public function update_bing_bot()
{
$bot_name = 'Bing [Bot]';
$bot_name_clean = utf8_clean_string($bot_name);
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $this->db->sql_escape($bot_name_clean) . "'";
$result = $this->db->sql_query($sql);
$bing_already_added = (bool) $this->db->sql_fetchfield('user_id');
$this->db->sql_freeresult($result);
if (!$bing_already_added) {
$bot_agent = 'bingbot/';
$bot_ip = '';
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'BOTS'";
$result = $this->db->sql_query($sql);
$group_row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
if (!$group_row) {
// default fallback, should never get here
$group_row['group_id'] = 6;
$group_row['group_colour'] = '9E8DA7';
}
if (!function_exists('user_add')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
$user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_row['group_id'], 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_row['group_colour'], 'user_email' => '', 'user_lang' => $this->config['default_lang'], 'user_style' => $this->config['default_style'], 'user_timezone' => 0, 'user_dateformat' => $this->config['default_dateformat'], 'user_allow_massemail' => 0);
$user_id = user_add($user_row);
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $this->db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_agent, 'bot_ip' => (string) $bot_ip));
$this->sql_query($sql);
}
}
public function main($id, $mode)
{
global $data, $config, $error, $submit;
$timezone = $config['board_timezone'];
$data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'password' => request_var('password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => request_var('email', ''), 'email_confirm' => request_var('email_confirm', ''), 'tz' => request_var('tz', (double) $timezone));
if ($submit) {
$error = validate_data($data, array('username' => array(array('string', false, $config['min_username_chars'], $config['max_username_chars']), array('username', '')), 'password' => array(array('string', false, $config['min_password_chars'], $config['max_password_chars'])), 'password_confirm' => array('string', false, $config['min_password_chars'], $config['max_password_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', -14, 14)));
if (!sizeof($error)) {
if ($data['password'] != $data['password_confirm']) {
$error[] = 'PASSWORD_MATCH_ERROR';
}
if ($data['email'] != $data['email_confirm']) {
$error[] = 'EMAIL_MATCH_ERROR';
}
}
if (!sizeof($error)) {
if ($config['activation_required'] == USER_ACTIVATION_SELF || $config['activation_required'] == USER_ACTIVATION_ADMIN) {
$data['group_id'] = INACTIVE_USERS;
} else {
$data['group_id'] = REGISTERED_USERS;
}
if (user_add($data) !== false) {
/**
* @todo registration ok
*/
} else {
/**
* @todo registration failed
*/
}
}
}
}
private function phpBBRegister($userObj)
{
$save_sytem_config = $GLOBALS['config'];
global $phpbb_root_path;
global $phpEx;
$messages = array();
$phpbb_root_path = $this->_phpbb_src;
$phpEx = 'php';
ob_start();
if (is_readable($this->_phpbb_src . 'config.php') and is_executable($this->_phpbb_src . 'config.php') and is_readable($this->_phpbb_src . 'common.php') and is_executable($this->_phpbb_src . 'common.php') and is_readable($this->_phpbb_src . 'includes/functions_user.php') and is_executable($this->_phpbb_src . 'includes/functions_user.php')) {
require_once $this->_phpbb_src . 'config.php';
require_once $this->_phpbb_src . 'common.php';
require_once $this->_phpbb_src . 'includes/functions_user.php';
} else {
$messages[] = $this->lang('noaccessphpbbfiles.session.error');
$messages[] = $this->_phpbb_src . 'config.php<br/>' . $this->_phpbb_src . 'common.php<br/>' . $this->_phpbb_src . 'includes/functions_user.php<br/>';
return $messages;
}
if (!validate_username($userObj->u_login)) {
$user_row = array('username' => $userObj->u_login, 'user_password' => phpbb_hash($userObj->u_pass), 'user_email' => $userObj->u_email, 'group_id' => 7, 'user_timezone' => 0.0, 'user_dst' => 0, 'user_lang' => 'ru', 'user_type' => 0, 'user_actkey' => '', 'user_dateformat' => '|d M Y|, H:i', 'user_style' => 1, 'user_regdate' => time());
$lid = user_add($user_row);
if (!$lid) {
$messages[] = $this->lang('cannotadduser.session.error');
}
} else {
$messages[] = $this->lang('loginallreadyexists.session.error');
}
ob_end_clean();
$GLOBALS['config'] = $save_sytem_config;
if (count($messages)) {
return $messages;
} else {
return false;
}
}
/**
* Reset all bots
*/
function bots($error)
{
global $config, $db;
if (isset($_POST['yes'])) {
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$group_colour = $db->sql_fetchfield('group_colour', 0, $result);
$db->sql_freeresult($result);
if (!$group_id) {
// If we reach this point then something has gone very wrong
$error[] = 'NO_BOT_GROUP';
return $error;
} else {
if (!function_exists('user_add')) {
include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
}
// Remove existing bots
$uids = array();
$sql = 'SELECT user_id FROM ' . BOTS_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$uids[] = $row['user_id'];
}
$db->sql_freeresult($result);
if (!empty($uids)) {
// Remove all the bots
foreach ($uids as $uid) {
user_delete('remove', $uid);
}
// Clear out the bots table
$db->sql_query('DELETE FROM ' . BOTS_TABLE);
}
// Add the bots
foreach ($this->db_cleaner->data->bots as $bot_name => $bot_ary) {
/* Clean the users table of any bots matching this...
* this is an issue if a default bot was removed from the bots group. */
$username_clean = utf8_clean_string($bot_name);
if (empty($username_clean)) {
// This shouldn't happen but we should handle it anyway...
continue;
}
$sql = 'DELETE FROM ' . USERS_TABLE . ' WHERE username_clean = \'' . $db->sql_escape($username_clean) . '\'';
$db->sql_query($sql);
// `$bot_ary` can be false, if a bot was removed in a certain phpBB version
if ($bot_ary === false) {
continue;
}
$user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_colour, 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 0, 'user_dateformat' => $config['default_dateformat'], 'user_allow_massemail' => 0);
$user_id = user_add($user_row);
if ($user_id) {
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_ary[0], 'bot_ip' => (string) $bot_ary[1]));
$result = $db->sql_query($sql);
}
}
}
}
}
function addphpBBuser($login, $pwd, $mail, $lang)
{
$cryptpass = phpbb_hash($pwd);
$sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`forum_users` WHERE `username` = '" . $login . "'";
$dataset_exists = getDataFromSQL($sql, __FILE__, "function", __FUNCTION__);
if ($dataset_exists['Count'] == 0) {
$new_user_array = array('username' => stripslashes($login), 'user_password' => $cryptpass, 'user_email' => $mail, 'group_id' => 7, 'user_type' => 0, 'user_lang' => strtolower($lang));
$phpBBid = user_add($new_user_array);
}
}
/**
* Run Tool
*
* Does the actual stuff we want the tool to do after submission
*/
function run_tool(&$error)
{
global $config, $user;
$user->add_lang(array('acp/groups', 'ucp'));
if (!check_form_key('add_user')) {
$error[] = 'FORM_INVALID';
return;
}
// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
$timezone = date('Z') / 3600;
$is_dst = date('I');
if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) {
$timezone = $is_dst ? $timezone - 1 : $timezone;
if (!isset($user->lang['tz_zones'][(string) $timezone])) {
$timezone = $config['board_timezone'];
}
} else {
$is_dst = $config['board_dst'];
$timezone = $config['board_timezone'];
}
// Collect the user data
$data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone));
// Check vars
$this->validate_data($data, $error);
// Something went wrong
if (!empty($error)) {
return false;
}
// Collect the groups data
$groups = array('default' => request_var('defaultgroup', 0), 'groups' => request_var('usergroups', array(0)), 'leaders' => request_var('groupleader', array(0)));
// Register the user
$user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $groups['default'], 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => USER_NORMAL, 'user_actkey' => '', 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => 0, 'user_inactive_time' => 0);
$user_id = user_add($user_row, false);
// Remove the default group from the groups array. Keeping it here causes an error
if (in_array($groups['default'], $groups['groups'])) {
foreach ($groups['groups'] as $group_key => $group_id) {
if ($group_id == $groups['default']) {
unset($groups['groups'][$group_key]);
break;
}
}
}
// This should not happen, because the required variables are listed above...
if ($user_id === false) {
trigger_error('NO_USER', E_USER_ERROR);
}
// Add the user to the selected groups
$this->add_groups($user_id, $groups, $error);
// Last check for errors
if (!empty($error)) {
return false;
}
// And done
trigger_error('USER_ADDED');
}
function process_form()
{
$page = isset($_POST["page"]) ? $_POST["page"] : "";
$processed = true;
switch ($page) {
case FORM_LOGIN:
require 'inc/process/login.php';
sign_in();
break;
case FORM_CUSTOMER_NEW:
require 'inc/process/customer.php';
customer_add();
break;
case FORM_CUSTOMER_EDIT:
require 'inc/process/customer.php';
customer_edit();
break;
case FORM_PURCHASE_NEW:
require 'inc/process/purchase.php';
purchase_add();
break;
case FORM_PURCHASE_EDIT:
require 'inc/process/purchase.php';
purchase_edit();
break;
case "sell_new":
require 'inc/process/sell.php';
sell_add();
break;
case "sell_edit":
require 'inc/process/sell.php';
sell_edit();
break;
case "store_edit":
require 'inc/process/store.php';
store_edit();
break;
case "user_new":
require 'inc/process/user.php';
user_add();
break;
case "user_edit":
require 'inc/process/user.php';
user_edit();
break;
case FORM_LOT_NEW:
require 'inc/process/lot.php';
lot_add();
break;
default:
$processed = false;
}
return $processed;
}
function telek_hook_recvsms_intercept($sms_datetime, $sms_sender, $message, $sms_receiver)
{
//$ret = array();
$ps = explode(" ", $message, 2);
$ikut = strtoupper($ps[0]);
//$pesan = '';
$hooked = false;
if ($ikut == 'DAFTAR') {
$pecah = preg_split("/#/", $ps[1], null, PREG_SPLIT_NO_EMPTY);
$c_uid = user_mobile2uid($sms_sender);
$data = array();
$data['name'] = trim($pecah[0]);
$data['username'] = trim($pecah[1]);
$data['mobile'] = $sms_sender;
$data['email'] = $data['name'] . "@noreply.org";
$data['parent_uid'] = 0;
$data['status'] = 4;
}
if ($nama && $nohp && $pengguna) {
logger_print("*******", 3, "telek");
logger_print("sms_sender " . $sms_sender, 3, "telek");
logger_print("message " . $message, 3, "telek");
logger_print("new message " . $nama, 3, "telek");
logger_print("sms target user" . $sms_receiver, 3, "telek");
logger_print("*******", 3, "telek");
if (($uid = user_mobile2uid($sms_sender)) && $nama) {
_log("save in inbox u:" . $username . " uid:" . $uid . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $nohp . "]", 3, 'telek');
//recvsms_inbox_add($sms_datetime, $sms_sender, $username, $nama, $sms_receiver);
//$hooked = true;
//$status = ($ok ? 'handled' : 'unhandled');
}
}
//// $ret['uid'] = user_mobile2uid($sms_sender);
//// $ret['status'] = TRUE;
// $ret['param']['message'] = $ikut . ' ' . $nama .' '. $nohp . ' ' . $pengguna;
// $ret['modified'] = TRUE;
// $ret['hooked'] = TRUE;
$ret = user_add($data);
$ok = $ret['status'] ? TRUE : FALSE;
if ($ok) {
echo "okee";
$items = array('uid' => 1, 'name' => $data['name'], 'mobile' => $data['mobile'], 'email' => $data['email'], 'tags' => $tags);
if ($c_pid = dba_add(_DB_PREF_ . '_featurePhonebook', $items)) {
$save_to_group = TRUE;
} else {
logger_print('fail to add contact pid:' . $c_pid . ' m:' . $mobile . ' n:' . $name . ' e:' . $email . ' tags:[' . $tags . ']', 3, 'phonebook_add');
}
} else {
echo "gagal";
}
return $ret;
}
function deprecated_check()
{
// In 1.5.0b has exists temporary db.users
if (file_exists(SERVDIR . '/cdata/db.users.php')) {
$users = file(SERVDIR . '/cdata/db.users.php');
unset($users[0]);
foreach ($users as $v) {
list(, $b) = explode('|', $v, 2);
$b = unserialize($b);
if (user_search($b[UDB_NAME]) == false) {
user_add($b);
}
}
}
}
function add_contact()
{
/*Проверка прав на выполнение действия*/
if (!check_rights('add_contact')) {
//Возвращаем значение функции
return "У вас нет соответствующих прав";
}
//IF
if (!isset($_POST['name'])) {
//Возвращаем значение функции
return show_form_add_contact();
//ELSE
} else {
//Проверка 'name'
if (preg_match(REGEXP_USERNAME, $_POST['name'])) {
if (db_easy_count("SELECT `user_id` FROM `phpbb_users` WHERE `username`='" . $_POST['name'] . "'") > 0) {
$errors[] = ERROR_USERNAME_EXISTS;
} else {
$name = $_POST['name'];
}
} else {
$errors[] = ERROR_USERNAME_REQUIREMENT;
}
//IF
if (count($errors) == 0) {
//Определяем переменную
/*$user_data=array( 'username'=>$name.,
'group_id'=>'1774',
'user_lang'=>'ru',
'user_type'=>0,
'user_regdate'=>time()
);*/
$user_data = array('username' => $name, 'user_password' => phpbb_hash('вава'), 'user_email' => '', 'group_id' => '1774', 'user_lang' => 'ru', 'user_type' => 0, 'user_regdate' => time(), 'point_id' => 1);
/*Добавляем пользователя, использую функцию PHPBB*/
$user_id = user_add($user_data);
//Отправляем HTTP запрос
header("location: /manager.php?action=edit_contact&contact={$user_id}");
//ELSE
} else {
//Возвращаем значение функции
return show_form_add_contact($_POST, $errors);
}
}
}
function reg_save()
{
global $smarty;
$email = @$_POST['email'];
$pass = @$_POST['loginpass'];
$pass2 = @$_POST['loginpass2'];
if ($pass == '' || $email == '') {
reg_main(_('Please enter email and password'));
return false;
}
if (strpos($email, '@') == false || strpos($email, '.') == false) {
reg_main(_('Invalid email address'));
return false;
}
if ($pass != $pass2) {
reg_main(_('Password does not match'));
return false;
}
if (recaptcha_verify() !== true) {
reg_main(_('The CAPTCHA you enter is not correct'));
return false;
}
if (INVITECODE_ENABLED == 1 && reg_checkinvite(@$_POST['invitecode']) == false) {
reg_main(_('The invite code is invalid or have been used'));
return false;
}
$ret = user_add($email, $pass);
if ($ret !== true) {
reg_main("<p>{$ret}</p>" . _('<p>Register fail, please contact us for help if you need.</p>'));
return false;
}
$user = user_get($email);
if (INVITECODE_ENABLED == 1) {
invite_use($_POST['invitecode'], $user['id']);
}
user_online($email);
$smarty->assign('tip_title', _('Register successed'));
$smarty->assign('tip_msg', _('You have registerd successfully'));
$smarty->assign('redirect_url', 'account.php');
$smarty->display('tip.html');
}
function insertUserRow($username, $email = "")
{
global $db, $openid;
$group_id = 2;
$sql = "SELECT *\n FROM " . GROUPS_TABLE . "\n WHERE group_name = 'REGISTERED' ";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}
if ($row = $db->sql_fetchrow($result)) {
$group_id = $row['group_id'];
}
// add user
$user_row = array('username' => $username, 'user_password' => '', 'user_email' => empty($email) ? '*****@*****.**' : $email, 'group_id' => $group_id, 'user_timezone' => '0', 'user_dst' => '0', 'user_lang' => 'en', 'user_type' => '0', 'user_actkey' => '', 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_inactive_reason' => '0', 'user_website' => $openid, 'user_inactive_time' => '0');
$user_id = user_add($user_row);
$sql = "UPDATE " . USERS_TABLE . " SET user_openid ='" . $openid . "'\n WHERE user_id = {$user_id}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
} else {
return $user_id;
}
}
/**
* Add the search bots into the database
* This code should be used in execute_last if the source database did not have bots
* If you are converting bots this function should not be called
* @todo We might want to look at sharing the bot list between the install code and this code for consistency
*/
function add_bots($bots)
{
global $db, $config;
$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$db->sql_freeresult($result);
$db->sql_query('TRUNCATE TABLE ' . BOTS_TABLE);
if (!$group_id) {
add_default_groups();
$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$db->sql_freeresult($result);
}
foreach ($bots as $bot_name => $bot_ary) {
$user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => '9E8DA7', 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 'UTC', 'user_allow_massemail' => 0);
$user_id = user_add($user_row);
if ($user_id) {
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => $bot_name, 'user_id' => $user_id, 'bot_agent' => $bot_ary[0], 'bot_ip' => $bot_ary[1]));
$db->sql_query($sql);
}
}
}
if (!$email) {
$error[] = $_CLASS['core_user']->get_lang('EMAIL_ERROR');
} elseif (!check_email($email)) {
$error[] = $_CLASS['core_user']->get_lang('EMAIL_INVALID');
}
if (!$tz || !in_array($tz, tz_array())) {
$tz = null;
}
if (empty($error)) {
$password = encode_password($password, $_CORE_CONFIG['user']['password_encoding']);
if (!$password) {
//do some admin contact thing here
die('Try again later');
}
$data = array('username' => (string) $username, 'user_email' => (string) $email, 'user_group' => (int) $coppa ? 3 : 2, 'user_reg_date' => (int) $_CLASS['core_user']->time, 'user_timezone' => $tz, 'user_password' => (string) $password, 'user_password_encoding' => (string) $_CORE_CONFIG['user']['password_encoding'], 'user_lang' => $lang == $_CORE_CONFIG['global']['default_lang'] ? null : $lang, 'user_type' => USER_NORMAL, 'user_status' => STATUS_ACTIVE, 'user_act_key' => null, 'user_ip' => '');
user_add($data);
set_core_config('user', 'newest_user_id', $data['user_id'], false);
set_core_config('user', 'newest_username', $data['username'], false);
set_core_config('user', 'total_users', $_CORE_CONFIG['user']['total_users'] + 1);
trigger_error('USER_ADDED');
}
}
$_CLASS['core_template']->assign_array(array('COPPA' => isset($coppa) ? $coppa : false, 'EMAIL' => isset($email) ? $email : '', 'ERROR' => empty($error) ? false : implode('<br />', $error), 'PASSWORD' => isset($password) ? $password : '', 'USERNAME' => isset($username) ? $username : '', 'SELECT_TZ' => select_tz(isset($tz) ? $tz : $_CORE_CONFIG['global']['default_timezone']), 'S_ACTION' => generate_link('users&mode=add_user', array('admin' => true))));
$_CLASS['core_display']->display(false, 'admin/users/add.html');
break;
case 'bots':
if ($id && isset($_REQUEST['option'])) {
require_once $site_file_root . 'includes/functions_user.php';
$sql = 'SELECT user_id, user_type, user_status
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $id;
/**
* {@inheritdoc}
*/
public function login($username, $password)
{
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
$sqlByUsername = '******' . USERS_TABLE . ' WHERE username = \'%s\'';
$sqlByID = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, user_login_attempts FROM ' . USERS_TABLE . ' WHERE user_id = %d';
$password = trim($password);
// Do not allow empty passwords.
if (!$password) {
return ['status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => ['user_id' => ANONYMOUS]];
}
// Do not allow empty usernames.
if (!$username) {
return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]];
}
// Do not allow the default admin to log in.
if ($username == 'admin') {
return ['status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_ADMIN_USERNAME', 'user_row' => ['user_id' => ANONYMOUS]];
}
// Find a phpbb user incase someone is trying to login with their
// character name. Use the user's email address instead to login.
// This is needed in order to use the administration panel.
$sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($username)));
$phpbb_user = $this->db->sql_fetchrow($sth);
$this->db->sql_freeresult($sth);
if ($phpbb_user) {
$username = $phpbb_user['user_email'];
}
// Get the user details from seat.
$user = $this->authenticateUser($username, $password);
if (is_integer($user)) {
switch ($user) {
case 1001:
$error = 'LOGIN_ERROR_INVALID_CONNECTION';
break;
case 1002:
$error = 'LOGIN_ERROR_INVALID_CREDENTIALS';
break;
case 1003:
$error = 'LOGIN_ERROR_NO_MAIN_CHARACTER_SET';
break;
case 1004:
$error = 'LOGIN_ERROR_MAIN_CHARACTER_UNAUTHORIZED';
break;
default:
$error = 'LOGIN_ERROR_UNKNOWN';
break;
}
return ['status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => $error, 'user_row' => ['user_id' => ANONYMOUS]];
}
// Return the phpbb user if it was already found earlier.
if ($phpbb_user) {
return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
}
// Find a phpbb user using the seat user's character name.
$sth = $this->db->sql_query(sprintf($sqlByUsername, $this->db->sql_escape($user['characterName'])));
$phpbb_user = $this->db->sql_fetchrow($sth);
$this->db->sql_freeresult($sth);
if ($phpbb_user) {
return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
}
// Create a new phpbb user if one wasn't found.
$result = user_add(['username' => $user['characterName'], 'user_password' => phpbb_hash(openssl_random_pseudo_bytes(256)), 'user_email' => $user['userEmail'], 'group_id' => in_array('Superuser', $user['userRoles']) ? 5 : 2, 'user_type' => in_array('Superuser', $user['userRoles']) ? 3 : USER_NORMAL]);
// Return the newly created user.
$sth = $this->db->sql_query(sprintf($sqlByID, $this->db->sql_escape($result)));
$phpbb_user = $this->db->sql_fetchrow($sth);
$this->db->sql_freeresult($sth);
return ['status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $phpbb_user];
}
$missed_call_data = str_replace(' ', '', $missed_call_data);
if (!is_numeric($missed_call_data)) {
unset($missed_call_app, $missed_call_data);
}
break;
}
//add the extension to the database
if ($action == "add" && permission_exists('extension_add')) {
$user_email = '';
if ($_SESSION["user"]["unique"]["text"] != "global") {
if ($autogen_users == "true") {
$auto_user = $extension;
for ($i = 1; $i <= $range; $i++) {
$user_last_name = $auto_user;
$user_password = generate_password();
user_add($auto_user, $user_password, $user_email);
$generated_users[$i]['username'] = $auto_user;
$generated_users[$i]['password'] = $user_password;
$auto_user++;
}
unset($auto_user);
}
}
$j = 0;
for ($i = 1; $i <= $range; $i++) {
if (extension_exists($extension)) {
//extension exists
} else {
//extension does not exist add it
$extension_uuid = uuid();
$password = generate_password();
public function main($id, $mode)
{
global $config, $db, $request, $template, $user, $phpbb_root_path, $phpEx, $phpbb_container, $phpbb_admin_path;
$this->config = $config;
$this->db = $db;
$this->request = $request;
$this->template = $template;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $phpEx;
$this->log = $phpbb_container->get('log');
$this->phpbb_admin_path = $phpbb_admin_path;
$admin_activate = $this->request->variable('activate', 0) ? $this->config['require_activation'] == USER_ACTIVATION_ADMIN ? true : false : false;
$group_default = $this->request->variable('group_default', 0);
$group_selected = $this->request->variable('group', 0);
$this->page_title = $user->lang['ACP_ADD_USER'];
$this->tpl_name = 'acp_adduser';
//include files we need to add a user
if (!function_exists('user_add')) {
include $this->phpbb_root_path . 'includes/functions_user.' . $this->php_ext;
}
// include lang files we need
$user->add_lang(array('posting', 'ucp', 'acp/users', 'acp/groups'));
// add custom profile fields
$cp = $phpbb_container->get('profilefields.manager');
//set empty error strings
$error = $cp_data = $cp_error = array();
// Load a template from adm/style for our ACP page
$this->tpl_name = 'acp_adduser';
// Define the name of the form for use as a form key
add_form_key('acp_adduser');
// Try to automatically determine the timezone and daylight savings time settings
$timezone = $this->config['board_timezone'];
$data = array('username' => $this->request->variable('username', '', true), 'new_password' => $this->request->variable('new_password', '', true), 'password_confirm' => $this->request->variable('password_confirm', '', true), 'email' => strtolower($this->request->variable('email', '')), 'lang' => basename($this->request->variable('lang', $this->user->lang_name)), 'tz' => $this->request->variable('tz', $timezone), 'group' => $this->request->variable('group', 0));
// build an array of all lang directories for the extension and check to make sure we have the lang available that is being chosen
// if the lang isn't present then errors will present themselves due to no email template found
$dir_array = $this->dir_to_array($this->phpbb_root_path . 'ext/phpbbmodders/adduser/language');
if (!in_array($data['lang'], $dir_array)) {
trigger_error(sprintf($this->user->lang['DIR_NOT_EXIST'], $data['lang'], $data['lang']), E_USER_WARNING);
}
if ($this->config['allow_birthdays']) {
$data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0;
$data['bday_day'] = $this->request->variable('bday_day', $data['bday_day']);
$data['bday_month'] = $this->request->variable('bday_month', $data['bday_month']);
$data['bday_year'] = $this->request->variable('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
}
// if form is submitted
if ($this->request->is_set_post('submit')) {
// Test if form key is valid
if (!check_form_key('acp_adduser')) {
trigger_error('FORM_INVALID');
}
// lets create a wacky new password for our user...but only if there is nothing for a password already
if (empty($data['new_password']) && empty($data['password_confirm'])) {
if ($this->config['pass_complex'] == 'PASS_TYPE_ANY' || $this->config['pass_complex'] == 'PASS_TYPE_CASE') {
$new_password = str_split(base64_encode(md5(time() . $data['username'])), $this->config['min_pass_chars'] + rand(3, 5));
$data['new_password'] = $data['password_confirm'] = $new_password[0];
} else {
if ($this->config['pass_complex'] == 'PASS_TYPE_ALPHA') {
$new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_ALPHA');
$data['new_password'] = $data['password_confirm'] = $new_password;
} else {
$new_password = $this->generate_password($this->config['min_pass_chars'] + rand(3, 5), 'PASS_TYPE_SYMBOL');
$data['new_password'] = $data['password_confirm'] = $new_password;
}
}
}
// validate entries
$validate_array = array('username' => array(array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']), array('username', '')), 'email' => array(array('string', false, 6, 60), array('user_email')), 'new_password' => array(array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), 'tz' => array('timezone'), 'lang' => array('language_iso_name'));
if ($this->config['allow_birthdays']) {
$validate_array = array_merge($validate_array, array('bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), 'user_birthday' => array('date', true)));
}
$error = validate_data($data, $validate_array);
// validate custom profile fields
$cp->submit_cp_field('register', $this->user->get_iso_lang_id(), $cp_data, $error);
if (sizeof($cp_error)) {
$error = array_merge($error, $cp_error);
}
if ($data['new_password'] != $data['password_confirm']) {
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
// Replace "error" strings with their real, localised form
$error = array_map(array($user, 'lang'), $error);
if (!sizeof($error)) {
$server_url = generate_board_url();
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_name = 'REGISTERED'\n\t\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$group_id = $db->sql_fetchfield('group_id');
$db->sql_freeresult($result);
// use group_id here
if (!$group_id) {
trigger_error('NO_GROUP');
}
if (($this->config['require_activation'] == USER_ACTIVATION_SELF || $this->config['require_activation'] == USER_ACTIVATION_ADMIN) && $this->config['email_enable'] && !$admin_activate) {
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
} else {
$user_type = USER_NORMAL;
$user_actkey = '';
$user_inactive_reason = 0;
$user_inactive_time = 0;
}
// Instantiate passwords manager
$passwords_manager = $phpbb_container->get('passwords.manager');
$user_row = array('username' => $data['username'], 'user_password' => $passwords_manager->hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => $data['tz'], 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $this->user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time);
if ($this->config['allow_birthdays']) {
$user_row['user_birthday'] = $data['user_birthday'];
}
// Register user...
$user_id = user_add($user_row, $cp_data);
if (!empty($data['group'])) {
if (!empty($group_default)) {
group_user_add($data['group'], array($user_id), false, false, true);
} else {
group_user_add($data['group'], array($user_id));
}
}
$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_USER_ADDED', time(), array($data['username']));
// This should not happen, because the required variables are listed above...
if ($user_id === false) {
trigger_error($this->user->lang['NO_USER'], E_USER_ERROR);
}
// send a message to the user...if needed
$message = array();
if ($this->config['require_activation'] == USER_ACTIVATION_SELF && $this->config['email_enable']) {
$message[] = $this->user->lang['ACP_ACCOUNT_INACTIVE'];
$email_template = '@phpbbmodders_adduser/user_added_inactive';
} else {
if ($this->config['require_activation'] == USER_ACTIVATION_ADMIN && $this->config['email_enable'] && !$admin_activate) {
$message[] = $this->user->lang['ACP_ACCOUNT_INACTIVE_ADMIN'];
$email_template = '@phpbbmodders_adduser/user_added_admin_welcome_inactive';
} else {
$message[] = $this->user->lang['ACP_ACCOUNT_ADDED'];
$email_template = '@phpbbmodders_adduser/user_added_welcome';
}
}
if ($config['email_enable']) {
if (!class_exists('messenger')) {
include $this->phpbb_root_path . 'includes/functions_messenger.' . $this->php_ext;
}
$messenger = new \messenger(false);
$messenger->template($email_template, $data['lang']);
$messenger->to($data['email'], $data['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $this->config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $this->user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $this->user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $this->user->ip);
$messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($this->user->lang['WELCOME_SUBJECT'], $this->config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}"));
$messenger->send(NOTIFY_EMAIL);
}
if ($this->config['require_activation'] == USER_ACTIVATION_ADMIN && !$admin_activate) {
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->add_notifications('notification.type.admin_activate_user', array('user_id' => $user_id, 'user_actkey' => $user_row['user_actkey'], 'user_regdate' => $user_row['user_regdate']));
}
$message[] = sprintf($user->lang['CONTINUE_EDIT_USER'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=users&mode=overview&u=' . $user_id) . '">', $data['username'], '</a>');
$message[] = sprintf($user->lang['EDIT_USER_GROUPS'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . $user_id) . '">', '</a>');
$message[] = adm_back_link($this->u_action);
trigger_error(implode('<br />', $message));
}
}
$l_reg_cond = '';
switch ($this->config['require_activation']) {
case USER_ACTIVATION_SELF:
$l_reg_cond = $this->user->lang['ACP_EMAIL_ACTIVATE'];
break;
case USER_ACTIVATION_ADMIN:
$l_reg_cond = $this->user->lang['ACP_ADMIN_ACTIVATE'];
break;
default:
$l_reg_cond = $this->user->lang['ACP_INSTANT_ACTIVATE'];
break;
}
if ($this->config['allow_birthdays']) {
$s_birthday_day_options = '<option value="0"' . (!$data['bday_day'] ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 32; $i++) {
$selected = $i == $data['bday_day'] ? ' selected="selected"' : '';
$s_birthday_day_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>";
}
$s_birthday_month_options = '<option value="0"' . (!$data['bday_month'] ? ' selected="selected"' : '') . '>--</option>';
for ($i = 1; $i < 13; $i++) {
$selected = $i == $data['bday_month'] ? ' selected="selected"' : '';
$s_birthday_month_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>";
}
$s_birthday_year_options = '';
$now = getdate();
$s_birthday_year_options = '<option value="0"' . (!$data['bday_year'] ? ' selected="selected"' : '') . '>--</option>';
for ($i = $now['year'] - 100; $i <= $now['year']; $i++) {
$selected = $i == $data['bday_year'] ? ' selected="selected"' : '';
$s_birthday_year_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>";
}
unset($now);
$this->template->assign_vars(array('S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options, 'S_BIRTHDAYS_ENABLED' => true));
}
// Get the groups, so that the user can be added to them
$s_group_options = $this->get_groups($group_selected);
$timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true);
$this->template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'NEW_USERNAME' => $data['username'], 'EMAIL' => $data['email'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'L_PASSWORD_EXPLAIN' => $this->user->lang($config['pass_complex'] . '_EXPLAIN', $this->user->lang('CHARACTERS', (int) $this->config['min_pass_chars']), $this->user->lang('CHARACTERS', (int) $this->config['max_pass_chars'])) . ' ' . $this->user->lang['PASSWORD_EXPLAIN'], 'L_USERNAME_EXPLAIN' => $this->user->lang($config['allow_name_chars'] . '_EXPLAIN', $this->user->lang('CHARACTERS', (int) $this->config['min_name_chars']), $this->user->lang('CHARACTERS', (int) $this->config['max_name_chars'])), 'L_ADD_USER_EXPLAIN' => sprintf($this->user->lang['ADD_USER_EXPLAIN'], '<a href="' . append_sid("{$this->phpbb_admin_path}index.{$phpEx}", 'i=acp_board&mode=registration') . '">', '</a>'), 'L_REG_COND' => $l_reg_cond, 'L_MOD_VERSION' => sprintf($this->user->lang['MOD_VERSION'], $this->config['adduser_version']), 'S_USER_ADD' => true, 'S_GROUP_OPTIONS' => $s_group_options, 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_ADMIN_ACTIVATE' => $this->config['require_activation'] == USER_ACTIVATION_ADMIN ? true : false, 'U_ADMIN_ACTIVATE' => $admin_activate ? 'checked="checked"' : '', 'U_GROUP_DEFAULT' => $group_default ? 'checked="checked"' : ''));
$this->user->profile_fields = array();
// Generate profile fields -> Template Block Variable profile_fields
$cp->generate_profile_fields('register', $user->get_iso_lang_id());
}
/**
* Add a user with the name $user to phpBB and update all entries in the database to reflect this
* @param string $oldname The name that was used when making the guest posts
* @param string $newname The name that will be used for the new user
* @return void
* @access private
*/
function _add_user_and_update_data($oldname, $newname)
{
global $db, $config, $user;
if (!function_exists('user_add')) {
include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
}
// Registered users group?
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name = 'REGISTERED'";
$result = $db->sql_query_limit($sql, 1);
$gid = $db->sql_fetchfield('group_id', false, $result);
$gcl = $db->sql_fetchfield('group_colour', 0, $result);
$db->sql_freeresult($result);
// Setup the user
$user_ary = array('username' => $newname, 'group_id' => $gid, 'user_email' => $config['board_email'], 'user_type' => USER_NORMAL, 'user_password' => gen_rand_string(12));
// Add the user
$user_id = user_add($user_ary);
// Update forums table
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_last_poster_id = ' . (int) $user_id . " , forum_last_poster_name = '" . $db->sql_escape($newname) . "', forum_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE forum_last_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update posts table
$sql = 'UPDATE ' . POSTS_TABLE . '
SET poster_id = ' . (int) $user_id . ", post_username = ''\n\t\t\tWHERE post_username = '******'";
$db->sql_query($sql);
// Update topics table (first post)
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_poster = ' . (int) $user_id . ", topic_first_poster_name = '" . $db->sql_escape($newname) . "', topic_first_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_first_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update topics table (last post)
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET topic_last_poster_id = ' . (int) $user_id . ", topic_last_poster_name = '" . $db->sql_escape($newname) . "', topic_last_poster_colour = '" . $db->sql_escape($gcl) . "'\n\t\t\tWHERE topic_last_poster_name = '" . $db->sql_escape($oldname) . "'";
$db->sql_query($sql);
// Update user post count
$sql = 'SELECT COUNT(post_id) as post_cnt
FROM ' . POSTS_TABLE . '
WHERE poster_id = ' . (int) $user_id;
$result = $db->sql_query($sql);
$post_cnt = $db->sql_fetchfield('post_cnt', false, $result);
$db->sql_freeresult($result);
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = ' . $post_cnt . ' WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);
}
if ($_REQUEST['captcha'] == $_SESSION['tmp']['captcha']) {
$data = array();
$data['name'] = $_REQUEST['name'];
$data['username'] = $_REQUEST['username'];
$data['mobile'] = $_REQUEST['mobile'];
$data['email'] = $_REQUEST['email'];
// force non-admin, status=3 is user and status=4 is subuser
$data['status'] = $core_config['main']['default_user_status'] == 3 ? $core_config['main']['default_user_status'] : 4;
// if subuser and no site config then parent uid is 0
$parent_uid = (int) $site_config['uid'] ? (int) $site_config['uid'] : 0;
$data['parent_uid'] = $data['status'] == 4 ? $parent_uid : 0;
// empty this and playSMS will generate random password
$data['password'] = '';
// set credit to 0 by default
$data['credit'] = 0;
$ret = user_add($data);
$ok = $ret['status'] ? TRUE : FALSE;
$_SESSION['error_string'] = $ret['error_string'];
} else {
$_SESSION['error_string'] = _('Please type the displayed captcha phrase correctly');
}
}
if ($ok) {
header("Location: " . _u($core_config['http_path']['base']));
} else {
header("Location: " . _u('index.php?app=main&inc=core_auth&route=register'));
}
exit;
} else {
// error string
if ($_SESSION['error_string']) {
/**
* Creates a new user with limited permissions
*
* @param string $username Also doubles up as the user's password
* @return int ID of created user
*/
protected function create_user($username)
{
// Required by unique_id
global $config;
$config = new \phpbb\config\config(array());
/*
* Add required config entries to the config array to prevent
* set_config() sending an INSERT query for already existing entries,
* resulting in a SQL error.
* This is because set_config() first sends an UPDATE query, then checks
* sql_affectedrows() which can be 0 (e.g. on MySQL) when the new
* data is already there.
*/
$config['newest_user_colour'] = '';
$config['rand_seed'] = '';
$config['rand_seed_last_update'] = time() + 600;
// Required by user_add
global $db, $cache, $phpbb_dispatcher, $phpbb_container;
$db = $this->get_db();
if (!function_exists('phpbb_mock_null_cache')) {
require_once __DIR__ . '/../mock/null_cache.php';
}
$cache = new phpbb_mock_null_cache();
$cache_driver = new \phpbb\cache\driver\dummy();
$phpbb_container = new phpbb_mock_container_builder();
$phpbb_container->set('cache.driver', $cache_driver);
$phpbb_notifications = new phpbb_mock_notification_manager();
$phpbb_container->set('notification_manager', $phpbb_notifications);
if (!function_exists('utf_clean_string')) {
require_once __DIR__ . '/../../phpBB/includes/utf/utf_tools.php';
}
if (!function_exists('user_add')) {
require_once __DIR__ . '/../../phpBB/includes/functions_user.php';
}
$phpbb_dispatcher = new phpbb_mock_event_dispatcher();
$passwords_manager = $this->get_passwords_manager();
$user_row = array('username' => $username, 'group_id' => 2, 'user_email' => '*****@*****.**', 'user_type' => 0, 'user_lang' => 'en', 'user_timezone' => 'UTC', 'user_dateformat' => 'r', 'user_password' => $passwords_manager->hash($username . $username));
return user_add($user_row);
}
/**
* Add search robots to the database
*/
function add_bots($mode, $sub)
{
global $db, $lang, $phpbb_root_path, $phpEx, $config;
// Obtain any submitted data
$data = $this->get_submitted_data();
// Fill the config array - it is needed by those functions we call
$sql = 'SELECT *
FROM ' . CONFIG_TABLE;
$result = $db->sql_query($sql);
$config = array();
while ($row = $db->sql_fetchrow($result))
{
$config[$row['config_name']] = $row['config_value'];
}
$db->sql_freeresult($result);
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "
WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id');
$db->sql_freeresult($result);
if (!$group_id)
{
// If we reach this point then something has gone very wrong
$this->p_master->error($lang['NO_GROUP'], __LINE__, __FILE__);
}
if (!function_exists('user_add'))
{
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
}
foreach ($this->bot_list as $bot_name => $bot_ary)
{
$user_row = array(
'user_type' => USER_IGNORE,
'group_id' => $group_id,
'username' => $bot_name,
'user_regdate' => time(),
'user_password' => '',
'user_colour' => '9E8DA7',
'user_email' => '',
'user_lang' => $data['default_lang'],
'user_style' => 1,
'user_timezone' => 0,
'user_dateformat' => $lang['default_dateformat'],
'user_allow_massemail' => 0,
);
$user_id = user_add($user_row);
if (!$user_id)
{
// If we can't insert this user then continue to the next one to avoid inconsistant data
$this->p_master->db_error('Unable to insert bot into users table', $db->sql_error_sql, __LINE__, __FILE__, true);
continue;
}
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'bot_active' => 1,
'bot_name' => (string) $bot_name,
'user_id' => (int) $user_id,
'bot_agent' => (string) $bot_ary[0],
'bot_ip' => (string) $bot_ary[1],
));
$result = $db->sql_query($sql);
}
}
function change_database_data(&$no_updates, $version)
{
global $db, $db_tools, $errored, $error_ary, $config, $table_prefix, $phpbb_root_path, $phpEx;
switch ($version) {
case '3.0.0':
$sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\tSET topic_last_view_time = topic_last_post_time\n\t\t\t\tWHERE topic_last_view_time = 0";
_sql($sql, $errored, $error_ary);
// Update smiley sizes
$smileys = array('icon_e_surprised.gif', 'icon_eek.gif', 'icon_cool.gif', 'icon_lol.gif', 'icon_mad.gif', 'icon_razz.gif', 'icon_redface.gif', 'icon_cry.gif', 'icon_evil.gif', 'icon_twisted.gif', 'icon_rolleyes.gif', 'icon_exclaim.gif', 'icon_question.gif', 'icon_idea.gif', 'icon_arrow.gif', 'icon_neutral.gif', 'icon_mrgreen.gif', 'icon_e_ugeek.gif');
foreach ($smileys as $smiley) {
if (file_exists($phpbb_root_path . 'images/smilies/' . $smiley)) {
list($width, $height) = getimagesize($phpbb_root_path . 'images/smilies/' . $smiley);
$sql = 'UPDATE ' . SMILIES_TABLE . '
SET smiley_width = ' . $width . ', smiley_height = ' . $height . "\n\t\t\t\t\t\tWHERE smiley_url = '" . $db->sql_escape($smiley) . "'";
_sql($sql, $errored, $error_ary);
}
}
$no_updates = false;
break;
// No changes from 3.0.1-RC1 to 3.0.1
// No changes from 3.0.1-RC1 to 3.0.1
case '3.0.1-RC1':
break;
// changes from 3.0.1 to 3.0.2-RC1
// changes from 3.0.1 to 3.0.2-RC1
case '3.0.1':
set_config('referer_validation', '1');
set_config('check_attachment_content', '1');
set_config('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title');
$no_updates = false;
break;
// No changes from 3.0.2-RC1 to 3.0.2-RC2
// No changes from 3.0.2-RC1 to 3.0.2-RC2
case '3.0.2-RC1':
break;
// No changes from 3.0.2-RC2 to 3.0.2
// No changes from 3.0.2-RC2 to 3.0.2
case '3.0.2-RC2':
break;
// Changes from 3.0.2 to 3.0.3-RC1
// Changes from 3.0.2 to 3.0.3-RC1
case '3.0.2':
set_config('enable_queue_trigger', '0');
set_config('queue_trigger_posts', '3');
set_config('pm_max_recipients', '0');
// Set maximum number of recipients for the registered users, bots, guests group
$sql = 'UPDATE ' . GROUPS_TABLE . ' SET group_max_recipients = 5
WHERE ' . $db->sql_in_set('group_name', array('GUESTS', 'REGISTERED', 'REGISTERED_COPPA', 'BOTS'));
_sql($sql, $errored, $error_ary);
// Not prefilling yet
set_config('dbms_version', '');
// Add new permission u_masspm_group and duplicate settings from u_masspm
include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx;
$auth_admin = new auth_admin();
// Only add the new permission if it does not already exist
if (empty($auth_admin->acl_options['id']['u_masspm_group'])) {
$auth_admin->acl_add_option(array('global' => array('u_masspm_group')));
// Now the tricky part, filling the permission
$old_id = $auth_admin->acl_options['id']['u_masspm'];
$new_id = $auth_admin->acl_options['id']['u_masspm_group'];
$tables = array(ACL_GROUPS_TABLE, ACL_ROLES_DATA_TABLE, ACL_USERS_TABLE);
foreach ($tables as $table) {
$sql = 'SELECT *
FROM ' . $table . '
WHERE auth_option_id = ' . $old_id;
$result = _sql($sql, $errored, $error_ary);
$sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$row['auth_option_id'] = $new_id;
$sql_ary[] = $row;
}
$db->sql_freeresult($result);
if (sizeof($sql_ary)) {
$db->sql_multi_insert($table, $sql_ary);
}
}
// Remove any old permission entries
$auth_admin->acl_clear_prefetch();
}
/**
* Do not resync post counts here. An admin may do this later from the ACP
$start = 0;
$step = ($config['num_posts']) ? (max((int) ($config['num_posts'] / 5), 20000)) : 20000;
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = 0';
_sql($sql, $errored, $error_ary);
do
{
$sql = 'SELECT COUNT(post_id) AS num_posts, poster_id
FROM ' . POSTS_TABLE . '
WHERE post_id BETWEEN ' . ($start + 1) . ' AND ' . ($start + $step) . '
AND post_postcount = 1 AND post_approved = 1
GROUP BY poster_id';
$result = _sql($sql, $errored, $error_ary);
if ($row = $db->sql_fetchrow($result))
{
do
{
$sql = 'UPDATE ' . USERS_TABLE . " SET user_posts = user_posts + {$row['num_posts']} WHERE user_id = {$row['poster_id']}";
_sql($sql, $errored, $error_ary);
}
while ($row = $db->sql_fetchrow($result));
$start += $step;
}
else
{
$start = 0;
}
$db->sql_freeresult($result);
}
while ($start);
*/
$sql = 'UPDATE ' . MODULES_TABLE . '
SET module_auth = \'acl_a_email && cfg_email_enable\'
WHERE module_class = \'acp\'
AND module_basename = \'email\'';
_sql($sql, $errored, $error_ary);
$no_updates = false;
break;
// Changes from 3.0.3-RC1 to 3.0.3
// Changes from 3.0.3-RC1 to 3.0.3
case '3.0.3-RC1':
if ($db->sql_layer == 'oracle') {
// log_operation is CLOB - but we can change this later
$sql = 'UPDATE ' . LOG_TABLE . "\n\t\t\t\t\tSET log_operation = 'LOG_DELETE_TOPIC'\n\t\t\t\t\tWHERE log_operation LIKE 'LOG_TOPIC_DELETED'";
_sql($sql, $errored, $error_ary);
} else {
$sql = 'UPDATE ' . LOG_TABLE . "\n\t\t\t\t\tSET log_operation = 'LOG_DELETE_TOPIC'\n\t\t\t\t\tWHERE log_operation = 'LOG_TOPIC_DELETED'";
_sql($sql, $errored, $error_ary);
}
$no_updates = false;
break;
// Changes from 3.0.3 to 3.0.4-RC1
// Changes from 3.0.3 to 3.0.4-RC1
case '3.0.3':
// Update the Custom Profile Fields based on previous settings to the new format
$sql = 'SELECT field_id, field_required, field_show_on_reg, field_hide
FROM ' . PROFILE_FIELDS_TABLE;
$result = _sql($sql, $errored, $error_ary);
while ($row = $db->sql_fetchrow($result)) {
$sql_ary = array('field_required' => 0, 'field_show_on_reg' => 0, 'field_hide' => 0, 'field_show_profile' => 0);
if ($row['field_required']) {
$sql_ary['field_required'] = $sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1;
} else {
if ($row['field_show_on_reg']) {
$sql_ary['field_show_on_reg'] = $sql_ary['field_show_profile'] = 1;
} else {
if ($row['field_hide']) {
// Only administrators and moderators can see this CPF, if the view is enabled, they can see it, otherwise just admins in the acp_users module
$sql_ary['field_hide'] = 1;
} else {
// equivelant to "none", which is the "Display in user control panel" option
$sql_ary['field_show_profile'] = 1;
}
}
}
_sql('UPDATE ' . PROFILE_FIELDS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE field_id = ' . $row['field_id'], $errored, $error_ary);
}
$no_updates = false;
break;
// Changes from 3.0.4-RC1 to 3.0.4
// Changes from 3.0.4-RC1 to 3.0.4
case '3.0.4-RC1':
break;
// Changes from 3.0.4 to 3.0.5-RC1
// Changes from 3.0.4 to 3.0.5-RC1
case '3.0.4':
// Captcha config variables
set_config('captcha_gd_wave', 0);
set_config('captcha_gd_3d_noise', 1);
set_config('captcha_gd_fonts', 1);
set_config('confirm_refresh', 1);
// Maximum number of keywords
set_config('max_num_search_keywords', 10);
// Remove static config var and put it back as dynamic variable
$sql = 'UPDATE ' . CONFIG_TABLE . "\n\t\t\t\tSET is_dynamic = 1\n\t\t\t\tWHERE config_name = 'search_indexing_state'";
_sql($sql, $errored, $error_ary);
// Hash old MD5 passwords
$sql = 'SELECT user_id, user_password
FROM ' . USERS_TABLE . '
WHERE user_pass_convert = 1';
$result = _sql($sql, $errored, $error_ary);
while ($row = $db->sql_fetchrow($result)) {
if (strlen($row['user_password']) == 32) {
$sql_ary = array('user_password' => phpbb_hash($row['user_password']));
_sql('UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $row['user_id'], $errored, $error_ary);
}
}
$db->sql_freeresult($result);
// Adjust bot entry
$sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\tSET bot_agent = 'ichiro/'\n\t\t\t\tWHERE bot_agent = 'ichiro/2'";
_sql($sql, $errored, $error_ary);
// Before we are able to add a unique key to auth_option, we need to remove duplicate entries
// We get duplicate entries first
$sql = 'SELECT auth_option
FROM ' . ACL_OPTIONS_TABLE . '
GROUP BY auth_option
HAVING COUNT(*) >= 2';
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[] = $row['auth_option'];
}
$db->sql_freeresult($result);
// Remove specific auth options
if (!empty($auth_options)) {
foreach ($auth_options as $option) {
// Select auth_option_ids... the largest id will be preserved
$sql = 'SELECT auth_option_id
FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option = '" . $db->sql_escape($option) . "'\n\t\t\t\t\t\tORDER BY auth_option_id DESC";
// sql_query_limit not possible here, due to bug in postgresql layer
$result = $db->sql_query($sql);
// Skip first row, this is our original auth option we want to preserve
$row = $db->sql_fetchrow($result);
while ($row = $db->sql_fetchrow($result)) {
// Ok, remove this auth option...
_sql('DELETE FROM ' . ACL_OPTIONS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
_sql('DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
_sql('DELETE FROM ' . ACL_GROUPS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
_sql('DELETE FROM ' . ACL_USERS_TABLE . ' WHERE auth_option_id = ' . $row['auth_option_id'], $errored, $error_ary);
}
$db->sql_freeresult($result);
}
}
// Now make auth_option UNIQUE, by dropping the old index and adding a UNIQUE one.
$changes = array('drop_keys' => array(ACL_OPTIONS_TABLE => array('auth_option')));
$statements = $db_tools->perform_schema_changes($changes);
foreach ($statements as $sql) {
_sql($sql, $errored, $error_ary);
}
$changes = array('add_unique_index' => array(ACL_OPTIONS_TABLE => array('auth_option' => array('auth_option'))));
$statements = $db_tools->perform_schema_changes($changes);
foreach ($statements as $sql) {
_sql($sql, $errored, $error_ary);
}
$no_updates = false;
break;
// No changes from 3.0.5-RC1 to 3.0.5
// No changes from 3.0.5-RC1 to 3.0.5
case '3.0.5-RC1':
break;
// Changes from 3.0.5 to 3.0.6-RC1
// Changes from 3.0.5 to 3.0.6-RC1
case '3.0.5':
// Let's see if the GD Captcha can be enabled... we simply look for what *is* enabled...
if (!empty($config['captcha_gd']) && !isset($config['captcha_plugin'])) {
set_config('captcha_plugin', 'phpbb_captcha_gd');
} else {
if (!isset($config['captcha_plugin'])) {
set_config('captcha_plugin', 'phpbb_captcha_nogd');
}
}
// Entries for the Feed Feature
set_config('feed_enable', '0');
set_config('feed_limit', '10');
set_config('feed_overall_forums', '1');
set_config('feed_overall_forums_limit', '15');
set_config('feed_overall_topics', '0');
set_config('feed_overall_topics_limit', '15');
set_config('feed_forum', '1');
set_config('feed_topic', '1');
set_config('feed_item_statistics', '1');
// Entries for smiley pagination
set_config('smilies_per_page', '50');
// Entry for reporting PMs
set_config('allow_pm_report', '1');
// Install modules
$modules_to_install = array('feed' => array('base' => 'board', 'class' => 'acp', 'title' => 'ACP_FEED_SETTINGS', 'auth' => 'acl_a_board', 'cat' => 'ACP_BOARD_CONFIGURATION', 'after' => array('signature', 'ACP_SIGNATURE_SETTINGS')), 'warnings' => array('base' => 'users', 'class' => 'acp', 'title' => 'ACP_USER_WARNINGS', 'auth' => 'acl_a_user', 'display' => 0, 'cat' => 'ACP_CAT_USERS', 'after' => array('feedback', 'ACP_USER_FEEDBACK')), 'send_statistics' => array('base' => 'send_statistics', 'class' => 'acp', 'title' => 'ACP_SEND_STATISTICS', 'auth' => 'acl_a_server', 'cat' => 'ACP_SERVER_CONFIGURATION'), 'setting_forum_copy' => array('base' => 'permissions', 'class' => 'acp', 'title' => 'ACP_FORUM_PERMISSIONS_COPY', 'auth' => 'acl_a_fauth && acl_a_authusers && acl_a_authgroups && acl_a_mauth', 'cat' => 'ACP_FORUM_BASED_PERMISSIONS', 'after' => array('setting_forum_local', 'ACP_FORUM_PERMISSIONS')), 'pm_reports' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS'), 'pm_reports_closed' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORTS_CLOSED', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS'), 'pm_report_details' => array('base' => 'pm_reports', 'class' => 'mcp', 'title' => 'MCP_PM_REPORT_DETAILS', 'auth' => 'aclf_m_report', 'cat' => 'MCP_REPORTS'));
_add_modules($modules_to_install);
// Add newly_registered group... but check if it already exists (we always supported running the updater on any schema)
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = 'NEWLY_REGISTERED'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id');
$db->sql_freeresult($result);
if (!$group_id) {
$sql = 'INSERT INTO ' . GROUPS_TABLE . " (group_name, group_type, group_founder_manage, group_colour, group_legend, group_avatar, group_desc, group_desc_uid, group_max_recipients) VALUES ('NEWLY_REGISTERED', 3, 0, '', 0, '', '', '', 5)";
_sql($sql, $errored, $error_ary);
$group_id = $db->sql_nextid();
}
// Insert new user role... at the end of the chain
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\tWHERE role_name = 'ROLE_USER_NEW_MEMBER'\n\t\t\t\t\tAND role_type = 'u_'";
$result = $db->sql_query($sql);
$u_role = (int) $db->sql_fetchfield('role_id');
$db->sql_freeresult($result);
if (!$u_role) {
$sql = 'SELECT MAX(role_order) as max_order_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_type = 'u_'";
$result = $db->sql_query($sql);
$next_order_id = (int) $db->sql_fetchfield('max_order_id');
$db->sql_freeresult($result);
$next_order_id++;
$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . " (role_name, role_description, role_type, role_order) VALUES ('ROLE_USER_NEW_MEMBER', 'ROLE_DESCRIPTION_USER_NEW_MEMBER', 'u_', {$next_order_id})";
_sql($sql, $errored, $error_ary);
$u_role = $db->sql_nextid();
if (!$errored) {
// Now add the correct data to the roles...
// The standard role says that new users are not able to send a PM, Mass PM, are not able to PM groups
$sql = 'INSERT INTO ' . ACL_ROLES_DATA_TABLE . " (role_id, auth_option_id, auth_setting) SELECT {$u_role}, auth_option_id, 0 FROM " . ACL_OPTIONS_TABLE . " WHERE auth_option LIKE 'u_%' AND auth_option IN ('u_sendpm', 'u_masspm', 'u_masspm_group')";
_sql($sql, $errored, $error_ary);
// Add user role to group
$sql = 'INSERT INTO ' . ACL_GROUPS_TABLE . " (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES ({$group_id}, 0, 0, {$u_role}, 0)";
_sql($sql, $errored, $error_ary);
}
}
// Insert new forum role
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\tWHERE role_name = 'ROLE_FORUM_NEW_MEMBER'\n\t\t\t\t\tAND role_type = 'f_'";
$result = $db->sql_query($sql);
$f_role = (int) $db->sql_fetchfield('role_id');
$db->sql_freeresult($result);
if (!$f_role) {
$sql = 'SELECT MAX(role_order) as max_order_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\tWHERE role_type = 'f_'";
$result = $db->sql_query($sql);
$next_order_id = (int) $db->sql_fetchfield('max_order_id');
$db->sql_freeresult($result);
$next_order_id++;
$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . " (role_name, role_description, role_type, role_order) VALUES ('ROLE_FORUM_NEW_MEMBER', 'ROLE_DESCRIPTION_FORUM_NEW_MEMBER', 'f_', {$next_order_id})";
_sql($sql, $errored, $error_ary);
$f_role = $db->sql_nextid();
if (!$errored) {
$sql = 'INSERT INTO ' . ACL_ROLES_DATA_TABLE . " (role_id, auth_option_id, auth_setting) SELECT {$f_role}, auth_option_id, 0 FROM " . ACL_OPTIONS_TABLE . " WHERE auth_option LIKE 'f_%' AND auth_option IN ('f_noapprove')";
_sql($sql, $errored, $error_ary);
}
}
// Set every members user_new column to 0 (old users) only if there is no one yet (this makes sure we do not execute this more than once)
$sql = 'SELECT 1
FROM ' . USERS_TABLE . '
WHERE user_new = 0';
$result = $db->sql_query_limit($sql, 1);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_new = 0';
_sql($sql, $errored, $error_ary);
}
// Newly registered users limit
if (!isset($config['new_member_post_limit'])) {
set_config('new_member_post_limit', !empty($config['enable_queue_trigger']) ? $config['queue_trigger_posts'] : 0);
}
if (!isset($config['new_member_group_default'])) {
set_config('new_member_group_default', 0);
}
// To mimick the old "feature" we will assign the forum role to every forum, regardless of the setting (this makes sure there are no "this does not work!!!! YUO!!!" posts...
// Check if the role is already assigned...
$sql = 'SELECT forum_id
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_id . '
AND auth_role_id = ' . $f_role;
$result = $db->sql_query($sql);
$is_options = (int) $db->sql_fetchfield('forum_id');
$db->sql_freeresult($result);
// Not assigned at all... :/
if (!$is_options) {
// Get postable forums
$sql = 'SELECT forum_id
FROM ' . FORUMS_TABLE . '
WHERE forum_type != ' . FORUM_LINK;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
_sql('INSERT INTO ' . ACL_GROUPS_TABLE . ' (group_id, forum_id, auth_option_id, auth_role_id, auth_setting) VALUES (' . $group_id . ', ' . (int) $row['forum_id'] . ', 0, ' . $f_role . ', 0)', $errored, $error_ary);
}
$db->sql_freeresult($result);
}
// Clear permissions...
include_once $phpbb_root_path . 'includes/acp/auth.' . $phpEx;
$auth_admin = new auth_admin();
$auth_admin->acl_clear_prefetch();
if (!isset($config['allow_avatar'])) {
if ($config['allow_avatar_upload'] || $config['allow_avatar_local'] || $config['allow_avatar_remote']) {
set_config('allow_avatar', '1');
} else {
set_config('allow_avatar', '0');
}
}
if (!isset($config['allow_avatar_remote_upload'])) {
if ($config['allow_avatar_remote'] && $config['allow_avatar_upload']) {
set_config('allow_avatar_remote_upload', '1');
} else {
set_config('allow_avatar_remote_upload', '0');
}
}
// Minimum number of characters
if (!isset($config['min_post_chars'])) {
set_config('min_post_chars', '1');
}
if (!isset($config['allow_quick_reply'])) {
set_config('allow_quick_reply', '1');
}
// Set every members user_options column to enable
// bbcode, smilies and URLs for signatures by default
$sql = 'SELECT user_options
FROM ' . USERS_TABLE . '
WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query_limit($sql, 1);
$user_option = (int) $db->sql_fetchfield('user_options');
$db->sql_freeresult($result);
// Check if we already updated the database by checking bit 15 which we used to store the sig_bbcode option
if (!($user_option & 1 << 15)) {
// 229376 is the added value to enable all three signature options
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_options = user_options + 229376';
_sql($sql, $errored, $error_ary);
}
if (!isset($config['delete_time'])) {
set_config('delete_time', $config['edit_time']);
}
$no_updates = false;
break;
// No changes from 3.0.6-RC1 to 3.0.6-RC2
// No changes from 3.0.6-RC1 to 3.0.6-RC2
case '3.0.6-RC1':
break;
// Changes from 3.0.6-RC2 to 3.0.6-RC3
// Changes from 3.0.6-RC2 to 3.0.6-RC3
case '3.0.6-RC2':
// Update the Custom Profile Fields based on previous settings to the new format
$sql = 'UPDATE ' . PROFILE_FIELDS_TABLE . '
SET field_show_on_vt = 1
WHERE field_hide = 0
AND (field_required = 1 OR field_show_on_reg = 1 OR field_show_profile = 1)';
_sql($sql, $errored, $error_ary);
$no_updates = false;
break;
// No changes from 3.0.6-RC3 to 3.0.6-RC4
// No changes from 3.0.6-RC3 to 3.0.6-RC4
case '3.0.6-RC3':
break;
// No changes from 3.0.6-RC4 to 3.0.6
// No changes from 3.0.6-RC4 to 3.0.6
case '3.0.6-RC4':
break;
// Changes from 3.0.6 to 3.0.7-RC1
// Changes from 3.0.6 to 3.0.7-RC1
case '3.0.6':
// ATOM Feeds
set_config('feed_overall', '1');
set_config('feed_http_auth', '0');
set_config('feed_limit_post', (string) (isset($config['feed_limit']) ? (int) $config['feed_limit'] : 15));
set_config('feed_limit_topic', (string) (isset($config['feed_overall_topics_limit']) ? (int) $config['feed_overall_topics_limit'] : 10));
set_config('feed_topics_new', !empty($config['feed_overall_topics']) ? '1' : '0');
set_config('feed_topics_active', !empty($config['feed_overall_topics']) ? '1' : '0');
// Delete all text-templates from the template_data
$sql = 'DELETE FROM ' . STYLES_TEMPLATE_DATA_TABLE . '
WHERE template_filename ' . $db->sql_like_expression($db->any_char . '.txt');
_sql($sql, $errored, $error_ary);
$no_updates = false;
break;
// Changes from 3.0.7-RC1 to 3.0.7-RC2
// Changes from 3.0.7-RC1 to 3.0.7-RC2
case '3.0.7-RC1':
$sql = 'SELECT user_id, user_email, user_email_hash
FROM ' . USERS_TABLE . '
WHERE user_type <> ' . USER_IGNORE . "\n\t\t\t\t\tAND user_email <> ''";
$result = $db->sql_query($sql);
$i = 0;
while ($row = $db->sql_fetchrow($result)) {
// Snapshot of the phpbb_email_hash() function
// We cannot call it directly because the auto updater updates the DB first. :/
$user_email_hash = sprintf('%u', crc32(strtolower($row['user_email']))) . strlen($row['user_email']);
if ($user_email_hash != $row['user_email_hash']) {
$sql_ary = array('user_email_hash' => $user_email_hash);
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $row['user_id'];
_sql($sql, $errored, $error_ary, $i % 100 == 0);
++$i;
}
}
$db->sql_freeresult($result);
$no_updates = false;
break;
// No changes from 3.0.7-RC2 to 3.0.7
// No changes from 3.0.7-RC2 to 3.0.7
case '3.0.7-RC2':
break;
// No changes from 3.0.7 to 3.0.7-PL1
// No changes from 3.0.7 to 3.0.7-PL1
case '3.0.7':
break;
// Changes from 3.0.7-PL1 to 3.0.8-RC1
// Changes from 3.0.7-PL1 to 3.0.8-RC1
case '3.0.7-PL1':
// Update file extension group names to use language strings.
$sql = 'SELECT lang_dir
FROM ' . LANG_TABLE;
$result = $db->sql_query($sql);
$extension_groups_updated = array();
while ($lang_dir = $db->sql_fetchfield('lang_dir')) {
$lang_dir = basename($lang_dir);
// The language strings we need are either in language/.../acp/attachments.php
// in the update package if we're updating to 3.0.8-RC1 or later,
// or they are in language/.../install.php when we're updating from 3.0.7-PL1 or earlier.
// On an already updated board, they can also already be in language/.../acp/attachments.php
// in the board root.
$lang_files = array("{$phpbb_root_path}install/update/new/language/{$lang_dir}/acp/attachments.{$phpEx}", "{$phpbb_root_path}language/{$lang_dir}/install.{$phpEx}", "{$phpbb_root_path}language/{$lang_dir}/acp/attachments.{$phpEx}");
foreach ($lang_files as $lang_file) {
if (!file_exists($lang_file)) {
continue;
}
$lang = array();
include $lang_file;
foreach ($lang as $lang_key => $lang_val) {
if (isset($extension_groups_updated[$lang_key]) || strpos($lang_key, 'EXT_GROUP_') !== 0) {
continue;
}
$sql_ary = array('group_name' => substr($lang_key, 10));
$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($lang_val) . "'";
_sql($sql, $errored, $error_ary);
$extension_groups_updated[$lang_key] = true;
}
}
}
$db->sql_freeresult($result);
// Install modules
$modules_to_install = array('post' => array('base' => 'board', 'class' => 'acp', 'title' => 'ACP_POST_SETTINGS', 'auth' => 'acl_a_board', 'cat' => 'ACP_MESSAGES', 'after' => array('message', 'ACP_MESSAGE_SETTINGS')));
_add_modules($modules_to_install);
// update
$sql = 'UPDATE ' . MODULES_TABLE . '
SET module_auth = \'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)\'
WHERE module_class = \'ucp\'
AND module_basename = \'profile\'
AND module_mode = \'avatar\'';
_sql($sql, $errored, $error_ary);
// add Bing Bot
$bot_name = 'Bing [Bot]';
$bot_name_clean = utf8_clean_string($bot_name);
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape($bot_name_clean) . "'";
$result = $db->sql_query($sql);
$bing_already_added = (bool) $db->sql_fetchfield('user_id');
$db->sql_freeresult($result);
if (!$bing_already_added) {
$bot_agent = 'bingbot/';
$bot_ip = '';
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
// default fallback, should never get here
$group_row['group_id'] = 6;
$group_row['group_colour'] = '9E8DA7';
}
if (!function_exists('user_add')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
$user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_row['group_id'], 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => $group_row['group_colour'], 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => $config['default_style'], 'user_timezone' => 0, 'user_dateformat' => $config['default_dateformat'], 'user_allow_massemail' => 0);
$user_id = user_add($user_row);
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => (string) $bot_name, 'user_id' => (int) $user_id, 'bot_agent' => (string) $bot_agent, 'bot_ip' => (string) $bot_ip));
_sql($sql, $errored, $error_ary);
}
// end Bing Bot addition
// Delete shadow topics pointing to not existing topics
$batch_size = 500;
// Set of affected forums we have to resync
$sync_forum_ids = array();
do {
$sql_array = array('SELECT' => 't1.topic_id, t1.forum_id', 'FROM' => array(TOPICS_TABLE => 't1'), 'LEFT_JOIN' => array(array('FROM' => array(TOPICS_TABLE => 't2'), 'ON' => 't1.topic_moved_id = t2.topic_id')), 'WHERE' => 't1.topic_moved_id <> 0
AND t2.topic_id IS NULL');
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query_limit($sql, $batch_size);
$topic_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$topic_ids[] = (int) $row['topic_id'];
$sync_forum_ids[(int) $row['forum_id']] = (int) $row['forum_id'];
}
$db->sql_freeresult($result);
if (!empty($topic_ids)) {
$sql = 'DELETE FROM ' . TOPICS_TABLE . '
WHERE ' . $db->sql_in_set('topic_id', $topic_ids);
$db->sql_query($sql);
}
} while (sizeof($topic_ids) == $batch_size);
// Sync the forums we have deleted shadow topics from.
sync('forum', 'forum_id', $sync_forum_ids, true, true);
// Unread posts search load switch
set_config('load_unreads_search', '1');
// Reduce queue interval to 60 seconds, email package size to 20
if ($config['queue_interval'] == 600) {
set_config('queue_interval', '60');
}
if ($config['email_package_size'] == 50) {
set_config('email_package_size', '20');
}
$no_updates = false;
break;
// No changes from 3.0.8-RC1 to 3.0.8
// No changes from 3.0.8-RC1 to 3.0.8
case '3.0.8-RC1':
break;
// Changes from 3.0.8 to 3.0.9-RC1
// Changes from 3.0.8 to 3.0.9-RC1
case '3.0.8':
set_config('ip_login_limit_max', '50');
set_config('ip_login_limit_time', '21600');
set_config('ip_login_limit_use_forwarded', '0');
// Update file extension group names to use language strings, again.
$sql = 'SELECT group_id, group_name
FROM ' . EXTENSION_GROUPS_TABLE . '
WHERE group_name ' . $db->sql_like_expression('EXT_GROUP_' . $db->any_char);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$sql_ary = array('group_name' => substr($row['group_name'], 10));
$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE group_id = ' . $row['group_id'];
_sql($sql, $errored, $error_ary);
}
$db->sql_freeresult($result);
/*
* Due to a bug, vanilla phpbb could not create captcha tables
* in 3.0.8 on firebird. It was possible for board administrators
* to adjust the code to work. If code was manually adjusted by
* board administrators, index names would not be the same as
* what 3.0.9 and newer expect. This code fragment drops captcha
* tables, destroying all entered Q&A captcha configuration, such
* that when Q&A is configured next the respective tables will be
* created with correct index names.
*
* If you wish to preserve your Q&A captcha configuration, you can
* manually rename indexes to the currently expected name:
* phpbb_captcha_questions_lang_iso => phpbb_captcha_questions_lang
* phpbb_captcha_answers_question_id => phpbb_captcha_answers_qid
*
* Again, this needs to be done only if a board was manually modified
* to fix broken captcha code.
*
if ($db_tools->sql_layer == 'firebird')
{
$changes = array(
'drop_tables' => array(
$table_prefix . 'captcha_questions',
$table_prefix . 'captcha_answers',
$table_prefix . 'qa_confirm',
),
);
$statements = $db_tools->perform_schema_changes($changes);
foreach ($statements as $sql)
{
_sql($sql, $errored, $error_ary);
}
}
*/
$no_updates = false;
break;
// No changes from 3.0.9-RC1 to 3.0.9-RC2
// No changes from 3.0.9-RC1 to 3.0.9-RC2
case '3.0.9-RC1':
break;
// No changes from 3.0.9-RC2 to 3.0.9-RC3
// No changes from 3.0.9-RC2 to 3.0.9-RC3
case '3.0.9-RC2':
break;
// No changes from 3.0.9-RC3 to 3.0.9-RC4
// No changes from 3.0.9-RC3 to 3.0.9-RC4
case '3.0.9-RC3':
break;
// No changes from 3.0.9-RC4 to 3.0.9
// No changes from 3.0.9-RC4 to 3.0.9
case '3.0.9-RC4':
break;
// Changes from 3.0.9 to 3.0.10-RC1
// Changes from 3.0.9 to 3.0.10-RC1
case '3.0.9':
if (!isset($config['email_max_chunk_size'])) {
set_config('email_max_chunk_size', '50');
}
$no_updates = false;
break;
// No changes from 3.0.10-RC1 to 3.0.10-RC2
// No changes from 3.0.10-RC1 to 3.0.10-RC2
case '3.0.10-RC1':
break;
// No changes from 3.0.10-RC2 to 3.0.10-RC3
// No changes from 3.0.10-RC2 to 3.0.10-RC3
case '3.0.10-RC2':
break;
// No changes from 3.0.10-RC3 to 3.0.10
// No changes from 3.0.10-RC3 to 3.0.10
case '3.0.10-RC3':
break;
// Changes from 3.0.10 to 3.0.11-RC1
// Changes from 3.0.10 to 3.0.11-RC1
case '3.0.10':
// Updates users having current style a deactivated one
$sql = 'SELECT style_id
FROM ' . STYLES_TABLE . '
WHERE style_active = 0';
$result = $db->sql_query($sql);
$deactivated_style_ids = array();
while ($style_id = $db->sql_fetchfield('style_id', false, $result)) {
$deactivated_style_ids[] = (int) $style_id;
}
$db->sql_freeresult($result);
if (!empty($deactivated_style_ids)) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_style = ' . (int) $config['default_style'] . '
WHERE ' . $db->sql_in_set('user_style', $deactivated_style_ids);
_sql($sql, $errored, $error_ary);
}
// Delete orphan private messages
$batch_size = 500;
$sql_array = array('SELECT' => 'p.msg_id', 'FROM' => array(PRIVMSGS_TABLE => 'p'), 'LEFT_JOIN' => array(array('FROM' => array(PRIVMSGS_TO_TABLE => 't'), 'ON' => 'p.msg_id = t.msg_id')), 'WHERE' => 't.user_id IS NULL');
$sql = $db->sql_build_query('SELECT', $sql_array);
do {
$result = $db->sql_query_limit($sql, $batch_size);
$delete_pms = array();
while ($row = $db->sql_fetchrow($result)) {
$delete_pms[] = (int) $row['msg_id'];
}
$db->sql_freeresult($result);
if (!empty($delete_pms)) {
$sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', $delete_pms);
_sql($sql, $errored, $error_ary);
}
} while (sizeof($delete_pms) == $batch_size);
$no_updates = false;
break;
// No changes from 3.0.11-RC1 to 3.0.11-RC2
// No changes from 3.0.11-RC1 to 3.0.11-RC2
case '3.0.11-RC1':
break;
// No changes from 3.0.11-RC2 to 3.0.11
// No changes from 3.0.11-RC2 to 3.0.11
case '3.0.11-RC2':
break;
// Changes from 3.0.11 to 3.0.12-RC1
// Changes from 3.0.11 to 3.0.12-RC1
case '3.0.11':
$sql = 'UPDATE ' . MODULES_TABLE . '
SET module_auth = \'acl_u_sig\'
WHERE module_class = \'ucp\'
AND module_basename = \'profile\'
AND module_mode = \'signature\'';
_sql($sql, $errored, $error_ary);
// Update bots
if (!function_exists('user_delete')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
$bots_updates = array('NG-Search [Bot]' => false, 'Nutch/CVS [Bot]' => false, 'OmniExplorer [Bot]' => false, 'Seekport [Bot]' => false, 'Synoo [Bot]' => false, 'WiseNut [Bot]' => false, 'Baidu [Spider]' => 'Baiduspider', 'Exabot [Bot]' => 'Exabot', 'Voyager [Bot]' => 'voyager/', 'W3C [Validator]' => 'W3C_Validator');
foreach ($bots_updates as $bot_name => $bot_agent) {
$sql = 'SELECT user_id
FROM ' . USERS_TABLE . '
WHERE user_type = ' . USER_IGNORE . "\n\t\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($bot_name)) . "'";
$result = $db->sql_query($sql);
$bot_user_id = (int) $db->sql_fetchfield('user_id');
$db->sql_freeresult($result);
if ($bot_user_id) {
if ($bot_agent === false) {
$sql = 'DELETE FROM ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tWHERE user_id = {$bot_user_id}";
_sql($sql, $errored, $error_ary);
user_delete('remove', $bot_user_id);
} else {
$sql = 'UPDATE ' . BOTS_TABLE . "\n\t\t\t\t\t\t\tSET bot_agent = '" . $db->sql_escape($bot_agent) . "'\n\t\t\t\t\t\t\tWHERE user_id = {$bot_user_id}";
_sql($sql, $errored, $error_ary);
}
}
}
// Disable receiving pms for bots
$sql = 'SELECT user_id
FROM ' . BOTS_TABLE;
$result = $db->sql_query($sql);
$bot_user_ids = array();
while ($row = $db->sql_fetchrow($result)) {
$bot_user_ids[] = (int) $row['user_id'];
}
$db->sql_freeresult($result);
if (!empty($bot_user_ids)) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_allow_pm = 0
WHERE ' . $db->sql_in_set('user_id', $bot_user_ids);
_sql($sql, $errored, $error_ary);
}
/**
* Update BBCodes that currently use the LOCAL_URL tag
*
* To fix http://tracker.phpbb.com/browse/PHPBB3-8319 we changed
* the second_pass_replace value, so that needs updating for existing ones
*/
$sql = 'SELECT *
FROM ' . BBCODES_TABLE . '
WHERE bbcode_match ' . $db->sql_like_expression($db->any_char . 'LOCAL_URL' . $db->any_char);
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!class_exists('acp_bbcodes')) {
phpbb_require_updated('includes/acp/acp_bbcodes.' . $phpEx);
}
$bbcode_match = $row['bbcode_match'];
$bbcode_tpl = $row['bbcode_tpl'];
$acp_bbcodes = new acp_bbcodes();
$sql_ary = $acp_bbcodes->build_regexp($bbcode_match, $bbcode_tpl);
$sql = 'UPDATE ' . BBCODES_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE bbcode_id = ' . (int) $row['bbcode_id'];
$db->sql_query($sql);
}
$db->sql_freeresult($result);
$no_updates = false;
break;
// No changes from 3.0.12-RC1 to 3.0.12-RC2
// No changes from 3.0.12-RC1 to 3.0.12-RC2
case '3.0.12-RC1':
break;
// No changes from 3.0.12-RC2 to 3.0.12-RC3
// No changes from 3.0.12-RC2 to 3.0.12-RC3
case '3.0.12-RC2':
break;
// No changes from 3.0.12-RC3 to 3.0.12
// No changes from 3.0.12-RC3 to 3.0.12
case '3.0.12-RC3':
break;
// No changes from 3.0.12 to 3.0.13-RC1
// No changes from 3.0.12 to 3.0.13-RC1
case '3.0.12':
break;
// No changes from 3.0.13-RC1 to 3.0.13
// No changes from 3.0.13-RC1 to 3.0.13
case '3.0.13-RC1':
break;
// No changes from 3.0.13 to 3.0.13-PL1
// No changes from 3.0.13 to 3.0.13-PL1
case '3.0.13':
break;
// No changes from 3.0.13-PL1 to 3.0.14-RC1
// No changes from 3.0.13-PL1 to 3.0.14-RC1
case '3.0.13-PL1':
break;
// No changes from 3.0.14-RC1 to 3.0.14
// No changes from 3.0.14-RC1 to 3.0.14
case '3.0.14-RC1':
break;
}
}
/**
* Add User
*/
function adduser($dir)
{
if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") {
$user = stripslashes($GLOBALS['__POST']["user"]);
if ($user == "" || $GLOBALS['__POST']["home_dir"] == "") {
show_error($GLOBALS["error_msg"]["miscfieldmissed"]);
}
if ($GLOBALS['__POST']["pass1"] != $GLOBALS['__POST']["pass2"]) {
show_error($GLOBALS["error_msg"]["miscnopassmatch"]);
}
$data = user_find($user, NULL);
if ($data != NULL) {
show_error($user . ": " . $GLOBALS["error_msg"]["miscuserexist"]);
}
// determine the user permissions
$permissions = _eval_permissions();
$data = array($user, md5(stripslashes($GLOBALS['__POST']["pass1"])), stripslashes($GLOBALS['__POST']["home_dir"]), stripslashes($GLOBALS['__POST']["home_url"]), $GLOBALS['__POST']["show_hidden"], stripslashes($GLOBALS['__POST']["no_access"]), $permissions, $GLOBALS['__POST']["active"]);
if (!user_add($data)) {
show_error($user . ": " . $GLOBALS["error_msg"]["adduser"]);
}
header("location: " . make_link("admin", $dir, NULL));
return;
}
show_header($GLOBALS["messages"]["actadmin"] . ": " . $GLOBALS["messages"]["miscadduser"]);
// Javascript functions:
include "./_include/js_admin2.php";
echo "<CENTER><FORM name=\"adduser\" action=\"" . make_link("admin", $dir, NULL) . "&action2=adduser\" method=\"post\">\n";
echo "<INPUT type=\"hidden\" name=\"confirm\" value=\"true\"><BR><TABLE width=\"450\">\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscusername"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"user\" size=\"30\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscpassword"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass1\" size=\"30\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscconfpass"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"password\" name=\"pass2\" size=\"30\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischomedir"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_dir\" size=\"30\" value=\"";
echo $GLOBALS["home_dir"] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischomeurl"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"home_url\" size=\"30\" value=\"";
echo $GLOBALS["home_url"] . "\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscshowhidden"] . ":</TD>";
echo "<TD align=\"right\"><SELECT name=\"show_hidden\">\n";
echo "<OPTION value=\"0\">" . $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>";
echo "<OPTION value=\"1\">" . $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>\n";
echo "</SELECT></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["mischidepattern"] . ":</TD>\n";
echo "<TD align=\"right\"><INPUT type=\"text\" name=\"no_access\" size=\"30\" value=\"^\\.ht\"></TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscperms"] . ":</TD>";
// Permission settings
echo "<TD align=\"right\">\n";
admin_print_permissions(NULL);
echo "</TD></TR>\n";
echo "<TR><TD>" . $GLOBALS["messages"]["miscactive"] . ":</TD>";
echo "<TD align=\"right\"><SELECT name=\"active\">\n";
echo "<OPTION value=\"1\">" . $GLOBALS["messages"]["miscyesno"][0] . "</OPTION>";
echo "<OPTION value=\"0\">" . $GLOBALS["messages"]["miscyesno"][1] . "</OPTION>\n";
echo "</SELECT></TD></TR>\n";
echo "<TR><TD colspan=\"2\" align=\"right\"><input type=\"submit\" value=\"" . $GLOBALS["messages"]["btnadd"];
echo "\" onClick=\"return check_pwd();\">\n<input type=\"button\" value=\"";
echo $GLOBALS["messages"]["btncancel"] . "\" onClick=\"javascript:location='";
echo make_link("admin", $dir, NULL) . "';\"></TD></TR></FORM></TABLE><BR></BR>\n";
?>
<script language="JavaScript1.2" type="text/javascript">
<!--
if(document.adduser) document.adduser.user.focus();
// -->
</script><?php
}
$password_msg = '';
if (array_key_exists('password', $_POST)) {
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
// Validation du mot de passe: alpha, chiffres,caracteres speciaux, min de 4 caracteres
$password_ok = 1 === preg_match('/^[a-zA-Z0-9%&$!*?]{4,}$/', $password);
if (!$password_ok) {
// Si le prénom n'est pas valide
$password_msg = 'Le password ne doit contenir que des lettres et des caractères spéciaux (min 4).';
}
// var_dump($password);
// var_dump($password_ok);
}
if ($firstname_ok && $lastname_ok && $gender_ok && $email_ok && $username_ok && $password_ok) {
// On enregistre les données et s'en va sur une autre page
require_once 'db/_user.php';
$user_info = user_add($username, $password, $firstname, $lastname, $email);
header("Location:index.php");
exit;
}
?>
<form id="inscription" name="inscription" xmlns="http://www.w3.org/1999/html" method="post" novalidate="novalidate">
<!-- Champ prenom-->
<label for="firstname">Prénom : </label>
<input type="text" name="firstname" id="firstname"
class="<?php
echo $in_post && !$firstname_ok ? 'error' : '';
?>
"
value="<?php
echo array_key_exists('firstname', $_POST) ? $_POST['firstname'] : '';
?>
public static function forumRegister($username, $password, $email)
{
date_default_timezone_set($GLOBALS['timezone']);
global $phpbb_root_path, $phpEx, $user, $db, $config, $cache, $template;
if ($GLOBALS['forum']['type'] == 'phpbb' && $GLOBALS['forum']['autoAccountCreate'] == TRUE) {
////////PHPBB INTEGRATION//////////////
define('IN_PHPBB', true);
define('ROOT_PATH', '../..' . $GLOBALS['forum']['forum_path']);
$phpEx = "php";
$phpbb_root_path = defined('PHPBB_ROOT_PATH') ? PHPBB_ROOT_PATH : ROOT_PATH;
if (file_exists($phpbb_root_path . 'common.' . $phpEx) && file_exists($phpbb_root_path . 'includes/functions_user.' . $phpEx)) {
include $phpbb_root_path . 'common.' . $phpEx;
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
$arrTime = getdate();
$unixTime = strtotime($arrTime['year'] . "-" . $arrTime['mon'] . '-' . $arrTime['mday'] . " " . $arrTime['hours'] . ":" . $arrTime['minutes'] . ":" . $arrTime['seconds']);
$user_row = array('username' => $username, 'user_password' => phpbb_hash($password), 'user_email' => $email, 'group_id' => (int) 2, 'user_timezone' => (double) 0, 'user_dst' => "0", 'user_lang' => "en", 'user_type' => 0, 'user_actkey' => "", 'user_ip' => $_SERVER['REMOTE_HOST'], 'user_regdate' => $unixTime, 'user_inactive_reason' => 0, 'user_inactive_time' => 0);
// All the information has been compiled, add the user
// tables affected: users table, profile_fields_data table, groups table, and config table.
$user_id = user_add($user_row);
}
}
}
function autologin_groupoffice()
{
$user_id = false;
if (isset($_REQUEST['goauth'])) {
$file = base64_decode($_REQUEST['goauth']);
//$_SESSION['groupoffice_to_phpbb_session_file']=$file;
$user_id = intval(file_get_contents($file));
} elseif (isset($_COOKIE['groupoffice'])) {
$fname = session_save_path() . "/sess_" . $_COOKIE['groupoffice'];
if (file_exists($fname)) {
$data = file_get_contents($fname);
$data = groupoffice_unserializesession($data);
if (isset($data['GO_SESSION']['user_id'])) {
$user_id = $data['GO_SESSION']['user_id'];
}
}
}
//unlink($file);
if ($user_id) {
$gorow = user_row_groupoffice('', '', $user_id);
if ($gorow) {
global $db;
$sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($gorow['username'])) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
return $row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE ? array() : $row;
}
if (!function_exists('user_add')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
// create the user if he does not exist yet
user_add($gorow);
$sql = 'SELECT *
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($gorow['username'])) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
return $row;
}
}
}
return array();
}
/**
* Add the search bots into the database
* This code should be used in execute_last if the source database did not have bots
* If you are converting bots this function should not be called
* @todo We might want to look at sharing the bot list between the install code and this code for consistancy
*/
function add_bots()
{
global $db, $convert, $user, $config, $phpbb_root_path, $phpEx;
$db->sql_query($convert->truncate_statement . BOTS_TABLE);
$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$db->sql_freeresult($result);
if (!$group_id) {
add_default_groups();
$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$db->sql_freeresult($result);
if (!$group_id) {
global $install;
$install->error($user->lang['CONV_ERROR_INCONSISTENT_GROUPS'], __LINE__, __FILE__);
}
}
$bots = array('AdsBot [Google]' => array('AdsBot-Google', ''), 'Alexa [Bot]' => array('ia_archiver', ''), 'Alta Vista [Bot]' => array('Scooter/', ''), 'Ask Jeeves [Bot]' => array('Ask Jeeves', ''), 'Baidu [Spider]' => array('Baiduspider+(', ''), 'Bing [Bot]' => array('bingbot/', ''), 'Exabot [Bot]' => array('Exabot/', ''), 'FAST Enterprise [Crawler]' => array('FAST Enterprise Crawler', ''), 'FAST WebCrawler [Crawler]' => array('FAST-WebCrawler/', ''), 'Francis [Bot]' => array('http://www.neomo.de/', ''), 'Gigabot [Bot]' => array('Gigabot/', ''), 'Google Adsense [Bot]' => array('Mediapartners-Google', ''), 'Google Desktop' => array('Google Desktop', ''), 'Google Feedfetcher' => array('Feedfetcher-Google', ''), 'Google [Bot]' => array('Googlebot', ''), 'Heise IT-Markt [Crawler]' => array('heise-IT-Markt-Crawler', ''), 'Heritrix [Crawler]' => array('heritrix/1.', ''), 'IBM Research [Bot]' => array('ibm.com/cs/crawler', ''), 'ICCrawler - ICjobs' => array('ICCrawler - ICjobs', ''), 'ichiro [Crawler]' => array('ichiro/2', ''), 'Majestic-12 [Bot]' => array('MJ12bot/', ''), 'Metager [Bot]' => array('MetagerBot/', ''), 'MSN NewsBlogs' => array('msnbot-NewsBlogs/', ''), 'MSN [Bot]' => array('msnbot/', ''), 'MSNbot Media' => array('msnbot-media/', ''), 'NG-Search [Bot]' => array('NG-Search/', ''), 'Nutch [Bot]' => array('http://lucene.apache.org/nutch/', ''), 'Nutch/CVS [Bot]' => array('NutchCVS/', ''), 'OmniExplorer [Bot]' => array('OmniExplorer_Bot/', ''), 'Online link [Validator]' => array('online link validator', ''), 'psbot [Picsearch]' => array('psbot/0', ''), 'Seekport [Bot]' => array('Seekbot/', ''), 'Sensis [Crawler]' => array('Sensis Web Crawler', ''), 'SEO Crawler' => array('SEO search Crawler/', ''), 'Seoma [Crawler]' => array('Seoma [SEO Crawler]', ''), 'SEOSearch [Crawler]' => array('SEOsearch/', ''), 'Snappy [Bot]' => array('Snappy/1.1 ( http://www.urltrends.com/ )', ''), 'Steeler [Crawler]' => array('http://www.tkl.iis.u-tokyo.ac.jp/~crawler/', ''), 'Synoo [Bot]' => array('SynooBot/', ''), 'Telekom [Bot]' => array('*****@*****.**', ''), 'TurnitinBot [Bot]' => array('TurnitinBot/', ''), 'Voyager [Bot]' => array('voyager/1.0', ''), 'W3 [Sitesearch]' => array('W3 SiteSearch Crawler', ''), 'W3C [Linkcheck]' => array('W3C-checklink/', ''), 'W3C [Validator]' => array('W3C_*Validator', ''), 'WiseNut [Bot]' => array('http://www.WISEnutbot.com', ''), 'YaCy [Bot]' => array('yacybot', ''), 'Yahoo MMCrawler [Bot]' => array('Yahoo-MMCrawler/', ''), 'Yahoo Slurp [Bot]' => array('Yahoo! DE Slurp', ''), 'Yahoo [Bot]' => array('Yahoo! Slurp', ''), 'YahooSeeker [Bot]' => array('YahooSeeker/', ''));
if (!function_exists('user_add')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
foreach ($bots as $bot_name => $bot_ary) {
$user_row = array('user_type' => USER_IGNORE, 'group_id' => $group_id, 'username' => $bot_name, 'user_regdate' => time(), 'user_password' => '', 'user_colour' => '9E8DA7', 'user_email' => '', 'user_lang' => $config['default_lang'], 'user_style' => 1, 'user_timezone' => 'UTC', 'user_allow_massemail' => 0);
$user_id = user_add($user_row);
if ($user_id) {
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('bot_active' => 1, 'bot_name' => $bot_name, 'user_id' => $user_id, 'bot_agent' => $bot_ary[0], 'bot_ip' => $bot_ary[1]));
$db->sql_query($sql);
}
}
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
//
if ($config['require_activation'] == USER_ACTIVATION_DISABLE) {
trigger_error('UCP_REGISTER_DISABLE');
}
include $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx;
$coppa = isset($_REQUEST['coppa']) ? !empty($_REQUEST['coppa']) ? 1 : 0 : false;
$agreed = !empty($_POST['agreed']) ? 1 : 0;
$submit = isset($_POST['submit']) ? true : false;
$change_lang = request_var('change_lang', '');
$user_lang = request_var('lang', $user->lang_name);
if ($agreed) {
add_form_key('ucp_register');
} else {
add_form_key('ucp_register_terms');
}
if ($change_lang || $user_lang != $config['default_lang']) {
$use_lang = $change_lang ? basename($change_lang) : basename($user_lang);
if (!validate_language_iso_name($use_lang)) {
if ($change_lang) {
$submit = false;
// Setting back agreed to let the user view the agreement in his/her language
$agreed = empty($_GET['change_lang']) ? 0 : $agreed;
}
$user->lang_name = $user_lang = $use_lang;
$user->lang = array();
$user->data['user_lang'] = $user->lang_name;
$user->add_lang(array('common', 'ucp'));
} else {
$change_lang = '';
$user_lang = $user->lang_name;
}
}
$cp = new custom_profile();
$error = $cp_data = $cp_error = array();
if (!$agreed || $coppa === false && $config['coppa_enable'] || $coppa && !$config['coppa_enable']) {
$add_lang = $change_lang ? '&change_lang=' . urlencode($change_lang) : '';
$add_coppa = $coppa !== false ? '&coppa=' . $coppa : '';
$s_hidden_fields = array('change_lang' => $change_lang);
// If we change the language, we want to pass on some more possible parameter.
if ($change_lang) {
// We do not include the password
$s_hidden_fields = array_merge($s_hidden_fields, array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => $user->lang_name, 'tz' => request_var('tz', (double) $config['board_timezone'])));
}
// Checking amount of available languages
$sql = 'SELECT lang_id
FROM ' . LANG_TABLE;
$result = $db->sql_query($sql);
$lang_row = array();
while ($row = $db->sql_fetchrow($result)) {
$lang_row[] = $row;
}
$db->sql_freeresult($result);
if ($coppa === false && $config['coppa_enable']) {
$now = getdate();
$coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
unset($now);
$template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0' . $add_lang), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1' . $add_lang), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang)));
} else {
$template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang . $add_coppa)));
}
unset($lang_row);
$this->tpl_name = 'ucp_agreement';
return;
}
// The CAPTCHA kicks in here. We can't help that the information gets lost on language change.
if ($config['enable_confirm']) {
include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx;
$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_REG);
}
// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
$timezone = date('Z') / 3600;
$is_dst = date('I');
if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) {
$timezone = $is_dst ? $timezone - 1 : $timezone;
if (!isset($user->lang['tz_zones'][(string) $timezone])) {
$timezone = $config['board_timezone'];
}
} else {
$is_dst = $config['board_dst'];
$timezone = $config['board_timezone'];
}
$data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone));
// Check and initialize some variables if needed
if ($submit) {
$error = validate_data($data, array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array(array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), 'lang' => array('language_iso_name')));
if (!check_form_key('ucp_register')) {
$error[] = $user->lang['FORM_INVALID'];
}
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
if ($config['enable_confirm']) {
$vc_response = $captcha->validate($data);
if ($vc_response !== false) {
$error[] = $vc_response;
}
if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) {
$error[] = $user->lang['TOO_MANY_REGISTERS'];
}
}
// DNSBL check
if ($config['check_dnsbl']) {
if (($dnsbl = $user->check_dnsbl('register')) !== false) {
$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
}
}
// validate custom profile fields
$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
if (!sizeof($error)) {
if ($data['new_password'] != $data['password_confirm']) {
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
if ($data['email'] != $data['email_confirm']) {
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
}
if (!sizeof($error)) {
$server_url = generate_board_url();
// Which group by default?
$group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED';
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error('NO_GROUP');
}
$group_id = $row['group_id'];
if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) {
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
} else {
$user_type = USER_NORMAL;
$user_actkey = '';
$user_inactive_reason = 0;
$user_inactive_time = 0;
}
$user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time);
if ($config['new_member_post_limit']) {
$user_row['user_new'] = 1;
}
// Register user...
$user_id = user_add($user_row, $cp_data);
// This should not happen, because the required variables are listed above...
if ($user_id === false) {
trigger_error('NO_USER', E_USER_ERROR);
}
// Okay, captcha, your job is done.
if ($config['enable_confirm'] && isset($captcha)) {
$captcha->reset();
}
if ($coppa && $config['email_enable']) {
$message = $user->lang['ACCOUNT_COPPA'];
$email_template = 'coppa_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) {
$message = $user->lang['ACCOUNT_INACTIVE'];
$email_template = 'user_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) {
$message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
$email_template = 'admin_welcome_inactive';
} else {
$message = $user->lang['ACCOUNT_ADDED'];
$email_template = 'user_welcome';
}
}
}
if ($config['email_enable']) {
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template($email_template, $data['lang']);
$messenger->to($data['email'], $data['username']);
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}"));
if ($coppa) {
$messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email']));
}
$messenger->send(NOTIFY_EMAIL);
if ($config['require_activation'] == USER_ACTIVATION_ADMIN) {
// Grab an array of user_id's with a_user permissions ... these users can activate a user
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$admin_ary = !empty($admin_ary[0]['a_user']) ? $admin_ary[0]['a_user'] : array();
// Also include founders
$where_sql = ' WHERE user_type = ' . USER_FOUNDER;
if (sizeof($admin_ary)) {
$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
}
$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . ' ' . $where_sql;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$messenger->template('admin_activate', $row['user_lang']);
$messenger->to($row['user_email'], $row['username']);
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "{$server_url}/memberlist.{$phpEx}?mode=viewprofile&u={$user_id}", 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}"));
$messenger->send($row['user_notify_type']);
}
$db->sql_freeresult($result);
}
}
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
}
}
$s_hidden_fields = array('agreed' => 'true', 'change_lang' => 0);
if ($config['coppa_enable']) {
$s_hidden_fields['coppa'] = $coppa;
}
if ($config['enable_confirm']) {
$s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields());
}
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
$confirm_image = '';
// Visual Confirmation - Show images
if ($config['enable_confirm']) {
$template->assign_vars(array('CAPTCHA_TEMPLATE' => $captcha->get_template()));
}
//
$l_reg_cond = '';
switch ($config['require_activation']) {
case USER_ACTIVATION_SELF:
$l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
break;
case USER_ACTIVATION_ADMIN:
$l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
break;
}
$template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']), 'S_CONFIRM_REFRESH' => $config['enable_confirm'] && $config['confirm_refresh'] ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register')));
//
$user->profile_fields = array();
// Generate profile fields -> Template Block Variable profile_fields
$cp->generate_profile_fields('register', $user->get_iso_lang_id());
//
$this->tpl_name = 'ucp_register';
$this->page_title = 'UCP_REGISTRATION';
}
/**
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
*/
function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0)
{
global $config, $db, $user, $phpbb_root_path, $phpEx;
$method = trim(basename($config['auth_method']));
include_once $phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx;
$method = 'login_' . $method;
if (function_exists($method)) {
$login = $method($username, $password);
// If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS
if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) {
// we are going to use the user_add function so include functions_user.php if it wasn't defined yet
if (!function_exists('user_add')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
user_add($login['user_row'], isset($login['cp_data']) ? $login['cp_data'] : false);
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
FROM ' . USERS_TABLE . "\n\t\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
return array('status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'AUTH_NO_PROFILE_CREATED', 'user_row' => array('user_id' => ANONYMOUS));
}
$login = array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $row);
}
// If login succeeded, we will log the user in... else we pass the login array through...
if ($login['status'] == LOGIN_SUCCESS) {
$old_session_id = $user->session_id;
if ($admin) {
global $SID, $_SID;
$cookie_expire = time() - 31536000;
$user->set_cookie('u', '', $cookie_expire);
$user->set_cookie('sid', '', $cookie_expire);
unset($cookie_expire);
$SID = '?sid=';
$user->session_id = $_SID = '';
}
$result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline);
// Successful session creation
if ($result === true) {
// If admin re-authentication we remove the old session entry because a new one has been created...
if ($admin) {
// the login array is used because the user ids do not differ for re-authentication
$sql = 'DELETE FROM ' . SESSIONS_TABLE . "\n\t\t\t\t\t\t\tWHERE session_id = '" . $db->sql_escape($old_session_id) . "'\n\t\t\t\t\t\t\tAND session_user_id = {$login['user_row']['user_id']}";
$db->sql_query($sql);
}
return array('status' => LOGIN_SUCCESS, 'error_msg' => false, 'user_row' => $login['user_row']);
}
return array('status' => LOGIN_BREAK, 'error_msg' => $result, 'user_row' => $login['user_row']);
}
return $login;
}
trigger_error('Authentication method not found', E_USER_ERROR);
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
global $request, $phpbb_container, $phpbb_dispatcher;
//
if ($config['require_activation'] == USER_ACTIVATION_DISABLE || in_array($config['require_activation'], array(USER_ACTIVATION_SELF, USER_ACTIVATION_ADMIN)) && !$config['email_enable']) {
trigger_error('UCP_REGISTER_DISABLE');
}
$coppa = $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false;
$agreed = $request->variable('agreed', false);
$submit = $request->is_set_post('submit');
$change_lang = $request->variable('change_lang', '');
$user_lang = $request->variable('lang', $user->lang_name);
if ($agreed) {
add_form_key('ucp_register');
} else {
add_form_key('ucp_register_terms');
}
if ($change_lang || $user_lang != $config['default_lang']) {
$use_lang = $change_lang ? basename($change_lang) : basename($user_lang);
if (!validate_language_iso_name($use_lang)) {
if ($change_lang) {
$submit = false;
// Setting back agreed to let the user view the agreement in his/her language
$agreed = false;
}
$user_lang = $use_lang;
} else {
$change_lang = '';
$user_lang = $user->lang_name;
}
}
/* @var $cp \phpbb\profilefields\manager */
$cp = $phpbb_container->get('profilefields.manager');
$error = $cp_data = $cp_error = array();
$s_hidden_fields = array();
// Handle login_link data added to $_hidden_fields
$login_link_data = $this->get_login_link_data_array();
if (!empty($login_link_data)) {
// Confirm that we have all necessary data
/* @var $provider_collection \phpbb\auth\provider_collection */
$provider_collection = $phpbb_container->get('auth.provider_collection');
$auth_provider = $provider_collection->get_provider($request->variable('auth_provider', ''));
$result = $auth_provider->login_link_has_necessary_data($login_link_data);
if ($result !== null) {
$error[] = $user->lang[$result];
}
$s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data));
}
if (!$agreed || $coppa === false && $config['coppa_enable'] || $coppa && !$config['coppa_enable']) {
$add_coppa = $coppa !== false ? '&coppa=' . $coppa : '';
$s_hidden_fields = array_merge($s_hidden_fields, array('change_lang' => ''));
// If we change the language, we want to pass on some more possible parameter.
if ($change_lang) {
// We do not include the password
$s_hidden_fields = array_merge($s_hidden_fields, array('username' => $request->variable('username', '', true), 'email' => strtolower($request->variable('email', '')), 'lang' => $user->lang_name, 'tz' => $request->variable('tz', $config['board_timezone'])));
}
// Checking amount of available languages
$sql = 'SELECT lang_id
FROM ' . LANG_TABLE;
$result = $db->sql_query($sql);
$lang_row = array();
while ($row = $db->sql_fetchrow($result)) {
$lang_row[] = $row;
}
$db->sql_freeresult($result);
if ($coppa === false && $config['coppa_enable']) {
$now = getdate();
$coppa_birthday = $user->create_datetime()->setDate($now['year'] - 13, $now['mon'], $now['mday'] - 1)->setTime(0, 0, 0)->format($user->lang['DATE_FORMAT'], true);
unset($now);
$template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0'), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path']));
} else {
$template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_coppa), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path']));
}
unset($lang_row);
/**
* Allows to modify the agreements.
*
* To assign data to the template, use $template->assign_vars()
*
* @event core.ucp_register_agreement
* @since 3.1.6-RC1
*/
$phpbb_dispatcher->dispatch('core.ucp_register_agreement');
$this->tpl_name = 'ucp_agreement';
return;
}
// The CAPTCHA kicks in here. We can't help that the information gets lost on language change.
if ($config['enable_confirm']) {
$captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_REG);
}
$timezone = $config['board_timezone'];
$data = array('username' => $request->variable('username', '', true), 'new_password' => $request->variable('new_password', '', true), 'password_confirm' => $request->variable('password_confirm', '', true), 'email' => strtolower($request->variable('email', '')), 'lang' => basename($request->variable('lang', $user->lang_name)), 'tz' => $request->variable('tz', $timezone));
/**
* Add UCP register data before they are assigned to the template or submitted
*
* To assign data to the template, use $template->assign_vars()
*
* @event core.ucp_register_data_before
* @var bool submit Do we display the form only
* or did the user press submit
* @var array data Array with current ucp registration data
* @since 3.1.4-RC1
*/
$vars = array('submit', 'data');
extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_before', compact($vars)));
// Check and initialize some variables if needed
if ($submit) {
$error = validate_data($data, array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array(array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('user_email')), 'tz' => array('timezone'), 'lang' => array('language_iso_name')));
if (!check_form_key('ucp_register')) {
$error[] = $user->lang['FORM_INVALID'];
}
// Replace "error" strings with their real, localised form
$error = array_map(array($user, 'lang'), $error);
if ($config['enable_confirm']) {
$vc_response = $captcha->validate($data);
if ($vc_response !== false) {
$error[] = $vc_response;
}
if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) {
$error[] = $user->lang['TOO_MANY_REGISTERS'];
}
}
// DNSBL check
if ($config['check_dnsbl']) {
if (($dnsbl = $user->check_dnsbl('register')) !== false) {
$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
}
}
// validate custom profile fields
$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
if (!sizeof($error)) {
if ($data['new_password'] != $data['password_confirm']) {
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
}
/**
* Check UCP registration data after they are submitted
*
* @event core.ucp_register_data_after
* @var bool submit Do we display the form only
* or did the user press submit
* @var array data Array with current ucp registration data
* @var array cp_data Array with custom profile fields data
* @var array error Array with list of errors
* @since 3.1.4-RC1
*/
$vars = array('submit', 'data', 'cp_data', 'error');
extract($phpbb_dispatcher->trigger_event('core.ucp_register_data_after', compact($vars)));
if (!sizeof($error)) {
$server_url = generate_board_url();
// Which group by default?
$group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED';
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row) {
trigger_error('NO_GROUP');
}
$group_id = $row['group_id'];
if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) {
$user_actkey = gen_rand_string(mt_rand(6, 10));
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
} else {
$user_type = USER_NORMAL;
$user_actkey = '';
$user_inactive_reason = 0;
$user_inactive_time = 0;
}
// Instantiate passwords manager
/* @var $passwords_manager \phpbb\passwords\manager */
$passwords_manager = $phpbb_container->get('passwords.manager');
$user_row = array('username' => $data['username'], 'user_password' => $passwords_manager->hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => $data['tz'], 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time);
if ($config['new_member_post_limit']) {
$user_row['user_new'] = 1;
}
/**
* Add into $user_row before user_add
*
* user_add allows adding more data into the users table
*
* @event core.ucp_register_user_row_after
* @var bool submit Do we display the form only
* or did the user press submit
* @var array cp_data Array with custom profile fields data
* @var array user_row Array with current ucp registration data
* @since 3.1.4-RC1
*/
$vars = array('submit', 'cp_data', 'user_row');
extract($phpbb_dispatcher->trigger_event('core.ucp_register_user_row_after', compact($vars)));
// Register user...
$user_id = user_add($user_row, $cp_data);
// This should not happen, because the required variables are listed above...
if ($user_id === false) {
trigger_error('NO_USER', E_USER_ERROR);
}
// Okay, captcha, your job is done.
if ($config['enable_confirm'] && isset($captcha)) {
$captcha->reset();
}
if ($coppa && $config['email_enable']) {
$message = $user->lang['ACCOUNT_COPPA'];
$email_template = 'coppa_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) {
$message = $user->lang['ACCOUNT_INACTIVE'];
$email_template = 'user_welcome_inactive';
} else {
if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) {
$message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
$email_template = 'admin_welcome_inactive';
} else {
$message = $user->lang['ACCOUNT_ADDED'];
$email_template = 'user_welcome';
}
}
}
if ($config['email_enable']) {
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger(false);
$messenger->template($email_template, $data['lang']);
$messenger->to($data['email'], $data['username']);
$messenger->anti_abuse_headers($config, $user);
$messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}"));
if ($coppa) {
$messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email']));
}
$messenger->send(NOTIFY_EMAIL);
}
if ($config['require_activation'] == USER_ACTIVATION_ADMIN) {
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->add_notifications('notification.type.admin_activate_user', array('user_id' => $user_id, 'user_actkey' => $user_row['user_actkey'], 'user_regdate' => $user_row['user_regdate']));
}
// Perform account linking if necessary
if (!empty($login_link_data)) {
$login_link_data['user_id'] = $user_id;
$result = $auth_provider->link_account($login_link_data);
if ($result) {
$message = $message . '<br /><br />' . $user->lang[$result];
}
}
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>');
trigger_error($message);
}
}
$s_hidden_fields = array_merge($s_hidden_fields, array('agreed' => 'true', 'change_lang' => 0));
if ($config['coppa_enable']) {
$s_hidden_fields['coppa'] = $coppa;
}
if ($config['enable_confirm']) {
$s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields());
}
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
$confirm_image = '';
// Visual Confirmation - Show images
if ($config['enable_confirm']) {
$template->assign_vars(array('CAPTCHA_TEMPLATE' => $captcha->get_template()));
}
//
$l_reg_cond = '';
switch ($config['require_activation']) {
case USER_ACTIVATION_SELF:
$l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
break;
case USER_ACTIVATION_ADMIN:
$l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
break;
}
$timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true);
$template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_PRESELECT' => !$submit, 'S_CONFIRM_REFRESH' => $config['enable_confirm'] && $config['confirm_refresh'] ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'), 'COOKIE_NAME' => $config['cookie_name'], 'COOKIE_PATH' => $config['cookie_path']));
//
$user->profile_fields = array();
// Generate profile fields -> Template Block Variable profile_fields
$cp->generate_profile_fields('register', $user->get_iso_lang_id());
//
$this->tpl_name = 'ucp_register';
$this->page_title = 'UCP_REGISTRATION';
}
