public function ucp_register_user_row_after($event) { if ($this->config['require_activation'] != USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $this->auth->acl_get_list(false, 'a_user', false); $admin_ary = !empty($admin_ary[0]['a_user']) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $this->db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $this->db->sql_query($sql); $data = array('username' => $this->request->variable('username', '', true), 'email' => strtolower($this->request->variable('email', '')), 'user_regdate' => time(), 'user_ip' => $this->user->ip, 'lang' => basename($this->request->variable('lang', $this->user->lang_name))); while ($row = $this->db->sql_fetchrow($result)) { if (!class_exists('messenger')) { include $this->phpbb_root_path . 'includes/functions_messenger.' . $this->php_ext; } $messenger = new \messenger(false); $server_url = generate_board_url(); $messenger->template('@dmzx_notifyadmin/admin_notify_registered', $data['lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'USER_MAIL' => $data['email'], 'USER_REGDATE' => date($this->config['default_dateformat'], $data['user_regdate']), 'USER_IP' => $data['user_ip'])); $messenger->send(NOTIFY_EMAIL); } $this->db->sql_freeresult($result); } }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $template; $username = request_var('username', '', true); $email = strtolower(request_var('email', '')); $submit = isset($_POST['submit']) ? true : false; if ($submit) { $sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_IGNORE) { trigger_error('NO_USER'); } if ($user_row['user_type'] == USER_INACTIVE) { if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) { trigger_error('ACCOUNT_DEACTIVATED'); } else { trigger_error('ACCOUNT_NOT_ACTIVATED'); } } // Check users permissions $auth2 = new auth(); $auth2->acl($user_row); if (!$auth2->acl_get('u_chgpasswd')) { trigger_error('NO_AUTH_PASSWORD_REMINDER'); } $server_url = generate_board_url(); $key_len = 54 - strlen($server_url); $key_len = max(6, $key_len); // we want at least 6 $key_len = $config['max_pass_chars'] ? min($key_len, $config['max_pass_chars']) : $key_len; // we want at most $config['max_pass_chars'] $user_actkey = substr(gen_rand_string(10), 0, $key_len); $user_password = gen_rand_string(8); $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template('user_activate_passwd', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->im($user_row['user_jabber'], $user_row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}")); $messenger->send($user_row['user_notify_type']); meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}")); $message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword'))); $this->tpl_name = 'ucp_remind'; $this->page_title = 'UCP_REMIND'; }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $template; $username = request_var('username', '', true); $email = request_var('email', ''); $submit = isset($_POST['submit']) ? true : false; if ($submit) { $sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type, user_type, user_lang FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_INACTIVE) { trigger_error('ACCOUNT_NOT_ACTIVATED'); } $server_url = generate_board_url(); $key_len = 54 - strlen($server_url); $key_len = $key_len < 6 ? 6 : $key_len; $user_actkey = substr(gen_rand_string(10), 0, $key_len); $user_password = gen_rand_string(8); $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape(md5($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template('user_activate_passwd', $row['user_lang']); $messenger->replyto($user->data['user_email']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->im($user_row['user_jabber'], $user_row['username']); $messenger->assign_vars(array('SITENAME' => $config['sitename'], 'USERNAME' => html_entity_decode($user_row['username']), 'PASSWORD' => html_entity_decode($user_password), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}")); $messenger->send($user_row['user_notify_type']); meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}")); $message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword'))); $this->tpl_name = 'ucp_remind'; $this->page_title = 'UCP_REMIND'; }
/** * Send the email * * @param \messenger $messenger * @param string $contact * @return null */ public function send(\messenger $messenger, $contact) { if (!sizeof($this->recipients)) { return; } foreach ($this->recipients as $recipient) { $messenger->template($this->template, $recipient['lang']); $messenger->replyto($this->sender_address); $messenger->to($recipient['address'], $recipient['name']); $messenger->im($recipient['jabber'], $recipient['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $this->server_name); $messenger->headers('X-AntiAbuse: User IP - ' . $this->sender_ip); if ($this->sender_id) { $messenger->headers('X-AntiAbuse: User_id - ' . $this->sender_id); } if ($this->sender_username) { $messenger->headers('X-AntiAbuse: Username - ' . $this->sender_username); } $messenger->subject(htmlspecialchars_decode($this->subject)); $messenger->assign_vars(array('BOARD_CONTACT' => $contact, 'TO_USERNAME' => htmlspecialchars_decode($recipient['to_name']), 'FROM_USERNAME' => htmlspecialchars_decode($this->sender_name), 'MESSAGE' => htmlspecialchars_decode($this->body))); if (sizeof($this->template_vars)) { $messenger->assign_vars($this->template_vars); } $messenger->send($recipient['notify_type']); } }
/** * PM Notification */ function pm_notification($mode, $author, $recipients, $subject, $message) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; $subject = censor_text($subject); unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]); if (!sizeof($recipients)) { return; } // Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . ' WHERE ' . $db->sql_in_set('ban_userid', array_map('intval', array_keys($recipients))) . ' AND ban_exclude = 0'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { unset($recipients[$row['ban_userid']]); } $db->sql_freeresult($result); if (!sizeof($recipients)) { return; } $sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($recipients))); $result = $db->sql_query($sql); $msg_list_ary = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['user_notify_pm'] == 1 && trim($row['user_email'])) { $msg_list_ary[] = array('method' => $row['user_notify_type'], 'email' => $row['user_email'], 'jabber' => $row['user_jabber'], 'name' => $row['username'], 'lang' => $row['user_lang']); } } $db->sql_freeresult($result); if (!sizeof($msg_list_ary)) { return; } include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); foreach ($msg_list_ary as $pos => $addr) { $messenger->template('privmsg_notify', $addr['lang']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('SUBJECT' => htmlspecialchars_decode($subject), 'AUTHOR_NAME' => htmlspecialchars_decode($author), 'USERNAME' => htmlspecialchars_decode($addr['name']), 'U_INBOX' => generate_board_url() . "/ucp.{$phpEx}?i=pm&folder=inbox")); $messenger->send($addr['method']); } unset($msg_list_ary); $messenger->save_queue(); unset($messenger); }
/** * This is used to promote (to leader), demote or set as default a member/s */ function group_user_attributes($action, $group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $group_attributes = false) { global $db, $auth, $phpbb_root_path, $phpEx, $config; // We need both username and user_id info $result = user_get_id_name($user_id_ary, $username_ary); if (!sizeof($user_id_ary) || $result !== false) { return 'NO_USERS'; } if (!$group_name) { $group_name = get_group_name($group_id); } switch ($action) { case 'demote': case 'promote': $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "\n\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\tAND user_pending = 1\n\t\t\t\t\tAND " . $db->sql_in_set('user_id', $user_id_ary); $result = $db->sql_query_limit($sql, 1); $not_empty = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($not_empty) { return 'NO_VALID_USERS'; } $sql = 'UPDATE ' . USER_GROUP_TABLE . ' SET group_leader = ' . ($action == 'promote' ? 1 : 0) . "\n\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\tAND user_pending = 0\n\t\t\t\t\tAND " . $db->sql_in_set('user_id', $user_id_ary); $db->sql_query($sql); $log = $action == 'promote' ? 'LOG_GROUP_PROMOTED' : 'LOG_GROUP_DEMOTED'; break; case 'approve': // Make sure we only approve those which are pending ;) $sql = 'SELECT u.user_id, u.user_email, u.username, u.username_clean, u.user_notify_type, u.user_jabber, u.user_lang FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug WHERE ug.group_id = ' . $group_id . ' AND ug.user_pending = 1 AND ug.user_id = u.user_id AND ' . $db->sql_in_set('ug.user_id', $user_id_ary); $result = $db->sql_query($sql); $user_id_ary = $email_users = array(); while ($row = $db->sql_fetchrow($result)) { $user_id_ary[] = $row['user_id']; $email_users[] = $row; } $db->sql_freeresult($result); if (!sizeof($user_id_ary)) { return false; } $sql = 'UPDATE ' . USER_GROUP_TABLE . "\n\t\t\t\tSET user_pending = 0\n\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\tAND " . $db->sql_in_set('user_id', $user_id_ary); $db->sql_query($sql); // Send approved email to users... include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); foreach ($email_users as $row) { $messenger->template('group_approved', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($row['username']), 'GROUP_NAME' => htmlspecialchars_decode($group_name), 'U_GROUP' => generate_board_url() . "/ucp.{$phpEx}?i=groups&mode=membership")); $messenger->send($row['user_notify_type']); } $messenger->save_queue(); $log = 'LOG_USERS_APPROVED'; break; case 'default': $sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true); $result = $db->sql_query($sql); $groups = array(); while ($row = $db->sql_fetchrow($result)) { if (!isset($groups[$row['group_id']])) { $groups[$row['group_id']] = array(); } $groups[$row['group_id']][] = $row['user_id']; } $db->sql_freeresult($result); foreach ($groups as $gid => $uids) { remove_default_rank($gid, $uids); remove_default_avatar($gid, $uids); } group_set_user_default($group_id, $user_id_ary, $group_attributes); $log = 'LOG_GROUP_DEFAULTS'; break; } // Clear permissions cache of relevant users $auth->acl_clear_prefetch($user_id_ary); add_log('admin', $log, $group_name, implode(', ', $username_ary)); group_update_listings($group_id); return false; }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $cache, $template; $user->add_lang('groups'); $return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>'); $mark_ary = request_var('mark', array(0)); $submit = !empty($_POST['submit']) ? true : false; $delete = !empty($_POST['delete']) ? true : false; $error = $data = array(); switch ($mode) { case 'membership': $this->page_title = 'UCP_USERGROUPS_MEMBER'; if ($submit || isset($_POST['change_default'])) { $action = isset($_POST['change_default']) ? 'change_default' : request_var('action', ''); $group_id = $action == 'change_default' ? request_var('default', 0) : request_var('selected', 0); if (!$group_id) { trigger_error('NO_GROUP_SELECTED'); } $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id IN ({$group_id}, {$user->data['group_id']})"; $result = $db->sql_query($sql); $group_row = array(); while ($row = $db->sql_fetchrow($result)) { $row['group_name'] = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; $group_row[$row['group_id']] = $row; } $db->sql_freeresult($result); if (!sizeof($group_row)) { trigger_error('GROUP_NOT_EXIST'); } switch ($action) { case 'change_default': // User already having this group set as default? if ($group_id == $user->data['group_id']) { trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page); } if (!$auth->acl_get('u_chggrp')) { trigger_error($user->lang['NOT_AUTHORISED'] . $return_page); } // User needs to be member of the group in order to make it default if (!group_memberships($group_id, $user->data['user_id'], true)) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_attributes('default', $group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])); meta_refresh(3, $this->u_action); trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page); } else { $s_hidden_fields = array('default' => $group_id, 'change_default' => true); confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields)); } break; case 'resign': // User tries to resign from default group but is not allowed to change it? if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) { trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); $sql = 'SELECT group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $group_id; $result = $db->sql_query($sql); $group_type = (int) $db->sql_fetchfield('group_type'); $db->sql_freeresult($result); if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) { trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_del($group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang[$row['user_pending'] ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page); } else { $s_hidden_fields = array('selected' => $group_id, 'action' => 'resign', 'submit' => true); confirm_box(false, $row['user_pending'] ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields)); } break; case 'join': $sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u WHERE ug.user_id = u.user_id AND ug.group_id = ' . $group_id . ' AND ug.user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if ($row['user_pending']) { trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page); } trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page); } // Check permission to join (open group or request) if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) { trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page); } if (confirm_box(true)) { if ($group_row[$group_id]['group_type'] == GROUP_FREE) { group_user_add($group_id, $user->data['user_id']); $email_template = 'group_added'; } else { group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); $email_template = 'group_request'; } include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u WHERE ug.user_id = u.user_id AND ' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . "\n\t\t\t\t\t\t\t\t\t\tAND ug.group_id = {$group_id}"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template($email_template, $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($row['username']), 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), 'REQUEST_USERNAME' => $user->data['username'], 'U_PENDING' => generate_board_url() . "/ucp.{$phpEx}?i=groups&mode=manage&action=list&g={$group_id}", 'U_GROUP' => generate_board_url() . "/memberlist.{$phpEx}?mode=group&g={$group_id}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); $messenger->save_queue(); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? '' : '_PENDING'), $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang[$group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page); } else { $s_hidden_fields = array('selected' => $group_id, 'action' => 'join', 'submit' => true); confirm_box(false, $group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields)); } break; case 'demote': if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_attributes('demote', $group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page); } else { $s_hidden_fields = array('selected' => $group_id, 'action' => 'demote', 'submit' => true); confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields)); } break; } } $sql = 'SELECT g.*, ug.group_leader, ug.user_pending FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND g.group_id = ug.group_id ORDER BY g.group_type DESC, g.group_name'; $result = $db->sql_query($sql); $group_id_ary = array(); $leader_count = $member_count = $pending_count = 0; while ($row = $db->sql_fetchrow($result)) { $block = $row['group_leader'] ? 'leader' : ($row['user_pending'] ? 'pending' : 'member'); switch ($row['group_type']) { case GROUP_OPEN: $group_status = 'OPEN'; break; case GROUP_CLOSED: $group_status = 'CLOSED'; break; case GROUP_HIDDEN: $group_status = 'HIDDEN'; break; case GROUP_SPECIAL: $group_status = 'SPECIAL'; break; case GROUP_FREE: $group_status = 'FREE'; break; } $template->assign_block_vars($block, array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_GROUP_DEFAULT' => $row['group_id'] == $user->data['group_id'] ? true : false, 'S_ROW_COUNT' => ${$block . '_count'}++)); $group_id_ary[] = (int) $row['group_id']; } $db->sql_freeresult($result); // Hide hidden groups unless user is an admin with group privileges $sql_and = $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')'; $sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage FROM ' . GROUPS_TABLE . ' WHERE ' . (sizeof($group_id_ary) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "\n\t\t\t\t\t\tgroup_type {$sql_and}\n\t\t\t\t\tORDER BY group_type DESC, group_name"; $result = $db->sql_query($sql); $nonmember_count = 0; while ($row = $db->sql_fetchrow($result)) { switch ($row['group_type']) { case GROUP_OPEN: $group_status = 'OPEN'; break; case GROUP_CLOSED: $group_status = 'CLOSED'; break; case GROUP_HIDDEN: $group_status = 'HIDDEN'; break; case GROUP_SPECIAL: $group_status = 'SPECIAL'; break; case GROUP_FREE: $group_status = 'FREE'; break; } $template->assign_block_vars('nonmember', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_CLOSED' => $row['group_type'] != GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'S_CAN_JOIN' => $row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE ? true : false, 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_ROW_COUNT' => $nonmember_count++)); } $db->sql_freeresult($result); $template->assign_vars(array('S_CHANGE_DEFAULT' => $auth->acl_get('u_chggrp') ? true : false, 'S_LEADER_COUNT' => $leader_count, 'S_MEMBER_COUNT' => $member_count, 'S_PENDING_COUNT' => $pending_count, 'S_NONMEMBER_COUNT' => $nonmember_count, 'S_UCP_ACTION' => $this->u_action)); break; case 'manage': $this->page_title = 'UCP_USERGROUPS_MANAGE'; $action = isset($_POST['addusers']) ? 'addusers' : request_var('action', ''); $group_id = request_var('g', 0); include $phpbb_root_path . 'includes/functions_display.' . $phpEx; add_form_key('ucp_groups'); if ($group_id) { $sql = 'SELECT * FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id = {$group_id}"; $result = $db->sql_query($sql); $group_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$group_row) { trigger_error($user->lang['NO_GROUP'] . $return_page); } // Check if the user is allowed to manage this group if set to founder only. if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) { trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING); } $group_name = $group_row['group_name']; $group_type = $group_row['group_type']; $avatar_img = !empty($group_row['group_avatar']) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />'; $template->assign_vars(array('GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], 'AVATAR' => $avatar_img, 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '')); } switch ($action) { case 'edit': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $file_uploads = @ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on' ? true : false; $user->add_lang(array('acp/groups', 'acp/common')); $data = $submit_ary = array(); $update = isset($_POST['update']) ? true : false; $error = array(); $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); $can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false; // Did we submit? if ($update) { $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); $group_desc = utf8_normalize_nfc(request_var('group_desc', '', true)); $group_type = request_var('group_type', GROUP_FREE); $allow_desc_bbcode = request_var('desc_parse_bbcode', false); $allow_desc_urls = request_var('desc_parse_urls', false); $allow_desc_smilies = request_var('desc_parse_smilies', false); $submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients' => request_var('group_max_recipients', 0)); $data['uploadurl'] = request_var('uploadurl', ''); $data['remotelink'] = request_var('remotelink', ''); $data['width'] = request_var('width', ''); $data['height'] = request_var('height', ''); $delete = request_var('delete', ''); if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) { // Avatar stuff $var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3)); if (!($error = validate_data($data, $var_ary))) { $data['user_id'] = "g{$group_id}"; if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) { list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error); } else { if ($data['remotelink']) { list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error); } } } } else { if ($avatar_select && $config['allow_avatar_local']) { // check avatar gallery if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) { $submit_ary['avatar_type'] = AVATAR_GALLERY; list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select); $submit_ary['avatar'] = $category . '/' . $avatar_select; } } else { if ($delete) { $submit_ary['avatar'] = ''; $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0; } else { if ($data['width'] && $data['height']) { // Only update the dimensions? if ($config['avatar_max_width'] || $config['avatar_max_height']) { if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) { $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); } } if (!sizeof($error)) { if ($config['avatar_min_width'] || $config['avatar_min_height']) { if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) { $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); } } } if (!sizeof($error)) { $submit_ary['avatar_width'] = $data['width']; $submit_ary['avatar_height'] = $data['height']; } } } } } if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && !isset($group_row['group_avatar']) || $delete) { if (isset($group_row['group_avatar']) && $group_row['group_avatar']) { avatar_delete('group', $group_row, true); } } if (!check_form_key('ucp_groups')) { $error[] = $user->lang['FORM_INVALID']; } if (!sizeof($error)) { // Only set the rank, colour, etc. if it's changed or if we're adding a new // group. This prevents existing group members being updated if no changes // were made. $group_attributes = array(); $test_variables = array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'legend', 'message_limit', 'max_recipients'); foreach ($test_variables as $test) { if ($action == 'add' || isset($submit_ary[$test]) && $group_row['group_' . $test] != $submit_ary[$test]) { $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; } } if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) { $cache->destroy('sql', GROUPS_TABLE); $message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED'; trigger_error($user->lang[$message] . $return_page); } } if (sizeof($error)) { $group_rank = $submit_ary['rank']; $group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls); } } else { if (!$group_id) { $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); $group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true); $group_rank = 0; $group_type = GROUP_OPEN; } else { $group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']); $group_rank = $group_row['group_rank']; } } $sql = 'SELECT * FROM ' . RANKS_TABLE . ' WHERE rank_special = 1 ORDER BY rank_title'; $result = $db->sql_query($sql); $rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>'; while ($row = $db->sql_fetchrow($result)) { $selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : ''; $rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>'; } $db->sql_freeresult($result); $type_free = $group_type == GROUP_FREE ? ' checked="checked"' : ''; $type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : ''; $type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : ''; $type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : ''; $display_gallery = isset($_POST['display_gallery']) ? true : false; if ($config['allow_avatar_local'] && $display_gallery) { avatar_gallery($category, $avatar_select, 4); } $avatars_enabled = $can_upload || ($config['allow_avatar_local'] || $config['allow_avatar_remote']) ? true : false; $template->assign_vars(array('S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_FORM_ENCTYPE' => $can_upload ? ' enctype="multipart/form-data"' : '', 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_AVATARS_ENABLED' => $avatars_enabled, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_DESC' => $group_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.{$phpEx}", 'form=ucp&name=group_colour'), 'S_UCP_ACTION' => $this->u_action . "&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024))); break; case 'list': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $user->add_lang(array('acp/groups', 'acp/common')); $start = request_var('start', 0); // Grab the leaders - always, on every page... $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('leader', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id'])); } $db->sql_freeresult($result); // Total number of group members (non-leaders) $sql = 'SELECT COUNT(user_id) AS total_members FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND group_leader = 0"; $result = $db->sql_query($sql); $total_members = (int) $db->sql_fetchfield('total_members'); $db->sql_freeresult($result); // Grab the members $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean"; $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); $pending = false; $approved = false; while ($row = $db->sql_fetchrow($result)) { if ($row['user_pending'] && !$pending) { $template->assign_block_vars('member', array('S_PENDING' => true)); $template->assign_var('S_PENDING_SET', true); $pending = true; } else { if (!$row['user_pending'] && !$approved) { $template->assign_block_vars('member', array('S_APPROVED' => true)); $template->assign_var('S_APPROVED_SET', true); $approved = true; } } $template->assign_block_vars('member', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id'])); } $db->sql_freeresult($result); $s_action_options = ''; $options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE'); foreach ($options as $option => $lang) { $s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>'; } $template->assign_vars(array('S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=ucp&field=usernames'))); break; case 'approve': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $user->add_lang('acp/groups'); // Approve, demote or promote group_user_attributes('approve', $group_id, $mark_ary, false, false); trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); break; case 'default': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $group_row['group_name'] = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; if (confirm_box(true)) { if (!sizeof($mark_ary)) { $start = 0; do { $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\t\t\tORDER BY user_id"; $result = $db->sql_query_limit($sql, 200, $start); $mark_ary = array(); if ($row = $db->sql_fetchrow($result)) { do { $mark_ary[] = $row['user_id']; } while ($row = $db->sql_fetchrow($result)); group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); $start = sizeof($mark_ary) < 200 ? 0 : $start + 200; } else { $start = 0; } $db->sql_freeresult($result); } while ($start); } else { group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); } $user->add_lang('acp/groups'); trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); } else { $user->add_lang('acp/common'); confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action))); } break; case 'deleteusers': $user->add_lang(array('acp/groups', 'acp/common')); if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $group_row['group_name'] = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; if (confirm_box(true)) { if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } $error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']); if ($error) { trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); } trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action))); } break; case 'addusers': $user->add_lang(array('acp/groups', 'acp/common')); $names = utf8_normalize_nfc(request_var('usernames', '', true)); if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!$names) { trigger_error($user->lang['NO_USERS'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $name_ary = array_unique(explode("\n", $names)); $group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; $default = request_var('default', 0); if (confirm_box(true)) { // Add user/s to group if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) { trigger_error($user->lang[$error] . $return_page); } trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); } else { $s_hidden_fields = array('default' => $default, 'usernames' => $names, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action); confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . (sizeof($name_ary) == 1 ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields)); } trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); break; default: $user->add_lang('acp/common'); $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND g.group_id = ug.group_id AND ug.group_leader = 1 ORDER BY g.group_type DESC, g.group_name'; $result = $db->sql_query($sql); while ($value = $db->sql_fetchrow($result)) { $template->assign_block_vars('leader', array('GROUP_NAME' => $value['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $value['group_name']] : $value['group_name'], 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 'GROUP_TYPE' => $value['group_type'], 'GROUP_ID' => $value['group_id'], 'GROUP_COLOUR' => $value['group_colour'], 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}")); } $db->sql_freeresult($result); break; } break; } $this->tpl_name = 'ucp_groups_' . $mode; }
/** * Disapprove Post/Topic */ function disapprove_post($post_id_list, $id, $mode) { global $db, $template, $user, $config; global $phpEx, $phpbb_root_path; if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve'))) { trigger_error('NOT_AUTHORISED'); } $redirect = request_var('redirect', build_url(array('t', 'mode', 'quickmod')) . "&mode={$mode}"); $reason = utf8_normalize_nfc(request_var('reason', '', true)); $reason_id = request_var('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => $id, 'mode' => $mode, 'post_id_list' => $post_id_list, 'action' => 'disapprove', 'redirect' => $redirect)); $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; $disapprove_reason = ''; if ($reason_id) { $sql = 'SELECT reason_title, reason_description FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row || !$reason && strtolower($row['reason_title']) == 'other') { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; unset($_POST['confirm']); } else { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... $disapprove_reason = strtolower($row['reason_title']) != 'other' ? isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : ''; $disapprove_reason .= $reason ? "\n\n" . $reason : ''; if (isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])])) { $disapprove_reason_lang = strtoupper($row['reason_title']); } $email_disapprove_reason = $disapprove_reason; } } $post_info = get_post_data($post_id_list, 'm_approve'); if (confirm_box(true)) { // If Topic -> forum_topics_real -= 1 // If Post -> topic_replies_real -= 1 $num_disapproved = 0; $forum_topics_real = $topic_id_list = $forum_id_list = $topic_replies_real_sql = $post_disapprove_sql = $disapprove_log = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; if ($post_data['forum_id']) { $forum_id_list[$post_data['forum_id']] = 1; } // Topic or Post. ;) /** * @todo this probably is a different method than the one used by delete_posts, does this cause counter inconsistency? */ if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) { if ($post_data['forum_id']) { if (!isset($forum_topics_real[$post_data['forum_id']])) { $forum_topics_real[$post_data['forum_id']] = 0; } $forum_topics_real[$post_data['forum_id']]++; $num_disapproved++; } $disapprove_log[] = array('type' => 'topic', 'post_subject' => $post_data['post_subject'], 'forum_id' => $post_data['forum_id'], 'topic_id' => 0); } else { if (!isset($topic_replies_real_sql[$post_data['topic_id']])) { $topic_replies_real_sql[$post_data['topic_id']] = 0; } $topic_replies_real_sql[$post_data['topic_id']]++; $disapprove_log[] = array('type' => 'post', 'post_subject' => $post_data['post_subject'], 'forum_id' => $post_data['forum_id'], 'topic_id' => $post_data['topic_id']); } $post_disapprove_sql[] = $post_id; } unset($post_data); if (sizeof($forum_topics_real)) { foreach ($forum_topics_real as $forum_id => $topics_real) { $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\t\tSET forum_topics_real = forum_topics_real - {$topics_real}\n\t\t\t\t\tWHERE forum_id = {$forum_id}"; $db->sql_query($sql); } } if (sizeof($topic_replies_real_sql)) { foreach ($topic_replies_real_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $db->sql_query($sql); } } if (sizeof($post_disapprove_sql)) { if (!function_exists('delete_posts')) { include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx; } // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts delete_posts('post_id', $post_disapprove_sql); foreach ($disapprove_log as $log_data) { add_log('mod', $log_data['forum_id'], $log_data['topic_id'], $log_data['type'] == 'topic' ? 'LOG_TOPIC_DISAPPROVED' : 'LOG_POST_DISAPPROVED', $log_data['post_subject'], $disapprove_reason); } } unset($post_disapprove_sql, $topic_replies_real_sql); update_post_information('topic', array_keys($topic_id_list)); if (sizeof($forum_id_list)) { update_post_information('forum', array_keys($forum_id_list)); } unset($topic_id_list, $forum_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { $lang_reasons = array(); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } if (isset($disapprove_reason_lang)) { // Okay we need to get the reason from the posters language if (!isset($lang_reasons[$post_data['user_lang']])) { // Assign the current users translation as the default, this is not ideal but getting the board default adds another layer of complexity. $lang_reasons[$post_data['user_lang']] = $user->lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; // Only load up the language pack if the language is different to the current one if ($post_data['user_lang'] != $user->lang_name && file_exists($phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx)) { // Load up the language pack $lang = array(); @(include $phpbb_root_path . '/language/' . $post_data['user_lang'] . '/mcp.' . $phpEx); // If we find the reason in this language pack use it if (isset($lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang])) { $lang_reasons[$post_data['user_lang']] = $lang['report_reasons']['DESCRIPTION'][$disapprove_reason_lang]; } unset($lang); // Free memory } } $email_disapprove_reason = $lang_reasons[$post_data['user_lang']]; $email_disapprove_reason .= $reason ? "\n\n" . $reason : ''; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_disapproved' : 'post_disapproved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($post_data['username']), 'REASON' => htmlspecialchars_decode($email_disapprove_reason), 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_data['post_subject'])), 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_data['topic_title'])))); $messenger->send($post_data['user_notify_type']); } unset($lang_reasons); } unset($post_info, $disapprove_reason, $email_disapprove_reason, $disapprove_reason_lang); $messenger->save_queue(); if (sizeof($forum_topics_real)) { $success_msg = $num_disapproved == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS'; } } else { include_once $phpbb_root_path . 'includes/functions_display.' . $phpEx; display_reasons($reason_id); $show_notify = false; foreach ($post_info as $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } else { $show_notify = true; break; } } $template->assign_vars(array('S_NOTIFY_POSTER' => $show_notify, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, 'DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>')); } }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); $confirm_id = request_var('confirm_id', ''); $coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; $agreed = (!empty($_POST['agreed'])) ? 1 : 0; $submit = (isset($_POST['submit'])) ? true : false; $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name); // not so fast, buddy if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg'])) || (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms']))) { $agreed = false; } if ($agreed) { add_form_key('ucp_register'); } else { add_form_key('ucp_register_terms'); } if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang); if (file_exists($phpbb_root_path . 'language/' . $use_lang . '/')) { if ($change_lang) { $submit = false; // Setting back agreed to let the user view the agreement in his/her language $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; } $user->lang_name = $lang = $use_lang; $user->lang_path = $phpbb_root_path . 'language/' . $lang . '/'; $user->lang = array(); $user->add_lang(array('common', 'ucp')); } else { $change_lang = ''; $user_lang = $user->lang_name; } } $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); // if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; $s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array(); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { // We do not include the password! $s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'confirm_code' => request_var('confirm_code', ''), 'lang' => $user->lang_name, 'tz' => request_var('tz', (float) $config['board_timezone']), )); } if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); unset($now); $template->assign_vars(array( 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang), )); } else { $template->assign_vars(array( 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa), 'S_TIME' => 1000 * ((int) $config['min_time_terms']), ) ); } $this->tpl_name = 'ucp_agreement'; return; } // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 $timezone = date('Z') / 3600; $is_dst = date('I'); if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1)) { $timezone = ($is_dst) ? $timezone - 1 : $timezone; if (!isset($user->lang['tz_zones'][(string) $timezone])) { $timezone = $config['board_timezone']; } } else { $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; } $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'confirm_code' => request_var('confirm_code', ''), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (float) $timezone), ); // Check and initialize some variables if needed if ($submit) { $error = validate_data($data, array( 'username' => array( array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array( array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array( array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'confirm_code' => array('string', !$config['enable_confirm'], 5, 8), 'tz' => array('num', false, -14, 14), 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), )); // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); // Visual Confirmation handling $wrong_confirm = false; if ($config['enable_confirm']) { if (!$confirm_id) { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } else { $sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if (strcasecmp($row['code'], $data['confirm_code']) === 0) { $sql = 'DELETE FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $db->sql_query($sql); } else { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } } else { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } } } if (!sizeof($error)) { if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } if ($data['email'] != $data['email_confirm']) { $error[] = $user->lang['NEW_EMAIL_ERROR']; } } if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = '" . $db->sql_escape($group_name) . "' AND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(10); $key_len = 54 - (strlen($server_url)); $key_len = ($key_len < 6) ? 6 : $key_len; $user_actkey = substr($user_actkey, 0, $key_len); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } $user_row = array( 'username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (float) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time, ); // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } if ($config['email_enable']) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") ); if ($coppa) { $messenger->assign_vars(array( 'FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email']) ); } $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id", 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") ); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } } $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); trigger_error($message); } } $s_hidden_fields = array( 'agreed' => 'true', 'change_lang' => 0, ); if ($config['coppa_enable']) { $s_hidden_fields['coppa'] = $coppa; } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { $str = ''; if (!$change_lang) { $user->confirm_gc(CONFIRM_REG); $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . " WHERE session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $attempts = (int) $db->sql_fetchfield('attempts'); $db->sql_freeresult($result); if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts']) { trigger_error('TOO_MANY_REGISTERS'); } $code = gen_rand_string(mt_rand(5, 8)); $confirm_id = md5(unique_id($user->ip)); $seed = hexdec(substr(unique_id(), 4, 10)); // compute $seed % 0x7fffffff $seed -= 0x7fffffff * floor($seed / 0x7fffffff); $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) CONFIRM_REG, 'code' => (string) $code, 'seed' => (int) $seed) ); $db->sql_query($sql); } else { $str .= '&change_lang=' . $change_lang; } $confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />'; $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />'; } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'], 'CONFIRM_IMG' => $confirm_image, 'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'), 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']), 'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), 'S_TIME' => 1000 * ((int) $config['min_time_reg']), ) ); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $template; $username = request_var('username', '', true); $email = strtolower(request_var('email', '')); $submit = isset($_POST['submit']) ? true : false; add_form_key('ucp_resend'); if ($submit) { if (!check_form_key('ucp_resend')) { trigger_error('FORM_INVALID'); } $sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_IGNORE) { trigger_error('NO_USER'); } if (!$user_row['user_actkey'] && $user_row['user_type'] != USER_INACTIVE) { trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } if (!$user_row['user_actkey'] || $user_row['user_type'] == USER_INACTIVE && $user_row['user_inactive_reason'] == INACTIVE_MANUAL) { trigger_error('ACCOUNT_DEACTIVATED'); } // Determine coppa status on group (REGISTERED(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $coppa = $row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL ? true : false; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); if ($config['require_activation'] == USER_ACTIVATION_SELF || $coppa) { $messenger->template($coppa ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($user_row['username']), 'U_ACTIVATE' => generate_board_url() . "/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $user_row['user_email'])); } $messenger->send(NOTIFY_EMAIL); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $admin_ary[0]['a_user']); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'U_USER_DETAILS' => generate_board_url() . "/memberlist.{$phpEx}?mode=viewprofile&u={$user_row['user_id']}", 'U_ACTIVATE' => generate_board_url() . "/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}")); $message = $config['require_activation'] == USER_ACTIVATION_ADMIN ? $user->lang['ACTIVATION_EMAIL_SENT_ADMIN'] : $user->lang['ACTIVATION_EMAIL_SENT']; $message .= '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=resend_act'))); $this->tpl_name = 'ucp_resend'; $this->page_title = 'UCP_RESEND'; }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; $user->add_lang('acp/email'); $this->tpl_name = 'acp_email'; $this->page_title = 'ACP_MASS_EMAIL'; // Set some vars $submit = isset($_POST['submit']) ? true : false; $error = array(); $usernames = request_var('usernames', ''); $group_id = request_var('g', 0); $subject = request_var('subject', '', true); $message = request_var('message', '', true); // Do the job ... if ($submit) { // Error checking needs to go here ... if no subject and/or no message then skip // over the send and return to the form $use_queue = isset($_POST['send_immediatly']) ? false : true; $priority = request_var('mail_priority_flag', MAIL_NORMAL_PRIORITY); if (!$subject) { $error[] = $user->lang['NO_EMAIL_SUBJECT']; } if (!$message) { $error[] = $user->lang['NO_EMAIL_MESSAGE']; } if (!sizeof($error)) { if ($usernames) { $usernames = implode(', ', preg_replace('#^[\\s]*?(.*?)[\\s]*?$#e', "\"'\" . \$db->sql_escape('\\1') . \"'\"", explode("\n", $usernames))); $sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang FROM ' . USERS_TABLE . " \n\t\t\t\t\t\tWHERE username IN ({$usernames})\n\t\t\t\t\t\t\tAND user_allow_massemail = 1\n\t\t\t\t\t\tORDER BY user_lang, user_notify_type"; // , SUBSTRING(user_email FROM INSTR(user_email, '@')) } else { if ($group_id) { $sql = 'SELECT u.user_email, u.username, u.user_lang, u.user_jabber, u.user_notify_type FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug \n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id} \n\t\t\t\t\t\t\t\tAND ug.user_pending = 0\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id \n\t\t\t\t\t\t\t\tAND u.user_allow_massemail = 1\n\t\t\t\t\t\t\tORDER BY u.user_lang, u.user_notify_type"; } else { $sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang FROM ' . USERS_TABLE . ' WHERE user_allow_massemail = 1 ORDER BY user_lang, user_notify_type'; } } $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action)); } $i = $j = 0; // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit) $max_chunk_size = 50; $email_list = array(); $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; do { if ($row['user_notify_type'] == NOTIFY_EMAIL && $row['user_email'] || $row['user_notify_type'] == NOTIFY_IM && $row['user_jabber'] || $row['user_notify_type'] == NOTIFY_BOTH && $row['user_email'] && $row['user_jabber']) { if ($i == $max_chunk_size || $row['user_lang'] != $old_lang || $row['user_notify_type'] != $old_notify_type) { $i = 0; $j++; $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; } $email_list[$j][$i]['lang'] = $row['user_lang']; $email_list[$j][$i]['method'] = $row['user_notify_type']; $email_list[$j][$i]['email'] = $row['user_email']; $email_list[$j][$i]['name'] = $row['username']; $email_list[$j][$i]['jabber'] = $row['user_jabber']; $i++; } } while ($row = $db->sql_fetchrow($result)); $db->sql_freeresult($result); // Send the messages include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; $messenger = new messenger($use_queue); $errored = false; for ($i = 0, $size = sizeof($email_list); $i < $size; $i++) { $used_lang = $email_list[$i][0]['lang']; $used_method = $email_list[$i][0]['method']; for ($j = 0, $list_size = sizeof($email_list[$i]); $j < $list_size; $j++) { $email_row = $email_list[$i][$j]; $messenger->{sizeof($email_list[$i]) == 1 ? 'to' : 'bcc'}($email_row['email'], $email_row['name']); $messenger->im($email_row['jabber'], $email_row['name']); } $messenger->template('admin_send_email', $used_lang); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->subject(html_entity_decode($subject)); $messenger->replyto($config['board_email']); $messenger->set_mail_priority($priority); $messenger->assign_vars(array('SITENAME' => $config['sitename'], 'CONTACT_EMAIL' => $config['board_contact'], 'MESSAGE' => html_entity_decode($message))); if (!$messenger->send($used_method)) { $errored = true; } } unset($email_list); $messenger->save_queue(); if ($group_id) { $group_name = get_group_name($group_id); } else { // Not great but the logging routine doesn't cope well with localising on the fly $group_name = $user->lang['ALL_USERS']; } add_log('admin', 'LOG_MASS_EMAIL', $group_name); if (!$errored) { $message = $use_queue ? $user->lang['EMAIL_SENT_QUEUE'] : $user->lang['EMAIL_SENT']; } else { $message = sprintf($user->lang['EMAIL_SEND_ERROR'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=logs&mode=critical') . '">', '</a>'); } trigger_error($message . adm_back_link($this->u_action)); } } // Exclude bots... $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name = 'BOTS'"; $result = $db->sql_query($sql); $bot_group_id = (int) $db->sql_fetchfield('group_id'); $db->sql_freeresult($result); $select_list = '<option value="0"' . (!$group_id ? ' selected="selected"' : '') . '>' . $user->lang['ALL_USERS'] . '</option>'; $select_list .= group_select_options($group_id, array($bot_group_id)); $s_priority_options = '<option value="' . MAIL_LOW_PRIORITY . '">' . $user->lang['MAIL_LOW_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_NORMAL_PRIORITY . '" selected="selected">' . $user->lang['MAIL_NORMAL_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_HIGH_PRIORITY . '">' . $user->lang['MAIL_HIGH_PRIORITY'] . '</option>'; $template->assign_vars(array('S_WARNING' => sizeof($error) ? true : false, 'WARNING_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'U_ACTION' => $this->u_action, 'S_GROUP_OPTIONS' => $select_list, 'USERNAMES' => $usernames, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=acp_email&field=usernames'), 'SUBJECT' => $subject, 'MESSAGE' => $message, 'S_PRIORITY_OPTIONS' => $s_priority_options)); }
/** * Closes a report */ function close_report($post_id_list, $mode, $action) { global $db, $template, $user, $config; global $phpEx, $phpbb_root_path; if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_report'))) { trigger_error('NOT_AUTHORIZED'); } if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false) { $redirect = request_var('redirect', build_url(array('mode')) . '&mode=reports'); } else { $redirect = request_var('redirect', $user->data['session_page']); } $success_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => 'reports', 'mode' => $mode, 'post_id_list' => $post_id_list, 'f' => $forum_id, 'action' => $action, 'redirect' => $redirect)); if (confirm_box(true)) { $post_info = get_post_data($post_id_list, 'm_report'); $sql = 'SELECT r.post_id, r.report_closed, r.user_id, r.user_notify, u.username, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type FROM ' . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u WHERE r.post_id IN (' . implode(',', array_keys($post_info)) . ') ' . ($action == 'close' ? 'AND r.report_closed = 0' : '') . ' AND r.user_id = u.user_id'; $result = $db->sql_query($sql); $reports = array(); while ($report = $db->sql_fetchrow($result)) { $reports[$report['post_id']] = $report; } $db->sql_freeresult($result); $close_report_posts = $close_report_topics = $notify_reporters = array(); foreach ($post_info as $post_id => $post_data) { if (isset($reports[$post_id])) { $close_report_posts[] = $post_id; $close_report_topics[] = $post_data['topic_id']; if ($reports[$post_id]['user_notify'] && !$reports[$post_id]['report_closed']) { $notify_reporters[$post_id] = $reports[$post_id]; } } } if (sizeof($close_report_posts)) { $close_report_topics = array_unique($close_report_topics); // Get a list of topics that still contain reported posts $sql = 'SELECT DISTINCT topic_id FROM ' . POSTS_TABLE . ' WHERE topic_id IN (' . implode(', ', $close_report_topics) . ') AND post_reported = 1 AND post_id NOT IN (' . implode(', ', $close_report_posts) . ')'; $result = $db->sql_query($sql); $keep_report_topics = array(); while ($row = $db->sql_fetchrow($result)) { $keep_report_topics[] = $row['topic_id']; } $db->sql_freeresult($result); $close_report_topics = array_diff($close_report_topics, $keep_report_topics); unset($keep_report_topics); $db->sql_transaction('begin'); if ($action == 'close') { $sql = 'UPDATE ' . REPORTS_TABLE . ' SET report_closed = 1 WHERE post_id IN (' . implode(', ', $close_report_posts) . ')'; } else { $sql = 'DELETE FROM ' . REPORTS_TABLE . ' WHERE post_id IN (' . implode(', ', $close_report_posts) . ')'; } $db->sql_query($sql); $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_reported = 0 WHERE post_id IN (' . implode(', ', $close_report_posts) . ')'; $db->sql_query($sql); $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_reported = 0 WHERE topic_id IN (' . implode(', ', $close_report_topics) . ')'; $db->sql_query($sql); $db->sql_transaction('commit'); } unset($close_report_posts, $close_report_topics); $messenger = new messenger(); // Notify reporters if (sizeof($notify_reporters)) { $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($notify_reporters as $post_id => $reporter) { if ($reporter['user_id'] == ANONYMOUS) { continue; } $messenger->template('report_' . $action . 'd', $reporter['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($reporter['user_email'], $reporter['username']); $messenger->im($reporter['user_jabber'], $reporter['username']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], 'USERNAME' => html_entity_decode($reporter['username']), 'CLOSER_NAME' => html_entity_decode($user->data['username']), 'POST_SUBJECT' => html_entity_decode(censor_text($post_info[$post_id]['post_subject'])), 'TOPIC_TITLE' => html_entity_decode(censor_text($post_info[$post_id]['topic_title'])))); $messenger->send($reporter['user_notify_type']); $messenger->reset(); } $messenger->save_queue(); } unset($notify_reporters, $post_info); $success_msg = sizeof($post_id_list) == 1 ? 'REPORT_' . strtoupper($action) . 'D_SUCCESS' : 'REPORTS_' . strtoupper($action) . 'D_SUCCESS'; } else { confirm_box(false, $user->lang[strtoupper($action) . '_REPORT' . (sizeof($post_id_list) == 1 ? '' : 'S') . '_CONFIRM'], $s_hidden_fields); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>')); } }
/** * Notify users about karma's changes (via PM/email/jabber) */ function user_notification($data) { global $user, $db; $forum_id = $data['forum_id']; $topic_id = $data['topic_id']; $post_id = $data['post_id']; $user_id = $data['user_id']; $sql = 'SELECT user_karma_notify_pm, user_karma_notify_email, user_karma_notify_jabber FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $to_user = $db->sql_fetchrow($result); $notifications['pm'] = $this->config['notify_pm'] && $to_user['user_karma_notify_pm']; $notifications['email'] = $this->config['notify_email'] && $to_user['user_karma_notify_email']; $notifications['jabber'] = $this->config['notify_jabber'] && $to_user['user_karma_notify_jabber']; $from_user_id = $user->data['user_id']; $from_username = $user->data['username']; // Select template for messenger, subject and message if ($data['action'] == 'increase') { $subject = 'KARMA_NOTIFY_INCREASE_SUBJECT'; $message = 'KARMA_NOTIFY_INCREASE_MESSAGE'; $notify_tpl = 'karma_notify_increase'; if ($this->config['anonym_increase']) { $message .= '_ANONYM'; $notify_tpl .= '_anonym'; $from_user_id = $data['user_id']; $from_username = $user->lang['KARMA_NOTIFY_HIDDEN_SENDER']; } } else { $subject = 'KARMA_NOTIFY_DECREASE_SUBJECT'; $message = 'KARMA_NOTIFY_DECREASE_MESSAGE'; $notify_tpl = 'karma_notify_decrease'; if ($this->config['anonym_decrease']) { $message .= '_ANONYM'; $notify_tpl .= '_anonym'; $from_user_id = $data['user_id']; $from_username = $user->lang['KARMA_NOTIFY_HIDDEN_SENDER']; } } if ($this->config['power_show']) { $message .= '_POWERED'; $notify_tpl .= '_powered'; } if ($notifications['pm']) { global $config, $phpbb_root_path, $phpEx; $subject = $user->lang[$subject]; $message = sprintf($user->lang[$message], $user->data['username'], $data['karma_power']); $message .= !empty($data['comment']) ? "\r\n" . sprintf($user->lang['KARMA_NOTIFY_MESSAGE_COMMENTS'], $user->data['username']) . "\r\n\r\n" . $data['comment'] : ''; $message .= "\r\n\r\n" . $this->generate_backlink($forum_id, $topic_id, $post_id, $user_id); include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; $message_parser = new parse_message(); $message = utf8_normalize_nfc($message); $options = ''; generate_text_for_storage($message, $data['bbcode_uid'], $data['bbcode_bitfield'], $options, true, true, true); $icon_id = $data['icon_id']; // Always attach signature status $enable_sig = !$config['allow_sig'] || !$config['allow_sig_pm'] ? false : ($user->optionget('attachsig') ? true : false); // Store message, sync counters $pm_data = array('from_user_id' => $from_user_id, 'from_user_ip' => $user->data['user_ip'], 'from_username' => $from_username, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_urls' => $data['enable_urls'], 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'author_id' => $user->data['user_id'], 'message' => $message, 'address_list' => array('u' => array($data['user_id'] => 'to'))); unset($message_parser); submit_pm('post', $subject, $pm_data, false); } if ($notifications['email'] || $notifications['jabber']) { if ($notifications['email'] && $notifications['jabber'] && $config['email_enable'] && $config['jab_enable']) { $method = NOTIFY_BOTH; } else { if ($notifications['email'] && $config['email_enable']) { $method = NOTIFY_EMAIL; } else { if ($notifications['jabber'] && $config['jab_enable']) { $method = NOTIFY_IM; } else { return; } } } $comment = ''; if ($this->config['comments'] && $data['comment']) { $comment = $data['comment']; // make list items visible as such if ($data['bbcode_uid']) { $comment = str_replace('[*:' . $data['bbcode_uid'] . ']', '⋅ ', $comment); // no BBCode in comment strip_bbcode($comment, $data['bbcode_uid']); } $comment = "\r\n" . $user->lang['KARMA_NOTIFY_MESSAGE_COMMENTS'] . "\r\n" . $comment . "\r\n"; } // Now, we are able to really send out notifications global $db, $phpbb_root_path, $phpEx; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $messenger->template($notify_tpl, $user->data['user_lang']); $messenger->to($user->data['user_email'], $user->data['username']); $messenger->im($user->data['user_jabber'], $user->data['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'AUTHOR_NAME' => htmlspecialchars_decode($user->data['username']), 'POWER' => $data['karma_power'], 'BACKLINK' => $this->generate_backlink($forum_id, $topic_id, $post_id, $user_id), 'COMMENT' => $comment)); $messenger->send($method); $messenger->save_queue(); } }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } include $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx; $confirm_id = request_var('confirm_id', ''); $coppa = isset($_REQUEST['coppa']) ? !empty($_REQUEST['coppa']) ? 1 : 0 : false; $agreed = !empty($_POST['agreed']) ? 1 : 0; $submit = isset($_POST['submit']) ? true : false; $change_lang = request_var('change_lang', ''); if ($change_lang) { $submit = false; $lang = $change_lang; $user->lang_name = $lang = $change_lang; $user->lang_path = $phpbb_root_path . 'language/' . $lang . '/'; $user->lang = array(); $user->add_lang(array('common', 'ucp')); } $cp = new custom_profile(); $error = $data = $cp_data = $cp_error = array(); // if (!$agreed) { if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); unset($now); $template->assign_vars(array('L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0'), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'))); } else { $template->assign_vars(array('L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'))); } $this->tpl_name = 'ucp_agreement'; return; } $var_ary = array('username' => (string) '', 'password_confirm' => (string) '', 'new_password' => (string) '', 'cur_password' => (string) '', 'email' => (string) '', 'email_confirm' => (string) '', 'confirm_code' => (string) '', 'lang' => (string) $config['default_lang'], 'tz' => (double) $config['board_timezone']); // If we change the language inline, we do not want to display errors, but pre-fill already filled out values if ($change_lang) { foreach ($var_ary as $var => $default) { ${$var} = request_var($var, $default, true); } } // Check and initialize some variables if needed if ($submit) { foreach ($var_ary as $var => $default) { $data[$var] = request_var($var, $default, true); } $var_ary = array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'new_password' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'confirm_code' => array('string', !$config['enable_confirm'], 5, 8), 'tz' => array('num', false, -14, 14), 'lang' => array('match', false, '#^[a-z_]{2,}$#i')); $error = validate_data($data, $var_ary); extract($data); unset($data); // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); // Visual Confirmation handling $wrong_confirm = false; if ($config['enable_confirm']) { if (!$confirm_id) { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } else { $sql = 'SELECT code FROM ' . CONFIRM_TABLE . "\n\t\t\t\t\t\tWHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'\n\t\t\t\t\t\t\tAND session_id = '" . $db->sql_escape($user->session_id) . "'\n\t\t\t\t\t\t\tAND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if (strcasecmp($row['code'], $confirm_code) === 0) { $sql = 'DELETE FROM ' . CONFIRM_TABLE . "\n\t\t\t\t\t\t\t\tWHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'\n\t\t\t\t\t\t\t\t\tAND session_id = '" . $db->sql_escape($user->session_id) . "'\n\t\t\t\t\t\t\t\t\tAND confirm_type = " . CONFIRM_REG; $db->sql_query($sql); } else { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } } else { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; } } } if (!sizeof($error)) { if ($new_password != $password_confirm) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } if ($email != $email_confirm) { $error[] = $user->lang['NEW_EMAIL_ERROR']; } } if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_reg = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED'; $group_inactive = $coppa ? 'INACTIVE_COPPA' : 'INACTIVE'; $group_name = $config['require_activation'] == USER_ACTIVATION_NONE ? $group_reg : $group_inactive; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(10); $key_len = 54 - strlen($server_url); $key_len = $key_len < 6 ? 6 : $key_len; $user_actkey = substr($user_actkey, 0, $key_len); $user_type = USER_INACTIVE; } else { $user_type = USER_NORMAL; $user_actkey = ''; } $user_row = array('username' => $username, 'user_password' => md5($new_password), 'user_email' => $email, 'group_id' => (int) $group_id, 'user_timezone' => (double) $tz, 'user_lang' => $lang, 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time()); // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error($user->lang['NO_USER'], E_USER_ERROR); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } } } if ($config['email_enable']) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template($email_template, $lang); $messenger->replyto($config['board_contact']); $messenger->to($email, $username); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('SITENAME' => $config['sitename'], 'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), 'USERNAME' => html_entity_decode($username), 'PASSWORD' => html_entity_decode($password_confirm), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $email, 'SITENAME' => $config['sitename'])); } $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' WHERE user_id IN (' . implode(', ', $admin_ary[0]['a_user']) . ')'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->replyto($config['board_contact']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => html_entity_decode($username), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } } if ($user_type == USER_NORMAL || !$config['email_enable']) { set_config('newest_user_id', $user_id, true); set_config('newest_username', $username, true); set_config('num_users', $config['num_users'] + 1, true); } unset($data); $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } } $s_hidden_fields = build_hidden_fields(array('agreed' => 'true', 'coppa' => $coppa, 'change_lang' => 0)); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { if (!$change_lang) { $sql = 'SELECT session_id FROM ' . SESSIONS_TABLE; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $sql_in = array(); do { $sql_in[] = "'" . $db->sql_escape($row['session_id']) . "'"; } while ($row = $db->sql_fetchrow($result)); $sql = 'DELETE FROM ' . CONFIRM_TABLE . ' WHERE session_id NOT IN (' . implode(', ', $sql_in) . ') AND confirm_type = ' . CONFIRM_REG; $db->sql_query($sql); } $db->sql_freeresult($result); $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . "\n\t\t\t\t\tWHERE session_id = '" . $db->sql_escape($user->session_id) . "'\n\t\t\t\t\t\tAND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $attempts = (int) $db->sql_fetchfield('attempts'); $db->sql_freeresult($result); if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts']) { trigger_error($user->lang['TOO_MANY_REGISTERS']); } $code = gen_rand_string(mt_rand(5, 8)); $confirm_id = md5(unique_id($user->ip)); $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array('confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) CONFIRM_REG, 'code' => (string) $code)); $db->sql_query($sql); } $confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG) . '" alt="" title="" />'; $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />'; } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\\w]+' => 'USERNAME_ALPHA_ONLY', '[\\w_\\+\\. \\-\\[\\]]+' => 'USERNAME_ALPHA_SPACERS'); $lang = isset($lang) ? $lang : $config['default_lang']; $tz = isset($tz) ? $tz : $config['board_timezone']; // $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => isset($username) ? $username : '', 'PASSWORD' => isset($new_password) ? $new_password : '', 'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '', 'EMAIL' => isset($email) ? $email : '', 'EMAIL_CONFIRM' => isset($email_confirm) ? $email_confirm : '', 'CONFIRM_IMG' => $confirm_image, 'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlentities($config['board_contact']) . '">', '</a>'), 'L_ITEMS_REQUIRED' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_NEW_PASSWORD_EXPLAIN' => sprintf($user->lang['NEW_PASSWORD_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($lang), 'S_TZ_OPTIONS' => tz_select($tz), 'S_CONFIRM_CODE' => $config['enable_confirm'] ? true : false, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'))); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; }
$email_list[$j][$i]['jabber'] = $row['user_jabber']; $i++; } } while ($row = $_CLASS['core_db']->sql_fetchrow($result)); $_CLASS['core_db']->sql_freeresult($result); // Send the messages include_once $site_file_root . 'includes/forums/functions_messenger.php'; $messenger = new messenger($use_queue); $errored = false; for ($i = 0; $i < sizeof($email_list); $i++) { $used_lang = $email_list[$i][0]['lang']; $used_method = $email_list[$i][0]['method']; for ($j = 0; $j < sizeof($email_list[$i]); $j++) { $email_row = $email_list[$i][$j]; $messenger->{sizeof($email_list[$i]) == 1 ? 'to' : 'bcc'}($email_row['email'], $email_row['name']); $messenger->im($email_row['jabber'], $email_row['name']); } $messenger->template('admin_send_email', $used_lang); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $_CLASS['core_user']->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $_CLASS['core_user']->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $_CLASS['core_user']->ip); $messenger->subject($subject); $messenger->replyto($config['board_email']); $messenger->set_mail_priority($priority); $messenger->assign_vars(array('SITENAME' => $config['sitename'], 'CONTACT_EMAIL' => $config['board_contact'], 'MESSAGE' => $message)); if (!$messenger->send($used_method, $log_session)) { $errored = true; } } unset($email_list);
/** * PM Notification */ function pm_notification($mode, $author, $recipients, $subject, $message) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; $subject = censor_text($subject); // Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE; $result = $db->sql_query($sql); unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]); while ($row = $db->sql_fetchrow($result)) { if (isset($row['ban_userid'])) { unset($recipients[$row['ban_userid']]); } } $db->sql_freeresult($result); if (!sizeof($recipients)) { return; } $recipient_list = implode(', ', array_keys($recipients)); $sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber FROM ' . USERS_TABLE . "\n\t\tWHERE user_id IN ({$recipient_list})"; $result = $db->sql_query($sql); $msg_list_ary = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['user_notify_pm'] == 1 && trim($row['user_email'])) { $msg_list_ary[] = array('method' => $row['user_notify_type'], 'email' => $row['user_email'], 'jabber' => $row['user_jabber'], 'name' => $row['username'], 'lang' => $row['user_lang']); } } $db->sql_freeresult($result); if (!sizeof($msg_list_ary)) { return; } include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($msg_list_ary as $pos => $addr) { $messenger->template('privmsg_notify', $addr['lang']); $messenger->replyto($config['board_email']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], 'SUBJECT' => html_entity_decode($subject), 'AUTHOR_NAME' => html_entity_decode($author), 'USERNAME' => html_entity_decode($addr['name']), 'U_INBOX' => generate_board_url() . "/ucp.{$phpEx}?i=pm&folder=inbox")); $messenger->send($addr['method']); $messenger->reset(); } unset($msg_list_ary); $messenger->save_queue(); unset($messenger); }
/** * User Notification */ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; $topic_notification = $mode == 'reply' || $mode == 'quote' ? true : false; $forum_notification = $mode == 'post' ? true : false; if (!$topic_notification && !$forum_notification) { trigger_error('NO_MODE'); } if ($topic_notification && !$config['allow_topic_notify'] || $forum_notification && !$config['allow_forum_notify']) { return; } $topic_title = $topic_notification ? $topic_title : $subject; $topic_title = censor_text($topic_title); // Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . ' WHERE ban_userid <> 0 AND ban_exclude <> 1'; $result = $db->sql_query($sql); $sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id']; while ($row = $db->sql_fetchrow($result)) { $sql_ignore_users .= ', ' . (int) $row['ban_userid']; } $db->sql_freeresult($result); $notify_rows = array(); // -- get forum_userids || topic_userids $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . ($topic_notification ? TOPICS_WATCH_TABLE : FORUMS_WATCH_TABLE) . ' w, ' . USERS_TABLE . ' u WHERE w.' . ($topic_notification ? 'topic_id' : 'forum_id') . ' = ' . ($topic_notification ? $topic_id : $forum_id) . "\n\t\t\tAND w.user_id NOT IN ({$sql_ignore_users})\n\t\t\tAND w.notify_status = " . NOTIFY_YES . ' AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = w.user_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $notify_rows[$row['user_id']] = array('user_id' => $row['user_id'], 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'], 'user_lang' => $row['user_lang'], 'notify_type' => $topic_notification ? 'topic' : 'forum', 'template' => $topic_notification ? 'topic_notify' : 'newtopic_notify', 'method' => $row['user_notify_type'], 'allowed' => false); } $db->sql_freeresult($result); // forum notification is sent to those not already receiving topic notifications if ($topic_notification) { if (sizeof($notify_rows)) { $sql_ignore_users .= ', ' . implode(', ', array_keys($notify_rows)); } $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . FORUMS_WATCH_TABLE . ' fw, ' . USERS_TABLE . " u\n\t\t\tWHERE fw.forum_id = {$forum_id}\n\t\t\t\tAND fw.user_id NOT IN ({$sql_ignore_users})\n\t\t\t\tAND fw.notify_status = " . NOTIFY_YES . ' AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = fw.user_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $notify_rows[$row['user_id']] = array('user_id' => $row['user_id'], 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'], 'user_lang' => $row['user_lang'], 'notify_type' => 'forum', 'template' => 'forum_notify', 'method' => $row['user_notify_type'], 'allowed' => false); } $db->sql_freeresult($result); } if (!sizeof($notify_rows)) { return; } // Make sure users are allowed to read the forum foreach ($auth->acl_get_list(array_keys($notify_rows), 'f_read', $forum_id) as $forum_id => $forum_ary) { foreach ($forum_ary as $auth_option => $user_ary) { foreach ($user_ary as $user_id) { $notify_rows[$user_id]['allowed'] = true; } } } // Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;) $msg_users = $delete_ids = $update_notification = array(); foreach ($notify_rows as $user_id => $row) { if (!$row['allowed'] || !trim($row['user_email'])) { $delete_ids[$row['notify_type']][] = $row['user_id']; } else { $msg_users[] = $row; $update_notification[$row['notify_type']][] = $row['user_id']; } } unset($notify_rows); // Now, we are able to really send out notifications if (sizeof($msg_users)) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $msg_list_ary = array(); foreach ($msg_users as $row) { $pos = !isset($msg_list_ary[$row['template']]) ? 0 : sizeof($msg_list_ary[$row['template']]); $msg_list_ary[$row['template']][$pos]['method'] = $row['method']; $msg_list_ary[$row['template']][$pos]['email'] = $row['user_email']; $msg_list_ary[$row['template']][$pos]['jabber'] = $row['user_jabber']; $msg_list_ary[$row['template']][$pos]['name'] = $row['username']; $msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang']; $msg_list_ary[$row['template']][$pos]['user_id'] = $row['user_id']; } unset($msg_users); foreach ($msg_list_ary as $email_template => $email_list) { foreach ($email_list as $addr) { $messenger->template($email_template, $addr['lang']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($addr['name']), 'TOPIC_TITLE' => htmlspecialchars_decode($topic_title), 'FORUM_NAME' => htmlspecialchars_decode($forum_name), 'U_FORUM' => generate_board_url() . "/viewforum.{$phpEx}?f={$forum_id}", 'U_TOPIC' => generate_board_url() . "/viewtopic.{$phpEx}?f={$forum_id}&t={$topic_id}", 'U_NEWEST_POST' => generate_board_url() . "/viewtopic.{$phpEx}?f={$forum_id}&t={$topic_id}&p={$post_id}&e={$post_id}", 'U_STOP_WATCHING_TOPIC' => generate_board_url() . "/viewtopic.{$phpEx}?uid={$addr['user_id']}&f={$forum_id}&t={$topic_id}&unwatch=topic", 'U_STOP_WATCHING_FORUM' => generate_board_url() . "/viewforum.{$phpEx}?uid={$addr['user_id']}&f={$forum_id}&unwatch=forum")); $messenger->send($addr['method']); } } unset($msg_list_ary); $messenger->save_queue(); } // Handle the DB updates $db->sql_transaction('begin'); if (!empty($update_notification['topic'])) { $sql = 'UPDATE ' . TOPICS_WATCH_TABLE . ' SET notify_status = ' . NOTIFY_NO . "\n\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\tAND " . $db->sql_in_set('user_id', $update_notification['topic']); $db->sql_query($sql); } if (!empty($update_notification['forum'])) { $sql = 'UPDATE ' . FORUMS_WATCH_TABLE . ' SET notify_status = ' . NOTIFY_NO . "\n\t\t\tWHERE forum_id = {$forum_id}\n\t\t\t\tAND " . $db->sql_in_set('user_id', $update_notification['forum']); $db->sql_query($sql); } // Now delete the user_ids not authorised to receive notifications on this topic/forum if (!empty($delete_ids['topic'])) { $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . "\n\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\tAND " . $db->sql_in_set('user_id', $delete_ids['topic']); $db->sql_query($sql); } if (!empty($delete_ids['forum'])) { $sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . "\n\t\t\tWHERE forum_id = {$forum_id}\n\t\t\t\tAND " . $db->sql_in_set('user_id', $delete_ids['forum']); $db->sql_query($sql); } $db->sql_transaction('commit'); }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $template; $username = request_var('username', '', true); $email = request_var('email', ''); $submit = isset($_POST['submit']) ? true : false; if ($submit) { $sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email = '" . $db->sql_escape($email) . "'\n\t\t\t\t\tAND LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if (!$user_row['user_actkey']) { trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } // Determine coppa status on group (INACTIVE(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $coppa = $row['group_name'] == 'INACTIVE_COPPA' && $row['group_type'] == GROUP_SPECIAL ? true : false; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); if ($config['require_activation'] == USER_ACTIVATION_SELF || $coppa) { $messenger->template($coppa ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); $messenger->replyto($config['board_contact']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('SITENAME' => $config['sitename'], 'WELCOME_MSG' => sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), 'USERNAME' => html_entity_decode($user_row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => generate_board_url() . "/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $user_row['user_email'], 'SITENAME' => $config['sitename'])); } $messenger->send(NOTIFY_EMAIL); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' WHERE user_id IN (' . implode(', ', $admin_ary[0]['a_user']) . ')'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->replyto($config['board_contact']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => html_entity_decode($user_row['username']), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']), 'U_ACTIVATE' => generate_board_url() . "/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}")); $message = $user->lang['ACTIVATION_EMAIL_SENT'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=resend_act'))); $this->tpl_name = 'ucp_resend'; $this->page_title = 'UCP_RESEND'; }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache, $phpbb_log, $request; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $phpbb_dispatcher; $user->add_lang('acp/email'); $this->tpl_name = 'acp_email'; $this->page_title = 'ACP_MASS_EMAIL'; $form_key = 'acp_email'; add_form_key($form_key); // Set some vars $submit = isset($_POST['submit']) ? true : false; $error = array(); $usernames = $request->variable('usernames', '', true); $usernames = !empty($usernames) ? explode("\n", $usernames) : array(); $group_id = $request->variable('g', 0); $subject = $request->variable('subject', '', true); $message = $request->variable('message', '', true); // Do the job ... if ($submit) { // Error checking needs to go here ... if no subject and/or no message then skip // over the send and return to the form $use_queue = isset($_POST['send_immediately']) ? false : true; $priority = $request->variable('mail_priority_flag', MAIL_NORMAL_PRIORITY); if (!check_form_key($form_key)) { $error[] = $user->lang['FORM_INVALID']; } if (!$subject) { $error[] = $user->lang['NO_EMAIL_SUBJECT']; } if (!$message) { $error[] = $user->lang['NO_EMAIL_MESSAGE']; } if (!sizeof($error)) { if (!empty($usernames)) { // If giving usernames the admin is able to email inactive users too... $sql_ary = array('SELECT' => 'username, user_email, user_jabber, user_notify_type, user_lang', 'FROM' => array(USERS_TABLE => ''), 'WHERE' => $db->sql_in_set('username_clean', array_map('utf8_clean_string', $usernames)) . ' AND user_allow_massemail = 1', 'ORDER_BY' => 'user_lang, user_notify_type'); } else { if ($group_id) { $sql_ary = array('SELECT' => 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type', 'FROM' => array(USERS_TABLE => 'u', USER_GROUP_TABLE => 'ug'), 'WHERE' => 'ug.group_id = ' . $group_id . ' AND ug.user_pending = 0 AND u.user_id = ug.user_id AND u.user_allow_massemail = 1 AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', 'ORDER_BY' => 'u.user_lang, u.user_notify_type'); } else { $sql_ary = array('SELECT' => 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'u.user_allow_massemail = 1 AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', 'ORDER_BY' => 'u.user_lang, u.user_notify_type'); } // Mail banned or not if (!isset($_REQUEST['mail_banned_flag'])) { $sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL OR b.ban_exclude = 1)'; $sql_ary['LEFT_JOIN'] = array(array('FROM' => array(BANLIST_TABLE => 'b'), 'ON' => 'u.user_id = b.ban_userid')); } } /** * Modify sql query to change the list of users the email is sent to * * @event core.acp_email_modify_sql * @var array sql_ary Array which is used to build the sql query * @since 3.1.2-RC1 */ $vars = array('sql_ary'); extract($phpbb_dispatcher->trigger_event('core.acp_email_modify_sql', compact($vars))); $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); if (!$row) { $db->sql_freeresult($result); trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING); } $i = $j = 0; // Send with BCC // Maximum number of bcc recipients $max_chunk_size = (int) $config['email_max_chunk_size']; $email_list = array(); $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; do { if ($row['user_notify_type'] == NOTIFY_EMAIL && $row['user_email'] || $row['user_notify_type'] == NOTIFY_IM && $row['user_jabber'] || $row['user_notify_type'] == NOTIFY_BOTH && ($row['user_email'] || $row['user_jabber'])) { if ($i == $max_chunk_size || $row['user_lang'] != $old_lang || $row['user_notify_type'] != $old_notify_type) { $i = 0; if (sizeof($email_list)) { $j++; } $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; } $email_list[$j][$i]['lang'] = $row['user_lang']; $email_list[$j][$i]['method'] = $row['user_notify_type']; $email_list[$j][$i]['email'] = $row['user_email']; $email_list[$j][$i]['name'] = $row['username']; $email_list[$j][$i]['jabber'] = $row['user_jabber']; $i++; } } while ($row = $db->sql_fetchrow($result)); $db->sql_freeresult($result); // Send the messages include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; $messenger = new messenger($use_queue); $errored = false; $email_template = 'admin_send_email'; $template_data = array('CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx), 'MESSAGE' => htmlspecialchars_decode($message)); $generate_log_entry = true; /** * Modify email template data before the emails are sent * * @event core.acp_email_send_before * @var string email_template The template to be used for sending the email * @var string subject The subject of the email * @var array template_data Array with template data assigned to email template * @var bool generate_log_entry If false, no log entry will be created * @var array usernames Usernames which will be displayed in log entry, if it will be created * @var int group_id The group this email will be sent to * @var bool use_queue If true, email queue will be used for sending * @var int priority Priority of sent emails * @since 3.1.3-RC1 */ $vars = array('email_template', 'subject', 'template_data', 'generate_log_entry', 'usernames', 'group_id', 'use_queue', 'priority'); extract($phpbb_dispatcher->trigger_event('core.acp_email_send_before', compact($vars))); for ($i = 0, $size = sizeof($email_list); $i < $size; $i++) { $used_lang = $email_list[$i][0]['lang']; $used_method = $email_list[$i][0]['method']; for ($j = 0, $list_size = sizeof($email_list[$i]); $j < $list_size; $j++) { $email_row = $email_list[$i][$j]; $messenger->{sizeof($email_list[$i]) == 1 ? 'to' : 'bcc'}($email_row['email'], $email_row['name']); $messenger->im($email_row['jabber'], $email_row['name']); } $messenger->template($email_template, $used_lang); $messenger->anti_abuse_headers($config, $user); $messenger->subject(htmlspecialchars_decode($subject)); $messenger->set_mail_priority($priority); $messenger->assign_vars($template_data); if (!$messenger->send($used_method)) { $errored = true; } } unset($email_list); $messenger->save_queue(); if ($generate_log_entry) { if (!empty($usernames)) { $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MASS_EMAIL', false, array(implode(', ', utf8_normalize_nfc($usernames)))); } else { if ($group_id) { $group_name = get_group_name($group_id); } else { // Not great but the logging routine doesn't cope well with localising on the fly $group_name = $user->lang['ALL_USERS']; } $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_MASS_EMAIL', false, array($group_name)); } } if (!$errored) { $message = $use_queue ? $user->lang['EMAIL_SENT_QUEUE'] : $user->lang['EMAIL_SENT']; trigger_error($message . adm_back_link($this->u_action)); } else { $message = sprintf($user->lang['EMAIL_SEND_ERROR'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=logs&mode=critical') . '">', '</a>'); trigger_error($message . adm_back_link($this->u_action), E_USER_WARNING); } } } // Exclude bots and guests... $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name IN ('BOTS', 'GUESTS')"; $result = $db->sql_query($sql); $exclude = array(); while ($row = $db->sql_fetchrow($result)) { $exclude[] = $row['group_id']; } $db->sql_freeresult($result); $select_list = '<option value="0"' . (!$group_id ? ' selected="selected"' : '') . '>' . $user->lang['ALL_USERS'] . '</option>'; $select_list .= group_select_options($group_id, $exclude); $s_priority_options = '<option value="' . MAIL_LOW_PRIORITY . '">' . $user->lang['MAIL_LOW_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_NORMAL_PRIORITY . '" selected="selected">' . $user->lang['MAIL_NORMAL_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_HIGH_PRIORITY . '">' . $user->lang['MAIL_HIGH_PRIORITY'] . '</option>'; $template_data = array('S_WARNING' => sizeof($error) ? true : false, 'WARNING_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'U_ACTION' => $this->u_action, 'S_GROUP_OPTIONS' => $select_list, 'USERNAMES' => implode("\n", $usernames), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=acp_email&field=usernames'), 'SUBJECT' => $subject, 'MESSAGE' => $message, 'S_PRIORITY_OPTIONS' => $s_priority_options); /** * Modify custom email template data before we display the form * * @event core.acp_email_display * @var array template_data Array with template data assigned to email template * @var array exclude Array with groups which are excluded from group selection * @var array usernames Usernames which will be displayed in form * * @since 3.1.4-RC1 */ $vars = array('template_data', 'exclude', 'usernames'); extract($phpbb_dispatcher->trigger_event('core.acp_email_display', compact($vars))); $template->assign_vars($template_data); }
/** * Gallery Notification * * borrowed from phpBB3 * @author: phpBB Group * @function: user_notification */ public static function send_notification($mode, $handle_id, $image_name) { global $user, $db, $album_id, $image_id, $image_data, $album_data, $table_prefix; $help_mode = $mode . '_id'; $mode_id = ${$help_mode}; $mode_notification = $mode == 'album' ? 'image' : 'comment'; // Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . ' WHERE ban_userid <> 0 AND ban_exclude <> 1'; $result = $db->sql_query($sql); $sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id']; while ($row = $db->sql_fetchrow($result)) { $sql_ignore_users .= ', ' . (int) $row['ban_userid']; } $db->sql_freeresult($result); $notify_rows = array(); // -- get album_userids || image_userids $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . $table_prefix . 'gallery_watch w, ' . USERS_TABLE . ' u WHERE w.' . $help_mode . ' = ' . $handle_id . "\n\t\t\t\tAND w.user_id NOT IN ({$sql_ignore_users})\n\t\t\t\tAND u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = w.user_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $notify_rows[$row['user_id']] = array('user_id' => $row['user_id'], 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'], 'user_lang' => $row['user_lang'], 'notify_type' => $mode != 'album' ? 'image' : 'album', 'template' => "new{$mode_notification}_notify", 'method' => $row['user_notify_type'], 'allowed' => false); } $db->sql_freeresult($result); if (!sizeof($notify_rows)) { return; } // Get album_user_id to check for personal albums. $sql = 'SELECT album_id, album_user_id FROM ' . $table_prefix . 'gallery_albums WHERE album_id = ' . $handle_id; $result = $db->sql_query($sql); $album = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (empty($album)) { trigger_error('ALBUM_NOT_EXIST'); } // Make sure users are allowed to view the album $i_view_ary = $groups_ary = $groups_row = array(); $sql_array = array('SELECT' => 'pr.i_view, p.perm_system, p.perm_group_id, p.perm_user_id', 'FROM' => array($table_prefix . 'gallery_permissions' => 'p'), 'LEFT_JOIN' => array(array('FROM' => array($table_prefix . 'gallery_roles' => 'pr'), 'ON' => 'p.perm_role_id = pr.role_id')), 'WHERE' => $album['album_user_id'] == \phpbbgallery\core\album\album::PUBLIC_ALBUM ? 'p.perm_album_id = ' . $album_id : 'p.perm_system <> ' . \phpbbgallery\core\album\album::PUBLIC_ALBUM, 'ORDER_BY' => 'pr.i_view ASC'); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($row['perm_group_id']) { $groups_ary[] = $row['perm_group_id']; $groups_row[$row['perm_group_id']] = $row; } else { if (!isset($i_view_ary[$row['perm_user_id']]) || isset($i_view_ary[$row['perm_user_id']]) && $i_view_ary[$row['perm_user_id']] < $row['i_view']) { if (!$row['perm_system']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } else { if ($row['perm_system'] == \phpbbgallery\core\auth\auth::OWN_ALBUM && $album['album_user_id'] == $row['perm_user_id']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } else { if ($row['perm_system'] == \phpbbgallery\core\auth\auth::PERSONAL_ALBUM && $album['album_user_id'] != $row['perm_user_id']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } } } } } } $db->sql_freeresult($result); if (sizeof($groups_ary)) { // Get all users by their group permissions $sql = 'SELECT user_id, group_id FROM ' . USER_GROUP_TABLE . ' WHERE ' . $db->sql_in_set('group_id', $groups_ary) . ' AND user_pending = 0'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($i_view_ary[$row['user_id']]) || isset($i_view_ary[$row['user_id']]) && $i_view_ary[$row['user_id']] < $groups_row[$row['group_id']]['i_view']) { if (!$groups_row[$row['group_id']]['perm_system']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } else { if ($groups_row[$row['group_id']]['perm_system'] == \phpbbgallery\core\auth\auth::OWN_ALBUM && $album['album_user_id'] == $row['user_id']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } else { if ($groups_row[$row['group_id']]['perm_system'] == \phpbbgallery\core\auth\auth::PERSONAL_ALBUM && $album['album_user_id'] != $row['user_id']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } } } } } $db->sql_freeresult($result); } // Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;) $msg_users = $delete_ids = $update_notification = array(); foreach ($notify_rows as $user_id => $row) { if ($i_view_ary[$row['user_id']] != \phpbbgallery\core\auth\auth::ACL_YES || !trim($row['user_email'])) { $delete_ids[$row['notify_type']][] = $row['user_id']; } else { $msg_users[] = $row; $update_notification[$row['notify_type']][] = $row['user_id']; } } unset($notify_rows); // Now, we are able to really send out notifications if (sizeof($msg_users)) { if (!class_exists('messenger')) { \phpbbgallery\core\url::_include('functions_messenger', 'phpbb'); } $messenger = new messenger(); $msg_list_ary = array(); foreach ($msg_users as $row) { $pos = !isset($msg_list_ary[$row['template']]) ? 0 : sizeof($msg_list_ary[$row['template']]); $msg_list_ary[$row['template']][$pos]['method'] = $row['method']; $msg_list_ary[$row['template']][$pos]['email'] = $row['user_email']; $msg_list_ary[$row['template']][$pos]['jabber'] = $row['user_jabber']; $msg_list_ary[$row['template']][$pos]['name'] = $row['username']; $msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang']; } unset($msg_users); foreach ($msg_list_ary as $email_template => $email_list) { foreach ($email_list as $addr) { $messenger->template($email_template, $addr['lang']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($addr['name']), 'IMAGE_NAME' => htmlspecialchars_decode($image_name), 'ALBUM_NAME' => htmlspecialchars_decode($album_data['album_name']), 'U_ALBUM' => \phpbbgallery\core\url::create_link('full', 'album', "album_id={$album_id}"), 'U_IMAGE' => \phpbbgallery\core\url::create_link('full', 'image_page', "album_id={$album_id}&image_id={$image_id}"), 'U_NEWEST_POST' => \phpbbgallery\core\url::create_link('full', 'viewtopic', "album_id={$album_id}&image_id={$image_id}"), 'U_STOP_WATCHING_IMAGE' => \phpbbgallery\core\url::create_link('full', 'image_page', "mode=unwatch&album_id={$album_id}&image_id={$image_id}"), 'U_STOP_WATCHING_ALBUM' => \phpbbgallery\core\url::create_link('full', 'album', "mode=unwatch&album_id={$album_id}"))); $messenger->send($addr['method']); } } unset($msg_list_ary); $messenger->save_queue(); } // Now delete the user_ids not authorised to receive notifications on this image/album if (!empty($delete_ids['image'])) { self::remove($image_id, $delete_ids['image']); } if (!empty($delete_ids['album'])) { self::remove_albums($album_id, $delete_ids['album']); } }
function main($id, $mode) { global $config, $db, $user, $auth, $template; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; include $phpbb_root_path . 'includes/functions_user.' . $phpEx; $user->add_lang('memberlist'); $action = request_var('action', ''); $mark = isset($_REQUEST['mark']) ? request_var('mark', array(0)) : array(); $start = request_var('start', 0); $submit = isset($_POST['submit']); // Sort keys $sort_days = request_var('st', 0); $sort_key = request_var('sk', 'i'); $sort_dir = request_var('sd', 'd'); $form_key = 'acp_inactive'; add_form_key($form_key); if ($submit && sizeof($mark)) { if ($action !== 'delete' && !check_form_key($form_key)) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($action) { case 'activate': case 'delete': $sql = 'SELECT user_id, username FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $mark); $result = $db->sql_query($sql); $user_affected = array(); while ($row = $db->sql_fetchrow($result)) { $user_affected[$row['user_id']] = $row['username']; } $db->sql_freeresult($result); if ($action == 'activate') { if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Get those 'being activated'... $sql = 'SELECT user_id, username, user_email, user_lang FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $mark) . ' AND user_type = ' . USER_INACTIVE; $result = $db->sql_query($sql); $inactive_users = array(); while ($row = $db->sql_fetchrow($result)) { $inactive_users[] = $row; } $db->sql_freeresult($result); } user_active_flip('activate', $mark); if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users)) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); foreach ($inactive_users as $row) { $messenger->template('admin_welcome_activated', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($row['username']))); $messenger->send(NOTIFY_EMAIL); } $messenger->save_queue(); } } else { if ($action == 'delete') { if (confirm_box(true)) { if (!$auth->acl_get('a_userdel')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } foreach ($mark as $user_id) { user_delete('retain', $user_id, $user_affected[$user_id]); } add_log('admin', 'LOG_INACTIVE_' . strtoupper($action), implode(', ', $user_affected)); } else { $s_hidden_fields = array('mode' => $mode, 'action' => $action, 'mark' => $mark, 'submit' => 1, 'start' => $start); confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields)); } } } break; case 'remind': if (empty($config['email_enable'])) { trigger_error($user->lang['EMAIL_DISABLED'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type, user_regdate, user_actkey FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $mark) . ' AND user_inactive_reason'; $sql .= $config['require_activation'] == USER_ACTIVATION_ADMIN ? ' = ' . INACTIVE_REMIND : ' <> ' . INACTIVE_MANUAL; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { // Send the messages include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $usernames = array(); do { $messenger->template('user_remind_inactive', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($row['username']), 'REGISTER_DATE' => $user->format_date($row['user_regdate'], false, true), 'U_ACTIVATE' => generate_board_url() . "/ucp.{$phpEx}?mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])); $messenger->send($row['user_notify_type']); $usernames[] = $row['username']; } while ($row = $db->sql_fetchrow($result)); $messenger->save_queue(); add_log('admin', 'LOG_INACTIVE_REMIND', implode(', ', $usernames)); unset($usernames); } $db->sql_freeresult($result); break; } } // Sorting $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_text = array('i' => $user->lang['SORT_INACTIVE'], 'j' => $user->lang['SORT_REG_DATE'], 'l' => $user->lang['SORT_LAST_VISIT'], 'r' => $user->lang['SORT_REASON'], 'u' => $user->lang['SORT_USERNAME']); $sort_by_sql = array('i' => 'user_inactive_time', 'j' => 'user_regdate', 'l' => 'user_lastvisit', 'r' => 'user_inactive_reason', 'u' => 'username_clean'); $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); // Define where and sort sql for use in displaying logs $sql_where = $sort_days ? time() - $sort_days * 86400 : 0; $sql_sort = $sort_by_sql[$sort_key] . ' ' . ($sort_dir == 'd' ? 'DESC' : 'ASC'); $inactive = array(); $inactive_count = 0; $start = view_inactive_users($inactive, $inactive_count, $config['topics_per_page'], $start, $sql_where, $sql_sort); foreach ($inactive as $row) { $template->assign_block_vars('inactive', array('INACTIVE_DATE' => $user->format_date($row['user_inactive_time']), 'JOINED' => $user->format_date($row['user_regdate']), 'LAST_VISIT' => !$row['user_lastvisit'] ? ' - ' : $user->format_date($row['user_lastvisit']), 'REASON' => $row['inactive_reason'], 'USER_ID' => $row['user_id'], 'USERNAME' => $row['username'], 'U_USER_ADMIN' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&mode=overview&u={$row['user_id']}"))); } $option_ary = array('activate' => 'ACTIVATE', 'delete' => 'DELETE'); if ($config['email_enable']) { $option_ary += array('remind' => 'REMIND'); } $template->assign_vars(array('S_INACTIVE_USERS' => true, 'S_INACTIVE_OPTIONS' => build_select($option_ary), 'S_LIMIT_DAYS' => $s_limit_days, 'S_SORT_KEY' => $s_sort_key, 'S_SORT_DIR' => $s_sort_dir, 'S_ON_PAGE' => on_page($inactive_count, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&{$u_sort_param}", $inactive_count, $config['topics_per_page'], $start, true), 'U_ACTION' => $this->u_action . '&start=' . $start)); $this->tpl_name = 'acp_inactive'; $this->page_title = 'ACP_INACTIVE_USERS'; }
function disapprove_post($post_id_list) { global $_CLASS, $_CORE_CONFIG, $config; if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_approve'))) { trigger_error('NOT_AUTHORIZED'); } $redirect = request_var('redirect', $_CLASS['core_user']->data['session_page']); $reason = request_var('reason', ''); $reason_id = request_var('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('post_id_list' => $post_id_list, 'f' => $forum_id, 'mode' => 'disapprove', 'redirect' => $redirect)); $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; if ($reason_id) { $sql = 'SELECT reason_name FROM ' . REASONS_TABLE . " \n\t\t\tWHERE reason_id = {$reason_id}"; $result = $_CLASS['core_db']->query($sql); if (!($row = $_CLASS['core_db']->fetch_row_assoc($result)) || !$reason && $row['reason_name'] == 'other') { $additional_msg = 'Please give an appropiate reason for disapproval'; unset($_POST['confirm']); } else { $disapprove_reason = $row['reason_name'] != 'other' ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_name'])] : ''; $disapprove_reason .= $reason ? "\n\n" . $_REQUEST['reason'] : ''; unset($reason); } $_CLASS['core_db']->free_result($result); } if (confirm_box(true)) { $post_info = get_post_data($post_id_list, 'm_approve'); // If Topic -> forum_topics_real -= 1 // If Post -> topic_replies_real -= 1 $forum_topics_real = 0; $topic_replies_real_sql = $post_disapprove_sql = $topic_id_list = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) { if ($post_data['forum_id']) { $forum_topics_real++; } } else { if (!isset($topic_replies_real_sql[$post_data['topic_id']])) { $topic_replies_real_sql[$post_data['topic_id']] = 1; } else { $topic_replies_real_sql[$post_data['topic_id']]++; } } $post_disapprove_sql[] = $post_id; } if ($forum_topics_real) { $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\tSET forum_topics_real = forum_topics_real - {$forum_topics_real}\n\t\t\t\tWHERE forum_id = {$forum_id}"; $_CLASS['core_db']->query($sql); } if (sizeof($topic_replies_real_sql)) { foreach ($topic_replies_real_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $_CLASS['core_db']->query($sql); } } if (sizeof($post_disapprove_sql)) { // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts delete_posts('post_id', $post_disapprove_sql); } unset($post_disapprove_sql, $topic_replies_real_sql); update_post_information('topic', array_keys($topic_id_list)); update_post_information('forum', $forum_id); unset($topic_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_disapproved' : 'post_disapproved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $_CORE_CONFIG['global']['sitename'], 'USERNAME' => $post_data['username'], 'REASON' => stripslashes($disapprove_reason), 'POST_SUBJECT' => censor_text($post_data['post_subject']), 'TOPIC_TITLE' => censor_text($post_data['topic_title']))); $messenger->send($post_data['user_notify_type']); $messenger->reset(); } $messenger->save_queue(); } unset($post_info, $disapprove_reason); if ($forum_topics_real) { $success_msg = $forum_topics_real == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS'; } } else { $sql = 'SELECT * FROM ' . REASONS_TABLE . ' ORDER BY reason_priority ASC'; $result = $_CLASS['core_db']->query($sql); while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $row['reason_name'] = strtoupper($row['reason_name']); $reason_title = !empty($_CLASS['core_user']->lang['report_reasons']['TITLE'][$row['reason_name']]) ? $_CLASS['core_user']->lang['report_reasons']['TITLE'][$row['reason_name']] : ucwords(str_replace('_', ' ', $row['reason_name'])); $reason_desc = !empty($_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][$row['reason_name']]) ? $_CLASS['core_user']->lang['report_reasons']['DESCRIPTION'][$row['reason_name']] : $row['reason_desc']; $_CLASS['core_template']->assign_vars_array('reason', array('ID' => $row['reason_id'], 'NAME' => htmlspecialchars($reason_title), 'DESCRIPTION' => htmlspecialchars($reason_desc), 'S_SELECTED' => $row['reason_id'] == $reason_id ? true : false)); } $_CLASS['core_db']->free_result($result); $_CLASS['core_template']->assign_array(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, 'DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', generate_link('Forums')); if (!$success_msg) { url_redirect($redirect); } else { $_CLASS['core_display']->meta_refresh(3, generate_link("Forums&file=viewforum&f={$forum_id}")); trigger_error($_CLASS['core_user']->lang[$success_msg] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FORUM'], '<a href="' . generate_link('Forums&file=viewforum&f=' . $forum_id) . '">', '</a>')); } }
function main($id, $mode) { global $config, $db, $user, $auth, $template; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; $action = request_var('action', ''); $mark = isset($_REQUEST['mark']) ? implode(', ', request_var('mark', array(0))) : ''; if ($mark) { switch ($action) { case 'activate': case 'delete': if (!$auth->acl_get('a_user')) { trigger_error($user->lang['NO_ADMIN']); } $sql = 'SELECT username FROM ' . USERS_TABLE . "\n\t\t\t\t\t\tWHERE user_id IN ({$mark})"; $result = $db->sql_query($sql); $user_affected = array(); while ($row = $db->sql_fetchrow($result)) { $user_affected[] = $row['username']; } $db->sql_freeresult($result); if ($action == 'activate') { include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; $mark_ary = explode(', ', $mark); foreach ($mark_ary as $user_id) { user_active_flip($user_id, USER_INACTIVE); } set_config('num_users', $config['num_users'] + sizeof($mark_ary), true); // Update latest username update_last_username(); } else { if ($action == 'delete') { if (!$auth->acl_get('a_userdel')) { trigger_error($user->lang['NO_ADMIN']); } $sql = 'DELETE FROM ' . USER_GROUP_TABLE . " WHERE user_id IN ({$mark})"; $db->sql_query($sql); $sql = 'DELETE FROM ' . USERS_TABLE . " WHERE user_id IN ({$mark})"; $db->sql_query($sql); add_log('admin', 'LOG_INDEX_' . strtoupper($action), implode(', ', $user_affected)); } } break; case 'remind': if (!$auth->acl_get('a_user')) { trigger_error($user->lang['NO_ADMIN']); } if (empty($config['email_enable'])) { trigger_error($user->lang['EMAIL_DISABLED']); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type, user_regdate, user_actkey FROM ' . USERS_TABLE . " \n\t\t\t\t\t\tWHERE user_id IN ({$mark})"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { // Send the messages include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $board_url = generate_board_url() . "/ucp.{$phpEx}?mode=activate"; $sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); $usernames = array(); do { $messenger->template('user_remind_inactive', $row['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('EMAIL_SIG' => $sig, 'USERNAME' => html_entity_decode($row['username']), 'SITENAME' => $config['sitename'], 'REGISTER_DATE' => $user->format_date($row['user_regdate']), 'U_ACTIVATE' => "{$board_url}&mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])); $messenger->send($row['user_notify_type']); $usernames[] = $row['username']; } while ($row = $db->sql_fetchrow($result)); $messenger->save_queue(); add_log('admin', 'LOG_INDEX_REMIND', implode(', ', $usernames)); unset($usernames); } $db->sql_freeresult($result); break; } } switch ($action) { case 'online': if (!$auth->acl_get('a_board')) { trigger_error($user->lang['NO_ADMIN']); } set_config('record_online_users', 1, true); set_config('record_online_date', time(), true); add_log('admin', 'LOG_RESET_ONLINE'); break; case 'stats': if (!$auth->acl_get('a_board')) { trigger_error($user->lang['NO_ADMIN']); } $sql = 'SELECT COUNT(post_id) AS stat FROM ' . POSTS_TABLE . ' WHERE post_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); set_config('num_posts', (int) $row['stat'], true); $sql = 'SELECT COUNT(topic_id) AS stat FROM ' . TOPICS_TABLE . ' WHERE topic_approved = 1'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); set_config('num_topics', (int) $row['stat'], true); $sql = 'SELECT COUNT(user_id) AS stat FROM ' . USERS_TABLE . ' WHERE user_type IN (' . USER_NORMAL . ',' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); set_config('num_users', (int) $row['stat'], true); $sql = 'SELECT COUNT(attach_id) as stat FROM ' . ATTACHMENTS_TABLE; $result = $db->sql_query($sql); set_config('num_files', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); $sql = 'SELECT SUM(filesize) as stat FROM ' . ATTACHMENTS_TABLE; $result = $db->sql_query($sql); set_config('upload_dir_size', (int) $db->sql_fetchfield('stat'), true); $db->sql_freeresult($result); add_log('admin', 'LOG_RESYNC_STATS'); break; case 'user': if (!$auth->acl_get('a_board')) { trigger_error($user->lang['NO_ADMIN']); } $post_count_ary = $auth->acl_getf('f_postcount'); $forum_read_ary = $auth->acl_getf('f_read'); $forum_ary = array(); foreach ($post_count_ary as $forum_id => $allowed) { if ($allowed['f_postcount'] && $forum_read_ary[$forum_id]['f_read']) { $forum_ary[] = $forum_id; } } if (!sizeof($forum_ary)) { $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_posts = 0'); } else { $sql = 'SELECT COUNT(post_id) AS num_posts, poster_id FROM ' . POSTS_TABLE . ' WHERE poster_id <> ' . ANONYMOUS . ' AND forum_id IN (' . implode(', ', $forum_ary) . ') GROUP BY poster_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $db->sql_query('UPDATE ' . USERS_TABLE . " SET user_posts = {$row['num_posts']} WHERE user_id = {$row['poster_id']}"); } $db->sql_freeresult($result); } add_log('admin', 'LOG_RESYNC_POSTCOUNTS'); break; case 'date': if (!$auth->acl_get('a_board')) { trigger_error($user->lang['NO_ADMIN']); } set_config('board_startdate', time() - 1); add_log('admin', 'LOG_RESET_DATE'); break; case 'db_track': $db->sql_query((SQL_LAYER != 'sqlite' ? 'TRUNCATE TABLE ' : 'DELETE FROM ') . TOPICS_POSTED_TABLE); // This can get really nasty... therefore we only do the last six months $get_from_time = time() - 6 * 4 * 7 * 24 * 60 * 60; // Select forum ids, do not include categories $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type <> ' . FORUM_CAT; $result = $db->sql_query($sql); $forum_ids = array(); while ($row = $db->sql_fetchrow($result)) { $forum_ids[] = $row['forum_id']; } $db->sql_freeresult($result); // Any global announcements? ;) $forum_ids[] = 0; // Now go through the forums and get us some topics... foreach ($forum_ids as $forum_id) { $sql = 'SELECT p.poster_id, p.topic_id FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t WHERE t.forum_id = ' . $forum_id . ' AND t.topic_moved_id = 0 AND t.topic_last_post_time > ' . $get_from_time . ' AND t.topic_id = p.topic_id AND p.poster_id <> ' . ANONYMOUS . ' GROUP BY p.poster_id, p.topic_id'; $result = $db->sql_query($sql); $posted = array(); while ($row = $db->sql_fetchrow($result)) { $posted[$row['poster_id']][] = $row['topic_id']; } $db->sql_freeresult($result); $sql_ary = array(); foreach ($posted as $user_id => $topic_row) { foreach ($topic_row as $topic_id) { $sql_ary[] = array('user_id' => $user_id, 'topic_id' => $topic_id, 'topic_posted' => 1); } } unset($posted); if (sizeof($sql_ary)) { switch (SQL_LAYER) { case 'mysql': case 'mysql4': case 'mysqli': $db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $sql_ary)); break; default: foreach ($sql_ary as $ary) { $db->sql_query('INSERT INTO ' . TOPICS_POSTED_TABLE . ' ' . $db->sql_build_array('INSERT', $ary)); } break; } } } add_log('admin', 'LOG_RESYNC_POST_MARKING'); break; } // Get forum statistics $total_posts = $config['num_posts']; $total_topics = $config['num_topics']; $total_users = $config['num_users']; $total_files = $config['num_files']; $start_date = $user->format_date($config['board_startdate']); $boarddays = (time() - $config['board_startdate']) / 86400; $posts_per_day = sprintf('%.2f', $total_posts / $boarddays); $topics_per_day = sprintf('%.2f', $total_topics / $boarddays); $users_per_day = sprintf('%.2f', $total_users / $boarddays); $files_per_day = sprintf('%.2f', $total_files / $boarddays); $upload_dir_size = $config['upload_dir_size'] >= 1048576 ? sprintf('%.2f ' . $user->lang['MB'], $config['upload_dir_size'] / 1048576) : ($config['upload_dir_size'] >= 1024 ? sprintf('%.2f ' . $user->lang['KB'], $config['upload_dir_size'] / 1024) : sprintf('%.2f ' . $user->lang['BYTES'], $config['upload_dir_size'])); $avatar_dir_size = 0; if ($avatar_dir = @opendir($phpbb_root_path . $config['avatar_path'])) { while (($file = readdir($avatar_dir)) !== false) { if ($file[0] != '.' && $file != 'CVS' && strpos($file, 'index.') === false) { $avatar_dir_size += filesize($phpbb_root_path . $config['avatar_path'] . '/' . $file); } } @closedir($avatar_dir); // This bit of code translates the avatar directory size into human readable format // Borrowed the code from the PHP.net annoted manual, origanally written by: // Jesse (jesse@jess.on.ca) $avatar_dir_size = $avatar_dir_size >= 1048576 ? sprintf('%.2f ' . $user->lang['MB'], $avatar_dir_size / 1048576) : ($avatar_dir_size >= 1024 ? sprintf('%.2f ' . $user->lang['KB'], $avatar_dir_size / 1024) : sprintf('%.2f ' . $user->lang['BYTES'], $avatar_dir_size)); } else { // Couldn't open Avatar dir. $avatar_dir_size = $user->lang['NOT_AVAILABLE']; } if ($posts_per_day > $total_posts) { $posts_per_day = $total_posts; } if ($topics_per_day > $total_topics) { $topics_per_day = $total_topics; } if ($users_per_day > $total_users) { $users_per_day = $total_users; } if ($files_per_day > $total_files) { $files_per_day = $total_files; } $dbsize = get_database_size(); $s_action_options = build_select(array('online' => 'RESET_ONLINE', 'date' => 'RESET_DATE', 'stats' => 'RESYNC_STATS', 'user' => 'RESYNC_POSTCOUNTS', 'db_track' => 'RESYNC_POST_MARKING')); $template->assign_vars(array('TOTAL_POSTS' => $total_posts, 'POSTS_PER_DAY' => $posts_per_day, 'TOTAL_TOPICS' => $total_topics, 'TOPICS_PER_DAY' => $topics_per_day, 'TOTAL_USERS' => $total_users, 'USERS_PER_DAY' => $users_per_day, 'TOTAL_FILES' => $total_files, 'FILES_PER_DAY' => $files_per_day, 'START_DATE' => $start_date, 'AVATAR_DIR_SIZE' => $avatar_dir_size, 'DBSIZE' => $dbsize, 'UPLOAD_DIR_SIZE' => $upload_dir_size, 'GZIP_COMPRESSION' => $config['gzip_compress'] ? $user->lang['ON'] : $user->lang['OFF'], 'U_ACTION' => append_sid("{$phpbb_admin_path}index.{$phpEx}"), 'S_ACTION_OPTIONS' => $auth->acl_get('a_board') ? $s_action_options : '')); $log_data = array(); $log_count = 0; if ($auth->acl_get('a_viewlogs')) { view_log('admin', $log_data, $log_count, 5); foreach ($log_data as $row) { $template->assign_block_vars('log', array('USERNAME' => $row['username'], 'IP' => $row['ip'], 'DATE' => $user->format_date($row['time']), 'ACTION' => $row['action'])); } } if ($auth->acl_get('a_user')) { $sql = 'SELECT user_id, username, user_regdate FROM ' . USERS_TABLE . ' WHERE user_type = ' . USER_INACTIVE . ' ORDER BY user_regdate ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('inactive', array('DATE' => $user->format_date($row['user_regdate']), 'USER_ID' => $row['user_id'], 'USERNAME' => $row['username'], 'U_USER_ADMIN' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&mode=overview&u={$row['user_id']}"))); } $option_ary = array('activate' => 'ACTIVATE', 'delete' => 'DELETE'); if ($config['email_enable']) { $option_ary += array('remind' => 'REMIND'); } $template->assign_vars(array('S_INACTIVE_USERS' => true, 'S_INACTIVE_OPTIONS' => build_select($option_ary))); } // Display debug_extra notice if (defined('DEBUG_EXTRA')) { $template->assign_var('S_DEBUG_EXTRA', true); } $this->tpl_name = 'acp_main'; $this->page_title = 'ACP_MAIN'; }
/** * Disapprove Post/Topic */ function disapprove_post($post_id_list, $mode) { global $db, $template, $user, $config; global $phpEx, $phpbb_root_path; if (!($forum_id = check_ids($post_id_list, POSTS_TABLE, 'post_id', 'm_approve'))) { trigger_error('NOT_AUTHORIZED'); } $redirect = request_var('redirect', build_url(array('t', 'mode')) . '&mode=unapproved_topics'); $reason = request_var('reason', '', true); $reason_id = request_var('reason_id', 0); $success_msg = $additional_msg = ''; $s_hidden_fields = build_hidden_fields(array('i' => 'queue', 'mode' => $mode, 'post_id_list' => $post_id_list, 'f' => $forum_id, 'action' => 'disapprove', 'redirect' => $redirect)); $notify_poster = isset($_REQUEST['notify_poster']) ? true : false; $disapprove_reason = ''; if ($reason_id) { $sql = 'SELECT reason_title, reason_description FROM ' . REPORTS_REASONS_TABLE . "\n\t\t\tWHERE reason_id = {$reason_id}"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row || !$reason && $row['reason_title'] == 'other') { $additional_msg = $user->lang['NO_REASON_DISAPPROVAL']; unset($_POST['confirm']); } else { // If the reason is defined within the language file, we will use the localized version, else just use the database entry... $disapprove_reason = $row['reason_title'] != 'other' ? isset($user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])]) ? $user->lang['report_reasons']['DESCRIPTION'][strtoupper($row['reason_title'])] : $row['reason_description'] : ''; $disapprove_reason .= $reason ? "\n\n" . $reason : ''; } } if (confirm_box(true)) { $post_info = get_post_data($post_id_list, 'm_approve'); // If Topic -> forum_topics_real -= 1 // If Post -> topic_replies_real -= 1 $forum_topics_real = 0; $topic_replies_real_sql = $post_disapprove_sql = $topic_id_list = array(); foreach ($post_info as $post_id => $post_data) { $topic_id_list[$post_data['topic_id']] = 1; // Topic or Post. ;) if ($post_data['topic_first_post_id'] == $post_id && $post_data['topic_last_post_id'] == $post_id) { if ($post_data['forum_id']) { $forum_topics_real++; } } else { if (!isset($topic_replies_real_sql[$post_data['topic_id']])) { $topic_replies_real_sql[$post_data['topic_id']] = 1; } else { $topic_replies_real_sql[$post_data['topic_id']]++; } } $post_disapprove_sql[] = $post_id; } if ($forum_topics_real) { $sql = 'UPDATE ' . FORUMS_TABLE . "\n\t\t\t\tSET forum_topics_real = forum_topics_real - {$forum_topics_real}\n\t\t\t\tWHERE forum_id = {$forum_id}"; $db->sql_query($sql); } if (sizeof($topic_replies_real_sql)) { foreach ($topic_replies_real_sql as $topic_id => $num_replies) { $sql = 'UPDATE ' . TOPICS_TABLE . "\n\t\t\t\t\tSET topic_replies_real = topic_replies_real - {$num_replies}\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $db->sql_query($sql); } } if (sizeof($post_disapprove_sql)) { if (!function_exists('delete_posts')) { include_once $phpbb_root_path . 'includes/functions_admin.' . $phpEx; } // We do not check for permissions here, because the moderator allowed approval/disapproval should be allowed to delete the disapproved posts delete_posts('post_id', $post_disapprove_sql); } unset($post_disapprove_sql, $topic_replies_real_sql); update_post_information('topic', array_keys($topic_id_list)); update_post_information('forum', $forum_id); unset($topic_id_list); $messenger = new messenger(); // Notify Poster? if ($notify_poster) { $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']); foreach ($post_info as $post_id => $post_data) { if ($post_data['poster_id'] == ANONYMOUS) { continue; } $email_template = $post_data['post_id'] == $post_data['topic_first_post_id'] && $post_data['post_id'] == $post_data['topic_last_post_id'] ? 'topic_disapproved' : 'post_disapproved'; $messenger->template($email_template, $post_data['user_lang']); $messenger->replyto($config['board_email']); $messenger->to($post_data['user_email'], $post_data['username']); $messenger->im($post_data['user_jabber'], $post_data['username']); $messenger->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], 'USERNAME' => html_entity_decode($post_data['username']), 'REASON' => html_entity_decode($disapprove_reason), 'POST_SUBJECT' => html_entity_decode(censor_text($post_data['post_subject'])), 'TOPIC_TITLE' => html_entity_decode(censor_text($post_data['topic_title'])))); $messenger->send($post_data['user_notify_type']); $messenger->reset(); } $messenger->save_queue(); } unset($post_info, $disapprove_reason); if ($forum_topics_real) { $success_msg = $forum_topics_real == 1 ? 'TOPIC_DISAPPROVED_SUCCESS' : 'TOPICS_DISAPPROVED_SUCCESS'; } else { $success_msg = sizeof($post_id_list) == 1 ? 'POST_DISAPPROVED_SUCCESS' : 'POSTS_DISAPPROVED_SUCCESS'; } } else { include_once $phpbb_root_path . 'includes/functions_display.' . $phpEx; display_reasons($reason_id); $template->assign_vars(array('S_NOTIFY_POSTER' => true, 'S_APPROVE' => false, 'REASON' => $reason, 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, 'DISAPPROVE_POST' . (sizeof($post_id_list) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_approve.html'); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); trigger_error($user->lang[$success_msg] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>')); } }
/** * Closes a report */ function close_report($report_id_list, $mode, $action, $pm = false) { global $db, $template, $user, $config, $auth; global $phpEx, $phpbb_root_path; $pm_where = $pm ? ' AND r.post_id = 0 ' : ' AND r.pm_id = 0 '; $id_column = $pm ? 'pm_id' : 'post_id'; $module = $pm ? 'pm_reports' : 'reports'; $pm_prefix = $pm ? 'PM_' : ''; $sql = "SELECT r.{$id_column}\n\t\tFROM " . REPORTS_TABLE . ' r WHERE ' . $db->sql_in_set('r.report_id', $report_id_list) . $pm_where; $result = $db->sql_query($sql); $post_id_list = array(); while ($row = $db->sql_fetchrow($result)) { $post_id_list[] = $row[$id_column]; } $post_id_list = array_unique($post_id_list); if ($pm) { if (!$auth->acl_getf_global('m_report')) { trigger_error('NOT_AUTHORISED'); } } else { if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_report'))) { trigger_error('NOT_AUTHORISED'); } } if ($action == 'delete' && strpos($user->data['session_page'], 'mode=report_details') !== false) { $redirect = request_var('redirect', build_url(array('mode', 'r', 'quickmod')) . '&mode=reports'); } elseif ($action == 'delete' && strpos($user->data['session_page'], 'mode=pm_report_details') !== false) { $redirect = request_var('redirect', build_url(array('mode', 'r', 'quickmod')) . '&mode=pm_reports'); } else { if ($action == 'close' && !request_var('r', 0)) { $redirect = request_var('redirect', build_url(array('mode', 'p', 'quickmod')) . '&mode=' . $module); } else { $redirect = request_var('redirect', build_url(array('quickmod'))); } } $success_msg = ''; $forum_ids = array(); $topic_ids = array(); $s_hidden_fields = build_hidden_fields(array('i' => $module, 'mode' => $mode, 'report_id_list' => $report_id_list, 'action' => $action, 'redirect' => $redirect)); if (confirm_box(true)) { $post_info = $pm ? get_pm_data($post_id_list) : get_post_data($post_id_list, 'm_report'); $sql = "SELECT r.report_id, r.{$id_column}, r.report_closed, r.user_id, r.user_notify, u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type\n\t\t\tFROM " . REPORTS_TABLE . ' r, ' . USERS_TABLE . ' u WHERE ' . $db->sql_in_set('r.report_id', $report_id_list) . ' ' . ($action == 'close' ? 'AND r.report_closed = 0' : '') . ' AND r.user_id = u.user_id' . $pm_where; $result = $db->sql_query($sql); $reports = $close_report_posts = $close_report_topics = $notify_reporters = $report_id_list = array(); while ($report = $db->sql_fetchrow($result)) { $reports[$report['report_id']] = $report; $report_id_list[] = $report['report_id']; if (!$report['report_closed']) { $close_report_posts[] = $report[$id_column]; if (!$pm) { $close_report_topics[] = $post_info[$report['post_id']]['topic_id']; } } if ($report['user_notify'] && !$report['report_closed']) { $notify_reporters[$report['report_id']] =& $reports[$report['report_id']]; } } $db->sql_freeresult($result); if (sizeof($reports)) { $close_report_posts = array_unique($close_report_posts); $close_report_topics = array_unique($close_report_topics); if (!$pm && sizeof($close_report_posts)) { // Get a list of topics that still contain reported posts $sql = 'SELECT DISTINCT topic_id FROM ' . POSTS_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', $close_report_topics) . ' AND post_reported = 1 AND ' . $db->sql_in_set('post_id', $close_report_posts, true); $result = $db->sql_query($sql); $keep_report_topics = array(); while ($row = $db->sql_fetchrow($result)) { $keep_report_topics[] = $row['topic_id']; } $db->sql_freeresult($result); $close_report_topics = array_diff($close_report_topics, $keep_report_topics); unset($keep_report_topics); } $db->sql_transaction('begin'); if ($action == 'close') { $sql = 'UPDATE ' . REPORTS_TABLE . ' SET report_closed = 1 WHERE ' . $db->sql_in_set('report_id', $report_id_list); } else { $sql = 'DELETE FROM ' . REPORTS_TABLE . ' WHERE ' . $db->sql_in_set('report_id', $report_id_list); } $db->sql_query($sql); if (sizeof($close_report_posts)) { if ($pm) { $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' SET message_reported = 0 WHERE ' . $db->sql_in_set('msg_id', $close_report_posts); $db->sql_query($sql); if ($action == 'delete') { delete_pm(ANONYMOUS, $close_report_posts, PRIVMSGS_INBOX); } } else { $sql = 'UPDATE ' . POSTS_TABLE . ' SET post_reported = 0 WHERE ' . $db->sql_in_set('post_id', $close_report_posts); $db->sql_query($sql); if (sizeof($close_report_topics)) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_reported = 0 WHERE ' . $db->sql_in_set('topic_id', $close_report_topics) . ' OR ' . $db->sql_in_set('topic_moved_id', $close_report_topics); $db->sql_query($sql); } } } $db->sql_transaction('commit'); } unset($close_report_posts, $close_report_topics); foreach ($reports as $report) { if ($pm) { add_log('mod', 0, 0, 'LOG_PM_REPORT_' . strtoupper($action) . 'D', $post_info[$report['pm_id']]['message_subject']); } else { add_log('mod', $post_info[$report['post_id']]['forum_id'], $post_info[$report['post_id']]['topic_id'], 'LOG_REPORT_' . strtoupper($action) . 'D', $post_info[$report['post_id']]['post_subject']); } } $messenger = new messenger(); // Notify reporters if (sizeof($notify_reporters)) { foreach ($notify_reporters as $report_id => $reporter) { if ($reporter['user_id'] == ANONYMOUS) { continue; } $post_id = $reporter[$id_column]; $messenger->template(($pm ? 'pm_report_' : 'report_') . $action . 'd', $reporter['user_lang']); $messenger->to($reporter['user_email'], $reporter['username']); $messenger->im($reporter['user_jabber'], $reporter['username']); if ($pm) { $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($reporter['username']), 'CLOSER_NAME' => htmlspecialchars_decode($user->data['username']), 'PM_SUBJECT' => htmlspecialchars_decode(censor_text($post_info[$post_id]['message_subject'])))); } else { $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($reporter['username']), 'CLOSER_NAME' => htmlspecialchars_decode($user->data['username']), 'POST_SUBJECT' => htmlspecialchars_decode(censor_text($post_info[$post_id]['post_subject'])), 'TOPIC_TITLE' => htmlspecialchars_decode(censor_text($post_info[$post_id]['topic_title'])))); } $messenger->send($reporter['user_notify_type']); } } if (!$pm) { foreach ($post_info as $post) { $forum_ids[$post['forum_id']] = $post['forum_id']; $topic_ids[$post['topic_id']] = $post['topic_id']; } } unset($notify_reporters, $post_info, $reports); $messenger->save_queue(); $success_msg = sizeof($report_id_list) == 1 ? "{$pm_prefix}REPORT_" . strtoupper($action) . 'D_SUCCESS' : "{$pm_prefix}REPORTS_" . strtoupper($action) . 'D_SUCCESS'; } else { confirm_box(false, $user->lang[strtoupper($action) . "_{$pm_prefix}REPORT" . (sizeof($report_id_list) == 1 ? '' : 'S') . '_CONFIRM'], $s_hidden_fields); } $redirect = request_var('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { meta_refresh(3, $redirect); $return_forum = ''; $return_topic = ''; if (!$pm) { if (sizeof($forum_ids) === 1) { $return_forum = sprintf($user->lang['RETURN_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />'; } if (sizeof($topic_ids) === 1) { $return_topic = sprintf($user->lang['RETURN_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.{$phpEx}", 't=' . current($topic_ids) . '&f=' . current($forum_ids)) . '">', '</a>') . '<br /><br />'; } } trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_forum . $return_topic . sprintf($user->lang['RETURN_PAGE'], "<a href=\"{$redirect}\">", '</a>')); } }
/** * PM Notification */ function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id) { global $db, $user, $config, $phpbb_root_path, $phpEx, $auth; $subject = censor_text($subject); // Exclude guests, current user and banned users from notifications unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]); if (!sizeof($recipients)) { return; } if (!function_exists('phpbb_get_banned_user_ids')) { include $phpbb_root_path . 'includes/functions_user.' . $phpEx; } $banned_users = phpbb_get_banned_user_ids(array_keys($recipients)); $recipients = array_diff(array_keys($recipients), $banned_users); if (!sizeof($recipients)) { return; } $sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $recipients); $result = $db->sql_query($sql); $msg_list_ary = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['user_notify_pm'] == 1 && trim($row['user_email'])) { $msg_list_ary[] = array('method' => $row['user_notify_type'], 'email' => $row['user_email'], 'jabber' => $row['user_jabber'], 'name' => $row['username'], 'lang' => $row['user_lang']); } } $db->sql_freeresult($result); if (!sizeof($msg_list_ary)) { return; } include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); foreach ($msg_list_ary as $pos => $addr) { $messenger->template('privmsg_notify', $addr['lang']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('SUBJECT' => htmlspecialchars_decode($subject), 'AUTHOR_NAME' => htmlspecialchars_decode($author), 'USERNAME' => htmlspecialchars_decode($addr['name']), 'U_INBOX' => generate_board_url() . "/ucp.{$phpEx}?i=pm&folder=inbox", 'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.{$phpEx}?i=pm&mode=view&p={$msg_id}")); $messenger->send($addr['method']); } unset($msg_list_ary); $messenger->save_queue(); unset($messenger); }
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $email_tpl = $user_id ? 'profile_send_email' : 'email_notify'; $mail_to_users = array(); $mail_to_users[] = array('email_lang' => $email_lang, 'email' => $email, 'name' => $name, 'username' => $user_id ? $row['username'] : '', 'to_name' => $name, 'user_jabber' => $user_id ? $row['user_jabber'] : '', 'user_notify_type' => $user_id ? $row['user_notify_type'] : NOTIFY_EMAIL, 'topic_title' => !$user_id ? $row['topic_title'] : '', 'forum_id' => !$user_id ? $row['forum_id'] : 0); // Ok, now the same email if CC specified, but without exposing the users email address if ($cc) { $mail_to_users[] = array('email_lang' => $user->data['user_lang'], 'email' => $user->data['user_email'], 'name' => $user->data['username'], 'username' => $user->data['username'], 'to_name' => $name, 'user_jabber' => $user->data['user_jabber'], 'user_notify_type' => $user_id ? $user->data['user_notify_type'] : NOTIFY_EMAIL, 'topic_title' => !$user_id ? $row['topic_title'] : '', 'forum_id' => !$user_id ? $row['forum_id'] : 0); } foreach ($mail_to_users as $row) { $messenger->template($email_tpl, $row['email_lang']); $messenger->replyto($user->data['user_email']); $messenger->to($row['email'], $row['name']); if ($user_id) { $messenger->subject(htmlspecialchars_decode($subject)); $messenger->im($row['user_jabber'], $row['username']); $notify_type = $row['user_notify_type']; } else { $notify_type = NOTIFY_EMAIL; } $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->assign_vars(array('BOARD_CONTACT' => $config['board_contact'], 'TO_USERNAME' => htmlspecialchars_decode($row['to_name']), 'FROM_USERNAME' => htmlspecialchars_decode($user->data['username']), 'MESSAGE' => htmlspecialchars_decode($message))); if ($topic_id) { $messenger->assign_vars(array('TOPIC_NAME' => htmlspecialchars_decode($row['topic_title']), 'U_TOPIC' => generate_board_url() . "/viewtopic.{$phpEx}?f=" . $row['forum_id'] . "&t={$topic_id}")); } $messenger->send($notify_type); } meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}"));
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; $user->add_lang('posting'); $preview = !empty($_POST['preview']) ? true : false; $submit = !empty($_POST['submit']) ? true : false; $delete = !empty($_POST['delete']) ? true : false; $error = $data = array(); $s_hidden_fields = ''; switch ($mode) { case 'reg_details': $data = array('username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), 'email' => strtolower(request_var('email', $user->data['user_email'])), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'new_password' => request_var('new_password', '', true), 'cur_password' => request_var('cur_password', '', true), 'password_confirm' => request_var('password_confirm', '', true)); add_form_key('ucp_reg_details'); if ($submit) { // Do not check cur_password, it is the old one. $check_ary = array('new_password' => array(array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', true, 6, 60)); if ($auth->acl_get('u_chgname') && $config['allow_namechange']) { $check_ary['username'] = array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username')); } $error = validate_data($data, $check_ary); if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) { $error[] = $data['email_confirm'] ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY'; } if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) { $error[] = $data['password_confirm'] ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY'; } // Only check the new password against the previous password if there have been no errors if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && phpbb_check_hash($data['new_password'], $user->data['user_password'])) { $error[] = 'SAME_PASSWORD_ERROR'; } if (!phpbb_check_hash($data['cur_password'], $user->data['user_password'])) { $error[] = $data['cur_password'] ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY'; } if (!check_form_key('ucp_reg_details')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $sql_ary = array('username' => $auth->acl_get('u_chgname') && $config['allow_namechange'] ? $data['username'] : $user->data['username'], 'username_clean' => $auth->acl_get('u_chgname') && $config['allow_namechange'] ? utf8_clean_string($data['username']) : $user->data['username_clean'], 'user_email' => $auth->acl_get('u_chgemail') ? $data['email'] : $user->data['user_email'], 'user_email_hash' => $auth->acl_get('u_chgemail') ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'], 'user_password' => $auth->acl_get('u_chgpasswd') && $data['new_password'] ? phpbb_hash($data['new_password']) : $user->data['user_password'], 'user_passchg' => $auth->acl_get('u_chgpasswd') && $data['new_password'] ? time() : 0); if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username']) { add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']); } if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !phpbb_check_hash($data['new_password'], $user->data['user_password'])) { $user->reset_login_keys(); add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']); } if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) { add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']); } $message = 'PROFILE_UPDATED'; if ($auth->acl_get('u_chgemail') && $config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) { $message = $config['require_activation'] == USER_ACTIVATION_SELF ? 'ACCOUNT_EMAIL_CHANGED' : 'ACCOUNT_EMAIL_CHANGED_ADMIN'; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $server_url = generate_board_url(); $user_actkey = gen_rand_string(mt_rand(6, 10)); $messenger = new messenger(false); $template_file = $config['require_activation'] == USER_ACTIVATION_ADMIN ? 'user_activate_inactive' : 'user_activate'; $messenger->template($template_file, $user->data['user_lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user->data['user_id']}&k={$user_actkey}")); $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = !empty($admin_ary[0]['a_user']) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "{$server_url}/memberlist.{$phpEx}?mode=viewprofile&u={$user->data['user_id']}", 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user->data['user_id']}&k={$user_actkey}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } user_active_flip('deactivate', $user->data['user_id'], INACTIVE_PROFILE); // Because we want the profile to be reactivated we set user_newpasswd to empty (else the reactivation will fail) $sql_ary['user_actkey'] = $user_actkey; $sql_ary['user_newpasswd'] = ''; } if (sizeof($sql_ary)) { $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); } // Need to update config, forum, topic, posting, messages, etc. if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange']) { user_update_name($user->data['username'], $data['username']); } // Now, we can remove the user completely (kill the session) - NOT BEFORE!!! if (!empty($sql_ary['user_actkey'])) { meta_refresh(5, append_sid($phpbb_root_path . 'index.' . $phpEx)); $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid($phpbb_root_path . 'index.' . $phpEx) . '">', '</a>'); // Because the user gets deactivated we log him out too, killing his session $user->session_kill(); } else { meta_refresh(3, $this->u_action); $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); } trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'EMAIL' => $data['email'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'NEW_PASSWORD' => $data['new_password'], 'CUR_PASSWORD' => '', 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_FORCE_PASSWORD' => $auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - $config['chg_passforce'] * 86400 ? true : false, 'S_CHANGE_USERNAME' => $config['allow_namechange'] && $auth->acl_get('u_chgname') ? true : false, 'S_CHANGE_EMAIL' => $auth->acl_get('u_chgemail') ? true : false, 'S_CHANGE_PASSWORD' => $auth->acl_get('u_chgpasswd') ? true : false)); break; case 'profile_info': include $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx; $cp = new custom_profile(); $cp_data = $cp_error = array(); $data = array('icq' => request_var('icq', $user->data['user_icq']), 'aim' => request_var('aim', $user->data['user_aim']), 'msn' => request_var('msn', $user->data['user_msnm']), 'yim' => request_var('yim', $user->data['user_yim']), 'jabber' => utf8_normalize_nfc(request_var('jabber', $user->data['user_jabber'], true)), 'website' => request_var('website', $user->data['user_website']), 'location' => utf8_normalize_nfc(request_var('location', $user->data['user_from'], true)), 'occupation' => utf8_normalize_nfc(request_var('occupation', $user->data['user_occ'], true)), 'interests' => utf8_normalize_nfc(request_var('interests', $user->data['user_interests'], true))); if ($config['allow_birthdays']) { $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0; if ($user->data['user_birthday']) { list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']); } $data['bday_day'] = request_var('bday_day', $data['bday_day']); $data['bday_month'] = request_var('bday_month', $data['bday_month']); $data['bday_year'] = request_var('bday_year', $data['bday_year']); $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); } add_form_key('ucp_profile_info'); if ($submit) { $validate_array = array('icq' => array(array('string', true, 3, 15), array('match', true, '#^[0-9]+$#i')), 'aim' => array('string', true, 3, 255), 'msn' => array('string', true, 5, 255), 'jabber' => array(array('string', true, 5, 255), array('jabber')), 'yim' => array('string', true, 5, 255), 'website' => array(array('string', true, 12, 255), array('match', true, '#^http[s]?://(.*?\\.)*?[a-z0-9\\-]+\\.[a-z]{2,4}#i')), 'location' => array('string', true, 2, 100), 'occupation' => array('string', true, 2, 500), 'interests' => array('string', true, 2, 500)); if ($config['allow_birthdays']) { $validate_array = array_merge($validate_array, array('bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), 'user_birthday' => array('date', true))); } $error = validate_data($data, $validate_array); // validate custom profile fields $cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error); if (sizeof($cp_error)) { $error = array_merge($error, $cp_error); } if (!check_form_key('ucp_profile_info')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $data['notify'] = $user->data['user_notify_type']; if ($data['notify'] == NOTIFY_IM && (!$config['jab_enable'] || !$data['jabber'] || !@extension_loaded('xml'))) { // User has not filled in a jabber address (Or one of the modules is disabled or jabber is disabled) // Disable notify by Jabber now for this user. $data['notify'] = NOTIFY_EMAIL; } $sql_ary = array('user_icq' => $data['icq'], 'user_aim' => $data['aim'], 'user_msnm' => $data['msn'], 'user_yim' => $data['yim'], 'user_jabber' => $data['jabber'], 'user_website' => $data['website'], 'user_from' => $data['location'], 'user_occ' => $data['occupation'], 'user_interests' => $data['interests'], 'user_notify_type' => $data['notify']); if ($config['allow_birthdays']) { $sql_ary['user_birthday'] = $data['user_birthday']; } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); // Update Custom Fields $cp->update_profile_field_data($user->data['user_id'], $cp_data); meta_refresh(3, $this->u_action); $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } if ($config['allow_birthdays']) { $s_birthday_day_options = '<option value="0"' . (!$data['bday_day'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = 1; $i < 32; $i++) { $selected = $i == $data['bday_day'] ? ' selected="selected"' : ''; $s_birthday_day_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } $s_birthday_month_options = '<option value="0"' . (!$data['bday_month'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = 1; $i < 13; $i++) { $selected = $i == $data['bday_month'] ? ' selected="selected"' : ''; $s_birthday_month_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } $s_birthday_year_options = ''; $now = getdate(); $s_birthday_year_options = '<option value="0"' . (!$data['bday_year'] ? ' selected="selected"' : '') . '>--</option>'; for ($i = $now['year'] - 100; $i <= $now['year']; $i++) { $selected = $i == $data['bday_year'] ? ' selected="selected"' : ''; $s_birthday_year_options .= "<option value=\"{$i}\"{$selected}>{$i}</option>"; } unset($now); $template->assign_vars(array('S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options, 'S_BIRTHDAYS_ENABLED' => true)); } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'ICQ' => $data['icq'], 'YIM' => $data['yim'], 'AIM' => $data['aim'], 'MSN' => $data['msn'], 'JABBER' => $data['jabber'], 'WEBSITE' => $data['website'], 'LOCATION' => $data['location'], 'OCCUPATION' => $data['occupation'], 'INTERESTS' => $data['interests'])); // Get additional profile fields and assign them to the template block var 'profile_fields' $user->get_profile_fields($user->data['user_id']); $cp->generate_profile_fields('profile', $user->get_iso_lang_id()); break; case 'signature': if (!$auth->acl_get('u_sig')) { trigger_error('NO_AUTH_SIGNATURE'); } include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; include $phpbb_root_path . 'includes/functions_display.' . $phpEx; $enable_bbcode = $config['allow_sig_bbcode'] ? (bool) $user->optionget('sig_bbcode') : false; $enable_smilies = $config['allow_sig_smilies'] ? (bool) $user->optionget('sig_smilies') : false; $enable_urls = $config['allow_sig_links'] ? (bool) $user->optionget('sig_links') : false; $signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true)); add_form_key('ucp_sig'); if ($submit || $preview) { include $phpbb_root_path . 'includes/message_parser.' . $phpEx; $enable_bbcode = $config['allow_sig_bbcode'] ? request_var('disable_bbcode', false) ? false : true : false; $enable_smilies = $config['allow_sig_smilies'] ? request_var('disable_smilies', false) ? false : true : false; $enable_urls = $config['allow_sig_links'] ? request_var('disable_magic_url', false) ? false : true : false; if (!sizeof($error)) { $message_parser = new parse_message($signature); // Allowing Quote BBCode $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig'); if (sizeof($message_parser->warn_msg)) { $error[] = implode('<br />', $message_parser->warn_msg); } if (!check_form_key('ucp_sig')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error) && $submit) { $user->optionset('sig_bbcode', $enable_bbcode); $user->optionset('sig_smilies', $enable_smilies); $user->optionset('sig_links', $enable_urls); $sql_ary = array('user_sig' => (string) $message_parser->message, 'user_options' => $user->data['user_options'], 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid, 'user_sig_bbcode_bitfield' => $message_parser->bbcode_bitfield); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $signature_preview = ''; if ($preview) { // Now parse it for displaying $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); unset($message_parser); } decode_message($signature, $user->data['user_sig_bbcode_uid']); $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'SIGNATURE' => $signature, 'SIGNATURE_PREVIEW' => $signature_preview, 'S_BBCODE_CHECKED' => !$enable_bbcode ? ' checked="checked"' : '', 'S_SMILIES_CHECKED' => !$enable_smilies ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => !$enable_urls ? ' checked="checked"' : '', 'BBCODE_STATUS' => $config['allow_sig_bbcode'] ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>'), 'SMILIES_STATUS' => $config['allow_sig_smilies'] ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'IMG_STATUS' => $config['allow_sig_img'] ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $config['allow_sig_flash'] ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'URL_STATUS' => $config['allow_sig_links'] ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_sig_font_size'], 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']), 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'], 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'], 'S_BBCODE_IMG' => $config['allow_sig_img'] ? true : false, 'S_BBCODE_FLASH' => $config['allow_sig_flash'] ? true : false, 'S_LINKS_ALLOWED' => $config['allow_sig_links'] ? true : false)); // Build custom bbcodes array display_custom_bbcodes(); break; case 'avatar': include $phpbb_root_path . 'includes/functions_display.' . $phpEx; $display_gallery = request_var('display_gallery', '0'); $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); $can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false; add_form_key('ucp_avatar'); if ($submit) { if (check_form_key('ucp_avatar')) { if (avatar_process_user($error, false, $can_upload)) { meta_refresh(3, $this->u_action); $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } } else { $error[] = 'FORM_INVALID'; } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } if (!$config['allow_avatar'] && $user->data['user_avatar_type']) { $error[] = $user->lang['AVATAR_NOT_ALLOWED']; } else { if ($user->data['user_avatar_type'] == AVATAR_UPLOAD && !$config['allow_avatar_upload'] || $user->data['user_avatar_type'] == AVATAR_REMOTE && !$config['allow_avatar_remote'] || $user->data['user_avatar_type'] == AVATAR_GALLERY && !$config['allow_avatar_local']) { $error[] = $user->lang['AVATAR_TYPE_NOT_ALLOWED']; } } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'AVATAR' => get_user_avatar($user->data['user_avatar'], $user->data['user_avatar_type'], $user->data['user_avatar_width'], $user->data['user_avatar_height'], 'USER_AVATAR', true), 'AVATAR_SIZE' => $config['avatar_filesize'], 'U_GALLERY' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=profile&mode=avatar&display_gallery=1'), 'S_FORM_ENCTYPE' => $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload']) ? ' enctype="multipart/form-data"' : '', 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024))); if ($config['allow_avatar'] && $display_gallery && $auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) { avatar_gallery($category, $avatar_select, 4); } else { if ($config['allow_avatar']) { $avatars_enabled = $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload']) || $auth->acl_get('u_chgavatar') && ($config['allow_avatar_local'] || $config['allow_avatar_remote']) ? true : false; $template->assign_vars(array('AVATAR_WIDTH' => request_var('width', $user->data['user_avatar_width']), 'AVATAR_HEIGHT' => request_var('height', $user->data['user_avatar_height']), 'S_AVATARS_ENABLED' => $avatars_enabled, 'S_UPLOAD_AVATAR_FILE' => $can_upload && $config['allow_avatar_upload'] ? true : false, 'S_UPLOAD_AVATAR_URL' => $can_upload && $config['allow_avatar_remote_upload'] ? true : false, 'S_LINK_AVATAR' => $auth->acl_get('u_chgavatar') && $config['allow_avatar_remote'] ? true : false, 'S_DISPLAY_GALLERY' => $auth->acl_get('u_chgavatar') && $config['allow_avatar_local'] ? true : false)); } } break; } $template->assign_vars(array('L_TITLE' => $user->lang['UCP_PROFILE_' . strtoupper($mode)], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action)); // Set desired template $this->tpl_name = 'ucp_profile_' . $mode; $this->page_title = 'UCP_PROFILE_' . strtoupper($mode); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix; $user->add_lang('acp/email'); $this->tpl_name = 'acp_email'; $this->page_title = 'ACP_MASS_EMAIL'; $form_key = 'acp_email'; add_form_key($form_key); // Set some vars $submit = isset($_POST['submit']) ? true : false; $error = array(); $usernames = request_var('usernames', '', true); $group_id = request_var('g', 0); $subject = utf8_normalize_nfc(request_var('subject', '', true)); $message = utf8_normalize_nfc(request_var('message', '', true)); // Do the job ... if ($submit) { // Error checking needs to go here ... if no subject and/or no message then skip // over the send and return to the form $use_queue = isset($_POST['send_immediately']) ? false : true; $priority = request_var('mail_priority_flag', MAIL_NORMAL_PRIORITY); if (!check_form_key($form_key)) { $error[] = $user->lang['FORM_INVALID']; } if (!$subject) { $error[] = $user->lang['NO_EMAIL_SUBJECT']; } if (!$message) { $error[] = $user->lang['NO_EMAIL_MESSAGE']; } if (!sizeof($error)) { if ($usernames) { // If giving usernames the admin is able to email inactive users too... $sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . ' AND user_allow_massemail = 1 ORDER BY user_lang, user_notify_type'; // , SUBSTRING(user_email FROM INSTR(user_email, '@')) } else { if ($group_id) { $sql_ary = array('SELECT' => 'u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type', 'FROM' => array(USERS_TABLE => 'u', USER_GROUP_TABLE => 'ug'), 'WHERE' => 'ug.group_id = ' . $group_id . ' AND ug.user_pending = 0 AND u.user_id = ug.user_id AND u.user_allow_massemail = 1 AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', 'ORDER_BY' => 'u.user_lang, u.user_notify_type'); } else { $sql_ary = array('SELECT' => 'u.username, u.username_clean, u.user_email, u.user_jabber, u.user_lang, u.user_notify_type', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'u.user_allow_massemail = 1 AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')', 'ORDER_BY' => 'u.user_lang, u.user_notify_type'); } // Mail banned or not if (!isset($_REQUEST['mail_banned_flag'])) { $sql_ary['WHERE'] .= ' AND (b.ban_id IS NULL OR b.ban_exclude = 1)'; $sql_ary['LEFT_JOIN'] = array(array('FROM' => array(BANLIST_TABLE => 'b'), 'ON' => 'u.user_id = b.ban_userid')); } $sql = $db->sql_build_query('SELECT', $sql_ary); } $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); if (!$row) { $db->sql_freeresult($result); trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING); } $i = $j = 0; // Send with BCC, no more than 50 recipients for one mail (to not exceed the limit) $max_chunk_size = 50; $email_list = array(); $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; do { if ($row['user_notify_type'] == NOTIFY_EMAIL && $row['user_email'] || $row['user_notify_type'] == NOTIFY_IM && $row['user_jabber'] || $row['user_notify_type'] == NOTIFY_BOTH && ($row['user_email'] || $row['user_jabber'])) { if ($i == $max_chunk_size || $row['user_lang'] != $old_lang || $row['user_notify_type'] != $old_notify_type) { $i = 0; if (sizeof($email_list)) { $j++; } $old_lang = $row['user_lang']; $old_notify_type = $row['user_notify_type']; } $email_list[$j][$i]['lang'] = $row['user_lang']; $email_list[$j][$i]['method'] = $row['user_notify_type']; $email_list[$j][$i]['email'] = $row['user_email']; $email_list[$j][$i]['name'] = $row['username']; $email_list[$j][$i]['jabber'] = $row['user_jabber']; $i++; } } while ($row = $db->sql_fetchrow($result)); $db->sql_freeresult($result); // Send the messages include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; $messenger = new messenger($use_queue); $errored = false; for ($i = 0, $size = sizeof($email_list); $i < $size; $i++) { $used_lang = $email_list[$i][0]['lang']; $used_method = $email_list[$i][0]['method']; for ($j = 0, $list_size = sizeof($email_list[$i]); $j < $list_size; $j++) { $email_row = $email_list[$i][$j]; $messenger->{sizeof($email_list[$i]) == 1 ? 'to' : 'bcc'}($email_row['email'], $email_row['name']); $messenger->im($email_row['jabber'], $email_row['name']); } $messenger->template('admin_send_email', $used_lang); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); $messenger->subject(htmlspecialchars_decode($subject)); $messenger->set_mail_priority($priority); $messenger->assign_vars(array('CONTACT_EMAIL' => $config['board_contact'], 'MESSAGE' => htmlspecialchars_decode($message))); if (!$messenger->send($used_method)) { $errored = true; } } unset($email_list); $messenger->save_queue(); if ($usernames) { $usernames = explode("\n", $usernames); add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames))); } else { if ($group_id) { $group_name = get_group_name($group_id); } else { // Not great but the logging routine doesn't cope well with localising on the fly $group_name = $user->lang['ALL_USERS']; } add_log('admin', 'LOG_MASS_EMAIL', $group_name); } if (!$errored) { $message = $use_queue ? $user->lang['EMAIL_SENT_QUEUE'] : $user->lang['EMAIL_SENT']; trigger_error($message . adm_back_link($this->u_action)); } else { $message = sprintf($user->lang['EMAIL_SEND_ERROR'], '<a href="' . append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=logs&mode=critical') . '">', '</a>'); trigger_error($message . adm_back_link($this->u_action), E_USER_WARNING); } } } // Exclude bots and guests... $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\tWHERE group_name IN ('BOTS', 'GUESTS')"; $result = $db->sql_query($sql); $exclude = array(); while ($row = $db->sql_fetchrow($result)) { $exclude[] = $row['group_id']; } $db->sql_freeresult($result); $select_list = '<option value="0"' . (!$group_id ? ' selected="selected"' : '') . '>' . $user->lang['ALL_USERS'] . '</option>'; $select_list .= group_select_options($group_id, $exclude); $s_priority_options = '<option value="' . MAIL_LOW_PRIORITY . '">' . $user->lang['MAIL_LOW_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_NORMAL_PRIORITY . '" selected="selected">' . $user->lang['MAIL_NORMAL_PRIORITY'] . '</option>'; $s_priority_options .= '<option value="' . MAIL_HIGH_PRIORITY . '">' . $user->lang['MAIL_HIGH_PRIORITY'] . '</option>'; $template->assign_vars(array('S_WARNING' => sizeof($error) ? true : false, 'WARNING_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'U_ACTION' => $this->u_action, 'S_GROUP_OPTIONS' => $select_list, 'USERNAMES' => $usernames, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=acp_email&field=usernames'), 'SUBJECT' => $subject, 'MESSAGE' => $message, 'S_PRIORITY_OPTIONS' => $s_priority_options)); }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } include $phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx; $coppa = isset($_REQUEST['coppa']) ? !empty($_REQUEST['coppa']) ? 1 : 0 : false; $agreed = !empty($_POST['agreed']) ? 1 : 0; $submit = isset($_POST['submit']) ? true : false; $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name); if ($agreed) { add_form_key('ucp_register'); } else { add_form_key('ucp_register_terms'); } if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = $change_lang ? basename($change_lang) : basename($user_lang); if (!validate_language_iso_name($use_lang)) { if ($change_lang) { $submit = false; // Setting back agreed to let the user view the agreement in his/her language $agreed = empty($_GET['change_lang']) ? 0 : $agreed; } $user->lang_name = $user_lang = $use_lang; $user->lang = array(); $user->data['user_lang'] = $user->lang_name; $user->add_lang(array('common', 'ucp')); } else { $change_lang = ''; $user_lang = $user->lang_name; } } $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); if (!$agreed || $coppa === false && $config['coppa_enable'] || $coppa && !$config['coppa_enable']) { $add_lang = $change_lang ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = $coppa !== false ? '&coppa=' . $coppa : ''; $s_hidden_fields = array('change_lang' => $change_lang); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { // We do not include the password $s_hidden_fields = array_merge($s_hidden_fields, array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => $user->lang_name, 'tz' => request_var('tz', (double) $config['board_timezone']))); } // Checking amount of available languages $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $db->sql_query($sql); $lang_row = array(); while ($row = $db->sql_fetchrow($result)) { $lang_row[] = $row; } $db->sql_freeresult($result); if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); unset($now); $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=0' . $add_lang), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register&coppa=1' . $add_lang), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang))); } else { $template->assign_vars(array('S_LANG_OPTIONS' => sizeof($lang_row) > 1 ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register' . $add_lang . $add_coppa))); } unset($lang_row); $this->tpl_name = 'ucp_agreement'; return; } // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { include $phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx; $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 $timezone = date('Z') / 3600; $is_dst = date('I'); if ($config['board_timezone'] == $timezone || $config['board_timezone'] == $timezone - 1) { $timezone = $is_dst ? $timezone - 1 : $timezone; if (!isset($user->lang['tz_zones'][(string) $timezone])) { $timezone = $config['board_timezone']; } } else { $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; } $data = array('username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (double) $timezone)); // Check and initialize some variables if needed if ($submit) { $error = validate_data($data, array('username' => array(array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array(array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array(array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), 'lang' => array('language_iso_name'))); if (!check_form_key('ucp_register')) { $error[] = $user->lang['FORM_INVALID']; } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); if ($config['enable_confirm']) { $vc_response = $captcha->validate($data); if ($vc_response !== false) { $error[] = $vc_response; } if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) { $error[] = $user->lang['TOO_MANY_REGISTERS']; } } // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); if (!sizeof($error)) { if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } if ($data['email'] != $data['email_confirm']) { $error[] = $user->lang['NEW_EMAIL_ERROR']; } } if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_name = $coppa ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . "\n\t\t\t\t\tWHERE group_name = '" . $db->sql_escape($group_name) . "'\n\t\t\t\t\t\tAND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(mt_rand(6, 10)); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } $user_row = array('username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (double) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time); if ($config['new_member_post_limit']) { $user_row['user_new'] = 1; } // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } // Okay, captcha, your job is done. if ($config['enable_confirm'] && isset($captcha)) { $captcha->reset(); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else { if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } } } if ($config['email_enable']) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array('WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); if ($coppa) { $messenger->assign_vars(array('FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email'])); } $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = !empty($admin_ary[0]['a_user']) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "{$server_url}/memberlist.{$phpEx}?mode=viewprofile&u={$user_id}", 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_id}&k={$user_actkey}")); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } } $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } } $s_hidden_fields = array('agreed' => 'true', 'change_lang' => 0); if ($config['coppa_enable']) { $s_hidden_fields['coppa'] = $coppa; } if ($config['enable_confirm']) { $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { $template->assign_vars(array('CAPTCHA_TEMPLATE' => $captcha->get_template())); } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']), 'S_CONFIRM_REFRESH' => $config['enable_confirm'] && $config['confirm_refresh'] ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=register'))); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; }