/** * Checks a display name * * @return @e void [Outputs JSON to browser AJAX call] */ protected function displayNameCheck() { //----------------------------------------- // INIT //----------------------------------------- $name = strtolower($this->convertAndMakeSafe($this->request['name'], 0)); $name = str_replace("+", "+", $name); $member = array(); $return = TRUE; $id = intval($this->request['member_id']); # Set member ID $id = $this->memberData['member_id'] ? $this->memberData['member_id'] : $id; //----------------------------------------- // Load member if required //----------------------------------------- if ($id != $this->memberData['member_id']) { $member = IPSMember::load($id, 'all'); } else { $member = $this->member->fetchMemberData(); } //----------------------------------------- // Test name //----------------------------------------- try { $return = IPSMember::getFunction()->checkNameExists($name, $member); } catch (Exception $error) { $_msg = $error->getMessage(); if ($_msg == 'NO_MORE_CHANGES') { $this->returnString('nomorechanges'); return; } # Really, we're not very interested why it didn't work at this point, so # just return with a 'found' string which will make a nice red cross and # force the user to choose another. $this->returnString('found'); return; } //----------------------------------------- // So, what's it to be? //----------------------------------------- $this->returnString($return === TRUE ? 'found' : 'notfound'); }
/** * Create new member * Very basic functionality at this point. * * @access public * @param array Fields to save in the following format: array( 'members' => array( 'email' => '*****@*****.**', * 'joined' => time() ), * 'extendedProfile' => array( 'signature' => 'My signature' ) ); * Tables: members, pfields_content, profile_portal. * You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]' * @param bool Flag to attempt to auto create a name if the desired is taken * @param bool Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet) * @return array Final member Data including member_id * * EXCEPTION CODES * CUSTOM_FIELDS_EMPTY - Custom fields were not populated * CUSTOM_FIELDS_INVALID - Custom fields were invalid * CUSTOM_FIELDS_TOOBIG - Custom fields too big */ public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE) { //----------------------------------------- // INIT //----------------------------------------- $finalTables = array(); $password = ''; $bitWiseFields = ipsRegistry::fetchBitWiseOptions('global'); //----------------------------------------- // Remap tables if required //----------------------------------------- foreach ($tables as $table => $data) { $_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table; if ($_name == 'members') { /* Magic password field */ $password = isset($data['password']) ? trim($data['password']) : IPSLib::makePassword(); $md_5_password = md5($password); unset($data['password']); } $finalTables[$_name] = $data; } //----------------------------------------- // Custom profile field stuff //----------------------------------------- if (!$bypassCfields) { require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $fields = new customProfileFields(); if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) { $fields->member_data = $finalTables['pfields_content']; } $_cfieldMode = 'normal'; $fields->initData('edit'); $fields->parseToSave($finalTables['pfields_content'], 'register'); /* Check */ if (count($fields->error_fields['empty'])) { //throw new Exception( 'CUSTOM_FIELDS_EMPTY' ); } if (count($fields->error_fields['invalid'])) { //throw new Exception( 'CUSTOM_FIELDS_INVALID' ); } if (count($fields->error_fields['toobig'])) { //throw new Exception( 'CUSTOM_FIELDS_TOOBIG' ); } } //----------------------------------------- // Make sure the account doesn't exist //----------------------------------------- if ($finalTables['members']['email']) { $existing = IPSMember::load($finalTables['members']['email'], 'all'); if ($existing['member_id']) { $existing['full'] = true; $existing['timenow'] = time(); return $existing; } } //----------------------------------------- // Fix up usernames and display names //----------------------------------------- /* Ensure we have a display name */ $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name']; //----------------------------------------- // Clean up characters //----------------------------------------- if ($finalTables['members']['name']) { $userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name'); if ($userName['errors']) { $finalTables['members']['name'] = ''; } else { $finalTables['members']['name'] = $userName['username']; } } if ($finalTables['members']['members_display_name']) { $displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']); if ($displayName['errors']) { $finalTables['members']['members_display_name'] = ''; } else { $finalTables['members']['members_display_name'] = $displayName['members_display_name']; } } //----------------------------------------- // Remove some basic HTML tags //----------------------------------------- $finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']); $finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']); //----------------------------------------- // Make sure the names are unique //----------------------------------------- if ($finalTables['members']['members_display_name']) { try { if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) { if ($autoCreateName === TRUE) { /* Now, make sure we have a unique display name */ $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'")); if ($max['max']) { $_num = $max['max'] + 1; $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num; } } else { $finalTables['members']['members_display_name'] = ''; } } } catch (Exception $e) { } } if ($finalTables['members']['name']) { try { if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) { if ($autoCreateName === TRUE) { /* Now, make sure we have a unique username */ $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['name'])) . "%'")); if ($max['max']) { $_num = $max['max'] + 1; $finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num; } } else { $finalTables['members']['name'] = ''; } } } catch (Exception $e) { } } //----------------------------------------- // Populate member table(s) //----------------------------------------- $finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : ''; $finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time(); $finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined']; $finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group']; $finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address; $finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']); $finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey(); $finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0; $finalTables['members']['view_sigs'] = 1; $finalTables['members']['email_pm'] = 1; $finalTables['members']['view_img'] = 1; $finalTables['members']['view_avs'] = 1; $finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']); $finalTables['members']['view_pop'] = 1; $finalTables['members']['msg_count_total'] = 0; $finalTables['members']['msg_count_new'] = 0; $finalTables['members']['msg_show_notification'] = 1; $finalTables['members']['coppa_user'] = 0; $finalTables['members']['auto_track'] = intval($finalTables['members']['auto_track']); $finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time(); $finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time(); $finalTables['members']['language'] = IPSLib::getDefaultLanguage(); $finalTables['members']['members_editor_choice'] = ipsRegistry::$settings['ips_default_editor']; $finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5); $finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password); $finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : ''; $finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : ''; $finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0; $finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : ''; $finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']); $finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']); //----------------------------------------- // Insert: MEMBERS //----------------------------------------- ipsRegistry::DB()->force_data_type = array('name' => 'string', 'members_l_username' => 'string', 'members_display_name' => 'string', 'members_l_display_name' => 'string', 'members_seo_name' => 'string', 'email' => 'string'); /* Bitwise options */ if (is_array($bitWiseFields['members'])) { $_freeze = array(); foreach ($bitWiseFields['members'] as $field) { if (isset($finalTables['members'][$field])) { /* Add to freezeable array */ $_freeze[$field] = $finalTables['members'][$field]; /* Remove it from the fields to save to DB */ unset($finalTables['members'][$field]); } } if (count($_freeze)) { $finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global'); } } ipsRegistry::DB()->insert('members', $finalTables['members']); //----------------------------------------- // Get the member id //----------------------------------------- $finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId(); //----------------------------------------- // Insert: PROFILE PORTAL //----------------------------------------- $finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id']; $finalTables['profile_portal']['pp_setting_count_friends'] = 1; $finalTables['profile_portal']['pp_setting_count_comments'] = 1; ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']); //----------------------------------------- // Insert into the custom profile fields DB //----------------------------------------- if (!$bypassCfields) { $fields->out_fields['member_id'] = $finalTables['members']['member_id']; ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']); ipsRegistry::DB()->insert('pfields_content', $fields->out_fields); } else { ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']); ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id'])); } //----------------------------------------- // Insert into partial ID table //----------------------------------------- $full_account = false; if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) { $full_account = true; } if (!$full_account) { ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1)); } //IPSMember::updateSearchIndex( $finalTables['members']['member_id'] ); IPSLib::runMemberSync('onCreateAccount', $finalTables['members']); return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account)); }
/** * Convert a member * * @access public * @param array Basic data (id number, username, email, group, joined date, password) * @param array Data to insert to members table * @param array Data to insert to profile table * @param array Data to insert to custom profile fields table * @param string Path to avatars folder * @param string Path to profile pictures folder * @return boolean Success or fail **/ public function convertMember($info, $members, $profile, $custom, $pic_path = '', $groupLink = TRUE) { //----------------------------------------- // Make sure we have everything we need //----------------------------------------- if (!$info['id']) { $this->logError($info['id'], 'No ID number provided'); return false; } if (!$info['username']) { $this->logError($info['id'], 'No username provided'); return false; } if (!$info['email']) { // See Tracker Report #28874 for reasons why this got changed. $info['email'] = $info['id'] . '@' . time() . '.com'; //$info['email'] = rand(1, 100).'@'.time().'.com'; $this->logError($info['id'], 'No email address provided - member converted with ' . $info['email']); } // Check profile photo if (!is_writeable($this->settings['upload_dir'] . '/profile')) { $this->error($this->settings['upload_dir'] . '/profile is not writeable, cannot continue'); return false; } //----------------------------------------- // Set some needed variables //----------------------------------------- $now = time(); $joined = $info['joined'] ? $info['joined'] : $now; if ($info['md5pass']) { $salt = IPSMember::generatePasswordSalt(5); $hash = IPSMember::generateCompiledPasshash($salt, $info['md5pass']); } elseif ($info['plainpass']) { $salt = IPSMember::generatePasswordSalt(5); $hash = IPSMember::generateCompiledPasshash($salt, md5($info['plainpass'])); } elseif ($info['pass_hash']) { $salt = $info['pass_salt']; $hash = $info['pass_hash']; } elseif ($info['password'] !== NULL) { $members['conv_password'] = $info['password']; } else { // give em a random pass, let's stop those posts by these users being lost and assigned to guests. $randPass = IPSMember::makePassword(); $salt = IPSMember::generatePasswordSalt(5); $hash = IPSMember::generateCompiledPasshash($salt, $randPass); $this->logError($info['id'], 'No password provided. Member has still been converted with password: '******'email'], 'all'); if ($duplicateMember['member_id']) { $this->logError($info['id'], "Duplicate member found. {$info['username']} has been merged with the account email {$duplicateMember['username']}"); $this->addLink($duplicateMember['member_id'], $info['id'], 'members'); $this->DB->update('conv_link', array('duplicate' => '1'), "type = 'members' AND app={$this->app['app_id']} AND foreign_id='{$info['id']}'"); if ($info['posts'] > 0) { $this->DB->update('members', array('posts' => "posts+'{$info['posts']}'"), "member_id='{$duplicateMember['member_id']}'"); } // we have a customavatar and the one we have on file does not match what we've been given, time to update it. if ($profile['photo_type'] == 'custom' and $duplicateMember['pp_main_photo'] != $profile['pp_main_photo']) { if ($profile['photo_data']) { // open file for writing if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) { $this->logError($info['id'], 'Could not write to file.'); } // Write image to our opened file. if (fwrite($handle, $profile['photo_data']) === FALSE) { $this->logError($info['id'], 'Could not write to file.'); } // log it all into DB $profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png'; } } return TRUE; } //----------------------------------------- // Handle Names //----------------------------------------- // Apostrophe is an allowed character but needs converting $info['username'] = str_replace("'", ''', $info['username']); $info['username'] = str_replace("!", '!', $info['username']); // as is an excalamation point. $nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['username'], array(), 'name'); // Check for illegal characters if ($nameCheck['errors']['username'] == ipsRegistry::getClass('class_localization')->words['reg_error_chars']) { // Illegal characters exist, clean them out with dashes $nameCheckMap['disallowed'] = array("'", "\"", """, "<", ">", "\\", "\", "\$", "$", "]", "[", ",", "|"); $nameCheckMap['replace'] = array(''', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-'); $nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['username']); $this->logError($info['id'], "{$nameCheck['errors']['username']} with name {$info['username']}. Member has still been created but with username as {$nameCheck['username']}"); // Now check for duplicate username. try { if (IPSMember::getFunction()->checkNameExists($nameCheck['username'], array(), 'name', true, true)) { $t = time(); $this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['username']}. Member has still been created but with username as {$nameCheck['username']}{$t}"); $nameCheck['username'] = $nameCheck['username'] . $t; } } catch (Exception $e) { //----------------------------------------- // Name exists, let's return appropriately //----------------------------------------- switch ($e->getMessage()) { default: $this->logError($info['id'], "Unexpected error with name: {$info['username']}. Member was skipped."); return false; } } } elseif ($nameCheck['errors']['username'] == 'reg_error_username_taken') { $nameCheck['username'] = $nameCheck['username'] . time(); $this->logError($info['id'], "{$nameCheck['errors']['username']} with name: {$info['username']}. Member has still been created but with username as {$nameCheck['username']}"); } $username = $displayname = $nameCheck['username']; // Begin check and clean for display name if provided. if (isset($info['displayname'])) { // Apostrophe is an allowed character but needs converting $info['displayname'] = str_replace("'", ''', $info['displayname']); $displayname = NULL; $nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['displayname'], array(), 'members_display_name'); if ($nameCheck['errors']['dname'] == str_replace('{chars}', ipsRegistry::$settings['username_characters'], ipsRegistry::$settings['username_errormsg'])) { $nameCheckMap['disallowed'] = array("'", "\"", """, "<", ">", "\\", "\", "\$", "$", "]", "[", ",", "|"); $nameCheckMap['replace'] = array(''', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-'); $nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['members_display_name']); $this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}"); // Now check for duplicate display name. try { if (IPSMember::getFunction()->checkNameExists($nameCheck['members_display_name'], array(), 'members_display_name', true, true)) { $t = time(); $this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['members_display_name']}. Member has still been created but with display name as {$nameCheck['members_display_name']}{$t}"); $nameCheck['members_display_name'] = $nameCheck['members_display_name'] . $t; } } catch (Exception $e) { //----------------------------------------- // Name exists, let's return appropriately //----------------------------------------- switch ($e->getMessage()) { default: $this->logError($info['id'], "Unexpected error with display name: {$info['displayname']}. Member was skipped."); return false; } } } elseif ($nameCheck['errors']['dname'] == 'reg_error_username_taken') { $nameCheck['members_display_name'] = $nameCheck['members_display_name'] . time(); $this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}"); } $displayname = $nameCheck['members_display_name']; } // Check we have a path if (!$this->settings['upload_dir']) { $this->logError($info['id'], 'Your IP.Board uploads path has not been configured'); return false; } //----------------------------------------- // Insert //----------------------------------------- $members['title'] = str_replace("'", ''', $members['title']); //$members['member_id'] = $info['id']; $members['name'] = $username; $members['last_post'] = intval($members['last_post']); if (empty($info['member_group_id'])) { $members['member_group_id'] = $info['group'] ? $groupLink === TRUE ? $this->getLink($info['group'], 'groups') : $info['group'] : $this->settings['member_group']; } else { $members['member_group_id'] = $info['member_group_id']; } $members['email'] = $info['email']; $members['joined'] = $joined; $members['member_login_key'] = IPSMember::generateAutoLoginKey(); $members['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0; $members['members_display_name'] = $displayname; $members['members_seo_name'] = IPSText::makeSeoTitle($displayname); $members['members_l_display_name'] = IPSText::mbstrtolower($displayname); $members['members_l_username'] = IPSText::mbstrtolower($username); $members['members_pass_hash'] = $hash; $members['members_pass_salt'] = $salt; $members['posts'] = $members['posts'] ? $members['posts'] : 0; $members['warn_level'] = (int) $members['warn_level']; // Sort out secondary groups if (!empty($info['secondary_groups'])) { // explode so we can loop through for the getLink $secondary_groups = explode(",", $info['secondary_groups']); $_secondary = array(); if (!empty($secondary_groups)) { foreach ($secondary_groups as $group) { if (!empty($group)) { $newGroup = $this->getLink($group, 'groups', true); if ($newGroup) { $_secondary[] = $newGroup; } } /**else { $this->logError($info['id'] .' - '. $group, 'empty secondary group id'); }**/ } } $members['mgroup_others'] = implode(",", $_secondary); } // Sneaky hack with the comments and friends if (!in_array('pp_setting_count_comments', $profile)) { $profile['pp_setting_count_comments'] = 1; } if (!in_array('pp_setting_count_friends', $profile)) { $profile['pp_setting_count_friends'] = 1; } // We better turn on allow_admin_mails if it isn't set $members['allow_admin_mails'] = isset($members['allow_admin_mails']) ? $members['allow_admin_mails'] : 1; // Fix up the birthday since STRICT complains.. $members['bday_day'] = intval($members['bday_day']); $members['bday_month'] = intval($members['bday_month']); $members['bday_year'] = intval($members['bday_year']); // No idea why birthdays are messing up.., so I'll just hack this bit. - Alex // #020372 tracker if ($members['bday_year'] < 1900) { // Don't think we can really be this old ya know. $members['bday_day'] = 0; $members['bday_month'] = 0; $members['bday_year'] = 0; } // 3.1.3 dropped columns unset($members['email_pm']); // 3.2.0 Dropped columns unset($members['hide_email']); unset($members['view_avs']); // 3.3.0 Dropped columns unset($members['members_editor_choice']); // First member? if ($info['id'] != $this->memberData['member_id']) { if ($this->usingExtendedInserts) { // Add it to the extended insert array which runs on next() $this->extendedInserts['members'][] = $this->DB->compileInsertString($members); //$memberId = $members['member_id']; $memberId = $info['id']; } else { //unset( $members['member_id'] ); $this->DB->insert('members', $members); $memberId = $this->DB->getInsertId(); // Add a link $this->addLink($memberId, $info['id'], 'members'); } } else { if ($this->usingExtendedInserts) { // Unset important information to stop locking us out $unset = array('member_id', 'members_pass_salt', 'members_pass_hash', 'name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'member_banned', 'conv_password', 'email', 'member_group_id'); foreach ($unset as $k) { unset($members[$k]); } $this->DB->update('members', $members, "member_id=" . $this->memberData['member_id']); $memberId = $this->memberData['member_id']; $this->logError($memberId, "<strong><span style='size: 1.15em;'>{$username} has been merged with {$this->memberData['members_display_name']}. This is because you are logged in as {$this->memberData['members_display_name']} and due to both members sharing the same ID. You are not running the conversion in 'merge' mode and therefore you WILL have to manually update this members name, email address, AND member group.</span></strong><br /><ul><li>Username: {$username}</li><li>Email Address: {$info['email']}</li></ul>"); } else { //unset( $members['member_id'] ); $this->DB->insert('members', $members); $memberId = $this->DB->getInsertId(); // Add a link $this->addLink($memberId, $info['id'], 'members'); } } // If user group is the auth group, add them to validating table. if ($members['member_group_id'] == $this->settings['auth_group'] && ($this->settings['reg_auth_type'] == 'user' || $this->settings['reg_auth_type'] == 'admin' || $this->settings['reg_auth_type'] == 'admin_user')) { //----------------------------------------- // We want to validate all reg's via email, // after email verificiation has taken place, // we restore their previous group and remove the validate_key //----------------------------------------- $validating = array('vid' => md5(uniqid()), 'member_id' => $memberId, 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'new_reg' => 1, 'ip_address' => $members['ip_address'], 'spam_flag' => 0); if ($this->usingExtendedInserts) { $this->extendedInserts['validating'][] = $this->DB->compileInsertString($validating); } else { $this->DB->insert('validating', $validating); } } $profile['pp_member_id'] = $memberId; // Defaults if not specified (prevents "Column Count Mismatches" in MySQL) $profile['pp_thumb_photo'] = $profile['pp_thumb_photo'] ? $profile['pp_thumb_photo'] : ''; $profile['pp_main_photo'] = $profile['pp_main_photo'] ? $profile['pp_main_photo'] : ''; $profile['pp_main_width'] = $profile['pp_main_width'] ? $profile['pp_main_width'] : 0; $profile['pp_main_height'] = $profile['pp_main_height'] ? $profile['pp_main_height'] : 0; $profile['pp_thumb_width'] = $profile['pp_thumb_width'] ? $profile['pp_thumb_width'] : 0; $profile['pp_thumb_height'] = $profile['pp_thumb_height'] ? $profile['pp_thumb_height'] : 0; //----------------------------------------- // Sort out uploaded avatars / photos //----------------------------------------- // we send profile_type of custom if we have a photo at all if ($profile['photo_type'] == 'custom') { if ($profile['photo_data']) { // open file for writing if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) { $this->logError($info['id'], 'Could not write to file.'); } // Write image to our opened file. if (fwrite($handle, $profile['photo_data']) === FALSE) { $this->logError($info['id'], 'Could not write to file.'); } // log it all into DB $profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png'; } } if ($profile['photo_type'] == 'url') { // Make an attempt at fetching the remote pic. If not, log an error. $profile['pp_main_photo'] = ''; if ($remote = @file_get_contents($profile['photo_location'])) { $image_dims = @getimagesize($profile['photo_location']); if ($image_dims[0]) { $profile['photo_data'] = $remote; $profile['photo_type'] = 'custom'; $profile['pp_main_photo'] = $profile['photo_location']; if (!isset($profile['photo_filesize'])) { $profile['photo_filesize'] = strlen($remote); } } else { $this->logError($info['id'], 'Remote picture file does not appear to be an image.'); } } else { $this->logError($info['id'], 'Could not fetch remote picture file.'); } } // Oops... I screwed up... workaround for now... will fix properly soon. if ($profile['photo_type'] != 'url' and $profile['photo_location'] and !$profile['pp_main_photo']) { $profile['pp_main_photo'] = $profile['photo_location']; } if (!is_dir($pic_path) and $profile['pp_main_photo'] and !$profile['photo_data']) { $this->logError($info['id'], 'Incorrect profile pictures path'); //return false; } // Move em or create em if ($profile['pp_main_photo']) { //----------------------------------------- // Already a dir? //----------------------------------------- $upload_path = $this->settings['upload_dir']; $upload_dir; if (!file_exists($upload_path . "/profile")) { if (@mkdir($upload_path . "/profile", 0777)) { @file_put_contents($upload_path . '/profile/index.html', ''); @chmod($upload_path . "/profile", 0777); # Set path and dir correct $upload_path .= "/profile"; $upload_dir = "profile/"; } else { # Set path and dir correct $upload_dir = ""; } } else { # Set path and dir correct $upload_path .= "/profile"; $upload_dir = "profile/"; } // What's the extension? $e = explode('.', $profile['pp_main_photo']); $extension = array_pop($e); // There's an issue with profile photo thumbnail rebuilds. Waiting on the deal with that issue before adjusting this. // For now, we'll just set the thumbnail the same as the main photo. $profile['pp_thumb_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}"; if ($profile['photo_data']) { //$this->createFile($profile['pp_main_photo'], $profile['photo_data'], $profile['photo_filesize'], $this->settings['upload_dir']); $this->createFile("photo-{$memberId}.{$extension}", $profile['photo_data'], $profile['photo_filesize'], $upload_path); $profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}"; } else { //$this->moveFiles(array($profile['pp_main_photo']), $profile_path, $this->settings['upload_dir']); $this->moveFiles(array($profile['pp_main_photo']), $pic_path, $upload_path); if ($upload_dir != '' && @rename($upload_path . "/{$profile['pp_main_photo']}", $upload_path . "/photo-{$memberId}.{$extension}")) { $profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}"; } } // Try and get width and height. $dimensions = @getimagesize($upload_dir . 'photo-' . $memberId . '.' . $extension); // Add some triple checks. $profile['pp_main_width'] = $dimensions[0] ? $dimensions[0] : 1; $profile['pp_main_height'] = $dimensions[1] ? $dimensions[1] : 1; $profile['pp_thumb_width'] = $dimensions[0] ? $dimensions[0] : 1; $profile['pp_thumb_height'] = $dimensions[1] ? $dimensions[1] : 1; } $profile['pp_photo_type'] = $profile['photo_type']; unset($profile['avatar_data']); unset($profile['photo_data']); unset($profile['photo_filesize']); unset($profile['avatar_filesize']); unset($profile['photo_type']); unset($profile['photo_location']); unset($profile['notes']); // need to stop fields which have been added by hooks getting through. See ticket 854980 as to why this is needed. if (is_array($profile)) { // set the fields we're allowed (I can't think of a better way of populating this array unfortunately) $allowedFields = array('pp_member_id', 'pp_last_visitors', 'pp_rating_hits', 'pp_rating_value', 'pp_rating_real', 'pp_main_photo', 'pp_main_width', 'pp_main_height', 'pp_thumb_photo', 'pp_thumb_width', 'pp_thumb_height', 'pp_setting_moderate_comments', 'pp_setting_moderate_friends', 'pp_setting_count_friends', 'pp_setting_count_comments', 'pp_setting_count_visitors', 'pp_about_me', 'pp_reputation_points', 'pp_gravatar', 'pp_photo_type', 'signature', 'avatar_location', 'avatar_size', 'avatar_type', 'pconversation_filters', 'fb_photo', 'fb_photo_thumb', 'fb_bwoptions', 'tc_last_sid_import', 'tc_photo', 'tc_bwoptions', 'pp_customization', 'pp_profile_update'); foreach ($profile as $k => $v) { // not in allowed array? unset. (this stops fields from hooks making it through) if (!in_array($k, $allowedFields)) { unset($profile[$k]); } } } // check if we passed in custom.. $profileFields = array(); $profileFields['member_id'] = $memberId; if (!empty($custom)) { $profileFields = array_merge($profileFields, $custom); } // First member? if ($info['id'] != $this->memberData['member_id']) { if ($this->usingExtendedInserts) { // Add it to the extended insert array which runs on next() $this->extendedInserts['profile_portal'][] = $this->DB->compileInsertString($profile); // Custom profile fields $this->extendedInserts['pfields_content'][] = $this->DB->compileInsertString($profileFields); } else { $this->DB->insert('profile_portal', $profile); $this->DB->insert('pfields_content', $profileFields); } } else { if ($this->usingExtendedInserts) { unset($profileFields['member_id']); unset($profile['pp_member_id']); $this->DB->update('profile_portal', $profile, "pp_member_id=" . $this->memberData['member_id']); $this->DB->update('pfields_content', $profileFields, "member_id=" . $this->memberData['member_id']); } else { $this->DB->insert('profile_portal', $profile); $this->DB->insert('pfields_content', $profileFields); } } // Conversion cycle complete return true; }
/** * Update a user's login or display name * * @param string Field to update * @return @e void [Outputs to screen] */ protected function save_member_name($field = 'members_display_name') { $member_id = intval($this->request['member_id']); $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->registry->output->showError($this->lang->words['m_editadmin']); } if ($field == 'members_display_name') { $display_name = $this->request['display_name']; $display_name = str_replace("+", "+", $display_name); } else { $display_name = $this->request['name']; $display_name = str_replace("+", "+", $display_name); $display_name = str_replace('|', '|', $display_name); $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name)); } if ($this->settings['strip_space_chr']) { // use hexdec to convert between '0xAD' and chr $display_name = IPSText::removeControlCharacters($display_name); } if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", IPSText::UNhtmlspecialchars($display_name))) { $this->registry->output->showError($this->lang->words['m_displaynames']); } try { if (IPSMember::getFunction()->updateName($member_id, $display_name, $field, TRUE) === TRUE) { if ($field == 'members_display_name') { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name)); } else { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name)); //----------------------------------------- // If updating a name, and display names // disabled, update display name too //----------------------------------------- if (!ipsRegistry::$settings['auth_allow_dnames']) { IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name', TRUE); } //----------------------------------------- // I say, did we choose to email 'dis member? //----------------------------------------- if ($this->request['send_email'] == 1) { //----------------------------------------- // By golly, we did! //----------------------------------------- $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents']))); $msg = str_replace("{old_name}", $member['name'], $msg); $msg = str_replace("{new_name}", $display_name, $msg); $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg); $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg); IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg)); IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } } $this->cache->rebuildCache('stats', 'global'); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user $this->registry->output->showError($this->lang->words['m_namealready']); } } catch (Exception $error) { // $this->returnJsonError( $error->getMessage() ); switch ($error->getMessage()) { case 'NO_USER': $this->registry->output->showError($this->lang->words['m_noid']); break; case 'NO_PERMISSION': case 'NO_NAME': $this->registry->output->showError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': $this->registry->output->showError($this->lang->words['m_illegal']); break; case 'USER_NAME_EXISTS': $this->registry->output->showError($this->lang->words['m_namealready']); break; default: $this->registry->output->showError($error->getMessage()); break; } } $this->registry->output->global_message = $this->lang->words[$field . '_updated_success']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id); }
/** * UserCP Save Form: Display Name * * @return mixed Array of errors / boolean true */ public function saveFormDisplayname() { //----------------------------------------- // INIT //----------------------------------------- $members_display_name = trim($this->request['displayName']); $password_check = trim($this->request['displayPassword']); //----------------------------------------- // Check for blanks... //----------------------------------------- if (!$members_display_name or !$this->_isFBUser and !$password_check) { return array(0 => $this->lang->words['complete_entire_form']); } //----------------------------------------- // Check password //----------------------------------------- if (!$this->_isFBUser) { if ($this->_checkPassword($password_check) === FALSE) { return array(0 => $this->lang->words['current_pw_bad']); } } try { if (IPSMember::getFunction()->updateName($this->memberData['member_id'], $members_display_name, 'members_display_name') === TRUE) { $this->cache->rebuildCache('stats', 'global'); return $this->showFormDisplayname('', $this->lang->words['dname_change_ok']); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user return array(0 => $this->lang->words['name_taken_change']); } } catch (Exception $error) { switch ($error->getMessage()) { case 'NO_MORE_CHANGES': return array(0 => $this->lang->words['name_change_no_more']); break; case 'NO_USER': return array(0 => $this->lang->words['name_change_noload']); break; case 'NO_PERMISSION': return array(0 => $this->lang->words['name_change_noperm']); case 'NO_NAME': return array(0 => sprintf($this->lang->words['name_change_tooshort'], $this->settings['max_user_name_length'])); break; case 'TOO_LONG': return array(0 => sprintf($this->lang->words['name_change_tooshort'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': return array(0 => $this->lang->words['name_change_illegal']); break; case 'USER_NAME_EXISTS': return array(0 => $this->lang->words['name_change_taken']); break; default: return array(0 => $error->getMessage()); break; } } return TRUE; }
/** * Update a member's avatar * * @access private * @return void [Outputs to screen] * @author Brandon Farber * @since IPB3 / 9 June 2008 */ private function _processAvatar() { $member_id = intval($this->request['member_id']); try { IPSMember::getFunction()->saveNewAvatar($member_id); } catch (Exception $error) { switch ($error->getMessage()) { case 'NO_MEMBER_ID': $this->registry->output->showError($this->lang->words['t_noid'], 11356); break; case 'NO_PERMISSION': $this->registry->output->showError($this->lang->words['t_permav'], 11357, true); break; case 'UPLOAD_NO_IMAGE': $this->registry->output->showError($this->lang->words['t_uploadfail1'], 11358); break; case 'UPLOAD_INVALID_FILE_EXT': $this->registry->output->showError($this->lang->words['t_uploadfail2'], 11359); break; case 'UPLOAD_TOO_LARGE': $this->registry->output->showError($this->lang->words['t_uploadfail3'], 11360); break; case 'UPLOAD_CANT_BE_MOVED': $this->registry->output->showError($this->lang->words['t_uploadfail4'], 11361); break; case 'UPLOAD_NOT_IMAGE': $this->registry->output->showError($this->lang->words['t_uploadfail5'], 2131, true); break; case 'NO_AVATAR_TO_SAVE': $this->registry->output->showError($this->lang->words['t_noav'], 11362); break; case 'INVALID_FILE_EXT': $this->registry->output->showError($this->lang->words['t_badavext'], 11362); break; } } $this->registry->output->redirect($this->settings['_base_url'] . "app=members&module=members&section=members&do=viewmember&member_id={$this->request['member_id']}", $this->lang->words['t_avupdated']); }
/** * Change account data * * @param int ID number * @param string md5( IPS Connect Key (see login method) . ID number ) * @param string New username (blank means do not change) * @param string New displayname (blank means do not change) * @param string New email address (blank means do not change) * @param string New password, md5 encoded (blank means do not change) * @param string Redirect URL, Base64 encoded * @param string md5( IPS Connect Key . $redirect ) * @return mixed If the redirect URL is provided, this function should redirect the user to that URL with a single paramater - 'status' * If blank, will output to screen a JSON object with the same parameter * Values: * BAD_KEY Invalid Key * NO_USER ID number not match any member account * SUCCESS Information changed successfully * USERNAME_IN_USE The chosen username was in use and as a result NO information was changed * DISPLAYNAME_IN_USE The chosen username was in use and as a result NO information was changed * EMAIL_IN_USE The chosen username was in use and as a result NO information was changed * MISSING_DATA No details to be changed were provided */ public function change($id, $key, $username, $displayname, $email, $md5Password, $redirect, $redirectHash) { if ($key != md5($this->masterKey . $id)) { $this->_return(base64_encode($this->settings['board_url']), array('status' => 'BAD_KEY')); } $member = IPSMember::load(intval($id), 'none', 'id'); if (!$member['member_id']) { $this->_return($redirect, array('status' => 'NO_USER')); } $update = array(); if ($username) { if (IPSMember::getFunction()->checkNameExists($username, $member, 'name', TRUE)) { $this->_return($redirect, array('status' => 'USERNAME_IN_USE')); } $update['name'] = $username; } if ($displayname) { if (IPSMember::getFunction()->checkNameExists($displayname, $member, 'members_display_name', TRUE)) { $this->_return($redirect, array('status' => 'DISPLAYNAME_IN_USE')); } $update['members_display_name'] = $displayname; } if ($email) { if (IPSMember::checkByEmail($email)) { $this->_return($redirect, array('status' => 'EMAIL_IN_USE')); } $update['email'] = $email; } if (empty($update)) { if (!$md5Password) { $this->_return($redirect, array('status' => 'MISSING_DATA')); } } else { IPSMember::save($member['member_id'], array('members' => $update)); } if ($md5Password) { IPSMember::updatePassword($member['member_id'], $md5Password); } if ($redirect) { $redirect = $redirectHash == md5($this->masterKey . $redirect) ? $redirect : base64_encode($this->settings['board_url']); } $this->_return($redirect, array('status' => 'SUCCESS')); }
/** * Processes the registration form * * @access public * @return void */ public function registerProcessForm() { $form_errors = array(); $coppa = $this->request['coppa_user'] == 1 ? 1 : 0; $in_password = trim($this->request['PassWord']); $in_email = strtolower(trim($this->request['EmailAddress'])); $_SFS_FOUND = FALSE; /* Check */ if ($this->settings['no_reg'] == 1) { $this->registry->output->showError('registration_disabled', 2016, true); } /* Custom profile field stuff */ require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $custom_fields = new customProfileFields(); $custom_fields->initData('edit'); $custom_fields->parseToSave($this->request, 'register'); /* Check */ if ($custom_fields->error_messages) { $form_errors['general'] = $custom_fields->error_messages; } /* Check the email address */ if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) { $form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email']; } if (trim($this->request['PassWord_Check']) != $in_password) { $form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match']; } /* Test email address */ $this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two'])); $this->request['EmailAddress'] = strtolower(trim($this->request['EmailAddress'])); if (!IPSText::checkEmailAddress($this->request['EmailAddress_two'])) { $form_errors['email'][$this->lang->words['reg_error_email_invalid']] = $this->lang->words['reg_error_email_invalid']; } else { if ($in_email and $this->request['EmailAddress_two'] != $in_email) { $form_errors['email'][$this->lang->words['reg_error_email_nm']] = $this->lang->words['reg_error_email_nm']; } } /* Need username? */ $uses_name = false; foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_user_id'] == 'username') { $uses_name = true; } } if (!$uses_name) { $_REQUEST['UserName'] = $_REQUEST['members_display_name']; $this->request['UserName'] = $this->request['members_display_name']; } /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['UserName'], array(), 'name'); if ($this->settings['auth_allow_dnames']) { $disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name'); } if (is_array($user_check['errors']) && count($user_check['errors'])) { foreach ($user_check['errors'] as $key => $error) { $form_errors[$key][] = $error; } } if ($this->settings['auth_allow_dnames'] and is_array($disp_check['errors']) && count($disp_check['errors'])) { foreach ($disp_check['errors'] as $key => $error) { $form_errors[$key][] = $error; } } /* CHECK 1: Any errors (missing fields, etc)? */ if (count($form_errors)) { $this->registerForm($form_errors); return; } /* Is this email addy taken? */ if (IPSMember::checkByEmail($in_email) == TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Load handler... */ require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $this->han_login = new han_login($this->registry); $this->han_login->init(); $this->han_login->emailExistsCheck($in_email); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Are they banned [EMAIL]? */ if (IPSMember::isBanned('email', $in_email) === TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban']; } /* Check the CAPTCHA */ if ($this->settings['bot_antispam']) { if ($this->registry->getClass('class_captcha')->validate() !== TRUE) { $form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code']; } } /* Check the Q and A */ if ($this->settings['registration_qanda']) { $qanda = intval($this->request['qanda_id']); $pass = false; if ($qanda) { $data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda)); if ($data['qa_id']) { $answers = explode("\n", str_replace("\r", "", $data['qa_answers'])); if (count($answers)) { foreach ($answers as $answer) { if (strtolower($answer) == strtolower($this->request['qa_answer'])) { $pass = true; break; } } } } } else { //----------------------------------------- // Do we have any questions? //----------------------------------------- $data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer')); if (!$data['questions']) { $pass = true; } } if (!$pass) { $form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a']; } } /* CHECK 2: Any errors ? */ if (count($form_errors)) { $this->registerForm($form_errors); return; } /* Build up the hashes */ $mem_group = $this->settings['member_group']; /* Are we asking the member or admin to preview? */ if ($this->settings['reg_auth_type']) { $mem_group = $this->settings['auth_group']; } else { if ($coppa == 1) { $mem_group = $this->settings['auth_group']; } } /* Create member */ $member = array('name' => $this->request['UserName'], 'password' => $in_password, 'members_display_name' => $this->settings['auth_allow_dnames'] ? $this->request['members_display_name'] : $this->request['UserName'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->request['dst']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'hide_email' => $this->request['allow_member_mail'] ? 0 : 1); /* Spam Service */ $spamCode = 0; if ($this->settings['spam_service_enabled'] && $this->settings['spam_service_api_key']) { /* Query the service */ $spamCode = IPSMember::querySpamService($in_email); /* Action to perform */ $action = $this->settings['spam_service_action_' . $spamCode]; /* Perform Action */ switch ($action) { /* Proceed with registraction */ case 1: break; /* Flag for admin approval */ /* Flag for admin approval */ case 2: $member['member_group_id'] = $this->settings['auth_group']; $this->settings['reg_auth_type'] = 'admin'; break; /* Approve the account, but ban it */ /* Approve the account, but ban it */ case 3: $member['member_banned'] = 1; $member['member_group_id'] = $this->settings['banned_group']; $this->settings['reg_auth_type'] = ''; break; } } //----------------------------------------- // Create the account //----------------------------------------- $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request)); //----------------------------------------- // Login handler create account callback //----------------------------------------- $this->han_login->createAccount(array('email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'])); //----------------------------------------- // We'll just ignore if this fails - it shouldn't hold up IPB anyways //----------------------------------------- /*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) ) { $this->registry->output->showError( 'han_login_create_failed', 2017, true ); }*/ //----------------------------------------- // Validation //----------------------------------------- $validate_key = md5(IPSLib::makePassword() . time()); $time = time(); if ($coppa != 1) { if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') { //----------------------------------------- // We want to validate all reg's via email, // after email verificiation has taken place, // we restore their previous group and remove the validate_key //----------------------------------------- $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'])); if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') { IPSText::getTextClass('email')->getTemplate("reg_validate"); IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=05", 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key)); IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); $this->output = $this->registry->output->getTemplate('register')->showAuthorize($member); } else { if ($this->settings['reg_auth_type'] == 'admin') { $this->output = $this->registry->output->getTemplate('register')->showPreview($member); } } if ($this->settings['new_reg_notify']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } $this->registry->output->setTitle($this->lang->words['reg_success']); $this->registry->output->addNavigation($this->lang->words['nav_reg'], ''); } else { /* We don't want to preview, or get them to validate via email. */ $stat_cache = $this->caches['stats']; if ($member['members_display_name'] and $member['member_id']) { $stat_cache['last_mem_name'] = $member['members_display_name']; $stat_cache['last_mem_id'] = $member['member_id']; } $stat_cache['mem_count'] += 1; $this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0)); if ($this->settings['new_reg_notify']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } IPSCookie::set('pass_hash', $member['member_login_key'], 1); IPSCookie::set('member_id', $member['member_id'], 1); //----------------------------------------- // Fix up session //----------------------------------------- $privacy = $this->request['Privacy'] ? 1 : 0; if ($member['g_hide_online_list']) { $privacy = 1; } $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy)); $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1'); } } else { /* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */ $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'])); $this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12'); } }
/** * Manage validating members * * @access private * @return void [Outputs to screen] */ private function _manageValidating() { //----------------------------------------- // INIT //----------------------------------------- $ids = array(); //----------------------------------------- // GET checkboxes //----------------------------------------- foreach ($this->request as $k => $v) { if (preg_match("/^mid_(\\d+)\$/", $k, $match)) { if ($v) { $ids[] = $match[1]; } } } $ids = IPSLib::cleanIntArray($ids); //----------------------------------------- // Check //----------------------------------------- if (count($ids) < 1) { $this->registry->output->showError($this->lang->words['t_nomemsel'], 11247); } //----------------------------------------- // APPROVE //----------------------------------------- if ($this->request['type'] == 'approve') { IPSText::getTextClass('email')->getTemplate("complete_reg"); $approved = array(); //----------------------------------------- // Get members //----------------------------------------- $this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.member_id, m.members_display_name, m.name, m.email, m.member_group_id', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left')))); $main = $this->DB->execute(); while ($row = $this->DB->fetch($main)) { $approved[] = $row['name']; //----------------------------------------- // Only approve if the user is validating //----------------------------------------- if ($row['member_group_id'] != $this->settings['auth_group']) { continue; } //----------------------------------------- // Don't approve if no real_group set //----------------------------------------- if (!$row['real_group']) { //$row['real_group'] = $this->settings['member_group']; continue; } //----------------------------------------- // We don't approve lost pass requests //----------------------------------------- if ($row['lost_pass'] == 1) { continue; } try { IPSMember::save($row['member_id'], array('core' => array('member_group_id' => $row['real_group']))); } catch (Exception $error) { $this->registry->output->showError($error->getMessage(), 11247); } IPSText::getTextClass('email')->buildMessage(array()); //----------------------------------------- // Using 'name' on purpose // @see http://forums./index.php?autocom=tracker&showissue=11564&view=findpost&p=45269 //----------------------------------------- IPSText::getTextClass('email')->subject = sprintf($this->lang->words['subject__complete_reg'], $row['name'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $row['email']; IPSText::getTextClass('email')->sendMail(); IPSLib::runMemberSync('onGroupChange', $row['member_id'], $row['real_group']); } $this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")"); ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_memregapp2'] . implode(", ", $approved)); //----------------------------------------- // Stats to Update? //----------------------------------------- $this->cache->rebuildCache('stats', 'global'); $this->registry->output->global_message = count($ids) . $this->lang->words['t_memregapp']; if ($this->request['_return']) { $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'app=members&module=members§ion=members&do=viewmember&member_id=' . $this->request['_return']); } $this->_viewQueue('validating'); return; } else { if ($this->request['type'] == 'resend') { $reset = array(); $cant = array(); $main_msgs = array(); //----------------------------------------- // Get members //----------------------------------------- $this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.member_id, m.members_display_name, m.email, m.member_group_id', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left')))); $main = $this->DB->execute(); while ($row = $this->DB->fetch($main)) { if ($row['member_group_id'] != $this->settings['auth_group']) { continue; } if ($row['lost_pass']) { IPSText::getTextClass('email')->getTemplate("lost_pass"); IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['members_display_name'], 'THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=lostpass&do=sendform&uid=" . $row['member_id'] . "&aid=" . $val['vid'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=lostpass", 'EMAIL' => $row['email'], 'ID' => $row['member_id'], 'CODE' => $row['vid'], 'IP_ADDRESS' => $row['ip_address'])); IPSText::getTextClass('email')->subject = $this->lang->words['t_passwordrec'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $row['email']; IPSText::getTextClass('email')->sendMail(); } else { if ($row['new_reg']) { if ($row['user_verified']) { $cant[] = $row['members_display_name']; continue; } IPSText::getTextClass('email')->getTemplate("reg_validate"); IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=register&do=auto_validate&uid=" . $row['member_id'] . "&aid=" . $row['vid'], 'NAME' => $row['members_display_name'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=register&do=05", 'EMAIL' => $row['email'], 'ID' => $row['member_id'], 'CODE' => $row['vid'])); IPSText::getTextClass('email')->subject = $this->lang->words['t_regat'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $row['email']; IPSText::getTextClass('email')->sendMail(); } else { if ($row['email_chg']) { IPSText::getTextClass('email')->getTemplate("newemail"); IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['members_display_name'], 'THE_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $row['member_id'] . "&aid=" . $row['vid'], 'ID' => $row['member_id'], 'MAN_LINK' => $this->settings['board_url'] . "/index.php?app=core&module=global§ion=register&do=user_validate", 'CODE' => $row['vid'])); IPSText::getTextClass('email')->subject = $this->lang->words['t_emailchange'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $row['email']; IPSText::getTextClass('email')->sendMail(); } } } $resent[] = $row['members_display_name']; } if (count($resent)) { ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($resent) . $this->lang->words['tools_val_resent_log'] . implode(", ", $resent)); $main_msgs[] = count($resent) . $this->lang->words['t_vallog'] . implode(", ", $resent); } if (count($cant)) { $main_msgs[] = $this->lang->words['t_valcannot'] . implode(", ", $cant); } $this->registry->output->global_message = count($main_msgs) ? implode("<br />", $main_msgs) : ''; $this->_viewQueue('validating'); return; } else { if ($this->request['type'] == 'ban') { $this->DB->update('members', array('member_banned' => 1), "member_id IN(" . implode(",", $ids) . ")"); $this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")"); ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_membanned']); $this->registry->output->global_message = count($ids) . $this->lang->words['t_membanned']; $this->_viewQueue('validating'); return; } else { if ($this->request['type'] == 'spam') { /* Grab members */ $members = IPSMember::load($ids); /* Load moderator's library */ require IPSLib::getAppDir('forums') . '/sources/classes/moderate.php'; $modLibrary = new moderatorLibrary($this->registry); /* Load custom fields class */ require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $fields = new customProfileFields(); /* Load language file */ $this->registry->getClass('class_localization')->loadLanguageFile(array('public_mod'), 'forums'); foreach ($members as $member_id => $member) { $toSave = array('core' => array('bw_is_spammer' => 1, 'member_group_id' => $this->settings['member_group'])); /* Protected group? */ if (strstr(',' . $this->settings['warn_protected'] . ',', ',' . $member['member_group_id'] . ',')) { continue; } /* What do to.. */ if ($this->settings['spm_option']) { switch ($this->settings['spm_option']) { case 'disable': $toSave['core']['restrict_post'] = 1; $toSave['core']['members_disable_pm'] = 2; break; case 'unapprove': $toSave['core']['restrict_post'] = 1; $toSave['core']['members_disable_pm'] = 2; /* Unapprove posts and topics */ $modLibrary->toggleApproveMemberContent($member_id, FALSE, 'all', intval($this->settings['spm_post_days']) * 24); break; case 'ban': /* Unapprove posts and topics */ $modLibrary->toggleApproveMemberContent($member_id, FALSE, 'all', intval($this->settings['spm_post_days']) * 24); $toSave = array('core' => array('member_banned' => 1, 'title' => '', 'bw_is_spammer' => 1), 'extendedProfile' => array('signature' => '', 'pp_bio_content' => '', 'pp_about_me' => '', 'pp_status' => '')); //----------------------------------------- // Avatar //----------------------------------------- $toSave['extendedProfile']['avatar_location'] = ""; $toSave['extendedProfile']['avatar_size'] = ""; try { IPSMember::getFunction()->removeAvatar($member['member_id']); } catch (Exception $e) { // Maybe should show an error or something } //----------------------------------------- // Photo //----------------------------------------- IPSMember::getFunction()->removeUploadedPhotos($member['member_id']); $toSave['extendedProfile'] = array_merge($toSave['extendedProfile'], array('pp_main_photo' => '', 'pp_main_width' => '', 'pp_main_height' => '', 'pp_thumb_photo' => '', 'pp_thumb_width' => '', 'pp_thumb_height' => '')); //----------------------------------------- // Profile fields //----------------------------------------- $fields->member_data = $member; $fields->initData('edit'); $fields->parseToSave(array()); if (count($fields->out_fields)) { $toSave['customFields'] = $fields->out_fields; } //----------------------------------------- // Update signature content cache //----------------------------------------- IPSContentCache::update($member['member_id'], 'sig', ''); break; } } /* Send an email */ if ($this->settings['spm_notify'] and $this->settings['email_out'] != $this->memberData['email']) { IPSText::getTextClass('email')->getTemplate('possibleSpammer'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->class_localization->getDate($member['joined'], 'LONG', 1), 'MEMBER_NAME' => $member['members_display_name'], 'IP' => $member['ip_address'], 'EMAIL' => $member['email'], 'LINK' => $this->registry->getClass('output')->buildSEOUrl("showuser="******"member_id IN(" . implode(",", $ids) . ")"); $this->registry->output->global_message = count($ids) . ' ' . $this->lang->words['t_setasspammers']; $this->_viewQueue('validating'); return; } } else { $denied = array(); $this->DB->build(array('select' => 'members_display_name', 'from' => 'members', 'where' => "member_id IN(" . implode(",", $ids) . ")")); $this->DB->execute(); while ($r = $this->DB->fetch()) { $denied[] = $r['members_display_name']; } try { IPSMember::remove($ids); } catch (Exception $error) { $this->registry->output->showError($error->getMessage(), 11247); } ipsRegistry::getClass('adminFunctions')->saveAdminLog(count($ids) . $this->lang->words['t_regdenied'] . implode(", ", $denied)); $this->registry->output->global_message = count($ids) . $this->lang->words['t_removedmem']; $this->_viewQueue('validating'); return; } } } } }
/** * Function to resync a member's Twitter data * * @access public * @param mixed Member Data in an array form (result of IPSMember::load( $id, 'all' ) ) or a member ID * @return array Updated member data * * EXCEPTION CODES: * NO_MEMBER Member ID does not exist * NOT_LINKED Member ID or data specified is not linked to a FB profile */ public function syncMember($memberData) { //----------------------------------------- // INIT //----------------------------------------- $exProfile = array(); /* Do we need to load a member? */ if (!is_array($memberData)) { $memberData = IPSMember::load(intval($memberData), 'all'); } /* Got a member? */ if (!$memberData['member_id']) { throw new Exception('NO_MEMBER'); } /* Linked account? */ if (!$memberData['twitter_id']) { throw new Exception('NOT_LINKED'); } /* Not completed sign up ( no display name ) */ if ($memberData['member_group_id'] == $this->settings['auth_group']) { return false; } /* Thaw Options */ $bwOptions = IPSBWOptions::thaw($memberData['tc_bwoptions'], 'twitter'); /* Grab the data */ try { $this->resetApi($memberData['twitter_token'], $memberData['twitter_secret']); if ($this->isConnected()) { $user = $this->fetchUserData(); /* Load library */ if ($bwOptions['tc_s_pic']) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/photo.php', 'classes_member_photo'); $photo = new $classToLoad($this->registry); $photo->save($memberData, 'twitter'); } if ($bwOptions['tc_s_aboutme']) { $exProfile['pp_about_me'] = IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($user['description'], 'utf-8', IPS_DOC_CHAR_SET)); } if ($bwOptions['tc_si_status'] and (isset($memberData['gbw_no_status_import']) and !$memberData['gbw_no_status_import']) and !$memberData['bw_no_status_update']) { /* Fetch timeline */ $memberData['tc_last_sid_import'] = $memberData['tc_last_sid_import'] < 1 ? 100 : $memberData['tc_last_sid_import']; $_updates = $this->fetchUserTimeline($user['id'], $memberData['tc_last_sid_import'], true); /* Got any? */ if (count($_updates)) { $update = array_shift($_updates); if (is_array($update) and isset($update['text'])) { /* Load status class */ if (!$this->registry->isClassLoaded('memberStatus')) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/status.php', 'memberStatus'); $this->registry->setClass('memberStatus', new $classToLoad(ipsRegistry::instance())); } /* Set Author */ $this->registry->getClass('memberStatus')->setAuthor($memberData); $this->registry->getClass('memberStatus')->setStatusOwner($memberData); /* Convert if need be */ if (IPS_DOC_CHAR_SET != 'UTF-8') { $update['text'] = IPSText::utf8ToEntities($update['text']); } /* Set Content */ $this->registry->getClass('memberStatus')->setContent(trim(IPSText::getTextClass('bbcode')->stripBadWords($update['text']))); /* Set as imported */ $this->registry->getClass('memberStatus')->setIsImport(1); /* Set creator */ $this->registry->getClass('memberStatus')->setCreator('twitter'); /* Can we reply? */ if ($this->registry->getClass('memberStatus')->canCreate()) { $this->registry->getClass('memberStatus')->create(); $exProfile['tc_last_sid_import'] = $update['id']; } } } } /* Allowed profile customization? */ if ($bwOptions['tc_s_bgimg'] and ($user['profile_background_image_url'] or $user['profile_background_color']) and ($this->memberData['gbw_allow_customization'] and !$this->memberData['bw_disable_customization'])) { /* remove bg images */ IPSMember::getFunction()->removeUploadedBackgroundImages($memberData['member_id']); $exProfile['pp_customization'] = serialize(array('bg_url' => $user['profile_background_image_url'], 'type' => $user['profile_background_image_url'] ? 'url' : 'color', 'bg_color' => IPSText::alphanumericalClean($user['profile_background_color']), 'bg_tile' => intval($user['profile_background_tile']))); } /* Update member */ IPSMember::save($memberData['member_id'], array('core' => array('tc_lastsync' => time()), 'extendedProfile' => $exProfile)); /* merge and return */ $memberData['tc_lastsync'] = time(); $memberData = array_merge($memberData, $exProfile); } } catch (Exception $e) { } return $memberData; }
/** * UserCP Save Form: Photo * * @access public * @return array Errors */ public function savePhoto() { //----------------------------------------- // Check to make sure that we can edit profiles.. //----------------------------------------- if (!$this->memberData['g_edit_profile']) { $this->registry->getClass('output')->showError('members_profile_disabled', 1027); } //----------------------------------------- // Load lang file //----------------------------------------- $this->registry->class_localization->loadLanguageFile(array('public_profile'), 'members'); //----------------------------------------- // Do upload... //----------------------------------------- $photo = IPSMember::getFunction()->uploadPhoto(); if ($photo['status'] == 'fail') { return array(0 => $this->lang->words['pp_' . $photo['error']]); } else { IPSMember::save($this->memberData['member_id'], array('extendedProfile' => array('pp_main_photo' => $photo['final_location'], 'pp_main_width' => intval($photo['final_width']), 'pp_main_height' => intval($photo['final_height']), 'pp_thumb_photo' => $photo['t_final_location'], 'pp_thumb_width' => intval($photo['t_final_width']), 'pp_thumb_height' => intval($photo['t_final_height'])))); } return TRUE; }
/** * Show the form * * @access protected * @return void [Outputs to screen] */ protected function show() { //----------------------------------------- // INIT //----------------------------------------- $name = trim(IPSText::alphanumericalClean(ipsRegistry::$request['name'])); $member_id = intval(ipsRegistry::$request['member_id']); $output = ''; //----------------------------------------- // Get member data //----------------------------------------- $member = IPSMember::load($member_id, 'extendedProfile,customFields'); //----------------------------------------- // Got a member? //----------------------------------------- if (!$member['member_id']) { $this->returnJsonError($this->lang->words['t_noid']); } //----------------------------------------- // Return the form //----------------------------------------- if (method_exists($this->html, $name)) { $output = $this->html->{$name}($member); } else { $save_to = ''; $div_id = ''; $form_field = ''; $text = ''; $description = ''; $method = ''; switch ($name) { /*case 'inline_warn_level': $method = 'inline_form_generic'; $save_to = 'save_generic&field=warn_level'; $div_id = 'warn_level'; $form_field = ipsRegistry::getClass('output')->formInput( "generic__field", $member['warn_level'] ); $text = "Member Warn Level"; $description = "Make adjustments to the member's overall warn level. This does NOT add a warn log record - you should do so manually using the 'Add New Note' link if you wish to store a log of this adjustment"; break;*/ case 'inline_avatar': if (!$this->registry->getClass('class_permissions')->checkPermission('member_photo', 'members', 'members')) { $this->returnJsonError($this->lang->words['m_nopermban']); } $form = array(); $form['avatar_url'] = ipsRegistry::getClass('output')->formInput("avatar_url", $member['avatar_type'] == 'url' ? $member['avatar_location'] : ''); $av_categories = array_merge(array(0 => array(0, $this->lang->words['m_selectcat'])), IPSMember::getFunction()->getHostedAvatarCategories()); $output = $this->html->inline_avatar_selector($member, $av_categories); break; } if (!$output and $method and method_exists($html, $method)) { $output = $html->{$method}($member, $save_to, $div_id, $form_field, $text, $description); } } //----------------------------------------- // Print... //----------------------------------------- $this->returnHtml($output); }
/** * Check the name or display name * * @access public * @return void [Outputs to screen] */ public function checkDisplayName($field = 'members_display_name') { //----------------------------------------- // INIT //----------------------------------------- $this->registry->class_localization->loadLanguageFile(array('public_register')); $name = ''; if (is_string($_POST['name'])) { $name = strtolower(trim(rawurldecode($_POST['name']))); } if (!$name) { $this->returnString(sprintf(ipsRegistry::getClass('class_localization')->words['reg_error_no_name'], ipsRegistry::$settings['max_user_name_length'])); } /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($name, array(), $field); $errorField = $field == 'members_display_name' ? 'dname' : 'username'; $nameField = $field == 'members_display_name' ? 'members_display_name' : 'username'; if (is_array($user_check['errors'][$errorField]) && count($user_check['errors'][$errorField])) { $this->returnString($user_check['errors'][$errorField][0]); return; } else { if ($user_check['errors'][$errorField]) { $this->returnString($user_check['errors'][$errorField]); } else { $this->returnString('notfound'); } } }
/** * Update a user's login or display name * * @access protected * @param string Field to update * @return void [Outputs to screen] */ protected function save_member_name($field = 'members_display_name') { $member_id = intval($this->request['member_id']); $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->returnJsonError($this->lang->words['m_editadmin']); exit; } if ($field == 'members_display_name') { $display_name = $this->convertAndMakeSafe($_POST['display_name'], 1); $display_name = str_replace("+", "+", $display_name); } else { $display_name = $this->convertAndMakeSafe($_POST['name'], 1); $display_name = str_replace("+", "+", $display_name); $display_name = str_replace('|', '|', $display_name); $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name)); } if ($this->settings['strip_space_chr']) { // use hexdec to convert between '0xAD' and chr $display_name = IPSText::removeControlCharacters($display_name); } if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", str_replace(''', "'", str_replace('&', '&', $members_display_name)))) { $this->returnJsonError($this->lang->words['m_displaynames']); } try { if (IPSMember::getFunction()->updateName($member_id, $display_name, $field) === TRUE) { if ($field == 'members_display_name') { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name)); } else { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name)); //----------------------------------------- // If updating a name, and display names // disabled, update display name too //----------------------------------------- if (!ipsRegistry::$settings['auth_allow_dnames']) { IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name'); } //----------------------------------------- // I say, did we choose to email 'dis member? //----------------------------------------- if ($this->request['send_email'] == 1) { //----------------------------------------- // By golly, we did! //----------------------------------------- $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents']))); $msg = str_replace("{old_name}", $member['name'], $msg); $msg = str_replace("{new_name}", $display_name, $msg); $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg); $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg); IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg)); IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } } $this->cache->rebuildCache('stats', 'global'); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user $this->returnJsonError($this->lang->words['m_namealready']); } } catch (Exception $error) { $this->returnJsonError($error->getMessage()); switch ($error->getMessage()) { case 'NO_USER': $this->returnJsonError($this->lang->words['m_noid']); break; case 'NO_PERMISSION': case 'NO_NAME': $this->returnJsonError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': $this->returnJsonError($this->lang->words['m_illegal']); break; case 'USER_NAME_EXISTS': $this->returnJsonError($this->lang->words['m_namealready']); break; default: $this->returnJsonError($error->getMessage()); break; } } //----------------------------------------- // Load handler... //----------------------------------------- if ($field == 'name') { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->changeName($member['name'], $display_name, $member['email']); } else { IPSLib::runMemberSync('onNameChange', $member_id, $display_name); } $__display_name = addslashes($display_name); $_string = <<<EOF \t\t{ \t\t\t'success' : true, \t\t\t'display_name' : "{$__display_name}" \t\t} \t\t EOF; $this->returnString($_string); }
/** * Add a member [process] * * @access private * @return void [Outputs to screen] */ private function _memberDoAdd() { //----------------------------------------- // INIT //----------------------------------------- $in_username = trim($this->request['name']); $in_password = trim($this->request['password']); $in_email = trim(strtolower($this->request['email'])); $members_display_name = trim($this->request['members_display_name']); $this->registry->output->global_message = ''; //----------------------------------------- // Check form //----------------------------------------- foreach (array('name', 'password', 'email', 'member_group_id') as $field) { if (!$_POST[$field]) { $this->registry->output->showError($this->lang->words['m_completeform'], 11238); } } //----------------------------------------- // Check //----------------------------------------- if (!IPSText::checkEmailAddress($in_email)) { $this->registry->output->global_message = $this->lang->words['m_emailinv']; } $userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name'); $displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name'); if (count($userName['errors'])) { $this->registry->output->global_message .= '<p>' . $this->lang->words['sm_loginname'] . ' ' . $userName['errors']['username'] . '</p>'; } if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) { $this->registry->output->global_message .= '<p>' . $this->lang->words['sm_display'] . ' ' . $displayName['errors']['dname'] . '</p>'; } /* Errors? */ if ($this->registry->output->global_message) { $this->_memberAddForm(); return; } //----------------------------------------- // Load handler... //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $this->han_login = new han_login($this->registry); $this->han_login->init(); $this->han_login->emailExistsCheck($in_email); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') { $this->registry->output->global_message = $this->lang->words['m_emailalready']; $this->_memberAddForm(); return; } //----------------------------------------- // Allowed to add administrators? //----------------------------------------- if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) { $this->registry->output->global_message = $this->lang->words['m_addadmin']; $this->_memberAddForm(); return; } $member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password); //----------------------------------------- // Create the account //----------------------------------------- $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request)); //----------------------------------------- // Login handler create account callback //----------------------------------------- $this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name'])); /*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' ) { $this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details; $this->_memberAddForm(); return; }*/ //----------------------------------------- // Restriction permissions stuff //----------------------------------------- if ($this->memberData['row_perm_cache']) { if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) { //----------------------------------------- // Copy restrictions... //----------------------------------------- $this->DB->insert('admin_permission_rows', array('row_member_id' => $member_id, 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time())); } } //----------------------------------------- // Send teh email (I love 'teh' as much as !!11!!1) //----------------------------------------- if ($this->request['sendemail']) { IPSText::getTextClass('email')->getTemplate("account_created"); IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password)); IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } //----------------------------------------- // Stats //----------------------------------------- $this->cache->rebuildCache('stats', 'global'); //----------------------------------------- // Log and bog? //----------------------------------------- ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name'])); $this->registry->output->global_message = $this->lang->words['m_memadded']; $this->request['member_id'] = $member['member_id']; $this->_showAdminForm($member, array()); $this->_memberView(); }
/** * Processes the registration form * * @return @e void */ public function registerProcessForm() { $this->_resetMember(); $form_errors = array(); $coppa = $this->request['coppa_user'] == 1 ? 1 : 0; $in_password = trim($this->request['PassWord']); $in_email = strtolower(trim($this->request['EmailAddress'])); /* Did we agree to the t&c? */ if (!$this->request['agree_tos']) { $form_errors['tos'] = array($this->lang->words['must_agree_to_terms']); } /* Custom profile field stuff */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $custom_fields = new $classToLoad(); $custom_fields->initData('edit'); $custom_fields->parseToSave($_POST, 'register'); /* Check */ if ($custom_fields->error_messages) { $form_errors['general'] = $custom_fields->error_messages; } /* Check the email address */ if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) { $form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email']; } if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) { $form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match']; } /* There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770 elseif ( strlen( $in_password ) < 3 ) { $form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short']; } elseif ( strlen( $in_password ) > 32 ) { $form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long']; } */ /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name'); $disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name'); if (is_array($user_check['errors']) && count($user_check['errors'])) { foreach ($user_check['errors'] as $key => $error) { $form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error; } } /* this duplicates username error above */ /*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) ) { foreach( $disp_check['errors'] as $key => $error ) { $form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error; } }*/ /* Is this email addy taken? */ if (IPSMember::checkByEmail($in_email) == TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Load handler... */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); $this->han_login->emailExistsCheck($in_email); if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') { $form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken']; } /* Are they banned [EMAIL]? */ if (IPSMember::isBanned('email', $in_email) === TRUE) { $form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban']; } /* Check the CAPTCHA */ if ($this->settings['bot_antispam_type'] != 'none') { if ($this->registry->getClass('class_captcha')->validate() !== TRUE) { $form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code']; } } /* Check the Q and A */ $qanda = intval($this->request['qanda_id']); $pass = true; if ($qanda) { $pass = false; $data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda)); if ($data['qa_id']) { $answers = explode("\n", str_replace("\r", "", $data['qa_answers'])); if (count($answers)) { foreach ($answers as $answer) { $answer = trim($answer); if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) { $pass = true; break; } } } } } else { //----------------------------------------- // Do we have any questions? //----------------------------------------- $data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer')); if ($data['questions']) { $pass = false; } } if (!$pass) { $form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a']; } /* CHECK 2: Any errors ? */ if (count($form_errors)) { $this->registerForm($form_errors); return; } /* Build up the hashes */ $mem_group = $this->settings['member_group']; /* Are we asking the member or admin to preview? */ if ($this->settings['reg_auth_type']) { $mem_group = $this->settings['auth_group']; } else { if ($coppa == 1) { $mem_group = $this->settings['auth_group']; } } /* Create member */ $member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id); /* Spam Service */ $spamCode = 0; $_spamFlag = 0; if ($this->settings['spam_service_enabled']) { /* Query the service */ $spamCode = IPSMember::querySpamService($in_email); /* Action to perform */ $action = $this->settings['spam_service_action_' . $spamCode]; /* Perform Action */ switch ($action) { /* Proceed with registration */ case 1: break; /* Flag for admin approval */ /* Flag for admin approval */ case 2: $member['member_group_id'] = $this->settings['auth_group']; $this->settings['reg_auth_type'] = 'admin'; $_spamFlag = 1; break; /* Approve the account, but ban it */ /* Approve the account, but ban it */ case 3: $member['member_banned'] = 1; $member['bw_is_spammer'] = 1; $this->settings['reg_auth_type'] = ''; break; /* Deny registration */ /* Deny registration */ case 4: $this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200); break; } } //----------------------------------------- // Create the account //----------------------------------------- $member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE); //----------------------------------------- // Login handler create account callback //----------------------------------------- $this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name'])); //----------------------------------------- // We'll just ignore if this fails - it shouldn't hold up IPB anyways //----------------------------------------- /*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) ) { $this->registry->output->showError( 'han_login_create_failed', 2017, true ); }*/ //----------------------------------------- // Validation //----------------------------------------- $validate_key = md5(IPSMember::makePassword() . time()); $time = time(); if ($coppa != 1) { if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') { //----------------------------------------- // We want to validate all reg's via email, // after email verificiation has taken place, // we restore their previous group and remove the validate_key //----------------------------------------- $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag)); if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') { /* Send out the email. */ $message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key); IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id)); IPSText::getTextClass('email')->buildPlainTextContent($message); IPSText::getTextClass('email')->buildHtmlContent($message); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); $this->output = $this->registry->output->getTemplate('register')->showAuthorize($member); } else { if ($this->settings['reg_auth_type'] == 'admin') { $this->output = $this->registry->output->getTemplate('register')->showPreview($member); } } /* Only send new registration email if the member wasn't banned */ if ($this->settings['new_reg_notify'] and !$member['member_banned']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } $this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']); $this->registry->output->addNavigation($this->lang->words['nav_reg'], ''); } else { /* We don't want to preview, or get them to validate via email. */ $stat_cache = $this->cache->getCache('stats'); if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) { $stat_cache['last_mem_name'] = $member['members_display_name']; $stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']); $stat_cache['last_mem_id'] = $member['member_id']; } $stat_cache['mem_count'] += 1; $this->cache->setCache('stats', $stat_cache, array('array' => 1)); /* Only send new registration email if the member wasn't banned */ if ($this->settings['new_reg_notify'] and !$member['member_banned']) { $date = $this->registry->class_localization->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate('admin_newuser'); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name'])); IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']); IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } IPSCookie::set('pass_hash', $member['member_login_key'], 1); IPSCookie::set('member_id', $member['member_id'], 1); //----------------------------------------- // Fix up session //----------------------------------------- $privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0; # Update value for onCompleteAccount call $member['login_anonymous'] = $privacy . '&1'; $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy)); IPSLib::runMemberSync('onCompleteAccount', $member); $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1'); } } else { /* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */ $this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'])); $this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12'); } }
/** * Create new member * Very basic functionality at this point. * * @param array Fields to save in the following format: array( 'members' => array( 'email' => '*****@*****.**', * 'joined' => time() ), * 'extendedProfile' => array( 'signature' => 'My signature' ) ); * Tables: members, pfields_content, profile_portal. * You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]' * @param bool Flag to attempt to auto create a name if the desired is taken * @param bool Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet) * @param bool Whether or not to recache the stats so as to update the board's last member data * @return array Final member Data including member_id * * EXCEPTION CODES * CUSTOM_FIELDS_EMPTY - Custom fields were not populated * CUSTOM_FIELDS_INVALID - Custom fields were invalid * CUSTOM_FIELDS_TOOBIG - Custom fields too big */ public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE, $doStatsRecache = TRUE) { //----------------------------------------- // INIT //----------------------------------------- $finalTables = array(); $password = ''; $plainPassword = ''; $bitWiseFields = ipsRegistry::fetchBitWiseOptions('global'); $md_5_password = ''; //----------------------------------------- // Remap tables if required //----------------------------------------- foreach ($tables as $table => $data) { $_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table; if ($_name == 'members') { /* Magic password field */ if (!empty($data['md5_hash_password'])) { $md_5_password = trim($data['md5_hash_password']); $plainPassword = null; unset($data['md5_hash_password']); } else { $password = isset($data['password']) ? trim($data['password']) : self::makePassword(); $plainPassword = $password; $md_5_password = md5($password); unset($data['password']); } } $finalTables[$_name] = $data; } //----------------------------------------- // Custom profile field stuff //----------------------------------------- if (!$bypassCfields) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields'); $fields = new $classToLoad(); if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) { $fields->member_data = $finalTables['pfields_content']; } $fields->initData('edit'); $fields->parseToSave($finalTables['pfields_content'], 'register'); /* Check */ /*if( count( $fields->error_fields['empty'] ) ) { throw new Exception( 'CUSTOM_FIELDS_EMPTY' ); } if( count( $fields->error_fields['invalid'] ) ) { throw new Exception( 'CUSTOM_FIELDS_INVALID' ); } if( count( $fields->error_fields['toobig'] ) ) { throw new Exception( 'CUSTOM_FIELDS_TOOBIG' ); }*/ } //----------------------------------------- // Make sure the account doesn't exist //----------------------------------------- if ($finalTables['members']['email']) { if (IPSText::mbstrlen($finalTables['members']['email']) > 150 or strstr($finalTables['members']['email'], ' ')) { /* Allow it to be auto created */ $finalTables['members']['email'] = false; } else { $existing = IPSMember::load($finalTables['members']['email'], 'all'); if ($existing['member_id']) { $existing['full'] = true; $existing['timenow'] = time(); return $existing; } } } //----------------------------------------- // Fix up usernames and display names //----------------------------------------- /* Ensure we have a display name */ if ($autoCreateName and $finalTables['members']['members_display_name'] !== FALSE) { $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name']; } //----------------------------------------- // Remove some basic HTML tags //----------------------------------------- if ($finalTables['members']['members_display_name']) { if (IPSText::mbstrlen($finalTables['members']['members_display_name']) > 255) { $finalTables['members']['members_display_name'] = false; } $finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']); } if ($finalTables['members']['name']) { if (IPSText::mbstrlen($finalTables['members']['name']) > 255) { $finalTables['members']['name'] = false; } $finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']); } //----------------------------------------- // Make sure the names are unique //----------------------------------------- /* Can specify display name of FALSE to force no entry to force partial member */ if ($finalTables['members']['members_display_name'] !== FALSE) { try { if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) { if ($autoCreateName === TRUE) { /* Now, make sure we have a unique display name */ $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'")); if ($max['max']) { $_num = $max['max'] + 1; $finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num; } } else { $finalTables['members']['members_display_name'] = ''; } } } catch (Exception $e) { } } if ($finalTables['members']['name']) { try { if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) { if ($autoCreateName === TRUE) { /* Now, make sure we have a unique username */ $max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['name'])) . "%'")); if ($max['max']) { $_num = $max['max'] + 1; $finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num; } } else { $finalTables['members']['name'] = ''; } } } catch (Exception $e) { } } //----------------------------------------- // Clean up characters //----------------------------------------- if ($finalTables['members']['name']) { $userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name'); if ($userName['errors']) { $finalTables['members']['name'] = $finalTables['members']['email']; } else { $finalTables['members']['name'] = $userName['username']; } } if ($finalTables['members']['members_display_name']) { $displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']); if ($displayName['errors']) { $finalTables['members']['members_display_name'] = ''; } else { $finalTables['members']['members_display_name'] = $displayName['members_display_name']; } } //----------------------------------------- // Populate member table(s) //----------------------------------------- $finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : ''; $finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time(); $finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined']; $finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group']; $finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address; $finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']); $finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey(); $finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0; $finalTables['members']['view_sigs'] = 1; $finalTables['members']['bday_day'] = intval($finalTables['members']['bday_day']); $finalTables['members']['bday_month'] = intval($finalTables['members']['bday_month']); $finalTables['members']['bday_year'] = intval($finalTables['members']['bday_year']); $finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']); $finalTables['members']['auto_track'] = $finalTables['members']['auto_track'] ? $finalTables['members']['auto_track'] : ipsRegistry::$settings['auto_track_method']; $finalTables['members']['msg_count_total'] = 0; $finalTables['members']['msg_count_new'] = 0; $finalTables['members']['msg_show_notification'] = 1; $finalTables['members']['coppa_user'] = 0; $finalTables['members']['auto_track'] = substr($finalTables['members']['auto_track'], 0, 50); $finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time(); $finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time(); $finalTables['members']['language'] = $finalTables['members']['language'] ? $finalTables['members']['language'] : IPSLib::getDefaultLanguage(); $finalTables['members']['member_uploader'] = ipsRegistry::$settings['uploadFormType'] ? 'flash' : 'default'; $finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5); $finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password); $finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : ''; $finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : ''; $finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0; $finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : ''; $finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']); $finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']); //----------------------------------------- // Insert: MEMBERS //----------------------------------------- ipsRegistry::DB()->setDataType(array('name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'email'), 'string'); /* Bitwise options */ if (is_array($bitWiseFields['members'])) { $_freeze = array(); foreach ($bitWiseFields['members'] as $field) { if (isset($finalTables['members'][$field])) { /* Add to freezeable array */ $_freeze[$field] = $finalTables['members'][$field]; /* Remove it from the fields to save to DB */ unset($finalTables['members'][$field]); } } if (count($_freeze)) { $finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global'); } } ipsRegistry::DB()->insert('members', $finalTables['members']); //----------------------------------------- // Get the member id //----------------------------------------- $finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId(); //----------------------------------------- // Insert: PROFILE PORTAL //----------------------------------------- $finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id']; $finalTables['profile_portal']['pp_setting_count_friends'] = 1; $finalTables['profile_portal']['pp_setting_count_comments'] = 1; $finalTables['profile_portal']['pp_setting_count_visitors'] = 1; $finalTables['profile_portal']['pp_customization'] = serialize(array()); foreach (array('pp_last_visitors', 'pp_about_me', 'signature', 'fb_photo', 'fb_photo_thumb', 'pconversation_filters') as $f) { $finalTables['profile_portal'][$f] = $finalTables['profile_portal'][$f] ? $finalTables['profile_portal'][$f] : ''; } ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']); //----------------------------------------- // Insert into the custom profile fields DB //----------------------------------------- if (!$bypassCfields) { /* Check the website url field */ $website_field = $fields->getFieldIDByKey('website'); if ($website_field && $fields->out_fields['field_' . $website_field]) { if (stristr($fields->out_fields['field_' . $website_field], 'http://') === FALSE && stristr($fields->out_fields['field_' . $website_field], 'https://') === FALSE) { $fields->out_fields['field_' . $website_field] = 'http://' . $fields->out_fields['field_' . $website_field]; } } $fields->out_fields['member_id'] = $finalTables['members']['member_id']; ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']); ipsRegistry::DB()->insert('pfields_content', $fields->out_fields); } else { ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']); ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id'])); } //----------------------------------------- // Insert into partial ID table //----------------------------------------- $full_account = false; if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) { $full_account = true; } if (!$full_account) { ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1)); } /* Add plain password and run sync */ $finalTables['members']['plainPassword'] = $plainPassword; IPSLib::runMemberSync('onCreateAccount', $finalTables['members']); /* Remove plain password */ unset($finalTables['members']['plainPassword']); //----------------------------------------- // Recache our stats (Ticket 627608) //----------------------------------------- if ($doStatsRecache == TRUE) { ipsRegistry::cache()->rebuildCache('stats', 'global'); } return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account)); }
/** * Check the name or display name * * @return @e void [Outputs to screen] */ public function checkDisplayName($field = 'members_display_name') { //----------------------------------------- // INIT //----------------------------------------- $this->registry->class_localization->loadLanguageFile(array('public_register')); $name = ''; $member = array(); if (is_string($_POST['name'])) { $name = trim(rawurldecode($_POST['name'])); $name = IPSText::mbstrtolower($name); } if (!$name) { $this->returnString(sprintf(ipsRegistry::getClass('class_localization')->words['reg_error_no_name'], ipsRegistry::$settings['max_user_name_length'])); } /* Bug where Twitter sets a username but you can't use it when you try and sign up with a new account using username as display name */ if (!$this->memberData['member_id'] and $this->request['mpid']) { $reg = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . intval($this->request['mpid']))); if ($reg['partial_member_id']) { $member = IPSMember::load($reg['partial_member_id'], 'all'); } } /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($name, $member, $field); $errorField = $field == 'members_display_name' ? 'dname' : 'username'; $nameField = $field == 'members_display_name' ? 'members_display_name' : 'username'; if (is_array($user_check['errors'][$errorField]) && count($user_check['errors'][$errorField])) { $this->returnString(ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField][0]] ? ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField][0]] : $user_check['errors'][$errorField][0]); return; } else { if ($user_check['errors'][$errorField]) { $this->returnString(ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField]] ? ipsRegistry::getClass('class_localization')->words[$user_check['errors'][$errorField]] : $user_check['errors'][$errorField]); } else { $this->returnString('notfound'); } } }
/** * Add a member [process] * * @return @e void */ protected function _memberDoAdd() { /* Init vars */ $in_username = trim($this->request['name']); $in_password = trim($this->request['password']); $in_email = trim(strtolower($this->request['email'])); $members_display_name = $this->request['mirror_loginname'] ? $in_username : trim($this->request['members_display_name']); $this->registry->output->global_error = ''; $this->registry->class_localization->loadLanguageFile(array('public_register'), 'core'); /* Check erros */ foreach (array('name', 'password', 'email', 'member_group_id') as $field) { if (!$_POST[$field]) { $this->registry->output->showError($this->lang->words['m_completeform'], 11238); } } //----------------------------------------- // Check //----------------------------------------- if (!IPSText::checkEmailAddress($in_email)) { $this->registry->output->global_error = $this->lang->words['m_emailinv']; } $userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name'); $displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name'); if (count($userName['errors'])) { $_message = $this->lang->words[$userName['errors']['username']] ? $this->lang->words[$userName['errors']['username']] : $userName['errors']['username']; $this->registry->output->global_error .= '<p>' . $this->lang->words['sm_loginname'] . ': ' . $_message . '</p>'; } if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) { $_message = $this->lang->words[$displayName['errors']['dname']] ? $this->lang->words[$displayName['errors']['dname']] : $displayName['errors']['dname']; $this->registry->output->global_error .= '<p>' . $this->lang->words['sm_display'] . ': ' . $_message . '</p>'; } /* Errors? */ if ($this->registry->output->global_error) { $this->_memberAddForm(); return; } //----------------------------------------- // Load handler... //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login'); $this->han_login = new $classToLoad($this->registry); $this->han_login->init(); //----------------------------------------- // Only check local, else a user being in Converge // means that you can't manually add the user to the board //----------------------------------------- $email_check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . $in_email . "'")); if ($email_check['member_id']) { $this->registry->output->global_error = $this->lang->words['m_emailalready']; $this->_memberAddForm(); return; } //$this->han_login->emailExistsCheck( $in_email ); //if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'EMAIL_NOT_IN_USE' ) //{ // $this->registry->output->global_message = $this->lang->words['m_emailalready']; // $this->_memberAddForm(); // return; //} //----------------------------------------- // Allowed to add administrators? //----------------------------------------- if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) { $this->registry->output->global_error = $this->lang->words['m_addadmin']; $this->_memberAddForm(); return; } $member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password, 'language' => IPSLib::getDefaultLanguage()); //----------------------------------------- // Create the account //----------------------------------------- $member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request), FALSE, FALSE, FALSE); //----------------------------------------- // Login handler create account callback //----------------------------------------- $this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name'])); /*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' ) { $this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details; $this->_memberAddForm(); return; }*/ //----------------------------------------- // Restriction permissions stuff //----------------------------------------- if ($this->memberData['row_perm_cache']) { if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) { //----------------------------------------- // Copy restrictions... //----------------------------------------- $this->DB->insert('admin_permission_rows', array('row_member_id' => $member['member_id'], 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time())); } } //----------------------------------------- // Send teh email (I love 'teh' as much as !!11!!1) //----------------------------------------- if ($this->request['sendemail']) { IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("account_created")); IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password)); IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } //----------------------------------------- // Stats //----------------------------------------- $this->cache->rebuildCache('stats', 'global'); $this->cache->rebuildCache('birthdays', 'calendar'); //----------------------------------------- // Log and bog? //----------------------------------------- ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name'])); $this->registry->output->global_message = $this->lang->words['m_memadded']; $this->request['member_id'] = $member['member_id']; $this->_showAdminForm($member, array()); $this->_memberView(); }
/** * Authenticate the request * * @access public * @param string Username * @param string Email Address * @param string Password * @return boolean Authentication successful */ public function authenticate($username, $email_address, $password) { //----------------------------------------- // Check admin authentication request //----------------------------------------- if ($this->is_admin_auth) { $this->adminAuthLocal($username, $email_address, $password); if ($this->return_code == 'SUCCESS') { return true; } } //----------------------------------------- // Set some OpenID stuff //----------------------------------------- $this->auth_errors = array(); $pape_policy_uris = array(PAPE_AUTH_MULTI_FACTOR_PHYSICAL, PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT); session_start(); //----------------------------------------- // OK? //----------------------------------------- if (!$this->request['firstpass']) { $this->_doFirstPass(); } else { $this->_checkFirstPass(); } if (count($this->auth_errors)) { $this->return_code = $this->return_code ? $this->return_code : 'NO_USER'; return false; } if (!$this->data_store['email']) { $this->return_code = 'NO_USER'; return false; } $this->_loadMember($this->data_store['fullurl'], $this->data_store['email']); if ($this->member_data['member_id']) { $this->return_code = 'SUCCESS'; if (strtolower(trim($this->data_store['email'])) != strtolower($this->member_data['email'])) { $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . strtolower(trim($this->data_store['email'])) . "'")); if ($check['member_id']) { $this->data_store['email'] = $this->member_data['email']; } } //----------------------------------------- // Set Birthday fields if available //----------------------------------------- $dob = trim($this->data_store['dob']); $bday_day = 0; $bday_mon = 0; $bday_year = 0; if ($dob) { list($bday_year, $bday_mon, $bday_day) = explode('-', $dob); } $core = array('email' => trim($this->data_store['email']), 'bday_year' => $bday_year, 'bday_month' => $bday_mon, 'bday_day' => $bday_day, 'identity_url' => $this->data_store['fullurl']); //----------------------------------------- // Update the display name and name, if not taken //----------------------------------------- try { if (IPSMember::getFunction()->checkNameExists($this->data_store['nickname'], $this->member_data) === false) { $core['members_display_name'] = trim($this->data_store['nickname']); $core['members_l_display_name'] = strtolower(trim($this->data_store['nickname'])); //----------------------------------------- // If our display name is changing, store record //----------------------------------------- if ($core['members_display_name'] != $this->member_data['members_display_name']) { $this->DB->insert('dnames_change', array('dname_member_id' => $this->member_data['member_id'], 'dname_date' => time(), 'dname_ip_address' => $this->member->ip_address, 'dname_previous' => $this->member_data['members_display_name'], 'dname_current' => $core['members_display_name'])); } $this->member_data['members_display_name'] = trim($this->data_store['nickname']); $this->member_data['members_l_display_name'] = strtolower(trim($this->data_store['nickname'])); } } catch (Exception $e) { } try { if (IPSMember::getFunction()->checkNameExists($this->data_store['nickname'], $this->member_data, 'name') === false) { $core['name'] = trim($this->data_store['nickname']); $core['members_l_username'] = strtolower(trim($this->data_store['nickname'])); $this->member_data['name'] = trim($this->data_store['nickname']); $this->member_data['members_l_username'] = strtolower(trim($this->data_store['nickname'])); } } catch (Exception $e) { } IPSMember::save($this->member_data['email'], array('core' => $core)); $this->member_data['identity_url'] = $this->data_store['fullurl']; $this->member_data['email'] = trim($this->data_store['email']); $this->member_data['bday_year'] = $bday_year; $this->member_data['bday_month'] = $bday_month; $this->member_data['bday_day'] = $bday_day; } else { //----------------------------------------- // Set main fields //----------------------------------------- $email = trim($this->data_store['email']); $name = trim($this->data_store['nickname']); $dob = trim($this->data_store['dob']); $timenow = time(); //----------------------------------------- // Set Birthday fields if available //----------------------------------------- $bday_day = 0; $bday_mon = 0; $bday_year = 0; if ($dob) { list($bday_year, $bday_mon, $bday_day) = explode('-', $dob); } if (strtolower(trim($this->data_store['email'])) != strtolower($this->member_data['email'])) { $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . strtolower(trim($this->data_store['email'])) . "'")); if ($check['member_id']) { $email = ''; } } if (strtolower(trim($this->data_store['nickname'])) != $this->member_data['members_l_username']) { $check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "members_l_username='******'nickname'])) . "'")); if ($check['member_id']) { $name = ''; } } $this->member_data = $this->createLocalMember(array('members' => array('email' => $email, 'name' => $name, 'members_l_username' => strtolower($name), 'members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'joined' => time(), 'bday_day' => $bday_day, 'bday_month' => $bday_mon, 'bday_year' => $bday_year, 'members_created_remote' => 1, 'identity_url' => $this->data_store['fullurl']), 'profile_portal' => array())); $this->return_code = 'SUCCESS'; } if ($this->data_store['referrer']) { $this->request['referer'] = $this->data_store['referrer']; } if ($this->data_store['cookiedate']) { $this->request['rememberMe'] = $this->data_store['cookiedate']; } if ($this->data_store['privacy']) { $this->request['anonymous'] = $this->data_store['privacy']; } return $this->return_code; }
/** * Save the member updates * * @access private * @return void Outputs error screen * @todo [Future] Determine what items should be editable and allow moderators to edit them */ private function _doEditMember() { $member = $this->_checkAndGetMember(); /* Get the signature */ $signature = IPSText::getTextClass('editor')->processRawPost('Post'); $aboutme = IPSText::getTextClass('editor')->processRawPost('aboutme'); /* Parse the signature */ IPSText::getTextClass('bbcode')->parse_smilies = 0; IPSText::getTextClass('bbcode')->parse_html = intval($this->settings['sig_allow_html']); IPSText::getTextClass('bbcode')->parse_bbcode = intval($this->settings['sig_allow_ibc']); IPSText::getTextClass('bbcode')->parsing_section = 'signatures'; IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id']; IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others']; $signature = IPSText::getTextClass('bbcode')->preDbParse($signature); /* Parse the about me */ IPSText::getTextClass('bbcode')->parse_smilies = $this->settings['aboutme_emoticons']; IPSText::getTextClass('bbcode')->parse_html = intval($this->settings['aboutme_html']); IPSText::getTextClass('bbcode')->parse_bbcode = intval($this->settings['aboutme_bbcode']); IPSText::getTextClass('bbcode')->parsing_section = 'aboutme'; IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id']; IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others']; $aboutme = IPSText::getTextClass('bbcode')->preDbParse($aboutme); /* Add sig to the save array */ $save['extendedProfile'] = array('signature' => $signature, 'pp_status' => trim($this->request['status']), 'pp_about_me' => $aboutme); $save['members'] = array('title' => $this->request['title']); if ($this->request['avatar'] == 1) { $save['extendedProfile']['avatar_location'] = ""; $save['extendedProfile']['avatar_size'] = ""; try { IPSMember::getFunction()->removeAvatar($member['member_id']); } catch (Exception $e) { // Maybe should show an error or something } } if ($this->request['photo'] == 1) { IPSMember::getFunction()->removeUploadedPhotos($member['member_id']); $save['extendedProfile'] = array_merge($save['extendedProfile'], array('pp_main_photo' => '', 'pp_main_width' => '', 'pp_main_height' => '', 'pp_thumb_photo' => '', 'pp_thumb_width' => '', 'pp_thumb_height' => '')); } //----------------------------------------- // Profile fields //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $fields = new customProfileFields(); $fields->member_data = $member; $fields->initData('edit'); $fields->parseToSave($_POST); if (count($fields->out_fields)) { $save['customFields'] = $fields->out_fields; } //----------------------------------------- // Write it to the DB. //----------------------------------------- IPSMember::save($member['member_id'], $save); //----------------------------------------- // Update signature content cache //----------------------------------------- IPSContentCache::update($member['member_id'], 'sig', $save['extendedProfile']['signature']); //----------------------------------------- // Add a mod log entry and redirect //----------------------------------------- $this->_addModeratorLog($this->lang->words['acp_edited_profile'] . " {$member['members_display_name']}"); $this->registry->output->redirectScreen($this->lang->words['acp_edited_profile'] . " {$member['members_display_name']}", $this->settings['base_url'] . "app=forums&module=moderate&section=moderate&do=editmember&auth_key={$this->member->form_hash}&mid={$member['member_id']}"); }