aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp/acp_users.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp/acp_users.php')
-rw-r--r--phpBB/includes/acp/acp_users.php207
1 files changed, 106 insertions, 101 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 8853200ddc..de8f1b48c6 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -37,7 +37,6 @@ class acp_users
$user->add_lang(array('posting', 'ucp', 'acp/users'));
$this->tpl_name = 'acp_users';
- $this->page_title = 'ACP_USER_' . strtoupper($mode);
$error = array();
$username = utf8_normalize_nfc(request_var('username', '', true));
@@ -159,6 +158,8 @@ class acp_users
trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
}
+ $this->page_title = $user_row['username'] . ' :: ' . $user->lang('ACP_USER_' . strtoupper($mode));
+
switch ($mode)
{
case 'overview':
@@ -173,8 +174,7 @@ class acp_users
if ($submit)
{
- // You can't delete the founder
- if ($delete && $user_row['user_type'] != USER_FOUNDER)
+ if ($delete)
{
if (!$auth->acl_get('a_userdel'))
{
@@ -187,6 +187,12 @@ class acp_users
trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
}
+ // Founders can not be deleted.
+ if ($user_row['user_type'] == USER_FOUNDER)
+ {
+ trigger_error($user->lang['CANNOT_REMOVE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
+ }
+
if ($user_id == $user->data['user_id'])
{
trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
@@ -396,6 +402,9 @@ class acp_users
{
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
+ $phpbb_notifications = $phpbb_container->get('notification_manager');
+ $phpbb_notifications->delete_notifications('admin_activate_user', $user_row['user_id']);
+
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$messenger = new messenger(false);
@@ -647,8 +656,9 @@ class acp_users
while ($row = $db->sql_fetchrow($result))
{
if ($topic_id_ary[$row['topic_id']][ITEM_APPROVED] == $row['topic_posts_approved']
- && $topic_id_ary[$row['topic_id']][ITEM_UNAPPROVED] == $row['topic_posts_unapproved']
- && $topic_id_ary[$row['topic_id']][ITEM_DELETED] == $row['topic_posts_softdeleted'])
+ && $topic_id_ary[$row['topic_id']][ITEM_UNAPPROVED] == $row['topic_posts_unapproved']
+ && $topic_id_ary[$row['topic_id']][ITEM_REAPPROVE] == $row['topic_posts_unapproved']
+ && $topic_id_ary[$row['topic_id']][ITEM_DELETED] == $row['topic_posts_softdeleted'])
{
$move_topic_ary[] = $row['topic_id'];
}
@@ -726,7 +736,6 @@ class acp_users
sync('forum', 'forum_id', $forum_id_ary, false, true);
}
-
add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
@@ -763,7 +772,7 @@ class acp_users
* @event core.acp_users_overview_run_quicktool
* @var array user_row Current user data
* @var string action Quick tool that should be run
- * @since 3.1-A1
+ * @since 3.1.0-a1
*/
$vars = array('action', 'user_row');
extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_run_quicktool', compact($vars)));
@@ -821,9 +830,12 @@ class acp_users
$error[] = 'FORM_INVALID';
}
+ // Instantiate passwords manager
+ $passwords_manager = $phpbb_container->get('passwords.manager');
+
// Which updates do we need to do?
$update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
- $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false;
+ $update_password = $data['new_password'] && !$passwords_manager->check($data['new_password'], $user_row['user_password']);
$update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
if (!sizeof($error))
@@ -881,7 +893,7 @@ class acp_users
* @var array user_row Current user data
* @var array data Submitted user data
* @var array sql_ary User data we udpate
- * @since 3.1-A1
+ * @since 3.1.0-a1
*/
$vars = array('user_row', 'data', 'sql_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_modify_data', compact($vars)));
@@ -907,7 +919,7 @@ class acp_users
if ($update_password)
{
$sql_ary += array(
- 'user_password' => phpbb_hash($data['new_password']),
+ 'user_password' => $passwords_manager->hash($data['new_password']),
'user_passchg' => time(),
'user_pass_convert' => 0,
);
@@ -996,7 +1008,7 @@ class acp_users
* @event core.acp_users_display_overview
* @var array user_row Array with user data
* @var array quick_tool_ary Ouick tool options
- * @since 3.1-A1
+ * @since 3.1.0-a1
*/
$vars = array('user_row', 'quick_tool_ary');
extract($phpbb_dispatcher->trigger_event('core.acp_users_display_overview', compact($vars)));
@@ -1007,7 +1019,7 @@ class acp_users
$s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
}
- $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
+ $last_active = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
$inactive_reason = '';
if ($user_row['user_type'] == USER_INACTIVE)
@@ -1038,7 +1050,7 @@ class acp_users
$sql = 'SELECT COUNT(post_id) as posts_in_queue
FROM ' . POSTS_TABLE . '
WHERE poster_id = ' . $user_id . '
- AND post_visibility = ' . ITEM_UNAPPROVED;
+ AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
$result = $db->sql_query($sql);
$user_row['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
$db->sql_freeresult($result);
@@ -1066,6 +1078,7 @@ class acp_users
'U_SHOW_IP' => $this->u_action . "&amp;u=$user_id&amp;ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
'U_WHOIS' => $this->u_action . "&amp;action=whois&amp;user_ip={$user_row['user_ip']}",
'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
+ 'U_SEARCH_USER' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id={$user_row['user_id']}&amp;sr=posts") : '',
'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_row['user_id']}&amp;hash=" . generate_link_hash('switchperm')) : '',
@@ -1073,7 +1086,7 @@ class acp_users
'USER' => $user_row['username'],
'USER_REGISTERED' => $user->format_date($user_row['user_regdate']),
'REGISTERED_IP' => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
- 'USER_LASTACTIVE' => ($last_visit) ? $user->format_date($last_visit) : ' - ',
+ 'USER_LASTACTIVE' => ($last_active) ? $user->format_date($last_active) : ' - ',
'USER_EMAIL' => $user_row['user_email'],
'USER_WARNINGS' => $user_row['user_warnings'],
'USER_POSTS' => $user_row['user_posts'],
@@ -1093,6 +1106,7 @@ class acp_users
$deleteall = (isset($_POST['delall'])) ? true : false;
$marked = request_var('mark', array(0));
$message = utf8_normalize_nfc(request_var('message', '', true));
+ $pagination = $phpbb_container->get('pagination');
// Sort keys
$sort_days = request_var('st', 0);
@@ -1163,11 +1177,10 @@ class acp_users
$start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
$base_url = $this->u_action . "&amp;u=$user_id&amp;$u_sort_param";
- phpbb_generate_template_pagination($template, $base_url, 'pagination', 'start', $log_count, $config['topics_per_page'], $start);
+ $pagination->generate_template_pagination($base_url, 'pagination', 'start', $log_count, $config['topics_per_page'], $start);
$template->assign_vars(array(
'S_FEEDBACK' => true,
- 'S_ON_PAGE' => phpbb_on_page($template, $user, $base_url, $log_count, $config['topics_per_page'], $start),
'S_LIMIT_DAYS' => $s_limit_days,
'S_SORT_KEY' => $s_sort_key,
@@ -1240,17 +1253,13 @@ class acp_users
WHERE user_id = $user_id";
$db->sql_query($sql);
- switch ($log_warnings)
+ if ($log_warnings)
{
- case 2:
- add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings);
- break;
- case 1:
- add_log('admin', 'LOG_WARNING_DELETED', $user_row['username']);
- break;
- default:
- add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']);
- break;
+ add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings);
+ }
+ else
+ {
+ add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']);
}
}
}
@@ -1320,7 +1329,6 @@ class acp_users
}
}
-
$template->assign_block_vars('warn', array(
'ID' => $row['warning_id'],
'USERNAME' => ($row['log_operation']) ? get_username_string('full', $row['mod_user_id'], $row['mod_username'], $row['mod_user_colour']) : '-',
@@ -1339,9 +1347,8 @@ class acp_users
case 'profile':
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
- include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
- $cp = new custom_profile();
+ $cp = $phpbb_container->get('profilefields.manager');
$cp_data = $cp_error = array();
@@ -1355,15 +1362,7 @@ class acp_users
$user_row['iso_lang_id'] = $row['lang_id'];
$data = array(
- 'icq' => request_var('icq', $user_row['user_icq']),
- 'aim' => request_var('aim', $user_row['user_aim']),
- 'msn' => request_var('msn', $user_row['user_msnm']),
- 'yim' => request_var('yim', $user_row['user_yim']),
'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
- 'website' => request_var('website', $user_row['user_website']),
- 'location' => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
- 'occupation' => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
- 'interests' => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
'bday_day' => 0,
'bday_month' => 0,
'bday_year' => 0,
@@ -1379,25 +1378,12 @@ class acp_users
$data['bday_year'] = request_var('bday_year', $data['bday_year']);
$data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
-
if ($submit)
{
$error = validate_data($data, array(
- 'icq' => array(
- array('string', true, 3, 15),
- array('match', true, '#^[0-9]+$#i')),
- 'aim' => array('string', true, 3, 255),
- 'msn' => array('string', true, 5, 255),
'jabber' => array(
array('string', true, 5, 255),
array('jabber')),
- 'yim' => array('string', true, 5, 255),
- 'website' => array(
- array('string', true, 12, 255),
- array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
- 'location' => array('string', true, 2, 100),
- 'occupation' => array('string', true, 2, 500),
- 'interests' => array('string', true, 2, 500),
'bday_day' => array('num', true, 1, 31),
'bday_month' => array('num', true, 1, 12),
'bday_year' => array('num', true, 1901, gmdate('Y', time())),
@@ -1419,15 +1405,7 @@ class acp_users
if (!sizeof($error))
{
$sql_ary = array(
- 'user_icq' => $data['icq'],
- 'user_aim' => $data['aim'],
- 'user_msnm' => $data['msn'],
- 'user_yim' => $data['yim'],
'user_jabber' => $data['jabber'],
- 'user_website' => $data['website'],
- 'user_from' => $data['location'],
- 'user_occ' => $data['occupation'],
- 'user_interests'=> $data['interests'],
'user_birthday' => $data['user_birthday'],
);
@@ -1471,16 +1449,7 @@ class acp_users
unset($now);
$template->assign_vars(array(
- 'ICQ' => $data['icq'],
- 'YIM' => $data['yim'],
- 'AIM' => $data['aim'],
- 'MSN' => $data['msn'],
'JABBER' => $data['jabber'],
- 'WEBSITE' => $data['website'],
- 'LOCATION' => $data['location'],
- 'OCCUPATION' => $data['occupation'],
- 'INTERESTS' => $data['interests'],
-
'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
@@ -1509,7 +1478,6 @@ class acp_users
'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
- 'popuppm' => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
@@ -1533,6 +1501,17 @@ class acp_users
'notify' => request_var('notify', $user_row['user_notify']),
);
+ /**
+ * Modify users preferences data
+ *
+ * @event core.acp_users_prefs_modify_data
+ * @var array data Array with users preferences data
+ * @var array user_row Array with user data
+ * @since 3.1.0-b3
+ */
+ $vars = array('data', 'user_row');
+ extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_data', compact($vars)));
+
if ($submit)
{
$error = validate_data($data, array(
@@ -1553,7 +1532,6 @@ class acp_users
if (!sizeof($error))
{
- $this->optionset($user_row, 'popuppm', $data['popuppm']);
$this->optionset($user_row, 'viewimg', $data['view_images']);
$this->optionset($user_row, 'viewflash', $data['view_flash']);
$this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
@@ -1590,37 +1568,53 @@ class acp_users
'user_notify' => $data['notify'],
);
- $sql = 'UPDATE ' . USERS_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
- WHERE user_id = $user_id";
- $db->sql_query($sql);
+ /**
+ * Modify SQL query before users preferences are updated
+ *
+ * @event core.acp_users_prefs_modify_sql
+ * @var array data Array with users preferences data
+ * @var array user_row Array with user data
+ * @var array sql_ary SQL array with users preferences data to update
+ * @var array error Array with errors data
+ * @since 3.1.0-b3
+ */
+ $vars = array('data', 'user_row', 'sql_ary', 'error');
+ extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_sql', compact($vars)));
- // Check if user has an active session
- if ($user_row['session_id'])
+ if (!sizeof($error))
{
- // We'll update the session if user_allow_viewonline has changed and the user is a bot
- // Or if it's a regular user and the admin set it to hide the session
- if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE
- || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])
+ $sql = 'UPDATE ' . USERS_TABLE . '
+ SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
+ WHERE user_id = $user_id";
+ $db->sql_query($sql);
+
+ // Check if user has an active session
+ if ($user_row['session_id'])
{
- // We also need to check if the user has the permission to cloak.
- $user_auth = new \phpbb\auth\auth();
- $user_auth->acl($user_row);
+ // We'll update the session if user_allow_viewonline has changed and the user is a bot
+ // Or if it's a regular user and the admin set it to hide the session
+ if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE
+ || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])
+ {
+ // We also need to check if the user has the permission to cloak.
+ $user_auth = new \phpbb\auth\auth();
+ $user_auth->acl($user_row);
- $session_sql_ary = array(
- 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,
- );
+ $session_sql_ary = array(
+ 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,
+ );
- $sql = 'UPDATE ' . SESSIONS_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "
- WHERE session_user_id = $user_id";
- $db->sql_query($sql);
+ $sql = 'UPDATE ' . SESSIONS_TABLE . '
+ SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "
+ WHERE session_user_id = $user_id";
+ $db->sql_query($sql);
- unset($user_auth);
+ unset($user_auth);
+ }
}
- }
- trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
+ trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
+ }
}
// Replace "error" strings with their real, localised form
@@ -1684,7 +1678,7 @@ class acp_users
}
$timezone_selects = phpbb_timezone_select($user, $data['tz'], true);
- $template->assign_vars(array(
+ $user_prefs_data = array(
'S_PREFS' => true,
'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
@@ -1696,7 +1690,6 @@ class acp_users
'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
'NOTIFY_PM' => $data['notifypm'],
- 'POPUP_PM' => $data['popuppm'],
'BBCODE' => $data['bbcode'],
'SMILIES' => $data['smilies'],
'ATTACH_SIG' => $data['sig'],
@@ -1725,9 +1718,22 @@ class acp_users
'S_STYLE_OPTIONS' => style_select($data['style']),
'S_TZ_OPTIONS' => $timezone_selects['tz_select'],
'S_TZ_DATE_OPTIONS' => $timezone_selects['tz_dates'],
- )
);
+ /**
+ * Modify users preferences data before assigning it to the template
+ *
+ * @event core.acp_users_prefs_modify_template_data
+ * @var array data Array with users preferences data
+ * @var array user_row Array with user data
+ * @var array user_prefs_data Array with users preferences data to be assigned to the template
+ * @since 3.1.0-b3
+ */
+ $vars = array('data', 'user_row', 'user_prefs_data');
+ extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_template_data', compact($vars)));
+
+ $template->assign_vars($user_prefs_data);
+
break;
case 'avatar':
@@ -1742,7 +1748,7 @@ class acp_users
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the user_ prefix
- $avatar_data = \phpbb\avatar\manager::clean_row($user_row);
+ $avatar_data = \phpbb\avatar\manager::clean_row($user_row, 'user');
if ($submit)
{
@@ -1775,7 +1781,7 @@ class acp_users
}
else
{
- $driver = $phpbb_avatar_manager->get_driver($user->data['user_avatar_type']);
+ $driver = $phpbb_avatar_manager->get_driver($avatar_data['avatar_type']);
if ($driver)
{
$driver->delete($avatar_data);
@@ -1998,6 +2004,7 @@ class acp_users
$start = request_var('start', 0);
$deletemark = (isset($_POST['delmarked'])) ? true : false;
$marked = request_var('mark', array(0));
+ $pagination = $phpbb_container->get('pagination');
// Sort keys
$sort_key = request_var('sk', 'a');
@@ -2099,7 +2106,7 @@ class acp_users
WHERE a.poster_id = ' . $user_id . "
AND a.is_orphan = 0
ORDER BY $order_by";
- $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
+ $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
while ($row = $db->sql_fetchrow($result))
{
@@ -2134,11 +2141,10 @@ class acp_users
$db->sql_freeresult($result);
$base_url = $this->u_action . "&amp;u=$user_id&amp;sk=$sort_key&amp;sd=$sort_dir";
- phpbb_generate_template_pagination($template, $base_url, 'pagination', 'start', $num_attachments, $config['topics_per_page'], $start);
+ $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_attachments, $config['topics_per_page'], $start);
$template->assign_vars(array(
'S_ATTACHMENTS' => true,
- 'S_ON_PAGE' => phpbb_on_page($template, $user, $base_url, $num_attachments, $config['topics_per_page'], $start),
'S_SORT_KEY' => $s_sort_key,
'S_SORT_DIR' => $s_sort_dir,
));
@@ -2275,7 +2281,6 @@ class acp_users
$error = array();
}
-
$sql = 'SELECT ug.*, g.*
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
WHERE ug.user_id = $user_id
generated by cgit v1.2.1 (git 2.21.0) at 2025-06-27 21:08:10 +0000