key) {
if ($key != db_get_first_id()) {
if ($all_pt_allow != '') {
$all_pt_allow .= ',';
}
$all_pt_allow .= strval($key);
}
}
if ($pt_allow == $all_pt_allow) {
$pt_allow = '*';
}
$pt_rules_text = post_param('pt_rules_text', '');
breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu', do_lang_tempcode('MEMBERS')), array('_SELF:_SELF:misc', do_lang_tempcode('ADD_MEMBER'))));
breadcrumb_set_self(do_lang_tempcode('DETAILS'));
// Add member
$id = ocf_make_member($username, $password, $email_address, NULL, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), NULL, '', NULL, '', 0, $preview_posts, $reveal_age, '', '', '', $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, '', '', '', true, '', '', post_param_integer('zone_wide', 0), NULL, NULL, post_param_integer('highlighted_name', 0), $pt_allow, $pt_rules_text);
// Secondary groups
if (array_key_exists('secondary_groups', $_POST)) {
require_code('ocf_groups_action2');
$members_groups = array();
$group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
$groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL));
foreach ($_POST['secondary_groups'] as $group_id) {
$group = $groups[intval($group_id)];
if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) {
continue;
}
if (in_array($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1) {
ocf_add_member_to_group($id, $group['id']);
}
}
}
$special_links = array();
if (addon_installed('galleries')) {
require_lang('galleries');
$special_links[] = array('galleries', array('cms_galleries', array('type' => 'gimp', 'id' => $id), get_module_zone('cms_galleries')), do_lang('ADD_GALLERY'));
}
require_code('templates_donext');
return do_next_manager($title, do_lang_tempcode('SUCCESS'), NULL, NULL, array('_SELF', array('type' => 'misc'), '_SELF'), NULL, NULL, array('members', array('type' => 'view', 'id' => $id), get_module_zone('members')), array('members', array('type' => 'misc'), get_module_zone('members'), do_lang_tempcode('MEMBERS')), NULL, NULL, NULL, NULL, NULL, $special_links, NULL, NULL, NULL, NULL, do_lang_tempcode('MEMBERS'));
}
/**
* Get the ID for a CPF if we only know the title. Warning: Only use this with custom code, never core code! It assumes a single language and that fields aren't renamed.
*
* @param SHORT_TEXT The title.
* @return ?AUTO_LINK The ID (NULL: could not find).
*/
function find_cpf_field_id($title)
{
$fields_to_show = ocf_get_all_custom_fields_match(NULL);
foreach ($fields_to_show as $field_to_show) {
if ($field_to_show['trans_name'] == $title) {
return $field_to_show['id'];
}
}
return NULL;
}
/**
* Edit a member.
*
* @param AUTO_LINK The ID of the member.
* @param ?SHORT_TEXT The e-mail address. (NULL: don't change)
* @param ?BINARY Whether posts are previewed before they are made. (NULL: don't change)
* @param ?integer Day of date of birth. (NULL: don't change) (-1: deset)
* @param ?integer Month of date of birth. (NULL: don't change) (-1: deset)
* @param ?integer Year of date of birth. (NULL: don't change) (-1: deset)
* @param ?ID_TEXT The member timezone. (NULL: don't change)
* @param ?GROUP The members primary (NULL: don't change).
* @param array A map of custom fields values (field-id=>value).
* @param ?ID_TEXT The members default theme. (NULL: don't change)
* @param ?BINARY Whether the members age may be shown. (NULL: don't change)
* @param ?BINARY Whether the member sees signatures in posts. (NULL: don't change)
* @param ?BINARY Whether the member automatically is enabled for notifications for content they contribute to. (NULL: don't change)
* @param ?LANGUAGE_NAME The members language. (NULL: don't change)
* @param ?BINARY Whether the member allows e-mails via the site. (NULL: don't change)
* @param ?BINARY Whether the member allows e-mails from staff via the site. (NULL: don't change)
* @param ?BINARY Whether the profile has been validated (NULL: do not change this). (NULL: don't change)
* @param ?string The username. (NULL: don't change)
* @param ?string The password. (NULL: don't change)
* @param ?BINARY Whether the member likes to view zones without menus, when a choice is available. (NULL: don't change)
* @param ?BINARY Whether the member username will be highlighted. (NULL: don't change)
* @param ?SHORT_TEXT Usergroups that may PT the member. (NULL: don't change)
* @param ?LONG_TEXT Rules that other members must agree to before they may start a PT with the member. (NULL: don't change)
* @param ?TIME When the member is on probation until (NULL: don't change)
* @param ?TIME When the member joined (NULL: don't change)
* @param ?URLPATH Avatar (NULL: don't change)
* @param ?LONG_TEXT Signature (NULL: don't change)
* @param ?BINARY Banned status (NULL: don't change)
* @param ?URLPATH Photo URL (NULL: don't change)
* @param ?URLPATH URL of thumbnail of photo (NULL: don't change)
* @param ?SHORT_TEXT Password salt (NULL: don't change)
* @param ?ID_TEXT Password compatibility scheme (NULL: don't change)
* @param boolean Whether to skip security checks and most of the change-triggered emails
*/
function ocf_edit_member($member_id, $email_address, $preview_posts, $dob_day, $dob_month, $dob_year, $timezone, $primary_group, $custom_fields, $theme, $reveal_age, $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, $validated = NULL, $username = NULL, $password = NULL, $zone_wide = 1, $highlighted_name = NULL, $pt_allow = '*', $pt_rules_text = '', $on_probation_until = NULL, $join_time = NULL, $avatar_url = NULL, $signature = NULL, $is_perm_banned = NULL, $photo_url = NULL, $photo_thumb_url = NULL, $salt = NULL, $password_compatibility_scheme = NULL, $skip_checks = false)
{
require_code('type_validation');
if (!$skip_checks) {
$old_email_address = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if (!is_null($email_address) && ($email_address != '' || $old_email_address != '' && !has_specific_permission(get_member(), 'member_maintenance')) && !is_valid_email_address($email_address)) {
warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
}
}
if (!is_null($username) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_password_compat_scheme') != 'remote') {
if (!$skip_checks) {
ocf_check_name_valid($username, $member_id, $password);
require_code('urls2');
suggest_new_idmoniker_for('members', 'view', strval($member_id), $username);
}
}
// Supplement custom field values given with defaults, and check constraints
$all_fields = ocf_get_all_custom_fields_match($GLOBALS['OCF_DRIVER']->get_members_groups($member_id));
foreach ($all_fields as $field) {
$field_id = $field['id'];
if (array_key_exists($field_id, $custom_fields)) {
if (!$skip_checks) {
if ($field['cf_public_view'] == 0 && $member_id != get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
if ($field['cf_owner_view'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
if ($field['cf_owner_set'] == 0 && $member_id == get_member() && !has_specific_permission(get_member(), 'view_any_profile_field')) {
access_denied('I_ERROR');
}
}
}
}
// Set custom profile field values
$all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
$changes = array();
foreach ($custom_fields as $field => $value) {
if (!array_key_exists($field, $all_fields_types)) {
continue;
}
// Trying to set a field we're not allowed to (doesn't apply to our group)
$change = ocf_set_custom_field($member_id, $field, $value, $all_fields_types[$field], true);
if (!is_null($change)) {
$changes = array_merge($changes, $change);
}
}
if (count($changes) != 0) {
$GLOBALS['FORUM_DB']->query_update('f_member_custom_fields', $changes, array('mf_member_id' => $member_id), '', 1);
}
$old_primary_group = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_primary_group');
$_pt_rules_text = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pt_rules_text');
$_signature = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_signature');
$update = array();
if (!is_null($theme)) {
$update['m_theme'] = $theme;
}
if (!is_null($preview_posts)) {
$update['m_preview_posts'] = $preview_posts;
}
if (!is_null($dob_day)) {
$update['m_dob_day'] = $dob_day == -1 ? NULL : $dob_day;
}
if (!is_null($dob_month)) {
$update['m_dob_month'] = $dob_month == -1 ? NULL : $dob_month;
}
if (!is_null($dob_year)) {
$update['m_dob_year'] = $dob_year == -1 ? NULL : $dob_year;
}
if (!is_null($timezone)) {
$update['m_timezone_offset'] = $timezone;
}
if (!is_null($reveal_age)) {
$update['m_reveal_age'] = $reveal_age;
}
if (!is_null($email_address)) {
$update['m_email_address'] = $email_address;
}
if (!is_null($views_signatures)) {
$update['m_views_signatures'] = $views_signatures;
}
if (!is_null($auto_monitor_contrib_content)) {
$update['m_auto_monitor_contrib_content'] = $auto_monitor_contrib_content;
}
if (!is_null($language)) {
$update['m_language'] = $language;
}
if (!is_null($allow_emails)) {
$update['m_allow_emails'] = $allow_emails;
}
if (!is_null($allow_emails_from_staff)) {
$update['m_allow_emails_from_staff'] = $allow_emails_from_staff;
}
if (!is_null($zone_wide)) {
$update['m_zone_wide'] = $zone_wide;
}
if (!is_null($pt_allow)) {
$update['m_pt_allow'] = $pt_allow;
}
if (!is_null($pt_rules_text)) {
$update['m_pt_rules_text'] = lang_remap_comcode($_pt_rules_text, $pt_rules_text, $GLOBALS['FORUM_DB']);
}
if ($skip_checks || has_specific_permission(get_member(), 'probate_members')) {
$update['m_on_probation_until'] = $on_probation_until;
}
if (!is_null($join_time)) {
$update['m_join_time'] = $join_time;
}
if (!is_null($avatar_url)) {
$update['m_avatar_url'] = $avatar_url;
}
if (!is_null($signature)) {
$update['m_signature'] = lang_remap_comcode($_signature, $signature, $GLOBALS['FORUM_DB']);
}
if (!is_null($is_perm_banned)) {
$update['m_is_perm_banned'] = $is_perm_banned;
}
if (!is_null($photo_url)) {
$update['m_photo_url'] = $photo_url;
}
if (!is_null($photo_thumb_url)) {
$update['m_photo_thumb_url'] = $photo_thumb_url;
}
$old_username = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_username');
if (!is_null($username) && $username != $old_username && ($skip_checks || has_actual_page_access(get_member(), 'admin_ocf_join') || has_specific_permission($member_id, 'rename_self'))) {
$update['m_username'] = $username;
// Reassign personal galleries
if (addon_installed('galleries')) {
require_lang('galleries');
$personal_galleries = $GLOBALS['SITE_DB']->query('SELECT fullname,parent_id FROM ' . get_table_prefix() . 'galleries WHERE name LIKE \'member_' . strval($member_id) . '_%\'');
foreach ($personal_galleries as $gallery) {
$parent_title = get_translated_text($GLOBALS['SITE_DB']->query_value('galleries', 'fullname', array('name' => $gallery['parent_id'])));
if (get_translated_text($gallery['fullname']) == do_lang('PERSONAL_GALLERY_OF', $old_username, $parent_title)) {
lang_remap($gallery['fullname'], do_lang('PERSONAL_GALLERY_OF', $username, $parent_title), $GLOBALS['FORUM_DB']);
}
}
}
require_code('notifications');
$subject = do_lang('USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_lang($member_id));
$mail = do_lang('USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_lang($member_id));
dispatch_notification('ocf_username_changed', NULL, $subject, $mail, array($member_id));
$subject = do_lang('STAFF_USERNAME_CHANGED_MAIL_SUBJECT', $username, $old_username, NULL, get_site_default_lang());
$mail = do_lang('STAFF_USERNAME_CHANGED_MAIL', comcode_escape(get_site_name()), comcode_escape($username), comcode_escape($old_username), get_site_default_lang());
dispatch_notification('ocf_username_changed_staff', NULL, $subject, $mail);
// Fix cacheing for usernames
$to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username');
foreach ($to_fix as $fix) {
list($table, $field) = explode('/', $fix);
$GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $old_username));
}
}
if (!is_null($password)) {
if (is_null($password_compatibility_scheme) && get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$update['m_password_change_code'] = '';
$salt = '';
}
if (!is_null($salt) || !is_null($password_compatibility_scheme)) {
if (!is_null($salt)) {
$update['m_pass_salt'] = $salt;
}
if (!is_null($password_compatibility_scheme)) {
$update['m_password_compat_scheme'] = $password_compatibility_scheme;
}
$update['m_pass_hash_salted'] = $password;
} else {
$update['m_password_change_code'] = '';
$salt = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_pass_salt');
$update['m_pass_hash_salted'] = md5($salt . md5($password));
$update['m_password_compat_scheme'] = '';
}
if (!$skip_checks) {
$part_b = '';
if (!has_actual_page_access(get_member(), 'admin_ocf_join')) {
$part_b = do_lang('PASSWORD_CHANGED_MAIL_BODY_2', get_ip_address());
}
$mail = do_lang('PASSWORD_CHANGED_MAIL_BODY', get_site_name(), $part_b, NULL, get_lang($member_id));
$old_email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if ($old_email_address != $email_address) {
$GLOBALS['FORUM_DB']->query_update('f_invites', array('i_email_address' => $old_email_address), array('i_email_address' => $email_address));
}
if ($member_id == get_member() || get_value('disable_password_change_mails_for_staff') !== '1') {
if (get_page_name() != 'admin_ocf_join') {
require_code('notifications');
dispatch_notification('ocf_password_changed', NULL, do_lang('PASSWORD_CHANGED_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($member_id)), $mail, array($member_id), NULL, 2);
}
}
}
}
if (!is_null($validated)) {
$update['m_validated_email_confirm_code'] = '';
if (addon_installed('unvalidated')) {
$update['m_validated'] = $validated;
}
}
if (!is_null($highlighted_name)) {
$update['m_highlighted_name'] = $highlighted_name;
}
if (!is_null($primary_group)) {
$update['m_primary_group'] = $primary_group;
}
$old_validated = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_validated');
$GLOBALS['FORUM_DB']->query_update('f_members', $update, array('id' => $member_id), '', 1);
if (get_member() != $member_id) {
log_it('EDIT_MEMBER_PROFILE', strval($member_id), $username);
}
if ($old_validated == 0 && $validated == 1) {
require_code('mail');
$_login_url = build_url(array('page' => 'login'), get_module_zone('login'), NULL, false, false, true);
$login_url = $_login_url->evaluate();
mail_wrap(do_lang('VALIDATED_MEMBER_SUBJECT', get_site_name(), NULL, get_lang($member_id)), do_lang('MEMBER_VALIDATED', get_site_name(), $username, $login_url, get_lang($member_id)), array($email_address), $username);
}
// Decache from run-time cache
unset($GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED[$member_id]);
unset($GLOBALS['MEMBER_CACHE_FIELD_MAPPINGS'][$member_id]);
unset($GLOBALS['TIMEZONE_MEMBER_CACHE'][$member_id]);
unset($GLOBALS['USER_NAME_CACHE'][$member_id]);
}
/**
* Actualise the join form.
*
* @param boolean Whether to handle CAPTCHA (if enabled at all)
* @param boolean Whether to ask for intro messages (if enabled at all)
* @param boolean Whether to check for invites (if enabled at all)
* @param boolean Whether to check email-address restrictions (if enabled at all)
* @param boolean Whether to require staff confirmation (if enabled at all)
* @param boolean Whether to force email address validation (if enabled at all)
* @param boolean Whether to do COPPA checks (if enabled at all)
* @param boolean Whether to instantly log the user in
* @return array A tuple: Messages to show (currently nothing else in tuple)
*/
function ocf_join_actual($captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true, $confirm_if_enabled = true, $validate_if_enabled = true, $coppa_if_enabled = true, $instant_login = false)
{
ocf_require_all_forum_stuff();
require_css('ocf');
require_code('ocf_members_action');
require_code('ocf_members_action2');
// Read in data
$username = trim(post_param('username'));
ocf_check_name_valid($username, NULL, NULL, true);
// Adjusts username if needed
$password = trim(post_param('password'));
$password_confirm = trim(post_param('password_confirm'));
if ($password != $password_confirm) {
warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
}
$confirm_email_address = post_param('email_address_confirm', NULL);
$email_address = trim(post_param('email_address'));
if (!is_null($confirm_email_address)) {
if (trim($confirm_email_address) != $email_address) {
warn_exit(make_string_tempcode(escape_html(do_lang('EMAIL_ADDRESS_MISMATCH'))));
}
}
require_code('type_validation');
if (!is_valid_email_address($email_address)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
if ($invites_if_enabled) {
if (get_option('is_on_invites') == '1') {
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address, 'i_taken' => 0));
if (is_null($test)) {
warn_exit(do_lang_tempcode('NO_INVITE'));
}
}
$GLOBALS['FORUM_DB']->query_update('f_invites', array('i_taken' => 1), array('i_email_address' => $email_address, 'i_taken' => 0), '', 1);
}
$dob_day = post_param_integer('dob_day', NULL);
$dob_month = post_param_integer('dob_month', NULL);
$dob_year = post_param_integer('dob_year', NULL);
$reveal_age = post_param_integer('reveal_age', 0);
$timezone = post_param('timezone', get_users_timezone());
$language = post_param('language', get_site_default_lang());
$allow_emails = post_param_integer('allow_emails', 0);
$allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
$groups = ocf_get_all_default_groups(true);
// $groups will contain the built in default primary group too (it is not $secondary_groups)
$primary_group = post_param_integer('primary_group', NULL);
if ($primary_group !== NULL && !in_array($primary_group, $groups)) {
// Check security
$test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group));
if ($test == 1) {
$groups = ocf_get_all_default_groups(false);
// Get it so it does not include the built in default primary group
$groups[] = $primary_group;
// And add in the *chosen* primary group
} else {
$primary_group = NULL;
}
} else {
$primary_group = NULL;
}
if ($primary_group === NULL) {
$primary_group = get_first_default_group();
}
$custom_fields = ocf_get_all_custom_fields_match($groups, NULL, NULL, NULL, NULL, NULL, NULL, 0, true);
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
// Check that the given address isn't already used (if one_per_email_address on)
$member_id = NULL;
if ($one_per_email_address_if_enabled) {
if (get_option('one_per_email_address') == '1') {
$test = $GLOBALS['FORUM_DB']->query_select('f_members', array('id', 'm_username'), array('m_email_address' => $email_address), '', 1);
if (array_key_exists(0, $test)) {
if ($test[0]['m_username'] != $username) {
$reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword'));
warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate())));
}
$member_id = $test[0]['id'];
}
}
}
if ($captcha_if_enabled) {
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
}
if (addon_installed('ldap')) {
require_code('ocf_ldap');
if (ocf_is_ldap_member_potential($username)) {
warn_exit(do_lang_tempcode('DUPLICATE_JOIN_AUTH'));
}
}
// Add member
$skip_confirm = get_option('skip_email_confirm_join') == '1';
if (!$confirm_if_enabled) {
$skip_confirm = true;
}
$validated_email_confirm_code = $skip_confirm ? '' : strval(mt_rand(1, 32000));
$require_new_member_validation = get_option('require_new_member_validation') == '1';
if (!$validate_if_enabled) {
$require_new_member_validation = false;
}
$coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)) / 31536000.0 < 13.0;
if (!$coppa_if_enabled) {
$coppa = false;
}
$validated = $require_new_member_validation || $coppa ? 0 : 1;
if (is_null($member_id)) {
$member_id = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), time(), '', NULL, '', 0, get_option('default_preview_guests') == '1' ? 1 : 0, $reveal_age, '', '', '', 1, get_value('no_auto_notifications') === '1' ? 0 : 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), $validated_email_confirm_code, true, '', '');
}
// Send confirm mail
if (!$skip_confirm) {
$zone = get_module_zone('join');
if ($zone != '') {
$zone .= '/';
}
$_url = build_url(array('page' => 'join', 'type' => 'step4', 'email' => $email_address, 'code' => $validated_email_confirm_code), $zone, NULL, false, false, true);
$url = $_url->evaluate();
$_url_simple = build_url(array('page' => 'join', 'type' => 'step4'), $zone, NULL, false, false, true);
$url_simple = $_url_simple->evaluate();
$redirect = get_param('redirect', '');
if ($redirect != '') {
$url .= '&redirect=' . ocp_url_encode($redirect);
}
$message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $email_address, $validated_email_confirm_code), $language);
require_code('mail');
if (!$coppa) {
mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $language), $message, array($email_address), $username, '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true);
}
}
// Send COPPA mail
if ($coppa) {
$fields_done = do_lang('THIS_WITH_COMCODE', do_lang('USERNAME'), $username) . "\n\n";
foreach ($custom_fields as $custom_field) {
if ($custom_field['cf_type'] != 'upload') {
$fields_done .= do_lang('THIS_WITH_COMCODE', $custom_field['trans_name'], post_param('custom_' . $custom_field['id'] . '_value')) . "\n";
}
}
$_privacy_url = build_url(array('page' => 'privacy'), '_SEARCH', NULL, false, false, true);
$privacy_url = $_privacy_url->evaluate();
$message = do_lang('COPPA_MAIL', comcode_escape(get_option('site_name')), comcode_escape(get_option('privacy_fax')), array(comcode_escape(get_option('privacy_postal_address')), comcode_escape($fields_done), comcode_escape($privacy_url)), $language);
require_code('mail');
mail_wrap(do_lang('COPPA_JOIN_SUBJECT', $username, get_site_name(), NULL, $language), $message, array($email_address), $username);
}
// Send 'validate this member' notification
if ($require_new_member_validation) {
require_code('notifications');
$_validation_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true, 'tab__edit');
$validation_url = $_validation_url->evaluate();
$message = do_lang('VALIDATE_NEW_MEMBER_MAIL', comcode_escape($username), comcode_escape($validation_url), comcode_escape(strval($member_id)), get_site_default_lang());
dispatch_notification('ocf_member_needs_validation', NULL, do_lang('VALIDATE_NEW_MEMBER_SUBJECT', $username, NULL, NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
}
// Send new member notification
require_code('notifications');
$_member_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true);
$member_url = $_member_url->evaluate();
$message = do_lang('NEW_MEMBER_NOTIFICATION_MAIL', comcode_escape($username), comcode_escape(get_site_name()), array(comcode_escape($member_url), comcode_escape(strval($member_id))), get_site_default_lang());
dispatch_notification('ocf_new_member', NULL, do_lang('NEW_MEMBER_NOTIFICATION_MAIL_SUBJECT', $username, get_site_name(), NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
// Intro post
if ($intro_message_if_enabled) {
$forum_id = get_option('intro_forum_id');
if ($forum_id != '') {
if (!is_numeric($forum_id)) {
$_forum_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $forum_id));
if (is_null($_forum_id)) {
$forum_id = strval(db_get_first_id());
} else {
$forum_id = strval($_forum_id);
}
}
$intro_title = post_param('intro_title', '');
$intro_post = post_param('intro_post', '');
if ($intro_post != '') {
require_code('ocf_topics_action');
if ($intro_title == '') {
$intro_title = do_lang('INTRO_POST_DEFAULT', $username);
}
$topic_id = ocf_make_topic(intval($forum_id));
require_code('ocf_posts_action');
ocf_make_post($topic_id, $intro_title, $intro_post, 0, true, NULL, 0, NULL, NULL, NULL, $member_id);
}
}
}
// Alert user to situation
$message = new ocp_tempcode();
if ($coppa) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_COPPA'));
} elseif ($require_new_member_validation) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_VALIDATED', escape_html(get_custom_base_url())));
} elseif ($skip_confirm) {
if ($instant_login) {
require_code('users_active_actions');
handle_active_login($username);
$message->attach(do_lang_tempcode('OCF_LOGIN_AUTO'));
} else {
$_login_url = build_url(array('page' => 'login', 'redirect' => get_param('redirect', NULL)), get_module_zone('login'));
$login_url = $_login_url->evaluate();
$message->attach(do_lang_tempcode('OCF_LOGIN_INSTANT', escape_html($login_url)));
}
} else {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_INSTANT'));
}
$message = protect_from_escaping($message);
return array($message);
}
