diff options
Diffstat (limited to 'phpBB/includes/functions_user.php')
| -rw-r--r-- | phpBB/includes/functions_user.php | 505 |
1 files changed, 290 insertions, 215 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index acf5649ed5..f4b60d7ad4 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -89,7 +89,7 @@ function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false) */ function update_last_username() { - global $db; + global $config, $db; // Get latest username $sql = 'SELECT user_id, username, user_colour @@ -102,9 +102,9 @@ function update_last_username() if ($row) { - set_config('newest_user_id', $row['user_id'], true); - set_config('newest_username', $row['username'], true); - set_config('newest_user_colour', $row['user_colour'], true); + $config->set('newest_user_id', $row['user_id'], false); + $config->set('newest_username', $row['username'], false); + $config->set('newest_user_colour', $row['user_colour'], false); } } @@ -119,26 +119,36 @@ function user_update_name($old_name, $new_name) global $config, $db, $cache, $phpbb_dispatcher; $update_ary = array( - FORUMS_TABLE => array('forum_last_poster_name'), - MODERATOR_CACHE_TABLE => array('username'), - POSTS_TABLE => array('post_username'), - TOPICS_TABLE => array('topic_first_poster_name', 'topic_last_poster_name'), + FORUMS_TABLE => array( + 'forum_last_poster_id' => 'forum_last_poster_name', + ), + MODERATOR_CACHE_TABLE => array( + 'user_id' => 'username', + ), + POSTS_TABLE => array( + 'poster_id' => 'post_username', + ), + TOPICS_TABLE => array( + 'topic_poster' => 'topic_first_poster_name', + 'topic_last_poster_id' => 'topic_last_poster_name', + ), ); foreach ($update_ary as $table => $field_ary) { - foreach ($field_ary as $field) + foreach ($field_ary as $id_field => $name_field) { $sql = "UPDATE $table - SET $field = '" . $db->sql_escape($new_name) . "' - WHERE $field = '" . $db->sql_escape($old_name) . "'"; + SET $name_field = '" . $db->sql_escape($new_name) . "' + WHERE $name_field = '" . $db->sql_escape($old_name) . "' + AND $id_field <> " . ANONYMOUS; $db->sql_query($sql); } } if ($config['newest_username'] == $old_name) { - set_config('newest_username', $new_name, true); + $config->set('newest_username', $new_name, false); } /** @@ -160,13 +170,13 @@ function user_update_name($old_name, $new_name) * Adds an user * * @param mixed $user_row An array containing the following keys (and the appropriate values): username, group_id (the group to place the user in), user_email and the user_type(usually 0). Additional entries not overridden by defaults will be forwarded. -* @param string $cp_data custom profile fields, see custom_profile::build_insert_sql_array +* @param array $cp_data custom profile fields, see custom_profile::build_insert_sql_array * @param array $notifications_data The notifications settings for the new user * @return the new user's ID. */ function user_add($user_row, $cp_data = false, $notifications_data = null) { - global $db, $user, $auth, $config, $phpbb_root_path, $phpEx; + global $db, $config; global $phpbb_dispatcher, $phpbb_container; if (empty($user_row['username']) || !isset($user_row['group_id']) || !isset($user_row['user_email']) || !isset($user_row['user_type'])) @@ -250,7 +260,7 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) $remaining_vars = array_diff(array_keys($user_row), array_keys($sql_ary)); // Now fill our sql array with the remaining vars - if (sizeof($remaining_vars)) + if (count($remaining_vars)) { foreach ($remaining_vars as $key) { @@ -262,13 +272,15 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) * Use this event to modify the values to be inserted when a user is added * * @event core.user_add_modify_data - * @var array user_row Array of user details submited to user_add - * @var array cp_data Array of Custom profile fields submited to user_add - * @var array sql_ary Array of data to be inserted when a user is added + * @var array user_row Array of user details submitted to user_add + * @var array cp_data Array of Custom profile fields submitted to user_add + * @var array sql_ary Array of data to be inserted when a user is added + * @var array notifications_data Array of notification data to be inserted when a user is added * @since 3.1.0-a1 - * @change 3.1.0-b5 + * @changed 3.1.0-b5 Added user_row and cp_data + * @changed 3.1.11-RC1 Added notifications_data */ - $vars = array('user_row', 'cp_data', 'sql_ary'); + $vars = array('user_row', 'cp_data', 'sql_ary', 'notifications_data'); extract($phpbb_dispatcher->trigger_event('core.user_add_modify_data', compact($vars))); $sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); @@ -277,10 +289,11 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) $user_id = $db->sql_nextid(); // Insert Custom Profile Fields - if ($cp_data !== false && sizeof($cp_data)) + if ($cp_data !== false && count($cp_data)) { $cp_data['user_id'] = (int) $user_id; + /* @var $cp \phpbb\profilefields\manager */ $cp = $phpbb_container->get('profilefields.manager'); $sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $cp->build_insert_sql_array($cp_data)); @@ -313,7 +326,7 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) { global $phpbb_log; - // Because these actions only fill the log unneccessarily we skip the add_log() entry. + // Because these actions only fill the log unnecessarily, we disable it $phpbb_log->disable('admin'); // Add user to "newly registered users" group and set to default group if admin specified so. @@ -334,9 +347,9 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) // set the newest user and adjust the user count if the user is a normal user and no activation mail is sent if ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_FOUNDER) { - set_config('newest_user_id', $user_id, true); - set_config('newest_username', $user_row['username'], true); - set_config_count('num_users', 1, true); + $config->set('newest_user_id', $user_id, false); + $config->set('newest_username', $user_row['username'], false); + $config->increment('num_users', 1, false); $sql = 'SELECT group_colour FROM ' . GROUPS_TABLE . ' @@ -345,7 +358,7 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - set_config('newest_user_colour', $row['group_colour'], true); + $config->set('newest_user_colour', $row['group_colour'], false); } // Use default notifications settings if notifications_data is not set @@ -363,9 +376,23 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) ); } + /** + * Modify the notifications data to be inserted in the database when a user is added + * + * @event core.user_add_modify_notifications_data + * @var array user_row Array of user details submitted to user_add + * @var array cp_data Array of Custom profile fields submitted to user_add + * @var array sql_ary Array of data to be inserted when a user is added + * @var array notifications_data Array of notification data to be inserted when a user is added + * @since 3.2.2-RC1 + */ + $vars = array('user_row', 'cp_data', 'sql_ary', 'notifications_data'); + extract($phpbb_dispatcher->trigger_event('core.user_add_modify_notifications_data', compact($vars))); + // Subscribe user to notifications if necessary if (!empty($notifications_data)) { + /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); foreach ($notifications_data as $subscription) { @@ -374,12 +401,12 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) } /** - * Event that returns user id, user detals and user CPF of newly registared user + * Event that returns user id, user details and user CPF of newly registered user * * @event core.user_add_after - * @var int user_id User id of newly registared user - * @var array user_row Array of user details submited to user_add - * @var array cp_data Array of Custom profile fields submited to user_add + * @var int user_id User id of newly registered user + * @var array user_row Array of user details submitted to user_add + * @var array cp_data Array of Custom profile fields submitted to user_add * @since 3.1.0-b5 */ $vars = array('user_id', 'user_row', 'cp_data'); @@ -398,7 +425,7 @@ function user_add($user_row, $cp_data = false, $notifications_data = null) */ function user_delete($mode, $user_ids, $retain_username = true) { - global $cache, $config, $db, $user, $phpbb_dispatcher; + global $cache, $config, $db, $user, $phpbb_dispatcher, $phpbb_container; global $phpbb_root_path, $phpEx; $db->sql_transaction('begin'); @@ -434,9 +461,11 @@ function user_delete($mode, $user_ids, $retain_username = true) * @var array user_ids IDs of the deleted user * @var mixed retain_username True if username should be retained * or false if not + * @var array user_rows Array containing data of the deleted users * @since 3.1.0-a1 + * @changed 3.2.4-RC1 Added user_rows */ - $vars = array('mode', 'user_ids', 'retain_username'); + $vars = array('mode', 'user_ids', 'retain_username', 'user_rows'); extract($phpbb_dispatcher->trigger_event('core.delete_user_before', compact($vars))); // Before we begin, we will remove the reports the user issued. @@ -454,7 +483,7 @@ function user_delete($mode, $user_ids, $retain_username = true) } $db->sql_freeresult($result); - if (sizeof($report_posts)) + if (count($report_posts)) { $report_posts = array_unique($report_posts); $report_topics = array_unique($report_topics); @@ -474,7 +503,7 @@ function user_delete($mode, $user_ids, $retain_username = true) } $db->sql_freeresult($result); - if (sizeof($keep_report_topics)) + if (count($keep_report_topics)) { $report_topics = array_diff($report_topics, $keep_report_topics); } @@ -486,7 +515,7 @@ function user_delete($mode, $user_ids, $retain_username = true) WHERE ' . $db->sql_in_set('post_id', $report_posts); $db->sql_query($sql); - if (sizeof($report_topics)) + if (count($report_topics)) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET topic_reported = 0 @@ -500,6 +529,9 @@ function user_delete($mode, $user_ids, $retain_username = true) $num_users_delta = 0; + // Get auth provider collection in case accounts might need to be unlinked + $provider_collection = $phpbb_container->get('auth.provider_collection'); + // Some things need to be done in the loop (if the query changes based // on which user is currently being deleted) $added_guest_posts = 0; @@ -510,6 +542,38 @@ function user_delete($mode, $user_ids, $retain_username = true) avatar_delete('user', $user_row); } + // Unlink accounts + foreach ($provider_collection as $provider_name => $auth_provider) + { + $provider_data = $auth_provider->get_auth_link_data($user_id); + + if ($provider_data !== null) + { + $link_data = array( + 'user_id' => $user_id, + 'link_method' => 'user_delete', + ); + + // BLOCK_VARS might contain hidden fields necessary for unlinking accounts + if (isset($provider_data['BLOCK_VARS']) && is_array($provider_data['BLOCK_VARS'])) + { + foreach ($provider_data['BLOCK_VARS'] as $provider_service) + { + if (!array_key_exists('HIDDEN_FIELDS', $provider_service)) + { + $provider_service['HIDDEN_FIELDS'] = array(); + } + + $auth_provider->unlink_account(array_merge($link_data, $provider_service['HIDDEN_FIELDS'])); + } + } + else + { + $auth_provider->unlink_account($link_data); + } + } + } + // Decrement number of users if this user is active if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) { @@ -571,7 +635,7 @@ function user_delete($mode, $user_ids, $retain_username = true) if ($num_users_delta != 0) { - set_config_count('num_users', $num_users_delta, true); + $config->increment('num_users', $num_users_delta, false); } // Now do the invariant tasks @@ -602,7 +666,7 @@ function user_delete($mode, $user_ids, $retain_username = true) delete_posts('poster_id', $user_ids); } - $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE); + $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE, $phpbb_container->getParameter('tables.auth_provider_oauth_token_storage'), $phpbb_container->getParameter('tables.auth_provider_oauth_states'), $phpbb_container->getParameter('tables.auth_provider_oauth_account_assoc')); // Delete the miscellaneous (non-post) data for the user foreach ($table_ary as $table) @@ -672,6 +736,9 @@ function user_delete($mode, $user_ids, $retain_username = true) } phpbb_delete_users_pms($user_ids); + $phpbb_notifications = $phpbb_container->get('notification_manager'); + $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_ids); + $db->sql_transaction('commit'); /** @@ -682,9 +749,11 @@ function user_delete($mode, $user_ids, $retain_username = true) * @var array user_ids IDs of the deleted user * @var mixed retain_username True if username should be retained * or false if not + * @var array user_rows Array containing data of the deleted users * @since 3.1.0-a1 + * @changed 3.2.2-RC1 Added user_rows */ - $vars = array('mode', 'user_ids', 'retain_username'); + $vars = array('mode', 'user_ids', 'retain_username', 'user_rows'); extract($phpbb_dispatcher->trigger_event('core.delete_user_after', compact($vars))); // Reset newest user info if appropriate @@ -713,7 +782,7 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) $user_id_ary = array($user_id_ary); } - if (!sizeof($user_id_ary)) + if (!count($user_id_ary)) { return; } @@ -771,7 +840,7 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) $vars = array('mode', 'reason', 'activated', 'deactivated', 'user_id_ary', 'sql_statements'); extract($phpbb_dispatcher->trigger_event('core.user_active_flip_before', compact($vars))); - if (sizeof($sql_statements)) + if (count($sql_statements)) { foreach ($sql_statements as $user_id => $sql_ary) { @@ -801,12 +870,12 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) if ($deactivated) { - set_config_count('num_users', $deactivated * (-1), true); + $config->increment('num_users', $deactivated * (-1), false); } if ($activated) { - set_config_count('num_users', $activated, true); + $config->increment('num_users', $activated, false); } // Update latest username @@ -826,7 +895,7 @@ function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL) */ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason = '') { - global $db, $user, $auth, $cache; + global $db, $user, $cache, $phpbb_log; // Delete stale bans $sql = 'DELETE FROM ' . BANLIST_TABLE . ' @@ -849,7 +918,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas else { $ban_other = explode('-', $ban_len_other); - if (sizeof($ban_other) == 3 && ((int) $ban_other[0] < 9999) && + if (count($ban_other) == 3 && ((int) $ban_other[0] < 9999) && (strlen($ban_other[0]) == 4) && (strlen($ban_other[1]) == 2) && (strlen($ban_other[2]) == 2)) { $ban_end = max($current_time, $user->create_datetime() @@ -917,7 +986,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas } // Make sure we have been given someone to ban - if (!sizeof($sql_usernames)) + if (!count($sql_usernames)) { trigger_error('NO_USER_SPECIFIED', E_USER_WARNING); } @@ -928,7 +997,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas // Do not allow banning yourself, the guest account, or founders. $non_bannable = array($user->data['user_id'], ANONYMOUS); - if (sizeof($founder)) + if (count($founder)) { $sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true); } @@ -975,7 +1044,6 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if ($ip_2_counter == 0 && $ip_2_end == 254) { $ip_2_counter = 256; - $ip_2_fragment = 256; $banlist_ary[] = "$ip_1_counter.*"; } @@ -988,7 +1056,6 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if ($ip_3_counter == 0 && $ip_3_end == 254) { $ip_3_counter = 256; - $ip_3_fragment = 256; $banlist_ary[] = "$ip_1_counter.$ip_2_counter.*"; } @@ -1001,7 +1068,6 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas if ($ip_4_counter == 0 && $ip_4_end == 254) { $ip_4_counter = 256; - $ip_4_fragment = 256; $banlist_ary[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.*"; } @@ -1071,14 +1137,14 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas continue; } - if (!sizeof($founder) || !in_array($ban_item, $founder)) + if (!count($founder) || !in_array($ban_item, $founder)) { $banlist_ary[] = $ban_item; } } } - if (sizeof($ban_list) == 0) + if (count($ban_list) == 0) { trigger_error('NO_EMAILS_DEFINED', E_USER_WARNING); } @@ -1125,7 +1191,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas $banlist_ary_tmp = array_intersect($banlist_ary, $banlist_ary_tmp); - if (sizeof($banlist_ary_tmp)) + if (count($banlist_ary_tmp)) { // One or more entities are already banned/excluded, delete the existing bans, so they can be re-inserted with the given new length $sql = 'DELETE FROM ' . BANLIST_TABLE . ' @@ -1139,7 +1205,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas $db->sql_freeresult($result); // We have some entities to ban - if (sizeof($banlist_ary)) + if (count($banlist_ary)) { $sql_ary = array(); @@ -1217,13 +1283,22 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas $log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'LOG_BAN_'; // Add to admin log, moderator log and user notes - add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); - add_log('mod', 0, 0, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log_entry . strtoupper($mode), false, array($ban_reason, $ban_list_log)); + $phpbb_log->add('mod', $user->data['user_id'], $user->ip, $log_entry . strtoupper($mode), false, array( + 'forum_id' => 0, + 'topic_id' => 0, + $ban_reason, + $ban_list_log + )); if ($mode == 'user') { foreach ($banlist_ary as $user_id) { - add_log('user', $user_id, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, $log_entry . strtoupper($mode), false, array( + 'reportee_id' => $user_id, + $ban_reason, + $ban_list_log + )); } } @@ -1243,7 +1318,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas */ function user_unban($mode, $ban) { - global $db, $user, $auth, $cache; + global $db, $user, $cache, $phpbb_log, $phpbb_dispatcher; // Delete stale bans $sql = 'DELETE FROM ' . BANLIST_TABLE . ' @@ -1258,7 +1333,7 @@ function user_unban($mode, $ban) $unban_sql = array_map('intval', $ban); - if (sizeof($unban_sql)) + if (count($unban_sql)) { // Grab details of bans for logging information later switch ($mode) @@ -1301,15 +1376,36 @@ function user_unban($mode, $ban) $db->sql_query($sql); // Add to moderator log, admin log and user notes - add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); - add_log('mod', 0, 0, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_UNBAN_' . strtoupper($mode), false, array($l_unban_list)); + $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_UNBAN_' . strtoupper($mode), false, array( + 'forum_id' => 0, + 'topic_id' => 0, + $l_unban_list + )); if ($mode == 'user') { foreach ($user_ids_ary as $user_id) { - add_log('user', $user_id, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_UNBAN_' . strtoupper($mode), false, array( + 'reportee_id' => $user_id, + $l_unban_list + )); } } + + /** + * Use this event to perform actions after the unban has been performed + * + * @event core.user_unban + * @var string mode One of the following: user, ip, email + * @var array user_ids_ary Array with user_ids + * @since 3.1.11-RC1 + */ + $vars = array( + 'mode', + 'user_ids_ary', + ); + extract($phpbb_dispatcher->trigger_event('core.user_unban', compact($vars))); } $cache->destroy('sql', BANLIST_TABLE); @@ -1364,7 +1460,7 @@ function user_ipwhois($ip) $match = array(); // Test for referrals from $whois_host to other whois databases, roll on rwhois - if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match)) + if (preg_match('#ReferralServer:[\x20]*whois://(.+)#im', $ipwhois, $match)) { if (strpos($match[1], ':') !== false) { @@ -1501,7 +1597,7 @@ function validate_num($num, $optional = false, $min = 0, $max = 1E99) function validate_date($date_string, $optional = false) { $date = explode('-', $date_string); - if ((empty($date) || sizeof($date) != 3) && $optional) + if ((empty($date) || count($date) != 3) && $optional) { return false; } @@ -1523,7 +1619,7 @@ function validate_date($date_string, $optional = false) } } - if (sizeof($date) != 3 || !checkdate($date[1], $date[0], $date[2])) + if (count($date) != 3 || !checkdate($date[1], $date[0], $date[2])) { return 'INVALID'; } @@ -1626,89 +1722,37 @@ function validate_username($username, $allowed_username = false) return 'INVALID_CHARS'; } - $mbstring = $pcre = false; - - // generic UTF-8 character types supported? - if (phpbb_pcre_utf8_support()) - { - $pcre = true; - } - else if (function_exists('mb_ereg_match')) - { - mb_regex_encoding('UTF-8'); - $mbstring = true; - } - switch ($config['allow_name_chars']) { case 'USERNAME_CHARS_ANY': - $pcre = true; $regex = '.+'; break; case 'USERNAME_ALPHA_ONLY': - $pcre = true; $regex = '[A-Za-z0-9]+'; break; case 'USERNAME_ALPHA_SPACERS': - $pcre = true; $regex = '[A-Za-z0-9-[\]_+ ]+'; break; case 'USERNAME_LETTER_NUM': - if ($pcre) - { - $regex = '[\p{Lu}\p{Ll}\p{N}]+'; - } - else if ($mbstring) - { - $regex = '[[:upper:][:lower:][:digit:]]+'; - } - else - { - $pcre = true; - $regex = '[a-zA-Z0-9]+'; - } + $regex = '[\p{Lu}\p{Ll}\p{N}]+'; break; case 'USERNAME_LETTER_NUM_SPACERS': - if ($pcre) - { - $regex = '[-\]_+ [\p{Lu}\p{Ll}\p{N}]+'; - } - else if ($mbstring) - { - $regex = '[-\]_+ \[[:upper:][:lower:][:digit:]]+'; - } - else - { - $pcre = true; - $regex = '[-\]_+ [a-zA-Z0-9]+'; - } + $regex = '[-\]_+ [\p{Lu}\p{Ll}\p{N}]+'; break; case 'USERNAME_ASCII': default: - $pcre = true; $regex = '[\x01-\x7F]+'; break; } - if ($pcre) - { - if (!preg_match('#^' . $regex . '$#u', $username)) - { - return 'INVALID_CHARS'; - } - } - else if ($mbstring) + if (!preg_match('#^' . $regex . '$#u', $username)) { - mb_ereg_search_init($username, '^' . $regex . '$'); - if (!mb_ereg_search()) - { - return 'INVALID_CHARS'; - } + return 'INVALID_CHARS'; } $sql = 'SELECT username @@ -1763,35 +1807,10 @@ function validate_password($password) return false; } - $pcre = $mbstring = false; - - // generic UTF-8 character types supported? - if (phpbb_pcre_utf8_support()) - { - $upp = '\p{Lu}'; - $low = '\p{Ll}'; - $num = '\p{N}'; - $sym = '[^\p{Lu}\p{Ll}\p{N}]'; - $pcre = true; - } - else if (function_exists('mb_ereg_match')) - { - mb_regex_encoding('UTF-8'); - $upp = '[[:upper:]]'; - $low = '[[:lower:]]'; - $num = '[[:digit:]]'; - $sym = '[^[:upper:][:lower:][:digit:]]'; - $mbstring = true; - } - else - { - $upp = '[A-Z]'; - $low = '[a-z]'; - $num = '[0-9]'; - $sym = '[^A-Za-z0-9]'; - $pcre = true; - } - + $upp = '\p{Lu}'; + $low = '\p{Ll}'; + $num = '\p{N}'; + $sym = '[^\p{Lu}\p{Ll}\p{N}]'; $chars = array(); switch ($config['pass_complex']) @@ -1814,24 +1833,11 @@ function validate_password($password) $chars[] = $upp; } - if ($pcre) + foreach ($chars as $char) { - foreach ($chars as $char) + if (!preg_match('#' . $char . '#u', $password)) { - if (!preg_match('#' . $char . '#u', $password)) - { - return 'INVALID_CHARS'; - } - } - } - else if ($mbstring) - { - foreach ($chars as $char) - { - if (mb_ereg($char, $password) === false) - { - return 'INVALID_CHARS'; - } + return 'INVALID_CHARS'; } } @@ -1953,7 +1959,7 @@ function validate_jabber($jid) $arr = explode('.', $realm); - if (sizeof($arr) == 0) + if (count($arr) == 0) { return 'WRONG_DATA'; } @@ -2175,7 +2181,7 @@ function phpbb_style_is_active($style_id) */ function avatar_delete($mode, $row, $clean_db = false) { - global $phpbb_root_path, $config, $db, $user; + global $phpbb_root_path, $config; // Check if the users avatar is actually *not* a group avatar if ($mode == 'user') @@ -2231,7 +2237,7 @@ function phpbb_avatar_explanation_string() { global $config, $user; - return $user->lang('AVATAR_EXPLAIN', + return $user->lang(($config['avatar_filesize'] == 0) ? 'AVATAR_EXPLAIN_NO_FILESIZE' : 'AVATAR_EXPLAIN', $user->lang('PIXELS', (int) $config['avatar_max_width']), $user->lang('PIXELS', (int) $config['avatar_max_height']), round($config['avatar_filesize'] / 1024)); @@ -2247,7 +2253,10 @@ function phpbb_avatar_explanation_string() */ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow_desc_bbcode = false, $allow_desc_urls = false, $allow_desc_smilies = false) { - global $phpbb_root_path, $config, $db, $user, $file_upload, $phpbb_container; + global $db, $user, $phpbb_container, $phpbb_log; + + /** @var \phpbb\group\helper $group_helper */ + $group_helper = $phpbb_container->get('group_helper'); $error = array(); @@ -2274,13 +2283,17 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow $group_teampage = !empty($group_attributes['group_teampage']); unset($group_attributes['group_teampage']); - if (!sizeof($error)) + if (!count($error)) { $current_legend = \phpbb\groupposition\legend::GROUP_DISABLED; $current_teampage = \phpbb\groupposition\teampage::GROUP_DISABLED; + /* @var $legend \phpbb\groupposition\legend */ $legend = $phpbb_container->get('groupposition.legend'); + + /* @var $teampage \phpbb\groupposition\teampage */ $teampage = $phpbb_container->get('groupposition.teampage'); + if ($group_id) { try @@ -2343,7 +2356,7 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow generate_text_for_storage($sql_ary['group_desc'], $sql_ary['group_desc_uid'], $sql_ary['group_desc_bitfield'], $sql_ary['group_desc_options'], $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies); } - if (sizeof($group_attributes)) + if (count($group_attributes)) { // Merge them with $sql_ary to properly update the group $sql_ary = array_merge($sql_ary, $group_attributes); @@ -2352,8 +2365,6 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow // Setting the log message before we set the group id (if group gets added) $log = ($group_id) ? 'LOG_GROUP_UPDATED' : 'LOG_GROUP_CREATED'; - $query = ''; - if ($group_id) { $sql = 'SELECT user_id @@ -2471,7 +2482,7 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow // Set user attributes $sql_ary = array(); - if (sizeof($group_attributes)) + if (count($group_attributes)) { // Go through the user attributes array, check if a group attribute matches it and then set it. ;) foreach ($user_attribute_ary as $attribute) @@ -2491,18 +2502,18 @@ function group_create(&$group_id, $type, $name, $desc, $group_attributes, $allow } } - if (sizeof($sql_ary) && sizeof($user_ary)) + if (count($sql_ary) && count($user_ary)) { group_set_user_default($group_id, $user_ary, $sql_ary); } - $name = ($type == GROUP_SPECIAL) ? $user->lang['G_' . $name] : $name; - add_log('admin', $log, $name); + $name = $group_helper->get_name($name); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($name)); group_update_listings($group_id); } - return (sizeof($error)) ? $error : false; + return (count($error)) ? $error : false; } @@ -2535,7 +2546,7 @@ function group_correct_avatar($group_id, $old_entry) */ function avatar_remove_db($avatar_name) { - global $config, $db; + global $db; $sql = 'UPDATE ' . USERS_TABLE . " SET user_avatar = '', @@ -2550,7 +2561,7 @@ function avatar_remove_db($avatar_name) */ function group_delete($group_id, $group_name = false) { - global $db, $cache, $auth, $user, $phpbb_root_path, $phpEx, $phpbb_dispatcher, $phpbb_container; + global $db, $cache, $auth, $user, $phpbb_root_path, $phpEx, $phpbb_dispatcher, $phpbb_container, $phpbb_log; if (!$group_name) { @@ -2594,6 +2605,7 @@ function group_delete($group_id, $group_name = false) // Delete group from legend and teampage try { + /* @var $legend \phpbb\groupposition\legend */ $legend = $phpbb_container->get('groupposition.legend'); $legend->delete_group($group_id); unset($legend); @@ -2607,6 +2619,7 @@ function group_delete($group_id, $group_name = false) try { + /* @var $teampage \phpbb\groupposition\teampage */ $teampage = $phpbb_container->get('groupposition.teampage'); $teampage->delete_group($group_id); unset($teampage); @@ -2647,7 +2660,7 @@ function group_delete($group_id, $group_name = false) phpbb_cache_moderators($db, $cache, $auth); - add_log('admin', 'LOG_GROUP_DELETE', $group_name); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_GROUP_DELETE', false, array($group_name)); // Return false - no error return false; @@ -2660,12 +2673,12 @@ function group_delete($group_id, $group_name = false) */ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $default = false, $leader = 0, $pending = 0, $group_attributes = false) { - global $db, $auth, $phpbb_container; + global $db, $auth, $user, $phpbb_container, $phpbb_log, $phpbb_dispatcher; // We need both username and user_id info $result = user_get_id_name($user_id_ary, $username_ary); - if (!sizeof($user_id_ary) || $result !== false) + if (empty($user_id_ary) || $result !== false) { return 'NO_USER'; } @@ -2693,7 +2706,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $add_id_ary = array_diff($user_id_ary, $add_id_ary); // If we have no users - if (!sizeof($add_id_ary) && !sizeof($update_id_ary)) + if (!count($add_id_ary) && !count($update_id_ary)) { return 'GROUP_USERS_EXIST'; } @@ -2701,7 +2714,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $db->sql_transaction('begin'); // Insert the new users - if (sizeof($add_id_ary)) + if (count($add_id_ary)) { $sql_ary = array(); @@ -2718,7 +2731,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $db->sql_multi_insert(USER_GROUP_TABLE, $sql_ary); } - if (sizeof($update_id_ary)) + if (count($update_id_ary)) { $sql = 'UPDATE ' . USER_GROUP_TABLE . ' SET group_leader = 1 @@ -2737,6 +2750,26 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, // Clear permissions cache of relevant users $auth->acl_clear_prefetch($user_id_ary); + /** + * Event after users are added to a group + * + * @event core.group_add_user_after + * @var int group_id ID of the group to which users are added + * @var string group_name Name of the group + * @var array user_id_ary IDs of the users which are added + * @var array username_ary names of the users which are added + * @var int pending Pending setting, 1 if user(s) added are pending + * @since 3.1.7-RC1 + */ + $vars = array( + 'group_id', + 'group_name', + 'user_id_ary', + 'username_ary', + 'pending', + ); + extract($phpbb_dispatcher->trigger_event('core.group_add_user_after', compact($vars))); + if (!$group_name) { $group_name = get_group_name($group_id); @@ -2744,12 +2777,13 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $log = ($leader) ? 'LOG_MODS_ADDED' : (($pending) ? 'LOG_USERS_PENDING' : 'LOG_USERS_ADDED'); - add_log('admin', $log, $group_name, implode(', ', $username_ary)); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($group_name, implode(', ', $username_ary))); group_update_listings($group_id); if ($pending) { + /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); foreach ($add_id_ary as $user_id) @@ -2773,9 +2807,9 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false, * * @return false if no errors occurred, else the user lang string for the relevant error, for example 'NO_USER' */ -function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $group_name = false) +function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $log_action = true) { - global $db, $auth, $config, $phpbb_dispatcher, $phpbb_container; + global $db, $auth, $config, $user, $phpbb_dispatcher, $phpbb_container, $phpbb_log; if ($config['coppa_enable']) { @@ -2789,7 +2823,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, // We need both username and user_id info $result = user_get_id_name($user_id_ary, $username_ary); - if (!sizeof($user_id_ary) || $result !== false) + if (empty($user_id_ary) || $result !== false) { return 'NO_USER'; } @@ -2865,7 +2899,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, foreach ($special_group_data as $gid => $default_data_ary) { - if (isset($sql_where_ary[$gid]) && sizeof($sql_where_ary[$gid])) + if (isset($sql_where_ary[$gid]) && count($sql_where_ary[$gid])) { remove_default_rank($group_id, $sql_where_ary[$gid]); remove_default_avatar($group_id, $sql_where_ary[$gid]); @@ -2895,20 +2929,37 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false, // Clear permissions cache of relevant users $auth->acl_clear_prefetch($user_id_ary); - if (!$group_name) + /** + * Event after users are removed from a group + * + * @event core.group_delete_user_after + * @var int group_id ID of the group from which users are deleted + * @var string group_name Name of the group + * @var array user_id_ary IDs of the users which are removed + * @var array username_ary names of the users which are removed + * @since 3.1.7-RC1 + */ + $vars = array('group_id', 'group_name', 'user_id_ary', 'username_ary'); + extract($phpbb_dispatcher->trigger_event('core.group_delete_user_after', compact($vars))); + + if ($log_action) { - $group_name = get_group_name($group_id); - } + if (!$group_name) + { + $group_name = get_group_name($group_id); + } - $log = 'LOG_GROUP_REMOVE'; + $log = 'LOG_GROUP_REMOVE'; - if ($group_name) - { - add_log('admin', $log, $group_name, implode(', ', $username_ary)); + if ($group_name) + { + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($group_name, implode(', ', $username_ary))); + } } group_update_listings($group_id); + /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications->delete_notifications('notification.type.group_request', $user_id_ary, $group_id); @@ -3002,12 +3053,12 @@ function remove_default_rank($group_id, $user_ids) */ function group_user_attributes($action, $group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $group_attributes = false) { - global $db, $auth, $phpbb_root_path, $phpEx, $config, $phpbb_container; + global $db, $auth, $user, $phpbb_container, $phpbb_log, $phpbb_dispatcher; // We need both username and user_id info $result = user_get_id_name($user_id_ary, $username_ary); - if (!sizeof($user_id_ary) || $result !== false) + if (empty($user_id_ary) || $result !== false) { return 'NO_USERS'; } @@ -3062,7 +3113,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna } $db->sql_freeresult($result); - if (!sizeof($user_id_ary)) + if (!count($user_id_ary)) { return false; } @@ -3073,6 +3124,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna AND " . $db->sql_in_set('user_id', $user_id_ary); $db->sql_query($sql); + /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications->add_notifications('notification.type.group_request_approved', array( @@ -3102,7 +3154,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna $db->sql_freeresult($result); $result = user_get_id_name($user_id_ary, $username_ary); - if (!sizeof($user_id_ary) || $result !== false) + if (!count($user_id_ary) || $result !== false) { return 'NO_USERS'; } @@ -3133,10 +3185,32 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna break; } + /** + * Event to perform additional actions on setting user group attributes + * + * @event core.user_set_group_attributes + * @var int group_id ID of the group + * @var string group_name Name of the group + * @var array user_id_ary IDs of the users to set group attributes + * @var array username_ary Names of the users to set group attributes + * @var array group_attributes Group attributes which were changed + * @var string action Action to perform over the group members + * @since 3.1.10-RC1 + */ + $vars = array( + 'group_id', + 'group_name', + 'user_id_ary', + 'username_ary', + 'group_attributes', + 'action', + ); + extract($phpbb_dispatcher->trigger_event('core.user_set_group_attributes', compact($vars))); + // Clear permissions cache of relevant users $auth->acl_clear_prefetch($user_id_ary); - add_log('admin', $log, $group_name, implode(', ', $username_ary)); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($group_name, implode(', ', $username_ary))); group_update_listings($group_id); @@ -3148,7 +3222,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna */ function group_validate_groupname($group_id, $group_name) { - global $config, $db; + global $db; $group_name = utf8_clean_string($group_name); @@ -3196,7 +3270,7 @@ function group_validate_groupname($group_id, $group_name) */ function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false) { - global $phpbb_container, $db, $phpbb_dispatcher; + global $config, $phpbb_container, $db, $phpbb_dispatcher; if (empty($user_id_ary)) { @@ -3266,8 +3340,8 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal if (isset($sql_ary[$avatar_option])) { $avatar_sql_ary[$avatar_option] = $sql_ary[$avatar_option]; - } } + } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $avatar_sql_ary) . " @@ -3308,11 +3382,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal WHERE " . $db->sql_in_set('topic_last_poster_id', $user_id_ary); $db->sql_query($sql); - global $config; - if (in_array($config['newest_user_id'], $user_id_ary)) { - set_config('newest_user_colour', $sql_ary['user_colour'], true); + $config->set('newest_user_colour', $sql_ary['user_colour'], false); } } @@ -3347,7 +3419,7 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal */ function get_group_name($group_id) { - global $db, $user; + global $db, $phpbb_container; $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' @@ -3356,12 +3428,15 @@ function get_group_name($group_id) $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - if (!$row || ($row['group_type'] == GROUP_SPECIAL && empty($user->lang))) + if (!$row) { return ''; } - return ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']; + /** @var \phpbb\group\helper $group_helper */ + $group_helper = $phpbb_container->get('group_helper'); + + return $group_helper->get_name($row['group_name']); } /** @@ -3442,7 +3517,7 @@ function group_update_listings($group_id) $hold_ary = $auth->acl_group_raw_data($group_id, array('a_', 'm_')); - if (!sizeof($hold_ary)) + if (empty($hold_ary)) { return; } @@ -3548,8 +3623,8 @@ function remove_newly_registered($user_id, $user_data = false) } // We need to call group_user_del here, because this function makes sure everything is correctly changed. - // A downside for a call within the session handler is that the language is not set up yet - so no log entry - group_user_del($group_id, $user_id); + // Force function to not log the removal of users from newly registered users group + group_user_del($group_id, $user_id, false, false, false); // Set user_new to 0 to let this not be triggered again $sql = 'UPDATE ' . USERS_TABLE . ' |