diff options
Diffstat (limited to 'phpBB/includes/ucp')
28 files changed, 1926 insertions, 762 deletions
diff --git a/phpBB/includes/ucp/info/ucp_attachments.php b/phpBB/includes/ucp/info/ucp_attachments.php index 84edce446c..2e20106f5c 100644 --- a/phpBB/includes/ucp/info/ucp_attachments.php +++ b/phpBB/includes/ucp/info/ucp_attachments.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_attachments_info { function module() @@ -33,5 +33,3 @@ class ucp_attachments_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_auth_link.php b/phpBB/includes/ucp/info/ucp_auth_link.php new file mode 100644 index 0000000000..9ec4cb7b3a --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_auth_link.php @@ -0,0 +1,35 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +class ucp_auth_link_info +{ + function module() + { + return array( + 'filename' => 'ucp_auth_link', + 'title' => 'UCP_AUTH_LINK', + 'version' => '1.0.0', + 'modes' => array( + 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => 'authmethod_oauth', 'cat' => array('UCP_PROFILE')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} diff --git a/phpBB/includes/ucp/info/ucp_groups.php b/phpBB/includes/ucp/info/ucp_groups.php index 2002123c50..6da2a4fe38 100644 --- a/phpBB/includes/ucp/info/ucp_groups.php +++ b/phpBB/includes/ucp/info/ucp_groups.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_groups_info { function module() @@ -34,5 +34,3 @@ class ucp_groups_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_main.php b/phpBB/includes/ucp/info/ucp_main.php index 722b7865e6..de8e7d5602 100644 --- a/phpBB/includes/ucp/info/ucp_main.php +++ b/phpBB/includes/ucp/info/ucp_main.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_main_info { function module() @@ -36,5 +36,3 @@ class ucp_main_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_notifications.php b/phpBB/includes/ucp/info/ucp_notifications.php new file mode 100644 index 0000000000..0cc011d96e --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_notifications.php @@ -0,0 +1,36 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +class ucp_notifications_info +{ + function module() + { + return array( + 'filename' => 'ucp_notifications', + 'title' => 'UCP_NOTIFICATION_OPTIONS', + 'version' => '1.0.0', + 'modes' => array( + 'notification_options' => array('title' => 'UCP_NOTIFICATION_OPTIONS', 'auth' => '', 'cat' => array('UCP_PREFS')), + 'notification_list' => array('title' => 'UCP_NOTIFICATION_LIST', 'auth' => '', 'cat' => array('UCP_MAIN')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} diff --git a/phpBB/includes/ucp/info/ucp_pm.php b/phpBB/includes/ucp/info/ucp_pm.php index ade12005c0..6aa1669cb6 100644 --- a/phpBB/includes/ucp/info/ucp_pm.php +++ b/phpBB/includes/ucp/info/ucp_pm.php @@ -1,15 +1,16 @@ <?php /** -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_pm_info { function module() @@ -23,7 +24,6 @@ class ucp_pm_info 'compose' => array('title' => 'UCP_PM_COMPOSE', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), 'drafts' => array('title' => 'UCP_PM_DRAFTS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), 'options' => array('title' => 'UCP_PM_OPTIONS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), - 'popup' => array('title' => 'UCP_PM_POPUP_TITLE', 'auth' => 'cfg_allow_privmsg', 'display' => false, 'cat' => array('UCP_PM')), ), ); } @@ -36,5 +36,3 @@ class ucp_pm_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_prefs.php b/phpBB/includes/ucp/info/ucp_prefs.php index 58359e8a19..5c2d29ac73 100644 --- a/phpBB/includes/ucp/info/ucp_prefs.php +++ b/phpBB/includes/ucp/info/ucp_prefs.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_prefs_info { function module() @@ -35,5 +35,3 @@ class ucp_prefs_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_profile.php b/phpBB/includes/ucp/info/ucp_profile.php index 4591776768..919de99a96 100644 --- a/phpBB/includes/ucp/info/ucp_profile.php +++ b/phpBB/includes/ucp/info/ucp_profile.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_profile_info { function module() @@ -20,10 +20,11 @@ class ucp_profile_info 'title' => 'UCP_PROFILE', 'version' => '1.0.0', 'modes' => array( - 'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => 'acl_u_chgprofileinfo', 'cat' => array('UCP_PROFILE')), 'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => 'acl_u_sig', 'cat' => array('UCP_PROFILE')), - 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')), + 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar', 'cat' => array('UCP_PROFILE')), 'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'autologin_keys'=> array('title' => 'UCP_PROFILE_AUTOLOGIN_KEYS', 'auth' => '', 'cat' => array('UCP_PROFILE')), ), ); } @@ -36,5 +37,3 @@ class ucp_profile_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_zebra.php b/phpBB/includes/ucp/info/ucp_zebra.php index 5fc1f8bee7..99d4a4f4c0 100644 --- a/phpBB/includes/ucp/info/ucp_zebra.php +++ b/phpBB/includes/ucp/info/ucp_zebra.php @@ -1,16 +1,16 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ -/** -* @package module_install -*/ class ucp_zebra_info { function module() @@ -34,5 +34,3 @@ class ucp_zebra_info { } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php index b262dc5c1c..6e357b260a 100644 --- a/phpBB/includes/ucp/ucp_activate.php +++ b/phpBB/includes/ucp/ucp_activate.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_activate * User activation -* @package ucp */ class ucp_activate { @@ -28,7 +30,7 @@ class ucp_activate function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; - global $db, $user, $auth, $template; + global $db, $user, $auth, $template, $phpbb_container; $user_id = request_var('u', 0); $key = request_var('k', ''); @@ -76,7 +78,6 @@ class ucp_activate 'user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '', - 'user_pass_convert' => 0, 'user_login_attempts' => 0, ); @@ -109,13 +110,16 @@ class ucp_activate if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) { + $phpbb_notifications = $phpbb_container->get('notification_manager'); + $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']); + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); $messenger->template('admin_welcome_activated', $user_row['user_lang']); - $messenger->to($user_row['user_email'], $user_row['username']); + $messenger->set_addresses($user_row); $messenger->anti_abuse_headers($config, $user); @@ -143,5 +147,3 @@ class ucp_activate trigger_error($user->lang[$message]); } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php index b011b4f75d..42724209aa 100644 --- a/phpBB/includes/ucp/ucp_attachments.php +++ b/phpBB/includes/ucp/ucp_attachments.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_attachments * User attachments -* @package ucp */ class ucp_attachments { @@ -27,7 +29,7 @@ class ucp_attachments function main($id, $mode) { - global $template, $user, $db, $config, $phpEx, $phpbb_root_path; + global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $phpbb_container; $start = request_var('start', 0); $sort_key = request_var('sk', 'a'); @@ -120,6 +122,10 @@ class ucp_attachments $num_attachments = $db->sql_fetchfield('num_attachments'); $db->sql_freeresult($result); + // Ensure start is a valid value + $pagination = $phpbb_container->get('pagination'); + $start = $pagination->validate_start($start, $config['topics_per_page'], $num_attachments); + $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title FROM ' . ATTACHMENTS_TABLE . ' a LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id AND a.in_message = 0) @@ -171,10 +177,12 @@ class ucp_attachments } $db->sql_freeresult($result); + $base_url = $this->u_action . "&sk=$sort_key&sd=$sort_dir"; + $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_attachments, $config['topics_per_page'], $start); + $template->assign_vars(array( - 'PAGE_NUMBER' => on_page($num_attachments, $config['topics_per_page'], $start), - 'PAGINATION' => generate_pagination($this->u_action . "&sk=$sort_key&sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start), 'TOTAL_ATTACHMENTS' => $num_attachments, + 'NUM_ATTACHMENTS' => $user->lang('NUM_ATTACHMENTS', $num_attachments), 'L_TITLE' => $user->lang['UCP_ATTACHMENTS'], @@ -197,5 +205,3 @@ class ucp_attachments $this->page_title = 'UCP_ATTACHMENTS'; } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_auth_link.php b/phpBB/includes/ucp/ucp_auth_link.php new file mode 100644 index 0000000000..748f0fdec2 --- /dev/null +++ b/phpBB/includes/ucp/ucp_auth_link.php @@ -0,0 +1,147 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +class ucp_auth_link +{ + /** + * @var string + */ + public $u_action; + + /** + * Generates the ucp_auth_link page and handles the auth link process + * + * @param int $id + * @param string $mode + */ + public function main($id, $mode) + { + global $request, $template, $phpbb_container, $user; + + $error = array(); + + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider(); + + // confirm that the auth provider supports this page + $provider_data = $auth_provider->get_auth_link_data(); + if ($provider_data === null) + { + $error[] = 'UCP_AUTH_LINK_NOT_SUPPORTED'; + } + + $s_hidden_fields = array(); + add_form_key('ucp_auth_link'); + + $submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST); + + // This path is only for primary actions + if (!sizeof($error) && $submit) + { + if (!check_form_key('ucp_auth_link')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + // Any post data could be necessary for auth (un)linking + $link_data = $request->get_super_global(\phpbb\request\request_interface::POST); + + // The current user_id is also necessary + $link_data['user_id'] = $user->data['user_id']; + + // Tell the provider that the method is auth_link not login_link + $link_data['link_method'] = 'auth_link'; + + if ($request->variable('link', 0, false, \phpbb\request\request_interface::POST)) + { + $error[] = $auth_provider->link_account($link_data); + } + else + { + $error[] = $auth_provider->unlink_account($link_data); + } + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); + } + } + + // In some cases, a request to an external server may be required. In + // these cases, the GET parameter 'link' should exist and should be true + if ($request->variable('link', false)) + { + // In this case the link data should only be populated with the + // link_method as the provider dictates how data is returned to it. + $link_data = array('link_method' => 'auth_link'); + + $error[] = $auth_provider->link_account($link_data); + + // Template data may have changed, get new data + $provider_data = $auth_provider->get_auth_link_data(); + } + + if (isset($provider_data['VARS'])) + { + // Handle hidden fields separately + if (isset($provider_data['VARS']['HIDDEN_FIELDS'])) + { + $s_hidden_fields = array_merge($s_hidden_fields, $provider_data['VARS']['HIDDEN_FIELDS']); + unset($provider_data['VARS']['HIDDEN_FIELDS']); + } + + $template->assign_vars($provider_data['VARS']); + } + + if (isset($provider_data['BLOCK_VAR_NAME'])) + { + foreach ($provider_data['BLOCK_VARS'] as $block_vars) + { + // See if there are additional hidden fields. This should be an associative array + if (isset($block_vars['HIDDEN_FIELDS'])) + { + $block_vars['HIDDEN_FIELDS'] = build_hidden_fields($block_vars['HIDDEN_FIELDS']); + } + + $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars); + } + } + + $s_hidden_fields = build_hidden_fields($s_hidden_fields); + + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); + $error = implode('<br />', $error); + + $template->assign_vars(array( + 'ERROR' => $error, + + 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'], + + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action, + )); + + $this->tpl_name = 'ucp_auth_link'; + $this->page_title = 'UCP_AUTH_LINK'; + } +} diff --git a/phpBB/includes/ucp/ucp_confirm.php b/phpBB/includes/ucp/ucp_confirm.php index 445f7c7d2a..7392f8dea8 100644 --- a/phpBB/includes/ucp/ucp_confirm.php +++ b/phpBB/includes/ucp/ucp_confirm.php @@ -1,10 +1,13 @@ <?php /** * -* @package VC -* @version $Id$ -* @copyright (c) 2005 2008 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -26,8 +29,6 @@ if (!defined('IN_PHPBB')) * to that licence. Do not incorporate this within software * released or distributed in any way under a licence other * than the GPL. We will be watching ... ;) -* -* @package VC */ class ucp_confirm { @@ -35,10 +36,9 @@ class ucp_confirm function main($id, $mode) { - global $db, $user, $phpbb_root_path, $config, $phpEx; + global $db, $user, $phpbb_root_path, $config, $phpEx, $phpbb_container; - include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); - $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); $captcha->init(request_var('type', 0)); $captcha->execute(); @@ -46,5 +46,3 @@ class ucp_confirm exit_handler(); } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php index 663b5bc931..b9606945b4 100644 --- a/phpBB/includes/ucp/ucp_groups.php +++ b/phpBB/includes/ucp/ucp_groups.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -18,7 +21,6 @@ if (!defined('IN_PHPBB')) /** * ucp_groups -* @package ucp */ class ucp_groups { @@ -26,16 +28,17 @@ class ucp_groups function main($id, $mode) { - global $config, $phpbb_root_path, $phpEx; + global $config, $phpbb_root_path, $phpEx, $phpbb_admin_path; global $db, $user, $auth, $cache, $template; + global $request, $phpbb_container; $user->add_lang('groups'); $return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>'); $mark_ary = request_var('mark', array(0)); - $submit = (!empty($_POST['submit'])) ? true : false; - $delete = (!empty($_POST['delete'])) ? true : false; + $submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST); + $delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST); $error = $data = array(); switch ($mode) @@ -197,38 +200,6 @@ class ucp_groups else { group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); - - include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); - $messenger = new messenger(); - - $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang - FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u - WHERE ug.user_id = u.user_id - AND ug.group_leader = 1 - AND ug.group_id = $group_id"; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $messenger->template('group_request', $row['user_lang']); - - $messenger->to($row['user_email'], $row['username']); - $messenger->im($row['user_jabber'], $row['username']); - - $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($row['username']), - 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), - 'REQUEST_USERNAME' => $user->data['username'], - - 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", - 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") - ); - - $messenger->send($row['user_notify_type']); - } - $db->sql_freeresult($result); - - $messenger->save_queue(); } add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']); @@ -417,9 +388,11 @@ class ucp_groups if ($group_id) { - $sql = 'SELECT * - FROM ' . GROUPS_TABLE . " - WHERE group_id = $group_id"; + $sql = 'SELECT g.*, t.teampage_position AS group_teampage + FROM ' . GROUPS_TABLE . ' g + LEFT JOIN ' . TEAMPAGE_TABLE . ' t + ON (t.group_id = g.group_id) + WHERE g.group_id = ' . $group_id; $result = $db->sql_query($sql); $group_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -438,7 +411,7 @@ class ucp_groups $group_name = $group_row['group_name']; $group_type = $group_row['group_type']; - $avatar_img = (!empty($group_row['group_avatar'])) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />'; + $avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true); $template->assign_vars(array( 'GROUP_NAME' => ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name, @@ -447,8 +420,8 @@ class ucp_groups 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], - 'AVATAR' => $avatar_img, - 'AVATAR_IMAGE' => $avatar_img, + 'AVATAR' => (empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar), + 'AVATAR_IMAGE' => (empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar), 'AVATAR_WIDTH' => (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '', )); @@ -483,10 +456,43 @@ class ucp_groups $error = array(); - $avatar_select = basename(request_var('avatar_select', '')); - $category = basename(request_var('category', '')); + // Setup avatar data for later + $avatars_enabled = false; + $avatar_drivers = null; + $avatar_data = null; + $avatar_error = array(); + + if ($config['allow_avatar']) + { + $phpbb_avatar_manager = $phpbb_container->get('avatar.manager'); + $avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers(); + + // This is normalised data, without the group_ prefix + $avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group'); + } + + // Handle deletion of avatars + if ($request->is_set_post('avatar_delete')) + { + if (confirm_box(true)) + { + $phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_'); + $cache->destroy('sql', GROUPS_TABLE); - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; + trigger_error($user->lang[$message] . $return_page); + } + else + { + confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array( + 'avatar_delete' => true, + 'i' => $id, + 'mode' => $mode, + 'g' => $group_id, + 'action' => $action)) + ); + } + } // Did we submit? if ($update) @@ -505,89 +511,31 @@ class ucp_groups 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients'=> request_var('group_max_recipients', 0), + 'legend' => $group_row['group_legend'], + 'teampage' => $group_row['group_teampage'], ); - $data['uploadurl'] = request_var('uploadurl', ''); - $data['remotelink'] = request_var('remotelink', ''); - $data['width'] = request_var('width', ''); - $data['height'] = request_var('height', ''); - $delete = request_var('delete', ''); - - if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) + if ($config['allow_avatar']) { - // Avatar stuff - $var_ary = array( - 'uploadurl' => array('string', true, 5, 255), - 'remotelink' => array('string', true, 5, 255), - 'width' => array('string', true, 1, 3), - 'height' => array('string', true, 1, 3), - ); - - if (!($error = validate_data($data, $var_ary))) - { - $data['user_id'] = "g$group_id"; + // Handle avatar + $driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', '')); + $config_name = preg_replace('#^avatar\.driver.#', '', $driver_name); - if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) - { - list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error); - } - else if ($data['remotelink']) - { - list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error); - } - } - } - else if ($avatar_select && $config['allow_avatar_local']) - { - // check avatar gallery - if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) + if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) { - $submit_ary['avatar_type'] = AVATAR_GALLERY; + $driver = $phpbb_avatar_manager->get_driver($driver_name); + $result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error); - list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select); - $submit_ary['avatar'] = $category . '/' . $avatar_select; - } - } - else if ($delete) - { - $submit_ary['avatar'] = ''; - $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0; - } - else if ($data['width'] && $data['height']) - { - // Only update the dimensions? - if ($config['avatar_max_width'] || $config['avatar_max_height']) - { - if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) + if ($result && empty($avatar_error)) { - $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); - } - } + $result['avatar_type'] = $driver_name; - if (!sizeof($error)) - { - if ($config['avatar_min_width'] || $config['avatar_min_height']) - { - if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) - { - $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); - } + $submit_ary = array_merge($submit_ary, $result); } } - if (!sizeof($error)) - { - $submit_ary['avatar_width'] = $data['width']; - $submit_ary['avatar_height'] = $data['height']; - } - } - - if ((isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']))) || $delete) - { - if (isset($group_row['group_avatar']) && $group_row['group_avatar']) - { - avatar_delete('group', $group_row, true); - } + // Merge any avatars errors into the primary error array + $error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error)); } if (!check_form_key('ucp_groups')) @@ -607,24 +555,28 @@ class ucp_groups // Only set the rank, colour, etc. if it's changed or if we're adding a new // group. This prevents existing group members being updated if no changes // were made. + // However there are some attributes that need to be set everytime, + // otherwise the group gets removed from the feature. + $set_attributes = array('legend', 'teampage'); $group_attributes = array(); $test_variables = array( 'rank' => 'int', 'colour' => 'string', 'avatar' => 'string', - 'avatar_type' => 'int', + 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', + 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients'=> 'int', ); foreach ($test_variables as $test => $type) { - if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) + if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) { settype($submit_ary[$test], $type); $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; @@ -634,6 +586,7 @@ class ucp_groups if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) { $cache->destroy('sql', GROUPS_TABLE); + $cache->destroy('sql', TEAMPAGE_TABLE); $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; trigger_error($user->lang[$message] . $return_page); @@ -690,28 +643,51 @@ class ucp_groups $type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : ''; $type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : ''; - $display_gallery = (isset($_POST['display_gallery'])) ? true : false; - - if ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery) + // Load up stuff for avatars + if ($config['allow_avatar']) { - avatar_gallery($category, $avatar_select, 4); + $avatars_enabled = false; + $selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type'])); + + foreach ($avatar_drivers as $current_driver) + { + $driver = $phpbb_avatar_manager->get_driver($current_driver); + + $avatars_enabled = true; + $template->set_filenames(array( + 'avatar' => $driver->get_template_name(), + )); + + if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) + { + $driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver); + $driver_upper = strtoupper($driver_name); + $template->assign_block_vars('avatar_drivers', array( + 'L_TITLE' => $user->lang($driver_upper . '_TITLE'), + 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), + + 'DRIVER' => $driver_name, + 'SELECTED' => $current_driver == $selected_driver, + 'OUTPUT' => $template->assign_display('avatar'), + )); + } + } } - $avatars_enabled = ($config['allow_avatar'] && (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; + if (isset($phpbb_avatar_manager) && !$update) + { + // Merge any avatars errors into the primary error array + $error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error)); + } $template->assign_vars(array( 'S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, - 'S_FORM_ENCTYPE' => ($config['allow_avatar'] && $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', + 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', 'S_ERROR' => (sizeof($error)) ? true : false, 'S_SPECIAL_GROUP' => ($group_type == GROUP_SPECIAL) ? true : false, - 'S_AVATARS_ENABLED' => $avatars_enabled, - 'S_DISPLAY_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false, - 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false, - - 'S_UPLOAD_AVATAR_FILE' => ($config['allow_avatar'] && $config['allow_avatar_upload'] && $can_upload) ? true : false, - 'S_UPLOAD_AVATAR_URL' => ($config['allow_avatar'] && $config['allow_avatar_remote_upload'] && $can_upload) ? true : false, - 'S_LINK_AVATAR' => ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false, + 'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled), + 'S_GROUP_MANAGE' => true, 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 'GROUP_RECEIVE_PM' => (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '', @@ -724,7 +700,6 @@ class ucp_groups 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, - 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, @@ -737,9 +712,8 @@ class ucp_groups 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, - 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour'), 'S_UCP_ACTION' => $this->u_action . "&action=$action&g=$group_id", - 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), + 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string(), )); break; @@ -852,11 +826,14 @@ class ucp_groups $s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>'; } + $pagination = $phpbb_container->get('pagination'); + $base_url = $this->u_action . "&action=$action&g=$group_id"; + $start = $pagination->validate_start($start, $config['topics_per_page'], $total_members); + $pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start); + $template->assign_vars(array( 'S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, - 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), - 'PAGINATION' => generate_pagination($this->u_action . "&action=$action&g=$group_id", $total_members, $config['topics_per_page'], $start), 'U_ACTION' => $this->u_action . "&g=$group_id", 'S_UCP_ACTION' => $this->u_action . "&g=$group_id", @@ -1075,7 +1052,8 @@ class ucp_groups 'mode' => $mode, 'action' => $action ); - confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields)); + + confirm_box(false, $user->lang('GROUP_CONFIRM_ADD_USERS', sizeof($name_ary), implode($user->lang['COMMA_SEPARATOR'], $name_ary)), build_hidden_fields($s_hidden_fields)); } trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); @@ -1117,5 +1095,3 @@ class ucp_groups $this->tpl_name = 'ucp_groups_' . $mode; } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php new file mode 100644 index 0000000000..27d59c56b7 --- /dev/null +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -0,0 +1,246 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_login_link +* Allows users of external accounts link those accounts to their phpBB accounts +* during an attempted login. +*/ +class ucp_login_link +{ + /** + * @var string + */ + public $u_action; + + /** + * Generates the ucp_login_link page and handles login link process + * + * @param int $id + * @param string $mode + */ + function main($id, $mode) + { + global $phpbb_container, $request, $template, $user; + global $phpbb_root_path, $phpEx; + + // Initialize necessary variables + $login_error = null; + $login_link_error = null; + $login_username = null; + + // Build the data array + $data = $this->get_login_link_data_array(); + + // Ensure the person was sent here with login_link data + if (empty($data)) + { + $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED']; + } + + // Use the auth_provider requested even if different from configured + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); + + // Set the link_method to login_link + $data['link_method'] = 'login_link'; + + // Have the authentication provider check that all necessary data is available + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $login_link_error = $user->lang[$result]; + } + + // Perform link action if there is no error + if (!$login_link_error) + { + if ($request->is_set_post('login')) + { + $login_username = $request->variable('login_username', '', false, \phpbb\request\request_interface::POST); + $login_password = $request->untrimmed_variable('login_password', '', true, \phpbb\request\request_interface::POST); + + $login_result = $auth_provider->login($login_username, $login_password); + + // We only care if there is or is not an error + $login_error = $this->process_login_result($login_result); + + if (!$login_error) + { + // Give the user_id to the data + $data['user_id'] = $login_result['user_row']['user_id']; + + // The user is now logged in, attempt to link the user to the external account + $result = $auth_provider->link_account($data); + + if ($result) + { + $login_link_error = $user->lang[$result]; + } + else + { + // Finish login + $result = $user->session_create($login_result['user_row']['user_id'], false, false, true); + + // Perform a redirect as the account has been linked + $this->perform_redirect(); + } + } + } + } + + $template->assign_vars(array( + // Common template elements + 'LOGIN_LINK_ERROR' => $login_link_error, + 'PASSWORD_CREDENTIAL' => 'login_password', + 'USERNAME_CREDENTIAL' => 'login_username', + 'S_HIDDEN_FIELDS' => $this->get_hidden_fields($data), + + // Registration elements + 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), + + // Login elements + 'LOGIN_ERROR' => $login_error, + 'LOGIN_USERNAME' => $login_username, + )); + + $this->tpl_name = 'ucp_login_link'; + $this->page_title = 'UCP_LOGIN_LINK'; + } + + /** + * Builds the hidden fields string from the data array. + * + * @param array $data This function only includes data in the array + * that has a key that begins with 'login_link_' + * @return string A string of hidden fields that can be included in the + * template + */ + protected function get_hidden_fields($data) + { + $fields = array(); + + foreach ($data as $key => $value) + { + $fields['login_link_' . $key] = $value; + } + + return build_hidden_fields($fields); + } + + /** + * Builds the login_link data array + * + * @return array All login_link data. This is all GET data whose names + * begin with 'login_link_' + */ + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(\phpbb\request\request_interface::GET); + $login_link_data = array(); + $string_start_length = strlen('login_link_'); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $key_name = substr($var_name, $string_start_length); + $login_link_data[$key_name] = $request->variable($var_name, '', false, \phpbb\request\request_interface::GET); + } + } + + return $login_link_data; + } + + /** + * Processes the result array from the login process + * @param array $result The login result array + * @return string|null If there was an error in the process, a string is + * returned. If the login was successful, then null is + * returned. + */ + protected function process_login_result($result) + { + global $config, $request, $template, $user, $phpbb_container; + + $login_error = null; + + if ($result['status'] != LOGIN_SUCCESS) + { + // Handle all errors first + if ($result['status'] == LOGIN_BREAK) + { + trigger_error($result['error_msg']); + } + + switch ($result['status']) + { + case LOGIN_ERROR_ATTEMPTS: + + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_LOGIN); + + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + + $login_error = $user->lang[$result['error_msg']]; + break; + + case LOGIN_ERROR_PASSWORD_CONVERT: + $login_error = sprintf( + $user->lang[$result['error_msg']], + ($config['email_enable']) ? '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') . '">' : '', + ($config['email_enable']) ? '</a>' : '', + ($config['board_contact']) ? '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">' : '', + ($config['board_contact']) ? '</a>' : '' + ); + break; + + // Username, password, etc... + default: + $login_error = $user->lang[$result['error_msg']]; + + // Assign admin contact to some error messages + if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD') + { + $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'); + } + + break; + } + } + + return $login_error; + } + + /** + * Performs a post login redirect + */ + protected function perform_redirect() + { + global $phpbb_root_path, $phpEx; + $url = append_sid($phpbb_root_path . 'index.' . $phpEx); + redirect($url); + } +} diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php index a6f71669ce..a1624e78ec 100644 --- a/phpBB/includes/ucp/ucp_main.php +++ b/phpBB/includes/ucp/ucp_main.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_main * UCP Front Panel -* @package ucp */ class ucp_main { @@ -34,6 +36,7 @@ class ucp_main function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $request; switch ($mode) { @@ -56,39 +59,29 @@ class ucp_main $sql_from .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')'; $sql_select .= ', tt.mark_time'; + + $sql_from .= ' LEFT JOIN ' . FORUMS_TRACK_TABLE . ' ft ON (ft.forum_id = t.forum_id + AND ft.user_id = ' . $user->data['user_id'] . ')'; + $sql_select .= ', ft.mark_time AS forum_mark_time'; } $topic_type = $user->lang['VIEW_TOPIC_GLOBAL']; $folder = 'global_read'; $folder_new = 'global_unread'; - // Get cleaned up list... return only those forums not having the f_read permission - $forum_ary = $auth->acl_getf('!f_read', true); + // Get cleaned up list... return only those forums having the f_read permission + $forum_ary = $auth->acl_getf('f_read', true); $forum_ary = array_unique(array_keys($forum_ary)); - - // Determine first forum the user is able to read into - for global announcement link - $sql = 'SELECT forum_id - FROM ' . FORUMS_TABLE . ' - WHERE forum_type = ' . FORUM_POST; - - if (sizeof($forum_ary)) - { - $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); - } - $result = $db->sql_query_limit($sql, 1); - $g_forum_id = (int) $db->sql_fetchfield('forum_id'); - $db->sql_freeresult($result); - - $sql = "SELECT t.* $sql_select - FROM $sql_from - WHERE t.forum_id = 0 - AND t.topic_type = " . POST_GLOBAL . ' - ORDER BY t.topic_last_post_time DESC'; - $topic_list = $rowset = array(); + // If the user can't see any forums, he can't read any posts because fid of 0 is invalid - if ($g_forum_id) + if (!empty($forum_ary)) { + $sql = "SELECT t.* $sql_select + FROM $sql_from + WHERE t.topic_type = " . POST_GLOBAL . ' + AND ' . $db->sql_in_set('t.forum_id', $forum_ary) . ' + ORDER BY t.topic_last_post_time DESC, t.topic_last_post_id DESC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) @@ -99,15 +92,34 @@ class ucp_main $db->sql_freeresult($result); } - $topic_tracking_info = array(); + $topic_forum_list = array(); + foreach ($rowset as $t_id => $row) + { + if (isset($forum_tracking_info[$row['forum_id']])) + { + $row['forum_mark_time'] = $forum_tracking_info[$row['forum_id']]; + } + + $topic_forum_list[$row['forum_id']]['forum_mark_time'] = ($config['load_db_lastread'] && $user->data['is_registered'] && isset($row['forum_mark_time'])) ? $row['forum_mark_time'] : 0; + $topic_forum_list[$row['forum_id']]['topics'][] = (int) $t_id; + } + + $topic_tracking_info = $tracking_topics = array(); if ($config['load_db_lastread']) { - $topic_tracking_info = get_topic_tracking(0, $topic_list, $rowset, false, $topic_list); + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time'])); + } } else { - $topic_tracking_info = get_complete_topic_tracking(0, $topic_list, $topic_list); + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics']); + } } + unset($topic_forum_list); foreach ($topic_list as $topic_id) { @@ -148,18 +160,18 @@ class ucp_main 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, + 'TOPIC_IMG_STYLE' => $folder_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', '') : '', 'S_USER_POSTED' => (!empty($row['topic_posted']) && $row['topic_posted']) ? true : false, 'S_UNREAD' => $unread_topic, 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), - 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], + 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), - 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&view=unread") . '#unread', - 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id")) + 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id&view=unread") . '#unread', + 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&t=$topic_id")) ); } @@ -180,14 +192,11 @@ class ucp_main $template->assign_vars(array( 'USER_COLOR' => (!empty($user->data['user_colour'])) ? $user->data['user_colour'] : '', 'JOINED' => $user->format_date($user->data['user_regdate']), - 'VISITED' => (empty($last_visit)) ? ' - ' : $user->format_date($last_visit), + 'LAST_ACTIVE' => (empty($last_active)) ? ' - ' : $user->format_date($last_active), 'WARNINGS' => ($user->data['user_warnings']) ? $user->data['user_warnings'] : 0, 'POSTS' => ($user->data['user_posts']) ? $user->data['user_posts'] : 0, - 'POSTS_DAY' => sprintf($user->lang['POST_DAY'], $posts_per_day), - 'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage), - - 'OCCUPATION' => (!empty($row['user_occ'])) ? $row['user_occ'] : '', - 'INTERESTS' => (!empty($row['user_interests'])) ? $row['user_interests'] : '', + 'POSTS_DAY' => $user->lang('POST_DAY', $posts_per_day), + 'POSTS_PCT' => $user->lang('POST_PCT', $percentage), // 'S_GROUP_OPTIONS' => $group_options, @@ -287,7 +296,7 @@ class ucp_main } else { - $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking_topics = $request->variable($config['cookie_name'] . '_track', '', true, \phpbb\request\request_interface::COOKIE); $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); } @@ -334,8 +343,8 @@ class ucp_main $template->assign_block_vars('forumrow', array( 'FORUM_ID' => $forum_id, + 'FORUM_IMG_STYLE' => $folder_image, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), - 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], @@ -348,6 +357,8 @@ class ucp_main 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), + 'S_UNREAD_FORUM' => $unread_forum, + 'U_LAST_POST' => $last_post_url, 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id'])) ); @@ -435,7 +446,7 @@ class ucp_main $edit = (isset($_REQUEST['edit'])) ? true : false; $submit = (isset($_POST['submit'])) ? true : false; - $draft_id = ($edit) ? intval($_REQUEST['edit']) : 0; + $draft_id = $request->variable('edit', 0); $delete = (isset($_POST['delete'])) ? true : false; $s_hidden_fields = ($edit) ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : ''; @@ -611,7 +622,6 @@ class ucp_main break; } - $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_MAIN_' . strtoupper($mode)], @@ -633,10 +643,11 @@ class ucp_main */ function assign_topiclist($mode = 'subscribed', $forbidden_forum_ary = array()) { - global $user, $db, $template, $config, $cache, $auth, $phpbb_root_path, $phpEx; + global $user, $db, $template, $config, $cache, $auth, $phpbb_root_path, $phpEx, $phpbb_container; $table = ($mode == 'subscribed') ? TOPICS_WATCH_TABLE : BOOKMARKS_TABLE; $start = request_var('start', 0); + $pagination = $phpbb_container->get('pagination'); // Grab icons $icons = $cache->obtain_icons(); @@ -660,11 +671,12 @@ class ucp_main if ($topics_count) { + $start = $pagination->validate_start($start, $config['topics_per_page'], $topics_count); + $pagination->generate_template_pagination($this->u_action, 'pagination', 'start', $topics_count, $config['topics_per_page'], $start); + $template->assign_vars(array( - 'PAGINATION' => generate_pagination($this->u_action, $topics_count, $config['topics_per_page'], $start), - 'PAGE_NUMBER' => on_page($topics_count, $config['topics_per_page'], $start), - 'TOTAL_TOPICS' => ($topics_count == 1) ? $user->lang['VIEW_FORUM_TOPIC'] : sprintf($user->lang['VIEW_FORUM_TOPICS'], $topics_count)) - ); + 'TOTAL_TOPICS' => $user->lang('VIEW_FORUM_TOPICS', (int) $topics_count), + )); } if ($mode == 'subscribed') @@ -681,8 +693,7 @@ class ucp_main AND t.topic_id = tw.topic_id AND ' . $db->sql_in_set('t.forum_id', $forbidden_forum_ary, true, true), - - 'ORDER_BY' => 't.topic_last_post_time DESC' + 'ORDER_BY' => 't.topic_last_post_time DESC, t.topic_last_post_id DESC' ); $sql_array['LEFT_JOIN'] = array(); @@ -699,7 +710,7 @@ class ucp_main 'WHERE' => 'b.user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('f.forum_id', $forbidden_forum_ary, true, true), - 'ORDER_BY' => 't.topic_last_post_time DESC' + 'ORDER_BY' => 't.topic_last_post_time DESC, t.topic_last_post_id DESC' ); $sql_array['LEFT_JOIN'] = array(); @@ -747,17 +758,19 @@ class ucp_main { foreach ($topic_forum_list as $f_id => $topic_row) { - $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time']), ($f_id == 0) ? $global_announce_list : false); + $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time'])); } } else { foreach ($topic_forum_list as $f_id => $topic_row) { - $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics'], $global_announce_list); + $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics']); } } + $phpbb_content_visibility = $phpbb_container->get('content.visibility'); + foreach ($topic_list as $topic_id) { $row = &$rowset[$topic_id]; @@ -768,7 +781,7 @@ class ucp_main $unread_topic = (isset($topic_tracking_info[$topic_id]) && $row['topic_last_post_time'] > $topic_tracking_info[$topic_id]) ? true : false; // Replies - $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; + $replies = $phpbb_content_visibility->get_count('topic_posts', $row, $forum_id) - 1; if ($row['topic_status'] == ITEM_MOVED && !empty($row['topic_moved_id'])) { @@ -802,17 +815,15 @@ class ucp_main 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'S_DELETED_TOPIC' => (!$row['topic_id']) ? true : false, - 'S_GLOBAL_TOPIC' => (!$forum_id) ? true : false, - 'PAGINATION' => topic_generate_pagination($replies, append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . (($row['forum_id']) ? $row['forum_id'] : $forum_id) . "&t=$topic_id")), 'REPLIES' => $replies, 'VIEWS' => $row['topic_views'], 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'FORUM_NAME' => $row['forum_name'], + 'TOPIC_IMG_STYLE' => $folder_img, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'TOPIC_FOLDER_IMG_ALT' => $user->lang[$folder_alt], 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', 'TOPIC_ICON_IMG_WIDTH' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '', @@ -828,8 +839,8 @@ class ucp_main 'U_VIEW_TOPIC' => $view_topic_url, 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id), )); + + $pagination->generate_template_pagination(append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $row['forum_id'] . "&t=$topic_id"), 'topicrow.pagination', 'start', $replies + 1, $config['posts_per_page'], 1, true, true); } } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_notifications.php b/phpBB/includes/ucp/ucp_notifications.php new file mode 100644 index 0000000000..b0aeaba227 --- /dev/null +++ b/phpBB/includes/ucp/ucp_notifications.php @@ -0,0 +1,239 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +class ucp_notifications +{ + public $u_action; + + public function main($id, $mode) + { + global $config, $template, $user, $request, $phpbb_container; + global $phpbb_root_path, $phpEx; + + add_form_key('ucp_notification'); + + $start = $request->variable('start', 0); + $form_time = $request->variable('form_time', 0); + $form_time = ($form_time <= 0 || $form_time > time()) ? time() : $form_time; + + $phpbb_notifications = $phpbb_container->get('notification_manager'); + $pagination = $phpbb_container->get('pagination'); + + switch ($mode) + { + case 'notification_options': + $subscriptions = $phpbb_notifications->get_global_subscriptions(false); + + // Add/remove subscriptions + if ($request->is_set_post('submit')) + { + if (!check_form_key('ucp_notification')) + { + trigger_error('FORM_INVALID'); + } + + $notification_methods = $phpbb_notifications->get_subscription_methods(); + + foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + { + foreach($subscription_types as $type => $data) + { + foreach($notification_methods as $method => $method_data) + { + if ($request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && (!isset($subscriptions[$type]) || !in_array($method_data['id'], $subscriptions[$type]))) + { + $phpbb_notifications->add_subscription($type, 0, $method_data['id']); + } + else if (!$request->is_set_post(str_replace('.', '_', $type . '_' . $method_data['id'])) && isset($subscriptions[$type]) && in_array($method_data['id'], $subscriptions[$type])) + { + $phpbb_notifications->delete_subscription($type, 0, $method_data['id']); + } + } + + if ($request->is_set_post(str_replace('.', '_', $type) . '_notification') && !isset($subscriptions[$type])) + { + $phpbb_notifications->add_subscription($type); + } + else if (!$request->is_set_post(str_replace('.', '_', $type) . '_notification') && isset($subscriptions[$type])) + { + $phpbb_notifications->delete_subscription($type); + } + } + } + + meta_refresh(3, $this->u_action); + $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + + $this->output_notification_methods($phpbb_notifications, $template, $user, 'notification_methods'); + + $this->output_notification_types($subscriptions, $phpbb_notifications, $template, $user, 'notification_types'); + + $this->tpl_name = 'ucp_notifications'; + $this->page_title = 'UCP_NOTIFICATION_OPTIONS'; + break; + + case 'notification_list': + default: + // Mark all items read + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_notifications_read')) + { + $phpbb_notifications->mark_notifications_read(false, false, $user->data['user_id'], $form_time); + + meta_refresh(3, $this->u_action); + $message = $user->lang['NOTIFICATIONS_MARK_ALL_READ_SUCCESS']; + + if ($request->is_ajax()) + { + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); + } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); + } + + // Mark specific notifications read + if ($request->is_set_post('submit')) + { + if (!check_form_key('ucp_notification')) + { + trigger_error('FORM_INVALID'); + } + + $mark_read = $request->variable('mark', array(0)); + + if (!empty($mark_read)) + { + $phpbb_notifications->mark_notifications_read_by_id($mark_read, $form_time); + } + } + + $notifications = $phpbb_notifications->load_notifications(array( + 'start' => $start, + 'limit' => $config['topics_per_page'], + 'count_total' => true, + )); + + foreach ($notifications['notifications'] as $notification) + { + $template->assign_block_vars('notification_list', $notification->prepare_for_display()); + } + + $base_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=ucp_notifications&mode=notification_list"); + $start = $pagination->validate_start($start, $config['topics_per_page'], $notifications['total_count']); + $pagination->generate_template_pagination($base_url, 'pagination', 'start', $notifications['total_count'], $config['topics_per_page'], $start); + + $template->assign_vars(array( + 'TOTAL_COUNT' => $notifications['total_count'], + 'U_MARK_ALL' => $base_url . '&mark=all&token=' . generate_link_hash('mark_all_notifications_read'), + )); + + $this->tpl_name = 'ucp_notifications'; + $this->page_title = 'UCP_NOTIFICATION_LIST'; + break; + } + + $template->assign_vars(array( + 'TITLE' => $user->lang($this->page_title), + 'TITLE_EXPLAIN' => $user->lang($this->page_title . '_EXPLAIN'), + + 'MODE' => $mode, + + 'FORM_TIME' => time(), + )); + } + + /** + * Output all the notification types to the template + * + * @param array $subscriptions Array containing global subscriptions + * @param \phpbb\notification\manager $phpbb_notifications + * @param \phpbb\template\template $template + * @param \phpbb\user $user + * @param string $block + */ + public function output_notification_types($subscriptions, \phpbb\notification\manager $phpbb_notifications, \phpbb\template\template $template, \phpbb\user $user, $block = 'notification_types') + { + $notification_methods = $phpbb_notifications->get_subscription_methods(); + + foreach($phpbb_notifications->get_subscription_types() as $group => $subscription_types) + { + $template->assign_block_vars($block, array( + 'GROUP_NAME' => $user->lang($group), + )); + + foreach($subscription_types as $type => $data) + { + $template->assign_block_vars($block, array( + 'TYPE' => $type, + + 'NAME' => $user->lang($data['lang']), + 'EXPLAIN' => (isset($user->lang[$data['lang'] . '_EXPLAIN'])) ? $user->lang($data['lang'] . '_EXPLAIN') : '', + + 'SUBSCRIBED' => (isset($subscriptions[$type])) ? true : false, + )); + + foreach($notification_methods as $method => $method_data) + { + $template->assign_block_vars($block . '.notification_methods', array( + 'METHOD' => $method_data['id'], + + 'NAME' => $user->lang($method_data['lang']), + + 'SUBSCRIBED' => (isset($subscriptions[$type]) && in_array($method_data['id'], $subscriptions[$type])) ? true : false, + )); + } + } + } + + $template->assign_vars(array( + strtoupper($block) . '_COLS' => sizeof($notification_methods) + 2, + )); + } + + /** + * Output all the notification methods to the template + * + * @param \phpbb\notification\manager $phpbb_notifications + * @param \phpbb\template\template $template + * @param \phpbb\user $user + * @param string $block + */ + public function output_notification_methods(\phpbb\notification\manager $phpbb_notifications, \phpbb\template\template $template, \phpbb\user $user, $block = 'notification_methods') + { + $notification_methods = $phpbb_notifications->get_subscription_methods(); + + foreach($notification_methods as $method => $method_data) + { + $template->assign_block_vars($block, array( + 'METHOD' => $method_data['id'], + + 'NAME' => $user->lang($method_data['lang']), + )); + } + } +} diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 447b6ebe87..425a56cf6c 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -1,9 +1,13 @@ <?php /** -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -34,8 +38,6 @@ if (!defined('IN_PHPBB')) * Quoting a post (action=quotepost&p=[post_id]) * Quoting a PM (action=quote&p=[msg_id]) * Forwarding a PM (action=forward&p=[msg_id]) -* -* @package ucp */ class ucp_pm { @@ -43,7 +45,7 @@ class ucp_pm function main($id, $mode) { - global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config; + global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request; if (!$user->data['is_registered']) { @@ -84,33 +86,6 @@ class ucp_pm switch ($mode) { - // New private messages popup - case 'popup': - - $l_new_message = ''; - if ($user->data['is_registered']) - { - if ($user->data['user_new_privmsg']) - { - $l_new_message = ($user->data['user_new_privmsg'] == 1) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS']; - } - else - { - $l_new_message = $user->lang['YOU_NO_NEW_PM']; - } - } - - $template->assign_vars(array( - 'MESSAGE' => $l_new_message, - 'S_NOT_LOGGED_IN' => ($user->data['user_id'] == ANONYMOUS) ? true : false, - 'CLICK_TO_VIEW' => sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox') . '" onclick="jump_to_inbox(this.href); return false;">', '</a>'), - 'U_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), - 'UA_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false)) - ); - - $tpl_file = 'ucp_pm_popup'; - break; - // Compose message case 'compose': $action = request_var('action', 'post'); @@ -200,7 +175,6 @@ class ucp_pm trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } - // First Handle Mark actions and moving messages $submit_mark = (isset($_POST['submit_mark'])) ? true : false; $move_pm = (isset($_POST['move_pm'])) ? true : false; @@ -272,6 +246,27 @@ class ucp_pm $folder_id = (int) $row['folder_id']; } + if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) + { + mark_folder_read($user->data['user_id'], $folder_id); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PM_MARK_ALL_READ_SUCCESS']; + + if ($request->is_ajax()) + { + $json_response = new \phpbb\json_response(); + $json_response->send(array( + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'success' => true, + )); + } + $message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>'); + + trigger_error($message); + } + $message_row = array(); if ($action == 'view_message' && $msg_id) { @@ -345,8 +340,8 @@ class ucp_pm 'NUM_NOT_MOVED' => $num_not_moved, 'NUM_REMOVED' => $num_removed, 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'), - 'NOT_MOVED_MESSAGES' => ($num_not_moved == 1) ? $user->lang['NOT_MOVED_MESSAGE'] : sprintf($user->lang['NOT_MOVED_MESSAGES'], $num_not_moved), - 'RULE_REMOVED_MESSAGES' => ($num_removed == 1) ? $user->lang['RULE_REMOVED_MESSAGE'] : sprintf($user->lang['RULE_REMOVED_MESSAGES'], $num_removed), + 'NOT_MOVED_MESSAGES' => $user->lang('NOT_MOVED_MESSAGES', (int) $num_not_moved), + 'RULE_REMOVED_MESSAGES' => $user->lang('RULE_REMOVED_MESSAGES', (int) $num_removed), 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, @@ -358,6 +353,7 @@ class ucp_pm 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, + 'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'), 'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false, 'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false, @@ -380,9 +376,10 @@ class ucp_pm else if ($action == 'view_message') { $template->assign_vars(array( - 'S_VIEW_MESSAGE' => true, - 'MSG_ID' => $msg_id) - ); + 'S_VIEW_MESSAGE' => true, + 'L_RETURN_TO_FOLDER' => $user->lang('RETURN_TO', $folder_status['folder_name']), + 'MSG_ID' => $msg_id, + )); if (!$msg_id) { @@ -412,5 +409,3 @@ class ucp_pm $this->page_title = 'UCP_PM_' . strtoupper($mode); } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php index d7509a1072..f3b59186a6 100644 --- a/phpBB/includes/ucp/ucp_pm_compose.php +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -22,8 +25,9 @@ if (!defined('IN_PHPBB')) */ function compose_pm($id, $mode, $action, $user_folders = array()) { - global $template, $db, $auth, $user; + global $template, $db, $auth, $user, $cache; global $phpbb_root_path, $phpEx, $config; + global $request, $phpbb_dispatcher, $phpbb_container; // Damn php and globals - i know, this is horrible // Needed for handle_message_list_actions() @@ -49,13 +53,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) // Reply to all triggered (quote/reply) $reply_to_all = request_var('reply_to_all', 0); - // Do NOT use request_var or specialchars here - $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array(); - - if (!is_array($address_list)) - { - $address_list = array(); - } + $address_list = $request->variable('address_list', array('' => array(0 => ''))); $submit = (isset($_POST['post'])) ? true : false; $preview = (isset($_POST['preview'])) ? true : false; @@ -234,6 +232,42 @@ function compose_pm($id, $mode, $action, $user_folders = array()) if ($sql) { + /** + * Alter sql query to get message for user to write the PM + * + * @event core.ucp_pm_compose_compose_pm_basic_info_query_before + * @var string sql String with the query to be executed + * @var array forum_list List of forums that contain the posts + * @var int visibility_const Integer with one of the possible ITEM_* constant values + * @var int msg_id topic_id in the page request + * @var int to_user_id The id of whom the message is to + * @var int to_group_id The id of the group whom the message is to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete Whether the user is deleting the PM + * @var int reply_to_all Value of reply_to_all request variable. + * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) + * @var string sort_order_sql String with the ORDER BY SQL code used in this query + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'forum_list', + 'visibility_const', + 'msg_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + 'limit_time_sql', + 'sort_order_sql', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars))); + $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -268,6 +302,40 @@ function compose_pm($id, $mode, $action, $user_folders = array()) trigger_error('NOT_AUTHORISED'); } + /** + * Get the result of querying for the post to be quoted in the pm message + * + * @event core.ucp_pm_compose_quotepost_query_after + * @var string sql The original SQL used in the query + * @var array post Associative array with the data of the quoted post + * @var array msg_id The post_id that was searched to get the message for quoting + * @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values) + * @var int topic_id Topic ID of the quoted post + * @var int to_user_id Users the message is sent to + * @var int to_group_id Groups the message is sent to + * @var bool submit Whether the user is sending the PM or not + * @var bool preview Whether the user is previewing the PM or not + * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies + * @var bool delete If deleting message + * @var int reply_to_all Value of reply_to_all request variable. + * @since 3.1.0-RC5 + */ + $vars = array( + 'sql', + 'post', + 'msg_id', + 'visibility_const', + 'topic_id', + 'to_user_id', + 'to_group_id', + 'submit', + 'preview', + 'action', + 'delete', + 'reply_to_all', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars))); + // Passworded forum? if ($post['forum_id']) { @@ -391,6 +459,8 @@ function compose_pm($id, $mode, $action, $user_folders = array()) } $message_parser = new parse_message(); + $plupload = $phpbb_container->get('plupload'); + $message_parser->set_plupload($plupload); $message_parser->message = ($action == 'reply') ? '' : $message_text; unset($message_text); @@ -495,7 +565,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') { // Do not change to SELECT * - $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename + $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $msg_id AND in_message = 1 @@ -589,7 +659,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) ); $s_hidden_fields .= build_address_field($address_list); - confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); } } @@ -751,7 +820,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $return_box_url = ($action === 'post' || $action === 'edit') ? $outbox_folder_url : $inbox_folder_url; $return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX'; - $save_message = ($action === 'edit') ? $user->lang['MESSAGE_EDITED'] : $user->lang['MESSAGE_STORED']; $message = $save_message . '<br /><br />' . $user->lang('VIEW_PRIVATE_MESSAGE', '<a href="' . $return_message_url . '">', '</a>'); @@ -841,11 +909,11 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $post_id = request_var('p', 0); if ($config['allow_post_links']) { - $message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}: {$message_subject}[/url]\n\n"; + $message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}{$user->lang['COLON']} {$message_subject}[/url]\n\n"; } else { - $message_link = $user->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n"; + $message_link = $user->lang['SUBJECT'] . $user->lang['COLON'] . ' ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n"; } } else @@ -878,7 +946,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject)); $forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time, false, true)); $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text); - $forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to'])); + $forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to'])); $message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; $message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject); @@ -1009,7 +1077,6 @@ function compose_pm($id, $mode, $action, $user_folders = array()) // Build hidden address list $s_hidden_address_field = build_address_field($address_list); - $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1); $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1); $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; @@ -1048,7 +1115,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= (isset($check_value)) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : ''; - $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : ''; + $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? $request->variable('draft_loaded', 0) : $draft_id) . '" />' : ''; $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"'; @@ -1056,7 +1123,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) $template->assign_vars(array( 'L_POST_A' => $page_title, 'L_ICON' => $user->lang['PM_ICON'], - 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', + 'L_MESSAGE_BODY_EXPLAIN' => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']), 'SUBJECT' => (isset($message_subject)) ? $message_subject : '', 'MESSAGE' => $message_text, @@ -1084,6 +1151,7 @@ function compose_pm($id, $mode, $action, $user_folders = array()) 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $action != 'edit') ? true : false, 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts), 'S_FORM_ENCTYPE' => $form_enctype, + 'S_ATTACH_DATA' => json_encode($message_parser->attachment_data), 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_FLASH' => $flash_status, @@ -1105,6 +1173,12 @@ function compose_pm($id, $mode, $action, $user_folders = array()) // Show attachment box for adding attachments if true $allowed = ($auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype); + if ($allowed) + { + $max_files = ($auth->acl_gets('a_', 'm_')) ? 0 : (int) $config['max_attachments_pm']; + $plupload->configure($cache, $template, $s_action, false, $max_files); + } + // Attachment entry posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); @@ -1124,11 +1198,12 @@ function compose_pm($id, $mode, $action, $user_folders = array()) function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc) { global $auth, $db, $user; + global $request; // Delete User [TO/BCC] - if ($remove_u && !empty($_REQUEST['remove_u']) && is_array($_REQUEST['remove_u'])) + if ($remove_u && $request->variable('remove_u', array(0 => ''))) { - $remove_user_id = array_keys($_REQUEST['remove_u']); + $remove_user_id = array_keys($request->variable('remove_u', array(0 => ''))); if (isset($remove_user_id[0])) { @@ -1137,9 +1212,9 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove } // Delete Group [TO/BCC] - if ($remove_g && !empty($_REQUEST['remove_g']) && is_array($_REQUEST['remove_g'])) + if ($remove_g && $request->variable('remove_g', array(0 => ''))) { - $remove_group_id = array_keys($_REQUEST['remove_g']); + $remove_group_id = array_keys($request->variable('remove_g', array(0 => ''))); if (isset($remove_group_id[0])) { @@ -1207,7 +1282,7 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove } // Add Friends if specified - $friend_list = (isset($_REQUEST['add_' . $type]) && is_array($_REQUEST['add_' . $type])) ? array_map('intval', array_keys($_REQUEST['add_' . $type])) : array(); + $friend_list = array_keys($request->variable('add_' . $type, array(0))); $user_id_ary = array_merge($user_id_ary, $friend_list); foreach ($user_id_ary as $user_id) @@ -1224,29 +1299,80 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove // Check for disallowed recipients if (!empty($address_list['u'])) { - // We need to check their PM status (do they want to receive PM's?) - // Only check if not a moderator or admin, since they are allowed to override this user setting - if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) + $can_ignore_allow_pm = $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'); + + // Administrator deactivated users check and we need to check their + // PM status (do they want to receive PM's?) + // Only check PM status if not a moderator or admin, since they + // are allowed to override this user setting + $sql = 'SELECT user_id, user_allow_pm + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' + AND ( + (user_type = ' . USER_INACTIVE . ' + AND user_inactive_reason = ' . INACTIVE_MANUAL . ') + ' . ($can_ignore_allow_pm ? '' : ' OR user_allow_pm = 0') . ' + )'; + + $result = $db->sql_query($sql); + + $removed_no_pm = $removed_no_permission = false; + while ($row = $db->sql_fetchrow($result)) { - $sql = 'SELECT user_id - FROM ' . USERS_TABLE . ' - WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' - AND user_allow_pm = 0'; - $result = $db->sql_query($sql); + if (!$can_ignore_allow_pm && !$row['user_allow_pm']) + { + $removed_no_pm = true; + } + else + { + $removed_no_permission = true; + } - $removed = false; - while ($row = $db->sql_fetchrow($result)) + unset($address_list['u'][$row['user_id']]); + } + $db->sql_freeresult($result); + + // print a notice about users not being added who do not want to receive pms + if ($removed_no_pm) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + } + + // print a notice about users not being added who do not have permission to receive PMs + if ($removed_no_permission) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + if (!sizeof(array_keys($address_list['u']))) + { + return; + } + + // Check if users have permission to read PMs + $can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm'); + $can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm']; + $cannot_read_list = array_diff(array_keys($address_list['u']), $can_read); + if (!empty($cannot_read_list)) + { + foreach ($cannot_read_list as $cannot_read) { - $removed = true; - unset($address_list['u'][$row['user_id']]); + unset($address_list['u'][$cannot_read]); } - $db->sql_freeresult($result); - // print a notice about users not being added who do not want to receive pms - if ($removed) + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; + } + + // Check if users are banned + $banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false); + if (!empty($banned_user_list)) + { + foreach ($banned_user_list as $banned_user) { - $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + unset($address_list['u'][$banned_user]); } + + $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION']; } } } @@ -1305,5 +1431,3 @@ function get_recipients($address_list, $num_recipients = 1) return $recipient; } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php index efa390ed87..d1fc9d2c62 100644 --- a/phpBB/includes/ucp/ucp_pm_options.php +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -29,7 +32,11 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit // Change "full folder" setting - what to do if folder is full if (isset($_POST['fullfolder'])) { - check_form_key('ucp_pm_options', $config['form_token_lifetime'], $redirect_url); + if (!check_form_key('ucp_pm_options')) + { + trigger_error('FORM_INVALID'); + } + $full_action = request_var('full_action', 0); $set_folder_id = 0; @@ -66,7 +73,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit trigger_error($message); } } - + // Add Folder if (isset($_POST['addfolder'])) { @@ -227,11 +234,11 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit // Move Messages case 1: $num_moved = move_pm($user->data['user_id'], $user->data['message_limit'], $msg_ids, $move_to, $remove_folder_id); - + // Something went wrong, only partially moved? if ($num_moved != $folder_row['pm_count']) { - trigger_error(sprintf($user->lang['MOVE_PM_ERROR'], $num_moved, $folder_row['pm_count'])); + trigger_error($user->lang('MOVE_PM_ERROR', $user->lang('MESSAGES_COUNT', (int) $folder_row['pm_count']), $num_moved)); } break; @@ -419,10 +426,10 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $result = $db->sql_query($sql); $num_messages = (int) $db->sql_fetchfield('num_messages'); $db->sql_freeresult($result); - + $folder[PRIVMSGS_INBOX] = array( 'folder_name' => $user->lang['PM_INBOX'], - 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $num_messages, $user->data['message_limit']) + 'message_status' => $user->lang('FOLDER_MESSAGE_STATUS', $user->lang('MESSAGES_COUNT', (int) $user->data['message_limit']), $num_messages), ); $sql = 'SELECT folder_id, folder_name, pm_count @@ -436,7 +443,7 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit $num_user_folder++; $folder[$row['folder_id']] = array( 'folder_name' => $row['folder_name'], - 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $row['pm_count'], $user->data['message_limit']) + 'message_status' => $user->lang('FOLDER_MESSAGE_STATUS', $user->lang('MESSAGES_COUNT', (int) $user->data['message_limit']), (int) $row['pm_count']), ); } $db->sql_freeresult($result); @@ -692,7 +699,7 @@ function define_rule_option($hardcoded, $rule_option, $rule_lang, $check_ary) function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule_conditions) { global $db, $template, $auth, $user; - + $template->assign_vars(array( 'S_COND_DEFINED' => true, 'S_COND_SELECT' => (!$hardcoded && isset($global_rule_conditions[$rule_option])) ? true : false) @@ -716,7 +723,7 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule { case 'text': $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); - + $template->assign_vars(array( 'S_TEXT_CONDITION' => true, 'CURRENT_STRING' => $rule_string, @@ -730,7 +737,7 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule case 'user': $rule_user_id = request_var('rule_user_id', 0); $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); - + if ($rule_string && !$rule_user_id) { $sql = 'SELECT user_id @@ -792,10 +799,10 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule { $sql .= 'WHERE'; } - - $sql .= " (g.group_name NOT IN ('GUESTS', 'BOTS') OR g.group_type <> " . GROUP_SPECIAL . ') + + $sql .= " (g.group_name NOT IN ('GUESTS', 'BOTS') OR g.group_type <> " . GROUP_SPECIAL . ') ORDER BY g.group_type DESC, g.group_name ASC'; - + $result = $db->sql_query($sql); $s_group_options = ''; @@ -808,7 +815,7 @@ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule $s_class = ($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : ''; $s_selected = ($row['group_id'] == $rule_group_id) ? ' selected="selected"' : ''; - + $s_group_options .= '<option value="' . $row['group_id'] . '"' . $s_class . $s_selected . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); @@ -846,7 +853,7 @@ function show_defined_rules($user_id, $check_lang, $rule_lang, $action_lang, $fo WHERE user_id = ' . $user_id . ' ORDER BY rule_id ASC'; $result = $db->sql_query($sql); - + $count = 0; while ($row = $db->sql_fetchrow($result)) { @@ -862,5 +869,3 @@ function show_defined_rules($user_id, $check_lang, $rule_lang, $action_lang, $fo } $db->sql_freeresult($result); } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php index bd7bf89854..19acd9ecb9 100644 --- a/phpBB/includes/ucp/ucp_pm_viewfolder.php +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -165,7 +168,7 @@ function view_folder($id, $mode, $folder_id, $folder) 'PM_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '<img src="' . $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] . '" width="' . $icons[$row['icon_id']]['width'] . '" height="' . $icons[$row['icon_id']]['height'] . '" alt="" title="" />' : '', 'PM_ICON_URL' => (!empty($icons[$row['icon_id']])) ? $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] : '', 'FOLDER_IMG' => $user->img($folder_img, $folder_alt), - 'FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), + 'FOLDER_IMG_STYLE' => $folder_img, 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', @@ -177,7 +180,7 @@ function view_folder($id, $mode, $folder_id, $folder) 'U_VIEW_PM' => ($row['pm_deleted']) ? '' : $view_message_url, 'U_REMOVE_PM' => ($row['pm_deleted']) ? $remove_message_url : '', 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $row['report_id']) : '', - 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode(', ', $address_list[$message_id]) : '') + 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode($user->lang['COMMA_SEPARATOR'], $address_list[$message_id]) : '') ); } unset($folder_info['rowset']); @@ -267,10 +270,10 @@ function view_folder($id, $mode, $folder_id, $folder) } } - // There is the chance that all recipients of the message got deleted. To avoid creating + // There is the chance that all recipients of the message got deleted. To avoid creating // exports without recipients, we add a bogus "undisclosed recipient". - if (!(isset($address[$message_id]['g']) && sizeof($address[$message_id]['g'])) && - !(isset($address[$message_id]['u']) && sizeof($address[$message_id]['u']))) + if (!(isset($address[$message_id]['g']) && sizeof($address[$message_id]['g'])) && + !(isset($address[$message_id]['u']) && sizeof($address[$message_id]['u']))) { $address[$message_id]['u'] = array(); $address[$message_id]['u']['to'] = array(); @@ -278,12 +281,12 @@ function view_folder($id, $mode, $folder_id, $folder) } decode_message($message_row['message_text'], $message_row['bbcode_uid']); - + $data[] = array( 'subject' => censor_text($row['message_subject']), 'sender' => $row['username'], // ISO 8601 date. For PHP4 we are able to hardcode the timezone because $user->format_date() does not set it. - 'date' => $user->format_date($row['message_time'], (PHP_VERSION >= 5) ? 'c' : "Y-m-d\TH:i:s+00:00", true), + 'date' => $user->format_date($row['message_time'], 'c', true), 'to' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? $address[$message_id] : '', 'message' => $message_row['message_text'] ); @@ -380,7 +383,7 @@ function view_folder($id, $mode, $folder_id, $folder) break; } - header('Pragma: no-cache'); + header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"data.$filetype\""); header("Content-disposition: attachment; filename=data.$filetype"); echo $string; @@ -394,7 +397,7 @@ function view_folder($id, $mode, $folder_id, $folder) */ function get_pm_from($folder_id, $folder, $user_id) { - global $user, $db, $template, $config, $auth, $phpbb_root_path, $phpEx; + global $user, $db, $template, $config, $auth, $phpbb_container, $phpbb_root_path, $phpEx; $start = request_var('start', 0); @@ -403,6 +406,8 @@ function get_pm_from($folder_id, $folder, $user_id) $sort_key = request_var('sk', 't'); $sort_dir = request_var('sd', 'd'); + $pagination = $phpbb_container->get('pagination'); + // PM ordering options $limit_days = array(0 => $user->lang['ALL_MESSAGES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); @@ -452,10 +457,12 @@ function get_pm_from($folder_id, $folder, $user_id) $sql_limit_time = ''; } + $base_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id&$u_sort_param"); + $start = $pagination->validate_start($start, $config['topics_per_page'], $pm_count); + $pagination->generate_template_pagination($base_url, 'pagination', 'start', $pm_count, $config['topics_per_page'], $start); + $template->assign_vars(array( - 'PAGINATION' => generate_pagination(append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id&$u_sort_param"), $pm_count, $config['topics_per_page'], $start), - 'PAGE_NUMBER' => on_page($pm_count, $config['topics_per_page'], $start), - 'TOTAL_MESSAGES' => (($pm_count == 1) ? $user->lang['VIEW_PM_MESSAGE'] : sprintf($user->lang['VIEW_PM_MESSAGES'], $pm_count)), + 'TOTAL_MESSAGES' => $user->lang('VIEW_PM_MESSAGES', (int) $pm_count), 'POST_IMG' => (!$auth->acl_get('u_sendpm')) ? $user->img('button_topic_locked', 'POST_PM_LOCKED') : $user->img('button_pm_new', 'POST_NEW_PM'), @@ -480,14 +487,10 @@ function get_pm_from($folder_id, $folder, $user_id) { $store_reverse = true; - if ($start + $config['topics_per_page'] > $pm_count) - { - $sql_limit = min($config['topics_per_page'], max(1, $pm_count - $start)); - } - // Select the sort order $direction = ($sort_dir == 'd') ? 'ASC' : 'DESC'; - $sql_start = max(0, $pm_count - $sql_limit - $start); + $sql_limit = $pagination->reverse_limit($start, $sql_limit, $pm_count); + $sql_start = $pagination->reverse_start($start, $sql_limit, $pm_count); } else { @@ -552,5 +555,3 @@ function get_pm_from($folder_id, $folder, $user_id) 'rowset' => $rowset ); } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php index 82a095dd9c..888c2e6825 100644 --- a/phpBB/includes/ucp/ucp_pm_viewmessage.php +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -21,8 +24,8 @@ if (!defined('IN_PHPBB')) */ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) { - global $user, $template, $auth, $db, $cache; - global $phpbb_root_path, $phpEx, $config; + global $user, $template, $auth, $db, $cache, $phpbb_container; + global $phpbb_root_path, $request, $phpEx, $config, $phpbb_dispatcher; $user->add_lang(array('viewtopic', 'memberlist')); @@ -59,23 +62,22 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) $bbcode = new bbcode($message_row['bbcode_bitfield']); } + // Load the custom profile fields + if ($config['load_cpf_pm']) + { + $cp = $phpbb_container->get('profilefields.manager'); + + $profile_fields = $cp->grab_profile_fields_data($author_id); + } + // Assign TO/BCC Addresses to template write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id); $user_info = get_user_information($author_id, $message_row); // Parse the message and subject - $message = censor_text($message_row['message_text']); - - // Second parse bbcode here - if ($message_row['bbcode_bitfield']) - { - $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']); - } - - // Always process smilies after parsing bbcodes - $message = bbcode_nl2br($message); - $message = smiley_text($message); + $parse_flags = ($message_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $message = generate_text_for_display($message_row['message_text'], $message_row['bbcode_uid'], $message_row['bbcode_bitfield'], $parse_flags, true); // Replace naughty words such as farty pants $message_row['message_subject'] = censor_text($message_row['message_subject']); @@ -83,8 +85,16 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) // Editing information if ($message_row['message_edit_count'] && $config['display_last_edited']) { - $l_edit_time_total = ($message_row['message_edit_count'] == 1) ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL']; - $l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, (!$message_row['message_edit_user']) ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time'], false, true), $message_row['message_edit_count']); + if (!$message_row['message_edit_user']) + { + $display_username = get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour']); + } + else + { + $edit_user_info = get_user_information($message_row['message_edit_user'], false); + $display_username = get_username_string('full', $message_row['message_edit_user'], $edit_user_info['username'], $edit_user_info['user_colour']); + } + $l_edited_by = '<br /><br />' . $user->lang('EDITED_TIMES_TOTAL', (int) $message_row['message_edit_count'], $display_username, $user->format_date($message_row['message_edit_time'], false, true)); } else { @@ -150,31 +160,49 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) // End signature parsing, only if needed if ($signature) { - $signature = censor_text($signature); + $parse_flags = ($user_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; + $signature = generate_text_for_display($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield'], $parse_flags, true); + } + + $url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'); + + // Number of "to" recipients + $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match); + + $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; - if ($user_info['user_sig_bbcode_bitfield']) + // Get the profile fields template data + $cp_row = array(); + if ($config['load_cpf_pm'] && isset($profile_fields[$author_id])) + { + // Filter the fields we don't want to show + foreach ($profile_fields[$author_id] as $used_ident => $profile_field) { - if ($bbcode === false) + if (!$profile_field['data']['field_show_on_pm']) { - include($phpbb_root_path . 'includes/bbcode.' . $phpEx); - $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']); + unset($profile_fields[$author_id][$used_ident]); } - - $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']); } - $signature = bbcode_nl2br($signature); - $signature = smiley_text($signature); + if (isset($profile_fields[$author_id])) + { + $cp_row = $cp->generate_profile_fields_template_data($profile_fields[$author_id]); + } } - $url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'); + $u_pm = $u_jabber = ''; - // Number of "to" recipients - $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match); + if ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) + { + $u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id); + } - $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; + if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) + { + $u_jabber = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id); + } - $template->assign_vars(array( + $msg_data = array( 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), @@ -185,7 +213,8 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], - 'AUTHOR_FROM' => (!empty($user_info['user_from'])) ? $user_info['user_from'] : '', + 'U_AUTHOR_POSTS' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$author_id&sr=posts") : '', + 'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])), 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => (!$config['load_onlinetrack']) ? false : ((isset($user_info['online']) && $user_info['online']) ? true : false), @@ -206,13 +235,8 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], - 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id) : '', - 'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '', - 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/' . urlencode($user_info['user_icq']) . '/' : '', - 'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $author_id) : '', - 'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', - 'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $author_id) : '', - 'U_JABBER' => ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id) : '', + 'U_PM' => $u_pm, + 'U_JABBER' => $u_jabber, 'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], @@ -232,11 +256,86 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, + 'S_CUSTOM_FIELDS' => (!empty($cp_row['row'])) ? true : false, 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '', - 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '') + 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '', + ); + + /** + * Modify pm and sender data before it is assigned to the template + * + * @event core.ucp_pm_view_messsage + * @var mixed id Active module category (can be int or string) + * @var string mode Active module + * @var int folder_id ID of the folder the message is in + * @var int msg_id ID of the private message + * @var array folder Array with data of user's message folders + * @var array message_row Array with message data + * @var array cp_row Array with senders custom profile field data + * @var array msg_data Template array with message data + * @since 3.1.0-a1 + */ + $vars = array( + 'id', + 'mode', + 'folder_id', + 'msg_id', + 'folder', + 'message_row', + 'cp_row', + 'msg_data', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars))); + + $template->assign_vars($msg_data); + + $contact_fields = array( + array( + 'ID' => 'pm', + 'NAME' => $user->lang['SEND_PRIVATE_MESSAGE'], + 'U_CONTACT' => $u_pm, + ), + array( + 'ID' => 'email', + 'NAME' => $user->lang['SEND_EMAIL'], + 'U_CONTACT' => $user_info['email'], + ), + array( + 'ID' => 'jabber', + 'NAME' => $user->lang['JABBER'], + 'U_CONTACT' => $u_jabber, + ), ); + foreach ($contact_fields as $field) + { + if ($field['U_CONTACT']) + { + $template->assign_block_vars('contact', $field); + } + } + + // Display the custom profile fields + if (!empty($cp_row['row'])) + { + $template->assign_vars($cp_row['row']); + + foreach ($cp_row['blockrow'] as $cp_block_row) + { + $template->assign_block_vars('custom_fields', $cp_block_row); + + if ($cp_block_row['S_PROFILE_CONTACT']) + { + $template->assign_block_vars('contact', array( + 'ID' => $cp_block_row['PROFILE_FIELD_IDENT'], + 'NAME' => $cp_block_row['PROFILE_FIELD_NAME'], + 'U_CONTACT' => $cp_block_row['PROFILE_FIELD_CONTACT'], + )); + } + } + } + // Display not already displayed Attachments for this post, we already parsed them. ;) if (isset($attachments) && sizeof($attachments)) { @@ -248,7 +347,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) } } - if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') + if (!isset($_REQUEST['view']) || $request->variable('view', '') != 'print') { // Message History if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) @@ -303,14 +402,17 @@ function get_user_information($user_id, $user_row) } } - if (!function_exists('get_user_avatar')) + $user_row['avatar'] = ($user->optionget('viewavatars')) ? phpbb_get_user_avatar($user_row) : ''; + + if (!function_exists('phpbb_get_user_rank')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - $user_row['avatar'] = ($user->optionget('viewavatars')) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : ''; - - get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); + $user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']); + $user_row['rank_title'] = $user_rank_data['title']; + $user_row['rank_image'] = $user_rank_data['img']; + $user_row['rank_image_src'] = $user_rank_data['img_src']; if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { @@ -319,5 +421,3 @@ function get_user_information($user_id, $user_row) return $user_row; } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php index c6e43b831c..2195500b57 100644 --- a/phpBB/includes/ucp/ucp_prefs.php +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_prefs * Changing user preferences -* @package ucp */ class ucp_prefs { @@ -27,7 +29,7 @@ class ucp_prefs function main($id, $mode) { - global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $config, $db, $user, $auth, $template, $phpbb_dispatcher, $phpbb_root_path, $phpEx; $submit = (isset($_POST['submit'])) ? true : false; $error = $data = array(); @@ -41,15 +43,12 @@ class ucp_prefs 'notifymethod' => request_var('notifymethod', $user->data['user_notify_type']), 'dateformat' => request_var('dateformat', $user->data['user_dateformat'], true), 'lang' => basename(request_var('lang', $user->data['user_lang'])), - 'style' => request_var('style', (int) $user->data['user_style']), - 'tz' => request_var('tz', (float) $user->data['user_timezone']), + 'user_style' => request_var('user_style', (int) $user->data['user_style']), + 'tz' => request_var('tz', $user->data['user_timezone']), - 'dst' => request_var('dst', (bool) $user->data['user_dst']), 'viewemail' => request_var('viewemail', (bool) $user->data['user_allow_viewemail']), 'massemail' => request_var('massemail', (bool) $user->data['user_allow_massemail']), 'hideonline' => request_var('hideonline', (bool) !$user->data['user_allow_viewonline']), - 'notifypm' => request_var('notifypm', (bool) $user->data['user_notify_pm']), - 'popuppm' => request_var('popuppm', (bool) $user->optionget('popuppm')), 'allowpm' => request_var('allowpm', (bool) $user->data['user_allow_pm']), ); @@ -59,21 +58,35 @@ class ucp_prefs $data['notifymethod'] = NOTIFY_BOTH; } + /** + * Add UCP edit global settings data before they are assigned to the template or submitted + * + * To assign data to the template, use $template->assign_vars() + * + * @event core.ucp_prefs_personal_data + * @var bool submit Do we display the form only + * or did the user press submit + * @var array data Array with current ucp options data + * @since 3.1.0-a1 + */ + $vars = array('submit', 'data'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_data', compact($vars))); + if ($submit) { if ($config['override_user_style']) { - $data['style'] = (int) $config['default_style']; + $data['user_style'] = (int) $config['default_style']; } - else if (!phpbb_style_is_active($data['style'])) + else if (!phpbb_style_is_active($data['user_style'])) { - $data['style'] = (int) $user->data['user_style']; + $data['user_style'] = (int) $user->data['user_style']; } $error = validate_data($data, array( 'dateformat' => array('string', false, 1, 30), 'lang' => array('language_iso_name'), - 'tz' => array('num', false, -14, 14), + 'tz' => array('timezone'), )); if (!check_form_key('ucp_prefs_personal')) @@ -83,24 +96,31 @@ class ucp_prefs if (!sizeof($error)) { - $user->optionset('popuppm', $data['popuppm']); - $sql_ary = array( 'user_allow_pm' => $data['allowpm'], 'user_allow_viewemail' => $data['viewemail'], 'user_allow_massemail' => $data['massemail'], 'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$data['hideonline'] : $user->data['user_allow_viewonline'], 'user_notify_type' => $data['notifymethod'], - 'user_notify_pm' => $data['notifypm'], 'user_options' => $user->data['user_options'], - 'user_dst' => $data['dst'], 'user_dateformat' => $data['dateformat'], 'user_lang' => $data['lang'], 'user_timezone' => $data['tz'], - 'user_style' => $data['style'], + 'user_style' => $data['user_style'], ); + /** + * Update UCP edit global settings data on form submit + * + * @event core.ucp_prefs_personal_update_data + * @var array data Submitted display options data + * @var array sql_ary Display options data we update + * @since 3.1.0-a1 + */ + $vars = array('data', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_update_data', compact($vars))); + $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; @@ -112,7 +132,7 @@ class ucp_prefs } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); } $dateformat_options = ''; @@ -134,6 +154,8 @@ class ucp_prefs } $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>'; + phpbb_timezone_select($template, $user, $data['tz'], true); + // check if there are any user-selectable languages $sql = 'SELECT COUNT(lang_id) as languages_count FROM ' . LANG_TABLE; @@ -173,9 +195,6 @@ class ucp_prefs 'S_MASS_EMAIL' => $data['massemail'], 'S_ALLOW_PM' => $data['allowpm'], 'S_HIDE_ONLINE' => $data['hideonline'], - 'S_NOTIFY_PM' => $data['notifypm'], - 'S_POPUP_PM' => $data['popuppm'], - 'S_DST' => $data['dst'], 'DATE_FORMAT' => $data['dateformat'], 'A_DATE_FORMAT' => addslashes($data['dateformat']), @@ -188,8 +207,7 @@ class ucp_prefs 'S_MORE_STYLES' => $s_more_styles, 'S_LANG_OPTIONS' => language_select($data['lang']), - 'S_STYLE_OPTIONS' => ($config['override_user_style']) ? '' : style_select($data['style']), - 'S_TZ_OPTIONS' => tz_select($data['tz'], true), + 'S_STYLE_OPTIONS' => ($config['override_user_style']) ? '' : style_select($data['user_style']), 'S_CAN_HIDE_ONLINE' => ($auth->acl_get('u_hideonline')) ? true : false, 'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false) ); @@ -203,11 +221,11 @@ class ucp_prefs $data = array( 'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'), 'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'), - 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? $user->data['user_topic_show_days'] : 0), + 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? (int) $user->data['user_topic_show_days'] : 0), 'post_sk' => request_var('post_sk', (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't'), 'post_sd' => request_var('post_sd', (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a'), - 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0), + 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? (int) $user->data['user_post_show_days'] : 0), 'images' => request_var('images', (bool) $user->optionget('viewimg')), 'flash' => request_var('flash', (bool) $user->optionget('viewflash')), @@ -217,13 +235,39 @@ class ucp_prefs 'wordcensor' => request_var('wordcensor', (bool) $user->optionget('viewcensors')), ); + /** + * Add UCP edit display options data before they are assigned to the template or submitted + * + * To assign data to the template, use $template->assign_vars() + * + * @event core.ucp_prefs_view_data + * @var bool submit Do we display the form only + * or did the user press submit + * @var array data Array with current ucp options data + * @since 3.1.0-a1 + */ + $vars = array('submit', 'data'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_view_data', compact($vars))); + if ($submit) { $error = validate_data($data, array( - 'topic_sk' => array('string', false, 1, 1), - 'topic_sd' => array('string', false, 1, 1), - 'post_sk' => array('string', false, 1, 1), - 'post_sd' => array('string', false, 1, 1), + 'topic_sk' => array( + array('string', false, 1, 1), + array('match', false, '#(a|r|s|t|v)#'), + ), + 'topic_sd' => array( + array('string', false, 1, 1), + array('match', false, '#(a|d)#'), + ), + 'post_sk' => array( + array('string', false, 1, 1), + array('match', false, '#(a|s|t)#'), + ), + 'post_sd' => array( + array('string', false, 1, 1), + array('match', false, '#(a|d)#'), + ), )); if (!check_form_key('ucp_prefs_view')) @@ -255,6 +299,17 @@ class ucp_prefs 'user_post_show_days' => $data['post_st'], ); + /** + * Update UCP edit display options data on form submit + * + * @event core.ucp_prefs_view_update_data + * @var array data Submitted display options data + * @var array sql_ary Display options data we update + * @since 3.1.0-a1 + */ + $vars = array('data', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_view_update_data', compact($vars))); + $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; @@ -266,7 +321,7 @@ class ucp_prefs } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); } $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); @@ -275,7 +330,7 @@ class ucp_prefs $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']); - $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views'); + $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => array('t.topic_last_post_time', 't.topic_last_post_id'), 'r' => 't.topic_posts_approved', 's' => 't.topic_title', 'v' => 't.topic_views'); // Post ordering options $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); @@ -343,6 +398,20 @@ class ucp_prefs ); add_form_key('ucp_prefs_post'); + /** + * Add UCP edit posting defaults data before they are assigned to the template or submitted + * + * To assign data to the template, use $template->assign_vars() + * + * @event core.ucp_prefs_post_data + * @var bool submit Do we display the form only + * or did the user press submit + * @var array data Array with current ucp options data + * @since 3.1.0-a1 + */ + $vars = array('submit', 'data'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_post_data', compact($vars))); + if ($submit) { if (check_form_key('ucp_prefs_post')) @@ -356,6 +425,17 @@ class ucp_prefs 'user_notify' => $data['notify'], ); + /** + * Update UCP edit posting defaults data on form submit + * + * @event core.ucp_prefs_post_update_data + * @var array data Submitted display options data + * @var array sql_ary Display options data we update + * @since 3.1.0-a1 + */ + $vars = array('data', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_post_update_data', compact($vars))); + $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; @@ -381,6 +461,24 @@ class ucp_prefs break; } + /** + * Modify UCP preferences data before the page load + * + * @event core.ucp_prefs_modify_common + * @var array data Array with current/submitted UCP options data + * @var array error Errors data + * @var string mode UCP prefs operation mode + * @var string s_hidden_fields Hidden fields data + * @since 3.1.0-RC3 + */ + $vars = array( + 'data', + 'error', + 'mode', + 's_hidden_fields', + ); + extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_modify_common', compact($vars))); + $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_PREFS_' . strtoupper($mode)], @@ -392,5 +490,3 @@ class ucp_prefs $this->page_title = 'UCP_PREFS_' . strtoupper($mode); } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 847311058b..a876d0133a 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -21,7 +24,6 @@ if (!defined('IN_PHPBB')) * Changing profile settings * * @todo what about pertaining user_sig_options? -* @package ucp */ class ucp_profile { @@ -29,13 +31,14 @@ class ucp_profile function main($id, $mode) { - global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $cache, $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $request, $phpbb_container; $user->add_lang('posting'); - $preview = (!empty($_POST['preview'])) ? true : false; - $submit = (!empty($_POST['submit'])) ? true : false; - $delete = (!empty($_POST['delete'])) ? true : false; + $preview = $request->variable('preview', false, false, \phpbb\request\request_interface::POST); + $submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST); + $delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST); $error = $data = array(); $s_hidden_fields = ''; @@ -46,10 +49,9 @@ class ucp_profile $data = array( 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), 'email' => strtolower(request_var('email', $user->data['user_email'])), - 'email_confirm' => strtolower(request_var('email_confirm', '')), - 'new_password' => request_var('new_password', '', true), - 'cur_password' => request_var('cur_password', '', true), - 'password_confirm' => request_var('password_confirm', '', true), + 'new_password' => $request->variable('new_password', '', true), + 'cur_password' => $request->variable('cur_password', '', true), + 'password_confirm' => $request->variable('password_confirm', '', true), ); add_form_key('ucp_reg_details'); @@ -64,8 +66,7 @@ class ucp_profile 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array( array('string', false, 6, 60), - array('email')), - 'email_confirm' => array('string', true, 6, 60), + array('user_email')), ); if ($auth->acl_get('u_chgname') && $config['allow_namechange']) @@ -78,23 +79,21 @@ class ucp_profile $error = validate_data($data, $check_ary); - if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) - { - $error[] = ($data['email_confirm']) ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY'; - } - if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) { $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY'; } + // Instantiate passwords manager + $passwords_manager = $phpbb_container->get('passwords.manager'); + // Only check the new password against the previous password if there have been no errors - if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && phpbb_check_hash($data['new_password'], $user->data['user_password'])) + if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && $passwords_manager->check($data['new_password'], $user->data['user_password'])) { $error[] = 'SAME_PASSWORD_ERROR'; } - if (!phpbb_check_hash($data['cur_password'], $user->data['user_password'])) + if (!$passwords_manager->check($data['cur_password'], $user->data['user_password'])) { $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY'; } @@ -111,7 +110,7 @@ class ucp_profile 'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'], 'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'], 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'], - 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? phpbb_hash($data['new_password']) : $user->data['user_password'], + 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? $passwords_manager->hash($data['new_password']) : $user->data['user_password'], 'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0, ); @@ -120,7 +119,7 @@ class ucp_profile add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']); } - if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !phpbb_check_hash($data['new_password'], $user->data['user_password'])) + if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !$passwords_manager->check($data['new_password'], $user->data['user_password'])) { $user->reset_login_keys(); add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']); @@ -181,8 +180,7 @@ class ucp_profile while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); - $messenger->to($row['user_email'], $row['username']); - $messenger->im($row['user_jabber'], $row['username']); + $messenger->set_addresses($row); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), @@ -235,7 +233,7 @@ class ucp_profile } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); } $template->assign_vars(array( @@ -247,8 +245,8 @@ class ucp_profile 'NEW_PASSWORD' => $data['new_password'], 'CUR_PASSWORD' => '', - 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), - 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), + 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), + 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), 'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false, 'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false, @@ -258,23 +256,18 @@ class ucp_profile break; case 'profile_info': + // Do not display profile information panel if not authed to do so + if (!$auth->acl_get('u_chgprofileinfo')) + { + trigger_error('NO_AUTH_PROFILEINFO'); + } - include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); - - $cp = new custom_profile(); + $cp = $phpbb_container->get('profilefields.manager'); $cp_data = $cp_error = array(); $data = array( - 'icq' => request_var('icq', $user->data['user_icq']), - 'aim' => request_var('aim', $user->data['user_aim']), - 'msn' => request_var('msn', $user->data['user_msnm']), - 'yim' => request_var('yim', $user->data['user_yim']), 'jabber' => utf8_normalize_nfc(request_var('jabber', $user->data['user_jabber'], true)), - 'website' => request_var('website', $user->data['user_website']), - 'location' => utf8_normalize_nfc(request_var('location', $user->data['user_from'], true)), - 'occupation' => utf8_normalize_nfc(request_var('occupation', $user->data['user_occ'], true)), - 'interests' => utf8_normalize_nfc(request_var('interests', $user->data['user_interests'], true)), ); if ($config['allow_birthdays']) @@ -297,21 +290,9 @@ class ucp_profile if ($submit) { $validate_array = array( - 'icq' => array( - array('string', true, 3, 15), - array('match', true, '#^[0-9]+$#i')), - 'aim' => array('string', true, 3, 255), - 'msn' => array('string', true, 5, 255), 'jabber' => array( array('string', true, 5, 255), array('jabber')), - 'yim' => array('string', true, 5, 255), - 'website' => array( - array('string', true, 12, 255), - array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')), - 'location' => array('string', true, 2, 100), - 'occupation' => array('string', true, 2, 500), - 'interests' => array('string', true, 2, 500), ); if ($config['allow_birthdays']) @@ -351,15 +332,7 @@ class ucp_profile } $sql_ary = array( - 'user_icq' => $data['icq'], - 'user_aim' => $data['aim'], - 'user_msnm' => $data['msn'], - 'user_yim' => $data['yim'], 'user_jabber' => $data['jabber'], - 'user_website' => $data['website'], - 'user_from' => $data['location'], - 'user_occ' => $data['occupation'], - 'user_interests'=> $data['interests'], 'user_notify_type' => $data['notify'], ); @@ -382,7 +355,7 @@ class ucp_profile } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); } if ($config['allow_birthdays']) @@ -420,17 +393,9 @@ class ucp_profile } $template->assign_vars(array( - 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', - - 'ICQ' => $data['icq'], - 'YIM' => $data['yim'], - 'AIM' => $data['aim'], - 'MSN' => $data['msn'], - 'JABBER' => $data['jabber'], - 'WEBSITE' => $data['website'], - 'LOCATION' => $data['location'], - 'OCCUPATION'=> $data['occupation'], - 'INTERESTS' => $data['interests'], + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'S_JABBER_ENABLED' => $config['jab_enable'], + 'JABBER' => $data['jabber'], )); // Get additional profile fields and assign them to the template block var 'profile_fields' @@ -507,7 +472,7 @@ class ucp_profile } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); } $signature_preview = ''; @@ -536,7 +501,7 @@ class ucp_profile 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_sig_font_size'], - 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']), + 'L_SIGNATURE_EXPLAIN' => $user->lang('SIGNATURE_EXPLAIN', (int) $config['max_sig_chars']), 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'], 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'], @@ -555,82 +520,186 @@ class ucp_profile case 'avatar': - include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + add_form_key('ucp_avatar'); - $display_gallery = request_var('display_gallery', '0'); - $avatar_select = basename(request_var('avatar_select', '')); - $category = basename(request_var('category', '')); + $avatars_enabled = false; - $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; + if ($config['allow_avatar'] && $auth->acl_get('u_chgavatar')) + { + $phpbb_avatar_manager = $phpbb_container->get('avatar.manager'); + $avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers(); - add_form_key('ucp_avatar'); + // This is normalised data, without the user_ prefix + $avatar_data = \phpbb\avatar\manager::clean_row($user->data, 'user'); - if ($submit) - { - if (check_form_key('ucp_avatar')) + if ($submit) { - if (avatar_process_user($error, false, $can_upload)) + if (check_form_key('ucp_avatar')) { + $driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', '')); + + if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) + { + $driver = $phpbb_avatar_manager->get_driver($driver_name); + $result = $driver->process_form($request, $template, $user, $avatar_data, $error); + + if ($result && empty($error)) + { + // Success! Lets save the result in the database + $result = array( + 'user_avatar_type' => $driver_name, + 'user_avatar' => $result['avatar'], + 'user_avatar_width' => $result['avatar_width'], + 'user_avatar_height' => $result['avatar_height'], + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $result) . ' + WHERE user_id = ' . (int) $user->data['user_id']; + + $db->sql_query($sql); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + } + } + else + { + $error[] = 'FORM_INVALID'; + } + } + + // Handle deletion of avatars + if ($request->is_set_post('avatar_delete')) + { + if (!confirm_box(true)) + { + confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array( + 'avatar_delete' => true, + 'i' => $id, + 'mode' => $mode)) + ); + } + else + { + $phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, USERS_TABLE, 'user_'); + meta_refresh(3, $this->u_action); $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); trigger_error($message); } } - else + + $selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $user->data['user_avatar_type'])); + + foreach ($avatar_drivers as $current_driver) { - $error[] = 'FORM_INVALID'; + $driver = $phpbb_avatar_manager->get_driver($current_driver); + + $avatars_enabled = true; + $template->set_filenames(array( + 'avatar' => $driver->get_template_name(), + )); + + if ($driver->prepare_form($request, $template, $user, $avatar_data, $error)) + { + $driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver); + $driver_upper = strtoupper($driver_name); + + $template->assign_block_vars('avatar_drivers', array( + 'L_TITLE' => $user->lang($driver_upper . '_TITLE'), + 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), + + 'DRIVER' => $driver_name, + 'SELECTED' => $current_driver == $selected_driver, + 'OUTPUT' => $template->assign_display('avatar'), + )); + } } + // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = $phpbb_avatar_manager->localize_errors($user, $error); } - if (!$config['allow_avatar'] && $user->data['user_avatar_type']) - { - $error[] = $user->lang['AVATAR_NOT_ALLOWED']; - } - else if ((($user->data['user_avatar_type'] == AVATAR_UPLOAD) && !$config['allow_avatar_upload']) || - (($user->data['user_avatar_type'] == AVATAR_REMOTE) && !$config['allow_avatar_remote']) || - (($user->data['user_avatar_type'] == AVATAR_GALLERY) && !$config['allow_avatar_local'])) - { - $error[] = $user->lang['AVATAR_TYPE_NOT_ALLOWED']; - } + $avatar = phpbb_get_user_avatar($user->data, 'USER_AVATAR', true); $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', - 'AVATAR' => get_user_avatar($user->data['user_avatar'], $user->data['user_avatar_type'], $user->data['user_avatar_width'], $user->data['user_avatar_height'], 'USER_AVATAR', true), - 'AVATAR_SIZE' => $config['avatar_filesize'], + 'AVATAR' => $avatar, - 'U_GALLERY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=profile&mode=avatar&display_gallery=1'), + 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', - 'S_FORM_ENCTYPE' => ($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', + 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string(), - 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), + 'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled), )); - if ($config['allow_avatar'] && $display_gallery && $auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) + break; + + case 'autologin_keys': + + add_form_key('ucp_autologin_keys'); + + if ($submit) { - avatar_gallery($category, $avatar_select, 4); + $keys = request_var('keys', array('')); + + if (!check_form_key('ucp_autologin_keys')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + if (!empty($keys)) + { + foreach ($keys as $key => $id) + { + $keys[$key] = $db->sql_like_expression($id . $db->get_any_char()); + } + $sql_where = '(key_id ' . implode(' OR key_id ', $keys) . ')'; + $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id'] . ' + AND ' . $sql_where ; + + $db->sql_query($sql); + + meta_refresh(3, $this->u_action); + $message = $user->lang['AUTOLOGIN_SESSION_KEYS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + } + + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); } - else if ($config['allow_avatar']) - { - $avatars_enabled = (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($auth->acl_get('u_chgavatar') && ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; - $template->assign_vars(array( - 'AVATAR_WIDTH' => request_var('width', $user->data['user_avatar_width']), - 'AVATAR_HEIGHT' => request_var('height', $user->data['user_avatar_height']), - - 'S_AVATARS_ENABLED' => $avatars_enabled, - 'S_UPLOAD_AVATAR_FILE' => ($can_upload && $config['allow_avatar_upload']) ? true : false, - 'S_UPLOAD_AVATAR_URL' => ($can_upload && $config['allow_avatar_remote_upload']) ? true : false, - 'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false, - 'S_DISPLAY_GALLERY' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false) - ); + $sql = 'SELECT key_id, last_ip, last_login + FROM ' . SESSIONS_KEYS_TABLE . ' + WHERE user_id = ' . (int) $user->data['user_id'] . ' + ORDER BY last_login ASC'; + + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('sessions', array( + 'KEY' => substr($row['key_id'], 0, 8), + 'IP' => $row['last_ip'], + 'LOGIN_TIME' => $user->format_date($row['last_login']), + )); } + $db->sql_freeresult($result); + break; } $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'L_TITLE' => $user->lang['UCP_PROFILE_' . strtoupper($mode)], 'S_HIDDEN_FIELDS' => $s_hidden_fields, @@ -642,5 +711,3 @@ class ucp_profile $this->page_title = 'UCP_PROFILE_' . strtoupper($mode); } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 6ad3a55589..88078c10af 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_register * Board registration -* @package ucp */ class ucp_register { @@ -28,6 +30,7 @@ class ucp_register function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $request, $phpbb_container; // if ($config['require_activation'] == USER_ACTIVATION_DISABLE) @@ -35,11 +38,9 @@ class ucp_register trigger_error('UCP_REGISTER_DISABLE'); } - include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); - - $coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; - $agreed = (!empty($_POST['agreed'])) ? 1 : 0; - $submit = (isset($_POST['submit'])) ? true : false; + $coppa = $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false; + $agreed = $request->variable('agreed', false); + $submit = $request->is_set_post('submit'); $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name); @@ -63,13 +64,10 @@ class ucp_register $submit = false; // Setting back agreed to let the user view the agreement in his/her language - $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; + $agreed = false; } - $user->lang_name = $user_lang = $use_lang; - $user->lang = array(); - $user->data['user_lang'] = $user->lang_name; - $user->add_lang(array('common', 'ucp')); + $user_lang = $use_lang; } else { @@ -78,19 +76,36 @@ class ucp_register } } - - $cp = new custom_profile(); + $cp = $phpbb_container->get('profilefields.manager'); $error = $cp_data = $cp_error = array(); + $s_hidden_fields = array(); + + // Handle login_link data added to $_hidden_fields + $login_link_data = $this->get_login_link_data_array(); + + if (!empty($login_link_data)) + { + // Confirm that we have all necessary data + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_provider = $provider_collection->get_provider($request->variable('auth_provider', '')); + + $result = $auth_provider->login_link_has_necessary_data($login_link_data); + if ($result !== null) + { + $error[] = $user->lang[$result]; + } + + $s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data)); + } if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { - $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; - $s_hidden_fields = array( - 'change_lang' => $change_lang, - ); + $s_hidden_fields = array_merge($s_hidden_fields, array( + 'change_lang' => '', + )); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) @@ -99,9 +114,8 @@ class ucp_register $s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), - 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => $user->lang_name, - 'tz' => request_var('tz', (float) $config['board_timezone']), + 'tz' => request_var('tz', $config['board_timezone']), )); } @@ -121,7 +135,10 @@ class ucp_register if ($coppa === false && $config['coppa_enable']) { $now = getdate(); - $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); + $coppa_birthday = $user->create_datetime() + ->setDate($now['year'] - 13, $now['mon'], $now['mday'] - 1) + ->setTime(0, 0, 0) + ->format($user->lang['DATE_FORMAT'], true); unset($now); $template->assign_vars(array( @@ -129,12 +146,15 @@ class ucp_register 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), - 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang), - 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang), + 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0'), + 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1'), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), - 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang), + 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), + + 'COOKIE_NAME' => $config['cookie_name'], + 'COOKIE_PATH' => $config['cookie_path'], )); } else @@ -146,7 +166,10 @@ class ucp_register 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), - 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa), + 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_coppa), + + 'COOKIE_NAME' => $config['cookie_name'], + 'COOKIE_PATH' => $config['cookie_path'], ) ); } @@ -156,26 +179,22 @@ class ucp_register return; } - - // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. + // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { - include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); - $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha = $phpbb_container->get('captcha.factory')->get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } - $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), - 'new_password' => request_var('new_password', '', true), - 'password_confirm' => request_var('password_confirm', '', true), + 'new_password' => $request->variable('new_password', '', true), + 'password_confirm' => $request->variable('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), - 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), - 'tz' => request_var('tz', (float) $timezone), + 'tz' => request_var('tz', $timezone), ); // Check and initialize some variables if needed @@ -191,9 +210,8 @@ class ucp_register 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array( array('string', false, 6, 60), - array('email')), - 'email_confirm' => array('string', false, 6, 60), - 'tz' => array('num', false, -14, 14), + array('user_email')), + 'tz' => array('timezone'), 'lang' => array('language_iso_name'), )); @@ -203,7 +221,7 @@ class ucp_register } // Replace "error" strings with their real, localised form - $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + $error = array_map(array($user, 'lang'), $error); if ($config['enable_confirm']) { @@ -237,11 +255,6 @@ class ucp_register { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } - - if ($data['email'] != $data['email_confirm']) - { - $error[] = $user->lang['NEW_EMAIL_ERROR']; - } } if (!sizeof($error)) @@ -283,13 +296,15 @@ class ucp_register $user_inactive_time = 0; } + // Instantiate passwords manager + $passwords_manager = $phpbb_container->get('passwords.manager'); + $user_row = array( 'username' => $data['username'], - 'user_password' => phpbb_hash($data['new_password']), + 'user_password' => $passwords_manager->hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, - 'user_timezone' => (float) $data['tz'], - 'user_dst' => $is_dst, + 'user_timezone' => $data['tz'], 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, @@ -369,41 +384,28 @@ class ucp_register } $messenger->send(NOTIFY_EMAIL); + } + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + $phpbb_notifications = $phpbb_container->get('notification_manager'); + $phpbb_notifications->add_notifications('notification.type.admin_activate_user', array( + 'user_id' => $user_id, + 'user_actkey' => $user_row['user_actkey'], + 'user_regdate' => $user_row['user_regdate'], + )); + } - if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + // Perform account linking if necessary + if (!empty($login_link_data)) + { + $login_link_data['user_id'] = $user_id; + + $result = $auth_provider->link_account($login_link_data); + + if ($result) { - // Grab an array of user_id's with a_user permissions ... these users can activate a user - $admin_ary = $auth->acl_get_list(false, 'a_user', false); - $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); - - // Also include founders - $where_sql = ' WHERE user_type = ' . USER_FOUNDER; - - if (sizeof($admin_ary)) - { - $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); - } - - $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type - FROM ' . USERS_TABLE . ' ' . - $where_sql; - $result = $db->sql_query($sql); - - while ($row = $db->sql_fetchrow($result)) - { - $messenger->template('admin_activate', $row['user_lang']); - $messenger->to($row['user_email'], $row['username']); - $messenger->im($row['user_jabber'], $row['username']); - - $messenger->assign_vars(array( - 'USERNAME' => htmlspecialchars_decode($data['username']), - 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id", - 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") - ); - - $messenger->send($row['user_notify_type']); - } - $db->sql_freeresult($result); + $message = $message . '<br /><br />' . $user->lang[$result]; } } @@ -412,10 +414,10 @@ class ucp_register } } - $s_hidden_fields = array( + $s_hidden_fields = array_merge($s_hidden_fields, array( 'agreed' => 'true', 'change_lang' => 0, - ); + )); if ($config['coppa_enable']) { @@ -450,25 +452,28 @@ class ucp_register break; } + $timezone_selects = phpbb_timezone_select($template, $user, $data['tz'], true); $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], - 'EMAIL_CONFIRM' => $data['email_confirm'], 'L_REG_COND' => $l_reg_cond, - 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), - 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), + 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), + 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), 'S_LANG_OPTIONS' => language_select($data['lang']), - 'S_TZ_OPTIONS' => tz_select($data['tz']), + 'S_TZ_PRESELECT' => !$submit, 'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), + + 'COOKIE_NAME' => $config['cookie_name'], + 'COOKIE_PATH' => $config['cookie_path'], )); // @@ -481,6 +486,49 @@ class ucp_register $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; } -} -?>
\ No newline at end of file + /** + * Creates the login_link data array + * + * @return array Returns an array of all POST paramaters whose names + * begin with 'login_link_' + */ + protected function get_login_link_data_array() + { + global $request; + + $var_names = $request->variable_names(\phpbb\request\request_interface::POST); + $login_link_data = array(); + $string_start_length = strlen('login_link_'); + + foreach ($var_names as $var_name) + { + if (strpos($var_name, 'login_link_') === 0) + { + $key_name = substr($var_name, $string_start_length); + $login_link_data[$key_name] = $request->variable($var_name, '', false, \phpbb\request\request_interface::POST); + } + } + + return $login_link_data; + } + + /** + * Prepends they key names of an associative array with 'login_link_' for + * inclusion on the page as hidden fields. + * + * @param array $data The array to be modified + * @return array The modified array + */ + protected function get_login_link_data_for_hidden_fields($data) + { + $new_data = array(); + + foreach ($data as $key => $value) + { + $new_data['login_link_' . $key] = $value; + } + + return $new_data; + } +} diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php index bcb21cbedc..415bf0e84d 100644 --- a/phpBB/includes/ucp/ucp_remind.php +++ b/phpBB/includes/ucp/ucp_remind.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_remind * Sending password reminders -* @package ucp */ class ucp_remind { @@ -28,7 +30,12 @@ class ucp_remind function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; - global $db, $user, $auth, $template; + global $db, $user, $auth, $template, $phpbb_container; + + if (!$config['allow_password_reset']) + { + trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>')); + } $username = request_var('username', '', true); $email = strtolower(request_var('email', '')); @@ -67,7 +74,7 @@ class ucp_remind } // Check users permissions - $auth2 = new auth(); + $auth2 = new \phpbb\auth\auth(); $auth2->acl($user_row); if (!$auth2->acl_get('u_chgpasswd')) @@ -84,8 +91,11 @@ class ucp_remind // For the activation key a random length between 6 and 10 will do. $user_actkey = gen_rand_string(mt_rand(6, 10)); + // Instantiate passwords manager + $passwords_manager = $phpbb_container->get('passwords.manager'); + $sql = 'UPDATE ' . USERS_TABLE . " - SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' + SET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' WHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); @@ -95,8 +105,7 @@ class ucp_remind $messenger->template('user_activate_passwd', $user_row['user_lang']); - $messenger->to($user_row['user_email'], $user_row['username']); - $messenger->im($user_row['user_jabber'], $user_row['username']); + $messenger->set_addresses($user_row); $messenger->anti_abuse_headers($config, $user); @@ -124,5 +133,3 @@ class ucp_remind $this->page_title = 'UCP_REMIND'; } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php index 4d181dba49..9fe8850000 100644 --- a/phpBB/includes/ucp/ucp_resend.php +++ b/phpBB/includes/ucp/ucp_resend.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -19,7 +22,6 @@ if (!defined('IN_PHPBB')) /** * ucp_resend * Resending activation emails -* @package ucp */ class ucp_resend { @@ -92,7 +94,7 @@ class ucp_resend if ($config['require_activation'] == USER_ACTIVATION_SELF || $coppa) { $messenger->template(($coppa) ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); - $messenger->to($user_row['user_email'], $user_row['username']); + $messenger->set_addresses($user_row); $messenger->anti_abuse_headers($config, $user); @@ -127,8 +129,7 @@ class ucp_resend while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); - $messenger->to($row['user_email'], $row['username']); - $messenger->im($row['user_jabber'], $row['username']); + $messenger->set_addresses($row); $messenger->anti_abuse_headers($config, $user); @@ -160,5 +161,3 @@ class ucp_resend $this->page_title = 'UCP_RESEND'; } } - -?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php index 5ed4db7520..dbf8cf31c1 100644 --- a/phpBB/includes/ucp/ucp_zebra.php +++ b/phpBB/includes/ucp/ucp_zebra.php @@ -1,10 +1,13 @@ <?php /** * -* @package ucp -* @version $Id$ -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -16,17 +19,13 @@ if (!defined('IN_PHPBB')) exit; } -/** -* ucp_zebra -* @package ucp -*/ class ucp_zebra { var $u_action; function main($id, $mode) { - global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx, $request, $phpbb_dispatcher; $submit = (isset($_POST['submit']) || isset($_GET['add']) || isset($_GET['remove'])) ? true : false; $s_hidden_fields = ''; @@ -55,9 +54,22 @@ class ucp_zebra // Remove users if (!empty($data['usernames'])) { + $user_ids = $data['usernames']; + + /** + * Remove users from friends/foes + * + * @event core.ucp_remove_zebra + * @var string mode Zebra type: friends|foes + * @var array user_ids User ids we remove + * @since 3.1.0-a1 + */ + $vars = array('mode', 'user_ids'); + extract($phpbb_dispatcher->trigger_event('core.ucp_remove_zebra', compact($vars))); + $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' - AND ' . $db->sql_in_set('zebra_id', $data['usernames']); + AND ' . $db->sql_in_set('zebra_id', $user_ids); $db->sql_query($sql); $updated = true; @@ -187,6 +199,19 @@ class ucp_zebra ); } + /** + * Add users to friends/foes + * + * @event core.ucp_add_zebra + * @var string mode Zebra type: + * friends|foes + * @var array sql_ary Array of + * entries we add + * @since 3.1.0-a1 + */ + $vars = array('mode', 'sql_ary'); + extract($phpbb_dispatcher->trigger_event('core.ucp_add_zebra', compact($vars))); + $db->sql_multi_insert(ZEBRA_TABLE, $sql_ary); $updated = true; @@ -200,7 +225,23 @@ class ucp_zebra } } - if ($updated) + if ($request->is_ajax()) + { + $message = ($updated) ? $user->lang[$l_mode . '_UPDATED'] : implode('<br />', $error); + + $json_response = new \phpbb\json_response; + $json_response->send(array( + 'success' => $updated, + + 'MESSAGE_TITLE' => $user->lang['INFORMATION'], + 'MESSAGE_TEXT' => $message, + 'REFRESH_DATA' => array( + 'time' => 3, + 'url' => $this->u_action + ) + )); + } + else if ($updated) { meta_refresh(3, $this->u_action); $message = $user->lang[$l_mode . '_UPDATED'] . '<br />' . implode('<br />', $error) . ((sizeof($error)) ? '<br />' : '') . '<br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); @@ -253,5 +294,3 @@ class ucp_zebra $this->page_title = 'UCP_ZEBRA_' . $l_mode; } } - -?>
\ No newline at end of file |