From 2b8cb26e6b6b58217b993dff5fb347eaa4708c7f Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Tue, 22 Oct 2002 17:33:10 +0000 Subject: A few ideas and tests git-svn-id: file:///svn/phpbb/trunk@2963 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/admin_users.php | 1082 ++++++++----------------------------------- 1 file changed, 190 insertions(+), 892 deletions(-) (limited to 'phpBB') diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php index 7fb0dae34b..ac5b7a5c52 100644 --- a/phpBB/admin/admin_users.php +++ b/phpBB/admin/admin_users.php @@ -33,981 +33,233 @@ if ( !empty($setmodules) ) } define('IN_PHPBB', 1); -// + // Include files -// $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); -require($phpbb_root_path . 'includes/bbcode.'.$phpEx); -require($phpbb_root_path . 'includes/functions_posting.'.$phpEx); +require($phpbb_root_path . 'includes/functions_admin.'.$phpEx); require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); -// // Do we have forum admin permissions? -// if ( !$auth->acl_get('a_user') ) { - return; + trigger_error($user->lang['No_admin']); } -// +echo $mode; + // Set mode -// if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) ) { $mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; } else { - $mode = ''; + $mode = 'main'; } -// // Begin program -// -if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) ) +if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) { - // - // Ok, the profile has been modified and submitted, let's update - // - if( ( $mode == 'save' && isset( $_POST['submit'] ) ) || isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) + + // Grab relevant userdata + if( isset( $_GET['u']) || isset( $_POST['u']) ) { - $user_id = intval( $_POST['id'] ); + $user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']); - $this_userdata = get_userdata($user_id); - if( !$this_userdata ) + if( !($userdata = get_userdata($user_id)) ) { - message_die(MESSAGE, $user->lang['No_user_id_specified'] ); + trigger_error($user->lang['No_user_id_specified'] ); } + } + else + { + if( !$userdata = get_userdata( $_POST['username'] ) ) + { + trigger_error($user->lang['No_user_id_specified'] ); + } + } - $username = ( !empty($_POST['username']) ) ? trim(strip_tags( $_POST['username'] ) ) : ''; - $email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars( $_POST['email'] ) )) : ''; - - $password = ( !empty($_POST['password']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password'] ) )) : ''; - $password_confirm = ( !empty($_POST['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password_confirm'] ) )) : ''; - - $icq = ( !empty($_POST['icq']) ) ? trim(strip_tags( $_POST['icq'] ) ) : ''; - $aim = ( !empty($_POST['aim']) ) ? trim(strip_tags( $_POST['aim'] ) ) : ''; - $msn = ( !empty($_POST['msn']) ) ? trim(strip_tags( $_POST['msn'] ) ) : ''; - $yim = ( !empty($_POST['yim']) ) ? trim(strip_tags( $_POST['yim'] ) ) : ''; - - $website = ( !empty($_POST['website']) ) ? trim(strip_tags( $_POST['website'] ) ) : ''; - $location = ( !empty($_POST['location']) ) ? trim(strip_tags( $_POST['location'] ) ) : ''; - $occupation = ( !empty($_POST['occupation']) ) ? trim(strip_tags( $_POST['occupation'] ) ) : ''; - $interests = ( !empty($_POST['interests']) ) ? trim(strip_tags( $_POST['interests'] ) ) : ''; - $signature = ( !empty($_POST['signature']) ) ? trim(str_replace('
', "\n", $_POST['signature'] ) ) : ''; - - validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); + // Update entry in DB + if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') ) + { + $db->sql_transaction(); - $viewemail = ( isset( $_POST['viewemail']) ) ? ( ( $_POST['viewemail'] ) ? TRUE : 0 ) : 0; - $allowviewonline = ( isset( $_POST['hideonline']) ) ? ( ( $_POST['hideonline'] ) ? 0 : TRUE ) : TRUE; - $notifyreply = ( isset( $_POST['notifyreply']) ) ? ( ( $_POST['notifyreply'] ) ? TRUE : 0 ) : 0; - $notifypm = ( isset( $_POST['notifypm']) ) ? ( ( $_POST['notifypm'] ) ? TRUE : 0 ) : TRUE; - $popuppm = ( isset( $_POST['popup_pm']) ) ? ( ( $_POST['popup_pm'] ) ? TRUE : 0 ) : TRUE; - $attachsig = ( isset( $_POST['attachsig']) ) ? ( ( $_POST['attachsig'] ) ? TRUE : 0 ) : 0; + $sql = "UPDATE " . POSTS_TABLE . " + SET poster_id = " . ANONYMOUS . ", post_username = '$username' + WHERE poster_id = $user_id"; + $db->sql_query($sql); - $allowhtml = ( isset( $_POST['allowhtml']) ) ? intval( $_POST['allowhtml'] ) : $board_config['allow_html']; - $allowbbcode = ( isset( $_POST['allowbbcode']) ) ? intval( $_POST['allowbbcode'] ) : $board_config['allow_bbcode']; - $allowsmilies = ( isset( $_POST['allowsmilies']) ) ? intval( $_POST['allowsmilies'] ) : $board_config['allow_smilies']; + $sql = "UPDATE " . TOPICS_TABLE . " + SET topic_poster = " . ANONYMOUS . " + WHERE topic_poster = $user_id"; + $db->sql_query($sql); - $user_style = ( $_POST['style'] ) ? intval( $_POST['style'] ) : $board_config['default_style']; - $user_lang = ( $_POST['language'] ) ? $_POST['language'] : $board_config['default_lang']; - $user_timezone = ( isset( $_POST['timezone']) ) ? doubleval( $_POST['timezone'] ) : $board_config['board_timezone']; - $user_template = ( $_POST['template'] ) ? $_POST['template'] : $board_config['board_template']; - $user_dateformat = ( $_POST['dateformat'] ) ? trim( $_POST['dateformat'] ) : $board_config['default_dateformat']; + $sql = "DELETE FROM " . USERS_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); - $user_avatar_local = ( isset( $_POST['avatarselect'] ) && !empty($_POST['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $_POST['avatarselect'] : ( ( isset( $_POST['avatarlocal'] ) ) ? $_POST['avatarlocal'] : '' ); + $sql = "DELETE FROM " . USER_GROUP_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); - $user_avatar_remoteurl = ( !empty($_POST['avatarremoteurl']) ) ? trim( $_POST['avatarremoteurl'] ) : ''; - $user_avatar_url = ( !empty($_POST['avatarurl']) ) ? trim( $_POST['avatarurl'] ) : ''; - $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ''; - $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; - $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; - $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; + $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); - $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; - $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; + $sql = "DELETE FROM " . ACL_USERS_TABLE . " + WHERE user_id = $user_id"; + $db->sql_query($sql); - $user_status = ( !empty($_POST['user_status']) ) ? intval( $_POST['user_status'] ) : 0; - $user_allowpm = ( !empty($_POST['user_allowpm']) ) ? intval( $_POST['user_allowpm'] ) : 0; - $user_rank = ( !empty($_POST['user_rank']) ) ? intval( $_POST['user_rank'] ) : 0; - $user_allowavatar = ( !empty($_POST['user_allowavatar']) ) ? intval( $_POST['user_allowavatar'] ) : 0; + $db->sql_transaction('commit'); - if( isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) ) - { - $username = stripslashes($username); - $email = stripslashes($email); - $password = ''; - $password_confirm = ''; - - $icq = stripslashes($icq); - $aim = stripslashes($aim); - $msn = stripslashes($msn); - $yim = stripslashes($yim); - - $website = stripslashes($website); - $location = stripslashes($location); - $occupation = stripslashes($occupation); - $interests = stripslashes($interests); - $signature = stripslashes($signature); - - $user_lang = stripslashes($user_lang); - $user_dateformat = stripslashes($user_dateformat); - - if ( !isset($_POST['cancelavatar'])) - { - $user_avatar = $user_avatar_local; - $user_avatar_type = USER_AVATAR_GALLERY; - } - } + trigger_error($user->lang['User_deleted']); } - if( isset( $_POST['submit'] ) ) - { - include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); - - $error = FALSE; - if( stripslashes($username) != $this_userdata['username'] ) - { - unset($rename_user); - if( !validate_username($username) ) - { - $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $user->lang['Invalid_username']; - } - else - { - $username_sql = "username = '" . str_replace("\'", "''", $username) . "', "; - $rename_user = $username; // Used for renaming usergroup - } - } - - $passwd_sql = ""; - if( !empty($password) && !empty($password_confirm) ) - { - // - // Awww, the user wants to change their password, isn't that cute.. - // - if($password != $password_confirm) - { - $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $user->lang['Password_mismatch']; - } - else - { - $password = md5($password); - $passwd_sql = "user_password = '$password', "; - } - } - else if( $password && !$password_confirm ) - { - $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $user->lang['Password_mismatch']; - } - else if( !$password && $password_confirm ) - { - $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $user->lang['Password_mismatch']; - } + // Output relevant page + page_header($user->lang['Manage']); - if( $user_status == 0 ) - { - // User is (made) inactive. Delete all their sessions. - $sql = "DELETE FROM " . SESSIONS_TABLE . " - WHERE session_user_id = $user_id"; - $db->sql_query($sql); - } +?> - if( $signature != "" ) - { - $sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature)); - if ( $allowhtml ) - { - $sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check); - } - $sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature)); +
+ + + + + + +
Main | Profile | Preferences | Avatar | Permissions
+ + + $board_config['max_sig_chars'] ) - { - $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $user->lang['Signature_too_long']; - } - } +?> + + + + + + + + + + + + +"; - } - $error_msg .= $user->lang['Only_one_avatar']; - } +?> + + + + + + +" . $user->lang['Avatar_filetype'] : $user->lang['Avatar_filetype']; - break; - } - - if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] ) - { - $avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size); - - $tmp_filename = tempnam ("/tmp", $this_userdata['user_id'] . "-"); - $fptr = @fopen($tmp_filename, "wb"); - $bytes_written = @fwrite($fptr, $avatar_data, $file_size); - @fclose($fptr); - - if( $bytes_written == $file_size ) - { - list($width, $height) = @getimagesize($tmp_filename); - - if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) - { - $user_id = $this_userdata['user_id']; - - $avatar_filename = $user_id . $imgtype; - - if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "") - { - if( file_exists("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']) ) - { - @unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']); - } - } - @copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename"); - @unlink($tmp_filename); - - $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; - } - else - { - $l_avatar_size = sprintf($user->lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); - - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; - } - } - else - { - // - // Error writing file - // - @unlink($tmp_filename); - message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__); - } - } - } - else - { - // - // No data - // - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $user->lang['File_no_data'] : $user->lang['File_no_data']; - } - } - else - { - // - // No connection - // - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $user->lang['No_connection_URL'] : $user->lang['No_connection_URL']; - } - } - else - { - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $user->lang['Incomplete_URL'] : $user->lang['Incomplete_URL']; } } - else if( !empty($user_avatar_name) ) - { - $l_avatar_size = sprintf($user->lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); - - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; - } - } - else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error ) - { - if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) ) - { - $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl; - } - - if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|png)$)#is", $user_avatar_remoteurl) ) - { - $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE; - } - else - { - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $user->lang['Wrong_remote_avatar_format'] : $user->lang['Wrong_remote_avatar_format']; - } - } - else if( $user_avatar_local != "" && $avatar_sql == "" && !$error ) - { - $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY; - } - - // - // Update entry in DB - // - if( !$error ) - { - if( $_POST['deleteuser'] ) - { - $sql = "SELECT g.group_id - FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g - WHERE ug.user_id = $user_id - AND g.group_id = ug.group_id - AND g.group_single_user = 1"; - $result = $db->sql_query($sql); - - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - $db->sql_transaction(); - $sql = "UPDATE " . POSTS_TABLE . " - SET poster_id = " . ANONYMOUS . ", post_username = '$username' - WHERE poster_id = $user_id"; - $db->sql_query($sql); - - $sql = "UPDATE " . TOPICS_TABLE . " - SET topic_poster = " . ANONYMOUS . " - WHERE topic_poster = $user_id"; - $db->sql_query($sql); - - $sql = "DELETE FROM " . USERS_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); - - $sql = "DELETE FROM " . USER_GROUP_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); +?> + + + + + + + + +
lang[$mode]; ?> +
Username:
Click profile to edit
[ Ban ]
Registered: format_date($userdata['user_regdate']); ?>
Registered from IP: [ Lookup | Ban ]
IP whois for
0) + if ( $ipwhois = ipwhois($userdata['user_ip']) ) { - $error_type = false; - - // - // Opera appends the image name after the type, not big, not clever! - // - preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype); - $user_avatar_filetype = $user_avatar_filetype[1]; - - switch( $user_avatar_filetype ) - { - case "jpeg": - case "pjpeg": - case "jpg": - $imgtype = '.jpg'; - break; - case "gif": - $imgtype = '.gif'; - break; - case "png": - $imgtype = '.png'; - break; - default: - $error = true; - $error_msg = (!empty($error_msg)) ? $error_msg . "
" . $user->lang['Avatar_filetype'] : $user->lang['Avatar_filetype']; - break; - } - - if( !$error ) - { - list($width, $height) = @getimagesize($user_avatar_loc); - - if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) - { - $user_id = $this_userdata['user_id']; - - $avatar_filename = $user_id . $imgtype; - - if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) - { - if( @file_exists("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']) ) - { - @unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']); - } - } - @copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename"); - - $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; - } - else - { - $l_avatar_size = sprintf($user->lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); - - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; - } - } - } - else - { - $l_avatar_size = sprintf($user->lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); - - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $l_avatar_size : $l_avatar_size; + echo '
' . trim($ipwhois) . '
'; } - } - else - { - $error = true; - $error_msg = ( !empty($error_msg) ) ? $error_msg . "
" . $user->lang['Avatar_filetype'] : $user->lang['Avatar_filetype']; - } - } - else if( !empty($user_avatar_url) ) - { - // - // First check what port we should connect - // to, look for a :[xxxx]/ or, if that doesn't - // exist assume port 80 (http) - // - preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary); - - if( !empty($url_ary[4]) ) - { - $port = (!empty($url_ary[3])) ? $url_ary[3] : 80; +?>
Total/Average posts by this user:
- $sql = "DELETE FROM " . GROUPS_TABLE . " - WHERE group_id = " . $row['group_id']; - $db->sql_query($sql); +sql_query($sql); + break; - $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " - WHERE user_id = $user_id"; - $db->sql_query($sql); + case 'permissions': - $db->sql_transaction('commit'); + $userauth = new auth(); + $userauth->acl($userdata); - $message = $user->lang['User_deleted']; + $sql = "SELECT forum_id, forum_name + FROM " . FORUMS_TABLE . " + ORDER BY left_id"; + $result = $db->sql_query($sql); - } - else + foreach ($acl_options['global'] as $option_name => $option_id) { - $sql = "UPDATE " . USERS_TABLE . " - SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . " - WHERE user_id = $user_id"; - $result = $db->sql_query($sql); - - if ( isset($rename_user) ) - { - $sql = "UPDATE " . GROUPS_TABLE . " - SET group_name = '".str_replace("\'", "''", $rename_user)."' - WHERE group_name = '".str_replace("\'", "''", $this_userdata['username'] )."'"; - $db->sql_query($sql); - } - - $message .= $user->lang['Admin_user_updated']; + $global[$option_name] = $userauth->acl_get($option_name); } - $message .= '

' . sprintf($user->lang['Click_return_useradmin'], '', '') . '

' . sprintf($user->lang['Click_return_admin_index'], '', ''); - - message_die(MESSAGE, $message); - } - else - { - $template->set_filenames(array( - 'reg_header' => 'error_body.tpl') - ); - - $template->assign_vars(array( - 'ERROR_MESSAGE' => $error_msg) - ); - - $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); - - $username = stripslashes($username); - $email = stripslashes($email); - $password = ''; - $password_confirm = ''; - - $icq = stripslashes($icq); - $aim = str_replace('+', ' ', stripslashes($aim)); - $msn = stripslashes($msn); - $yim = stripslashes($yim); - - $website = stripslashes($website); - $location = stripslashes($location); - $occupation = stripslashes($occupation); - $interests = stripslashes($interests); - $signature = stripslashes($signature); - - $user_lang = stripslashes($user_lang); - $user_dateformat = stripslashes($user_dateformat); - } - } - else if( !isset( $_POST['submit'] ) && $mode != 'save' && !isset( $_POST['avatargallery'] ) && !isset( $_POST['submitavatar'] ) && !isset( $_POST['cancelavatar'] ) ) - { - if( isset( $_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) ) - { - $user_id = ( isset( $_POST[POST_USERS_URL]) ) ? intval( $_POST[POST_USERS_URL]) : intval( $_GET[POST_USERS_URL]); - $this_userdata = get_userdata($user_id); - if( !$this_userdata ) + $permissions = array(); + while( $row = $db->sql_fetchrow($result) ) { - message_die(MESSAGE, $user->lang['No_user_id_specified'] ); - } - } - else - { - $this_userdata = get_userdata( $_POST['username'] ); - if( !$this_userdata ) - { - message_die(MESSAGE, $user->lang['No_user_id_specified'] ); - } - } - - // - // Now parse and display it as a template - // - $user_id = $this_userdata['user_id']; - $username = $this_userdata['username']; - $email = $this_userdata['user_email']; - $password = ''; - $password_confirm = ''; - - $icq = $this_userdata['user_icq']; - $aim = str_replace('+', ' ', $this_userdata['user_aim'] ); - $msn = $this_userdata['user_msnm']; - $yim = $this_userdata['user_yim']; - - $website = $this_userdata['user_website']; - $location = $this_userdata['user_from']; - $occupation = $this_userdata['user_occ']; - $interests = $this_userdata['user_interests']; - $signature = $this_userdata['user_sig']; - - $viewemail = $this_userdata['user_viewemail']; - $notifypm = $this_userdata['user_notify_pm']; - $popuppm = $this_userdata['user_popup_pm']; - $notifyreply = $this_userdata['user_notify']; - $attachsig = $this_userdata['user_attachsig']; - $allowhtml = $this_userdata['user_allowhtml']; - $allowbbcode = $this_userdata['user_allowbbcode']; - $allowsmilies = $this_userdata['user_allowsmile']; - $allowviewonline = $this_userdata['user_allow_viewonline']; - - $user_avatar = $this_userdata['user_avatar']; - $user_avatar_type = $this_userdata['user_avatar_type']; - $user_style = $this_userdata['user_style']; - $user_lang = $this_userdata['user_lang']; - $user_timezone = $this_userdata['user_timezone']; - $user_dateformat = $this_userdata['user_dateformat']; - - $user_status = $this_userdata['user_active']; - $user_allowavatar = $this_userdata['user_allowavatar']; - $user_allowpm = $this_userdata['user_allow_pm']; - - $COPPA = false; - - $html_status = ($this_userdata['user_allowhtml'] ) ? $user->lang['HTML_is_ON'] : $user->lang['HTML_is_OFF']; - $bbcode_status = ($this_userdata['user_allowbbcode'] ) ? $user->lang['BBCode_is_ON'] : $user->lang['BBCode_is_OFF']; - $smilies_status = ($this_userdata['user_allowsmile'] ) ? $user->lang['Smilies_are_ON'] : $user->lang['Smilies_are_OFF']; - } + $forum_data[$row['forum_id']] = $row['forum_name']; - if( isset($_POST['avatargallery']) && !$error ) - { - if( !$error ) - { - $user_id = intval($_POST['id']); - - $template->set_filenames(array( - "body" => "admin/user_avatar_gallery.tpl") - ); - - $dir = @opendir("../" . $board_config['avatar_gallery_path']); - - $avatar_images = array(); - while( $file = @readdir($dir) ) - { - if( $file != "." && $file != ".." && !is_file("./../" . $board_config['avatar_gallery_path'] . "/" . $file) && !is_link("./../" . $board_config['avatar_gallery_path'] . "/" . $file) ) + foreach ($acl_options['local'] as $option_name => $option_id) { - $sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file); - - $avatar_row_count = 0; - $avatar_col_count = 0; - - while( $sub_file = @readdir($sub_dir) ) - { - if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) ) - { - $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file; - - $avatar_col_count++; - if( $avatar_col_count == 5 ) - { - $avatar_row_count++; - $avatar_col_count = 0; - } - } - } + $local[$row['forum_id']][$option_name] = $userauth->acl_get($option_name, $row['forum_id']); } } - @closedir($dir); +?> + + Board-wide options + + $allow) { - $category = $_POST['avatarcategory']; + echo ''; } - else - { - list($category, ) = each($avatar_images); - } - @reset($avatar_images); - $s_categories = ""; - while( list($key) = each($avatar_images) ) - { - $selected = ( $key == $category ) ? "selected=\"selected\"" : ""; - if( count($avatar_images[$key]) ) - { - $s_categories .= ''; - } - } +?> +
' . $option . ' => ' . ( ( $allow ) ? 'Allowed' : 'Denied' ) . '
+ + + $auth_ary) { - $template->assign_block_vars("avatar_row", array()); - $s_colspan = max($s_colspan, count($avatar_images[$category][$i])); +?> + + + $allow) { - $template->assign_block_vars("avatar_row.avatar_column", array( - "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j]) - ); - - $template->assign_block_vars("avatar_row.avatar_option_column", array( - "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j]) - ); + echo ''; } - } - - $coppa = ( ( !$_POST['coppa'] && !$_GET['coppa'] ) || $mode == "register") ? 0 : TRUE; - - $s_hidden_fields = ''; - $s_hidden_fields .= ''; - - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - $s_hidden_fields .= ''; - - $template->assign_vars(array( - "L_USER_TITLE" => $user->lang['User_admin'], - "L_USER_EXPLAIN" => $user->lang['User_admin_explain'], - "L_AVATAR_GALLERY" => $user->lang['Avatar_gallery'], - "L_SELECT_AVATAR" => $user->lang['Select_avatar'], - "L_RETURN_PROFILE" => $user->lang['Return_profile'], - "L_CATEGORY" => $user->lang['Select_category'], - "L_GO" => $user->lang['Go'], - - "S_OPTIONS_CATEGORIES" => $s_categories, - "S_COLSPAN" => $s_colspan, - "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), - "S_HIDDEN_FIELDS" => $s_hidden_fields) - ); - } - } - else - { - $s_hidden_fields = ''; - $s_hidden_fields .= ''; - if( !empty($user_avatar_local) ) - { - $s_hidden_fields .= ''; - } +?> +
' . $option . ' => ' . ( ( $allow ) ? 'Allowed' : 'Denied' ) . '
+ +'; - break; - case USER_AVATAR_REMOTE: - $avatar = ''; - break; - case USER_AVATAR_GALLERY: - $avatar = ''; - break; } - } - else - { - $avatar = ""; - } - - $sql = "SELECT * FROM " . RANKS_TABLE . " - WHERE rank_special = 1 - ORDER BY rank_title"; - $result = $db->sql_query($sql); - $rank_select_box = ''; - while( $row = $db->sql_fetchrow($result) ) - { - $rank = $row['rank_title']; - $rank_id = $row['rank_id']; + break; - $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : ''; - $rank_select_box .= ''; - } - - $signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature); - - $template->set_filenames(array( - "body" => "admin/user_edit_body.tpl") - ); - - // - // Let's do an overall check for settings/versions which would prevent - // us from doing file uploads.... - // - $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; - $form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"'; - - $template->assign_vars(array( - 'USERNAME' => $username, - 'EMAIL' => $email, - 'YIM' => $yim, - 'ICQ' => $icq, - 'MSN' => $msn, - 'AIM' => $aim, - 'OCCUPATION' => $occupation, - 'INTERESTS' => $interests, - 'LOCATION' => $location, - 'WEBSITE' => $website, - 'SIGNATURE' => str_replace('
', "\n", $signature), - 'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '', - 'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '', - 'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '', - 'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '', - 'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '', - 'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '', - 'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '', - 'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '', - 'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '', - 'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '', - 'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '', - 'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '', - 'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '', - 'AVATAR' => $avatar, - 'LANGUAGE_SELECT' => language_select($user_lang, 'language', '../language'), - 'TIMEZONE_SELECT' => tz_select($user_timezone), - 'STYLE_SELECT' => style_select($user_style, 'style'), - 'DATE_FORMAT' => $user_dateformat, - 'ALLOW_PM_YES' => ($user_allowpm) ? 'checked="checked"' : '', - 'ALLOW_PM_NO' => (!$user_allowpm) ? 'checked="checked"' : '', - 'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '', - 'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '', - 'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '', - 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', - 'RANK_SELECT_BOX' => $rank_select_box, - - 'L_USER_TITLE' => $user->lang['User_admin'], - 'L_USER_EXPLAIN' => $user->lang['User_admin_explain'], - 'L_NEW_PASSWORD' => $user->lang['New_password'], - 'L_PASSWORD_IF_CHANGED' => $user->lang['password_if_changed'], - 'L_CONFIRM_PASSWORD' => $user->lang['Confirm_password'], - 'L_PASSWORD_CONFIRM_IF_CHANGED' => $user->lang['password_confirm_if_changed'], - 'L_SUBMIT' => $user->lang['Submit'], - 'L_RESET' => $user->lang['Reset'], - 'L_ICQ_NUMBER' => $user->lang['ICQ'], - 'L_MESSENGER' => $user->lang['MSNM'], - 'L_YAHOO' => $user->lang['YIM'], - 'L_WEBSITE' => $user->lang['Website'], - 'L_AIM' => $user->lang['AIM'], - 'L_LOCATION' => $user->lang['From'], - 'L_OCCUPATION' => $user->lang['Occupation'], - 'L_BOARD_LANGUAGE' => $user->lang['Board_lang'], - 'L_BOARD_STYLE' => $user->lang['Board_style'], - 'L_TIMEZONE' => $user->lang['Timezone'], - 'L_DATE_FORMAT' => $user->lang['Date_format'], - 'L_DATE_FORMAT_EXPLAIN' => $user->lang['Date_format_explain'], - 'L_YES' => $user->lang['Yes'], - 'L_NO' => $user->lang['No'], - 'L_INTERESTS' => $user->lang['Interests'], - 'L_ALWAYS_ALLOW_SMILIES' => $user->lang['Always_smile'], - 'L_ALWAYS_ALLOW_BBCODE' => $user->lang['Always_bbcode'], - 'L_ALWAYS_ALLOW_HTML' => $user->lang['Always_html'], - 'L_HIDE_USER' => $user->lang['Hide_user'], - 'L_ALWAYS_ADD_SIGNATURE' => $user->lang['Always_add_sig'], - - 'L_SPECIAL' => $user->lang['User_special'], - 'L_SPECIAL_EXPLAIN' => $user->lang['User_specail_explain'], - 'L_USER_ACTIVE' => $user->lang['User_status'], - 'L_ALLOW_PM' => $user->lang['User_allowpm'], - 'L_ALLOW_AVATAR' => $user->lang['User_allowavatar'], - - 'L_AVATAR_PANEL' => $user->lang['Avatar_panel'], - 'L_AVATAR_EXPLAIN' => $user->lang['Admin_avatar_explain'], - 'L_DELETE_AVATAR' => $user->lang['Delete_Image'], - 'L_CURRENT_IMAGE' => $user->lang['Current_Image'], - 'L_UPLOAD_AVATAR_FILE' => $user->lang['Upload_Avatar_file'], - 'L_UPLOAD_AVATAR_URL' => $user->lang['Upload_Avatar_URL'], - 'L_AVATAR_GALLERY' => $user->lang['Select_from_gallery'], - 'L_SHOW_GALLERY' => $user->lang['View_avatar_gallery'], - 'L_LINK_REMOTE_AVATAR' => $user->lang['Link_remote_Avatar'], - - 'L_SIGNATURE' => $user->lang['Signature'], - 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['Signature_explain'], $board_config['max_sig_chars'] ), - 'L_NOTIFY_ON_PRIVMSG' => $user->lang['Notify_on_privmsg'], - 'L_NOTIFY_ON_REPLY' => $user->lang['Always_notify'], - 'L_POPUP_ON_PRIVMSG' => $user->lang['Popup_on_privmsg'], - 'L_PREFERENCES' => $user->lang['Preferences'], - 'L_PUBLIC_VIEW_EMAIL' => $user->lang['Public_view_email'], - 'L_ITEMS_REQUIRED' => $user->lang['Items_required'], - 'L_REGISTRATION_INFO' => $user->lang['Registration_info'], - 'L_PROFILE_INFO' => $user->lang['Profile_info'], - 'L_PROFILE_INFO_NOTICE' => $user->lang['Profile_info_warn'], - 'L_EMAIL_ADDRESS' => $user->lang['Email_address'], - 'S_FORM_ENCTYPE' => $form_enctype, - - 'HTML_STATUS' => $html_status, - 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), - 'SMILIES_STATUS' => $smilies_status, - - 'L_DELETE_USER' => $user->lang['User_delete'], - 'L_DELETE_USER_EXPLAIN' => $user->lang['User_delete_explain'], - 'L_SELECT_RANK' => $user->lang['Rank_title'], - - 'S_HIDDEN_FIELDS' => $s_hidden_fields, - 'S_PROFILE_ACTION' => "admin_users.$phpEx$SID") - ); - - if( file_exists('./../' . $board_config['avatar_path'] ) ) - { - if ( $form_enctype != '' ) - { - $template->assign_block_vars('avatar_local_upload', array() ); - } - $template->assign_block_vars('avatar_remote_upload', array() ); - } - - if( file_exists('./../' . $board_config['avatar_gallery_path'] ) ) - { - $template->assign_block_vars('avatar_local_gallery', array() ); - } } - $template->display('body'); + page_footer(); } else @@ -1026,7 +278,7 @@ else lang['Select_a_User']; ?> - ', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /> + ', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /> @@ -1036,4 +288,50 @@ else page_footer(); +// +// +function ipwhois($ip) +{ + $ipwhois = ''; + + $match = array( + '#RIPE\.NET#is' => 'whois.ripe.net', + '#whois\.apnic\.net#is' => 'whois.ripe.net', + '#nic\.ad\.jp#is' => 'whois.ripe.net', + '#whois\.registro\.br#is' => 'whois.ripe.net' + ); + + if ( ($fsk = fsockopen('whois.arin.net', 43)) ) + { + @fputs($fsk, "$ip\n"); + while (!feof($fsk) ) + { + $ipwhois .= fgets($fsk, 1024); + } + fclose($fsk); + } + + foreach ( array_keys($match) as $server ) + { + if ( preg_match($server, $ipwhois) ) + { + $ipwhois = ''; + if ( ($fsk = fsockopen($match[$server], 43)) ) + { + @fputs($fsk, "$ip\n"); + while (!feof($fsk) ) + { + $ipwhois .= fgets($fsk, 1024); + } + fclose($fsk); + } + break; + } + } + + return $ipwhois; +} +// +// + ?> \ No newline at end of file -- cgit v1.2.1