function delete_user($user_id, $delete_posts = false) { global $forum_db, $db_type, $forum_config; $return = ($hook = get_hook('fn_delete_user_start')) ? eval($hook) : null; if ($return != null) { return; } // First we need to get some data on the user $query = array('SELECT' => 'u.username, u.group_id, g.g_moderator', 'FROM' => 'users AS u', 'JOINS' => array(array('INNER JOIN' => 'groups AS g', 'ON' => 'g.g_id=u.group_id')), 'WHERE' => 'u.id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_get_user_data')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); $user = $forum_db->fetch_assoc($result); // Delete any subscriptions $query = array('DELETE' => 'subscriptions', 'WHERE' => 'user_id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_delete_subscriptions')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); // Delete any subscriptions forum $query = array('DELETE' => 'forum_subscriptions', 'WHERE' => 'user_id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_delete_forum_subscriptions')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); // Remove him/her from the online list (if they happen to be logged in) $query = array('DELETE' => 'online', 'WHERE' => 'user_id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_delete_online')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); // Should we delete all posts made by this user? if ($delete_posts) { @set_time_limit(0); // Find all posts made by this user $query = array('SELECT' => 'p.id, p.topic_id, t.forum_id, t.first_post_id', 'FROM' => 'posts AS p', 'JOINS' => array(array('INNER JOIN' => 'topics AS t', 'ON' => 't.id=p.topic_id')), 'WHERE' => 'p.poster_id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_get_user_posts')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); while ($cur_post = $forum_db->fetch_assoc($result)) { if ($cur_post['first_post_id'] == $cur_post['id']) { delete_topic($cur_post['topic_id'], $cur_post['forum_id']); } else { delete_post($cur_post['id'], $cur_post['topic_id'], $cur_post['forum_id']); } } } else { // Set all his/her posts to guest $query = array('UPDATE' => 'posts', 'SET' => 'poster_id=1', 'WHERE' => 'poster_id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_reset_user_posts')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); } // Delete the user $query = array('DELETE' => 'users', 'WHERE' => 'id=' . $user_id); ($hook = get_hook('fn_delete_user_qr_delete_user')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); // Delete user avatar delete_avatar($user_id); // If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums // and regenerate the bans cache (in case he/she created any bans) if ($user['group_id'] == FORUM_ADMIN || $user['g_moderator'] == '1') { clean_forum_moderators(); // Regenerate the bans cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FORUM_ROOT . 'include/cache.php'; } generate_bans_cache(); } ($hook = get_hook('fn_delete_user_end')) ? eval($hook) : null; }
} else { error('There is no valid language pack \'' . luna_htmlspecialchars($luna_user['language']) . '\' installed. Please reinstall a language of that name'); } // Check if we are to display a maintenance message if ($luna_config['o_maintenance'] && $luna_user['g_id'] > FORUM_ADMIN && !defined('FORUM_TURN_OFF_MAINT')) { maintenance_message(); } // Load cached bans if (file_exists(FORUM_CACHE_DIR . 'cache_bans.php')) { include FORUM_CACHE_DIR . 'cache_bans.php'; } if (!defined('FORUM_BANS_LOADED')) { if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FORUM_ROOT . 'include/cache.php'; } generate_bans_cache(); require FORUM_CACHE_DIR . 'cache_bans.php'; } // Check if current user is banned check_bans(); // Update online list update_users_online(); // Check to see if we logged in without a cookie being set if ($luna_user['is_guest'] && isset($_GET['login'])) { message(__('You appear to have logged in successfully, however a cookie has not been set. Please check your settings and if applicable, enable cookies for this website.', 'luna')); } // The maximum size of a comment, in bytes, since the field is now MEDIUMTEXT this allows ~16MB but lets cap at 1MB... if (!defined('FORUM_MAX_POSTSIZE')) { define('FORUM_MAX_POSTSIZE', 1048576); } if (!defined('FORUM_SEARCH_MIN_WORD')) {
function check_bans() { global $feather_config, $lang_common, $feather_bans; // Get Slim current session $feather = \Slim\Slim::getInstance(); // Admins and moderators aren't affected if ($feather->user->is_admmod || !$feather_bans) { return; } // Add a dot or a colon (depending on IPv4/IPv6) at the end of the IP address to prevent banned address // 192.168.0.5 from matching e.g. 192.168.0.50 $user_ip = get_remote_address(); $user_ip .= strpos($user_ip, '.') !== false ? '.' : ':'; $bans_altered = false; $is_banned = false; foreach ($feather_bans as $cur_ban) { // Has this ban expired? if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time()) { \DB::for_table('bans')->where('id', $cur_ban['id'])->delete_many(); $bans_altered = true; continue; } if ($cur_ban['username'] != '' && utf8_strtolower($feather->user->username) == utf8_strtolower($cur_ban['username'])) { $is_banned = true; } if ($cur_ban['ip'] != '') { $cur_ban_ips = explode(' ', $cur_ban['ip']); $num_ips = count($cur_ban_ips); for ($i = 0; $i < $num_ips; ++$i) { // Add the proper ending to the ban if (strpos($user_ip, '.') !== false) { $cur_ban_ips[$i] = $cur_ban_ips[$i] . '.'; } else { $cur_ban_ips[$i] = $cur_ban_ips[$i] . ':'; } if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) { $is_banned = true; break; } } } if ($is_banned) { \DB::for_table('online')->where('ident', $feather->user->username)->delete_many(); message($lang_common['Ban message'] . ' ' . ($cur_ban['expire'] != '' ? $lang_common['Ban message 2'] . ' ' . strtolower(format_time($cur_ban['expire'], true)) . '. ' : '') . ($cur_ban['message'] != '' ? $lang_common['Ban message 3'] . '<br /><br /><strong>' . feather_escape($cur_ban['message']) . '</strong><br /><br />' : '<br /><br />') . $lang_common['Ban message 4'] . ' <a href="mailto:' . feather_escape($feather_config['o_admin_email']) . '">' . feather_escape($feather_config['o_admin_email']) . '</a>.', true, true, true); } } // If we removed any expired bans during our run-through, we need to regenerate the bans cache if ($bans_altered) { if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FEATHER_ROOT . 'include/cache.php'; } generate_bans_cache(); } }
function check_bans() { global $db, $pun_config, $lang_common, $pun_user, $pun_bans; // Admins and moderators aren't affected if ($pun_user['is_admmod'] || !$pun_bans) { return; } // Add a dot or a colon (depending on IPv4/IPv6) at the end of the IP address to prevent banned address // 192.168.0.5 from matching e.g. 192.168.0.50 $user_ip = get_remote_address(); $user_ip .= strpos($user_ip, '.') !== false ? '.' : ':'; $bans_altered = false; $is_banned = false; foreach ($pun_bans as $cur_ban) { // Has this ban expired? if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time()) { $db->query('DELETE FROM ' . $db->prefix . 'bans WHERE id=' . $cur_ban['id']) or error('Unable to delete expired ban', __FILE__, __LINE__, $db->error()); $bans_altered = true; continue; } if ($cur_ban['username'] != '' && utf8_strtolower($pun_user['username']) == utf8_strtolower($cur_ban['username'])) { $is_banned = true; } if ($cur_ban['ip'] != '') { $cur_ban_ips = explode(' ', $cur_ban['ip']); $num_ips = count($cur_ban_ips); for ($i = 0; $i < $num_ips; ++$i) { // Add the proper ending to the ban if (strpos($user_ip, '.') !== false) { $cur_ban_ips[$i] = $cur_ban_ips[$i] . '.'; } else { $cur_ban_ips[$i] = $cur_ban_ips[$i] . ':'; } if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) { $is_banned = true; break; } } } if ($is_banned) { $db->query('DELETE FROM ' . $db->prefix . 'online WHERE ident=\'' . $db->escape($pun_user['username']) . '\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); message($lang_common['Ban message'] . ' ' . ($cur_ban['expire'] != '' ? $lang_common['Ban message 2'] . ' ' . strtolower(format_time($cur_ban['expire'], true)) . '. ' : '') . ($cur_ban['message'] != '' ? $lang_common['Ban message 3'] . '<br /><br /><strong>' . pun_htmlspecialchars($cur_ban['message']) . '</strong><br /><br />' : '<br /><br />') . $lang_common['Ban message 4'] . ' <a href="mailto:' . pun_htmlspecialchars($pun_config['o_admin_email']) . '">' . pun_htmlspecialchars($pun_config['o_admin_email']) . '</a>.', true); } } // If we removed any expired bans during our run-through, we need to regenerate the bans cache if ($bans_altered) { if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require PUN_ROOT . 'include/cache.php'; } generate_bans_cache(); } }
/** * Regenerate FluxBB cache after conversion */ function generate_cache() { // Load the cache script require_once PUN_ROOT . 'include/cache.php'; // Generate cache generate_config_cache(); generate_bans_cache(); generate_quickjump_cache(); generate_censoring_cache(); generate_users_info_cache(); clear_feed_cache(); }
function check_bans() { global $db, $pun_config, $lang_common, $pun_user, $pun_bans; // Admins aren't affected if ($pun_user['g_id'] == PUN_ADMIN || !$pun_bans) { return; } // Add a dot at the end of the IP address to prevent banned address 192.168.0.5 from matching e.g. 192.168.0.50 $user_ip = get_remote_address() . '.'; $bans_altered = false; foreach ($pun_bans as $cur_ban) { // Has this ban expired? if ($cur_ban['expire'] && $cur_ban['expire'] <= $_SERVER['REQUEST_TIME']) { $db->query('DELETE FROM ' . $db->prefix . 'bans WHERE id=' . $cur_ban['id']) or error('Unable to delete expired ban', __FILE__, __LINE__, $db->error()); $bans_altered = true; continue; } if ($cur_ban['username'] && !strcasecmp($pun_user['username'], $cur_ban['username'])) { $db->query('DELETE FROM ' . $db->prefix . 'online WHERE ident=\'' . $db->escape($pun_user['username']) . '\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); message($lang_common['Ban message'] . ' ' . ($cur_ban['expire'] ? $lang_common['Ban message 2'] . ' ' . mb_strtolower(format_time($cur_ban['expire'], true)) . '. ' : '') . ($cur_ban['message'] ? $lang_common['Ban message 3'] . '<br /><br /><strong>' . pun_htmlspecialchars($cur_ban['message']) . '</strong><br /><br />' : '<br /><br />') . $lang_common['Ban message 4'] . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true); } if ($cur_ban['ip']) { $cur_ban_ips = explode(' ', $cur_ban['ip']); for ($i = 0, $all = sizeof($cur_ban_ips); $i < $all; ++$i) { $cur_ban_ips[$i] = $cur_ban_ips[$i] . '.'; if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) { $db->query('DELETE FROM ' . $db->prefix . 'online WHERE ident=\'' . $db->escape($pun_user['username']) . '\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); message($lang_common['Ban message'] . ' ' . ($cur_ban['expire'] ? $lang_common['Ban message 2'] . ' ' . mb_strtolower(format_time($cur_ban['expire'], true)) . '. ' : '') . ($cur_ban['message'] ? $lang_common['Ban message 3'] . '<br /><br /><strong>' . pun_htmlspecialchars($cur_ban['message']) . '</strong><br /><br />' : '<br /><br />') . $lang_common['Ban message 4'] . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true); } } } } // If we removed any expired bans during our run-through, we need to regenerate the bans cache if ($bans_altered) { include_once PUN_ROOT . 'include/cache.php'; generate_bans_cache(); } }
public function ban_users() { global $lang_admin_users; if ($this->request->post('users')) { $user_ids = is_array($this->request->post('users')) ? array_keys($this->request->post('users')) : explode(',', $this->request->post('users')); $user_ids = array_map('intval', $user_ids); // Delete invalid IDs $user_ids = array_diff($user_ids, array(0, 1)); } else { $user_ids = array(); } if (empty($user_ids)) { message($lang_admin_users['No users selected']); } // Are we trying to ban any admins? $is_admin = DB::for_table('users')->where_in('id', $user_ids)->where('group_id', FEATHER_ADMIN)->find_one(); if ($is_admin) { message($lang_admin_users['No ban admins message']); } // Also, we cannot ban moderators $is_mod = DB::for_table('users')->table_alias('u')->inner_join('groups', array('u.group_id', '=', 'g.g_id'), 'g')->where('g.g_moderator', 1)->where_in('u.id', $user_ids)->find_one(); if ($is_mod) { message($lang_admin_users['No ban mods message']); } if ($this->request->post('ban_users_comply')) { $ban_message = feather_trim($this->request->post('ban_message')); $ban_expire = feather_trim($this->request->post('ban_expire')); $ban_the_ip = $this->request->post('ban_the_ip') ? intval($this->request->post('ban_the_ip')) : 0; if ($ban_expire != '' && $ban_expire != 'Never') { $ban_expire = strtotime($ban_expire . ' GMT'); if ($ban_expire == -1 || !$ban_expire) { message($lang_admin_users['Invalid date message'] . ' ' . $lang_admin_users['Invalid date reasons']); } $diff = ($this->user->timezone + $this->user->dst) * 3600; $ban_expire -= $diff; if ($ban_expire <= time()) { message($lang_admin_users['Invalid date message'] . ' ' . $lang_admin_users['Invalid date reasons']); } } else { $ban_expire = 'NULL'; } $ban_message = $ban_message != '' ? $ban_message : 'NULL'; // Fetch user information $user_info = array(); $select_fetch_user_information = array('id', 'username', 'email', 'registration_ip'); $result = DB::for_table('users')->select_many($select_fetch_user_information)->where_in('id', $user_ids)->find_many(); foreach ($result as $cur_user) { $user_info[$cur_user['id']] = array('username' => $cur_user['username'], 'email' => $cur_user['email'], 'ip' => $cur_user['registration_ip']); } // Overwrite the registration IP with one from the last post (if it exists) if ($ban_the_ip != 0) { $result = DB::for_table('posts')->raw_query('SELECT p.poster_id, p.poster_ip FROM ' . $this->feather->prefix . 'posts AS p INNER JOIN (SELECT MAX(id) AS id FROM ' . $this->feather->prefix . 'posts WHERE poster_id IN (' . implode(',', $user_ids) . ') GROUP BY poster_id) AS i ON p.id=i.id')->find_many(); foreach ($result as $cur_address) { $user_info[$cur_address['poster_id']]['ip'] = $cur_address['poster_ip']; } } // And insert the bans! foreach ($user_ids as $user_id) { $ban_username = $user_info[$user_id]['username']; $ban_email = $user_info[$user_id]['email']; $ban_ip = $ban_the_ip != 0 ? $user_info[$user_id]['ip'] : 'NULL'; $insert_update_ban = array('username' => $ban_username, 'ip' => $ban_ip, 'email' => $ban_email, 'message' => $ban_message, 'expire' => $ban_expire, 'ban_creator' => $this->user->id); if ($this->request->post('mode') == 'add') { $insert_update_ban['ban_creator'] = $this->user->id; DB::for_table('bans')->create()->set($insert_update_ban)->save(); } // Regenerate the bans cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FEATHER_ROOT . 'include/cache.php'; } generate_bans_cache(); redirect(get_link('admin/users/'), $lang_admin_users['Users banned redirect']); } } return $user_ids; }
public function remove_ban($ban_id) { global $lang_admin_bans; DB::for_table('bans')->where('id', $ban_id)->find_one()->delete(); // Regenerate the bans cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FEATHER_ROOT . 'include/cache.php'; } generate_bans_cache(); redirect(get_link('admin/bans/'), $lang_admin_bans['Ban removed redirect']); }
function check_bans() { global $db, $panther_config, $lang_common, $panther_user, $panther_bans; // Admins and moderators aren't affected if ($panther_user['is_admmod'] || !$panther_bans) { return; } // Add a dot or a colon (depending on IPv4/IPv6) at the end of the IP address to prevent banned address // 192.168.0.5 from matching e.g. 192.168.0.50 $user_ip = get_remote_address(); $user_ip .= strpos($user_ip, '.') !== false ? '.' : ':'; $bans_altered = false; $is_banned = false; foreach ($panther_bans as $cur_ban) { // Has this ban expired? if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time()) { $data = array(':id' => $cur_ban['id']); $db->delete('bans', 'id=:id', $data); $bans_altered = true; continue; } if ($cur_ban['username'] != '' && utf8_strtolower($panther_user['username']) == utf8_strtolower($cur_ban['username'])) { $is_banned = true; } if ($cur_ban['ip'] != '') { $cur_ban_ips = explode(' ', $cur_ban['ip']); $num_ips = count($cur_ban_ips); for ($i = 0; $i < $num_ips; ++$i) { // Add the proper ending to the ban if (strpos($user_ip, '.') !== false) { $cur_ban_ips[$i] = $cur_ban_ips[$i] . '.'; } else { $cur_ban_ips[$i] = $cur_ban_ips[$i] . ':'; } if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) { $is_banned = true; break; } } } if ($is_banned) { $data = array(':ident' => $panther_user['username']); $db->delete('online', 'ident=:ident', $data); message($lang_common['Ban message'] . ' ' . ($cur_ban['expire'] != '' ? $lang_common['Ban message 2'] . ' ' . strtolower(format_time($cur_ban['expire'], true)) . '. ' : '') . ($cur_ban['message'] != '' ? $lang_common['Ban message 3'] . '<br /><br /><strong>' . $cur_ban['message'] . '</strong><br /><br />' : '<br /><br />') . $lang_common['Ban message 4'] . ' ' . $panther_config['o_admin_email'], true); } } // If we removed any expired bans during our run-through, we need to regenerate the bans cache if ($bans_altered) { if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require PANTHER_ROOT . 'include/cache.php'; } generate_bans_cache(); } }
function check_bans($show_message = true) { global $db, $pun_config, $lang_common, $pun_user, $pun_bans; // Admins aren't affected if ($pun_user['g_id'] == PUN_ADMIN || !$pun_bans) { return; } // Add a dot or a colon (depending on IPv4/IPv6) at the end of the IP address to prevent banned address // 192.168.0.5 from matching e.g. 192.168.0.50 $user_ip = get_remote_address(); $user_ip .= strpos($user_ip, '.') !== false ? '.' : ':'; $bans_altered = false; $is_banned = false; foreach ($pun_bans as $cur_ban) { // Has this ban expired? if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time()) { $db->query('DELETE FROM ' . $db->prefix . 'bans WHERE id=' . $cur_ban['id']) or error('Impossible de supprimé le bannissement expiré', __FILE__, __LINE__, $db->error()); $bans_altered = true; continue; } if ($cur_ban['username'] != '') { if ($pun_user['g_id'] > PUN_GUEST && $pun_user['id'] == intval($cur_ban['username'])) { $is_banned = true; } } elseif ($cur_ban['ip'] != '' && $pun_user['is_guest']) { $cur_ban_ips = explode(' ', $cur_ban['ip']); $num_ips = count($cur_ban_ips); for ($i = 0; $i < $num_ips; ++$i) { // Add the proper ending to the ban if (strpos($user_ip, '.') !== false) { $cur_ban_ips[$i] = $cur_ban_ips[$i] . '.'; } else { $cur_ban_ips[$i] = $cur_ban_ips[$i] . ':'; } if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i]) { $is_banned = true; break; } } } if ($show_message && $is_banned) { $db->query('DELETE FROM ' . $db->prefix . 'online WHERE ident=\'' . $db->escape($pun_user['username']) . '\'') or error('Impossible de supprimer de la liste des utilisateur en ligne', __FILE__, __LINE__, $db->error()); if ($cur_ban['expire'] != '' || $cur_ban['message'] != '') { $ban_message = $lang_common['Ban message'] . ' '; } else { $ban_message = $lang_common['Ban message 5']; } if ($cur_ban['expire'] != '') { $ban_message .= $lang_common['Ban message 2'] . ' ' . strtolower(format_time($cur_ban['expire'], true)) . '. '; } if ($cur_ban['message'] != '') { $ban_message .= $lang_common['Ban message 3'] . '<br /><br /><strong>' . pun_htmlspecialchars($cur_ban['message']) . '</strong><br /><br />'; } if ($cur_ban['expire'] != '' || $cur_ban['message'] != '') { $ban_message .= $lang_common['Ban message 4']; } $ban_message .= ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.'; message($ban_message, true); } elseif (!$show_message && $is_banned) { break; } } // If we removed any expired bans during our run-through, we need to regenerate the bans cache if ($bans_altered) { require_once PUN_ROOT . 'include/cache.php'; generate_bans_cache(); } return $is_banned; }
public function update_profile($id, $info, $section) { global $lang_common, $lang_profile, $lang_prof_reg, $pd; $username_updated = false; // Validate input depending on section switch ($section) { case 'essentials': $form = array('timezone' => floatval($this->request->post('form_timezone')), 'dst' => $this->request->post('form_dst') ? '1' : '0', 'time_format' => intval($this->request->post('form_time_format')), 'date_format' => intval($this->request->post('form_date_format'))); // Make sure we got a valid language string if ($this->request->post('form_language')) { $languages = forum_list_langs(); $form['language'] = feather_trim($this->request->post('form_language')); if (!in_array($form['language'], $languages)) { message($lang_common['Bad request'], '404'); } } if ($this->user->is_admmod) { $form['admin_note'] = feather_trim($this->request->post('admin_note')); // Are we allowed to change usernames? if ($this->user->g_id == FEATHER_ADMIN || $this->user->g_moderator == '1' && $this->user->g_mod_rename_users == '1') { $form['username'] = feather_trim($this->request->post('req_username')); if ($form['username'] != $info['old_username']) { // Check username require FEATHER_ROOT . 'lang/' . $this->user->language . '/register.php'; $errors = ''; $errors = check_username($form['username'], $errors, $id); if (!empty($errors)) { message($errors[0]); } $username_updated = true; } } // We only allow administrators to update the post count if ($this->user->g_id == FEATHER_ADMIN) { $form['num_posts'] = intval($this->request->post('num_posts')); } } if ($this->config['o_regs_verify'] == '0' || $this->user->is_admmod) { require FEATHER_ROOT . 'include/email.php'; // Validate the email address $form['email'] = strtolower(feather_trim($this->request->post('req_email'))); if (!is_valid_email($form['email'])) { message($lang_common['Invalid email']); } } break; case 'personal': $form = array('realname' => $this->request->post('form_realname') ? feather_trim($this->request->post('form_realname')) : '', 'url' => $this->request->post('form_url') ? feather_trim($this->request->post('form_url')) : '', 'location' => $this->request->post('form_location') ? feather_trim($this->request->post('form_location')) : ''); // Add http:// if the URL doesn't contain it already (while allowing https://, too) if ($this->user->g_post_links == '1') { if ($form['url'] != '') { $url = url_valid($form['url']); if ($url === false) { message($lang_profile['Invalid website URL']); } $form['url'] = $url['url']; } } else { if (!empty($form['url'])) { message($lang_profile['Website not allowed']); } $form['url'] = ''; } if ($this->user->g_id == FEATHER_ADMIN) { $form['title'] = feather_trim($this->request->post('title')); } elseif ($this->user->g_set_title == '1') { $form['title'] = feather_trim($this->request->post('title')); if ($form['title'] != '') { // A list of words that the title may not contain // If the language is English, there will be some duplicates, but it's not the end of the world $forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest'])); if (in_array(utf8_strtolower($form['title']), $forbidden)) { message($lang_profile['Forbidden title']); } } } break; case 'messaging': $form = array('jabber' => feather_trim($this->request->post('form_jabber')), 'icq' => feather_trim($this->request->post('form_icq')), 'msn' => feather_trim($this->request->post('form_msn')), 'aim' => feather_trim($this->request->post('form_aim')), 'yahoo' => feather_trim($this->request->post('form_yahoo'))); // If the ICQ UIN contains anything other than digits it's invalid if (preg_match('%[^0-9]%', $form['icq'])) { message($lang_prof_reg['Bad ICQ']); } break; case 'personality': $form = array(); // Clean up signature from POST if ($this->config['o_signatures'] == '1') { $form['signature'] = feather_linebreaks(feather_trim($this->request->post('signature'))); // Validate signature if (feather_strlen($form['signature']) > $this->config['p_sig_length']) { message(sprintf($lang_prof_reg['Sig too long'], $this->config['p_sig_length'], feather_strlen($form['signature']) - $this->config['p_sig_length'])); } elseif (substr_count($form['signature'], "\n") > $this->config['p_sig_lines'] - 1) { message(sprintf($lang_prof_reg['Sig too many lines'], $this->config['p_sig_lines'])); } elseif ($form['signature'] && $this->config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$this->user->is_admmod) { $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature'])); } // Validate BBCode syntax if ($this->config['p_sig_bbcode'] == '1') { require FEATHER_ROOT . 'include/parser.php'; $errors = array(); $form['signature'] = preparse_bbcode($form['signature'], $errors, true); if (count($errors) > 0) { message('<ul><li>' . implode('</li><li>', $errors) . '</li></ul>'); } } } break; case 'display': $form = array('disp_topics' => feather_trim($this->request->post('form_disp_topics')), 'disp_posts' => feather_trim($this->request->post('form_disp_posts')), 'show_smilies' => $this->request->post('form_show_smilies') ? '1' : '0', 'show_img' => $this->request->post('form_show_img') ? '1' : '0', 'show_img_sig' => $this->request->post('form_show_img_sig') ? '1' : '0', 'show_avatars' => $this->request->post('form_show_avatars') ? '1' : '0', 'show_sig' => $this->request->post('form_show_sig') ? '1' : '0'); if ($form['disp_topics'] != '') { $form['disp_topics'] = intval($form['disp_topics']); if ($form['disp_topics'] < 3) { $form['disp_topics'] = 3; } elseif ($form['disp_topics'] > 75) { $form['disp_topics'] = 75; } } if ($form['disp_posts'] != '') { $form['disp_posts'] = intval($form['disp_posts']); if ($form['disp_posts'] < 3) { $form['disp_posts'] = 3; } elseif ($form['disp_posts'] > 75) { $form['disp_posts'] = 75; } } // Make sure we got a valid style string if ($this->request->post('form_style')) { $styles = forum_list_styles(); $form['style'] = feather_trim($this->request->post('form_style')); if (!in_array($form['style'], $styles)) { message($lang_common['Bad request'], '404'); } } break; case 'privacy': $form = array('email_setting' => intval($this->request->post('form_email_setting')), 'notify_with_post' => $this->request->post('form_notify_with_post') ? '1' : '0', 'auto_notify' => $this->request->post('form_auto_notify') ? '1' : '0'); if ($form['email_setting'] < 0 || $form['email_setting'] > 2) { $form['email_setting'] = $this->config['o_default_email_setting']; } break; default: message($lang_common['Bad request'], '404'); } // Single quotes around non-empty values and nothing for empty values $temp = array(); foreach ($form as $key => $input) { $temp[$key] = $input; } if (empty($temp)) { message($lang_common['Bad request'], '404'); } DB::for_table('users')->where('id', $id)->find_one()->set($temp)->save(); // If we changed the username we have to update some stuff if ($username_updated) { $bans_updated = DB::for_table('bans')->where('username', $info['old_username'])->update_many('username', $form['username']); DB::for_table('posts')->where('poster_id', $id)->update_many('poster', $form['username']); DB::for_table('posts')->where('edited_by', $info['old_username'])->update_many('edited_by', $form['username']); DB::for_table('topics')->where('poster', $info['old_username'])->update_many('poster', $form['username']); DB::for_table('topics')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']); DB::for_table('forums')->where('last_poster', $info['old_username'])->update_many('last_poster', $form['username']); DB::for_table('online')->where('ident', $info['old_username'])->update_many('ident', $form['username']); // If the user is a moderator or an administrator we have to update the moderator lists $group_id = DB::for_table('users')->where('id', $id)->find_one_col('group_id'); $group_mod = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator'); if ($group_id == FEATHER_ADMIN || $group_mod == '1') { $select_mods = array('id', 'moderators'); $result = DB::for_table('forums')->select_many($select_mods)->find_many(); foreach ($result as $cur_forum) { $cur_moderators = $cur_forum['moderators'] != '' ? unserialize($cur_forum['moderators']) : array(); if (in_array($id, $cur_moderators)) { unset($cur_moderators[$info['old_username']]); $cur_moderators[$form['username']] = $id; uksort($cur_moderators, 'utf8_strcasecmp'); DB::for_table('forums')->where('id', $cur_forum['id'])->find_one()->set('moderators', serialize($cur_moderators))->save(); } } } // Regenerate the users info cache if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) { require FEATHER_ROOT . 'include/cache.php'; } generate_users_info_cache(); // Check if the bans table was updated and regenerate the bans cache when needed if ($bans_updated) { generate_bans_cache(); } } redirect(get_link('user/' . $id . '/section/' . $section . '/'), $lang_profile['Profile redirect']); }