?PNG  IHDR ? f ??C1 sRGB ?? gAMA ? a pHYs ? ??od GIDATx^LeY?a?("Bh?_????q5k?*:t0A-o??]VkJM??f?8\k2ll1]q????T
Warning: file_get_contents(https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/ru.json): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/user1137782/www/china1.by/classwithtostring.php on line 86

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 213

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 214

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 215

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 216

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 217

Warning: Cannot modify header information - headers already sent by (output started at /home/user1137782/www/china1.by/classwithtostring.php:6) in /home/user1137782/www/china1.by/classwithtostring.php on line 218
PK:[#q~JJucp_pm_viewfolder.phpnuW+Adata['user_id']); if (!$submit_export) { $user->add_lang('viewforum'); // Grab icons $icons = $cache->obtain_icons(); $color_rows = array('marked', 'replied'); // only show the friend/foe color rows if the module is enabled $zebra_enabled = false; $_module = new p_master(); $_module->list_modules('ucp'); $_module->set_active('zebra'); $zebra_enabled = ($_module->active_module === false) ? false : true; unset($_module); if ($zebra_enabled) { $color_rows = array_merge($color_rows, array('friend', 'foe')); } foreach ($color_rows as $var) { $template->assign_block_vars('pm_colour_info', array( 'IMG' => $user->img("pm_{$var}", ''), 'CLASS' => "pm_{$var}_colour", 'LANG' => $user->lang[strtoupper($var) . '_MESSAGE']) ); } $mark_options = array('mark_important', 'delete_marked'); // Minimise edits if (!$auth->acl_get('u_pm_delete') && $key = array_search('delete_marked', $mark_options)) { unset($mark_options[$key]); } $s_mark_options = ''; foreach ($mark_options as $mark_option) { $s_mark_options .= ''; } // We do the folder moving options here too, for template authors to use... $s_folder_move_options = ''; if ($folder_id != PRIVMSGS_NO_BOX && $folder_id != PRIVMSGS_OUTBOX) { foreach ($folder as $f_id => $folder_ary) { if ($f_id == PRIVMSGS_OUTBOX || $f_id == PRIVMSGS_SENTBOX || $f_id == $folder_id) { continue; } $s_folder_move_options .= ''; $s_folder_move_options .= sprintf($user->lang['MOVE_MARKED_TO_FOLDER'], $folder_ary['folder_name']); $s_folder_move_options .= (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . ''; } } $friend = $foe = array(); // Get friends and foes $sql = 'SELECT * FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $friend[$row['zebra_id']] = $row['friend']; $foe[$row['zebra_id']] = $row['foe']; } $db->sql_freeresult($result); $template->assign_vars(array( 'S_MARK_OPTIONS' => $s_mark_options, 'S_MOVE_MARKED_OPTIONS' => $s_folder_move_options) ); // Okay, lets dump out the page ... if (sizeof($folder_info['pm_list'])) { $address_list = array(); // Build Recipient List if in outbox/sentbox - max two additional queries if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { $address_list = get_recipient_strings($folder_info['rowset']); } foreach ($folder_info['pm_list'] as $message_id) { $row = &$folder_info['rowset'][$message_id]; $folder_img = ($row['pm_unread']) ? 'pm_unread' : 'pm_read'; $folder_alt = ($row['pm_unread']) ? 'NEW_MESSAGES' : 'NO_NEW_MESSAGES'; // Generate all URIs ... $view_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=view&f=$folder_id&p=$message_id"); $remove_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&action=delete&p=$message_id"); $row_indicator = ''; foreach ($color_rows as $var) { if (($var != 'friend' && $var != 'foe' && $row['pm_' . $var]) || (($var == 'friend' || $var == 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']])) { $row_indicator = $var; break; } } // Send vars to template $template->assign_block_vars('messagerow', array( 'PM_CLASS' => ($row_indicator) ? 'pm_' . $row_indicator . '_colour' : '', 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'FOLDER_ID' => $folder_id, 'MESSAGE_ID' => $message_id, 'SENT_TIME' => $user->format_date($row['message_time']), 'SUBJECT' => censor_text($row['message_subject']), 'FOLDER' => (isset($folder[$row['folder_id']])) ? $folder[$row['folder_id']]['folder_name'] : '', 'U_FOLDER' => (isset($folder[$row['folder_id']])) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'folder=' . $row['folder_id']) : '', 'PM_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '' : '', 'PM_ICON_URL' => (!empty($icons[$row['icon_id']])) ? $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] : '', 'FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'S_PM_UNREAD' => ($row['pm_unread']) ? true : false, 'S_PM_DELETED' => ($row['pm_deleted']) ? true : false, 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false, 'S_AUTHOR_DELETED' => ($row['author_id'] == ANONYMOUS) ? true : false, 'U_VIEW_PM' => ($row['pm_deleted']) ? '' : $view_message_url, 'U_REMOVE_PM' => ($row['pm_deleted']) ? $remove_message_url : '', 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $row['report_id']) : '', 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode(', ', $address_list[$message_id]) : '') ); } unset($folder_info['rowset']); $template->assign_vars(array( 'S_SHOW_RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? true : false, 'S_SHOW_COLOUR_LEGEND' => true, 'REPORTED_IMG' => $user->img('icon_topic_reported', 'PM_REPORTED'), 'S_PM_ICONS' => ($config['enable_pm_icons']) ? true : false) ); } } else { $export_type = request_var('export_option', ''); $enclosure = request_var('enclosure', ''); $delimiter = request_var('delimiter', ''); if ($export_type == 'CSV' && ($delimiter === '' || $enclosure === '')) { $template->assign_var('PROMPT', true); } else { // Build Recipient List if in outbox/sentbox $address_temp = $address = $data = array(); if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { foreach ($folder_info['rowset'] as $message_id => $row) { $address_temp[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address'])); $address[$message_id] = array(); } } foreach ($folder_info['pm_list'] as $message_id) { $row = &$folder_info['rowset'][$message_id]; include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); $sql = 'SELECT p.message_text, p.bbcode_uid FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . " AND p.author_id = u.user_id AND t.folder_id = $folder_id AND t.msg_id = p.msg_id AND p.msg_id = $message_id"; $result = $db->sql_query_limit($sql, 1); $message_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $_types = array('u', 'g'); foreach ($_types as $ug_type) { if (isset($address_temp[$message_id][$ug_type]) && sizeof($address_temp[$message_id][$ug_type])) { if (!isset($address[$message_id][$ug_type])) { $address[$message_id][$ug_type] = array(); } if ($ug_type == 'u') { $sql = 'SELECT user_id as id, username as name FROM ' . USERS_TABLE . ' WHERE '; } else { $sql = 'SELECT group_id as id, group_name as name FROM ' . GROUPS_TABLE . ' WHERE '; } $sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($address_temp[$message_id][$ug_type]))); $result = $db->sql_query($sql); while ($info_row = $db->sql_fetchrow($result)) { $address[$message_id][$ug_type][$address_temp[$message_id][$ug_type][$info_row['id']]][] = $info_row['name']; unset($address_temp[$message_id][$ug_type][$info_row['id']]); } $db->sql_freeresult($result); } } // There is the chance that all recipients of the message got deleted. To avoid creating // exports without recipients, we add a bogus "undisclosed recipient". if (!(isset($address[$message_id]['g']) && sizeof($address[$message_id]['g'])) && !(isset($address[$message_id]['u']) && sizeof($address[$message_id]['u']))) { $address[$message_id]['u'] = array(); $address[$message_id]['u']['to'] = array(); $address[$message_id]['u']['to'][] = $user->lang['UNDISCLOSED_RECIPIENT']; } decode_message($message_row['message_text'], $message_row['bbcode_uid']); $data[] = array( 'subject' => censor_text($row['message_subject']), 'sender' => $row['username'], // ISO 8601 date. For PHP4 we are able to hardcode the timezone because $user->format_date() does not set it. 'date' => $user->format_date($row['message_time'], (PHP_VERSION >= 5) ? 'c' : "Y-m-d\TH:i:s+00:00", true), 'to' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? $address[$message_id] : '', 'message' => $message_row['message_text'] ); } switch ($export_type) { case 'CSV': case 'CSV_EXCEL': $mimetype = 'text/csv'; $filetype = 'csv'; if ($export_type == 'CSV_EXCEL') { $enclosure = '"'; $delimiter = ','; $newline = "\r\n"; } else { $newline = "\n"; } $string = ''; foreach ($data as $value) { $recipients = $value['to']; $value['to'] = $value['bcc'] = ''; if (is_array($recipients)) { foreach ($recipients as $values) { $value['bcc'] .= (isset($values['bcc']) && is_array($values['bcc'])) ? ',' . implode(',', $values['bcc']) : ''; $value['to'] .= (isset($values['to']) && is_array($values['to'])) ? ',' . implode(',', $values['to']) : ''; } // Remove the commas which will appear before the first entry. $value['to'] = substr($value['to'], 1); $value['bcc'] = substr($value['bcc'], 1); } foreach ($value as $tag => $text) { $cell = str_replace($enclosure, $enclosure . $enclosure, $text); if (strpos($cell, $enclosure) !== false || strpos($cell, $delimiter) !== false || strpos($cell, $newline) !== false) { $string .= $enclosure . $text . $enclosure . $delimiter; } else { $string .= $cell . $delimiter; } } $string = substr($string, 0, -1) . $newline; } break; case 'XML': $mimetype = 'application/xml'; $filetype = 'xml'; $string = '' . "\n"; $string .= "\n"; foreach ($data as $value) { $string .= "\t\n"; if (is_array($value['to'])) { foreach ($value['to'] as $key => $values) { foreach ($values as $type => $types) { foreach ($types as $name) { $string .= "\t\t$name\n"; } } } } unset($value['to']); foreach ($value as $tag => $text) { $string .= "\t\t<$tag>$text\n"; } $string .= "\t\n"; } $string .= ''; break; } header('Pragma: no-cache'); header("Content-Type: $mimetype; name=\"data.$filetype\""); header("Content-disposition: attachment; filename=data.$filetype"); echo $string; exit; } } } /** * Get Messages from folder/user */ function get_pm_from($folder_id, $folder, $user_id) { global $user, $db, $template, $config, $auth, $phpbb_root_path, $phpEx; $start = request_var('start', 0); // Additional vars later, pm ordering is mostly different from post ordering. :/ $sort_days = request_var('st', 0); $sort_key = request_var('sk', 't'); $sort_dir = request_var('sd', 'd'); // PM ordering options $limit_days = array(0 => $user->lang['ALL_MESSAGES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); // No sort by Author for sentbox/outbox (already only author available) // Also, sort by msg_id for the time - private messages are not as prone to errors as posts are. if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { $sort_by_text = array('t' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); $sort_by_sql = array('t' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); } else { $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); $sort_by_sql = array('a' => array('u.username_clean', 'p.message_time'), 't' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); } $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); $folder_sql = 't.folder_id = ' . (int) $folder_id; // Limit pms to certain time frame, obtain correct pm count if ($sort_days) { $min_post_time = time() - ($sort_days * 86400); if (isset($_POST['sort'])) { $start = 0; } $sql = 'SELECT COUNT(t.msg_id) AS pm_count FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . " p WHERE $folder_sql AND t.user_id = $user_id AND t.msg_id = p.msg_id AND p.message_time >= $min_post_time"; $result = $db->sql_query_limit($sql, 1); $pm_count = (int) $db->sql_fetchfield('pm_count'); $db->sql_freeresult($result); $sql_limit_time = "AND p.message_time >= $min_post_time"; } else { $pm_count = (!empty($folder[$folder_id]['num_messages'])) ? $folder[$folder_id]['num_messages'] : 0; $sql_limit_time = ''; } $template->assign_vars(array( 'PAGINATION' => generate_pagination(append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id&$u_sort_param"), $pm_count, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($pm_count, $config['topics_per_page'], $start), 'TOTAL_MESSAGES' => (($pm_count == 1) ? $user->lang['VIEW_PM_MESSAGE'] : sprintf($user->lang['VIEW_PM_MESSAGES'], $pm_count)), 'POST_IMG' => (!$auth->acl_get('u_sendpm')) ? $user->img('button_topic_locked', 'POST_PM_LOCKED') : $user->img('button_pm_new', 'POST_NEW_PM'), 'S_NO_AUTH_SEND_MESSAGE' => !$auth->acl_get('u_sendpm'), 'S_SELECT_SORT_DIR' => $s_sort_dir, 'S_SELECT_SORT_KEY' => $s_sort_key, 'S_SELECT_SORT_DAYS' => $s_limit_days, 'S_TOPIC_ICONS' => ($config['enable_pm_icons']) ? true : false, 'U_POST_NEW_TOPIC' => ($auth->acl_get('u_sendpm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose') : '', 'S_PM_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id" . (($start !== 0) ? "&start=$start" : '')), )); // Grab all pm data $rowset = $pm_list = array(); // If the user is trying to reach late pages, start searching from the end $store_reverse = false; $sql_limit = $config['topics_per_page']; if ($start > $pm_count / 2) { $store_reverse = true; if ($start + $config['topics_per_page'] > $pm_count) { $sql_limit = min($config['topics_per_page'], max(1, $pm_count - $start)); } // Select the sort order $direction = ($sort_dir == 'd') ? 'ASC' : 'DESC'; $sql_start = max(0, $pm_count - $sql_limit - $start); } else { // Select the sort order $direction = ($sort_dir == 'd') ? 'DESC' : 'ASC'; $sql_start = $start; } // Sql sort order if (is_array($sort_by_sql[$sort_key])) { $sql_sort_order = implode(' ' . $direction . ', ', $sort_by_sql[$sort_key]) . ' ' . $direction; } else { $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . $direction; } $sql = 'SELECT t.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour, p.message_reported FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . " u WHERE t.user_id = $user_id AND p.author_id = u.user_id AND $folder_sql AND t.msg_id = p.msg_id $sql_limit_time ORDER BY $sql_sort_order"; $result = $db->sql_query_limit($sql, $sql_limit, $sql_start); $pm_reported = array(); while ($row = $db->sql_fetchrow($result)) { $rowset[$row['msg_id']] = $row; $pm_list[] = $row['msg_id']; if ($row['message_reported']) { $pm_reported[] = $row['msg_id']; } } $db->sql_freeresult($result); // Fetch the report_ids, if there are any reported pms. if (!empty($pm_reported) && $auth->acl_getf_global('m_report')) { $sql = 'SELECT pm_id, report_id FROM ' . REPORTS_TABLE . ' WHERE report_closed = 0 AND ' . $db->sql_in_set('pm_id', $pm_reported); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $rowset[$row['pm_id']]['report_id'] = $row['report_id']; } $db->sql_freeresult($result); } $pm_list = ($store_reverse) ? array_reverse($pm_list) : $pm_list; return array( 'pm_count' => $pm_count, 'pm_list' => $pm_list, 'rowset' => $rowset ); } ?>PK:[Wk ucp_zebra.phpnuW+A array(0), 'add' => '', ); foreach ($var_ary as $var => $default) { $data[$var] = request_var($var, $default, true); } if (!empty($data['add']) || sizeof($data['usernames'])) { if (confirm_box(true)) { // Remove users if (!empty($data['usernames'])) { $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('zebra_id', $data['usernames']); $db->sql_query($sql); $updated = true; } // Add users if ($data['add']) { $data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add']))); // Do these name/s exist on a list already? If so, ignore ... we could be // 'nice' and automatically handle names added to one list present on // the other (by removing the existing one) ... but I have a feeling this // may lead to complaints $sql = 'SELECT z.*, u.username, u.username_clean FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u WHERE z.user_id = ' . $user->data['user_id'] . ' AND u.user_id = z.zebra_id'; $result = $db->sql_query($sql); $friends = $foes = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['friend']) { $friends[] = utf8_clean_string($row['username']); } else { $foes[] = utf8_clean_string($row['username']); } } $db->sql_freeresult($result); // remove friends from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], $friends); if (sizeof($data['add']) < $n && $mode == 'foes') { $error[] = $user->lang['NOT_ADDED_FOES_FRIENDS']; } // remove foes from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], $foes); if (sizeof($data['add']) < $n && $mode == 'friends') { $error[] = $user->lang['NOT_ADDED_FRIENDS_FOES']; } // remove the user himself from the username array $n = sizeof($data['add']); $data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username']))); if (sizeof($data['add']) < $n) { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF']; } unset($friends, $foes, $n); if (sizeof($data['add'])) { $sql = 'SELECT user_id, user_type FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('username_clean', $data['add']) . ' AND user_type <> ' . USER_INACTIVE; $result = $db->sql_query($sql); $user_id_ary = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE) { $user_id_ary[] = $row['user_id']; } else if ($row['user_id'] != ANONYMOUS) { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_BOTS']; } else { $error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS']; } } $db->sql_freeresult($result); if (sizeof($user_id_ary)) { // Remove users from foe list if they are admins or moderators if ($mode == 'foes') { $perms = array(); foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary) { foreach ($forum_ary as $auth_option => $user_ary) { $perms = array_merge($perms, $user_ary); } } $perms = array_unique($perms); if (sizeof($perms)) { $error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN']; } // This may not be right ... it may yield true when perms equate to deny $user_id_ary = array_diff($user_id_ary, $perms); unset($perms); } if (sizeof($user_id_ary)) { $sql_mode = ($mode == 'friends') ? 'friend' : 'foe'; $sql_ary = array(); foreach ($user_id_ary as $zebra_id) { $sql_ary[] = array( 'user_id' => (int) $user->data['user_id'], 'zebra_id' => (int) $zebra_id, $sql_mode => 1 ); } $db->sql_multi_insert(ZEBRA_TABLE, $sql_ary); $updated = true; } unset($user_id_ary); } else if (!sizeof($error)) { $error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE']; } } } if ($updated) { meta_refresh(3, $this->u_action); $message = $user->lang[$l_mode . '_UPDATED'] . '
' . implode('
', $error) . ((sizeof($error)) ? '
' : '') . '
' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { $template->assign_var('ERROR', implode('
', $error)); } } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 'mode' => $mode, 'submit' => true, 'usernames' => $data['usernames'], 'add' => $data['add'])) ); } } } $sql_and = ($mode == 'friends') ? 'z.friend = 1' : 'z.foe = 1'; $sql = 'SELECT z.*, u.username, u.username_clean FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u WHERE z.user_id = ' . $user->data['user_id'] . " AND $sql_and AND u.user_id = z.zebra_id ORDER BY u.username_clean ASC"; $result = $db->sql_query($sql); $s_username_options = ''; while ($row = $db->sql_fetchrow($result)) { $s_username_options .= ''; } $db->sql_freeresult($result); $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_ZEBRA_' . $l_mode], 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add'), 'S_USERNAME_OPTIONS' => $s_username_options, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action) ); $this->tpl_name = 'ucp_zebra_' . $mode; $this->page_title = 'UCP_ZEBRA_' . $l_mode; } } ?>PK:[9[xx ucp_main.phpnuW+Ap_master = &$p_master; } function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; switch ($mode) { case 'front': $user->add_lang('memberlist'); $sql_from = TOPICS_TABLE . ' t '; $sql_select = ''; if ($config['load_db_track']) { $sql_from .= ' LEFT JOIN ' . TOPICS_POSTED_TABLE . ' tp ON (tp.topic_id = t.topic_id AND tp.user_id = ' . $user->data['user_id'] . ')'; $sql_select .= ', tp.topic_posted'; } if ($config['load_db_lastread']) { $sql_from .= ' LEFT JOIN ' . TOPICS_TRACK_TABLE . ' tt ON (tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id'] . ')'; $sql_select .= ', tt.mark_time'; } $topic_type = $user->lang['VIEW_TOPIC_GLOBAL']; $folder = 'global_read'; $folder_new = 'global_unread'; // Get cleaned up list... return only those forums not having the f_read permission $forum_ary = $auth->acl_getf('!f_read', true); $forum_ary = array_unique(array_keys($forum_ary)); // Determine first forum the user is able to read into - for global announcement link $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . ' WHERE forum_type = ' . FORUM_POST; if (sizeof($forum_ary)) { $sql .= ' AND ' . $db->sql_in_set('forum_id', $forum_ary, true); } $result = $db->sql_query_limit($sql, 1); $g_forum_id = (int) $db->sql_fetchfield('forum_id'); $db->sql_freeresult($result); $sql = "SELECT t.* $sql_select FROM $sql_from WHERE t.forum_id = 0 AND t.topic_type = " . POST_GLOBAL . ' ORDER BY t.topic_last_post_time DESC'; $topic_list = $rowset = array(); // If the user can't see any forums, he can't read any posts because fid of 0 is invalid if ($g_forum_id) { $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $topic_list[] = $row['topic_id']; $rowset[$row['topic_id']] = $row; } $db->sql_freeresult($result); } $topic_tracking_info = array(); if ($config['load_db_lastread']) { $topic_tracking_info = get_topic_tracking(0, $topic_list, $rowset, false, $topic_list); } else { $topic_tracking_info = get_complete_topic_tracking(0, $topic_list, $topic_list); } foreach ($topic_list as $topic_id) { $row = &$rowset[$topic_id]; $forum_id = $row['forum_id']; $topic_id = $row['topic_id']; $unread_topic = (isset($topic_tracking_info[$topic_id]) && $row['topic_last_post_time'] > $topic_tracking_info[$topic_id]) ? true : false; $folder_img = ($unread_topic) ? $folder_new : $folder; $folder_alt = ($unread_topic) ? 'UNREAD_POSTS' : (($row['topic_status'] == ITEM_LOCKED) ? 'TOPIC_LOCKED' : 'NO_UNREAD_POSTS'); if ($row['topic_status'] == ITEM_LOCKED) { $folder_img .= '_locked'; } // Posted image? if (!empty($row['topic_posted']) && $row['topic_posted']) { $folder_img .= '_mine'; } $template->assign_block_vars('topicrow', array( 'FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, 'TOPIC_AUTHOR' => get_username_string('username', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'TOPIC_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'TOPIC_AUTHOR_FULL' => get_username_string('full', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'FIRST_POST_TIME' => $user->format_date($row['topic_time']), 'LAST_POST_SUBJECT' => censor_text($row['topic_last_post_subject']), 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), 'LAST_POST_AUTHOR' => get_username_string('username', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', '') : '', 'S_USER_POSTED' => (!empty($row['topic_posted']) && $row['topic_posted']) ? true : false, 'S_UNREAD' => $unread_topic, 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&p=" . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id&view=unread") . '#unread', 'U_VIEW_TOPIC' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$g_forum_id&t=$topic_id")) ); } if ($config['load_user_activity']) { if (!function_exists('display_user_activity')) { include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx); } display_user_activity($user->data); } // Do the relevant calculations $memberdays = max(1, round((time() - $user->data['user_regdate']) / 86400)); $posts_per_day = $user->data['user_posts'] / $memberdays; $percentage = ($config['num_posts']) ? min(100, ($user->data['user_posts'] / $config['num_posts']) * 100) : 0; $template->assign_vars(array( 'USER_COLOR' => (!empty($user->data['user_colour'])) ? $user->data['user_colour'] : '', 'JOINED' => $user->format_date($user->data['user_regdate']), 'VISITED' => (empty($last_visit)) ? ' - ' : $user->format_date($last_visit), 'WARNINGS' => ($user->data['user_warnings']) ? $user->data['user_warnings'] : 0, 'POSTS' => ($user->data['user_posts']) ? $user->data['user_posts'] : 0, 'POSTS_DAY' => sprintf($user->lang['POST_DAY'], $posts_per_day), 'POSTS_PCT' => sprintf($user->lang['POST_PCT'], $percentage), 'OCCUPATION' => (!empty($row['user_occ'])) ? $row['user_occ'] : '', 'INTERESTS' => (!empty($row['user_interests'])) ? $row['user_interests'] : '', // 'S_GROUP_OPTIONS' => $group_options, 'U_SEARCH_USER' => ($auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", 'author_id=' . $user->data['user_id'] . '&sr=posts') : '', )); break; case 'subscribed': include($phpbb_root_path . 'includes/functions_display.' . $phpEx); $user->add_lang('viewforum'); add_form_key('ucp_front_subscribed'); $unwatch = (isset($_POST['unwatch'])) ? true : false; if ($unwatch) { if (check_form_key('ucp_front_subscribed')) { $forums = array_keys(request_var('f', array(0 => 0))); $topics = array_keys(request_var('t', array(0 => 0))); $msg = ''; if (sizeof($forums) || sizeof($topics)) { $l_unwatch = ''; if (sizeof($forums)) { $sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . ' WHERE ' . $db->sql_in_set('forum_id', $forums) . ' AND user_id = ' . $user->data['user_id']; $db->sql_query($sql); $l_unwatch .= '_FORUMS'; } if (sizeof($topics)) { $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', $topics) . ' AND user_id = ' . $user->data['user_id']; $db->sql_query($sql); $l_unwatch .= '_TOPICS'; } $msg = $user->lang['UNWATCHED' . $l_unwatch]; } else { $msg = $user->lang['NO_WATCHED_SELECTED']; } } else { $msg = $user->lang['FORM_INVALID']; } $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=subscribed")); trigger_error($message); } $forbidden_forums = array(); if ($config['allow_forum_notify']) { $forbidden_forums = $auth->acl_getf('!f_read', true); $forbidden_forums = array_unique(array_keys($forbidden_forums)); $sql_array = array( 'SELECT' => 'f.*', 'FROM' => array( FORUMS_WATCH_TABLE => 'fw', FORUMS_TABLE => 'f' ), 'WHERE' => 'fw.user_id = ' . $user->data['user_id'] . ' AND f.forum_id = fw.forum_id AND ' . $db->sql_in_set('f.forum_id', $forbidden_forums, true, true), 'ORDER_BY' => 'left_id' ); if ($config['load_db_lastread']) { $sql_array['LEFT_JOIN'] = array( array( 'FROM' => array(FORUMS_TRACK_TABLE => 'ft'), 'ON' => 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id' ) ); $sql_array['SELECT'] .= ', ft.mark_time '; } else { $tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? ((STRIP) ? stripslashes($_COOKIE[$config['cookie_name'] . '_track']) : $_COOKIE[$config['cookie_name'] . '_track']) : ''; $tracking_topics = ($tracking_topics) ? tracking_unserialize($tracking_topics) : array(); } $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $forum_id = $row['forum_id']; if ($config['load_db_lastread']) { $forum_check = (!empty($row['mark_time'])) ? $row['mark_time'] : $user->data['user_lastmark']; } else { $forum_check = (isset($tracking_topics['f'][$forum_id])) ? (int) (base_convert($tracking_topics['f'][$forum_id], 36, 10) + $config['board_startdate']) : $user->data['user_lastmark']; } $unread_forum = ($row['forum_last_post_time'] > $forum_check) ? true : false; // Which folder should we display? if ($row['forum_status'] == ITEM_LOCKED) { $folder_image = ($unread_forum) ? 'forum_unread_locked' : 'forum_read_locked'; $folder_alt = 'FORUM_LOCKED'; } else { $folder_image = ($unread_forum) ? 'forum_unread' : 'forum_read'; $folder_alt = ($unread_forum) ? 'UNREAD_POSTS' : 'NO_UNREAD_POSTS'; } // Create last post link information, if appropriate if ($row['forum_last_post_id']) { $last_post_time = $user->format_date($row['forum_last_post_time']); $last_post_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "f=$forum_id&p=" . $row['forum_last_post_id']) . '#p' . $row['forum_last_post_id']; } else { $last_post_time = $last_post_url = ''; } $template->assign_block_vars('forumrow', array( 'FORUM_ID' => $forum_id, 'FORUM_FOLDER_IMG' => $user->img($folder_image, $folder_alt), 'FORUM_FOLDER_IMG_SRC' => $user->img($folder_image, $folder_alt, false, '', 'src'), 'FORUM_IMAGE' => ($row['forum_image']) ? '' . $user->lang[$folder_alt] . '' : '', 'FORUM_IMAGE_SRC' => ($row['forum_image']) ? $phpbb_root_path . $row['forum_image'] : '', 'FORUM_NAME' => $row['forum_name'], 'FORUM_DESC' => generate_text_for_display($row['forum_desc'], $row['forum_desc_uid'], $row['forum_desc_bitfield'], $row['forum_desc_options']), 'LAST_POST_SUBJECT' => $row['forum_last_post_subject'], 'LAST_POST_TIME' => $last_post_time, 'LAST_POST_AUTHOR' => get_username_string('username', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['forum_last_poster_id'], $row['forum_last_poster_name'], $row['forum_last_poster_colour']), 'U_LAST_POST' => $last_post_url, 'U_VIEWFORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id'])) ); } $db->sql_freeresult($result); } // Subscribed Topics if ($config['allow_topic_notify']) { if (empty($forbidden_forums)) { $forbidden_forums = $auth->acl_getf('!f_read', true); $forbidden_forums = array_unique(array_keys($forbidden_forums)); } $this->assign_topiclist('subscribed', $forbidden_forums); } $template->assign_vars(array( 'S_TOPIC_NOTIFY' => $config['allow_topic_notify'], 'S_FORUM_NOTIFY' => $config['allow_forum_notify'], )); break; case 'bookmarks': if (!$config['allow_bookmarks']) { $template->assign_vars(array( 'S_NO_DISPLAY_BOOKMARKS' => true) ); break; } include($phpbb_root_path . 'includes/functions_display.' . $phpEx); $user->add_lang('viewforum'); if (isset($_POST['unbookmark'])) { $s_hidden_fields = array('unbookmark' => 1); $topics = (isset($_POST['t'])) ? array_keys(request_var('t', array(0 => 0))) : array(); $url = $this->u_action; if (!sizeof($topics)) { trigger_error('NO_BOOKMARKS_SELECTED'); } foreach ($topics as $topic_id) { $s_hidden_fields['t'][$topic_id] = 1; } if (confirm_box(true)) { $sql = 'DELETE FROM ' . BOOKMARKS_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('topic_id', $topics); $db->sql_query($sql); meta_refresh(3, $url); $message = $user->lang['BOOKMARKS_REMOVED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { confirm_box(false, 'REMOVE_SELECTED_BOOKMARKS', build_hidden_fields($s_hidden_fields)); } } $forbidden_forums = $auth->acl_getf('!f_read', true); $forbidden_forums = array_unique(array_keys($forbidden_forums)); $this->assign_topiclist('bookmarks', $forbidden_forums); break; case 'drafts': $pm_drafts = ($this->p_master->p_name == 'pm') ? true : false; $template->assign_var('S_SHOW_DRAFTS', true); $user->add_lang('posting'); $edit = (isset($_REQUEST['edit'])) ? true : false; $submit = (isset($_POST['submit'])) ? true : false; $draft_id = ($edit) ? intval($_REQUEST['edit']) : 0; $delete = (isset($_POST['delete'])) ? true : false; $s_hidden_fields = ($edit) ? '' : ''; $draft_subject = $draft_message = ''; add_form_key('ucp_draft'); if ($delete) { if (check_form_key('ucp_draft')) { $drafts = array_keys(request_var('d', array(0 => 0))); if (sizeof($drafts)) { $sql = 'DELETE FROM ' . DRAFTS_TABLE . ' WHERE ' . $db->sql_in_set('draft_id', $drafts) . ' AND user_id = ' . $user->data['user_id']; $db->sql_query($sql); } $msg = $user->lang['DRAFTS_DELETED']; unset($drafts); } else { $msg = $user->lang['FORM_INVALID']; } $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $this->u_action); trigger_error($message); } if ($submit && $edit) { $draft_subject = utf8_normalize_nfc(request_var('subject', '', true)); $draft_message = utf8_normalize_nfc(request_var('message', '', true)); if (check_form_key('ucp_draft')) { if ($draft_message && $draft_subject) { $draft_row = array( 'draft_subject' => $draft_subject, 'draft_message' => $draft_message ); $sql = 'UPDATE ' . DRAFTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $draft_row) . " WHERE draft_id = $draft_id AND user_id = " . $user->data['user_id']; $db->sql_query($sql); $message = $user->lang['DRAFT_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $this->u_action); trigger_error($message); } else { $template->assign_var('ERROR', ($draft_message == '') ? $user->lang['EMPTY_DRAFT'] : (($draft_subject == '') ? $user->lang['EMPTY_DRAFT_TITLE'] : '')); } } else { $template->assign_var('ERROR', $user->lang['FORM_INVALID']); } } if (!$pm_drafts) { $sql = 'SELECT d.*, f.forum_name FROM ' . DRAFTS_TABLE . ' d, ' . FORUMS_TABLE . ' f WHERE d.user_id = ' . $user->data['user_id'] . ' ' . (($edit) ? "AND d.draft_id = $draft_id" : '') . ' AND f.forum_id = d.forum_id ORDER BY d.save_time DESC'; } else { $sql = 'SELECT * FROM ' . DRAFTS_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' ' . (($edit) ? "AND draft_id = $draft_id" : '') . ' AND forum_id = 0 AND topic_id = 0 ORDER BY save_time DESC'; } $result = $db->sql_query($sql); $draftrows = $topic_ids = array(); while ($row = $db->sql_fetchrow($result)) { if ($row['topic_id']) { $topic_ids[] = (int) $row['topic_id']; } $draftrows[] = $row; } $db->sql_freeresult($result); if (sizeof($topic_ids)) { $sql = 'SELECT topic_id, forum_id, topic_title FROM ' . TOPICS_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', array_unique($topic_ids)); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $topic_rows[$row['topic_id']] = $row; } $db->sql_freeresult($result); } unset($topic_ids); $template->assign_var('S_EDIT_DRAFT', $edit); $row_count = 0; foreach ($draftrows as $draft) { $link_topic = $link_forum = $link_pm = false; $insert_url = $view_url = $title = ''; if (isset($topic_rows[$draft['topic_id']]) && $auth->acl_get('f_read', $topic_rows[$draft['topic_id']]['forum_id'])) { $link_topic = true; $view_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $topic_rows[$draft['topic_id']]['forum_id'] . '&t=' . $draft['topic_id']); $title = $topic_rows[$draft['topic_id']]['topic_title']; $insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $topic_rows[$draft['topic_id']]['forum_id'] . '&t=' . $draft['topic_id'] . '&mode=reply&d=' . $draft['draft_id']); } else if ($auth->acl_get('f_read', $draft['forum_id'])) { $link_forum = true; $view_url = append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $draft['forum_id']); $title = $draft['forum_name']; $insert_url = append_sid("{$phpbb_root_path}posting.$phpEx", 'f=' . $draft['forum_id'] . '&mode=post&d=' . $draft['draft_id']); } else if ($pm_drafts) { $link_pm = true; $insert_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&d=" . $draft['draft_id']); } $template_row = array( 'DATE' => $user->format_date($draft['save_time']), 'DRAFT_MESSAGE' => ($submit) ? $draft_message : $draft['draft_message'], 'DRAFT_SUBJECT' => ($submit) ? $draft_subject : $draft['draft_subject'], 'TITLE' => $title, 'DRAFT_ID' => $draft['draft_id'], 'FORUM_ID' => $draft['forum_id'], 'TOPIC_ID' => $draft['topic_id'], 'U_VIEW' => $view_url, 'U_VIEW_EDIT' => $this->u_action . '&edit=' . $draft['draft_id'], 'U_INSERT' => $insert_url, 'S_LINK_TOPIC' => $link_topic, 'S_LINK_FORUM' => $link_forum, 'S_LINK_PM' => $link_pm, 'S_HIDDEN_FIELDS' => $s_hidden_fields ); $row_count++; ($edit) ? $template->assign_vars($template_row) : $template->assign_block_vars('draftrow', $template_row); } if (!$edit) { $template->assign_var('S_DRAFT_ROWS', $row_count); } break; } $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_MAIN_' . strtoupper($mode)], 'S_DISPLAY_MARK_ALL' => ($mode == 'watched' || ($mode == 'drafts' && !isset($_GET['edit']))) ? true : false, 'S_HIDDEN_FIELDS' => (isset($s_hidden_fields)) ? $s_hidden_fields : '', 'S_UCP_ACTION' => $this->u_action, 'LAST_POST_IMG' => $user->img('icon_topic_latest', 'VIEW_LATEST_POST'), 'NEWEST_POST_IMG' => $user->img('icon_topic_newest', 'VIEW_NEWEST_POST'), )); // Set desired template $this->tpl_name = 'ucp_main_' . $mode; $this->page_title = 'UCP_MAIN_' . strtoupper($mode); } /** * Build and assign topiclist for bookmarks/subscribed topics */ function assign_topiclist($mode = 'subscribed', $forbidden_forum_ary = array()) { global $user, $db, $template, $config, $cache, $auth, $phpbb_root_path, $phpEx; $table = ($mode == 'subscribed') ? TOPICS_WATCH_TABLE : BOOKMARKS_TABLE; $start = request_var('start', 0); // Grab icons $icons = $cache->obtain_icons(); $sql_array = array( 'SELECT' => 'COUNT(t.topic_id) as topics_count', 'FROM' => array( $table => 'i', TOPICS_TABLE => 't' ), 'WHERE' => 'i.topic_id = t.topic_id AND i.user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('t.forum_id', $forbidden_forum_ary, true, true), ); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $topics_count = (int) $db->sql_fetchfield('topics_count'); $db->sql_freeresult($result); if ($topics_count) { $template->assign_vars(array( 'PAGINATION' => generate_pagination($this->u_action, $topics_count, $config['topics_per_page'], $start), 'PAGE_NUMBER' => on_page($topics_count, $config['topics_per_page'], $start), 'TOTAL_TOPICS' => ($topics_count == 1) ? $user->lang['VIEW_FORUM_TOPIC'] : sprintf($user->lang['VIEW_FORUM_TOPICS'], $topics_count)) ); } if ($mode == 'subscribed') { $sql_array = array( 'SELECT' => 't.*, f.forum_name', 'FROM' => array( TOPICS_WATCH_TABLE => 'tw', TOPICS_TABLE => 't' ), 'WHERE' => 'tw.user_id = ' . $user->data['user_id'] . ' AND t.topic_id = tw.topic_id AND ' . $db->sql_in_set('t.forum_id', $forbidden_forum_ary, true, true), 'ORDER_BY' => 't.topic_last_post_time DESC' ); $sql_array['LEFT_JOIN'] = array(); } else { $sql_array = array( 'SELECT' => 't.*, f.forum_name, b.topic_id as b_topic_id', 'FROM' => array( BOOKMARKS_TABLE => 'b', ), 'WHERE' => 'b.user_id = ' . $user->data['user_id'] . ' AND ' . $db->sql_in_set('f.forum_id', $forbidden_forum_ary, true, true), 'ORDER_BY' => 't.topic_last_post_time DESC' ); $sql_array['LEFT_JOIN'] = array(); $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TABLE => 't'), 'ON' => 'b.topic_id = t.topic_id'); } $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TABLE => 'f'), 'ON' => 't.forum_id = f.forum_id'); if ($config['load_db_lastread']) { $sql_array['LEFT_JOIN'][] = array('FROM' => array(FORUMS_TRACK_TABLE => 'ft'), 'ON' => 'ft.forum_id = t.forum_id AND ft.user_id = ' . $user->data['user_id']); $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_TRACK_TABLE => 'tt'), 'ON' => 'tt.topic_id = t.topic_id AND tt.user_id = ' . $user->data['user_id']); $sql_array['SELECT'] .= ', tt.mark_time, ft.mark_time AS forum_mark_time'; } if ($config['load_db_track']) { $sql_array['LEFT_JOIN'][] = array('FROM' => array(TOPICS_POSTED_TABLE => 'tp'), 'ON' => 'tp.topic_id = t.topic_id AND tp.user_id = ' . $user->data['user_id']); $sql_array['SELECT'] .= ', tp.topic_posted'; } $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); $topic_list = $topic_forum_list = $global_announce_list = $rowset = array(); while ($row = $db->sql_fetchrow($result)) { $topic_id = (isset($row['b_topic_id'])) ? $row['b_topic_id'] : $row['topic_id']; $topic_list[] = $topic_id; $rowset[$topic_id] = $row; $topic_forum_list[$row['forum_id']]['forum_mark_time'] = ($config['load_db_lastread']) ? $row['forum_mark_time'] : 0; $topic_forum_list[$row['forum_id']]['topics'][] = $topic_id; if ($row['topic_type'] == POST_GLOBAL) { $global_announce_list[] = $topic_id; } } $db->sql_freeresult($result); $topic_tracking_info = array(); if ($config['load_db_lastread']) { foreach ($topic_forum_list as $f_id => $topic_row) { $topic_tracking_info += get_topic_tracking($f_id, $topic_row['topics'], $rowset, array($f_id => $topic_row['forum_mark_time']), ($f_id == 0) ? $global_announce_list : false); } } else { foreach ($topic_forum_list as $f_id => $topic_row) { $topic_tracking_info += get_complete_topic_tracking($f_id, $topic_row['topics'], $global_announce_list); } } foreach ($topic_list as $topic_id) { $row = &$rowset[$topic_id]; $forum_id = $row['forum_id']; $topic_id = (isset($row['b_topic_id'])) ? $row['b_topic_id'] : $row['topic_id']; $unread_topic = (isset($topic_tracking_info[$topic_id]) && $row['topic_last_post_time'] > $topic_tracking_info[$topic_id]) ? true : false; // Replies $replies = ($auth->acl_get('m_approve', $forum_id)) ? $row['topic_replies_real'] : $row['topic_replies']; if ($row['topic_status'] == ITEM_MOVED && !empty($row['topic_moved_id'])) { $topic_id = $row['topic_moved_id']; } // Get folder img, topic status/type related information $folder_img = $folder_alt = $topic_type = ''; topic_status($row, $replies, $unread_topic, $folder_img, $folder_alt, $topic_type); $view_topic_url_params = "f=$forum_id&t=$topic_id"; $view_topic_url = append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params); // Send vars to template $template->assign_block_vars('topicrow', array( 'FORUM_ID' => $forum_id, 'TOPIC_ID' => $topic_id, 'FIRST_POST_TIME' => $user->format_date($row['topic_time']), 'LAST_POST_SUBJECT' => $row['topic_last_post_subject'], 'LAST_POST_TIME' => $user->format_date($row['topic_last_post_time']), 'LAST_VIEW_TIME' => $user->format_date($row['topic_last_view_time']), 'TOPIC_AUTHOR' => get_username_string('username', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'TOPIC_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'TOPIC_AUTHOR_FULL' => get_username_string('full', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'U_TOPIC_AUTHOR' => get_username_string('profile', $row['topic_poster'], $row['topic_first_poster_name'], $row['topic_first_poster_colour']), 'LAST_POST_AUTHOR' => get_username_string('username', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'LAST_POST_AUTHOR_COLOUR' => get_username_string('colour', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'LAST_POST_AUTHOR_FULL' => get_username_string('full', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'U_LAST_POST_AUTHOR' => get_username_string('profile', $row['topic_last_poster_id'], $row['topic_last_poster_name'], $row['topic_last_poster_colour']), 'S_DELETED_TOPIC' => (!$row['topic_id']) ? true : false, 'S_GLOBAL_TOPIC' => (!$forum_id) ? true : false, 'PAGINATION' => topic_generate_pagination($replies, append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . (($row['forum_id']) ? $row['forum_id'] : $forum_id) . "&t=$topic_id")), 'REPLIES' => $replies, 'VIEWS' => $row['topic_views'], 'TOPIC_TITLE' => censor_text($row['topic_title']), 'TOPIC_TYPE' => $topic_type, 'FORUM_NAME' => $row['forum_name'], 'TOPIC_FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'TOPIC_FOLDER_IMG_SRC' => $user->img($folder_img, $folder_alt, false, '', 'src'), 'TOPIC_FOLDER_IMG_ALT' => $user->lang[$folder_alt], 'TOPIC_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['img'] : '', 'TOPIC_ICON_IMG_WIDTH' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['width'] : '', 'TOPIC_ICON_IMG_HEIGHT' => (!empty($icons[$row['icon_id']])) ? $icons[$row['icon_id']]['height'] : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $auth->acl_get('f_download', $forum_id) && $row['topic_attachment']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'S_TOPIC_TYPE' => $row['topic_type'], 'S_USER_POSTED' => (!empty($row['topic_posted'])) ? true : false, 'S_UNREAD_TOPIC' => $unread_topic, 'U_NEWEST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&view=unread') . '#unread', 'U_LAST_POST' => append_sid("{$phpbb_root_path}viewtopic.$phpEx", $view_topic_url_params . '&p=' . $row['topic_last_post_id']) . '#p' . $row['topic_last_post_id'], 'U_VIEW_TOPIC' => $view_topic_url, 'U_VIEW_FORUM' => append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $forum_id), )); } } } ?>PK:[k  ucp_attachments.phpnuW+Adata['user_id'] . ' AND is_orphan = 0 AND ' . $db->sql_in_set('attach_id', $delete_ids); $result = $db->sql_query($sql); $delete_ids = array(); while ($row = $db->sql_fetchrow($result)) { $delete_ids[] = $row['attach_id']; } $db->sql_freeresult($result); } if ($delete && sizeof($delete_ids)) { $s_hidden_fields = array( 'delete' => 1 ); foreach ($delete_ids as $attachment_id) { $s_hidden_fields['attachment'][$attachment_id] = 1; } if (confirm_box(true)) { if (!function_exists('delete_attachments')) { include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx); } delete_attachments('attach', $delete_ids); meta_refresh(3, $this->u_action); $message = ((sizeof($delete_ids) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED']) . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { confirm_box(false, (sizeof($delete_ids) == 1) ? 'DELETE_ATTACHMENT' : 'DELETE_ATTACHMENTS', build_hidden_fields($s_hidden_fields)); } } // Select box eventually $sort_key_text = array('a' => $user->lang['SORT_FILENAME'], 'b' => $user->lang['SORT_COMMENT'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']); $sort_key_sql = array('a' => 'a.real_filename', 'b' => 'a.attach_comment', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title'); $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); $s_sort_key = ''; foreach ($sort_key_text as $key => $value) { $selected = ($sort_key == $key) ? ' selected="selected"' : ''; $s_sort_key .= ''; } $s_sort_dir = ''; foreach ($sort_dir_text as $key => $value) { $selected = ($sort_dir == $key) ? ' selected="selected"' : ''; $s_sort_dir .= ''; } if (!isset($sort_key_sql[$sort_key])) { $sort_key = 'a'; } $order_by = $sort_key_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC'); $sql = 'SELECT COUNT(attach_id) as num_attachments FROM ' . ATTACHMENTS_TABLE . ' WHERE poster_id = ' . $user->data['user_id'] . ' AND is_orphan = 0'; $result = $db->sql_query($sql); $num_attachments = $db->sql_fetchfield('num_attachments'); $db->sql_freeresult($result); $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title FROM ' . ATTACHMENTS_TABLE . ' a LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id AND a.in_message = 0) LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id AND a.in_message = 1) WHERE a.poster_id = ' . $user->data['user_id'] . " AND a.is_orphan = 0 ORDER BY $order_by"; $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); $row_count = 0; if ($row = $db->sql_fetchrow($result)) { $template->assign_var('S_ATTACHMENT_ROWS', true); do { if ($row['in_message']) { $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&p={$row['post_msg_id']}"); } else { $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . "#p{$row['post_msg_id']}"; } $template->assign_block_vars('attachrow', array( 'ROW_NUMBER' => $row_count + ($start + 1), 'FILENAME' => $row['real_filename'], 'COMMENT' => bbcode_nl2br($row['attach_comment']), 'EXTENSION' => $row['extension'], 'SIZE' => get_formatted_filesize($row['filesize']), 'DOWNLOAD_COUNT' => $row['download_count'], 'POST_TIME' => $user->format_date($row['filetime']), 'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'], 'ATTACH_ID' => $row['attach_id'], 'POST_ID' => $row['post_msg_id'], 'TOPIC_ID' => $row['topic_id'], 'S_IN_MESSAGE' => $row['in_message'], 'U_VIEW_ATTACHMENT' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'id=' . $row['attach_id']), 'U_VIEW_TOPIC' => $view_topic) ); $row_count++; } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); $template->assign_vars(array( 'PAGE_NUMBER' => on_page($num_attachments, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&sk=$sort_key&sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start), 'TOTAL_ATTACHMENTS' => $num_attachments, 'L_TITLE' => $user->lang['UCP_ATTACHMENTS'], 'U_SORT_FILENAME' => $this->u_action . "&sk=a&sd=" . (($sort_key == 'a' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_FILE_COMMENT' => $this->u_action . "&sk=b&sd=" . (($sort_key == 'b' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_EXTENSION' => $this->u_action . "&sk=c&sd=" . (($sort_key == 'c' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_FILESIZE' => $this->u_action . "&sk=d&sd=" . (($sort_key == 'd' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_DOWNLOADS' => $this->u_action . "&sk=e&sd=" . (($sort_key == 'e' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_POST_TIME' => $this->u_action . "&sk=f&sd=" . (($sort_key == 'f' && $sort_dir == 'a') ? 'd' : 'a'), 'U_SORT_TOPIC_TITLE' => $this->u_action . "&sk=g&sd=" . (($sort_key == 'g' && $sort_dir == 'a') ? 'd' : 'a'), 'S_DISPLAY_MARK_ALL' => ($num_attachments) ? true : false, 'S_DISPLAY_PAGINATION' => ($num_attachments) ? true : false, 'S_UCP_ACTION' => $this->u_action, 'S_SORT_OPTIONS' => $s_sort_key, 'S_ORDER_SELECT' => $s_sort_dir) ); $this->tpl_name = 'ucp_attachments'; $this->page_title = 'UCP_ATTACHMENTS'; } } ?>PK:[S2ucp_confirm.phpnuW+Ainit(request_var('type', 0)); $captcha->execute(); garbage_collection(); exit_handler(); } } ?>PK:[D)mucp_pm_compose.phpnuW+Aacl_get('u_masspm')) ? false : true; $error = array(); $current_time = time(); // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || ($current_time - $lastclick < 2 && $submit)) { if ($msg_id) { redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); } redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm')); } // Since viewtopic.php language entries are used in several modes, // we include the language file here $user->add_lang('viewtopic'); // Output PM_TO box if message composing if ($action != 'edit') { // Add groups to PM box if ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) { $sql = 'SELECT g.group_id, g.group_name, g.group_type FROM ' . GROUPS_TABLE . ' g'; if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON ( g.group_id = ug.group_id AND ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 ) WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; } $sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND '; $sql .= 'g.group_receive_pm = 1 ORDER BY g.group_type DESC, g.group_name ASC'; $result = $db->sql_query($sql); $group_options = ''; while ($row = $db->sql_fetchrow($result)) { $group_options .= '' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . ''; } $db->sql_freeresult($result); } $template->assign_vars(array( 'S_SHOW_PM_BOX' => true, 'S_ALLOW_MASS_PM' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm')) ? true : false, 'S_GROUP_OPTIONS' => ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) ? $group_options : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=searchuser&form=postform&field=username_list&select_single=$select_single"), )); } $sql = ''; $folder_id = 0; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. switch ($action) { case 'post': if (!$auth->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } break; case 'reply': case 'quote': case 'forward': case 'quotepost': if (!$msg_id) { trigger_error('NO_MESSAGE'); } if (!$auth->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } if ($action == 'quotepost') { $sql = 'SELECT p.post_id as msg_id, p.forum_id, p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u WHERE p.post_id = $msg_id AND t.topic_id = p.topic_id AND u.user_id = p.poster_id"; } else { $sql = 'SELECT t.folder_id, p.*, u.username as quote_username FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . " AND p.author_id = u.user_id AND t.msg_id = p.msg_id AND p.msg_id = $msg_id"; } break; case 'edit': if (!$msg_id) { trigger_error('NO_MESSAGE'); } // check for outbox (not read) status, we do not allow editing if one user already having the message $sql = 'SELECT p.*, t.folder_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $user->data['user_id'] . ' AND t.folder_id = ' . PRIVMSGS_OUTBOX . " AND t.msg_id = $msg_id AND t.msg_id = p.msg_id"; break; case 'delete': if (!$auth->acl_get('u_pm_delete')) { trigger_error('NO_AUTH_DELETE_MESSAGE'); } if (!$msg_id) { trigger_error('NO_MESSAGE'); } $sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id FROM ' . PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . " AND msg_id = $msg_id"; break; case 'smilies': generate_smilies('window', 0); break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) { trigger_error('NO_AUTH_FORWARD_MESSAGE'); } if ($action == 'edit' && !$auth->acl_get('u_pm_edit')) { trigger_error('NO_AUTH_EDIT_MESSAGE'); } if ($sql) { $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post) { // If editing it could be the recipient already read the message... if ($action == 'edit') { $sql = 'SELECT p.*, t.folder_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $user->data['user_id'] . " AND t.msg_id = $msg_id AND t.msg_id = p.msg_id"; $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($post) { trigger_error('NO_EDIT_READ_MESSAGE'); } } trigger_error('NO_MESSAGE'); } if ($action == 'quotepost') { if (($post['forum_id'] && !$auth->acl_get('f_read', $post['forum_id'])) || (!$post['forum_id'] && !$auth->acl_getf_global('f_read'))) { trigger_error('NOT_AUTHORISED'); } // Passworded forum? if ($post['forum_id']) { $sql = 'SELECT forum_id, forum_name, forum_password FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $post['forum_id']; $result = $db->sql_query($sql); $forum_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!empty($forum_data['forum_password'])) { login_forum_box($forum_data); } } } $msg_id = (int) $post['msg_id']; $folder_id = (isset($post['folder_id'])) ? $post['folder_id'] : 0; $message_text = (isset($post['message_text'])) ? $post['message_text'] : ''; if ((!$post['author_id'] || ($post['author_id'] == ANONYMOUS && $action != 'delete')) && $msg_id) { trigger_error('NO_AUTHOR'); } if ($action == 'quotepost') { // Decode text for message display decode_message($message_text, $post['bbcode_uid']); } if ($action != 'delete') { $enable_urls = $post['enable_magic_url']; $enable_sig = (isset($post['enable_sig'])) ? $post['enable_sig'] : 0; $message_attachment = (isset($post['message_attachment'])) ? $post['message_attachment'] : 0; $message_subject = $post['message_subject']; $message_time = $post['message_time']; $bbcode_uid = $post['bbcode_uid']; $quote_username = (isset($post['quote_username'])) ? $post['quote_username'] : ''; $icon_id = (isset($post['icon_id'])) ? $post['icon_id'] : 0; if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !sizeof($address_list) && !$refresh && !$submit && !$preview) { // Add the original author as the recipient if quoting a post or only replying and not having checked "reply to all" if ($action == 'quotepost' || !$reply_to_all) { $address_list = array('u' => array($post['author_id'] => 'to')); } else { // We try to include every previously listed member from the TO Header - Reply to all $address_list = rebuild_header(array('to' => $post['to_address'])); // Add the author (if he is already listed then this is no shame (it will be overwritten)) $address_list['u'][$post['author_id']] = 'to'; // Now, make sure the user itself is not listed. ;) if (isset($address_list['u'][$user->data['user_id']])) { unset($address_list['u'][$user->data['user_id']]); } } } else if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview) { // Rebuild TO and BCC Header $address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address'])); } if ($action == 'quotepost') { $check_value = 0; } else { $check_value = (($post['enable_bbcode']+1) << 8) + (($post['enable_smilies']+1) << 4) + (($enable_urls+1) << 2) + (($post['enable_sig']+1) << 1); } } } else { $message_attachment = 0; $message_text = $message_subject = ''; if ($to_user_id && $to_user_id != ANONYMOUS && $action == 'post') { $address_list['u'][$to_user_id] = 'to'; } else if ($to_group_id && $action == 'post') { $address_list['g'][$to_group_id] = 'to'; } $check_value = 0; } if (($to_group_id || isset($address_list['g'])) && (!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group'))) { trigger_error('NO_AUTH_GROUP_MESSAGE'); } if ($action == 'edit' && !$refresh && !$preview && !$submit) { if (!($message_time > time() - ($config['pm_edit_time'] * 60) || !$config['pm_edit_time'])) { trigger_error('CANNOT_EDIT_MESSAGE_TIME'); } } if ($action == 'post') { $template->assign_var('S_NEW_MESSAGE', true); } if (!isset($icon_id)) { $icon_id = 0; } $message_parser = new parse_message(); $message_parser->message = ($action == 'reply') ? '' : $message_text; unset($message_text); $s_action = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=$mode&action=$action", true, $user->session_id); $s_action .= (($folder_id) ? "&f=$folder_id" : '') . (($msg_id) ? "&p=$msg_id" : ''); // Delete triggered ? if ($action == 'delete') { // Folder id has been determined by the SQL Statement // $folder_id = request_var('f', PRIVMSGS_NO_BOX); // Do we need to confirm ? if (confirm_box(true)) { delete_pm($user->data['user_id'], $msg_id, $folder_id); // jump to next message in "history"? nope, not for the moment. But able to be included later. $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id"); $message = $user->lang['MESSAGE_DELETED']; meta_refresh(3, $meta_info); $message .= '

' . sprintf($user->lang['RETURN_FOLDER'], '', ''); trigger_error($message); } else { $s_hidden_fields = array( 'p' => $msg_id, 'f' => $folder_id, 'action' => 'delete' ); // "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose" confirm_box(false, 'DELETE_MESSAGE', build_hidden_fields($s_hidden_fields)); } redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); } // Get maximum number of allowed recipients $sql = 'SELECT MAX(g.group_max_recipients) as max_recipients FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 AND ug.group_id = g.group_id'; $result = $db->sql_query($sql); $max_recipients = (int) $db->sql_fetchfield('max_recipients'); $db->sql_freeresult($result); $max_recipients = (!$max_recipients) ? $config['pm_max_recipients'] : $max_recipients; // If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients if (($action == 'reply' || $action == 'quote') && $max_recipients && $reply_to_all) { // We try to include every previously listed member from the TO Header $list = rebuild_header(array('to' => $post['to_address'])); // Can be an empty array too ;) $list = (!empty($list['u'])) ? $list['u'] : array(); $list[$post['author_id']] = 'to'; if (isset($list[$user->data['user_id']])) { unset($list[$user->data['user_id']]); } $max_recipients = ($max_recipients < sizeof($list)) ? sizeof($list) : $max_recipients; unset($list); } // Handle User/Group adding/removing handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc); // Check mass pm to group permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) { $address_list = array(); $error[] = $user->lang['NO_AUTH_GROUP_MESSAGE']; } // Check mass pm to users permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) { $address_list = get_recipients($address_list, 1); $error[] = $user->lang('TOO_MANY_RECIPIENTS', 1); } // Check for too many recipients if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) { $address_list = get_recipients($address_list, $max_recipients); $error[] = $user->lang('TOO_MANY_RECIPIENTS', $max_recipients); } // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data(); if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $msg_id AND in_message = 1 AND is_orphan = 0 ORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) { $enable_sig = ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig') && $user->optionget('attachsig')); $enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies')); $enable_bbcode = ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode')); $enable_urls = true; } $enable_magic_url = $drafts = false; // User own some drafts? if ($auth->acl_get('u_savedrafts') && $action != 'delete') { $sql = 'SELECT draft_id FROM ' . DRAFTS_TABLE . ' WHERE forum_id = 0 AND topic_id = 0 AND user_id = ' . $user->data['user_id'] . (($draft_id) ? " AND draft_id <> $draft_id" : ''); $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $drafts = true; } } if ($action == 'edit') { $message_parser->bbcode_uid = $bbcode_uid; } $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; $smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false; $img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false; $flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false; $url_status = ($config['allow_post_links']) ? true : false; // Save Draft if ($save && $auth->acl_get('u_savedrafts')) { $subject = utf8_normalize_nfc(request_var('subject', '', true)); $subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject; $message = utf8_normalize_nfc(request_var('message', '', true)); if ($subject && $message) { if (confirm_box(true)) { $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => $user->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, 'draft_message' => $message ) ); $db->sql_query($sql); $redirect_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode"); meta_refresh(3, $redirect_url); $message = $user->lang['DRAFT_SAVED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { $s_hidden_fields = build_hidden_fields(array( 'mode' => $mode, 'action' => $action, 'save' => true, 'subject' => $subject, 'message' => $message, 'u' => $to_user_id, 'g' => $to_group_id, 'p' => $msg_id) ); $s_hidden_fields .= build_address_field($address_list); confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); } } else { if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } if (utf8_clean_string($message) === '') { $error[] = $user->lang['TOO_FEW_CHARS']; } } unset($subject, $message); } // Load Draft if ($draft_id && $auth->acl_get('u_savedrafts')) { $sql = 'SELECT draft_subject, draft_message FROM ' . DRAFTS_TABLE . " WHERE draft_id = $draft_id AND topic_id = 0 AND forum_id = 0 AND user_id = " . $user->data['user_id']; $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $message_parser->message = $row['draft_message']; $message_subject = $row['draft_subject']; $template->assign_var('S_DRAFT_LOADED', true); } else { $draft_id = 0; } $db->sql_freeresult($result); } // Load Drafts if ($load && $drafts) { load_drafts(0, 0, $id, $action, $msg_id); } if ($submit || $preview || $refresh) { if (($submit || $preview) && !check_form_key('ucp_pm_compose')) { $error[] = $user->lang['FORM_INVALID']; } $subject = utf8_normalize_nfc(request_var('subject', '', true)); $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); $icon_id = request_var('icon', 0); $enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true; $enable_smilies = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true; $enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1; $enable_sig = (!$config['allow_sig'] ||!$config['allow_sig_pm']) ? false : ((isset($_POST['attach_sig'])) ? true : false); if ($submit) { $status_switch = (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1); $status_switch = ($status_switch != $check_value); } else { $status_switch = 1; } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); if (sizeof($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = implode('
', $message_parser->warn_msg); $message_parser->warn_msg = array(); } // Parse message $message_parser->parse($enable_bbcode, ($config['allow_post_links']) ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']); // On a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && !$refresh) { $error[] = implode('
', $message_parser->warn_msg); } if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood')) { // Flood check $last_post_time = $user->data['user_lastpost_time']; if ($last_post_time) { if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval'])) { $error[] = $user->lang['FLOOD_ERROR']; } } } // Subject defined if ($submit) { if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } if (!sizeof($address_list)) { $error[] = $user->lang['NO_RECIPIENT']; } } // Store message, sync counters if (!sizeof($error) && $submit) { $pm_data = array( 'msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => (isset($post['root_level'])) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list ); // ((!$message_subject) ? $subject : $message_subject) $msg_id = submit_pm($action, $subject, $pm_data); $return_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=view&p=' . $msg_id); $inbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'); $outbox_folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=outbox'); $folder_url = ''; if (($folder_id > 0) && isset($user_folders[$folder_id])) { $folder_url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=' . $folder_id); } $return_box_url = ($action === 'post' || $action === 'edit') ? $outbox_folder_url : $inbox_folder_url; $return_box_lang = ($action === 'post' || $action === 'edit') ? 'PM_OUTBOX' : 'PM_INBOX'; $save_message = ($action === 'edit') ? $user->lang['MESSAGE_EDITED'] : $user->lang['MESSAGE_STORED']; $message = $save_message . '

' . $user->lang('VIEW_PRIVATE_MESSAGE', '', ''); $last_click_type = 'CLICK_RETURN_FOLDER'; if ($folder_url) { $message .= '

' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '', '', $user_folders[$folder_id]['folder_name']); $last_click_type = 'CLICK_GOTO_FOLDER'; } $message .= '

' . sprintf($user->lang[$last_click_type], '', '', $user->lang[$return_box_lang]); meta_refresh(3, $return_message_url); trigger_error($message); } $message_subject = $subject; } // Preview if (!sizeof($error) && $preview) { $preview_message = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); $preview_signature = $user->data['user_sig']; $preview_signature_uid = $user->data['user_sig_bbcode_uid']; $preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield']; // Signature if ($enable_sig && $config['allow_sig'] && $preview_signature) { $parse_sig = new parse_message($preview_signature); $parse_sig->bbcode_uid = $preview_signature_uid; $parse_sig->bbcode_bitfield = $preview_signature_bitfield; $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); $preview_signature = $parse_sig->message; unset($parse_sig); } else { $preview_signature = ''; } // Attachment Preview if (sizeof($message_parser->attachment_data)) { $template->assign_var('S_HAS_ATTACHMENTS', true); $update_count = array(); $attachment_data = $message_parser->attachment_data; parse_attachments(false, $preview_message, $attachment_data, $update_count, true); foreach ($attachment_data as $i => $attachment) { $template->assign_block_vars('attachment', array( 'DISPLAY_ATTACHMENT' => $attachment) ); } unset($attachment_data); } $preview_subject = censor_text($subject); if (!sizeof($error)) { $template->assign_vars(array( 'PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true) ); } unset($message_text); } // Decode text for message display $bbcode_uid = (($action == 'quote' || $action == 'forward') && !$preview && !$refresh && (!sizeof($error) || (sizeof($error) && !$submit))) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); if (($action == 'quote' || $action == 'quotepost') && !$preview && !$refresh && !$submit) { if ($action == 'quotepost') { $post_id = request_var('p', 0); if ($config['allow_post_links']) { $message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}: {$message_subject}[/url]\n\n"; } else { $message_link = $user->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n"; } } else { $message_link = ''; } $message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; } if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) { $message_subject = ((!preg_match('/^Re:/', $message_subject)) ? 'Re: ' : '') . censor_text($message_subject); } if ($action == 'forward' && !$preview && !$refresh && !$submit) { $fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true); if ($config['allow_post_links']) { $quote_username_text = '[url=' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]"; } else { $quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']})"; } $forward_text = array(); $forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE']; $forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject)); $forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time, false, true)); $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text); $forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to'])); $message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; $message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject); } $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $message_text = $message_parser->message; // MAIN PM PAGE BEGINS HERE // Generate smiley listing generate_smilies('inline', 0); // Generate PM Icons $s_pm_icons = false; if ($config['enable_pm_icons']) { $s_pm_icons = posting_gen_topic_icons($action, $icon_id); } // Generate inline attachment select box posting_gen_inline_attachments($attachment_data); // Build address list for display // array('u' => array($author_id => 'to')); if (sizeof($address_list)) { // Get Usernames and Group Names $result = array(); if (!empty($address_list['u'])) { $sql = 'SELECT user_id as id, username as name, user_colour as colour FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($address_list['u']))) . ' ORDER BY username_clean ASC'; $result['u'] = $db->sql_query($sql); } if (!empty($address_list['g'])) { $sql = 'SELECT g.group_id AS id, g.group_name AS name, g.group_colour AS colour, g.group_type FROM ' . GROUPS_TABLE . ' g'; if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON ( g.group_id = ug.group_id AND ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 ) WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; } $sql .= ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? ' WHERE ' : ' AND '; $sql .= 'g.group_receive_pm = 1 AND ' . $db->sql_in_set('g.group_id', array_map('intval', array_keys($address_list['g']))) . ' ORDER BY g.group_name ASC'; $result['g'] = $db->sql_query($sql); } $u = $g = array(); $_types = array('u', 'g'); foreach ($_types as $type) { if (isset($result[$type]) && $result[$type]) { while ($row = $db->sql_fetchrow($result[$type])) { if ($type == 'g') { $row['name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['name']] : $row['name']; } ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']); } $db->sql_freeresult($result[$type]); } } // Now Build the address list $plain_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { if (!isset(${$type}[$id])) { unset($address_list[$type][$id]); continue; } $field = ($field == 'to') ? 'to' : 'bcc'; $type = ($type == 'u') ? 'u' : 'g'; $id = (int) $id; $tpl_ary = array( 'IS_GROUP' => ($type == 'g') ? true : false, 'IS_USER' => ($type == 'u') ? true : false, 'UG_ID' => $id, 'NAME' => ${$type}[$id]['name'], 'COLOUR' => (${$type}[$id]['colour']) ? '#' . ${$type}[$id]['colour'] : '', 'TYPE' => $type, ); if ($type == 'u') { $tpl_ary = array_merge($tpl_ary, array( 'U_VIEW' => get_username_string('profile', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), 'NAME_FULL' => get_username_string('full', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), )); } else { $tpl_ary = array_merge($tpl_ary, array( 'U_VIEW' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $id), )); } $template->assign_block_vars($field . '_recipient', $tpl_ary); } } } // Build hidden address list $s_hidden_address_field = build_address_field($address_list); $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1); $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smilies') : 1); $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0; $sig_checked = $enable_sig; switch ($action) { case 'post': $page_title = $user->lang['POST_NEW_PM']; break; case 'quote': $page_title = $user->lang['POST_QUOTE_PM']; break; case 'quotepost': $page_title = $user->lang['POST_PM_POST']; break; case 'reply': $page_title = $user->lang['POST_REPLY_PM']; break; case 'edit': $page_title = $user->lang['POST_EDIT_PM']; break; case 'forward': $page_title = $user->lang['POST_FORWARD_PM']; break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } $s_hidden_fields = ''; $s_hidden_fields .= (isset($check_value)) ? '' : ''; $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '' : ''; $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $template->assign_vars(array( 'L_POST_A' => $page_title, 'L_ICON' => $user->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'SUBJECT' => (isset($message_subject)) ? $message_subject : '', 'MESSAGE' => $message_text, 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '', '') : sprintf($user->lang['BBCODE_IS_OFF'], '', ''), 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => ($url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'MAX_RECIPIENTS' => ($config['allow_mass_pm'] && ($auth->acl_get('u_masspm') || $auth->acl_get('u_masspm_group'))) ? $max_recipients : 0, 'S_COMPOSE_PM' => true, 'S_EDIT_POST' => ($action == 'edit'), 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => ($config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig')), 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '', 'S_LINKS_ALLOWED' => $url_status, 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => ($auth->acl_get('u_savedrafts') && $action != 'edit') ? true : false, 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts), 'S_FORM_ENCTYPE' => $form_enctype, 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => true, 'S_BBCODE_URL' => $url_status, 'S_POST_ACTION' => $s_action, 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup'), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.$phpEx", 'f=0&mode=popup')), )); // Build custom bbcodes array display_custom_bbcodes(); // Show attachment box for adding attachments if true $allowed = ($auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype); // Attachment entry posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); // Message History if ($action == 'reply' || $action == 'quote' || $action == 'forward') { if (message_history($msg_id, $user->data['user_id'], $post, array(), true)) { $template->assign_var('S_DISPLAY_HISTORY', true); } } } /** * For composing messages, handle list actions */ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc) { global $auth, $db, $user; // Delete User [TO/BCC] if ($remove_u && !empty($_REQUEST['remove_u']) && is_array($_REQUEST['remove_u'])) { $remove_user_id = array_keys($_REQUEST['remove_u']); if (isset($remove_user_id[0])) { unset($address_list['u'][(int) $remove_user_id[0]]); } } // Delete Group [TO/BCC] if ($remove_g && !empty($_REQUEST['remove_g']) && is_array($_REQUEST['remove_g'])) { $remove_group_id = array_keys($_REQUEST['remove_g']); if (isset($remove_group_id[0])) { unset($address_list['g'][(int) $remove_group_id[0]]); } } // Add Selected Groups $group_list = request_var('group_list', array(0)); // Build usernames to add $usernames = request_var('username', '', true); $usernames = (empty($usernames)) ? array() : array($usernames); $username_list = request_var('username_list', '', true); if ($username_list) { $usernames = array_merge($usernames, explode("\n", $username_list)); } // If add to or add bcc not pressed, users could still have usernames listed they want to add... if (!$add_to && !$add_bcc && (sizeof($group_list) || sizeof($usernames))) { $add_to = true; global $refresh, $submit, $preview; $refresh = true; $submit = false; // Preview is only true if there was also a message entered if (request_var('message', '')) { $preview = true; } } // Add User/Group [TO] if ($add_to || $add_bcc) { $type = ($add_to) ? 'to' : 'bcc'; if (sizeof($group_list)) { foreach ($group_list as $group_id) { $address_list['g'][$group_id] = $type; } } // User ID's to add... $user_id_ary = array(); // Reveal the correct user_ids if (sizeof($usernames)) { $user_id_ary = array(); user_get_id_name($user_id_ary, $usernames, array(USER_NORMAL, USER_FOUNDER, USER_INACTIVE)); // If there are users not existing, we will at least print a notice... if (!sizeof($user_id_ary)) { $error[] = $user->lang['PM_NO_USERS']; } } // Add Friends if specified $friend_list = (isset($_REQUEST['add_' . $type]) && is_array($_REQUEST['add_' . $type])) ? array_map('intval', array_keys($_REQUEST['add_' . $type])) : array(); $user_id_ary = array_merge($user_id_ary, $friend_list); foreach ($user_id_ary as $user_id) { if ($user_id == ANONYMOUS) { continue; } $address_list['u'][$user_id] = $type; } } // Check for disallowed recipients if (!empty($address_list['u'])) { // We need to check their PM status (do they want to receive PM's?) // Only check if not a moderator or admin, since they are allowed to override this user setting if (!$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_')) { $sql = 'SELECT user_id FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . ' AND user_allow_pm = 0'; $result = $db->sql_query($sql); $removed = false; while ($row = $db->sql_fetchrow($result)) { $removed = true; unset($address_list['u'][$row['user_id']]); } $db->sql_freeresult($result); // print a notice about users not being added who do not want to receive pms if ($removed) { $error[] = $user->lang['PM_USERS_REMOVED_NO_PM']; } } } } /** * Build the hidden field for the recipients. Needed, as the variable is not read via request_var. */ function build_address_field($address_list) { $s_hidden_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { $s_hidden_address_field .= ''; } } return $s_hidden_address_field; } /** * Return number of private message recipients */ function num_recipients($address_list) { $num_recipients = 0; foreach ($address_list as $field => $adr_ary) { $num_recipients += sizeof($adr_ary); } return $num_recipients; } /** * Get number of 'num_recipients' recipients from first position */ function get_recipients($address_list, $num_recipients = 1) { $recipient = array(); $count = 0; foreach ($address_list as $field => $adr_ary) { foreach ($adr_ary as $id => $type) { if ($count >= $num_recipients) { break 2; } $recipient[$field][$id] = $type; $count++; } } return $recipient; } ?>PK:[7Xdducp_profile.phpnuW+Aadd_lang('posting'); $preview = (!empty($_POST['preview'])) ? true : false; $submit = (!empty($_POST['submit'])) ? true : false; $delete = (!empty($_POST['delete'])) ? true : false; $error = $data = array(); $s_hidden_fields = ''; switch ($mode) { case 'reg_details': $data = array( 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), 'email' => strtolower(request_var('email', $user->data['user_email'])), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'new_password' => request_var('new_password', '', true), 'cur_password' => request_var('cur_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), ); add_form_key('ucp_reg_details'); if ($submit) { // Do not check cur_password, it is the old one. $check_ary = array( 'new_password' => array( array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array( array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', true, 6, 60), ); if ($auth->acl_get('u_chgname') && $config['allow_namechange']) { $check_ary['username'] = array( array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username'), ); } $error = validate_data($data, $check_ary); if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'] && $data['email_confirm'] != $data['email']) { $error[] = ($data['email_confirm']) ? 'NEW_EMAIL_ERROR' : 'NEW_EMAIL_CONFIRM_EMPTY'; } if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password']) { $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY'; } // Only check the new password against the previous password if there have been no errors if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && phpbb_check_hash($data['new_password'], $user->data['user_password'])) { $error[] = 'SAME_PASSWORD_ERROR'; } if (!phpbb_check_hash($data['cur_password'], $user->data['user_password'])) { $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY'; } if (!check_form_key('ucp_reg_details')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $sql_ary = array( 'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'], 'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'], 'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'], 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'], 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? phpbb_hash($data['new_password']) : $user->data['user_password'], 'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0, ); if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username']) { add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']); } if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !phpbb_check_hash($data['new_password'], $user->data['user_password'])) { $user->reset_login_keys(); add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']); } if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email']) { add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']); } $message = 'PROFILE_UPDATED'; if ($auth->acl_get('u_chgemail') && $config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) { $message = ($config['require_activation'] == USER_ACTIVATION_SELF) ? 'ACCOUNT_EMAIL_CHANGED' : 'ACCOUNT_EMAIL_CHANGED_ADMIN'; include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $server_url = generate_board_url(); $user_actkey = gen_rand_string(mt_rand(6, 10)); $messenger = new messenger(false); $template_file = ($config['require_activation'] == USER_ACTIVATION_ADMIN) ? 'user_activate_inactive' : 'user_activate'; $messenger->template($template_file, $user->data['user_lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") ); $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u={$user->data['user_id']}", 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey") ); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } user_active_flip('deactivate', $user->data['user_id'], INACTIVE_PROFILE); // Because we want the profile to be reactivated we set user_newpasswd to empty (else the reactivation will fail) $sql_ary['user_actkey'] = $user_actkey; $sql_ary['user_newpasswd'] = ''; } if (sizeof($sql_ary)) { $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); } // Need to update config, forum, topic, posting, messages, etc. if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange']) { user_update_name($user->data['username'], $data['username']); } // Now, we can remove the user completely (kill the session) - NOT BEFORE!!! if (!empty($sql_ary['user_actkey'])) { meta_refresh(5, append_sid($phpbb_root_path . 'index.' . $phpEx)); $message = $user->lang[$message] . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); // Because the user gets deactivated we log him out too, killing his session $user->session_kill(); } else { meta_refresh(3, $this->u_action); $message = $user->lang[$message] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); } trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'USERNAME' => $data['username'], 'EMAIL' => $data['email'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'NEW_PASSWORD' => $data['new_password'], 'CUR_PASSWORD' => '', 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false, 'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false, 'S_CHANGE_EMAIL' => ($auth->acl_get('u_chgemail')) ? true : false, 'S_CHANGE_PASSWORD' => ($auth->acl_get('u_chgpasswd')) ? true : false) ); break; case 'profile_info': include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); $cp = new custom_profile(); $cp_data = $cp_error = array(); $data = array( 'icq' => request_var('icq', $user->data['user_icq']), 'aim' => request_var('aim', $user->data['user_aim']), 'msn' => request_var('msn', $user->data['user_msnm']), 'yim' => request_var('yim', $user->data['user_yim']), 'jabber' => utf8_normalize_nfc(request_var('jabber', $user->data['user_jabber'], true)), 'website' => request_var('website', $user->data['user_website']), 'location' => utf8_normalize_nfc(request_var('location', $user->data['user_from'], true)), 'occupation' => utf8_normalize_nfc(request_var('occupation', $user->data['user_occ'], true)), 'interests' => utf8_normalize_nfc(request_var('interests', $user->data['user_interests'], true)), ); if ($config['allow_birthdays']) { $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0; if ($user->data['user_birthday']) { list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']); } $data['bday_day'] = request_var('bday_day', $data['bday_day']); $data['bday_month'] = request_var('bday_month', $data['bday_month']); $data['bday_year'] = request_var('bday_year', $data['bday_year']); $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']); } add_form_key('ucp_profile_info'); if ($submit) { $validate_array = array( 'icq' => array( array('string', true, 3, 15), array('match', true, '#^[0-9]+$#i')), 'aim' => array('string', true, 3, 255), 'msn' => array('string', true, 5, 255), 'jabber' => array( array('string', true, 5, 255), array('jabber')), 'yim' => array('string', true, 5, 255), 'website' => array( array('string', true, 12, 255), array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')), 'location' => array('string', true, 2, 100), 'occupation' => array('string', true, 2, 500), 'interests' => array('string', true, 2, 500), ); if ($config['allow_birthdays']) { $validate_array = array_merge($validate_array, array( 'bday_day' => array('num', true, 1, 31), 'bday_month' => array('num', true, 1, 12), 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50), 'user_birthday' => array('date', true), )); } $error = validate_data($data, $validate_array); // validate custom profile fields $cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error); if (sizeof($cp_error)) { $error = array_merge($error, $cp_error); } if (!check_form_key('ucp_profile_info')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $data['notify'] = $user->data['user_notify_type']; if ($data['notify'] == NOTIFY_IM && (!$config['jab_enable'] || !$data['jabber'] || !@extension_loaded('xml'))) { // User has not filled in a jabber address (Or one of the modules is disabled or jabber is disabled) // Disable notify by Jabber now for this user. $data['notify'] = NOTIFY_EMAIL; } $sql_ary = array( 'user_icq' => $data['icq'], 'user_aim' => $data['aim'], 'user_msnm' => $data['msn'], 'user_yim' => $data['yim'], 'user_jabber' => $data['jabber'], 'user_website' => $data['website'], 'user_from' => $data['location'], 'user_occ' => $data['occupation'], 'user_interests'=> $data['interests'], 'user_notify_type' => $data['notify'], ); if ($config['allow_birthdays']) { $sql_ary['user_birthday'] = $data['user_birthday']; } $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); // Update Custom Fields $cp->update_profile_field_data($user->data['user_id'], $cp_data); meta_refresh(3, $this->u_action); $message = $user->lang['PROFILE_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } if ($config['allow_birthdays']) { $s_birthday_day_options = ''; for ($i = 1; $i < 32; $i++) { $selected = ($i == $data['bday_day']) ? ' selected="selected"' : ''; $s_birthday_day_options .= ""; } $s_birthday_month_options = ''; for ($i = 1; $i < 13; $i++) { $selected = ($i == $data['bday_month']) ? ' selected="selected"' : ''; $s_birthday_month_options .= ""; } $s_birthday_year_options = ''; $now = getdate(); $s_birthday_year_options = ''; for ($i = $now['year'] - 100; $i <= $now['year']; $i++) { $selected = ($i == $data['bday_year']) ? ' selected="selected"' : ''; $s_birthday_year_options .= ""; } unset($now); $template->assign_vars(array( 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options, 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options, 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options, 'S_BIRTHDAYS_ENABLED' => true, )); } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'ICQ' => $data['icq'], 'YIM' => $data['yim'], 'AIM' => $data['aim'], 'MSN' => $data['msn'], 'JABBER' => $data['jabber'], 'WEBSITE' => $data['website'], 'LOCATION' => $data['location'], 'OCCUPATION'=> $data['occupation'], 'INTERESTS' => $data['interests'], )); // Get additional profile fields and assign them to the template block var 'profile_fields' $user->get_profile_fields($user->data['user_id']); $cp->generate_profile_fields('profile', $user->get_iso_lang_id()); break; case 'signature': if (!$auth->acl_get('u_sig')) { trigger_error('NO_AUTH_SIGNATURE'); } include($phpbb_root_path . 'includes/functions_posting.' . $phpEx); include($phpbb_root_path . 'includes/functions_display.' . $phpEx); $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $user->optionget('sig_bbcode') : false; $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $user->optionget('sig_smilies') : false; $enable_urls = ($config['allow_sig_links']) ? (bool) $user->optionget('sig_links') : false; $signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true)); add_form_key('ucp_sig'); if ($submit || $preview) { include($phpbb_root_path . 'includes/message_parser.' . $phpEx); $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false; $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false; $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false; if (!sizeof($error)) { $message_parser = new parse_message($signature); // Allowing Quote BBCode $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig'); if (sizeof($message_parser->warn_msg)) { $error[] = implode('
', $message_parser->warn_msg); } if (!check_form_key('ucp_sig')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error) && $submit) { $user->optionset('sig_bbcode', $enable_bbcode); $user->optionset('sig_smilies', $enable_smilies); $user->optionset('sig_links', $enable_urls); $sql_ary = array( 'user_sig' => (string) $message_parser->message, 'user_options' => $user->data['user_options'], 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid, 'user_sig_bbcode_bitfield' => $message_parser->bbcode_bitfield ); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $message = $user->lang['PROFILE_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $signature_preview = ''; if ($preview) { // Now parse it for displaying $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); unset($message_parser); } decode_message($signature, $user->data['user_sig_bbcode_uid']); $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'SIGNATURE' => $signature, 'SIGNATURE_PREVIEW' => $signature_preview, 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '', 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '', 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '', '') : sprintf($user->lang['BBCODE_IS_OFF'], '', ''), 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_sig_font_size'], 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']), 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'], 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'], 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false, 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false, 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false) ); // Build custom bbcodes array display_custom_bbcodes(); break; case 'avatar': include($phpbb_root_path . 'includes/functions_display.' . $phpEx); $display_gallery = request_var('display_gallery', '0'); $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $auth->acl_get('u_chgavatar') && (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on')) ? true : false; add_form_key('ucp_avatar'); if ($submit) { if (check_form_key('ucp_avatar')) { if (avatar_process_user($error, false, $can_upload)) { meta_refresh(3, $this->u_action); $message = $user->lang['PROFILE_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } } else { $error[] = 'FORM_INVALID'; } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } if (!$config['allow_avatar'] && $user->data['user_avatar_type']) { $error[] = $user->lang['AVATAR_NOT_ALLOWED']; } else if ((($user->data['user_avatar_type'] == AVATAR_UPLOAD) && !$config['allow_avatar_upload']) || (($user->data['user_avatar_type'] == AVATAR_REMOTE) && !$config['allow_avatar_remote']) || (($user->data['user_avatar_type'] == AVATAR_GALLERY) && !$config['allow_avatar_local'])) { $error[] = $user->lang['AVATAR_TYPE_NOT_ALLOWED']; } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'AVATAR' => get_user_avatar($user->data['user_avatar'], $user->data['user_avatar_type'], $user->data['user_avatar_width'], $user->data['user_avatar_height'], 'USER_AVATAR', true), 'AVATAR_SIZE' => $config['avatar_filesize'], 'U_GALLERY' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=profile&mode=avatar&display_gallery=1'), 'S_FORM_ENCTYPE' => ($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), )); if ($config['allow_avatar'] && $display_gallery && $auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) { avatar_gallery($category, $avatar_select, 4); } else if ($config['allow_avatar']) { $avatars_enabled = (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($auth->acl_get('u_chgavatar') && ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; $template->assign_vars(array( 'AVATAR_WIDTH' => request_var('width', $user->data['user_avatar_width']), 'AVATAR_HEIGHT' => request_var('height', $user->data['user_avatar_height']), 'S_AVATARS_ENABLED' => $avatars_enabled, 'S_UPLOAD_AVATAR_FILE' => ($can_upload && $config['allow_avatar_upload']) ? true : false, 'S_UPLOAD_AVATAR_URL' => ($can_upload && $config['allow_avatar_remote_upload']) ? true : false, 'S_LINK_AVATAR' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_remote']) ? true : false, 'S_DISPLAY_GALLERY' => ($auth->acl_get('u_chgavatar') && $config['allow_avatar_local']) ? true : false) ); } break; } $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_PROFILE_' . strtoupper($mode)], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action) ); // Set desired template $this->tpl_name = 'ucp_profile_' . $mode; $this->page_title = 'UCP_PROFILE_' . strtoupper($mode); } } ?>PK:[^o*;*; ucp_prefs.phpnuW+A request_var('notifymethod', $user->data['user_notify_type']), 'dateformat' => request_var('dateformat', $user->data['user_dateformat'], true), 'lang' => basename(request_var('lang', $user->data['user_lang'])), 'style' => request_var('style', (int) $user->data['user_style']), 'tz' => request_var('tz', (float) $user->data['user_timezone']), 'dst' => request_var('dst', (bool) $user->data['user_dst']), 'viewemail' => request_var('viewemail', (bool) $user->data['user_allow_viewemail']), 'massemail' => request_var('massemail', (bool) $user->data['user_allow_massemail']), 'hideonline' => request_var('hideonline', (bool) !$user->data['user_allow_viewonline']), 'notifypm' => request_var('notifypm', (bool) $user->data['user_notify_pm']), 'popuppm' => request_var('popuppm', (bool) $user->optionget('popuppm')), 'allowpm' => request_var('allowpm', (bool) $user->data['user_allow_pm']), ); if ($data['notifymethod'] == NOTIFY_IM && (!$config['jab_enable'] || !$user->data['user_jabber'] || !@extension_loaded('xml'))) { // Jabber isnt enabled, or no jabber field filled in. Update the users table to be sure its correct. $data['notifymethod'] = NOTIFY_BOTH; } if ($submit) { if ($config['override_user_style']) { $data['style'] = (int) $config['default_style']; } else if (!phpbb_style_is_active($data['style'])) { $data['style'] = (int) $user->data['user_style']; } $error = validate_data($data, array( 'dateformat' => array('string', false, 1, 30), 'lang' => array('language_iso_name'), 'tz' => array('num', false, -14, 14), )); if (!check_form_key('ucp_prefs_personal')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $user->optionset('popuppm', $data['popuppm']); $sql_ary = array( 'user_allow_pm' => $data['allowpm'], 'user_allow_viewemail' => $data['viewemail'], 'user_allow_massemail' => $data['massemail'], 'user_allow_viewonline' => ($auth->acl_get('u_hideonline')) ? !$data['hideonline'] : $user->data['user_allow_viewonline'], 'user_notify_type' => $data['notifymethod'], 'user_notify_pm' => $data['notifypm'], 'user_options' => $user->data['user_options'], 'user_dst' => $data['dst'], 'user_dateformat' => $data['dateformat'], 'user_lang' => $data['lang'], 'user_timezone' => $data['tz'], 'user_style' => $data['style'], ); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); meta_refresh(3, $this->u_action); $message = $user->lang['PREFERENCES_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $dateformat_options = ''; foreach ($user->lang['dateformats'] as $format => $null) { $dateformat_options .= ''; } $s_custom = false; $dateformat_options .= ''; // check if there are any user-selectable languages $sql = 'SELECT COUNT(lang_id) as languages_count FROM ' . LANG_TABLE; $result = $db->sql_query($sql); if ($db->sql_fetchfield('languages_count') > 1) { $s_more_languages = true; } else { $s_more_languages = false; } $db->sql_freeresult($result); // check if there are any user-selectable styles $sql = 'SELECT COUNT(style_id) as styles_count FROM ' . STYLES_TABLE . ' WHERE style_active = 1'; $result = $db->sql_query($sql); if ($db->sql_fetchfield('styles_count') > 1) { $s_more_styles = true; } else { $s_more_styles = false; } $db->sql_freeresult($result); $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'S_NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false, 'S_NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false, 'S_NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false, 'S_VIEW_EMAIL' => $data['viewemail'], 'S_MASS_EMAIL' => $data['massemail'], 'S_ALLOW_PM' => $data['allowpm'], 'S_HIDE_ONLINE' => $data['hideonline'], 'S_NOTIFY_PM' => $data['notifypm'], 'S_POPUP_PM' => $data['popuppm'], 'S_DST' => $data['dst'], 'DATE_FORMAT' => $data['dateformat'], 'A_DATE_FORMAT' => addslashes($data['dateformat']), 'S_DATEFORMAT_OPTIONS' => $dateformat_options, 'S_CUSTOM_DATEFORMAT' => $s_custom, 'DEFAULT_DATEFORMAT' => $config['default_dateformat'], 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']), 'S_MORE_LANGUAGES' => $s_more_languages, 'S_MORE_STYLES' => $s_more_styles, 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_STYLE_OPTIONS' => ($config['override_user_style']) ? '' : style_select($data['style']), 'S_TZ_OPTIONS' => tz_select($data['tz'], true), 'S_CAN_HIDE_ONLINE' => ($auth->acl_get('u_hideonline')) ? true : false, 'S_SELECT_NOTIFY' => ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false) ); break; case 'view': add_form_key('ucp_prefs_view'); $data = array( 'topic_sk' => request_var('topic_sk', (!empty($user->data['user_topic_sortby_type'])) ? $user->data['user_topic_sortby_type'] : 't'), 'topic_sd' => request_var('topic_sd', (!empty($user->data['user_topic_sortby_dir'])) ? $user->data['user_topic_sortby_dir'] : 'd'), 'topic_st' => request_var('topic_st', (!empty($user->data['user_topic_show_days'])) ? $user->data['user_topic_show_days'] : 0), 'post_sk' => request_var('post_sk', (!empty($user->data['user_post_sortby_type'])) ? $user->data['user_post_sortby_type'] : 't'), 'post_sd' => request_var('post_sd', (!empty($user->data['user_post_sortby_dir'])) ? $user->data['user_post_sortby_dir'] : 'a'), 'post_st' => request_var('post_st', (!empty($user->data['user_post_show_days'])) ? $user->data['user_post_show_days'] : 0), 'images' => request_var('images', (bool) $user->optionget('viewimg')), 'flash' => request_var('flash', (bool) $user->optionget('viewflash')), 'smilies' => request_var('smilies', (bool) $user->optionget('viewsmilies')), 'sigs' => request_var('sigs', (bool) $user->optionget('viewsigs')), 'avatars' => request_var('avatars', (bool) $user->optionget('viewavatars')), 'wordcensor' => request_var('wordcensor', (bool) $user->optionget('viewcensors')), ); if ($submit) { $error = validate_data($data, array( 'topic_sk' => array('string', false, 1, 1), 'topic_sd' => array('string', false, 1, 1), 'post_sk' => array('string', false, 1, 1), 'post_sd' => array('string', false, 1, 1), )); if (!check_form_key('ucp_prefs_view')) { $error[] = 'FORM_INVALID'; } if (!sizeof($error)) { $user->optionset('viewimg', $data['images']); $user->optionset('viewflash', $data['flash']); $user->optionset('viewsmilies', $data['smilies']); $user->optionset('viewsigs', $data['sigs']); $user->optionset('viewavatars', $data['avatars']); if ($auth->acl_get('u_chgcensors')) { $user->optionset('viewcensors', $data['wordcensor']); } $sql_ary = array( 'user_options' => $user->data['user_options'], 'user_topic_sortby_type' => $data['topic_sk'], 'user_post_sortby_type' => $data['post_sk'], 'user_topic_sortby_dir' => $data['topic_sd'], 'user_post_sortby_dir' => $data['post_sd'], 'user_topic_show_days' => $data['topic_st'], 'user_post_show_days' => $data['post_st'], ); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); meta_refresh(3, $this->u_action); $message = $user->lang['PREFERENCES_UPDATED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); } $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']); // Topic ordering options $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']); $sort_by_topic_sql = array('a' => 't.topic_first_poster_name', 't' => 't.topic_last_post_time', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views'); // Post ordering options $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); $sort_by_post_sql = array('a' => 'u.username_clean', 't' => 'p.post_id', 's' => 'p.post_subject'); $_options = array('topic', 'post'); foreach ($_options as $sort_option) { ${'s_limit_' . $sort_option . '_days'} = ''; ${'s_sort_' . $sort_option . '_key'} = ''; ${'s_sort_' . $sort_option . '_dir'} = ''; } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'S_IMAGES' => $data['images'], 'S_FLASH' => $data['flash'], 'S_SMILIES' => $data['smilies'], 'S_SIGS' => $data['sigs'], 'S_AVATARS' => $data['avatars'], 'S_DISABLE_CENSORS' => $data['wordcensor'], 'S_CHANGE_CENSORS' => ($auth->acl_get('u_chgcensors') && $config['allow_nocensors']) ? true : false, 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days, 'S_TOPIC_SORT_KEY' => $s_sort_topic_key, 'S_TOPIC_SORT_DIR' => $s_sort_topic_dir, 'S_POST_SORT_DAYS' => $s_limit_post_days, 'S_POST_SORT_KEY' => $s_sort_post_key, 'S_POST_SORT_DIR' => $s_sort_post_dir) ); break; case 'post': $data = array( 'bbcode' => request_var('bbcode', $user->optionget('bbcode')), 'smilies' => request_var('smilies', $user->optionget('smilies')), 'sig' => request_var('sig', $user->optionget('attachsig')), 'notify' => request_var('notify', (bool) $user->data['user_notify']), ); add_form_key('ucp_prefs_post'); if ($submit) { if (check_form_key('ucp_prefs_post')) { $user->optionset('bbcode', $data['bbcode']); $user->optionset('smilies', $data['smilies']); $user->optionset('attachsig', $data['sig']); $sql_ary = array( 'user_options' => $user->data['user_options'], 'user_notify' => $data['notify'], ); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $msg = $user->lang['PREFERENCES_UPDATED']; } else { $msg = $user->lang['FORM_INVALID']; } meta_refresh(3, $this->u_action); $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } $template->assign_vars(array( 'S_BBCODE' => $data['bbcode'], 'S_SMILIES' => $data['smilies'], 'S_SIG' => $data['sig'], 'S_NOTIFY' => $data['notify']) ); break; } $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_PREFS_' . strtoupper($mode)], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action) ); $this->tpl_name = 'ucp_prefs_' . $mode; $this->page_title = 'UCP_PREFS_' . strtoupper($mode); } } ?>PK:[*S ucp_remind.phpnuW+Asql_escape(phpbb_email_hash($email)) . "' AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_IGNORE) { trigger_error('NO_USER'); } if ($user_row['user_type'] == USER_INACTIVE) { if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) { trigger_error('ACCOUNT_DEACTIVATED'); } else { trigger_error('ACCOUNT_NOT_ACTIVATED'); } } // Check users permissions $auth2 = new auth(); $auth2->acl($user_row); if (!$auth2->acl_get('u_chgpasswd')) { trigger_error('NO_AUTH_PASSWORD_REMINDER'); } $server_url = generate_board_url(); // Make password at least 8 characters long, make it longer if admin wants to. // gen_rand_string() however has a limit of 12 or 13. $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars']))); // For the activation key a random length between 6 and 10 will do. $user_actkey = gen_rand_string(mt_rand(6, 10)); $sql = 'UPDATE ' . USERS_TABLE . " SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' WHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); $messenger->template('user_activate_passwd', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->im($user_row['user_jabber'], $user_row['username']); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") ); $messenger->send($user_row['user_notify_type']); meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); $message = $user->lang['PASSWORD_UPDATED'] . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); trigger_error($message); } $template->assign_vars(array( 'USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')) ); $this->tpl_name = 'ucp_remind'; $this->page_title = 'UCP_REMIND'; } } ?>PK:[muuinfo/ucp_zebra.phpnuW+A 'ucp_zebra', 'title' => 'UCP_ZEBRA', 'version' => '1.0.0', 'modes' => array( 'friends' => array('title' => 'UCP_ZEBRA_FRIENDS', 'auth' => '', 'cat' => array('UCP_ZEBRA')), 'foes' => array('title' => 'UCP_ZEBRA_FOES', 'auth' => '', 'cat' => array('UCP_ZEBRA')), ), ); } function install() { } function uninstall() { } } ?>PK:[MFNNinfo/ucp_main.phpnuW+A 'ucp_main', 'title' => 'UCP_MAIN', 'version' => '1.0.0', 'modes' => array( 'front' => array('title' => 'UCP_MAIN_FRONT', 'auth' => '', 'cat' => array('UCP_MAIN')), 'subscribed' => array('title' => 'UCP_MAIN_SUBSCRIBED', 'auth' => '', 'cat' => array('UCP_MAIN')), 'bookmarks' => array('title' => 'UCP_MAIN_BOOKMARKS', 'auth' => 'cfg_allow_bookmarks', 'cat' => array('UCP_MAIN')), 'drafts' => array('title' => 'UCP_MAIN_DRAFTS', 'auth' => '', 'cat' => array('UCP_MAIN')), ), ); } function install() { } function uninstall() { } } ?>PK:[/)99info/ucp_attachments.phpnuW+A 'ucp_attachments', 'title' => 'UCP_ATTACHMENTS', 'version' => '1.0.0', 'modes' => array( 'attachments' => array('title' => 'UCP_MAIN_ATTACHMENTS', 'auth' => 'acl_u_attach', 'cat' => array('UCP_MAIN')), ), ); } function install() { } function uninstall() { } } ?>PK:[ xinfo/ucp_profile.phpnuW+A 'ucp_profile', 'title' => 'UCP_PROFILE', 'version' => '1.0.0', 'modes' => array( 'profile_info' => array('title' => 'UCP_PROFILE_PROFILE_INFO', 'auth' => '', 'cat' => array('UCP_PROFILE')), 'signature' => array('title' => 'UCP_PROFILE_SIGNATURE', 'auth' => 'acl_u_sig', 'cat' => array('UCP_PROFILE')), 'avatar' => array('title' => 'UCP_PROFILE_AVATAR', 'auth' => 'cfg_allow_avatar && (cfg_allow_avatar_local || cfg_allow_avatar_remote || cfg_allow_avatar_upload || cfg_allow_avatar_remote_upload)', 'cat' => array('UCP_PROFILE')), 'reg_details' => array('title' => 'UCP_PROFILE_REG_DETAILS', 'auth' => '', 'cat' => array('UCP_PROFILE')), ), ); } function install() { } function uninstall() { } } ?>PK:[ N[info/ucp_prefs.phpnuW+A 'ucp_prefs', 'title' => 'UCP_PREFS', 'version' => '1.0.0', 'modes' => array( 'personal' => array('title' => 'UCP_PREFS_PERSONAL', 'auth' => '', 'cat' => array('UCP_PREFS')), 'post' => array('title' => 'UCP_PREFS_POST', 'auth' => '', 'cat' => array('UCP_PREFS')), 'view' => array('title' => 'UCP_PREFS_VIEW', 'auth' => '', 'cat' => array('UCP_PREFS')), ), ); } function install() { } function uninstall() { } } ?>PK:[*5info/ucp_pm.phpnuW+A 'ucp_pm', 'title' => 'UCP_PM', 'version' => '1.0.0', 'modes' => array( 'view' => array('title' => 'UCP_PM_VIEW', 'auth' => 'cfg_allow_privmsg', 'display' => false, 'cat' => array('UCP_PM')), 'compose' => array('title' => 'UCP_PM_COMPOSE', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), 'drafts' => array('title' => 'UCP_PM_DRAFTS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), 'options' => array('title' => 'UCP_PM_OPTIONS', 'auth' => 'cfg_allow_privmsg', 'cat' => array('UCP_PM')), 'popup' => array('title' => 'UCP_PM_POPUP_TITLE', 'auth' => 'cfg_allow_privmsg', 'display' => false, 'cat' => array('UCP_PM')), ), ); } function install() { } function uninstall() { } } ?>PK:[Ninfo/ucp_groups.phpnuW+A 'ucp_groups', 'title' => 'UCP_USERGROUPS', 'version' => '1.0.0', 'modes' => array( 'membership' => array('title' => 'UCP_USERGROUPS_MEMBER', 'auth' => '', 'cat' => array('UCP_USERGROUPS')), 'manage' => array('title' => 'UCP_USERGROUPS_MANAGE', 'auth' => '', 'cat' => array('UCP_USERGROUPS')), ), ); } function install() { } function uninstall() { } } ?>PK:[/Qucp_activate.phpnuW+Asql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_USER'); } if ($user_row['user_type'] <> USER_INACTIVE && !$user_row['user_newpasswd']) { meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); trigger_error('ALREADY_ACTIVATED'); } if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL || $user_row['user_actkey'] !== $key) { trigger_error('WRONG_ACTIVATION'); } // Do not allow activating by non administrators when admin activation is on // Only activation type the user should be able to do is INACTIVE_REMIND // or activate a new password which is not an activation state :@ if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user')) { if (!$user->data['is_registered']) { login_box('', $user->lang['NO_AUTH_OPERATION']); } trigger_error('NO_AUTH_OPERATION'); } $update_password = ($user_row['user_newpasswd']) ? true : false; if ($update_password) { $sql_ary = array( 'user_actkey' => '', 'user_password' => $user_row['user_newpasswd'], 'user_newpasswd' => '', 'user_pass_convert' => 0, 'user_login_attempts' => 0, ); $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE user_id = ' . $user_row['user_id']; $db->sql_query($sql); add_log('user', $user_row['user_id'], 'LOG_USER_NEW_PASSWORD', $user_row['username']); } if (!$update_password) { include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); user_active_flip('activate', $user_row['user_id']); $sql = 'UPDATE ' . USERS_TABLE . " SET user_actkey = '' WHERE user_id = {$user_row['user_id']}"; $db->sql_query($sql); // Create the correct logs add_log('user', $user_row['user_id'], 'LOG_USER_ACTIVE_USER'); if ($auth->acl_get('a_user')) { add_log('admin', 'LOG_USER_ACTIVE', $user_row['username']); } } if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); $messenger->template('admin_welcome_activated', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username'])) ); $messenger->send($user_row['user_notify_type']); $message = 'ACCOUNT_ACTIVE_ADMIN'; } else { if (!$update_password) { $message = ($user_row['user_inactive_reason'] == INACTIVE_PROFILE) ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE'; } else { $message = 'PASSWORD_ACTIVATED'; } } meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); trigger_error($user->lang[$message]); } } ?>PK:[N'XXucp_resend.phpnuW+Asql_escape(phpbb_email_hash($email)) . "' AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_IGNORE) { trigger_error('NO_USER'); } if (!$user_row['user_actkey'] && $user_row['user_type'] != USER_INACTIVE) { trigger_error('ACCOUNT_ALREADY_ACTIVATED'); } if (!$user_row['user_actkey'] || ($user_row['user_type'] == USER_INACTIVE && $user_row['user_inactive_reason'] == INACTIVE_MANUAL)) { trigger_error('ACCOUNT_DEACTIVATED'); } // Determine coppa status on group (REGISTERED(_COPPA)) $sql = 'SELECT group_name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $user_row['group_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $coppa = ($row['group_name'] == 'REGISTERED_COPPA' && $row['group_type'] == GROUP_SPECIAL) ? true : false; include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); if ($config['require_activation'] == USER_ACTIVATION_SELF || $coppa) { $messenger->template(($coppa) ? 'coppa_resend_inactive' : 'user_resend_inactive', $user_row['user_lang']); $messenger->to($user_row['user_email'], $user_row['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($user_row['username']), 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") ); if ($coppa) { $messenger->assign_vars(array( 'FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $user_row['user_email']) ); } $messenger->send(NOTIFY_EMAIL); } if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $admin_ary[0]['a_user']); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($user_row['username']), 'U_USER_DETAILS' => generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$user_row['user_id']}", 'U_ACTIVATE' => generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}") ); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx")); $message = ($config['require_activation'] == USER_ACTIVATION_ADMIN) ? $user->lang['ACTIVATION_EMAIL_SENT_ADMIN'] : $user->lang['ACTIVATION_EMAIL_SENT']; $message .= '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); trigger_error($message); } $template->assign_vars(array( 'USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=resend_act')) ); $this->tpl_name = 'ucp_resend'; $this->page_title = 'UCP_RESEND'; } } ?>PK:[ǀD3``ucp_pm_options.phpnuW+Adata['user_id']; $db->sql_query($sql); $user->data['user_full_folder'] = $set_folder_id; $message = $user->lang['FULL_FOLDER_OPTION_CHANGED'] . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $redirect_url); trigger_error($message); } } // Add Folder if (isset($_POST['addfolder'])) { if (check_form_key('ucp_pm_options')) { $folder_name = utf8_normalize_nfc(request_var('foldername', '', true)); $msg = ''; if ($folder_name) { $sql = 'SELECT folder_name FROM ' . PRIVMSGS_FOLDER_TABLE . " WHERE folder_name = '" . $db->sql_escape($folder_name) . "' AND user_id = " . $user->data['user_id']; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { trigger_error(sprintf($user->lang['FOLDER_NAME_EXIST'], $folder_name)); } $sql = 'SELECT COUNT(folder_id) as num_folder FROM ' . PRIVMSGS_FOLDER_TABLE . ' WHERE user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $num_folder = (int) $db->sql_fetchfield('num_folder'); $db->sql_freeresult($result); if ($num_folder >= $config['pm_max_boxes']) { trigger_error('MAX_FOLDER_REACHED'); } $sql = 'INSERT INTO ' . PRIVMSGS_FOLDER_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => (int) $user->data['user_id'], 'folder_name' => $folder_name) ); $db->sql_query($sql); $msg = $user->lang['FOLDER_ADDED']; } else { $msg = $user->lang['FOLDER_NAME_EMPTY']; } } else { $msg = $user->lang['FORM_INVALID']; } $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $redirect_url); trigger_error($message); } // Rename folder if (isset($_POST['rename_folder'])) { if (check_form_key('ucp_pm_options')) { $new_folder_name = utf8_normalize_nfc(request_var('new_folder_name', '', true)); $rename_folder_id= request_var('rename_folder_id', 0); if (!$new_folder_name) { trigger_error('NO_NEW_FOLDER_NAME'); } // Select custom folder $sql = 'SELECT folder_name, pm_count FROM ' . PRIVMSGS_FOLDER_TABLE . " WHERE user_id = {$user->data['user_id']} AND folder_id = $rename_folder_id"; $result = $db->sql_query_limit($sql, 1); $folder_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$folder_row) { trigger_error('CANNOT_RENAME_FOLDER'); } $sql = 'UPDATE ' . PRIVMSGS_FOLDER_TABLE . " SET folder_name = '" . $db->sql_escape($new_folder_name) . "' WHERE folder_id = $rename_folder_id AND user_id = {$user->data['user_id']}"; $db->sql_query($sql); $msg = $user->lang['FOLDER_RENAMED']; } else { $msg = $user->lang['FORM_INVALID']; } $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $redirect_url); trigger_error($message); } // Remove Folder if (isset($_POST['remove_folder'])) { $remove_folder_id = request_var('remove_folder_id', 0); // Default to "move all messages to inbox" $remove_action = request_var('remove_action', 1); $move_to = request_var('move_to', PRIVMSGS_INBOX); // Move to same folder? if ($remove_action == 1 && $remove_folder_id == $move_to) { trigger_error('CANNOT_MOVE_TO_SAME_FOLDER'); } // Select custom folder $sql = 'SELECT folder_name, pm_count FROM ' . PRIVMSGS_FOLDER_TABLE . " WHERE user_id = {$user->data['user_id']} AND folder_id = $remove_folder_id"; $result = $db->sql_query_limit($sql, 1); $folder_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$folder_row) { trigger_error('CANNOT_REMOVE_FOLDER'); } $s_hidden_fields = array( 'remove_folder_id' => $remove_folder_id, 'remove_action' => $remove_action, 'move_to' => $move_to, 'remove_folder' => 1 ); // Do we need to confirm? if (confirm_box(true)) { // Gather message ids $sql = 'SELECT msg_id FROM ' . PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . " AND folder_id = $remove_folder_id"; $result = $db->sql_query($sql); $msg_ids = array(); while ($row = $db->sql_fetchrow($result)) { $msg_ids[] = (int) $row['msg_id']; } $db->sql_freeresult($result); // First of all, copy all messages to another folder... or delete all messages switch ($remove_action) { // Move Messages case 1: $num_moved = move_pm($user->data['user_id'], $user->data['message_limit'], $msg_ids, $move_to, $remove_folder_id); // Something went wrong, only partially moved? if ($num_moved != $folder_row['pm_count']) { trigger_error(sprintf($user->lang['MOVE_PM_ERROR'], $num_moved, $folder_row['pm_count'])); } break; // Remove Messages case 2: delete_pm($user->data['user_id'], $msg_ids, $remove_folder_id); break; } // Remove folder $sql = 'DELETE FROM ' . PRIVMSGS_FOLDER_TABLE . " WHERE user_id = {$user->data['user_id']} AND folder_id = $remove_folder_id"; $db->sql_query($sql); // Check full folder option. If the removed folder has been specified as destination switch back to inbox if ($user->data['user_full_folder'] == $remove_folder_id) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_full_folder = ' . PRIVMSGS_INBOX . ' WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $user->data['user_full_folder'] = PRIVMSGS_INBOX; } // Now make sure the folder is not used for rules // We assign another folder id (the one the messages got moved to) or assign the INBOX (to not have to remove any rule) $sql = 'UPDATE ' . PRIVMSGS_RULES_TABLE . ' SET rule_folder_id = '; $sql .= ($remove_action == 1) ? $move_to : PRIVMSGS_INBOX; $sql .= ' WHERE rule_folder_id = ' . $remove_folder_id; $db->sql_query($sql); $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=$mode"); $message = $user->lang['FOLDER_REMOVED']; meta_refresh(3, $meta_info); $message .= '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { confirm_box(false, 'REMOVE_FOLDER', build_hidden_fields($s_hidden_fields)); } } // Add Rule if (isset($_POST['add_rule'])) { if (check_form_key('ucp_pm_options')) { $check_option = request_var('check_option', 0); $rule_option = request_var('rule_option', 0); $cond_option = request_var('cond_option', ''); $action_option = explode('|', request_var('action_option', '')); $rule_string = ($cond_option != 'none') ? utf8_normalize_nfc(request_var('rule_string', '', true)) : ''; $rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0; $rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0; $action = (int) $action_option[0]; $folder_id = (int) $action_option[1]; if (!$action || !$check_option || !$rule_option || !$cond_option || ($cond_option != 'none' && !$rule_string)) { trigger_error('RULE_NOT_DEFINED'); } if (($cond_option == 'user' && !$rule_user_id) || ($cond_option == 'group' && !$rule_group_id)) { trigger_error('RULE_NOT_DEFINED'); } $rule_ary = array( 'user_id' => $user->data['user_id'], 'rule_check' => $check_option, 'rule_connection' => $rule_option, 'rule_string' => $rule_string, 'rule_user_id' => $rule_user_id, 'rule_group_id' => $rule_group_id, 'rule_action' => $action, 'rule_folder_id' => $folder_id ); $sql = 'SELECT rule_id FROM ' . PRIVMSGS_RULES_TABLE . ' WHERE ' . $db->sql_build_array('SELECT', $rule_ary); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { trigger_error('RULE_ALREADY_DEFINED'); } // Prevent users from flooding the rules table $sql = 'SELECT COUNT(rule_id) AS num_rules FROM ' . PRIVMSGS_RULES_TABLE . ' WHERE user_id = ' . (int) $user->data['user_id']; $result = $db->sql_query($sql); $num_rules = (int) $db->sql_fetchfield('num_rules'); $db->sql_freeresult($result); if ($num_rules >= 5000) { trigger_error('RULE_LIMIT_REACHED'); } $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary); $db->sql_query($sql); // Set the user_message_rules bit $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 1 WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); $msg = $user->lang['RULE_ADDED']; } else { $msg = $user->lang['FORM_INVALID']; } $message = $msg . '

' . sprintf($user->lang['RETURN_UCP'], '', ''); meta_refresh(3, $redirect_url); trigger_error($message); } // Remove Rule if (isset($_POST['delete_rule']) && !isset($_POST['cancel'])) { $delete_id = array_keys(request_var('delete_rule', array(0 => 0))); $delete_id = (!empty($delete_id[0])) ? $delete_id[0] : 0; if (!$delete_id) { redirect(append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=' . $mode)); } // Do we need to confirm? if (confirm_box(true)) { $sql = 'DELETE FROM ' . PRIVMSGS_RULES_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . " AND rule_id = $delete_id"; $db->sql_query($sql); $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=' . $mode); $message = $user->lang['RULE_DELETED']; // Reset user_message_rules if no more assigned $sql = 'SELECT rule_id FROM ' . PRIVMSGS_RULES_TABLE . ' WHERE user_id = ' . $user->data['user_id']; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Unset the user_message_rules bit if (!$row) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_message_rules = 0 WHERE user_id = ' . $user->data['user_id']; $db->sql_query($sql); } meta_refresh(3, $meta_info); $message .= '

' . sprintf($user->lang['RETURN_UCP'], '', ''); trigger_error($message); } else { confirm_box(false, 'DELETE_RULE', build_hidden_fields(array('delete_rule' => array($delete_id => 1)))); } } $folder = array(); $sql = 'SELECT COUNT(msg_id) as num_messages FROM ' . PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND folder_id = ' . PRIVMSGS_INBOX; $result = $db->sql_query($sql); $num_messages = (int) $db->sql_fetchfield('num_messages'); $db->sql_freeresult($result); $folder[PRIVMSGS_INBOX] = array( 'folder_name' => $user->lang['PM_INBOX'], 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $num_messages, $user->data['message_limit']) ); $sql = 'SELECT folder_id, folder_name, pm_count FROM ' . PRIVMSGS_FOLDER_TABLE . ' WHERE user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $num_user_folder = 0; while ($row = $db->sql_fetchrow($result)) { $num_user_folder++; $folder[$row['folder_id']] = array( 'folder_name' => $row['folder_name'], 'message_status' => sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $row['pm_count'], $user->data['message_limit']) ); } $db->sql_freeresult($result); $s_full_folder_options = $s_to_folder_options = $s_folder_options = ''; if ($user->data['user_full_folder'] == FULL_FOLDER_NONE) { // -3 here to let the correct folder id be selected $to_folder_id = $config['full_folder_action'] - 3; } else { $to_folder_id = $user->data['user_full_folder']; } foreach ($folder as $folder_id => $folder_ary) { $s_full_folder_options .= ''; $s_to_folder_options .= ''; if ($folder_id != PRIVMSGS_INBOX) { $s_folder_options .= ''; } } $s_delete_checked = ($user->data['user_full_folder'] == FULL_FOLDER_DELETE) ? ' checked="checked"' : ''; $s_hold_checked = ($user->data['user_full_folder'] == FULL_FOLDER_HOLD) ? ' checked="checked"' : ''; $s_move_checked = ($user->data['user_full_folder'] >= 0) ? ' checked="checked"' : ''; if ($user->data['user_full_folder'] == FULL_FOLDER_NONE) { switch ($config['full_folder_action']) { case 1: $s_delete_checked = ' checked="checked"'; break; case 2: $s_hold_checked = ' checked="checked"'; break; } } $template->assign_vars(array( 'S_FULL_FOLDER_OPTIONS' => $s_full_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_DELETE_CHECKED' => $s_delete_checked, 'S_HOLD_CHECKED' => $s_hold_checked, 'S_MOVE_CHECKED' => $s_move_checked, 'S_MAX_FOLDER_REACHED' => ($num_user_folder >= $config['pm_max_boxes']) ? true : false, 'S_MAX_FOLDER_ZERO' => ($config['pm_max_boxes'] == 0) ? true : false, 'DEFAULT_ACTION' => ($config['full_folder_action'] == 1) ? $user->lang['DELETE_OLDEST_MESSAGES'] : $user->lang['HOLD_NEW_MESSAGES'], 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string&select_single=true'), )); $rule_lang = $action_lang = $check_lang = array(); // Build all three language arrays preg_replace('#^((RULE|ACTION|CHECK)_([A-Z0-9_]+))$#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$user->lang['PM_\\2']['\\3']", array_keys(get_defined_constants())); /* Rule Ordering: -> CHECK_* -> RULE_* [IN $global_privmsgs_rules:CHECK_*] -> [IF $rule_conditions[RULE_*] [|text|bool|user|group|own_group]] -> ACTION_* */ $check_option = request_var('check_option', 0); $rule_option = request_var('rule_option', 0); $cond_option = request_var('cond_option', ''); $action_option = request_var('action_option', ''); $back = (isset($_REQUEST['back'])) ? request_var('back', array('' => 0)) : array(); if (sizeof($back)) { if ($action_option) { $action_option = ''; } else if ($cond_option) { $cond_option = ''; } else if ($rule_option) { $rule_option = 0; } else if ($check_option) { $check_option = 0; } } if (isset($back['action']) && $cond_option == 'none') { $back['cond'] = true; } // Check if (!isset($global_privmsgs_rules[$check_option])) { $check_option = 0; } define_check_option(($check_option && !isset($back['rule'])) ? true : false, $check_option, $check_lang); if ($check_option && !isset($back['rule'])) { define_rule_option(($rule_option && !isset($back['cond'])) ? true : false, $rule_option, $rule_lang, $global_privmsgs_rules[$check_option]); } if ($rule_option && !isset($back['cond'])) { if (!isset($global_rule_conditions[$rule_option])) { $cond_option = 'none'; $template->assign_var('NONE_CONDITION', true); } else { define_cond_option(($cond_option && !isset($back['action'])) ? true : false, $cond_option, $rule_option, $global_rule_conditions); } } if ($cond_option && !isset($back['action'])) { define_action_option(false, $action_option, $action_lang, $folder); } show_defined_rules($user->data['user_id'], $check_lang, $rule_lang, $action_lang, $folder); } /** * Defining check option for message rules */ function define_check_option($hardcoded, $check_option, $check_lang) { global $template; $s_check_options = ''; if (!$hardcoded) { foreach ($check_lang as $value => $lang) { $s_check_options .= ''; } } $template->assign_vars(array( 'S_CHECK_DEFINED' => true, 'S_CHECK_SELECT' => ($hardcoded) ? false : true, 'CHECK_CURRENT' => isset($check_lang[$check_option]) ? $check_lang[$check_option] : '', 'S_CHECK_OPTIONS' => $s_check_options, 'CHECK_OPTION' => $check_option) ); } /** * Defining action option for message rules */ function define_action_option($hardcoded, $action_option, $action_lang, $folder) { global $db, $template, $user; $l_action = $s_action_options = ''; if ($hardcoded) { $option = explode('|', $action_option); $action = (int) $option[0]; $folder_id = (int) $option[1]; $l_action = $action_lang[$action]; if ($action == ACTION_PLACE_INTO_FOLDER) { $l_action .= ' -> ' . $folder[$folder_id]['folder_name']; } } else { foreach ($action_lang as $action => $lang) { if ($action == ACTION_PLACE_INTO_FOLDER) { foreach ($folder as $folder_id => $folder_ary) { $s_action_options .= ''; } } else { $s_action_options .= ''; } } } $template->assign_vars(array( 'S_ACTION_DEFINED' => true, 'S_ACTION_SELECT' => ($hardcoded) ? false : true, 'ACTION_CURRENT' => $l_action, 'S_ACTION_OPTIONS' => $s_action_options, 'ACTION_OPTION' => $action_option) ); } /** * Defining rule option for message rules */ function define_rule_option($hardcoded, $rule_option, $rule_lang, $check_ary) { global $template; global $module; $exclude = array(); if (!$module->loaded('zebra', 'friends')) { $exclude[RULE_IS_FRIEND] = true; } if (!$module->loaded('zebra', 'foes')) { $exclude[RULE_IS_FOE] = true; } $s_rule_options = ''; if (!$hardcoded) { foreach ($check_ary as $value => $_check) { if (isset($exclude[$value])) { continue; } $s_rule_options .= ''; } } $template->assign_vars(array( 'S_RULE_DEFINED' => true, 'S_RULE_SELECT' => !$hardcoded, 'RULE_CURRENT' => isset($rule_lang[$rule_option]) ? $rule_lang[$rule_option] : '', 'S_RULE_OPTIONS' => $s_rule_options, 'RULE_OPTION' => $rule_option) ); } /** * Defining condition option for message rules */ function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule_conditions) { global $db, $template, $auth, $user; $template->assign_vars(array( 'S_COND_DEFINED' => true, 'S_COND_SELECT' => (!$hardcoded && isset($global_rule_conditions[$rule_option])) ? true : false) ); // Define COND_OPTION if (!isset($global_rule_conditions[$rule_option])) { $template->assign_vars(array( 'COND_OPTION' => 'none', 'COND_CURRENT' => false) ); return; } // Define Condition $condition = $global_rule_conditions[$rule_option]; $current_value = ''; switch ($condition) { case 'text': $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); $template->assign_vars(array( 'S_TEXT_CONDITION' => true, 'CURRENT_STRING' => $rule_string, 'CURRENT_USER_ID' => 0, 'CURRENT_GROUP_ID' => 0) ); $current_value = $rule_string; break; case 'user': $rule_user_id = request_var('rule_user_id', 0); $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); if ($rule_string && !$rule_user_id) { $sql = 'SELECT user_id FROM ' . USERS_TABLE . " WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($rule_string)) . "'"; $result = $db->sql_query($sql); $rule_user_id = (int) $db->sql_fetchfield('user_id'); $db->sql_freeresult($result); if (!$rule_user_id) { $rule_string = ''; } } else if (!$rule_string && $rule_user_id) { $sql = 'SELECT username FROM ' . USERS_TABLE . " WHERE user_id = $rule_user_id"; $result = $db->sql_query($sql); $rule_string = $db->sql_fetchfield('username'); $db->sql_freeresult($result); if (!$rule_string) { $rule_user_id = 0; } } $template->assign_vars(array( 'S_USER_CONDITION' => true, 'CURRENT_STRING' => $rule_string, 'CURRENT_USER_ID' => $rule_user_id, 'CURRENT_GROUP_ID' => 0) ); $current_value = $rule_string; break; case 'group': $rule_group_id = request_var('rule_group_id', 0); $rule_string = utf8_normalize_nfc(request_var('rule_string', '', true)); $sql = 'SELECT g.group_id, g.group_name, g.group_type FROM ' . GROUPS_TABLE . ' g '; if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql .= 'LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON ( g.group_id = ug.group_id AND ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 ) WHERE (ug.user_id = ' . $user->data['user_id'] . ' OR g.group_type <> ' . GROUP_HIDDEN . ') AND'; } else { $sql .= 'WHERE'; } $sql .= " (g.group_name NOT IN ('GUESTS', 'BOTS') OR g.group_type <> " . GROUP_SPECIAL . ') ORDER BY g.group_type DESC, g.group_name ASC'; $result = $db->sql_query($sql); $s_group_options = ''; while ($row = $db->sql_fetchrow($result)) { if ($rule_group_id && ($row['group_id'] == $rule_group_id)) { $rule_string = (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']); } $s_class = ($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : ''; $s_selected = ($row['group_id'] == $rule_group_id) ? ' selected="selected"' : ''; $s_group_options .= ''; } $db->sql_freeresult($result); $template->assign_vars(array( 'S_GROUP_CONDITION' => true, 'S_GROUP_OPTIONS' => $s_group_options, 'CURRENT_STRING' => $rule_string, 'CURRENT_USER_ID' => 0, 'CURRENT_GROUP_ID' => $rule_group_id) ); $current_value = $rule_string; break; default: return; } $template->assign_vars(array( 'COND_OPTION' => $condition, 'COND_CURRENT' => $current_value) ); } /** * Display defined message rules */ function show_defined_rules($user_id, $check_lang, $rule_lang, $action_lang, $folder) { global $db, $template; $sql = 'SELECT * FROM ' . PRIVMSGS_RULES_TABLE . ' WHERE user_id = ' . $user_id . ' ORDER BY rule_id ASC'; $result = $db->sql_query($sql); $count = 0; while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('rule', array( 'COUNT' => ++$count, 'RULE_ID' => $row['rule_id'], 'CHECK' => $check_lang[$row['rule_check']], 'RULE' => $rule_lang[$row['rule_connection']], 'STRING' => $row['rule_string'], 'ACTION' => $action_lang[$row['rule_action']], 'FOLDER' => ($row['rule_action'] == ACTION_PLACE_INTO_FOLDER) ? $folder[$row['rule_folder_id']]['folder_name'] : '') ); } $db->sql_freeresult($result); } ?>PK:[,jPx11 ucp_pm.phpnuW+Adata['is_registered']) { trigger_error('NO_MESSAGE'); } // Is PM disabled? if (!$config['allow_privmsg']) { trigger_error('PM_DISABLED'); } $user->add_lang('posting'); $template->assign_var('S_PRIVMSGS', true); // Folder directly specified? $folder_specified = request_var('folder', ''); if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox'))) { $folder_specified = (int) $folder_specified; } else { $folder_specified = ($folder_specified == 'inbox') ? PRIVMSGS_INBOX : (($folder_specified == 'outbox') ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX); } if (!$folder_specified) { $mode = (!$mode) ? request_var('mode', 'view') : $mode; } else { $mode = 'view'; } include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); switch ($mode) { // New private messages popup case 'popup': $l_new_message = ''; if ($user->data['is_registered']) { if ($user->data['user_new_privmsg']) { $l_new_message = ($user->data['user_new_privmsg'] == 1) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS']; } else { $l_new_message = $user->lang['YOU_NO_NEW_PM']; } } $template->assign_vars(array( 'MESSAGE' => $l_new_message, 'S_NOT_LOGGED_IN' => ($user->data['user_id'] == ANONYMOUS) ? true : false, 'CLICK_TO_VIEW' => sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '', ''), 'U_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox'), 'UA_INBOX' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false)) ); $tpl_file = 'ucp_pm_popup'; break; // Compose message case 'compose': $action = request_var('action', 'post'); $user_folders = get_folder($user->data['user_id']); if (!$auth->acl_get('u_sendpm')) { // trigger_error('NO_AUTH_SEND_MESSAGE'); $template->assign_vars(array( 'S_NO_AUTH_SEND_MESSAGE' => true, 'S_COMPOSE_PM_VIEW' => true, )); $tpl_file = 'ucp_pm_viewfolder'; break; } include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx); compose_pm($id, $mode, $action, $user_folders); $tpl_file = 'posting_body'; break; case 'options': set_user_message_limit(); get_folder($user->data['user_id']); include($phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx); message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions); $tpl_file = 'ucp_pm_options'; break; case 'drafts': get_folder($user->data['user_id']); $this->p_name = 'pm'; // Call another module... please do not try this at home... Hoochie Coochie Man include($phpbb_root_path . 'includes/ucp/ucp_main.' . $phpEx); $module = new ucp_main($this); $module->u_action = $this->u_action; $module->main($id, $mode); $this->tpl_name = $module->tpl_name; $this->page_title = 'UCP_PM_DRAFTS'; unset($module); return; break; case 'view': set_user_message_limit(); if ($folder_specified) { $folder_id = $folder_specified; $action = 'view_folder'; } else { $folder_id = request_var('f', PRIVMSGS_NO_BOX); $action = request_var('action', 'view_folder'); } $msg_id = request_var('p', 0); $view = request_var('view', ''); // View message if specified if ($msg_id) { $action = 'view_message'; } if (!$auth->acl_get('u_readpm')) { trigger_error('NO_AUTH_READ_MESSAGE'); } // Do not allow hold messages to be seen if ($folder_id == PRIVMSGS_HOLD_BOX) { trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } // First Handle Mark actions and moving messages $submit_mark = (isset($_POST['submit_mark'])) ? true : false; $move_pm = (isset($_POST['move_pm'])) ? true : false; $mark_option = request_var('mark_option', ''); $dest_folder = request_var('dest_folder', PRIVMSGS_NO_BOX); // Is moving PM triggered through mark options? if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark) { $move_pm = true; $dest_folder = (int) $mark_option; $submit_mark = false; } // Move PM if ($move_pm) { $move_msg_ids = (isset($_POST['marked_msg_id'])) ? request_var('marked_msg_id', array(0)) : array(); $cur_folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id)) { // Return to folder view if single message moved if ($action == 'view_message') { $msg_id = 0; $folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX); $action = 'view_folder'; } } } // Message Mark Options if ($submit_mark) { handle_mark_actions($user->data['user_id'], $mark_option); } // If new messages arrived, place them into the appropriate folder $num_not_moved = $num_removed = 0; $release = request_var('release', 0); if ($user->data['user_new_privmsg'] && ($action == 'view_folder' || $action == 'view_message')) { $return = place_pm_into_folder($global_privmsgs_rules, $release); $num_not_moved = $return['not_moved']; $num_removed = $return['removed']; } if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX) { $folder_id = PRIVMSGS_INBOX; } else if ($msg_id && $folder_id == PRIVMSGS_NO_BOX) { $sql = 'SELECT folder_id FROM ' . PRIVMSGS_TO_TABLE . " WHERE msg_id = $msg_id AND folder_id <> " . PRIVMSGS_NO_BOX . ' AND user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_MESSAGE'); } $folder_id = (int) $row['folder_id']; } $message_row = array(); if ($action == 'view_message' && $msg_id) { // Get Message user want to see if ($view == 'next' || $view == 'previous') { $sql_condition = ($view == 'next') ? '>' : '<'; $sql_ordering = ($view == 'next') ? 'ASC' : 'DESC'; $sql = 'SELECT t.msg_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2 WHERE p2.msg_id = $msg_id AND t.folder_id = $folder_id AND t.user_id = " . $user->data['user_id'] . " AND t.msg_id = p.msg_id AND p.message_time $sql_condition p2.message_time ORDER BY p.message_time $sql_ordering"; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { $message = ($view == 'next') ? 'NO_NEWER_PM' : 'NO_OLDER_PM'; trigger_error($message); } else { $msg_id = $row['msg_id']; } } $sql = 'SELECT t.*, p.*, u.* FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . " AND p.author_id = u.user_id AND t.folder_id = $folder_id AND t.msg_id = p.msg_id AND p.msg_id = $msg_id"; $result = $db->sql_query($sql); $message_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$message_row) { trigger_error('NO_MESSAGE'); } // Update unread status update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id); } $folder = get_folder($user->data['user_id'], $folder_id); $s_folder_options = $s_to_folder_options = ''; foreach ($folder as $f_id => $folder_ary) { $option = '' . $folder_ary['folder_name'] . (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . ''; $s_to_folder_options .= ($f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX) ? $option : ''; $s_folder_options .= $option; } clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']); // Header for message view - folder and so on $folder_status = get_folder_status($folder_id, $folder); $template->assign_vars(array( 'CUR_FOLDER_ID' => $folder_id, 'CUR_FOLDER_NAME' => $folder_status['folder_name'], 'NUM_NOT_MOVED' => $num_not_moved, 'NUM_REMOVED' => $num_removed, 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '', ''), 'NOT_MOVED_MESSAGES' => ($num_not_moved == 1) ? $user->lang['NOT_MOVED_MESSAGE'] : sprintf($user->lang['NOT_MOVED_MESSAGES'], $num_not_moved), 'RULE_REMOVED_MESSAGES' => ($num_removed == 1) ? $user->lang['RULE_REMOVED_MESSAGE'] : sprintf($user->lang['RULE_REMOVED_MESSAGES'], $num_removed), 'S_FOLDER_OPTIONS' => $s_folder_options, 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options, 'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder', 'S_PM_ACTION' => $this->u_action . '&action=' . $action, 'U_INBOX' => $this->u_action . '&folder=inbox', 'U_OUTBOX' => $this->u_action . '&folder=outbox', 'U_SENTBOX' => $this->u_action . '&folder=sentbox', 'U_CREATE_FOLDER' => $this->u_action . '&mode=options', 'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id, 'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false, 'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false, 'S_IN_SENTBOX' => ($folder_id == PRIVMSGS_SENTBOX) ? true : false, 'FOLDER_STATUS' => $folder_status['message'], 'FOLDER_MAX_MESSAGES' => $folder_status['max'], 'FOLDER_CUR_MESSAGES' => $folder_status['cur'], 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'], 'FOLDER_PERCENT' => $folder_status['percent']) ); if ($action == 'view_folder') { include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx); view_folder($id, $mode, $folder_id, $folder); $tpl_file = 'ucp_pm_viewfolder'; } else if ($action == 'view_message') { $template->assign_vars(array( 'S_VIEW_MESSAGE' => true, 'MSG_ID' => $msg_id) ); if (!$msg_id) { trigger_error('NO_MESSAGE'); } include($phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx); view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row); $tpl_file = ($view == 'print') ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage'; } break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } $template->assign_vars(array( 'L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)], 'S_UCP_ACTION' => $this->u_action . ((isset($action)) ? "&action=$action" : '')) ); // Set desired template $this->tpl_name = $tpl_file; $this->page_title = 'UCP_PM_' . strtoupper($mode); } } ?>PK:[Oim4m4ucp_pm_viewmessage.phpnuW+Aadd_lang(array('viewtopic', 'memberlist')); $msg_id = (int) $msg_id; $folder_id = (int) $folder_id; $author_id = (int) $message_row['author_id']; $view = request_var('view', ''); // Not able to view message, it was deleted by the sender if ($message_row['pm_deleted']) { $meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id"); $message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE']; $message .= '

' . sprintf($user->lang['RETURN_FOLDER'], '', ''); trigger_error($message); } // Do not allow hold messages to be seen if ($folder_id == PRIVMSGS_HOLD_BOX) { trigger_error('NO_AUTH_READ_HOLD_MESSAGE'); } // Grab icons $icons = $cache->obtain_icons(); $bbcode = false; // Instantiate BBCode if need be if ($message_row['bbcode_bitfield']) { include($phpbb_root_path . 'includes/bbcode.' . $phpEx); $bbcode = new bbcode($message_row['bbcode_bitfield']); } // Assign TO/BCC Addresses to template write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id); $user_info = get_user_information($author_id, $message_row); // Parse the message and subject $message = censor_text($message_row['message_text']); // Second parse bbcode here if ($message_row['bbcode_bitfield']) { $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']); } // Always process smilies after parsing bbcodes $message = bbcode_nl2br($message); $message = smiley_text($message); // Replace naughty words such as farty pants $message_row['message_subject'] = censor_text($message_row['message_subject']); // Editing information if ($message_row['message_edit_count'] && $config['display_last_edited']) { $l_edit_time_total = ($message_row['message_edit_count'] == 1) ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL']; $l_edited_by = '

' . sprintf($l_edit_time_total, (!$message_row['message_edit_user']) ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time'], false, true), $message_row['message_edit_count']); } else { $l_edited_by = ''; } // Pull attachment data $display_notice = false; $attachments = array(); if ($message_row['message_attachment'] && $config['allow_pm_attach']) { if ($auth->acl_get('u_pm_download')) { $sql = 'SELECT * FROM ' . ATTACHMENTS_TABLE . " WHERE post_msg_id = $msg_id AND in_message = 1 ORDER BY filetime DESC, post_msg_id ASC"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $attachments[] = $row; } $db->sql_freeresult($result); // No attachments exist, but message table thinks they do so go ahead and reset attach flags if (!sizeof($attachments)) { $sql = 'UPDATE ' . PRIVMSGS_TABLE . " SET message_attachment = 0 WHERE msg_id = $msg_id"; $db->sql_query($sql); } } else { $display_notice = true; } } // Assign inline attachments if (!empty($attachments)) { $update_count = array(); parse_attachments(false, $message, $attachments, $update_count); // Update the attachment download counts if (sizeof($update_count)) { $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET download_count = download_count + 1 WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count)); $db->sql_query($sql); } } $user_info['sig'] = ''; $signature = ($message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs')) ? $user_info['user_sig'] : ''; // End signature parsing, only if needed if ($signature) { $signature = censor_text($signature); if ($user_info['user_sig_bbcode_bitfield']) { if ($bbcode === false) { include($phpbb_root_path . 'includes/bbcode.' . $phpEx); $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']); } $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']); } $signature = bbcode_nl2br($signature); $signature = smiley_text($signature); } $url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm'); // Number of "to" recipients $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match); $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false; $template->assign_vars(array( 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'RANK_TITLE' => $user_info['rank_title'], 'RANK_IMG' => $user_info['rank_image'], 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], 'AUTHOR_FROM' => (!empty($user_info['user_from'])) ? $user_info['user_from'] : '', 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => (!$config['load_onlinetrack']) ? false : ((isset($user_info['online']) && $user_info['online']) ? true : false), 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'SENT_DATE' => ($view == 'print') ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => ($message_row['enable_sig']) ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], 'U_PM' => ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id) : '', 'U_WWW' => (!empty($user_info['user_website'])) ? $user_info['user_website'] : '', 'U_ICQ' => ($user_info['user_icq']) ? 'http://www.icq.com/people/' . urlencode($user_info['user_icq']) . '/' : '', 'U_AIM' => ($user_info['user_aim'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=aim&u=' . $author_id) : '', 'U_YIM' => ($user_info['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&.src=pg' : '', 'U_MSN' => ($user_info['user_msnm'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=msnm&u=' . $author_id) : '', 'U_JABBER' => ($user_info['user_jabber'] && $auth->acl_get('u_sendim')) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id) : '', 'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], 'U_REPORT' => ($config['allow_pm_report']) ? append_sid("{$phpbb_root_path}report.$phpEx", "pm=" . $message_row['msg_id']) : '', 'U_QUOTE' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=quote&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_EDIT' => (($message_row['message_time'] > time() - ($config['pm_edit_time'] * 60) || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit')) ? "$url&mode=compose&action=edit&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_PM' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_ALL' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&reply_to_all=1&p=" . $message_row['msg_id'] : '', 'U_PREVIOUS_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=previous", 'U_NEXT_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=next", 'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'], 'S_HAS_ATTACHMENTS' => (sizeof($attachments)) ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0, 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '', 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '') ); // Display not already displayed Attachments for this post, we already parsed them. ;) if (isset($attachments) && sizeof($attachments)) { foreach ($attachments as $attachment) { $template->assign_block_vars('attachment', array( 'DISPLAY_ATTACHMENT' => $attachment) ); } } if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') { // Message History if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) { $template->assign_var('S_DISPLAY_HISTORY', true); } } } /** * Get user information (only for message display) */ function get_user_information($user_id, $user_row) { global $db, $auth, $user, $cache; global $phpbb_root_path, $phpEx, $config; if (!$user_id) { return array(); } if (empty($user_row)) { $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $user_id; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); } // Some standard values $user_row['online'] = false; $user_row['rank_title'] = $user_row['rank_image'] = $user_row['rank_image_src'] = $user_row['email'] = ''; // Generate online information for user if ($config['load_onlinetrack']) { $sql = 'SELECT session_user_id, MAX(session_time) as online_time, MIN(session_viewonline) AS viewonline FROM ' . SESSIONS_TABLE . " WHERE session_user_id = $user_id GROUP BY session_user_id"; $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $update_time = $config['load_online_time'] * 60; if ($row) { $user_row['online'] = (time() - $update_time < $row['online_time'] && ($row['viewonline'] || $auth->acl_get('u_viewonline'))) ? true : false; } } if (!function_exists('get_user_avatar')) { include($phpbb_root_path . 'includes/functions_display.' . $phpEx); } $user_row['avatar'] = ($user->optionget('viewavatars')) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : ''; get_user_rank($user_row['user_rank'], $user_row['user_posts'], $user_row['rank_title'], $user_row['rank_image'], $user_row['rank_image_src']); if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) || $auth->acl_get('a_email')) { $user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id") : ((($config['board_hide_emails'] && !$auth->acl_get('a_email')) || empty($user_row['user_email'])) ? '' : 'mailto:' . $user_row['user_email']); } return $user_row; } ?>PK:[!99ucp_register.phpnuW+Alang_name); if ($agreed) { add_form_key('ucp_register'); } else { add_form_key('ucp_register_terms'); } if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang); if (!validate_language_iso_name($use_lang)) { if ($change_lang) { $submit = false; // Setting back agreed to let the user view the agreement in his/her language $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; } $user->lang_name = $user_lang = $use_lang; $user->lang = array(); $user->data['user_lang'] = $user->lang_name; $user->add_lang(array('common', 'ucp')); } else { $change_lang = ''; $user_lang = $user->lang_name; } } $cp = new custom_profile(); $error = $cp_data = $cp_error = array(); if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : ''; $s_hidden_fields = array( 'change_lang' => $change_lang, ); // If we change the language, we want to pass on some more possible parameter. if ($change_lang) { // We do not include the password $s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => $user->lang_name, 'tz' => request_var('tz', (float) $config['board_timezone']), )); } // Checking amount of available languages $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $db->sql_query($sql); $lang_row = array(); while ($row = $db->sql_fetchrow($result)) { $lang_row[] = $row; } $db->sql_freeresult($result); if ($coppa === false && $config['coppa_enable']) { $now = getdate(); $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); unset($now); $template->assign_vars(array( 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '', 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang), 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang), 'S_SHOW_COPPA' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang), )); } else { $template->assign_vars(array( 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '', 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa), ) ); } unset($lang_row); $this->tpl_name = 'ucp_agreement'; return; } // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm']) { include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); } $is_dst = $config['board_dst']; $timezone = $config['board_timezone']; $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'new_password' => request_var('new_password', '', true), 'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (float) $timezone), ); // Check and initialize some variables if needed if ($submit) { $error = validate_data($data, array( 'username' => array( array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array( array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), array('password')), 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 'email' => array( array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60), 'tz' => array('num', false, -14, 14), 'lang' => array('language_iso_name'), )); if (!check_form_key('ucp_register')) { $error[] = $user->lang['FORM_INVALID']; } // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); if ($config['enable_confirm']) { $vc_response = $captcha->validate($data); if ($vc_response !== false) { $error[] = $vc_response; } if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts']) { $error[] = $user->lang['TOO_MANY_REGISTERS']; } } // DNSBL check if ($config['check_dnsbl']) { if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); } } // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); if (!sizeof($error)) { if ($data['new_password'] != $data['password_confirm']) { $error[] = $user->lang['NEW_PASSWORD_ERROR']; } if ($data['email'] != $data['email_confirm']) { $error[] = $user->lang['NEW_EMAIL_ERROR']; } } if (!sizeof($error)) { $server_url = generate_board_url(); // Which group by default? $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = '" . $db->sql_escape($group_name) . "' AND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$row) { trigger_error('NO_GROUP'); } $group_id = $row['group_id']; if (($coppa || $config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) { $user_actkey = gen_rand_string(mt_rand(6, 10)); $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time(); } else { $user_type = USER_NORMAL; $user_actkey = ''; $user_inactive_reason = 0; $user_inactive_time = 0; } $user_row = array( 'username' => $data['username'], 'user_password' => phpbb_hash($data['new_password']), 'user_email' => $data['email'], 'group_id' => (int) $group_id, 'user_timezone' => (float) $data['tz'], 'user_dst' => $is_dst, 'user_lang' => $data['lang'], 'user_type' => $user_type, 'user_actkey' => $user_actkey, 'user_ip' => $user->ip, 'user_regdate' => time(), 'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time, ); if ($config['new_member_post_limit']) { $user_row['user_new'] = 1; } // Register user... $user_id = user_add($user_row, $cp_data); // This should not happen, because the required variables are listed above... if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR); } // Okay, captcha, your job is done. if ($config['enable_confirm'] && isset($captcha)) { $captcha->reset(); } if ($coppa && $config['email_enable']) { $message = $user->lang['ACCOUNT_COPPA']; $email_template = 'coppa_welcome_inactive'; } else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE']; $email_template = 'user_welcome_inactive'; } else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) { $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; $email_template = 'admin_welcome_inactive'; } else { $message = $user->lang['ACCOUNT_ADDED']; $email_template = 'user_welcome'; } if ($config['email_enable']) { include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(false); $messenger->template($email_template, $data['lang']); $messenger->to($data['email'], $data['username']); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 'USERNAME' => htmlspecialchars_decode($data['username']), 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") ); if ($coppa) { $messenger->assign_vars(array( 'FAX_INFO' => $config['coppa_fax'], 'MAIL_INFO' => $config['coppa_mail'], 'EMAIL_ADDRESS' => $data['email']) ); } $messenger->send(NOTIFY_EMAIL); if ($config['require_activation'] == USER_ACTIVATION_ADMIN) { // Grab an array of user_id's with a_user permissions ... these users can activate a user $admin_ary = $auth->acl_get_list(false, 'a_user', false); $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); // Also include founders $where_sql = ' WHERE user_type = ' . USER_FOUNDER; if (sizeof($admin_ary)) { $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); } $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type FROM ' . USERS_TABLE . ' ' . $where_sql; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('admin_activate', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($data['username']), 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id", 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") ); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); } } $message = $message . '

' . sprintf($user->lang['RETURN_INDEX'], '', ''); trigger_error($message); } } $s_hidden_fields = array( 'agreed' => 'true', 'change_lang' => 0, ); if ($config['coppa_enable']) { $s_hidden_fields['coppa'] = $coppa; } if ($config['enable_confirm']) { $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); } $s_hidden_fields = build_hidden_fields($s_hidden_fields); $confirm_image = ''; // Visual Confirmation - Show images if ($config['enable_confirm']) { $template->assign_vars(array( 'CAPTCHA_TEMPLATE' => $captcha->get_template(), )); } // $l_reg_cond = ''; switch ($config['require_activation']) { case USER_ACTIVATION_SELF: $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; break; case USER_ACTIVATION_ADMIN: $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; break; } $template->assign_vars(array( 'ERROR' => (sizeof($error)) ? implode('
', $error) : '', 'USERNAME' => $data['username'], 'PASSWORD' => $data['new_password'], 'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'], 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']), 'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false, 'S_REGISTRATION' => true, 'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'), )); // $user->profile_fields = array(); // Generate profile fields -> Template Block Variable profile_fields $cp->generate_profile_fields('register', $user->get_iso_lang_id()); // $this->tpl_name = 'ucp_register'; $this->page_title = 'UCP_REGISTRATION'; } } ?>PK:[xѺucp_groups.phpnuW+Aadd_lang('groups'); $return_page = '

' . sprintf($user->lang['RETURN_PAGE'], '', ''); $mark_ary = request_var('mark', array(0)); $submit = (!empty($_POST['submit'])) ? true : false; $delete = (!empty($_POST['delete'])) ? true : false; $error = $data = array(); switch ($mode) { case 'membership': $this->page_title = 'UCP_USERGROUPS_MEMBER'; if ($submit || isset($_POST['change_default'])) { $action = (isset($_POST['change_default'])) ? 'change_default' : request_var('action', ''); $group_id = ($action == 'change_default') ? request_var('default', 0) : request_var('selected', 0); if (!$group_id) { trigger_error('NO_GROUP_SELECTED'); } $sql = 'SELECT group_id, group_name, group_type FROM ' . GROUPS_TABLE . " WHERE group_id IN ($group_id, {$user->data['group_id']})"; $result = $db->sql_query($sql); $group_row = array(); while ($row = $db->sql_fetchrow($result)) { $row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']; $group_row[$row['group_id']] = $row; } $db->sql_freeresult($result); if (!sizeof($group_row)) { trigger_error('GROUP_NOT_EXIST'); } switch ($action) { case 'change_default': // User already having this group set as default? if ($group_id == $user->data['group_id']) { trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page); } if (!$auth->acl_get('u_chggrp')) { trigger_error($user->lang['NOT_AUTHORISED'] . $return_page); } // User needs to be member of the group in order to make it default if (!group_memberships($group_id, $user->data['user_id'], true)) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_attributes('default', $group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])); meta_refresh(3, $this->u_action); trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page); } else { $s_hidden_fields = array( 'default' => $group_id, 'change_default'=> true ); confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields)); } break; case 'resign': // User tries to resign from default group but is not allowed to change it? if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) { trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); $sql = 'SELECT group_type FROM ' . GROUPS_TABLE . ' WHERE group_id = ' . $group_id; $result = $db->sql_query($sql); $group_type = (int) $db->sql_fetchfield('group_type'); $db->sql_freeresult($result); if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) { trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_del($group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang[($row['user_pending']) ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page); } else { $s_hidden_fields = array( 'selected' => $group_id, 'action' => 'resign', 'submit' => true ); confirm_box(false, ($row['user_pending']) ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields)); } break; case 'join': $sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u WHERE ug.user_id = u.user_id AND ug.group_id = ' . $group_id . ' AND ug.user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { if ($row['user_pending']) { trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page); } trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page); } // Check permission to join (open group or request) if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) { trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page); } if (confirm_box(true)) { if ($group_row[$group_id]['group_type'] == GROUP_FREE) { group_user_add($group_id, $user->data['user_id']); } else { group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); $messenger = new messenger(); $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u WHERE ug.user_id = u.user_id AND ug.group_leader = 1 AND ug.group_id = $group_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $messenger->template('group_request', $row['user_lang']); $messenger->to($row['user_email'], $row['username']); $messenger->im($row['user_jabber'], $row['username']); $messenger->assign_vars(array( 'USERNAME' => htmlspecialchars_decode($row['username']), 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), 'REQUEST_USERNAME' => $user->data['username'], 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") ); $messenger->send($row['user_notify_type']); } $db->sql_freeresult($result); $messenger->save_queue(); } add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang[($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page); } else { $s_hidden_fields = array( 'selected' => $group_id, 'action' => 'join', 'submit' => true ); confirm_box(false, ($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields)); } break; case 'demote': if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } if (confirm_box(true)) { group_user_attributes('demote', $group_id, $user->data['user_id']); add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']); meta_refresh(3, $this->u_action); trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page); } else { $s_hidden_fields = array( 'selected' => $group_id, 'action' => 'demote', 'submit' => true ); confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields)); } break; } } $sql = 'SELECT g.*, ug.group_leader, ug.user_pending FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND g.group_id = ug.group_id ORDER BY g.group_type DESC, g.group_name'; $result = $db->sql_query($sql); $group_id_ary = array(); $leader_count = $member_count = $pending_count = 0; while ($row = $db->sql_fetchrow($result)) { $block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member'); switch ($row['group_type']) { case GROUP_OPEN: $group_status = 'OPEN'; break; case GROUP_CLOSED: $group_status = 'CLOSED'; break; case GROUP_HIDDEN: $group_status = 'HIDDEN'; break; case GROUP_SPECIAL: $group_status = 'SPECIAL'; break; case GROUP_FREE: $group_status = 'FREE'; break; } $template->assign_block_vars($block, array( 'GROUP_ID' => $row['group_id'], 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), 'S_GROUP_DEFAULT' => ($row['group_id'] == $user->data['group_id']) ? true : false, 'S_ROW_COUNT' => ${$block . '_count'}++) ); $group_id_ary[] = (int) $row['group_id']; } $db->sql_freeresult($result); // Hide hidden groups unless user is an admin with group privileges $sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')'; $sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage FROM ' . GROUPS_TABLE . ' WHERE ' . ((sizeof($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . " group_type $sql_and ORDER BY group_type DESC, group_name"; $result = $db->sql_query($sql); $nonmember_count = 0; while ($row = $db->sql_fetchrow($result)) { switch ($row['group_type']) { case GROUP_OPEN: $group_status = 'OPEN'; break; case GROUP_CLOSED: $group_status = 'CLOSED'; break; case GROUP_HIDDEN: $group_status = 'HIDDEN'; break; case GROUP_SPECIAL: $group_status = 'SPECIAL'; break; case GROUP_FREE: $group_status = 'FREE'; break; } $template->assign_block_vars('nonmember', array( 'GROUP_ID' => $row['group_id'], 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, 'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'S_CAN_JOIN' => ($row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE) ? true : false, 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), 'S_ROW_COUNT' => $nonmember_count++) ); } $db->sql_freeresult($result); $template->assign_vars(array( 'S_CHANGE_DEFAULT' => ($auth->acl_get('u_chggrp')) ? true : false, 'S_LEADER_COUNT' => $leader_count, 'S_MEMBER_COUNT' => $member_count, 'S_PENDING_COUNT' => $pending_count, 'S_NONMEMBER_COUNT' => $nonmember_count, 'S_UCP_ACTION' => $this->u_action) ); break; case 'manage': $this->page_title = 'UCP_USERGROUPS_MANAGE'; $action = (isset($_POST['addusers'])) ? 'addusers' : request_var('action', ''); $group_id = request_var('g', 0); include($phpbb_root_path . 'includes/functions_display.' . $phpEx); add_form_key('ucp_groups'); if ($group_id) { $sql = 'SELECT * FROM ' . GROUPS_TABLE . " WHERE group_id = $group_id"; $result = $db->sql_query($sql); $group_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$group_row) { trigger_error($user->lang['NO_GROUP'] . $return_page); } // Check if the user is allowed to manage this group if set to founder only. if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) { trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING); } $group_name = $group_row['group_name']; $group_type = $group_row['group_type']; $avatar_img = (!empty($group_row['group_avatar'])) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : ''; $template->assign_vars(array( 'GROUP_NAME' => ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_COLOUR' => (isset($group_row['group_colour'])) ? $group_row['group_colour'] : '', 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], 'AVATAR' => $avatar_img, 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_WIDTH' => (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '', )); } switch ($action) { case 'edit': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false; $user->add_lang(array('acp/groups', 'acp/common')); $data = $submit_ary = array(); $update = (isset($_POST['update'])) ? true : false; $error = array(); $avatar_select = basename(request_var('avatar_select', '')); $category = basename(request_var('category', '')); $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; // Did we submit? if ($update) { $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); $group_desc = utf8_normalize_nfc(request_var('group_desc', '', true)); $group_type = request_var('group_type', GROUP_FREE); $allow_desc_bbcode = request_var('desc_parse_bbcode', false); $allow_desc_urls = request_var('desc_parse_urls', false); $allow_desc_smilies = request_var('desc_parse_smilies', false); $submit_ary = array( 'colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients'=> request_var('group_max_recipients', 0), ); $data['uploadurl'] = request_var('uploadurl', ''); $data['remotelink'] = request_var('remotelink', ''); $data['width'] = request_var('width', ''); $data['height'] = request_var('height', ''); $delete = request_var('delete', ''); if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) { // Avatar stuff $var_ary = array( 'uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3), ); if (!($error = validate_data($data, $var_ary))) { $data['user_id'] = "g$group_id"; if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) { list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error); } else if ($data['remotelink']) { list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error); } } } else if ($avatar_select && $config['allow_avatar_local']) { // check avatar gallery if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) { $submit_ary['avatar_type'] = AVATAR_GALLERY; list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select); $submit_ary['avatar'] = $category . '/' . $avatar_select; } } else if ($delete) { $submit_ary['avatar'] = ''; $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0; } else if ($data['width'] && $data['height']) { // Only update the dimensions? if ($config['avatar_max_width'] || $config['avatar_max_height']) { if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) { $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); } } if (!sizeof($error)) { if ($config['avatar_min_width'] || $config['avatar_min_height']) { if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) { $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); } } } if (!sizeof($error)) { $submit_ary['avatar_width'] = $data['width']; $submit_ary['avatar_height'] = $data['height']; } } if ((isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']))) || $delete) { if (isset($group_row['group_avatar']) && $group_row['group_avatar']) { avatar_delete('group', $group_row, true); } } if (!check_form_key('ucp_groups')) { $error[] = $user->lang['FORM_INVALID']; } // Validate submitted colour value if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true)))) { // Replace "error" string with its real, localised form $error = array_merge($error, $colour_error); } if (!sizeof($error)) { // Only set the rank, colour, etc. if it's changed or if we're adding a new // group. This prevents existing group members being updated if no changes // were made. $group_attributes = array(); $test_variables = array( 'rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'int', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'message_limit' => 'int', 'max_recipients'=> 'int', ); foreach ($test_variables as $test => $type) { if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) { settype($submit_ary[$test], $type); $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; } } if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) { $cache->destroy('sql', GROUPS_TABLE); $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; trigger_error($user->lang[$message] . $return_page); } } if (sizeof($error)) { $error = array_map(array(&$user, 'lang'), $error); $group_rank = $submit_ary['rank']; $group_desc_data = array( 'text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls ); } } else if (!$group_id) { $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); $group_desc_data = array( 'text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true ); $group_rank = 0; $group_type = GROUP_OPEN; } else { $group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']); $group_rank = $group_row['group_rank']; } $sql = 'SELECT * FROM ' . RANKS_TABLE . ' WHERE rank_special = 1 ORDER BY rank_title'; $result = $db->sql_query($sql); $rank_options = ''; while ($row = $db->sql_fetchrow($result)) { $selected = ($group_rank && $row['rank_id'] == $group_rank) ? ' selected="selected"' : ''; $rank_options .= ''; } $db->sql_freeresult($result); $type_free = ($group_type == GROUP_FREE) ? ' checked="checked"' : ''; $type_open = ($group_type == GROUP_OPEN) ? ' checked="checked"' : ''; $type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : ''; $type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : ''; $display_gallery = (isset($_POST['display_gallery'])) ? true : false; if ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery) { avatar_gallery($category, $avatar_select, 4); } $avatars_enabled = ($config['allow_avatar'] && (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; $template->assign_vars(array( 'S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, 'S_FORM_ENCTYPE' => ($config['allow_avatar'] && $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', 'S_ERROR' => (sizeof($error)) ? true : false, 'S_SPECIAL_GROUP' => ($group_type == GROUP_SPECIAL) ? true : false, 'S_AVATARS_ENABLED' => $avatars_enabled, 'S_DISPLAY_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false, 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false, 'S_UPLOAD_AVATAR_FILE' => ($config['allow_avatar'] && $config['allow_avatar_upload'] && $can_upload) ? true : false, 'S_UPLOAD_AVATAR_URL' => ($config['allow_avatar'] && $config['allow_avatar_remote_upload'] && $can_upload) ? true : false, 'S_LINK_AVATAR' => ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false, 'ERROR_MSG' => (sizeof($error)) ? implode('
', $error) : '', 'GROUP_RECEIVE_PM' => (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => (isset($group_row['group_max_recipients'])) ? $group_row['group_max_recipients'] : 0, 'GROUP_DESC' => $group_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour'), 'S_UCP_ACTION' => $this->u_action . "&action=$action&g=$group_id", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), )); break; case 'list': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $user->add_lang(array('acp/groups', 'acp/common')); $start = request_var('start', 0); // Grab the leaders - always, on every page... $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND u.user_id = ug.user_id AND ug.group_leader = 1 ORDER BY ug.user_pending DESC, u.username_clean"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $template->assign_block_vars('leader', array( 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']) ); } $db->sql_freeresult($result); // Total number of group members (non-leaders) $sql = 'SELECT COUNT(user_id) AS total_members FROM ' . USER_GROUP_TABLE . " WHERE group_id = $group_id AND group_leader = 0"; $result = $db->sql_query($sql); $total_members = (int) $db->sql_fetchfield('total_members'); $db->sql_freeresult($result); // Grab the members $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND u.user_id = ug.user_id AND ug.group_leader = 0 ORDER BY ug.user_pending DESC, u.username_clean"; $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); $pending = false; $approved = false; while ($row = $db->sql_fetchrow($result)) { if ($row['user_pending'] && !$pending) { $template->assign_block_vars('member', array( 'S_PENDING' => true) ); $template->assign_var('S_PENDING_SET', true); $pending = true; } else if (!$row['user_pending'] && !$approved) { $template->assign_block_vars('member', array( 'S_APPROVED' => true) ); $template->assign_var('S_APPROVED_SET', true); $approved = true; } $template->assign_block_vars('member', array( 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']) ); } $db->sql_freeresult($result); $s_action_options = ''; $options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE'); foreach ($options as $option => $lang) { $s_action_options .= ''; } $template->assign_vars(array( 'S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action=$action&g=$group_id", $total_members, $config['topics_per_page'], $start), 'U_ACTION' => $this->u_action . "&g=$group_id", 'S_UCP_ACTION' => $this->u_action . "&g=$group_id", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'), )); break; case 'approve': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $user->add_lang('acp/groups'); // Approve, demote or promote group_user_attributes('approve', $group_id, $mark_ary, false, false); trigger_error($user->lang['USERS_APPROVED'] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); break; case 'default': if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; if (confirm_box(true)) { if (!sizeof($mark_ary)) { $start = 0; do { $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . " WHERE group_id = $group_id ORDER BY user_id"; $result = $db->sql_query_limit($sql, 200, $start); $mark_ary = array(); if ($row = $db->sql_fetchrow($result)) { do { $mark_ary[] = $row['user_id']; } while ($row = $db->sql_fetchrow($result)); group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); $start = (sizeof($mark_ary) < 200) ? 0 : $start + 200; } else { $start = 0; } $db->sql_freeresult($result); } while ($start); } else { group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); } $user->add_lang('acp/groups'); trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); } else { $user->add_lang('acp/common'); confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 'mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)) ); } // redirect to last screen redirect($this->u_action . '&action=list&g=' . $group_id); break; case 'deleteusers': $user->add_lang(array('acp/groups', 'acp/common')); if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; if (confirm_box(true)) { if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } $error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']); if ($error) { trigger_error($user->lang[$error] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); } trigger_error($user->lang['GROUP_USERS_REMOVE'] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 'mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)) ); } // redirect to last screen redirect($this->u_action . '&action=list&g=' . $group_id); break; case 'addusers': $user->add_lang(array('acp/groups', 'acp/common')); $names = utf8_normalize_nfc(request_var('usernames', '', true)); if (!$group_id) { trigger_error($user->lang['NO_GROUP'] . $return_page); } if (!$names) { trigger_error($user->lang['NO_USERS'] . $return_page); } if (!($row = group_memberships($group_id, $user->data['user_id']))) { trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); } list(, $row) = each($row); if (!$row['group_leader']) { trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); } $name_ary = array_unique(explode("\n", $names)); $group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; $default = request_var('default', 0); if (confirm_box(true)) { // Add user/s to group if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) { trigger_error($user->lang[$error] . $return_page); } trigger_error($user->lang['GROUP_USERS_ADDED'] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); } else { $s_hidden_fields = array( 'default' => $default, 'usernames' => $names, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action ); confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields)); } trigger_error($user->lang['NO_USERS_ADDED'] . '

' . sprintf($user->lang['RETURN_PAGE'], '', '')); break; default: $user->add_lang('acp/common'); $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND g.group_id = ug.group_id AND ug.group_leader = 1 ORDER BY g.group_type DESC, g.group_name'; $result = $db->sql_query($sql); while ($value = $db->sql_fetchrow($result)) { $template->assign_block_vars('leader', array( 'GROUP_NAME' => ($value['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $value['group_name']] : $value['group_name'], 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 'GROUP_TYPE' => $value['group_type'], 'GROUP_ID' => $value['group_id'], 'GROUP_COLOUR' => $value['group_colour'], 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}") ); } $db->sql_freeresult($result); break; } break; } $this->tpl_name = 'ucp_groups_' . $mode; } } ?>PK:[#q~JJucp_pm_viewfolder.phpnuW+APK:[Wk FJucp_zebra.phpnuW+APK:[9[xx veucp_main.phpnuW+APK:[k  ucp_attachments.phpnuW+APK:[S2ucp_confirm.phpnuW+APK:[D)mucp_pm_compose.phpnuW+APK:[7XddPucp_profile.phpnuW+APK:[^o*;*; #ucp_prefs.phpnuW+APK:[*S ?ucp_remind.phpnuW+APK:[muumMinfo/ucp_zebra.phpnuW+APK:[MFNN$Pinfo/ucp_main.phpnuW+APK:[/)99Sinfo/ucp_attachments.phpnuW+APK:[ x4Vinfo/ucp_profile.phpnuW+APK:[ N[oZinfo/ucp_prefs.phpnuW+APK:[*5]info/ucp_pm.phpnuW+APK:[Nainfo/ucp_groups.phpnuW+APK:[/Qducp_activate.phpnuW+APK:[N'XXasucp_resend.phpnuW+APK:[ǀD3``ucp_pm_options.phpnuW+APK:[,jPx11 ucp_pm.phpnuW+APK:[Oim4m4ucp_pm_viewmessage.phpnuW+APK:[!99ENucp_register.phpnuW+APK:[xѺucp_groups.phpnuW+APK=%