Mercurial > hg > vamp-website

annotate forum/Sources/Subs-Members.php @ 85:6d7b61434be7 website

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add a copy of this here, just in case!
author Chris Cannam
date Mon, 20 Jan 2014 11:02:36 +0000
parents b31c38a09c41
children
rev   line source
Chris@76 1 <?php
Chris@76 2
Chris@76 3 /**
Chris@76 4 * Simple Machines Forum (SMF)
Chris@76 5 *
Chris@76 6 * @package SMF
Chris@76 7 * @author Simple Machines http://www.simplemachines.org
Chris@76 8 * @copyright 2011 Simple Machines
Chris@76 9 * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76 10 *
Chris@76 11 * @version 2.0.1
Chris@76 12 */
Chris@76 13
Chris@76 14 if (!defined('SMF'))
Chris@76 15 die('Hacking attempt...');
Chris@76 16
Chris@76 17 /* This file contains some useful functions for members and membergroups.
Chris@76 18
Chris@76 19 void deleteMembers(array $users, bool check_not_admin = false)
Chris@76 20 - delete of one or more members.
Chris@76 21 - requires profile_remove_own or profile_remove_any permission for
Chris@76 22 respectively removing your own account or any account.
Chris@76 23 - non-admins cannot delete admins.
Chris@76 24 - changes author of messages, topics and polls to guest authors.
Chris@76 25 - removes all log entries concerning the deleted members, except the
Chris@76 26 error logs, ban logs and moderation logs.
Chris@76 27 - removes these members' personal messages (only the inbox), avatars,
Chris@76 28 ban entries, theme settings, moderator positions, poll votes, and
Chris@76 29 karma votes.
Chris@76 30 - updates member statistics afterwards.
Chris@76 31
Chris@76 32 int registerMember(array options, bool return_errors)
Chris@76 33 - registers a member to the forum.
Chris@76 34 - returns the ID of the newly created member.
Chris@76 35 - allows two types of interface: 'guest' and 'admin'. The first
Chris@76 36 includes hammering protection, the latter can perform the
Chris@76 37 registration silently.
Chris@76 38 - the strings used in the options array are assumed to be escaped.
Chris@76 39 - allows to perform several checks on the input, e.g. reserved names.
Chris@76 40 - adjusts member statistics.
Chris@76 41 - if an error is detected will fatal error on all errors unless return_errors is true.
Chris@76 42
Chris@76 43 bool isReservedName(string name, int id_member = 0, bool is_name = true, bool fatal = true)
Chris@76 44 - checks if name is a reserved name or username.
Chris@76 45 - if is_name is false, the name is assumed to be a username.
Chris@76 46 - the id_member variable is used to ignore duplicate matches with the
Chris@76 47 current member.
Chris@76 48
Chris@76 49 array groupsAllowedTo(string permission, int board_id = null)
Chris@76 50 - retrieves a list of membergroups that are allowed to do the given
Chris@76 51 permission.
Chris@76 52 - if board_id is not null, a board permission is assumed.
Chris@76 53 - takes different permission settings into account.
Chris@76 54 - returns an array containing an array for the allowed membergroup ID's
Chris@76 55 and an array for the denied membergroup ID's.
Chris@76 56
Chris@76 57 array membersAllowedTo(string permission, int board_id = null)
Chris@76 58 - retrieves a list of members that are allowed to do the given
Chris@76 59 permission.
Chris@76 60 - if board_id is not null, a board permission is assumed.
Chris@76 61 - takes different permission settings into account.
Chris@76 62 - takes possible moderators (on board 'board_id') into account.
Chris@76 63 - returns an array containing member ID's.
Chris@76 64
Chris@76 65 int reattributePosts(int id_member, string email = false, string membername = false, bool add_to_post_count = false)
Chris@76 66 - reattribute guest posts to a specified member.
Chris@76 67 - does not check for any permissions.
Chris@76 68 - returns the number of successful reattributed posts.
Chris@76 69 - if add_to_post_count is set, the member's post count is increased.
Chris@76 70
Chris@76 71 void BuddyListToggle()
Chris@76 72 - add a member to your buddy list or remove it.
Chris@76 73 - requires profile_identity_own permission.
Chris@76 74 - called by ?action=buddy;u=x;session_id=y.
Chris@76 75 - redirects to ?action=profile;u=x.
Chris@76 76
Chris@76 77 void populateDuplicateMembers(&array members)
Chris@76 78 // !!!
Chris@76 79
Chris@76 80 */
Chris@76 81
Chris@76 82 // Delete a group of/single member.
Chris@76 83 function deleteMembers($users, $check_not_admin = false)
Chris@76 84 {
Chris@76 85 global $sourcedir, $modSettings, $user_info, $smcFunc;
Chris@76 86
Chris@76 87 // Try give us a while to sort this out...
Chris@76 88 @set_time_limit(600);
Chris@76 89 // Try to get some more memory.
Chris@76 90 if (@ini_get('memory_limit') < 128)
Chris@76 91 @ini_set('memory_limit', '128M');
Chris@76 92
Chris@76 93 // If it's not an array, make it so!
Chris@76 94 if (!is_array($users))
Chris@76 95 $users = array($users);
Chris@76 96 else
Chris@76 97 $users = array_unique($users);
Chris@76 98
Chris@76 99 // Make sure there's no void user in here.
Chris@76 100 $users = array_diff($users, array(0));
Chris@76 101
Chris@76 102 // How many are they deleting?
Chris@76 103 if (empty($users))
Chris@76 104 return;
Chris@76 105 elseif (count($users) == 1)
Chris@76 106 {
Chris@76 107 list ($user) = $users;
Chris@76 108
Chris@76 109 if ($user == $user_info['id'])
Chris@76 110 isAllowedTo('profile_remove_own');
Chris@76 111 else
Chris@76 112 isAllowedTo('profile_remove_any');
Chris@76 113 }
Chris@76 114 else
Chris@76 115 {
Chris@76 116 foreach ($users as $k => $v)
Chris@76 117 $users[$k] = (int) $v;
Chris@76 118
Chris@76 119 // Deleting more than one? You can't have more than one account...
Chris@76 120 isAllowedTo('profile_remove_any');
Chris@76 121 }
Chris@76 122
Chris@76 123 // Get their names for logging purposes.
Chris@76 124 $request = $smcFunc['db_query']('', '
Chris@76 125 SELECT id_member, member_name, CASE WHEN id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0 THEN 1 ELSE 0 END AS is_admin
Chris@76 126 FROM {db_prefix}members
Chris@76 127 WHERE id_member IN ({array_int:user_list})
Chris@76 128 LIMIT ' . count($users),
Chris@76 129 array(
Chris@76 130 'user_list' => $users,
Chris@76 131 'admin_group' => 1,
Chris@76 132 )
Chris@76 133 );
Chris@76 134 $admins = array();
Chris@76 135 $user_log_details = array();
Chris@76 136 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 137 {
Chris@76 138 if ($row['is_admin'])
Chris@76 139 $admins[] = $row['id_member'];
Chris@76 140 $user_log_details[$row['id_member']] = array($row['id_member'], $row['member_name']);
Chris@76 141 }
Chris@76 142 $smcFunc['db_free_result']($request);
Chris@76 143
Chris@76 144 if (empty($user_log_details))
Chris@76 145 return;
Chris@76 146
Chris@76 147 // Make sure they aren't trying to delete administrators if they aren't one. But don't bother checking if it's just themself.
Chris@76 148 if (!empty($admins) && ($check_not_admin || (!allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $user_info['id']))))
Chris@76 149 {
Chris@76 150 $users = array_diff($users, $admins);
Chris@76 151 foreach ($admins as $id)
Chris@76 152 unset($user_log_details[$id]);
Chris@76 153 }
Chris@76 154
Chris@76 155 // No one left?
Chris@76 156 if (empty($users))
Chris@76 157 return;
Chris@76 158
Chris@76 159 // Log the action - regardless of who is deleting it.
Chris@76 160 $log_inserts = array();
Chris@76 161 foreach ($user_log_details as $user)
Chris@76 162 {
Chris@76 163 // Integration rocks!
Chris@76 164 call_integration_hook('integrate_delete_member', array($user[0]));
Chris@76 165
Chris@76 166 // Add it to the administration log for future reference.
Chris@76 167 $log_inserts[] = array(
Chris@76 168 time(), 3, $user_info['id'], $user_info['ip'], 'delete_member',
Chris@76 169 0, 0, 0, serialize(array('member' => $user[0], 'name' => $user[1], 'member_acted' => $user_info['name'])),
Chris@76 170 );
Chris@76 171
Chris@76 172 // Remove any cached data if enabled.
Chris@76 173 if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2)
Chris@76 174 cache_put_data('user_settings-' . $user[0], null, 60);
Chris@76 175 }
Chris@76 176
Chris@76 177 // Do the actual logging...
Chris@76 178 if (!empty($log_inserts) && !empty($modSettings['modlog_enabled']))
Chris@76 179 $smcFunc['db_insert']('',
Chris@76 180 '{db_prefix}log_actions',
Chris@76 181 array(
Chris@76 182 'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
Chris@76 183 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
Chris@76 184 ),
Chris@76 185 $log_inserts,
Chris@76 186 array('id_action')
Chris@76 187 );
Chris@76 188
Chris@76 189 // Make these peoples' posts guest posts.
Chris@76 190 $smcFunc['db_query']('', '
Chris@76 191 UPDATE {db_prefix}messages
Chris@76 192 SET id_member = {int:guest_id}, poster_email = {string:blank_email}
Chris@76 193 WHERE id_member IN ({array_int:users})',
Chris@76 194 array(
Chris@76 195 'guest_id' => 0,
Chris@76 196 'blank_email' => '',
Chris@76 197 'users' => $users,
Chris@76 198 )
Chris@76 199 );
Chris@76 200 $smcFunc['db_query']('', '
Chris@76 201 UPDATE {db_prefix}polls
Chris@76 202 SET id_member = {int:guest_id}
Chris@76 203 WHERE id_member IN ({array_int:users})',
Chris@76 204 array(
Chris@76 205 'guest_id' => 0,
Chris@76 206 'users' => $users,
Chris@76 207 )
Chris@76 208 );
Chris@76 209
Chris@76 210 // Make these peoples' posts guest first posts and last posts.
Chris@76 211 $smcFunc['db_query']('', '
Chris@76 212 UPDATE {db_prefix}topics
Chris@76 213 SET id_member_started = {int:guest_id}
Chris@76 214 WHERE id_member_started IN ({array_int:users})',
Chris@76 215 array(
Chris@76 216 'guest_id' => 0,
Chris@76 217 'users' => $users,
Chris@76 218 )
Chris@76 219 );
Chris@76 220 $smcFunc['db_query']('', '
Chris@76 221 UPDATE {db_prefix}topics
Chris@76 222 SET id_member_updated = {int:guest_id}
Chris@76 223 WHERE id_member_updated IN ({array_int:users})',
Chris@76 224 array(
Chris@76 225 'guest_id' => 0,
Chris@76 226 'users' => $users,
Chris@76 227 )
Chris@76 228 );
Chris@76 229
Chris@76 230 $smcFunc['db_query']('', '
Chris@76 231 UPDATE {db_prefix}log_actions
Chris@76 232 SET id_member = {int:guest_id}
Chris@76 233 WHERE id_member IN ({array_int:users})',
Chris@76 234 array(
Chris@76 235 'guest_id' => 0,
Chris@76 236 'users' => $users,
Chris@76 237 )
Chris@76 238 );
Chris@76 239
Chris@76 240 $smcFunc['db_query']('', '
Chris@76 241 UPDATE {db_prefix}log_banned
Chris@76 242 SET id_member = {int:guest_id}
Chris@76 243 WHERE id_member IN ({array_int:users})',
Chris@76 244 array(
Chris@76 245 'guest_id' => 0,
Chris@76 246 'users' => $users,
Chris@76 247 )
Chris@76 248 );
Chris@76 249
Chris@76 250 $smcFunc['db_query']('', '
Chris@76 251 UPDATE {db_prefix}log_errors
Chris@76 252 SET id_member = {int:guest_id}
Chris@76 253 WHERE id_member IN ({array_int:users})',
Chris@76 254 array(
Chris@76 255 'guest_id' => 0,
Chris@76 256 'users' => $users,
Chris@76 257 )
Chris@76 258 );
Chris@76 259
Chris@76 260 // Delete the member.
Chris@76 261 $smcFunc['db_query']('', '
Chris@76 262 DELETE FROM {db_prefix}members
Chris@76 263 WHERE id_member IN ({array_int:users})',
Chris@76 264 array(
Chris@76 265 'users' => $users,
Chris@76 266 )
Chris@76 267 );
Chris@76 268
Chris@76 269 // Delete the logs...
Chris@76 270 $smcFunc['db_query']('', '
Chris@76 271 DELETE FROM {db_prefix}log_actions
Chris@76 272 WHERE id_log = {int:log_type}
Chris@76 273 AND id_member IN ({array_int:users})',
Chris@76 274 array(
Chris@76 275 'log_type' => 2,
Chris@76 276 'users' => $users,
Chris@76 277 )
Chris@76 278 );
Chris@76 279 $smcFunc['db_query']('', '
Chris@76 280 DELETE FROM {db_prefix}log_boards
Chris@76 281 WHERE id_member IN ({array_int:users})',
Chris@76 282 array(
Chris@76 283 'users' => $users,
Chris@76 284 )
Chris@76 285 );
Chris@76 286 $smcFunc['db_query']('', '
Chris@76 287 DELETE FROM {db_prefix}log_comments
Chris@76 288 WHERE id_recipient IN ({array_int:users})
Chris@76 289 AND comment_type = {string:warntpl}',
Chris@76 290 array(
Chris@76 291 'users' => $users,
Chris@76 292 'warntpl' => 'warntpl',
Chris@76 293 )
Chris@76 294 );
Chris@76 295 $smcFunc['db_query']('', '
Chris@76 296 DELETE FROM {db_prefix}log_group_requests
Chris@76 297 WHERE id_member IN ({array_int:users})',
Chris@76 298 array(
Chris@76 299 'users' => $users,
Chris@76 300 )
Chris@76 301 );
Chris@76 302 $smcFunc['db_query']('', '
Chris@76 303 DELETE FROM {db_prefix}log_karma
Chris@76 304 WHERE id_target IN ({array_int:users})
Chris@76 305 OR id_executor IN ({array_int:users})',
Chris@76 306 array(
Chris@76 307 'users' => $users,
Chris@76 308 )
Chris@76 309 );
Chris@76 310 $smcFunc['db_query']('', '
Chris@76 311 DELETE FROM {db_prefix}log_mark_read
Chris@76 312 WHERE id_member IN ({array_int:users})',
Chris@76 313 array(
Chris@76 314 'users' => $users,
Chris@76 315 )
Chris@76 316 );
Chris@76 317 $smcFunc['db_query']('', '
Chris@76 318 DELETE FROM {db_prefix}log_notify
Chris@76 319 WHERE id_member IN ({array_int:users})',
Chris@76 320 array(
Chris@76 321 'users' => $users,
Chris@76 322 )
Chris@76 323 );
Chris@76 324 $smcFunc['db_query']('', '
Chris@76 325 DELETE FROM {db_prefix}log_online
Chris@76 326 WHERE id_member IN ({array_int:users})',
Chris@76 327 array(
Chris@76 328 'users' => $users,
Chris@76 329 )
Chris@76 330 );
Chris@76 331 $smcFunc['db_query']('', '
Chris@76 332 DELETE FROM {db_prefix}log_subscribed
Chris@76 333 WHERE id_member IN ({array_int:users})',
Chris@76 334 array(
Chris@76 335 'users' => $users,
Chris@76 336 )
Chris@76 337 );
Chris@76 338 $smcFunc['db_query']('', '
Chris@76 339 DELETE FROM {db_prefix}log_topics
Chris@76 340 WHERE id_member IN ({array_int:users})',
Chris@76 341 array(
Chris@76 342 'users' => $users,
Chris@76 343 )
Chris@76 344 );
Chris@76 345 $smcFunc['db_query']('', '
Chris@76 346 DELETE FROM {db_prefix}collapsed_categories
Chris@76 347 WHERE id_member IN ({array_int:users})',
Chris@76 348 array(
Chris@76 349 'users' => $users,
Chris@76 350 )
Chris@76 351 );
Chris@76 352
Chris@76 353 // Make their votes appear as guest votes - at least it keeps the totals right.
Chris@76 354 //!!! Consider adding back in cookie protection.
Chris@76 355 $smcFunc['db_query']('', '
Chris@76 356 UPDATE {db_prefix}log_polls
Chris@76 357 SET id_member = {int:guest_id}
Chris@76 358 WHERE id_member IN ({array_int:users})',
Chris@76 359 array(
Chris@76 360 'guest_id' => 0,
Chris@76 361 'users' => $users,
Chris@76 362 )
Chris@76 363 );
Chris@76 364
Chris@76 365 // Delete personal messages.
Chris@76 366 require_once($sourcedir . '/PersonalMessage.php');
Chris@76 367 deleteMessages(null, null, $users);
Chris@76 368
Chris@76 369 $smcFunc['db_query']('', '
Chris@76 370 UPDATE {db_prefix}personal_messages
Chris@76 371 SET id_member_from = {int:guest_id}
Chris@76 372 WHERE id_member_from IN ({array_int:users})',
Chris@76 373 array(
Chris@76 374 'guest_id' => 0,
Chris@76 375 'users' => $users,
Chris@76 376 )
Chris@76 377 );
Chris@76 378
Chris@76 379 // They no longer exist, so we don't know who it was sent to.
Chris@76 380 $smcFunc['db_query']('', '
Chris@76 381 DELETE FROM {db_prefix}pm_recipients
Chris@76 382 WHERE id_member IN ({array_int:users})',
Chris@76 383 array(
Chris@76 384 'users' => $users,
Chris@76 385 )
Chris@76 386 );
Chris@76 387
Chris@76 388 // Delete avatar.
Chris@76 389 require_once($sourcedir . '/ManageAttachments.php');
Chris@76 390 removeAttachments(array('id_member' => $users));
Chris@76 391
Chris@76 392 // It's over, no more moderation for you.
Chris@76 393 $smcFunc['db_query']('', '
Chris@76 394 DELETE FROM {db_prefix}moderators
Chris@76 395 WHERE id_member IN ({array_int:users})',
Chris@76 396 array(
Chris@76 397 'users' => $users,
Chris@76 398 )
Chris@76 399 );
Chris@76 400 $smcFunc['db_query']('', '
Chris@76 401 DELETE FROM {db_prefix}group_moderators
Chris@76 402 WHERE id_member IN ({array_int:users})',
Chris@76 403 array(
Chris@76 404 'users' => $users,
Chris@76 405 )
Chris@76 406 );
Chris@76 407
Chris@76 408 // If you don't exist we can't ban you.
Chris@76 409 $smcFunc['db_query']('', '
Chris@76 410 DELETE FROM {db_prefix}ban_items
Chris@76 411 WHERE id_member IN ({array_int:users})',
Chris@76 412 array(
Chris@76 413 'users' => $users,
Chris@76 414 )
Chris@76 415 );
Chris@76 416
Chris@76 417 // Remove individual theme settings.
Chris@76 418 $smcFunc['db_query']('', '
Chris@76 419 DELETE FROM {db_prefix}themes
Chris@76 420 WHERE id_member IN ({array_int:users})',
Chris@76 421 array(
Chris@76 422 'users' => $users,
Chris@76 423 )
Chris@76 424 );
Chris@76 425
Chris@76 426 // These users are nobody's buddy nomore.
Chris@76 427 $request = $smcFunc['db_query']('', '
Chris@76 428 SELECT id_member, pm_ignore_list, buddy_list
Chris@76 429 FROM {db_prefix}members
Chris@76 430 WHERE FIND_IN_SET({raw:pm_ignore_list}, pm_ignore_list) != 0 OR FIND_IN_SET({raw:buddy_list}, buddy_list) != 0',
Chris@76 431 array(
Chris@76 432 'pm_ignore_list' => implode(', pm_ignore_list) != 0 OR FIND_IN_SET(', $users),
Chris@76 433 'buddy_list' => implode(', buddy_list) != 0 OR FIND_IN_SET(', $users),
Chris@76 434 )
Chris@76 435 );
Chris@76 436 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 437 $smcFunc['db_query']('', '
Chris@76 438 UPDATE {db_prefix}members
Chris@76 439 SET
Chris@76 440 pm_ignore_list = {string:pm_ignore_list},
Chris@76 441 buddy_list = {string:buddy_list}
Chris@76 442 WHERE id_member = {int:id_member}',
Chris@76 443 array(
Chris@76 444 'id_member' => $row['id_member'],
Chris@76 445 'pm_ignore_list' => implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)),
Chris@76 446 'buddy_list' => implode(',', array_diff(explode(',', $row['buddy_list']), $users)),
Chris@76 447 )
Chris@76 448 );
Chris@76 449 $smcFunc['db_free_result']($request);
Chris@76 450
Chris@76 451 // Make sure no member's birthday is still sticking in the calendar...
Chris@76 452 updateSettings(array(
Chris@76 453 'calendar_updated' => time(),
Chris@76 454 ));
Chris@76 455
Chris@76 456 updateStats('member');
Chris@76 457 }
Chris@76 458
Chris@76 459 function registerMember(&$regOptions, $return_errors = false)
Chris@76 460 {
Chris@76 461 global $scripturl, $txt, $modSettings, $context, $sourcedir;
Chris@76 462 global $user_info, $options, $settings, $smcFunc;
Chris@76 463
Chris@76 464 loadLanguage('Login');
Chris@76 465
Chris@76 466 // We'll need some external functions.
Chris@76 467 require_once($sourcedir . '/Subs-Auth.php');
Chris@76 468 require_once($sourcedir . '/Subs-Post.php');
Chris@76 469
Chris@76 470 // Put any errors in here.
Chris@76 471 $reg_errors = array();
Chris@76 472
Chris@76 473 // Registration from the admin center, let them sweat a little more.
Chris@76 474 if ($regOptions['interface'] == 'admin')
Chris@76 475 {
Chris@76 476 is_not_guest();
Chris@76 477 isAllowedTo('moderate_forum');
Chris@76 478 }
Chris@76 479 // If you're an admin, you're special ;).
Chris@76 480 elseif ($regOptions['interface'] == 'guest')
Chris@76 481 {
Chris@76 482 // You cannot register twice...
Chris@76 483 if (empty($user_info['is_guest']))
Chris@76 484 redirectexit();
Chris@76 485
Chris@76 486 // Make sure they didn't just register with this session.
Chris@76 487 if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck']))
Chris@76 488 fatal_lang_error('register_only_once', false);
Chris@76 489 }
Chris@76 490
Chris@76 491 // What method of authorization are we going to use?
Chris@76 492 if (empty($regOptions['auth_method']) || !in_array($regOptions['auth_method'], array('password', 'openid')))
Chris@76 493 {
Chris@76 494 if (!empty($regOptions['openid']))
Chris@76 495 $regOptions['auth_method'] = 'openid';
Chris@76 496 else
Chris@76 497 $regOptions['auth_method'] = 'password';
Chris@76 498 }
Chris@76 499
Chris@76 500 // No name?! How can you register with no name?
Chris@76 501 if (empty($regOptions['username']))
Chris@76 502 $reg_errors[] = array('lang', 'need_username');
Chris@76 503
Chris@76 504 // Spaces and other odd characters are evil...
Chris@76 505 $regOptions['username'] = preg_replace('~[\t\n\r\x0B\0' . ($context['utf8'] ? ($context['server']['complex_preg_chars'] ? '\x{A0}' : "\xC2\xA0") : '\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $regOptions['username']);
Chris@76 506
Chris@76 507 // Don't use too long a name.
Chris@76 508 if ($smcFunc['strlen']($regOptions['username']) > 25)
Chris@76 509 $reg_errors[] = array('lang', 'error_long_name');
Chris@76 510
Chris@76 511 // Only these characters are permitted.
Chris@76 512 if (preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $regOptions['username'])) != 0 || $regOptions['username'] == '_' || $regOptions['username'] == '|' || strpos($regOptions['username'], '[code') !== false || strpos($regOptions['username'], '[/code') !== false)
Chris@76 513 $reg_errors[] = array('lang', 'error_invalid_characters_username');
Chris@76 514
Chris@76 515 if ($smcFunc['strtolower']($regOptions['username']) === $smcFunc['strtolower']($txt['guest_title']))
Chris@76 516 $reg_errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title']));
Chris@76 517
Chris@76 518 // !!! Separate the sprintf?
Chris@76 519 if (empty($regOptions['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $regOptions['email']) === 0 || strlen($regOptions['email']) > 255)
Chris@76 520 $reg_errors[] = array('done', sprintf($txt['valid_email_needed'], $smcFunc['htmlspecialchars']($regOptions['username'])));
Chris@76 521
Chris@76 522 if (!empty($regOptions['check_reserved_name']) && isReservedName($regOptions['username'], 0, false))
Chris@76 523 {
Chris@76 524 if ($regOptions['password'] == 'chocolate cake')
Chris@76 525 $reg_errors[] = array('done', 'Sorry, I don\'t take bribes... you\'ll need to come up with a different name.');
Chris@76 526 $reg_errors[] = array('done', '(' . htmlspecialchars($regOptions['username']) . ') ' . $txt['name_in_use']);
Chris@76 527 }
Chris@76 528
Chris@76 529 // Generate a validation code if it's supposed to be emailed.
Chris@76 530 $validation_code = '';
Chris@76 531 if ($regOptions['require'] == 'activation')
Chris@76 532 $validation_code = generateValidationCode();
Chris@76 533
Chris@76 534 // If you haven't put in a password generate one.
Chris@76 535 if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '' && $regOptions['auth_method'] == 'password')
Chris@76 536 {
Chris@76 537 mt_srand(time() + 1277);
Chris@76 538 $regOptions['password'] = generateValidationCode();
Chris@76 539 $regOptions['password_check'] = $regOptions['password'];
Chris@76 540 }
Chris@76 541 // Does the first password match the second?
Chris@76 542 elseif ($regOptions['password'] != $regOptions['password_check'] && $regOptions['auth_method'] == 'password')
Chris@76 543 $reg_errors[] = array('lang', 'passwords_dont_match');
Chris@76 544
Chris@76 545 // That's kind of easy to guess...
Chris@76 546 if ($regOptions['password'] == '')
Chris@76 547 {
Chris@76 548 if ($regOptions['auth_method'] == 'password')
Chris@76 549 $reg_errors[] = array('lang', 'no_password');
Chris@76 550 else
Chris@76 551 $regOptions['password'] = sha1(mt_rand());
Chris@76 552 }
Chris@76 553
Chris@76 554 // Now perform hard password validation as required.
Chris@76 555 if (!empty($regOptions['check_password_strength']))
Chris@76 556 {
Chris@76 557 $passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
Chris@76 558
Chris@76 559 // Password isn't legal?
Chris@76 560 if ($passwordError != null)
Chris@76 561 $reg_errors[] = array('lang', 'profile_error_password_' . $passwordError);
Chris@76 562 }
Chris@76 563
Chris@76 564 // If they are using an OpenID that hasn't been verified yet error out.
Chris@76 565 // !!! Change this so they can register without having to attempt a login first
Chris@76 566 if ($regOptions['auth_method'] == 'openid' && (empty($_SESSION['openid']['verified']) || $_SESSION['openid']['openid_uri'] != $regOptions['openid']))
Chris@76 567 $reg_errors[] = array('lang', 'openid_not_verified');
Chris@76 568
Chris@76 569 // You may not be allowed to register this email.
Chris@76 570 if (!empty($regOptions['check_email_ban']))
Chris@76 571 isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
Chris@76 572
Chris@76 573 // Check if the email address is in use.
Chris@76 574 $request = $smcFunc['db_query']('', '
Chris@76 575 SELECT id_member
Chris@76 576 FROM {db_prefix}members
Chris@76 577 WHERE email_address = {string:email_address}
Chris@76 578 OR email_address = {string:username}
Chris@76 579 LIMIT 1',
Chris@76 580 array(
Chris@76 581 'email_address' => $regOptions['email'],
Chris@76 582 'username' => $regOptions['username'],
Chris@76 583 )
Chris@76 584 );
Chris@76 585 // !!! Separate the sprintf?
Chris@76 586 if ($smcFunc['db_num_rows']($request) != 0)
Chris@76 587 $reg_errors[] = array('lang', 'email_in_use', false, array(htmlspecialchars($regOptions['email'])));
Chris@76 588 $smcFunc['db_free_result']($request);
Chris@76 589
Chris@76 590 // If we found any errors we need to do something about it right away!
Chris@76 591 foreach ($reg_errors as $key => $error)
Chris@76 592 {
Chris@76 593 /* Note for each error:
Chris@76 594 0 = 'lang' if it's an index, 'done' if it's clear text.
Chris@76 595 1 = The text/index.
Chris@76 596 2 = Whether to log.
Chris@76 597 3 = sprintf data if necessary. */
Chris@76 598 if ($error[0] == 'lang')
Chris@76 599 loadLanguage('Errors');
Chris@76 600 $message = $error[0] == 'lang' ? (empty($error[3]) ? $txt[$error[1]] : vsprintf($txt[$error[1]], $error[3])) : $error[1];
Chris@76 601
Chris@76 602 // What to do, what to do, what to do.
Chris@76 603 if ($return_errors)
Chris@76 604 {
Chris@76 605 if (!empty($error[2]))
Chris@76 606 log_error($message, $error[2]);
Chris@76 607 $reg_errors[$key] = $message;
Chris@76 608 }
Chris@76 609 else
Chris@76 610 fatal_error($message, empty($error[2]) ? false : $error[2]);
Chris@76 611 }
Chris@76 612
Chris@76 613 // If there's any errors left return them at once!
Chris@76 614 if (!empty($reg_errors))
Chris@76 615 return $reg_errors;
Chris@76 616
Chris@76 617 $reservedVars = array(
Chris@76 618 'actual_theme_url',
Chris@76 619 'actual_images_url',
Chris@76 620 'base_theme_dir',
Chris@76 621 'base_theme_url',
Chris@76 622 'default_images_url',
Chris@76 623 'default_theme_dir',
Chris@76 624 'default_theme_url',
Chris@76 625 'default_template',
Chris@76 626 'images_url',
Chris@76 627 'number_recent_posts',
Chris@76 628 'smiley_sets_default',
Chris@76 629 'theme_dir',
Chris@76 630 'theme_id',
Chris@76 631 'theme_layers',
Chris@76 632 'theme_templates',
Chris@76 633 'theme_url',
Chris@76 634 );
Chris@76 635
Chris@76 636 // Can't change reserved vars.
Chris@76 637 if (isset($regOptions['theme_vars']) && array_intersect($regOptions['theme_vars'], $reservedVars) != array())
Chris@76 638 fatal_lang_error('no_theme');
Chris@76 639
Chris@76 640 // Some of these might be overwritten. (the lower ones that are in the arrays below.)
Chris@76 641 $regOptions['register_vars'] = array(
Chris@76 642 'member_name' => $regOptions['username'],
Chris@76 643 'email_address' => $regOptions['email'],
Chris@76 644 'passwd' => sha1(strtolower($regOptions['username']) . $regOptions['password']),
Chris@76 645 'password_salt' => substr(md5(mt_rand()), 0, 4) ,
Chris@76 646 'posts' => 0,
Chris@76 647 'date_registered' => time(),
Chris@76 648 'member_ip' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $user_info['ip'],
Chris@76 649 'member_ip2' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $_SERVER['BAN_CHECK_IP'],
Chris@76 650 'validation_code' => $validation_code,
Chris@76 651 'real_name' => $regOptions['username'],
Chris@76 652 'personal_text' => $modSettings['default_personal_text'],
Chris@76 653 'pm_email_notify' => 1,
Chris@76 654 'id_theme' => 0,
Chris@76 655 'id_post_group' => 4,
Chris@76 656 'lngfile' => '',
Chris@76 657 'buddy_list' => '',
Chris@76 658 'pm_ignore_list' => '',
Chris@76 659 'message_labels' => '',
Chris@76 660 'website_title' => '',
Chris@76 661 'website_url' => '',
Chris@76 662 'location' => '',
Chris@76 663 'icq' => '',
Chris@76 664 'aim' => '',
Chris@76 665 'yim' => '',
Chris@76 666 'msn' => '',
Chris@76 667 'time_format' => '',
Chris@76 668 'signature' => '',
Chris@76 669 'avatar' => '',
Chris@76 670 'usertitle' => '',
Chris@76 671 'secret_question' => '',
Chris@76 672 'secret_answer' => '',
Chris@76 673 'additional_groups' => '',
Chris@76 674 'ignore_boards' => '',
Chris@76 675 'smiley_set' => '',
Chris@76 676 'openid_uri' => (!empty($regOptions['openid']) ? $regOptions['openid'] : ''),
Chris@76 677 );
Chris@76 678
Chris@76 679 // Setup the activation status on this new account so it is correct - firstly is it an under age account?
Chris@76 680 if ($regOptions['require'] == 'coppa')
Chris@76 681 {
Chris@76 682 $regOptions['register_vars']['is_activated'] = 5;
Chris@76 683 // !!! This should be changed. To what should be it be changed??
Chris@76 684 $regOptions['register_vars']['validation_code'] = '';
Chris@76 685 }
Chris@76 686 // Maybe it can be activated right away?
Chris@76 687 elseif ($regOptions['require'] == 'nothing')
Chris@76 688 $regOptions['register_vars']['is_activated'] = 1;
Chris@76 689 // Maybe it must be activated by email?
Chris@76 690 elseif ($regOptions['require'] == 'activation')
Chris@76 691 $regOptions['register_vars']['is_activated'] = 0;
Chris@76 692 // Otherwise it must be awaiting approval!
Chris@76 693 else
Chris@76 694 $regOptions['register_vars']['is_activated'] = 3;
Chris@76 695
Chris@76 696 if (isset($regOptions['memberGroup']))
Chris@76 697 {
Chris@76 698 // Make sure the id_group will be valid, if this is an administator.
Chris@76 699 $regOptions['register_vars']['id_group'] = $regOptions['memberGroup'] == 1 && !allowedTo('admin_forum') ? 0 : $regOptions['memberGroup'];
Chris@76 700
Chris@76 701 // Check if this group is assignable.
Chris@76 702 $unassignableGroups = array(-1, 3);
Chris@76 703 $request = $smcFunc['db_query']('', '
Chris@76 704 SELECT id_group
Chris@76 705 FROM {db_prefix}membergroups
Chris@76 706 WHERE min_posts != {int:min_posts}' . (allowedTo('admin_forum') ? '' : '
Chris@76 707 OR group_type = {int:is_protected}'),
Chris@76 708 array(
Chris@76 709 'min_posts' => -1,
Chris@76 710 'is_protected' => 1,
Chris@76 711 )
Chris@76 712 );
Chris@76 713 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 714 $unassignableGroups[] = $row['id_group'];
Chris@76 715 $smcFunc['db_free_result']($request);
Chris@76 716
Chris@76 717 if (in_array($regOptions['register_vars']['id_group'], $unassignableGroups))
Chris@76 718 $regOptions['register_vars']['id_group'] = 0;
Chris@76 719 }
Chris@76 720
Chris@76 721 // ICQ cannot be zero.
Chris@76 722 if (isset($regOptions['extra_register_vars']['icq']) && empty($regOptions['extra_register_vars']['icq']))
Chris@76 723 $regOptions['extra_register_vars']['icq'] = '';
Chris@76 724
Chris@76 725 // Integrate optional member settings to be set.
Chris@76 726 if (!empty($regOptions['extra_register_vars']))
Chris@76 727 foreach ($regOptions['extra_register_vars'] as $var => $value)
Chris@76 728 $regOptions['register_vars'][$var] = $value;
Chris@76 729
Chris@76 730 // Integrate optional user theme options to be set.
Chris@76 731 $theme_vars = array();
Chris@76 732 if (!empty($regOptions['theme_vars']))
Chris@76 733 foreach ($regOptions['theme_vars'] as $var => $value)
Chris@76 734 $theme_vars[$var] = $value;
Chris@76 735
Chris@76 736 // Call an optional function to validate the users' input.
Chris@76 737 call_integration_hook('integrate_register', array(&$regOptions, &$theme_vars));
Chris@76 738
Chris@76 739 // Right, now let's prepare for insertion.
Chris@76 740 $knownInts = array(
Chris@76 741 'date_registered', 'posts', 'id_group', 'last_login', 'instant_messages', 'unread_messages',
Chris@76 742 'new_pm', 'pm_prefs', 'gender', 'hide_email', 'show_online', 'pm_email_notify', 'karma_good', 'karma_bad',
Chris@76 743 'notify_announcements', 'notify_send_body', 'notify_regularity', 'notify_types',
Chris@76 744 'id_theme', 'is_activated', 'id_msg_last_visit', 'id_post_group', 'total_time_logged_in', 'warning',
Chris@76 745 );
Chris@76 746 $knownFloats = array(
Chris@76 747 'time_offset',
Chris@76 748 );
Chris@76 749
Chris@76 750 $column_names = array();
Chris@76 751 $values = array();
Chris@76 752 foreach ($regOptions['register_vars'] as $var => $val)
Chris@76 753 {
Chris@76 754 $type = 'string';
Chris@76 755 if (in_array($var, $knownInts))
Chris@76 756 $type = 'int';
Chris@76 757 elseif (in_array($var, $knownFloats))
Chris@76 758 $type = 'float';
Chris@76 759 elseif ($var == 'birthdate')
Chris@76 760 $type = 'date';
Chris@76 761
Chris@76 762 $column_names[$var] = $type;
Chris@76 763 $values[$var] = $val;
Chris@76 764 }
Chris@76 765
Chris@76 766 // Register them into the database.
Chris@76 767 $smcFunc['db_insert']('',
Chris@76 768 '{db_prefix}members',
Chris@76 769 $column_names,
Chris@76 770 $values,
Chris@76 771 array('id_member')
Chris@76 772 );
Chris@76 773 $memberID = $smcFunc['db_insert_id']('{db_prefix}members', 'id_member');
Chris@76 774
Chris@76 775 // Update the number of members and latest member's info - and pass the name, but remove the 's.
Chris@76 776 if ($regOptions['register_vars']['is_activated'] == 1)
Chris@76 777 updateStats('member', $memberID, $regOptions['register_vars']['real_name']);
Chris@76 778 else
Chris@76 779 updateStats('member');
Chris@76 780
Chris@76 781 // Theme variables too?
Chris@76 782 if (!empty($theme_vars))
Chris@76 783 {
Chris@76 784 $inserts = array();
Chris@76 785 foreach ($theme_vars as $var => $val)
Chris@76 786 $inserts[] = array($memberID, $var, $val);
Chris@76 787 $smcFunc['db_insert']('insert',
Chris@76 788 '{db_prefix}themes',
Chris@76 789 array('id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
Chris@76 790 $inserts,
Chris@76 791 array('id_member', 'variable')
Chris@76 792 );
Chris@76 793 }
Chris@76 794
Chris@76 795 // If it's enabled, increase the registrations for today.
Chris@76 796 trackStats(array('registers' => '+'));
Chris@76 797
Chris@76 798 // Administrative registrations are a bit different...
Chris@76 799 if ($regOptions['interface'] == 'admin')
Chris@76 800 {
Chris@76 801 if ($regOptions['require'] == 'activation')
Chris@76 802 $email_message = 'admin_register_activate';
Chris@76 803 elseif (!empty($regOptions['send_welcome_email']))
Chris@76 804 $email_message = 'admin_register_immediate';
Chris@76 805
Chris@76 806 if (isset($email_message))
Chris@76 807 {
Chris@76 808 $replacements = array(
Chris@76 809 'REALNAME' => $regOptions['register_vars']['real_name'],
Chris@76 810 'USERNAME' => $regOptions['username'],
Chris@76 811 'PASSWORD' => $regOptions['password'],
Chris@76 812 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
Chris@76 813 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
Chris@76 814 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
Chris@76 815 'ACTIVATIONCODE' => $validation_code,
Chris@76 816 );
Chris@76 817
Chris@76 818 $emaildata = loadEmailTemplate($email_message, $replacements);
Chris@76 819
Chris@76 820 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76 821 }
Chris@76 822
Chris@76 823 // All admins are finished here.
Chris@76 824 return $memberID;
Chris@76 825 }
Chris@76 826
Chris@76 827 // Can post straight away - welcome them to your fantastic community...
Chris@76 828 if ($regOptions['require'] == 'nothing')
Chris@76 829 {
Chris@76 830 if (!empty($regOptions['send_welcome_email']))
Chris@76 831 {
Chris@76 832 $replacements = array(
Chris@76 833 'REALNAME' => $regOptions['register_vars']['real_name'],
Chris@76 834 'USERNAME' => $regOptions['username'],
Chris@76 835 'PASSWORD' => $regOptions['password'],
Chris@76 836 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
Chris@76 837 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
Chris@76 838 );
Chris@76 839 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'immediate', $replacements);
Chris@76 840 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76 841 }
Chris@76 842
Chris@76 843 // Send admin their notification.
Chris@76 844 adminNotify('standard', $memberID, $regOptions['username']);
Chris@76 845 }
Chris@76 846 // Need to activate their account - or fall under COPPA.
Chris@76 847 elseif ($regOptions['require'] == 'activation' || $regOptions['require'] == 'coppa')
Chris@76 848 {
Chris@76 849 $replacements = array(
Chris@76 850 'REALNAME' => $regOptions['register_vars']['real_name'],
Chris@76 851 'USERNAME' => $regOptions['username'],
Chris@76 852 'PASSWORD' => $regOptions['password'],
Chris@76 853 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
Chris@76 854 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
Chris@76 855 );
Chris@76 856
Chris@76 857 if ($regOptions['require'] == 'activation')
Chris@76 858 $replacements += array(
Chris@76 859 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
Chris@76 860 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
Chris@76 861 'ACTIVATIONCODE' => $validation_code,
Chris@76 862 );
Chris@76 863 else
Chris@76 864 $replacements += array(
Chris@76 865 'COPPALINK' => $scripturl . '?action=coppa;u=' . $memberID,
Chris@76 866 );
Chris@76 867
Chris@76 868 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . ($regOptions['require'] == 'activation' ? 'activate' : 'coppa'), $replacements);
Chris@76 869
Chris@76 870 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76 871 }
Chris@76 872 // Must be awaiting approval.
Chris@76 873 else
Chris@76 874 {
Chris@76 875 $replacements = array(
Chris@76 876 'REALNAME' => $regOptions['register_vars']['real_name'],
Chris@76 877 'USERNAME' => $regOptions['username'],
Chris@76 878 'PASSWORD' => $regOptions['password'],
Chris@76 879 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
Chris@76 880 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
Chris@76 881 );
Chris@76 882
Chris@76 883 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'pending', $replacements);
Chris@76 884
Chris@76 885 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76 886
Chris@76 887 // Admin gets informed here...
Chris@77 888 adminNotify('approval', $memberID, $regOptions['username'], $regOptions['justify']);
Chris@76 889 }
Chris@76 890
Chris@76 891 // Okay, they're for sure registered... make sure the session is aware of this for security. (Just married :P!)
Chris@76 892 $_SESSION['just_registered'] = 1;
Chris@76 893
Chris@76 894 return $memberID;
Chris@76 895 }
Chris@76 896
Chris@76 897 // Check if a name is in the reserved words list. (name, current member id, name/username?.)
Chris@76 898 function isReservedName($name, $current_ID_MEMBER = 0, $is_name = true, $fatal = true)
Chris@76 899 {
Chris@76 900 global $user_info, $modSettings, $smcFunc, $context;
Chris@76 901
Chris@76 902 // No cheating with entities please.
Chris@76 903 $replaceEntities = create_function('$string', '
Chris@76 904 $num = substr($string, 0, 1) === \'x\' ? hexdec(substr($string, 1)) : (int) $string;
Chris@76 905 if ($num === 0x202E || $num === 0x202D) return \'\'; if (in_array($num, array(0x22, 0x26, 0x27, 0x3C, 0x3E))) return \'&#\' . $num . \';\';' .
Chris@76 906 (empty($context['utf8']) ? 'return $num < 0x20 ? \'\' : ($num < 0x80 ? chr($num) : \'&#\' . $string . \';\');' : '
Chris@76 907 return $num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) ? \'\' : ($num < 0x80 ? chr($num) : ($num < 0x800 ? chr(192 | $num >> 6) . chr(128 | $num & 63) : ($num < 0x10000 ? chr(224 | $num >> 12) . chr(128 | $num >> 6 & 63) . chr(128 | $num & 63) : chr(240 | $num >> 18) . chr(128 | $num >> 12 & 63) . chr(128 | $num >> 6 & 63) . chr(128 | $num & 63))));')
Chris@76 908 );
Chris@76 909
Chris@76 910 $name = preg_replace('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$replaceEntities(\'\\2\')', $name);
Chris@76 911 $checkName = $smcFunc['strtolower']($name);
Chris@76 912
Chris@76 913 // Administrators are never restricted ;).
Chris@76 914 if (!allowedTo('moderate_forum') && ((!empty($modSettings['reserveName']) && $is_name) || !empty($modSettings['reserveUser']) && !$is_name))
Chris@76 915 {
Chris@76 916 $reservedNames = explode("\n", $modSettings['reserveNames']);
Chris@76 917 // Case sensitive check?
Chris@76 918 $checkMe = empty($modSettings['reserveCase']) ? $checkName : $name;
Chris@76 919
Chris@76 920 // Check each name in the list...
Chris@76 921 foreach ($reservedNames as $reserved)
Chris@76 922 {
Chris@76 923 if ($reserved == '')
Chris@76 924 continue;
Chris@76 925
Chris@76 926 // The admin might've used entities too, level the playing field.
Chris@76 927 $reservedCheck = preg_replace('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$replaceEntities(\'\\2\')', $reserved);
Chris@76 928
Chris@76 929 // Case sensitive name?
Chris@76 930 if (empty($modSettings['reserveCase']))
Chris@76 931 $reservedCheck = $smcFunc['strtolower']($reservedCheck);
Chris@76 932
Chris@76 933 // If it's not just entire word, check for it in there somewhere...
Chris@76 934 if ($checkMe == $reservedCheck || ($smcFunc['strpos']($checkMe, $reservedCheck) !== false && empty($modSettings['reserveWord'])))
Chris@76 935 if ($fatal)
Chris@76 936 fatal_lang_error('username_reserved', 'password', array($reserved));
Chris@76 937 else
Chris@76 938 return true;
Chris@76 939 }
Chris@76 940
Chris@76 941 $censor_name = $name;
Chris@76 942 if (censorText($censor_name) != $name)
Chris@76 943 if ($fatal)
Chris@76 944 fatal_lang_error('name_censored', 'password', array($name));
Chris@76 945 else
Chris@76 946 return true;
Chris@76 947 }
Chris@76 948
Chris@76 949 // Characters we just shouldn't allow, regardless.
Chris@76 950 foreach (array('*') as $char)
Chris@76 951 if (strpos($checkName, $char) !== false)
Chris@76 952 if ($fatal)
Chris@76 953 fatal_lang_error('username_reserved', 'password', array($char));
Chris@76 954 else
Chris@76 955 return true;
Chris@76 956
Chris@76 957 // Get rid of any SQL parts of the reserved name...
Chris@76 958 $checkName = strtr($name, array('_' => '\\_', '%' => '\\%'));
Chris@76 959
Chris@76 960 // Make sure they don't want someone else's name.
Chris@76 961 $request = $smcFunc['db_query']('', '
Chris@76 962 SELECT id_member
Chris@76 963 FROM {db_prefix}members
Chris@76 964 WHERE ' . (empty($current_ID_MEMBER) ? '' : 'id_member != {int:current_member}
Chris@76 965 AND ') . '(real_name LIKE {string:check_name} OR member_name LIKE {string:check_name})
Chris@76 966 LIMIT 1',
Chris@76 967 array(
Chris@76 968 'current_member' => $current_ID_MEMBER,
Chris@76 969 'check_name' => $checkName,
Chris@76 970 )
Chris@76 971 );
Chris@76 972 if ($smcFunc['db_num_rows']($request) > 0)
Chris@76 973 {
Chris@76 974 $smcFunc['db_free_result']($request);
Chris@76 975 return true;
Chris@76 976 }
Chris@76 977
Chris@76 978 // Does name case insensitive match a member group name?
Chris@76 979 $request = $smcFunc['db_query']('', '
Chris@76 980 SELECT id_group
Chris@76 981 FROM {db_prefix}membergroups
Chris@76 982 WHERE group_name LIKE {string:check_name}
Chris@76 983 LIMIT 1',
Chris@76 984 array(
Chris@76 985 'check_name' => $checkName,
Chris@76 986 )
Chris@76 987 );
Chris@76 988 if ($smcFunc['db_num_rows']($request) > 0)
Chris@76 989 {
Chris@76 990 $smcFunc['db_free_result']($request);
Chris@76 991 return true;
Chris@76 992 }
Chris@76 993
Chris@76 994 // Okay, they passed.
Chris@76 995 return false;
Chris@76 996 }
Chris@76 997
Chris@76 998 // Get a list of groups that have a given permission (on a given board).
Chris@76 999 function groupsAllowedTo($permission, $board_id = null)
Chris@76 1000 {
Chris@76 1001 global $modSettings, $board_info, $smcFunc;
Chris@76 1002
Chris@76 1003 // Admins are allowed to do anything.
Chris@76 1004 $member_groups = array(
Chris@76 1005 'allowed' => array(1),
Chris@76 1006 'denied' => array(),
Chris@76 1007 );
Chris@76 1008
Chris@76 1009 // Assume we're dealing with regular permissions (like profile_view_own).
Chris@76 1010 if ($board_id === null)
Chris@76 1011 {
Chris@76 1012 $request = $smcFunc['db_query']('', '
Chris@76 1013 SELECT id_group, add_deny
Chris@76 1014 FROM {db_prefix}permissions
Chris@76 1015 WHERE permission = {string:permission}',
Chris@76 1016 array(
Chris@76 1017 'permission' => $permission,
Chris@76 1018 )
Chris@76 1019 );
Chris@76 1020 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1021 $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
Chris@76 1022 $smcFunc['db_free_result']($request);
Chris@76 1023 }
Chris@76 1024
Chris@76 1025 // Otherwise it's time to look at the board.
Chris@76 1026 else
Chris@76 1027 {
Chris@76 1028 // First get the profile of the given board.
Chris@76 1029 if (isset($board_info['id']) && $board_info['id'] == $board_id)
Chris@76 1030 $profile_id = $board_info['profile'];
Chris@76 1031 elseif ($board_id !== 0)
Chris@76 1032 {
Chris@76 1033 $request = $smcFunc['db_query']('', '
Chris@76 1034 SELECT id_profile
Chris@76 1035 FROM {db_prefix}boards
Chris@76 1036 WHERE id_board = {int:id_board}
Chris@76 1037 LIMIT 1',
Chris@76 1038 array(
Chris@76 1039 'id_board' => $board_id,
Chris@76 1040 )
Chris@76 1041 );
Chris@76 1042 if ($smcFunc['db_num_rows']($request) == 0)
Chris@76 1043 fatal_lang_error('no_board');
Chris@76 1044 list ($profile_id) = $smcFunc['db_fetch_row']($request);
Chris@76 1045 $smcFunc['db_free_result']($request);
Chris@76 1046 }
Chris@76 1047 else
Chris@76 1048 $profile_id = 1;
Chris@76 1049
Chris@76 1050 $request = $smcFunc['db_query']('', '
Chris@76 1051 SELECT bp.id_group, bp.add_deny
Chris@76 1052 FROM {db_prefix}board_permissions AS bp
Chris@76 1053 WHERE bp.permission = {string:permission}
Chris@76 1054 AND bp.id_profile = {int:profile_id}',
Chris@76 1055 array(
Chris@76 1056 'profile_id' => $profile_id,
Chris@76 1057 'permission' => $permission,
Chris@76 1058 )
Chris@76 1059 );
Chris@76 1060 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1061 $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
Chris@76 1062 $smcFunc['db_free_result']($request);
Chris@76 1063 }
Chris@76 1064
Chris@76 1065 // Denied is never allowed.
Chris@76 1066 $member_groups['allowed'] = array_diff($member_groups['allowed'], $member_groups['denied']);
Chris@76 1067
Chris@76 1068 return $member_groups;
Chris@76 1069 }
Chris@76 1070
Chris@76 1071 // Get a list of members that have a given permission (on a given board).
Chris@76 1072 function membersAllowedTo($permission, $board_id = null)
Chris@76 1073 {
Chris@76 1074 global $smcFunc;
Chris@76 1075
Chris@76 1076 $member_groups = groupsAllowedTo($permission, $board_id);
Chris@76 1077
Chris@76 1078 $include_moderators = in_array(3, $member_groups['allowed']) && $board_id !== null;
Chris@76 1079 $member_groups['allowed'] = array_diff($member_groups['allowed'], array(3));
Chris@76 1080
Chris@76 1081 $exclude_moderators = in_array(3, $member_groups['denied']) && $board_id !== null;
Chris@76 1082 $member_groups['denied'] = array_diff($member_groups['denied'], array(3));
Chris@76 1083
Chris@76 1084 $request = $smcFunc['db_query']('', '
Chris@76 1085 SELECT mem.id_member
Chris@76 1086 FROM {db_prefix}members AS mem' . ($include_moderators || $exclude_moderators ? '
Chris@76 1087 LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_member = mem.id_member AND mods.id_board = {int:board_id})' : '') . '
Chris@76 1088 WHERE (' . ($include_moderators ? 'mods.id_member IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_allowed}) OR FIND_IN_SET({raw:member_group_allowed_implode}, mem.additional_groups) != 0)' . (empty($member_groups['denied']) ? '' : '
Chris@76 1089 AND NOT (' . ($exclude_moderators ? 'mods.id_member IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_denied}) OR FIND_IN_SET({raw:member_group_denied_implode}, mem.additional_groups) != 0)'),
Chris@76 1090 array(
Chris@76 1091 'member_groups_allowed' => $member_groups['allowed'],
Chris@76 1092 'member_groups_denied' => $member_groups['denied'],
Chris@76 1093 'board_id' => $board_id,
Chris@76 1094 'member_group_allowed_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['allowed']),
Chris@76 1095 'member_group_denied_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['denied']),
Chris@76 1096 )
Chris@76 1097 );
Chris@76 1098 $members = array();
Chris@76 1099 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1100 $members[] = $row['id_member'];
Chris@76 1101 $smcFunc['db_free_result']($request);
Chris@76 1102
Chris@76 1103 return $members;
Chris@76 1104 }
Chris@76 1105
Chris@76 1106 // This function is used to reassociate members with relevant posts.
Chris@76 1107 function reattributePosts($memID, $email = false, $membername = false, $post_count = false)
Chris@76 1108 {
Chris@76 1109 global $smcFunc;
Chris@76 1110
Chris@76 1111 // Firstly, if email and username aren't passed find out the members email address and name.
Chris@76 1112 if ($email === false && $membername === false)
Chris@76 1113 {
Chris@76 1114 $request = $smcFunc['db_query']('', '
Chris@76 1115 SELECT email_address, member_name
Chris@76 1116 FROM {db_prefix}members
Chris@76 1117 WHERE id_member = {int:memID}
Chris@76 1118 LIMIT 1',
Chris@76 1119 array(
Chris@76 1120 'memID' => $memID,
Chris@76 1121 )
Chris@76 1122 );
Chris@76 1123 list ($email, $membername) = $smcFunc['db_fetch_row']($request);
Chris@76 1124 $smcFunc['db_free_result']($request);
Chris@76 1125 }
Chris@76 1126
Chris@76 1127 // If they want the post count restored then we need to do some research.
Chris@76 1128 if ($post_count)
Chris@76 1129 {
Chris@76 1130 $request = $smcFunc['db_query']('', '
Chris@76 1131 SELECT COUNT(*)
Chris@76 1132 FROM {db_prefix}messages AS m
Chris@76 1133 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND b.count_posts = {int:count_posts})
Chris@76 1134 WHERE m.id_member = {int:guest_id}
Chris@76 1135 AND m.approved = {int:is_approved}
Chris@76 1136 AND m.icon != {string:recycled_icon}' . (empty($email) ? '' : '
Chris@76 1137 AND m.poster_email = {string:email_address}') . (empty($membername) ? '' : '
Chris@76 1138 AND m.poster_name = {string:member_name}'),
Chris@76 1139 array(
Chris@76 1140 'count_posts' => 0,
Chris@76 1141 'guest_id' => 0,
Chris@76 1142 'email_address' => $email,
Chris@76 1143 'member_name' => $membername,
Chris@76 1144 'is_approved' => 1,
Chris@76 1145 'recycled_icon' => 'recycled',
Chris@76 1146 )
Chris@76 1147 );
Chris@76 1148 list ($messageCount) = $smcFunc['db_fetch_row']($request);
Chris@76 1149 $smcFunc['db_free_result']($request);
Chris@76 1150
Chris@76 1151 updateMemberData($memID, array('posts' => 'posts + ' . $messageCount));
Chris@76 1152 }
Chris@76 1153
Chris@76 1154 $query_parts = array();
Chris@76 1155 if (!empty($email))
Chris@76 1156 $query_parts[] = 'poster_email = {string:email_address}';
Chris@76 1157 if (!empty($membername))
Chris@76 1158 $query_parts[] = 'poster_name = {string:member_name}';
Chris@76 1159 $query = implode(' AND ', $query_parts);
Chris@76 1160
Chris@76 1161 // Finally, update the posts themselves!
Chris@76 1162 $smcFunc['db_query']('', '
Chris@76 1163 UPDATE {db_prefix}messages
Chris@76 1164 SET id_member = {int:memID}
Chris@76 1165 WHERE ' . $query,
Chris@76 1166 array(
Chris@76 1167 'memID' => $memID,
Chris@76 1168 'email_address' => $email,
Chris@76 1169 'member_name' => $membername,
Chris@76 1170 )
Chris@76 1171 );
Chris@76 1172
Chris@76 1173 return $smcFunc['db_affected_rows']();
Chris@76 1174 }
Chris@76 1175
Chris@76 1176 // This simple function adds/removes the passed user from the current users buddy list.
Chris@76 1177 function BuddyListToggle()
Chris@76 1178 {
Chris@76 1179 global $user_info;
Chris@76 1180
Chris@76 1181 checkSession('get');
Chris@76 1182
Chris@76 1183 isAllowedTo('profile_identity_own');
Chris@76 1184 is_not_guest();
Chris@76 1185
Chris@76 1186 if (empty($_REQUEST['u']))
Chris@76 1187 fatal_lang_error('no_access', false);
Chris@76 1188 $_REQUEST['u'] = (int) $_REQUEST['u'];
Chris@76 1189
Chris@76 1190 // Remove if it's already there...
Chris@76 1191 if (in_array($_REQUEST['u'], $user_info['buddies']))
Chris@76 1192 $user_info['buddies'] = array_diff($user_info['buddies'], array($_REQUEST['u']));
Chris@76 1193 // ...or add if it's not and if it's not you.
Chris@76 1194 elseif ($user_info['id'] != $_REQUEST['u'])
Chris@76 1195 $user_info['buddies'][] = (int) $_REQUEST['u'];
Chris@76 1196
Chris@76 1197 // Update the settings.
Chris@76 1198 updateMemberData($user_info['id'], array('buddy_list' => implode(',', $user_info['buddies'])));
Chris@76 1199
Chris@76 1200 // Redirect back to the profile
Chris@76 1201 redirectexit('action=profile;u=' . $_REQUEST['u']);
Chris@76 1202 }
Chris@76 1203
Chris@76 1204 function list_getMembers($start, $items_per_page, $sort, $where, $where_params = array(), $get_duplicates = false)
Chris@76 1205 {
Chris@76 1206 global $smcFunc;
Chris@76 1207
Chris@76 1208 $request = $smcFunc['db_query']('', '
Chris@76 1209 SELECT
Chris@76 1210 mem.id_member, mem.member_name, mem.real_name, mem.email_address, mem.icq, mem.aim, mem.yim, mem.msn, mem.member_ip, mem.member_ip2, mem.last_login,
Chris@76 1211 mem.posts, mem.is_activated, mem.date_registered, mem.id_group, mem.additional_groups, mg.group_name
Chris@76 1212 FROM {db_prefix}members AS mem
Chris@76 1213 LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = mem.id_group)
Chris@76 1214 WHERE ' . $where . '
Chris@76 1215 ORDER BY {raw:sort}
Chris@76 1216 LIMIT {int:start}, {int:per_page}',
Chris@76 1217 array_merge($where_params, array(
Chris@76 1218 'sort' => $sort,
Chris@76 1219 'start' => $start,
Chris@76 1220 'per_page' => $items_per_page,
Chris@76 1221 ))
Chris@76 1222 );
Chris@76 1223
Chris@76 1224 $members = array();
Chris@76 1225 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1226 $members[] = $row;
Chris@76 1227 $smcFunc['db_free_result']($request);
Chris@76 1228
Chris@76 1229 // If we want duplicates pass the members array off.
Chris@76 1230 if ($get_duplicates)
Chris@76 1231 populateDuplicateMembers($members);
Chris@76 1232
Chris@76 1233 return $members;
Chris@76 1234 }
Chris@76 1235
Chris@76 1236 function list_getNumMembers($where, $where_params = array())
Chris@76 1237 {
Chris@76 1238 global $smcFunc, $modSettings;
Chris@76 1239
Chris@76 1240 // We know how many members there are in total.
Chris@76 1241 if (empty($where) || $where == '1')
Chris@76 1242 $num_members = $modSettings['totalMembers'];
Chris@76 1243
Chris@76 1244 // The database knows the amount when there are extra conditions.
Chris@76 1245 else
Chris@76 1246 {
Chris@76 1247 $request = $smcFunc['db_query']('', '
Chris@76 1248 SELECT COUNT(*)
Chris@76 1249 FROM {db_prefix}members AS mem
Chris@76 1250 WHERE ' . $where,
Chris@76 1251 array_merge($where_params, array(
Chris@76 1252 ))
Chris@76 1253 );
Chris@76 1254 list ($num_members) = $smcFunc['db_fetch_row']($request);
Chris@76 1255 $smcFunc['db_free_result']($request);
Chris@76 1256 }
Chris@76 1257
Chris@76 1258 return $num_members;
Chris@76 1259 }
Chris@76 1260
Chris@76 1261 function populateDuplicateMembers(&$members)
Chris@76 1262 {
Chris@76 1263 global $smcFunc;
Chris@76 1264
Chris@76 1265 // This will hold all the ip addresses.
Chris@76 1266 $ips = array();
Chris@76 1267 foreach ($members as $key => $member)
Chris@76 1268 {
Chris@76 1269 // Create the duplicate_members element.
Chris@76 1270 $members[$key]['duplicate_members'] = array();
Chris@76 1271
Chris@76 1272 // Store the IPs.
Chris@76 1273 if (!empty($member['member_ip']))
Chris@76 1274 $ips[] = $member['member_ip'];
Chris@76 1275 if (!empty($member['member_ip2']))
Chris@76 1276 $ips[] = $member['member_ip2'];
Chris@76 1277 }
Chris@76 1278
Chris@76 1279 $ips = array_unique($ips);
Chris@76 1280
Chris@76 1281 if (empty($ips))
Chris@76 1282 return false;
Chris@76 1283
Chris@76 1284 // Fetch all members with this IP address, we'll filter out the current ones in a sec.
Chris@76 1285 $request = $smcFunc['db_query']('', '
Chris@76 1286 SELECT
Chris@76 1287 id_member, member_name, email_address, member_ip, member_ip2, is_activated
Chris@76 1288 FROM {db_prefix}members
Chris@76 1289 WHERE member_ip IN ({array_string:ips})
Chris@76 1290 OR member_ip2 IN ({array_string:ips})',
Chris@76 1291 array(
Chris@76 1292 'ips' => $ips,
Chris@76 1293 )
Chris@76 1294 );
Chris@76 1295 $duplicate_members = array();
Chris@76 1296 $duplicate_ids = array();
Chris@76 1297 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1298 {
Chris@76 1299 //$duplicate_ids[] = $row['id_member'];
Chris@76 1300
Chris@76 1301 $member_context = array(
Chris@76 1302 'id' => $row['id_member'],
Chris@76 1303 'name' => $row['member_name'],
Chris@76 1304 'email' => $row['email_address'],
Chris@76 1305 'is_banned' => $row['is_activated'] > 10,
Chris@76 1306 'ip' => $row['member_ip'],
Chris@76 1307 'ip2' => $row['member_ip2'],
Chris@76 1308 );
Chris@76 1309
Chris@76 1310 if (in_array($row['member_ip'], $ips))
Chris@76 1311 $duplicate_members[$row['member_ip']][] = $member_context;
Chris@76 1312 if ($row['member_ip'] != $row['member_ip2'] && in_array($row['member_ip2'], $ips))
Chris@76 1313 $duplicate_members[$row['member_ip2']][] = $member_context;
Chris@76 1314 }
Chris@76 1315 $smcFunc['db_free_result']($request);
Chris@76 1316
Chris@76 1317 // Also try to get a list of messages using these ips.
Chris@76 1318 $request = $smcFunc['db_query']('', '
Chris@76 1319 SELECT
Chris@76 1320 m.poster_ip, mem.id_member, mem.member_name, mem.email_address, mem.is_activated
Chris@76 1321 FROM {db_prefix}messages AS m
Chris@76 1322 INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
Chris@76 1323 WHERE m.id_member != 0
Chris@76 1324 ' . (!empty($duplicate_ids) ? 'AND m.id_member NOT IN ({array_int:duplicate_ids})' : '') . '
Chris@76 1325 AND m.poster_ip IN ({array_string:ips})',
Chris@76 1326 array(
Chris@76 1327 'duplicate_ids' => $duplicate_ids,
Chris@76 1328 'ips' => $ips,
Chris@76 1329 )
Chris@76 1330 );
Chris@76 1331
Chris@76 1332 $had_ips = array();
Chris@76 1333 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 1334 {
Chris@76 1335 // Don't collect lots of the same.
Chris@76 1336 if (isset($had_ips[$row['poster_ip']]) && in_array($row['id_member'], $had_ips[$row['poster_ip']]))
Chris@76 1337 continue;
Chris@76 1338 $had_ips[$row['poster_ip']][] = $row['id_member'];
Chris@76 1339
Chris@76 1340 $duplicate_members[$row['poster_ip']][] = array(
Chris@76 1341 'id' => $row['id_member'],
Chris@76 1342 'name' => $row['member_name'],
Chris@76 1343 'email' => $row['email_address'],
Chris@76 1344 'is_banned' => $row['is_activated'] > 10,
Chris@76 1345 'ip' => $row['poster_ip'],
Chris@76 1346 'ip2' => $row['poster_ip'],
Chris@76 1347 );
Chris@76 1348 }
Chris@76 1349 $smcFunc['db_free_result']($request);
Chris@76 1350
Chris@76 1351 // Now we have all the duplicate members, stick them with their respective member in the list.
Chris@76 1352 if (!empty($duplicate_members))
Chris@76 1353 foreach ($members as $key => $member)
Chris@76 1354 {
Chris@76 1355 if (isset($duplicate_members[$member['member_ip']]))
Chris@76 1356 $members[$key]['duplicate_members'] = $duplicate_members[$member['member_ip']];
Chris@76 1357 if ($member['member_ip'] != $member['member_ip2'] && isset($duplicate_members[$member['member_ip2']]))
Chris@76 1358 $members[$key]['duplicate_members'] = array_merge($member['duplicate_members'], $duplicate_members[$member['member_ip2']]);
Chris@76 1359
Chris@76 1360 // Check we don't have lots of the same member.
Chris@76 1361 $member_track = array($member['id_member']);
Chris@76 1362 foreach ($members[$key]['duplicate_members'] as $duplicate_id_member => $duplicate_member)
Chris@76 1363 {
Chris@76 1364 if (in_array($duplicate_member['id'], $member_track))
Chris@76 1365 {
Chris@76 1366 unset($members[$key]['duplicate_members'][$duplicate_id_member]);
Chris@76 1367 continue;
Chris@76 1368 }
Chris@76 1369
Chris@76 1370 $member_track[] = $duplicate_member['id'];
Chris@76 1371 }
Chris@76 1372 }
Chris@76 1373 }
Chris@76 1374
Chris@76 1375 // Generate a random validation code.
Chris@76 1376 function generateValidationCode()
Chris@76 1377 {
Chris@76 1378 global $smcFunc, $modSettings;
Chris@76 1379
Chris@76 1380 $request = $smcFunc['db_query']('get_random_number', '
Chris@76 1381 SELECT RAND()',
Chris@76 1382 array(
Chris@76 1383 )
Chris@76 1384 );
Chris@76 1385
Chris@76 1386 list ($dbRand) = $smcFunc['db_fetch_row']($request);
Chris@76 1387 $smcFunc['db_free_result']($request);
Chris@76 1388
Chris@76 1389 return substr(preg_replace('/\W/', '', sha1(microtime() . mt_rand() . $dbRand . $modSettings['rand_seed'])), 0, 10);
Chris@76 1390 }
Chris@76 1391
Chris@77 1392 ?>