// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// //
// You should have received a copy of the Phorum License //
// along with this program. //
// //
////////////////////////////////////////////////////////////////////////////////
if (!defined("PHORUM")) {
return;
}
require_once PHORUM_PATH . '/include/api/ban.php';
// Create a list of the bans that we want to check.
$bans = array();
// Add checks for registered users.
if ($PHORUM["DATA"]["LOGGEDIN"]) {
$bans[] = array($PHORUM["user"]["username"], PHORUM_BAD_NAMES);
$bans[] = array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS);
$bans[] = array($PHORUM["user"]["user_id"], PHORUM_BAD_USERID);
} else {
$bans[] = array($message["author"], PHORUM_BAD_NAMES);
$bans[] = array($message["email"], PHORUM_BAD_EMAILS);
}
// Add check for IP-address bans.
$bans[] = array(NULL, PHORUM_BAD_IPS);
// Add check for Illegal Content (SPAM) bans.
$bans[] = array($message["subject"], PHORUM_BAD_SPAM_WORDS);
$bans[] = array($message["body"], PHORUM_BAD_SPAM_WORDS);
// Run the checks.
$msg = phorum_api_ban_check_multi($bans);
if (!is_null($msg)) {
$PHORUM["DATA"]["ERROR"] = $msg;
}
if (isset($_POST["recipients"]) && is_array($_POST["recipients"])) {
foreach ($_POST["recipients"] as $id => $dummy) {
$user = phorum_api_user_get($id);
if ($user && $user["active"] == 1) {
$recipients[$id] = $user;
}
}
}
// init error var
$error_msg = "";
// ------------------------------------------------------------------------
// Banlist checking
// ------------------------------------------------------------------------
// Start editor Post message Post reply
if ($page == 'send' || $action == 'post' || $action == 'list' && isset($pm_id)) {
$error = phorum_api_ban_check_multi(array(array($PHORUM["user"]["username"], PHORUM_BAD_NAMES), array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS), array($user_id, PHORUM_BAD_USERID), array(NULL, PHORUM_BAD_IPS)));
// Show an error in case we encountered a ban.
if (!empty($error)) {
$PHORUM["DATA"]["ERROR"] = $error;
phorum_api_output("message");
return;
}
}
// ------------------------------------------------------------------------
// Perform actions
// ------------------------------------------------------------------------
// Initialize error and ok message.
$error = '';
$okmsg = '';
// init folder list
$pm_folders = $PHORUM['DB']->pm_getfolders(NULL, true);
}
// Check if all required fields are filled and valid.
if ($todo_checks['username_empty'] && (!isset($_POST["username"]) || empty($_POST['username']))) {
$error = $PHORUM["DATA"]["LANG"]["ErrUsername"];
} elseif ($todo_checks['email_valid'] && !isset($_POST["email"]) || !phorum_api_mail_check_address($_POST["email"])) {
$error = $PHORUM["DATA"]["LANG"]["ErrEmail"];
} elseif ($todo_checks['password'] && (empty($_POST["password"]) || $_POST["password"] != $_POST["password2"])) {
$error = $PHORUM["DATA"]["LANG"]["ErrPassword"];
} elseif ($todo_checks['username_unique'] && phorum_api_user_search("username", $_POST["username"])) {
$error = $PHORUM["DATA"]["LANG"]["ErrRegisterdName"];
} elseif ($todo_checks['email_unique'] && phorum_api_user_search("email", $_POST["email"])) {
$error = $PHORUM["DATA"]["LANG"]["ErrRegisterdEmail"];
}
// Check banlists.
if ($todo_checks['banlists'] && empty($error)) {
$error = phorum_api_ban_check_multi(array(array($_POST["username"], PHORUM_BAD_NAMES), array($_POST["email"], PHORUM_BAD_EMAILS), array(NULL, PHORUM_BAD_IPS)));
}
// Create user if no errors have been encountered.
if (empty($error)) {
// Setup the default userdata to store.
$userdata = array('username' => NULL, 'password' => NULL, 'email' => NULL, 'real_name' => NULL);
// Add custom profile fields as acceptable fields.
foreach ($PHORUM["CUSTOM_FIELDS"][PHORUM_CUSTOM_FIELD_USER] as $id => $field) {
if ($id === 'num_fields' || !empty($field['deleted'])) {
continue;
}
$userdata[$field["name"]] = NULL;
}
// Update userdata with $_POST information.
foreach ($_POST as $key => $val) {
if (array_key_exists($key, $userdata)) {
