/** * Activate an account. * This function is called from the profile account actions area. */ public function action_activateaccount() { global $context, $user_profile, $modSettings; isAllowedTo('moderate_forum'); $memID = currentMemberID(); if (isset($_REQUEST['save']) && isset($user_profile[$memID]['is_activated']) && $user_profile[$memID]['is_activated'] != 1) { require_once SUBSDIR . '/Members.subs.php'; // If we are approving the deletion of an account, we do something special ;) if ($user_profile[$memID]['is_activated'] == 4) { deleteMembers($context['id_member']); redirectexit(); } // Actually update this member now, as it guarantees the unapproved count can't get corrupted. approveMembers(array('members' => array($context['id_member']), 'activated_status' => $user_profile[$memID]['is_activated'])); // Log what we did? logAction('approve_member', array('member' => $memID), 'admin'); // If we are doing approval, update the stats for the member just in case. if (in_array($user_profile[$memID]['is_activated'], array(3, 4, 13, 14))) { updateSettings(array('unapprovedMembers' => $modSettings['unapprovedMembers'] > 1 ? $modSettings['unapprovedMembers'] - 1 : 0)); } // Make sure we update the stats too. updateStats('member', false); } // Leave it be... redirectexit('action=profile;u=' . $memID . ';area=summary'); }
/** * This function determines the actions of the members passed in urls. * * Adding actions to the Who's Online list: * Adding actions to this list is actually relatively easy... * - for actions anyone should be able to see, just add a string named whoall_ACTION. * (where ACTION is the action used in index.php.) * - for actions that have a subaction which should be represented differently, use whoall_ACTION_SUBACTION. * - for actions that include a topic, and should be restricted, use whotopic_ACTION. * - for actions that use a message, by msg or quote, use whopost_ACTION. * - for administrator-only actions, use whoadmin_ACTION. * - for actions that should be viewable only with certain permissions, use whoallow_ACTION and * add a list of possible permissions to the $allowedActions array, using ACTION as the key. * * @param mixed[]|string $urls a single url (string) or an array of arrays, each inner array being (serialized request data, id_member) * @param string|false $preferred_prefix = false * @return mixed[]|string an array of descriptions if you passed an array, otherwise the string describing their current location. */ function determineActions($urls, $preferred_prefix = false) { global $txt, $user_info, $modSettings, $scripturl; $db = database(); if (!allowedTo('who_view')) { return array(); } loadLanguage('Who'); // Actions that require a specific permission level. $allowedActions = array('admin' => array('moderate_forum', 'manage_membergroups', 'manage_bans', 'admin_forum', 'manage_permissions', 'send_mail', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news'), 'ban' => array('manage_bans'), 'boardrecount' => array('admin_forum'), 'calendar' => array('calendar_view'), 'editnews' => array('edit_news'), 'mailing' => array('send_mail'), 'maintain' => array('admin_forum'), 'manageattachments' => array('manage_attachments'), 'manageboards' => array('manage_boards'), 'memberlist' => array('view_mlist'), 'moderate' => array('access_mod_center', 'moderate_forum', 'manage_membergroups'), 'optimizetables' => array('admin_forum'), 'repairboards' => array('admin_forum'), 'search' => array('search_posts'), 'setcensor' => array('moderate_forum'), 'setreserve' => array('moderate_forum'), 'stats' => array('view_stats'), 'viewErrorLog' => array('admin_forum'), 'viewmembers' => array('moderate_forum')); // Provide integration a way to add to the allowed action array call_integration_hook('integrate_whos_online_allowed', array(&$allowedActions)); if (!is_array($urls)) { $url_list = array(array($urls, $user_info['id'])); } else { $url_list = $urls; } // These are done to query these in large chunks. (instead of one by one.) $topic_ids = array(); $profile_ids = array(); $board_ids = array(); $data = array(); foreach ($url_list as $k => $url) { // Get the request parameters.. $actions = @unserialize($url[0]); if ($actions === false) { continue; } // If it's the admin or moderation center, and there is an area set, use that instead. if (isset($actions['action']) && ($actions['action'] == 'admin' || $actions['action'] == 'moderate') && isset($actions['area'])) { $actions['action'] = $actions['area']; } // Check if there was no action or the action is display. if (!isset($actions['action']) || $actions['action'] == 'display') { // It's a topic! Must be! if (isset($actions['topic'])) { // Assume they can't view it, and queue it up for later. $data[$k] = $txt['who_hidden']; $topic_ids[(int) $actions['topic']][$k] = $txt['who_topic']; } elseif (isset($actions['board'])) { // Hide first, show later. $data[$k] = $txt['who_hidden']; $board_ids[$actions['board']][$k] = $txt['who_board']; } else { $data[$k] = replaceBasicActionUrl($txt['who_index']); } } elseif ($actions['action'] == '') { $data[$k] = replaceBasicActionUrl($txt['who_index']); } else { // Viewing/editing a profile. if ($actions['action'] == 'profile') { // Whose? Their own? if (empty($actions['u'])) { require_once SUBSDIR . '/Profile.subs.php'; $memID = currentMemberID(); if ($memID == $user_info['id']) { $actions['u'] = $url[1]; } else { $actions['u'] = $memID; } } $data[$k] = $txt['who_hidden']; $profile_ids[(int) $actions['u']][$k] = $actions['action'] == 'profile' ? $txt['who_viewprofile'] : $txt['who_profile']; } elseif (($actions['action'] == 'post' || $actions['action'] == 'post2' || $actions['action'] == 'topicbyemail') && empty($actions['topic']) && isset($actions['board'])) { $data[$k] = $txt['who_hidden']; if ($actions['action'] == 'topicbyemail') { $board_ids[(int) $actions['board']][$k] = $txt['who_topicbyemail']; } else { $board_ids[(int) $actions['board']][$k] = isset($actions['poll']) ? $txt['who_poll'] : $txt['who_post']; } } elseif (isset($actions['sa']) && isset($txt['whoall_' . $actions['action'] . '_' . $actions['sa']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']]) ? $txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']] : $txt['whoall_' . $actions['action'] . '_' . $actions['sa']]; } elseif (isset($txt['whoall_' . $actions['action']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action']]) ? $txt[$preferred_prefix . $actions['action']] : replaceBasicActionUrl($txt['whoall_' . $actions['action']]); } elseif (isset($txt['whotopic_' . $actions['action']])) { // Find out what topic they are accessing. $topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0)); $data[$k] = $txt['who_hidden']; $topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action']]; } elseif (isset($actions['sa']) && isset($txt['whotopic_' . $actions['action'] . '_' . $actions['sa']])) { // Find out what topic they are accessing. $topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0)); $data[$k] = $txt['who_hidden']; $topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action'] . '_' . $actions['sa']]; } elseif (isset($txt['whopost_' . $actions['action']])) { // Find out what message they are accessing. $msgid = (int) (isset($actions['msg']) ? $actions['msg'] : (isset($actions['quote']) ? $actions['quote'] : 0)); $result = $db->query('', ' SELECT m.id_topic, m.subject FROM {db_prefix}messages AS m INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board) INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ') WHERE m.id_msg = {int:id_msg} AND {query_see_board}' . ($modSettings['postmod_active'] ? ' AND m.approved = {int:is_approved}' : '') . ' LIMIT 1', array('is_approved' => 1, 'id_msg' => $msgid)); list($id_topic, $subject) = $db->fetch_row($result); $data[$k] = sprintf($txt['whopost_' . $actions['action']], $scripturl . '?topic=' . $id_topic . '.0', $subject); $db->free_result($result); if (empty($id_topic)) { $data[$k] = $txt['who_hidden']; } } elseif (allowedTo('moderate_forum') && isset($txt['whoadmin_' . $actions['action']])) { $data[$k] = $txt['whoadmin_' . $actions['action']]; } elseif (isset($allowedActions[$actions['action']])) { if (allowedTo($allowedActions[$actions['action']])) { if (isset($actions['sa']) && isset($txt['whoallow_' . $actions['action'] . '_' . $actions['sa']])) { $data[$k] = replaceBasicActionUrl($txt['whoallow_' . $actions['action'] . '_' . $actions['sa']]); } else { $data[$k] = replaceBasicActionUrl($txt['whoallow_' . $actions['action']]); } } elseif (in_array('moderate_forum', $allowedActions[$actions['action']])) { $data[$k] = $txt['who_moderate']; } elseif (in_array('admin_forum', $allowedActions[$actions['action']])) { $data[$k] = $txt['who_admin']; } else { $data[$k] = $txt['who_hidden']; } } elseif (!empty($actions['action'])) { $data[$k] = sprintf($txt['who_generic'], $actions['action']); } else { $data[$k] = $txt['who_unknown']; } } // Maybe the action is integrated into another system? if (count($integrate_actions = call_integration_hook('integrate_whos_online', array($actions))) > 0) { // Try each integraion hook with this url and see if they can fill in the details foreach ($integrate_actions as $integrate_action) { if (!empty($integrate_action)) { // Found it, all done then $data[$k] = $integrate_action; break; } } } } // Load topic names. if (!empty($topic_ids)) { require_once SUBSDIR . '/Topic.subs.php'; $topics_data = topicsList(array_keys($topic_ids)); foreach ($topics_data as $topic) { // Show the topic's subject for each of the members looking at this... foreach ($topic_ids[$topic['id_topic']] as $k => $session_text) { $data[$k] = sprintf($session_text, $scripturl . '?topic=' . $topic['id_topic'] . '.0', $topic['subject']); } } } // Load board names. if (!empty($board_ids)) { require_once SUBSDIR . '/Boards.subs.php'; $boards_list = getBoardList(array('included_boards' => array_keys($board_ids)), true); foreach ($boards_list as $board) { // Put the board name into the string for each member... foreach ($board_ids[$board['id_board']] as $k => $session_text) { $data[$k] = sprintf($session_text, $scripturl . '?board=' . $board['id_board'] . '.0', $board['board_name']); } } } // Load member names for the profile. if (!empty($profile_ids) && (allowedTo('profile_view_any') || allowedTo('profile_view_own'))) { require_once SUBSDIR . '/Members.subs.php'; $result = getBasicMemberData(array_keys($profile_ids)); foreach ($result as $row) { // If they aren't allowed to view this person's profile, skip it. if (!allowedTo('profile_view_any') && $user_info['id'] != $row['id_member']) { continue; } // Set their action on each - session/text to sprintf. foreach ($profile_ids[$row['id_member']] as $k => $session_text) { $data[$k] = sprintf($session_text, $scripturl . '?action=profile;u=' . $row['id_member'], $row['real_name']); } } } if (!is_array($urls)) { return isset($data[0]) ? $data[0] : false; } else { return $data; } }
/** * Allow the change or view of profiles. * Loads the profile menu. * * @see Action_Controller::action_index() */ public function action_index() { global $txt, $scripturl, $user_info, $context, $user_profile, $cur_profile; global $modSettings, $memberContext, $profile_vars, $post_errors, $user_settings; // Don't reload this as we may have processed error strings. if (empty($post_errors)) { loadLanguage('Profile+Drafts'); } loadTemplate('Profile'); require_once SUBSDIR . '/Menu.subs.php'; require_once SUBSDIR . '/Profile.subs.php'; $memID = currentMemberID(); $context['id_member'] = $memID; $cur_profile = $user_profile[$memID]; // Let's have some information about this member ready, too. loadMemberContext($memID); $context['member'] = $memberContext[$memID]; // Is this the profile of the user himself or herself? $context['user']['is_owner'] = $memID == $user_info['id']; /** * Define all the sections within the profile area! * We start by defining the permission required - then we take this and turn * it into the relevant context ;) * * Possible fields: * For Section: * - string $title: Section title. * - array $areas: Array of areas within this section. * * For Areas: * - string $label: Text string that will be used to show the area in the menu. * - string $file: Optional text string that may contain a file name that's needed for inclusion in order to display the area properly. * - string $custom_url: Optional href for area. * - string $function: Function to execute for this section. * - bool $enabled: Should area be shown? * - string $sc: Session check validation to do on save - note without this save will get unset - if set. * - bool $hidden: Does this not actually appear on the menu? * - bool $password: Whether to require the user's password in order to save the data in the area. * - array $subsections: Array of subsections, in order of appearance. * - array $permission: Array of permissions to determine who can access this area. Should contain arrays $own and $any. */ $profile_areas = array('info' => array('title' => $txt['profileInfo'], 'areas' => array('summary' => array('label' => $txt['summary'], 'file' => 'ProfileInfo.controller.php', 'controller' => 'ProfileInfo_Controller', 'function' => 'action_summary', 'token' => 'profile-aa%u', 'token_type' => 'get', 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'statistics' => array('label' => $txt['statPanel'], 'file' => 'ProfileInfo.controller.php', 'controller' => 'ProfileInfo_Controller', 'function' => 'action_statPanel', 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'showposts' => array('label' => $txt['showPosts'], 'file' => 'ProfileInfo.controller.php', 'controller' => 'ProfileInfo_Controller', 'function' => 'action_showPosts', 'subsections' => array('messages' => array($txt['showMessages'], array('profile_view_own', 'profile_view_any')), 'topics' => array($txt['showTopics'], array('profile_view_own', 'profile_view_any')), 'unwatchedtopics' => array($txt['showUnwatched'], array('profile_view_own', 'profile_view_any'), 'enabled' => $modSettings['enable_unwatch'] && $context['user']['is_owner']), 'attach' => array($txt['showAttachments'], array('profile_view_own', 'profile_view_any'))), 'permission' => array('own' => 'profile_view_own', 'any' => 'profile_view_any')), 'showdrafts' => array('label' => $txt['drafts_show'], 'file' => 'Draft.controller.php', 'controller' => 'Draft_Controller', 'function' => 'action_showProfileDrafts', 'enabled' => !empty($modSettings['drafts_enabled']) && $context['user']['is_owner'], 'permission' => array('own' => 'profile_view_own', 'any' => array())), 'showlikes' => array('label' => $txt['likes_show'], 'file' => 'Likes.controller.php', 'controller' => 'Likes_Controller', 'function' => 'action_showProfileLikes', 'enabled' => !empty($modSettings['likes_enabled']) && $context['user']['is_owner'], 'subsections' => array('given' => array($txt['likes_given'], array('profile_view_own')), 'received' => array($txt['likes_received'], array('profile_view_own'))), 'permission' => array('own' => 'profile_view_own', 'any' => array())), 'permissions' => array('label' => $txt['showPermissions'], 'file' => 'ProfileInfo.controller.php', 'controller' => 'ProfileInfo_Controller', 'function' => 'action_showPermissions', 'permission' => array('own' => 'manage_permissions', 'any' => 'manage_permissions')), 'history' => array('label' => $txt['history'], 'file' => 'ProfileHistory.controller.php', 'controller' => 'ProfileHistory_Controller', 'function' => 'action_index', 'subsections' => array('activity' => array($txt['trackActivity'], 'moderate_forum'), 'ip' => array($txt['trackIP'], 'moderate_forum'), 'edits' => array($txt['trackEdits'], 'moderate_forum'), 'logins' => array($txt['trackLogins'], array('profile_view_own', 'moderate_forum'))), 'permission' => array('own' => 'moderate_forum', 'any' => 'moderate_forum')), 'viewwarning' => array('label' => $txt['profile_view_warnings'], 'enabled' => in_array('w', $context['admin_features']) && !empty($modSettings['warning_enable']) && $cur_profile['warning'] && (!empty($modSettings['warning_show']) && ($context['user']['is_owner'] || $modSettings['warning_show'] == 2)), 'file' => 'ProfileInfo.controller.php', 'controller' => 'ProfileInfo_Controller', 'function' => 'action_viewWarning', 'permission' => array('own' => 'profile_view_own', 'any' => 'issue_warning')))), 'edit_profile' => array('title' => $txt['profileEdit'], 'areas' => array('account' => array('label' => $txt['account'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_account', 'enabled' => $context['user']['is_admin'] || $cur_profile['id_group'] != 1 && !in_array(1, explode(',', $cur_profile['additional_groups'])), 'sc' => 'post', 'token' => 'profile-ac%u', 'password' => true, 'permission' => array('own' => array('profile_identity_any', 'profile_identity_own', 'manage_membergroups'), 'any' => array('profile_identity_any', 'manage_membergroups'))), 'forumprofile' => array('label' => $txt['forumprofile'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_forumProfile', 'sc' => 'post', 'token' => 'profile-fp%u', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own', 'profile_title_own', 'profile_title_any'), 'any' => array('profile_extra_any', 'profile_title_any'))), 'theme' => array('label' => $txt['theme'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_themepick', 'sc' => 'post', 'token' => 'profile-th%u', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'authentication' => array('label' => $txt['authentication'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_authentication', 'enabled' => !empty($modSettings['enableOpenID']) || !empty($cur_profile['openid_uri']), 'sc' => 'post', 'token' => 'profile-au%u', 'hidden' => empty($modSettings['enableOpenID']) && empty($cur_profile['openid_uri']), 'password' => true, 'permission' => array('own' => array('profile_identity_any', 'profile_identity_own'), 'any' => array('profile_identity_any'))), 'notification' => array('label' => $txt['notifications'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_notification', 'sc' => 'post', 'token' => 'profile-nt%u', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'contactprefs' => array('label' => $txt['contactprefs'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_pmprefs', 'enabled' => allowedTo(array('profile_extra_own', 'profile_extra_any')), 'sc' => 'post', 'token' => 'profile-pm%u', 'permission' => array('own' => array('pm_read'), 'any' => array('profile_extra_any'))), 'ignoreboards' => array('label' => $txt['ignoreboards'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_ignoreboards', 'enabled' => !empty($modSettings['allow_ignore_boards']), 'sc' => 'post', 'token' => 'profile-ib%u', 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array('profile_extra_any'))), 'lists' => array('label' => $txt['editBuddyIgnoreLists'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_editBuddyIgnoreLists', 'enabled' => !empty($modSettings['enable_buddylist']) && $context['user']['is_owner'], 'sc' => 'post', 'token' => 'profile-bl%u', 'subsections' => array('buddies' => array($txt['editBuddies']), 'ignore' => array($txt['editIgnoreList'])), 'permission' => array('own' => array('profile_extra_any', 'profile_extra_own'), 'any' => array())), 'groupmembership' => array('label' => $txt['groupmembership'], 'file' => 'ProfileOptions.controller.php', 'controller' => 'ProfileOptions_Controller', 'function' => 'action_groupMembership', 'enabled' => !empty($modSettings['show_group_membership']) && $context['user']['is_owner'], 'sc' => 'request', 'token' => 'profile-gm%u', 'token_type' => 'request', 'permission' => array('own' => array('profile_view_own'), 'any' => array('manage_membergroups'))))), 'profile_action' => array('title' => $txt['profileAction'], 'areas' => array('sendpm' => array('label' => $txt['profileSendIm'], 'custom_url' => $scripturl . '?action=pm;sa=send', 'permission' => array('own' => array(), 'any' => array('pm_send'))), 'issuewarning' => array('label' => $txt['profile_issue_warning'], 'enabled' => in_array('w', $context['admin_features']) && !empty($modSettings['warning_enable']) && (!$context['user']['is_owner'] || $context['user']['is_admin']), 'file' => 'ProfileAccount.controller.php', 'controller' => 'ProfileAccount_Controller', 'function' => 'action_issuewarning', 'token' => 'profile-iw%u', 'permission' => array('own' => array(), 'any' => array('issue_warning'))), 'banuser' => array('label' => $txt['profileBanUser'], 'custom_url' => $scripturl . '?action=admin;area=ban;sa=add', 'enabled' => $cur_profile['id_group'] != 1 && !in_array(1, explode(',', $cur_profile['additional_groups'])), 'permission' => array('own' => array(), 'any' => array('manage_bans'))), 'subscriptions' => array('label' => $txt['subscriptions'], 'file' => 'ProfileSubscriptions.controller.php', 'controller' => 'ProfileSubscriptions_Controller', 'function' => 'action_subscriptions', 'enabled' => !empty($modSettings['paid_enabled']), 'permission' => array('own' => array('profile_view_own'), 'any' => array('moderate_forum'))), 'deleteaccount' => array('label' => $txt['deleteAccount'], 'file' => 'ProfileAccount.controller.php', 'controller' => 'ProfileAccount_Controller', 'function' => 'action_deleteaccount', 'sc' => 'post', 'token' => 'profile-da%u', 'password' => true, 'permission' => array('own' => array('profile_remove_any', 'profile_remove_own'), 'any' => array('profile_remove_any'))), 'activateaccount' => array('file' => 'ProfileAccount.controller.php', 'controller' => 'ProfileAccount_Controller', 'function' => 'action_activateaccount', 'sc' => 'get', 'token' => 'profile-aa%u', 'permission' => array('own' => array(), 'any' => array('moderate_forum')))))); // Is there an updated message to show? if (isset($_GET['updated'])) { $context['profile_updated'] = $txt['profile_updated_own']; } // Set a few options for the menu. $menuOptions = array('disable_url_session_check' => true, 'hook' => 'profile', 'extra_url_parameters' => array('u' => $context['id_member']), 'default_include_dir' => CONTROLLERDIR); // Actually create the menu! $profile_include_data = createMenu($profile_areas, $menuOptions); unset($profile_areas); // If it said no permissions that meant it wasn't valid! if ($profile_include_data && empty($profile_include_data['permission'])) { $profile_include_data['enabled'] = false; } // No menu and guest? A warm welcome to register if (!$profile_include_data && $user_info['is_guest']) { is_not_guest(); } // No menu means no access. if (!$profile_include_data || isset($profile_include_data['enabled']) && $profile_include_data['enabled'] === false) { fatal_lang_error('no_access', false); } // Make a note of the Unique ID for this menu. $context['profile_menu_id'] = $context['max_menu_id']; $context['profile_menu_name'] = 'menu_data_' . $context['profile_menu_id']; // Set the selected item - now it's been validated. $current_area = $profile_include_data['current_area']; $context['menu_item_selected'] = $current_area; // Before we go any further, let's work on the area we've said is valid. // Note this is done here just in case we ever compromise the menu function in error! $this->_completed_save = false; $context['do_preview'] = isset($_REQUEST['preview_signature']); // Are we saving data in a valid area? if (isset($profile_include_data['sc']) && (isset($_REQUEST['save']) || $context['do_preview'])) { checkSession($profile_include_data['sc']); $this->_completed_save = true; } // Does this require session validating? if (!empty($area['validate']) || isset($_REQUEST['save']) && !$context['user']['is_owner']) { validateSession(); } // Do we need to perform a token check? if (!empty($profile_include_data['token'])) { if ($profile_include_data['token'] !== true) { $token_name = str_replace('%u', $context['id_member'], $profile_include_data['token']); } else { $token_name = 'profile-u' . $context['id_member']; } if (isset($profile_include_data['token_type']) && in_array($profile_include_data['token_type'], array('request', 'post', 'get'))) { $token_type = $profile_include_data['token_type']; } else { $token_type = 'post'; } if (isset($_REQUEST['save'])) { validateToken($token_name, $token_type); } } // Permissions for good measure. if (!empty($profile_include_data['permission'])) { isAllowedTo($profile_include_data['permission'][$context['user']['is_owner'] ? 'own' : 'any']); } // Create a token if needed. if (!empty($profile_include_data['token'])) { createToken($token_name, $token_type); $context['token_check'] = $token_name; } // Build the link tree. $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : ''), 'name' => sprintf($txt['profile_of_username'], $context['member']['name'])); if (!empty($profile_include_data['label'])) { $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : '') . ';area=' . $profile_include_data['current_area'], 'name' => $profile_include_data['label']); } if (!empty($profile_include_data['current_subsection']) && $profile_include_data['subsections'][$profile_include_data['current_subsection']][0] != $profile_include_data['label']) { $context['linktree'][] = array('url' => $scripturl . '?action=profile' . ($memID != $user_info['id'] ? ';u=' . $memID : '') . ';area=' . $profile_include_data['current_area'] . ';sa=' . $profile_include_data['current_subsection'], 'name' => $profile_include_data['subsections'][$profile_include_data['current_subsection']][0]); } // Set the template for this area... if you still can :P // and add the profile layer. $context['sub_template'] = $profile_include_data['function']; Template_Layers::getInstance()->add('profile'); loadJavascriptFile('profile.js'); // All the subactions that require a user password in order to validate. $check_password = $context['user']['is_owner'] && !empty($profile_include_data['password']); $context['require_password'] = $check_password && empty($user_settings['openid_uri']); // These will get populated soon! $post_errors = array(); $profile_vars = array(); // Right - are we saving - if so let's save the old data first. if ($this->_completed_save) { // Clean up the POST variables. $_POST = htmltrim__recursive($_POST); $_POST = htmlspecialchars__recursive($_POST); if ($check_password) { // If we're using OpenID try to revalidate. if (!empty($user_settings['openid_uri'])) { require_once SUBSDIR . '/OpenID.subs.php'; $openID = new OpenID(); $openID->revalidate(); } else { // You didn't even enter a password! if (trim($_POST['oldpasswrd']) == '') { $post_errors[] = 'no_password'; } // Since the password got modified due to all the $_POST cleaning, lets undo it so we can get the correct password $_POST['oldpasswrd'] = un_htmlspecialchars($_POST['oldpasswrd']); // Does the integration want to check passwords? $good_password = in_array(true, call_integration_hook('integrate_verify_password', array($cur_profile['member_name'], $_POST['oldpasswrd'], false)), true); // Start up the password checker, we have work to do require_once SUBSDIR . '/Auth.subs.php'; // Bad password!!! if (!$good_password && !validateLoginPassword($_POST['oldpasswrd'], $user_info['passwd'], $user_profile[$memID]['member_name'])) { $post_errors[] = 'bad_password'; } // Warn other elements not to jump the gun and do custom changes! if (in_array('bad_password', $post_errors)) { $context['password_auth_failed'] = true; } } } // Change the IP address in the database. if ($context['user']['is_owner']) { $profile_vars['member_ip'] = $user_info['ip']; } // Now call the sub-action function... if ($current_area == 'activateaccount') { if (empty($post_errors)) { require_once CONTROLLERDIR . '/ProfileAccount.controller.php'; $controller = new ProfileAccount_Controller(); $controller->action_activateaccount(); } } elseif ($current_area == 'deleteaccount') { if (empty($post_errors)) { require_once CONTROLLERDIR . '/ProfileAccount.controller.php'; $controller = new ProfileAccount_Controller(); $controller->action_deleteaccount2(); redirectexit(); } } elseif ($current_area == 'groupmembership' && empty($post_errors)) { require_once CONTROLLERDIR . '/ProfileOptions.controller.php'; $controller = new Profileoptions_Controller(); $msg = $controller->action_groupMembership2(); // Whatever we've done, we have nothing else to do here... redirectexit('action=profile' . ($context['user']['is_owner'] ? '' : ';u=' . $memID) . ';area=groupmembership' . (!empty($msg) ? ';msg=' . $msg : '')); } elseif ($current_area == 'authentication') { require_once CONTROLLERDIR . '/ProfileOptions.controller.php'; $controller = new ProfileOptions_Controller(); $controller->action_authentication(true); } elseif (in_array($current_area, array('account', 'forumprofile', 'theme', 'contactprefs'))) { saveProfileFields(); } else { $force_redirect = true; saveProfileChanges($profile_vars, $memID); } call_integration_hook('integrate_profile_save', array(&$profile_vars, &$post_errors, $memID)); // There was a problem, let them try to re-enter. if (!empty($post_errors)) { // Load the language file so we can give a nice explanation of the errors. loadLanguage('Errors'); $context['post_errors'] = $post_errors; } elseif (!empty($profile_vars)) { // If we've changed the password, notify any integration that may be listening in. if (isset($profile_vars['passwd'])) { call_integration_hook('integrate_reset_pass', array($cur_profile['member_name'], $cur_profile['member_name'], $_POST['passwrd2'])); } updateMemberData($memID, $profile_vars); // What if this is the newest member? if ($modSettings['latestMember'] == $memID) { updateStats('member'); } elseif (isset($profile_vars['real_name'])) { updateSettings(array('memberlist_updated' => time())); } // If the member changed his/her birthdate, update calendar statistics. if (isset($profile_vars['birthdate']) || isset($profile_vars['real_name'])) { updateSettings(array('calendar_updated' => time())); } // Anything worth logging? if (!empty($context['log_changes']) && !empty($modSettings['modlog_enabled'])) { $log_changes = array(); foreach ($context['log_changes'] as $k => $v) { $log_changes[] = array('action' => $k, 'log_type' => 'user', 'extra' => array_merge($v, array('applicator' => $user_info['id'], 'member_affected' => $memID))); } logActions($log_changes); } // Have we got any post save functions to execute? if (!empty($context['profile_execute_on_save'])) { foreach ($context['profile_execute_on_save'] as $saveFunc) { $saveFunc(); } } // Let them know it worked! $context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : sprintf($txt['profile_updated_else'], $cur_profile['member_name']); // Invalidate any cached data. cache_put_data('member_data-profile-' . $memID, null, 0); } } // Have some errors for some reason? if (!empty($post_errors)) { // Set all the errors so the template knows what went wrong. foreach ($post_errors as $error_type) { $context['modify_error'][$error_type] = true; } } elseif (!empty($profile_vars) && $context['user']['is_owner'] && !$context['do_preview']) { redirectexit('action=profile;area=' . $current_area . ';updated'); } elseif (!empty($force_redirect)) { redirectexit('action=profile' . ($context['user']['is_owner'] ? '' : ';u=' . $memID) . ';area=' . $current_area); } // Let go to the right place if (isset($profile_include_data['file'])) { require_once $profile_include_data['file']; } callMenu($profile_include_data); // Set the page title if it's not already set... if (!isset($context['page_title'])) { $context['page_title'] = $txt['profile'] . (isset($txt[$current_area]) ? ' - ' . $txt[$current_area] : ''); } }
/** * Shows all posts that others have liked of theirs */ private function _action_showReceived() { global $context, $txt, $scripturl; $memID = currentMemberID(); // Build the listoption array to display the data $listOptions = array('id' => 'view_likes', 'title' => $txt['likes'], 'items_per_page' => 25, 'no_items_label' => $txt['likes_none_received'], 'base_href' => $scripturl . '?action=profile;area=showlikes;sa=received;u=' . $memID, 'default_sort_col' => 'subject', 'get_items' => array('function' => array($this, 'list_loadLikesReceived'), 'params' => array($memID)), 'get_count' => array('function' => array($this, 'list_getLikesCount'), 'params' => array($memID, false)), 'columns' => array('subject' => array('header' => array('value' => $txt['subject']), 'data' => array('db' => 'subject'), 'sort' => array('default' => 'm.subject DESC', 'reverse' => 'm.subject')), 'name' => array('header' => array('value' => $txt['board']), 'data' => array('db' => 'name'), 'sort' => array('default' => 'b.name', 'reverse' => 'b.name DESC')), 'likes' => array('header' => array('value' => $txt['likes']), 'data' => array('db' => 'likes'), 'sort' => array('default' => 'likes', 'reverse' => 'likes DESC')), 'action' => array('header' => array('value' => $txt['show'], 'class' => 'centertext'), 'data' => array('function' => create_function('$row', ' global $txt, $settings; $result = \'<a href="\' . $row[\'who\'] . \'" title="\' . $txt[\'likes_show_who\'] . \'"><img src="\' . $settings[\'images_url\'] . \'/icons/members.png" alt="" /></a>\'; return $result;'), 'class' => 'centertext', 'style' => 'width: 10%')))); // Menu tabs $context[$context['profile_menu_name']]['tab_data'] = array('title' => $txt['likes_received'], 'class' => 'star'); // Set the context values $context['page_title'] = $txt['likes']; $context['sub_template'] = 'show_list'; $context['default_list'] = 'view_likes'; // Create the list. createList($listOptions); }
/** * View a members warnings. */ public function action_viewWarning() { global $modSettings, $context, $txt, $scripturl; // Firstly, can we actually even be here? if (!allowedTo('issue_warning') && (empty($modSettings['warning_show']) || $modSettings['warning_show'] == 1 && !$context['user']['is_owner'])) { fatal_lang_error('no_access', false); } loadTemplate('ProfileInfo'); // We need this because of template_load_warning_variables loadTemplate('Profile'); // Make sure things which are disabled stay disabled. $modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110; $modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110; $modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110; // Let's use a generic list to get all the current warnings // and use the issue warnings grab-a-granny thing. require_once SUBSDIR . '/GenericList.class.php'; $memID = currentMemberID(); $listOptions = array('id' => 'view_warnings', 'title' => $txt['profile_viewwarning_previous_warnings'], 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $txt['profile_viewwarning_no_warnings'], 'base_href' => $scripturl . '?action=profile;area=viewwarning;sa=user;u=' . $memID, 'default_sort_col' => 'log_time', 'get_items' => array('function' => 'list_getUserWarnings', 'params' => array($memID)), 'get_count' => array('function' => 'list_getUserWarningCount', 'params' => array($memID)), 'columns' => array('log_time' => array('header' => array('value' => $txt['profile_warning_previous_time']), 'data' => array('db' => 'time'), 'sort' => array('default' => 'lc.log_time DESC', 'reverse' => 'lc.log_time')), 'reason' => array('header' => array('value' => $txt['profile_warning_previous_reason'], 'style' => 'width: 50%;'), 'data' => array('db' => 'reason')), 'level' => array('header' => array('value' => $txt['profile_warning_previous_level']), 'data' => array('db' => 'counter'), 'sort' => array('default' => 'lc.counter DESC', 'reverse' => 'lc.counter'))), 'additional_rows' => array(array('position' => 'after_title', 'value' => $txt['profile_viewwarning_desc'], 'class' => 'smalltext', 'style' => 'padding: 2ex;'))); // Create the list for viewing. createList($listOptions); // Create some common text bits for the template. $context['level_effects'] = array(0 => '', $modSettings['warning_watch'] => $txt['profile_warning_effect_own_watched'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_own_moderated'], $modSettings['warning_mute'] => $txt['profile_warning_effect_own_muted']); $context['current_level'] = 0; $context['sub_template'] = 'viewWarning'; foreach ($context['level_effects'] as $limit => $dummy) { if ($context['member']['warning'] >= $limit) { $context['current_level'] = $limit; } } }
/** * Method for doing all the paid subscription stuff - kinda. */ public function action_subscriptions() { global $context, $txt; // Load the paid template anyway. loadTemplate('ManagePaid'); loadLanguage('ManagePaid'); $memID = currentMemberID(); $context['member']['id'] = $memID; // Load all of the subscriptions in the system require_once SUBSDIR . '/PaidSubscriptions.subs.php'; loadSubscriptions(); // Remove any invalid ones, ones not properly set up foreach ($context['subscriptions'] as $id => $sub) { // Work out the costs. $costs = @unserialize($sub['real_cost']); $cost_array = array(); // Flexible cost to time? if ($sub['real_length'] == 'F') { foreach ($costs as $duration => $cost) { if ($cost != 0) { $cost_array[$duration] = $cost; } } } else { $cost_array['fixed'] = $costs['fixed']; } // No cost associated with it, then drop it if (empty($cost_array)) { unset($context['subscriptions'][$id]); } else { $context['subscriptions'][$id]['member'] = 0; $context['subscriptions'][$id]['subscribed'] = false; $context['subscriptions'][$id]['costs'] = $cost_array; } } // Work out what payment gateways are enabled. $gateways = loadPaymentGateways(); foreach ($gateways as $id => $gateway) { $gateways[$id] = new $gateway['display_class'](); if (!$gateways[$id]->gatewayEnabled()) { unset($gateways[$id]); } } // No gateways yet, no way to pay then! if (empty($gateways)) { fatal_error($txt['paid_admin_not_setup_gateway']); } // Get the members current subscriptions. $context['current'] = loadMemberSubscriptions($memID, $context['subscriptions']); // Find the active subscribed ones foreach ($context['current'] as $id => $current) { if ($current['status'] == 1) { $context['subscriptions'][$id]['subscribed'] = true; } } // Simple "done"? if (isset($_GET['done'])) { $this->_orderDone($memID); } elseif (isset($_GET['confirm']) && isset($_POST['sub_id']) && is_array($_POST['sub_id'])) { $this->_confirmOrder($gateways, $memID); } else { $context['sub_template'] = 'user_subscription'; } }
/** * Show all PM drafts of the current user * Uses the showpmdraft template * Allows for the deleting and loading/editing of PM drafts */ public function action_showPMDrafts() { global $txt, $user_info, $scripturl, $modSettings, $context; require_once SUBSDIR . '/Profile.subs.php'; require_once SUBSDIR . '/Drafts.subs.php'; $memID = currentMemberID(); // Quick check how we got here. if ($memID != $user_info['id']) { // empty($modSettings['drafts_enabled']) || empty($modSettings['drafts_pm_enabled'])) fatal_lang_error('no_access', false); } // Set up what we will need $context['start'] = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0; // If just deleting a draft, do it and then redirect back. if (!empty($_REQUEST['delete'])) { checkSession('get'); $id_delete = (int) $_REQUEST['delete']; deleteDrafts($id_delete, $memID); redirectexit('action=pm;sa=showpmdrafts;start=' . $context['start']); } // Perhaps a draft was selected for editing? if so pass this off if (!empty($_REQUEST['id_draft']) && !empty($context['drafts_pm_save'])) { checkSession('get'); $id_draft = (int) $_REQUEST['id_draft']; redirectexit('action=pm;sa=send;id_draft=' . $id_draft); } // Init $maxIndex = (int) $modSettings['defaultMaxMessages']; // Default to 10. if (empty($_REQUEST['viewscount']) || !is_numeric($_REQUEST['viewscount'])) { $_REQUEST['viewscount'] = 10; } // Get the count of applicable drafts $msgCount = draftsCount($memID, 1); // Make sure the starting place makes sense and construct our friend the page index. $context['page_index'] = constructPageIndex($scripturl . '?action=pm;sa=showpmdrafts', $context['start'], $msgCount, $maxIndex); $context['current_page'] = $context['start'] / $maxIndex; // Reverse the query if we're past 50% of the total for better performance. $start = $context['start']; $reverse = $start > $msgCount / 2; if ($reverse) { $maxIndex = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 && $msgCount > $context['start'] ? $msgCount - $context['start'] : (int) $modSettings['defaultMaxMessages']; $start = $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] + 1 || $msgCount < $context['start'] + $modSettings['defaultMaxMessages'] ? 0 : $msgCount - $context['start'] - $modSettings['defaultMaxMessages']; } // Go get em' $order = 'ud.poster_time ' . ($reverse ? 'ASC' : 'DESC'); $limit = $start . ', ' . $maxIndex; $user_drafts = load_user_drafts($memID, 1, false, $order, $limit); // Start counting at the number of the first message displayed. $counter = $reverse ? $context['start'] + $maxIndex + 1 : $context['start']; $context['posts'] = array(); foreach ($user_drafts as $row) { // Censor.... if (empty($row['body'])) { $row['body'] = ''; } $row['subject'] = Util::htmltrim($row['subject']); if (empty($row['subject'])) { $row['subject'] = $txt['no_subject']; } censorText($row['body']); censorText($row['subject']); // BBC-ilize the message. $row['body'] = parse_bbc($row['body'], true, 'draft' . $row['id_draft']); // Have they provided who this will go to? $recipients = array('to' => array(), 'bcc' => array()); $recipient_ids = !empty($row['to_list']) ? unserialize($row['to_list']) : array(); // Get nice names to show the user, the id's are not that great to see! if (!empty($recipient_ids['to']) || !empty($recipient_ids['bcc'])) { $recipient_ids['to'] = array_map('intval', $recipient_ids['to']); $recipient_ids['bcc'] = array_map('intval', $recipient_ids['bcc']); $allRecipients = array_merge($recipient_ids['to'], $recipient_ids['bcc']); $recipients = draftsRecipients($allRecipients, $recipient_ids); } // Add the items to the array for template use $context['drafts'][$counter += $reverse ? -1 : 1] = array('body' => $row['body'], 'counter' => $counter, 'alternate' => $counter % 2, 'subject' => $row['subject'], 'time' => standardTime($row['poster_time']), 'html_time' => htmlTime($row['poster_time']), 'timestamp' => forum_time(true, $row['poster_time']), 'id_draft' => $row['id_draft'], 'recipients' => $recipients, 'age' => floor((time() - $row['poster_time']) / 86400), 'remaining' => !empty($modSettings['drafts_keep_days']) ? floor($modSettings['drafts_keep_days'] - (time() - $row['poster_time']) / 86400) : 0); } // If the drafts were retrieved in reverse order, then put them in the right order again. if ($reverse) { $context['drafts'] = array_reverse($context['drafts'], true); } // Off to the template we go $context['page_title'] = $txt['drafts']; $context['sub_template'] = 'showPMDrafts'; $context['linktree'][] = array('url' => $scripturl . '?action=pm;sa=showpmdrafts', 'name' => $txt['drafts']); }
public function action_profile() { global $context, $user_info; require_once SUBSDIR . '/Extauth.subs.php'; $memID = currentMemberID(); // Load the template file loadTemplate('Extauth'); // Get a list of enabled providers $context['enabled_providers'] = array(); $config = (require_once EXTDIR . '/hybridauth/config.php'); $context['connected_providers'] = connectedProviders($memID); foreach ($config['providers'] as $name => $provider) { if ($provider['enabled']) { $context['enabled_providers'][] = $name; } } }
/** * This function actually makes all the group changes * * @return string */ public function action_groupMembership2() { global $context, $user_profile, $modSettings, $scripturl, $language; $db = database(); $memID = currentMemberID(); // Let's be extra cautious... if (!$context['user']['is_owner'] || empty($modSettings['show_group_membership'])) { isAllowedTo('manage_membergroups'); } if (!isset($_REQUEST['gid']) && !isset($_POST['primary'])) { fatal_lang_error('no_access', false); } checkSession(isset($_GET['gid']) ? 'get' : 'post'); require_once SUBSDIR . '/Membergroups.subs.php'; $old_profile =& $user_profile[$memID]; $context['can_manage_membergroups'] = allowedTo('manage_membergroups'); $context['can_manage_protected'] = allowedTo('admin_forum'); // By default the new primary is the old one. $newPrimary = $old_profile['id_group']; $addGroups = array_flip(explode(',', $old_profile['additional_groups'])); $canChangePrimary = $old_profile['id_group'] == 0 ? 1 : 0; $changeType = isset($_POST['primary']) ? 'primary' : (isset($_POST['req']) ? 'request' : 'free'); // One way or another, we have a target group in mind... $group_id = isset($_REQUEST['gid']) ? (int) $_REQUEST['gid'] : (int) $_POST['primary']; $foundTarget = $changeType == 'primary' && $group_id == 0 ? true : false; // Sanity check!! if ($group_id == 1) { isAllowedTo('admin_forum'); } // What ever we are doing, we need to determine if changing primary is possible! $groups_details = membergroupsById(array($group_id, $old_profile['id_group']), 0, true); // Protected groups require proper permissions! if ($group_id != 1 && $groups_details[$group_id]['group_type'] == 1) { isAllowedTo('admin_forum'); } foreach ($groups_details as $key => $row) { // Is this the new group? if ($row['id_group'] == $group_id) { $foundTarget = true; $group_name = $row['group_name']; // Does the group type match what we're doing - are we trying to request a non-requestable group? if ($changeType == 'request' && $row['group_type'] != 2) { fatal_lang_error('no_access', false); } elseif ($changeType == 'free' && $row['group_type'] == 2 && $old_profile['id_group'] != $row['id_group'] && !isset($addGroups[$row['id_group']])) { fatal_lang_error('no_access', false); } elseif ($changeType == 'free' && $row['group_type'] != 3 && $row['group_type'] != 2) { fatal_lang_error('no_access', false); } // We can't change the primary group if this is hidden! if ($row['hidden'] == 2) { $canChangePrimary = false; } } // If this is their old primary, can we change it? if ($row['id_group'] == $old_profile['id_group'] && ($row['group_type'] > 1 || $context['can_manage_membergroups']) && $canChangePrimary !== false) { $canChangePrimary = 1; } // If we are not doing a force primary move, don't do it automatically if current primary is not 0. if ($changeType != 'primary' && $old_profile['id_group'] != 0) { $canChangePrimary = false; } // If this is the one we are acting on, can we even act? if (!$context['can_manage_protected'] && $row['group_type'] == 1 || !$context['can_manage_membergroups'] && $row['group_type'] == 0) { $canChangePrimary = false; } } // Didn't find the target? if (!$foundTarget) { fatal_lang_error('no_access', false); } // Final security check, don't allow users to promote themselves to admin. if ($context['can_manage_membergroups'] && !allowedTo('admin_forum')) { $request = $db->query('', ' SELECT COUNT(permission) FROM {db_prefix}permissions WHERE id_group = {int:selected_group} AND permission = {string:admin_forum} AND add_deny = {int:not_denied}', array('selected_group' => $group_id, 'not_denied' => 1, 'admin_forum' => 'admin_forum')); list($disallow) = $db->fetch_row($request); $db->free_result($request); if ($disallow) { isAllowedTo('admin_forum'); } } // If we're requesting, add the note then return. if ($changeType == 'request') { $request = $db->query('', ' SELECT id_member FROM {db_prefix}log_group_requests WHERE id_member = {int:selected_member} AND id_group = {int:selected_group}', array('selected_member' => $memID, 'selected_group' => $group_id)); if ($db->num_rows($request) != 0) { fatal_lang_error('profile_error_already_requested_group'); } $db->free_result($request); // Log the request. $db->insert('', '{db_prefix}log_group_requests', array('id_member' => 'int', 'id_group' => 'int', 'time_applied' => 'int', 'reason' => 'string-65534'), array($memID, $group_id, time(), $_POST['reason']), array('id_request')); // Send an email to all group moderators etc. require_once SUBSDIR . '/Mail.subs.php'; // Do we have any group moderators? $request = $db->query('', ' SELECT id_member FROM {db_prefix}group_moderators WHERE id_group = {int:selected_group}', array('selected_group' => $group_id)); $moderators = array(); while ($row = $db->fetch_assoc($request)) { $moderators[] = $row['id_member']; } $db->free_result($request); // Otherwise this is the backup! if (empty($moderators)) { require_once SUBSDIR . '/Members.subs.php'; $moderators = membersAllowedTo('manage_membergroups'); } if (!empty($moderators)) { require_once SUBSDIR . '/Members.subs.php'; $members = getBasicMemberData($moderators, array('preferences' => true, 'sort' => 'lngfile')); foreach ($members as $member) { if ($member['notify_types'] != 4) { continue; } // Check whether they are interested. if (!empty($member['mod_prefs'])) { list(, , $pref_binary) = explode('|', $member['mod_prefs']); if (!($pref_binary & 4)) { continue; } } $replacements = array('RECPNAME' => $member['member_name'], 'APPYNAME' => $old_profile['member_name'], 'GROUPNAME' => $group_name, 'REASON' => $_POST['reason'], 'MODLINK' => $scripturl . '?action=moderate;area=groups;sa=requests'); $emaildata = loadEmailTemplate('request_membership', $replacements, empty($member['lngfile']) || empty($modSettings['userLanguage']) ? $language : $member['lngfile']); sendmail($member['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 2); } } return $changeType; } elseif ($changeType == 'free') { // Are we leaving? if ($old_profile['id_group'] == $group_id || isset($addGroups[$group_id])) { if ($old_profile['id_group'] == $group_id) { $newPrimary = 0; } else { unset($addGroups[$group_id]); } } else { // Can we change the primary, and do we want to? if ($canChangePrimary) { if ($old_profile['id_group'] != 0) { $addGroups[$old_profile['id_group']] = -1; } $newPrimary = $group_id; } else { $addGroups[$group_id] = -1; } } } elseif ($canChangePrimary) { if ($old_profile['id_group'] != 0) { $addGroups[$old_profile['id_group']] = -1; } if (isset($addGroups[$group_id])) { unset($addGroups[$group_id]); } $newPrimary = $group_id; } // Finally, we can make the changes! foreach ($addGroups as $id => $dummy) { if (empty($id)) { unset($addGroups[$id]); } } $addGroups = implode(',', array_flip($addGroups)); // Ensure that we don't cache permissions if the group is changing. if ($context['user']['is_owner']) { $_SESSION['mc']['time'] = 0; } else { updateSettings(array('settings_updated' => time())); } updateMemberData($memID, array('id_group' => $newPrimary, 'additional_groups' => $addGroups)); return $changeType; }