sql_query($sql) ) { while( $row = $db->sql_fetchrow($result) ) { $match_email = str_replace("*@", ".*@", $row['ban_email']); if ( preg_match("/^" . $match_email . "$/is", $email) ) { return array('error' => true, 'error_msg' => $lang['Email_banned']); } } } $sql = "SELECT user_email FROM " . USERS_TABLE . " WHERE user_email = '" . str_replace("\'", "''", $email) . "'"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, "Couldn't obtain user email information.", "", __LINE__, __FILE__, $sql); } if ( $email_taken = $db->sql_fetchrow($result) ) { return array('error' => true, 'error_msg' => $lang['Email_taken']); } return array('error' => false, 'error_msg' => ''); } } return array('error' => true, 'error_msg' => $lang['Email_invalid']); } // // Does supplementary validation of optional profile fields. This expects common stuff like trim() and strip_tags() // to have already been run. Params are passed by-ref, so we can set them to the empty string if they fail. // function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig) { // ICQ number has to be only numbers. if (!preg_match("/^[0-9]+$/", $icq)) { $icq = ""; } // AIM address has to have length >= 2. if (strlen($aim) < 2) { $aim = ""; } // MSNM address has to have length >= 2. if (strlen($msnm) < 2) { $msnm = ""; } // YIM address has to have length >= 2. if (strlen($yim) < 2) { $yim = ""; } // website has to start with http://, followed by something with length at least 3 that // contains at least one dot. if($website != "") { if( !preg_match("#^http:\/\/#i", $website) ) { $website = "http://" . $website; } if ( !preg_match("#^http\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i", $website) ) { $website = ""; } } // location has to have length >= 2. if (strlen($location) < 2) { $location = ""; } // occupation has to have length >= 2. if (strlen($occupation) < 2) { $occupation = ""; } // interests has to have length >= 2. if (strlen($interests) < 2) { $interests = ""; } // sig has to have length >= 2. if (strlen($sig) < 2) { $sig = ""; } return; } function generate_password() { $chars = array( "a","A","b","B","c","C","d","D","e","E","f","F","g","G","h","H","i","I","j","J", "k","K","l","L","m","M","n","N","o","O","p","P","q","Q","r","R","s","S","t","T", "u","U","v","V","w","W","x","X","y","Y","z","Z","1","2","3","4","5","6","7","8", "9","0"); $max_chars = count($chars) - 1; srand((double)microtime()*1000000); for($i = 0; $i < 8; $i++) { $new_passwd = ($i == 0) ? $chars[rand(0, $max_chars)] : $new_passwd . $chars[rand(0, $max_chars)]; } return($new_passwd); } // // End page specific functions // --------------------------- // // Start of program proper // if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ) { $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode']; // // Begin page proper // if ( $mode == "viewprofile" ) { if ( empty($HTTP_GET_VARS[POST_USERS_URL]) || $HTTP_GET_VARS[POST_USERS_URL] == ANONYMOUS ) { message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']); } $profiledata = get_userdata(intval($HTTP_GET_VARS[POST_USERS_URL])); $sql = "SELECT * FROM " . RANKS_TABLE . " ORDER BY rank_special, rank_min"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, "Couldn't obtain ranks information.", "", __LINE__, __FILE__, $sql); } $ranksrow = $db->sql_fetchrowset($result); $db->sql_freeresult($result); // // Output page header and // profile_view template // $template->set_filenames(array( "body" => "profile_view_body.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); // // End header // // // Calculate the number of days this user has been a member ($memberdays) // Then calculate their posts per day // $regdate = $profiledata['user_regdate']; $memberdays = max(1, round( ( time() - $regdate ) / 86400 )); $posts_per_day = $profiledata['user_posts'] / $memberdays; // Get the users percentage of total posts if ( $profiledata['user_posts'] != 0 ) { $total_posts = get_db_stat("postcount"); $percentage = ( $total_posts ) ? min(100, ($profiledata['user_posts'] / $total_posts) * 100) : 0; } else { $percentage = 0; } if ( !empty($profiledata['user_viewemail']) || $userdata['user_level'] == ADMIN ) { $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL ."=" . $profiledata['user_id']) : "mailto:" . $profiledata['user_email']; $email = '' . $lang['Send_email'] . ''; $email_img = ''; } else { $email = ""; $email_img = ""; } $avatar_img = ""; if ( $profiledata['user_avatar_type'] && $profiledata['user_allowavatar'] ) { switch( $profiledata['user_avatar_type'] ) { case USER_AVATAR_UPLOAD: $avatar_img = ( $board_config['allow_avatar_upload'] ) ? '' : ''; break; case USER_AVATAR_REMOTE: $avatar_img = ( $board_config['allow_avatar_remote'] ) ? '' : ''; break; case USER_AVATAR_GALLERY: $avatar_img = ( $board_config['allow_avatar_local'] ) ? '' : ''; break; } } $poster_rank = ""; $rank_image = ""; if ( $profiledata['user_rank'] ) { for($i = 0; $i < count($ranksrow); $i++) { if ( $profiledata['user_rank'] == $ranksrow[$i]['rank_id'] && $ranksrow[$i]['rank_special'] ) { $poster_rank = $ranksrow[$i]['rank_title']; $rank_image = ( $ranksrow[$i]['rank_image'] ) ? '
' : ""; } } } else { for($i = 0; $i < count($ranksrow); $i++) { if ( $profiledata['user_posts'] > $ranksrow[$i]['rank_min'] && !$ranksrow[$i]['rank_special'] ) { $poster_rank = $ranksrow[$i]['rank_title']; $rank_image = ( $ranksrow[$i]['rank_image'] ) ? '
' : ""; } } } if ( !empty($profiledata['user_icq']) ) { $icq_status_img = ''; $icq_add_img = ''; } else { $icq_status_img = " "; $icq_add_img = " "; } $aim_img = ( $profiledata['user_aim'] ) ? '' : " "; $msnm_img = ( $profiledata['user_msnm'] ) ? ' ' . $profiledata['user_msnm'] : " "; $yim_img = ( $profiledata['user_yim'] ) ? '' : " "; $search_img = ''; $search = "" . $lang['Search_user_posts'] . ""; $www_img = ( $profiledata['user_website'] ) ? '' : " "; $pm_img = ""; $template->assign_vars(array( "USERNAME" => $profiledata['username'], "JOINED" => create_date($lang['DATE_FORMAT'], $profiledata['user_regdate'], $board_config['board_timezone']), "POSTER_RANK" => $poster_rank, "RANK_IMAGE" => $rank_image, "POSTS_PER_DAY" => $posts_per_day, "POSTS" => $profiledata['user_posts'], "PERCENTAGE" => $percentage . "%", "POST_DAY_STATS" => sprintf($lang['User_post_day_stats'], $posts_per_day), "POST_PERCENT_STATS" => sprintf($lang['User_post_pct_stats'], $percentage), "EMAIL" => $email, "EMAIL_IMG" => $email_img, "PM_IMG" => $pm_img, "UL_SEARCH" => $search, "SEARCH_IMG" => $search_img, "ICQ" => ( $profiledata['user_icq'] ) ? $profiledata['user_icq'] : " ", "ICQ_IMG" => ( $profiledata['user_icq'] ) ? $images['icon_icq'] : " ", "ICQ_ADD_IMG" => $icq_add_img, "ICQ_STATUS_IMG" => $icq_status_img, "AIM" => ( $profiledata['user_aim'] ) ? '' . $profiledata['user_aim'] . '' : " ", "AIM_IMG" => $aim_img, "MSN" => ( $profiledata['user_msnm'] ) ? $profiledata['user_msnm'] : " ", "MSN_IMG" => $msnm_img, "YIM" => ( $profiledata['user_yim'] ) ? '' . $profiledata['user_yim'] . '' : " ", "YIM_IMG" => $yim_img, "WEBSITE" => ( $profiledata['user_website'] ) ? '' . $profiledata['user_website'] . '' : " ", "WEBSITE_IMG" => $www_img, "LOCATION" => ( $profiledata['user_from'] ) ? $profiledata['user_from'] : " ", "OCCUPATION" => ( $profiledata['user_occ'] ) ? $profiledata['user_occ'] : " ", "INTERESTS" => ( $profiledata['user_interests'] ) ? $profiledata['user_interests'] : " ", "AVATAR_IMG" => $avatar_img, "L_VIEWING_PROFILE" => sprintf($lang['Viewing_user_profile'], $profiledata['username']), "L_ABOUT_USER" => sprintf($lang['About_user'], $profiledata['username']), "L_AVATAR" => $lang['Avatar'], "L_POSTER_RANK" => $lang['Poster_rank'], "L_TOTAL_POSTS" => $lang['Total_posts'], "L_SEARCH_USER_POSTS" => sprintf($lang['Search_user_posts'], $profiledata['username']), "L_CONTACT" => $lang['Contact'], "L_EMAIL_ADDRESS" => $lang['Email_address'], "L_EMAIL" => $lang['Email'], "L_PM" => $lang['Private_Message'], "L_ICQ_NUMBER" => $lang['ICQ'], "L_YAHOO" => $lang['YIM'], "L_AIM" => $lang['AIM'], "L_MESSENGER" => $lang['MSNM'], "L_WEBSITE" => $lang['Website'], "L_LOCATION" => $lang['Location'], "L_OCCUPATION" => $lang['Occupation'], "L_INTERESTS" => $lang['Interests'], "U_SEARCH_USER" => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])), "S_PROFILE_ACTION" => append_sid("profile.$phpEx")) ); $page_title = $lang['Viewing_profile']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->pparse("body"); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else if ( $mode == "editprofile" || $mode == "register" ) { if ( !$userdata['session_logged_in'] && $mode == "editprofile" ) { header("Location: " . append_sid("login.$phpEx?redirect=profile.$phpEx&mode=editprofile", true)); } $page_title = ($mode == "editprofile") ? $lang['Edit_profile'] : $lang['Register']; // // Start processing for output // if ( $mode == "register" && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) ) { if( !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) ) { // // Load agreement template since user has not yet // agreed to registration conditions/coppa // include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( "body" => "agreement.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); $template->assign_vars(array( "COPPA" => $coppa, "REGISTRATION" => $lang['Registration'], "AGREEMENT" => $lang['Reg_agreement'], "AGREE_OVER_13" => $lang['Agree_over_13'], "AGREE_UNDER_13" => $lang['Agree_under_13'], "DO_NOT_AGREE" => $lang['Agree_not'], "U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"), "U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true")) ); $template->pparse("body"); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } } else if( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar']) || $mode == "register" ) { if( $mode == "editprofile" ) { $user_id = intval($HTTP_POST_VARS['user_id']); $current_email = trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['current_email'])))); } $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(str_replace(" ", " ", $HTTP_POST_VARS['username']))) : ""; $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars(str_replace(" ", " ",$HTTP_POST_VARS['email'])))) : ""; $password_current = ( !empty($HTTP_POST_VARS['cur_password']) ) ? trim($HTTP_POST_VARS['cur_password']) : ""; $password = ( !empty($HTTP_POST_VARS['new_password']) ) ? trim($HTTP_POST_VARS['new_password']) : ""; $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim($HTTP_POST_VARS['password_confirm']) : ""; $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : ""; $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags($HTTP_POST_VARS['aim'])) : ""; $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags($HTTP_POST_VARS['msn'])) : ""; $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags($HTTP_POST_VARS['yim'])) : ""; $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags($HTTP_POST_VARS['website'])) : ""; $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags($HTTP_POST_VARS['location'])) : ""; $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags($HTTP_POST_VARS['occupation'])) : ""; $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags($HTTP_POST_VARS['interests'])) : ""; $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace("
", "\n", $HTTP_POST_VARS['signature'])) : ""; // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to // empty strings if they fail. validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); $viewemail = ( isset($HTTP_POST_VARS['viewemail']) ) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0; $allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE; $notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0; $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE; $popuppm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE; if( $mode == "register" ) { $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $board_config['allow_sig']; $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $board_config['allow_html']; $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $board_config['allow_bbcode']; $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $board_config['allow_smilies']; } else { $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0; $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml']; $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode']; $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmiles']; } $user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style']; $user_lang = ( !empty($HTTP_POST_VARS['language']) ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; $user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone']; $user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat']; $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? $HTTP_POST_VARS['avatarlocal'] : "" ); $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim($HTTP_POST_VARS['avatarremoteurl']) : ""; $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ""; $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ""; $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ""; $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ""; $user_avatar = ( empty($user_avatar_loc) && $mode == "editprofile" ) ? $userdata['user_avatar'] : ""; $user_avatar_type = ( empty($user_avatar_loc) && $mode == "editprofile" ) ? $userdata['user_avatar_type'] : ""; if( isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar']) ) { $username = stripslashes($username); $email = stripslashes($email); $password = ""; $password_confirm = ""; $icq = stripslashes($icq); $aim = stripslashes($aim); $msn = stripslashes($msn); $yim = stripslashes($yim); $website = stripslashes($website); $location = stripslashes($location); $occupation = stripslashes($occupation); $interests = stripslashes($interests); $signature = stripslashes($signature); $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); $user_avatar = $user_avatar_local; $user_avatar_type = USER_AVATAR_GALLERY; } } if( isset($HTTP_POST_VARS['submit']) ) { $error = FALSE; $passwd_sql = ""; if($mode == "editprofile") { if( $user_id != $userdata['user_id'] ) { $error = TRUE; $error_msg = $lang['Wrong_Profile']; } } else if( $mode == "register" ) { $coppa = (!$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa']) ? 0 : TRUE; if( empty($username) || empty($password) || empty($password_confirm) || empty($email) ) { $error = TRUE; $error_msg = $lang['Fields_empty']; } } $passwd_sql = ""; if( !empty($password) && !empty($password_confirm) ) { // Awww, the user wants to change their password, isn't that cute.. if( $password != $password_confirm ) { $error = TRUE; $error_msg = $lang['Password_mismatch']; } else if( strlen($password) > 32 ) { $error = TRUE; $error_msg = $lang['Password_long']; } else { if( $mode == "editprofile" ) { $sql = "SELECT user_password FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if( $result = $db->sql_query($sql) ) { $row = $db->sql_fetchrow($result); if( $row['user_password'] != md5($password_current) ) { $error = TRUE; $error_msg = $lang['Current_password_mismatch']; } } else { message_die(GENERAL_ERROR, "Couldn't obtain user_password information.", "", __LINE__, __FILE__, $sql); } } if( !$error ) { $password = md5($password); $passwd_sql = "user_password = '$password', "; } } } else if( ( $password && !$password_confirm ) || ( !$password && $password_confirm ) ) { $error = TRUE; $error_msg = $lang['Password_mismatch']; } // // Do a ban check on this email address // if( $email != $userdata['user_email'] || $mode == "register" ) { $result = validate_email($email); if( $result['error'] ) { $email = $userdata['user_email']; $error = TRUE; if(isset($error_msg)) { $error_msg .= "
"; } $error_msg .= $result['error_msg']; } if ( $mode == "editprofile" ) { $sql = "SELECT user_password FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if( $result = $db->sql_query($sql) ) { $row = $db->sql_fetchrow($result); if( $row['user_password'] != md5($password_current) ) { $email = $userdata['user_email']; $error = TRUE; $error_msg = $lang['Current_password_mismatch']; } } else { message_die(GENERAL_ERROR, "Couldn't obtain user_password information.", "", __LINE__, __FILE__, $sql); } } } $username_sql = ""; if( $board_config['allow_namechange'] || $mode == "register" ) { if( $username != $userdata['username'] || $mode == "register" ) { $result = validate_username($username); if( $result['error'] ) { $error = TRUE; if(isset($error_msg)) { $error_msg .= "
"; } $error_msg .= $result['error_msg']; } else { $username_sql = "username = '" . str_replace("\'", "''", $username) . "', "; } } } if( $signature != "" ) { $sig_length_check = preg_replace("/(\[.*?)(=.*?)\]/is", "\\1]", stripslashes($signature)); if( $allowhtml ) { $sig_length_check = preg_replace("/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is", "\\1\\3\\4", $sig_length_check); } // Only create a new bbcode_uid when there was no uid yet. if($signature_bbcode_uid == '') { $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : ""; } $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); if( strlen($sig_length_check) > $board_config['max_sig_chars'] ) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= "
"; } $error_msg .= $lang['Signature_too_long']; } } if( $mode == "register" ) { // // The AUTO_INCREMENT field in MySQL v3.23 doesn't work // correctly when there is a row with -1 in that field // so we have to explicitly get the next user ID // $sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE; if( $result = $db->sql_query($sql) ) { $row = $db->sql_fetchrow($result); $new_user_id = $row['total'] + 1; unset($result); unset($row); } else { message_die(GENERAL_ERROR, "Couldn't obtained next user_id information.", "", __LINE__, __FILE__, $sql); } $sql = "SELECT MAX(group_id) AS total FROM " . GROUPS_TABLE; if( $result = $db->sql_query($sql) ) { $row = $db->sql_fetchrow($result); $new_group_id = $row['total'] + 1; unset($result); unset($row); } else { message_die(GENERAL_ERROR, "Couldn't obtained next user_id information.", "", __LINE__, __FILE__, $sql); } } $avatar_sql = ""; if( isset($HTTP_POST_VARS['avatardel']) && $mode == "editprofile" ) { if( $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $userdata['user_avatar'] != "" ) { if( @file_exists("./" . $board_config['avatar_path'] . "/" . $userdata['user_avatar']) ) { @unlink("./" . $board_config['avatar_path'] . "/" . $userdata['user_avatar']); } } $avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE; } else if( ( $user_avatar_loc != "" || !empty($user_avatar_url) ) && $board_config['allow_avatar_upload'] && !$error ) { // // Only allow one type of upload, either a // filename or a URL // if( !empty($user_avatar_loc) && !empty($user_avatar_url) ) { $error = TRUE; if( isset($error_msg) ) { $error_msg .= "
"; } $error_msg .= $lang['Only_one_avatar']; } if( $user_avatar_loc != "" ) { if( file_exists($user_avatar_loc) && ereg(".jpg$|.jpeg$|.gif$|.png$", $user_avatar_name) ) { if( $user_avatar_size <= $board_config['avatar_filesize'] && $avatar_size > 0) { $error_type = false; // // Opera appends the image name after the type, not big, not clever! // preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype); $user_avatar_filetype = $user_avatar_filetype[1]; switch( $user_avatar_filetype ) { case "jpeg": case "pjpeg": $imgtype = '.jpg'; break; case "gif": $imgtype = '.gif'; break; case "png": $imgtype = '.png'; break; default: $error = true; $error_msg = (!empty($error_msg)) ? $error_msg . "
" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; break; } if( !$error ) { list($width, $height) = @getimagesize($user_avatar_loc); if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) { $user_id = ($mode == "register") ? $new_user_id : $userdata['user_id']; $avatar_filename = $user_id . $imgtype; if( $mode == "editprofile" && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $userdata['user_avatar'] != "" ) { if( @file_exists("./" . $board_config['avatar_path'] . "/" . $userdata['user_avatar']) ) { @unlink("./" . $board_config['avatar_path'] . "/". $userdata['user_avatar']); } } @copy($user_avatar_loc, "./" . $board_config['avatar_path'] . "/$avatar_filename"); $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; } else { $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; } } } else { $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; } } else { $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; } } else if( !empty($user_avatar_url) ) { // // First check what port we should connect // to, look for a :[xxxx]/ or, if that doesn't // exist assume port 80 (http) // preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary); if( !empty($url_ary[4]) ) { $port = (!empty($url_ary[3])) ? $url_ary[3] : 80; $fsock = @fsockopen($url_ary[2], $port, $errno, $errstr); if( $fsock ) { $base_get = "/" . $url_ary[4]; // // Uses HTTP 1.1, could use HTTP 1.0 ... // @fputs($fsock, "GET $base_get HTTP/1.1\r\n"); @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); unset($avatar_data); while( !@feof($fsock) ) { $avatar_data .= @fread($fsock, $board_config['avatar_filesize']); } @fclose($fsock); if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) ) { $file_size = $file_data1[1]; $file_type = $file_data2[1]; switch( $file_type ) { case "jpeg": case "pjpeg": case "jpg": $imgtype = '.jpg'; break; case "gif": $imgtype = '.gif'; break; case "png": $imgtype = '.png'; break; default: $error = true; $error_msg = (!empty($error_msg)) ? $error_msg . "
" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; break; } if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] ) { $avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size); $tmp_filename = tempnam ("/tmp", $userdata['user_id'] . "-"); $fptr = @fopen($tmp_filename, "wb"); $bytes_written = @fwrite($fptr, $avatar_data, $file_size); @fclose($fptr); if( $bytes_written == $file_size ) { list($width, $height) = @getimagesize($tmp_filename); if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) { $user_id = ( $mode == "register" ) ? $new_user_id : $userdata['user_id']; $avatar_filename = $user_id . $imgtype; if( $mode == "editprofile" && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $userdata['user_avatar'] != "") { if( file_exists("./" . $board_config['avatar_path'] . "/" . $userdata['user_avatar']) ) { @unlink("./" . $board_config['avatar_path'] . "/" . $userdata['user_avatar']); } } @copy($tmp_filename, "./" . $board_config['avatar_path'] . "/$avatar_filename"); @unlink($tmp_filename); $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; } else { $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; } } else { // // Error writing file // @unlink($tmp_filename); message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__); } } } else { // // No data // $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['File_no_data'] : $lang['File_no_data']; } } else { // // No connection // $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['No_connection_URL'] : $lang['No_connection_URL']; } } else { $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Incomplete_URL'] : $lang['Incomplete_URL']; } } else if( !empty($user_avatar_name) ) { $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; } } else if( $user_avatar_remoteurl != "" && $board_config['allow_avatar_remote'] && $avatar_sql == "" && !$error ) { if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) ) { $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl; } if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|jpeg|png)$)#is", $user_avatar_remoteurl) ) { $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE; } else { $error = true; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format']; } } else if( $user_avatar_local != "" && $board_config['allow_avatar_local'] && $avatar_sql == "" && !$error ) { $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY; } if( !$error ) { if( $mode == "editprofile" ) { if( $email != $current_email && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) && $userdata['user_level'] != ADMIN ) { $user_active = 0; $user_actkey = generate_activation_key(); // // The user is inactive, remove their session forcing them to login again before they can post. // $sql = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_user_id = " . $userdata['user_id']; $db->sql_query($sql); } else { $user_active = 1; $user_actkey = ""; } $sql = "UPDATE " . USERS_TABLE . " SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . " WHERE user_id = $user_id"; if( $result = $db->sql_query($sql) ) { if( $user_active == 0 ) { // // The users account has been deactivated, send them an email with a new activation key // include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; if( $board_config['require_activation'] == USER_ACTIVATION_SELF ) { $emailer->use_template("user_activate", stripslashes($user_lang)); $emailer->email_address($email); } else { $emailer->use_template("admin_activate", stripslashes($user_lang)); $emailer->email_address($board_config['board_email']); } $emailer->set_subject($lang['Reactivate']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( "SITENAME" => $board_config['sitename'], "USERNAME" => $username, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), "U_ACTIVATE" => $protocol . $server_name . $script_name . "?mode=activate&act_key=$user_actkey") ); $emailer->send(); $emailer->reset(); $message = $lang['Profile_updated_inactive'] . "

" . sprintf($lang['Click_return_index'], "", ""); // Log the user out as their account is no longer active if( $userdata['session_logged_in'] ) { session_end($userdata['session_id'], $userdata['user_id']); } } else { $message = $lang['Profile_updated'] . "

" . sprintf($lang['Click_return_index'], "", ""); } $template->assign_vars(array( "META" => '') ); message_die(GENERAL_MESSAGE, $message); } else { message_die(GENERAL_ERROR, "Could not update users table", "", __LINE__, __FILE__, $sql); } } else { // // Get current date // $sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey) VALUES ($new_user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', '" . str_replace("\'", "''", $avatar_filename) . "', $viewemail, '" . str_replace("\'", "''", $aim) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, "; if( $board_config['require_activation'] ==USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa == 1) { $user_actkey = generate_activation_key(); $sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')"; } else { $sql .= "1, '')"; } if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) ) { $sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_description, group_single_user, group_moderator) VALUES ($new_group_id, '', 'Personal User', 1, 0)"; if($result = $db->sql_query($sql)) { $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) VALUES ($new_user_id, $new_group_id, 0)"; if($result = $db->sql_query($sql, END_TRANSACTION)) { if( $board_config['require_activation'] == USER_ACTIVATION_SELF ) { $message = $lang['Account_inactive']; $email_template = "user_welcome_inactive"; } else if( $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) { $message = $lang['Account_inactive_admin']; $email_template = "admin_welcome_inactive"; } else if( $coppa ) { $message = $lang['COPPA']; $email_template = "coppa_welcome_inactive"; } else { $message = $lang['Account_added']; $email_template = "user_welcome"; } include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; $emailer->use_template($email_template, stripslashes($user_lang)); $emailer->email_address($email); $emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename'])); $emailer->extra_headers($email_headers); if( $coppa ) { $emailer->assign_vars(array( "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']), "USERNAME" => $username, "PASSWORD" => $password_confirm, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), "U_ACTIVATE" => $protocol . $server_name . $script_name . "?mode=activate&act_key=$user_actkey", "FAX_INFO" => $board_config['coppa_fax'], "MAIL_INFO" => $board_config['coppa_mail'], "EMAIL_ADDRESS" => $email, "ICQ" => $icq, "AIM" => $aim, "YIM" => $yim, "MSN" => $msn, "WEB_SITE" => $website, "FROM" => $location, "OCC" => $occupation, "INTERESTS" => $interests, "SITENAME" => $board_config['sitename'])); } else { $emailer->assign_vars(array( "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']), "USERNAME" => $username, "PASSWORD" => $password_confirm, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), "U_ACTIVATE" => $protocol . $server_name . $script_name . "?mode=activate&act_key=$user_actkey") ); } $emailer->send(); $emailer->reset(); if( $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) { $emailer->use_template("admin_activate", stripslashes($user_lang)); $emailer->email_address($board_config['board_email']); $emailer->set_subject($lang['New_account_subject']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( "WELCOME_MSG" => sprintf($lang['Welcome_subject'], $board_config['sitename']), "USERNAME" => $username, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), "U_ACTIVATE" => $protocol . $server_name . $script_name . "?mode=activate&act_key=$user_actkey") ); $emailer->send(); $emailer->reset(); } $message = $message . "

" . sprintf($lang['Click_return_index'], "", ""); message_die(GENERAL_MESSAGE, $message); } else { message_die(GENERAL_ERROR, "Couldn't insert data into user_group table", "", __LINE__, __FILE__, $sql); } } else { message_die(GENERAL_ERROR, "Couldn't insert data into groups table", "", __LINE__, __FILE__, $sql); } } else { message_die(GENERAL_ERROR, "Couldn't insert data into users table", "", __LINE__, __FILE__, $sql); } } // if mode == register } // // If an error occured we need to stripslashes on returned data // $username = stripslashes($username); $email = stripslashes($email); $password = ""; $password_confirm = ""; $icq = stripslashes($icq); $aim = stripslashes($aim); $msn = stripslashes($msn); $yim = stripslashes($yim); $website = stripslashes($website); $location = stripslashes($location); $occupation = stripslashes($occupation); $interests = stripslashes($interests); $signature = stripslashes($signature); $user_lang = stripslashes($user_lang); $user_dateformat = stripslashes($user_dateformat); } else if( $mode == "editprofile" && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) ) { $user_id = $userdata['user_id']; $username = $userdata['username']; $email = $userdata['user_email']; $password = ""; $password_confirm = ""; $icq = $userdata['user_icq']; $aim = $userdata['user_aim']; $msn = $userdata['user_msnm']; $yim = $userdata['user_yim']; $website = $userdata['user_website']; $location = $userdata['user_from']; $occupation = $userdata['user_occ']; $interests = $userdata['user_interests']; $signature_bbcode_uid = $userdata['user_sig_bbcode_uid']; $signature = ( $signature_bbcode_uid != "" ) ? preg_replace("/\:(([a-z0-9]:)?)$signature_bbcode_uid/si", "", $userdata['user_sig']) : $userdata['user_sig']; $viewemail = $userdata['user_viewemail']; $notifypm = $userdata['user_notify_pm']; $popuppm = $userdata['user_popup_pm']; $notifyreply = $userdata['user_notify']; $attachsig = $userdata['user_attachsig']; $allowhtml = $userdata['user_allowhtml']; $allowbbcode = $userdata['user_allowbbcode']; $allowsmilies = $userdata['user_allowsmile']; $allowviewonline = $userdata['user_allow_viewonline']; $user_avatar = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar'] : ""; $user_avatar_type = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar_type'] : USER_AVATAR_NONE; $user_style = $userdata['user_style']; $user_lang = $userdata['user_lang']; $user_timezone = $userdata['user_timezone']; $user_dateformat = $userdata['user_dateformat']; } if( isset($HTTP_POST_VARS['avatargallery']) ) { if($mode == "editprofile") { if( $user_id != $userdata['user_id'] ) { $error = TRUE; $error_msg = $lang['Wrong_Profile']; } } if( !$error ) { include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( "body" => "profile_avatar_gallery.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); $dir = @opendir($board_config['avatar_gallery_path']); $avatar_images = array(); while( $file = @readdir($dir) ) { if( $file != "." && $file != ".." && !is_file($board_config['avatar_gallery_path'] . "/" . $file) && !is_link($board_config['avatar_gallery_path'] . "/" . $file) ) { $sub_dir = @opendir($board_config['avatar_gallery_path'] . "/" . $file); $avatar_row_count = 0; $avatar_col_count = 0; while( $sub_file = @readdir($sub_dir) ) { if( preg_match("/(\.gif$|\.png$|\.jpg|\.jpeg)$/is", $sub_file) ) { $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file; $avatar_col_count++; if( $avatar_col_count == 5 ) { $avatar_row_count++; $avatar_col_count = 0; } } } } } @closedir($dir); if( isset($HTTP_POST_VARS['avatarcategory']) ) { $category = $HTTP_POST_VARS['avatarcategory']; } else { list($category, ) = each($avatar_images); } @reset($avatar_images); $s_categories = ""; while( list($key) = each($avatar_images) ) { $selected = ( $key == $category ) ? "selected=\"selected\"" : ""; if( count($avatar_images[$key]) ) { $s_categories .= '' . ucfirst($key) . ''; } } $s_colspan = 0; for($i = 0; $i < count($avatar_images[$category]); $i++) { $template->assign_block_vars("avatar_row", array()); $s_colspan = max($s_colspan, count($avatar_images[$category][$i])); for($j = 0; $j < count($avatar_images[$category][$i]); $j++) { $template->assign_block_vars("avatar_row.avatar_column", array( "AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j]) ); $template->assign_block_vars("avatar_row.avatar_option_column", array( "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j]) ); } } $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE; $s_hidden_vars = ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $s_hidden_vars .= ''; $template->assign_vars(array( "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], "L_SELECT_AVATAR" => $lang['Select_avatar'], "L_RETURN_PROFILE" => $lang['Return_profile'], "L_CATEGORY" => $lang['Select_category'], "S_OPTIONS_CATEGORIES" => $s_categories, "S_COLSPAN" => $s_colspan, "S_PROFILE_ACTION" => append_sid("profile.$phpEx?mode=$mode"), "S_HIDDEN_FIELDS" => $s_hidden_vars) ); } } else { if( $mode == "editprofile" ) { if( $user_id != $userdata['user_id'] ) { $error = TRUE; $error_msg = $lang['Wrong_Profile']; } } if( !isset($coppa) ) { $coppa = FALSE; } if( !isset($user_template) ) { $selected_template = $board_config['system_template']; } $signature = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $signature); $avatar_img = ""; if( $user_avatar_type ) { switch( $user_avatar_type ) { case USER_AVATAR_UPLOAD: $avatar_img = ( $board_config['allow_avatar_upload'] ) ? '' : ''; break; case USER_AVATAR_REMOTE: $avatar_img = ( $board_config['allow_avatar_remote'] ) ? '' : ''; break; case USER_AVATAR_GALLERY: $avatar_img = ( $board_config['allow_avatar_local'] ) ? '' : ''; break; } } $s_hidden_fields = ''; if( $mode == "editprofile" ) { $s_hidden_fields .= ''; // // Send the users current email address. If they change it, and account activation is turned on // the user account will be disabled and the user will have to reactivate their account. // $s_hidden_fields .= ''; } if( !empty($user_avatar_local) ) { $s_hidden_fields .= ''; } $html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; $bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF']; $smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; include($phpbb_root_path . 'includes/page_header.'.$phpEx); if( $error ) { $template->set_filenames(array( "reg_header" => "error_body.tpl") ); $template->assign_vars(array( "ERROR_MESSAGE" => $error_msg) ); $template->assign_var_from_handle("ERROR_BOX", "reg_header"); } $template->set_filenames(array( "body" => "profile_add_body.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); if( $mode == "editprofile" ) { $template->assign_block_vars("edit_profile", array()); } $template->assign_vars(array( "USERNAME" => $username, "EMAIL" => $email, "YIM" => $yim, "ICQ" => $icq, "MSN" => $msn, "AIM" => $aim, "OCCUPATION" => $occupation, "INTERESTS" => $interests, "LOCATION" => $location, "WEBSITE" => $website, "SIGNATURE" => str_replace("
", "\n", $signature), "VIEW_EMAIL_YES" => ($viewemail) ? 'checked="checked"' : '', "VIEW_EMAIL_NO" => (!$viewemail) ? 'checked="checked"' : '', "HIDE_USER_YES" => (!$allowviewonline) ? 'checked="checked"' : '', "HIDE_USER_NO" => ($allowviewonline) ? 'checked="checked"' : '', "NOTIFY_PM_YES" => ($notifypm) ? 'checked="checked"' : '', "NOTIFY_PM_NO" => (!$notifypm) ? 'checked="checked"' : '', "POPUP_PM_YES" => ($popuppm) ? 'checked="checked"' : '', "POPUP_PM_NO" => (!$popuppm) ? 'checked="checked"' : '', "ALWAYS_ADD_SIGNATURE_YES" => ($attachsig) ? 'checked="checked"' : '', "ALWAYS_ADD_SIGNATURE_NO" => (!$attachsig) ? 'checked="checked"' : '', "NOTIFY_REPLY_YES" => ($notifyreply) ? 'checked="checked"' : '', "NOTIFY_REPLY_NO" => (!$notifyreply) ? 'checked="checked"' : '', "ALWAYS_ALLOW_BBCODE_YES" => ($allowbbcode) ? 'checked="checked"' : '', "ALWAYS_ALLOW_BBCODE_NO" => (!$allowbbcode) ? 'checked="checked"' : '', "ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? 'checked="checked"' : '', "ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? 'checked="checked"' : '', "ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? 'checked="checked"' : '', "ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? 'checked="checked"' : '', "ALLOW_AVATAR" => $board_config['allow_avatar_upload'], "AVATAR" => $avatar_img, "AVATAR_SIZE" => $board_config['avatar_filesize'], "LANGUAGE_SELECT" => language_select($user_lang, 'language'), "STYLE_SELECT" => style_select($user_style, 'style'), "TIMEZONE_SELECT" => tz_select($user_timezone, 'timezone'), "DATE_FORMAT" => $user_dateformat, "HTML_STATUS" => $html_status, "BBCODE_STATUS" => sprintf($bbcode_status, '', ''), "SMILIES_STATUS" => $smilies_status, "L_CURRENT_PASSWORD" => $lang['Current_password'], "L_NEW_PASSWORD" => ( $mode == "register" ) ? $lang['Password'] : $lang['New_password'], "L_CONFIRM_PASSWORD" => $lang['Confirm_password'], "L_CONFIRM_PASSWORD_EXPLAIN" => ($mode == "editprofile") ? $lang['Confirm_password_explain'] : "", "L_PASSWORD_IF_CHANGED" => ($mode == "editprofile") ? $lang['password_if_changed'] : "", "L_PASSWORD_CONFIRM_IF_CHANGED" => ($mode == "editprofile") ? $lang['password_confirm_if_changed'] : "", "L_SUBMIT" => $lang['Submit'], "L_RESET" => $lang['Reset'], "L_ICQ_NUMBER" => $lang['ICQ'], "L_MESSENGER" => $lang['MSNM'], "L_YAHOO" => $lang['YIM'], "L_WEBSITE" => $lang['Website'], "L_AIM" => $lang['AIM'], "L_LOCATION" => $lang['Location'], "L_OCCUPATION" => $lang['Occupation'], "L_BOARD_LANGUAGE" => $lang['Board_lang'], "L_BOARD_STYLE" => $lang['Board_style'], "L_TIMEZONE" => $lang['Timezone'], "L_DATE_FORMAT" => $lang['Date_format'], "L_DATE_FORMAT_EXPLAIN" => $lang['Date_format_explain'], "L_YES" => $lang['Yes'], "L_NO" => $lang['No'], "L_INTERESTS" => $lang['Interests'], "L_ALWAYS_ALLOW_SMILIES" => $lang['Always_smile'], "L_ALWAYS_ALLOW_BBCODE" => $lang['Always_bbcode'], "L_ALWAYS_ALLOW_HTML" => $lang['Always_html'], "L_HIDE_USER" => $lang['Hide_user'], "L_ALWAYS_ADD_SIGNATURE" => $lang['Always_add_sig'], "L_AVATAR_PANEL" => $lang['Avatar_panel'], "L_AVATAR_EXPLAIN" => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], (round($board_config['avatar_filesize'] / 1024))), "L_UPLOAD_AVATAR_FILE" => $lang['Upload_Avatar_file'], "L_UPLOAD_AVATAR_URL" => $lang['Upload_Avatar_URL'], "L_UPLOAD_AVATAR_URL_EXPLAIN" => $lang['Upload_Avatar_URL_explain'], "L_AVATAR_GALLERY" => $lang['Select_from_gallery'], "L_SHOW_GALLERY" => $lang['View_avatar_gallery'], "L_LINK_REMOTE_AVATAR" => $lang['Link_remote_Avatar'], "L_LINK_REMOTE_AVATAR_EXPLAIN" => $lang['Link_remote_Avatar_explain'], "L_DELETE_AVATAR" => $lang['Delete_Image'], "L_CURRENT_IMAGE" => $lang['Current_Image'], "L_SIGNATURE" => $lang['Signature'], "L_SIGNATURE_EXPLAIN" => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']), "L_NOTIFY_ON_REPLY" => $lang['Always_notify'], "L_NOTIFY_ON_REPLY_EXPLAIN" => $lang['Always_notify_explain'], "L_NOTIFY_ON_PRIVMSG" => $lang['Notify_on_privmsg'], "L_POPUP_ON_PRIVMSG" => $lang['Popup_on_privmsg'], "L_POPUP_ON_PRIVMSG_EXPLAIN" => $lang['Popup_on_privmsg_explain'], "L_PREFERENCES" => $lang['Preferences'], "L_PUBLIC_VIEW_EMAIL" => $lang['Public_view_email'], "L_ITEMS_REQUIRED" => $lang['Items_required'], "L_REGISTRATION_INFO" => $lang['Registration_info'], "L_PROFILE_INFO" => $lang['Profile_info'], "L_PROFILE_INFO_NOTICE" => $lang['Profile_info_warn'], "L_EMAIL_ADDRESS" => $lang['Email_address'], "S_ALLOW_AVATAR_UPLOAD" => $board_config['allow_avatar_upload'], "S_ALLOW_AVATAR_LOCAL" => $board_config['allow_avatar_local'], "S_ALLOW_AVATAR_REMOTE" => $board_config['allow_avatar_remote'], "S_HIDDEN_FIELDS" => $s_hidden_fields, "S_PROFILE_ACTION" => append_sid("profile.$phpEx")) ); // // This is another cheat using the block_var capability // of the templates to 'fake' an IF...ELSE...ENDIF solution // it works well :) // if( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) ) { $template->assign_block_vars("avatarblock", array() ); if($board_config['allow_avatar_upload'] && file_exists("./" . $board_config['avatar_path']) ) { $template->assign_block_vars("avatarblock.avatarupload", array() ); } if($board_config['allow_avatar_remote']) { $template->assign_block_vars("avatarblock.avatarremote", array() ); } if($board_config['allow_avatar_local'] && file_exists("./" . $board_config['avatar_gallery_path']) ) { $template->assign_block_vars("avatarblock.avatargallery", array() ); } } } $template->pparse("body"); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else if( $mode == "sendpassword" ) { if( isset($HTTP_POST_VARS['submit']) ) { $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : ""; $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : ""; $sql = "SELECT user_id, username, user_email, user_active, user_lang FROM " . USERS_TABLE . " WHERE user_email = '" . str_replace("\'", "''", $email) . "' AND username = '" . str_replace("\'", "''", $username) . "'"; if( $result = $db->sql_query($sql) ) { if( !$db->sql_numrows($result) ) { message_die(GENERAL_MESSAGE, $lang['No_email_match']); } $row = $db->sql_fetchrow($result); if( $row['user_active'] == 0 ) { message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']); } $username = $row['username']; $user_actkey = generate_activation_key(); $user_password = generate_password(); $sql = "UPDATE " . USERS_TABLE . " SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' WHERE user_id = " . $row['user_id']; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't update new password information", "", __LINE__, __FILE__, $sql); } include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; $emailer->use_template("user_activate_passwd", $row['user_lang']); $emailer->email_address($row['user_email']); $emailer->set_subject($lang['New_password_activation']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( "SITENAME" => $board_config['sitename'], "USERNAME" => $username, "PASSWORD" => $user_password, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig']), "U_ACTIVATE" => $protocol . $server_name . $script_name . "?mode=activate&act_key=$user_actkey") ); $emailer->send(); $emailer->reset(); $template->assign_vars(array( "META" => '') ); $message = $lang['Password_updated'] . "

" . sprintf($lang['Click_return_index'], "", ""); message_die(GENERAL_MESSAGE, $message); } else { message_die(GENERAL_ERROR, "Couldn't obtain user information for sendpassword", "", __LINE__, __FILE__, $sql); } } else { $username = ""; $email = ""; } // // Output basic page // include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( "body" => "profile_send_pass.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); $template->assign_vars(array( "USERNAME" => $username, "EMAIL" => $email, "L_SEND_PASSWORD" => $lang['Send_password'], "L_ITEMS_REQUIRED" => $lang['Items_required'], "L_EMAIL_ADDRESS" => $lang['Email_address'], "L_SUBMIT" => $lang['Submit'], "L_RESET" => $lang['Reset']) ); $template->pparse("body"); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else if( $mode == "activate" ) { $sql = "SELECT user_id, user_email, user_newpasswd, user_lang FROM " . USERS_TABLE . " WHERE user_actkey = '" . str_replace("\'", "''", $HTTP_GET_VARS['act_key']) . "'"; if( $result = $db->sql_query($sql) ) { if( $row = $db->sql_fetchrow($result) ) { $sql_update_pass = ( $row['user_newpasswd'] != "" ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : ""; $sql = "UPDATE " . USERS_TABLE . " SET user_active = 1, user_actkey = ''" . $sql_update_pass . " WHERE user_id = " . $row['user_id']; if( $result = $db->sql_query($sql) ) { if( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == "" ) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n"; $emailer->use_template("admin_welcome_activated", $row['user_lang']); $emailer->email_address($row['user_email']); $emailer->set_subject($lang['Account_activated_subject']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( "SITENAME" => $board_config['sitename'], "USERNAME" => $username, "PASSWORD" => $password_confirm, "EMAIL_SIG" => str_replace("
", "\n", "-- \n" . $board_config['board_email_sig'])) ); $emailer->send(); $emailer->reset(); $template->assign_vars(array( "META" => '') ); message_die(GENERAL_MESSAGE, $lang['Account_active_admin']); } else { $template->assign_vars(array( "META" => '') ); $message = ( $sql_update_pass == "" ) ? $lang['Account_active'] : $lang['Password_activated']; message_die(GENERAL_MESSAGE, $message); } } else { message_die(GENERAL_ERROR, "Couldn't update users table", "", __LINE__, __FILE__, $sql_update); } } else { message_die(GENERAL_ERROR, $lang['Wrong_activation']); //wrongactiv } } else { message_die(GENERAL_ERROR, "Couldn't obtain user information", "", __LINE__, __FILE__, $sql); } break; } else if( $mode == "email" ) { if( !empty($HTTP_GET_VARS[POST_USERS_URL]) || !empty($HTTP_POST_VARS[POST_USERS_URL]) ) { $user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? $HTTP_GET_VARS[POST_USERS_URL] : $HTTP_POST_VARS[POST_USERS_URL]; } else { message_die(GENERAL_MESSAGE, $lang['No_user_specified']); } if( !$userdata['session_logged_in'] ) { header("Location: " . append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true)); } $sql = "SELECT username, user_email, user_viewemail, user_lang FROM " . USERS_TABLE . " WHERE user_id = $user_id"; if( $result = $db->sql_query($sql) ) { $row = $db->sql_fetchrow($result); $username = $row['username']; $user_email = $row['user_email']; $user_lang = $row['user_lang']; if( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) { if( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] ) { message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']); } if( isset($HTTP_POST_VARS['submit']) ) { $error = FALSE; if( !empty($HTTP_POST_VARS['subject']) ) { $subject = trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))); } else { $error = TRUE; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; } if( !empty($HTTP_POST_VARS['message']) ) { $message = trim(strip_tags(stripslashes($HTTP_POST_VARS['message']))); } else { $error = TRUE; $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $lang['Empty_message_email'] : $lang['Empty_message_email']; } if( !$error ) { $sql = "UPDATE " . USERS_TABLE . " SET user_emailtime = " . time() . " WHERE user_id = " . $userdata['user_id']; if( $result = $db->sql_query($sql) ) { include($phpbb_root_path . 'includes/emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $email_headers = "From: " . $userdata['user_email'] . "\n"; if( !empty($HTTP_POST_VARS['cc_email']) ) { $email_headers .= "Cc: " . $userdata['user_email'] . "\n"; } $email_headers .= "Return-Path: " . $userdata['user_email'] . "\n"; $email_headers .= "X-AntiAbuse: Board servername - " . $server_name . "\n"; $email_headers .= "X-AntiAbuse: User_id - " . $userdata['user_id'] . "\n"; $email_headers .= "X-AntiAbuse: Username - " . $userdata['username'] . "\n"; $email_headers .= "X-AntiAbuse: User IP - " . decode_ip($user_ip) . "\n"; $emailer->use_template("profile_send_email", $user_lang); $emailer->email_address($user_email); $emailer->set_subject($subject); $emailer->extra_headers($email_headers); $emailer->assign_vars(array( "SITENAME" => $board_config['sitename'], "BOARD_EMAIL" => $board_config['board_email'], "FROM_USERNAME" => $userdata['username'], "TO_USERNAME" => $username, "MESSAGE" => $message) ); $emailer->send(); $emailer->reset(); $template->assign_vars(array( "META" => '') ); $message = $lang['Email_sent'] . "

" . sprintf($lang['Click_return_index'], "", ""); message_die(GENERAL_MESSAGE, $message); } else { message_die(GENERAL_ERROR, "Couldn't update last email time", "", __LINE__, __FILE__, $sql); } } } include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( "body" => "profile_send_email.tpl", "jumpbox" => "jumpbox.tpl") ); $jumpbox = make_jumpbox(); $template->assign_vars(array( "L_GO" => $lang['Go'], "L_JUMP_TO" => $lang['Jump_to'], "L_SELECT_FORUM" => $lang['Select_forum'], "S_JUMPBOX_LIST" => $jumpbox, "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx")) ); $template->assign_var_from_handle("JUMPBOX", "jumpbox"); if( $error ) { $template->set_filenames(array( "reg_header" => "error_body.tpl") ); $template->assign_vars(array( "ERROR_MESSAGE" => $error_msg) ); $template->assign_var_from_handle("ERROR_BOX", "reg_header"); } if( $userdata['user_sig'] != "" ) { $template->assign_block_vars("signature_checkbox", array()); } $template->assign_vars(array( "USERNAME" => $username, "S_SIGNATURE_CHECKED" => ( $attach_sig ) ? "checked=\"checked\"" : "", "S_POST_ACTION" => append_sid("profile.$phpEx?&mode=email&" . POST_USERS_URL . "=$user_id"), "L_SEND_EMAIL_MSG" => $lang['Send_email_msg'], "L_RECIPIENT" => $lang['Recipient'], "L_SUBJECT" => $lang['Subject'], "L_MESSAGE_BODY" => $lang['Message_body'], "L_MESSAGE_BODY_DESC" => $lang['Email_message_desc'], "L_OPTIONS" => $lang['Options'], "L_CC_EMAIL" => $lang['CC_email'], "L_NOTIFY_ON_REPLY" => $lang['Notify'], "L_SPELLCHECK" => $lang['Spellcheck'], "L_SEND_EMAIL" => $lang['Send_email']) ); $template->pparse("body"); include($phpbb_root_path . 'includes/page_tail.'.$phpEx); } else { message_die(GENERAL_MESSAGE, $lang['User_prevent_email']); } } else { message_die(GENERAL_MESSAGE, $lang['User_not_exist']); } } } ?>