/**
* Delete member(s)
*
* @access public
* @param mixed [Integer] member ID or [Array] array of member ids
* @param boolean Check if request is from an admin
* @return boolean Action completed successfully
*/
public static function remove($id, $check_admin = true)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$tmp_mids = array();
$emails = array();
//-----------------------------------------
// Sort out thingie
//-----------------------------------------
if (is_array($id)) {
$id = IPSLib::cleanIntArray($id);
$mids = ' IN (' . implode(",", $id) . ')';
} else {
$mids = ' = ' . intval($id);
}
//-----------------------------------------
// Get accounts and check IDS
//-----------------------------------------
ipsRegistry::DB()->build(array('select' => 'm.member_id, m.name, m.member_group_id, m.email', 'from' => array('members' => 'm'), 'where' => 'm.member_id' . $mids, 'add_join' => array(array('select' => 'g.g_access_cp', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.member_group_id', 'type' => 'left'))));
ipsRegistry::DB()->execute();
while ($r = ipsRegistry::DB()->fetch()) {
//-----------------------------------------
// Non root admin attempting to edit root admin?
//-----------------------------------------
if ($check_admin) {
if (!ipsRegistry::member()->getProperty('g_access_cp')) {
if ($r['g_access_cp']) {
continue;
}
}
}
$tmp_mids[] = $r['member_id'];
$emails[] = $r['email'];
self::_removeFromCache($r['member_id']);
}
if (!count($tmp_mids)) {
return false;
}
$mids = ' IN (' . implode(",", $tmp_mids) . ')';
//-----------------------------------------
// Get avatars / photo
//-----------------------------------------
$delete_files = array();
ipsRegistry::DB()->build(array('select' => '*', 'from' => 'profile_portal', 'where' => 'pp_member_id' . $mids));
ipsRegistry::DB()->execute();
while ($r = ipsRegistry::DB()->fetch()) {
if ($r['pp_main_photo']) {
$delete_files[] = $r['pp_main_photo'];
}
if ($r['pp_thumb_photo']) {
$delete_files[] = $r['pp_thumb_photo'];
}
if ($r['avatar_type'] == 'upload' and $r['avatar_location']) {
$delete_files[] = $r['avatar_location'];
}
}
//-----------------------------------------
// Take care of forum stuff
//-----------------------------------------
ipsRegistry::DB()->update('posts', array('author_id' => 0), "author_id" . $mids);
ipsRegistry::DB()->update('topics', array('starter_id' => 0), "starter_id" . $mids);
ipsRegistry::DB()->update('announcements', array('announce_member_id' => 0), "announce_member_id" . $mids);
ipsRegistry::DB()->update('attachments', array('attach_member_id' => 0), "attach_member_id" . $mids);
ipsRegistry::DB()->update('polls', array('starter_id' => 0), "starter_id" . $mids);
//ipsRegistry::DB()->update( 'topic_ratings' , array( 'rating_member_id' => 0 ), "rating_member_id" . $mids );
ipsRegistry::DB()->update('voters', array('member_id' => 0), "member_id" . $mids);
ipsRegistry::DB()->update('forums', array('last_poster_name' => ''), "last_poster_id" . $mids);
ipsRegistry::DB()->update('forums', array('seo_last_name' => ''), "last_poster_id" . $mids);
ipsRegistry::DB()->update('forums', array('last_poster_id' => 0), "last_poster_id" . $mids);
//-----------------------------------------
// Clean up profile stuff
//-----------------------------------------
ipsRegistry::DB()->update('profile_comments', array('comment_by_member_id' => 0), "comment_by_member_id" . $mids);
ipsRegistry::DB()->update('profile_ratings', array('rating_by_member_id' => 0), "rating_by_member_id" . $mids);
ipsRegistry::DB()->delete('profile_comments', "comment_for_member_id" . $mids);
ipsRegistry::DB()->delete('profile_ratings', "rating_for_member_id" . $mids);
ipsRegistry::DB()->delete('profile_portal', "pp_member_id" . $mids);
ipsRegistry::DB()->delete('profile_portal_views', "views_member_id" . $mids);
ipsRegistry::DB()->delete('profile_friends', "friends_member_id" . $mids);
ipsRegistry::DB()->delete('profile_friends', "friends_friend_id" . $mids);
ipsRegistry::DB()->delete('dnames_change', "dname_member_id" . $mids);
//-----------------------------------------
// Delete member...
//-----------------------------------------
ipsRegistry::DB()->delete('pfields_content', "member_id" . $mids);
ipsRegistry::DB()->delete('members_partial', "partial_member_id" . $mids);
ipsRegistry::DB()->delete('moderators', "member_id" . $mids);
ipsRegistry::DB()->delete('sessions', "member_id" . $mids);
ipsRegistry::DB()->delete('warn_logs', "wlog_mid" . $mids);
ipsRegistry::DB()->update('warn_logs', array('wlog_addedby' => 0), "wlog_addedby" . $mids);
//-----------------------------------------
// Update admin stuff
//-----------------------------------------
ipsRegistry::DB()->delete('admin_permission_rows', "row_id_type='member' AND row_id" . $mids);
ipsRegistry::DB()->delete('core_sys_cp_sessions', 'session_member_id' . $mids);
ipsRegistry::DB()->update('upgrade_history', array('upgrade_mid' => 0), "upgrade_mid" . $mids);
//-----------------------------------------
// Fix up member messages...
//-----------------------------------------
ipsRegistry::DB()->delete('message_topic_user_map', 'map_user_id' . $mids);
ipsRegistry::DB()->update('message_posts', array('msg_author_id' => 0), 'msg_author_id' . $mids);
ipsRegistry::DB()->update('message_topics', array('mt_starter_id' => 0), 'mt_starter_id' . $mids);
ipsRegistry::DB()->delete('ignored_users', "ignore_owner_id" . $mids . " or ignore_ignore_id" . $mids);
//-----------------------------------------
// Delete subs, views, markers
//-----------------------------------------
ipsRegistry::DB()->delete('tracker', "member_id" . $mids);
ipsRegistry::DB()->delete('forum_tracker', "member_id" . $mids);
ipsRegistry::DB()->delete('core_item_markers', "item_member_id" . $mids);
//-----------------------------------------
// Delete from validating..
//-----------------------------------------
ipsRegistry::DB()->delete('validating', "member_id" . $mids);
ipsRegistry::DB()->delete('members', "member_id" . $mids);
//-----------------------------------------
// Delete avatars / photos
//-----------------------------------------
if (count($delete_files)) {
foreach ($delete_files as $file) {
@unlink(ipsRegistry::$settings['upload_dir'] . "/" . $file);
}
}
//-----------------------------------------
// Member Sync
//-----------------------------------------
IPSLib::runMemberSync('onDelete', $mids);
/* Remove from cache */
IPSContentCache::drop('sig', $tmp_mids);
//-----------------------------------------
// Get current stats...
//-----------------------------------------
ipsRegistry::cache()->rebuildCache('stats', 'global');
ipsRegistry::cache()->rebuildCache('moderators', 'global');
}
/**
* Update a user's login or display name
*
* @access protected
* @param string Field to update
* @return void [Outputs to screen]
*/
protected function save_member_name($field = 'members_display_name')
{
$member_id = intval($this->request['member_id']);
$member = IPSMember::load($member_id);
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
$this->returnJsonError($this->lang->words['m_editadmin']);
exit;
}
if ($field == 'members_display_name') {
$display_name = $this->convertAndMakeSafe($_POST['display_name'], 1);
$display_name = str_replace("+", "+", $display_name);
} else {
$display_name = $this->convertAndMakeSafe($_POST['name'], 1);
$display_name = str_replace("+", "+", $display_name);
$display_name = str_replace('|', '|', $display_name);
$display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name));
}
if ($this->settings['strip_space_chr']) {
// use hexdec to convert between '0xAD' and chr
$display_name = IPSText::removeControlCharacters($display_name);
}
if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", str_replace(''', "'", str_replace('&', '&', $members_display_name)))) {
$this->returnJsonError($this->lang->words['m_displaynames']);
}
try {
if (IPSMember::getFunction()->updateName($member_id, $display_name, $field) === TRUE) {
if ($field == 'members_display_name') {
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name));
} else {
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name));
//-----------------------------------------
// If updating a name, and display names
// disabled, update display name too
//-----------------------------------------
if (!ipsRegistry::$settings['auth_allow_dnames']) {
IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name');
}
//-----------------------------------------
// I say, did we choose to email 'dis member?
//-----------------------------------------
if ($this->request['send_email'] == 1) {
//-----------------------------------------
// By golly, we did!
//-----------------------------------------
$msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents'])));
$msg = str_replace("{old_name}", $member['name'], $msg);
$msg = str_replace("{new_name}", $display_name, $msg);
$msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg);
$msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg);
IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg));
IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
}
}
$this->cache->rebuildCache('stats', 'global');
} else {
# We should absolutely never get here. So this is a fail-safe, really to
# prevent a "false" positive outcome for the end-user
$this->returnJsonError($this->lang->words['m_namealready']);
}
} catch (Exception $error) {
$this->returnJsonError($error->getMessage());
switch ($error->getMessage()) {
case 'NO_USER':
$this->returnJsonError($this->lang->words['m_noid']);
break;
case 'NO_PERMISSION':
case 'NO_NAME':
$this->returnJsonError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length']));
break;
case 'ILLEGAL_CHARS':
$this->returnJsonError($this->lang->words['m_illegal']);
break;
case 'USER_NAME_EXISTS':
$this->returnJsonError($this->lang->words['m_namealready']);
break;
default:
$this->returnJsonError($error->getMessage());
break;
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
if ($field == 'name') {
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$han_login = new han_login($this->registry);
$han_login->init();
$han_login->changeName($member['name'], $display_name, $member['email']);
} else {
IPSLib::runMemberSync('onNameChange', $member_id, $display_name);
}
$__display_name = addslashes($display_name);
$_string = <<<EOF
\t\t{
\t\t\t'success' : true,
\t\t\t'display_name' : "{$__display_name}"
\t\t}
\t\t
EOF;
$this->returnString($_string);
}
/**
* Updates member's DB row name or members_display_name
*
* @todo [Future] Separate out forum specific stuff (moderators, etc) and move into hooks
*
* @param string Member id
* @param string New name
* @param string Field to update (name or display name)
* @return mixed True if update successful, otherwise exception or false
*
* Error Codes:
* NO_USER Could not load the user
* NO_PERMISSION This user cannot change their display name at all
* NO_MORE_CHANGES The user cannot change their display name again in this time period
* NO_NAME No display name (or shorter than 3 chars was given)
* ILLEGAL_CHARS The display name contains illegal characters
* USER_NAME_EXISTS The username already exists
*/
public function updateName($member_id, $name, $field = 'members_display_name', $discount = FALSE)
{
//-----------------------------------------
// Load the member
//-----------------------------------------
$member = IPSMember::load($member_id);
$_seoName = IPSText::makeSeoTitle($name);
if (!$member['member_id']) {
throw new Exception("NO_USER");
}
//-----------------------------------------
// Make sure name does not exist
//-----------------------------------------
try {
if ($this->checkNameExists($name, $member, $field) === TRUE) {
throw new Exception("USER_NAME_EXISTS");
} else {
if ($field == 'members_display_name') {
$this->DB->setDataType(array('dname_previous', 'dname_current'), 'string');
if ($member['members_display_name'] != $name) {
$this->DB->insert('dnames_change', array('dname_member_id' => $member_id, 'dname_date' => time(), 'dname_ip_address' => $member['ip_address'], 'dname_previous' => $member['members_display_name'], 'dname_current' => $name, 'dname_discount' => $discount ? 1 : 0));
}
//-----------------------------------------
// Still here? Change it then
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => mb_strtolower($name), 'members_seo_name' => $_seoName)));
$this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string');
$this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->setDataType(array('member_name', 'seo_name'), 'string');
$this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']);
$this->DB->setDataType(array('starter_name', 'seo_first_name'), 'string');
$this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']);
$this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string');
$this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->update('posts', array('author_name' => $name), "author_id=" . $member['member_id']);
/* Update archived posts */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer');
$archiveWriter = new $classToLoad();
$archiveWriter->setApp('forums');
$archiveWriter->update(array('archive_author_name' => $name), 'archive_author_id=' . $member['member_id']);
} else {
//-----------------------------------------
// If one gets here, one can assume that the new name is correct for one, er...one.
// So, lets do the converteroo
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('name' => $name, 'members_l_username' => mb_strtolower($name))));
$this->DB->setDataType('member_name', 'string');
$this->DB->update('moderators', array('member_name' => $name), "member_id=" . $member['member_id']);
if (!$this->settings['auth_allow_dnames']) {
//-----------------------------------------
// Not using sep. display names?
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => mb_strtolower($name), 'members_seo_name' => $_seoName)));
$this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string');
$this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->setDataType(array('member_name', 'seo_name'), 'string');
$this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']);
$this->DB->setDataType(array('starter_name', 'seo_first_name'), 'string');
$this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']);
$this->DB->setDataType(array('last_poster_name', 'seo_last_name'), 'string');
$this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->update('posts', array('author_name' => $name), "author_id=" . $member['member_id']);
/* Update archived posts */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer');
$archiveWriter = new $classToLoad();
$archiveWriter->setApp('forums');
$archiveWriter->update(array('archive_author_name' => $name), 'archive_author_id=' . $member['member_id']);
}
}
//-----------------------------------------
// Recache moderators
//-----------------------------------------
$this->registry->cache()->rebuildCache('moderators', 'forums');
//-----------------------------------------
// Recache announcements
//-----------------------------------------
$this->registry->cache()->rebuildCache('announcements', 'forums');
//-----------------------------------------
// Stats to Update?
//-----------------------------------------
$this->registry->cache()->rebuildCache('stats', 'core');
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changeName($member[$field], $name, $member['email'], $member, $field);
IPSLib::runMemberSync('onNameChange', $member['member_id'], $name);
return TRUE;
}
} catch (Exception $error) {
throw new Exception($error->getMessage());
}
}
/**
* Merge two members
*
* @return @e void [Redirects to member account]
* @author Brandon Farber
*/
protected function _completeMerge()
{
if (!$this->request['confirm']) {
$member = IPSMember::load($this->request['member_id']);
//-----------------------------------------
// Load member
//-----------------------------------------
$newMember = NULL;
$_newMember = NULL;
/* Name */
if ($this->request['name']) {
$newMember = IPSMember::load($this->request['name'], '', 'displayname');
$_newMember = $newMember['member_id'];
}
/* Email */
if ($this->request['email']) {
$newMember = IPSMember::load($this->request['email'], '', 'email');
if ($_newMember !== NULL and $_newMember != $newMember['member_id']) {
$this->registry->output->global_error = $this->lang->words['err_transfer_badmulti'];
$this->_mergeForm();
return false;
}
$_newMember = $newMember['member_id'];
}
/* ID */
if ($this->request['target_id']) {
$newMember = IPSMember::load(intval($this->request['target_id']), '', 'id');
if ($_newMember !== NULL and $_newMember != $newMember['member_id']) {
$this->registry->output->global_error = $this->lang->words['err_transfer_badmulti'];
$this->_mergeForm();
return false;
}
$_newMember = $newMember['member_id'];
}
if (!$newMember['member_id']) {
$this->registry->output->global_error = $this->lang->words['no_merge_id'];
$this->_mergeForm();
return false;
}
$member2 = $newMember;
if (!$member['member_id'] or !$member2['member_id']) {
$this->registry->output->global_error = $this->lang->words['no_merge_id'];
$this->_mergeForm();
return false;
}
//-----------------------------------------
// Output
//-----------------------------------------
$this->registry->output->html .= $this->html->mergeConfirm($member, $newMember);
} else {
$member = IPSMember::load($this->request['member_id']);
$member2 = IPSMember::load($this->request['member_id2']);
if (!$member['member_id'] or !$member2['member_id']) {
$this->registry->output->global_error = $this->lang->words['no_merge_id'];
$this->_mergeForm();
return false;
}
//-----------------------------------------
// Take care of forum stuff
//-----------------------------------------
$this->DB->update('posts', array('author_name' => $member['members_display_name'], 'author_id' => $member['member_id']), "author_id=" . $member2['member_id']);
$this->DB->update('topics', array('starter_name' => $member['members_display_name'], 'seo_first_name' => $member['members_seo_name'], 'starter_id' => $member['member_id']), "starter_id=" . $member2['member_id']);
$this->DB->update('topics', array('last_poster_name' => $member['members_display_name'], 'seo_last_name' => $member['members_seo_name'], 'last_poster_id' => $member['member_id']), "last_poster_id=" . $member2['member_id']);
$this->DB->update('announcements', array('announce_member_id' => $member['member_id']), "announce_member_id=" . $member2['member_id']);
$this->DB->update('attachments', array('attach_member_id' => $member['member_id']), "attach_member_id=" . $member2['member_id']);
$this->DB->update('polls', array('starter_id' => $member['member_id']), "starter_id=" . $member2['member_id']);
$this->DB->update('topic_ratings', array('rating_member_id' => $member['member_id']), "rating_member_id=" . $member2['member_id']);
$this->DB->update('moderators', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
$this->DB->update('forums', array('last_poster_name' => $member['members_display_name'], 'seo_last_name' => $member['members_seo_name'], 'last_poster_id' => $member['member_id']), "last_poster_id=" . $member2['member_id']);
$this->DB->update('core_share_links_log', array('log_member_id' => $member['member_id']), "log_member_id=" . $member2['member_id']);
$this->DB->update('core_soft_delete_log', array('sdl_obj_member_id' => $member['member_id']), "sdl_obj_member_id=" . $member2['member_id']);
$this->DB->update('rss_import', array('rss_import_mid' => $member['member_id']), "rss_import_mid=" . $member2['member_id']);
$this->DB->update('core_tags', array('tag_member_id' => $member['member_id']), "tag_member_id=" . $member2['member_id']);
/* Update archived posts */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/archive/writer.php', 'classes_archive_writer');
$archiveWriter = new $classToLoad();
$archiveWriter->setApp('forums');
$archiveWriter->update(array('archive_author_id' => $member['member_id'], 'archive_author_name' => $member['members_display_name']), 'archive_author_id=' . $member2['member_id']);
//-----------------------------------------
// Clean up profile stuff
//-----------------------------------------
$this->DB->update('profile_portal_views', array('views_member_id' => $member['member_id']), "views_member_id=" . $member2['member_id']);
$this->DB->update('members_warn_logs', array('wl_member' => $member['member_id']), "wl_member=" . $member2['member_id']);
$this->DB->update('members_warn_logs', array('wl_moderator' => $member['member_id']), "wl_moderator=" . $member2['member_id']);
$this->DB->update('dnames_change', array('dname_member_id' => $member['member_id']), "dname_member_id=" . $member2['member_id']);
$this->DB->update('mobile_notifications', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
$this->DB->update('inline_notifications', array('notify_to_id' => $member['member_id']), "notify_to_id=" . $member2['member_id']);
$this->DB->update('inline_notifications', array('notify_from_id' => $member['member_id']), "notify_from_id=" . $member2['member_id']);
//-----------------------------------------
// Statuses
//-----------------------------------------
$this->DB->update('member_status_actions', array('action_member_id' => $member['member_id']), "action_member_id=" . $member2['member_id']);
$this->DB->update('member_status_actions', array('action_status_owner' => $member['member_id']), "action_status_owner=" . $member2['member_id']);
$this->DB->update('member_status_replies', array('reply_member_id' => $member['member_id']), "reply_member_id=" . $member2['member_id']);
$this->DB->update('member_status_updates', array('status_member_id' => $member['member_id']), "status_member_id=" . $member2['member_id']);
$this->DB->update('member_status_updates', array('status_author_id' => $member['member_id']), "status_author_id=" . $member2['member_id']);
$statusUpdates = array();
$this->DB->build(array('select' => 'status_id', 'from' => 'member_status_updates', 'where' => 'status_member_id=' . $member['member_id']));
$res = $this->DB->execute();
while ($r = $this->DB->fetch($res)) {
$this->registry->getClass('memberStatus')->rebuildStatus($r);
}
//-----------------------------------------
// Update admin stuff
//-----------------------------------------
$this->DB->update('upgrade_history', array('upgrade_mid' => $member['member_id']), "upgrade_mid=" . $member2['member_id']);
$this->DB->update('admin_logs', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
$this->DB->update('error_logs', array('log_member' => $member['member_id']), "log_member=" . $member2['member_id']);
$this->DB->update('moderator_logs', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
$this->DB->update('rc_comments', array('comment_by' => $member['member_id']), "comment_by=" . $member2['member_id']);
$this->DB->update('rc_reports', array('report_by' => $member['member_id']), "report_by=" . $member2['member_id']);
$this->DB->update('rc_reports_index', array('updated_by' => $member['member_id']), "updated_by=" . $member2['member_id']);
$this->DB->update('rc_reports_index', array('exdat1' => $member['member_id']), "seotemplate='showuser' AND exdat1=" . $member2['member_id']);
$this->DB->update('reputation_cache', array('type_id' => $member['member_id']), "type='member' AND type_id=" . $member2['member_id']);
$this->DB->update('reputation_index', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
//-----------------------------------------
// Fix up member messages...
//-----------------------------------------
$this->DB->update('message_posts', array('msg_author_id' => $member['member_id']), 'msg_author_id=' . $member2['member_id']);
$this->DB->update('message_topics', array('mt_starter_id' => $member['member_id']), 'mt_starter_id=' . $member2['member_id']);
$this->DB->update('message_topics', array('mt_to_member_id' => $member['member_id']), 'mt_to_member_id=' . $member2['member_id']);
//-----------------------------------------
// Stuff that can't have duplicates
//-----------------------------------------
//-----------------------------------------
// Likes - also invalidates likes cache
//-----------------------------------------
/* Followed stuffs */
require_once IPS_ROOT_PATH . 'sources/classes/like/composite.php';
/*noLibHook*/
$like = classes_like::bootstrap('core', 'default');
$like->updateMemberId($member2['member_id'], $member['member_id']);
//-----------------------------------------
// Poll votes
//-----------------------------------------
$voters = array();
$this->DB->build(array('select' => 'tid', 'from' => 'voters', 'where' => 'member_id=' . $member['member_id']));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$voters[] = $r['tid'];
}
if (count($voters)) {
$this->DB->update('voters', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id'] . " AND tid NOT IN(" . implode(',', $voters) . ")");
} else {
$this->DB->update('voters', array('member_id' => $member['member_id']), "member_id=" . $member2['member_id']);
}
//-----------------------------------------
// Profile ratings
//-----------------------------------------
$ratingsFor = array();
$ratingsGot = array();
$this->DB->build(array('select' => 'rating_by_member_id,rating_for_member_id', 'from' => 'profile_ratings', 'where' => 'rating_by_member_id=' . $member['member_id'] . ' OR rating_for_member_id=' . $member['member_id']));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
if ($r['rating_by_member_id'] == $member['member_id']) {
$ratingsFor[] = $r['rating_for_member_id'];
}
if ($r['rating_for_member_id'] == $member['member_id']) {
$ratingsGot[] = $r['rating_by_member_id'];
}
}
if (count($ratingsFor)) {
$this->DB->update('profile_ratings', array('rating_by_member_id' => $member['member_id']), "rating_by_member_id=" . $member2['member_id'] . " AND rating_for_member_id NOT IN(" . implode(',', $ratingsFor) . ")");
} else {
$this->DB->update('profile_ratings', array('rating_by_member_id' => $member['member_id']), "rating_by_member_id=" . $member2['member_id']);
}
if (count($ratingsGot)) {
$this->DB->update('profile_ratings', array('rating_for_member_id' => $member['member_id']), "rating_for_member_id=" . $member2['member_id'] . " AND rating_by_member_id NOT IN(" . implode(',', $ratingsGot) . ")");
} else {
$this->DB->update('profile_ratings', array('rating_for_member_id' => $member['member_id']), "rating_for_member_id=" . $member2['member_id']);
}
//-----------------------------------------
// Profile friends
//-----------------------------------------
$myFriends = array();
$friendsMy = array();
$this->DB->build(array('select' => 'friends_member_id,friends_friend_id', 'from' => 'profile_friends', 'where' => 'friends_member_id=' . $member['member_id'] . ' OR friends_friend_id=' . $member['member_id']));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
if ($r['friends_member_id'] == $member['member_id']) {
$myFriends[] = $r['friends_friend_id'];
}
if ($r['friends_friend_id'] == $member['member_id']) {
$friendsMy[] = $r['friends_member_id'];
}
}
if (count($myFriends)) {
$this->DB->update('profile_friends', array('friends_member_id' => $member['member_id']), "friends_member_id=" . $member2['member_id'] . " AND friends_friend_id NOT IN(" . implode(',', $myFriends) . ")");
} else {
$this->DB->update('profile_friends', array('friends_member_id' => $member['member_id']), "friends_member_id=" . $member2['member_id']);
}
if (count($friendsMy)) {
$this->DB->update('profile_friends', array('friends_friend_id' => $member['member_id']), "friends_friend_id=" . $member2['member_id'] . " AND friends_member_id NOT IN(" . implode(',', $friendsMy) . ")");
} else {
$this->DB->update('profile_friends', array('friends_friend_id' => $member['member_id']), "friends_friend_id=" . $member2['member_id']);
}
//-----------------------------------------
// Ignored users
//-----------------------------------------
$myIgnored = array();
$ignoredMe = array();
$this->DB->build(array('select' => 'ignore_owner_id,ignore_ignore_id', 'from' => 'ignored_users', 'where' => 'ignore_owner_id=' . $member['member_id'] . ' OR ignore_ignore_id=' . $member['member_id']));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
if ($r['ignore_owner_id'] == $member['member_id']) {
$myIgnored[] = $r['ignore_ignore_id'];
}
if ($r['ignore_ignore_id'] == $member['member_id']) {
$ignoredMe[] = $r['ignore_owner_id'];
}
}
if (count($myIgnored)) {
$this->DB->update('ignored_users', array('ignore_owner_id' => $member['member_id']), "ignore_owner_id=" . $member2['member_id'] . " AND ignore_ignore_id NOT IN(" . implode(',', $myIgnored) . ")");
} else {
$this->DB->update('ignored_users', array('ignore_owner_id' => $member['member_id']), "ignore_owner_id=" . $member2['member_id']);
}
if (count($ignoredMe)) {
$this->DB->update('ignored_users', array('ignore_ignore_id' => $member['member_id']), "ignore_ignore_id=" . $member2['member_id'] . " AND ignore_owner_id NOT IN(" . implode(',', $ignoredMe) . ")");
} else {
$this->DB->update('ignored_users', array('ignore_ignore_id' => $member['member_id']), "ignore_ignore_id=" . $member2['member_id']);
}
//-----------------------------------------
// Message topic mapping
//-----------------------------------------
$pms = array();
$this->DB->build(array('select' => 'map_topic_id', 'from' => 'message_topic_user_map', 'where' => 'map_user_id=' . $member['member_id']));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$pms[] = $r['map_topic_id'];
}
if (count($pms)) {
$this->DB->update('message_topic_user_map', array('map_user_id' => $member['member_id']), "map_user_id=" . $member2['member_id'] . " AND map_topic_id NOT IN(" . implode(',', $pms) . ")");
} else {
$this->DB->update('message_topic_user_map', array('map_user_id' => $member['member_id']), 'map_user_id=' . $member2['member_id']);
}
//-----------------------------------------
// Admin permissions
//-----------------------------------------
$count = $this->DB->buildAndFetch(array('select' => 'row_id', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $member['member_id']));
if (!$count['row_id']) {
$this->DB->update('admin_permission_rows', array('row_id' => $member['member_id']), "row_id_type='member' AND row_id=" . $member2['member_id']);
}
//-----------------------------------------
// Member Sync
//-----------------------------------------
try {
IPSMember::save($member['member_id'], array('core' => array('posts' => $member['posts'] + $member2['posts'], 'warn_level' => $member['warn_level'] + $member2['warn_level'], 'warn_lastwarn' => $member2['warn_lastwarn'] > $member['warn_lastwarn'] ? $member2['warn_lastwarn'] : $member['warn_lastwarn'], 'last_post' => $member2['last_post'] > $member['last_post'] ? intval($member2['last_post']) : intval($member['last_post']), 'last_visit' => $member2['last_visit'] > $member['last_visit'] ? $member2['last_visit'] : $member['last_visit']), 'extendedProfile' => array('pp_reputation_points' => $member['pp_reputation_points'] + $member2['pp_reputation_points'])));
} catch (Exception $error) {
$this->registry->output->showError($error->getMessage(), 11247);
}
IPSLib::runMemberSync('onMerge', $member, $member2);
//-----------------------------------------
// Delete member 2
//-----------------------------------------
IPSMember::remove($member2['member_id'], false);
//-----------------------------------------
// Get current stats...
//-----------------------------------------
$this->cache->rebuildCache('stats', 'global');
$this->cache->rebuildCache('moderators', 'forums');
$this->cache->rebuildCache('announcements', 'forums');
//-----------------------------------------
// Admin logs
//-----------------------------------------
$this->registry->adminFunctions->saveAdminLog(sprintf($this->lang->words['merged_accounts_log'], $member2['members_display_name'], $member['members_display_name']));
//-----------------------------------------
// Redirect
//-----------------------------------------
$this->registry->output->global_message = $this->lang->words['merged_members'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . "module=members&section=members&do=viewmember&member_id=" . $member['member_id']);
}
}
/**
* Completes the connection
*
* @access public
* @return redirect
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Load oAuth */
require_once IPS_KERNEL_PATH . 'facebook/facebookoauth.php';
/*noLibHook*/
$this->_oauth = new FacebookOAuth(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, FACEBOOK_CALLBACK, $this->extendedPerms);
/* Load API */
require_once IPS_KERNEL_PATH . 'facebook/facebook.php';
/*noLibHook*/
$this->_api = new Facebook(array('appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET, 'cookie' => true));
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['_reg']) {
$_urlExtra .= '&_reg=1';
}
/* Update callback url */
$this->_oauth->setCallBackUrl(FACEBOOK_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_oauth->getAccessToken($_REQUEST['code']);
if (is_string($rToken)) {
try {
$_userData = $this->_api->api('me', array('access_token' => $rToken));
} catch (Exception $e) {
/* Try re-authorising */
if (stristr($e->getMessage(), 'invalid')) {
$this->redirectToConnectPage();
}
}
/* A little gymnastics */
$this->_userData = $_userData;
$_userData = $this->fetchUserData($rToken);
/* Got a member linked already? */
$_member = IPSMember::load($_userData['id'], 'all', 'fb_uid');
/* Not connected, check email address */
if (!$_member['member_id'] and $_userData['email']) {
$_member = IPSMember::load($_userData['email'], 'all', 'email');
/* We do have an existing account, so trash email forcing user to sign up with new */
if ($_member['member_id']) {
/* Update row */
IPSMember::save($_member['member_id'], array('core' => array('fb_uid' => $_userData['id'], 'fb_token' => $rToken)));
}
}
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('fb_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('fbc_s_pic', 'fbc_s_status', 'fbc_s_aboutme') as $field) {
$toSave[$field] = 1;
}
$fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook');
$safeFBName = IPS_DOC_CHAR_SET != 'UTF-8' ? IPSText::utf8ToEntities($_userData['name']) : $_userData['name'];
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName);
}
/* Check ban filters? */
if (IPSMember::isBanned('email', $_userData['email']) or IPSMember::isBanned('name', $safeFBName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeFBName : '';
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => IPSText::parseCleanValue($safeFBName), 'members_display_name' => IPSText::parseCleanValue($displayName), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $_userData['email'], 'fb_uid' => $_userData['id'], 'time_offset' => $_userData['timezone'], 'members_auto_dst' => 1, 'fb_token' => $rToken), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['about'], 'utf-8', IPS_DOC_CHAR_SET)), 'fb_bwoptions' => $fb_bwoptions));
$memberData = IPSMember::create($toSave, FALSE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
} else {
/* Need to re-auth */
}
}
/**
* Processes the registration form
*
* @return @e void
*/
public function registerProcessForm()
{
$this->_resetMember();
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
/* Did we agree to the t&c? */
if (!$this->request['agree_tos']) {
$form_errors['tos'] = array($this->lang->words['must_agree_to_terms']);
}
/* Custom profile field stuff */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$custom_fields = new $classToLoad();
$custom_fields->initData('edit');
$custom_fields->parseToSave($_POST, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
elseif ( strlen( $in_password ) < 3 )
{
$form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short'];
}
elseif ( strlen( $in_password ) > 32 )
{
$form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long'];
}
*/
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name');
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error;
}
}
/* this duplicates username error above */
/*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) )
{
foreach( $disp_check['errors'] as $key => $error )
{
$form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error;
}
}*/
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam_type'] != 'none') {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
$qanda = intval($this->request['qanda_id']);
$pass = true;
if ($qanda) {
$pass = false;
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
$answer = trim($answer);
if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if ($data['questions']) {
$pass = false;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id);
/* Spam Service */
$spamCode = 0;
$_spamFlag = 0;
if ($this->settings['spam_service_enabled']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registration */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
$_spamFlag = 1;
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['bw_is_spammer'] = 1;
$this->settings['reg_auth_type'] = '';
break;
/* Deny registration */
/* Deny registration */
case 4:
$this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200);
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE);
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSMember::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
/* Send out the email. */
$message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->cache->getCache('stats');
if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']);
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1));
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0;
# Update value for onCompleteAccount call
$member['login_anonymous'] = $privacy . '&1';
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
IPSLib::runMemberSync('onCompleteAccount', $member);
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* Log a user out
*
* @param integer Flag to check md5 key
* @return mixed Error message or array [0=immediate|redirect, 1=words to show, 2=URL to send to]
*/
public function doLogout($check_key = true)
{
//-----------------------------------------
// INIT
//-----------------------------------------
if ($check_key) {
$key = $this->request['k'];
# Check for funny business
if ($key != $this->member->form_hash) {
$this->registry->getClass('output')->showError('bad_logout_key', 2012);
}
}
//-----------------------------------------
// Set some cookies
//-----------------------------------------
IPSCookie::set("member_id", "0", 1, 0, FALSE, TRUE);
IPSCookie::set("pass_hash", "0", 1, 0, FALSE, TRUE);
if (IPSCookie::get("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'))) {
IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '0', 1, 0, FALSE, FALSE);
}
//-----------------------------------------
// IPS Connect
//-----------------------------------------
foreach ($this->caches['login_methods'] as $k => $data) {
if ($data['login_folder_name'] == 'ipsconnect' and $data['login_enabled']) {
$ipsConnectSettings = unserialize($data['login_custom_config']);
IPSCookie::set("ipsconnect_" . md5($ipsConnectSettings['master_url']), '0', 1, 0, FALSE, FALSE);
}
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $cookie => $value) {
if (stripos($cookie, $this->settings['cookie_id'] . 'ipbforumpass') !== false and !strstr($value, 'mobileApp')) {
IPSCookie::set(str_replace($this->settings['cookie_id'], "", $cookie), '-', -1);
}
}
}
//-----------------------------------------
// Do it..
//-----------------------------------------
$this->member->sessionClass()->convertMemberToGuest();
$privacy = intval(IPSMember::isLoggedInAnon($this->memberData));
IPSMember::save($this->memberData['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => IPS_UNIX_TIME_NOW)));
//-----------------------------------------
// Logout callbacks...
//-----------------------------------------
IPSLib::runMemberSync('onLogOut', $this->memberData);
$this->han_login->logoutCallback($this->memberData);
//-----------------------------------------
// Return..
//-----------------------------------------
$url = "";
if ($this->request['return'] and $this->request['return'] != "") {
$return = urldecode($this->request['return']);
if (strpos($return, "http://") === 0) {
return array('immediate', '', $return);
}
}
return array('redirect', $this->lang->words['thanks_for_logout'], $this->settings['board_url']);
}
/**
* Save new email and/or pass
*
* @return @e void
*/
protected function _saveForm()
{
if (!$this->request['email'] and !$this->request['password']) {
$this->registry->output->global_error = $this->lang->words['change_nothing_update'];
$this->_showForm();
return;
}
if ($this->request['email']) {
if (!$this->request['email_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_both_fields'];
$this->_showForm();
return;
} else {
if ($this->request['email'] != $this->request['email_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_not_match'];
$this->_showForm();
return;
}
}
$email = trim($this->request['email']);
if (!IPSText::checkEmailAddress($email)) {
$this->registry->output->global_error = $this->lang->words['bad_email_supplied'];
$this->_showForm();
return;
}
$email_check = IPSMember::load(strtolower($email));
if ($email_check['member_id']) {
if ($email_check['member_id'] == $this->memberData['member_id']) {
$this->registry->output->global_error = $this->lang->words['already_using_email'];
} else {
$this->registry->output->global_error = $this->lang->words['change_email_already_used'];
}
$this->_showForm();
return;
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changeEmail(trim(strtolower($this->memberData['email'])), trim(strtolower($email)), $this->memberData);
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($email), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => strtolower($email))));
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['changed_email'], $email));
}
if ($this->request['password']) {
if (!$this->request['password_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_both_fields'];
$this->_showForm();
return;
} else {
if ($this->request['password'] != $this->request['password_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_not_match_pw'];
$this->_showForm();
return;
}
}
$password = $this->request['password'];
$salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5));
$key = IPSMember::generateAutoLoginKey();
$md5_once = md5(trim($password));
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changePass($this->memberData['email'], $md5_once, $password, $this->memberData);
IPSMember::save($this->memberData['member_id'], array('core' => array('members_pass_salt' => $salt, 'member_login_key' => $key)));
IPSMember::updatePassword($this->memberData['member_id'], $md5_once);
IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $password);
ipsRegistry::getClass('adminFunctions')->saveAdminLog($this->lang->words['changed_password']);
}
$this->registry->output->global_message = $this->lang->words['details_updated'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url']);
}
/**
* Attempt to automatically log a user in
*
* @access public
* @return array [0=Words to display,1=URL to send to]
*/
public function autoLogin()
{
/* Verify the login */
$this->han_login->verifyLogin();
/* Lang Bits */
$true_words = $this->lang->words['logged_in'];
$false_words = $this->lang->words['not_logged_in'];
$method = 'no_show';
/* Register Redirect */
if ($this->request['fromreg'] == 1) {
$true_words = $this->lang->words['reg_log_in'];
$false_words = $this->lang->words['reg_not_log_in'];
$method = 'show';
} else {
if ($this->request['fromemail'] == 1) {
$true_words = $this->lang->words['email_log_in'];
$false_words = $this->lang->words['email_not_log_in'];
$method = 'show';
} else {
if ($this->request['frompass'] == 1) {
$true_words = $this->lang->words['pass_log_in'];
$false_words = $this->lang->words['pass_not_log_in'];
$method = 'show';
}
}
}
if ($this->memberData['member_id']) {
/* Member Sync */
IPSLib::runMemberSync('onLogin', $this->memberData);
if (!$this->request['fromreg']) {
IPSCookie::set('session_id', '0', -1);
}
if ($method == 'show') {
$this->registry->getClass('output')->redirectScreen($true_words, $this->settings['base_url']);
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['board_url'] . '/index.php');
}
} else {
if ($method == 'show') {
$this->registry->getClass('output')->redirectScreen($false_words, $this->settings['base_url'] . 'app=core&module=global§ion=login');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=login');
}
}
}
/**
* Flag an account as spammer
*
* @param int|array $member Member Data
* @param array $marker The person marking this person a spammer
* @param bool $resetLastMember If FALSE skips resetting the last registered member
* @return void
*/
public static function flagMemberAsSpammer($member, $marker = NULL, $resetLastMember = TRUE)
{
//-----------------------------------------
// Init
//-----------------------------------------
/* Load Member */
if (!is_array($member)) {
$member = self::load($member);
}
/* Load moderator library (we'll need this to unapprove posts and log) */
$classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('forums') . '/sources/classes/moderate.php', 'moderatorLibrary', 'forums');
$modLibrary = new $classToLoad(ipsRegistry::instance());
//-----------------------------------------
// Do it
//-----------------------------------------
$toSave = array();
$toSave['core']['bw_is_spammer'] = TRUE;
/* Shut off twitter/FB status importing */
$bwOptions = IPSBWOptions::thaw($member['tc_bwoptions'], 'twitter');
$bwOptions['tc_si_status'] = 0;
$twitter = IPSBWOptions::freeze($bwOptions, 'twitter');
$bwOptions = IPSBWOptions::thaw($member['fb_bwoptions'], 'facebook');
$bwOptions['fbc_si_status'] = 0;
$facebook = IPSBWOptions::freeze($bwOptions, 'facebook');
$toSave['extendedProfile']['tc_bwoptions'] = $twitter;
$toSave['extendedProfile']['fb_bwoptions'] = $facebook;
/* Do any disabling, unapproving, banning - no breaks here since if we ban, we also want to unapprove posts, etc. */
/* Note that there are DELIBERATELY no breaks in this switch since the options are cascading (if you ban, you also want to unapprove content) */
switch (ipsRegistry::$settings['spm_option']) {
/* Empty profile and ban account */
case 'ban':
// ban
$toSave['core']['member_banned'] = TRUE;
// wipe data
$toSave['core']['title'] = '';
$toSave['extendedProfile']['signature'] = '';
$toSave['extendedProfile']['pp_about_me'] = '';
// wipe photo
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/photo.php', 'classes_member_photo');
$photos = new $classToLoad(ipsRegistry::instance());
$photos->remove($member['member_id']);
// wipe custom fields
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$fields = new $classToLoad();
$fields->member_data = $member;
$fields->initData('edit');
$fields->parseToSave(array());
if (count($fields->out_fields)) {
$toSave['customFields'] = $fields->out_fields;
}
// wipe signature
IPSContentCache::update($member['member_id'], 'sig', '');
/* Unapprove posts */
/* Unapprove posts */
case 'unapprove':
$modLibrary->deleteMemberContent($member['member_id'], 'all', intval(ipsRegistry::$settings['spm_post_days']) * 24);
/* Disable Post/PM permission */
/* Disable Post/PM permission */
case 'disable':
$toSave['core']['restrict_post'] = 1;
$toSave['core']['members_disable_pm'] = 2;
}
self::save($member['member_id'], $toSave);
//-----------------------------------------
// Run memberSync
//-----------------------------------------
IPSLib::runMemberSync('onSetAsSpammer', array_merge($member, $toSave));
//-----------------------------------------
// Let the admin know if necessary
//-----------------------------------------
if ($marker !== NULL and ipsRegistry::$settings['spm_notify'] and ipsRegistry::$settings['email_in'] != $marker['email']) {
ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_mod'), 'forums');
ipsRegistry::getClass('class_localization')->loadLanguageFile(array('admin_member'), 'members');
IPSText::getTextClass('email')->getTemplate('possibleSpammer');
IPSText::getTextClass('email')->buildMessage(array('DATE' => ipsRegistry::getClass('class_localization')->getDate($member['joined'], 'LONG', 1), 'MEMBER_NAME' => $member['members_display_name'], 'IP' => $member['ip_address'], 'EMAIL' => $member['email'], 'LINK' => ipsRegistry::getClass('output')->buildSEOUrl("showuser=" . $member['member_id'], 'public', $member['members_seo_name'], 'showuser')));
IPSText::getTextClass('email')->subject = sprintf(ipsRegistry::getClass('class_localization')->words['new_registration_email_spammer'], ipsRegistry::$settings['board_name']);
IPSText::getTextClass('email')->to = ipsRegistry::$settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
/* Reset last member? */
if ($resetLastMember) {
self::resetLastRegisteredMember();
}
//-----------------------------------------
// Let IPS know
//-----------------------------------------
if (ipsRegistry::$settings['spam_service_send_to_ips']) {
self::querySpamService($member['email'], $member['ip_address'], 'markspam');
}
//-----------------------------------------
// Log
//-----------------------------------------
ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_modcp'), 'core');
$modLibrary->addModerateLog(0, 0, 0, 0, ipsRegistry::getClass('class_localization')->words['flag_spam_done'] . ': ' . $member['member_id'] . ' - ' . $member['email']);
}
/**
* Approve member(s)
*
* @note Exceptions CAN bubble up, so you should still capture exceptions from calls to this method
* @param array Array of member ids
* @return string Confirmation message
*/
public function approveMembers($ids)
{
$approved = array();
//-----------------------------------------
// Get members
//-----------------------------------------
$this->DB->build(array('select' => 'v.*', 'from' => array('validating' => 'v'), 'where' => "m.member_id IN(" . implode(",", $ids) . ")", 'add_join' => array(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.member_id=v.member_id', 'type' => 'left'))));
$main = $this->DB->execute();
while ($row = $this->DB->fetch($main)) {
$approved[] = $row['name'];
//-----------------------------------------
// Only approve if the user is validating
//-----------------------------------------
if ($row['member_group_id'] != $this->settings['auth_group']) {
$row['real_group'] = $row['member_group_id'];
// Let's still "validate", but leave them in the group they're in
//continue;
}
//-----------------------------------------
// Don't approve if no real_group set
//-----------------------------------------
if (!$row['real_group']) {
//$row['real_group'] = $this->settings['member_group'];
continue;
}
//-----------------------------------------
// We don't approve lost pass requests
//-----------------------------------------
if ($row['lost_pass'] == 1) {
continue;
}
if ($row['real_group'] != $row['member_group_id']) {
IPSMember::save($row['member_id'], array('core' => array('member_group_id' => $row['real_group'])));
}
IPSText::getTextClass('email')->buildMessage(array());
//-----------------------------------------
// Using 'name' on purpose
// @link http://forums.invisionpower.com/index.php?autocom=tracker&showissue=11564&view=findpost&p=45269
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate('complete_reg', $row['language']);
IPSText::getTextClass('email')->buildMessage(array('NAME' => $row['name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['subject__complete_reg'], $row['name'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $row['email'];
IPSText::getTextClass('email')->sendMail();
IPSLib::runMemberSync('onCompleteAccount', $row);
IPSLib::runMemberSync('onGroupChange', $row['member_id'], $row['real_group'], $row['member_group_id']);
}
$this->DB->delete('validating', "member_id IN(" . implode(",", $ids) . ")");
//-----------------------------------------
// Stats to Update?
//-----------------------------------------
$this->cache->rebuildCache('stats', 'global');
$message = sprintf($this->lang->words['t_memregapp2'], count($ids), implode(", ", $approved));
ipsRegistry::getClass('adminFunctions')->saveAdminLog($message);
return $message;
}
/**
* Unapprove email change request
*
* @access private
* @return void [Outputs to screen]
*/
private function _emailUnapprove()
{
//-----------------------------------------
// GET member
//-----------------------------------------
if (!$this->request['mid']) {
$this->registry->output->showError($this->lang->words['t_noemailloc'], 11249);
}
$member = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'email_chg=1 AND member_id=' . intval($this->request['mid'])));
if (!$member['vid']) {
$this->registry->output->showError($this->lang->words['t_noemailloc'], 11250);
}
$this->DB->delete("validating", "vid='{$member['vid']}'");
try {
IPSMember::save($member['member_id'], array('core' => array('email' => $member['prev_email'], 'member_group_id' => $member['real_group'])));
} catch (Exception $error) {
$this->registry->output->showError($error->getMessage(), 11247);
}
IPSLib::runMemberSync('onGroupChange', $member['member_id'], $member['real_group']);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['t_emailchangeun'], $member['member_id']));
$this->registry->output->global_message = sprintf($this->lang->words['t_emailchangeun'], $member['member_id']);
$this->_viewQueue('validating');
}
/**
* Wrapper for loginAuthenticate - returns more information
*
* @access public
* @return mixed array [0=Words to show, 1=URL to send to, 2=error message language key]
*/
public function verifyLogin()
{
$url = "";
$member = array();
$username = '';
$email = '';
$password = trim($this->request['password']);
$errors = '';
$core = array();
//-----------------------------------------
// Is this a username or email address?
//-----------------------------------------
if (IPSText::checkEmailAddress($this->request['username'])) {
$email = $this->request['username'];
} else {
$username = $this->request['username'];
}
//-----------------------------------------
// Check auth
//-----------------------------------------
$this->loginAuthenticate($username, $email, $password);
$member = $this->member_data;
//-----------------------------------------
// Check return code...
//-----------------------------------------
if ($this->return_code != 'SUCCESS') {
if ($this->return_code == 'MISSING_DATA') {
return array(null, null, 'complete_form');
}
if ($this->return_code == 'ACCOUNT_LOCKED') {
$extra = "<!-- -->";
if ($this->settings['ipb_bruteforce_unlock']) {
if ($this->account_unlock) {
$time = time() - $this->account_unlock;
$time = $this->settings['ipb_bruteforce_period'] - ceil($time / 60) > 0 ? $this->settings['ipb_bruteforce_period'] - ceil($time / 60) : 1;
}
}
return array(null, null, 'bruteforce_account_unlock', $time);
} else {
if ($this->return_code == 'WRONG_OPENID') {
return array(null, null, 'wrong_openid');
} else {
if ($this->return_code == 'FLAGGED_REMOTE') {
return array(null, null, 'flagged_remote');
} else {
return array(null, null, 'wrong_auth');
}
}
}
}
//-----------------------------------------
// Is this a partial member?
// Not completed their sign in?
//-----------------------------------------
if ($member['members_created_remote'] and isset($member['full']) and !$member['full']) {
return array($this->lang->words['partial_login'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=complete_login&mid=' . $member['member_id'] . '&key=' . $member['timenow']);
}
//-----------------------------------------
// Generate a new log in key
//-----------------------------------------
$_ok = 1;
$_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0;
$_sticky = $_time ? 0 : 1;
$_days = $_time ? $this->settings['login_key_expire'] : 365;
if ($this->settings['login_change_key'] or !$member['member_login_key'] or $this->settings['login_key_expire'] and time() > $member['member_login_key_expire']) {
$member['member_login_key'] = IPSMember::generateAutoLoginKey();
$core['member_login_key'] = $member['member_login_key'];
$core['member_login_key_expire'] = $_time;
}
//-----------------------------------------
// Cookie me softly?
//-----------------------------------------
if ($this->request['rememberMe']) {
IPSCookie::set("member_id", $member['member_id'], 1);
IPSCookie::set("pass_hash", $member['member_login_key'], $_sticky, $_days);
} else {
IPSCookie::set("member_id", $member['member_id'], 0);
IPSCookie::set("pass_hash", $member['member_login_key'], 0);
}
//-----------------------------------------
// Remove any COPPA cookies previously set
//-----------------------------------------
IPSCookie::set("coppa", '0', 0);
//-----------------------------------------
// Update profile if IP addr missing
//-----------------------------------------
if ($member['ip_address'] == "" or $member['ip_address'] == '127.0.0.1') {
$core['ip_address'] = $this->member->ip_address;
}
//-----------------------------------------
// Create / Update session
//-----------------------------------------
$privacy = $this->request['anonymous'] ? 1 : 0;
if ($member['g_hide_online_list']) {
$privacy = 1;
}
$session_id = $this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
if ($this->request['referer'] and $this->request['referer'] and $this->request['section'] != 'register') {
if (stripos($this->request['referer'], 'section=register') or stripos($this->request['referer'], 'section=login') or stripos($this->request['referer'], 'section=lostpass') or stripos($this->request['referer'], CP_DIRECTORY . '/')) {
$url = $this->settings['base_url'] . '?';
} else {
$url = str_replace('&', '&', $this->request['referer']);
$url = preg_replace("#s=(\\w){32}#", "", $url);
if ($this->member->session_type != 'cookie') {
$url = $this->settings['board_url'] . '/index.php?s=' . $session_id;
}
}
} else {
$url = $this->settings['base_url'] . '?';
}
//-----------------------------------------
// Set our privacy status
//-----------------------------------------
$core['login_anonymous'] = intval($privacy) . '&1';
$core['failed_logins'] = '';
$core['failed_login_count'] = 0;
IPSMember::save($member['member_id'], array('core' => $core));
//-----------------------------------------
// Clear out any passy change stuff
//-----------------------------------------
$this->DB->delete('validating', 'member_id=' . $this->memberData['member_id'] . ' AND lost_pass=1');
//-----------------------------------------
// Redirect them to either the board
// index, or where they came from
//-----------------------------------------
if ($this->request['return']) {
$return = urldecode($this->request['return']);
if (strpos($return, "http://") === 0) {
return array($this->lang->words['partial_login'], $return);
}
}
//-----------------------------------------
// Still here?
//-----------------------------------------
/* Member Sync */
IPSLib::runMemberSync('onLogin', $member);
return array($this->lang->words['partial_login'], $url);
}
/**
* Completes the connection
*
* @access public
* @return redirect
*
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Reset api to ensure user is not logged in */
$this->resetApi();
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['reg']) {
$_urlExtra .= '®=1';
}
/* Update callback url */
$this->_api->setVariable('authorize_callback_uri', VKONTAKTE_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_api->getAccessToken();
if (is_string($rToken)) {
try {
$oAuthSession = $this->_api->getSession();
$r = $this->_api->api('getProfiles', 'GET', array('uids' => $oAuthSession['user_id'], 'fields' => 'uid,first_name,last_name,nickname,photo,photo_medium,photo_big,timezone,sex,nickname,activity'));
$_userData = array_pop($r['response']);
} catch (Exception $e) {
}
/* A little gymnastics */
$this->_userData = $_userData;
$this->_userData['photo'] = $_userData['photo_big'];
/* Got a member linked already? */
$_member = IPSMember::load($_userData['uid'], 'all', 'vk_uid');
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('vk_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('vc_s_pic', 'vc_s_status') as $field) {
$toSave[$field] = 1;
}
$vk_bwoptions = IPSBWOptions::freeze($toSave, 'vkontakte');
$safeName = IPSText::convertCharsets($_userData['first_name'] . ' ' . $_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET);
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeName : '';
//$displayName = ( ! $this->settings['auth_allow_dnames'] ) ? $safeName : FALSE;
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeName = preg_replace('/[^' . $check_against . ']+/i', '', $safeName);
}
if (IPSText::mbstrlen($safeName) > $this->settings['max_user_name_length']) {
$safeName = mb_substr(IPSText::convertCharsets($_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET), 0, $this->settings['max_user_name_length'], 'UTF-8');
}
/* Check ban filters? */
if (IPSMember::isBanned('name', $safeName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => $safeName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['vk_mgid'] ? $this->settings['vk_mgid'] : $this->settings['member_group'], 'email' => '', 'vk_uid' => $_userData['uid'], 'time_offset' => $_userData['timezone'], 'vk_token' => $rToken), 'extendedProfile' => array('vk_bwoptions' => $vk_bwoptions));
$memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
/* changed by denchu 26/12/12*/
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
/**
* Validates a lost password request
*
* @return @e void
*/
public function lostPasswordValidate()
{
/* Check for input and it's in a valid format. */
$in_user_id = intval(trim(urldecode($this->request['uid'])));
$in_validate_key = IPSText::md5Clean(trim(urldecode($this->request['aid'])));
/* Check Input */
if (!$in_validate_key) {
$this->registry->output->showError('validation_key_incorrect', 1015);
}
if (!preg_match('/^(?:\\d){1,}$/', $in_user_id)) {
$this->registry->output->showError('uid_key_incorrect', 1016);
}
/* Attempt to get the profile of the requesting user */
$member = IPSMember::load($in_user_id);
if (!$member['member_id']) {
$this->registry->output->showError('lostpass_no_member', 1017);
}
/* Get validating info.. */
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . ' and lost_pass=1'));
if (!$validate['member_id']) {
$this->registry->output->showError('lostpass_not_validating', 1018);
}
if ($validate['new_reg'] == 1 && $this->settings['reg_auth_type'] == "admin") {
$this->registry->output->showError('lostpass_new_reg', 4010, true);
}
if ($validate['vid'] != $in_validate_key) {
$this->registry->output->showError('lostpass_key_wrong', 1019);
} else {
/* On the same page? */
if ($validate['lost_pass'] != 1) {
$this->registry->output->showError('lostpass_not_lostpass', 4011, true);
}
/* Send a new random password? */
if ($this->settings['lp_method'] == 'random') {
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSMember::makePassword();
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member);
//if ( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
//{
// $this->registry->output->showError( $this->lang->words['lostpass_external_fail'], 2013 );
//}
IPSMember::save($member['member_id'], array('members' => $save_array));
/* Password has been changed! */
IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass);
//-----------------------------------------
// Send out the email...
//-----------------------------------------
$message = array('NAME' => $member['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildUrl('app=core&module=usercp&tab=core&area=email', 'publicNoSession'), 'PASSWORD' => $new_pass, 'LOGIN' => $this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login', 'publicNoSession'), 'USERNAME' => $member['name'], 'EMAIL' => $member['email'], 'ID' => $member['member_id']);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("lost_pass_email_pass", $member['language']));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = $this->lang->words['lp_random_pass_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->registry->output->setTitle($this->lang->words['activation_form'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->output = $this->registry->getClass('output')->getTemplate('register')->showLostPassWaitRandom($member);
} else {
if ($_POST['pass1'] == "") {
$this->registry->output->showError('pass_blank', 10184);
}
if ($_POST['pass2'] == "") {
$this->registry->output->showError('pass_blank', 10185);
}
$pass_a = trim($this->request['pass1']);
$pass_b = trim($this->request['pass2']);
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
if( strlen( $pass_a ) < 3 )
{
$this->registry->output->showError( 'pass_too_short', 10186 );
}
*/
if ($pass_a != $pass_b) {
$this->registry->output->showError('pass_no_match', 10187);
}
$new_pass = md5($pass_a);
/* Update Member Array */
$save_array = array();
/* Generate a new salt */
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
/* New log in key */
$key = IPSMember::generateAutoLoginKey();
/* Update Array */
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . $new_pass);
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
/* Change the password */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], $new_pass, $pass_a, $member);
//-----------------------------------------
// We'll ignore any remote errors
//-----------------------------------------
/*if( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
{
// Pass not changed remotely
}*/
/* Update the member */
IPSMember::save($member['member_id'], array('members' => $save_array));
/* Password has been changed! */
IPSLib::runMemberSync('onPassChange', $member['member_id'], $pass_a);
/* Remove "dead" validation */
$this->DB->delete('validating', "vid='{$validate['vid']}' OR (member_id={$member['member_id']} AND lost_pass=1)");
$this->registry->output->silentRedirect($this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login&do=autologin&frompass=1'));
}
}
}
/**
* Edit a member [process]
*
* @return @e void
*/
protected function _memberDoEdit()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$this->request['member_id'] = intval($this->request['member_id']);
//-----------------------------------------
// Send to form if this isn't a POST request
//-----------------------------------------
if ($this->request['request_method'] != 'post') {
$this->_memberView();
return;
}
//-----------------------------------------
// Auth check...
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->checkSecurityKey($this->request['secure_key']);
//-----------------------------------------
// Load and config the std/rte editors
//-----------------------------------------
IPSText::getTextClass('editor')->from_acp = 1;
//-----------------------------------------
// Get member
//-----------------------------------------
$member = IPSMember::load($this->request['member_id'], 'all');
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['member_id'] != $this->memberData['member_id'] and $member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin')) {
$this->registry->output->global_message = $this->lang->words['m_editadmin'];
$this->_memberView();
return;
}
//-----------------------------------------
// Allowed to change an admin's groups?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin1')) {
$same = false;
if ($this->request['member_group_id'] == $member['member_group_id']) {
$member['mgroup_others'] = IPSText::cleanPermString($member['mgroup_others']);
$omgroups = $member['mgroup_others'] ? explode(',', $member['mgroup_others']) : array();
$groups = $this->request['mgroup_others'] ? $this->request['mgroup_others'] : array();
if (!count(array_diff($omgroups, $groups)) and !count(array_diff($groups, $omgroups))) {
$same = true;
}
}
if (!$same) {
$this->registry->output->global_message = $this->lang->words['m_admindemote'];
$this->_memberView();
return;
}
}
//-----------------------------------------
// What about promoting to admin?
//-----------------------------------------
if (!$member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin2')) {
$groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array();
$groups[] = intval($this->request['member_group_id']);
foreach ($groups as $group_id) {
if ($this->caches['group_cache'][$group_id]['g_access_cp']) {
$this->registry->output->global_message = $this->lang->words['m_adminpromote'];
$this->_memberView();
return;
}
}
}
//-----------------------------------------
// What about moving member in general?
//-----------------------------------------
if ($this->request['member_group_id'] != $member['member_group_id'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move')) {
$this->registry->output->global_message = $this->lang->words['m_movemembers'];
$this->_memberView();
return;
}
//-----------------------------------------
// Restricted?
//-----------------------------------------
$restricted = (is_array($this->registry->getClass('class_permissions')->restrictions_row) and count($this->registry->getClass('class_permissions')->restrictions_row)) ? true : false;
/* Load editor stuff */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/editor/composite.php', 'classes_editor_composite');
$_editor = new $classToLoad();
/* Load parser */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/text/parser.php', 'classes_text_parser');
$parser = new $classToLoad();
/* Get signature */
$_editor->setAllowBbcode(true);
$_editor->setAllowSmilies(false);
$_editor->setIsHtml($this->request['bw_html_sig'] && $member['g_dohtml']);
$_editor->setAllowHtml($member['g_dohtml']);
$_editor->setBbcodeSection('signatures');
$signature = $_editor->process($_POST['signature']);
$cacheSignature = $parser->display($signature);
/* About me editor */
$_editor->setAllowBbcode(true);
$_editor->setAllowSmilies(true);
$_editor->setAllowHtml($member['g_dohtml']);
$_editor->setBbcodeSection('aboutme');
$aboutme = $_editor->process($_POST['aboutme']);
//-----------------------------------------
// Ok? Load interface and child classes
//-----------------------------------------
$additionalCore = array();
$additionalExtended = array();
$additionalMCache = array();
IPSLib::loadInterface('admin/member_form.php');
foreach (IPSLib::getEnabledApplications() as $app_dir => $app_data) {
if (is_file(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php')) {
$_class = IPSLib::loadLibrary(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php', 'admin_member_form__' . $app_dir, $app_dir);
$_object = new $_class($this->registry);
$remote = $_object->getForSave();
$additionalCore = is_array($remote['core']) ? array_merge($remote['core'], $additionalCore) : $additionalCore;
$additionalExtended = is_array($remote['extendedProfile']) ? array_merge($remote['extendedProfile'], $additionalExtended) : $additionalExtended;
$additionalMCache = is_array($remote['member_cache']) ? array_merge($remote['member_cache'], $additionalMCache) : $additionalMCache;
}
}
//-----------------------------------------
// Fix custom title
// @see http://forums.invisionpower.com/index.php?app=tracker&showissue=17383
//-----------------------------------------
$memberTitle = $this->request['title'];
$rankCache = ipsRegistry::cache()->getCache('ranks');
if (is_array($rankCache) && count($rankCache)) {
foreach ($rankCache as $k => $v) {
if ($member['posts'] >= $v['POSTS']) {
/* If this is the title passed to us from the form, we didn't have a custom title */
if ($v['TITLE'] == $memberTitle) {
$memberTitle = '';
}
break;
}
}
}
//-----------------------------------------
// Start array
//-----------------------------------------
$newMember = array('member_group_id' => intval($this->request['member_group_id']), 'title' => $memberTitle, 'time_offset' => floatval($this->request['time_offset']), 'members_auto_dst' => intval($this->request['dstCheck']), 'dst_in_use' => intval($this->request['dstOption']), 'language' => $this->request['language'], 'skin' => intval($this->request['skin']), 'allow_admin_mails' => intval($this->request['allow_admin_mails']), 'view_sigs' => intval($this->request['view_sigs']), 'posts' => intval($this->request['posts']), 'bday_day' => intval($this->request['bday_day']), 'bday_month' => intval($this->request['bday_month']), 'bday_year' => intval($this->request['bday_year']), 'warn_level' => intval($this->request['warn_level']), 'members_disable_pm' => intval($this->request['members_disable_pm']), 'mgroup_others' => $this->request['mgroup_others'] ? ',' . implode(",", $this->request['mgroup_others']) . ',' : '', 'members_bitoptions' => IPSBWOPtions::freeze($this->request, 'members', 'global'), 'member_uploader' => $this->request['member_uploader']);
//-----------------------------------------
// Notifications library
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/member/notifications.php', 'notifications');
$notifyLibrary = new $classToLoad($this->registry);
$notifyLibrary->setMember($member);
//-----------------------------------------
// Show the form
//-----------------------------------------
$_basicOptions = array(array('email', $this->lang->words['notopt__email']), array('inline', $this->lang->words['notopt__inline']), array('mobile', $this->lang->words['notopt__mobile']));
$_configOptions = $notifyLibrary->getNotificationData();
$_notifyConfig = $notifyLibrary->getMemberNotificationConfig($newMember);
$_defaultConfig = $notifyLibrary->getDefaultNotificationConfig();
$_saveConfig = array();
foreach ($_configOptions as $option) {
$_saveConfig[$option['key']] = array();
$_saveConfig[$option['key']]['selected'] = array();
//-----------------------------------------
// Loop through and mark what we selected.
// Do not allow changing of stuff from disable_override
// and disabled, however
//-----------------------------------------
if (is_array($this->request['config_' . $option['key']]) and count($this->request['config_' . $option['key']])) {
foreach ($this->request['config_' . $option['key']] as $_selected) {
if (!is_array($_defaultConfig[$option['key']]['disabled']) or !in_array($_selected, $_defaultConfig[$option['key']]['disabled'])) {
$_saveConfig[$option['key']]['selected'][] = $_selected;
}
}
}
if ($_defaultConfig[$option['key']]['disable_override']) {
$_saveConfig[$option['key']]['selected'] = $_defaultConfig[$option['key']]['selected'];
}
}
//-----------------------------------------
// Save
//-----------------------------------------
IPSMember::packMemberCache($member['member_id'], array_merge($additionalMCache, array('notifications' => $_saveConfig, 'show_notification_popup' => intval($this->request['show_notification_popup']))), $member['members_cache']);
//-----------------------------------------
// Topic preferences
//-----------------------------------------
$_trackChoice = '';
if ($this->request['auto_track']) {
if (in_array($this->request['auto_track_method'], array('none', 'immediate', 'offline', 'daily', 'weekly'))) {
$_trackChoice = $this->request['auto_track_method'];
}
}
$newMember['auto_track'] = $_trackChoice;
//-----------------------------------------
// Custom profile field stuff
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$fields = new $classToLoad();
$fields->initData('edit');
$fields->parseToSave($_POST);
/* Check the website url field */
$website_field = $fields->getFieldIDByKey('website');
if ($website_field && $fields->out_fields['field_' . $website_field]) {
if (stristr($fields->out_fields['field_' . $website_field], 'http://') === FALSE && stristr($fields->out_fields['field_' . $website_field], 'https://') === FALSE) {
$fields->out_fields['field_' . $website_field] = 'http://' . $fields->out_fields['field_' . $website_field];
}
}
//-----------------------------------------
// Throw to the DB
//-----------------------------------------
IPSMember::save($this->request['member_id'], array('core' => array_merge($newMember, $additionalCore), 'extendedProfile' => array_merge(array('pp_about_me' => $aboutme, 'signature' => $signature, 'pp_reputation_points' => intval($this->request['pp_reputation_points']), 'pp_setting_count_visitors' => intval($this->request['pp_setting_count_visitors']), 'pp_setting_count_comments' => intval($this->request['pp_setting_count_comments']), 'pp_setting_count_friends' => intval($this->request['pp_setting_count_friends']), 'pp_setting_moderate_comments' => intval($this->request['pp_setting_moderate_comments']), 'pp_setting_moderate_friends' => intval($this->request['pp_setting_moderate_friends']), 'pp_customization' => $this->request['removeCustomization'] ? serialize(array()) : $member['pp_customization']), $additionalExtended), 'customFields' => count($fields->out_fields) ? $fields->out_fields : array()));
if ($member['member_group_id'] != $newMember['member_group_id']) {
IPSLib::runMemberSync('onGroupChange', $this->request['member_id'], $newMember['member_group_id'], $member['member_group_id']);
//-----------------------------------------
// Remove restrictions if member demoted
// Commenting out as this may cause more problems than it's worth
// e.g. if you had accidentally changed their group, you'd need to reconfigure all restrictions
//-----------------------------------------
/*if( !$this->caches['group_cache'][ $newMember['member_group_id'] ]['g_access_cp'] )
{
$this->DB->delete( 'admin_permission_rows', 'row_id=' . $member['member_id'] . " AND row_id_type='member'" );
}*/
//-----------------------------------------
// Restriction permissions stuff
//-----------------------------------------
$is_admin = 0;
$groups = ipsRegistry::cache()->getCache('group_cache');
if (is_array($this->request['mgroup_others']) and count($this->request['mgroup_others'])) {
foreach ($this->request['mgroup_others'] as $omg) {
if ($groups[intval($omg)]['g_access_cp']) {
$is_admin = 1;
break;
}
}
}
if ($groups[intval($this->request['member_group_id'])]['g_access_cp']) {
$is_admin = 1;
}
if ($is_admin && $restricted) {
//-------------------------------------------------
// Copy restrictions if they do not have any yet...
//-------------------------------------------------
$check = $this->DB->buildAndFetch(array('select' => 'row_updated', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $this->request['member_id']));
if (!$check['row_updated']) {
$this->DB->replace('admin_permission_rows', array('row_id' => $this->request['member_id'], 'row_id_type' => 'member', 'row_perm_cache' => serialize($this->registry->getClass('class_permissions')->restrictions_row), 'row_updated' => time()), array('row_id', 'row_id_type'));
}
}
}
//-----------------------------------------
// Moved from validating group?
//-----------------------------------------
if ($member['member_group_id'] == $this->settings['auth_group']) {
if ($this->request['member_group_id'] != $this->settings['auth_group']) {
//-----------------------------------------
// Yes...
//-----------------------------------------
$this->DB->delete('validating', "member_id=" . $this->request['member_id']);
}
}
/* Update cache */
IPSContentCache::update($this->request['member_id'], 'sig', $cacheSignature);
/* Rebuild birthday cache */
$this->cache->rebuildCache('birthdays', 'calendar');
//-----------------------------------------
// Redirect
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_editedlog'], $member['members_display_name']));
$this->registry->output->global_message = $this->lang->words['m_edited'];
if ($is_admin) {
if (!$restricted) {
$member = IPSMember::load($member['member_id']);
$this->_showAdminForm($member, array());
$this->_memberView();
} else {
$this->registry->output->global_message = $this->lang->words['m_edited_restricted'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&member_id=' . $this->request['member_id']);
}
} else {
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&member_id=' . $this->request['member_id']);
}
}
/**
* Edit a member [process]
*
* @access private
* @return void [Outputs to screen]
*/
private function _memberDoEdit()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$this->request['member_id'] = intval($this->request['member_id']);
//-----------------------------------------
// Auth check...
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->checkSecurityKey($this->request['secure_key']);
//-----------------------------------------
// Load and config the std/rte editors
//-----------------------------------------
IPSText::getTextClass('editor')->from_acp = 1;
//-----------------------------------------
// Get member
//-----------------------------------------
$member = IPSMember::load($this->request['member_id'], 'all');
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['member_id'] != $this->memberData['member_id'] and $member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin')) {
$this->registry->output->global_message = $this->lang->words['m_editadmin'];
$this->_memberView();
return;
}
//-----------------------------------------
// Allowed to change an admin's groups?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin1')) {
$same = false;
if ($this->request['member_group_id'] == $member['member_group_id']) {
$omgroups = explode(',', IPSText::cleanPermString($member['mgroup_others']));
$groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array();
if (!count(array_diff($omgroups, $groups))) {
$same = true;
}
}
if (!$same) {
$this->registry->output->global_message = $this->lang->words['m_admindemote'];
$this->_memberView();
return;
}
}
//-----------------------------------------
// What about promoting to admin?
//-----------------------------------------
if (!$member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_move_admin2')) {
$groups = $_POST['mgroup_others'] ? $_POST['mgroup_others'] : array();
$groups[] = intval($this->request['member_group_id']);
foreach ($groups as $group_id) {
if ($this->caches['group_cache'][$group_id]['g_access_cp']) {
$this->registry->output->global_message = $this->lang->words['m_adminpromote'];
$this->_memberView();
return;
}
}
}
if ($this->request['identity_url']) {
$account = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "identity_url='" . trim($this->request['identity_url']) . "' AND member_id<>" . $member['member_id']));
if ($account['member_id']) {
$this->registry->output->global_message = $this->lang->words['identity_url_inuse'];
$this->_memberView();
return;
}
}
//-----------------------------------------
// Convert sig
//-----------------------------------------
$signature = IPSText::getTextClass('editor')->processRawPost('signature');
IPSText::getTextClass('bbcode')->parse_smilies = 0;
IPSText::getTextClass('bbcode')->parse_bbcode = $this->settings['sig_allow_ibc'];
IPSText::getTextClass('bbcode')->parse_html = $this->settings['sig_allow_html'];
IPSText::getTextClass('bbcode')->parse_nl2br = 1;
IPSText::getTextClass('bbcode')->parsing_section = 'signatures';
$signature = IPSText::getTextClass('bbcode')->preDbParse($signature);
$cacheSignature = IPSText::getTextClass('bbcode')->preDisplayParse($signature);
//-----------------------------------------
// And 'About Me'
//-----------------------------------------
$aboutme = IPSText::getTextClass('editor')->processRawPost('aboutme');
IPSText::getTextClass('bbcode')->parse_smilies = $this->settings['aboutme_emoticons'];
IPSText::getTextClass('bbcode')->parse_bbcode = $this->settings['aboutme_bbcode'];
IPSText::getTextClass('bbcode')->parse_html = $this->settings['aboutme_html'];
IPSText::getTextClass('bbcode')->parse_nl2br = 1;
IPSText::getTextClass('bbcode')->parsing_section = 'aboutme';
$aboutme = IPSText::getTextClass('bbcode')->preDbParse($aboutme);
//-----------------------------------------
// Ok? Load interface and child classes
//-----------------------------------------
$additionalCore = array();
$additionalExtended = array();
IPSLib::loadInterface('admin/member_form.php');
foreach (ipsRegistry::$applications as $app_dir => $app_data) {
if (!IPSLib::appIsInstalled($app_dir)) {
continue;
}
if (file_exists(IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php')) {
require_once IPSLib::getAppDir($app_dir) . '/extensions/admin/member_form.php';
$_class = 'admin_member_form__' . $app_dir;
$_object = new $_class($this->registry);
$remote = $_object->getForSave();
$additionalCore = array_merge($remote['core'], $additionalCore);
$additionalExtended = array_merge($remote['extendedProfile'], $additionalExtended);
}
}
//-----------------------------------------
// Fix custom title
// @see http://forums./index.php?app=tracker&showissue=17383
//-----------------------------------------
$memberTitle = $this->request['title'];
$rankCache = ipsRegistry::cache()->getCache('ranks');
if (is_array($rankCache) && count($rankCache)) {
foreach ($rankCache as $k => $v) {
if ($member['posts'] >= $v['POSTS']) {
/* If this is the title passed to us from the form, we didn't have a custom title */
if ($v['TITLE'] == $memberTitle) {
$memberTitle = '';
}
break;
}
}
}
$newMember = array('member_group_id' => intval($this->request['member_group_id']), 'title' => $memberTitle, 'time_offset' => floatval($this->request['time_offset']), 'language' => $this->request['language'], 'skin' => intval($this->request['skin']), 'hide_email' => intval($this->request['hide_email']), 'allow_admin_mails' => intval($this->request['allow_admin_mails']), 'view_sigs' => intval($this->request['view_sigs']), 'view_pop' => intval($this->request['view_pop']), 'email_pm' => intval($this->request['email_pm']), 'posts' => intval($this->request['posts']), 'bday_day' => intval($this->request['bday_day']), 'bday_month' => intval($this->request['bday_month']), 'bday_year' => intval($this->request['bday_year']), 'warn_level' => intval($this->request['warn_level']), 'members_disable_pm' => intval($this->request['members_disable_pm']), 'mgroup_others' => $_POST['mgroup_others'] ? ',' . implode(",", $_POST['mgroup_others']) . ',' : '', 'identity_url' => trim($this->request['identity_url']));
//-----------------------------------------
// Throw to the DB
//-----------------------------------------
IPSMember::save($this->request['member_id'], array('core' => array_merge($newMember, $additionalCore), 'extendedProfile' => array_merge(array('pp_gender' => $this->request['pp_gender'] == 'male' ? 'male' : ($this->request['pp_gender'] == 'female' ? 'female' : ''), 'pp_bio_content' => IPSText::mbsubstr(nl2br($this->request['pp_bio_content']), 0, 300), 'pp_about_me' => $aboutme, 'signature' => $signature, 'pp_reputation_points' => intval($this->request['pp_reputation_points']), 'pp_status' => $this->request['pp_status'], 'pp_setting_count_visitors' => intval($this->request['pp_setting_count_visitors']), 'pp_setting_count_comments' => intval($this->request['pp_setting_count_comments']), 'pp_setting_count_friends' => intval($this->request['pp_setting_count_friends']), 'pp_setting_notify_comments' => $this->request['pp_setting_notify_comments'], 'pp_setting_notify_friend' => $this->request['pp_setting_notify_friend'], 'pp_setting_moderate_comments' => intval($this->request['pp_setting_moderate_comments']), 'pp_setting_moderate_friends' => intval($this->request['pp_setting_moderate_friends'])), $additionalExtended)));
if ($member['member_group_id'] != $newMember['member_group_id']) {
IPSLib::runMemberSync('onGroupChange', $this->request['member_id'], $newMember['member_group_id']);
//-----------------------------------------
// Remove restrictions if member demoted
// Commenting out as this may cause more problems than it's worth
// e.g. if you had accidentally changed their group, you'd need to reconfigure all restrictions
//-----------------------------------------
/*if( !$this->caches['group_cache'][ $newMember['member_group_id'] ]['g_access_cp'] )
{
$this->DB->delete( 'admin_permission_rows', 'row_id=' . $member['member_id'] . " AND row_id_type='member'" );
}*/
}
//-----------------------------------------
// Restriction permissions stuff
//-----------------------------------------
if (is_array($this->registry->getClass('class_permissions')->restrictions_row) and count($this->registry->getClass('class_permissions')->restrictions_row)) {
$is_admin = 0;
$groups = ipsRegistry::cache()->getCache('group_cache');
if (is_array($this->request['mgroup_others']) and count($this->request['mgroup_others'])) {
foreach ($this->request['mgroup_others'] as $omg) {
if ($groups[intval($omg)]['g_access_cp']) {
$is_admin = 1;
break;
}
}
}
if ($groups[intval($this->request['member_group_id'])]['g_access_cp']) {
$is_admin = 1;
}
if ($is_admin) {
//-------------------------------------------------
// Copy restrictions if they do not have any yet...
//-------------------------------------------------
$check = $this->DB->buildAndFetch(array('select' => 'row_updated', 'from' => 'admin_permission_rows', 'where' => "row_id_type='member' AND row_id=" . $this->request['member_id']));
if (!$check['row_updated']) {
$this->DB->replace('admin_permission_rows', array('row_id' => $this->request['member_id'], 'row_id_type' => 'member', 'row_perm_cache' => serialize($this->registry->getClass('class_permissions')->restrictions_row), 'row_updated' => time()), array('row_id', 'row_id_type'));
}
}
}
//-----------------------------------------
// Moved from validating group?
//-----------------------------------------
if ($member['member_group_id'] == $this->settings['auth_group']) {
if ($this->request['member_group_id'] != $this->settings['auth_group']) {
//-----------------------------------------
// Yes...
//-----------------------------------------
$this->DB->delete('validating', "member_id=" . $this->request['member_id']);
}
}
//-----------------------------------------
// Custom profile field stuff
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$fields = new customProfileFields();
$fields->initData('edit');
$fields->parseToSave($_POST);
//-----------------------------------------
// Custom profile field stuff
//-----------------------------------------
if (count($fields->out_fields)) {
//-----------------------------------------
// Do we already have an entry in
// the content table?
//-----------------------------------------
$test = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'pfields_content', 'where' => 'member_id=' . $this->request['member_id']));
if ($test['member_id']) {
//-----------------------------------------
// We have it, so simply update
//-----------------------------------------
$this->DB->force_data_type = array();
foreach ($fields->out_fields as $_field => $_data) {
$this->DB->force_data_type[$_field] = 'string';
}
$this->DB->update('pfields_content', $fields->out_fields, 'member_id=' . $this->request['member_id']);
} else {
$this->DB->force_data_type = array();
foreach ($fields->out_fields as $_field => $_data) {
$this->DB->force_data_type[$_field] = 'string';
}
$fields->out_fields['member_id'] = $this->request['member_id'];
$this->DB->insert('pfields_content', $fields->out_fields);
}
}
/* Update cache */
IPSContentCache::update($this->request['member_id'], 'sig', $cacheSignature);
//-----------------------------------------
// Redirect
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_editedlog'], $member['members_display_name']));
$this->registry->output->global_message = $this->lang->words['m_edited'];
$newMember['member_id'] = $this->request['member_id'];
$newMember['members_display_name'] = $member['members_display_name'];
$triggerGroups = $member['mgroup_others'] ? implode(',', array_merge(is_array($member['mgroup_others']) ? $member['mgroup_others'] : array(), array($member['member_group_id']))) : $member['member_group_id'];
//$this->_memberView();
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . $this->form_code . '&do=viewmember&trigger=' . $triggerGroups . '&member_id=' . $this->request['member_id']);
}
/**
* UserCP Save Form: Email Address
*
* @return mixed Array of errors / boolean true
*/
public function saveFormEmailPassword()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$_emailOne = strtolower(trim($this->request['in_email_1']));
$_emailTwo = strtolower(trim($this->request['in_email_2']));
$cur_pass = trim($this->request['current_pass']);
$new_pass = trim($this->request['new_pass_1']);
$chk_pass = trim($this->request['new_pass_2']);
$isRemote = (!$this->memberData['bw_local_password_set'] and $this->memberData['members_created_remote']) ? true : false;
if ($cur_pass or $new_pass) {
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if ($isRemote === false and (!$_POST['current_pass'] or empty($new_pass) or empty($chk_pass))) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Do the passwords actually match?
//-----------------------------------------
if ($new_pass != $chk_pass) {
return array(0 => $this->lang->words['passwords_not_matchy']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if ($isRemote === false) {
if ($this->_checkPassword($cur_pass) !== TRUE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
} else {
/* This is INIT in _checkPassword */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
}
//-----------------------------------------
// Create new password...
//-----------------------------------------
$md5_pass = md5($new_pass);
//-----------------------------------------
// han_login was loaded during check_password
//-----------------------------------------
$this->han_login->changePass($this->memberData['email'], $md5_pass, $new_pass, $this->memberData);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['hanlogin_pw_failed']);
}
//-----------------------------------------
// Update the DB
//-----------------------------------------
IPSMember::updatePassword($this->memberData['email'], $md5_pass);
IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $new_pass);
//-----------------------------------------
// Update members log in key...
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
IPSMember::save($this->memberData['member_id'], array('core' => array('member_login_key' => $key, 'bw_local_password_set' => 1)));
$this->ok_message = $this->lang->words['pw_change_successful'];
}
if ($_emailOne or $_emailTwo) {
//-----------------------------------------
// Do not allow validating members to change
// email when admin validation is on
// @see http://community.invisionpower.com/tracker/issue-19964-loophole-in-registration-procedure/
//-----------------------------------------
if ($this->memberData['member_group_id'] == $this->settings['auth_group'] and in_array($this->settings['reg_auth_type'], array('admin', 'admin_user'))) {
$this->registry->output->showError($this->lang->words['admin_val_no_email_chg'], 10190);
}
//-----------------------------------------
// Check input
//-----------------------------------------
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if (!$_POST['in_email_1'] or !$_POST['in_email_2']) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if (!$this->_isFBUser) {
if ($this->_checkPassword($this->request['password']) === FALSE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
}
//-----------------------------------------
// Test email addresses
//-----------------------------------------
if ($_emailOne != $_emailTwo) {
return array(0 => $this->lang->words['emails_no_matchy']);
}
if (IPSText::checkEmailAddress($_emailOne) !== TRUE) {
return array(0 => $this->lang->words['email_not_valid']);
}
//-----------------------------------------
// Is this email addy taken?
//-----------------------------------------
if (IPSMember::checkByEmail($_emailOne) == TRUE) {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Load ban filters
//-----------------------------------------
$banfilters = array();
$this->DB->build(array('select' => '*', 'from' => 'banfilters'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$banfilters[$r['ban_type']][] = $r['ban_content'];
}
//-----------------------------------------
// Check in banned list
//-----------------------------------------
if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) {
foreach ($banfilters['email'] as $email) {
$email = str_replace('\\*', '.*', preg_quote($email, "/"));
if (preg_match("/^{$email}\$/i", $_emailOne)) {
return array(0 => $this->lang->words['email_is_taken']);
}
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) {
return array(0 => $this->lang->words['email_is_taken']);
}
$this->han_login->changeEmail($this->memberData['email'], $_emailOne, $this->memberData);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Want a new validation? NON ADMINS ONLY
//-----------------------------------------
if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) {
//-----------------------------------------
// Remove any existing entries
//-----------------------------------------
$_previous = $this->DB->buildAndFetch(array('select' => 'prev_email, real_group', 'from' => 'validating', 'where' => "member_id={$this->memberData['member_id']} AND email_chg=1"));
if ($_previous['prev_email']) {
$this->DB->delete('validating', "member_id={$this->memberData['member_id']} AND email_chg=1");
$this->memberData['email'] = $_previous['prev_email'];
$this->memberData['member_group_id'] = $_previous['real_group'];
}
$validate_key = md5(IPSMember::makePassword() . time());
//-----------------------------------------
// Update the new email, but enter a validation key
// and put the member in "awaiting authorisation"
// and send an email..
//-----------------------------------------
$db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->member->ip_address, 'prev_email' => $this->memberData['email']);
if ($this->memberData['member_group_id'] != $this->settings['auth_group']) {
$db_str['real_group'] = $this->memberData['member_group_id'];
}
$this->DB->insert('validating', $db_str);
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne)));
//-----------------------------------------
// Update their session with the new member group
//-----------------------------------------
if ($this->member->session_id) {
$this->member->sessionClass()->convertMemberToGuest();
}
//-----------------------------------------
// Kill the cookies to stop auto log in
//-----------------------------------------
IPSCookie::set('pass_hash', '-1', 0);
IPSCookie::set('member_id', '-1', 0);
IPSCookie::set('session_id', '-1', 0);
//-----------------------------------------
// Dispatch the mail, and return to the activate form.
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("newemail");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'publicNoSession', 'false'), 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=07", 'publicNoSession', 'false'), 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $_emailOne;
IPSText::getTextClass('email')->sendMail();
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global&section=register&do=07');
} else {
//-----------------------------------------
// No authorisation needed, change email addy and return
//-----------------------------------------
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne)));
//-----------------------------------------
// Add to OK message
//-----------------------------------------
$this->ok_message = $this->lang->words['ok_email_changed'];
}
}
return TRUE;
}
/**
* Updates member's DB row name or members_display_name
*
* @todo [Future] Separate out forum specific stuff (moderators, etc) and move into hooks
* @access public
* @param string Member id
* @param string New name
* @param string Field to update (name or display name)
* @return mixed True if update successful, otherwise exception or false
* Error Codes:
* NO_USER Could not load the user
* NO_PERMISSION This user cannot change their display name at all
* NO_MORE_CHANGES The user cannot change their display name again in this time period
* NO_NAME No display name (or shorter than 3 chars was given)
* ILLEGAL_CHARS The display name contains illegal characters
* USER_NAME_EXISTS The username already exists
*/
public function updateName($member_id, $name, $field = 'members_display_name')
{
//-----------------------------------------
// Load the member
//-----------------------------------------
$member = IPSMember::load($member_id);
$_seoName = IPSText::makeSeoTitle($name);
if (!$member['member_id']) {
throw new Exception("NO_USER");
}
//-----------------------------------------
// Make sure name does not exist
//-----------------------------------------
try {
if ($this->checkNameExists($name, $member, $field) === TRUE) {
throw new Exception("USER_NAME_EXISTS");
} else {
if ($field == 'members_display_name') {
$this->DB->force_data_type = array('dname_previous' => 'string', 'dname_current' => 'string');
$this->DB->insert('dnames_change', array('dname_member_id' => $member_id, 'dname_date' => time(), 'dname_ip_address' => $member['ip_address'], 'dname_previous' => $member['members_display_name'], 'dname_current' => $name));
//-----------------------------------------
// Still here? Change it then
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'members_seo_name' => $_seoName)));
$this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string');
$this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->force_data_type = array('member_name' => 'string', 'seo_name' => 'string');
$this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']);
$this->DB->force_data_type = array('starter_name' => 'string', 'seo_first_name' => 'string');
$this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']);
$this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string');
$this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
} else {
//-----------------------------------------
// If one gets here, one can assume that the new name is correct for one, er...one.
// So, lets do the converteroo
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('name' => $name, 'members_l_username' => strtolower($name), 'members_seo_name' => $_seoName)));
$this->DB->force_data_type = array('member_name' => 'string');
$this->DB->update('moderators', array('member_name' => $name), "member_id=" . $member['member_id']);
if (!$this->settings['auth_allow_dnames']) {
//-----------------------------------------
// Not using sep. display names?
//-----------------------------------------
IPSMember::save($member['member_id'], array('core' => array('members_display_name' => $name, 'members_l_display_name' => strtolower($name), 'members_seo_name' => $_seoName)));
$this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string');
$this->DB->update('forums', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
$this->DB->force_data_type = array('member_name' => 'string', 'seo_name' => 'string');
$this->DB->update('sessions', array('member_name' => $name, 'seo_name' => $_seoName), "member_id=" . $member['member_id']);
$this->DB->force_data_type = array('starter_name' => 'string', 'seo_first_name' => 'string');
$this->DB->update('topics', array('starter_name' => $name, 'seo_first_name' => $_seoName), "starter_id=" . $member['member_id']);
$this->DB->force_data_type = array('last_poster_name' => 'string', 'seo_last_name' => 'string');
$this->DB->update('topics', array('last_poster_name' => $name, 'seo_last_name' => $_seoName), "last_poster_id=" . $member['member_id']);
}
}
//-----------------------------------------
// Recache moderators
//-----------------------------------------
$this->registry->cache()->rebuildCache('moderators', 'forums');
//-----------------------------------------
// Recache announcements
//-----------------------------------------
$this->registry->cache()->rebuildCache('announcements', 'forums');
//-----------------------------------------
// Stats to Update?
//-----------------------------------------
$this->registry->cache()->rebuildCache('stats', 'core');
IPSLib::runMemberSync('onNameChange', $member['member_id'], $name);
return TRUE;
}
} catch (Exception $error) {
throw new Exception($error->getMessage());
}
}
/**
* Change a member's password
*
* @return @e void [Outputs to screen]
*/
protected function save_password()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$member_id = intval($this->request['member_id']);
$password = IPSText::parseCleanValue($_POST['password']);
$password2 = IPSText::parseCleanValue($_POST['password2']);
$new_key = intval($this->request['new_key']);
$new_salt = intval($this->request['new_salt']);
$salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5));
$key = IPSMember::generateAutoLoginKey();
$md5_once = md5(trim($password));
//-----------------------------------------
// AJAX debug
//-----------------------------------------
IPSDebug::fireBug('info', array('Password: '******'password_nogood']);
}
if ($password != $password2) {
$this->registry->output->showError($this->lang->words['m_passmatch']);
}
//-----------------------------------------
// Get member
//-----------------------------------------
$member = IPSMember::load($member_id);
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
$this->registry->output->showError($this->lang->words['m_editadmin']);
}
//-----------------------------------------
// Check Converge: Password
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changePass($member['email'], $md5_once, $password, $member);
/*if ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' )
{
$this->returnJsonError( $this->lang->words['m_passchange']);
exit();
}*/
//-----------------------------------------
// Local DB
//-----------------------------------------
$update = array();
if ($new_salt) {
$update['members_pass_salt'] = $salt;
}
if ($new_key) {
$update['member_login_key'] = $key;
}
if (count($update)) {
IPSMember::save($member_id, array('core' => $update));
}
IPSMember::updatePassword($member_id, $md5_once);
IPSLib::runMemberSync('onPassChange', $member_id, $password);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_passlog'], $member_id));
$this->registry->output->global_message = $this->lang->words['pw_updated_success'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id);
}
/**
* Displays the registration form
*
* @access public
* @param array $form_errors
* @return void
*/
public function registerForm($form_errors = array())
{
/* INIT */
$final_errors = array();
if ($this->settings['no_reg'] == 1) {
$this->registry->output->showError('registration_disabled', 10123);
}
$coppa = IPSCookie::get('coppa');
if ($coppa == 'yes') {
$this->registry->output->showError('awaiting_coppa', 10124);
}
$this->settings['username_errormsg'] = str_replace('{chars}', $this->settings['username_characters'], $this->settings['username_errormsg']);
/* Read T&Cs yet? */
if (!$this->request['termsread']) {
if ($this->memberData['member_id']) {
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
//-----------------------------------------
// Set some cookies
//-----------------------------------------
IPSCookie::set("member_id", "0");
IPSCookie::set("pass_hash", "0");
IPSCookie::set("anonlogin", "-1");
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $cookie => $value) {
if (stripos($cookie, $this->settings['cookie_id'] . "ipbforum") !== false) {
IPSCookie::set(str_replace($this->settings['cookie_id'], "", $match[0]), '-', -1);
}
}
}
//-----------------------------------------
// Logout callbacks...
//-----------------------------------------
$this->han_login->logoutCallback();
//-----------------------------------------
// Do it..
//-----------------------------------------
$this->member->sessionClass()->convertMemberToGuest();
list($privacy, $loggedin) = explode('&', $this->memberData['login_anonymous']);
IPSMember::save($this->memberData['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => time())));
}
/* Continue */
$cache = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'core_sys_conf_settings', 'where' => "conf_key='reg_rules'"));
$text = $cache['conf_value'] ? $cache['conf_value'] : $cache['conf_default'];
/* Load the Parser */
IPSText::getTextClass('bbcode')->bypass_badwords = 1;
IPSText::getTextClass('bbcode')->parse_smilies = 1;
IPSText::getTextClass('bbcode')->parse_html = 1;
IPSText::getTextClass('bbcode')->parse_bbcode = 1;
IPSText::getTextClass('bbcode')->parsing_section = 'global';
$text = IPSText::getTextClass('bbcode')->preDbParse($text);
$text = IPSText::getTextClass('bbcode')->preDisplayParse($text);
$this->registry->output->setTitle($this->lang->words['registration_form']);
$this->registry->output->addNavigation($this->lang->words['registration_form'], '');
$this->output .= $this->registry->output->getTemplate('register')->registerShowTerms($text, $coppa);
return;
} else {
/* Did we agree to the t&c? */
if (!$this->request['agree_to_terms']) {
$this->registry->output->showError('must_agree_to_terms', 10125);
}
}
/* Do we have another URL that one needs to visit to register? */
$this->DB->build(array('select' => '*', 'from' => 'login_methods', 'where' => 'login_enabled=1'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
if ($r['login_register_url']) {
$this->registry->output->silentRedirect($r['login_register_url']);
exit;
}
}
/* Continue... */
if ($this->settings['reg_auth_type']) {
if ($this->settings['reg_auth_type'] == 'admin_user' or $this->settings['reg_auth_type'] == 'user') {
$this->lang->words['std_text'] .= "<br />" . $this->lang->words['email_validate_text'];
}
/* User then admin? */
if ($this->settings['reg_auth_type'] == 'admin_user') {
$this->lang->words['std_text'] .= "<br />" . $this->lang->words['user_admin_validation'];
}
if ($this->settings['reg_auth_type'] == 'admin') {
$this->lang->words['std_text'] .= "<br />" . $this->lang->words['just_admin_validation'];
}
}
$captchaHTML = '';
$qandaHTML = '';
$this->cache->updateCacheWithoutSaving('_hasStep3', 0);
/* Q and A Challenge */
if ($this->settings['registration_qanda']) {
// Grab a random question...
$question = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'order' => 'rand()', 'limit' => array(1)));
if (count($question)) {
$qandaHTML = $this->registry->output->getTemplate('global_other')->questionAndAnswer($question);
}
}
/* Custom Profile Fields */
$custom_fields_out = array('required', 'optional');
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$custom_fields = new customProfileFields();
$custom_fields->member_data = $member;
$custom_fields->initData('edit');
$custom_fields->parseToEdit('register');
if (count($custom_fields->out_fields)) {
$this->cache->updateCacheWithoutSaving('_hasStep3', 1);
foreach ($custom_fields->out_fields as $id => $form_element) {
if ($custom_fields->cache_data[$id]['pf_not_null'] == 1) {
$ftype = 'required';
} else {
$ftype = 'optional';
}
$custom_fields_out[$ftype][] = array('name' => $custom_fields->field_names[$id], 'desc' => $custom_fields->field_desc[$id], 'field' => $form_element, 'id' => $id, 'error' => $error, 'type' => $custom_fields->cache_data[$id]['pf_type']);
}
}
/* CAPTCHA */
if ($this->settings['bot_antispam']) {
$captchaHTML = $this->registry->getClass('class_captcha')->getTemplate();
}
$this->registry->output->setTitle($this->lang->words['registration_form']);
$this->registry->output->addNavigation($this->lang->words['registration_form'], '');
/* Other errors */
$final_errors = array('username' => NULL, 'dname' => NULL, 'password' => NULL, 'email' => NULL);
foreach (array('username', 'dname', 'password', 'email') as $thing) {
if (isset($form_errors[$thing]) and is_array($form_errors[$thing]) and count($form_errors[$thing])) {
$final_errors[$thing] = implode("<br />", $form_errors[$thing]);
}
}
$this->request['UserName'] = $this->request['UserName'] ? $this->request['UserName'] : '';
$this->request['PassWord'] = $this->request['PassWord'] ? $this->request['PassWord'] : '';
$this->request['EmailAddress'] = $this->request['EmailAddress'] ? $this->request['EmailAddress'] : '';
$this->request['EmailAddress_two'] = $this->request['EmailAddress_two'] ? $this->request['EmailAddress_two'] : '';
$this->request['PassWord_Check'] = $this->request['PassWord_Check'] ? $this->request['PassWord_Check'] : '';
$this->request['members_display_name'] = $this->request['members_display_name'] ? $this->request['members_display_name'] : '';
$this->request['time_offset'] = $this->request['time_offset'] ? $this->request['time_offset'] : '';
$this->request['allow_member_mail'] = $this->request['allow_member_mail'] ? $this->request['allow_member_mail'] : '';
$this->request['dst'] = $this->request['dst'] ? $this->request['dst'] : '';
/* Time zone... */
$this->registry->class_localization->loadLanguageFile(array('public_usercp'), 'core');
$time_select = array();
foreach ($this->lang->words as $k => $v) {
if (strpos($k, "time_") === 0) {
$k = str_replace("time_", '', $k);
if (preg_match("/^[\\-\\d\\.]+\$/", $k)) {
$time_select[$k] = $v;
}
}
}
ksort($time_select);
/* set default.. */
$this->request['time_offset'] = $this->request['time_offset'] ? $this->request['time_offset'] : $this->settings['time_offset'];
/* Need username? */
$uses_name = false;
foreach ($this->cache->getCache('login_methods') as $method) {
if ($method['login_user_id'] == 'username') {
$uses_name = true;
}
}
/* Get form HTML */
$this->output .= $this->registry->output->getTemplate('register')->registerForm($form_errors['general'], array('TEXT' => $this->lang->words['std_text'], 'coppa_user' => $coppa, 'captchaHTML' => $captchaHTML, 'qandaHTML' => $qandaHTML, 'requireName' => $uses_name), $final_errors, $time_select, $custom_fields_out);
/* Run the member sync module */
IPSLib::runMemberSync('onRegisterForm');
}
public function changePW($newPass, $member, $currentPass = false)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSText::parseCleanValue(urldecode($newPass));
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member);
IPSMember::save($member['member_id'], array('members' => $save_array));
IPSMember::updatePassword($member['member_id'], md5($new_pass));
IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass);
}
/**
* Wrapper for loginAuthenticate - returns more information
*
* @return mixed array [0=Words to show, 1=URL to send to, 2=error message language key]
*/
public function verifyLogin()
{
$url = "";
$member = array();
$username = '';
$email = '';
$password = trim($this->request['ips_password']);
$errors = '';
$core = array();
$mobileSSO = false;
$memberData = $this->registry->member()->fetchMemberData();
/* Mobile app + sso */
if ($memberData['userAgentType'] == 'mobileApp') {
$file = IPS_ROOT_PATH . 'sources/classes/session/ssoMobileAppLogIn.php';
if (is_file($file)) {
require_once $file;
if (class_exists('ssoMobileAppLogIn')) {
$mobileSSO = true;
$logIn = new ssoMobileAppLogIn($this->registry);
$done = $logIn->authenticate($this->request['ips_username'], $password);
$this->return_code = $done['code'];
$this->member_data = IPSMember::load(intval($done['memberId']));
$member = $this->member_data;
}
}
}
/* No mobile log in? Log in normally */
if (!$mobileSSO) {
//-----------------------------------------
// Is this a username or email address?
//-----------------------------------------
if (IPSText::checkEmailAddress($this->request['ips_username'])) {
$email = $this->request['ips_username'];
} else {
$username = $this->request['ips_username'];
}
//-----------------------------------------
// Check auth
//-----------------------------------------
$this->loginAuthenticate($username, $email, $password);
$member = $this->member_data;
}
//-----------------------------------------
// Check return code...
//-----------------------------------------
if ($this->return_code != 'SUCCESS') {
if ($this->return_code == 'MISSING_DATA') {
return array(null, null, 'complete_form');
}
if ($this->return_code == 'ACCOUNT_LOCKED') {
$extra = "<!-- -->";
if ($this->settings['ipb_bruteforce_unlock']) {
if ($this->account_unlock) {
$time = time() - $this->account_unlock;
$time = $this->settings['ipb_bruteforce_period'] - ceil($time / 60) > 0 ? $this->settings['ipb_bruteforce_period'] - ceil($time / 60) : 1;
}
}
return array(null, null, $this->settings['ipb_bruteforce_unlock'] ? 'bruteforce_account_unlock' : 'bruteforce_account_lock', $time);
} else {
if ($this->return_code == 'MISSING_EXTENSIONS') {
return array(null, null, 'missing_extensions');
} else {
if ($this->return_code == 'FLAGGED_REMOTE') {
return array(null, null, 'flagged_remote');
} else {
if ($this->return_code == 'VALIDATING') {
if ($this->revalidate_url == 'ADMIN_VALIDATION') {
return array(null, null, 'validating_remote', ipsRegistry::getClass('class_localization')->words['admin_validation_msg']);
} else {
return array(null, null, 'validating_remote', "<a href='{$this->revalidate_url}' target='_blank'>" . ipsRegistry::getClass('class_localization')->words['resend_val'] . "</a>");
}
} else {
return array(null, null, 'wrong_auth');
}
}
}
}
}
//-----------------------------------------
// Is this a partial member?
// Not completed their sign in?
//-----------------------------------------
if ($member['members_created_remote'] and isset($member['full']) and !$member['full']) {
return array($this->registry->getClass('class_localization')->words['partial_login'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=complete_login&mid=' . $member['member_id'] . '&key=' . $member['timenow']);
}
//-----------------------------------------
// Generate a new log in key
//-----------------------------------------
$_ok = 1;
$_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0;
$_sticky = $_time ? 0 : 1;
$_days = $_time ? $this->settings['login_key_expire'] : 365;
if (!$member['member_login_key'] or $this->settings['login_key_expire'] and time() > $member['member_login_key_expire']) {
$member['member_login_key'] = IPSMember::generateAutoLoginKey();
$core['member_login_key'] = $member['member_login_key'];
$core['member_login_key_expire'] = $_time;
}
//-----------------------------------------
// Cookie me softly?
//-----------------------------------------
if ($this->request['rememberMe']) {
IPSCookie::set("member_id", $member['member_id'], 1, 0, FALSE, TRUE);
IPSCookie::set("pass_hash", $member['member_login_key'], $_sticky, $_days, FALSE, TRUE);
IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '1', $_sticky, $_days, FALSE, FALSE);
} else {
// Ticket 824266
// IPSCookie::set( "member_id" , $member['member_id'], 0 );
// IPSCookie::set( "pass_hash" , $member['member_login_key'], 0 );
IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '1', 0, 0, FALSE, FALSE);
}
//-----------------------------------------
// Remove any COPPA cookies previously set
//-----------------------------------------
IPSCookie::set("coppa", '0', 0);
//-----------------------------------------
// Update profile if IP addr missing
//-----------------------------------------
if ($member['ip_address'] == "" or $member['ip_address'] == '127.0.0.1') {
$core['ip_address'] = $this->registry->member()->ip_address;
}
//-----------------------------------------
// Create / Update session
//-----------------------------------------
$privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['anonymous']) ? 1 : 0;
$session_id = $this->registry->member()->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
if (!empty($this->request['referer']) and $this->request['section'] != 'register') {
if (stripos($this->request['referer'], 'section=register') or stripos($this->request['referer'], 'section=login') or stripos($this->request['referer'], 'section=lostpass') or stripos($this->request['referer'], CP_DIRECTORY . '/')) {
$url = $this->settings['base_url'];
} else {
$url = str_replace('&', '&', $this->request['referer']);
if ($this->registry->member()->session_type == 'cookie') {
$url = preg_replace('#s=(\\w){32}#', "", $url);
}
}
} else {
$url = $this->settings['base_url'];
}
//-----------------------------------------
// Set our privacy status
//-----------------------------------------
$core['login_anonymous'] = intval($privacy) . '&1';
$core['failed_logins'] = '';
$core['failed_login_count'] = 0;
IPSMember::save($member['member_id'], array('core' => $core));
//-----------------------------------------
// Clear out any passy change stuff
//-----------------------------------------
$this->DB->delete('validating', 'member_id=' . $this->registry->member()->getProperty('member_id') . ' AND lost_pass=1');
//-----------------------------------------
// Run member sync
//-----------------------------------------
$member['plainPassword'] = $password;
IPSLib::runMemberSync('onLogin', $member);
unset($member['plainPassword']);
//-----------------------------------------
// Redirect them to either the board
// index, or where they came from
//-----------------------------------------
if (!empty($this->request['return'])) {
$return = urldecode($this->request['return']);
if (strpos($return, "http://") === 0 || strpos($return, "https://") === 0) {
return array($this->registry->getClass('class_localization')->words['partial_login'], $return);
}
}
//-----------------------------------------
// Still here?
//-----------------------------------------
return array($this->registry->getClass('class_localization')->words['partial_login'], $url);
}
/**
* Create a local member account [public interface]
*
* @access public
* @param array Member Information [members,pfields,profile_portal]
* @return array New member information
*/
public function createLocalMember($member)
{
$member['members']['members_created_remote'] = true;
$member['members']['members_display_name'] = $member['members']['members_display_name'] ? $member['members']['members_display_name'] : $member['members']['name'];
// #38703 timezone when registering
$member['members']['time_offset'] = $member['members']['time_offset'] ? $member['members']['time_offset'] : $this->settings['time_offset'];
$_return = IPSMember::create($member, FALSE, FALSE, TRUE);
$this->cache->rebuildCache('stats', 'global');
if ($_return['full']) {
IPSLib::runMemberSync('onCompleteAccount', $_return);
}
return $_return;
}
/**
* Process Logout
*
* @param int ID number
* @param string md5( IPS Connect Key (see login method) . ID number )
* @param string Redirect URL, Base64 encoded
* @param string md5( IPS Connect Key . $redirect )
* @return mixed If the redirect URL is provided, this function should redirect the user to that URL
* If blank, will output blank screen
*/
public function logout($id, $key, $redirect, $redirectHash)
{
if ($key != md5($this->masterKey . $id)) {
$this->_return(base64_encode($this->settings['board_url']));
}
IPSCookie::set("ipsconnect_" . md5($this->settings['board_url'] . '/interface/ipsconnect/ipsconnect.php'), '0', 1, 0, FALSE, FALSE);
$member = IPSMember::load(intval($id), 'none', 'id');
if ($member['member_id']) {
IPSCookie::set("member_id", "0");
IPSCookie::set("pass_hash", "0");
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $cookie => $value) {
if (stripos($cookie, $this->settings['cookie_id'] . 'ipbforumpass') !== false and !strstr($value, 'mobileApp')) {
IPSCookie::set(str_replace($this->settings['cookie_id'], "", $cookie), '-', -1);
}
}
}
$this->member->sessionClass()->convertMemberToGuest();
$privacy = intval(IPSMember::isLoggedInAnon($member));
IPSMember::save($member['member_id'], array('core' => array('login_anonymous' => "{$privacy}&0", 'last_activity' => IPS_UNIX_TIME_NOW)));
IPSLib::runMemberSync('onLogOut', $member);
$this->han_login->logoutCallback($member);
/* Run any custom code */
$this->_runCustom('logout', array($member));
}
if ($redirect) {
$redirect = $redirectHash == md5($this->masterKey . $redirect) ? $redirect : base64_encode($this->settings['board_url']);
}
$this->_return($redirect);
}
/**
* UserCP Save Form: Email Address
*
* @access public
* @return mixed Array of errors / boolean true
*/
public function saveFormEmail()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$_emailOne = strtolower(trim($this->request['in_email_1']));
$_emailTwo = strtolower(trim($this->request['in_email_2']));
$captchaInput = trim(ipsRegistry::$request['captchaInput']);
$captchaUniqueID = trim(ipsRegistry::$request['captchaUniqueID']);
//-----------------------------------------
// Check input
//-----------------------------------------
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if (!$_POST['in_email_1'] or !$_POST['in_email_2']) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if (!$this->_isFBUser) {
if ($this->_checkPassword($this->request['password']) === FALSE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
}
//-----------------------------------------
// Test email addresses
//-----------------------------------------
if ($_emailOne != $_emailTwo) {
return array(0 => $this->lang->words['emails_no_matchy']);
}
if (IPSText::checkEmailAddress($_emailOne) !== TRUE) {
return array(0 => $this->lang->words['email_not_valid']);
}
//-----------------------------------------
// Is this email addy taken?
//-----------------------------------------
if (IPSMember::checkByEmail($_emailOne) == TRUE) {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Load ban filters
//-----------------------------------------
$this->DB->build(array('select' => '*', 'from' => 'banfilters'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$banfilters[$r['ban_type']][] = $r['ban_content'];
}
//-----------------------------------------
// Check in banned list
//-----------------------------------------
if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) {
foreach ($banfilters['email'] as $email) {
$email = str_replace('\\*', '.*', preg_quote($email, "/"));
if (preg_match("/^{$email}\$/i", $_emailOne)) {
return array(0 => $this->lang->words['email_is_taken']);
}
}
}
//-----------------------------------------
// Anti bot flood...
//-----------------------------------------
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
return array(0 => $this->lang->words['captcha_email_invalid']);
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) {
return array(0 => $this->lang->words['email_is_taken']);
}
$this->han_login->changeEmail($this->memberData['email'], $_emailOne);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Require new validation? NON ADMINS ONLY
//-----------------------------------------
if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) {
$validate_key = md5(IPSLib::makePassword() . time());
//-----------------------------------------
// Update the new email, but enter a validation key
// and put the member in "awaiting authorisation"
// and send an email..
//-----------------------------------------
$db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->request['IP_ADDRESS'], 'prev_email' => $this->memberData['email']);
if ($this->memberData['member_group_id'] != $this->settings['auth_group']) {
$db_str['real_group'] = $this->memberData['member_group_id'];
}
$this->DB->insert('validating', $db_str);
IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne)));
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne));
//-----------------------------------------
// Update their session with the new member group
//-----------------------------------------
if ($this->member->session_id) {
$this->member->sessionClass()->convertMemberToGuest();
}
//-----------------------------------------
// Kill the cookies to stop auto log in
//-----------------------------------------
IPSCookie::set('pass_hash', '-1', 0);
IPSCookie::set('member_id', '-1', 0);
IPSCookie::set('session_id', '-1', 0);
//-----------------------------------------
// Dispatch the mail, and return to the activate form.
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("newemail");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=07", 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $_emailOne;
IPSText::getTextClass('email')->sendMail();
$this->registry->getClass('output')->redirectScreen($this->lang->words['ce_redirect'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=07');
} else {
//-----------------------------------------
// No authorisation needed, change email addy and return
//-----------------------------------------
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne)));
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne));
//-----------------------------------------
// Add to OK message
//-----------------------------------------
$this->ok_message = $this->lang->words['ok_email_changed'];
return TRUE;
}
}
