- extend config checking to include check for writeable path

- removed not utilized user_allow_email column from schema - removed inactive groups (they had no use at all, since inactive users are not able to login) The only benefit those brought are distinguish users - but this is no longer needed too due to the inactive code present. This also allows us to retain group memberships as well as default settings for users being set inactive due to profile changes. - rewrote user_active_flip to support multiple users and a mode, as well as coping with the aforementioned changes - implemented updated jabber class to support SRV server records and for better jabberd2 support. - jabber errors now logged to the error log with a full transaction - fixed user_delete calls to include usernames where possible and also update last post information correctly - implemented additioal checks to user management to cope with common mistakes - On installation, guess the required mysql schema as best as possible. Users now only need to decide if they want to use the mysqli extension or not (mysqli selected by default) and no longer need to know their mysql version. - founders do not need to re-activate their account on profile changes - remove older session if re-authentication was successful (re-authentication always assigns a new session id) - set the cookie directly instead of using php's function - added inactive_remind to see which users got deactivated because of reminders (or re-activation) sent out hopefully not introduced too many bugs - those testing with CVS releases, please concentrate on user registration, activation, profile changes (email/password)... git-svn-id: file:///svn/phpbb/trunk@6436 89ea8834-ac86-4346-8a33-228a782c2dd0
author: Meik Sievertsen <acydburn@phpbb.com> 2006-10-03 18:35:59 +0000
committer: Meik Sievertsen <acydburn@phpbb.com> 2006-10-03 18:35:59 +0000
commit: 5284f321789b5d0456b48a529ed59a99956020e8 (patch)
tree: ec6af414977763a8a2a9b570c4e071597239409e /phpBB/includes
parent: d7f87be493589daf3d0996eb83f489c62d4380a7 (diff)
download: forums-5284f321789b5d0456b48a529ed59a99956020e8.tar
forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.gz
forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.bz2
forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.xz
forums-5284f321789b5d0456b48a529ed59a99956020e8.zip
21 files changed, 773 insertions, 500 deletions
diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php
index 91d7c024f3..74373af86b 100644
--- a/phpBB/includes/acp/acp_attachments.php
+++ b/phpBB/includes/acp/acp_attachments.php
@@ -89,7 +89,7 @@ class acp_attachments
 						'legend1'				=> 'ACP_ATTACHMENT_SETTINGS',
 						'allow_attachments'		=> array('lang' => 'ALLOW_ATTACHMENTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'allow_pm_attach'		=> array('lang' => 'ALLOW_PM_ATTACHMENTS',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
-						'upload_path'			=> array('lang' => 'UPLOAD_DIR',			'validate' => 'path',	'type' => 'text:25:100', 'explain' => true),
+						'upload_path'			=> array('lang' => 'UPLOAD_DIR',			'validate' => 'wpath',	'type' => 'text:25:100', 'explain' => true),
 						'display_order'			=> array('lang' => 'DISPLAY_ORDER',			'validate' => 'bool',	'type' => 'custom', 'method' => 'display_order', 'explain' => true),
 						'attachment_quota'		=> array('lang' => 'ATTACH_QUOTA',			'validate' => 'int',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
 						'max_filesize'			=> array('lang' => 'ATTACH_MAX_FILESIZE',	'validate' => 'int',	'type' => 'custom', 'method' => 'max_filesize', 'explain' => true),
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php
index b968b9bf56..8dbf70ccb1 100644
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@@ -27,7 +27,7 @@ class acp_board
 		$action	= request_var('action', '');
 		$submit = (isset($_POST['submit'])) ? true : false;
 
-		// Validation types are: string, int, bool, rpath, path
+		// Validation types are: string, int, bool, rpath (relative), rwpath (realtive, writeable), path (relative path, but able to escape the root), wpath (writeable)
 		switch ($mode)
 		{
 			case 'settings':
@@ -93,7 +93,7 @@ class acp_board
 						'avatar_filesize'		=> array('lang' => 'MAX_FILESIZE',			'validate' => 'int',	'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
 						'avatar_min'			=> array('lang' => 'MIN_AVATAR_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true),
 						'avatar_max'			=> array('lang' => 'MAX_AVATAR_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true),
-						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
+						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rwpath',	'type' => 'text:20:255', 'explain' => true),
 						'avatar_gallery_path'	=> array('lang' => 'AVATAR_GALLERY_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true)
 					)
 				);
@@ -279,7 +279,7 @@ class acp_board
 						'legend2'				=> 'PATH_SETTINGS',
 						'smilies_path'			=> array('lang' => 'SMILIES_PATH',		'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 						'icons_path'			=> array('lang' => 'ICONS_PATH',		'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
-						'upload_icons_path'		=> array('lang' => 'UPLOAD_ICONS_PATH',	'validate' => 'path',	'type' => 'text:20:255', 'explain' => true),
+						'upload_icons_path'		=> array('lang' => 'UPLOAD_ICONS_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 						'ranks_path'			=> array('lang' => 'RANKS_PATH',		'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 
 						'legend3'				=> 'SERVER_URL_SETTINGS',
diff --git a/phpBB/includes/acp/acp_inactive.php b/phpBB/includes/acp/acp_inactive.php
index 05db9fa95b..9a26a3595d 100755
--- a/phpBB/includes/acp/acp_inactive.php
+++ b/phpBB/includes/acp/acp_inactive.php
@@ -58,16 +58,7 @@ class acp_inactive
 					if ($action == 'activate')
 					{
 						include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
-
-						foreach ($mark as $user_id)
-						{
-							user_active_flip($user_id, USER_INACTIVE);
-						}
-
-						set_config('num_users', $config['num_users'] + sizeof($mark), true);
-
-						// Update latest username
-						update_last_username();
+						user_active_flip('activate', $mark);
 					}
 					else if ($action == 'delete')
 					{
diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php
index b55ac27fea..afb2ba329a 100644
--- a/phpBB/includes/acp/acp_jabber.php
+++ b/phpBB/includes/acp/acp_jabber.php
@@ -44,16 +44,9 @@ class acp_jabber
 		$jab_resource		= request_var('jab_resource', $config['jab_resource']);
 		$jab_package_size	= request_var('jab_package_size', $config['jab_package_size']);
 
-		$jabber = new jabber();
+		$jabber = new jabber($jab_host, $jab_port, $jab_username, $jab_password, $jab_resource);
 		$error = array();
 
-		// Setup the basis vars for jabber connection
-		$jabber->server		= $jab_host;
-		$jabber->port		= ($jab_port) ? $jab_port : 5222;
-		$jabber->username	= $jab_username;
-		$jabber->password	= $jab_password;
-		$jabber->resource	= $jab_resource;
-
 		$message = $user->lang['JAB_SETTINGS_CHANGED'];
 		$log = 'JAB_SETTINGS_CHANGED';
 
diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php
index 36eac665c2..f9f08ee694 100644
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@@ -70,7 +70,7 @@ class acp_permissions
 		if ($select_all_groups)
 		{
 			// Add default groups to selection
-			$sql_and = (!$config['coppa_enable']) ? " AND group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : '';
+			$sql_and = (!$config['coppa_enable']) ? " AND group_name <> 'REGISTERED_COPPA'" : '';
 
 			$sql = 'SELECT group_id
 				FROM ' . GROUPS_TABLE . '
diff --git a/phpBB/includes/acp/acp_prune.php b/phpBB/includes/acp/acp_prune.php
index 7c789e4773..8fe9e10bae 100644
--- a/phpBB/includes/acp/acp_prune.php
+++ b/phpBB/includes/acp/acp_prune.php
@@ -267,11 +267,7 @@ class acp_prune
 				{
 					if ($action == 'deactivate')
 					{
-						foreach ($user_ids as $user_id)
-						{
-							user_active_flip($user_id, USER_NORMAL, false, false, INACTIVE_MANUAL, true);
-						}
-
+						user_active_flip('deactivate', $user_ids);
 						$l_log = 'LOG_PRUNE_USER_DEAC';
 					}
 					else if ($action == 'delete')
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 06a6f3c97a..bd28662a42 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -174,7 +174,7 @@ class acp_users
 
 						if (confirm_box(true))
 						{
-							user_delete($delete_type, $user_id);
+							user_delete($delete_type, $user_id, $user_row['username']);
 
 							add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
 							trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
@@ -205,6 +205,11 @@ class acp_users
 								trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 							}
 
+							if ($user_row['user_type'] == USER_FOUNDER)
+							{
+								trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
+							}
+
 							$ban = array();
 
 							switch ($action)
@@ -256,6 +261,16 @@ class acp_users
 								trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 							}
 
+							if ($user_row['user_type'] == USER_FOUNDER)
+							{
+								trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
+							}
+
+							if ($user_row['user_type'] == USER_IGNORE)
+							{
+								trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
+							}
+
 							if ($config['email_enable'])
 							{
 								include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
@@ -267,9 +282,14 @@ class acp_users
 								$key_len = ($key_len > 6) ? $key_len : 6;
 								$user_actkey = substr($user_actkey, 0, $key_len);
 
-								if ($user_row['user_type'] != USER_INACTIVE)
+								if ($user_row['user_type'] == USER_NORMAL)
 								{
-									user_active_flip($user_id, $user_row['user_type'], $user_actkey, $user_row['username'], INACTIVE_MANUAL);
+									user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
+
+									$sql = 'UPDATE ' . USERS_TABLE . "
+										SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
+										WHERE user_id = $user_id";
+									$db->sql_query($sql);
 								}
 
 								$messenger = new messenger(false);
@@ -311,24 +331,23 @@ class acp_users
 								trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 							}
 
-							user_active_flip($user_id, $user_row['user_type'], false, $user_row['username'], INACTIVE_MANUAL);
-
-							$message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
-							$log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
-
-							add_log('user', $user_id, $log . '_USER');
-
-							if ($user_row['user_type'] == USER_INACTIVE)
+							if ($user_row['user_type'] == USER_FOUNDER)
 							{
-								set_config('num_users', $config['num_users'] + 1, true);
+								trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 							}
-							else
+
+							if ($user_row['user_type'] == USER_IGNORE)
 							{
-								set_config('num_users', $config['num_users'] - 1, true);
+								trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 							}
 
-							// Update latest username
-							update_last_username();
+							user_active_flip('flip', $user_id);
+
+							$message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
+							$log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
+
+							add_log('admin', $log, $user_row['username']);
+							add_log('user', $user_id, $log . '_USER');
 
 							trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
@@ -783,9 +802,21 @@ class acp_users
 				}
 				else
 				{
-					$quick_tool_ary = array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP', 'active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'), 'delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
+					$quick_tool_ary = array();
+
+					if ($user_row['user_type'] != USER_FOUNDER)
+					{
+						$quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
+					}
+
+					if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
+					{
+						$quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
+					}
+					
+					$quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
 					
-					if ($config['email_enable'])
+					if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
 					{
 						$quick_tool_ary['reactivate'] = 'FORCE';
 					}
@@ -807,7 +838,7 @@ class acp_users
 					'S_USER_FOUNDER'	=> ($user_row['user_type'] == USER_FOUNDER) ? true : false,
 					'S_ACTION_OPTIONS'	=> $s_action_options,
 					'S_OWN_ACCOUNT'		=> ($user_id == $user->data['user_id']) ? true : false,
-					'S_USER_INACTIVE'	=> ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE) ? true : false,
+					'S_USER_INACTIVE'	=> ($user_row['user_type'] == USER_INACTIVE) ? true : false,
 
 					'U_SHOW_IP'		=> $this->u_action . "&amp;u=$user_id&amp;ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
 					'U_WHOIS'		=> $this->u_action . "&amp;action=whois&amp;user_ip={$user_row['user_ip']}",
@@ -1854,11 +1885,11 @@ class acp_users
 				$s_group_options = '';
 				while ($row = $db->sql_fetchrow($result))
 				{
-					if (!$config['coppa_enable'] && in_array($row['group_name'], array('INACTIVE_COPPA', 'REGISTERED_COPPA')))
+					if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
 					{
 						continue;
 					}
-					
+
 					$s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
 				}
 				$db->sql_freeresult($result);
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php
index c578881c3f..5e927ce439 100644
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -714,7 +714,7 @@ class auth
 
 				$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
 					FROM ' . USERS_TABLE . "
-					WHERE username = '" . $db->sql_escape($username) . "'";
+					WHERE LOWER(username) = '" . $db->sql_escape(strtolower($username)) . "'";
 				$result = $db->sql_query($sql);
 				$row = $db->sql_fetchrow($result);
 				$db->sql_freeresult($result);
@@ -738,11 +738,36 @@ class auth
 			// If login succeeded, we will log the user in... else we pass the login array through...
 			if ($login['status'] == LOGIN_SUCCESS)
 			{
+				$old_session_id = $user->session_id;
+
+				if ($admin)
+				{
+					global $SID, $_SID;
+
+					$cookie_expire = time() - 31536000;
+					$user->set_cookie('u', '', $cookie_expire);
+					$user->set_cookie('sid', '', $cookie_expire);
+					unset($cookie_expire);
+
+					$SID = '?sid=';
+					$user->session_id = $_SID = '';
+				}
+
 				$result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline);
 
 				// Successful session creation
 				if ($result === true)
 				{
+					// If admin re-authentication we remove the old session entry because a new one has been created...
+					if ($admin)
+					{
+						// the login array is used because the user ids do not differ for re-authentication
+						$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
+							WHERE session_id = '" . $db->sql_escape($old_session_id) . "'
+							AND session_user_id = {$login['user_row']['user_id']}";
+						$db->sql_query($sql);
+					}
+
 					return array(
 						'status'		=> LOGIN_SUCCESS,
 						'error_msg'		=> false,
diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php
index 42d3c41463..0ed3ad8d84 100644
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -27,12 +27,11 @@ define('USER_NORMAL', 0);
 define('USER_INACTIVE', 1);
 define('USER_IGNORE', 2);
 define('USER_FOUNDER', 3);
-//define('USER_BOT', 2);
-//define('USER_GUEST', 4);
 
 define('INACTIVE_REGISTER', 1);
 define('INACTIVE_PROFILE', 2);
 define('INACTIVE_MANUAL', 3);
+define('INACTIVE_REMIND', 4);
 
 // ACL
 define('ACL_NEVER', 0);
diff --git a/phpBB/includes/db/mysql.php b/phpBB/includes/db/mysql.php
index 15158bbb59..1901bd4270 100644
--- a/phpBB/includes/db/mysql.php
+++ b/phpBB/includes/db/mysql.php
@@ -33,6 +33,8 @@ if (!defined('SQL_LAYER'))
 */
 class dbal_mysql extends dbal
 {
+	var $mysql_version;
+
 	/**
 	* Connect to server
 	* @access public
@@ -51,14 +53,14 @@ class dbal_mysql extends dbal
 			if (@mysql_select_db($this->dbname))
 			{
 				// Determine what version we are using and if it natively supports UNICODE
-				$mysql_version = mysql_get_server_info($this->db_connect_id);
+				$this->mysql_version = mysql_get_server_info($this->db_connect_id);
 
-				if (version_compare($mysql_version, '4.1.3', '>='))
+				if (version_compare($this->mysql_version, '4.1.3', '>='))
 				{
 					define('SQL_LAYER', 'mysql4');
 					@mysql_query("SET NAMES 'utf8'", $this->db_connect_id);
 				}
-				else if (version_compare($mysql_version, '4.0.0', '>='))
+				else if (version_compare($this->mysql_version, '4.0.0', '>='))
 				{
 					define('SQL_LAYER', 'mysql4');
 				}
@@ -79,7 +81,7 @@ class dbal_mysql extends dbal
 	*/
 	function sql_server_info()
 	{
-		return 'MySQL ' . @mysql_get_server_info($this->db_connect_id);
+		return 'MySQL ' . $this->mysql_version;
 	}
 
 	/**
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 8ada82cffe..a5e6570116 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -1913,7 +1913,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		'U_PRIVACY'				=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=privacy'),
 
 		'S_DISPLAY_FULL_LOGIN'	=> ($s_display) ? true : false,
-		'S_LOGIN_ACTION'		=> (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx"), // Needs to stay index.$phpEx because we are within the admin directory
+		'S_LOGIN_ACTION'		=> (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory
 		'S_HIDDEN_FIELDS' 		=> $s_hidden_fields,
 
 		'S_ADMIN_AUTH'			=> $admin,
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index b346e09a2b..2119b86740 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -207,7 +207,7 @@ function group_select_options($group_id, $exclude_ids = false)
 	global $db, $user, $config;
 
 	$exclude_sql = ($exclude_ids !== false && sizeof($exclude_ids)) ? 'WHERE ' . $db->sql_in_set('group_id', array_map('intval', $exclude_ids), true) : '';
-	$sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name NOT IN ('INACTIVE_COPPA', 'REGISTERED_COPPA')" : '';
+	$sql_and = (!$config['coppa_enable']) ? (($exclude_sql) ? ' AND ' : ' WHERE ') . "group_name <> 'REGISTERED_COPPA'" : '';
 
 	$sql = 'SELECT group_id, group_name, group_type 
 		FROM ' . GROUPS_TABLE . "
@@ -245,6 +245,7 @@ function get_forum_list($acl_list = 'f_list', $id_only = true, $postable_only =
 			ORDER BY left_id ASC';
 		$result = $db->sql_query($sql, $expire_time);
 
+		$forum_rows = array();
 		while ($row = $db->sql_fetchrow($result))
 		{
 			$forum_rows[] = $row;
@@ -2343,7 +2344,7 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li
 	$sql = 'SELECT user_id, username, user_regdate, user_lastvisit, user_inactive_time, user_inactive_reason
 		FROM ' . USERS_TABLE . ' 
 		WHERE user_type = ' . USER_INACTIVE . 
-		(($limit_days) ? "AND user_inactive_time >= $limit_days" : '') . " 
+		(($limit_days) ? " AND user_inactive_time >= $limit_days" : '') . " 
 		ORDER BY $sort_by";
 	$result = $db->sql_query_limit($sql, $limit, $offset);
 
@@ -2363,15 +2364,19 @@ function view_inactive_users(&$users, &$user_count, $limit = 0, $offset = 0, $li
 			case INACTIVE_MANUAL:
 				$row['inactive_reason'] = $user->lang['INACTIVE_REASON_MANUAL'];
 			break;
+
+			case INACTIVE_REMIND:
+				$row['inactive_reason'] = $user->lang['INACTIVE_REASON_REMIND'];
+			break;
 		}
 	
 		$users[] = $row;
 	}
 	
-	$sql = 'SELECT count(user_id) AS user_count
+	$sql = 'SELECT COUNT(user_id) AS user_count
 		FROM ' . USERS_TABLE . '
 		WHERE user_type = ' . USER_INACTIVE . 
-		(($limit_days) ? "AND user_inactive_time >= $limit_days" : '');
+		(($limit_days) ? " AND user_inactive_time >= $limit_days" : '');
 	$result = $db->sql_query($sql);
 	$user_count = (int) $db->sql_fetchfield('user_count');
 	$db->sql_freeresult($result);
diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php
index 9efe17dc6b..1bdeb6eb40 100644
--- a/phpBB/includes/functions_jabber.php
+++ b/phpBB/includes/functions_jabber.php
@@ -3,23 +3,24 @@
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
+* @copyright (c) 2006 phpBB Group 
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 
 *
 */
 
 /**
 *
-*	Class.Jabber.PHP v0.4
-*	(c) 2002 Carlo "Gossip" Zottmann
-*	http://phpjabber.g-blog.net *** gossip@jabber.g-blog.net
+*	Class.Jabber.PHP v0.4.2
+*	(c) 2004 Nathan "Fritzy" Fritz
+*	http://cjphp.netflint.net *** fritzy@netflint.net
 *
-*	The FULL documentation and examples for this software can be found at
-*	http://phpjabber.g-blog.net (not many doc comments in here, sorry)
+*	This is a bugfix version, specifically for those who can't get 
+*	0.4 to work on Jabberd2 servers. 
 *
-*	last modified: 27.04.2003 13:01:53 CET
-* 
-*	Modified by members of the phpBB Group
+*	last modified: 24.03.2004 13:01:53 
+*
+*	Modified by phpBB Development Team
+*	version: v0.4.3a
 *
 * @package phpBB3
 */
@@ -36,13 +37,14 @@ class jabber
 	var $delay_disconnect;
 
 	var $stream_id;
-	var $roster;
+
+	var $enable_logging;
+	var $log_array;
 
 	var $iq_sleep_timer;
 	var $last_ping_time;
 
 	var $packet_queue;
-	var $subscription_queue;
 
 	var $iq_version_name;
 	var $iq_version_os;
@@ -60,17 +62,24 @@ class jabber
 	/**
 	* Constructor
 	*/
-	function jabber()
+	function jabber($server, $port, $username, $password, $resource)
 	{
-		$this->port					= '5222';
-		$this->resource				= NULL;
-		$this->packet_queue			= $this->subscription_queue = array();
+		$this->server				= ($server) ? $server : 'localhost';
+		$this->port					= ($port) ? $port : '5222';
+		$this->username				= $username;
+		$this->password				= $password;
+		$this->resource				= ($resource) ? $resource : NULL;
+
+		$this->enable_logging		= true;
+		$this->log_array			= array();
+
+		$this->packet_queue			= array();
 		$this->iq_sleep_timer		= $this->delay_disconnect = 1;
 
 		$this->returned_keep_alive	= true;
 		$this->txnid				= 0;
 
-		$this->iq_version_name		= "Class.Jabber.PHP -- http://phpjabber.g-blog.net -- by Carlo 'Gossip' Zottmann, gossip@jabber.g-blog.net";
+		$this->iq_version_name		= "Class.Jabber.PHP -- http://cjphp.netflint.net -- by Nathan 'Fritzy' Fritz, fritz@netflint.net";
 		$this->iq_version_version	= '0.4';
 		$this->iq_version_os		= $_SERVER['SERVER_SOFTWARE'];
 
@@ -104,7 +113,7 @@ class jabber
 		if ($this->connector->open_socket($this->server, $this->port))
 		{
 			$this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n");
-			$this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'>\n");
+			$this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n");
 
 			sleep(2);
 
@@ -115,11 +124,13 @@ class jabber
 			}
 			else
 			{
+				$this->add_to_log('ERROR: connect() #1');
 				return false;
 			}
 		}
 		else
 		{
+			$this->add_to_log('ERROR: connect() #2');
 			return false;
 		}
 	}
@@ -139,55 +150,12 @@ class jabber
 	}
 
 	/**
-	* Cruise Control
-	*/
-	function cruise_control($seconds = -1)
-	{
-		$count = 0;
-
-		while ($count != $seconds)
-		{
-			$this->listen();
-
-			do
-			{
-				$packet = $this->get_first_from_queue();
-
-				if ($packet)
-				{
-					$this->call_handler($packet);
-				}
-			}
-			while (sizeof($this->packet_queue) > 1);
-
-			$count += 0.25;
-			usleep(250000);
-
-			if ($this->last_ping_time != date('H:i'))
-			{
-				// Modified by Nathan Fritz
-				if ($this->returned_keep_alive == false)
-				{
-					$this->connected = false;
-					//EVENT: Disconnected
-				}
-
-				$this->returned_keep_alive = false;
-				$this->keep_alive_id = 'keep_alive_' . time();
-				$this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control');
-				$this->last_ping_time = date('H:i');
-			}
-		}
-
-		return true;
-	}
-
-	/**
 	* Send authentication request
 	*/
 	function send_auth()
 	{
 		$this->auth_id	= 'auth_' . md5(time() . $_SERVER['REMOTE_ADDR']);
+		$this->resource	= ($this->resource != NULL) ? $this->resource : ('Class.Jabber.PHP ' . md5($this->auth_id));
 		$this->jid		= "{$this->username}@{$this->server}/{$this->resource}";
 
 		// request available authentication methods
@@ -197,6 +165,7 @@ class jabber
 		// was a result returned?
 		if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id)
 		{
+			// yes, now check for auth method availability in descending order (best to worst)
 			if (isset($packet['iq']['#']['query'][0]['#']['sequence'][0]['#']) && isset($packet['iq']['#']['query'][0]['#']['token'][0]['#']))
 			{
 				// auth_0k
@@ -212,10 +181,16 @@ class jabber
 				// plain text
 				return $this->_sendauth_plaintext();
 			}
+			else
+			{
+				$this->add_to_log('ERROR: send_auth() #2 - No auth method available!');
+				return false;
+			}
 		}
 		else
 		{
 			// no result returned
+			$this->add_to_log('ERROR: send_auth() #1');
 			return false;
 		}
 	}
@@ -319,86 +294,15 @@ class jabber
 	{
 		$xml = trim($xml);
 
-		return ($this->connector->write_to_socket($xml)) ? true : false;
-	}
-
-	/**
-	* get the transport registration fields
-	* method written by Steve Blinch, http://www.blitzaffe.com 
-	*/
-	function transport_registration_details($transport)
-	{
-		$this->txnid++;
-		$packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid);
-
-		if ($packet)
+		if ($this->connector->write_to_socket($xml))
 		{
-			$res = array();
-
-			foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data)
-			{
-				if ($element != 'instructions' && $element != 'key')
-				{
-					$res[] = $element;
-				}
-			}
-
-			return $res;
-		}
-		else
-		{
-			return 3;
-		}
-	}
-
-	/**
-	* register with the transport
-	* method written by Steve Blinch, http://www.blitzaffe.com 
-	*/
-	function transport_registration($transport, $details)
-	{
-		$this->txnid++;
-		$packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", "jabber:iq:register", NULL, $this->jid);
-
-		if ($packet)
-		{
-			// just in case a key was passed back from the server
-			$key = $this->get_info_from_iq_key($packet);
-			unset($packet);
-
-			$payload = ($key) ? "<key>$key</key>\n" : '';
-			foreach ($details as $element => $value)
-			{
-				$payload .= "<$element>$value</$element>\n";
-			}
-
-			$packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", "jabber:iq:register", $payload);
-
-			if ($this->get_info_from_iq_type($packet) == 'result')
-			{
-				if (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#']))
-				{
-					$return_code = 1;
-				}
-				else
-				{
-					$return_code = 2;
-				}
-			}
-			else if ($this->get_info_from_iq_type($packet) == 'error')
-			{
-				if (isset($packet['iq']['#']['error'][0]['#']))
-				{
-					$return_code = "Error " . $packet['iq']['#']['error'][0]['@']['code'] . ": " . $packet['iq']['#']['error'][0]['#'];
-					// ERROR: TransportRegistration()
-				}
-			}
-
-			return $return_code;
+			$this->add_to_log('SEND: ' . $xml);
+			return true;
 		}
 		else
 		{
-			return 3;
+			$this->add_to_log('ERROR: send_packet() #1');
+			return false;
 		}
 	}
 
@@ -418,11 +322,12 @@ class jabber
 
 		if ($incoming != '')
 		{
+			$this->add_to_log('RECV: ' . $incoming);
 			$temp = $this->_split_incoming($incoming);
 
-			for ($a = 0, $size = sizeof($temp); $a < $size; $a++)
+			for ($i = 0, $size = sizeof($temp); $i < $size; $i++)
 			{
-				$this->packet_queue[] = $this->xmlize($temp[$a]);
+				$this->packet_queue[] = $this->xmlize($temp[$i]);
 			}
 		}
 
@@ -454,12 +359,12 @@ class jabber
 
 			$xml = "<message to='$to' type='$type' id='$id'>\n";
 
-			if (isset($content['subject']) && $content['subject'])
+			if (!empty($content['subject']))
 			{
 				$xml .= '<subject>' . $content['subject'] . "</subject>\n";
 			}
 
-			if (isset($content['thread']) && $content['thread'])
+			if (!empty($content['thread']))
 			{
 				$xml .= '<thread>' . $content['thread'] . "</thread>\n";
 			}
@@ -468,10 +373,18 @@ class jabber
 			$xml .= $payload;
 			$xml .= "</message>\n";
 
-			return ($this->send_packet($xml)) ? true : false;
+			if ($this->send_packet($xml))
+			{
+				return true;
+			}
+			else
+			{
+				$this->add_to_log('ERROR: send_message() #1');
+			}
 		}
 		else
 		{
+			$this->add_to_log('ERROR: send_message() #2');
 			return false;
 		}
 	}
@@ -492,7 +405,15 @@ class jabber
 
 		$xml .= ($status || $show || $priority) ? "</presence>\n" : '';
 
-		return ($this->send_packet($xml)) ? true : false;
+		if ($this->send_packet($xml))
+		{
+			return true;
+		}
+		else
+		{
+			$this->add_to_log('ERROR: send_presence() #1');
+			return false;
+		}
 	}
 
 	/**
@@ -579,11 +500,63 @@ class jabber
 			else
 			{
 				$this->handler_not_implemented($packet);
+				$this->add_to_log("ERROR: call_handler() #1 - neither method nor function $funcmeth() available");
 			}
 		}
 	}
 
 	/**
+	* Cruise Control
+	*/
+	function cruise_control($seconds = -1)
+	{
+		$count = 0;
+
+		while ($count != $seconds)
+		{
+			$this->listen();
+
+			do
+			{
+				$packet = $this->get_first_from_queue();
+
+				if ($packet)
+				{
+					$this->call_handler($packet);
+				}
+			}
+			while (sizeof($this->packet_queue) > 1);
+
+			$count += 0.25;
+			usleep(250000);
+
+			if (($this->last_ping_time + 180) < time())
+			{
+				// Modified by Nathan Fritz
+				if ($this->returned_keep_alive == false)
+				{
+					$this->connected = false;
+					$this->add_to_log('EVENT: Disconnected');
+				}
+
+				if ($this->returned_keep_alive == true)
+				{
+					$this->connected = true;
+				}
+
+				$this->returned_keep_alive = false;
+
+				$this->keep_alive_id = 'keep_alive_' . time();
+				// $this->send_packet("<iq id='{$this->keep_alive_id}'/>", 'cruise_control');
+				$this->send_packet("<iq type='get' from='{$this->username}@{$this->server}/{$this->resource}' to='{$this->server}' id='{$this->keep_alive_id}'><query xmlns='jabber:iq:time' /></iq>");
+				$this->last_ping_time = time();
+			}
+		}
+
+		return true;
+	}
+
+	/**
 	* Send iq
 	*/
 	function send_iq($to = NULL, $type = 'get', $id = NULL, $xmlns = NULL, $payload = NULL, $from = NULL)
@@ -592,12 +565,13 @@ class jabber
 		{
 			unset($type);
 
+			$this->add_to_log("ERROR: send_iq() #2 - type must be 'get', 'set', 'result' or 'error'");
 			return false;
 		}
 		else if ($id && $xmlns)
 		{
 			$xml = "<iq type='$type' id='$id'";
-			$xml .= ($to) ? " to='$to'" : '';
+			$xml .= ($to) ? " to='" . htmlspecialchars($to) . "'" : '';
 			$xml .= ($from) ? " from='$from'" : '';
 			$xml .= ">
 						<query xmlns='$xmlns'>
@@ -613,10 +587,109 @@ class jabber
 		}
 		else
 		{
+			$this->add_to_log('ERROR: send_iq() #1 - to, id and xmlns are mandatory');
 			return false;
 		}
 	}
 
+	/**
+	* get the transport registration fields
+	* method written by Steve Blinch, http://www.blitzaffe.com 
+	*/
+	function transport_registration_details($transport)
+	{
+		$this->txnid++;
+		$packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid);
+
+		if ($packet)
+		{
+			$res = array();
+
+			foreach ($packet['iq']['#']['query'][0]['#'] as $element => $data)
+			{
+				if ($element != 'instructions' && $element != 'key')
+				{
+					$res[] = $element;
+				}
+			}
+
+			return $res;
+		}
+		else
+		{
+			return 3;
+		}
+	}
+
+	/**
+	* register with the transport
+	* method written by Steve Blinch, http://www.blitzaffe.com 
+	*/
+	function transport_registration($transport, $details)
+	{
+		$this->txnid++;
+		$packet = $this->send_iq($transport, 'get', "reg_{$this->txnid}", 'jabber:iq:register', NULL, $this->jid);
+
+		if ($packet)
+		{
+			// just in case a key was passed back from the server
+			$key = $this->get_info_from_iq_key($packet);
+			unset($packet);
+
+			$payload = ($key) ? "<key>$key</key>\n" : '';
+			foreach ($details as $element => $value)
+			{
+				$payload .= "<$element>$value</$element>\n";
+			}
+
+			$packet = $this->send_iq($transport, 'set', "reg_{$this->txnid}", 'jabber:iq:register', $payload);
+
+			if ($this->get_info_from_iq_type($packet) == 'result')
+			{
+				$return_code = (isset($packet['iq']['#']['query'][0]['#']['registered'][0]['#'])) ? 1 : 2;
+			}
+			else if ($this->get_info_from_iq_type($packet) == 'error')
+			{
+				if (isset($packet['iq']['#']['error'][0]['#']))
+				{
+					$return_code = 'Error ' . $packet['iq']['#']['error'][0]['@']['code'] . ': ' . $packet['iq']['#']['error'][0]['#'];
+					$this->add_to_log('ERROR: transport_registration()');
+				}
+			}
+
+			return $return_code;
+		}
+		else
+		{
+			return 3;
+		}
+	}
+
+	/**
+	* Return log
+	*/
+	function get_log()
+	{
+		if ($this->enable_logging && sizeof($this->log_array))
+		{
+			return implode("\n\n", $this->log_array);
+		}
+
+		return '';
+	}
+
+	/**
+	* Add information to log
+	*/
+	function add_to_log($string)
+	{
+		if ($this->enable_logging)
+		{
+			$this->log_array[] = htmlspecialchars($string);
+		}
+	}
+
+
 	// ======================================================================
 	// private methods
 	// ======================================================================
@@ -634,7 +707,7 @@ class jabber
 		$zerok_hash = sha1($zerok_hash . $zerok_token);
 
 		// repeat as often as needed
-		for ($a = 0; $a < $zerok_sequence; $a++)
+		for ($i = 0; $i < $zerok_sequence; $i++)
 		{
 			$zerok_hash = sha1($zerok_hash);
 		}
@@ -646,7 +719,15 @@ class jabber
 		$packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload);
 
 		// was a result returned?
-		return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false;
+		if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id)
+		{
+			return true;
+		}
+		else
+		{
+			$this->add_to_log('ERROR: _sendauth_ok() #1');
+			return false;
+		}
 	}
 
 	/**
@@ -662,7 +743,15 @@ class jabber
 		$packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload);
 
 		// was a result returned?
-		return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false;
+		if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id)
+		{
+			return true;
+		}
+		else
+		{
+			$this->add_to_log('ERROR: _sendauth_digest() #1');
+			return false;
+		}
 	}
 
 	/**
@@ -678,7 +767,15 @@ class jabber
 		$packet = $this->send_iq(NULL, 'set', $this->auth_id, 'jabber:iq:auth', $payload);
 
 		// was a result returned?
-		return ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id) ? true : false;
+		if ($this->get_info_from_iq_type($packet) == 'result' && $this->get_info_from_iq_id($packet) == $this->auth_id)
+		{
+			return true;
+		}
+		else
+		{
+			$this->add_to_log('ERROR: _sendauth_plaintext() #1');
+			return false;
+		}
 	}
 
 	/**
@@ -695,6 +792,12 @@ class jabber
 		}
 
 		$incoming = trim($incoming);
+
+		if ($incoming != '')
+		{
+			$this->add_to_log('RECV: ' . $incoming);
+		}
+
 		return $this->xmlize($incoming);
 	}
 
@@ -708,40 +811,82 @@ class jabber
 
 		if (is_array($incoming_array))
 		{
-			if ($incoming_array['stream:stream']['@']['from'] == $this->server
-				&& $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client'
-				&& $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams')
+			if ($incoming_array['stream:stream']['@']['from'] == $this->server && $incoming_array['stream:stream']['@']['xmlns'] == 'jabber:client' && $incoming_array['stream:stream']['@']['xmlns:stream'] == 'http://etherx.jabber.org/streams')
 			{
 				$this->stream_id = $incoming_array['stream:stream']['@']['id'];
 
-				return true;
+				if ($incoming_array['stream:stream']['#']['stream:features'][0]['#']['starttls'][0]['@']['xmlns'] == 'urn:ietf:params:xml:ns:xmpp-tls')
+				{
+					return $this->_starttls();
+				}
+				else
+				{
+					return true;
+				}
 			}
 			else
 			{
+				$this->add_to_log('ERROR: _check_connected() #1');
 				return false;
 			}
 		}
 		else
 		{
+			$this->add_to_log('ERROR: _check_connected() #2');
 			return false;
 		}
 	}
 
 	/**
-	* Split incoming packet
+	* Start TLS/SSL session if supported (PHP5.1)
 	* @access private
 	*/
-	function _split_incoming($incoming)
+	function _starttls()
 	{
-		$temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE);
-		$array = array();
+		if (!function_exists('stream_socket_enable_crypto') || !function_exists('stream_get_meta_data') || !function_exists('socket_set_blocking'))
+		{
+			$this->add_to_log('WARNING: TLS is not available');
+			return true;
+		}
 
-		for ($a = 1; $a < sizeof($temp); $a = $a + 2)
+		$this->send_packet("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>\n");
+		sleep(2);
+		$incoming_array = $this->_listen_incoming();
+
+		if (!is_array($incoming_array))
 		{
-			$array[] = '<' . $temp[$a] . $temp[($a + 1)];
+			$this->add_to_log('ERROR: _starttls() #1');
+			return false;
 		}
 
-		return $array;
+		if ($incoming_array['proceed']['@']['xmlns'] != 'urn:ietf:params:xml:ns:xmpp-tls')
+		{
+			$this->add_to_log('ERROR: _starttls() #2');
+			return false;
+		}
+
+		$meta = stream_get_meta_data($this->connector->active_socket);
+		socket_set_blocking($this->connector->active_socket, 1);
+
+		if (!stream_socket_enable_crypto($this->connector->active_socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT))
+		{
+			socket_set_blocking($this->connector->active_socket, $meta['blocked']);
+			$this->add_to_log('ERROR: _starttls() #3');
+			return false;
+		}
+		socket_set_blocking($this->connector->active_socket, $meta['blocked']);
+
+		$this->send_packet("<?xml version='1.0' encoding='UTF-8' ?" . ">\n");
+		$this->send_packet("<stream:stream to='{$this->server}' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>\n");
+		sleep(2);
+
+		if (!$this->_check_connected())
+		{
+			$this->add_to_log('ERROR: _starttls() #4');
+			return false;
+		}
+
+		return true;
 	}
 
 	/**
@@ -760,6 +905,23 @@ class jabber
 	}
 
 	/**
+	* Split incoming packet
+	* @access private
+	*/
+	function _split_incoming($incoming)
+	{
+		$temp = preg_split('#<(message|iq|presence|stream)#', $incoming, -1, PREG_SPLIT_DELIM_CAPTURE);
+		$array = array();
+
+		for ($i = 1, $size = sizeof($temp); $i < $size; $i += 2)
+		{
+			$array[] = '<' . $temp[$i] . $temp[($i + 1)];
+		}
+
+		return $array;
+	}
+
+	/**
 	* Recursively prepares the strings in an array to be used in XML data.
 	* @access private
 	*/
@@ -844,6 +1006,14 @@ class jabber
 	}
 
 	/**
+	* Get info from message (xmlns)
+	*/
+	function get_info_from_message_xmlns($packet = NULL)
+	{
+		return (is_array($packet)) ? $packet['message']['#']['x'] : false;
+	}
+
+	/**
 	* Get info from message (error)
 	*/
 	function get_info_from_message_error($packet = NULL)
@@ -902,19 +1072,48 @@ class jabber
 	// ======================================================================
 
 	/**
-	* return message (from)
+	* Message type normal
 	*/
 	function handler_message_normal($packet)
 	{
 		$from = $packet['message']['@']['from'];
+		$this->add_to_log("EVENT: Message (type normal) from $from");
+	}
+
+	/**
+	* Message type chat
+	*/
+	function handler_message_chat($packet)
+	{
+		$from = $packet['message']['@']['from'];
+		$this->add_to_log("EVENT: Message (type chat) from $from");
+	}
+
+	/**
+	* Message type groupchat
+	*/
+	function handler_message_groupchat($packet)
+	{
+		$from = $packet['message']['@']['from'];
+		$this->add_to_log("EVENT: Message (type groupchat) from $from");
 	}
 
 	/**
-	* return error (from)
+	* Message type headline
+	*/
+	function handler_message_headline($packet)
+	{
+		$from = $packet['message']['@']['from'];
+		$this->add_to_log("EVENT: Message (type headline) from $from");
+	}
+
+	/**
+	* Message type error
 	*/
 	function handler_message_error($packet)
 	{
 		$from = $packet['message']['@']['from'];
+		$this->add_to_log("EVENT: Message (type error) from $from");
 	}
 
 	// ======================================================================
@@ -922,6 +1121,42 @@ class jabber
 	// ======================================================================
 
 	/**
+	* application version updates
+	*/
+	function handler_iq_jabber_iq_autoupdate($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:autoupdate from $from");
+	}
+
+	/**
+	* interactive server component properties
+	*/
+	function handler_iq_jabber_iq_agent($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:agent from $from");
+	}
+
+	/**
+	* method to query interactive server components
+	*/
+	function handler_iq_jabber_iq_agents($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:agents from $from");
+	}
+
+	/**
 	* simple client authentication
 	*/
 	function handler_iq_jabber_iq_auth($packet)
@@ -930,6 +1165,31 @@ class jabber
 		$id		= $this->get_info_from_iq_id($packet);
 
 		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:auth from $from");
+	}
+
+	/**
+	* out of band data
+	*/
+	function handler_iq_jabber_iq_oob($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:oob from $from");
+	}
+
+	/**
+	* method to store private data on the server
+	*/
+	function handler_iq_jabber_iq_private($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:private from $from");
 	}
 
 	/**
@@ -941,19 +1201,89 @@ class jabber
 		$id		= $this->get_info_from_iq_id($packet);
 
 		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:register from $from");
+	}
+
+	/**
+	* client roster management
+	*/
+	function handler_iq_jabber_iq_roster($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:roster from $from");
+	}
+
+	/**
+	* method for searching a user database
+	*/
+	function handler_iq_jabber_iq_search($packet)
+	{
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+
+		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: jabber:iq:search from $from");
 	}
 
 	/**
-	* keepalive method, added by Nathan Fritz
+	* method for requesting the current time
 	*/
-	function handler_iq_($packet)
+	function handler_iq_jabber_iq_time($packet)
 	{
 		if ($this->keep_alive_id == $this->get_info_from_iq_id($packet))
 		{
 			$this->returned_keep_alive = true;
+			$this->connected = true;
+
+			$this->add_to_log('EVENT: Keep-Alive returned, connection alive.');
+		}
+
+		$type	= $this->get_info_from_iq_type($packet);
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+		$id		= ($id != '') ? $id : 'time_' . time();
+
+		if ($type == 'get')
+		{
+			$payload = '<utc>' . gmdate("Ydm\TH:i:s") . '</utc><tz>' . date('T') . '</tz><display>' . date("Y/d/m h:i:s A") . '</display>';
+			$this->send_iq($from, 'result', $id, 'jabber:iq:time', $payload);
 		}
+
+		$this->add_to_log("EVENT: jabber:iq:time (type $type) from $from");
+	}
+
+	/**
+	*/
+	function handler_iq_error($packet)
+	{
+		// We'll do something with these later. This is a placeholder so that errors don't bounce back and forth.
 	}
-	
+
+	/**
+	* method for requesting version
+	*/
+	function handler_iq_jabber_iq_version($packet)
+	{
+		$type	= $this->get_info_from_iq_type($packet);
+		$from	= $this->get_info_from_iq_from($packet);
+		$id		= $this->get_info_from_iq_id($packet);
+		$id		= ($id != '') ? $id : 'version_' . time();
+
+		if ($type == 'get')
+		{
+			$payload = "<name>{$this->iq_version_name}</name>
+				<os>{$this->iq_version_os}</os>
+				<version>{$this->iq_version_version}</version>";
+
+			//$this->SendIq($from, 'result', $id, "jabber:iq:version", $payload);
+		}
+
+		$this->add_to_log("EVENT: jabber:iq:version (type $type) from $from -- DISABLED");
+	}
+
 	// ======================================================================
 	// Generic handlers
 	// ======================================================================
@@ -968,28 +1298,34 @@ class jabber
 		$id				= call_user_func(array(&$this, 'get_info_from_' . strtolower($packet_type) . '_id'), $packet);
 
 		$this->send_error($from, $id, 501);
+		$this->add_to_log("EVENT: Unrecognized <$packet_type/> from $from");
 	}
 
+	// ======================================================================
 	// Third party code
 	// m@d pr0ps to the coders ;)
+	// ======================================================================
 
 	/**
 	* xmlize()
-	* (c) Hans Anderson / http://www.hansanderson.com/php/xml/
+	* @author Hans Anderson
+	* @copyright Hans Anderson / http://www.hansanderson.com/php/xml/
 	*/
-	function xmlize($data)
+	function xmlize($data, $skip_white = 1, $encoding = 'UTF-8')
 	{
+		$data = trim($data);
+
 		$vals = $index = $array = array();
-		$parser = @xml_parser_create();
-		@xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
-		@xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
-		@xml_parse_into_struct($parser, $data, $vals, $index);
-		@xml_parser_free($parser);
+		$parser = xml_parser_create($encoding);
+		xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
+		xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, $skip_white);
+		xml_parse_into_struct($parser, $data, $vals, $index);
+		xml_parser_free($parser);
 
 		$i = 0;
-
 		$tagname = $vals[$i]['tag'];
-		$array[$tagname]['@'] = $vals[$i]['attributes'];
+
+		$array[$tagname]['@'] = (isset($vals[$i]['attributes'])) ? $vals[$i]['attributes'] : array();
 		$array[$tagname]['#'] = $this->_xml_depth($vals, $i);
 
 		return $array;
@@ -997,47 +1333,51 @@ class jabber
 
 	/**
 	* _xml_depth()
-	* (c) Hans Anderson / http://www.hansanderson.com/php/xml/
+	* @author Hans Anderson
+	* @copyright Hans Anderson / http://www.hansanderson.com/php/xml/
 	*/
 	function _xml_depth($vals, &$i)
 	{
 		$children = array();
 
-		if (isset($vals[$i]['value']) && $vals[$i]['value'])
+		if (isset($vals[$i]['value']))
 		{
-			array_push($children, trim($vals[$i]['value']));
+			array_push($children, $vals[$i]['value']);
 		}
 
 		while (++$i < sizeof($vals))
 		{
 			switch ($vals[$i]['type'])
 			{
-				case 'cdata':
-					array_push($children, trim($vals[$i]['value']));
-	 			break;
+				case 'open':
 
-				case 'complete':
-					$tagname = $vals[$i]['tag'];
+					$tagname = (isset($vals[$i]['tag'])) ? $vals[$i]['tag'] : '';
 					$size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0;
-					$children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? trim($vals[$i]['value']) : '';
-					if (isset($vals[$i]['attributes']) && $vals[$i]['attributes'])
+
+					if (isset($vals[$i]['attributes']))
 					{
 						$children[$tagname][$size]['@'] = $vals[$i]['attributes'];
 					}
+
+					$children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i);
+
 				break;
 
-				case 'open':
+				case 'cdata':
+					array_push($children, $vals[$i]['value']);
+				break;
+
+				case 'complete':
+
 					$tagname = $vals[$i]['tag'];
 					$size = (isset($children[$tagname])) ? sizeof($children[$tagname]) : 0;
-					if ($vals[$i]['attributes'])
+					$children[$tagname][$size]['#'] = (isset($vals[$i]['value'])) ? $vals[$i]['value'] : array();
+
+					if (isset($vals[$i]['attributes']))
 					{
 						$children[$tagname][$size]['@'] = $vals[$i]['attributes'];
-						$children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i);
-					}
-					else
-					{
-						$children[$tagname][$size]['#'] = $this->_xml_depth($vals, $i);
 					}
+
 				break;
 
 				case 'close':
@@ -1050,8 +1390,9 @@ class jabber
 	}
 
 	/**
-	* traverse_xmlize()
-	* (c) acebone@f2s.com, a HUGE help!
+	* TraverseXMLize()
+	* @author acebone@f2s.com
+	* @copyright acebone@f2s.com, a HUGE help!
 	*/
 	function traverse_xmlize($array, $arr_name = 'array', $level = 0)
 	{
@@ -1060,7 +1401,7 @@ class jabber
 			echo '<pre>';
 		}
 
-		while (list($key, $val) = @each($array))
+		foreach ($array as $key => $val)
 		{
 			if (is_array($val))
 			{
@@ -1068,7 +1409,7 @@ class jabber
 			}
 			else
 			{
-				echo '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n";
+				$GLOBALS['traverse_array'][] = '$' . $arr_name . '[' . $key . '] = "' . $val . "\"\n";
 			}
 		}
 
@@ -1076,117 +1417,13 @@ class jabber
 		{
 			echo '</pre>';
 		}
-	}
-}
-
-/**
-* make_xml
-* Currently not in use
-* @package phpBB3
-class make_xml extends jabber
-{
-	var $nodes;
-
-	function make_xml()
-	{
-		$nodes = array();
-	}
-
-	function add_packet_details($string, $value = NULL)
-	{
-		if (preg_match('#\(([0-9]*)\)$#i', $string))
-		{
-			$string .= '/["#"]';
-		}
-
-		$temp = @explode('/', $string);
-
-		for ($a = 0, $size = sizeof($temp); $a < $size; $a++)
-		{
-			$temp[$a] = preg_replace('#^[@]{1}([a-z0-9_]*)$#i', '["@"]["\1"]', $temp[$a]);
-			$temp[$a] = preg_replace('#^([a-z0-9_]*)\(([0-9]*)\)$/i', '["\1"][\2]', $temp[$a]);
-			$temp[$a] = preg_replace('#^([a-z0-9_]*)$#i', '["\1"]', $temp[$a]);
-		}
-
-		$node = implode('', $temp);
 
-		// Yeahyeahyeah, I know it's ugly... get over it. ;)
-		echo '$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";<br/>';
-		eval('$this->nodes' . $node . ' = "' . htmlspecialchars($value) . '";');
-	}
-
-	function build_packet($array = NULL)
-	{
-		if (!$array)
-		{
-			$array = $this->nodes;
-		}
-
-		if (is_array($array))
-		{
-			array_multisort($array, SORT_ASC, SORT_STRING);
-
-			foreach ($array as $key => $value)
-			{
-				if (is_array($value) && $key == '@')
-				{
-					foreach ($value as $subkey => $subvalue)
-					{
-						$subvalue = htmlspecialchars($subvalue);
-						$text .= " $subkey='$subvalue'";
-					}
-
-					$text .= ">\n";
-
-				}
-				else if ($key == '#')
-				{
-					$text .= htmlspecialchars($value);
-				}
-				else if (is_array($value))
-				{
-					for ($a = 0, $size = sizeof($value); $a < $size; $a++)
-					{
-						$text .= "<$key";
-
-						if (!$this->_preg_grep_keys('#^@#', $value[$a]))
-						{
-							$text .= '>';
-						}
-
-						$text .= $this->build_packet($value[$a]);
-						$text .= "</$key>\n";
-					}
-				}
-				else
-				{
-					$value = htmlspecialchars($value);
-					$text .= "<$key>$value</$key>\n";
-				}
-			}
-
-			return $text;
-		}
-
-		return false;
-	}
-
-	function _preg_grep_keys($pattern, $array)
-	{
-		foreach ($array as $key => $val)
-		{
-			if (preg_match($pattern, $key))
-			{
-				$newarray[$key] = $val;
-			}
-		}
-		return (is_array($newarray)) ? $newarray : false;
+		return 1;
 	}
 }
-*/
 
 /**
-* connector
+* Jabber Connector
 * @package phpBB3
 */
 class cjp_standard_connector
@@ -1198,7 +1435,21 @@ class cjp_standard_connector
 	*/
 	function open_socket($server, $port)
 	{
-		if ($this->active_socket = @fsockopen($server, $port, $err, $err2, 5))
+		if (function_exists('dns_get_record'))
+		{
+			$record = dns_get_record("_xmpp-client._tcp.$server", DNS_SRV);
+
+			if (!empty($record))
+			{
+				$server = $record[0]['target'];
+				$port = $record[0]['port'];
+			}
+		}
+
+		$errno = 0;
+		$errstr = '';
+
+		if ($this->active_socket = @fsockopen($server, $port, $errno, $errstr, 5))
 		{
 			@socket_set_blocking($this->active_socket, 0);
 			@socket_set_timeout($this->active_socket, 31536000);
@@ -1233,9 +1484,7 @@ class cjp_standard_connector
 	function read_from_socket($chunksize)
 	{
 		$buffer = @fread($this->active_socket, $chunksize);
-
-		//$buffer = (STRIP) ? stripslashes($buffer) : $buffer;
-		//@set_magic_quotes_runtime(get_magic_quotes_gpc());
+		$buffer = (STRIP) ? stripslashes($buffer) : $buffer;
 
 		return $buffer;
 	}
diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index 983ec7f0a5..0edf294063 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -417,13 +417,7 @@ class messenger
 		if (!$use_queue)
 		{
 			include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx);
-			$this->jabber = new jabber;
-
-			$this->jabber->server	= $config['jab_host'];
-			$this->jabber->port		= ($config['jab_port']) ? $config['jab_port'] : 5222;
-			$this->jabber->username = $config['jab_username'];
-			$this->jabber->password = $config['jab_password'];
-			$this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : '';
+			$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']);
 
 			if (!$this->jabber->connect())
 			{
@@ -557,13 +551,7 @@ class queue
 					}
 
 					include_once($phpbb_root_path . 'includes/functions_jabber.'.$phpEx);
-					$this->jabber = new jabber;
-
-					$this->jabber->server	= $config['jab_host'];
-					$this->jabber->port		= ($config['jab_port']) ? $config['jab_port'] : 5222;
-					$this->jabber->username = $config['jab_username'];
-					$this->jabber->password = $config['jab_password'];
-					$this->jabber->resource = ($config['jab_resource']) ? $config['jab_resource'] : '';
+					$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], $config['jab_password'], $config['jab_resource']);
 
 					if (!$this->jabber->connect())
 					{
@@ -603,14 +591,19 @@ class queue
 
 							$message = 'Method: [ ' . (($config['smtp_delivery']) ? 'SMTP' : 'PHP') . ' ]<br /><br />' . $err_msg . '<br /><br /><u>CALLING PAGE</u><br /><br />'  . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']);
 							messenger::error('EMAIL', $message);
-							continue 3;
+							continue 2;
 						}
 					break;
 
 					case 'jabber':
 						foreach ($addresses as $address)
 						{
-							$this->jabber->send_message($address, 'normal', NULL, array('body' => $msg));
+							if ($this->jabber->send_message($address, 'normal', NULL, array('body' => $msg)) === false)
+							{
+								$message = 'Method: [ JABBER ]<br /><br />' . $this->jabber->get_log() . '<br /><br /><u>CALLING PAGE</u><br /><br />'  . ((!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']);
+								messenger::error('JABBER', $message);
+								continue 3;
+							}
 						}
 					break;
 				}
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php
index a24e26fe20..6e6cc1020e 100644
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@@ -1899,7 +1899,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 			trigger_error('NO_SUCH_SEARCH_MODULE');
 		}
 
-		require("{$phpbb_root_path}includes/search/$search_type.$phpEx");
+		require_once("{$phpbb_root_path}includes/search/$search_type.$phpEx");
 
 		$error = false;
 		$search = new $search_type($error);
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 1c05e48ae3..b8b4c6a6dd 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -141,10 +141,6 @@ function user_add($user_row, $cp_data = false)
 		'user_type'			=> $user_row['user_type'],
 	);
 
-	/**
-	* @todo user_allow_email is not used anywhere. Think about removing it.
-	*/
-
 	// These are the additional vars able to be specified
 	$additional_vars = array(
 		'user_permissions'	=> '',
@@ -182,7 +178,6 @@ function user_add($user_row, $cp_data = false)
 		'user_notify_pm'		=> 1,
 		'user_notify_type'		=> NOTIFY_EMAIL,
 		'user_allow_pm'			=> 1,
-		'user_allow_email'		=> 1,
 		'user_allow_viewonline'	=> 1,
 		'user_allow_viewemail'	=> 1,
 		'user_allow_massemail'	=> 1,
@@ -265,23 +260,34 @@ function user_delete($mode, $user_id, $post_username = false)
 	switch ($mode)
 	{
 		case 'retain':
+
+			if ($post_username === false)
+			{
+				$post_username = $user->lang['GUEST'];
+			}
+
 			$sql = 'UPDATE ' . FORUMS_TABLE . '
-				SET forum_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . ", forum_last_poster_colour = ''
+				SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = ''
 				WHERE forum_last_poster_id = $user_id";
 			$db->sql_query($sql);
 
 			$sql = 'UPDATE ' . POSTS_TABLE . '
-				SET poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", post_username = '" . $db->sql_escape($post_username) . "'" : '') . "
+				SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "'
 				WHERE poster_id = $user_id";
 			$db->sql_query($sql);
 
+			$sql = 'UPDATE ' . POSTS_TABLE . '
+				SET post_edit_user = ' . ANONYMOUS . "
+				WHERE post_edit_user = $user_id";
+			$db->sql_query($sql);
+
 			$sql = 'UPDATE ' . TOPICS_TABLE . '
-				SET topic_poster = ' . ANONYMOUS . "
+				SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''
 				WHERE topic_poster = $user_id";
 			$db->sql_query($sql);
 
 			$sql = 'UPDATE ' . TOPICS_TABLE . '
-				SET topic_last_poster_id = ' . ANONYMOUS . (($post_username !== false) ? ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "'" : '') . "
+				SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''
 				WHERE topic_last_poster_id = $user_id";
 			$db->sql_query($sql);
 		break;
@@ -413,99 +419,96 @@ function user_delete($mode, $user_id, $post_username = false)
 
 	set_config('num_users', $config['num_users'] - 1, true);
 
-	// Adjust last post info...
-
-
 	$db->sql_transaction('commit');
 
 	return false;
 }
 
 /**
-* Flips user_type from active to inactive and vice versa, handles
-* group membership updates
+* Flips user_type from active to inactive and vice versa, handles group membership updates
+* 
+* @param string $mode can be flip for flipping from active/inactive, activate or deactivate
 */
-function user_active_flip($user_id, $user_type, $user_actkey = false, $username = false, $reason = 0, $no_log = false)
+function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
 {
-	global $db, $user, $auth;
+	global $config, $db, $user;
 
-	$sql = 'SELECT group_id, group_name
-		FROM ' . GROUPS_TABLE . "
-		WHERE group_name IN ('REGISTERED', 'REGISTERED_COPPA', 'INACTIVE', 'INACTIVE_COPPA')";
-	$result = $db->sql_query($sql);
+	$deactivated = $activated = 0;
+	$sql_statements = array();
 
-	$group_id_ary = array();
-	while ($row = $db->sql_fetchrow($result))
+	if (!is_array($user_id_ary))
 	{
-		$group_id_ary[$row['group_name']] = $row['group_id'];
+		$user_id_ary = array($user_id_ary);
 	}
-	$db->sql_freeresult($result);
 
-	$sql = 'SELECT group_id
-		FROM ' . USER_GROUP_TABLE . "
-		WHERE user_id = $user_id";
+	if (!sizeof($user_id_ary))
+	{
+		return;
+	}
+
+	$sql = 'SELECT user_id, group_id, user_type, user_inactive_reason
+		FROM ' . USERS_TABLE . '
+		WHERE ' . $db->sql_in_set('user_id', $user_id_ary);
 	$result = $db->sql_query($sql);
 
-	$group_name = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE';
 	while ($row = $db->sql_fetchrow($result))
 	{
-		if ($name = array_search($row['group_id'], $group_id_ary))
+		$sql_ary = array();
+
+		if ($row['user_type'] == USER_IGNORE || $row['user_type'] == USER_FOUNDER || 
+			($mode == 'activate' && $row['user_type'] != USER_INACTIVE) || 
+			($mode == 'deactivate' && $row['user_type'] == USER_INACTIVE))
 		{
-			$group_name = $name;
-			break;
+			continue;
 		}
-	}
-	$db->sql_freeresult($result);
-
-	$current_group = ($user_type == USER_NORMAL) ? 'REGISTERED' : 'INACTIVE';
-	$switch_group = ($user_type == USER_NORMAL) ? 'INACTIVE' : 'REGISTERED';
 
-	$new_group_id = $group_id_ary[str_replace($current_group, $switch_group, $group_name)];
+		if ($row['user_type'] == USER_INACTIVE)
+		{
+			$activated++;
+		}
+		else
+		{
+			$deactivated++;
 
-	$sql = 'UPDATE ' . USER_GROUP_TABLE . "
-		SET group_id = $new_group_id
-		WHERE user_id = $user_id
-			AND group_id = " . $group_id_ary[$group_name];
-	$db->sql_query($sql);
+			// Remove the users session key...
+			$user->reset_login_keys($row['user_id']);
+		}
 
-	$sql_ary = array(
-		'user_type'				=> ($user_type == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL,
-		'user_inactive_time'	=> ($user_type == USER_NORMAL) ? time() : 0,
-		'user_inactive_reason'	=> ($user_type == USER_NORMAL) ? $reason : 0,
-	);
+		$sql_ary += array(
+			'user_type'				=> ($row['user_type'] == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL,
+			'user_inactive_time'	=> ($row['user_type'] == USER_NORMAL) ? time() : 0,
+			'user_inactive_reason'	=> ($row['user_type'] == USER_NORMAL) ? $reason : 0,
+		);
 
-	if ($user_actkey !== false)
-	{
-		$sql_ary['user_actkey'] = $user_actkey;
+		$sql_statements[$row['user_id']] = $sql_ary;
 	}
+	$db->sql_freeresult($result);
 
-	$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
-		WHERE user_id = $user_id";
-	$db->sql_query($sql);
-
-	// Set the users default group from inactive to registered or registered to inactive
-	// only if the group id changed...
-	group_set_user_default($new_group_id, array($user_id));
-
-	$auth->acl_clear_prefetch($user_id);
-
-	if (!$no_log)
+	if (sizeof($sql_statements))
 	{
-		if ($username === false)
+		foreach ($sql_statements as $user_id => $sql_ary)
 		{
-			$sql = 'SELECT username
-				FROM ' . USERS_TABLE . "
-				WHERE user_id = $user_id";
-			$result = $db->sql_query($sql);
-			$username = (string) $db->sql_fetchfield('username');
-			$db->sql_freeresult($result);
+			$sql = 'UPDATE ' . USERS_TABLE . '
+				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
+				WHERE user_id = ' . $user_id;
+			$db->sql_query($sql);
 		}
 
-		$log = ($user_type == USER_NORMAL) ? 'LOG_USER_INACTIVE' : 'LOG_USER_ACTIVE';
-		add_log('admin', $log, $username);
+		$auth->acl_clear_prefetch(array_keys($sql_statements));
 	}
 
-	return false;
+	if ($deactivated)
+	{
+		set_config('num_users', $config['num_users'] - $deactivated, true);
+	}
+
+	if ($activated)
+	{
+		set_config('num_users', $config['num_users'] + $activated, true);
+	}
+
+	// Update latest username
+	update_last_username();
 }
 
 /**
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index b0237c2f3f..41708d19ab 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -127,9 +127,6 @@ class session
 	*
 	* @param bool $update_session_page if true the session page gets updated.
 	*			This can be set to circumvent certain scripts to update the users last visited page.
-	*
-	* @todo Introduce further user types, bot, guest
-	* @todo Change user_type (as above) to a bitfield? user_type & USER_FOUNDER for example
 	*/
 	function session_begin($update_session_page = true)
 	{
@@ -148,9 +145,6 @@ class session
 
 		if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_u']))
 		{
-			// Switch to request_var ... can this cause issues, can a _GET/_POST param
-			// be used to poison this? Not sure that it makes any difference in terms of
-			// the end result, be it a cookie or param.
 			$this->cookie_data['u'] = request_var($config['cookie_name'] . '_u', 0, false, true);
 			$this->cookie_data['k'] = request_var($config['cookie_name'] . '_k', '', false, true);
 			$this->session_id 		= request_var($config['cookie_name'] . '_sid', '', false, true);
@@ -265,7 +259,6 @@ class session
 							$db->sql_query($sql);
 						}
 
-						// Ultimately to be removed
 						$this->data['is_registered'] = ($this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false;
 						$this->data['is_bot'] = (!$this->data['is_registered'] && $this->data['user_id'] != ANONYMOUS) ? true : false;
 
@@ -275,7 +268,10 @@ class session
 				else
 				{
 					// Added logging temporarly to help debug bugs...
-					add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser);
+					if (defined('DEBUG_EXTRA'))
+					{
+						add_log('critical', 'LOG_IP_BROWSER_CHECK', $u_ip, $s_ip, $u_browser, $s_browser);
+					}
 				}
 			}
 		}
@@ -374,7 +370,7 @@ class session
 			$sql = 'SELECT u.* 
 				FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
 				WHERE u.user_id = ' . (int) $this->cookie_data['u'] . '
-					AND u.user_type <> ' . USER_INACTIVE . "
+					AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ")
 					AND k.user_id = u.user_id
 					AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
 			$result = $db->sql_query($sql);
@@ -389,7 +385,7 @@ class session
 			$sql = 'SELECT *
 				FROM ' . USERS_TABLE . '
 				WHERE user_id = ' . (int) $this->cookie_data['u'] . '
-					AND user_type <> ' . USER_INACTIVE;
+					AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
 			$result = $db->sql_query($sql);
 			$this->data = $db->sql_fetchrow($result);
 			$db->sql_freeresult($result);
@@ -439,18 +435,14 @@ class session
 		// session exists in which case session_id will also be set
 
 		// Is user banned? Are they excluded? Won't return on ban, exists within method
-		// @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time
 		if ($this->data['user_type'] != USER_FOUNDER)
 		{
 			$this->check_ban($this->data['user_id'], $this->ip);
 		}
 
-		//
-		// Do away with ultimately?
-		$this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS) ? true : false;
+
+		$this->data['is_registered'] = (!$bot && $this->data['user_id'] != ANONYMOUS && ($this->data['user_type'] == USER_NORMAL || $this->data['user_type'] == USER_FOUNDER)) ? true : false;
 		$this->data['is_bot'] = ($bot) ? true : false;
-		//
-		//
 
 		// If our friend is a bot, we re-assign a previously assigned session
 		if ($this->data['is_bot'] && $bot === $this->data['user_id'] && $this->data['session_id'])
@@ -493,8 +485,8 @@ class session
 			}
 		}
 
-		// @todo Change this ... check for "... && user_type & USER_NORMAL" ?
 		$session_autologin = (($this->cookie_data['k'] || $persist_login) && $this->data['is_registered']) ? true : false;
+		$set_admin = ($set_admin && $this->data['is_registered']) ? true : false;
 
 		// Create or update the session
 		$sql_ary = array(
@@ -734,20 +726,11 @@ class session
 	{
 		global $config;
 
-		if (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1')
-		{
-			@setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path']);
-		}
-		else
-		{
-			// Firefox does not allow setting cookies with a domain containing no periods.
-			if (strpos($config['cookie_domain'], '.') === false)
-			{
-				$config['cookie_domain'] = '.' . $config['cookie_domain'];
-			}
+		$name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata);
+		$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);
+		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain'];
 
-			@setcookie($config['cookie_name'] . '_' . $name, $cookiedata, $cookietime, $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
-		}
+		header('Set-Cookie: ' . $name_data . '; expires=' . $expire . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
 	}
 
 	/**
@@ -1020,15 +1003,20 @@ class user extends session
 			$this->timezone = $config['board_timezone'] * 3600;
 			$this->dst = $config['board_dst'] * 3600;
 
-/*			Browser-specific language setting removed - might re-appear later
+			/**
+			* If a guest user is surfing, we try to guess his/her language first by obtaining the browser language
+			* @todo if re-enabled we need to make sure only those languages installed are checked
 
 			if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
 			{
 				$accept_lang_ary = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
+
 				foreach ($accept_lang_ary as $accept_lang)
 				{
 					// Set correct format ... guess full xx_YY form
 					$accept_lang = substr($accept_lang, 0, 2) . '_' . strtoupper(substr($accept_lang, 3, 2));
+					$accept_lang = basename($accept_lang);
+
 					if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx"))
 					{
 						$this->lang_name = $config['default_lang'] = $accept_lang;
@@ -1039,6 +1027,8 @@ class user extends session
 					{
 						// No match on xx_YY so try xx
 						$accept_lang = substr($accept_lang, 0, 2);
+						$accept_lang = basename($accept_lang);
+
 						if (file_exists($phpbb_root_path . 'language/' . $accept_lang . "/common.$phpEx"))
 						{
 							$this->lang_name = $config['default_lang'] = $accept_lang;
@@ -1048,7 +1038,7 @@ class user extends session
 					}
 				}
 			}
-*/
+			*/
 		}
 
 		// We include common language file here to not load it every time a custom language file is included
diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php
index b3c857b5d8..a6c1f82529 100644
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@@ -53,7 +53,6 @@ class ucp_activate
 		if ($update_password)
 		{
 			$sql_ary = array(
-				'user_type'			=> USER_NORMAL,
 				'user_actkey'		=> '',
 				'user_password'		=> $user_row['user_newpasswd'],
 				'user_newpasswd'	=> ''
@@ -69,12 +68,12 @@ class ucp_activate
 		{
 			include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
-			// Now we need to demote the user from the inactive group and add him to the registered group
-			user_active_flip($user_row['user_id'], $user_row['user_type'], '', $user_row['username'], 0, true);
+			user_active_flip('activate', $user_row['user_id']);
 
-			// Update last username
-			update_last_username();
-			set_config('num_users', $config['num_users'] + 1, true);
+			$sql = 'UPDATE ' . USERS_TABLE . "
+				SET user_actkey = ''
+				WHERE user_id = {$user_row['user_id']}";
+			$db->sql_query($sql);
 		}
 
 		if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password)
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 15c7699253..011b87ddf2 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -120,7 +120,7 @@ class ucp_profile
 							add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $username, $user->data['user_email'], $email);
 						}
 
-						if ($config['email_enable'] && $email != $user->data['user_email'] && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
+						if ($config['email_enable'] && $email != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
 						{
 							include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
 
@@ -185,11 +185,10 @@ class ucp_profile
 
 							$messenger->save_queue();
 
+							user_active_flip('deactivate', $user_id, INACTIVE_PROFILE);
+
 							$sql_ary += array(
-								'user_type'				=> USER_INACTIVE,
 								'user_actkey'			=> $user_actkey,
-								'user_inactive_reason'	=> INACTIVE_PROFILE,
-								'user_inactive_time'	=> time(),
 							);
 						}
 
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 49246ca4c0..e3e1315721 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -220,9 +220,7 @@ class ucp_register
 				$server_url = generate_board_url();
 
 				// Which group by default?
-				$group_reg = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
-				$group_inactive = ($coppa) ? 'INACTIVE_COPPA' : 'INACTIVE';
-				$group_name = ($config['require_activation'] == USER_ACTIVATION_NONE || !$config['email_enable']) ? $group_reg : $group_inactive;
+				$group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
 
 				$sql = 'SELECT group_id
 					FROM ' . GROUPS_TABLE . "
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 84ce3fe9b7..63d3aea790 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -46,7 +46,7 @@ class ucp_resend
 				trigger_error('ACCOUNT_ALREADY_ACTIVATED');
 			}
 
-			// Determine coppa status on group (INACTIVE(_COPPA))
+			// Determine coppa status on group (REGISTERED(_COPPA))
 			$sql = 'SELECT group_name, group_type
 				FROM ' . GROUPS_TABLE . '
 				WHERE group_id = ' . $user_row['group_id'];
@@ -59,7 +59,7 @@ class ucp_resend
 				trigger_error('NO_GROUP');
 			}
 
-			$coppa = ($row['group_name'] == 'INACTIVE_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false;
+			$coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false;
 
 			include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 			$messenger = new messenger(false);
author	Meik Sievertsen <acydburn@phpbb.com>	2006-10-03 18:35:59 +0000
committer	Meik Sievertsen <acydburn@phpbb.com>	2006-10-03 18:35:59 +0000
commit	5284f321789b5d0456b48a529ed59a99956020e8 (patch)
tree	ec6af414977763a8a2a9b570c4e071597239409e /phpBB/includes
parent	d7f87be493589daf3d0996eb83f489c62d4380a7 (diff)
download	forums-5284f321789b5d0456b48a529ed59a99956020e8.tar forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.gz forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.bz2 forums-5284f321789b5d0456b48a529ed59a99956020e8.tar.xz forums-5284f321789b5d0456b48a529ed59a99956020e8.zip