|
Chris@76
|
1 <?php
|
|
Chris@76
|
2
|
|
Chris@76
|
3 /**
|
|
Chris@76
|
4 * Simple Machines Forum (SMF)
|
|
Chris@76
|
5 *
|
|
Chris@76
|
6 * @package SMF
|
|
Chris@76
|
7 * @author Simple Machines http://www.simplemachines.org
|
|
Chris@76
|
8 * @copyright 2011 Simple Machines
|
|
Chris@76
|
9 * @license http://www.simplemachines.org/about/smf/license.php BSD
|
|
Chris@76
|
10 *
|
|
Chris@76
|
11 * @version 2.0.1
|
|
Chris@76
|
12 */
|
|
Chris@76
|
13
|
|
Chris@76
|
14 if (!defined('SMF'))
|
|
Chris@76
|
15 die('Hacking attempt...');
|
|
Chris@76
|
16
|
|
Chris@76
|
17 /* This file contains some useful functions for members and membergroups.
|
|
Chris@76
|
18
|
|
Chris@76
|
19 void deleteMembers(array $users, bool check_not_admin = false)
|
|
Chris@76
|
20 - delete of one or more members.
|
|
Chris@76
|
21 - requires profile_remove_own or profile_remove_any permission for
|
|
Chris@76
|
22 respectively removing your own account or any account.
|
|
Chris@76
|
23 - non-admins cannot delete admins.
|
|
Chris@76
|
24 - changes author of messages, topics and polls to guest authors.
|
|
Chris@76
|
25 - removes all log entries concerning the deleted members, except the
|
|
Chris@76
|
26 error logs, ban logs and moderation logs.
|
|
Chris@76
|
27 - removes these members' personal messages (only the inbox), avatars,
|
|
Chris@76
|
28 ban entries, theme settings, moderator positions, poll votes, and
|
|
Chris@76
|
29 karma votes.
|
|
Chris@76
|
30 - updates member statistics afterwards.
|
|
Chris@76
|
31
|
|
Chris@76
|
32 int registerMember(array options, bool return_errors)
|
|
Chris@76
|
33 - registers a member to the forum.
|
|
Chris@76
|
34 - returns the ID of the newly created member.
|
|
Chris@76
|
35 - allows two types of interface: 'guest' and 'admin'. The first
|
|
Chris@76
|
36 includes hammering protection, the latter can perform the
|
|
Chris@76
|
37 registration silently.
|
|
Chris@76
|
38 - the strings used in the options array are assumed to be escaped.
|
|
Chris@76
|
39 - allows to perform several checks on the input, e.g. reserved names.
|
|
Chris@76
|
40 - adjusts member statistics.
|
|
Chris@76
|
41 - if an error is detected will fatal error on all errors unless return_errors is true.
|
|
Chris@76
|
42
|
|
Chris@76
|
43 bool isReservedName(string name, int id_member = 0, bool is_name = true, bool fatal = true)
|
|
Chris@76
|
44 - checks if name is a reserved name or username.
|
|
Chris@76
|
45 - if is_name is false, the name is assumed to be a username.
|
|
Chris@76
|
46 - the id_member variable is used to ignore duplicate matches with the
|
|
Chris@76
|
47 current member.
|
|
Chris@76
|
48
|
|
Chris@76
|
49 array groupsAllowedTo(string permission, int board_id = null)
|
|
Chris@76
|
50 - retrieves a list of membergroups that are allowed to do the given
|
|
Chris@76
|
51 permission.
|
|
Chris@76
|
52 - if board_id is not null, a board permission is assumed.
|
|
Chris@76
|
53 - takes different permission settings into account.
|
|
Chris@76
|
54 - returns an array containing an array for the allowed membergroup ID's
|
|
Chris@76
|
55 and an array for the denied membergroup ID's.
|
|
Chris@76
|
56
|
|
Chris@76
|
57 array membersAllowedTo(string permission, int board_id = null)
|
|
Chris@76
|
58 - retrieves a list of members that are allowed to do the given
|
|
Chris@76
|
59 permission.
|
|
Chris@76
|
60 - if board_id is not null, a board permission is assumed.
|
|
Chris@76
|
61 - takes different permission settings into account.
|
|
Chris@76
|
62 - takes possible moderators (on board 'board_id') into account.
|
|
Chris@76
|
63 - returns an array containing member ID's.
|
|
Chris@76
|
64
|
|
Chris@76
|
65 int reattributePosts(int id_member, string email = false, string membername = false, bool add_to_post_count = false)
|
|
Chris@76
|
66 - reattribute guest posts to a specified member.
|
|
Chris@76
|
67 - does not check for any permissions.
|
|
Chris@76
|
68 - returns the number of successful reattributed posts.
|
|
Chris@76
|
69 - if add_to_post_count is set, the member's post count is increased.
|
|
Chris@76
|
70
|
|
Chris@76
|
71 void BuddyListToggle()
|
|
Chris@76
|
72 - add a member to your buddy list or remove it.
|
|
Chris@76
|
73 - requires profile_identity_own permission.
|
|
Chris@76
|
74 - called by ?action=buddy;u=x;session_id=y.
|
|
Chris@76
|
75 - redirects to ?action=profile;u=x.
|
|
Chris@76
|
76
|
|
Chris@76
|
77 void populateDuplicateMembers(&array members)
|
|
Chris@76
|
78 // !!!
|
|
Chris@76
|
79
|
|
Chris@76
|
80 */
|
|
Chris@76
|
81
|
|
Chris@76
|
82 // Delete a group of/single member.
|
|
Chris@76
|
83 function deleteMembers($users, $check_not_admin = false)
|
|
Chris@76
|
84 {
|
|
Chris@76
|
85 global $sourcedir, $modSettings, $user_info, $smcFunc;
|
|
Chris@76
|
86
|
|
Chris@76
|
87 // Try give us a while to sort this out...
|
|
Chris@76
|
88 @set_time_limit(600);
|
|
Chris@76
|
89 // Try to get some more memory.
|
|
Chris@76
|
90 if (@ini_get('memory_limit') < 128)
|
|
Chris@76
|
91 @ini_set('memory_limit', '128M');
|
|
Chris@76
|
92
|
|
Chris@76
|
93 // If it's not an array, make it so!
|
|
Chris@76
|
94 if (!is_array($users))
|
|
Chris@76
|
95 $users = array($users);
|
|
Chris@76
|
96 else
|
|
Chris@76
|
97 $users = array_unique($users);
|
|
Chris@76
|
98
|
|
Chris@76
|
99 // Make sure there's no void user in here.
|
|
Chris@76
|
100 $users = array_diff($users, array(0));
|
|
Chris@76
|
101
|
|
Chris@76
|
102 // How many are they deleting?
|
|
Chris@76
|
103 if (empty($users))
|
|
Chris@76
|
104 return;
|
|
Chris@76
|
105 elseif (count($users) == 1)
|
|
Chris@76
|
106 {
|
|
Chris@76
|
107 list ($user) = $users;
|
|
Chris@76
|
108
|
|
Chris@76
|
109 if ($user == $user_info['id'])
|
|
Chris@76
|
110 isAllowedTo('profile_remove_own');
|
|
Chris@76
|
111 else
|
|
Chris@76
|
112 isAllowedTo('profile_remove_any');
|
|
Chris@76
|
113 }
|
|
Chris@76
|
114 else
|
|
Chris@76
|
115 {
|
|
Chris@76
|
116 foreach ($users as $k => $v)
|
|
Chris@76
|
117 $users[$k] = (int) $v;
|
|
Chris@76
|
118
|
|
Chris@76
|
119 // Deleting more than one? You can't have more than one account...
|
|
Chris@76
|
120 isAllowedTo('profile_remove_any');
|
|
Chris@76
|
121 }
|
|
Chris@76
|
122
|
|
Chris@76
|
123 // Get their names for logging purposes.
|
|
Chris@76
|
124 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
125 SELECT id_member, member_name, CASE WHEN id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0 THEN 1 ELSE 0 END AS is_admin
|
|
Chris@76
|
126 FROM {db_prefix}members
|
|
Chris@76
|
127 WHERE id_member IN ({array_int:user_list})
|
|
Chris@76
|
128 LIMIT ' . count($users),
|
|
Chris@76
|
129 array(
|
|
Chris@76
|
130 'user_list' => $users,
|
|
Chris@76
|
131 'admin_group' => 1,
|
|
Chris@76
|
132 )
|
|
Chris@76
|
133 );
|
|
Chris@76
|
134 $admins = array();
|
|
Chris@76
|
135 $user_log_details = array();
|
|
Chris@76
|
136 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
137 {
|
|
Chris@76
|
138 if ($row['is_admin'])
|
|
Chris@76
|
139 $admins[] = $row['id_member'];
|
|
Chris@76
|
140 $user_log_details[$row['id_member']] = array($row['id_member'], $row['member_name']);
|
|
Chris@76
|
141 }
|
|
Chris@76
|
142 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
143
|
|
Chris@76
|
144 if (empty($user_log_details))
|
|
Chris@76
|
145 return;
|
|
Chris@76
|
146
|
|
Chris@76
|
147 // Make sure they aren't trying to delete administrators if they aren't one. But don't bother checking if it's just themself.
|
|
Chris@76
|
148 if (!empty($admins) && ($check_not_admin || (!allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $user_info['id']))))
|
|
Chris@76
|
149 {
|
|
Chris@76
|
150 $users = array_diff($users, $admins);
|
|
Chris@76
|
151 foreach ($admins as $id)
|
|
Chris@76
|
152 unset($user_log_details[$id]);
|
|
Chris@76
|
153 }
|
|
Chris@76
|
154
|
|
Chris@76
|
155 // No one left?
|
|
Chris@76
|
156 if (empty($users))
|
|
Chris@76
|
157 return;
|
|
Chris@76
|
158
|
|
Chris@76
|
159 // Log the action - regardless of who is deleting it.
|
|
Chris@76
|
160 $log_inserts = array();
|
|
Chris@76
|
161 foreach ($user_log_details as $user)
|
|
Chris@76
|
162 {
|
|
Chris@76
|
163 // Integration rocks!
|
|
Chris@76
|
164 call_integration_hook('integrate_delete_member', array($user[0]));
|
|
Chris@76
|
165
|
|
Chris@76
|
166 // Add it to the administration log for future reference.
|
|
Chris@76
|
167 $log_inserts[] = array(
|
|
Chris@76
|
168 time(), 3, $user_info['id'], $user_info['ip'], 'delete_member',
|
|
Chris@76
|
169 0, 0, 0, serialize(array('member' => $user[0], 'name' => $user[1], 'member_acted' => $user_info['name'])),
|
|
Chris@76
|
170 );
|
|
Chris@76
|
171
|
|
Chris@76
|
172 // Remove any cached data if enabled.
|
|
Chris@76
|
173 if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2)
|
|
Chris@76
|
174 cache_put_data('user_settings-' . $user[0], null, 60);
|
|
Chris@76
|
175 }
|
|
Chris@76
|
176
|
|
Chris@76
|
177 // Do the actual logging...
|
|
Chris@76
|
178 if (!empty($log_inserts) && !empty($modSettings['modlog_enabled']))
|
|
Chris@76
|
179 $smcFunc['db_insert']('',
|
|
Chris@76
|
180 '{db_prefix}log_actions',
|
|
Chris@76
|
181 array(
|
|
Chris@76
|
182 'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
|
|
Chris@76
|
183 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
|
|
Chris@76
|
184 ),
|
|
Chris@76
|
185 $log_inserts,
|
|
Chris@76
|
186 array('id_action')
|
|
Chris@76
|
187 );
|
|
Chris@76
|
188
|
|
Chris@76
|
189 // Make these peoples' posts guest posts.
|
|
Chris@76
|
190 $smcFunc['db_query']('', '
|
|
Chris@76
|
191 UPDATE {db_prefix}messages
|
|
Chris@76
|
192 SET id_member = {int:guest_id}, poster_email = {string:blank_email}
|
|
Chris@76
|
193 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
194 array(
|
|
Chris@76
|
195 'guest_id' => 0,
|
|
Chris@76
|
196 'blank_email' => '',
|
|
Chris@76
|
197 'users' => $users,
|
|
Chris@76
|
198 )
|
|
Chris@76
|
199 );
|
|
Chris@76
|
200 $smcFunc['db_query']('', '
|
|
Chris@76
|
201 UPDATE {db_prefix}polls
|
|
Chris@76
|
202 SET id_member = {int:guest_id}
|
|
Chris@76
|
203 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
204 array(
|
|
Chris@76
|
205 'guest_id' => 0,
|
|
Chris@76
|
206 'users' => $users,
|
|
Chris@76
|
207 )
|
|
Chris@76
|
208 );
|
|
Chris@76
|
209
|
|
Chris@76
|
210 // Make these peoples' posts guest first posts and last posts.
|
|
Chris@76
|
211 $smcFunc['db_query']('', '
|
|
Chris@76
|
212 UPDATE {db_prefix}topics
|
|
Chris@76
|
213 SET id_member_started = {int:guest_id}
|
|
Chris@76
|
214 WHERE id_member_started IN ({array_int:users})',
|
|
Chris@76
|
215 array(
|
|
Chris@76
|
216 'guest_id' => 0,
|
|
Chris@76
|
217 'users' => $users,
|
|
Chris@76
|
218 )
|
|
Chris@76
|
219 );
|
|
Chris@76
|
220 $smcFunc['db_query']('', '
|
|
Chris@76
|
221 UPDATE {db_prefix}topics
|
|
Chris@76
|
222 SET id_member_updated = {int:guest_id}
|
|
Chris@76
|
223 WHERE id_member_updated IN ({array_int:users})',
|
|
Chris@76
|
224 array(
|
|
Chris@76
|
225 'guest_id' => 0,
|
|
Chris@76
|
226 'users' => $users,
|
|
Chris@76
|
227 )
|
|
Chris@76
|
228 );
|
|
Chris@76
|
229
|
|
Chris@76
|
230 $smcFunc['db_query']('', '
|
|
Chris@76
|
231 UPDATE {db_prefix}log_actions
|
|
Chris@76
|
232 SET id_member = {int:guest_id}
|
|
Chris@76
|
233 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
234 array(
|
|
Chris@76
|
235 'guest_id' => 0,
|
|
Chris@76
|
236 'users' => $users,
|
|
Chris@76
|
237 )
|
|
Chris@76
|
238 );
|
|
Chris@76
|
239
|
|
Chris@76
|
240 $smcFunc['db_query']('', '
|
|
Chris@76
|
241 UPDATE {db_prefix}log_banned
|
|
Chris@76
|
242 SET id_member = {int:guest_id}
|
|
Chris@76
|
243 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
244 array(
|
|
Chris@76
|
245 'guest_id' => 0,
|
|
Chris@76
|
246 'users' => $users,
|
|
Chris@76
|
247 )
|
|
Chris@76
|
248 );
|
|
Chris@76
|
249
|
|
Chris@76
|
250 $smcFunc['db_query']('', '
|
|
Chris@76
|
251 UPDATE {db_prefix}log_errors
|
|
Chris@76
|
252 SET id_member = {int:guest_id}
|
|
Chris@76
|
253 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
254 array(
|
|
Chris@76
|
255 'guest_id' => 0,
|
|
Chris@76
|
256 'users' => $users,
|
|
Chris@76
|
257 )
|
|
Chris@76
|
258 );
|
|
Chris@76
|
259
|
|
Chris@76
|
260 // Delete the member.
|
|
Chris@76
|
261 $smcFunc['db_query']('', '
|
|
Chris@76
|
262 DELETE FROM {db_prefix}members
|
|
Chris@76
|
263 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
264 array(
|
|
Chris@76
|
265 'users' => $users,
|
|
Chris@76
|
266 )
|
|
Chris@76
|
267 );
|
|
Chris@76
|
268
|
|
Chris@76
|
269 // Delete the logs...
|
|
Chris@76
|
270 $smcFunc['db_query']('', '
|
|
Chris@76
|
271 DELETE FROM {db_prefix}log_actions
|
|
Chris@76
|
272 WHERE id_log = {int:log_type}
|
|
Chris@76
|
273 AND id_member IN ({array_int:users})',
|
|
Chris@76
|
274 array(
|
|
Chris@76
|
275 'log_type' => 2,
|
|
Chris@76
|
276 'users' => $users,
|
|
Chris@76
|
277 )
|
|
Chris@76
|
278 );
|
|
Chris@76
|
279 $smcFunc['db_query']('', '
|
|
Chris@76
|
280 DELETE FROM {db_prefix}log_boards
|
|
Chris@76
|
281 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
282 array(
|
|
Chris@76
|
283 'users' => $users,
|
|
Chris@76
|
284 )
|
|
Chris@76
|
285 );
|
|
Chris@76
|
286 $smcFunc['db_query']('', '
|
|
Chris@76
|
287 DELETE FROM {db_prefix}log_comments
|
|
Chris@76
|
288 WHERE id_recipient IN ({array_int:users})
|
|
Chris@76
|
289 AND comment_type = {string:warntpl}',
|
|
Chris@76
|
290 array(
|
|
Chris@76
|
291 'users' => $users,
|
|
Chris@76
|
292 'warntpl' => 'warntpl',
|
|
Chris@76
|
293 )
|
|
Chris@76
|
294 );
|
|
Chris@76
|
295 $smcFunc['db_query']('', '
|
|
Chris@76
|
296 DELETE FROM {db_prefix}log_group_requests
|
|
Chris@76
|
297 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
298 array(
|
|
Chris@76
|
299 'users' => $users,
|
|
Chris@76
|
300 )
|
|
Chris@76
|
301 );
|
|
Chris@76
|
302 $smcFunc['db_query']('', '
|
|
Chris@76
|
303 DELETE FROM {db_prefix}log_karma
|
|
Chris@76
|
304 WHERE id_target IN ({array_int:users})
|
|
Chris@76
|
305 OR id_executor IN ({array_int:users})',
|
|
Chris@76
|
306 array(
|
|
Chris@76
|
307 'users' => $users,
|
|
Chris@76
|
308 )
|
|
Chris@76
|
309 );
|
|
Chris@76
|
310 $smcFunc['db_query']('', '
|
|
Chris@76
|
311 DELETE FROM {db_prefix}log_mark_read
|
|
Chris@76
|
312 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
313 array(
|
|
Chris@76
|
314 'users' => $users,
|
|
Chris@76
|
315 )
|
|
Chris@76
|
316 );
|
|
Chris@76
|
317 $smcFunc['db_query']('', '
|
|
Chris@76
|
318 DELETE FROM {db_prefix}log_notify
|
|
Chris@76
|
319 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
320 array(
|
|
Chris@76
|
321 'users' => $users,
|
|
Chris@76
|
322 )
|
|
Chris@76
|
323 );
|
|
Chris@76
|
324 $smcFunc['db_query']('', '
|
|
Chris@76
|
325 DELETE FROM {db_prefix}log_online
|
|
Chris@76
|
326 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
327 array(
|
|
Chris@76
|
328 'users' => $users,
|
|
Chris@76
|
329 )
|
|
Chris@76
|
330 );
|
|
Chris@76
|
331 $smcFunc['db_query']('', '
|
|
Chris@76
|
332 DELETE FROM {db_prefix}log_subscribed
|
|
Chris@76
|
333 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
334 array(
|
|
Chris@76
|
335 'users' => $users,
|
|
Chris@76
|
336 )
|
|
Chris@76
|
337 );
|
|
Chris@76
|
338 $smcFunc['db_query']('', '
|
|
Chris@76
|
339 DELETE FROM {db_prefix}log_topics
|
|
Chris@76
|
340 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
341 array(
|
|
Chris@76
|
342 'users' => $users,
|
|
Chris@76
|
343 )
|
|
Chris@76
|
344 );
|
|
Chris@76
|
345 $smcFunc['db_query']('', '
|
|
Chris@76
|
346 DELETE FROM {db_prefix}collapsed_categories
|
|
Chris@76
|
347 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
348 array(
|
|
Chris@76
|
349 'users' => $users,
|
|
Chris@76
|
350 )
|
|
Chris@76
|
351 );
|
|
Chris@76
|
352
|
|
Chris@76
|
353 // Make their votes appear as guest votes - at least it keeps the totals right.
|
|
Chris@76
|
354 //!!! Consider adding back in cookie protection.
|
|
Chris@76
|
355 $smcFunc['db_query']('', '
|
|
Chris@76
|
356 UPDATE {db_prefix}log_polls
|
|
Chris@76
|
357 SET id_member = {int:guest_id}
|
|
Chris@76
|
358 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
359 array(
|
|
Chris@76
|
360 'guest_id' => 0,
|
|
Chris@76
|
361 'users' => $users,
|
|
Chris@76
|
362 )
|
|
Chris@76
|
363 );
|
|
Chris@76
|
364
|
|
Chris@76
|
365 // Delete personal messages.
|
|
Chris@76
|
366 require_once($sourcedir . '/PersonalMessage.php');
|
|
Chris@76
|
367 deleteMessages(null, null, $users);
|
|
Chris@76
|
368
|
|
Chris@76
|
369 $smcFunc['db_query']('', '
|
|
Chris@76
|
370 UPDATE {db_prefix}personal_messages
|
|
Chris@76
|
371 SET id_member_from = {int:guest_id}
|
|
Chris@76
|
372 WHERE id_member_from IN ({array_int:users})',
|
|
Chris@76
|
373 array(
|
|
Chris@76
|
374 'guest_id' => 0,
|
|
Chris@76
|
375 'users' => $users,
|
|
Chris@76
|
376 )
|
|
Chris@76
|
377 );
|
|
Chris@76
|
378
|
|
Chris@76
|
379 // They no longer exist, so we don't know who it was sent to.
|
|
Chris@76
|
380 $smcFunc['db_query']('', '
|
|
Chris@76
|
381 DELETE FROM {db_prefix}pm_recipients
|
|
Chris@76
|
382 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
383 array(
|
|
Chris@76
|
384 'users' => $users,
|
|
Chris@76
|
385 )
|
|
Chris@76
|
386 );
|
|
Chris@76
|
387
|
|
Chris@76
|
388 // Delete avatar.
|
|
Chris@76
|
389 require_once($sourcedir . '/ManageAttachments.php');
|
|
Chris@76
|
390 removeAttachments(array('id_member' => $users));
|
|
Chris@76
|
391
|
|
Chris@76
|
392 // It's over, no more moderation for you.
|
|
Chris@76
|
393 $smcFunc['db_query']('', '
|
|
Chris@76
|
394 DELETE FROM {db_prefix}moderators
|
|
Chris@76
|
395 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
396 array(
|
|
Chris@76
|
397 'users' => $users,
|
|
Chris@76
|
398 )
|
|
Chris@76
|
399 );
|
|
Chris@76
|
400 $smcFunc['db_query']('', '
|
|
Chris@76
|
401 DELETE FROM {db_prefix}group_moderators
|
|
Chris@76
|
402 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
403 array(
|
|
Chris@76
|
404 'users' => $users,
|
|
Chris@76
|
405 )
|
|
Chris@76
|
406 );
|
|
Chris@76
|
407
|
|
Chris@76
|
408 // If you don't exist we can't ban you.
|
|
Chris@76
|
409 $smcFunc['db_query']('', '
|
|
Chris@76
|
410 DELETE FROM {db_prefix}ban_items
|
|
Chris@76
|
411 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
412 array(
|
|
Chris@76
|
413 'users' => $users,
|
|
Chris@76
|
414 )
|
|
Chris@76
|
415 );
|
|
Chris@76
|
416
|
|
Chris@76
|
417 // Remove individual theme settings.
|
|
Chris@76
|
418 $smcFunc['db_query']('', '
|
|
Chris@76
|
419 DELETE FROM {db_prefix}themes
|
|
Chris@76
|
420 WHERE id_member IN ({array_int:users})',
|
|
Chris@76
|
421 array(
|
|
Chris@76
|
422 'users' => $users,
|
|
Chris@76
|
423 )
|
|
Chris@76
|
424 );
|
|
Chris@76
|
425
|
|
Chris@76
|
426 // These users are nobody's buddy nomore.
|
|
Chris@76
|
427 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
428 SELECT id_member, pm_ignore_list, buddy_list
|
|
Chris@76
|
429 FROM {db_prefix}members
|
|
Chris@76
|
430 WHERE FIND_IN_SET({raw:pm_ignore_list}, pm_ignore_list) != 0 OR FIND_IN_SET({raw:buddy_list}, buddy_list) != 0',
|
|
Chris@76
|
431 array(
|
|
Chris@76
|
432 'pm_ignore_list' => implode(', pm_ignore_list) != 0 OR FIND_IN_SET(', $users),
|
|
Chris@76
|
433 'buddy_list' => implode(', buddy_list) != 0 OR FIND_IN_SET(', $users),
|
|
Chris@76
|
434 )
|
|
Chris@76
|
435 );
|
|
Chris@76
|
436 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
437 $smcFunc['db_query']('', '
|
|
Chris@76
|
438 UPDATE {db_prefix}members
|
|
Chris@76
|
439 SET
|
|
Chris@76
|
440 pm_ignore_list = {string:pm_ignore_list},
|
|
Chris@76
|
441 buddy_list = {string:buddy_list}
|
|
Chris@76
|
442 WHERE id_member = {int:id_member}',
|
|
Chris@76
|
443 array(
|
|
Chris@76
|
444 'id_member' => $row['id_member'],
|
|
Chris@76
|
445 'pm_ignore_list' => implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)),
|
|
Chris@76
|
446 'buddy_list' => implode(',', array_diff(explode(',', $row['buddy_list']), $users)),
|
|
Chris@76
|
447 )
|
|
Chris@76
|
448 );
|
|
Chris@76
|
449 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
450
|
|
Chris@76
|
451 // Make sure no member's birthday is still sticking in the calendar...
|
|
Chris@76
|
452 updateSettings(array(
|
|
Chris@76
|
453 'calendar_updated' => time(),
|
|
Chris@76
|
454 ));
|
|
Chris@76
|
455
|
|
Chris@76
|
456 updateStats('member');
|
|
Chris@76
|
457 }
|
|
Chris@76
|
458
|
|
Chris@76
|
459 function registerMember(&$regOptions, $return_errors = false)
|
|
Chris@76
|
460 {
|
|
Chris@76
|
461 global $scripturl, $txt, $modSettings, $context, $sourcedir;
|
|
Chris@76
|
462 global $user_info, $options, $settings, $smcFunc;
|
|
Chris@76
|
463
|
|
Chris@76
|
464 loadLanguage('Login');
|
|
Chris@76
|
465
|
|
Chris@76
|
466 // We'll need some external functions.
|
|
Chris@76
|
467 require_once($sourcedir . '/Subs-Auth.php');
|
|
Chris@76
|
468 require_once($sourcedir . '/Subs-Post.php');
|
|
Chris@76
|
469
|
|
Chris@76
|
470 // Put any errors in here.
|
|
Chris@76
|
471 $reg_errors = array();
|
|
Chris@76
|
472
|
|
Chris@76
|
473 // Registration from the admin center, let them sweat a little more.
|
|
Chris@76
|
474 if ($regOptions['interface'] == 'admin')
|
|
Chris@76
|
475 {
|
|
Chris@76
|
476 is_not_guest();
|
|
Chris@76
|
477 isAllowedTo('moderate_forum');
|
|
Chris@76
|
478 }
|
|
Chris@76
|
479 // If you're an admin, you're special ;).
|
|
Chris@76
|
480 elseif ($regOptions['interface'] == 'guest')
|
|
Chris@76
|
481 {
|
|
Chris@76
|
482 // You cannot register twice...
|
|
Chris@76
|
483 if (empty($user_info['is_guest']))
|
|
Chris@76
|
484 redirectexit();
|
|
Chris@76
|
485
|
|
Chris@76
|
486 // Make sure they didn't just register with this session.
|
|
Chris@76
|
487 if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck']))
|
|
Chris@76
|
488 fatal_lang_error('register_only_once', false);
|
|
Chris@76
|
489 }
|
|
Chris@76
|
490
|
|
Chris@76
|
491 // What method of authorization are we going to use?
|
|
Chris@76
|
492 if (empty($regOptions['auth_method']) || !in_array($regOptions['auth_method'], array('password', 'openid')))
|
|
Chris@76
|
493 {
|
|
Chris@76
|
494 if (!empty($regOptions['openid']))
|
|
Chris@76
|
495 $regOptions['auth_method'] = 'openid';
|
|
Chris@76
|
496 else
|
|
Chris@76
|
497 $regOptions['auth_method'] = 'password';
|
|
Chris@76
|
498 }
|
|
Chris@76
|
499
|
|
Chris@76
|
500 // No name?! How can you register with no name?
|
|
Chris@76
|
501 if (empty($regOptions['username']))
|
|
Chris@76
|
502 $reg_errors[] = array('lang', 'need_username');
|
|
Chris@76
|
503
|
|
Chris@76
|
504 // Spaces and other odd characters are evil...
|
|
Chris@76
|
505 $regOptions['username'] = preg_replace('~[\t\n\r\x0B\0' . ($context['utf8'] ? ($context['server']['complex_preg_chars'] ? '\x{A0}' : "\xC2\xA0") : '\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $regOptions['username']);
|
|
Chris@76
|
506
|
|
Chris@76
|
507 // Don't use too long a name.
|
|
Chris@76
|
508 if ($smcFunc['strlen']($regOptions['username']) > 25)
|
|
Chris@76
|
509 $reg_errors[] = array('lang', 'error_long_name');
|
|
Chris@76
|
510
|
|
Chris@76
|
511 // Only these characters are permitted.
|
|
Chris@76
|
512 if (preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $regOptions['username'])) != 0 || $regOptions['username'] == '_' || $regOptions['username'] == '|' || strpos($regOptions['username'], '[code') !== false || strpos($regOptions['username'], '[/code') !== false)
|
|
Chris@76
|
513 $reg_errors[] = array('lang', 'error_invalid_characters_username');
|
|
Chris@76
|
514
|
|
Chris@76
|
515 if ($smcFunc['strtolower']($regOptions['username']) === $smcFunc['strtolower']($txt['guest_title']))
|
|
Chris@76
|
516 $reg_errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title']));
|
|
Chris@76
|
517
|
|
Chris@76
|
518 // !!! Separate the sprintf?
|
|
Chris@76
|
519 if (empty($regOptions['email']) || preg_match('~^[0-9A-Za-z=_+\-/][0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $regOptions['email']) === 0 || strlen($regOptions['email']) > 255)
|
|
Chris@76
|
520 $reg_errors[] = array('done', sprintf($txt['valid_email_needed'], $smcFunc['htmlspecialchars']($regOptions['username'])));
|
|
Chris@76
|
521
|
|
Chris@76
|
522 if (!empty($regOptions['check_reserved_name']) && isReservedName($regOptions['username'], 0, false))
|
|
Chris@76
|
523 {
|
|
Chris@76
|
524 if ($regOptions['password'] == 'chocolate cake')
|
|
Chris@76
|
525 $reg_errors[] = array('done', 'Sorry, I don\'t take bribes... you\'ll need to come up with a different name.');
|
|
Chris@76
|
526 $reg_errors[] = array('done', '(' . htmlspecialchars($regOptions['username']) . ') ' . $txt['name_in_use']);
|
|
Chris@76
|
527 }
|
|
Chris@76
|
528
|
|
Chris@76
|
529 // Generate a validation code if it's supposed to be emailed.
|
|
Chris@76
|
530 $validation_code = '';
|
|
Chris@76
|
531 if ($regOptions['require'] == 'activation')
|
|
Chris@76
|
532 $validation_code = generateValidationCode();
|
|
Chris@76
|
533
|
|
Chris@76
|
534 // If you haven't put in a password generate one.
|
|
Chris@76
|
535 if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '' && $regOptions['auth_method'] == 'password')
|
|
Chris@76
|
536 {
|
|
Chris@76
|
537 mt_srand(time() + 1277);
|
|
Chris@76
|
538 $regOptions['password'] = generateValidationCode();
|
|
Chris@76
|
539 $regOptions['password_check'] = $regOptions['password'];
|
|
Chris@76
|
540 }
|
|
Chris@76
|
541 // Does the first password match the second?
|
|
Chris@76
|
542 elseif ($regOptions['password'] != $regOptions['password_check'] && $regOptions['auth_method'] == 'password')
|
|
Chris@76
|
543 $reg_errors[] = array('lang', 'passwords_dont_match');
|
|
Chris@76
|
544
|
|
Chris@76
|
545 // That's kind of easy to guess...
|
|
Chris@76
|
546 if ($regOptions['password'] == '')
|
|
Chris@76
|
547 {
|
|
Chris@76
|
548 if ($regOptions['auth_method'] == 'password')
|
|
Chris@76
|
549 $reg_errors[] = array('lang', 'no_password');
|
|
Chris@76
|
550 else
|
|
Chris@76
|
551 $regOptions['password'] = sha1(mt_rand());
|
|
Chris@76
|
552 }
|
|
Chris@76
|
553
|
|
Chris@76
|
554 // Now perform hard password validation as required.
|
|
Chris@76
|
555 if (!empty($regOptions['check_password_strength']))
|
|
Chris@76
|
556 {
|
|
Chris@76
|
557 $passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
|
|
Chris@76
|
558
|
|
Chris@76
|
559 // Password isn't legal?
|
|
Chris@76
|
560 if ($passwordError != null)
|
|
Chris@76
|
561 $reg_errors[] = array('lang', 'profile_error_password_' . $passwordError);
|
|
Chris@76
|
562 }
|
|
Chris@76
|
563
|
|
Chris@76
|
564 // If they are using an OpenID that hasn't been verified yet error out.
|
|
Chris@76
|
565 // !!! Change this so they can register without having to attempt a login first
|
|
Chris@76
|
566 if ($regOptions['auth_method'] == 'openid' && (empty($_SESSION['openid']['verified']) || $_SESSION['openid']['openid_uri'] != $regOptions['openid']))
|
|
Chris@76
|
567 $reg_errors[] = array('lang', 'openid_not_verified');
|
|
Chris@76
|
568
|
|
Chris@76
|
569 // You may not be allowed to register this email.
|
|
Chris@76
|
570 if (!empty($regOptions['check_email_ban']))
|
|
Chris@76
|
571 isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
|
|
Chris@76
|
572
|
|
Chris@76
|
573 // Check if the email address is in use.
|
|
Chris@76
|
574 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
575 SELECT id_member
|
|
Chris@76
|
576 FROM {db_prefix}members
|
|
Chris@76
|
577 WHERE email_address = {string:email_address}
|
|
Chris@76
|
578 OR email_address = {string:username}
|
|
Chris@76
|
579 LIMIT 1',
|
|
Chris@76
|
580 array(
|
|
Chris@76
|
581 'email_address' => $regOptions['email'],
|
|
Chris@76
|
582 'username' => $regOptions['username'],
|
|
Chris@76
|
583 )
|
|
Chris@76
|
584 );
|
|
Chris@76
|
585 // !!! Separate the sprintf?
|
|
Chris@76
|
586 if ($smcFunc['db_num_rows']($request) != 0)
|
|
Chris@76
|
587 $reg_errors[] = array('lang', 'email_in_use', false, array(htmlspecialchars($regOptions['email'])));
|
|
Chris@76
|
588 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
589
|
|
Chris@76
|
590 // If we found any errors we need to do something about it right away!
|
|
Chris@76
|
591 foreach ($reg_errors as $key => $error)
|
|
Chris@76
|
592 {
|
|
Chris@76
|
593 /* Note for each error:
|
|
Chris@76
|
594 0 = 'lang' if it's an index, 'done' if it's clear text.
|
|
Chris@76
|
595 1 = The text/index.
|
|
Chris@76
|
596 2 = Whether to log.
|
|
Chris@76
|
597 3 = sprintf data if necessary. */
|
|
Chris@76
|
598 if ($error[0] == 'lang')
|
|
Chris@76
|
599 loadLanguage('Errors');
|
|
Chris@76
|
600 $message = $error[0] == 'lang' ? (empty($error[3]) ? $txt[$error[1]] : vsprintf($txt[$error[1]], $error[3])) : $error[1];
|
|
Chris@76
|
601
|
|
Chris@76
|
602 // What to do, what to do, what to do.
|
|
Chris@76
|
603 if ($return_errors)
|
|
Chris@76
|
604 {
|
|
Chris@76
|
605 if (!empty($error[2]))
|
|
Chris@76
|
606 log_error($message, $error[2]);
|
|
Chris@76
|
607 $reg_errors[$key] = $message;
|
|
Chris@76
|
608 }
|
|
Chris@76
|
609 else
|
|
Chris@76
|
610 fatal_error($message, empty($error[2]) ? false : $error[2]);
|
|
Chris@76
|
611 }
|
|
Chris@76
|
612
|
|
Chris@76
|
613 // If there's any errors left return them at once!
|
|
Chris@76
|
614 if (!empty($reg_errors))
|
|
Chris@76
|
615 return $reg_errors;
|
|
Chris@76
|
616
|
|
Chris@76
|
617 $reservedVars = array(
|
|
Chris@76
|
618 'actual_theme_url',
|
|
Chris@76
|
619 'actual_images_url',
|
|
Chris@76
|
620 'base_theme_dir',
|
|
Chris@76
|
621 'base_theme_url',
|
|
Chris@76
|
622 'default_images_url',
|
|
Chris@76
|
623 'default_theme_dir',
|
|
Chris@76
|
624 'default_theme_url',
|
|
Chris@76
|
625 'default_template',
|
|
Chris@76
|
626 'images_url',
|
|
Chris@76
|
627 'number_recent_posts',
|
|
Chris@76
|
628 'smiley_sets_default',
|
|
Chris@76
|
629 'theme_dir',
|
|
Chris@76
|
630 'theme_id',
|
|
Chris@76
|
631 'theme_layers',
|
|
Chris@76
|
632 'theme_templates',
|
|
Chris@76
|
633 'theme_url',
|
|
Chris@76
|
634 );
|
|
Chris@76
|
635
|
|
Chris@76
|
636 // Can't change reserved vars.
|
|
Chris@76
|
637 if (isset($regOptions['theme_vars']) && array_intersect($regOptions['theme_vars'], $reservedVars) != array())
|
|
Chris@76
|
638 fatal_lang_error('no_theme');
|
|
Chris@76
|
639
|
|
Chris@76
|
640 // Some of these might be overwritten. (the lower ones that are in the arrays below.)
|
|
Chris@76
|
641 $regOptions['register_vars'] = array(
|
|
Chris@76
|
642 'member_name' => $regOptions['username'],
|
|
Chris@76
|
643 'email_address' => $regOptions['email'],
|
|
Chris@76
|
644 'passwd' => sha1(strtolower($regOptions['username']) . $regOptions['password']),
|
|
Chris@76
|
645 'password_salt' => substr(md5(mt_rand()), 0, 4) ,
|
|
Chris@76
|
646 'posts' => 0,
|
|
Chris@76
|
647 'date_registered' => time(),
|
|
Chris@76
|
648 'member_ip' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $user_info['ip'],
|
|
Chris@76
|
649 'member_ip2' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $_SERVER['BAN_CHECK_IP'],
|
|
Chris@76
|
650 'validation_code' => $validation_code,
|
|
Chris@76
|
651 'real_name' => $regOptions['username'],
|
|
Chris@76
|
652 'personal_text' => $modSettings['default_personal_text'],
|
|
Chris@76
|
653 'pm_email_notify' => 1,
|
|
Chris@76
|
654 'id_theme' => 0,
|
|
Chris@76
|
655 'id_post_group' => 4,
|
|
Chris@76
|
656 'lngfile' => '',
|
|
Chris@76
|
657 'buddy_list' => '',
|
|
Chris@76
|
658 'pm_ignore_list' => '',
|
|
Chris@76
|
659 'message_labels' => '',
|
|
Chris@76
|
660 'website_title' => '',
|
|
Chris@76
|
661 'website_url' => '',
|
|
Chris@76
|
662 'location' => '',
|
|
Chris@76
|
663 'icq' => '',
|
|
Chris@76
|
664 'aim' => '',
|
|
Chris@76
|
665 'yim' => '',
|
|
Chris@76
|
666 'msn' => '',
|
|
Chris@76
|
667 'time_format' => '',
|
|
Chris@76
|
668 'signature' => '',
|
|
Chris@76
|
669 'avatar' => '',
|
|
Chris@76
|
670 'usertitle' => '',
|
|
Chris@76
|
671 'secret_question' => '',
|
|
Chris@76
|
672 'secret_answer' => '',
|
|
Chris@76
|
673 'additional_groups' => '',
|
|
Chris@76
|
674 'ignore_boards' => '',
|
|
Chris@76
|
675 'smiley_set' => '',
|
|
Chris@76
|
676 'openid_uri' => (!empty($regOptions['openid']) ? $regOptions['openid'] : ''),
|
|
Chris@76
|
677 );
|
|
Chris@76
|
678
|
|
Chris@76
|
679 // Setup the activation status on this new account so it is correct - firstly is it an under age account?
|
|
Chris@76
|
680 if ($regOptions['require'] == 'coppa')
|
|
Chris@76
|
681 {
|
|
Chris@76
|
682 $regOptions['register_vars']['is_activated'] = 5;
|
|
Chris@76
|
683 // !!! This should be changed. To what should be it be changed??
|
|
Chris@76
|
684 $regOptions['register_vars']['validation_code'] = '';
|
|
Chris@76
|
685 }
|
|
Chris@76
|
686 // Maybe it can be activated right away?
|
|
Chris@76
|
687 elseif ($regOptions['require'] == 'nothing')
|
|
Chris@76
|
688 $regOptions['register_vars']['is_activated'] = 1;
|
|
Chris@76
|
689 // Maybe it must be activated by email?
|
|
Chris@76
|
690 elseif ($regOptions['require'] == 'activation')
|
|
Chris@76
|
691 $regOptions['register_vars']['is_activated'] = 0;
|
|
Chris@76
|
692 // Otherwise it must be awaiting approval!
|
|
Chris@76
|
693 else
|
|
Chris@76
|
694 $regOptions['register_vars']['is_activated'] = 3;
|
|
Chris@76
|
695
|
|
Chris@76
|
696 if (isset($regOptions['memberGroup']))
|
|
Chris@76
|
697 {
|
|
Chris@76
|
698 // Make sure the id_group will be valid, if this is an administator.
|
|
Chris@76
|
699 $regOptions['register_vars']['id_group'] = $regOptions['memberGroup'] == 1 && !allowedTo('admin_forum') ? 0 : $regOptions['memberGroup'];
|
|
Chris@76
|
700
|
|
Chris@76
|
701 // Check if this group is assignable.
|
|
Chris@76
|
702 $unassignableGroups = array(-1, 3);
|
|
Chris@76
|
703 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
704 SELECT id_group
|
|
Chris@76
|
705 FROM {db_prefix}membergroups
|
|
Chris@76
|
706 WHERE min_posts != {int:min_posts}' . (allowedTo('admin_forum') ? '' : '
|
|
Chris@76
|
707 OR group_type = {int:is_protected}'),
|
|
Chris@76
|
708 array(
|
|
Chris@76
|
709 'min_posts' => -1,
|
|
Chris@76
|
710 'is_protected' => 1,
|
|
Chris@76
|
711 )
|
|
Chris@76
|
712 );
|
|
Chris@76
|
713 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
714 $unassignableGroups[] = $row['id_group'];
|
|
Chris@76
|
715 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
716
|
|
Chris@76
|
717 if (in_array($regOptions['register_vars']['id_group'], $unassignableGroups))
|
|
Chris@76
|
718 $regOptions['register_vars']['id_group'] = 0;
|
|
Chris@76
|
719 }
|
|
Chris@76
|
720
|
|
Chris@76
|
721 // ICQ cannot be zero.
|
|
Chris@76
|
722 if (isset($regOptions['extra_register_vars']['icq']) && empty($regOptions['extra_register_vars']['icq']))
|
|
Chris@76
|
723 $regOptions['extra_register_vars']['icq'] = '';
|
|
Chris@76
|
724
|
|
Chris@76
|
725 // Integrate optional member settings to be set.
|
|
Chris@76
|
726 if (!empty($regOptions['extra_register_vars']))
|
|
Chris@76
|
727 foreach ($regOptions['extra_register_vars'] as $var => $value)
|
|
Chris@76
|
728 $regOptions['register_vars'][$var] = $value;
|
|
Chris@76
|
729
|
|
Chris@76
|
730 // Integrate optional user theme options to be set.
|
|
Chris@76
|
731 $theme_vars = array();
|
|
Chris@76
|
732 if (!empty($regOptions['theme_vars']))
|
|
Chris@76
|
733 foreach ($regOptions['theme_vars'] as $var => $value)
|
|
Chris@76
|
734 $theme_vars[$var] = $value;
|
|
Chris@76
|
735
|
|
Chris@76
|
736 // Call an optional function to validate the users' input.
|
|
Chris@76
|
737 call_integration_hook('integrate_register', array(&$regOptions, &$theme_vars));
|
|
Chris@76
|
738
|
|
Chris@76
|
739 // Right, now let's prepare for insertion.
|
|
Chris@76
|
740 $knownInts = array(
|
|
Chris@76
|
741 'date_registered', 'posts', 'id_group', 'last_login', 'instant_messages', 'unread_messages',
|
|
Chris@76
|
742 'new_pm', 'pm_prefs', 'gender', 'hide_email', 'show_online', 'pm_email_notify', 'karma_good', 'karma_bad',
|
|
Chris@76
|
743 'notify_announcements', 'notify_send_body', 'notify_regularity', 'notify_types',
|
|
Chris@76
|
744 'id_theme', 'is_activated', 'id_msg_last_visit', 'id_post_group', 'total_time_logged_in', 'warning',
|
|
Chris@76
|
745 );
|
|
Chris@76
|
746 $knownFloats = array(
|
|
Chris@76
|
747 'time_offset',
|
|
Chris@76
|
748 );
|
|
Chris@76
|
749
|
|
Chris@76
|
750 $column_names = array();
|
|
Chris@76
|
751 $values = array();
|
|
Chris@76
|
752 foreach ($regOptions['register_vars'] as $var => $val)
|
|
Chris@76
|
753 {
|
|
Chris@76
|
754 $type = 'string';
|
|
Chris@76
|
755 if (in_array($var, $knownInts))
|
|
Chris@76
|
756 $type = 'int';
|
|
Chris@76
|
757 elseif (in_array($var, $knownFloats))
|
|
Chris@76
|
758 $type = 'float';
|
|
Chris@76
|
759 elseif ($var == 'birthdate')
|
|
Chris@76
|
760 $type = 'date';
|
|
Chris@76
|
761
|
|
Chris@76
|
762 $column_names[$var] = $type;
|
|
Chris@76
|
763 $values[$var] = $val;
|
|
Chris@76
|
764 }
|
|
Chris@76
|
765
|
|
Chris@76
|
766 // Register them into the database.
|
|
Chris@76
|
767 $smcFunc['db_insert']('',
|
|
Chris@76
|
768 '{db_prefix}members',
|
|
Chris@76
|
769 $column_names,
|
|
Chris@76
|
770 $values,
|
|
Chris@76
|
771 array('id_member')
|
|
Chris@76
|
772 );
|
|
Chris@76
|
773 $memberID = $smcFunc['db_insert_id']('{db_prefix}members', 'id_member');
|
|
Chris@76
|
774
|
|
Chris@76
|
775 // Update the number of members and latest member's info - and pass the name, but remove the 's.
|
|
Chris@76
|
776 if ($regOptions['register_vars']['is_activated'] == 1)
|
|
Chris@76
|
777 updateStats('member', $memberID, $regOptions['register_vars']['real_name']);
|
|
Chris@76
|
778 else
|
|
Chris@76
|
779 updateStats('member');
|
|
Chris@76
|
780
|
|
Chris@76
|
781 // Theme variables too?
|
|
Chris@76
|
782 if (!empty($theme_vars))
|
|
Chris@76
|
783 {
|
|
Chris@76
|
784 $inserts = array();
|
|
Chris@76
|
785 foreach ($theme_vars as $var => $val)
|
|
Chris@76
|
786 $inserts[] = array($memberID, $var, $val);
|
|
Chris@76
|
787 $smcFunc['db_insert']('insert',
|
|
Chris@76
|
788 '{db_prefix}themes',
|
|
Chris@76
|
789 array('id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
|
|
Chris@76
|
790 $inserts,
|
|
Chris@76
|
791 array('id_member', 'variable')
|
|
Chris@76
|
792 );
|
|
Chris@76
|
793 }
|
|
Chris@76
|
794
|
|
Chris@76
|
795 // If it's enabled, increase the registrations for today.
|
|
Chris@76
|
796 trackStats(array('registers' => '+'));
|
|
Chris@76
|
797
|
|
Chris@76
|
798 // Administrative registrations are a bit different...
|
|
Chris@76
|
799 if ($regOptions['interface'] == 'admin')
|
|
Chris@76
|
800 {
|
|
Chris@76
|
801 if ($regOptions['require'] == 'activation')
|
|
Chris@76
|
802 $email_message = 'admin_register_activate';
|
|
Chris@76
|
803 elseif (!empty($regOptions['send_welcome_email']))
|
|
Chris@76
|
804 $email_message = 'admin_register_immediate';
|
|
Chris@76
|
805
|
|
Chris@76
|
806 if (isset($email_message))
|
|
Chris@76
|
807 {
|
|
Chris@76
|
808 $replacements = array(
|
|
Chris@76
|
809 'REALNAME' => $regOptions['register_vars']['real_name'],
|
|
Chris@76
|
810 'USERNAME' => $regOptions['username'],
|
|
Chris@76
|
811 'PASSWORD' => $regOptions['password'],
|
|
Chris@76
|
812 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
|
|
Chris@76
|
813 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
|
|
Chris@76
|
814 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
|
|
Chris@76
|
815 'ACTIVATIONCODE' => $validation_code,
|
|
Chris@76
|
816 );
|
|
Chris@76
|
817
|
|
Chris@76
|
818 $emaildata = loadEmailTemplate($email_message, $replacements);
|
|
Chris@76
|
819
|
|
Chris@76
|
820 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
|
|
Chris@76
|
821 }
|
|
Chris@76
|
822
|
|
Chris@76
|
823 // All admins are finished here.
|
|
Chris@76
|
824 return $memberID;
|
|
Chris@76
|
825 }
|
|
Chris@76
|
826
|
|
Chris@76
|
827 // Can post straight away - welcome them to your fantastic community...
|
|
Chris@76
|
828 if ($regOptions['require'] == 'nothing')
|
|
Chris@76
|
829 {
|
|
Chris@76
|
830 if (!empty($regOptions['send_welcome_email']))
|
|
Chris@76
|
831 {
|
|
Chris@76
|
832 $replacements = array(
|
|
Chris@76
|
833 'REALNAME' => $regOptions['register_vars']['real_name'],
|
|
Chris@76
|
834 'USERNAME' => $regOptions['username'],
|
|
Chris@76
|
835 'PASSWORD' => $regOptions['password'],
|
|
Chris@76
|
836 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
|
|
Chris@76
|
837 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
|
|
Chris@76
|
838 );
|
|
Chris@76
|
839 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'immediate', $replacements);
|
|
Chris@76
|
840 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
|
|
Chris@76
|
841 }
|
|
Chris@76
|
842
|
|
Chris@76
|
843 // Send admin their notification.
|
|
Chris@76
|
844 adminNotify('standard', $memberID, $regOptions['username']);
|
|
Chris@76
|
845 }
|
|
Chris@76
|
846 // Need to activate their account - or fall under COPPA.
|
|
Chris@76
|
847 elseif ($regOptions['require'] == 'activation' || $regOptions['require'] == 'coppa')
|
|
Chris@76
|
848 {
|
|
Chris@76
|
849 $replacements = array(
|
|
Chris@76
|
850 'REALNAME' => $regOptions['register_vars']['real_name'],
|
|
Chris@76
|
851 'USERNAME' => $regOptions['username'],
|
|
Chris@76
|
852 'PASSWORD' => $regOptions['password'],
|
|
Chris@76
|
853 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
|
|
Chris@76
|
854 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
|
|
Chris@76
|
855 );
|
|
Chris@76
|
856
|
|
Chris@76
|
857 if ($regOptions['require'] == 'activation')
|
|
Chris@76
|
858 $replacements += array(
|
|
Chris@76
|
859 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
|
|
Chris@76
|
860 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
|
|
Chris@76
|
861 'ACTIVATIONCODE' => $validation_code,
|
|
Chris@76
|
862 );
|
|
Chris@76
|
863 else
|
|
Chris@76
|
864 $replacements += array(
|
|
Chris@76
|
865 'COPPALINK' => $scripturl . '?action=coppa;u=' . $memberID,
|
|
Chris@76
|
866 );
|
|
Chris@76
|
867
|
|
Chris@76
|
868 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . ($regOptions['require'] == 'activation' ? 'activate' : 'coppa'), $replacements);
|
|
Chris@76
|
869
|
|
Chris@76
|
870 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
|
|
Chris@76
|
871 }
|
|
Chris@76
|
872 // Must be awaiting approval.
|
|
Chris@76
|
873 else
|
|
Chris@76
|
874 {
|
|
Chris@76
|
875 $replacements = array(
|
|
Chris@76
|
876 'REALNAME' => $regOptions['register_vars']['real_name'],
|
|
Chris@76
|
877 'USERNAME' => $regOptions['username'],
|
|
Chris@76
|
878 'PASSWORD' => $regOptions['password'],
|
|
Chris@76
|
879 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
|
|
Chris@76
|
880 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '',
|
|
Chris@76
|
881 );
|
|
Chris@76
|
882
|
|
Chris@76
|
883 $emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'pending', $replacements);
|
|
Chris@76
|
884
|
|
Chris@76
|
885 sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
|
|
Chris@76
|
886
|
|
Chris@76
|
887 // Admin gets informed here...
|
|
Chris@77
|
888 adminNotify('approval', $memberID, $regOptions['username'], $regOptions['justify']);
|
|
Chris@76
|
889 }
|
|
Chris@76
|
890
|
|
Chris@76
|
891 // Okay, they're for sure registered... make sure the session is aware of this for security. (Just married :P!)
|
|
Chris@76
|
892 $_SESSION['just_registered'] = 1;
|
|
Chris@76
|
893
|
|
Chris@76
|
894 return $memberID;
|
|
Chris@76
|
895 }
|
|
Chris@76
|
896
|
|
Chris@76
|
897 // Check if a name is in the reserved words list. (name, current member id, name/username?.)
|
|
Chris@76
|
898 function isReservedName($name, $current_ID_MEMBER = 0, $is_name = true, $fatal = true)
|
|
Chris@76
|
899 {
|
|
Chris@76
|
900 global $user_info, $modSettings, $smcFunc, $context;
|
|
Chris@76
|
901
|
|
Chris@76
|
902 // No cheating with entities please.
|
|
Chris@76
|
903 $replaceEntities = create_function('$string', '
|
|
Chris@76
|
904 $num = substr($string, 0, 1) === \'x\' ? hexdec(substr($string, 1)) : (int) $string;
|
|
Chris@76
|
905 if ($num === 0x202E || $num === 0x202D) return \'\'; if (in_array($num, array(0x22, 0x26, 0x27, 0x3C, 0x3E))) return \'&#\' . $num . \';\';' .
|
|
Chris@76
|
906 (empty($context['utf8']) ? 'return $num < 0x20 ? \'\' : ($num < 0x80 ? chr($num) : \'&#\' . $string . \';\');' : '
|
|
Chris@76
|
907 return $num < 0x20 || $num > 0x10FFFF || ($num >= 0xD800 && $num <= 0xDFFF) ? \'\' : ($num < 0x80 ? chr($num) : ($num < 0x800 ? chr(192 | $num >> 6) . chr(128 | $num & 63) : ($num < 0x10000 ? chr(224 | $num >> 12) . chr(128 | $num >> 6 & 63) . chr(128 | $num & 63) : chr(240 | $num >> 18) . chr(128 | $num >> 12 & 63) . chr(128 | $num >> 6 & 63) . chr(128 | $num & 63))));')
|
|
Chris@76
|
908 );
|
|
Chris@76
|
909
|
|
Chris@76
|
910 $name = preg_replace('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$replaceEntities(\'\\2\')', $name);
|
|
Chris@76
|
911 $checkName = $smcFunc['strtolower']($name);
|
|
Chris@76
|
912
|
|
Chris@76
|
913 // Administrators are never restricted ;).
|
|
Chris@76
|
914 if (!allowedTo('moderate_forum') && ((!empty($modSettings['reserveName']) && $is_name) || !empty($modSettings['reserveUser']) && !$is_name))
|
|
Chris@76
|
915 {
|
|
Chris@76
|
916 $reservedNames = explode("\n", $modSettings['reserveNames']);
|
|
Chris@76
|
917 // Case sensitive check?
|
|
Chris@76
|
918 $checkMe = empty($modSettings['reserveCase']) ? $checkName : $name;
|
|
Chris@76
|
919
|
|
Chris@76
|
920 // Check each name in the list...
|
|
Chris@76
|
921 foreach ($reservedNames as $reserved)
|
|
Chris@76
|
922 {
|
|
Chris@76
|
923 if ($reserved == '')
|
|
Chris@76
|
924 continue;
|
|
Chris@76
|
925
|
|
Chris@76
|
926 // The admin might've used entities too, level the playing field.
|
|
Chris@76
|
927 $reservedCheck = preg_replace('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~e', '$replaceEntities(\'\\2\')', $reserved);
|
|
Chris@76
|
928
|
|
Chris@76
|
929 // Case sensitive name?
|
|
Chris@76
|
930 if (empty($modSettings['reserveCase']))
|
|
Chris@76
|
931 $reservedCheck = $smcFunc['strtolower']($reservedCheck);
|
|
Chris@76
|
932
|
|
Chris@76
|
933 // If it's not just entire word, check for it in there somewhere...
|
|
Chris@76
|
934 if ($checkMe == $reservedCheck || ($smcFunc['strpos']($checkMe, $reservedCheck) !== false && empty($modSettings['reserveWord'])))
|
|
Chris@76
|
935 if ($fatal)
|
|
Chris@76
|
936 fatal_lang_error('username_reserved', 'password', array($reserved));
|
|
Chris@76
|
937 else
|
|
Chris@76
|
938 return true;
|
|
Chris@76
|
939 }
|
|
Chris@76
|
940
|
|
Chris@76
|
941 $censor_name = $name;
|
|
Chris@76
|
942 if (censorText($censor_name) != $name)
|
|
Chris@76
|
943 if ($fatal)
|
|
Chris@76
|
944 fatal_lang_error('name_censored', 'password', array($name));
|
|
Chris@76
|
945 else
|
|
Chris@76
|
946 return true;
|
|
Chris@76
|
947 }
|
|
Chris@76
|
948
|
|
Chris@76
|
949 // Characters we just shouldn't allow, regardless.
|
|
Chris@76
|
950 foreach (array('*') as $char)
|
|
Chris@76
|
951 if (strpos($checkName, $char) !== false)
|
|
Chris@76
|
952 if ($fatal)
|
|
Chris@76
|
953 fatal_lang_error('username_reserved', 'password', array($char));
|
|
Chris@76
|
954 else
|
|
Chris@76
|
955 return true;
|
|
Chris@76
|
956
|
|
Chris@76
|
957 // Get rid of any SQL parts of the reserved name...
|
|
Chris@76
|
958 $checkName = strtr($name, array('_' => '\\_', '%' => '\\%'));
|
|
Chris@76
|
959
|
|
Chris@76
|
960 // Make sure they don't want someone else's name.
|
|
Chris@76
|
961 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
962 SELECT id_member
|
|
Chris@76
|
963 FROM {db_prefix}members
|
|
Chris@76
|
964 WHERE ' . (empty($current_ID_MEMBER) ? '' : 'id_member != {int:current_member}
|
|
Chris@76
|
965 AND ') . '(real_name LIKE {string:check_name} OR member_name LIKE {string:check_name})
|
|
Chris@76
|
966 LIMIT 1',
|
|
Chris@76
|
967 array(
|
|
Chris@76
|
968 'current_member' => $current_ID_MEMBER,
|
|
Chris@76
|
969 'check_name' => $checkName,
|
|
Chris@76
|
970 )
|
|
Chris@76
|
971 );
|
|
Chris@76
|
972 if ($smcFunc['db_num_rows']($request) > 0)
|
|
Chris@76
|
973 {
|
|
Chris@76
|
974 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
975 return true;
|
|
Chris@76
|
976 }
|
|
Chris@76
|
977
|
|
Chris@76
|
978 // Does name case insensitive match a member group name?
|
|
Chris@76
|
979 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
980 SELECT id_group
|
|
Chris@76
|
981 FROM {db_prefix}membergroups
|
|
Chris@76
|
982 WHERE group_name LIKE {string:check_name}
|
|
Chris@76
|
983 LIMIT 1',
|
|
Chris@76
|
984 array(
|
|
Chris@76
|
985 'check_name' => $checkName,
|
|
Chris@76
|
986 )
|
|
Chris@76
|
987 );
|
|
Chris@76
|
988 if ($smcFunc['db_num_rows']($request) > 0)
|
|
Chris@76
|
989 {
|
|
Chris@76
|
990 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
991 return true;
|
|
Chris@76
|
992 }
|
|
Chris@76
|
993
|
|
Chris@76
|
994 // Okay, they passed.
|
|
Chris@76
|
995 return false;
|
|
Chris@76
|
996 }
|
|
Chris@76
|
997
|
|
Chris@76
|
998 // Get a list of groups that have a given permission (on a given board).
|
|
Chris@76
|
999 function groupsAllowedTo($permission, $board_id = null)
|
|
Chris@76
|
1000 {
|
|
Chris@76
|
1001 global $modSettings, $board_info, $smcFunc;
|
|
Chris@76
|
1002
|
|
Chris@76
|
1003 // Admins are allowed to do anything.
|
|
Chris@76
|
1004 $member_groups = array(
|
|
Chris@76
|
1005 'allowed' => array(1),
|
|
Chris@76
|
1006 'denied' => array(),
|
|
Chris@76
|
1007 );
|
|
Chris@76
|
1008
|
|
Chris@76
|
1009 // Assume we're dealing with regular permissions (like profile_view_own).
|
|
Chris@76
|
1010 if ($board_id === null)
|
|
Chris@76
|
1011 {
|
|
Chris@76
|
1012 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1013 SELECT id_group, add_deny
|
|
Chris@76
|
1014 FROM {db_prefix}permissions
|
|
Chris@76
|
1015 WHERE permission = {string:permission}',
|
|
Chris@76
|
1016 array(
|
|
Chris@76
|
1017 'permission' => $permission,
|
|
Chris@76
|
1018 )
|
|
Chris@76
|
1019 );
|
|
Chris@76
|
1020 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1021 $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
|
|
Chris@76
|
1022 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1023 }
|
|
Chris@76
|
1024
|
|
Chris@76
|
1025 // Otherwise it's time to look at the board.
|
|
Chris@76
|
1026 else
|
|
Chris@76
|
1027 {
|
|
Chris@76
|
1028 // First get the profile of the given board.
|
|
Chris@76
|
1029 if (isset($board_info['id']) && $board_info['id'] == $board_id)
|
|
Chris@76
|
1030 $profile_id = $board_info['profile'];
|
|
Chris@76
|
1031 elseif ($board_id !== 0)
|
|
Chris@76
|
1032 {
|
|
Chris@76
|
1033 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1034 SELECT id_profile
|
|
Chris@76
|
1035 FROM {db_prefix}boards
|
|
Chris@76
|
1036 WHERE id_board = {int:id_board}
|
|
Chris@76
|
1037 LIMIT 1',
|
|
Chris@76
|
1038 array(
|
|
Chris@76
|
1039 'id_board' => $board_id,
|
|
Chris@76
|
1040 )
|
|
Chris@76
|
1041 );
|
|
Chris@76
|
1042 if ($smcFunc['db_num_rows']($request) == 0)
|
|
Chris@76
|
1043 fatal_lang_error('no_board');
|
|
Chris@76
|
1044 list ($profile_id) = $smcFunc['db_fetch_row']($request);
|
|
Chris@76
|
1045 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1046 }
|
|
Chris@76
|
1047 else
|
|
Chris@76
|
1048 $profile_id = 1;
|
|
Chris@76
|
1049
|
|
Chris@76
|
1050 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1051 SELECT bp.id_group, bp.add_deny
|
|
Chris@76
|
1052 FROM {db_prefix}board_permissions AS bp
|
|
Chris@76
|
1053 WHERE bp.permission = {string:permission}
|
|
Chris@76
|
1054 AND bp.id_profile = {int:profile_id}',
|
|
Chris@76
|
1055 array(
|
|
Chris@76
|
1056 'profile_id' => $profile_id,
|
|
Chris@76
|
1057 'permission' => $permission,
|
|
Chris@76
|
1058 )
|
|
Chris@76
|
1059 );
|
|
Chris@76
|
1060 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1061 $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
|
|
Chris@76
|
1062 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1063 }
|
|
Chris@76
|
1064
|
|
Chris@76
|
1065 // Denied is never allowed.
|
|
Chris@76
|
1066 $member_groups['allowed'] = array_diff($member_groups['allowed'], $member_groups['denied']);
|
|
Chris@76
|
1067
|
|
Chris@76
|
1068 return $member_groups;
|
|
Chris@76
|
1069 }
|
|
Chris@76
|
1070
|
|
Chris@76
|
1071 // Get a list of members that have a given permission (on a given board).
|
|
Chris@76
|
1072 function membersAllowedTo($permission, $board_id = null)
|
|
Chris@76
|
1073 {
|
|
Chris@76
|
1074 global $smcFunc;
|
|
Chris@76
|
1075
|
|
Chris@76
|
1076 $member_groups = groupsAllowedTo($permission, $board_id);
|
|
Chris@76
|
1077
|
|
Chris@76
|
1078 $include_moderators = in_array(3, $member_groups['allowed']) && $board_id !== null;
|
|
Chris@76
|
1079 $member_groups['allowed'] = array_diff($member_groups['allowed'], array(3));
|
|
Chris@76
|
1080
|
|
Chris@76
|
1081 $exclude_moderators = in_array(3, $member_groups['denied']) && $board_id !== null;
|
|
Chris@76
|
1082 $member_groups['denied'] = array_diff($member_groups['denied'], array(3));
|
|
Chris@76
|
1083
|
|
Chris@76
|
1084 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1085 SELECT mem.id_member
|
|
Chris@76
|
1086 FROM {db_prefix}members AS mem' . ($include_moderators || $exclude_moderators ? '
|
|
Chris@76
|
1087 LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_member = mem.id_member AND mods.id_board = {int:board_id})' : '') . '
|
|
Chris@76
|
1088 WHERE (' . ($include_moderators ? 'mods.id_member IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_allowed}) OR FIND_IN_SET({raw:member_group_allowed_implode}, mem.additional_groups) != 0)' . (empty($member_groups['denied']) ? '' : '
|
|
Chris@76
|
1089 AND NOT (' . ($exclude_moderators ? 'mods.id_member IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_denied}) OR FIND_IN_SET({raw:member_group_denied_implode}, mem.additional_groups) != 0)'),
|
|
Chris@76
|
1090 array(
|
|
Chris@76
|
1091 'member_groups_allowed' => $member_groups['allowed'],
|
|
Chris@76
|
1092 'member_groups_denied' => $member_groups['denied'],
|
|
Chris@76
|
1093 'board_id' => $board_id,
|
|
Chris@76
|
1094 'member_group_allowed_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['allowed']),
|
|
Chris@76
|
1095 'member_group_denied_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['denied']),
|
|
Chris@76
|
1096 )
|
|
Chris@76
|
1097 );
|
|
Chris@76
|
1098 $members = array();
|
|
Chris@76
|
1099 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1100 $members[] = $row['id_member'];
|
|
Chris@76
|
1101 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1102
|
|
Chris@76
|
1103 return $members;
|
|
Chris@76
|
1104 }
|
|
Chris@76
|
1105
|
|
Chris@76
|
1106 // This function is used to reassociate members with relevant posts.
|
|
Chris@76
|
1107 function reattributePosts($memID, $email = false, $membername = false, $post_count = false)
|
|
Chris@76
|
1108 {
|
|
Chris@76
|
1109 global $smcFunc;
|
|
Chris@76
|
1110
|
|
Chris@76
|
1111 // Firstly, if email and username aren't passed find out the members email address and name.
|
|
Chris@76
|
1112 if ($email === false && $membername === false)
|
|
Chris@76
|
1113 {
|
|
Chris@76
|
1114 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1115 SELECT email_address, member_name
|
|
Chris@76
|
1116 FROM {db_prefix}members
|
|
Chris@76
|
1117 WHERE id_member = {int:memID}
|
|
Chris@76
|
1118 LIMIT 1',
|
|
Chris@76
|
1119 array(
|
|
Chris@76
|
1120 'memID' => $memID,
|
|
Chris@76
|
1121 )
|
|
Chris@76
|
1122 );
|
|
Chris@76
|
1123 list ($email, $membername) = $smcFunc['db_fetch_row']($request);
|
|
Chris@76
|
1124 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1125 }
|
|
Chris@76
|
1126
|
|
Chris@76
|
1127 // If they want the post count restored then we need to do some research.
|
|
Chris@76
|
1128 if ($post_count)
|
|
Chris@76
|
1129 {
|
|
Chris@76
|
1130 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1131 SELECT COUNT(*)
|
|
Chris@76
|
1132 FROM {db_prefix}messages AS m
|
|
Chris@76
|
1133 INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND b.count_posts = {int:count_posts})
|
|
Chris@76
|
1134 WHERE m.id_member = {int:guest_id}
|
|
Chris@76
|
1135 AND m.approved = {int:is_approved}
|
|
Chris@76
|
1136 AND m.icon != {string:recycled_icon}' . (empty($email) ? '' : '
|
|
Chris@76
|
1137 AND m.poster_email = {string:email_address}') . (empty($membername) ? '' : '
|
|
Chris@76
|
1138 AND m.poster_name = {string:member_name}'),
|
|
Chris@76
|
1139 array(
|
|
Chris@76
|
1140 'count_posts' => 0,
|
|
Chris@76
|
1141 'guest_id' => 0,
|
|
Chris@76
|
1142 'email_address' => $email,
|
|
Chris@76
|
1143 'member_name' => $membername,
|
|
Chris@76
|
1144 'is_approved' => 1,
|
|
Chris@76
|
1145 'recycled_icon' => 'recycled',
|
|
Chris@76
|
1146 )
|
|
Chris@76
|
1147 );
|
|
Chris@76
|
1148 list ($messageCount) = $smcFunc['db_fetch_row']($request);
|
|
Chris@76
|
1149 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1150
|
|
Chris@76
|
1151 updateMemberData($memID, array('posts' => 'posts + ' . $messageCount));
|
|
Chris@76
|
1152 }
|
|
Chris@76
|
1153
|
|
Chris@76
|
1154 $query_parts = array();
|
|
Chris@76
|
1155 if (!empty($email))
|
|
Chris@76
|
1156 $query_parts[] = 'poster_email = {string:email_address}';
|
|
Chris@76
|
1157 if (!empty($membername))
|
|
Chris@76
|
1158 $query_parts[] = 'poster_name = {string:member_name}';
|
|
Chris@76
|
1159 $query = implode(' AND ', $query_parts);
|
|
Chris@76
|
1160
|
|
Chris@76
|
1161 // Finally, update the posts themselves!
|
|
Chris@76
|
1162 $smcFunc['db_query']('', '
|
|
Chris@76
|
1163 UPDATE {db_prefix}messages
|
|
Chris@76
|
1164 SET id_member = {int:memID}
|
|
Chris@76
|
1165 WHERE ' . $query,
|
|
Chris@76
|
1166 array(
|
|
Chris@76
|
1167 'memID' => $memID,
|
|
Chris@76
|
1168 'email_address' => $email,
|
|
Chris@76
|
1169 'member_name' => $membername,
|
|
Chris@76
|
1170 )
|
|
Chris@76
|
1171 );
|
|
Chris@76
|
1172
|
|
Chris@76
|
1173 return $smcFunc['db_affected_rows']();
|
|
Chris@76
|
1174 }
|
|
Chris@76
|
1175
|
|
Chris@76
|
1176 // This simple function adds/removes the passed user from the current users buddy list.
|
|
Chris@76
|
1177 function BuddyListToggle()
|
|
Chris@76
|
1178 {
|
|
Chris@76
|
1179 global $user_info;
|
|
Chris@76
|
1180
|
|
Chris@76
|
1181 checkSession('get');
|
|
Chris@76
|
1182
|
|
Chris@76
|
1183 isAllowedTo('profile_identity_own');
|
|
Chris@76
|
1184 is_not_guest();
|
|
Chris@76
|
1185
|
|
Chris@76
|
1186 if (empty($_REQUEST['u']))
|
|
Chris@76
|
1187 fatal_lang_error('no_access', false);
|
|
Chris@76
|
1188 $_REQUEST['u'] = (int) $_REQUEST['u'];
|
|
Chris@76
|
1189
|
|
Chris@76
|
1190 // Remove if it's already there...
|
|
Chris@76
|
1191 if (in_array($_REQUEST['u'], $user_info['buddies']))
|
|
Chris@76
|
1192 $user_info['buddies'] = array_diff($user_info['buddies'], array($_REQUEST['u']));
|
|
Chris@76
|
1193 // ...or add if it's not and if it's not you.
|
|
Chris@76
|
1194 elseif ($user_info['id'] != $_REQUEST['u'])
|
|
Chris@76
|
1195 $user_info['buddies'][] = (int) $_REQUEST['u'];
|
|
Chris@76
|
1196
|
|
Chris@76
|
1197 // Update the settings.
|
|
Chris@76
|
1198 updateMemberData($user_info['id'], array('buddy_list' => implode(',', $user_info['buddies'])));
|
|
Chris@76
|
1199
|
|
Chris@76
|
1200 // Redirect back to the profile
|
|
Chris@76
|
1201 redirectexit('action=profile;u=' . $_REQUEST['u']);
|
|
Chris@76
|
1202 }
|
|
Chris@76
|
1203
|
|
Chris@76
|
1204 function list_getMembers($start, $items_per_page, $sort, $where, $where_params = array(), $get_duplicates = false)
|
|
Chris@76
|
1205 {
|
|
Chris@76
|
1206 global $smcFunc;
|
|
Chris@76
|
1207
|
|
Chris@76
|
1208 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1209 SELECT
|
|
Chris@76
|
1210 mem.id_member, mem.member_name, mem.real_name, mem.email_address, mem.icq, mem.aim, mem.yim, mem.msn, mem.member_ip, mem.member_ip2, mem.last_login,
|
|
Chris@76
|
1211 mem.posts, mem.is_activated, mem.date_registered, mem.id_group, mem.additional_groups, mg.group_name
|
|
Chris@76
|
1212 FROM {db_prefix}members AS mem
|
|
Chris@76
|
1213 LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = mem.id_group)
|
|
Chris@76
|
1214 WHERE ' . $where . '
|
|
Chris@76
|
1215 ORDER BY {raw:sort}
|
|
Chris@76
|
1216 LIMIT {int:start}, {int:per_page}',
|
|
Chris@76
|
1217 array_merge($where_params, array(
|
|
Chris@76
|
1218 'sort' => $sort,
|
|
Chris@76
|
1219 'start' => $start,
|
|
Chris@76
|
1220 'per_page' => $items_per_page,
|
|
Chris@76
|
1221 ))
|
|
Chris@76
|
1222 );
|
|
Chris@76
|
1223
|
|
Chris@76
|
1224 $members = array();
|
|
Chris@76
|
1225 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1226 $members[] = $row;
|
|
Chris@76
|
1227 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1228
|
|
Chris@76
|
1229 // If we want duplicates pass the members array off.
|
|
Chris@76
|
1230 if ($get_duplicates)
|
|
Chris@76
|
1231 populateDuplicateMembers($members);
|
|
Chris@76
|
1232
|
|
Chris@76
|
1233 return $members;
|
|
Chris@76
|
1234 }
|
|
Chris@76
|
1235
|
|
Chris@76
|
1236 function list_getNumMembers($where, $where_params = array())
|
|
Chris@76
|
1237 {
|
|
Chris@76
|
1238 global $smcFunc, $modSettings;
|
|
Chris@76
|
1239
|
|
Chris@76
|
1240 // We know how many members there are in total.
|
|
Chris@76
|
1241 if (empty($where) || $where == '1')
|
|
Chris@76
|
1242 $num_members = $modSettings['totalMembers'];
|
|
Chris@76
|
1243
|
|
Chris@76
|
1244 // The database knows the amount when there are extra conditions.
|
|
Chris@76
|
1245 else
|
|
Chris@76
|
1246 {
|
|
Chris@76
|
1247 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1248 SELECT COUNT(*)
|
|
Chris@76
|
1249 FROM {db_prefix}members AS mem
|
|
Chris@76
|
1250 WHERE ' . $where,
|
|
Chris@76
|
1251 array_merge($where_params, array(
|
|
Chris@76
|
1252 ))
|
|
Chris@76
|
1253 );
|
|
Chris@76
|
1254 list ($num_members) = $smcFunc['db_fetch_row']($request);
|
|
Chris@76
|
1255 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1256 }
|
|
Chris@76
|
1257
|
|
Chris@76
|
1258 return $num_members;
|
|
Chris@76
|
1259 }
|
|
Chris@76
|
1260
|
|
Chris@76
|
1261 function populateDuplicateMembers(&$members)
|
|
Chris@76
|
1262 {
|
|
Chris@76
|
1263 global $smcFunc;
|
|
Chris@76
|
1264
|
|
Chris@76
|
1265 // This will hold all the ip addresses.
|
|
Chris@76
|
1266 $ips = array();
|
|
Chris@76
|
1267 foreach ($members as $key => $member)
|
|
Chris@76
|
1268 {
|
|
Chris@76
|
1269 // Create the duplicate_members element.
|
|
Chris@76
|
1270 $members[$key]['duplicate_members'] = array();
|
|
Chris@76
|
1271
|
|
Chris@76
|
1272 // Store the IPs.
|
|
Chris@76
|
1273 if (!empty($member['member_ip']))
|
|
Chris@76
|
1274 $ips[] = $member['member_ip'];
|
|
Chris@76
|
1275 if (!empty($member['member_ip2']))
|
|
Chris@76
|
1276 $ips[] = $member['member_ip2'];
|
|
Chris@76
|
1277 }
|
|
Chris@76
|
1278
|
|
Chris@76
|
1279 $ips = array_unique($ips);
|
|
Chris@76
|
1280
|
|
Chris@76
|
1281 if (empty($ips))
|
|
Chris@76
|
1282 return false;
|
|
Chris@76
|
1283
|
|
Chris@76
|
1284 // Fetch all members with this IP address, we'll filter out the current ones in a sec.
|
|
Chris@76
|
1285 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1286 SELECT
|
|
Chris@76
|
1287 id_member, member_name, email_address, member_ip, member_ip2, is_activated
|
|
Chris@76
|
1288 FROM {db_prefix}members
|
|
Chris@76
|
1289 WHERE member_ip IN ({array_string:ips})
|
|
Chris@76
|
1290 OR member_ip2 IN ({array_string:ips})',
|
|
Chris@76
|
1291 array(
|
|
Chris@76
|
1292 'ips' => $ips,
|
|
Chris@76
|
1293 )
|
|
Chris@76
|
1294 );
|
|
Chris@76
|
1295 $duplicate_members = array();
|
|
Chris@76
|
1296 $duplicate_ids = array();
|
|
Chris@76
|
1297 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1298 {
|
|
Chris@76
|
1299 //$duplicate_ids[] = $row['id_member'];
|
|
Chris@76
|
1300
|
|
Chris@76
|
1301 $member_context = array(
|
|
Chris@76
|
1302 'id' => $row['id_member'],
|
|
Chris@76
|
1303 'name' => $row['member_name'],
|
|
Chris@76
|
1304 'email' => $row['email_address'],
|
|
Chris@76
|
1305 'is_banned' => $row['is_activated'] > 10,
|
|
Chris@76
|
1306 'ip' => $row['member_ip'],
|
|
Chris@76
|
1307 'ip2' => $row['member_ip2'],
|
|
Chris@76
|
1308 );
|
|
Chris@76
|
1309
|
|
Chris@76
|
1310 if (in_array($row['member_ip'], $ips))
|
|
Chris@76
|
1311 $duplicate_members[$row['member_ip']][] = $member_context;
|
|
Chris@76
|
1312 if ($row['member_ip'] != $row['member_ip2'] && in_array($row['member_ip2'], $ips))
|
|
Chris@76
|
1313 $duplicate_members[$row['member_ip2']][] = $member_context;
|
|
Chris@76
|
1314 }
|
|
Chris@76
|
1315 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1316
|
|
Chris@76
|
1317 // Also try to get a list of messages using these ips.
|
|
Chris@76
|
1318 $request = $smcFunc['db_query']('', '
|
|
Chris@76
|
1319 SELECT
|
|
Chris@76
|
1320 m.poster_ip, mem.id_member, mem.member_name, mem.email_address, mem.is_activated
|
|
Chris@76
|
1321 FROM {db_prefix}messages AS m
|
|
Chris@76
|
1322 INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
|
|
Chris@76
|
1323 WHERE m.id_member != 0
|
|
Chris@76
|
1324 ' . (!empty($duplicate_ids) ? 'AND m.id_member NOT IN ({array_int:duplicate_ids})' : '') . '
|
|
Chris@76
|
1325 AND m.poster_ip IN ({array_string:ips})',
|
|
Chris@76
|
1326 array(
|
|
Chris@76
|
1327 'duplicate_ids' => $duplicate_ids,
|
|
Chris@76
|
1328 'ips' => $ips,
|
|
Chris@76
|
1329 )
|
|
Chris@76
|
1330 );
|
|
Chris@76
|
1331
|
|
Chris@76
|
1332 $had_ips = array();
|
|
Chris@76
|
1333 while ($row = $smcFunc['db_fetch_assoc']($request))
|
|
Chris@76
|
1334 {
|
|
Chris@76
|
1335 // Don't collect lots of the same.
|
|
Chris@76
|
1336 if (isset($had_ips[$row['poster_ip']]) && in_array($row['id_member'], $had_ips[$row['poster_ip']]))
|
|
Chris@76
|
1337 continue;
|
|
Chris@76
|
1338 $had_ips[$row['poster_ip']][] = $row['id_member'];
|
|
Chris@76
|
1339
|
|
Chris@76
|
1340 $duplicate_members[$row['poster_ip']][] = array(
|
|
Chris@76
|
1341 'id' => $row['id_member'],
|
|
Chris@76
|
1342 'name' => $row['member_name'],
|
|
Chris@76
|
1343 'email' => $row['email_address'],
|
|
Chris@76
|
1344 'is_banned' => $row['is_activated'] > 10,
|
|
Chris@76
|
1345 'ip' => $row['poster_ip'],
|
|
Chris@76
|
1346 'ip2' => $row['poster_ip'],
|
|
Chris@76
|
1347 );
|
|
Chris@76
|
1348 }
|
|
Chris@76
|
1349 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1350
|
|
Chris@76
|
1351 // Now we have all the duplicate members, stick them with their respective member in the list.
|
|
Chris@76
|
1352 if (!empty($duplicate_members))
|
|
Chris@76
|
1353 foreach ($members as $key => $member)
|
|
Chris@76
|
1354 {
|
|
Chris@76
|
1355 if (isset($duplicate_members[$member['member_ip']]))
|
|
Chris@76
|
1356 $members[$key]['duplicate_members'] = $duplicate_members[$member['member_ip']];
|
|
Chris@76
|
1357 if ($member['member_ip'] != $member['member_ip2'] && isset($duplicate_members[$member['member_ip2']]))
|
|
Chris@76
|
1358 $members[$key]['duplicate_members'] = array_merge($member['duplicate_members'], $duplicate_members[$member['member_ip2']]);
|
|
Chris@76
|
1359
|
|
Chris@76
|
1360 // Check we don't have lots of the same member.
|
|
Chris@76
|
1361 $member_track = array($member['id_member']);
|
|
Chris@76
|
1362 foreach ($members[$key]['duplicate_members'] as $duplicate_id_member => $duplicate_member)
|
|
Chris@76
|
1363 {
|
|
Chris@76
|
1364 if (in_array($duplicate_member['id'], $member_track))
|
|
Chris@76
|
1365 {
|
|
Chris@76
|
1366 unset($members[$key]['duplicate_members'][$duplicate_id_member]);
|
|
Chris@76
|
1367 continue;
|
|
Chris@76
|
1368 }
|
|
Chris@76
|
1369
|
|
Chris@76
|
1370 $member_track[] = $duplicate_member['id'];
|
|
Chris@76
|
1371 }
|
|
Chris@76
|
1372 }
|
|
Chris@76
|
1373 }
|
|
Chris@76
|
1374
|
|
Chris@76
|
1375 // Generate a random validation code.
|
|
Chris@76
|
1376 function generateValidationCode()
|
|
Chris@76
|
1377 {
|
|
Chris@76
|
1378 global $smcFunc, $modSettings;
|
|
Chris@76
|
1379
|
|
Chris@76
|
1380 $request = $smcFunc['db_query']('get_random_number', '
|
|
Chris@76
|
1381 SELECT RAND()',
|
|
Chris@76
|
1382 array(
|
|
Chris@76
|
1383 )
|
|
Chris@76
|
1384 );
|
|
Chris@76
|
1385
|
|
Chris@76
|
1386 list ($dbRand) = $smcFunc['db_fetch_row']($request);
|
|
Chris@76
|
1387 $smcFunc['db_free_result']($request);
|
|
Chris@76
|
1388
|
|
Chris@76
|
1389 return substr(preg_replace('/\W/', '', sha1(microtime() . mt_rand() . $dbRand . $modSettings['rand_seed'])), 0, 10);
|
|
Chris@76
|
1390 }
|
|
Chris@76
|
1391
|
|
Chris@77
|
1392 ?>
|
