function setting_save($data)
{
global $_CLASS, $_CORE_CONFIG;
foreach ($data as $section => $option) {
foreach ($option as $name => $value) {
if (isset($_CORE_CONFIG[$section][$name]) && $value != $_CORE_CONFIG[$section][$name]) {
set_core_config($section, $name, $value, false);
}
}
}
$_CLASS['core_cache']->destroy('core_config');
}
function admin_save($data)
{
global $_CLASS, $_CORE_CONFIG;
foreach ($data as $section => $option) {
foreach ($option as $db_name => $data_op) {
$value = get_variable($data_op['post_name'], 'POST', false);
if ($value != $_CORE_CONFIG[$section][$db_name]) {
set_core_config($section, $db_name, $value, false);
}
}
}
$_CLASS['core_cache']->destroy('core_config');
}
function install()
{
global $_CLASS;
$_CLASS['core_db']->table_create('start', QUICK_MESSAGE_TABLE);
$_CLASS['core_db']->add_table_field_int('message_id', array('max' => 16000000, 'auto_increment' => true));
$_CLASS['core_db']->add_table_field_text('message_text', 200);
$_CLASS['core_db']->add_table_field_int('message_time', array('max' => 200000000));
$_CLASS['core_db']->add_table_field_int('poster_id', array('max' => 16000000));
$_CLASS['core_db']->add_table_field_char('poster_name', 80);
$_CLASS['core_db']->add_table_field_char('poster_ip', 18);
$_CLASS['core_db']->add_table_index('message_id', 'primary');
$_CLASS['core_db']->add_table_index('message_time');
$_CLASS['core_db']->table_create('commit');
// use set config ?
set_core_config('quick_message', 'anonymous_posting', 2, false, true);
set_core_config('quick_message', 'delete_time', 300, false, true);
set_core_config('quick_message', 'height', 200, false, true);
set_core_config('quick_message', 'last_post_check', 150, false, true);
set_core_config('quick_message', 'length_max', 150, false, true);
$_CLASS['core_cache']->destroy('core_config');
$array = array('message_text' => 'Lets do this !', 'message_time' => (int) $_CLASS['core_user']->time, 'poster_id' => 0, 'poster_name' => (string) '', 'poster_ip' => (string) '');
$_CLASS['core_db']->query('INSERT INTO ' . QUICK_MESSAGE_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', $array));
return true;
}
}
if (empty($error)) {
require_once SITE_FILE_ROOT . 'includes/tables.php';
require_once SITE_FILE_ROOT . 'includes/cache/cache.php';
require_once SITE_FILE_ROOT . 'includes/cache/cache_' . $acm_type . '.php';
load_class(false, 'core_cache', 'cache_' . $acm_type);
set_core_config('global', 'site_name', $site_name, false);
set_core_config('server', 'site_domain', $site_domain, false);
set_core_config('server', 'site_path', $site_path, false);
set_core_config('server', 'site_port', $site_port, false);
set_core_config('email', 'site_email', $email, false);
set_core_config('server', 'cookie_domain', $cookie_domain, false);
set_core_config('server', 'cookie_path', $cookie_path, false);
set_core_config('server', 'cookie_name', $cookie_name, false);
set_core_config('server', 'site_secure', 0, false);
set_core_config('user', 'newest_username', $username, true);
$user_update = array('username' => $username, 'user_password' => encode_password($password, 'md5'), 'user_password_encoding' => 'md5', 'user_email' => $email);
$_CLASS['core_db']->query('UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $user_update) . ' WHERE user_id = 2');
$_CLASS['core_template']->assign_array(array('admin_link' => generate_link(false, array('full' => true, 'sid' => false, 'admin' => true)), 'username' => $username));
$_CLASS['core_template']->display('installer/complete.html');
script_close();
}
$_CLASS['core_template']->assign_array(array('site_name' => $site_name, 'site_domain' => $site_domain, 'site_path' => $site_path, 'site_port' => $site_port, 'cookie_domain' => $cookie_domain, 'cookie_path' => $cookie_path, 'cookie_name' => $cookie_name, 'username' => $username, 'password' => $password, 'password_confirm' => $password_confirm, 'email' => $email, 'email_confirm' => $email_confirm, 'error' => empty($error) ? false : implode('<br/>', $error), 'config_content' => $config_content));
$_CLASS['core_template']->display('installer/stage3.html');
script_close();
}
if ($stage === 3) {
if ($db_layer && in_array($db_layer, array_keys($database_array))) {
load_class(SITE_FILE_ROOT . 'includes/db/' . $db_layer . '.php', 'core_db', 'db_' . $db_layer);
$site_db = array();
$site_db['type'] = $db_layer;
$error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID');
}
if (!$tz || !in_array($tz, tz_array())) {
$tz = null;
}
if (empty($error)) {
$password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']);
if (!$password) {
//do some admin contact thing here
die('Try again later');
}
$data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => (int) $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang == $_CORE_CONFIG['global']['default_lang'] ? null : $lang, 'user_type' => USER_NORMAL, 'user_status' => STATUS_ACTIVE, 'user_act_key' => null, 'user_ip' => '');
user_add($data);
set_core_config('user', 'newest_user_id', $data['user_id'], false);
set_core_config('user', 'newest_username', $data['username'], false);
set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1);
trigger_error('USER_ADDED');
}
}
$_CLASS['core_template']->assign_array(array('COPPA' => isset($coppa) ? $coppa : false, 'EMAIL' => isset($email) ? $email : '', 'ERROR' => empty($error) ? false : implode('<br />', $error), 'PASSWORD' => isset($password) ? $password : '', 'USERNAME' => isset($username) ? $username : '', 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'S_ACTION' => generate_link('users&mode=add_user', array('admin' => true))));
$_CLASS['core_display']->display(false, 'admin/users/add.html');
break;
case 'bots':
if ($id && isset($_REQUEST['option'])) {
require_once $site_file_root . 'includes/functions_user.php';
$sql = 'SELECT user_id, user_type, user_status
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $id;
$result = $_CLASS['core_db']->query($sql);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
function ucp_register($id, $mode)
{
global $site_file_root, $config, $_CLASS, $_CORE_CONFIG;
$coppa = isset($_REQUEST['coppa']) ? (int) $_REQUEST['coppa'] : null;
$submit = isset($_POST['submit']);
if ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_DISABLE || ($coppa || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) && !$_CORE_CONFIG['email']['email_enable']) {
trigger_error('UCP_REGISTER_DISABLE');
}
$_CLASS['core_template']->assign('S_UCP_ACTION', generate_link('Control_Panel&mode=register'));
$error = $data = array();
$s_hidden_fields = '';
if (!isset($_POST['agreed'])) {
if ($_CORE_CONFIG['user']['coppa_enable'] && is_null($coppa)) {
$now = explode(':', gmdate('m:j:Y'));
$coppa_birthday = $_CLASS['core_user']->format_date(mktime(12, 0, 0, $now[0], $now[1], $now[2] - 13), 'D M d, Y');
$_CLASS['core_template']->assign_array(array('L_COPPA_NO' => sprintf($_CLASS['core_user']->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($_CLASS['core_user']->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => generate_link('Control_Panel&mode=register&coppa=0'), 'U_COPPA_YES' => generate_link('Control_Panel&mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_REGISTER_ACTION' => generate_link('Control_Panel&mode=register')));
} else {
$s_hidden_fields .= '<input type="hidden" name="coppa" value="' . $coppa . '" />';
$_CLASS['core_template']->assign_array(array('S_SHOW_COPPA' => false, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_REGISTER_ACTION' => generate_link('Control_Panel&mode=register')));
}
$this->display($_CLASS['core_user']->lang['REGISTER'], 'ucp_agreement.html');
script_close();
}
if ($submit) {
require_once $site_file_root . 'includes/functions_user.php';
$error = array();
$username = get_variable('username', 'POST', false);
$password = get_variable('password', 'POST', false);
$email = get_variable('email', 'POST', false);
$email_confirm = get_variable('email_confirm', 'POST', '');
//when we add this make sure to confirm that it's one of the installed langs
$lang = $_CORE_CONFIG['global']['default_lang'];
$tz = get_variable('tz', 'POST', false);
if (strpos($username, "\n")) {
die;
}
$username_validate = validate_username($username);
if ($username_validate !== true) {
$error[] = $_CLASS['core_user']->get_lang($username_validate);
}
if (!$password || $password !== get_variable('password_confirm', 'POST', '')) {
$error[] = $_CLASS['core_user']->get_lang('PASSWORD_ERROR');
}
if (!$email || $email !== $email_confirm) {
$error[] = $_CLASS['core_user']->get_lang('EMAIL_ERROR');
} elseif (!check_email($email)) {
$error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID');
}
if (!$tz || !in_array($tz, tz_array())) {
$tz = null;
}
if ($_CORE_CONFIG['user']['enable_confirm']) {
$confirmation_code = $_CLASS['core_user']->session_data_get('confirmation_code');
$confirm_code = trim(get_variable('confirm_code', 'POST', false));
if (!$confirm_code || !$confirmation_code || $confirm_code != $confirmation_code) {
$error[] = $_CLASS['core_user']->get_lang('CONFIRM_CODE_WRONG');
}
// we don't need this any more
$_CLASS['core_user']->user_data_kill('confirmation_code');
}
if (empty($error)) {
$password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']);
if (!$password) {
//do some admin contact thing here
die('Activation disabled: Passwaord encoding problem');
}
if ($coppa || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF || $_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) {
if (!$_CORE_CONFIG['email']['email_enable']) {
//do some admin contact thing here
die('Activation disabled: Email Disabled');
}
$user_status = STATUS_PENDING;
$user_act_key = generate_string(10);
if ($coppa) {
$message = $_CLASS['core_user']->lang['ACCOUNT_COPPA'];
$email_template = 'coppa_welcome_inactive';
} elseif ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_SELF) {
$message = $_CLASS['core_user']->lang['ACCOUNT_INACTIVE'];
$email_template = 'user_welcome_inactive';
} elseif ($_CORE_CONFIG['user']['activation'] == USER_ACTIVATION_ADMIN) {
$message = $_CLASS['core_user']->lang['ACCOUNT_INACTIVE_ADMIN'];
$email_template = 'admin_welcome_inactive';
}
} else {
$user_status = STATUS_ACTIVE;
$user_act_key = null;
$email_template = 'user_welcome';
$message = $_CLASS['core_user']->lang['ACCOUNT_ADDED'];
}
$data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => (string) $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang ? (string) $lang : null, 'user_type' => USER_NORMAL, 'user_status' => (int) $user_status, 'user_act_key' => (string) $user_act_key, 'user_ip' => (string) $_CLASS['core_user']->ip);
user_add($data);
if ($data['user_status'] === STATUS_ACTIVE) {
set_core_config('user', 'newest_user_id', $data['user_id'], false);
set_core_config('user', 'newest_username', $data['username'], false);
set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1, false);
}
require_once $site_file_root . 'includes/mailer.php';
$mailer = new core_mailer();
$mailer->to($email, $username);
$mailer->subject($subject);
$_CLASS['core_template']->assign_array(array('SITENAME' => $_CORE_CONFIG['global']['site_name'], 'WELCOME_MSG' => sprintf($_CLASS['core_user']->lang['WELCOME_SUBJECT'], $_CORE_CONFIG['global']['site_name']), 'USERNAME' => $username, 'PASSWORD' => $password, 'EMAIL_SIG' => '', 'U_ACTIVATE' => generate_link('system&mode=activate&user_id=' . $data['user_id'] . '&key=' . $user_act_key, array('sid' => false, 'full' => true))));
if ($coppa) {
$_CLASS['core_template']->assign_array(array('FAX_INFO' => $_CORE_CONFIG['user']['coppa_fax'], 'MAIL_INFO' => $_CORE_CONFIG['user']['coppa_mail'], 'EMAIL_ADDRESS' => $email, 'SITENAME' => $_CORE_CONFIG['global']['site_name']));
}
$mailer->message = trim($_CLASS['core_template']->display('modules/Control_Panel/email/' . $email_template, true));
$mailer->send();
$message = $message . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_INDEX'], '<a href="' . generate_link() . '">', '</a>');
trigger_error($message);
}
}
$s_hidden_fields .= '<input type="hidden" name="coppa" value="' . $coppa . '" />';
$s_hidden_fields .= '<input type="hidden" name="agreed" value="true" />';
if ($_CORE_CONFIG['user']['enable_confirm']) {
$_CLASS['core_user']->session_data_set('confirmation_code', generate_string(6));
$confirm_image = '<img src="' . generate_link('system&mode=confirmation_image') . '" alt="" title="" />';
} else {
$confirm_image = false;
}
if ($submit) {
if ($_CORE_CONFIG['user']['max_reg_attempts']) {
$attempts = (int) $_CLASS['core_user']->session_data_get('reg_attempts', 0);
if ($attempts > $_CORE_CONFIG['user']['max_reg_attempts']) {
trigger_error($_CLASS['core_user']->lang['TOO_MANY_REGISTERS']);
}
$_CLASS['core_user']->session_data_get('reg_attempts', $attempts + 1);
}
}
switch ($_CORE_CONFIG['user']['activation']) {
case USER_ACTIVATION_SELF:
$l_reg_cond = $_CLASS['core_user']->lang['UCP_EMAIL_ACTIVATE'];
break;
case USER_ACTIVATION_ADMIN:
$l_reg_cond = $_CLASS['core_user']->lang['UCP_ADMIN_ACTIVATE'];
break;
default:
$l_reg_cond = '';
break;
}
$user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\\w]+' => 'USERNAME_ALPHA_ONLY', '[\\w_\\+\\. \\-\\[\\]]+' => 'USERNAME_ALPHA_SPACERS');
$_CLASS['core_template']->assign_array(array('ERROR' => empty($error) ? false : implode('<br />', $error), 'USERNAME' => isset($username) ? $username : '', 'PASSWORD' => isset($password) ? $password : '', 'EMAIL' => isset($email) ? $email : '', 'EMAIL_CONFIRM' => isset($email_confirm) ? $email_confirm : '', 'CONFIRM_IMG' => $confirm_image, 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'L_CONFIRM_EXPLAIN' => sprintf($_CLASS['core_user']->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlentities($config['board_contact']) . '">', '</a>'), 'L_ITEMS_REQUIRED' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($_CLASS['core_user']->lang[$user_char_ary[$_CORE_CONFIG['user']['allow_name_chars']] . '_EXPLAIN'], $_CORE_CONFIG['user']['min_name_chars'], $_CORE_CONFIG['user']['max_name_chars']), 'L_NEW_PASSWORD_EXPLAIN' => sprintf($_CLASS['core_user']->lang['NEW_PASSWORD_EXPLAIN'], $_CORE_CONFIG['user']['min_pass_chars'], $_CORE_CONFIG['user']['max_pass_chars']), 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => generate_link("Control_Panel&mode=register")));
$this->display($_CLASS['core_user']->lang['REGISTER'], 'ucp_register.html');
}
function activate()
{
global $_CLASS;
$user_id = get_variable('user_id', 'GET', 0, 'integer');
$key = get_variable('key', 'GET', false);
if (!$user_id || !$key) {
trigger_error('CANT_ACTIVATED');
}
$sql = 'SELECT username, user_status, user_group, user_new_password, user_new_password_encoding, user_act_key
FROM ' . USERS_TABLE . " WHERE user_id = {$user_id} AND user_type = " . USER_NORMAL;
$result = $_CLASS['core_db']->sql_query($sql);
$row = $_CLASS['core_db']->sql_fetchrow($result);
$_CLASS['core_db']->sql_freeresult($result);
if (!$row) {
trigger_error('NO_USER');
}
if ($row['user_status'] != USER_UNACTIVATED && !$row['user_new_password']) {
trigger_error($row['user_status'] == USER_ACTIVE ? 'ALREADY_ACTIVATED' : 'CANT_ACTIVATED');
}
if ($row['user_act_key'] != $key) {
trigger_error('WRONG_ACTIVATION_KEY');
}
$sql_ary = array('user_act_key' => null, 'user_new_password' => null, 'user_new_password_encoding' => null);
if ($row['user_status'] != USER_UNACTIVATED) {
$sql_ary += array('user_password' => $row['user_new_password'], 'user_password_encoding' => $row['user_new_password_encoding']);
} else {
include_once $site_file_root . 'includes/functions_user.php';
user_activate($user_id);
set_core_config('user', 'newest_user_id', $row['user_id'], false);
set_core_config('user', 'newest_username', $row['username'], false);
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $row['user_id'];
$result = $_CLASS['core_db']->sql_query($sql);
}
function activate()
{
global $_CLASS, $_CORE_CONFIG;
$user_id = get_variable('user_id', 'GET', false, 'integer');
$key = get_variable('key', 'GET', false);
if (!$user_id || !$key) {
trigger_error('CANT_ACTIVATED');
}
$sql = 'SELECT username, user_status, user_group, user_new_password, user_new_password_encoding, user_act_key
FROM ' . USERS_TABLE . " WHERE user_id = {$user_id} AND user_type = " . USER_NORMAL;
$result = $_CLASS['core_db']->query($sql);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$row) {
trigger_error('NO_USER');
}
settype($row['user_status'], 'int');
if ($row['user_status'] !== STATUS_PENDING && !$row['user_new_password']) {
trigger_error($row['user_status'] === STATUS_ACTIVE ? 'ALREADY_ACTIVATED' : 'CANT_ACTIVATED');
}
if ($row['user_act_key'] !== $key) {
trigger_error('WRONG_ACTIVATION_KEY');
}
$sql_ary = array('user_act_key' => null, 'user_new_password' => null, 'user_new_password_encoding' => null);
if ($row['user_status'] === STATUS_PENDING) {
include_once SITE_FILE_ROOT . 'includes/functions_user.php';
user_activate($user_id);
set_core_config('user', 'newest_user_id', $row['user_id'], false);
set_core_config('user', 'newest_username', $row['username'], false);
set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1, false);
} else {
$sql_ary += array('user_password' => $row['user_new_password'], 'user_password_encoding' => $row['user_new_password_encoding']);
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $_CLASS['core_db']->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user_id;
$result = $_CLASS['core_db']->query($sql);
$message = $row['user_status'] === STATUS_PENDING ? $_CLASS['core_user']->get_lang('ACCOUNT_ACTIVE') : $_CLASS['core_user']->get_lang('PASSWORD_ACTIVATED');
trigger_error($message . '<br /><br />' . sprintf($_CLASS['core_user']->get_lang('RETURN_INDEX'), '<a href="' . generate_link() . '">', '</a>'));
}
function user_disable($user_id, $update_stats = true)
{
global $_CLASS, $_CORE_CONFIG;
$user_id = is_array($user_id) ? $user_id : array($user_id);
if (check_user_id($user_id) === false) {
return;
}
// hook here -- maybe ?
$_CLASS['core_db']->transaction();
// disabled the user first
$sql = 'UPDATE ' . CORE_USERS_TABLE . '
SET user_status = ' . STATUS_DISABLED . '
WHERE user_id IN (' . implode(', ', $user_id) . ')
AND user_type <>' . USER_GUEST;
$_CLASS['core_db']->query($sql);
// Now we disable the user in his active groups
$sql = 'UPDATE ' . CORE_GROUPS_MEMBERS_TABLE . '
SET member_status = ' . STATUS_DISABLED . '
WHERE user_id IN (' . implode(', ', $user_id) . ')
AND member_status = ' . STATUS_ACTIVE;
$_CLASS['core_db']->query($sql);
$sql = 'DELETE FROM ' . CORE_SESSIONS_AUTOLOGIN_TABLE . '
WHERE user_id IN (' . implode(', ', $user_id) . ")";
$_CLASS['core_db']->query($sql);
if ($update_stats) {
if (in_array($_CORE_CONFIG['user']['newest_user_id'], $user_id)) {
$sql = 'SELECT user_id, username FROM ' . CORE_USERS_TABLE . '
WHERE user_type = ' . USER_NORMAL . ' AND user_status = ' . STATUS_ACTIVE . '
ORDER BY user_reg_date';
$result = $_CLASS['core_db']->query_limit($sql, 1);
$row = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
set_core_config('user', 'newest_user_id', $row['user_id'], false);
set_core_config('user', 'newest_username', $row['username'], false);
}
$total_users = $_CORE_CONFIG['user']['total_users'] - count($user_id);
set_core_config('user', 'total_users', $total_users, false);
$_CLASS['core_cache']->destroy('core_config');
}
$_CLASS['core_db']->transaction('commit');
}
