aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp/acp_users.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp/acp_users.php')
-rw-r--r--phpBB/includes/acp/acp_users.php556
1 files changed, 353 insertions, 203 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 3c957a7093..60afccdc22 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -31,18 +31,23 @@ class acp_users
function main($id, $mode)
{
- global $config, $db, $user, $auth, $template, $cache;
- global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
+ global $config, $db, $user, $auth, $template;
+ global $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $phpbb_dispatcher, $request;
- global $phpbb_container;
+ global $phpbb_container, $phpbb_log;
$user->add_lang(array('posting', 'ucp', 'acp/users'));
$this->tpl_name = 'acp_users';
$error = array();
- $username = utf8_normalize_nfc(request_var('username', '', true));
- $user_id = request_var('u', 0);
- $action = request_var('action', '');
+ $username = $request->variable('username', '', true);
+ $user_id = $request->variable('u', 0);
+ $action = $request->variable('action', '');
+
+ // Get referer to redirect user to the appropriate page after delete action
+ $redirect = $request->variable('redirect', '');
+ $redirect_tag = "redirect=$redirect";
+ $redirect_url = append_sid("{$phpbb_admin_path}index.$phpEx", "i=$redirect");
$submit = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
@@ -52,12 +57,15 @@ class acp_users
// Whois (special case)
if ($action == 'whois')
{
- include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ if (!function_exists('user_get_id_name'))
+ {
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ }
$this->page_title = 'WHOIS';
$this->tpl_name = 'simple_body';
- $user_ip = phpbb_ip_normalise(request_var('user_ip', ''));
+ $user_ip = phpbb_ip_normalise($request->variable('user_ip', ''));
$domain = gethostbyaddr($user_ip);
$ipwhois = user_ipwhois($user_ip);
@@ -146,9 +154,9 @@ class acp_users
}
$template->assign_vars(array(
- 'U_BACK' => $this->u_action,
+ 'U_BACK' => (empty($redirect)) ? $this->u_action : $redirect_url,
'U_MODE_SELECT' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&u=$user_id"),
- 'U_ACTION' => $this->u_action . '&u=' . $user_id,
+ 'U_ACTION' => $this->u_action . '&u=' . $user_id . ((empty($redirect)) ? '' : '&' . $redirect_tag),
'S_FORM_OPTIONS' => $s_form_options,
'MANAGED_USERNAME' => $user_row['username'])
);
@@ -165,13 +173,16 @@ class acp_users
{
case 'overview':
- include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ if (!function_exists('user_get_id_name'))
+ {
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ }
$user->add_lang('acp/ban');
- $delete = request_var('delete', 0);
- $delete_type = request_var('delete_type', '');
- $ip = request_var('ip', 'ip');
+ $delete = $request->variable('delete', 0);
+ $delete_type = $request->variable('delete_type', '');
+ $ip = $request->variable('ip', 'ip');
/**
* Run code at beginning of ACP users overview
@@ -194,6 +205,7 @@ class acp_users
{
if (!$auth->acl_get('a_userdel'))
{
+ send_status_line(403, 'Forbidden');
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
@@ -220,20 +232,31 @@ class acp_users
{
user_delete($delete_type, $user_id, $user_row['username']);
- add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
- trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DELETED', false, array($user_row['username']));
+ trigger_error($user->lang['USER_DELETED'] . adm_back_link(
+ (empty($redirect)) ? $this->u_action : $redirect_url
+ )
+ );
}
else
{
- confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
+ $delete_confirm_hidden_fields = array(
'u' => $user_id,
'i' => $id,
'mode' => $mode,
'action' => $action,
'update' => true,
'delete' => 1,
- 'delete_type' => $delete_type))
+ 'delete_type' => $delete_type,
);
+
+ // Checks if the redirection page is specified
+ if (!empty($redirect))
+ {
+ $delete_confirm_hidden_fields['redirect'] = $redirect;
+ }
+
+ confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($delete_confirm_hidden_fields));
}
}
else
@@ -276,13 +299,11 @@ class acp_users
case 'banuser':
$ban[] = $user_row['username'];
$reason = 'USER_ADMIN_BAN_NAME_REASON';
- $log = 'LOG_USER_BAN_USER';
break;
case 'banemail':
$ban[] = $user_row['user_email'];
$reason = 'USER_ADMIN_BAN_EMAIL_REASON';
- $log = 'LOG_USER_BAN_EMAIL';
break;
case 'banip':
@@ -300,12 +321,11 @@ class acp_users
$db->sql_freeresult($result);
$reason = 'USER_ADMIN_BAN_IP_REASON';
- $log = 'LOG_USER_BAN_IP';
break;
}
- $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
- $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
+ $ban_reason = $request->variable('ban_reason', $user->lang[$reason], true);
+ $ban_give_reason = $request->variable('ban_give_reason', '', true);
// Log not used at the moment, we simply utilize the ban function.
$result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
@@ -338,7 +358,10 @@ class acp_users
if ($config['email_enable'])
{
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ if (!class_exists('messenger'))
+ {
+ include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ }
$server_url = generate_board_url();
@@ -348,11 +371,6 @@ class acp_users
if ($user_row['user_type'] == USER_NORMAL)
{
user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
-
- $sql = 'UPDATE ' . USERS_TABLE . "
- SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
- WHERE user_id = $user_id";
- $db->sql_query($sql);
}
else
{
@@ -361,8 +379,18 @@ class acp_users
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
- $user_actkey = (string) $db->sql_fetchfield('user_actkey');
+ $user_activation_key = (string) $db->sql_fetchfield('user_actkey');
$db->sql_freeresult($result);
+
+ $user_actkey = empty($user_activation_key) ? $user_actkey : $user_activation_key;
+ }
+
+ if ($user_row['user_type'] == USER_NORMAL || empty($user_activation_key))
+ {
+ $sql = 'UPDATE ' . USERS_TABLE . "
+ SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
+ WHERE user_id = $user_id";
+ $db->sql_query($sql);
}
$messenger = new messenger(false);
@@ -381,8 +409,10 @@ class acp_users
$messenger->send(NOTIFY_EMAIL);
- add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
- add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_REACTIVATE', false, array($user_row['username']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_REACTIVATE_USER', false, array(
+ 'reportee_id' => $user_id
+ ));
trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
@@ -418,10 +448,14 @@ class acp_users
{
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
+ /* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ if (!class_exists('messenger'))
+ {
+ include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+ }
$messenger = new messenger(false);
@@ -442,8 +476,10 @@ class acp_users
$message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
$log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
- add_log('admin', $log, $user_row['username']);
- add_log('user', $user_id, $log . '_USER');
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($user_row['username']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, $log . '_USER', false, array(
+ 'reportee_id' => $user_id
+ ));
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id));
@@ -466,8 +502,10 @@ class acp_users
WHERE user_id = $user_id";
$db->sql_query($sql);
- add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
- add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_SIG', false, array($user_row['username']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_SIG_USER', false, array(
+ 'reportee_id' => $user_id
+ ));
trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
@@ -481,11 +519,14 @@ class acp_users
}
// Delete old avatar if present
+ /* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $phpbb_avatar_manager->clean_row($user_row, 'user'), USERS_TABLE, 'user_');
- add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
- add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_AVATAR', false, array($user_row['username']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_AVATAR_USER', false, array(
+ 'reportee_id' => $user_id
+ ));
trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
break;
@@ -497,7 +538,7 @@ class acp_users
// Delete posts, attachments, etc.
delete_posts('poster_id', $user_id);
- add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_POSTS', false, array($user_row['username']));
trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
else
@@ -517,9 +558,12 @@ class acp_users
if (confirm_box(true))
{
- delete_attachments('user', $user_id);
+ /** @var \phpbb\attachment\manager $attachment_manager */
+ $attachment_manager = $phpbb_container->get('attachment.manager');
+ $attachment_manager->delete('user', $user_id);
+ unset($attachment_manager);
- add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_ATTACH', false, array($user_row['username']));
trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
else
@@ -565,7 +609,7 @@ class acp_users
delete_pm($user_id, $msg_ids, PRIVMSGS_OUTBOX);
- add_log('admin', 'LOG_USER_DEL_OUTBOX', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_OUTBOX', false, array($user_row['username']));
$lang = 'EMPTIED';
}
@@ -594,7 +638,7 @@ class acp_users
$user->add_lang('acp/forums');
- $new_forum_id = request_var('new_f', 0);
+ $new_forum_id = $request->variable('new_f', 0);
if (!$new_forum_id)
{
@@ -646,7 +690,7 @@ class acp_users
}
$db->sql_freeresult($result);
- if (sizeof($topic_id_ary))
+ if (count($topic_id_ary))
{
$sql = 'SELECT topic_id, forum_id, topic_title, topic_posts_approved, topic_posts_unapproved, topic_posts_softdeleted, topic_attachment
FROM ' . TOPICS_TABLE . '
@@ -674,12 +718,12 @@ class acp_users
}
// Entire topic comprises posts by this user, move these topics
- if (sizeof($move_topic_ary))
+ if (count($move_topic_ary))
{
move_topics($move_topic_ary, $new_forum_id, false);
}
- if (sizeof($move_post_ary))
+ if (count($move_post_ary))
{
// Create new topic
// Update post_ids, report_ids, attachment_ids
@@ -725,19 +769,22 @@ class acp_users
$forum_id_ary = array_unique($forum_id_ary);
$topic_id_ary = array_unique(array_merge(array_keys($topic_id_ary), $new_topic_id_ary));
- if (sizeof($topic_id_ary))
+ if (count($topic_id_ary))
{
sync('topic_reported', 'topic_id', $topic_id_ary);
sync('topic', 'topic_id', $topic_id_ary);
}
- if (sizeof($forum_id_ary))
+ if (count($forum_id_ary))
{
sync('forum', 'forum_id', $forum_id_ary, false, true);
}
- add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
- add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_MOVE_POSTS', false, array($user_row['username'], $forum_info['forum_name']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_MOVE_POSTS_USER', false, array(
+ 'reportee_id' => $user_id,
+ $forum_info['forum_name']
+ ));
trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
@@ -749,7 +796,7 @@ class acp_users
{
remove_newly_registered($user_id, $user_row);
- add_log('admin', 'LOG_USER_REMOVED_NR', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_REMOVED_NR', false, array($user_row['username']));
trigger_error($user->lang['USER_LIFTED_NR'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
else
@@ -766,24 +813,30 @@ class acp_users
break;
default:
+ $u_action = $this->u_action;
+
/**
* Run custom quicktool code
*
* @event core.acp_users_overview_run_quicktool
- * @var array user_row Current user data
* @var string action Quick tool that should be run
+ * @var array user_row Current user data
+ * @var string u_action The u_action link
* @since 3.1.0-a1
+ * @changed 3.2.2-RC1 Added u_action
*/
- $vars = array('action', 'user_row');
+ $vars = array('action', 'user_row', 'u_action');
extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_run_quicktool', compact($vars)));
+
+ unset($u_action);
break;
}
// Handle registration info updates
$data = array(
- 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
- 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
- 'email' => strtolower(request_var('user_email', $user_row['user_email'])),
+ 'username' => $request->variable('user', $user_row['username'], true),
+ 'user_founder' => $request->variable('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
+ 'email' => strtolower($request->variable('user_email', $user_row['user_email'])),
'new_password' => $request->variable('new_password', '', true),
'password_confirm' => $request->variable('password_confirm', '', true),
);
@@ -831,6 +884,7 @@ class acp_users
}
// Instantiate passwords manager
+ /* @var $passwords_manager \phpbb\passwords\manager */
$passwords_manager = $phpbb_container->get('passwords.manager');
// Which updates do we need to do?
@@ -838,7 +892,7 @@ class acp_users
$update_password = $data['new_password'] && !$passwords_manager->check($data['new_password'], $user_row['user_password']);
$update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
- if (!sizeof($error))
+ if (!count($error))
{
$sql_ary = array();
@@ -903,7 +957,11 @@ class acp_users
$sql_ary['username'] = $update_username;
$sql_ary['username_clean'] = utf8_clean_string($update_username);
- add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_NAME', false, array(
+ 'reportee_id' => $user_id,
+ $user_row['username'],
+ $update_username
+ ));
}
if ($update_email !== false)
@@ -913,7 +971,12 @@ class acp_users
'user_email_hash' => phpbb_email_hash($update_email),
);
- add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_EMAIL', false, array(
+ 'reportee_id' => $user_id,
+ $user_row['username'],
+ $user_row['user_email'],
+ $update_email
+ ));
}
if ($update_password)
@@ -924,10 +987,14 @@ class acp_users
);
$user->reset_login_keys($user_id);
- add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
+
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_NEW_PASSWORD', false, array(
+ 'reportee_id' => $user_id,
+ $user_row['username']
+ ));
}
- if (sizeof($sql_ary))
+ if (count($sql_ary))
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
@@ -943,7 +1010,7 @@ class acp_users
// Let the users permissions being updated
$auth->acl_clear_prefetch($user_id);
- add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_USER_UPDATE', false, array($data['username']));
trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
@@ -1100,17 +1167,19 @@ class acp_users
$user->add_lang('mcp');
// Set up general vars
- $start = request_var('start', 0);
+ $start = $request->variable('start', 0);
$deletemark = (isset($_POST['delmarked'])) ? true : false;
$deleteall = (isset($_POST['delall'])) ? true : false;
- $marked = request_var('mark', array(0));
- $message = utf8_normalize_nfc(request_var('message', '', true));
+ $marked = $request->variable('mark', array(0));
+ $message = $request->variable('message', '', true);
+
+ /* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
// Sort keys
- $sort_days = request_var('st', 0);
- $sort_key = request_var('sk', 't');
- $sort_dir = request_var('sd', 'd');
+ $sort_days = $request->variable('st', 0);
+ $sort_key = $request->variable('sk', 't');
+ $sort_dir = $request->variable('sd', 'd');
// Delete entries if requested and able
if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
@@ -1140,7 +1209,7 @@ class acp_users
$where_sql";
$db->sql_query($sql);
- add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CLEAR_USER', false, array($user_row['username']));
}
}
@@ -1151,9 +1220,16 @@ class acp_users
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
- add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
- add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
- add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_FEEDBACK', false, array($user_row['username']));
+ $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_USER_FEEDBACK', false, array(
+ 'forum_id' => 0,
+ 'topic_id' => 0,
+ $user_row['username']
+ ));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GENERAL', false, array(
+ 'reportee_id' => $user_id,
+ $message
+ ));
trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&u=' . $user_id));
}
@@ -1204,17 +1280,10 @@ class acp_users
$user->add_lang('mcp');
// Set up general vars
- $start = request_var('start', 0);
$deletemark = (isset($_POST['delmarked'])) ? true : false;
$deleteall = (isset($_POST['delall'])) ? true : false;
$confirm = (isset($_POST['confirm'])) ? true : false;
- $marked = request_var('mark', array(0));
- $message = utf8_normalize_nfc(request_var('message', '', true));
-
- // Sort keys
- $sort_days = request_var('st', 0);
- $sort_key = request_var('sk', 't');
- $sort_dir = request_var('sd', 'd');
+ $marked = $request->variable('mark', array(0));
// Delete entries if requested and able
if ($deletemark || $deleteall || $confirm)
@@ -1222,8 +1291,8 @@ class acp_users
if (confirm_box(true))
{
$where_sql = '';
- $deletemark = request_var('delmarked', 0);
- $deleteall = request_var('delall', 0);
+ $deletemark = $request->variable('delmarked', 0);
+ $deleteall = $request->variable('delall', 0);
if ($deletemark && $marked)
{
$where_sql = ' AND ' . $db->sql_in_set('warning_id', array_values($marked));
@@ -1254,11 +1323,11 @@ class acp_users
if ($log_warnings)
{
- add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_WARNINGS_DELETED', false, array($user_row['username'], $num_warnings));
}
else
{
- add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']);
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_WARNINGS_DELETED_ALL', false, array($user_row['username']));
}
}
}
@@ -1278,7 +1347,7 @@ class acp_users
{
$s_hidden_fields['delall'] = 1;
}
- if (isset($_POST['delall']) || (isset($_POST['delmarked']) && sizeof($marked)))
+ if (isset($_POST['delall']) || (isset($_POST['delmarked']) && count($marked)))
{
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));
}
@@ -1314,9 +1383,9 @@ class acp_users
{
// Check if there are more occurrences of % than arguments, if there are we fill out the arguments array
// It doesn't matter if we add more arguments than placeholders
- if ((substr_count($row['action'], '%') - sizeof($log_data_ary)) > 0)
+ if ((substr_count($row['action'], '%') - count($log_data_ary)) > 0)
{
- $log_data_ary = array_merge($log_data_ary, array_fill(0, substr_count($row['action'], '%') - sizeof($log_data_ary), ''));
+ $log_data_ary = array_merge($log_data_ary, array_fill(0, substr_count($row['action'], '%') - count($log_data_ary), ''));
}
$row['action'] = vsprintf($row['action'], $log_data_ary);
$row['action'] = bbcode_nl2br(censor_text($row['action']));
@@ -1345,8 +1414,12 @@ class acp_users
case 'profile':
- include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ if (!function_exists('user_get_id_name'))
+ {
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ }
+ /* @var $cp \phpbb\profilefields\manager */
$cp = $phpbb_container->get('profilefields.manager');
$cp_data = $cp_error = array();
@@ -1361,7 +1434,7 @@ class acp_users
$user_row['iso_lang_id'] = $row['lang_id'];
$data = array(
- 'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
+ 'jabber' => $request->variable('jabber', $user_row['user_jabber'], true),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
@@ -1372,9 +1445,9 @@ class acp_users
list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
}
- $data['bday_day'] = request_var('bday_day', $data['bday_day']);
- $data['bday_month'] = request_var('bday_month', $data['bday_month']);
- $data['bday_year'] = request_var('bday_year', $data['bday_year']);
+ $data['bday_day'] = $request->variable('bday_day', $data['bday_day']);
+ $data['bday_month'] = $request->variable('bday_month', $data['bday_month']);
+ $data['bday_year'] = $request->variable('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
/**
@@ -1405,7 +1478,7 @@ class acp_users
// validate custom profile fields
$cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
- if (sizeof($cp_error))
+ if (count($cp_error))
{
$error = array_merge($error, $cp_error);
}
@@ -1414,7 +1487,21 @@ class acp_users
$error[] = 'FORM_INVALID';
}
- if (!sizeof($error))
+ /**
+ * Validate profile data in ACP before submitting to the database
+ *
+ * @event core.acp_users_profile_validate
+ * @var array data Array with user profile data
+ * @var int user_id The user id
+ * @var array user_row Array with the full user data
+ * @var array error Array with the form errors
+ * @since 3.1.4-RC1
+ * @changed 3.1.12-RC1 Removed submit, added user_id, user_row
+ */
+ $vars = array('data', 'user_id', 'user_row', 'error');
+ extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_validate', compact($vars)));
+
+ if (!count($error))
{
$sql_ary = array(
'user_jabber' => $data['jabber'],
@@ -1429,9 +1516,10 @@ class acp_users
* @var array data Array with user profile data
* @var int user_id The user id
* @var array user_row Array with the full user data
+ * @var array sql_ary Array with sql data
* @since 3.1.4-RC1
*/
- $vars = array('cp_data', 'data', 'user_id', 'user_row');
+ $vars = array('cp_data', 'data', 'user_id', 'user_row', 'sql_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_users_profile_modify_sql_ary', compact($vars)));
$sql = 'UPDATE ' . USERS_TABLE . '
@@ -1462,7 +1550,6 @@ class acp_users
$selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
$s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
}
- $s_birthday_year_options = '';
$now = getdate();
$s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
@@ -1491,39 +1578,42 @@ class acp_users
case 'prefs':
- include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ if (!function_exists('user_get_id_name'))
+ {
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ }
$data = array(
- 'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
- 'lang' => basename(request_var('lang', $user_row['user_lang'])),
- 'tz' => request_var('tz', $user_row['user_timezone']),
- 'style' => request_var('style', $user_row['user_style']),
- 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
- 'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
- 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
- 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
- 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
- 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
-
- 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
- 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
- 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
-
- 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
- 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
- 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
-
- 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
- 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
- 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
- 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
- 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
- 'view_wordcensor' => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
-
- 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
- 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
- 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
- 'notify' => request_var('notify', $user_row['user_notify']),
+ 'dateformat' => $request->variable('dateformat', $user_row['user_dateformat'], true),
+ 'lang' => basename($request->variable('lang', $user_row['user_lang'])),
+ 'tz' => $request->variable('tz', $user_row['user_timezone']),
+ 'style' => $request->variable('style', $user_row['user_style']),
+ 'viewemail' => $request->variable('viewemail', $user_row['user_allow_viewemail']),
+ 'massemail' => $request->variable('massemail', $user_row['user_allow_massemail']),
+ 'hideonline' => $request->variable('hideonline', !$user_row['user_allow_viewonline']),
+ 'notifymethod' => $request->variable('notifymethod', $user_row['user_notify_type']),
+ 'notifypm' => $request->variable('notifypm', $user_row['user_notify_pm']),
+ 'allowpm' => $request->variable('allowpm', $user_row['user_allow_pm']),
+
+ 'topic_sk' => $request->variable('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
+ 'topic_sd' => $request->variable('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
+ 'topic_st' => $request->variable('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
+
+ 'post_sk' => $request->variable('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
+ 'post_sd' => $request->variable('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
+ 'post_st' => $request->variable('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
+
+ 'view_images' => $request->variable('view_images', $this->optionget($user_row, 'viewimg')),
+ 'view_flash' => $request->variable('view_flash', $this->optionget($user_row, 'viewflash')),
+ 'view_smilies' => $request->variable('view_smilies', $this->optionget($user_row, 'viewsmilies')),
+ 'view_sigs' => $request->variable('view_sigs', $this->optionget($user_row, 'viewsigs')),
+ 'view_avatars' => $request->variable('view_avatars', $this->optionget($user_row, 'viewavatars')),
+ 'view_wordcensor' => $request->variable('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
+
+ 'bbcode' => $request->variable('bbcode', $this->optionget($user_row, 'bbcode')),
+ 'smilies' => $request->variable('smilies', $this->optionget($user_row, 'smilies')),
+ 'sig' => $request->variable('sig', $this->optionget($user_row, 'attachsig')),
+ 'notify' => $request->variable('notify', $user_row['user_notify']),
);
/**
@@ -1540,7 +1630,7 @@ class acp_users
if ($submit)
{
$error = validate_data($data, array(
- 'dateformat' => array('string', false, 1, 30),
+ 'dateformat' => array('string', false, 1, 64),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
'tz' => array('timezone'),
@@ -1555,7 +1645,7 @@ class acp_users
$error[] = 'FORM_INVALID';
}
- if (!sizeof($error))
+ if (!count($error))
{
$this->optionset($user_row, 'viewimg', $data['view_images']);
$this->optionset($user_row, 'viewflash', $data['view_flash']);
@@ -1606,7 +1696,7 @@ class acp_users
$vars = array('data', 'user_row', 'sql_ary', 'error');
extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_sql', compact($vars)));
- if (!sizeof($error))
+ if (!count($error))
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
@@ -1761,13 +1851,12 @@ class acp_users
case 'avatar':
- include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
-
$avatars_enabled = false;
+ /** @var \phpbb\avatar\manager $phpbb_avatar_manager */
+ $phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
if ($config['allow_avatar'])
{
- $phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the user_ prefix
@@ -1828,14 +1917,21 @@ class acp_users
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $user_row['user_avatar_type']));
+ // Assign min and max values before generating avatar driver html
+ $template->assign_vars(array(
+ 'AVATAR_MIN_WIDTH' => $config['avatar_min_width'],
+ 'AVATAR_MAX_WIDTH' => $config['avatar_max_width'],
+ 'AVATAR_MIN_HEIGHT' => $config['avatar_min_height'],
+ 'AVATAR_MAX_HEIGHT' => $config['avatar_max_height'],
+ ));
+
foreach ($avatar_drivers as $current_driver)
{
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
- $config_name = $phpbb_avatar_manager->get_driver_config_name($driver);
$template->set_filenames(array(
- 'avatar' => "acp_avatar_options_{$config_name}.html",
+ 'avatar' => $driver->get_acp_template_name(),
));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $error))
@@ -1855,8 +1951,12 @@ class acp_users
}
}
- // Replace "error" strings with their real, localised form
- $error = $phpbb_avatar_manager->localize_errors($user, $error);
+ // Avatar manager is not initialized if avatars are disabled
+ if (isset($phpbb_avatar_manager))
+ {
+ // Replace "error" strings with their real, localised form
+ $error = $phpbb_avatar_manager->localize_errors($user, $error);
+ }
$avatar = phpbb_get_user_avatar($user_row, 'USER_AVATAR', true);
@@ -1867,7 +1967,7 @@ class acp_users
'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"',
- 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
+ 'L_AVATAR_EXPLAIN' => $user->lang(($config['avatar_filesize'] == 0) ? 'AVATAR_EXPLAIN_NO_FILESIZE' : 'AVATAR_EXPLAIN', $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled),
));
@@ -1883,7 +1983,7 @@ class acp_users
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
}
- $rank_id = request_var('user_rank', 0);
+ $rank_id = $request->variable('user_rank', 0);
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_rank = $rank_id
@@ -1917,50 +2017,72 @@ class acp_users
case 'sig':
- include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
- include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
-
- $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $this->optionget($user_row, 'sig_bbcode') : false;
- $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $this->optionget($user_row, 'sig_smilies') : false;
- $enable_urls = ($config['allow_sig_links']) ? (bool) $this->optionget($user_row, 'sig_links') : false;
- $signature = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
-
- $preview = (isset($_POST['preview'])) ? true : false;
-
- if ($submit || $preview)
+ if (!function_exists('display_custom_bbcodes'))
{
- include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
+ include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
+ }
- $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false;
- $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false;
- $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
+ $enable_bbcode = ($config['allow_sig_bbcode']) ? $this->optionget($user_row, 'sig_bbcode') : false;
+ $enable_smilies = ($config['allow_sig_smilies']) ? $this->optionget($user_row, 'sig_smilies') : false;
+ $enable_urls = ($config['allow_sig_links']) ? $this->optionget($user_row, 'sig_links') : false;
- $message_parser = new parse_message($signature);
+ $bbcode_flags = ($enable_bbcode ? OPTION_FLAG_BBCODE : 0) + ($enable_smilies ? OPTION_FLAG_SMILIES : 0) + ($enable_urls ? OPTION_FLAG_LINKS : 0);
- // Allowing Quote BBCode
- $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
+ $decoded_message = generate_text_for_edit($user_row['user_sig'], $user_row['user_sig_bbcode_uid'], $bbcode_flags);
+ $signature = $request->variable('signature', $decoded_message['text'], true);
+ $signature_preview = '';
- if (sizeof($message_parser->warn_msg))
- {
- $error[] = implode('<br />', $message_parser->warn_msg);
- }
+ if ($submit || $request->is_set_post('preview'))
+ {
+ $enable_bbcode = ($config['allow_sig_bbcode']) ? !$request->variable('disable_bbcode', false) : false;
+ $enable_smilies = ($config['allow_sig_smilies']) ? !$request->variable('disable_smilies', false) : false;
+ $enable_urls = ($config['allow_sig_links']) ? !$request->variable('disable_magic_url', false) : false;
if (!check_form_key($form_name))
{
- $error = 'FORM_INVALID';
+ $error[] = 'FORM_INVALID';
}
+ }
- if (!sizeof($error) && $submit)
+ $bbcode_uid = $bbcode_bitfield = $bbcode_flags = '';
+ $warn_msg = generate_text_for_storage(
+ $signature,
+ $bbcode_uid,
+ $bbcode_bitfield,
+ $bbcode_flags,
+ $enable_bbcode,
+ $enable_urls,
+ $enable_smilies,
+ $config['allow_sig_img'],
+ $config['allow_sig_flash'],
+ true,
+ $config['allow_sig_links'],
+ 'sig'
+ );
+
+ if (count($warn_msg))
+ {
+ $error += $warn_msg;
+ }
+
+ if (!$submit)
+ {
+ // Parse it for displaying
+ $signature_preview = generate_text_for_display($signature, $bbcode_uid, $bbcode_bitfield, $bbcode_flags);
+ }
+ else
+ {
+ if (!count($error))
{
$this->optionset($user_row, 'sig_bbcode', $enable_bbcode);
$this->optionset($user_row, 'sig_smilies', $enable_smilies);
$this->optionset($user_row, 'sig_links', $enable_urls);
$sql_ary = array(
- 'user_sig' => (string) $message_parser->message,
+ 'user_sig' => $signature,
'user_options' => $user_row['user_options'],
- 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
- 'user_sig_bbcode_bitfield' => (string) $message_parser->bbcode_bitfield
+ 'user_sig_bbcode_uid' => $bbcode_uid,
+ 'user_sig_bbcode_bitfield' => $bbcode_bitfield,
);
$sql = 'UPDATE ' . USERS_TABLE . '
@@ -1970,33 +2092,30 @@ class acp_users
trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
-
- // Replace "error" strings with their real, localised form
- $error = array_map(array($user, 'lang'), $error);
}
- $signature_preview = '';
+ // Replace "error" strings with their real, localised form
+ $error = array_map(array($user, 'lang'), $error);
- if ($preview)
+ if ($request->is_set_post('preview'))
{
- // Now parse it for displaying
- $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
- unset($message_parser);
+ $decoded_message = generate_text_for_edit($signature, $bbcode_uid, $bbcode_flags);
}
- decode_message($signature, $user_row['user_sig_bbcode_uid']);
+ /** @var \phpbb\controller\helper $controller_helper */
+ $controller_helper = $phpbb_container->get('controller.helper');
$template->assign_vars(array(
'S_SIGNATURE' => true,
- 'SIGNATURE' => $signature,
+ 'SIGNATURE' => $decoded_message['text'],
'SIGNATURE_PREVIEW' => $signature_preview,
'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '',
'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '',
'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '',
- 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
+ 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'),
'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
@@ -2017,17 +2136,18 @@ class acp_users
break;
case 'attach':
+ /* @var $pagination \phpbb\pagination */
+ $pagination = $phpbb_container->get('pagination');
- $start = request_var('start', 0);
+ $start = $request->variable('start', 0);
$deletemark = (isset($_POST['delmarked'])) ? true : false;
- $marked = request_var('mark', array(0));
- $pagination = $phpbb_container->get('pagination');
+ $marked = $request->variable('mark', array(0));
// Sort keys
- $sort_key = request_var('sk', 'a');
- $sort_dir = request_var('sd', 'd');
+ $sort_key = $request->variable('sk', 'a');
+ $sort_dir = $request->variable('sd', 'd');
- if ($deletemark && sizeof($marked))
+ if ($deletemark && count($marked))
{
$sql = 'SELECT attach_id
FROM ' . ATTACHMENTS_TABLE . '
@@ -2044,7 +2164,7 @@ class acp_users
$db->sql_freeresult($result);
}
- if ($deletemark && sizeof($marked))
+ if ($deletemark && count($marked))
{
if (confirm_box(true))
{
@@ -2060,11 +2180,14 @@ class acp_users
}
$db->sql_freeresult($result);
- delete_attachments('attach', $marked);
+ /** @var \phpbb\attachment\manager $attachment_manager */
+ $attachment_manager = $phpbb_container->get('attachment.manager');
+ $attachment_manager->delete('attach', $marked);
+ unset($attachment_manager);
- $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
+ $message = (count($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
- add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode($user->lang['COMMA_SEPARATOR'], $log_attachments));
+ $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACHMENTS_DELETED', false, array(implode($user->lang['COMMA_SEPARATOR'], $log_attachments)));
trigger_error($message . adm_back_link($this->u_action . '&amp;u=' . $user_id));
}
else
@@ -2170,10 +2293,13 @@ class acp_users
case 'groups':
- include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ if (!function_exists('group_user_attributes'))
+ {
+ include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
+ }
$user->add_lang(array('groups', 'acp/groups'));
- $group_id = request_var('g', 0);
+ $group_id = $request->variable('g', 0);
if ($group_id)
{
@@ -2190,10 +2316,6 @@ class acp_users
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
}
}
- else
- {
- $founder_manage = 0;
- }
switch ($action)
{
@@ -2204,6 +2326,12 @@ class acp_users
{
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
}
+
+ if (!check_link_hash($request->variable('hash', ''), 'acp_users'))
+ {
+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
group_user_attributes($action, $group_id, $user_id);
if ($action == 'default')
@@ -2298,6 +2426,9 @@ class acp_users
$error = array();
}
+ /** @var \phpbb\group\helper $group_helper */
+ $group_helper = $phpbb_container->get('group_helper');
+
$sql = 'SELECT ug.*, g.*
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
@@ -2324,7 +2455,7 @@ class acp_users
// Select box for other groups
$sql = 'SELECT group_id, group_name, group_type, group_founder_manage
FROM ' . GROUPS_TABLE . '
- ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
+ ' . ((count($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
ORDER BY group_type DESC, group_name ASC';
$result = $db->sql_query($sql);
@@ -2342,7 +2473,7 @@ class acp_users
continue;
}
- $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
+ $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . $group_helper->get_name($row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
@@ -2361,12 +2492,12 @@ class acp_users
{
$template->assign_block_vars('group', array(
'U_EDIT_GROUP' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&amp;mode=manage&amp;action=edit&amp;u=$user_id&amp;g={$data['group_id']}&amp;back_link=acp_users_groups"),
- 'U_DEFAULT' => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'],
- 'U_DEMOTE_PROMOTE' => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'],
+ 'U_DEFAULT' => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'] . '&amp;hash=' . generate_link_hash('acp_users'),
+ 'U_DEMOTE_PROMOTE' => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'] . '&amp;hash=' . generate_link_hash('acp_users'),
'U_DELETE' => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'],
'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&amp;action=approve&amp;u=$user_id&amp;g=" . $data['group_id'] : '',
- 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
+ 'GROUP_NAME' => $group_helper->get_name($data['group_name']),
'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
'S_IS_MEMBER' => ($group_type != 'pending') ? true : false,
@@ -2386,14 +2517,17 @@ class acp_users
case 'perm':
- include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
+ if (!class_exists('auth_admin'))
+ {
+ include($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
+ }
$auth_admin = new auth_admin();
$user->add_lang('acp/permissions');
add_permission_language();
- $forum_id = request_var('f', 0);
+ $forum_id = $request->variable('f', 0);
// Global Permissions
if (!$forum_id)
@@ -2450,12 +2584,28 @@ class acp_users
break;
+ default:
+
+ /**
+ * Additional modes provided by extensions
+ *
+ * @event core.acp_users_mode_add
+ * @var string mode New mode
+ * @var int user_id User id of the user to manage
+ * @var array user_row Array with user data
+ * @var array error Array with errors data
+ * @since 3.2.2-RC1
+ */
+ $vars = array('mode', 'user_id', 'user_row', 'error');
+ extract($phpbb_dispatcher->trigger_event('core.acp_users_mode_add', compact($vars)));
+
+ break;
}
// Assign general variables
$template->assign_vars(array(
- 'S_ERROR' => (sizeof($error)) ? true : false,
- 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '')
+ 'S_ERROR' => (count($error)) ? true : false,
+ 'ERROR_MSG' => (count($error)) ? implode('<br />', $error) : '')
);
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-18 11:18:07 +0000