diff options
Diffstat (limited to 'phpBB/includes/ucp')
23 files changed, 8050 insertions, 0 deletions
diff --git a/phpBB/includes/ucp/info/ucp_attachments.php b/phpBB/includes/ucp/info/ucp_attachments.php new file mode 100644 index 0000000000..84edce446c --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_attachments.php @@ -0,0 +1,37 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_attachments_info +{ + function module() + { + return array( + 'filename' => 'ucp_attachments', + 'title' => 'UCP_ATTACHMENTS', + 'version' => '1.0.0', + 'modes' => array( + 'attachments' => array('title' => 'UCP_MAIN_ATTACHMENTS', 'auth' => 'acl_u_attach', 'cat' => array('UCP_MAIN')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_groups.php b/phpBB/includes/ucp/info/ucp_groups.php new file mode 100644 index 0000000000..2002123c50 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_groups.php @@ -0,0 +1,38 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_groups_info +{ + function module() + { + return array( + 'filename' => 'ucp_groups', + 'title' => 'UCP_USERGROUPS', + 'version' => '1.0.0', + 'modes' => array( + 'membership' => array('title' => 'UCP_USERGROUPS_MEMBER', 'auth' => '', 'cat' => array('UCP_USERGROUPS')), + 'manage' => array('title' => 'UCP_USERGROUPS_MANAGE', 'auth' => '', 'cat' => array('UCP_USERGROUPS')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_main.php b/phpBB/includes/ucp/info/ucp_main.php new file mode 100644 index 0000000000..722b7865e6 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_main.php @@ -0,0 +1,40 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_main_info +{ + function module() + { + return array( + 'filename' => 'ucp_main', + 'title' => 'UCP_MAIN', + 'version' => '1.0.0', + 'modes' => array( + 'front' => array('title' => 'UCP_MAIN_FRONT', 'auth' => '', 'cat' => array('UCP_MAIN')), + 'subscribed' => array('title' => 'UCP_MAIN_SUBSCRIBED', 'auth' => '', 'cat' => array('UCP_MAIN')), + 'bookmarks' => array('title' => 'UCP_MAIN_BOOKMARKS', 'auth' => 'cfg_allow_bookmarks', 'cat' => array('UCP_MAIN')), + 'drafts' => array('title' => 'UCP_MAIN_DRAFTS', 'auth' => '', 'cat' => array('UCP_MAIN')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_pm.php b/phpBB/includes/ucp/info/ucp_pm.php new file mode 100644 index 0000000000..ade12005c0 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_pm.php @@ -0,0 +1,40 @@ +<?php +/** +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_pm_info +{ + function module() + { + return array( + 'filename' => 'ucp_pm', + 'title' => 'UCP_PM', + 'version' => '1.0.0', + 'modes' => array( + 'view' => array('title' => 'UCP_PM_VIEW', 'auth' => 'cfg_allow_privmsg', 'display' => false, 'cat' => array('UCP_PM')), + 'compose' => array('title' => 'UCP_PM_COMPOSE', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), + 'drafts' => array('title' => 'UCP_PM_DRAFTS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), + 'options' => array('title' => 'UCP_PM_OPTIONS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), + 'popup' => array('title' => 'UCP_PM_POPUP_TITLE', 'auth' => 'cfg_allow_privmsg', 'display' => false, 'cat' => array('UCP_PM')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_prefs.php b/phpBB/includes/ucp/info/ucp_prefs.php new file mode 100644 index 0000000000..58359e8a19 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_prefs.php @@ -0,0 +1,39 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_prefs_info +{ + function module() + { + return array( + 'filename' => 'ucp_prefs', + 'title' => 'UCP_PREFS', + 'version' => '1.0.0', + 'modes' => array( + 'personal' => array('title' => 'UCP_PREFS_PERSONAL', 'auth' => '', 'cat' => array('UCP_PREFS')), + 'post' => array('title' => 'UCP_PREFS_POST', 'auth' => '', 'cat' => array('UCP_PREFS')), + 'view' => array('title' => 'UCP_PREFS_VIEW', 'auth' => '', 'cat' => array('UCP_PREFS')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_profile.php b/phpBB/includes/ucp/info/ucp_profile.php new file mode 100644 index 0000000000..03a4c81f46 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_profile.php @@ -0,0 +1,40 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_profile_info +{ + function module() + { + return array( + 'filename' => 'ucp_profile', + 'title' => 'UCP_PROFILE', + 'version' => '1.0.0', + 'modes' => array( + 'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => '', 'cat' => array('UCP_PROFILE')), + 'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/info/ucp_zebra.php b/phpBB/includes/ucp/info/ucp_zebra.php new file mode 100644 index 0000000000..5fc1f8bee7 --- /dev/null +++ b/phpBB/includes/ucp/info/ucp_zebra.php @@ -0,0 +1,38 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package module_install +*/ +class ucp_zebra_info +{ + function module() + { + return array( + 'filename' => 'ucp_zebra', + 'title' => 'UCP_ZEBRA', + 'version' => '1.0.0', + 'modes' => array( + 'friends' => array('title' => 'UCP_ZEBRA_FRIENDS', 'auth' => '', 'cat' => array('UCP_ZEBRA')), + 'foes' => array('title' => 'UCP_ZEBRA_FOES', 'auth' => '', 'cat' => array('UCP_ZEBRA')), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php new file mode 100644 index 0000000000..8debaabf31 --- /dev/null +++ b/phpBB/includes/ucp/ucp_activate.php @@ -0,0 +1,143 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_activate +* User activation +* @package ucp +*/ +class ucp_activate +{ + var $u_action; + + function main($id, $mode) + { + global $config, $phpbb_root_path, $phpEx; + global $db, $user, $auth, $template; + + $user_id = request_var('u', 0); + $key = request_var('k', ''); + + $sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason + FROM ' . USERS_TABLE . " + WHERE user_id = $user_id"; + $result = $db->sql_query($sql); + $user_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$user_row) + { + trigger_error('NO_USER'); + } + + if ($user_row['user_type'] <> USER_INACTIVE && !$user_row['user_newpasswd']) + { + meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); + trigger_error('ALREADY_ACTIVATED'); + } + + if (($user_row['user_inactive_reason'] == INACTIVE_MANUAL) || $user_row['user_actkey'] != $key) + { + trigger_error('WRONG_ACTIVATION'); + } + + // Do not allow activating by non administrators when admin activation is on + // Only activation type the user should be able to do is INACTIVE_REMIND + // or activate a new password which is not an activation state :@ + if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user')) + { + if (!$user->data['is_registered']) + { + login_box('', $user->lang['NO_AUTH_OPERATION']); + } + trigger_error('NO_AUTH_OPERATION'); + } + + $update_password = ($user_row['user_newpasswd']) ? true : false; + + if ($update_password) + { + $sql_ary = array( + 'user_actkey' => '', + 'user_password' => $user_row['user_newpasswd'], + 'user_newpasswd' => '', + 'user_pass_convert' => 0, + 'user_login_attempts' => 0, + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user_row['user_id']; + $db->sql_query($sql); + + add_log('user', $user_row['user_id'], 'LOG_USER_NEW_PASSWORD', $user_row['username']); + } + + if (!$update_password) + { + include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); + + user_active_flip('activate', $user_row['user_id']); + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_actkey = '' + WHERE user_id = {$user_row['user_id']}"; + $db->sql_query($sql); + } + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) + { + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + + $messenger = new messenger(false); + + $messenger->template('admin_welcome_activated', $user_row['user_lang']); + + $messenger->to($user_row['user_email'], $user_row['username']); + + $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); + $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); + $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($user_row['username'])) + ); + + $messenger->send($user_row['user_notify_type']); + + $message = 'ACCOUNT_ACTIVE_ADMIN'; + } + else + { + if (!$update_password) + { + $message = ($user_row['user_inactive_reason'] == INACTIVE_PROFILE) ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE'; + } + else + { + $message = 'PASSWORD_ACTIVATED'; + } + } + + meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); + trigger_error($user->lang[$message]); + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_attachments.php b/phpBB/includes/ucp/ucp_attachments.php new file mode 100644 index 0000000000..b011b4f75d --- /dev/null +++ b/phpBB/includes/ucp/ucp_attachments.php @@ -0,0 +1,201 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_attachments +* User attachments +* @package ucp +*/ +class ucp_attachments +{ + var $u_action; + + function main($id, $mode) + { + global $template, $user, $db, $config, $phpEx, $phpbb_root_path; + + $start = request_var('start', 0); + $sort_key = request_var('sk', 'a'); + $sort_dir = request_var('sd', 'a'); + + $delete = (isset($_POST['delete'])) ? true : false; + $confirm = (isset($_POST['confirm'])) ? true : false; + $delete_ids = array_keys(request_var('attachment', array(0))); + + if ($delete && sizeof($delete_ids)) + { + // Validate $delete_ids... + $sql = 'SELECT attach_id + FROM ' . ATTACHMENTS_TABLE . ' + WHERE poster_id = ' . $user->data['user_id'] . ' + AND is_orphan = 0 + AND ' . $db->sql_in_set('attach_id', $delete_ids); + $result = $db->sql_query($sql); + + $delete_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $delete_ids[] = $row['attach_id']; + } + $db->sql_freeresult($result); + } + + if ($delete && sizeof($delete_ids)) + { + $s_hidden_fields = array( + 'delete' => 1 + ); + + foreach ($delete_ids as $attachment_id) + { + $s_hidden_fields['attachment'][$attachment_id] = 1; + } + + if (confirm_box(true)) + { + if (!function_exists('delete_attachments')) + { + include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); + } + + delete_attachments('attach', $delete_ids); + + meta_refresh(3, $this->u_action); + $message = ((sizeof($delete_ids) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED']) . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + else + { + confirm_box(false, (sizeof($delete_ids) == 1) ? 'DELETE_ATTACHMENT' : 'DELETE_ATTACHMENTS', build_hidden_fields($s_hidden_fields)); + } + } + + // Select box eventually + $sort_key_text = array('a' => $user->lang['SORT_FILENAME'], 'b' => $user->lang['SORT_COMMENT'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']); + $sort_key_sql = array('a' => 'a.real_filename', 'b' => 'a.attach_comment', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title'); + + $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); + + $s_sort_key = ''; + foreach ($sort_key_text as $key => $value) + { + $selected = ($sort_key == $key) ? ' selected="selected"' : ''; + $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; + } + + $s_sort_dir = ''; + foreach ($sort_dir_text as $key => $value) + { + $selected = ($sort_dir == $key) ? ' selected="selected"' : ''; + $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; + } + + if (!isset($sort_key_sql[$sort_key])) + { + $sort_key = 'a'; + } + + $order_by = $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC'); + + $sql = 'SELECT COUNT(attach_id) as num_attachments + FROM ' . ATTACHMENTS_TABLE . ' + WHERE poster_id = ' . $user->data['user_id'] . ' + AND is_orphan = 0'; + $result = $db->sql_query($sql); + $num_attachments = $db->sql_fetchfield('num_attachments'); + $db->sql_freeresult($result); + + $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title + FROM ' . ATTACHMENTS_TABLE . ' a + LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id AND a.in_message = 0) + LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id AND a.in_message = 1) + WHERE a.poster_id = ' . $user->data['user_id'] . " + AND a.is_orphan = 0 + ORDER BY $order_by"; + $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); + + $row_count = 0; + if ($row = $db->sql_fetchrow($result)) + { + $template->assign_var('S_ATTACHMENT_ROWS', true); + + do + { + if ($row['in_message']) + { + $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&p={$row['post_msg_id']}"); + } + else + { + $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}"; + } + + $template->assign_block_vars('attachrow', array( + 'ROW_NUMBER' => $row_count + ($start + 1), + 'FILENAME' => $row['real_filename'], + 'COMMENT' => bbcode_nl2br($row['attach_comment']), + 'EXTENSION' => $row['extension'], + 'SIZE' => get_formatted_filesize($row['filesize']), + 'DOWNLOAD_COUNT' => $row['download_count'], + 'POST_TIME' => $user->format_date($row['filetime']), + 'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'], + + 'ATTACH_ID' => $row['attach_id'], + 'POST_ID' => $row['post_msg_id'], + 'TOPIC_ID' => $row['topic_id'], + + 'S_IN_MESSAGE' => $row['in_message'], + + 'U_VIEW_ATTACHMENT' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'id=' . $row['attach_id']), + 'U_VIEW_TOPIC' => $view_topic) + ); + + $row_count++; + } + while ($row = $db->sql_fetchrow($result)); + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'PAGE_NUMBER' => on_page($num_attachments, $config['topics_per_page'], $start), + 'PAGINATION' => generate_pagination($this->u_action . "&sk=$sort_key&sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start), + 'TOTAL_ATTACHMENTS' => $num_attachments, + + 'L_TITLE' => $user->lang['UCP_ATTACHMENTS'], + + 'U_SORT_FILENAME' => $this->u_action . "&sk=a&sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_FILE_COMMENT' => $this->u_action . "&sk=b&sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_EXTENSION' => $this->u_action . "&sk=c&sd=" . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_FILESIZE' => $this->u_action . "&sk=d&sd=" . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_DOWNLOADS' => $this->u_action . "&sk=e&sd=" . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_POST_TIME' => $this->u_action . "&sk=f&sd=" . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'), + 'U_SORT_TOPIC_TITLE' => $this->u_action . "&sk=g&sd=" . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'), + + 'S_DISPLAY_MARK_ALL' => ($num_attachments) ? true : false, + 'S_DISPLAY_PAGINATION' => ($num_attachments) ? true : false, + 'S_UCP_ACTION' => $this->u_action, + 'S_SORT_OPTIONS' => $s_sort_key, + 'S_ORDER_SELECT' => $s_sort_dir) + ); + + $this->tpl_name = 'ucp_attachments'; + $this->page_title = 'UCP_ATTACHMENTS'; + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_confirm.php b/phpBB/includes/ucp/ucp_confirm.php new file mode 100644 index 0000000000..445f7c7d2a --- /dev/null +++ b/phpBB/includes/ucp/ucp_confirm.php @@ -0,0 +1,50 @@ +<?php +/** +* +* @package VC +* @version $Id$ +* @copyright (c) 2005 2008 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_confirm +* Visual confirmation +* +* Note to potential users of this code ... +* +* Remember this is released under the _GPL_ and is subject +* to that licence. Do not incorporate this within software +* released or distributed in any way under a licence other +* than the GPL. We will be watching ... ;) +* +* @package VC +*/ +class ucp_confirm +{ + var $u_action; + + function main($id, $mode) + { + global $db, $user, $phpbb_root_path, $config, $phpEx; + + include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); + $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(request_var('type', 0)); + $captcha->execute(); + + garbage_collection(); + exit_handler(); + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php new file mode 100644 index 0000000000..423d9b718a --- /dev/null +++ b/phpBB/includes/ucp/ucp_groups.php @@ -0,0 +1,1117 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_groups +* @package ucp +*/ +class ucp_groups +{ + var $u_action; + + function main($id, $mode) + { + global $config, $phpbb_root_path, $phpEx; + global $db, $user, $auth, $cache, $template; + + $user->add_lang('groups'); + + $return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>'); + + $mark_ary = request_var('mark', array(0)); + $submit = (!empty($_POST['submit'])) ? true : false; + $delete = (!empty($_POST['delete'])) ? true : false; + $error = $data = array(); + + switch ($mode) + { + case 'membership': + + $this->page_title = 'UCP_USERGROUPS_MEMBER'; + + if ($submit || isset($_POST['change_default'])) + { + $action = (isset($_POST['change_default'])) ? 'change_default' : request_var('action', ''); + $group_id = ($action == 'change_default') ? request_var('default', 0) : request_var('selected', 0); + + if (!$group_id) + { + trigger_error('NO_GROUP_SELECTED'); + } + + $sql = 'SELECT group_id, group_name, group_type + FROM ' . GROUPS_TABLE . " + WHERE group_id IN ($group_id, {$user->data['group_id']})"; + $result = $db->sql_query($sql); + + $group_row = array(); + while ($row = $db->sql_fetchrow($result)) + { + $row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']; + $group_row[$row['group_id']] = $row; + } + $db->sql_freeresult($result); + + if (!sizeof($group_row)) + { + trigger_error('GROUP_NOT_EXIST'); + } + + switch ($action) + { + case 'change_default': + // User already having this group set as default? + if ($group_id == $user->data['group_id']) + { + trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page); + } + + if (!$auth->acl_get('u_chggrp')) + { + trigger_error($user->lang['NOT_AUTHORISED'] . $return_page); + } + + // User needs to be member of the group in order to make it default + if (!group_memberships($group_id, $user->data['user_id'], true)) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + + if (confirm_box(true)) + { + group_user_attributes('default', $group_id, $user->data['user_id']); + + add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])); + + meta_refresh(3, $this->u_action); + trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page); + } + else + { + $s_hidden_fields = array( + 'default' => $group_id, + 'change_default'=> true + ); + + confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields)); + } + + break; + + case 'resign': + + // User tries to resign from default group but is not allowed to change it? + if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) + { + trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + $sql = 'SELECT group_type + FROM ' . GROUPS_TABLE . ' + WHERE group_id = ' . $group_id; + $result = $db->sql_query($sql); + $group_type = (int) $db->sql_fetchfield('group_type'); + $db->sql_freeresult($result); + + if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) + { + trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page); + } + + if (confirm_box(true)) + { + group_user_del($group_id, $user->data['user_id']); + + add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']); + + meta_refresh(3, $this->u_action); + trigger_error($user->lang[($row['user_pending']) ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page); + } + else + { + $s_hidden_fields = array( + 'selected' => $group_id, + 'action' => 'resign', + 'submit' => true + ); + + confirm_box(false, ($row['user_pending']) ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields)); + } + + break; + + case 'join': + + $sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email + FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u + WHERE ug.user_id = u.user_id + AND ug.group_id = ' . $group_id . ' + AND ug.user_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + if ($row['user_pending']) + { + trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page); + } + + trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page); + } + + // Check permission to join (open group or request) + if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) + { + trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page); + } + + if (confirm_box(true)) + { + if ($group_row[$group_id]['group_type'] == GROUP_FREE) + { + group_user_add($group_id, $user->data['user_id']); + + $email_template = 'group_added'; + } + else + { + group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); + + $email_template = 'group_request'; + } + + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + $messenger = new messenger(); + + $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang + FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u + WHERE ug.user_id = u.user_id + AND ' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . " + AND ug.group_id = $group_id"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $messenger->template($email_template, $row['user_lang']); + + $messenger->to($row['user_email'], $row['username']); + $messenger->im($row['user_jabber'], $row['username']); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($row['username']), + 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), + 'REQUEST_USERNAME' => $user->data['username'], + + 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", + 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") + ); + + $messenger->send($row['user_notify_type']); + } + $db->sql_freeresult($result); + + $messenger->save_queue(); + + add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']); + + meta_refresh(3, $this->u_action); + trigger_error($user->lang[($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page); + } + else + { + $s_hidden_fields = array( + 'selected' => $group_id, + 'action' => 'join', + 'submit' => true + ); + + confirm_box(false, ($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields)); + } + + break; + + case 'demote': + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + if (confirm_box(true)) + { + group_user_attributes('demote', $group_id, $user->data['user_id']); + + add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']); + + meta_refresh(3, $this->u_action); + trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page); + } + else + { + $s_hidden_fields = array( + 'selected' => $group_id, + 'action' => 'demote', + 'submit' => true + ); + + confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields)); + } + + break; + } + } + + $sql = 'SELECT g.*, ug.group_leader, ug.user_pending + FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug + WHERE ug.user_id = ' . $user->data['user_id'] . ' + AND g.group_id = ug.group_id + ORDER BY g.group_type DESC, g.group_name'; + $result = $db->sql_query($sql); + + $group_id_ary = array(); + $leader_count = $member_count = $pending_count = 0; + while ($row = $db->sql_fetchrow($result)) + { + $block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member'); + + switch ($row['group_type']) + { + case GROUP_OPEN: + $group_status = 'OPEN'; + break; + + case GROUP_CLOSED: + $group_status = 'CLOSED'; + break; + + case GROUP_HIDDEN: + $group_status = 'HIDDEN'; + break; + + case GROUP_SPECIAL: + $group_status = 'SPECIAL'; + break; + + case GROUP_FREE: + $group_status = 'FREE'; + break; + } + + $template->assign_block_vars($block, array( + 'GROUP_ID' => $row['group_id'], + 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], + 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], + 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, + 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], + 'GROUP_COLOUR' => $row['group_colour'], + + 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), + + 'S_GROUP_DEFAULT' => ($row['group_id'] == $user->data['group_id']) ? true : false, + 'S_ROW_COUNT' => ${$block . '_count'}++) + ); + + $group_id_ary[] = (int) $row['group_id']; + } + $db->sql_freeresult($result); + + // Hide hidden groups unless user is an admin with group privileges + $sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')'; + + $sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage + FROM ' . GROUPS_TABLE . ' + WHERE ' . ((sizeof($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . " + group_type $sql_and + ORDER BY group_type DESC, group_name"; + $result = $db->sql_query($sql); + + $nonmember_count = 0; + while ($row = $db->sql_fetchrow($result)) + { + switch ($row['group_type']) + { + case GROUP_OPEN: + $group_status = 'OPEN'; + break; + + case GROUP_CLOSED: + $group_status = 'CLOSED'; + break; + + case GROUP_HIDDEN: + $group_status = 'HIDDEN'; + break; + + case GROUP_SPECIAL: + $group_status = 'SPECIAL'; + break; + + case GROUP_FREE: + $group_status = 'FREE'; + break; + } + + $template->assign_block_vars('nonmember', array( + 'GROUP_ID' => $row['group_id'], + 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], + 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], + 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, + 'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true, + 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], + 'S_CAN_JOIN' => ($row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE) ? true : false, + 'GROUP_COLOUR' => $row['group_colour'], + + 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), + + 'S_ROW_COUNT' => $nonmember_count++) + ); + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_CHANGE_DEFAULT' => ($auth->acl_get('u_chggrp')) ? true : false, + 'S_LEADER_COUNT' => $leader_count, + 'S_MEMBER_COUNT' => $member_count, + 'S_PENDING_COUNT' => $pending_count, + 'S_NONMEMBER_COUNT' => $nonmember_count, + + 'S_UCP_ACTION' => $this->u_action) + ); + + break; + + case 'manage': + + $this->page_title = 'UCP_USERGROUPS_MANAGE'; + $action = (isset($_POST['addusers'])) ? 'addusers' : request_var('action', ''); + $group_id = request_var('g', 0); + + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + + add_form_key('ucp_groups'); + + if ($group_id) + { + $sql = 'SELECT * + FROM ' . GROUPS_TABLE . " + WHERE group_id = $group_id"; + $result = $db->sql_query($sql); + $group_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$group_row) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + // Check if the user is allowed to manage this group if set to founder only. + if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) + { + trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING); + } + + $group_name = $group_row['group_name']; + $group_type = $group_row['group_type']; + + $avatar_img = (!empty($group_row['group_avatar'])) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />'; + + $template->assign_vars(array( + 'GROUP_NAME' => ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name, + 'GROUP_INTERNAL_NAME' => $group_name, + 'GROUP_COLOUR' => (isset($group_row['group_colour'])) ? $group_row['group_colour'] : '', + 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), + 'GROUP_TYPE' => $group_row['group_type'], + + 'AVATAR' => $avatar_img, + 'AVATAR_IMAGE' => $avatar_img, + 'AVATAR_WIDTH' => (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '', + 'AVATAR_HEIGHT' => (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '', + )); + } + + switch ($action) + { + case 'edit': + + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false; + $user->add_lang(array('acp/groups', 'acp/common')); + + $data = $submit_ary = array(); + + $update = (isset($_POST['update'])) ? true : false; + + $error = array(); + + $avatar_select = basename(request_var('avatar_select', '')); + $category = basename(request_var('category', '')); + + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; + + // Did we submit? + if ($update) + { + $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); + $group_desc = utf8_normalize_nfc(request_var('group_desc', '', true)); + $group_type = request_var('group_type', GROUP_FREE); + + $allow_desc_bbcode = request_var('desc_parse_bbcode', false); + $allow_desc_urls = request_var('desc_parse_urls', false); + $allow_desc_smilies = request_var('desc_parse_smilies', false); + + $submit_ary = array( + 'colour' => request_var('group_colour', ''), + 'rank' => request_var('group_rank', 0), + 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, + 'message_limit' => request_var('group_message_limit', 0), + 'max_recipients'=> request_var('group_max_recipients', 0), + ); + + $data['uploadurl'] = request_var('uploadurl', ''); + $data['remotelink'] = request_var('remotelink', ''); + $data['width'] = request_var('width', ''); + $data['height'] = request_var('height', ''); + $delete = request_var('delete', ''); + + if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) + { + // Avatar stuff + $var_ary = array( + 'uploadurl' => array('string', true, 5, 255), + 'remotelink' => array('string', true, 5, 255), + 'width' => array('string', true, 1, 3), + 'height' => array('string', true, 1, 3), + ); + + if (!($error = validate_data($data, $var_ary))) + { + $data['user_id'] = "g$group_id"; + + if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) + { + list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error); + } + else if ($data['remotelink']) + { + list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error); + } + } + } + else if ($avatar_select && $config['allow_avatar_local']) + { + // check avatar gallery + if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) + { + $submit_ary['avatar_type'] = AVATAR_GALLERY; + + list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select); + $submit_ary['avatar'] = $category . '/' . $avatar_select; + } + } + else if ($delete) + { + $submit_ary['avatar'] = ''; + $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0; + } + else if ($data['width'] && $data['height']) + { + // Only update the dimensions? + if ($config['avatar_max_width'] || $config['avatar_max_height']) + { + if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) + { + $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); + } + } + + if (!sizeof($error)) + { + if ($config['avatar_min_width'] || $config['avatar_min_height']) + { + if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) + { + $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); + } + } + } + + if (!sizeof($error)) + { + $submit_ary['avatar_width'] = $data['width']; + $submit_ary['avatar_height'] = $data['height']; + } + } + + if ((isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']))) || $delete) + { + if (isset($group_row['group_avatar']) && $group_row['group_avatar']) + { + avatar_delete('group', $group_row, true); + } + } + + if (!check_form_key('ucp_groups')) + { + $error[] = $user->lang['FORM_INVALID']; + } + + if (!sizeof($error)) + { + // Only set the rank, colour, etc. if it's changed or if we're adding a new + // group. This prevents existing group members being updated if no changes + // were made. + + $group_attributes = array(); + $test_variables = array( + 'rank' => 'int', + 'colour' => 'string', + 'avatar' => 'string', + 'avatar_type' => 'int', + 'avatar_width' => 'int', + 'avatar_height' => 'int', + 'receive_pm' => 'int', + 'legend' => 'int', + 'message_limit' => 'int', + 'max_recipients'=> 'int', + ); + + foreach ($test_variables as $test => $type) + { + if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) + { + settype($submit_ary[$test], $type); + $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; + } + } + + if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) + { + $cache->destroy('sql', GROUPS_TABLE); + + $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; + trigger_error($user->lang[$message] . $return_page); + } + } + + if (sizeof($error)) + { + $group_rank = $submit_ary['rank']; + + $group_desc_data = array( + 'text' => $group_desc, + 'allow_bbcode' => $allow_desc_bbcode, + 'allow_smilies' => $allow_desc_smilies, + 'allow_urls' => $allow_desc_urls + ); + } + } + else if (!$group_id) + { + $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); + $group_desc_data = array( + 'text' => '', + 'allow_bbcode' => true, + 'allow_smilies' => true, + 'allow_urls' => true + ); + $group_rank = 0; + $group_type = GROUP_OPEN; + } + else + { + $group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']); + $group_rank = $group_row['group_rank']; + } + + $sql = 'SELECT * + FROM ' . RANKS_TABLE . ' + WHERE rank_special = 1 + ORDER BY rank_title'; + $result = $db->sql_query($sql); + + $rank_options = '<option value="0"' . ((!$group_rank) ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>'; + while ($row = $db->sql_fetchrow($result)) + { + $selected = ($group_rank && $row['rank_id'] == $group_rank) ? ' selected="selected"' : ''; + $rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>'; + } + $db->sql_freeresult($result); + + $type_free = ($group_type == GROUP_FREE) ? ' checked="checked"' : ''; + $type_open = ($group_type == GROUP_OPEN) ? ' checked="checked"' : ''; + $type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : ''; + $type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : ''; + + $display_gallery = (isset($_POST['display_gallery'])) ? true : false; + + if ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery) + { + avatar_gallery($category, $avatar_select, 4); + } + + $avatars_enabled = ($config['allow_avatar'] && (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; + + $template->assign_vars(array( + 'S_EDIT' => true, + 'S_INCLUDE_SWATCH' => true, + 'S_FORM_ENCTYPE' => ($config['allow_avatar'] && $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', + 'S_ERROR' => (sizeof($error)) ? true : false, + 'S_SPECIAL_GROUP' => ($group_type == GROUP_SPECIAL) ? true : false, + 'S_AVATARS_ENABLED' => $avatars_enabled, + 'S_DISPLAY_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false, + 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false, + + 'S_UPLOAD_AVATAR_FILE' => ($config['allow_avatar'] && $config['allow_avatar_upload'] && $can_upload) ? true : false, + 'S_UPLOAD_AVATAR_URL' => ($config['allow_avatar'] && $config['allow_avatar_remote_upload'] && $can_upload) ? true : false, + 'S_LINK_AVATAR' => ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false, + + 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', + 'GROUP_RECEIVE_PM' => (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '', + 'GROUP_MESSAGE_LIMIT' => (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0, + 'GROUP_MAX_RECIPIENTS' => (isset($group_row['group_max_recipients'])) ? $group_row['group_max_recipients'] : 0, + + 'GROUP_DESC' => $group_desc_data['text'], + 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], + 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], + 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], + + 'S_RANK_OPTIONS' => $rank_options, + 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], + + 'GROUP_TYPE_FREE' => GROUP_FREE, + 'GROUP_TYPE_OPEN' => GROUP_OPEN, + 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, + 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, + 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, + + 'GROUP_FREE' => $type_free, + 'GROUP_OPEN' => $type_open, + 'GROUP_CLOSED' => $type_closed, + 'GROUP_HIDDEN' => $type_hidden, + + 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour'), + 'S_UCP_ACTION' => $this->u_action . "&action=$action&g=$group_id", + 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), + )); + + break; + + case 'list': + + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $user->add_lang(array('acp/groups', 'acp/common')); + $start = request_var('start', 0); + + // Grab the leaders - always, on every page... + $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending + FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug + WHERE ug.group_id = $group_id + AND u.user_id = ug.user_id + AND ug.group_leader = 1 + ORDER BY ug.user_pending DESC, u.username_clean"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('leader', array( + 'USERNAME' => $row['username'], + 'USERNAME_COLOUR' => $row['user_colour'], + 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), + 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), + 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, + 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', + 'USER_POSTS' => $row['user_posts'], + 'USER_ID' => $row['user_id']) + ); + } + $db->sql_freeresult($result); + + // Total number of group members (non-leaders) + $sql = 'SELECT COUNT(user_id) AS total_members + FROM ' . USER_GROUP_TABLE . " + WHERE group_id = $group_id + AND group_leader = 0"; + $result = $db->sql_query($sql); + $total_members = (int) $db->sql_fetchfield('total_members'); + $db->sql_freeresult($result); + + // Grab the members + $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending + FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug + WHERE ug.group_id = $group_id + AND u.user_id = ug.user_id + AND ug.group_leader = 0 + ORDER BY ug.user_pending DESC, u.username_clean"; + $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); + + $pending = false; + $approved = false; + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['user_pending'] && !$pending) + { + $template->assign_block_vars('member', array( + 'S_PENDING' => true) + ); + $template->assign_var('S_PENDING_SET', true); + + $pending = true; + } + else if (!$row['user_pending'] && !$approved) + { + $template->assign_block_vars('member', array( + 'S_APPROVED' => true) + ); + $template->assign_var('S_APPROVED_SET', true); + + $approved = true; + } + + $template->assign_block_vars('member', array( + 'USERNAME' => $row['username'], + 'USERNAME_COLOUR' => $row['user_colour'], + 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), + 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), + 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, + 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', + 'USER_POSTS' => $row['user_posts'], + 'USER_ID' => $row['user_id']) + ); + } + $db->sql_freeresult($result); + + $s_action_options = ''; + $options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE'); + + foreach ($options as $option => $lang) + { + $s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>'; + } + + $template->assign_vars(array( + 'S_LIST' => true, + 'S_ACTION_OPTIONS' => $s_action_options, + 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), + 'PAGINATION' => generate_pagination($this->u_action . "&action=$action&g=$group_id", $total_members, $config['topics_per_page'], $start), + + 'U_ACTION' => $this->u_action . "&g=$group_id", + 'S_UCP_ACTION' => $this->u_action . "&g=$group_id", + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'), + )); + + break; + + case 'approve': + + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $user->add_lang('acp/groups'); + + // Approve, demote or promote + group_user_attributes('approve', $group_id, $mark_ary, false, false); + + trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + + break; + + case 'default': + + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; + + if (confirm_box(true)) + { + if (!sizeof($mark_ary)) + { + $start = 0; + + do + { + $sql = 'SELECT user_id + FROM ' . USER_GROUP_TABLE . " + WHERE group_id = $group_id + ORDER BY user_id"; + $result = $db->sql_query_limit($sql, 200, $start); + + $mark_ary = array(); + if ($row = $db->sql_fetchrow($result)) + { + do + { + $mark_ary[] = $row['user_id']; + } + while ($row = $db->sql_fetchrow($result)); + + group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); + + $start = (sizeof($mark_ary) < 200) ? 0 : $start + 200; + } + else + { + $start = 0; + } + $db->sql_freeresult($result); + } + while ($start); + } + else + { + group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); + } + + $user->add_lang('acp/groups'); + + trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + } + else + { + $user->add_lang('acp/common'); + + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'mark' => $mark_ary, + 'g' => $group_id, + 'i' => $id, + 'mode' => $mode, + 'action' => $action)) + ); + } + + // redirect to last screen + redirect($this->u_action . '&action=list&g=' . $group_id); + + break; + + case 'deleteusers': + + $user->add_lang(array('acp/groups', 'acp/common')); + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; + + if (confirm_box(true)) + { + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + $error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']); + + if ($error) + { + trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + } + + trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'mark' => $mark_ary, + 'g' => $group_id, + 'i' => $id, + 'mode' => $mode, + 'action' => $action)) + ); + } + + // redirect to last screen + redirect($this->u_action . '&action=list&g=' . $group_id); + + break; + + case 'addusers': + + $user->add_lang(array('acp/groups', 'acp/common')); + + $names = utf8_normalize_nfc(request_var('usernames', '', true)); + + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . $return_page); + } + + if (!$names) + { + trigger_error($user->lang['NO_USERS'] . $return_page); + } + + if (!($row = group_memberships($group_id, $user->data['user_id']))) + { + trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); + } + list(, $row) = each($row); + + if (!$row['group_leader']) + { + trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); + } + + $name_ary = array_unique(explode("\n", $names)); + $group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; + + $default = request_var('default', 0); + + if (confirm_box(true)) + { + // Add user/s to group + if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) + { + trigger_error($user->lang[$error] . $return_page); + } + + trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + } + else + { + $s_hidden_fields = array( + 'default' => $default, + 'usernames' => $names, + 'g' => $group_id, + 'i' => $id, + 'mode' => $mode, + 'action' => $action + ); + confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields)); + } + + trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); + + break; + + default: + $user->add_lang('acp/common'); + + $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader + FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug + WHERE ug.user_id = ' . $user->data['user_id'] . ' + AND g.group_id = ug.group_id + AND ug.group_leader = 1 + ORDER BY g.group_type DESC, g.group_name'; + $result = $db->sql_query($sql); + + while ($value = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('leader', array( + 'GROUP_NAME' => ($value['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $value['group_name']] : $value['group_name'], + 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), + 'GROUP_TYPE' => $value['group_type'], + 'GROUP_ID' => $value['group_id'], + 'GROUP_COLOUR' => $value['group_colour'], + + 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", + 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}") + ); + } + $db->sql_freeresult($result); + + break; + } + + break; + } + + $this->tpl_name = 'ucp_groups_' . $mode; + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_main.php b/phpBB/includes/ucp/ucp_main.php new file mode 100644 index 0000000000..6ac2412ef0 --- /dev/null +++ b/phpBB/includes/ucp/ucp_main.php @@ -0,0 +1,835 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_main +* UCP Front Panel +* @package ucp +*/ +class ucp_main +{ + var $p_master; + var $u_action; + + function ucp_main(&$p_master) + { + $this->p_master = &$p_master; + } + + function main($id, $mode) + { + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + + switch ($mode) + { + case 'front': + + $user->add_lang('memberlist'); + + $sql_from = TOPICS_TABLE . ' t '; + $sql_select = ''; + + if ($config['load_db_track']) + { + $sql_from .= ' LEFT JOIN ' . TOPICS_POSTED_TABLE . ' tp ON (tp.topic_id = t.topic_id + AND tp.user_id = ' . $user->data['user_id'] . ')'; + $sql_select .= ', tp.topic_posted'; + } + + if ($config['load_db_lastread']) + { + $sql_from .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id + AND tt.user_id = ' . $user->data['user_id'] . ')'; + $sql_select .= ', tt.mark_time'; + } + + $topic_type = $user->lang['VIEW_TOPIC_GLOBAL']; + $folder = 'global_read'; + $folder_new = 'global_unread'; + + // Get cleaned up list... return only those forums not having the f_read permission + $forum_ary = $auth->acl_getf('!f_read', true); + $forum_ary = array_unique(array_keys($forum_ary)); + + // Determine first forum the user is able to read into - for global announcement link + $sql = 'SELECT forum_id + FROM ' . FORUMS_TABLE . ' + WHERE forum_type = ' . FORUM_POST; + + if (sizeof($forum_ary)) + { + $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); + } + $result = $db->sql_query_limit($sql, 1); + $g_forum_id = (int) $db->sql_fetchfield('forum_id'); + $db->sql_freeresult($result); + + $sql = "SELECT t.* $sql_select + FROM $sql_from + WHERE t.forum_id = 0 + AND t.topic_type = " . POST_GLOBAL . ' + ORDER BY t.topic_last_post_time DESC'; + + $topic_list = $rowset = array(); + // If the user can't see any forums, he can't read any posts because fid of 0 is invalid + if ($g_forum_id) + { + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $topic_list[] = $row['topic_id']; + $rowset[$row['topic_id']] = $row; + } + $db->sql_freeresult($result); + } + + $topic_tracking_info = array(); + if ($config['load_db_lastread']) + { + $topic_tracking_info = get_topic_tracking(0, $topic_list, $rowset, false, $topic_list); + } + else + { + $topic_tracking_info = get_complete_topic_tracking(0, $topic_list, $topic_list); + } + + foreach ($topic_list as $topic_id) + { + $row = &$rowset[$topic_id]; + + $forum_id = $row['forum_id']; + $topic_id = $row['topic_id']; + + $unread_topic = (isset($topic_tracking_info[$topic_id]) && $row['topic_last_post_time'] > $topic_tracking_info[$topic_id]) ? true : false; + + $folder_img = ($unread_topic) ? $folder_new : $folder; + $folder_alt = ($unread_topic) ? 'NEW_POSTS' : (($row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_NEW_POSTS'); + + if ($row['topic_status'] == ITEM_LOCKED) + { + $folder_img .= '_locked'; + } + + // Posted image? + if (!empty($row['topic_posted']) && $row['topic_posted']) + { + $folder_img .= '_mine'; + } + + $template->assign_block_vars('topicrow', array( + 'FORUM_ID' => $forum_id, + 'TOPIC_ID' => $topic_id, + 'TOPIC_AUTHOR' => get_username_string('username', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'TOPIC_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'TOPIC_AUTHOR_FULL' => get_username_string('full', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'FIRST_POST_TIME' => $user->format_date($row['topic_time']), + 'LAST_POST_SUBJECT' => censor_text($row['topic_last_post_subject']), + 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), + 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), + 'LAST_POST_AUTHOR' => get_username_string('username', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'TOPIC_TITLE' => censor_text($row['topic_title']), + 'TOPIC_TYPE' => $topic_type, + + 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), + 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), + 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', '') : '', + + 'S_USER_POSTED' => (!empty($row['topic_posted']) && $row['topic_posted']) ? true : false, + 'S_UNREAD' => $unread_topic, + + 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], + 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&view=unread") . '#unread', + 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id")) + ); + } + + if ($config['load_user_activity']) + { + if (!function_exists('display_user_activity')) + { + include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx); + } + display_user_activity($user->data); + } + + // Do the relevant calculations + $memberdays = max(1, round((time() - $user->data['user_regdate']) / 86400)); + $posts_per_day = $user->data['user_posts'] / $memberdays; + $percentage = ($config['num_posts']) ? min(100, ($user->data['user_posts'] / $config['num_posts']) * 100) : 0; + + $template->assign_vars(array( + 'USER_COLOR' => (!empty($user->data['user_colour'])) ? $user->data['user_colour'] : '', + 'JOINED' => $user->format_date($user->data['user_regdate']), + 'VISITED' => (empty($last_visit)) ? ' - ' : $user->format_date($last_visit), + 'WARNINGS' => ($user->data['user_warnings']) ? $user->data['user_warnings'] : 0, + 'POSTS' => ($user->data['user_posts']) ? $user->data['user_posts'] : 0, + 'POSTS_DAY' => sprintf($user->lang['POST_DAY'], $posts_per_day), + 'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage), + + 'OCCUPATION' => (!empty($row['user_occ'])) ? $row['user_occ'] : '', + 'INTERESTS' => (!empty($row['user_interests'])) ? $row['user_interests'] : '', + +// 'S_GROUP_OPTIONS' => $group_options, + + 'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user->data['user_id'] . '&sr=posts') : '', + )); + + break; + + case 'subscribed': + + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + + $user->add_lang('viewforum'); + + add_form_key('ucp_front_subscribed'); + + $unwatch = (isset($_POST['unwatch'])) ? true : false; + + if ($unwatch) + { + if (check_form_key('ucp_front_subscribed')) + { + $forums = array_keys(request_var('f', array(0 => 0))); + $topics = array_keys(request_var('t', array(0 => 0))); + $msg = ''; + + if (sizeof($forums) || sizeof($topics)) + { + $l_unwatch = ''; + if (sizeof($forums)) + { + $sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . ' + WHERE ' . $db->sql_in_set('forum_id', $forums) . ' + AND user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $l_unwatch .= '_FORUMS'; + } + + if (sizeof($topics)) + { + $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', $topics) . ' + AND user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $l_unwatch .= '_TOPICS'; + } + $msg = $user->lang['UNWATCHED' . $l_unwatch]; + } + else + { + $msg = $user->lang['NO_WATCHED_SELECTED']; + } + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=subscribed") . '">', '</a>'); + meta_refresh(3, append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=subscribed")); + trigger_error($message); + } + + $forbidden_forums = array(); + + if ($config['allow_forum_notify']) + { + $forbidden_forums = $auth->acl_getf('!f_read', true); + $forbidden_forums = array_unique(array_keys($forbidden_forums)); + + $sql_array = array( + 'SELECT' => 'f.*', + + 'FROM' => array( + FORUMS_WATCH_TABLE => 'fw', + FORUMS_TABLE => 'f' + ), + + 'WHERE' => 'fw.user_id = ' . $user->data['user_id'] . ' + AND f.forum_id = fw.forum_id + AND ' . $db->sql_in_set('f.forum_id', $forbidden_forums, true, true), + + 'ORDER_BY' => 'left_id' + ); + + if ($config['load_db_lastread']) + { + $sql_array['LEFT_JOIN'] = array( + array( + 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'), + 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id' + ) + ); + + $sql_array['SELECT'] .= ', ft.mark_time '; + } + else + { + $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; + $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); + } + + $sql = $db->sql_build_query('SELECT', $sql_array); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $forum_id = $row['forum_id']; + + if ($config['load_db_lastread']) + { + $forum_check = (!empty($row['mark_time'])) ? $row['mark_time'] : $user->data['user_lastmark']; + } + else + { + $forum_check = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark']; + } + + $unread_forum = ($row['forum_last_post_time'] > $forum_check) ? true : false; + + // Which folder should we display? + if ($row['forum_status'] == ITEM_LOCKED) + { + $folder_image = ($unread_forum) ? 'forum_unread_locked' : 'forum_read_locked'; + $folder_alt = 'FORUM_LOCKED'; + } + else + { + $folder_image = ($unread_forum) ? 'forum_unread' : 'forum_read'; + $folder_alt = ($unread_forum) ? 'NEW_POSTS' : 'NO_NEW_POSTS'; + } + + // Create last post link information, if appropriate + if ($row['forum_last_post_id']) + { + $last_post_time = $user->format_date($row['forum_last_post_time']); + $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&p=" . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; + } + else + { + $last_post_time = $last_post_url = ''; + } + + $template->assign_block_vars('forumrow', array( + 'FORUM_ID' => $forum_id, + 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), + 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), + 'FORUM_IMAGE' => ($row['forum_image']) ? '<img src="' . $phpbb_root_path . $row['forum_image'] . '" alt="' . $user->lang[$folder_alt] . '" />' : '', + 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', + 'FORUM_NAME' => $row['forum_name'], + 'FORUM_DESC' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), + 'LAST_POST_SUBJECT' => $row['forum_last_post_subject'], + 'LAST_POST_TIME' => $last_post_time, + + 'LAST_POST_AUTHOR' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), + 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), + 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), + 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), + + 'U_LAST_POST' => $last_post_url, + 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id'])) + ); + } + $db->sql_freeresult($result); + } + + // Subscribed Topics + if ($config['allow_topic_notify']) + { + if (empty($forbidden_forums)) + { + $forbidden_forums = $auth->acl_getf('!f_read', true); + $forbidden_forums = array_unique(array_keys($forbidden_forums)); + } + $this->assign_topiclist('subscribed', $forbidden_forums); + } + + $template->assign_vars(array( + 'S_TOPIC_NOTIFY' => $config['allow_topic_notify'], + 'S_FORUM_NOTIFY' => $config['allow_forum_notify'], + )); + + break; + + case 'bookmarks': + + if (!$config['allow_bookmarks']) + { + $template->assign_vars(array( + 'S_NO_DISPLAY_BOOKMARKS' => true) + ); + break; + } + + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + + $user->add_lang('viewforum'); + + if (isset($_POST['unbookmark'])) + { + $s_hidden_fields = array('unbookmark' => 1); + $topics = (isset($_POST['t'])) ? array_keys(request_var('t', array(0 => 0))) : array(); + $url = $this->u_action; + + if (!sizeof($topics)) + { + trigger_error('NO_BOOKMARKS_SELECTED'); + } + + foreach ($topics as $topic_id) + { + $s_hidden_fields['t'][$topic_id] = 1; + } + + if (confirm_box(true)) + { + $sql = 'DELETE FROM ' . BOOKMARKS_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND ' . $db->sql_in_set('topic_id', $topics); + $db->sql_query($sql); + + meta_refresh(3, $url); + $message = $user->lang['BOOKMARKS_REMOVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $url . '">', '</a>'); + trigger_error($message); + } + else + { + confirm_box(false, 'REMOVE_SELECTED_BOOKMARKS', build_hidden_fields($s_hidden_fields)); + } + } + $forbidden_forums = $auth->acl_getf('!f_read', true); + $forbidden_forums = array_unique(array_keys($forbidden_forums)); + + $this->assign_topiclist('bookmarks', $forbidden_forums); + + break; + + case 'drafts': + + $pm_drafts = ($this->p_master->p_name == 'pm') ? true : false; + $template->assign_var('S_SHOW_DRAFTS', true); + + $user->add_lang('posting'); + + $edit = (isset($_REQUEST['edit'])) ? true : false; + $submit = (isset($_POST['submit'])) ? true : false; + $draft_id = ($edit) ? intval($_REQUEST['edit']) : 0; + $delete = (isset($_POST['delete'])) ? true : false; + + $s_hidden_fields = ($edit) ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : ''; + $draft_subject = $draft_message = ''; + add_form_key('ucp_draft'); + + if ($delete) + { + if (check_form_key('ucp_draft')) + { + $drafts = array_keys(request_var('d', array(0 => 0))); + + if (sizeof($drafts)) + { + $sql = 'DELETE FROM ' . DRAFTS_TABLE . ' + WHERE ' . $db->sql_in_set('draft_id', $drafts) . ' + AND user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + } + $msg = $user->lang['DRAFTS_DELETED']; + unset($drafts); + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + meta_refresh(3, $this->u_action); + trigger_error($message); + } + + if ($submit && $edit) + { + $draft_subject = utf8_normalize_nfc(request_var('subject', '', true)); + $draft_message = utf8_normalize_nfc(request_var('message', '', true)); + if (check_form_key('ucp_draft')) + { + if ($draft_message && $draft_subject) + { + $draft_row = array( + 'draft_subject' => $draft_subject, + 'draft_message' => $draft_message + ); + + $sql = 'UPDATE ' . DRAFTS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $draft_row) . " + WHERE draft_id = $draft_id + AND user_id = " . $user->data['user_id']; + $db->sql_query($sql); + + $message = $user->lang['DRAFT_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + + meta_refresh(3, $this->u_action); + trigger_error($message); + } + else + { + $template->assign_var('ERROR', ($draft_message == '') ? $user->lang['EMPTY_DRAFT'] : (($draft_subject == '') ? $user->lang['EMPTY_DRAFT_TITLE'] : '')); + } + } + else + { + $template->assign_var('ERROR', $user->lang['FORM_INVALID']); + } + } + + if (!$pm_drafts) + { + $sql = 'SELECT d.*, f.forum_name + FROM ' . DRAFTS_TABLE . ' d, ' . FORUMS_TABLE . ' f + WHERE d.user_id = ' . $user->data['user_id'] . ' ' . + (($edit) ? "AND d.draft_id = $draft_id" : '') . ' + AND f.forum_id = d.forum_id + ORDER BY d.save_time DESC'; + } + else + { + $sql = 'SELECT * FROM ' . DRAFTS_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' ' . + (($edit) ? "AND draft_id = $draft_id" : '') . ' + AND forum_id = 0 + AND topic_id = 0 + ORDER BY save_time DESC'; + } + $result = $db->sql_query($sql); + + $draftrows = $topic_ids = array(); + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['topic_id']) + { + $topic_ids[] = (int) $row['topic_id']; + } + $draftrows[] = $row; + } + $db->sql_freeresult($result); + + if (sizeof($topic_ids)) + { + $sql = 'SELECT topic_id, forum_id, topic_title + FROM ' . TOPICS_TABLE . ' + WHERE ' . $db->sql_in_set('topic_id', array_unique($topic_ids)); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $topic_rows[$row['topic_id']] = $row; + } + $db->sql_freeresult($result); + } + unset($topic_ids); + + $template->assign_var('S_EDIT_DRAFT', $edit); + + $row_count = 0; + foreach ($draftrows as $draft) + { + $link_topic = $link_forum = $link_pm = false; + $insert_url = $view_url = $title = ''; + + if (isset($topic_rows[$draft['topic_id']]) && $auth->acl_get('f_read', $topic_rows[$draft['topic_id']]['forum_id'])) + { + $link_topic = true; + $view_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $topic_rows[$draft['topic_id']]['forum_id'] . '&t=' . $draft['topic_id']); + $title = $topic_rows[$draft['topic_id']]['topic_title']; + + $insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $topic_rows[$draft['topic_id']]['forum_id'] . '&t=' . $draft['topic_id'] . '&mode=reply&d=' . $draft['draft_id']); + } + else if ($auth->acl_get('f_read', $draft['forum_id'])) + { + $link_forum = true; + $view_url = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $draft['forum_id']); + $title = $draft['forum_name']; + + $insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $draft['forum_id'] . '&mode=post&d=' . $draft['draft_id']); + } + else if ($pm_drafts) + { + $link_pm = true; + $insert_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&d=" . $draft['draft_id']); + } + + $template_row = array( + 'DATE' => $user->format_date($draft['save_time']), + 'DRAFT_MESSAGE' => ($submit) ? $draft_message : $draft['draft_message'], + 'DRAFT_SUBJECT' => ($submit) ? $draft_subject : $draft['draft_subject'], + 'TITLE' => $title, + + 'DRAFT_ID' => $draft['draft_id'], + 'FORUM_ID' => $draft['forum_id'], + 'TOPIC_ID' => $draft['topic_id'], + + 'U_VIEW' => $view_url, + 'U_VIEW_EDIT' => $this->u_action . '&edit=' . $draft['draft_id'], + 'U_INSERT' => $insert_url, + + 'S_LINK_TOPIC' => $link_topic, + 'S_LINK_FORUM' => $link_forum, + 'S_LINK_PM' => $link_pm, + 'S_HIDDEN_FIELDS' => $s_hidden_fields + ); + $row_count++; + + ($edit) ? $template->assign_vars($template_row) : $template->assign_block_vars('draftrow', $template_row); + } + + if (!$edit) + { + $template->assign_var('S_DRAFT_ROWS', $row_count); + } + + break; + } + + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_MAIN_' . strtoupper($mode)], + + 'S_DISPLAY_MARK_ALL' => ($mode == 'watched' || ($mode == 'drafts' && !isset($_GET['edit']))) ? true : false, + 'S_HIDDEN_FIELDS' => (isset($s_hidden_fields)) ? $s_hidden_fields : '', + 'S_UCP_ACTION' => $this->u_action, + + 'LAST_POST_IMG' => $user->img('icon_topic_latest', 'VIEW_LATEST_POST'), + 'NEWEST_POST_IMG' => $user->img('icon_topic_newest', 'VIEW_NEWEST_POST'), + )); + + // Set desired template + $this->tpl_name = 'ucp_main_' . $mode; + $this->page_title = 'UCP_MAIN_' . strtoupper($mode); + } + + /** + * Build and assign topiclist for bookmarks/subscribed topics + */ + function assign_topiclist($mode = 'subscribed', $forbidden_forum_ary = array()) + { + global $user, $db, $template, $config, $cache, $auth, $phpbb_root_path, $phpEx; + + $table = ($mode == 'subscribed') ? TOPICS_WATCH_TABLE : BOOKMARKS_TABLE; + $start = request_var('start', 0); + + // Grab icons + $icons = $cache->obtain_icons(); + + $sql_array = array( + 'SELECT' => 'COUNT(t.topic_id) as topics_count', + + 'FROM' => array( + $table => 'i', + TOPICS_TABLE => 't' + ), + + 'WHERE' => 'i.topic_id = t.topic_id + AND i.user_id = ' . $user->data['user_id'] . ' + AND ' . $db->sql_in_set('t.forum_id', $forbidden_forum_ary, true, true), + ); + $sql = $db->sql_build_query('SELECT', $sql_array); + $result = $db->sql_query($sql); + $topics_count = (int) $db->sql_fetchfield('topics_count'); + $db->sql_freeresult($result); + + if ($topics_count) + { + $template->assign_vars(array( + 'PAGINATION' => generate_pagination($this->u_action, $topics_count, $config['topics_per_page'], $start), + 'PAGE_NUMBER' => on_page($topics_count, $config['topics_per_page'], $start), + 'TOTAL_TOPICS' => ($topics_count == 1) ? $user->lang['VIEW_FORUM_TOPIC'] : sprintf($user->lang['VIEW_FORUM_TOPICS'], $topics_count)) + ); + } + + if ($mode == 'subscribed') + { + $sql_array = array( + 'SELECT' => 't.*, f.forum_name', + + 'FROM' => array( + TOPICS_WATCH_TABLE => 'tw', + TOPICS_TABLE => 't' + ), + + 'WHERE' => 'tw.user_id = ' . $user->data['user_id'] . ' + AND t.topic_id = tw.topic_id + AND ' . $db->sql_in_set('t.forum_id', $forbidden_forum_ary, true, true), + + + 'ORDER_BY' => 't.topic_last_post_time DESC' + ); + + $sql_array['LEFT_JOIN'] = array(); + } + else + { + $sql_array = array( + 'SELECT' => 't.*, f.forum_name, b.topic_id as b_topic_id', + + 'FROM' => array( + BOOKMARKS_TABLE => 'b', + ), + + 'WHERE' => 'b.user_id = ' . $user->data['user_id'] . ' + AND ' . $db->sql_in_set('f.forum_id', $forbidden_forum_ary, true, true), + + 'ORDER_BY' => 't.topic_last_post_time DESC' + ); + + $sql_array['LEFT_JOIN'] = array(); + $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TABLE => 't'), 'ON' => 'b.topic_id = t.topic_id'); + } + + $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TABLE => 'f'), 'ON' => 't.forum_id = f.forum_id'); + + if ($config['load_db_lastread']) + { + $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TRACK_TABLE => 'ft'), 'ON' => 'ft.forum_id = t.forum_id AND ft.user_id = ' . $user->data['user_id']); + $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TRACK_TABLE => 'tt'), 'ON' => 'tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id']); + $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time AS forum_mark_time'; + } + + if ($config['load_db_track']) + { + $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_POSTED_TABLE => 'tp'), 'ON' => 'tp.topic_id = t.topic_id AND tp.user_id = ' . $user->data['user_id']); + $sql_array['SELECT'] .= ', tp.topic_posted'; + } + + $sql = $db->sql_build_query('SELECT', $sql_array); + $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); + + $topic_list = $topic_forum_list = $global_announce_list = $rowset = array(); + while ($row = $db->sql_fetchrow($result)) + { + $topic_id = (isset($row['b_topic_id'])) ? $row['b_topic_id'] : $row['topic_id']; + + $topic_list[] = $topic_id; + $rowset[$topic_id] = $row; + + $topic_forum_list[$row['forum_id']]['forum_mark_time'] = ($config['load_db_lastread']) ? $row['forum_mark_time'] : 0; + $topic_forum_list[$row['forum_id']]['topics'][] = $topic_id; + + if ($row['topic_type'] == POST_GLOBAL) + { + $global_announce_list[] = $topic_id; + } + } + $db->sql_freeresult($result); + + $topic_tracking_info = array(); + if ($config['load_db_lastread']) + { + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time']), ($f_id == 0) ? $global_announce_list : false); + } + } + else + { + foreach ($topic_forum_list as $f_id => $topic_row) + { + $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics'], $global_announce_list); + } + } + + foreach ($topic_list as $topic_id) + { + $row = &$rowset[$topic_id]; + + $forum_id = $row['forum_id']; + $topic_id = (isset($row['b_topic_id'])) ? $row['b_topic_id'] : $row['topic_id']; + + $unread_topic = (isset($topic_tracking_info[$topic_id]) && $row['topic_last_post_time'] > $topic_tracking_info[$topic_id]) ? true : false; + + // Replies + $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; + + if ($row['topic_status'] == ITEM_MOVED && !empty($row['topic_moved_id'])) + { + $topic_id = $row['topic_moved_id']; + } + + // Get folder img, topic status/type related information + $folder_img = $folder_alt = $topic_type = ''; + topic_status($row, $replies, $unread_topic, $folder_img, $folder_alt, $topic_type); + + $view_topic_url_params = "f=$forum_id&t=$topic_id"; + $view_topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params); + + // Send vars to template + $template->assign_block_vars('topicrow', array( + 'FORUM_ID' => $forum_id, + 'TOPIC_ID' => $topic_id, + 'FIRST_POST_TIME' => $user->format_date($row['topic_time']), + 'LAST_POST_SUBJECT' => $row['topic_last_post_subject'], + 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), + 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), + + 'TOPIC_AUTHOR' => get_username_string('username', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'TOPIC_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'TOPIC_AUTHOR_FULL' => get_username_string('full', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), + + 'LAST_POST_AUTHOR' => get_username_string('username', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), + + 'S_DELETED_TOPIC' => (!$row['topic_id']) ? true : false, + 'S_GLOBAL_TOPIC' => (!$forum_id) ? true : false, + + 'PAGINATION' => topic_generate_pagination($replies, append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . (($row['forum_id']) ? $row['forum_id'] : $forum_id) . "&t=$topic_id")), + 'REPLIES' => $replies, + 'VIEWS' => $row['topic_views'], + 'TOPIC_TITLE' => censor_text($row['topic_title']), + 'TOPIC_TYPE' => $topic_type, + 'FORUM_NAME' => $row['forum_name'], + + 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), + 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), + 'TOPIC_FOLDER_IMG_ALT' => $user->lang[$folder_alt], + 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', + 'TOPIC_ICON_IMG_WIDTH' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '', + 'TOPIC_ICON_IMG_HEIGHT' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['height'] : '', + 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', + + 'S_TOPIC_TYPE' => $row['topic_type'], + 'S_USER_POSTED' => (!empty($row['topic_posted'])) ? true : false, + 'S_UNREAD_TOPIC' => $unread_topic, + + 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&view=unread') . '#unread', + 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&p=' . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], + 'U_VIEW_TOPIC' => $view_topic_url, + 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id), + )); + } + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php new file mode 100644 index 0000000000..e1c51170db --- /dev/null +++ b/phpBB/includes/ucp/ucp_pm.php @@ -0,0 +1,416 @@ +<?php +/** +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Private Message Class +* +* $_REQUEST['folder'] display folder with the id used +* $_REQUEST['folder'] inbox|outbox|sentbox display folder with the associated name +* +* Display Messages (default to inbox) - mode=view +* Display single message - mode=view&p=[msg_id] or &p=[msg_id] (short linkage) +* +* if the folder id with (&f=[folder_id]) is used when displaying messages, one query will be saved. If it is not used, phpBB needs to grab +* the folder id first in order to display the input boxes and folder names and such things. ;) phpBB always checks this against the database to make +* sure the user is able to view the message. +* +* Composing Messages (mode=compose): +* To specific user (u=[user_id]) +* To specific group (g=[group_id]) +* Quoting a post (action=quotepost&p=[post_id]) +* Quoting a PM (action=quote&p=[msg_id]) +* Forwarding a PM (action=forward&p=[msg_id]) +* +* @package ucp +*/ +class ucp_pm +{ + var $u_action; + + function main($id, $mode) + { + global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config; + + if (!$user->data['is_registered']) + { + trigger_error('NO_MESSAGE'); + } + + // Is PM disabled? + if (!$config['allow_privmsg']) + { + trigger_error('PM_DISABLED'); + } + + $user->add_lang('posting'); + $template->assign_var('S_PRIVMSGS', true); + + // Folder directly specified? + $folder_specified = request_var('folder', ''); + + if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox'))) + { + $folder_specified = (int) $folder_specified; + } + else + { + $folder_specified = ($folder_specified == 'inbox') ? PRIVMSGS_INBOX : (($folder_specified == 'outbox') ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX); + } + + if (!$folder_specified) + { + $mode = (!$mode) ? request_var('mode', 'view') : $mode; + } + else + { + $mode = 'view'; + } + + include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); + + switch ($mode) + { + // New private messages popup + case 'popup': + + $l_new_message = ''; + if ($user->data['is_registered']) + { + if ($user->data['user_new_privmsg']) + { + $l_new_message = ($user->data['user_new_privmsg'] == 1) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS']; + } + else + { + $l_new_message = $user->lang['YOU_NO_NEW_PM']; + } + } + + $template->assign_vars(array( + 'MESSAGE' => $l_new_message, + 'S_NOT_LOGGED_IN' => ($user->data['user_id'] == ANONYMOUS) ? true : false, + 'CLICK_TO_VIEW' => sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox') . '" onclick="jump_to_inbox(this.href); return false;">', '</a>'), + 'U_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), + 'UA_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false)) + ); + + $tpl_file = 'ucp_pm_popup'; + break; + + // Compose message + case 'compose': + $action = request_var('action', 'post'); + + get_folder($user->data['user_id']); + + if (!$auth->acl_get('u_sendpm')) + { + // trigger_error('NO_AUTH_SEND_MESSAGE'); + $template->assign_vars(array( + 'S_NO_AUTH_SEND_MESSAGE' => true, + 'S_COMPOSE_PM_VIEW' => true, + )); + + $tpl_file = 'ucp_pm_viewfolder'; + break; + } + + include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx); + compose_pm($id, $mode, $action); + + $tpl_file = 'posting_body'; + break; + + case 'options': + set_user_message_limit(); + get_folder($user->data['user_id']); + + include($phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx); + message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions); + + $tpl_file = 'ucp_pm_options'; + break; + + case 'drafts': + + get_folder($user->data['user_id']); + $this->p_name = 'pm'; + + // Call another module... please do not try this at home... Hoochie Coochie Man + include($phpbb_root_path . 'includes/ucp/ucp_main.' . $phpEx); + + $module = new ucp_main($this); + $module->u_action = $this->u_action; + $module->main($id, $mode); + + $this->tpl_name = $module->tpl_name; + $this->page_title = 'UCP_PM_DRAFTS'; + + unset($module); + return; + + break; + + case 'view': + + set_user_message_limit(); + + if ($folder_specified) + { + $folder_id = $folder_specified; + $action = 'view_folder'; + } + else + { + $folder_id = request_var('f', PRIVMSGS_NO_BOX); + $action = request_var('action', 'view_folder'); + } + + $msg_id = request_var('p', 0); + $view = request_var('view', ''); + + // View message if specified + if ($msg_id) + { + $action = 'view_message'; + } + + if (!$auth->acl_get('u_readpm')) + { + trigger_error('NO_AUTH_READ_MESSAGE'); + } + + // Do not allow hold messages to be seen + if ($folder_id == PRIVMSGS_HOLD_BOX) + { + trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); + } + + + // First Handle Mark actions and moving messages + $submit_mark = (isset($_POST['submit_mark'])) ? true : false; + $move_pm = (isset($_POST['move_pm'])) ? true : false; + $mark_option = request_var('mark_option', ''); + $dest_folder = request_var('dest_folder', PRIVMSGS_NO_BOX); + + // Is moving PM triggered through mark options? + if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark) + { + $move_pm = true; + $dest_folder = (int) $mark_option; + $submit_mark = false; + } + + // Move PM + if ($move_pm) + { + $move_msg_ids = (isset($_POST['marked_msg_id'])) ? request_var('marked_msg_id', array(0)) : array(); + $cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); + + if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) + { + // Return to folder view if single message moved + if ($action == 'view_message') + { + $msg_id = 0; + $folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); + $action = 'view_folder'; + } + } + } + + // Message Mark Options + if ($submit_mark) + { + handle_mark_actions($user->data['user_id'], $mark_option); + } + + // If new messages arrived, place them into the appropriate folder + $num_not_moved = $num_removed = 0; + $release = request_var('release', 0); + + if ($user->data['user_new_privmsg'] && $action == 'view_folder') + { + $return = place_pm_into_folder($global_privmsgs_rules, $release); + $num_not_moved = $return['not_moved']; + $num_removed = $return['removed']; + } + + if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX) + { + $folder_id = PRIVMSGS_INBOX; + } + else if ($msg_id && $folder_id == PRIVMSGS_NO_BOX) + { + $sql = 'SELECT folder_id + FROM ' . PRIVMSGS_TO_TABLE . " + WHERE msg_id = $msg_id + AND folder_id <> " . PRIVMSGS_NO_BOX . ' + AND user_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_MESSAGE'); + } + $folder_id = (int) $row['folder_id']; + } + + $message_row = array(); + if ($action == 'view_message' && $msg_id) + { + // Get Message user want to see + if ($view == 'next' || $view == 'previous') + { + $sql_condition = ($view == 'next') ? '>' : '<'; + $sql_ordering = ($view == 'next') ? 'ASC' : 'DESC'; + + $sql = 'SELECT t.msg_id + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2 + WHERE p2.msg_id = $msg_id + AND t.folder_id = $folder_id + AND t.user_id = " . $user->data['user_id'] . " + AND t.msg_id = p.msg_id + AND p.message_time $sql_condition p2.message_time + ORDER BY p.message_time $sql_ordering"; + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + $message = ($view == 'next') ? 'NO_NEWER_PM' : 'NO_OLDER_PM'; + trigger_error($message); + } + else + { + $msg_id = $row['msg_id']; + } + } + + $sql = 'SELECT t.*, p.*, u.* + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u + WHERE t.user_id = ' . $user->data['user_id'] . " + AND p.author_id = u.user_id + AND t.folder_id = $folder_id + AND t.msg_id = p.msg_id + AND p.msg_id = $msg_id"; + $result = $db->sql_query($sql); + $message_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$message_row) + { + trigger_error('NO_MESSAGE'); + } + + // Update unread status + update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id); + } + + $folder = get_folder($user->data['user_id'], $folder_id); + + $s_folder_options = $s_to_folder_options = ''; + foreach ($folder as $f_id => $folder_ary) + { + $option = '<option' . ((!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX))) ? ' class="sep"' : '') . ' value="' . $f_id . '"' . (($f_id == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>'; + + $s_to_folder_options .= ($f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX) ? $option : ''; + $s_folder_options .= $option; + } + clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']); + + // Header for message view - folder and so on + $folder_status = get_folder_status($folder_id, $folder); + + $template->assign_vars(array( + 'CUR_FOLDER_ID' => $folder_id, + 'CUR_FOLDER_NAME' => $folder_status['folder_name'], + 'NUM_NOT_MOVED' => $num_not_moved, + 'NUM_REMOVED' => $num_removed, + 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'), + 'NOT_MOVED_MESSAGES' => ($num_not_moved == 1) ? $user->lang['NOT_MOVED_MESSAGE'] : sprintf($user->lang['NOT_MOVED_MESSAGES'], $num_not_moved), + 'RULE_REMOVED_MESSAGES' => ($num_removed == 1) ? $user->lang['RULE_REMOVED_MESSAGE'] : sprintf($user->lang['RULE_REMOVED_MESSAGES'], $num_removed), + + 'S_FOLDER_OPTIONS' => $s_folder_options, + 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, + 'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder', + 'S_PM_ACTION' => $this->u_action . '&action=' . $action, + + 'U_INBOX' => $this->u_action . '&folder=inbox', + 'U_OUTBOX' => $this->u_action . '&folder=outbox', + 'U_SENTBOX' => $this->u_action . '&folder=sentbox', + 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', + 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, + + 'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false, + 'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false, + 'S_IN_SENTBOX' => ($folder_id == PRIVMSGS_SENTBOX) ? true : false, + + 'FOLDER_STATUS' => $folder_status['message'], + 'FOLDER_MAX_MESSAGES' => $folder_status['max'], + 'FOLDER_CUR_MESSAGES' => $folder_status['cur'], + 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'], + 'FOLDER_PERCENT' => $folder_status['percent']) + ); + + if ($action == 'view_folder') + { + include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx); + view_folder($id, $mode, $folder_id, $folder); + + $tpl_file = 'ucp_pm_viewfolder'; + } + else if ($action == 'view_message') + { + $template->assign_vars(array( + 'S_VIEW_MESSAGE' => true, + 'MSG_ID' => $msg_id) + ); + + if (!$msg_id) + { + trigger_error('NO_MESSAGE'); + } + + include($phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx); + view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row); + + $tpl_file = ($view == 'print') ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage'; + } + + break; + + default: + trigger_error('NO_ACTION_MODE', E_USER_ERROR); + break; + } + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)], + 'S_UCP_ACTION' => $this->u_action . ((isset($action)) ? "&action=$action" : '')) + ); + + // Set desired template + $this->tpl_name = $tpl_file; + $this->page_title = 'UCP_PM_' . strtoupper($mode); + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php new file mode 100644 index 0000000000..2f56bcdf7a --- /dev/null +++ b/phpBB/includes/ucp/ucp_pm_compose.php @@ -0,0 +1,1290 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Compose private message +* Called from ucp_pm with mode == 'compose' +*/ +function compose_pm($id, $mode, $action) +{ + global $template, $db, $auth, $user; + global $phpbb_root_path, $phpEx, $config; + + // Damn php and globals - i know, this is horrible + // Needed for handle_message_list_actions() + global $refresh, $submit, $preview; + + include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + include($phpbb_root_path . 'includes/message_parser.' . $phpEx); + + if (!$action) + { + $action = 'post'; + } + add_form_key('ucp_pm_compose'); + + // Grab only parameters needed here + $to_user_id = request_var('u', 0); + $to_group_id = request_var('g', 0); + $msg_id = request_var('p', 0); + $draft_id = request_var('d', 0); + $lastclick = request_var('lastclick', 0); + + // Reply to all triggered (quote/reply) + $reply_to_all = request_var('reply_to_all', 0); + + // Do NOT use request_var or specialchars here + $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array(); + + if (!is_array($address_list)) + { + $address_list = array(); + } + + $submit = (isset($_POST['post'])) ? true : false; + $preview = (isset($_POST['preview'])) ? true : false; + $save = (isset($_POST['save'])) ? true : false; + $load = (isset($_POST['load'])) ? true : false; + $cancel = (isset($_POST['cancel']) && !isset($_POST['save'])) ? true : false; + $delete = (isset($_POST['delete'])) ? true : false; + + $remove_u = (isset($_REQUEST['remove_u'])) ? true : false; + $remove_g = (isset($_REQUEST['remove_g'])) ? true : false; + $add_to = (isset($_REQUEST['add_to'])) ? true : false; + $add_bcc = (isset($_REQUEST['add_bcc'])) ? true : false; + + $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load + || $remove_u || $remove_g || $add_to || $add_bcc; + + $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action; + $select_single = ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? false : true; + + $error = array(); + $current_time = time(); + + // Was cancel pressed? If so then redirect to the appropriate page + if ($cancel || ($current_time - $lastclick < 2 && $submit)) + { + if ($msg_id) + { + redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); + } + redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm')); + } + + // Since viewtopic.php language entries are used in several modes, + // we include the language file here + $user->add_lang('viewtopic'); + + // Output PM_TO box if message composing + if ($action != 'edit') + { + // Add groups to PM box + if ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) + { + $sql = 'SELECT g.group_id, g.group_name, g.group_type + FROM ' . GROUPS_TABLE . ' g'; + + if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) + { + $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug + ON ( + g.group_id = ug.group_id + AND ug.user_id = ' . $user->data['user_id'] . ' + AND ug.user_pending = 0 + ) + WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; + } + + $sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND '; + + $sql .= 'g.group_receive_pm = 1 + ORDER BY g.group_type DESC, g.group_name ASC'; + $result = $db->sql_query($sql); + + $group_options = ''; + while ($row = $db->sql_fetchrow($result)) + { + $group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + } + $db->sql_freeresult($result); + } + + $template->assign_vars(array( + 'S_SHOW_PM_BOX' => true, + 'S_ALLOW_MASS_PM' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? true : false, + 'S_GROUP_OPTIONS' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) ? $group_options : '', + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=postform&field=username_list&select_single=$select_single"), + )); + } + + $sql = ''; + + // What is all this following SQL for? Well, we need to know + // some basic information in all cases before we do anything. + switch ($action) + { + case 'post': + if (!$auth->acl_get('u_sendpm')) + { + trigger_error('NO_AUTH_SEND_MESSAGE'); + } + break; + + case 'reply': + case 'quote': + case 'forward': + case 'quotepost': + if (!$msg_id) + { + trigger_error('NO_MESSAGE'); + } + + if (!$auth->acl_get('u_sendpm')) + { + trigger_error('NO_AUTH_SEND_MESSAGE'); + } + + if ($action == 'quotepost') + { + $sql = 'SELECT p.post_id as msg_id, p.forum_id, p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username + FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u + WHERE p.post_id = $msg_id + AND t.topic_id = p.topic_id + AND u.user_id = p.poster_id"; + } + else + { + $sql = 'SELECT t.folder_id, p.*, u.username as quote_username + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u + WHERE t.user_id = ' . $user->data['user_id'] . " + AND p.author_id = u.user_id + AND t.msg_id = p.msg_id + AND p.msg_id = $msg_id"; + } + break; + + case 'edit': + if (!$msg_id) + { + trigger_error('NO_MESSAGE'); + } + + // check for outbox (not read) status, we do not allow editing if one user already having the message + $sql = 'SELECT p.*, t.folder_id + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p + WHERE t.user_id = ' . $user->data['user_id'] . ' + AND t.folder_id = ' . PRIVMSGS_OUTBOX . " + AND t.msg_id = $msg_id + AND t.msg_id = p.msg_id"; + break; + + case 'delete': + if (!$auth->acl_get('u_pm_delete')) + { + trigger_error('NO_AUTH_DELETE_MESSAGE'); + } + + if (!$msg_id) + { + trigger_error('NO_MESSAGE'); + } + + $sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . " + AND msg_id = $msg_id"; + break; + + case 'smilies': + generate_smilies('window', 0); + break; + + default: + trigger_error('NO_ACTION_MODE', E_USER_ERROR); + break; + } + + if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) + { + trigger_error('NO_AUTH_FORWARD_MESSAGE'); + } + + if ($action == 'edit' && !$auth->acl_get('u_pm_edit')) + { + trigger_error('NO_AUTH_EDIT_MESSAGE'); + } + + if ($sql) + { + $result = $db->sql_query($sql); + $post = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$post) + { + // If editing it could be the recipient already read the message... + if ($action == 'edit') + { + $sql = 'SELECT p.*, t.folder_id + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p + WHERE t.user_id = ' . $user->data['user_id'] . " + AND t.msg_id = $msg_id + AND t.msg_id = p.msg_id"; + $result = $db->sql_query($sql); + $post = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($post) + { + trigger_error('NO_EDIT_READ_MESSAGE'); + } + } + + trigger_error('NO_MESSAGE'); + } + + if ($action == 'quotepost') + { + if (($post['forum_id'] && !$auth->acl_get('f_read', $post['forum_id'])) || (!$post['forum_id'] && !$auth->acl_getf_global('f_read'))) + { + trigger_error('NOT_AUTHORISED'); + } + + // Passworded forum? + if ($post['forum_id']) + { + $sql = 'SELECT forum_password + FROM ' . FORUMS_TABLE . ' + WHERE forum_id = ' . (int) $post['forum_id']; + $result = $db->sql_query($sql); + $forum_password = (string) $db->sql_fetchfield('forum_password'); + $db->sql_freeresult($result); + + if ($forum_password) + { + login_forum_box(array( + 'forum_id' => $post['forum_id'], + 'forum_password' => $forum_password, + )); + } + } + } + + $msg_id = (int) $post['msg_id']; + $folder_id = (isset($post['folder_id'])) ? $post['folder_id'] : 0; + $message_text = (isset($post['message_text'])) ? $post['message_text'] : ''; + + if ((!$post['author_id'] || ($post['author_id'] == ANONYMOUS && $action != 'delete')) && $msg_id) + { + trigger_error('NO_AUTHOR'); + } + + if ($action == 'quotepost') + { + // Decode text for message display + decode_message($message_text, $post['bbcode_uid']); + } + + if ($action != 'delete') + { + $enable_urls = $post['enable_magic_url']; + $enable_sig = (isset($post['enable_sig'])) ? $post['enable_sig'] : 0; + + $message_attachment = (isset($post['message_attachment'])) ? $post['message_attachment'] : 0; + $message_subject = $post['message_subject']; + $message_time = $post['message_time']; + $bbcode_uid = $post['bbcode_uid']; + + $quote_username = (isset($post['quote_username'])) ? $post['quote_username'] : ''; + $icon_id = (isset($post['icon_id'])) ? $post['icon_id'] : 0; + + if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !sizeof($address_list) && !$refresh && !$submit && !$preview) + { + // Add the original author as the recipient if quoting a post or only replying and not having checked "reply to all" + if ($action == 'quotepost' || !$reply_to_all) + { + $address_list = array('u' => array($post['author_id'] => 'to')); + } + else + { + // We try to include every previously listed member from the TO Header - Reply to all + $address_list = rebuild_header(array('to' => $post['to_address'])); + + // Add the author (if he is already listed then this is no shame (it will be overwritten)) + $address_list['u'][$post['author_id']] = 'to'; + + // Now, make sure the user itself is not listed. ;) + if (isset($address_list['u'][$user->data['user_id']])) + { + unset($address_list['u'][$user->data['user_id']]); + } + } + } + else if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview) + { + // Rebuild TO and BCC Header + $address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address'])); + } + + if ($action == 'quotepost') + { + $check_value = 0; + } + else + { + $check_value = (($post['enable_bbcode']+1) << 8) + (($post['enable_smilies']+1) << 4) + (($enable_urls+1) << 2) + (($post['enable_sig']+1) << 1); + } + } + } + else + { + $message_attachment = 0; + $message_text = $message_subject = ''; + + if ($to_user_id && $action == 'post') + { + $address_list['u'][$to_user_id] = 'to'; + } + else if ($to_group_id && $action == 'post') + { + $address_list['g'][$to_group_id] = 'to'; + } + $check_value = 0; + } + + if (($to_group_id || isset($address_list['g'])) && (!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group'))) + { + trigger_error('NO_AUTH_GROUP_MESSAGE'); + } + + if ($action == 'edit' && !$refresh && !$preview && !$submit) + { + if (!($message_time > time() - ($config['pm_edit_time'] * 60) || !$config['pm_edit_time'])) + { + trigger_error('CANNOT_EDIT_MESSAGE_TIME'); + } + } + + if ($action == 'post') + { + $template->assign_var('S_NEW_MESSAGE', true); + } + + if (!isset($icon_id)) + { + $icon_id = 0; + } + + $message_parser = new parse_message(); + + $message_parser->message = ($action == 'reply') ? '' : $message_text; + unset($message_text); + + $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); + $s_action .= ($msg_id) ? "&p=$msg_id" : ''; + + // Delete triggered ? + if ($action == 'delete') + { + // Folder id has been determined by the SQL Statement + // $folder_id = request_var('f', PRIVMSGS_NO_BOX); + + // Do we need to confirm ? + if (confirm_box(true)) + { + delete_pm($user->data['user_id'], $msg_id, $folder_id); + + // jump to next message in "history"? nope, not for the moment. But able to be included later. + $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id"); + $message = $user->lang['MESSAGE_DELETED']; + + meta_refresh(3, $meta_info); + $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>'); + trigger_error($message); + } + else + { + $s_hidden_fields = array( + 'p' => $msg_id, + 'f' => $folder_id, + 'action' => 'delete' + ); + + // "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose" + confirm_box(false, 'DELETE_MESSAGE', build_hidden_fields($s_hidden_fields)); + } + + redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); + } + + // Get maximum number of allowed recipients + $sql = 'SELECT MAX(g.group_max_recipients) as max_recipients + FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug + WHERE ug.user_id = ' . $user->data['user_id'] . ' + AND ug.user_pending = 0 + AND ug.group_id = g.group_id'; + $result = $db->sql_query($sql); + $max_recipients = (int) $db->sql_fetchfield('max_recipients'); + $db->sql_freeresult($result); + + $max_recipients = (!$max_recipients) ? $config['pm_max_recipients'] : $max_recipients; + + // If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients + if (($action == 'reply' || $action == 'quote') && $max_recipients && $reply_to_all) + { + // We try to include every previously listed member from the TO Header + $list = rebuild_header(array('to' => $post['to_address'])); + + // Can be an empty array too ;) + $list = (!empty($list['u'])) ? $list['u'] : array(); + $list[$post['author_id']] = 'to'; + + if (isset($list[$user->data['user_id']])) + { + unset($list[$user->data['user_id']]); + } + + $max_recipients = ($max_recipients < sizeof($list)) ? sizeof($list) : $max_recipients; + + unset($list); + } + + // Handle User/Group adding/removing + handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc); + + // Check mass pm to group permission + if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) + { + $address_list = array(); + $error[] = $user->lang['NO_AUTH_GROUP_MESSAGE']; + } + + // Check mass pm to users permission + if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) + { + $address_list = get_recipients($address_list, 1); + $error[] = $user->lang('TOO_MANY_RECIPIENTS', 1); + } + + // Check for too many recipients + if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) + { + $address_list = get_recipients($address_list, $max_recipients); + $error[] = $user->lang('TOO_MANY_RECIPIENTS', $max_recipients); + } + + // Always check if the submitted attachment data is valid and belongs to the user. + // Further down (especially in submit_post()) we do not check this again. + $message_parser->get_submitted_attachment_data(); + + if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') + { + // Do not change to SELECT * + $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename + FROM ' . ATTACHMENTS_TABLE . " + WHERE post_msg_id = $msg_id + AND in_message = 1 + AND is_orphan = 0 + ORDER BY filetime DESC"; + $result = $db->sql_query($sql); + $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); + $db->sql_freeresult($result); + } + + if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) + { + $enable_sig = ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig') && $user->optionget('attachsig')); + $enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies')); + $enable_bbcode = ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode')); + $enable_urls = true; + } + + $enable_magic_url = $drafts = false; + + // User own some drafts? + if ($auth->acl_get('u_savedrafts') && $action != 'delete') + { + $sql = 'SELECT draft_id + FROM ' . DRAFTS_TABLE . ' + WHERE forum_id = 0 + AND topic_id = 0 + AND user_id = ' . $user->data['user_id'] . + (($draft_id) ? " AND draft_id <> $draft_id" : ''); + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + $drafts = true; + } + } + + if ($action == 'edit') + { + $message_parser->bbcode_uid = $bbcode_uid; + } + + $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; + $smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false; + $img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false; + $flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false; + $url_status = ($config['allow_post_links']) ? true : false; + + // Save Draft + if ($save && $auth->acl_get('u_savedrafts')) + { + $subject = utf8_normalize_nfc(request_var('subject', '', true)); + $subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject; + $message = utf8_normalize_nfc(request_var('message', '', true)); + + if ($subject && $message) + { + if (confirm_box(true)) + { + $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( + 'user_id' => $user->data['user_id'], + 'topic_id' => 0, + 'forum_id' => 0, + 'save_time' => $current_time, + 'draft_subject' => $subject, + 'draft_message' => $message + ) + ); + $db->sql_query($sql); + + $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode"); + + meta_refresh(3, $redirect_url); + $message = $user->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); + + trigger_error($message); + } + else + { + $s_hidden_fields = build_hidden_fields(array( + 'mode' => $mode, + 'action' => $action, + 'save' => true, + 'subject' => $subject, + 'message' => $message, + 'u' => $to_user_id, + 'g' => $to_group_id, + 'p' => $msg_id) + ); + $s_hidden_fields .= build_address_field($address_list); + + + confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); + } + } + else + { + if (utf8_clean_string($subject) === '') + { + $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; + } + + if (utf8_clean_string($message) === '') + { + $error[] = $user->lang['TOO_FEW_CHARS']; + } + } + + unset($subject, $message); + } + + // Load Draft + if ($draft_id && $auth->acl_get('u_savedrafts')) + { + $sql = 'SELECT draft_subject, draft_message + FROM ' . DRAFTS_TABLE . " + WHERE draft_id = $draft_id + AND topic_id = 0 + AND forum_id = 0 + AND user_id = " . $user->data['user_id']; + $result = $db->sql_query_limit($sql, 1); + + if ($row = $db->sql_fetchrow($result)) + { + $message_parser->message = $row['draft_message']; + $message_subject = $row['draft_subject']; + + $template->assign_var('S_DRAFT_LOADED', true); + } + else + { + $draft_id = 0; + } + $db->sql_freeresult($result); + } + + // Load Drafts + if ($load && $drafts) + { + load_drafts(0, 0, $id, $action, $msg_id); + } + + if ($submit || $preview || $refresh) + { + if (($submit || $preview) && !check_form_key('ucp_pm_compose')) + { + $error[] = $user->lang['FORM_INVALID']; + } + $subject = utf8_normalize_nfc(request_var('subject', '', true)); + $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); + + $icon_id = request_var('icon', 0); + + $enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; + $enable_smilies = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; + $enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1; + $enable_sig = (!$config['allow_sig'] ||!$config['allow_sig_pm']) ? false : ((isset($_POST['attach_sig'])) ? true : false); + + if ($submit) + { + $status_switch = (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1); + $status_switch = ($status_switch != $check_value); + } + else + { + $status_switch = 1; + } + + // Parse Attachments - before checksum is calculated + $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); + + if (sizeof($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) + { + $error[] = implode('<br />', $message_parser->warn_msg); + $message_parser->warn_msg = array(); + } + + // Parse message + $message_parser->parse($enable_bbcode, ($config['allow_post_links']) ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']); + + // On a refresh we do not care about message parsing errors + if (sizeof($message_parser->warn_msg) && !$refresh) + { + $error[] = implode('<br />', $message_parser->warn_msg); + } + + if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood')) + { + // Flood check + $last_post_time = $user->data['user_lastpost_time']; + + if ($last_post_time) + { + if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) + { + $error[] = $user->lang['FLOOD_ERROR']; + } + } + } + + // Subject defined + if ($submit) + { + if (utf8_clean_string($subject) === '') + { + $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; + } + + if (!sizeof($address_list)) + { + $error[] = $user->lang['NO_RECIPIENT']; + } + } + + // Store message, sync counters + if (!sizeof($error) && $submit) + { + $pm_data = array( + 'msg_id' => (int) $msg_id, + 'from_user_id' => $user->data['user_id'], + 'from_user_ip' => $user->ip, + 'from_username' => $user->data['username'], + 'reply_from_root_level' => (isset($post['root_level'])) ? (int) $post['root_level'] : 0, + 'reply_from_msg_id' => (int) $msg_id, + 'icon_id' => (int) $icon_id, + 'enable_sig' => (bool) $enable_sig, + 'enable_bbcode' => (bool) $enable_bbcode, + 'enable_smilies' => (bool) $enable_smilies, + 'enable_urls' => (bool) $enable_urls, + 'bbcode_bitfield' => $message_parser->bbcode_bitfield, + 'bbcode_uid' => $message_parser->bbcode_uid, + 'message' => $message_parser->message, + 'attachment_data' => $message_parser->attachment_data, + 'filename_data' => $message_parser->filename_data, + 'address_list' => $address_list + ); + + // ((!$message_subject) ? $subject : $message_subject) + $msg_id = submit_pm($action, $subject, $pm_data); + + $return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id); + $return_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); + meta_refresh(3, $return_message_url); + + $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_PRIVATE_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $user->lang['PM_OUTBOX']); + trigger_error($message); + } + + $message_subject = $subject; + } + + // Preview + if (!sizeof($error) && $preview) + { + $preview_message = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); + + $preview_signature = $user->data['user_sig']; + $preview_signature_uid = $user->data['user_sig_bbcode_uid']; + $preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield']; + + // Signature + if ($enable_sig && $config['allow_sig'] && $preview_signature) + { + $parse_sig = new parse_message($preview_signature); + $parse_sig->bbcode_uid = $preview_signature_uid; + $parse_sig->bbcode_bitfield = $preview_signature_bitfield; + + $parse_sig->format_display($enable_bbcode, $enable_urls, $enable_smilies); + $preview_signature = $parse_sig->message; + unset($parse_sig); + } + else + { + $preview_signature = ''; + } + + // Attachment Preview + if (sizeof($message_parser->attachment_data)) + { + $template->assign_var('S_HAS_ATTACHMENTS', true); + + $update_count = array(); + $attachment_data = $message_parser->attachment_data; + + parse_attachments(false, $preview_message, $attachment_data, $update_count, true); + + foreach ($attachment_data as $i => $attachment) + { + $template->assign_block_vars('attachment', array( + 'DISPLAY_ATTACHMENT' => $attachment) + ); + } + unset($attachment_data); + } + + $preview_subject = censor_text($subject); + + if (!sizeof($error)) + { + $template->assign_vars(array( + 'PREVIEW_SUBJECT' => $preview_subject, + 'PREVIEW_MESSAGE' => $preview_message, + 'PREVIEW_SIGNATURE' => $preview_signature, + + 'S_DISPLAY_PREVIEW' => true) + ); + } + unset($message_text); + } + + // Decode text for message display + $bbcode_uid = (($action == 'quote' || $action == 'forward') && !$preview && !$refresh) ? $bbcode_uid : $message_parser->bbcode_uid; + + $message_parser->decode_message($bbcode_uid); + + if (($action == 'quote' || $action == 'quotepost') && !$preview && !$refresh && !$submit) + { + if ($action == 'quotepost') + { + $post_id = request_var('p', 0); + if ($config['allow_post_links']) + { + $message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}: {$message_subject}[/url]\n\n"; + } + else + { + $message_link = $user->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n"; + } + } + else + { + $message_link = ''; + } + $message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; + } + + if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) + { + $message_subject = ((!preg_match('/^Re:/', $message_subject)) ? 'Re: ' : '') . censor_text($message_subject); + } + + if ($action == 'forward' && !$preview && !$refresh && !$submit) + { + $fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true); + + if ($config['allow_post_links']) + { + $quote_username_text = '[url=' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]"; + } + else + { + $quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']})"; + } + + $forward_text = array(); + $forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE']; + $forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject)); + $forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time, false, true)); + $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text); + $forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to'])); + + $message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; + $message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject); + } + + $attachment_data = $message_parser->attachment_data; + $filename_data = $message_parser->filename_data; + $message_text = $message_parser->message; + + // MAIN PM PAGE BEGINS HERE + + // Generate smiley listing + generate_smilies('inline', 0); + + // Generate PM Icons + $s_pm_icons = false; + if ($config['enable_pm_icons']) + { + $s_pm_icons = posting_gen_topic_icons($action, $icon_id); + } + + // Generate inline attachment select box + posting_gen_inline_attachments($attachment_data); + + // Build address list for display + // array('u' => array($author_id => 'to')); + if (sizeof($address_list)) + { + // Get Usernames and Group Names + $result = array(); + if (!empty($address_list['u'])) + { + $sql = 'SELECT user_id as id, username as name, user_colour as colour + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($address_list['u']))) . ' + ORDER BY username_clean ASC'; + $result['u'] = $db->sql_query($sql); + } + + if (!empty($address_list['g'])) + { + $sql = 'SELECT g.group_id AS id, g.group_name AS name, g.group_colour AS colour, g.group_type + FROM ' . GROUPS_TABLE . ' g'; + + if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) + { + $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug + ON ( + g.group_id = ug.group_id + AND ug.user_id = ' . $user->data['user_id'] . ' + AND ug.user_pending = 0 + ) + WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; + } + + $sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND '; + + $sql .= 'g.group_receive_pm = 1 + AND ' . $db->sql_in_set('g.group_id', array_map('intval', array_keys($address_list['g']))) . ' + ORDER BY g.group_name ASC'; + + $result['g'] = $db->sql_query($sql); + } + + $u = $g = array(); + $_types = array('u', 'g'); + foreach ($_types as $type) + { + if (isset($result[$type]) && $result[$type]) + { + while ($row = $db->sql_fetchrow($result[$type])) + { + if ($type == 'g') + { + $row['name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['name']] : $row['name']; + } + + ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']); + } + $db->sql_freeresult($result[$type]); + } + } + + // Now Build the address list + $plain_address_field = ''; + foreach ($address_list as $type => $adr_ary) + { + foreach ($adr_ary as $id => $field) + { + if (!isset(${$type}[$id])) + { + unset($address_list[$type][$id]); + continue; + } + + $field = ($field == 'to') ? 'to' : 'bcc'; + $type = ($type == 'u') ? 'u' : 'g'; + $id = (int) $id; + + $tpl_ary = array( + 'IS_GROUP' => ($type == 'g') ? true : false, + 'IS_USER' => ($type == 'u') ? true : false, + 'UG_ID' => $id, + 'NAME' => ${$type}[$id]['name'], + 'COLOUR' => (${$type}[$id]['colour']) ? '#' . ${$type}[$id]['colour'] : '', + 'TYPE' => $type, + ); + + if ($type == 'u') + { + $tpl_ary = array_merge($tpl_ary, array( + 'U_VIEW' => get_username_string('profile', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), + 'NAME_FULL' => get_username_string('full', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), + )); + } + else + { + $tpl_ary = array_merge($tpl_ary, array( + 'U_VIEW' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $id), + )); + } + + $template->assign_block_vars($field . '_recipient', $tpl_ary); + } + } + } + + // Build hidden address list + $s_hidden_address_field = build_address_field($address_list); + + + $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1); + $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1); + $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; + $sig_checked = $enable_sig; + + switch ($action) + { + case 'post': + $page_title = $user->lang['POST_NEW_PM']; + break; + + case 'quote': + $page_title = $user->lang['POST_QUOTE_PM']; + break; + + case 'quotepost': + $page_title = $user->lang['POST_PM_POST']; + break; + + case 'reply': + $page_title = $user->lang['POST_REPLY_PM']; + break; + + case 'edit': + $page_title = $user->lang['POST_EDIT_PM']; + break; + + case 'forward': + $page_title = $user->lang['POST_FORWARD_PM']; + break; + + default: + trigger_error('NO_ACTION_MODE', E_USER_ERROR); + break; + } + + $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; + $s_hidden_fields .= (isset($check_value)) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : ''; + $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : ''; + + $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"'; + + // Start assigning vars for main posting page ... + $template->assign_vars(array( + 'L_POST_A' => $page_title, + 'L_ICON' => $user->lang['PM_ICON'], + 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', + + 'SUBJECT' => (isset($message_subject)) ? $message_subject : '', + 'MESSAGE' => $message_text, + 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), + 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], + 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], + 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], + 'URL_STATUS' => ($url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], + 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], + 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'MAX_RECIPIENTS' => ($config['allow_mass_pm'] && ($auth->acl_get('u_masspm') || $auth->acl_get('u_masspm_group'))) ? $max_recipients : 0, + + 'S_COMPOSE_PM' => true, + 'S_EDIT_POST' => ($action == 'edit'), + 'S_SHOW_PM_ICONS' => $s_pm_icons, + 'S_BBCODE_ALLOWED' => $bbcode_status, + 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', + 'S_SMILIES_ALLOWED' => $smilies_status, + 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', + 'S_SIG_ALLOWED' => ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig')), + 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', + 'S_LINKS_ALLOWED' => $url_status, + 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', + 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $action != 'edit') ? true : false, + 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts), + 'S_FORM_ENCTYPE' => $form_enctype, + + 'S_BBCODE_IMG' => $img_status, + 'S_BBCODE_FLASH' => $flash_status, + 'S_BBCODE_QUOTE' => true, + 'S_BBCODE_URL' => $url_status, + + 'S_POST_ACTION' => $s_action, + 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + + 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), + 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup'), + 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup')), + )); + + // Build custom bbcodes array + display_custom_bbcodes(); + + // Show attachment box for adding attachments if true + $allowed = ($auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype); + + // Attachment entry + posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); + + // Message History + if ($action == 'reply' || $action == 'quote' || $action == 'forward') + { + if (message_history($msg_id, $user->data['user_id'], $post, array(), true)) + { + $template->assign_var('S_DISPLAY_HISTORY', true); + } + } +} + +/** +* For composing messages, handle list actions +*/ +function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc) +{ + global $auth, $db, $user; + + // Delete User [TO/BCC] + if ($remove_u && !empty($_REQUEST['remove_u']) && is_array($_REQUEST['remove_u'])) + { + $remove_user_id = array_keys($_REQUEST['remove_u']); + + if (isset($remove_user_id[0])) + { + unset($address_list['u'][(int) $remove_user_id[0]]); + } + } + + // Delete Group [TO/BCC] + if ($remove_g && !empty($_REQUEST['remove_g']) && is_array($_REQUEST['remove_g'])) + { + $remove_group_id = array_keys($_REQUEST['remove_g']); + + if (isset($remove_group_id[0])) + { + unset($address_list['g'][(int) $remove_group_id[0]]); + } + } + + // Add Selected Groups + $group_list = request_var('group_list', array(0)); + + // Build usernames to add + $usernames = request_var('username', '', true); + $usernames = (empty($usernames)) ? array() : array($usernames); + + $username_list = request_var('username_list', '', true); + if ($username_list) + { + $usernames = array_merge($usernames, explode("\n", $username_list)); + } + + // If add to or add bcc not pressed, users could still have usernames listed they want to add... + if (!$add_to && !$add_bcc && (sizeof($group_list) || sizeof($usernames))) + { + $add_to = true; + + global $refresh, $submit, $preview; + + $refresh = true; + $submit = false; + + // Preview is only true if there was also a message entered + if (request_var('message', '')) + { + $preview = true; + } + } + + // Add User/Group [TO] + if ($add_to || $add_bcc) + { + $type = ($add_to) ? 'to' : 'bcc'; + + if (sizeof($group_list)) + { + foreach ($group_list as $group_id) + { + $address_list['g'][$group_id] = $type; + } + } + + // User ID's to add... + $user_id_ary = array(); + + // Reveal the correct user_ids + if (sizeof($usernames)) + { + $user_id_ary = array(); + user_get_id_name($user_id_ary, $usernames, array(USER_NORMAL, USER_FOUNDER, USER_INACTIVE)); + + // If there are users not existing, we will at least print a notice... + if (!sizeof($user_id_ary)) + { + $error[] = $user->lang['PM_NO_USERS']; + } + } + + // Add Friends if specified + $friend_list = (isset($_REQUEST['add_' . $type]) && is_array($_REQUEST['add_' . $type])) ? array_map('intval', array_keys($_REQUEST['add_' . $type])) : array(); + $user_id_ary = array_merge($user_id_ary, $friend_list); + + foreach ($user_id_ary as $user_id) + { + if ($user_id == ANONYMOUS) + { + continue; + } + + $address_list['u'][$user_id] = $type; + } + } + + // Check for disallowed recipients + if (!empty($address_list['u'])) + { + // We need to check their PM status (do they want to receive PM's?) + // Only check if not a moderator or admin, since they are allowed to override this user setting + if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) + { + $sql = 'SELECT user_id + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' + AND user_allow_pm = 0'; + $result = $db->sql_query($sql); + + $removed = false; + while ($row = $db->sql_fetchrow($result)) + { + $removed = true; + unset($address_list['u'][$row['user_id']]); + } + $db->sql_freeresult($result); + + // print a notice about users not being added who do not want to receive pms + if ($removed) + { + $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; + } + } + } +} + +/** +* Build the hidden field for the recipients. Needed, as the variable is not read via request_var. +*/ +function build_address_field($address_list) +{ + $s_hidden_address_field = ''; + foreach ($address_list as $type => $adr_ary) + { + foreach ($adr_ary as $id => $field) + { + $s_hidden_address_field .= '<input type="hidden" name="address_list[' . (($type == 'u') ? 'u' : 'g') . '][' . (int) $id . ']" value="' . (($field == 'to') ? 'to' : 'bcc') . '" />'; + } + } + return $s_hidden_address_field; +} + +/** +* Return number of private message recipients +*/ +function num_recipients($address_list) +{ + $num_recipients = 0; + + foreach ($address_list as $field => $adr_ary) + { + $num_recipients += sizeof($adr_ary); + } + + return $num_recipients; +} + +/** +* Get number of 'num_recipients' recipients from first position +*/ +function get_recipients($address_list, $num_recipients = 1) +{ + $recipient = array(); + + $count = 0; + foreach ($address_list as $field => $adr_ary) + { + foreach ($adr_ary as $id => $type) + { + if ($count >= $num_recipients) + { + break 2; + } + $recipient[$field][$id] = $type; + $count++; + } + } + + return $recipient; +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_options.php b/phpBB/includes/ucp/ucp_pm_options.php new file mode 100644 index 0000000000..e80c0672cf --- /dev/null +++ b/phpBB/includes/ucp/ucp_pm_options.php @@ -0,0 +1,836 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* Execute message options +*/ +function message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions) +{ + global $phpbb_root_path, $phpEx, $user, $template, $auth, $config, $db; + + $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=options"); + + add_form_key('ucp_pm_options'); + // Change "full folder" setting - what to do if folder is full + if (isset($_POST['fullfolder'])) + { + check_form_key('ucp_pm_options', $config['form_token_lifetime'], $redirect_url); + $full_action = request_var('full_action', 0); + + $set_folder_id = 0; + switch ($full_action) + { + case 1: + $set_folder_id = FULL_FOLDER_DELETE; + break; + + case 2: + $set_folder_id = request_var('full_move_to', PRIVMSGS_INBOX); + break; + + case 3: + $set_folder_id = FULL_FOLDER_HOLD; + break; + + default: + $full_action = 0; + break; + } + + if ($full_action) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_full_folder = ' . $set_folder_id . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $user->data['user_full_folder'] = $set_folder_id; + + $message = $user->lang['FULL_FOLDER_OPTION_CHANGED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); + meta_refresh(3, $redirect_url); + trigger_error($message); + } + } + + // Add Folder + if (isset($_POST['addfolder'])) + { + if (check_form_key('ucp_pm_options')) + { + $folder_name = utf8_normalize_nfc(request_var('foldername', '', true)); + $msg = ''; + + if ($folder_name) + { + $sql = 'SELECT folder_name + FROM ' . PRIVMSGS_FOLDER_TABLE . " + WHERE folder_name = '" . $db->sql_escape($folder_name) . "' + AND user_id = " . $user->data['user_id']; + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + trigger_error(sprintf($user->lang['FOLDER_NAME_EXIST'], $folder_name)); + } + + $sql = 'SELECT COUNT(folder_id) as num_folder + FROM ' . PRIVMSGS_FOLDER_TABLE . ' + WHERE user_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + $num_folder = (int) $db->sql_fetchfield('num_folder'); + $db->sql_freeresult($result); + + if ($num_folder >= $config['pm_max_boxes']) + { + trigger_error('MAX_FOLDER_REACHED'); + } + + $sql = 'INSERT INTO ' . PRIVMSGS_FOLDER_TABLE . ' ' . $db->sql_build_array('INSERT', array( + 'user_id' => (int) $user->data['user_id'], + 'folder_name' => $folder_name) + ); + $db->sql_query($sql); + $msg = $user->lang['FOLDER_ADDED']; + } + else + { + $msg = $user->lang['FOLDER_NAME_EMPTY']; + } + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); + meta_refresh(3, $redirect_url); + trigger_error($message); + } + + // Rename folder + if (isset($_POST['rename_folder'])) + { + if (check_form_key('ucp_pm_options')) + { + $new_folder_name = utf8_normalize_nfc(request_var('new_folder_name', '', true)); + $rename_folder_id= request_var('rename_folder_id', 0); + + if (!$new_folder_name) + { + trigger_error('NO_NEW_FOLDER_NAME'); + } + + // Select custom folder + $sql = 'SELECT folder_name, pm_count + FROM ' . PRIVMSGS_FOLDER_TABLE . " + WHERE user_id = {$user->data['user_id']} + AND folder_id = $rename_folder_id"; + $result = $db->sql_query_limit($sql, 1); + $folder_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$folder_row) + { + trigger_error('CANNOT_RENAME_FOLDER'); + } + + $sql = 'UPDATE ' . PRIVMSGS_FOLDER_TABLE . " + SET folder_name = '" . $db->sql_escape($new_folder_name) . "' + WHERE folder_id = $rename_folder_id + AND user_id = {$user->data['user_id']}"; + $db->sql_query($sql); + $msg = $user->lang['FOLDER_RENAMED']; + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); + + meta_refresh(3, $redirect_url); + trigger_error($message); + } + + // Remove Folder + if (isset($_POST['remove_folder'])) + { + $remove_folder_id = request_var('remove_folder_id', 0); + + // Default to "move all messages to inbox" + $remove_action = request_var('remove_action', 1); + $move_to = request_var('move_to', PRIVMSGS_INBOX); + + // Move to same folder? + if ($remove_action == 1 && $remove_folder_id == $move_to) + { + trigger_error('CANNOT_MOVE_TO_SAME_FOLDER'); + } + + // Select custom folder + $sql = 'SELECT folder_name, pm_count + FROM ' . PRIVMSGS_FOLDER_TABLE . " + WHERE user_id = {$user->data['user_id']} + AND folder_id = $remove_folder_id"; + $result = $db->sql_query_limit($sql, 1); + $folder_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$folder_row) + { + trigger_error('CANNOT_REMOVE_FOLDER'); + } + + $s_hidden_fields = array( + 'remove_folder_id' => $remove_folder_id, + 'remove_action' => $remove_action, + 'move_to' => $move_to, + 'remove_folder' => 1 + ); + + // Do we need to confirm? + if (confirm_box(true)) + { + // Gather message ids + $sql = 'SELECT msg_id + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . " + AND folder_id = $remove_folder_id"; + $result = $db->sql_query($sql); + + $msg_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $msg_ids[] = (int) $row['msg_id']; + } + $db->sql_freeresult($result); + + // First of all, copy all messages to another folder... or delete all messages + switch ($remove_action) + { + // Move Messages + case 1: + $num_moved = move_pm($user->data['user_id'], $user->data['message_limit'], $msg_ids, $move_to, $remove_folder_id); + + // Something went wrong, only partially moved? + if ($num_moved != $folder_row['pm_count']) + { + trigger_error(sprintf($user->lang['MOVE_PM_ERROR'], $num_moved, $folder_row['pm_count'])); + } + break; + + // Remove Messages + case 2: + delete_pm($user->data['user_id'], $msg_ids, $remove_folder_id); + break; + } + + // Remove folder + $sql = 'DELETE FROM ' . PRIVMSGS_FOLDER_TABLE . " + WHERE user_id = {$user->data['user_id']} + AND folder_id = $remove_folder_id"; + $db->sql_query($sql); + + // Check full folder option. If the removed folder has been specified as destination switch back to inbox + if ($user->data['user_full_folder'] == $remove_folder_id) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_full_folder = ' . PRIVMSGS_INBOX . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $user->data['user_full_folder'] = PRIVMSGS_INBOX; + } + + // Now make sure the folder is not used for rules + // We assign another folder id (the one the messages got moved to) or assign the INBOX (to not have to remove any rule) + $sql = 'UPDATE ' . PRIVMSGS_RULES_TABLE . ' SET rule_folder_id = '; + $sql .= ($remove_action == 1) ? $move_to : PRIVMSGS_INBOX; + $sql .= ' WHERE rule_folder_id = ' . $remove_folder_id; + + $db->sql_query($sql); + + $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode"); + $message = $user->lang['FOLDER_REMOVED']; + + meta_refresh(3, $meta_info); + $message .= '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $meta_info . '">', '</a>'); + trigger_error($message); + } + else + { + confirm_box(false, 'REMOVE_FOLDER', build_hidden_fields($s_hidden_fields)); + } + } + + // Add Rule + if (isset($_POST['add_rule'])) + { + if (check_form_key('ucp_pm_options')) + { + $check_option = request_var('check_option', 0); + $rule_option = request_var('rule_option', 0); + $cond_option = request_var('cond_option', ''); + $action_option = explode('|', request_var('action_option', '')); + $rule_string = ($cond_option != 'none') ? utf8_normalize_nfc(request_var('rule_string', '', true)) : ''; + $rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0; + $rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0; + + $action = (int) $action_option[0]; + $folder_id = (int) $action_option[1]; + + if (!$action || !$check_option || !$rule_option || !$cond_option || ($cond_option != 'none' && !$rule_string)) + { + trigger_error('RULE_NOT_DEFINED'); + } + + if (($cond_option == 'user' && !$rule_user_id) || ($cond_option == 'group' && !$rule_group_id)) + { + trigger_error('RULE_NOT_DEFINED'); + } + + $rule_ary = array( + 'user_id' => $user->data['user_id'], + 'rule_check' => $check_option, + 'rule_connection' => $rule_option, + 'rule_string' => $rule_string, + 'rule_user_id' => $rule_user_id, + 'rule_group_id' => $rule_group_id, + 'rule_action' => $action, + 'rule_folder_id' => $folder_id + ); + + $sql = 'SELECT rule_id + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE ' . $db->sql_build_array('SELECT', $rule_ary); + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + trigger_error('RULE_ALREADY_DEFINED'); + } + + $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); + $db->sql_query($sql); + + // Update users message rules + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_message_rules = 1 + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $msg = $user->lang['RULE_ADDED']; + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); + meta_refresh(3, $redirect_url); + trigger_error($message); + } + + // Remove Rule + if (isset($_POST['delete_rule']) && !isset($_POST['cancel'])) + { + $delete_id = array_keys(request_var('delete_rule', array(0 => 0))); + $delete_id = (!empty($delete_id[0])) ? $delete_id[0] : 0; + + if (!$delete_id) + { + redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=' . $mode)); + } + + // Do we need to confirm? + if (confirm_box(true)) + { + $sql = 'DELETE FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . " + AND rule_id = $delete_id"; + $db->sql_query($sql); + + $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=' . $mode); + $message = $user->lang['RULE_DELETED']; + + // Reset user_message_rules if no more assigned + $sql = 'SELECT rule_id + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . $user->data['user_id']; + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + // Update users message rules + if (!$row) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_message_rules = 0 + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + } + + meta_refresh(3, $meta_info); + $message .= '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $meta_info . '">', '</a>'); + trigger_error($message); + } + else + { + confirm_box(false, 'DELETE_RULE', build_hidden_fields(array('delete_rule' => array($delete_id => 1)))); + } + } + + $folder = array(); + + $sql = 'SELECT COUNT(msg_id) as num_messages + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND folder_id = ' . PRIVMSGS_INBOX; + $result = $db->sql_query($sql); + $num_messages = (int) $db->sql_fetchfield('num_messages'); + $db->sql_freeresult($result); + + $folder[PRIVMSGS_INBOX] = array( + 'folder_name' => $user->lang['PM_INBOX'], + 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $num_messages, $user->data['message_limit']) + ); + + $sql = 'SELECT folder_id, folder_name, pm_count + FROM ' . PRIVMSGS_FOLDER_TABLE . ' + WHERE user_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + + $num_user_folder = 0; + while ($row = $db->sql_fetchrow($result)) + { + $num_user_folder++; + $folder[$row['folder_id']] = array( + 'folder_name' => $row['folder_name'], + 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $row['pm_count'], $user->data['message_limit']) + ); + } + $db->sql_freeresult($result); + + $s_full_folder_options = $s_to_folder_options = $s_folder_options = ''; + + if ($user->data['user_full_folder'] == FULL_FOLDER_NONE) + { + // -3 here to let the correct folder id be selected + $to_folder_id = $config['full_folder_action'] - 3; + } + else + { + $to_folder_id = $user->data['user_full_folder']; + } + + foreach ($folder as $folder_id => $folder_ary) + { + $s_full_folder_options .= '<option value="' . $folder_id . '"' . (($user->data['user_full_folder'] == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>'; + $s_to_folder_options .= '<option value="' . $folder_id . '"' . (($to_folder_id == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>'; + + if ($folder_id != PRIVMSGS_INBOX) + { + $s_folder_options .= '<option value="' . $folder_id . '">' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>'; + } + } + + $s_delete_checked = ($user->data['user_full_folder'] == FULL_FOLDER_DELETE) ? ' checked="checked"' : ''; + $s_hold_checked = ($user->data['user_full_folder'] == FULL_FOLDER_HOLD) ? ' checked="checked"' : ''; + $s_move_checked = ($user->data['user_full_folder'] >= 0) ? ' checked="checked"' : ''; + + if ($user->data['user_full_folder'] == FULL_FOLDER_NONE) + { + switch ($config['full_folder_action']) + { + case 1: + $s_delete_checked = ' checked="checked"'; + break; + + case 2: + $s_hold_checked = ' checked="checked"'; + break; + } + } + + $template->assign_vars(array( + 'S_FULL_FOLDER_OPTIONS' => $s_full_folder_options, + 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, + 'S_FOLDER_OPTIONS' => $s_folder_options, + 'S_DELETE_CHECKED' => $s_delete_checked, + 'S_HOLD_CHECKED' => $s_hold_checked, + 'S_MOVE_CHECKED' => $s_move_checked, + 'S_MAX_FOLDER_REACHED' => ($num_user_folder >= $config['pm_max_boxes']) ? true : false, + 'S_MAX_FOLDER_ZERO' => ($config['pm_max_boxes'] == 0) ? true : false, + + 'DEFAULT_ACTION' => ($config['full_folder_action'] == 1) ? $user->lang['DELETE_OLDEST_MESSAGES'] : $user->lang['HOLD_NEW_MESSAGES'], + + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string&select_single=true'), + )); + + $rule_lang = $action_lang = $check_lang = array(); + + // Build all three language arrays + preg_replace('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$user->lang['PM_\\2']['\\3']", array_keys(get_defined_constants())); + + /* + Rule Ordering: + -> CHECK_* -> RULE_* [IN $global_privmsgs_rules:CHECK_*] -> [IF $rule_conditions[RULE_*] [|text|bool|user|group|own_group]] -> ACTION_* + */ + + $check_option = request_var('check_option', 0); + $rule_option = request_var('rule_option', 0); + $cond_option = request_var('cond_option', ''); + $action_option = request_var('action_option', ''); + $back = (isset($_REQUEST['back'])) ? request_var('back', array('' => 0)) : array(); + + if (sizeof($back)) + { + if ($action_option) + { + $action_option = ''; + } + else if ($cond_option) + { + $cond_option = ''; + } + else if ($rule_option) + { + $rule_option = 0; + } + else if ($check_option) + { + $check_option = 0; + } + } + + if (isset($back['action']) && $cond_option == 'none') + { + $back['cond'] = true; + } + + // Check + if (!isset($global_privmsgs_rules[$check_option])) + { + $check_option = 0; + } + + define_check_option(($check_option && !isset($back['rule'])) ? true : false, $check_option, $check_lang); + + if ($check_option && !isset($back['rule'])) + { + define_rule_option(($rule_option && !isset($back['cond'])) ? true : false, $rule_option, $rule_lang, $global_privmsgs_rules[$check_option]); + } + + if ($rule_option && !isset($back['cond'])) + { + if (!isset($global_rule_conditions[$rule_option])) + { + $cond_option = 'none'; + $template->assign_var('NONE_CONDITION', true); + } + else + { + define_cond_option(($cond_option && !isset($back['action'])) ? true : false, $cond_option, $rule_option, $global_rule_conditions); + } + } + + if ($cond_option && !isset($back['action'])) + { + define_action_option(false, $action_option, $action_lang, $folder); + } + + show_defined_rules($user->data['user_id'], $check_lang, $rule_lang, $action_lang, $folder); +} + +/** +* Defining check option for message rules +*/ +function define_check_option($hardcoded, $check_option, $check_lang) +{ + global $template; + + $s_check_options = ''; + if (!$hardcoded) + { + foreach ($check_lang as $value => $lang) + { + $s_check_options .= '<option value="' . $value . '"' . (($value == $check_option) ? ' selected="selected"' : '') . '>' . $lang . '</option>'; + } + } + + $template->assign_vars(array( + 'S_CHECK_DEFINED' => true, + 'S_CHECK_SELECT' => ($hardcoded) ? false : true, + 'CHECK_CURRENT' => isset($check_lang[$check_option]) ? $check_lang[$check_option] : '', + 'S_CHECK_OPTIONS' => $s_check_options, + 'CHECK_OPTION' => $check_option) + ); +} + +/** +* Defining action option for message rules +*/ +function define_action_option($hardcoded, $action_option, $action_lang, $folder) +{ + global $db, $template, $user; + + $l_action = $s_action_options = ''; + if ($hardcoded) + { + $option = explode('|', $action_option); + $action = (int) $option[0]; + $folder_id = (int) $option[1]; + + $l_action = $action_lang[$action]; + if ($action == ACTION_PLACE_INTO_FOLDER) + { + $l_action .= ' -> ' . $folder[$folder_id]['folder_name']; + } + } + else + { + foreach ($action_lang as $action => $lang) + { + if ($action == ACTION_PLACE_INTO_FOLDER) + { + foreach ($folder as $folder_id => $folder_ary) + { + $s_action_options .= '<option value="' . $action . '|' . $folder_id . '"' . (($action_option == $action . '|' . $folder_id) ? ' selected="selected"' : '') . '>' . $lang . ' -> ' . $folder_ary['folder_name'] . '</option>'; + } + } + else + { + $s_action_options .= '<option value="' . $action . '|0"' . (($action_option == $action . '|0') ? ' selected="selected"' : '') . '>' . $lang . '</option>'; + } + } + } + + $template->assign_vars(array( + 'S_ACTION_DEFINED' => true, + 'S_ACTION_SELECT' => ($hardcoded) ? false : true, + 'ACTION_CURRENT' => $l_action, + 'S_ACTION_OPTIONS' => $s_action_options, + 'ACTION_OPTION' => $action_option) + ); +} + +/** +* Defining rule option for message rules +*/ +function define_rule_option($hardcoded, $rule_option, $rule_lang, $check_ary) +{ + global $template; + + $s_rule_options = ''; + if (!$hardcoded) + { + foreach ($check_ary as $value => $_check) + { + $s_rule_options .= '<option value="' . $value . '"' . (($value == $rule_option) ? ' selected="selected"' : '') . '>' . $rule_lang[$value] . '</option>'; + } + } + + $template->assign_vars(array( + 'S_RULE_DEFINED' => true, + 'S_RULE_SELECT' => !$hardcoded, + 'RULE_CURRENT' => isset($rule_lang[$rule_option]) ? $rule_lang[$rule_option] : '', + 'S_RULE_OPTIONS' => $s_rule_options, + 'RULE_OPTION' => $rule_option) + ); +} + +/** +* Defining condition option for message rules +*/ +function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule_conditions) +{ + global $db, $template, $auth, $user; + + $template->assign_vars(array( + 'S_COND_DEFINED' => true, + 'S_COND_SELECT' => (!$hardcoded && isset($global_rule_conditions[$rule_option])) ? true : false) + ); + + // Define COND_OPTION + if (!isset($global_rule_conditions[$rule_option])) + { + $template->assign_vars(array( + 'COND_OPTION' => 'none', + 'COND_CURRENT' => false) + ); + return; + } + + // Define Condition + $condition = $global_rule_conditions[$rule_option]; + $current_value = ''; + + switch ($condition) + { + case 'text': + $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); + + $template->assign_vars(array( + 'S_TEXT_CONDITION' => true, + 'CURRENT_STRING' => $rule_string, + 'CURRENT_USER_ID' => 0, + 'CURRENT_GROUP_ID' => 0) + ); + + $current_value = $rule_string; + break; + + case 'user': + $rule_user_id = request_var('rule_user_id', 0); + $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); + + if ($rule_string && !$rule_user_id) + { + $sql = 'SELECT user_id + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($rule_string)) . "'"; + $result = $db->sql_query($sql); + $rule_user_id = (int) $db->sql_fetchfield('user_id'); + $db->sql_freeresult($result); + + if (!$rule_user_id) + { + $rule_string = ''; + } + } + else if (!$rule_string && $rule_user_id) + { + $sql = 'SELECT username + FROM ' . USERS_TABLE . " + WHERE user_id = $rule_user_id"; + $result = $db->sql_query($sql); + $rule_string = $db->sql_fetchfield('username'); + $db->sql_freeresult($result); + + if (!$rule_string) + { + $rule_user_id = 0; + } + } + + $template->assign_vars(array( + 'S_USER_CONDITION' => true, + 'CURRENT_STRING' => $rule_string, + 'CURRENT_USER_ID' => $rule_user_id, + 'CURRENT_GROUP_ID' => 0) + ); + + $current_value = $rule_string; + break; + + case 'group': + $rule_group_id = request_var('rule_group_id', 0); + $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); + + $sql = 'SELECT g.group_id, g.group_name, g.group_type + FROM ' . GROUPS_TABLE . ' g '; + + if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) + { + $sql .= 'LEFT JOIN ' . USER_GROUP_TABLE . ' ug + ON ( + g.group_id = ug.group_id + AND ug.user_id = ' . $user->data['user_id'] . ' + AND ug.user_pending = 0 + ) + WHERE (ug.user_id = ' . $user->data['user_id'] . ' OR g.group_type <> ' . GROUP_HIDDEN . ') + AND'; + } + else + { + $sql .= 'WHERE'; + } + + $sql .= " (g.group_name NOT IN ('GUESTS', 'BOTS') OR g.group_type <> " . GROUP_SPECIAL . ') + ORDER BY g.group_type DESC, g.group_name ASC'; + + $result = $db->sql_query($sql); + + $s_group_options = ''; + while ($row = $db->sql_fetchrow($result)) + { + if ($rule_group_id && ($row['group_id'] == $rule_group_id)) + { + $rule_string = (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']); + } + + $s_class = ($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : ''; + $s_selected = ($row['group_id'] == $rule_group_id) ? ' selected="selected"' : ''; + + $s_group_options .= '<option value="' . $row['group_id'] . '"' . $s_class . $s_selected . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_GROUP_CONDITION' => true, + 'S_GROUP_OPTIONS' => $s_group_options, + 'CURRENT_STRING' => $rule_string, + 'CURRENT_USER_ID' => 0, + 'CURRENT_GROUP_ID' => $rule_group_id) + ); + + $current_value = $rule_string; + break; + + default: + return; + } + + $template->assign_vars(array( + 'COND_OPTION' => $condition, + 'COND_CURRENT' => $current_value) + ); +} + +/** +* Display defined message rules +*/ +function show_defined_rules($user_id, $check_lang, $rule_lang, $action_lang, $folder) +{ + global $db, $template; + + $sql = 'SELECT * + FROM ' . PRIVMSGS_RULES_TABLE . ' + WHERE user_id = ' . $user_id . ' + ORDER BY rule_id ASC'; + $result = $db->sql_query($sql); + + $count = 0; + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('rule', array( + 'COUNT' => ++$count, + 'RULE_ID' => $row['rule_id'], + 'CHECK' => $check_lang[$row['rule_check']], + 'RULE' => $rule_lang[$row['rule_connection']], + 'STRING' => $row['rule_string'], + 'ACTION' => $action_lang[$row['rule_action']], + 'FOLDER' => ($row['rule_action'] == ACTION_PLACE_INTO_FOLDER) ? $folder[$row['rule_folder_id']]['folder_name'] : '') + ); + } + $db->sql_freeresult($result); +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_viewfolder.php b/phpBB/includes/ucp/ucp_pm_viewfolder.php new file mode 100644 index 0000000000..33d2c9fb6f --- /dev/null +++ b/phpBB/includes/ucp/ucp_pm_viewfolder.php @@ -0,0 +1,509 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* View message folder +* Called from ucp_pm with mode == 'view' && action == 'view_folder' +*/ +function view_folder($id, $mode, $folder_id, $folder) +{ + global $user, $template, $auth, $db, $cache; + global $phpbb_root_path, $config, $phpEx; + + $submit_export = (isset($_POST['submit_export'])) ? true : false; + + $folder_info = get_pm_from($folder_id, $folder, $user->data['user_id']); + + if (!$submit_export) + { + $user->add_lang('viewforum'); + + // Grab icons + $icons = $cache->obtain_icons(); + + $color_rows = array('marked', 'replied'); + + // only show the friend/foe color rows if the module is enabled + $zebra_enabled = false; + + $_module = new p_master(); + $_module->list_modules('ucp'); + $_module->set_active('zebra'); + + $zebra_enabled = ($_module->active_module === false) ? false : true; + + unset($_module); + + if ($zebra_enabled) + { + $color_rows = array_merge($color_rows, array('friend', 'foe')); + } + + foreach ($color_rows as $var) + { + $template->assign_block_vars('pm_colour_info', array( + 'IMG' => $user->img("pm_{$var}", ''), + 'CLASS' => "pm_{$var}_colour", + 'LANG' => $user->lang[strtoupper($var) . '_MESSAGE']) + ); + } + + $mark_options = array('mark_important', 'delete_marked'); + + $s_mark_options = ''; + foreach ($mark_options as $mark_option) + { + $s_mark_options .= '<option value="' . $mark_option . '">' . $user->lang[strtoupper($mark_option)] . '</option>'; + } + + // We do the folder moving options here too, for template authors to use... + $s_folder_move_options = ''; + if ($folder_id != PRIVMSGS_NO_BOX && $folder_id != PRIVMSGS_OUTBOX) + { + foreach ($folder as $f_id => $folder_ary) + { + if ($f_id == PRIVMSGS_OUTBOX || $f_id == PRIVMSGS_SENTBOX || $f_id == $folder_id) + { + continue; + } + + $s_folder_move_options .= '<option' . (($f_id != PRIVMSGS_INBOX) ? ' class="sep"' : '') . ' value="' . $f_id . '">'; + $s_folder_move_options .= sprintf($user->lang['MOVE_MARKED_TO_FOLDER'], $folder_ary['folder_name']); + $s_folder_move_options .= (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>'; + } + } + $friend = $foe = array(); + + // Get friends and foes + $sql = 'SELECT * + FROM ' . ZEBRA_TABLE . ' + WHERE user_id = ' . $user->data['user_id']; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $friend[$row['zebra_id']] = $row['friend']; + $foe[$row['zebra_id']] = $row['foe']; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_MARK_OPTIONS' => $s_mark_options, + 'S_MOVE_MARKED_OPTIONS' => $s_folder_move_options) + ); + + // Okay, lets dump out the page ... + if (sizeof($folder_info['pm_list'])) + { + $address_list = array(); + + // Build Recipient List if in outbox/sentbox - max two additional queries + if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) + { + $address_list = get_recipient_strings($folder_info['rowset']); + } + + foreach ($folder_info['pm_list'] as $message_id) + { + $row = &$folder_info['rowset'][$message_id]; + + $folder_img = ($row['pm_unread']) ? 'pm_unread' : 'pm_read'; + $folder_alt = ($row['pm_unread']) ? 'NEW_MESSAGES' : 'NO_NEW_MESSAGES'; + + // Generate all URIs ... + $view_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=view&f=$folder_id&p=$message_id"); + $remove_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&action=delete&p=$message_id"); + + $row_indicator = ''; + foreach ($color_rows as $var) + { + if (($var != 'friend' && $var != 'foe' && $row['pm_' . $var]) + || + (($var == 'friend' || $var == 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']])) + { + $row_indicator = $var; + break; + } + } + + // Send vars to template + $template->assign_block_vars('messagerow', array( + 'PM_CLASS' => ($row_indicator) ? 'pm_' . $row_indicator . '_colour' : '', + + 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), + 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), + 'MESSAGE_AUTHOR' => get_username_string('username', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), + 'U_MESSAGE_AUTHOR' => get_username_string('profile', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), + + 'FOLDER_ID' => $folder_id, + 'MESSAGE_ID' => $message_id, + 'SENT_TIME' => $user->format_date($row['message_time']), + 'SUBJECT' => censor_text($row['message_subject']), + 'FOLDER' => (isset($folder[$row['folder_id']])) ? $folder[$row['folder_id']]['folder_name'] : '', + 'U_FOLDER' => (isset($folder[$row['folder_id']])) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'folder=' . $row['folder_id']) : '', + 'PM_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '<img src="' . $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] . '" width="' . $icons[$row['icon_id']]['width'] . '" height="' . $icons[$row['icon_id']]['height'] . '" alt="" title="" />' : '', + 'PM_ICON_URL' => (!empty($icons[$row['icon_id']])) ? $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] : '', + 'FOLDER_IMG' => $user->img($folder_img, $folder_alt), + 'FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), + 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', + 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', + + 'S_PM_DELETED' => ($row['pm_deleted']) ? true : false, + 'S_AUTHOR_DELETED' => ($row['author_id'] == ANONYMOUS) ? true : false, + + 'U_VIEW_PM' => ($row['pm_deleted']) ? '' : $view_message_url, + 'U_REMOVE_PM' => ($row['pm_deleted']) ? $remove_message_url : '', + 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode(', ', $address_list[$message_id]) : '') + ); + } + unset($folder_info['rowset']); + + $template->assign_vars(array( + 'S_SHOW_RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? true : false, + 'S_SHOW_COLOUR_LEGEND' => true, + + 'S_PM_ICONS' => ($config['enable_pm_icons']) ? true : false) + ); + } + } + else + { + $export_type = request_var('export_option', ''); + $enclosure = request_var('enclosure', ''); + $delimiter = request_var('delimiter', ''); + + if ($export_type == 'CSV' && ($delimiter === '' || $enclosure === '')) + { + $template->assign_var('PROMPT', true); + } + else + { + // Build Recipient List if in outbox/sentbox + $address = $data = array(); + + if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) + { + foreach ($folder_info['rowset'] as $message_id => $row) + { + $address[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address'])); + } + } + + foreach ($folder_info['pm_list'] as $message_id) + { + $row = &$folder_info['rowset'][$message_id]; + + include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); + + $sql = 'SELECT p.message_text, p.bbcode_uid + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u + WHERE t.user_id = ' . $user->data['user_id'] . " + AND p.author_id = u.user_id + AND t.folder_id = $folder_id + AND t.msg_id = p.msg_id + AND p.msg_id = $message_id"; + $result = $db->sql_query_limit($sql, 1); + $message_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + $_types = array('u', 'g'); + foreach ($_types as $ug_type) + { + if (isset($address[$message_id][$ug_type]) && sizeof($address[$message_id][$ug_type])) + { + if ($ug_type == 'u') + { + $sql = 'SELECT user_id as id, username as name + FROM ' . USERS_TABLE . ' + WHERE '; + } + else + { + $sql = 'SELECT group_id as id, group_name as name + FROM ' . GROUPS_TABLE . ' + WHERE '; + } + $sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($address[$message_id][$ug_type]))); + + $result = $db->sql_query($sql); + + while ($info_row = $db->sql_fetchrow($result)) + { + $address[$message_id][$ug_type][$address[$message_id][$ug_type][$info_row['id']]][] = $info_row['name']; + unset($address[$message_id][$ug_type][$info_row['id']]); + } + $db->sql_freeresult($result); + } + } + + decode_message($message_row['message_text'], $message_row['bbcode_uid']); + + $data[] = array( + 'subject' => censor_text($row['message_subject']), + 'sender' => $row['username'], + // ISO 8601 date. For PHP4 we are able to hardcode the timezone because $user->format_date() does not set it. + 'date' => $user->format_date($row['message_time'], (PHP_VERSION >= 5) ? 'c' : "Y-m-d\TH:i:s+00:00", true), + 'to' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? $address[$message_id] : '', + 'message' => $message_row['message_text'] + ); + } + + switch ($export_type) + { + case 'CSV': + case 'CSV_EXCEL': + $mimetype = 'text/csv'; + $filetype = 'csv'; + + if ($export_type == 'CSV_EXCEL') + { + $enclosure = '"'; + $delimiter = ','; + $newline = "\r\n"; + } + else + { + $newline = "\n"; + } + + $string = ''; + foreach ($data as $value) + { + $recipients = $value['to']; + $value['to'] = $value['bcc'] = ''; + + if (is_array($recipients)) + { + foreach ($recipients as $values) + { + $value['bcc'] .= (isset($values['bcc']) && is_array($values['bcc'])) ? ',' . implode(',', $values['bcc']) : ''; + $value['to'] .= (isset($values['to']) && is_array($values['to'])) ? ',' . implode(',', $values['to']) : ''; + } + + // Remove the commas which will appear before the first entry. + $value['to'] = substr($value['to'], 1); + $value['bcc'] = substr($value['bcc'], 1); + } + + foreach ($value as $tag => $text) + { + $cell = str_replace($enclosure, $enclosure . $enclosure, $text); + + if (strpos($cell, $enclosure) !== false || strpos($cell, $delimiter) !== false || strpos($cell, $newline) !== false) + { + $string .= $enclosure . $text . $enclosure . $delimiter; + } + else + { + $string .= $cell . $delimiter; + } + } + $string = substr($string, 0, -1) . $newline; + } + break; + + case 'XML': + $mimetype = 'application/xml'; + $filetype = 'xml'; + $string = '<?xml version="1.0"?>' . "\n"; + $string .= "<phpbb>\n"; + + foreach ($data as $value) + { + $string .= "\t<privmsg>\n"; + + if (is_array($value['to'])) + { + foreach ($value['to'] as $key => $values) + { + foreach ($values as $type => $types) + { + foreach ($types as $name) + { + $string .= "\t\t<recipient type=\"$type\" status=\"$key\">$name</recipient>\n"; + } + } + } + } + + unset($value['to']); + + foreach ($value as $tag => $text) + { + $string .= "\t\t<$tag>$text</$tag>\n"; + } + + $string .= "\t</privmsg>\n"; + } + $string .= '</phpbb>'; + break; + } + + header('Pragma: no-cache'); + header("Content-Type: $mimetype; name=\"data.$filetype\""); + header("Content-disposition: attachment; filename=data.$filetype"); + echo $string; + exit; + } + } +} + +/** +* Get Messages from folder/user +*/ +function get_pm_from($folder_id, $folder, $user_id) +{ + global $user, $db, $template, $config, $auth, $phpbb_root_path, $phpEx; + + $start = request_var('start', 0); + + // Additional vars later, pm ordering is mostly different from post ordering. :/ + $sort_days = request_var('st', 0); + $sort_key = request_var('sk', 't'); + $sort_dir = request_var('sd', 'd'); + + // PM ordering options + $limit_days = array(0 => $user->lang['ALL_MESSAGES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); + + // No sort by Author for sentbox/outbox (already only author available) + // Also, sort by msg_id for the time - private messages are not as prone to errors as posts are. + if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) + { + $sort_by_text = array('t' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); + $sort_by_sql = array('t' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); + } + else + { + $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); + $sort_by_sql = array('a' => array('u.username_clean', 'p.message_time'), 't' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); + } + + $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; + gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); + + $folder_sql = 't.folder_id = ' . (int) $folder_id; + + // Limit pms to certain time frame, obtain correct pm count + if ($sort_days) + { + $min_post_time = time() - ($sort_days * 86400); + + if (isset($_POST['sort'])) + { + $start = 0; + } + + $sql = 'SELECT COUNT(t.msg_id) AS pm_count + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . " p + WHERE $folder_sql + AND t.user_id = $user_id + AND t.msg_id = p.msg_id + AND p.message_time >= $min_post_time"; + $result = $db->sql_query_limit($sql, 1); + $pm_count = (int) $db->sql_fetchfield('pm_count'); + $db->sql_freeresult($result); + + $sql_limit_time = "AND p.message_time >= $min_post_time"; + } + else + { + $pm_count = (!empty($folder[$folder_id]['num_messages'])) ? $folder[$folder_id]['num_messages'] : 0; + $sql_limit_time = ''; + } + + $template->assign_vars(array( + 'PAGINATION' => generate_pagination(append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id&$u_sort_param"), $pm_count, $config['topics_per_page'], $start), + 'PAGE_NUMBER' => on_page($pm_count, $config['topics_per_page'], $start), + 'TOTAL_MESSAGES' => (($pm_count == 1) ? $user->lang['VIEW_PM_MESSAGE'] : sprintf($user->lang['VIEW_PM_MESSAGES'], $pm_count)), + + 'POST_IMG' => (!$auth->acl_get('u_sendpm')) ? $user->img('button_topic_locked', 'POST_PM_LOCKED') : $user->img('button_pm_new', 'POST_NEW_PM'), + + 'S_NO_AUTH_SEND_MESSAGE' => !$auth->acl_get('u_sendpm'), + + 'S_SELECT_SORT_DIR' => $s_sort_dir, + 'S_SELECT_SORT_KEY' => $s_sort_key, + 'S_SELECT_SORT_DAYS' => $s_limit_days, + 'S_TOPIC_ICONS' => ($config['enable_pm_icons']) ? true : false, + + 'U_POST_NEW_TOPIC' => ($auth->acl_get('u_sendpm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose') : '', + 'S_PM_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id" . (($start !== 0) ? "&start=$start" : '')), + )); + + // Grab all pm data + $rowset = $pm_list = array(); + + // If the user is trying to reach late pages, start searching from the end + $store_reverse = false; + $sql_limit = $config['topics_per_page']; + if ($start > $pm_count / 2) + { + $store_reverse = true; + + if ($start + $config['topics_per_page'] > $pm_count) + { + $sql_limit = min($config['topics_per_page'], max(1, $pm_count - $start)); + } + + // Select the sort order + $direction = ($sort_dir == 'd') ? 'ASC' : 'DESC'; + $sql_start = max(0, $pm_count - $sql_limit - $start); + } + else + { + // Select the sort order + $direction = ($sort_dir == 'd') ? 'DESC' : 'ASC'; + $sql_start = $start; + } + + // Sql sort order + if (is_array($sort_by_sql[$sort_key])) + { + $sql_sort_order = implode(' ' . $direction . ', ', $sort_by_sql[$sort_key]) . ' ' . $direction; + } + else + { + $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . $direction; + } + + $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour + FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . " u + WHERE t.user_id = $user_id + AND p.author_id = u.user_id + AND $folder_sql + AND t.msg_id = p.msg_id + $sql_limit_time + ORDER BY $sql_sort_order"; + $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); + + while ($row = $db->sql_fetchrow($result)) + { + $rowset[$row['msg_id']] = $row; + $pm_list[] = $row['msg_id']; + } + $db->sql_freeresult($result); + + $pm_list = ($store_reverse) ? array_reverse($pm_list) : $pm_list; + + return array( + 'pm_count' => $pm_count, + 'pm_list' => $pm_list, + 'rowset' => $rowset + ); +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php new file mode 100644 index 0000000000..26968e1382 --- /dev/null +++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php @@ -0,0 +1,320 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* View private message +*/ +function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row) +{ + global $user, $template, $auth, $db, $cache; + global $phpbb_root_path, $phpEx, $config; + + $user->add_lang(array('viewtopic', 'memberlist')); + + $msg_id = (int) $msg_id; + $folder_id = (int) $folder_id; + $author_id = (int) $message_row['author_id']; + $view = request_var('view', ''); + + // Not able to view message, it was deleted by the sender + if ($message_row['pm_deleted']) + { + $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id"); + $message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE']; + + $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>'); + trigger_error($message); + } + + // Do not allow hold messages to be seen + if ($folder_id == PRIVMSGS_HOLD_BOX) + { + trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); + } + + // Grab icons + $icons = $cache->obtain_icons(); + + $bbcode = false; + + // Instantiate BBCode if need be + if ($message_row['bbcode_bitfield']) + { + include($phpbb_root_path . 'includes/bbcode.' . $phpEx); + $bbcode = new bbcode($message_row['bbcode_bitfield']); + } + + // Assign TO/BCC Addresses to template + write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id); + + $user_info = get_user_information($author_id, $message_row); + + // Parse the message and subject + $message = censor_text($message_row['message_text']); + + // Second parse bbcode here + if ($message_row['bbcode_bitfield']) + { + $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']); + } + + // Always process smilies after parsing bbcodes + $message = bbcode_nl2br($message); + $message = smiley_text($message); + + // Replace naughty words such as farty pants + $message_row['message_subject'] = censor_text($message_row['message_subject']); + + // Editing information + if ($message_row['message_edit_count'] && $config['display_last_edited']) + { + $l_edit_time_total = ($message_row['message_edit_count'] == 1) ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL']; + $l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, (!$message_row['message_edit_user']) ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time'], false, true), $message_row['message_edit_count']); + } + else + { + $l_edited_by = ''; + } + + // Pull attachment data + $display_notice = false; + $attachments = array(); + + if ($message_row['message_attachment'] && $config['allow_pm_attach']) + { + if ($auth->acl_get('u_pm_download')) + { + $sql = 'SELECT * + FROM ' . ATTACHMENTS_TABLE . " + WHERE post_msg_id = $msg_id + AND in_message = 1 + ORDER BY filetime DESC, post_msg_id ASC"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $attachments[] = $row; + } + $db->sql_freeresult($result); + + // No attachments exist, but message table thinks they do so go ahead and reset attach flags + if (!sizeof($attachments)) + { + $sql = 'UPDATE ' . PRIVMSGS_TABLE . " + SET message_attachment = 0 + WHERE msg_id = $msg_id"; + $db->sql_query($sql); + } + } + else + { + $display_notice = true; + } + } + + // Assign inline attachments + if (!empty($attachments)) + { + $update_count = array(); + parse_attachments(false, $message, $attachments, $update_count); + + // Update the attachment download counts + if (sizeof($update_count)) + { + $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' + SET download_count = download_count + 1 + WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count)); + $db->sql_query($sql); + } + } + + $user_info['sig'] = ''; + + $signature = ($message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs')) ? $user_info['user_sig'] : ''; + + // End signature parsing, only if needed + if ($signature) + { + $signature = censor_text($signature); + + if ($user_info['user_sig_bbcode_bitfield']) + { + if ($bbcode === false) + { + include($phpbb_root_path . 'includes/bbcode.' . $phpEx); + $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']); + } + + $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']); + } + + $signature = bbcode_nl2br($signature); + $signature = smiley_text($signature); + } + + $url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'); + + // Number of "to" recipients + $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match); + + $template->assign_vars(array( + 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), + 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), + 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), + 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), + + 'RANK_TITLE' => $user_info['rank_title'], + 'RANK_IMG' => $user_info['rank_image'], + 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '', + 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), + 'AUTHOR_POSTS' => (int) $user_info['user_posts'], + 'AUTHOR_FROM' => (!empty($user_info['user_from'])) ? $user_info['user_from'] : '', + + 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), + 'S_ONLINE' => (!$config['load_onlinetrack']) ? false : ((isset($user_info['online']) && $user_info['online']) ? true : false), + 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), + 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), + 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), + 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), + 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), + 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), + 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), + 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), + 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), + + 'SENT_DATE' => ($view == 'print') ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), + 'SUBJECT' => $message_row['message_subject'], + 'MESSAGE' => $message, + 'SIGNATURE' => ($message_row['enable_sig']) ? $signature : '', + 'EDITED_MESSAGE' => $l_edited_by, + 'MESSAGE_ID' => $message_row['msg_id'], + + 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id) : '', + 'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '', + 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($user_info['user_icq']) : '', + 'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $author_id) : '', + 'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', + 'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $author_id) : '', + 'U_JABBER' => ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id) : '', + + 'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '', + 'U_EMAIL' => $user_info['email'], + 'U_REPORT' => ($config['allow_pm_report']) ? append_sid("{$phpbb_root_path}report.$phpEx", "pm=" . $message_row['msg_id']) : '', + 'U_QUOTE' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=quote&f=$folder_id&p=" . $message_row['msg_id'] : '', + 'U_EDIT' => (($message_row['message_time'] > time() - ($config['pm_edit_time'] * 60) || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit')) ? "$url&mode=compose&action=edit&f=$folder_id&p=" . $message_row['msg_id'] : '', + 'U_POST_REPLY_PM' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&p=" . $message_row['msg_id'] : '', + 'U_POST_REPLY_ALL' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&reply_to_all=1&p=" . $message_row['msg_id'] : '', + 'U_PREVIOUS_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=previous", + 'U_NEXT_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=next", + + 'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'], + + 'S_HAS_ATTACHMENTS' => (sizeof($attachments)) ? true : false, + 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], + 'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false, + 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), + 'S_PM_RECIPIENTS' => $num_recipients, + + 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '', + 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '') + ); + + // Display not already displayed Attachments for this post, we already parsed them. ;) + if (isset($attachments) && sizeof($attachments)) + { + foreach ($attachments as $attachment) + { + $template->assign_block_vars('attachment', array( + 'DISPLAY_ATTACHMENT' => $attachment) + ); + } + } + + if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') + { + // Message History + if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) + { + $template->assign_var('S_DISPLAY_HISTORY', true); + } + } +} + +/** +* Get user information (only for message display) +*/ +function get_user_information($user_id, $user_row) +{ + global $db, $auth, $user, $cache; + global $phpbb_root_path, $phpEx, $config; + + if (!$user_id) + { + return array(); + } + + if (empty($user_row)) + { + $sql = 'SELECT * + FROM ' . USERS_TABLE . ' + WHERE user_id = ' . (int) $user_id; + $result = $db->sql_query($sql); + $user_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + } + + // Some standard values + $user_row['online'] = false; + $user_row['rank_title'] = $user_row['rank_image'] = $user_row['rank_image_src'] = $user_row['email'] = ''; + + // Generate online information for user + if ($config['load_onlinetrack']) + { + $sql = 'SELECT session_user_id, MAX(session_time) as online_time, MIN(session_viewonline) AS viewonline + FROM ' . SESSIONS_TABLE . " + WHERE session_user_id = $user_id + GROUP BY session_user_id"; + $result = $db->sql_query_limit($sql, 1); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + $update_time = $config['load_online_time'] * 60; + if ($row) + { + $user_row['online'] = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? true : false; + } + } + + if (!function_exists('get_user_avatar')) + { + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + } + + $user_row['avatar'] = ($user->optionget('viewavatars')) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : ''; + + get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); + + if (!empty($user_row['user_allow_viewemail']) || $auth->acl_get('a_email')) + { + $user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id") : ((($config['board_hide_emails'] && !$auth->acl_get('a_email')) || empty($user_row['user_email'])) ? '' : 'mailto:' . $user_row['user_email']); + } + + return $user_row; +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_prefs.php b/phpBB/includes/ucp/ucp_prefs.php new file mode 100644 index 0000000000..cc8565e69d --- /dev/null +++ b/phpBB/includes/ucp/ucp_prefs.php @@ -0,0 +1,357 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_prefs +* Changing user preferences +* @package ucp +*/ +class ucp_prefs +{ + var $u_action; + + function main($id, $mode) + { + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + + $submit = (isset($_POST['submit'])) ? true : false; + $error = $data = array(); + $s_hidden_fields = ''; + + switch ($mode) + { + case 'personal': + add_form_key('ucp_prefs_personal'); + $data = array( + 'notifymethod' => request_var('notifymethod', $user->data['user_notify_type']), + 'dateformat' => request_var('dateformat', $user->data['user_dateformat'], true), + 'lang' => basename(request_var('lang', $user->data['user_lang'])), + 'style' => request_var('style', (int) $user->data['user_style']), + 'tz' => request_var('tz', (float) $user->data['user_timezone']), + + 'dst' => request_var('dst', (bool) $user->data['user_dst']), + 'viewemail' => request_var('viewemail', (bool) $user->data['user_allow_viewemail']), + 'massemail' => request_var('massemail', (bool) $user->data['user_allow_massemail']), + 'hideonline' => request_var('hideonline', (bool) !$user->data['user_allow_viewonline']), + 'notifypm' => request_var('notifypm', (bool) $user->data['user_notify_pm']), + 'popuppm' => request_var('popuppm', (bool) $user->optionget('popuppm')), + 'allowpm' => request_var('allowpm', (bool) $user->data['user_allow_pm']), + ); + + if ($data['notifymethod'] == NOTIFY_IM && (!$config['jab_enable'] || !$user->data['user_jabber'] || !@extension_loaded('xml'))) + { + // Jabber isnt enabled, or no jabber field filled in. Update the users table to be sure its correct. + $data['notifymethod'] = NOTIFY_BOTH; + } + + if ($submit) + { + $data['style'] = ($config['override_user_style']) ? $config['default_style'] : $data['style']; + + $error = validate_data($data, array( + 'dateformat' => array('string', false, 1, 30), + 'lang' => array('match', false, '#^[a-z0-9_\-]{2,}$#i'), + 'tz' => array('num', false, -14, 14), + )); + + if (!check_form_key('ucp_prefs_personal')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + $user->optionset('popuppm', $data['popuppm']); + + $sql_ary = array( + 'user_allow_pm' => $data['allowpm'], + 'user_allow_viewemail' => $data['viewemail'], + 'user_allow_massemail' => $data['massemail'], + 'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$data['hideonline'] : $user->data['user_allow_viewonline'], + 'user_notify_type' => $data['notifymethod'], + 'user_notify_pm' => $data['notifypm'], + 'user_options' => $user->data['user_options'], + + 'user_dst' => $data['dst'], + 'user_dateformat' => $data['dateformat'], + 'user_lang' => $data['lang'], + 'user_timezone' => $data['tz'], + 'user_style' => $data['style'], + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + $dateformat_options = ''; + + foreach ($user->lang['dateformats'] as $format => $null) + { + $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>'; + $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : ''); + $dateformat_options .= '</option>'; + } + + $s_custom = false; + + $dateformat_options .= '<option value="custom"'; + if (!isset($user->lang['dateformats'][$data['dateformat']])) + { + $dateformat_options .= ' selected="selected"'; + $s_custom = true; + } + $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>'; + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + + 'S_NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false, + 'S_NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false, + 'S_NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false, + 'S_VIEW_EMAIL' => $data['viewemail'], + 'S_MASS_EMAIL' => $data['massemail'], + 'S_ALLOW_PM' => $data['allowpm'], + 'S_HIDE_ONLINE' => $data['hideonline'], + 'S_NOTIFY_PM' => $data['notifypm'], + 'S_POPUP_PM' => $data['popuppm'], + 'S_DST' => $data['dst'], + + 'DATE_FORMAT' => $data['dateformat'], + 'A_DATE_FORMAT' => addslashes($data['dateformat']), + 'S_DATEFORMAT_OPTIONS' => $dateformat_options, + 'S_CUSTOM_DATEFORMAT' => $s_custom, + 'DEFAULT_DATEFORMAT' => $config['default_dateformat'], + 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']), + + 'S_LANG_OPTIONS' => language_select($data['lang']), + 'S_STYLE_OPTIONS' => ($config['override_user_style']) ? '' : style_select($data['style']), + 'S_TZ_OPTIONS' => tz_select($data['tz'], true), + 'S_CAN_HIDE_ONLINE' => ($auth->acl_get('u_hideonline')) ? true : false, + 'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false) + ); + + break; + + case 'view': + + add_form_key('ucp_prefs_view'); + + $data = array( + 'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'), + 'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'), + 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? $user->data['user_topic_show_days'] : 0), + + 'post_sk' => request_var('post_sk', (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't'), + 'post_sd' => request_var('post_sd', (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a'), + 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0), + + 'images' => request_var('images', (bool) $user->optionget('viewimg')), + 'flash' => request_var('flash', (bool) $user->optionget('viewflash')), + 'smilies' => request_var('smilies', (bool) $user->optionget('viewsmilies')), + 'sigs' => request_var('sigs', (bool) $user->optionget('viewsigs')), + 'avatars' => request_var('avatars', (bool) $user->optionget('viewavatars')), + 'wordcensor' => request_var('wordcensor', (bool) $user->optionget('viewcensors')), + ); + + if ($submit) + { + $error = validate_data($data, array( + 'topic_sk' => array('string', false, 1, 1), + 'topic_sd' => array('string', false, 1, 1), + 'post_sk' => array('string', false, 1, 1), + 'post_sd' => array('string', false, 1, 1), + )); + + if (!check_form_key('ucp_prefs_view')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + $user->optionset('viewimg', $data['images']); + $user->optionset('viewflash', $data['flash']); + $user->optionset('viewsmilies', $data['smilies']); + $user->optionset('viewsigs', $data['sigs']); + $user->optionset('viewavatars', $data['avatars']); + + if ($auth->acl_get('u_chgcensors')) + { + $user->optionset('viewcensors', $data['wordcensor']); + } + + $sql_ary = array( + 'user_options' => $user->data['user_options'], + 'user_topic_sortby_type' => $data['topic_sk'], + 'user_post_sortby_type' => $data['post_sk'], + 'user_topic_sortby_dir' => $data['topic_sd'], + 'user_post_sortby_dir' => $data['post_sd'], + + 'user_topic_show_days' => $data['topic_st'], + 'user_post_show_days' => $data['post_st'], + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PREFERENCES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); + + // Topic ordering options + $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); + + $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']); + $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views'); + + // Post ordering options + $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); + + $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); + $sort_by_post_sql = array('a' => 'u.username_clean', 't' => 'p.post_id', 's' => 'p.post_subject'); + + $_options = array('topic', 'post'); + foreach ($_options as $sort_option) + { + ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">'; + foreach (${'limit_' . $sort_option . '_days'} as $day => $text) + { + $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : ''; + ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>'; + } + ${'s_limit_' . $sort_option . '_days'} .= '</select>'; + + ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">'; + foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text) + { + $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : ''; + ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>'; + } + ${'s_sort_' . $sort_option . '_key'} .= '</select>'; + + ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">'; + foreach ($sort_dir_text as $key => $value) + { + $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : ''; + ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>'; + } + ${'s_sort_' . $sort_option . '_dir'} .= '</select>'; + } + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + + 'S_IMAGES' => $data['images'], + 'S_FLASH' => $data['flash'], + 'S_SMILIES' => $data['smilies'], + 'S_SIGS' => $data['sigs'], + 'S_AVATARS' => $data['avatars'], + 'S_DISABLE_CENSORS' => $data['wordcensor'], + + 'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors') && $config['allow_nocensors']) ? true : false, + + 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days, + 'S_TOPIC_SORT_KEY' => $s_sort_topic_key, + 'S_TOPIC_SORT_DIR' => $s_sort_topic_dir, + 'S_POST_SORT_DAYS' => $s_limit_post_days, + 'S_POST_SORT_KEY' => $s_sort_post_key, + 'S_POST_SORT_DIR' => $s_sort_post_dir) + ); + + break; + + case 'post': + + $data = array( + 'bbcode' => request_var('bbcode', $user->optionget('bbcode')), + 'smilies' => request_var('smilies', $user->optionget('smilies')), + 'sig' => request_var('sig', $user->optionget('attachsig')), + 'notify' => request_var('notify', (bool) $user->data['user_notify']), + ); + add_form_key('ucp_prefs_post'); + + if ($submit) + { + if (check_form_key('ucp_prefs_post')) + { + $user->optionset('bbcode', $data['bbcode']); + $user->optionset('smilies', $data['smilies']); + $user->optionset('attachsig', $data['sig']); + + $sql_ary = array( + 'user_options' => $user->data['user_options'], + 'user_notify' => $data['notify'], + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $msg = $user->lang['PREFERENCES_UPDATED']; + } + else + { + $msg = $user->lang['FORM_INVALID']; + } + meta_refresh(3, $this->u_action); + $message = $msg . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + + $template->assign_vars(array( + 'S_BBCODE' => $data['bbcode'], + 'S_SMILIES' => $data['smilies'], + 'S_SIG' => $data['sig'], + 'S_NOTIFY' => $data['notify']) + ); + break; + } + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_PREFS_' . strtoupper($mode)], + + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action) + ); + + $this->tpl_name = 'ucp_prefs_' . $mode; + $this->page_title = 'UCP_PREFS_' . strtoupper($mode); + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php new file mode 100644 index 0000000000..e24acd89fc --- /dev/null +++ b/phpBB/includes/ucp/ucp_profile.php @@ -0,0 +1,649 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_profile +* Changing profile settings +* +* @todo what about pertaining user_sig_options? +* @package ucp +*/ +class ucp_profile +{ + var $u_action; + + function main($id, $mode) + { + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + + $user->add_lang('posting'); + + $preview = (!empty($_POST['preview'])) ? true : false; + $submit = (!empty($_POST['submit'])) ? true : false; + $delete = (!empty($_POST['delete'])) ? true : false; + $error = $data = array(); + $s_hidden_fields = ''; + + switch ($mode) + { + case 'reg_details': + + $data = array( + 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), + 'email' => strtolower(request_var('email', $user->data['user_email'])), + 'email_confirm' => strtolower(request_var('email_confirm', '')), + 'new_password' => request_var('new_password', '', true), + 'cur_password' => request_var('cur_password', '', true), + 'password_confirm' => request_var('password_confirm', '', true), + ); + + add_form_key('ucp_reg_details'); + + if ($submit) + { + // Do not check cur_password, it is the old one. + $check_ary = array( + 'new_password' => array( + array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + array('password')), + 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + 'email' => array( + array('string', false, 6, 60), + array('email')), + 'email_confirm' => array('string', true, 6, 60), + ); + + if ($auth->acl_get('u_chgname') && $config['allow_namechange']) + { + $check_ary['username'] = array( + array('string', false, $config['min_name_chars'], $config['max_name_chars']), + array('username'), + ); + } + + $error = validate_data($data, $check_ary); + + if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) + { + $error[] = 'NEW_PASSWORD_ERROR'; + } + + if (($data['new_password'] || ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) || ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])) && !phpbb_check_hash($data['cur_password'], $user->data['user_password'])) + { + $error[] = 'CUR_PASSWORD_ERROR'; + } + + // Only check the new password against the previous password if there have been no errors + if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && phpbb_check_hash($data['new_password'], $user->data['user_password'])) + { + $error[] = 'SAME_PASSWORD_ERROR'; + } + + if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) + { + $error[] = 'NEW_EMAIL_ERROR'; + } + + if (!check_form_key('ucp_reg_details')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + $sql_ary = array( + 'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'], + 'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'], + 'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'], + 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'], + 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? phpbb_hash($data['new_password']) : $user->data['user_password'], + 'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0, + ); + + if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username']) + { + add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']); + } + + if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !phpbb_check_hash($data['new_password'], $user->data['user_password'])) + { + $user->reset_login_keys(); + add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']); + } + + if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) + { + add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']); + } + + $message = 'PROFILE_UPDATED'; + + if ($config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) + { + $message = ($config['require_activation'] == USER_ACTIVATION_SELF) ? 'ACCOUNT_EMAIL_CHANGED' : 'ACCOUNT_EMAIL_CHANGED_ADMIN'; + + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + + $server_url = generate_board_url(); + + $user_actkey = gen_rand_string(10); + $key_len = 54 - (strlen($server_url)); + $key_len = ($key_len > 6) ? $key_len : 6; + $user_actkey = substr($user_actkey, 0, $key_len); + + $messenger = new messenger(false); + + $template_file = ($config['require_activation'] == USER_ACTIVATION_ADMIN) ? 'user_activate_inactive' : 'user_activate'; + $messenger->template($template_file, $user->data['user_lang']); + + $messenger->to($data['email'], $data['username']); + + $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); + $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); + $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($data['username']), + 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") + ); + + $messenger->send(NOTIFY_EMAIL); + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + // Grab an array of user_id's with a_user permissions ... these users can activate a user + $admin_ary = $auth->acl_get_list(false, 'a_user', false); + $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); + + // Also include founders + $where_sql = ' WHERE user_type = ' . USER_FOUNDER; + + if (sizeof($admin_ary)) + { + $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); + } + + $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type + FROM ' . USERS_TABLE . ' ' . + $where_sql; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $messenger->template('admin_activate', $row['user_lang']); + $messenger->to($row['user_email'], $row['username']); + $messenger->im($row['user_jabber'], $row['username']); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($data['username']), + 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u={$user->data['user_id']}", + 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") + ); + + $messenger->send($row['user_notify_type']); + } + $db->sql_freeresult($result); + } + + user_active_flip('deactivate', $user->data['user_id'], INACTIVE_PROFILE); + + // Because we want the profile to be reactivated we set user_newpasswd to empty (else the reactivation will fail) + $sql_ary['user_actkey'] = $user_actkey; + $sql_ary['user_newpasswd'] = ''; + } + + if (sizeof($sql_ary)) + { + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + } + + // Need to update config, forum, topic, posting, messages, etc. + if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange']) + { + user_update_name($user->data['username'], $data['username']); + } + + // Now, we can remove the user completely (kill the session) - NOT BEFORE!!! + if (!empty($sql_ary['user_actkey'])) + { + meta_refresh(5, append_sid($phpbb_root_path . 'index.' . $phpEx)); + $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid($phpbb_root_path . 'index.' . $phpEx) . '">', '</a>'); + + // Because the user gets deactivated we log him out too, killing his session + $user->session_kill(); + } + else + { + meta_refresh(3, $this->u_action); + $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + } + + trigger_error($message); + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + + 'USERNAME' => $data['username'], + 'EMAIL' => $data['email'], + 'PASSWORD_CONFIRM' => $data['password_confirm'], + 'NEW_PASSWORD' => $data['new_password'], + 'CUR_PASSWORD' => '', + + 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), + 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), + + 'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false, + 'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false, + 'S_CHANGE_EMAIL' => ($auth->acl_get('u_chgemail')) ? true : false, + 'S_CHANGE_PASSWORD' => ($auth->acl_get('u_chgpasswd')) ? true : false) + ); + break; + + case 'profile_info': + + include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); + + $cp = new custom_profile(); + + $cp_data = $cp_error = array(); + + $data = array( + 'icq' => request_var('icq', $user->data['user_icq']), + 'aim' => request_var('aim', $user->data['user_aim']), + 'msn' => request_var('msn', $user->data['user_msnm']), + 'yim' => request_var('yim', $user->data['user_yim']), + 'jabber' => utf8_normalize_nfc(request_var('jabber', $user->data['user_jabber'], true)), + 'website' => request_var('website', $user->data['user_website']), + 'location' => utf8_normalize_nfc(request_var('location', $user->data['user_from'], true)), + 'occupation' => utf8_normalize_nfc(request_var('occupation', $user->data['user_occ'], true)), + 'interests' => utf8_normalize_nfc(request_var('interests', $user->data['user_interests'], true)), + ); + + if ($config['allow_birthdays']) + { + $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0; + + if ($user->data['user_birthday']) + { + list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']); + } + + $data['bday_day'] = request_var('bday_day', $data['bday_day']); + $data['bday_month'] = request_var('bday_month', $data['bday_month']); + $data['bday_year'] = request_var('bday_year', $data['bday_year']); + $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); + } + + add_form_key('ucp_profile_info'); + + if ($submit) + { + $validate_array = array( + 'icq' => array( + array('string', true, 3, 15), + array('match', true, '#^[0-9]+$#i')), + 'aim' => array('string', true, 3, 255), + 'msn' => array('string', true, 5, 255), + 'jabber' => array( + array('string', true, 5, 255), + array('jabber')), + 'yim' => array('string', true, 5, 255), + 'website' => array( + array('string', true, 12, 255), + array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')), + 'location' => array('string', true, 2, 100), + 'occupation' => array('string', true, 2, 500), + 'interests' => array('string', true, 2, 500), + ); + + if ($config['allow_birthdays']) + { + $validate_array = array_merge($validate_array, array( + 'bday_day' => array('num', true, 1, 31), + 'bday_month' => array('num', true, 1, 12), + 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), + 'user_birthday' => array('date', true), + )); + } + + $error = validate_data($data, $validate_array); + + // validate custom profile fields + $cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error); + + if (sizeof($cp_error)) + { + $error = array_merge($error, $cp_error); + } + + if (!check_form_key('ucp_profile_info')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error)) + { + $data['notify'] = $user->data['user_notify_type']; + + if ($data['notify'] == NOTIFY_IM && (!$config['jab_enable'] || !$data['jabber'] || !@extension_loaded('xml'))) + { + // User has not filled in a jabber address (Or one of the modules is disabled or jabber is disabled) + // Disable notify by Jabber now for this user. + $data['notify'] = NOTIFY_EMAIL; + } + + $sql_ary = array( + 'user_icq' => $data['icq'], + 'user_aim' => $data['aim'], + 'user_msnm' => $data['msn'], + 'user_yim' => $data['yim'], + 'user_jabber' => $data['jabber'], + 'user_website' => $data['website'], + 'user_from' => $data['location'], + 'user_occ' => $data['occupation'], + 'user_interests'=> $data['interests'], + 'user_notify_type' => $data['notify'], + ); + + if ($config['allow_birthdays']) + { + $sql_ary['user_birthday'] = $data['user_birthday']; + } + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + // Update Custom Fields + $cp->update_profile_field_data($user->data['user_id'], $cp_data); + + meta_refresh(3, $this->u_action); + $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + if ($config['allow_birthdays']) + { + $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>'; + for ($i = 1; $i < 32; $i++) + { + $selected = ($i == $data['bday_day']) ? ' selected="selected"' : ''; + $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>"; + } + + $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>'; + for ($i = 1; $i < 13; $i++) + { + $selected = ($i == $data['bday_month']) ? ' selected="selected"' : ''; + $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>"; + } + $s_birthday_year_options = ''; + + $now = getdate(); + $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>'; + for ($i = $now['year'] - 100; $i <= $now['year']; $i++) + { + $selected = ($i == $data['bday_year']) ? ' selected="selected"' : ''; + $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>"; + } + unset($now); + + $template->assign_vars(array( + 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, + 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, + 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options, + 'S_BIRTHDAYS_ENABLED' => true, + )); + } + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + + 'ICQ' => $data['icq'], + 'YIM' => $data['yim'], + 'AIM' => $data['aim'], + 'MSN' => $data['msn'], + 'JABBER' => $data['jabber'], + 'WEBSITE' => $data['website'], + 'LOCATION' => $data['location'], + 'OCCUPATION'=> $data['occupation'], + 'INTERESTS' => $data['interests'], + )); + + // Get additional profile fields and assign them to the template block var 'profile_fields' + $user->get_profile_fields($user->data['user_id']); + + $cp->generate_profile_fields('profile', $user->get_iso_lang_id()); + + break; + + case 'signature': + + if (!$auth->acl_get('u_sig')) + { + trigger_error('NO_AUTH_SIGNATURE'); + } + + include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + + $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $user->optionget('sig_bbcode') : false; + $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $user->optionget('sig_smilies') : false; + $enable_urls = ($config['allow_sig_links']) ? (bool) $user->optionget('sig_links') : false; + + $signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true)); + + add_form_key('ucp_sig'); + + if ($submit || $preview) + { + include($phpbb_root_path . 'includes/message_parser.' . $phpEx); + + $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false; + $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false; + $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false; + + if (!sizeof($error)) + { + $message_parser = new parse_message($signature); + + // Allowing Quote BBCode + $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig'); + + if (sizeof($message_parser->warn_msg)) + { + $error[] = implode('<br />', $message_parser->warn_msg); + } + + if (!check_form_key('ucp_sig')) + { + $error[] = 'FORM_INVALID'; + } + + if (!sizeof($error) && $submit) + { + $user->optionset('sig_bbcode', $enable_bbcode); + $user->optionset('sig_smilies', $enable_smilies); + $user->optionset('sig_links', $enable_urls); + + $sql_ary = array( + 'user_sig' => (string) $message_parser->message, + 'user_options' => $user->data['user_options'], + 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid, + 'user_sig_bbcode_bitfield' => $message_parser->bbcode_bitfield + ); + + $sql = 'UPDATE ' . USERS_TABLE . ' + SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' + WHERE user_id = ' . $user->data['user_id']; + $db->sql_query($sql); + + $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + $signature_preview = ''; + if ($preview) + { + // Now parse it for displaying + $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); + unset($message_parser); + } + + decode_message($signature, $user->data['user_sig_bbcode_uid']); + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'SIGNATURE' => $signature, + 'SIGNATURE_PREVIEW' => $signature_preview, + + 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '', + 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '', + 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '', + + 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), + 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], + 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], + 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], + 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], + 'MAX_FONT_SIZE' => (int) $config['max_sig_font_size'], + + 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']), + + 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'], + 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'], + 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false, + 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false, + 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false) + ); + + // Build custom bbcodes array + display_custom_bbcodes(); + + break; + + case 'avatar': + + include($phpbb_root_path . 'includes/functions_display.' . $phpEx); + + $display_gallery = request_var('display_gallery', '0'); + $avatar_select = basename(request_var('avatar_select', '')); + $category = basename(request_var('category', '')); + + $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; + + add_form_key('ucp_avatar'); + + if ($submit) + { + if (check_form_key('ucp_avatar')) + { + if (avatar_process_user($error)) + { + meta_refresh(3, $this->u_action); + $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + } + else + { + $error[] = 'FORM_INVALID'; + } + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + } + + if (!$config['allow_avatar'] && $user->data['user_avatar_type']) + { + $error[] = $user->lang['AVATAR_NOT_ALLOWED']; + } + else if ((($user->data['user_avatar_type'] == AVATAR_UPLOAD) && !$config['allow_avatar_upload']) || + (($user->data['user_avatar_type'] == AVATAR_REMOTE) && !$config['allow_avatar_remote']) || + (($user->data['user_avatar_type'] == AVATAR_GALLERY) && !$config['allow_avatar_local'])) + { + $error[] = $user->lang['AVATAR_TYPE_NOT_ALLOWED']; + } + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'AVATAR' => get_user_avatar($user->data['user_avatar'], $user->data['user_avatar_type'], $user->data['user_avatar_width'], $user->data['user_avatar_height'], 'USER_AVATAR', true), + 'AVATAR_SIZE' => $config['avatar_filesize'], + + 'U_GALLERY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=profile&mode=avatar&display_gallery=1'), + + 'S_FORM_ENCTYPE' => ($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', + + 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), + )); + + if ($config['allow_avatar'] && $display_gallery && $auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) + { + avatar_gallery($category, $avatar_select, 4); + } + else if ($config['allow_avatar']) + { + $avatars_enabled = (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($auth->acl_get('u_chgavatar') && ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; + + $template->assign_vars(array( + 'AVATAR_WIDTH' => request_var('width', $user->data['user_avatar_width']), + 'AVATAR_HEIGHT' => request_var('height', $user->data['user_avatar_height']), + + 'S_AVATARS_ENABLED' => $avatars_enabled, + 'S_UPLOAD_AVATAR_FILE' => ($can_upload && $config['allow_avatar_upload']) ? true : false, + 'S_UPLOAD_AVATAR_URL' => ($can_upload && $config['allow_avatar_remote_upload']) ? true : false, + 'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false, + 'S_DISPLAY_GALLERY' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false) + ); + } + + break; + } + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_PROFILE_' . strtoupper($mode)], + + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action) + ); + + // Set desired template + $this->tpl_name = 'ucp_profile_' . $mode; + $this->page_title = 'UCP_PROFILE_' . strtoupper($mode); + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php new file mode 100644 index 0000000000..8359c223e0 --- /dev/null +++ b/phpBB/includes/ucp/ucp_register.php @@ -0,0 +1,503 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_register +* Board registration +* @package ucp +*/ +class ucp_register +{ + var $u_action; + + function main($id, $mode) + { + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + + // + if ($config['require_activation'] == USER_ACTIVATION_DISABLE) + { + trigger_error('UCP_REGISTER_DISABLE'); + } + + include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); + + $coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; + $agreed = (!empty($_POST['agreed'])) ? 1 : 0; + $submit = (isset($_POST['submit'])) ? true : false; + $change_lang = request_var('change_lang', ''); + $user_lang = request_var('lang', $user->lang_name); + + if ($agreed) + { + add_form_key('ucp_register'); + } + else + { + add_form_key('ucp_register_terms'); + } + + if ($change_lang || $user_lang != $config['default_lang']) + { + $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang); + + if (file_exists($user->lang_path . $use_lang . '/')) + { + if ($change_lang) + { + $submit = false; + + // Setting back agreed to let the user view the agreement in his/her language + $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; + } + + $user->lang_name = $user_lang = $use_lang; + $user->lang = array(); + $user->data['user_lang'] = $user->lang_name; + $user->add_lang(array('common', 'ucp')); + } + else + { + $change_lang = ''; + $user_lang = $user->lang_name; + } + } + + + $cp = new custom_profile(); + + $error = $cp_data = $cp_error = array(); + + if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) + { + $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; + $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; + + $s_hidden_fields = array( + 'change_lang' => $change_lang, + ); + + // If we change the language, we want to pass on some more possible parameter. + if ($change_lang) + { + // We do not include the password + $s_hidden_fields = array_merge($s_hidden_fields, array( + 'username' => utf8_normalize_nfc(request_var('username', '', true)), + 'email' => strtolower(request_var('email', '')), + 'email_confirm' => strtolower(request_var('email_confirm', '')), + 'lang' => $user->lang_name, + 'tz' => request_var('tz', (float) $config['board_timezone']), + )); + + } + + // Checking amount of available languages + $sql = 'SELECT lang_id + FROM ' . LANG_TABLE; + $result = $db->sql_query($sql); + + $lang_row = array(); + while ($row = $db->sql_fetchrow($result)) + { + $lang_row[] = $row; + } + $db->sql_freeresult($result); + + if ($coppa === false && $config['coppa_enable']) + { + $now = getdate(); + $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); + unset($now); + + $template->assign_vars(array( + 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '', + 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), + 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), + + 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang), + 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang), + + 'S_SHOW_COPPA' => true, + 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), + 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang), + )); + } + else + { + $template->assign_vars(array( + 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '', + 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), + + 'S_SHOW_COPPA' => false, + 'S_REGISTRATION' => true, + 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), + 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa), + ) + ); + } + unset($lang_row); + + $this->tpl_name = 'ucp_agreement'; + return; + } + + + // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. + if ($config['enable_confirm']) + { + include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); + $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); + $captcha->init(CONFIRM_REG); + } + + // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 + $timezone = date('Z') / 3600; + $is_dst = date('I'); + + if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1)) + { + $timezone = ($is_dst) ? $timezone - 1 : $timezone; + + if (!isset($user->lang['tz_zones'][(string) $timezone])) + { + $timezone = $config['board_timezone']; + } + } + else + { + $is_dst = $config['board_dst']; + $timezone = $config['board_timezone']; + } + + $data = array( + 'username' => utf8_normalize_nfc(request_var('username', '', true)), + 'new_password' => request_var('new_password', '', true), + 'password_confirm' => request_var('password_confirm', '', true), + 'email' => strtolower(request_var('email', '')), + 'email_confirm' => strtolower(request_var('email_confirm', '')), + 'lang' => basename(request_var('lang', $user->lang_name)), + 'tz' => request_var('tz', (float) $timezone), + ); + + // Check and initialize some variables if needed + if ($submit) + { + $error = validate_data($data, array( + 'username' => array( + array('string', false, $config['min_name_chars'], $config['max_name_chars']), + array('username', '')), + 'new_password' => array( + array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), + array('password')), + 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), + 'email' => array( + array('string', false, 6, 60), + array('email')), + 'email_confirm' => array('string', false, 6, 60), + 'tz' => array('num', false, -14, 14), + 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), + )); + + if (!check_form_key('ucp_register')) + { + $error[] = $user->lang['FORM_INVALID']; + } + + // Replace "error" strings with their real, localised form + $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); + + if ($config['enable_confirm']) + { + $vc_response = $captcha->validate($data); + if ($vc_response !== false) + { + $error[] = $vc_response; + } + + if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) + { + $error[] = $user->lang['TOO_MANY_REGISTERS']; + } + } + + // DNSBL check + if ($config['check_dnsbl']) + { + if (($dnsbl = $user->check_dnsbl('register')) !== false) + { + $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); + } + } + + // validate custom profile fields + $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); + + if (!sizeof($error)) + { + if ($data['new_password'] != $data['password_confirm']) + { + $error[] = $user->lang['NEW_PASSWORD_ERROR']; + } + + if ($data['email'] != $data['email_confirm']) + { + $error[] = $user->lang['NEW_EMAIL_ERROR']; + } + } + + if (!sizeof($error)) + { + $server_url = generate_board_url(); + + // Which group by default? + $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; + + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape($group_name) . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + $group_id = $row['group_id']; + + if (($coppa || + $config['require_activation'] == USER_ACTIVATION_SELF || + $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) + { + $user_actkey = gen_rand_string(10); + $key_len = 54 - (strlen($server_url)); + $key_len = ($key_len < 6) ? 6 : $key_len; + $user_actkey = substr($user_actkey, 0, $key_len); + + $user_type = USER_INACTIVE; + $user_inactive_reason = INACTIVE_REGISTER; + $user_inactive_time = time(); + } + else + { + $user_type = USER_NORMAL; + $user_actkey = ''; + $user_inactive_reason = 0; + $user_inactive_time = 0; + } + + $user_row = array( + 'username' => $data['username'], + 'user_password' => phpbb_hash($data['new_password']), + 'user_email' => $data['email'], + 'group_id' => (int) $group_id, + 'user_timezone' => (float) $data['tz'], + 'user_dst' => $is_dst, + 'user_lang' => $data['lang'], + 'user_type' => $user_type, + 'user_actkey' => $user_actkey, + 'user_ip' => $user->ip, + 'user_regdate' => time(), + 'user_inactive_reason' => $user_inactive_reason, + 'user_inactive_time' => $user_inactive_time, + ); + + if ($config['new_member_post_limit']) + { + $user_row['user_new'] = 1; + } + + // Register user... + $user_id = user_add($user_row, $cp_data); + + // This should not happen, because the required variables are listed above... + if ($user_id === false) + { + trigger_error('NO_USER', E_USER_ERROR); + } + + if ($coppa && $config['email_enable']) + { + $message = $user->lang['ACCOUNT_COPPA']; + $email_template = 'coppa_welcome_inactive'; + } + else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) + { + $message = $user->lang['ACCOUNT_INACTIVE']; + $email_template = 'user_welcome_inactive'; + } + else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) + { + $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; + $email_template = 'admin_welcome_inactive'; + } + else + { + $message = $user->lang['ACCOUNT_ADDED']; + $email_template = 'user_welcome'; + } + + if ($config['email_enable']) + { + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + + $messenger = new messenger(false); + + $messenger->template($email_template, $data['lang']); + + $messenger->to($data['email'], $data['username']); + + $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); + $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); + $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + + $messenger->assign_vars(array( + 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), + 'USERNAME' => htmlspecialchars_decode($data['username']), + 'PASSWORD' => htmlspecialchars_decode($data['new_password']), + 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") + ); + + if ($coppa) + { + $messenger->assign_vars(array( + 'FAX_INFO' => $config['coppa_fax'], + 'MAIL_INFO' => $config['coppa_mail'], + 'EMAIL_ADDRESS' => $data['email']) + ); + } + + $messenger->send(NOTIFY_EMAIL); + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + // Grab an array of user_id's with a_user permissions ... these users can activate a user + $admin_ary = $auth->acl_get_list(false, 'a_user', false); + $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); + + // Also include founders + $where_sql = ' WHERE user_type = ' . USER_FOUNDER; + + if (sizeof($admin_ary)) + { + $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); + } + + $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type + FROM ' . USERS_TABLE . ' ' . + $where_sql; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $messenger->template('admin_activate', $row['user_lang']); + $messenger->to($row['user_email'], $row['username']); + $messenger->im($row['user_jabber'], $row['username']); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($data['username']), + 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id", + 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") + ); + + $messenger->send($row['user_notify_type']); + } + $db->sql_freeresult($result); + } + } + + $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); + trigger_error($message); + } + } + + $s_hidden_fields = array( + 'agreed' => 'true', + 'change_lang' => 0, + ); + + if ($config['coppa_enable']) + { + $s_hidden_fields['coppa'] = $coppa; + } + + if ($config['enable_confirm']) + { + $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); + } + $s_hidden_fields = build_hidden_fields($s_hidden_fields); + $confirm_image = ''; + + // Visual Confirmation - Show images + if ($config['enable_confirm']) + { + $template->assign_vars(array( + 'CAPTCHA_TEMPLATE' => $captcha->get_template(), + )); + } + + // + $l_reg_cond = ''; + switch ($config['require_activation']) + { + case USER_ACTIVATION_SELF: + $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; + break; + + case USER_ACTIVATION_ADMIN: + $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; + break; + } + + $template->assign_vars(array( + 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', + 'USERNAME' => $data['username'], + 'PASSWORD' => $data['new_password'], + 'PASSWORD_CONFIRM' => $data['password_confirm'], + 'EMAIL' => $data['email'], + 'EMAIL_CONFIRM' => $data['email_confirm'], + + 'L_REG_COND' => $l_reg_cond, + 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), + 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), + + 'S_LANG_OPTIONS' => language_select($data['lang']), + 'S_TZ_OPTIONS' => tz_select($data['tz']), + 'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false, + 'S_REGISTRATION' => true, + 'S_COPPA' => $coppa, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), + )); + + // + $user->profile_fields = array(); + + // Generate profile fields -> Template Block Variable profile_fields + $cp->generate_profile_fields('register', $user->get_iso_lang_id()); + + // + $this->tpl_name = 'ucp_register'; + $this->page_title = 'UCP_REGISTRATION'; + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php new file mode 100644 index 0000000000..df6733d038 --- /dev/null +++ b/phpBB/includes/ucp/ucp_remind.php @@ -0,0 +1,125 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_remind +* Sending password reminders +* @package ucp +*/ +class ucp_remind +{ + var $u_action; + + function main($id, $mode) + { + global $config, $phpbb_root_path, $phpEx; + global $db, $user, $auth, $template; + + $username = request_var('username', '', true); + $email = strtolower(request_var('email', '')); + $submit = (isset($_POST['submit'])) ? true : false; + + if ($submit) + { + $sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason + FROM ' . USERS_TABLE . " + WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "' + AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $db->sql_query($sql); + $user_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$user_row) + { + trigger_error('NO_EMAIL_USER'); + } + + if ($user_row['user_type'] == USER_IGNORE) + { + trigger_error('NO_USER'); + } + + if ($user_row['user_type'] == USER_INACTIVE) + { + if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) + { + trigger_error('ACCOUNT_DEACTIVATED'); + } + else + { + trigger_error('ACCOUNT_NOT_ACTIVATED'); + } + } + + // Check users permissions + $auth2 = new auth(); + $auth2->acl($user_row); + + if (!$auth2->acl_get('u_chgpasswd')) + { + trigger_error('NO_AUTH_PASSWORD_REMINDER'); + } + + $server_url = generate_board_url(); + + $key_len = 54 - strlen($server_url); + $key_len = max(6, $key_len); // we want at least 6 + $key_len = ($config['max_pass_chars']) ? min($key_len, $config['max_pass_chars']) : $key_len; // we want at most $config['max_pass_chars'] + $user_actkey = substr(gen_rand_string(10), 0, $key_len); + $user_password = gen_rand_string(8); + + $sql = 'UPDATE ' . USERS_TABLE . " + SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' + WHERE user_id = " . $user_row['user_id']; + $db->sql_query($sql); + + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + + $messenger = new messenger(false); + + $messenger->template('user_activate_passwd', $user_row['user_lang']); + + $messenger->to($user_row['user_email'], $user_row['username']); + $messenger->im($user_row['user_jabber'], $user_row['username']); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($user_row['username']), + 'PASSWORD' => htmlspecialchars_decode($user_password), + 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") + ); + + $messenger->send($user_row['user_notify_type']); + + meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); + + $message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); + trigger_error($message); + } + + $template->assign_vars(array( + 'USERNAME' => $username, + 'EMAIL' => $email, + 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')) + ); + + $this->tpl_name = 'ucp_remind'; + $this->page_title = 'UCP_REMIND'; + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php new file mode 100644 index 0000000000..39e9be24a1 --- /dev/null +++ b/phpBB/includes/ucp/ucp_resend.php @@ -0,0 +1,170 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_resend +* Resending activation emails +* @package ucp +*/ +class ucp_resend +{ + var $u_action; + + function main($id, $mode) + { + global $config, $phpbb_root_path, $phpEx; + global $db, $user, $auth, $template; + + $username = request_var('username', '', true); + $email = strtolower(request_var('email', '')); + $submit = (isset($_POST['submit'])) ? true : false; + + add_form_key('ucp_resend'); + + if ($submit) + { + if (!check_form_key('ucp_resend')) + { + trigger_error('FORM_INVALID'); + } + + $sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason + FROM ' . USERS_TABLE . " + WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "' + AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $db->sql_query($sql); + $user_row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$user_row) + { + trigger_error('NO_EMAIL_USER'); + } + + if ($user_row['user_type'] == USER_IGNORE) + { + trigger_error('NO_USER'); + } + + if (!$user_row['user_actkey'] && $user_row['user_type'] != USER_INACTIVE) + { + trigger_error('ACCOUNT_ALREADY_ACTIVATED'); + } + + if (!$user_row['user_actkey'] || ($user_row['user_type'] == USER_INACTIVE && $user_row['user_inactive_reason'] == INACTIVE_MANUAL)) + { + trigger_error('ACCOUNT_DEACTIVATED'); + } + + // Determine coppa status on group (REGISTERED(_COPPA)) + $sql = 'SELECT group_name, group_type + FROM ' . GROUPS_TABLE . ' + WHERE group_id = ' . $user_row['group_id']; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + $coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; + + include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); + $messenger = new messenger(false); + + if ($config['require_activation'] == USER_ACTIVATION_SELF || $coppa) + { + $messenger->template(($coppa) ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); + $messenger->to($user_row['user_email'], $user_row['username']); + + $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); + $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); + $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + + $messenger->assign_vars(array( + 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), + 'USERNAME' => htmlspecialchars_decode($user_row['username']), + 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") + ); + + if ($coppa) + { + $messenger->assign_vars(array( + 'FAX_INFO' => $config['coppa_fax'], + 'MAIL_INFO' => $config['coppa_mail'], + 'EMAIL_ADDRESS' => $user_row['user_email']) + ); + } + + $messenger->send(NOTIFY_EMAIL); + } + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + // Grab an array of user_id's with a_user permissions ... these users can activate a user + $admin_ary = $auth->acl_get_list(false, 'a_user', false); + + $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('user_id', $admin_ary[0]['a_user']); + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $messenger->template('admin_activate', $row['user_lang']); + $messenger->to($row['user_email'], $row['username']); + $messenger->im($row['user_jabber'], $row['username']); + + $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); + $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); + $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); + $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); + + $messenger->assign_vars(array( + 'USERNAME' => htmlspecialchars_decode($user_row['username']), + 'U_USER_DETAILS' => generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$user_row['user_id']}", + 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") + ); + + $messenger->send($row['user_notify_type']); + } + $db->sql_freeresult($result); + } + + meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); + + $message = ($config['require_activation'] == USER_ACTIVATION_ADMIN) ? $user->lang['ACTIVATION_EMAIL_SENT_ADMIN'] : $user->lang['ACTIVATION_EMAIL_SENT']; + $message .= '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); + trigger_error($message); + } + + $template->assign_vars(array( + 'USERNAME' => $username, + 'EMAIL' => $email, + 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=resend_act')) + ); + + $this->tpl_name = 'ucp_resend'; + $this->page_title = 'UCP_RESEND'; + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php new file mode 100644 index 0000000000..5ed4db7520 --- /dev/null +++ b/phpBB/includes/ucp/ucp_zebra.php @@ -0,0 +1,257 @@ +<?php +/** +* +* @package ucp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @ignore +*/ +if (!defined('IN_PHPBB')) +{ + exit; +} + +/** +* ucp_zebra +* @package ucp +*/ +class ucp_zebra +{ + var $u_action; + + function main($id, $mode) + { + global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; + + $submit = (isset($_POST['submit']) || isset($_GET['add']) || isset($_GET['remove'])) ? true : false; + $s_hidden_fields = ''; + + $l_mode = strtoupper($mode); + + if ($submit) + { + $data = $error = array(); + $updated = false; + + $var_ary = array( + 'usernames' => array(0), + 'add' => '', + ); + + foreach ($var_ary as $var => $default) + { + $data[$var] = request_var($var, $default, true); + } + + if (!empty($data['add']) || sizeof($data['usernames'])) + { + if (confirm_box(true)) + { + // Remove users + if (!empty($data['usernames'])) + { + $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND ' . $db->sql_in_set('zebra_id', $data['usernames']); + $db->sql_query($sql); + + $updated = true; + } + + // Add users + if ($data['add']) + { + $data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add']))); + + // Do these name/s exist on a list already? If so, ignore ... we could be + // 'nice' and automatically handle names added to one list present on + // the other (by removing the existing one) ... but I have a feeling this + // may lead to complaints + $sql = 'SELECT z.*, u.username, u.username_clean + FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u + WHERE z.user_id = ' . $user->data['user_id'] . ' + AND u.user_id = z.zebra_id'; + $result = $db->sql_query($sql); + + $friends = $foes = array(); + while ($row = $db->sql_fetchrow($result)) + { + if ($row['friend']) + { + $friends[] = utf8_clean_string($row['username']); + } + else + { + $foes[] = utf8_clean_string($row['username']); + } + } + $db->sql_freeresult($result); + + // remove friends from the username array + $n = sizeof($data['add']); + $data['add'] = array_diff($data['add'], $friends); + + if (sizeof($data['add']) < $n && $mode == 'foes') + { + $error[] = $user->lang['NOT_ADDED_FOES_FRIENDS']; + } + + // remove foes from the username array + $n = sizeof($data['add']); + $data['add'] = array_diff($data['add'], $foes); + + if (sizeof($data['add']) < $n && $mode == 'friends') + { + $error[] = $user->lang['NOT_ADDED_FRIENDS_FOES']; + } + + // remove the user himself from the username array + $n = sizeof($data['add']); + $data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username']))); + + if (sizeof($data['add']) < $n) + { + $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF']; + } + + unset($friends, $foes, $n); + + if (sizeof($data['add'])) + { + $sql = 'SELECT user_id, user_type + FROM ' . USERS_TABLE . ' + WHERE ' . $db->sql_in_set('username_clean', $data['add']) . ' + AND user_type <> ' . USER_INACTIVE; + $result = $db->sql_query($sql); + + $user_id_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE) + { + $user_id_ary[] = $row['user_id']; + } + else if ($row['user_id'] != ANONYMOUS) + { + $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_BOTS']; + } + else + { + $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS']; + } + } + $db->sql_freeresult($result); + + if (sizeof($user_id_ary)) + { + // Remove users from foe list if they are admins or moderators + if ($mode == 'foes') + { + $perms = array(); + foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary) + { + foreach ($forum_ary as $auth_option => $user_ary) + { + $perms = array_merge($perms, $user_ary); + } + } + + $perms = array_unique($perms); + + if (sizeof($perms)) + { + $error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN']; + } + + // This may not be right ... it may yield true when perms equate to deny + $user_id_ary = array_diff($user_id_ary, $perms); + unset($perms); + } + + if (sizeof($user_id_ary)) + { + $sql_mode = ($mode == 'friends') ? 'friend' : 'foe'; + + $sql_ary = array(); + foreach ($user_id_ary as $zebra_id) + { + $sql_ary[] = array( + 'user_id' => (int) $user->data['user_id'], + 'zebra_id' => (int) $zebra_id, + $sql_mode => 1 + ); + } + + $db->sql_multi_insert(ZEBRA_TABLE, $sql_ary); + + $updated = true; + } + unset($user_id_ary); + } + else if (!sizeof($error)) + { + $error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE']; + } + } + } + + if ($updated) + { + meta_refresh(3, $this->u_action); + $message = $user->lang[$l_mode . '_UPDATED'] . '<br />' . implode('<br />', $error) . ((sizeof($error)) ? '<br />' : '') . '<br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); + trigger_error($message); + } + else + { + $template->assign_var('ERROR', implode('<br />', $error)); + } + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'mode' => $mode, + 'submit' => true, + 'usernames' => $data['usernames'], + 'add' => $data['add'])) + ); + } + } + } + + $sql_and = ($mode == 'friends') ? 'z.friend = 1' : 'z.foe = 1'; + $sql = 'SELECT z.*, u.username, u.username_clean + FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u + WHERE z.user_id = ' . $user->data['user_id'] . " + AND $sql_and + AND u.user_id = z.zebra_id + ORDER BY u.username_clean ASC"; + $result = $db->sql_query($sql); + + $s_username_options = ''; + while ($row = $db->sql_fetchrow($result)) + { + $s_username_options .= '<option value="' . $row['zebra_id'] . '">' . $row['username'] . '</option>'; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_ZEBRA_' . $l_mode], + + 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add'), + + 'S_USERNAME_OPTIONS' => $s_username_options, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => $this->u_action) + ); + + $this->tpl_name = 'ucp_zebra_' . $mode; + $this->page_title = 'UCP_ZEBRA_' . $l_mode; + } +} + +?>
\ No newline at end of file |