public function login() { if (!$this->feather->user->is_guest) { Url::redirect($this->feather->urlFor('home'), 'Already logged in'); } if ($this->feather->request->isPost()) { $this->feather->hooks->fire('login_start'); $form_username = Utils::trim($this->feather->request->post('req_username')); $form_password = Utils::trim($this->feather->request->post('req_password')); $save_pass = (bool) $this->feather->request->post('save_pass'); $user = ModelAuth::get_user_from_name($form_username); if (!empty($user->password)) { $form_password_hash = Random::hash($form_password); // Will result in a SHA-1 hash if ($user->password == $form_password_hash) { if ($user->group_id == $this->feather->forum_env['FEATHER_UNVERIFIED']) { ModelAuth::update_group($user->id, $this->feather->forum_settings['o_default_user_group']); if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } } ModelAuth::delete_online_by_ip($this->feather->request->getIp()); // Reset tracked topics Track::set_tracked_topics(null); $expire = $save_pass ? $this->feather->now + 1209600 : $this->feather->now + $this->feather->forum_settings['o_timeout_visit']; $expire = $this->feather->hooks->fire('expire_login', $expire); ModelAuth::feather_setcookie($user->id, $form_password_hash, $expire); Url::redirect($this->feather->urlFor('home'), __('Login redirect')); } } throw new Error(__('Wrong user/pass') . ' <a href="' . $this->feather->urlFor('resetPassword') . '">' . __('Forgotten pass') . '</a>', 403); } else { $this->feather->template->setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape($this->feather->forum_settings['o_board_title']), __('Login')), 'required_fields' => array('req_username' => __('Username'), 'req_password' => __('Password')), 'focus_element' => array('login', 'req_username')))->addTemplate('login/form.php')->display(); } }
public function login() { $this->hook->fire('login_start'); $form_username = Utils::trim($this->request->post('req_username')); $form_password = Utils::trim($this->request->post('req_password')); $save_pass = $this->request->post('save_pass'); $user = DB::for_table('users')->where('username', $form_username); $user = $this->hook->fireDB('find_user_login', $user); $user = $user->find_one(); $authorized = false; if (!empty($user->password)) { $form_password_hash = Random::hash($form_password); // Will result in a SHA-1 hash $authorized = $user->password == $form_password_hash; } $authorized = $this->hook->fire('authorized_login', $authorized); if (!$authorized) { throw new Error(__('Wrong user/pass') . ' <a href="' . $this->feather->urlFor('resetPassword') . '">' . __('Forgotten pass') . '</a>', 403); } // Update the status if this is the first time the user logged in if ($user->group_id == $this->feather->forum_env['FEATHER_UNVERIFIED']) { $update_usergroup = DB::for_table('users')->where('id', $user->id)->find_one()->set('group_id', $this->config['o_default_user_group']); $update_usergroup = $this->hook->fireDB('update_usergroup_login', $update_usergroup); $update_usergroup = $update_usergroup->save(); // Regenerate the users info cache if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); } // Remove this user's guest entry from the online list $delete_online = DB::for_table('online')->where('ident', $this->request->getIp()); $delete_online = $this->hook->fireDB('delete_online_login', $delete_online); $delete_online = $delete_online->delete_many(); $expire = $save_pass == '1' ? time() + 1209600 : time() + $this->config['o_timeout_visit']; $expire = $this->hook->fire('expire_login', $expire); $this->auth->feather_setcookie($user->id, $form_password_hash, $expire); // Reset tracked topics Track::set_tracked_topics(null); // Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after login) $redirect_url = $this->request->post('redirect_url'); $redirect_url = $this->hook->fire('redirect_url_login', $redirect_url); Url::redirect(Utils::escape($redirect_url), __('Login redirect')); }
public function login($req, $res, $args) { if (!User::get()->is_guest) { return Router::redirect(Router::pathFor('home'), 'Already logged in'); } if (Request::isPost()) { Container::get('hooks')->fire('controller.login'); $form_username = Input::post('req_username'); $form_password = Input::post('req_password'); $save_pass = (bool) Input::post('save_pass'); $user = ModelAuth::get_user_from_name($form_username); if (!empty($user->password)) { $form_password_hash = Random::hash($form_password); // Will result in a SHA-1 hash if ($user->password == $form_password_hash) { if ($user->group_id == ForumEnv::get('FEATHER_UNVERIFIED')) { ModelAuth::update_group($user->id, ForumSettings::get('o_default_user_group')); if (!Container::get('cache')->isCached('users_info')) { Container::get('cache')->store('users_info', Cache::get_users_info()); } } ModelAuth::delete_online_by_ip(Utils::getIp()); // Reset tracked topics Track::set_tracked_topics(null); $expire = $save_pass ? Container::get('now') + 1209600 : Container::get('now') + ForumSettings::get('o_timeout_visit'); $expire = Container::get('hooks')->fire('controller.expire_login', $expire); $jwt = ModelAuth::generate_jwt($user, $expire); ModelAuth::feather_setcookie('Bearer ' . $jwt, $expire); return Router::redirect(Router::pathFor('home'), __('Login redirect')); } else { throw new Error(__('Wrong user/pass') . ' <a href="' . Router::pathFor('resetPassword') . '">' . __('Forgotten pass') . '</a>', 403); } } } else { View::setPageInfo(array('active_page' => 'login', 'title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Login')), 'required_fields' => array('req_username' => __('Username'), 'req_password' => __('Password')), 'focus_element' => array('login', 'req_username')))->addTemplate('login/form.php')->display(); } }
public function insert_user($user) { $user = Container::get('hooks')->fire('model.register.insert_user_start', $user); // Insert the new user into the database. We do this now to get the last inserted ID for later use $now = time(); $intial_group_id = ForumSettings::get('o_regs_verify') == '0' ? ForumSettings::get('o_default_user_group') : ForumEnv::get('FEATHER_UNVERIFIED'); $password_hash = Random::hash($user['password1']); // Add the user $user['insert'] = array('username' => $user['username'], 'group_id' => $intial_group_id, 'password' => $password_hash, 'email' => $user['email1'], 'email_setting' => ForumSettings::get('o_default_email_setting'), 'timezone' => ForumSettings::get('o_default_timezone'), 'dst' => 0, 'language' => $user['language'], 'style' => ForumSettings::get('o_default_style'), 'registered' => $now, 'registration_ip' => Utils::getIp(), 'last_visit' => $now); $user = DB::for_table('users')->create()->set($user['insert']); $user = Container::get('hooks')->fireDB('model.register.insert_user_query', $user); $user = $user->save(); $new_uid = DB::get_db()->lastInsertId(ForumSettings::get('db_prefix') . 'users'); // If the mailing list isn't empty, we may need to send out some alerts if (ForumSettings::get('o_mailing_list') != '') { // If we previously found out that the email was banned if (isset($user['banned_email'])) { // Load the "banned email register" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/banned_email_register.tpl')); $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_banned_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.register.insert_user_banned_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<email>', $user['email1'], $mail_message); $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.register.insert_user_banned_mail_message', $mail_message); Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message); } // If we previously found out that the email was a dupe if (!empty($dupe_list)) { // Load the "dupe email register" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/dupe_email_register.tpl')); $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message); $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_message', $mail_message); Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message); } // Should we alert people on the admin mailing list that a new user has registered? if (ForumSettings::get('o_regs_report') == '1') { // Load the "new user" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/new_user.tpl')); $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_new_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.register.insert_user_new_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message); $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<admin_url>', Router::pathFor('profileSection', ['id' => $new_uid, 'section' => 'admin']), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.register.insert_user_new_mail_message', $mail_message); Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message); } } // Must the user verify the registration or do we log him/her in right now? if (ForumSettings::get('o_regs_verify') == '1') { // Load the "welcome" template $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/welcome.tpl')); $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('<board_title>', ForumSettings::get('o_board_title'), $mail_subject); $mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<password>', $user['password1'], $mail_message); $mail_message = str_replace('<login_url>', Router::pathFor('login'), $mail_message); $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message); $mail_message = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_message', $mail_message); Container::get('email')->feather_mail($user['email1'], $mail_subject, $mail_message); return Router::redirect(Router::pathFor('home'), __('Reg email') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.'); } $user_object = new \stdClass(); $user_object->id = $new_uid; $user_object->username = $user['username']; $expire = time() + ForumSettings::get('o_timeout_visit'); $jwt = AuthModel::generate_jwt($user_object, $expire); AuthModel::feather_setcookie('Bearer ' . $jwt, $expire); // Refresh cache Container::get('cache')->store('users_info', Cache::get_users_info()); Container::get('hooks')->fire('model.register.insert_user'); return Router::redirect(Router::pathFor('home'), __('Reg complete')); }
public function update_profile($id, $info, $section) { $info = Container::get('hooks')->fire('model.profile.update_profile_start', $info, $id, $section); $username_updated = false; $section = Container::get('hooks')->fire('model.profile.update_profile_section', $section, $id, $info); // Validate input depending on section switch ($section) { case 'essentials': $form = array('timezone' => floatval(Input::post('form_timezone')), 'dst' => Input::post('form_dst') ? '1' : '0', 'time_format' => intval(Input::post('form_time_format')), 'date_format' => intval(Input::post('form_date_format'))); // Make sure we got a valid language string if (Input::post('form_language')) { $languages = \FeatherBB\Core\Lister::getLangs(); $form['language'] = Utils::trim(Input::post('form_language')); if (!in_array($form['language'], $languages)) { throw new Error(__('Bad request'), 404); } } if (User::get()->is_admmod) { $form['admin_note'] = Utils::trim(Input::post('admin_note')); // Are we allowed to change usernames? if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_rename_users == '1') { $form['username'] = Utils::trim(Input::post('req_username')); if ($form['username'] != $info['old_username']) { $errors = ''; $errors = $this->check_username($form['username'], $errors, $id); if (!empty($errors)) { throw new Error($errors[0]); } $username_updated = true; } } // We only allow administrators to update the post count if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN')) { $form['num_posts'] = intval(Input::post('num_posts')); } } if (ForumSettings::get('o_regs_verify') == '0' || User::get()->is_admmod) { // Validate the email address $form['email'] = strtolower(Utils::trim(Input::post('req_email'))); if (!Container::get('email')->is_valid_email($form['email'])) { throw new Error(__('Invalid email')); } } break; case 'personal': $form = array('realname' => Input::post('form_realname') ? Utils::trim(Input::post('form_realname')) : '', 'url' => Input::post('form_url') ? Utils::trim(Input::post('form_url')) : '', 'location' => Input::post('form_location') ? Utils::trim(Input::post('form_location')) : ''); // Add http:// if the URL doesn't contain it already (while allowing https://, too) if (User::get()->g_post_links == '1') { if ($form['url'] != '') { $url = Url::is_valid($form['url']); if ($url === false) { throw new Error(__('Invalid website URL')); } $form['url'] = $url['url']; } } else { if (!empty($form['url'])) { throw new Error(__('Website not allowed')); } $form['url'] = ''; } if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN')) { $form['title'] = Utils::trim(Input::post('title')); } elseif (User::get()->g_set_title == '1') { $form['title'] = Utils::trim(Input::post('title')); if ($form['title'] != '') { // A list of words that the title may not contain // If the language is English, there will be some duplicates, but it's not the end of the world $forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower(__('Member')), utf8_strtolower(__('Moderator')), utf8_strtolower(__('Administrator')), utf8_strtolower(__('Banned')), utf8_strtolower(__('Guest'))); if (in_array(utf8_strtolower($form['title']), $forbidden)) { throw new Error(__('Forbidden title')); } } } break; case 'messaging': $form = array('jabber' => Utils::trim(Input::post('form_jabber')), 'icq' => Utils::trim(Input::post('form_icq')), 'msn' => Utils::trim(Input::post('form_msn')), 'aim' => Utils::trim(Input::post('form_aim')), 'yahoo' => Utils::trim(Input::post('form_yahoo'))); // If the ICQ UIN contains anything other than digits it's invalid if (preg_match('%[^0-9]%', $form['icq'])) { throw new Error(__('Bad ICQ')); } break; case 'personality': $form = array(); // Clean up signature from POST if (ForumSettings::get('o_signatures') == '1') { $form['signature'] = Utils::linebreaks(Utils::trim(Input::post('signature'))); // Validate signature if (Utils::strlen($form['signature']) > ForumSettings::get('p_sig_length')) { throw new Error(sprintf(__('Sig too long'), ForumSettings::get('p_sig_length'), Utils::strlen($form['signature']) - ForumSettings::get('p_sig_length'))); } elseif (substr_count($form['signature'], "\n") > ForumSettings::get('p_sig_lines') - 1) { throw new Error(sprintf(__('Sig too many lines'), ForumSettings::get('p_sig_lines'))); } elseif ($form['signature'] && ForumSettings::get('p_sig_all_caps') == '0' && Utils::is_all_uppercase($form['signature']) && !User::get()->is_admmod) { $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature'])); } // Validate BBCode syntax if (ForumSettings::get('p_sig_bbcode') == '1') { $errors = array(); $form['signature'] = Container::get('parser')->preparse_bbcode($form['signature'], $errors, true); if (count($errors) > 0) { throw new Error('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>'); } } } break; case 'display': $form = array('disp_topics' => Utils::trim(Input::post('form_disp_topics')), 'disp_posts' => Utils::trim(Input::post('form_disp_posts')), 'show_smilies' => Input::post('form_show_smilies') ? '1' : '0', 'show_img' => Input::post('form_show_img') ? '1' : '0', 'show_img_sig' => Input::post('form_show_img_sig') ? '1' : '0', 'show_avatars' => Input::post('form_show_avatars') ? '1' : '0', 'show_sig' => Input::post('form_show_sig') ? '1' : '0'); if ($form['disp_topics'] != '') { $form['disp_topics'] = intval($form['disp_topics']); if ($form['disp_topics'] < 3) { $form['disp_topics'] = 3; } elseif ($form['disp_topics'] > 75) { $form['disp_topics'] = 75; } } if ($form['disp_posts'] != '') { $form['disp_posts'] = intval($form['disp_posts']); if ($form['disp_posts'] < 3) { $form['disp_posts'] = 3; } elseif ($form['disp_posts'] > 75) { $form['disp_posts'] = 75; } } // Make sure we got a valid style string if (Input::post('form_style')) { $styles = \FeatherBB\Core\Lister::getStyles(); $form['style'] = Utils::trim(Input::post('form_style')); if (!in_array($form['style'], $styles)) { throw new Error(__('Bad request'), 404); } } break; case 'privacy': $form = array('email_setting' => intval(Input::post('form_email_setting')), 'notify_with_post' => Input::post('form_notify_with_post') ? '1' : '0', 'auto_notify' => Input::post('form_auto_notify') ? '1' : '0'); if ($form['email_setting'] < 0 || $form['email_setting'] > 2) { $form['email_setting'] = ForumSettings::get('o_default_email_setting'); } break; default: throw new Error(__('Bad request'), 404); } $form = Container::get('hooks')->fire('model.profile.update_profile_form', $form, $section, $id, $info); // Single quotes around non-empty values and nothing for empty values $temp = array(); foreach ($form as $key => $input) { $temp[$key] = $input; } if (empty($temp)) { throw new Error(__('Bad request'), 404); } $update_user = DB::for_table('users')->where('id', $id)->find_one()->set($temp); $update_user = Container::get('hooks')->fireDB('model.profile.update_profile_query', $update_user); $update_user = $update_user->save(); // If we changed the username we have to update some stuff if ($username_updated) { $bans_updated = DB::for_table('bans')->where('username', $info['old_username']); $bans_updated = Container::get('hooks')->fireDB('model.profile.update_profile_bans_updated', $bans_updated); $bans_updated = $bans_updated->update_many('username', $form['username']); $update_poster_id = DB::for_table('posts')->where('poster_id', $id); $update_poster_id = Container::get('hooks')->fireDB('model.profile.update_profile_poster_id', $update_poster_id); $update_poster_id = $update_poster_id->update_many('poster', $form['username']); $update_posts = DB::for_table('posts')->where('edited_by', $info['old_username']); $update_posts = Container::get('hooks')->fireDB('model.profile.update_profile_posts', $update_posts); $update_posts = $update_posts->update_many('edited_by', $form['username']); $update_topics_poster = DB::for_table('topics')->where('poster', $info['old_username']); $update_topics_poster = Container::get('hooks')->fireDB('model.profile.update_profile_topics_poster', $update_topics_poster); $update_topics_poster = $update_topics_poster->update_many('poster', $form['username']); $update_topics_last_poster = DB::for_table('topics')->where('last_poster', $info['old_username']); $update_topics_last_poster = Container::get('hooks')->fireDB('model.profile.update_profile_topics_last_poster', $update_topics_last_poster); $update_topics_last_poster = $update_topics_last_poster->update_many('last_poster', $form['username']); $update_forums = DB::for_table('forums')->where('last_poster', $info['old_username']); $update_forums = Container::get('hooks')->fireDB('model.profile.update_profile_forums', $update_forums); $update_forums = $update_forums->update_many('last_poster', $form['username']); $update_online = DB::for_table('online')->where('ident', $info['old_username']); $update_online = Container::get('hooks')->fireDB('model.profile.update_profile_online', $update_online); $update_online = $update_online->update_many('ident', $form['username']); // If the user is a moderator or an administrator we have to update the moderator lists $group_id = DB::for_table('users')->where('id', $id); // TODO: restore hook // $group_id = Container::get('hooks')->fireDB('model.profile.update_profile_group_id', $update_online); $group_id = $group_id->find_one_col('group_id'); $group_mod = DB::for_table('groups')->where('g_id', $group_id); $group_mod = Container::get('hooks')->fireDB('model.profile.update_profile_group_mod', $group_mod); $group_mod = $group_mod->find_one_col('g_moderator'); if ($group_id == ForumEnv::get('FEATHER_ADMIN') || $group_mod == '1') { // Loop through all forums $result = $this->loop_mod_forums(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); if (in_array($id, $cur_moderators)) { unset($cur_moderators[$info['old_username']]); $cur_moderators[$form['username']] = $id; uksort($cur_moderators, 'utf8_strcasecmp'); $update_mods = DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators)); $update_mods = Container::get('hooks')->fireDB('model.profile.update_profile_mods', $update_mods); $update_mods = $update_mods->save(); } } } // Regenerate the users info cache if (!Container::get('cache')->isCached('users_info')) { Container::get('cache')->store('users_info', Cache::get_users_info()); } $stats = Container::get('cache')->retrieve('users_info'); // Check if the bans table was updated and regenerate the bans cache when needed if ($bans_updated) { Container::get('cache')->store('bans', Cache::get_bans()); } } $section = Container::get('hooks')->fireDB('model.profile.update_profile', $section, $id); return Router::redirect(Router::pathFor('profileSection', array('id' => $id, 'section' => $section)), __('Profile redirect')); }
public function insert_user($user) { $user = $this->hook->fire('insert_user_start', $user); // Insert the new user into the database. We do this now to get the last inserted ID for later use $now = time(); $intial_group_id = $this->config['o_regs_verify'] == '0' ? $this->config['o_default_user_group'] : $this->feather->forum_env['FEATHER_UNVERIFIED']; $password_hash = Random::hash($user['password1']); // Add the user $user['insert'] = array('username' => $user['username'], 'group_id' => $intial_group_id, 'password' => $password_hash, 'email' => $user['email1'], 'email_setting' => $this->config['o_default_email_setting'], 'timezone' => $this->config['o_default_timezone'], 'dst' => 0, 'language' => $user['language'], 'style' => $this->config['o_default_style'], 'registered' => $now, 'registration_ip' => $this->request->getIp(), 'last_visit' => $now); $user = DB::for_table('users')->create()->set($user['insert']); $user = $this->hook->fireDB('insert_user_query', $user); $user = $user->save(); $new_uid = DB::get_db()->lastInsertId($this->feather->forum_settings['db_prefix'] . 'users'); if ($this->config['o_regs_verify'] == '0') { // Regenerate the users info cache if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); } // If the mailing list isn't empty, we may need to send out some alerts if ($this->config['o_mailing_list'] != '') { // If we previously found out that the email was banned if (isset($user['banned_email'])) { // Load the "banned email register" template $mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/banned_email_register.tpl')); $mail_tpl = $this->hook->fire('insert_user_banned_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = $this->hook->fire('insert_user_banned_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<email>', $user['email1'], $mail_message); $mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message); $mail_message = $this->hook->fire('insert_user_banned_mail_message', $mail_message); $this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message); } // If we previously found out that the email was a dupe if (!empty($dupe_list)) { // Load the "dupe email register" template $mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/dupe_email_register.tpl')); $mail_tpl = $this->hook->fire('insert_user_dupe_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = $this->hook->fire('insert_user_dupe_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message); $mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message); $mail_message = $this->hook->fire('insert_user_dupe_mail_message', $mail_message); $this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message); } // Should we alert people on the admin mailing list that a new user has registered? if ($this->config['o_regs_report'] == '1') { // Load the "new user" template $mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/new_user.tpl')); $mail_tpl = $this->hook->fire('insert_user_new_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = $this->hook->fire('insert_user_new_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<base_url>', $this->feather->urlFor('home'), $mail_message); $mail_message = str_replace('<profile_url>', $this->feather->urlFor('userProfile', ['id' => $new_uid]), $mail_message); $mail_message = str_replace('<admin_url>', $this->feather->urlFor('profileSection', ['id' => $new_uid, 'section' => 'admin']), $mail_message); $mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message); $mail_message = $this->hook->fire('insert_user_new_mail_message', $mail_message); $this->email->feather_mail($this->config['o_mailing_list'], $mail_subject, $mail_message); } } // Must the user verify the registration or do we log him/her in right now? if ($this->config['o_regs_verify'] == '1') { // Load the "welcome" template $mail_tpl = trim(file_get_contents($this->feather->forum_env['FEATHER_ROOT'] . 'featherbb/lang/' . $this->user->language . '/mail_templates/welcome.tpl')); $mail_tpl = $this->hook->fire('insert_user_welcome_mail_tpl', $mail_tpl); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_subject = $this->hook->fire('insert_user_welcome_mail_subject', $mail_subject); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('<board_title>', $this->config['o_board_title'], $mail_subject); $mail_message = str_replace('<base_url>', $this->feather->urlFor('home'), $mail_message); $mail_message = str_replace('<username>', $user['username'], $mail_message); $mail_message = str_replace('<password>', $user['password1'], $mail_message); $mail_message = str_replace('<login_url>', $this->feather->urlFor('login'), $mail_message); $mail_message = str_replace('<board_mailer>', $this->config['o_board_title'], $mail_message); $mail_message = $this->hook->fire('insert_user_welcome_mail_message', $mail_message); $this->email->feather_mail($user['email1'], $mail_subject, $mail_message); Url::redirect($this->feather->urlFor('home'), __('Reg email') . ' <a href="mailto:' . Utils::escape($this->config['o_admin_email']) . '">' . Utils::escape($this->config['o_admin_email']) . '</a>.'); } $this->auth->feather_setcookie($new_uid, $password_hash, time() + $this->config['o_timeout_visit']); $this->hook->fire('insert_user'); Url::redirect($this->feather->urlFor('home'), __('Reg complete')); }
public function collect_stats() { $this->hook->fire('collect_stats_start'); // Collect some statistics from the database if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); $query = DB::for_table('forums')->select_expr('SUM(num_topics)', 'total_topics')->select_expr('SUM(num_posts)', 'total_posts'); $query = $this->hook->fireDB('collect_stats_query', $query); $query = $query->find_one(); $stats['total_topics'] = intval($query['total_topics']); $stats['total_posts'] = intval($query['total_posts']); if ($this->user->g_view_users == '1') { $stats['newest_user'] = '******' . $this->feather->urlFor('userProfile', ['id' => $stats['last_user']['id']]) . '">' . Utils::escape($stats['last_user']['username']) . '</a>'; } else { $stats['newest_user'] = Utils::escape($stats['last_user']['username']); } $stats = $this->hook->fire('collect_stats', $stats); return $stats; }
public function delete_users() { if ($this->request->post('users')) { $user_ids = is_array($this->request->post('users')) ? array_keys($this->request->post('users')) : explode(',', $this->request->post('users')); $user_ids = array_map('intval', $user_ids); // Delete invalid IDs $user_ids = array_diff($user_ids, array(0, 1)); } else { $user_ids = array(); } $user_ids = $this->hook->fire('model.users.delete_users.user_ids', $user_ids); if (empty($user_ids)) { throw new Error(__('No users selected'), 404); } // Are we trying to delete any admins? $is_admin = DB::for_table('users')->where_in('id', $user_ids)->where('group_id', $this->feather->forum_env['FEATHER_ADMIN'])->find_one(); if ($is_admin) { throw new Error(__('No delete admins message'), 403); } if ($this->request->post('delete_users_comply')) { // Fetch user groups $user_groups = array(); $result['select'] = array('id', 'group_id'); $result = DB::for_table('users')->select_many($result['select'])->where_in('id', $user_ids); $result = $this->hook->fireDB('model.users.delete_users.user_groups_query', $result); $result = $result->find_many(); foreach ($result as $cur_user) { if (!isset($user_groups[$cur_user['group_id']])) { $user_groups[$cur_user['group_id']] = array(); } $user_groups[$cur_user['group_id']][] = $cur_user['id']; } // Are any users moderators? $group_ids = array_keys($user_groups); $select_fetch_user_mods = array('g_id', 'g_moderator'); $result = DB::for_table('groups')->select_many($select_fetch_user_mods)->where_in('g_id', $group_ids)->find_many(); foreach ($result as $cur_group) { if ($cur_group['g_moderator'] == '0') { unset($user_groups[$cur_group['g_id']]); } } $user_groups = $this->hook->fire('model.users.delete_users.user_groups', $user_groups); // Fetch forum list and clean up their moderator list $select_mods = array('id', 'moderators'); $result = DB::for_table('forums')->select_many($select_mods)->find_many(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); foreach ($user_groups as $group_users) { $cur_moderators = array_diff($cur_moderators, $group_users); } if (!empty($cur_moderators)) { DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save(); } else { DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set_expr('moderators', 'NULL')->save(); } } // Delete any subscriptions DB::for_table('topic_subscriptions')->where_in('user_id', $user_ids)->delete_many(); DB::for_table('forum_subscriptions')->where_in('user_id', $user_ids)->delete_many(); // Remove them from the online list (if they happen to be logged in) DB::for_table('online')->where_in('user_id', $user_ids)->delete_many(); // Should we delete all posts made by these users? if ($this->request->post('delete_posts')) { @set_time_limit(0); // Find all posts made by this user $select_user_posts = array('p.id', 'p.topic_id', 't.forum_id'); $result = DB::for_table('posts')->table_alias('p')->select_many($select_user_posts)->inner_join('topics', array('t.id', '=', 'p.topic_id'), 't')->inner_join('forums', array('f.id', '=', 't.forum_id'), 'f')->where('p.poster_id', $user_ids); $result = $this->hook->fireDB('model.users.delete_users.user_posts_query', $result); $result = $result->find_many(); if ($result) { foreach ($result as $cur_post) { // Determine whether this post is the "topic post" or not $result2 = DB::for_table('posts')->where('topic_id', $cur_post['topic_id'])->order_by('posted')->find_one_col('id'); if ($result2 == $cur_post['id']) { \FeatherBB\Model\Delete::topic($cur_post['topic_id']); } else { \FeatherBB\Model\Delete::post($cur_post['id'], $cur_post['topic_id']); } \FeatherBB\Model\Forum::update($cur_post['forum_id']); } } } else { // Set all their posts to guest // TODO: invert where_in and update_many values ? To test. DB::for_table('posts')->where_in('poster_id', '1')->update_many('poster_id', $user_ids); } // Delete the users DB::for_table('users')->where_in('id', $user_ids)->delete_many(); // Delete user avatars foreach ($user_ids as $user_id) { Delete::avatar($user_id); } // Regenerate the users info cache if (!$this->feather->cache->isCached('users_info')) { $this->feather->cache->store('users_info', Cache::get_users_info()); } $stats = $this->feather->cache->retrieve('users_info'); Url::redirect($this->feather->urlFor('adminUsers'), __('Users delete redirect')); } return $user_ids; }