diff options
Diffstat (limited to 'phpBB/includes/acp/acp_users.php')
-rw-r--r-- | phpBB/includes/acp/acp_users.php | 354 |
1 files changed, 197 insertions, 157 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 008cc02471..fc7f3bb56a 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -31,21 +31,21 @@ class acp_users function main($id, $mode) { - global $config, $db, $user, $auth, $template, $cache; - global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads; + global $config, $db, $user, $auth, $template; + global $phpbb_root_path, $phpbb_admin_path, $phpEx; global $phpbb_dispatcher, $request; - global $phpbb_container; + global $phpbb_container, $phpbb_log; $user->add_lang(array('posting', 'ucp', 'acp/users')); $this->tpl_name = 'acp_users'; $error = array(); - $username = utf8_normalize_nfc(request_var('username', '', true)); - $user_id = request_var('u', 0); - $action = request_var('action', ''); + $username = $request->variable('username', '', true); + $user_id = $request->variable('u', 0); + $action = $request->variable('action', ''); // Get referer to redirect user to the appropriate page after delete action - $redirect = request_var('redirect', ''); + $redirect = $request->variable('redirect', ''); $redirect_tag = "redirect=$redirect"; $redirect_url = append_sid("{$phpbb_admin_path}index.$phpEx", "i=$redirect"); @@ -65,7 +65,7 @@ class acp_users $this->page_title = 'WHOIS'; $this->tpl_name = 'simple_body'; - $user_ip = phpbb_ip_normalise(request_var('user_ip', '')); + $user_ip = phpbb_ip_normalise($request->variable('user_ip', '')); $domain = gethostbyaddr($user_ip); $ipwhois = user_ipwhois($user_ip); @@ -180,9 +180,9 @@ class acp_users $user->add_lang('acp/ban'); - $delete = request_var('delete', 0); - $delete_type = request_var('delete_type', ''); - $ip = request_var('ip', 'ip'); + $delete = $request->variable('delete', 0); + $delete_type = $request->variable('delete_type', ''); + $ip = $request->variable('ip', 'ip'); /** * Run code at beginning of ACP users overview @@ -205,6 +205,7 @@ class acp_users { if (!$auth->acl_get('a_userdel')) { + send_status_line(403, 'Forbidden'); trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } @@ -231,7 +232,7 @@ class acp_users { user_delete($delete_type, $user_id, $user_row['username']); - add_log('admin', 'LOG_USER_DELETED', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DELETED', false, array($user_row['username'])); trigger_error($user->lang['USER_DELETED'] . adm_back_link( (empty($redirect)) ? $this->u_action : $redirect_url ) @@ -298,13 +299,11 @@ class acp_users case 'banuser': $ban[] = $user_row['username']; $reason = 'USER_ADMIN_BAN_NAME_REASON'; - $log = 'LOG_USER_BAN_USER'; break; case 'banemail': $ban[] = $user_row['user_email']; $reason = 'USER_ADMIN_BAN_EMAIL_REASON'; - $log = 'LOG_USER_BAN_EMAIL'; break; case 'banip': @@ -322,12 +321,11 @@ class acp_users $db->sql_freeresult($result); $reason = 'USER_ADMIN_BAN_IP_REASON'; - $log = 'LOG_USER_BAN_IP'; break; } - $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true)); - $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true)); + $ban_reason = $request->variable('ban_reason', $user->lang[$reason], true); + $ban_give_reason = $request->variable('ban_give_reason', '', true); // Log not used at the moment, we simply utilize the ban function. $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason); @@ -411,8 +409,10 @@ class acp_users $messenger->send(NOTIFY_EMAIL); - add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']); - add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_REACTIVATE', false, array($user_row['username'])); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_REACTIVATE_USER', false, array( + 'reportee_id' => $user_id + )); trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&u=' . $user_id)); } @@ -448,6 +448,7 @@ class acp_users { if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { + /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']); @@ -475,8 +476,10 @@ class acp_users $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED'; $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE'; - add_log('admin', $log, $user_row['username']); - add_log('user', $user_id, $log . '_USER'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log, false, array($user_row['username'])); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, $log . '_USER', false, array( + 'reportee_id' => $user_id + )); trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -499,8 +502,10 @@ class acp_users WHERE user_id = $user_id"; $db->sql_query($sql); - add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']); - add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_SIG', false, array($user_row['username'])); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_SIG_USER', false, array( + 'reportee_id' => $user_id + )); trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -514,11 +519,14 @@ class acp_users } // Delete old avatar if present + /* @var $phpbb_avatar_manager \phpbb\avatar\manager */ $phpbb_avatar_manager = $phpbb_container->get('avatar.manager'); $phpbb_avatar_manager->handle_avatar_delete($db, $user, $phpbb_avatar_manager->clean_row($user_row, 'user'), USERS_TABLE, 'user_'); - add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']); - add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER'); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_AVATAR', false, array($user_row['username'])); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_AVATAR_USER', false, array( + 'reportee_id' => $user_id + )); trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id)); break; @@ -530,7 +538,7 @@ class acp_users // Delete posts, attachments, etc. delete_posts('poster_id', $user_id); - add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_POSTS', false, array($user_row['username'])); trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } else @@ -550,9 +558,12 @@ class acp_users if (confirm_box(true)) { - delete_attachments('user', $user_id); + /** @var \phpbb\attachment\manager $attachment_manager */ + $attachment_manager = $phpbb_container->get('attachment.manager'); + $attachment_manager->delete('user', $user_id); + unset($attachment_manager); - add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_ATTACH', false, array($user_row['username'])); trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } else @@ -598,7 +609,7 @@ class acp_users delete_pm($user_id, $msg_ids, PRIVMSGS_OUTBOX); - add_log('admin', 'LOG_USER_DEL_OUTBOX', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_DEL_OUTBOX', false, array($user_row['username'])); $lang = 'EMPTIED'; } @@ -627,7 +638,7 @@ class acp_users $user->add_lang('acp/forums'); - $new_forum_id = request_var('new_f', 0); + $new_forum_id = $request->variable('new_f', 0); if (!$new_forum_id) { @@ -769,8 +780,11 @@ class acp_users sync('forum', 'forum_id', $forum_id_ary, false, true); } - add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']); - add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_MOVE_POSTS', false, array($user_row['username'], $forum_info['forum_name'])); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_MOVE_POSTS_USER', false, array( + 'reportee_id' => $user_id, + $forum_info['forum_name'] + )); trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&u=' . $user_id)); @@ -782,7 +796,7 @@ class acp_users { remove_newly_registered($user_id, $user_row); - add_log('admin', 'LOG_USER_REMOVED_NR', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_REMOVED_NR', false, array($user_row['username'])); trigger_error($user->lang['USER_LIFTED_NR'] . adm_back_link($this->u_action . '&u=' . $user_id)); } else @@ -814,9 +828,9 @@ class acp_users // Handle registration info updates $data = array( - 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)), - 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0), - 'email' => strtolower(request_var('user_email', $user_row['user_email'])), + 'username' => $request->variable('user', $user_row['username'], true), + 'user_founder' => $request->variable('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0), + 'email' => strtolower($request->variable('user_email', $user_row['user_email'])), 'new_password' => $request->variable('new_password', '', true), 'password_confirm' => $request->variable('password_confirm', '', true), ); @@ -864,6 +878,7 @@ class acp_users } // Instantiate passwords manager + /* @var $passwords_manager \phpbb\passwords\manager */ $passwords_manager = $phpbb_container->get('passwords.manager'); // Which updates do we need to do? @@ -936,7 +951,11 @@ class acp_users $sql_ary['username'] = $update_username; $sql_ary['username_clean'] = utf8_clean_string($update_username); - add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_NAME', false, array( + 'reportee_id' => $user_id, + $user_row['username'], + $update_username + )); } if ($update_email !== false) @@ -946,7 +965,12 @@ class acp_users 'user_email_hash' => phpbb_email_hash($update_email), ); - add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_UPDATE_EMAIL', false, array( + 'reportee_id' => $user_id, + $user_row['username'], + $user_row['user_email'], + $update_email + )); } if ($update_password) @@ -957,7 +981,11 @@ class acp_users ); $user->reset_login_keys($user_id); - add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']); + + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_NEW_PASSWORD', false, array( + 'reportee_id' => $user_id, + $user_row['username'] + )); } if (sizeof($sql_ary)) @@ -976,7 +1004,7 @@ class acp_users // Let the users permissions being updated $auth->acl_clear_prefetch($user_id); - add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_USER_UPDATE', false, array($data['username'])); trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } @@ -1133,17 +1161,19 @@ class acp_users $user->add_lang('mcp'); // Set up general vars - $start = request_var('start', 0); + $start = $request->variable('start', 0); $deletemark = (isset($_POST['delmarked'])) ? true : false; $deleteall = (isset($_POST['delall'])) ? true : false; - $marked = request_var('mark', array(0)); - $message = utf8_normalize_nfc(request_var('message', '', true)); + $marked = $request->variable('mark', array(0)); + $message = $request->variable('message', '', true); + + /* @var $pagination \phpbb\pagination */ $pagination = $phpbb_container->get('pagination'); // Sort keys - $sort_days = request_var('st', 0); - $sort_key = request_var('sk', 't'); - $sort_dir = request_var('sd', 'd'); + $sort_days = $request->variable('st', 0); + $sort_key = $request->variable('sk', 't'); + $sort_dir = $request->variable('sd', 'd'); // Delete entries if requested and able if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs')) @@ -1173,7 +1203,7 @@ class acp_users $where_sql"; $db->sql_query($sql); - add_log('admin', 'LOG_CLEAR_USER', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_CLEAR_USER', false, array($user_row['username'])); } } @@ -1184,9 +1214,16 @@ class acp_users trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']); - add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']); - add_log('user', $user_id, 'LOG_USER_GENERAL', $message); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_FEEDBACK', false, array($user_row['username'])); + $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_USER_FEEDBACK', false, array( + 'forum_id' => 0, + 'topic_id' => 0, + $user_row['username'] + )); + $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GENERAL', false, array( + 'reportee_id' => $user_id, + $message + )); trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } @@ -1237,17 +1274,10 @@ class acp_users $user->add_lang('mcp'); // Set up general vars - $start = request_var('start', 0); $deletemark = (isset($_POST['delmarked'])) ? true : false; $deleteall = (isset($_POST['delall'])) ? true : false; $confirm = (isset($_POST['confirm'])) ? true : false; - $marked = request_var('mark', array(0)); - $message = utf8_normalize_nfc(request_var('message', '', true)); - - // Sort keys - $sort_days = request_var('st', 0); - $sort_key = request_var('sk', 't'); - $sort_dir = request_var('sd', 'd'); + $marked = $request->variable('mark', array(0)); // Delete entries if requested and able if ($deletemark || $deleteall || $confirm) @@ -1255,8 +1285,8 @@ class acp_users if (confirm_box(true)) { $where_sql = ''; - $deletemark = request_var('delmarked', 0); - $deleteall = request_var('delall', 0); + $deletemark = $request->variable('delmarked', 0); + $deleteall = $request->variable('delall', 0); if ($deletemark && $marked) { $where_sql = ' AND ' . $db->sql_in_set('warning_id', array_values($marked)); @@ -1287,11 +1317,11 @@ class acp_users if ($log_warnings) { - add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_WARNINGS_DELETED', false, array($user_row['username'], $num_warnings)); } else { - add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_WARNINGS_DELETED_ALL', false, array($user_row['username'])); } } } @@ -1383,6 +1413,7 @@ class acp_users include($phpbb_root_path . 'includes/functions_user.' . $phpEx); } + /* @var $cp \phpbb\profilefields\manager */ $cp = $phpbb_container->get('profilefields.manager'); $cp_data = $cp_error = array(); @@ -1397,7 +1428,7 @@ class acp_users $user_row['iso_lang_id'] = $row['lang_id']; $data = array( - 'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)), + 'jabber' => $request->variable('jabber', $user_row['user_jabber'], true), 'bday_day' => 0, 'bday_month' => 0, 'bday_year' => 0, @@ -1408,9 +1439,9 @@ class acp_users list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']); } - $data['bday_day'] = request_var('bday_day', $data['bday_day']); - $data['bday_month'] = request_var('bday_month', $data['bday_month']); - $data['bday_year'] = request_var('bday_year', $data['bday_year']); + $data['bday_day'] = $request->variable('bday_day', $data['bday_day']); + $data['bday_month'] = $request->variable('bday_month', $data['bday_month']); + $data['bday_year'] = $request->variable('bday_year', $data['bday_year']); $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); /** @@ -1511,7 +1542,6 @@ class acp_users $selected = ($i == $data['bday_month']) ? ' selected="selected"' : ''; $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>"; } - $s_birthday_year_options = ''; $now = getdate(); $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>'; @@ -1546,36 +1576,36 @@ class acp_users } $data = array( - 'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)), - 'lang' => basename(request_var('lang', $user_row['user_lang'])), - 'tz' => request_var('tz', $user_row['user_timezone']), - 'style' => request_var('style', $user_row['user_style']), - 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']), - 'massemail' => request_var('massemail', $user_row['user_allow_massemail']), - 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']), - 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']), - 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']), - 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']), - - 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'), - 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'), - 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0), - - 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'), - 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'), - 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0), - - 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')), - 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')), - 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')), - 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')), - 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')), - 'view_wordcensor' => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')), - - 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')), - 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')), - 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')), - 'notify' => request_var('notify', $user_row['user_notify']), + 'dateformat' => $request->variable('dateformat', $user_row['user_dateformat'], true), + 'lang' => basename($request->variable('lang', $user_row['user_lang'])), + 'tz' => $request->variable('tz', $user_row['user_timezone']), + 'style' => $request->variable('style', $user_row['user_style']), + 'viewemail' => $request->variable('viewemail', $user_row['user_allow_viewemail']), + 'massemail' => $request->variable('massemail', $user_row['user_allow_massemail']), + 'hideonline' => $request->variable('hideonline', !$user_row['user_allow_viewonline']), + 'notifymethod' => $request->variable('notifymethod', $user_row['user_notify_type']), + 'notifypm' => $request->variable('notifypm', $user_row['user_notify_pm']), + 'allowpm' => $request->variable('allowpm', $user_row['user_allow_pm']), + + 'topic_sk' => $request->variable('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'), + 'topic_sd' => $request->variable('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'), + 'topic_st' => $request->variable('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0), + + 'post_sk' => $request->variable('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'), + 'post_sd' => $request->variable('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'), + 'post_st' => $request->variable('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0), + + 'view_images' => $request->variable('view_images', $this->optionget($user_row, 'viewimg')), + 'view_flash' => $request->variable('view_flash', $this->optionget($user_row, 'viewflash')), + 'view_smilies' => $request->variable('view_smilies', $this->optionget($user_row, 'viewsmilies')), + 'view_sigs' => $request->variable('view_sigs', $this->optionget($user_row, 'viewsigs')), + 'view_avatars' => $request->variable('view_avatars', $this->optionget($user_row, 'viewavatars')), + 'view_wordcensor' => $request->variable('view_wordcensor', $this->optionget($user_row, 'viewcensors')), + + 'bbcode' => $request->variable('bbcode', $this->optionget($user_row, 'bbcode')), + 'smilies' => $request->variable('smilies', $this->optionget($user_row, 'smilies')), + 'sig' => $request->variable('sig', $this->optionget($user_row, 'attachsig')), + 'notify' => $request->variable('notify', $user_row['user_notify']), ); /** @@ -1945,7 +1975,7 @@ class acp_users trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } - $rank_id = request_var('user_rank', 0); + $rank_id = $request->variable('user_rank', 0); $sql = 'UPDATE ' . USERS_TABLE . " SET user_rank = $rank_id @@ -1979,60 +2009,70 @@ class acp_users case 'sig': - if (!function_exists('generate_smilies')) - { - include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); - } - if (!function_exists('display_custom_bbcodes')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } - $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $this->optionget($user_row, 'sig_bbcode') : false; - $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $this->optionget($user_row, 'sig_smilies') : false; - $enable_urls = ($config['allow_sig_links']) ? (bool) $this->optionget($user_row, 'sig_links') : false; - $signature = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true)); + $enable_bbcode = ($config['allow_sig_bbcode']) ? $this->optionget($user_row, 'sig_bbcode') : false; + $enable_smilies = ($config['allow_sig_smilies']) ? $this->optionget($user_row, 'sig_smilies') : false; + $enable_urls = ($config['allow_sig_links']) ? $this->optionget($user_row, 'sig_links') : false; - $preview = (isset($_POST['preview'])) ? true : false; + $decoded_message = generate_text_for_edit($user_row['user_sig'], $user_row['user_sig_bbcode_uid'], $user_row['user_sig_bbcode_bitfield']); + $signature = $request->variable('signature', $decoded_message['text'], true); + $signature_preview = ''; - if ($submit || $preview) + if ($submit || $request->is_set_post('preview')) { - if (!class_exists('messenger')) - { - include($phpbb_root_path . 'includes/message_parser.' . $phpEx); - } - - $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false; - $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false; - $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false; - - $message_parser = new parse_message($signature); - - // Allowing Quote BBCode - $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig'); - - if (sizeof($message_parser->warn_msg)) - { - $error[] = implode('<br />', $message_parser->warn_msg); - } + $enable_bbcode = ($config['allow_sig_bbcode']) ? !$request->variable('disable_bbcode', false) : false; + $enable_smilies = ($config['allow_sig_smilies']) ? !$request->variable('disable_smilies', false) : false; + $enable_urls = ($config['allow_sig_links']) ? !$request->variable('disable_magic_url', false) : false; if (!check_form_key($form_name)) { - $error = 'FORM_INVALID'; + $error[] = 'FORM_INVALID'; } + } - if (!sizeof($error) && $submit) + $bbcode_uid = $bbcode_bitfield = $bbcode_flags = ''; + $warn_msg = generate_text_for_storage( + $signature, + $bbcode_uid, + $bbcode_bitfield, + $bbcode_flags, + $enable_bbcode, + $enable_urls, + $enable_smilies, + $config['allow_sig_img'], + $config['allow_sig_flash'], + true, + $config['allow_sig_links'], + 'sig' + ); + + if (sizeof($warn_msg)) + { + $error += $warn_msg; + } + + if (!$submit) + { + // Parse it for displaying + $signature_preview = generate_text_for_display($signature, $bbcode_uid, $bbcode_bitfield, $bbcode_flags); + } + else + { + if (!sizeof($error)) { $this->optionset($user_row, 'sig_bbcode', $enable_bbcode); $this->optionset($user_row, 'sig_smilies', $enable_smilies); $this->optionset($user_row, 'sig_links', $enable_urls); $sql_ary = array( - 'user_sig' => (string) $message_parser->message, + 'user_sig' => $signature, 'user_options' => $user_row['user_options'], - 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid, - 'user_sig_bbcode_bitfield' => (string) $message_parser->bbcode_bitfield + 'user_sig_bbcode_uid' => $bbcode_uid, + 'user_sig_bbcode_bitfield' => $bbcode_bitfield, ); $sql = 'UPDATE ' . USERS_TABLE . ' @@ -2042,33 +2082,30 @@ class acp_users trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id)); } - - // Replace "error" strings with their real, localised form - $error = array_map(array($user, 'lang'), $error); } - $signature_preview = ''; + // Replace "error" strings with their real, localised form + $error = array_map(array($user, 'lang'), $error); - if ($preview) + if ($request->is_set_post('preview')) { - // Now parse it for displaying - $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); - unset($message_parser); + $decoded_message = generate_text_for_edit($signature, $bbcode_uid, $bbcode_bitfield); } - decode_message($signature, $user_row['user_sig_bbcode_uid']); + /** @var \phpbb\controller\helper $controller_helper */ + $controller_helper = $phpbb_container->get('controller.helper'); $template->assign_vars(array( 'S_SIGNATURE' => true, - 'SIGNATURE' => $signature, + 'SIGNATURE' => $decoded_message['text'], 'SIGNATURE_PREVIEW' => $signature_preview, 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '', 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '', - 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'), + 'BBCODE_STATUS' => $user->lang(($config['allow_sig_bbcode'] ? 'BBCODE_IS_ON' : 'BBCODE_IS_OFF'), '<a href="' . $controller_helper->route('phpbb_help_bbcode_controller') . '">', '</a>'), 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], @@ -2089,15 +2126,16 @@ class acp_users break; case 'attach': + /* @var $pagination \phpbb\pagination */ + $pagination = $phpbb_container->get('pagination'); - $start = request_var('start', 0); + $start = $request->variable('start', 0); $deletemark = (isset($_POST['delmarked'])) ? true : false; - $marked = request_var('mark', array(0)); - $pagination = $phpbb_container->get('pagination'); + $marked = $request->variable('mark', array(0)); // Sort keys - $sort_key = request_var('sk', 'a'); - $sort_dir = request_var('sd', 'd'); + $sort_key = $request->variable('sk', 'a'); + $sort_dir = $request->variable('sd', 'd'); if ($deletemark && sizeof($marked)) { @@ -2132,11 +2170,14 @@ class acp_users } $db->sql_freeresult($result); - delete_attachments('attach', $marked); + /** @var \phpbb\attachment\manager $attachment_manager */ + $attachment_manager = $phpbb_container->get('attachment.manager'); + $attachment_manager->delete('attach', $marked); + unset($attachment_manager); $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED']; - add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode($user->lang['COMMA_SEPARATOR'], $log_attachments)); + $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_ATTACHMENTS_DELETED', false, array(implode($user->lang['COMMA_SEPARATOR'], $log_attachments))); trigger_error($message . adm_back_link($this->u_action . '&u=' . $user_id)); } else @@ -2248,7 +2289,7 @@ class acp_users } $user->add_lang(array('groups', 'acp/groups')); - $group_id = request_var('g', 0); + $group_id = $request->variable('g', 0); if ($group_id) { @@ -2265,10 +2306,6 @@ class acp_users trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); } } - else - { - $founder_manage = 0; - } switch ($action) { @@ -2379,6 +2416,9 @@ class acp_users $error = array(); } + /** @var \phpbb\group\helper $group_helper */ + $group_helper = $phpbb_container->get('group_helper'); + $sql = 'SELECT ug.*, g.* FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug WHERE ug.user_id = $user_id @@ -2423,7 +2463,7 @@ class acp_users continue; } - $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . $group_helper->get_name($row['group_name']) . '</option>'; } $db->sql_freeresult($result); @@ -2477,7 +2517,7 @@ class acp_users $user->add_lang('acp/permissions'); add_permission_language(); - $forum_id = request_var('f', 0); + $forum_id = $request->variable('f', 0); // Global Permissions if (!$forum_id) |