| [ Index ] |
PHP Cross Reference of phpBB 2.0.21 |
[Summary view] [Print] [Text view]
1 <?php 2 /*************************************************************************** 3 * admin_users.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * $Id: admin_users.php,v 1.57.2.35 2006/03/26 14:43:24 grahamje Exp $ 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 define('IN_PHPBB', 1); 24 25 if( !empty($setmodules) ) 26 { 27 $filename = basename(__FILE__); 28 $module['Users']['Manage'] = $filename; 29 30 return; 31 } 32 33 $phpbb_root_path = './../'; 34 require ($phpbb_root_path . 'extension.inc'); 35 require('./pagestart.' . $phpEx); 36 require($phpbb_root_path . 'includes/bbcode.'.$phpEx); 37 require($phpbb_root_path . 'includes/functions_post.'.$phpEx); 38 require($phpbb_root_path . 'includes/functions_selects.'.$phpEx); 39 require($phpbb_root_path . 'includes/functions_validate.'.$phpEx); 40 41 $html_entities_match = array('#<#', '#>#'); 42 $html_entities_replace = array('<', '>'); 43 44 // 45 // Set mode 46 // 47 if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) ) 48 { 49 $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; 50 $mode = htmlspecialchars($mode); 51 } 52 else 53 { 54 $mode = ''; 55 } 56 57 // 58 // Begin program 59 // 60 if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ) 61 { 62 // 63 // Ok, the profile has been modified and submitted, let's update 64 // 65 if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) 66 { 67 $user_id = intval($HTTP_POST_VARS['id']); 68 69 if (!($this_userdata = get_userdata($user_id))) 70 { 71 message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); 72 } 73 74 if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) ) 75 { 76 $sql = "SELECT g.group_id 77 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 78 WHERE ug.user_id = $user_id 79 AND g.group_id = ug.group_id 80 AND g.group_single_user = 1"; 81 if( !($result = $db->sql_query($sql)) ) 82 { 83 message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql); 84 } 85 86 $row = $db->sql_fetchrow($result); 87 88 $sql = "UPDATE " . POSTS_TABLE . " 89 SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "' 90 WHERE poster_id = $user_id"; 91 if( !$db->sql_query($sql) ) 92 { 93 message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql); 94 } 95 96 $sql = "UPDATE " . TOPICS_TABLE . " 97 SET topic_poster = " . DELETED . " 98 WHERE topic_poster = $user_id"; 99 if( !$db->sql_query($sql) ) 100 { 101 message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql); 102 } 103 104 $sql = "UPDATE " . VOTE_USERS_TABLE . " 105 SET vote_user_id = " . DELETED . " 106 WHERE vote_user_id = $user_id"; 107 if( !$db->sql_query($sql) ) 108 { 109 message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql); 110 } 111 112 $sql = "SELECT group_id 113 FROM " . GROUPS_TABLE . " 114 WHERE group_moderator = $user_id"; 115 if( !($result = $db->sql_query($sql)) ) 116 { 117 message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql); 118 } 119 120 while ( $row_group = $db->sql_fetchrow($result) ) 121 { 122 $group_moderator[] = $row_group['group_id']; 123 } 124 125 if ( count($group_moderator) ) 126 { 127 $update_moderator_id = implode(', ', $group_moderator); 128 129 $sql = "UPDATE " . GROUPS_TABLE . " 130 SET group_moderator = " . $userdata['user_id'] . " 131 WHERE group_moderator IN ($update_moderator_id)"; 132 if( !$db->sql_query($sql) ) 133 { 134 message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql); 135 } 136 } 137 138 $sql = "DELETE FROM " . USERS_TABLE . " 139 WHERE user_id = $user_id"; 140 if( !$db->sql_query($sql) ) 141 { 142 message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql); 143 } 144 145 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 146 WHERE user_id = $user_id"; 147 if( !$db->sql_query($sql) ) 148 { 149 message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql); 150 } 151 152 $sql = "DELETE FROM " . GROUPS_TABLE . " 153 WHERE group_id = " . $row['group_id']; 154 if( !$db->sql_query($sql) ) 155 { 156 message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql); 157 } 158 159 $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " 160 WHERE group_id = " . $row['group_id']; 161 if( !$db->sql_query($sql) ) 162 { 163 message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql); 164 } 165 166 $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " 167 WHERE user_id = $user_id"; 168 if ( !$db->sql_query($sql) ) 169 { 170 message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql); 171 } 172 173 $sql = "DELETE FROM " . BANLIST_TABLE . " 174 WHERE ban_userid = $user_id"; 175 if ( !$db->sql_query($sql) ) 176 { 177 message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql); 178 } 179 180 $sql = "DELETE FROM " . SESSIONS_TABLE . " 181 WHERE session_user_id = $user_id"; 182 if ( !$db->sql_query($sql) ) 183 { 184 message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql); 185 } 186 187 $sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . " 188 WHERE user_id = $user_id"; 189 if ( !$db->sql_query($sql) ) 190 { 191 message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql); 192 } 193 194 $sql = "SELECT privmsgs_id 195 FROM " . PRIVMSGS_TABLE . " 196 WHERE privmsgs_from_userid = $user_id 197 OR privmsgs_to_userid = $user_id"; 198 if ( !($result = $db->sql_query($sql)) ) 199 { 200 message_die(GENERAL_ERROR, 'Could not select all users private messages', '', __LINE__, __FILE__, $sql); 201 } 202 203 // This little bit of code directly from the private messaging section. 204 while ( $row_privmsgs = $db->sql_fetchrow($result) ) 205 { 206 $mark_list[] = $row_privmsgs['privmsgs_id']; 207 } 208 209 if ( count($mark_list) ) 210 { 211 $delete_sql_id = implode(', ', $mark_list); 212 213 $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . " 214 WHERE privmsgs_text_id IN ($delete_sql_id)"; 215 $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . " 216 WHERE privmsgs_id IN ($delete_sql_id)"; 217 218 if ( !$db->sql_query($delete_sql) ) 219 { 220 message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql); 221 } 222 223 if ( !$db->sql_query($delete_text_sql) ) 224 { 225 message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql); 226 } 227 } 228 229 $message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>'); 230 231 message_die(GENERAL_MESSAGE, $message); 232 } 233 234 $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; 235 $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : ''; 236 237 $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : ''; 238 $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : ''; 239 240 $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : ''; 241 $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : ''; 242 $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : ''; 243 $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : ''; 244 245 $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : ''; 246 $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : ''; 247 $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : ''; 248 $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : ''; 249 $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : ''; 250 251 validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); 252 253 $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0; 254 $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE; 255 $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0; 256 $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE; 257 $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE; 258 $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0; 259 260 $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html']; 261 $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode']; 262 $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies']; 263 264 $user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style']; 265 $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; 266 $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone']; 267 $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat']; 268 269 $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] ) ) ? $HTTP_POST_VARS['avatarlocal'] : '' ); 270 $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ; 271 272 $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : ''; 273 $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : ''; 274 $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : ''; 275 $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; 276 $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; 277 $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; 278 279 $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : ''; 280 $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : ''; 281 282 $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0; 283 $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0; 284 $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0; 285 $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0; 286 287 if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) ) 288 { 289 $username = stripslashes($username); 290 $email = stripslashes($email); 291 $password = ''; 292 $password_confirm = ''; 293 294 $icq = stripslashes($icq); 295 $aim = htmlspecialchars(stripslashes($aim)); 296 $msn = htmlspecialchars(stripslashes($msn)); 297 $yim = htmlspecialchars(stripslashes($yim)); 298 299 $website = htmlspecialchars(stripslashes($website)); 300 $location = htmlspecialchars(stripslashes($location)); 301 $occupation = htmlspecialchars(stripslashes($occupation)); 302 $interests = htmlspecialchars(stripslashes($interests)); 303 $signature = htmlspecialchars(stripslashes($signature)); 304 305 $user_lang = stripslashes($user_lang); 306 $user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); 307 308 if ( !isset($HTTP_POST_VARS['cancelavatar'])) 309 { 310 $user_avatar = $user_avatar_category . '/' . $user_avatar_local; 311 $user_avatar_type = USER_AVATAR_GALLERY; 312 } 313 } 314 } 315 316 if( isset( $HTTP_POST_VARS['submit'] ) ) 317 { 318 include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx); 319 320 $error = FALSE; 321 322 if (stripslashes($username) != $this_userdata['username']) 323 { 324 unset($rename_user); 325 326 if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) ) 327 { 328 $result = validate_username($username); 329 if ( $result['error'] ) 330 { 331 $error = TRUE; 332 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg']; 333 } 334 else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) ) 335 { 336 $error = TRUE; 337 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken']; 338 } 339 } 340 341 if (!$error) 342 { 343 $username_sql = "username = '" . str_replace("\\'", "''", $username) . "', "; 344 $rename_user = $username; // Used for renaming usergroup 345 } 346 } 347 348 $passwd_sql = ''; 349 if( !empty($password) && !empty($password_confirm) ) 350 { 351 // 352 // Awww, the user wants to change their password, isn't that cute.. 353 // 354 if($password != $password_confirm) 355 { 356 $error = TRUE; 357 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; 358 } 359 else 360 { 361 $password = md5($password); 362 $passwd_sql = "user_password = '$password', "; 363 } 364 } 365 else if( $password && !$password_confirm ) 366 { 367 $error = TRUE; 368 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; 369 } 370 else if( !$password && $password_confirm ) 371 { 372 $error = TRUE; 373 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; 374 } 375 376 if ($signature != '') 377 { 378 $sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature)); 379 if ( $allowhtml ) 380 { 381 $sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check); 382 } 383 384 // Only create a new bbcode_uid when there was no uid yet. 385 if ( $signature_bbcode_uid == '' ) 386 { 387 $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : ''; 388 } 389 $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); 390 391 if ( strlen($sig_length_check) > $board_config['max_sig_chars'] ) 392 { 393 $error = TRUE; 394 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long']; 395 } 396 } 397 398 // 399 // Avatar stuff 400 // 401 $avatar_sql = ""; 402 if( isset($HTTP_POST_VARS['avatardel']) ) 403 { 404 if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) 405 { 406 if( @file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) ) 407 { 408 @unlink('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']); 409 } 410 } 411 $avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE; 412 } 413 else if( ( $user_avatar_loc != "" || !empty($user_avatar_url) ) && !$error ) 414 { 415 // 416 // Only allow one type of upload, either a 417 // filename or a URL 418 // 419 if( !empty($user_avatar_loc) && !empty($user_avatar_url) ) 420 { 421 $error = TRUE; 422 if( isset($error_msg) ) 423 { 424 $error_msg .= "<br />"; 425 } 426 $error_msg .= $lang['Only_one_avatar']; 427 } 428 429 if( $user_avatar_loc != "" ) 430 { 431 if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) ) 432 { 433 if( $user_avatar_size <= $board_config['avatar_filesize'] && $user_avatar_size > 0) 434 { 435 $error_type = false; 436 437 // 438 // Opera appends the image name after the type, not big, not clever! 439 // 440 preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype); 441 $user_avatar_filetype = $user_avatar_filetype[1]; 442 443 switch( $user_avatar_filetype ) 444 { 445 case "jpeg": 446 case "pjpeg": 447 case "jpg": 448 $imgtype = '.jpg'; 449 break; 450 case "gif": 451 $imgtype = '.gif'; 452 break; 453 case "png": 454 $imgtype = '.png'; 455 break; 456 default: 457 $error = true; 458 $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; 459 break; 460 } 461 462 if( !$error ) 463 { 464 list($width, $height) = @getimagesize($user_avatar_loc); 465 466 if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) 467 { 468 $user_id = $this_userdata['user_id']; 469 470 $avatar_filename = $user_id . $imgtype; 471 472 if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" ) 473 { 474 if( @file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) ) 475 { 476 @unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']); 477 } 478 } 479 @copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename"); 480 481 $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; 482 } 483 else 484 { 485 $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); 486 487 $error = true; 488 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size; 489 } 490 } 491 } 492 else 493 { 494 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); 495 496 $error = true; 497 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size; 498 } 499 } 500 else 501 { 502 $error = true; 503 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; 504 } 505 } 506 else if( !empty($user_avatar_url) ) 507 { 508 // 509 // First check what port we should connect 510 // to, look for a :[xxxx]/ or, if that doesn't 511 // exist assume port 80 (http) 512 // 513 preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary); 514 515 if( !empty($url_ary[4]) ) 516 { 517 $port = (!empty($url_ary[3])) ? $url_ary[3] : 80; 518 519 $fsock = @fsockopen($url_ary[2], $port, $errno, $errstr); 520 if( $fsock ) 521 { 522 $base_get = "/" . $url_ary[4]; 523 524 // 525 // Uses HTTP 1.1, could use HTTP 1.0 ... 526 // 527 @fputs($fsock, "GET $base_get HTTP/1.1\r\n"); 528 @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); 529 @fputs($fsock, "Connection: close\r\n\r\n"); 530 531 unset($avatar_data); 532 while( !@feof($fsock) ) 533 { 534 $avatar_data .= @fread($fsock, $board_config['avatar_filesize']); 535 } 536 @fclose($fsock); 537 538 if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) ) 539 { 540 $file_size = $file_data1[1]; 541 $file_type = $file_data2[1]; 542 543 switch( $file_type ) 544 { 545 case "jpeg": 546 case "pjpeg": 547 case "jpg": 548 $imgtype = '.jpg'; 549 break; 550 case "gif": 551 $imgtype = '.gif'; 552 break; 553 case "png": 554 $imgtype = '.png'; 555 break; 556 default: 557 $error = true; 558 $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; 559 break; 560 } 561 562 if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] ) 563 { 564 $avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size); 565 566 $tmp_filename = tempnam ("/tmp", $this_userdata['user_id'] . "-"); 567 $fptr = @fopen($tmp_filename, "wb"); 568 $bytes_written = @fwrite($fptr, $avatar_data, $file_size); 569 @fclose($fptr); 570 571 if( $bytes_written == $file_size ) 572 { 573 list($width, $height) = @getimagesize($tmp_filename); 574 575 if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] ) 576 { 577 $user_id = $this_userdata['user_id']; 578 579 $avatar_filename = $user_id . $imgtype; 580 581 if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "") 582 { 583 if( file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) ) 584 { 585 @unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']); 586 } 587 } 588 @copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename"); 589 @unlink($tmp_filename); 590 591 $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD; 592 } 593 else 594 { 595 $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']); 596 597 $error = true; 598 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size; 599 } 600 } 601 else 602 { 603 // 604 // Error writing file 605 // 606 @unlink($tmp_filename); 607 message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__); 608 } 609 } 610 } 611 else 612 { 613 // 614 // No data 615 // 616 $error = true; 617 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['File_no_data'] : $lang['File_no_data']; 618 } 619 } 620 else 621 { 622 // 623 // No connection 624 // 625 $error = true; 626 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['No_connection_URL'] : $lang['No_connection_URL']; 627 } 628 } 629 else 630 { 631 $error = true; 632 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Incomplete_URL'] : $lang['Incomplete_URL']; 633 } 634 } 635 else if( !empty($user_avatar_name) ) 636 { 637 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); 638 639 $error = true; 640 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size; 641 } 642 } 643 else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error ) 644 { 645 if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) ) 646 { 647 $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl; 648 } 649 650 if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|png)$)#is", $user_avatar_remoteurl) ) 651 { 652 $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE; 653 } 654 else 655 { 656 $error = true; 657 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format']; 658 } 659 } 660 else if( $user_avatar_local != "" && $avatar_sql == "" && !$error ) 661 { 662 $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", phpbb_ltrim(basename($user_avatar_category), "'") . '/' . phpbb_ltrim(basename($user_avatar_local), "'")) . "', user_avatar_type = " . USER_AVATAR_GALLERY; 663 } 664 665 // 666 // Update entry in DB 667 // 668 if( !$error ) 669 { 670 $sql = "UPDATE " . USERS_TABLE . " 671 SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . " 672 WHERE user_id = $user_id"; 673 674 if( $result = $db->sql_query($sql) ) 675 { 676 if( isset($rename_user) ) 677 { 678 $sql = "UPDATE " . GROUPS_TABLE . " 679 SET group_name = '".str_replace("\'", "''", $rename_user)."' 680 WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'"; 681 if( !$result = $db->sql_query($sql) ) 682 { 683 message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql); 684 } 685 } 686 687 // Delete user session, to prevent the user navigating the forum (if logged in) when disabled 688 if (!$user_status) 689 { 690 $sql = "DELETE FROM " . SESSIONS_TABLE . " 691 WHERE session_user_id = " . $user_id; 692 693 if ( !$db->sql_query($sql) ) 694 { 695 message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql); 696 } 697 } 698 699 // We remove all stored login keys since the password has been updated 700 // and change the current one (if applicable) 701 if ( !empty($passwd_sql) ) 702 { 703 session_reset_keys($user_id, $user_ip); 704 } 705 706 $message .= $lang['Admin_user_updated']; 707 } 708 else 709 { 710 message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql); 711 } 712 713 $message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>'); 714 715 message_die(GENERAL_MESSAGE, $message); 716 } 717 else 718 { 719 $template->set_filenames(array( 720 'reg_header' => 'error_body.tpl') 721 ); 722 723 $template->assign_vars(array( 724 'ERROR_MESSAGE' => $error_msg) 725 ); 726 727 $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); 728 729 $username = htmlspecialchars(stripslashes($username)); 730 $email = stripslashes($email); 731 $password = ''; 732 $password_confirm = ''; 733 734 $icq = stripslashes($icq); 735 $aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim))); 736 $msn = htmlspecialchars(stripslashes($msn)); 737 $yim = htmlspecialchars(stripslashes($yim)); 738 739 $website = htmlspecialchars(stripslashes($website)); 740 $location = htmlspecialchars(stripslashes($location)); 741 $occupation = htmlspecialchars(stripslashes($occupation)); 742 $interests = htmlspecialchars(stripslashes($interests)); 743 $signature = htmlspecialchars(stripslashes($signature)); 744 745 $user_lang = stripslashes($user_lang); 746 $user_dateformat = htmlspecialchars(stripslashes($user_dateformat)); 747 } 748 } 749 else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) ) 750 { 751 if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) 752 { 753 $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]); 754 $this_userdata = get_userdata($user_id); 755 if( !$this_userdata ) 756 { 757 message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); 758 } 759 } 760 else 761 { 762 $this_userdata = get_userdata($HTTP_POST_VARS['username'], true); 763 if( !$this_userdata ) 764 { 765 message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] ); 766 } 767 } 768 769 // 770 // Now parse and display it as a template 771 // 772 $user_id = $this_userdata['user_id']; 773 $username = $this_userdata['username']; 774 $email = $this_userdata['user_email']; 775 $password = ''; 776 $password_confirm = ''; 777 778 $icq = $this_userdata['user_icq']; 779 $aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] )); 780 $msn = htmlspecialchars($this_userdata['user_msnm']); 781 $yim = htmlspecialchars($this_userdata['user_yim']); 782 783 $website = htmlspecialchars($this_userdata['user_website']); 784 $location = htmlspecialchars($this_userdata['user_from']); 785 $occupation = htmlspecialchars($this_userdata['user_occ']); 786 $interests = htmlspecialchars($this_userdata['user_interests']); 787 788 $signature = ($this_userdata['user_sig_bbcode_uid'] != '') ? preg_replace('#:' . $this_userdata['user_sig_bbcode_uid'] . '#si', '', $this_userdata['user_sig']) : $this_userdata['user_sig']; 789 $signature = preg_replace($html_entities_match, $html_entities_replace, $signature); 790 791 $viewemail = $this_userdata['user_viewemail']; 792 $notifypm = $this_userdata['user_notify_pm']; 793 $popuppm = $this_userdata['user_popup_pm']; 794 $notifyreply = $this_userdata['user_notify']; 795 $attachsig = $this_userdata['user_attachsig']; 796 $allowhtml = $this_userdata['user_allowhtml']; 797 $allowbbcode = $this_userdata['user_allowbbcode']; 798 $allowsmilies = $this_userdata['user_allowsmile']; 799 $allowviewonline = $this_userdata['user_allow_viewonline']; 800 801 $user_avatar = $this_userdata['user_avatar']; 802 $user_avatar_type = $this_userdata['user_avatar_type']; 803 $user_style = $this_userdata['user_style']; 804 $user_lang = $this_userdata['user_lang']; 805 $user_timezone = $this_userdata['user_timezone']; 806 $user_dateformat = htmlspecialchars($this_userdata['user_dateformat']); 807 808 $user_status = $this_userdata['user_active']; 809 $user_allowavatar = $this_userdata['user_allowavatar']; 810 $user_allowpm = $this_userdata['user_allow_pm']; 811 812 $COPPA = false; 813 814 $html_status = ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; 815 $bbcode_status = ($this_userdata['user_allowbbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF']; 816 $smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; 817 } 818 819 if( isset($HTTP_POST_VARS['avatargallery']) && !$error ) 820 { 821 if( !$error ) 822 { 823 $user_id = intval($HTTP_POST_VARS['id']); 824 825 $template->set_filenames(array( 826 "body" => "admin/user_avatar_gallery.tpl") 827 ); 828 829 $dir = @opendir("../" . $board_config['avatar_gallery_path']); 830 831 $avatar_images = array(); 832 while( $file = @readdir($dir) ) 833 { 834 if( $file != "." && $file != ".." && !is_file(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) ) 835 { 836 $sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file); 837 838 $avatar_row_count = 0; 839 $avatar_col_count = 0; 840 841 while( $sub_file = @readdir($sub_dir) ) 842 { 843 if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) ) 844 { 845 $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file; 846 847 $avatar_col_count++; 848 if( $avatar_col_count == 5 ) 849 { 850 $avatar_row_count++; 851 $avatar_col_count = 0; 852 } 853 } 854 } 855 } 856 } 857 858 @closedir($dir); 859 860 if( isset($HTTP_POST_VARS['avatarcategory']) ) 861 { 862 $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']); 863 } 864 else 865 { 866 list($category, ) = each($avatar_images); 867 } 868 @reset($avatar_images); 869 870 $s_categories = ""; 871 while( list($key) = each($avatar_images) ) 872 { 873 $selected = ( $key == $category ) ? "selected=\"selected\"" : ""; 874 if( count($avatar_images[$key]) ) 875 { 876 $s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>'; 877 } 878 } 879 880 $s_colspan = 0; 881 for($i = 0; $i < count($avatar_images[$category]); $i++) 882 { 883 $template->assign_block_vars("avatar_row", array()); 884 885 $s_colspan = max($s_colspan, count($avatar_images[$category][$i])); 886 887 for($j = 0; $j < count($avatar_images[$category][$i]); $j++) 888 { 889 $template->assign_block_vars("avatar_row.avatar_column", array( 890 "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j]) 891 ); 892 893 $template->assign_block_vars("avatar_row.avatar_option_column", array( 894 "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j]) 895 ); 896 } 897 } 898 899 $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE; 900 901 $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="avatarcatname" value="' . $category . '" />'; 902 $s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />'; 903 904 $s_hidden_fields .= '<input type="hidden" name="username" value="' . str_replace("\"", """, $username) . '" />'; 905 $s_hidden_fields .= '<input type="hidden" name="email" value="' . str_replace("\"", """, $email) . '" />'; 906 $s_hidden_fields .= '<input type="hidden" name="icq" value="' . str_replace("\"", """, $icq) . '" />'; 907 $s_hidden_fields .= '<input type="hidden" name="aim" value="' . str_replace("\"", """, $aim) . '" />'; 908 $s_hidden_fields .= '<input type="hidden" name="msn" value="' . str_replace("\"", """, $msn) . '" />'; 909 $s_hidden_fields .= '<input type="hidden" name="yim" value="' . str_replace("\"", """, $yim) . '" />'; 910 $s_hidden_fields .= '<input type="hidden" name="website" value="' . str_replace("\"", """, $website) . '" />'; 911 $s_hidden_fields .= '<input type="hidden" name="location" value="' . str_replace("\"", """, $location) . '" />'; 912 $s_hidden_fields .= '<input type="hidden" name="occupation" value="' . str_replace("\"", """, $occupation) . '" />'; 913 $s_hidden_fields .= '<input type="hidden" name="interests" value="' . str_replace("\"", """, $interests) . '" />'; 914 $s_hidden_fields .= '<input type="hidden" name="signature" value="' . str_replace("\"", """, $signature) . '" />'; 915 $s_hidden_fields .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />'; 916 $s_hidden_fields .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />'; 917 $s_hidden_fields .= '<input type="hidden" name="popup_pm" value="' . $popuppm . '" />'; 918 $s_hidden_fields .= '<input type="hidden" name="notifyreply" value="' . $notifyreply . '" />'; 919 $s_hidden_fields .= '<input type="hidden" name="attachsig" value="' . $attachsig . '" />'; 920 $s_hidden_fields .= '<input type="hidden" name="allowhtml" value="' . $allowhtml . '" />'; 921 $s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />'; 922 $s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />'; 923 $s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />'; 924 $s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; 925 $s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />'; 926 $s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />'; 927 $s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", """, $user_dateformat) . '" />'; 928 929 $s_hidden_fields .= '<input type="hidden" name="user_status" value="' . $user_status . '" />'; 930 $s_hidden_fields .= '<input type="hidden" name="user_allowpm" value="' . $user_allowpm . '" />'; 931 $s_hidden_fields .= '<input type="hidden" name="user_allowavatar" value="' . $user_allowavatar . '" />'; 932 $s_hidden_fields .= '<input type="hidden" name="user_rank" value="' . $user_rank . '" />'; 933 934 $template->assign_vars(array( 935 "L_USER_TITLE" => $lang['User_admin'], 936 "L_USER_EXPLAIN" => $lang['User_admin_explain'], 937 "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], 938 "L_SELECT_AVATAR" => $lang['Select_avatar'], 939 "L_RETURN_PROFILE" => $lang['Return_profile'], 940 "L_CATEGORY" => $lang['Select_category'], 941 "L_GO" => $lang['Go'], 942 943 "S_OPTIONS_CATEGORIES" => $s_categories, 944 "S_COLSPAN" => $s_colspan, 945 "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), 946 "S_HIDDEN_FIELDS" => $s_hidden_fields) 947 ); 948 } 949 } 950 else 951 { 952 $s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; 953 $s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />'; 954 955 if( !empty($user_avatar_local) ) 956 { 957 $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />'; 958 } 959 960 if( $user_avatar_type ) 961 { 962 switch( $user_avatar_type ) 963 { 964 case USER_AVATAR_UPLOAD: 965 $avatar = '<img src="../' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />'; 966 break; 967 case USER_AVATAR_REMOTE: 968 $avatar = '<img src="' . $user_avatar . '" alt="" />'; 969 break; 970 case USER_AVATAR_GALLERY: 971 $avatar = '<img src="../' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />'; 972 break; 973 } 974 } 975 else 976 { 977 $avatar = ""; 978 } 979 980 $sql = "SELECT * FROM " . RANKS_TABLE . " 981 WHERE rank_special = 1 982 ORDER BY rank_title"; 983 if ( !($result = $db->sql_query($sql)) ) 984 { 985 message_die(GENERAL_ERROR, 'Could not obtain ranks data', '', __LINE__, __FILE__, $sql); 986 } 987 988 $rank_select_box = '<option value="0">' . $lang['No_assigned_rank'] . '</option>'; 989 while( $row = $db->sql_fetchrow($result) ) 990 { 991 $rank = $row['rank_title']; 992 $rank_id = $row['rank_id']; 993 994 $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : ''; 995 $rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>'; 996 } 997 998 $template->set_filenames(array( 999 "body" => "admin/user_edit_body.tpl") 1000 ); 1001 1002 // 1003 // Let's do an overall check for settings/versions which would prevent 1004 // us from doing file uploads.... 1005 // 1006 $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; 1007 $form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"'; 1008 1009 $template->assign_vars(array( 1010 'USERNAME' => $username, 1011 'EMAIL' => $email, 1012 'YIM' => $yim, 1013 'ICQ' => $icq, 1014 'MSN' => $msn, 1015 'AIM' => $aim, 1016 'OCCUPATION' => $occupation, 1017 'INTERESTS' => $interests, 1018 'LOCATION' => $location, 1019 'WEBSITE' => $website, 1020 'SIGNATURE' => str_replace('<br />', "\n", $signature), 1021 'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '', 1022 'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '', 1023 'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '', 1024 'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '', 1025 'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '', 1026 'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '', 1027 'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '', 1028 'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '', 1029 'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '', 1030 'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '', 1031 'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '', 1032 'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '', 1033 'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '', 1034 'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '', 1035 'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '', 1036 'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '', 1037 'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '', 1038 'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '', 1039 'AVATAR' => $avatar, 1040 'LANGUAGE_SELECT' => language_select($user_lang), 1041 'TIMEZONE_SELECT' => tz_select($user_timezone), 1042 'STYLE_SELECT' => style_select($user_style, 'style'), 1043 'DATE_FORMAT' => $user_dateformat, 1044 'ALLOW_PM_YES' => ($user_allowpm) ? 'checked="checked"' : '', 1045 'ALLOW_PM_NO' => (!$user_allowpm) ? 'checked="checked"' : '', 1046 'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '', 1047 'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '', 1048 'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '', 1049 'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 1050 'RANK_SELECT_BOX' => $rank_select_box, 1051 1052 'L_USERNAME' => $lang['Username'], 1053 'L_USER_TITLE' => $lang['User_admin'], 1054 'L_USER_EXPLAIN' => $lang['User_admin_explain'], 1055 'L_NEW_PASSWORD' => $lang['New_password'], 1056 'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'], 1057 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 1058 'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'], 1059 'L_SUBMIT' => $lang['Submit'], 1060 'L_RESET' => $lang['Reset'], 1061 'L_ICQ_NUMBER' => $lang['ICQ'], 1062 'L_MESSENGER' => $lang['MSNM'], 1063 'L_YAHOO' => $lang['YIM'], 1064 'L_WEBSITE' => $lang['Website'], 1065 'L_AIM' => $lang['AIM'], 1066 'L_LOCATION' => $lang['Location'], 1067 'L_OCCUPATION' => $lang['Occupation'], 1068 'L_BOARD_LANGUAGE' => $lang['Board_lang'], 1069 'L_BOARD_STYLE' => $lang['Board_style'], 1070 'L_TIMEZONE' => $lang['Timezone'], 1071 'L_DATE_FORMAT' => $lang['Date_format'], 1072 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'], 1073 'L_YES' => $lang['Yes'], 1074 'L_NO' => $lang['No'], 1075 'L_INTERESTS' => $lang['Interests'], 1076 'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'], 1077 'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'], 1078 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 1079 'L_HIDE_USER' => $lang['Hide_user'], 1080 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], 1081 1082 'L_SPECIAL' => $lang['User_special'], 1083 'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'], 1084 'L_USER_ACTIVE' => $lang['User_status'], 1085 'L_ALLOW_PM' => $lang['User_allowpm'], 1086 'L_ALLOW_AVATAR' => $lang['User_allowavatar'], 1087 1088 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 1089 'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'], 1090 'L_DELETE_AVATAR' => $lang['Delete_Image'], 1091 'L_CURRENT_IMAGE' => $lang['Current_Image'], 1092 'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'], 1093 'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'], 1094 'L_AVATAR_GALLERY' => $lang['Select_from_gallery'], 1095 'L_SHOW_GALLERY' => $lang['View_avatar_gallery'], 1096 'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'], 1097 1098 'L_SIGNATURE' => $lang['Signature'], 1099 'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars'] ), 1100 'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'], 1101 'L_NOTIFY_ON_REPLY' => $lang['Always_notify'], 1102 'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'], 1103 'L_PREFERENCES' => $lang['Preferences'], 1104 'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'], 1105 'L_ITEMS_REQUIRED' => $lang['Items_required'], 1106 'L_REGISTRATION_INFO' => $lang['Registration_info'], 1107 'L_PROFILE_INFO' => $lang['Profile_info'], 1108 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'], 1109 'L_EMAIL_ADDRESS' => $lang['Email_address'], 1110 'S_FORM_ENCTYPE' => $form_enctype, 1111 1112 'HTML_STATUS' => $html_status, 1113 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 1114 'SMILIES_STATUS' => $smilies_status, 1115 1116 'L_DELETE_USER' => $lang['User_delete'], 1117 'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'], 1118 'L_SELECT_RANK' => $lang['Rank_title'], 1119 1120 'S_HIDDEN_FIELDS' => $s_hidden_fields, 1121 'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx")) 1122 ); 1123 1124 if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) ) 1125 { 1126 if ( $form_enctype != '' ) 1127 { 1128 $template->assign_block_vars('avatar_local_upload', array() ); 1129 } 1130 $template->assign_block_vars('avatar_remote_upload', array() ); 1131 } 1132 1133 if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) ) 1134 { 1135 $template->assign_block_vars('avatar_local_gallery', array() ); 1136 } 1137 1138 if( $board_config['allow_avatar_remote'] == TRUE ) 1139 { 1140 $template->assign_block_vars('avatar_remote_link', array() ); 1141 } 1142 } 1143 1144 $template->pparse('body'); 1145 } 1146 else 1147 { 1148 // 1149 // Default user selection box 1150 // 1151 $template->set_filenames(array( 1152 'body' => 'admin/user_select_body.tpl') 1153 ); 1154 1155 $template->assign_vars(array( 1156 'L_USER_TITLE' => $lang['User_admin'], 1157 'L_USER_EXPLAIN' => $lang['User_admin_explain'], 1158 'L_USER_SELECT' => $lang['Select_a_User'], 1159 'L_LOOK_UP' => $lang['Look_up_user'], 1160 'L_FIND_USERNAME' => $lang['Find_username'], 1161 1162 'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"), 1163 1164 'S_USER_ACTION' => append_sid("admin_users.$phpEx"), 1165 'S_USER_SELECT' => $select_list) 1166 ); 1167 $template->pparse('body'); 1168 1169 } 1170 1171 include('./page_footer_admin.'.$phpEx); 1172 1173 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jun 15 00:04:58 2006 | Cross-referenced by PHPXref 0.6 |