Chris@76: <?php
Chris@76: 
Chris@76: /**
Chris@76:  * Simple Machines Forum (SMF)
Chris@76:  *
Chris@76:  * @package SMF
Chris@76:  * @author Simple Machines http://www.simplemachines.org
Chris@76:  * @copyright 2011 Simple Machines
Chris@76:  * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76:  *
Chris@76:  * @version 2.0
Chris@76:  */
Chris@76: 
Chris@76: if (!defined('SMF'))
Chris@76: 	die('Hacking attempt...');
Chris@76: 
Chris@76: /*	Show a list of members or a selection of members.
Chris@76: 
Chris@76: 	void ViewMembers()
Chris@76: 		- the main entrance point for the Manage Members screen.
Chris@76: 		- called by ?action=admin;area=viewmembers.
Chris@76: 		- requires the moderate_forum permission.
Chris@76: 		- loads the ManageMembers template and ManageMembers language file.
Chris@76: 		- calls a function based on the given sub-action.
Chris@76: 
Chris@76: 	void ViewMemberlist()
Chris@76: 		- shows a list of members.
Chris@76: 		- called by ?action=admin;area=viewmembers;sa=all or ?action=admin;area=viewmembers;sa=query.
Chris@76: 		- requires the moderate_forum permission.
Chris@76: 		- uses the view_members sub template of the ManageMembers template.
Chris@76: 		- allows sorting on several columns.
Chris@76: 		- handles deletion of selected members.
Chris@76: 		- handles the search query sent by ?action=admin;area=viewmembers;sa=search.
Chris@76: 
Chris@76: 	void SearchMembers()
Chris@76: 		- search the member list, using one or more criteria.
Chris@76: 		- called by ?action=admin;area=viewmembers;sa=search.
Chris@76: 		- requires the moderate_forum permission.
Chris@76: 		- uses the search_members sub template of the ManageMembers template.
Chris@76: 		- form is submitted to action=admin;area=viewmembers;sa=query.
Chris@76: 
Chris@76: 	void MembersAwaitingActivation()
Chris@76: 		- show a list of members awaiting approval or activation.
Chris@76: 		- called by ?action=admin;area=viewmembers;sa=browse;type=approve or
Chris@76: 		  ?action=admin;area=viewmembers;sa=browse;type=activate.
Chris@76: 		- requires the moderate_forum permission.
Chris@76: 		- uses the admin_browse sub template of the ManageMembers template.
Chris@76: 		- allows instant approval or activation of (a selection of) members.
Chris@76: 		- list can be sorted on different columns.
Chris@76: 		- form submits to ?action=admin;area=viewmembers;sa=approve.
Chris@76: 
Chris@76: 	void AdminApprove()
Chris@76: 		- handles the approval, rejection, activation or deletion of members.
Chris@76: 		- called by ?action=admin;area=viewmembers;sa=approve.
Chris@76: 		- requires the moderate_forum permission.
Chris@76: 		- redirects to ?action=admin;area=viewmembers;sa=browse with the same parameters
Chris@76: 		  as the calling page.
Chris@76: 
Chris@76: 	int jeffsdatediff(int old)
Chris@76: 		- nifty function to calculate the number of days ago a given date was.
Chris@76: 		- requires a unix timestamp as input, returns an integer.
Chris@76: 		- in honour of Jeff Lewis, the original creator of...this function.
Chris@76: 		- the returned number of days is based on the forum time.
Chris@76: */
Chris@76: 
Chris@76: function ViewMembers()
Chris@76: {
Chris@76: 	global $txt, $scripturl, $context, $modSettings, $smcFunc;
Chris@76: 
Chris@76: 	$subActions = array(
Chris@76: 		'all' => array('ViewMemberlist', 'moderate_forum'),
Chris@76: 		'approve' => array('AdminApprove', 'moderate_forum'),
Chris@76: 		'browse' => array('MembersAwaitingActivation', 'moderate_forum'),
Chris@76: 		'search' => array('SearchMembers', 'moderate_forum'),
Chris@76: 		'query' => array('ViewMemberlist', 'moderate_forum'),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Default to sub action 'index' or 'settings' depending on permissions.
Chris@76: 	$_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'all';
Chris@76: 
Chris@76: 	// We know the sub action, now we know what you're allowed to do.
Chris@76: 	isAllowedTo($subActions[$_REQUEST['sa']][1]);
Chris@76: 
Chris@76: 	// Load the essentials.
Chris@76: 	loadLanguage('ManageMembers');
Chris@76: 	loadTemplate('ManageMembers');
Chris@76: 
Chris@76: 	// Get counts on every type of activation - for sections and filtering alike.
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT COUNT(*) AS total_members, is_activated
Chris@76: 		FROM {db_prefix}members
Chris@76: 		WHERE is_activated != {int:is_activated}
Chris@76: 		GROUP BY is_activated',
Chris@76: 		array(
Chris@76: 			'is_activated' => 1,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$context['activation_numbers'] = array();
Chris@76: 	$context['awaiting_activation'] = 0;
Chris@76: 	$context['awaiting_approval'] = 0;
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 		$context['activation_numbers'][$row['is_activated']] = $row['total_members'];
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	foreach ($context['activation_numbers'] as $activation_type => $total_members)
Chris@76: 	{
Chris@76: 		if (in_array($activation_type, array(0, 2)))
Chris@76: 			$context['awaiting_activation'] += $total_members;
Chris@76: 		elseif (in_array($activation_type, array(3, 4, 5)))
Chris@76: 			$context['awaiting_approval'] += $total_members;
Chris@76: 	}
Chris@76: 
Chris@76: 	// For the page header... do we show activation?
Chris@76: 	$context['show_activate'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) || !empty($context['awaiting_activation']);
Chris@76: 
Chris@76: 	// What about approval?
Chris@76: 	$context['show_approve'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($context['awaiting_approval']) || !empty($modSettings['approveAccountDeletion']);
Chris@76: 
Chris@76: 	// Setup the admin tabs.
Chris@76: 	$context[$context['admin_menu_name']]['tab_data'] = array(
Chris@76: 		'title' => $txt['admin_members'],
Chris@76: 		'help' => 'view_members',
Chris@76: 		'description' => $txt['admin_members_list'],
Chris@76: 		'tabs' => array(),
Chris@76: 	);
Chris@76: 
Chris@76: 	$context['tabs'] = array(
Chris@76: 		'viewmembers' => array(
Chris@76: 			'label' => $txt['view_all_members'],
Chris@76: 			'description' => $txt['admin_members_list'],
Chris@76: 			'url' => $scripturl . '?action=admin;area=viewmembers;sa=all',
Chris@76: 			'is_selected' => $_REQUEST['sa'] == 'all',
Chris@76: 		),
Chris@76: 		'search' => array(
Chris@76: 			'label' => $txt['mlist_search'],
Chris@76: 			'description' => $txt['admin_members_list'],
Chris@76: 			'url' => $scripturl . '?action=admin;area=viewmembers;sa=search',
Chris@76: 			'is_selected' => $_REQUEST['sa'] == 'search' || $_REQUEST['sa'] == 'query',
Chris@76: 		),
Chris@76: 		'approve' => array(
Chris@76: 			'label' => sprintf($txt['admin_browse_awaiting_approval'], $context['awaiting_approval']),
Chris@76: 			'description' => $txt['admin_browse_approve_desc'],
Chris@76: 			'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve',
Chris@76: 			'is_selected' => false,
Chris@76: 		),
Chris@76: 		'activate' => array(
Chris@76: 			'label' => sprintf($txt['admin_browse_awaiting_activate'], $context['awaiting_activation']),
Chris@76: 			'description' => $txt['admin_browse_activate_desc'],
Chris@76: 			'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=activate',
Chris@76: 			'is_selected' => false,
Chris@76: 			'is_last' => true,
Chris@76: 		),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Sort out the tabs for the ones which may not exist!
Chris@76: 	if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
Chris@76: 	{
Chris@76: 		$context['tabs']['approve']['is_last'] = true;
Chris@76: 		unset($context['tabs']['activate']);
Chris@76: 	}
Chris@76: 	if (!$context['show_approve'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'approve'))
Chris@76: 	{
Chris@76: 		if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
Chris@76: 			$context['tabs']['search']['is_last'] = true;
Chris@76: 		unset($context['tabs']['approve']);
Chris@76: 	}
Chris@76: 
Chris@76: 	$subActions[$_REQUEST['sa']][0]();
Chris@76: }
Chris@76: 
Chris@76: // View all members.
Chris@76: function ViewMemberlist()
Chris@76: {
Chris@76: 	global $txt, $scripturl, $context, $modSettings, $sourcedir, $smcFunc, $user_info;
Chris@76: 
Chris@76: 	// Set the current sub action.
Chris@76: 	$context['sub_action'] = $_REQUEST['sa'];
Chris@76: 
Chris@76: 	// Are we performing a delete?
Chris@76: 	if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
Chris@76: 	{
Chris@76: 		checkSession();
Chris@76: 
Chris@76: 		// Clean the input.
Chris@76: 		foreach ($_POST['delete'] as $key => $value)
Chris@76: 		{
Chris@76: 			$_POST['delete'][$key] = (int) $value;
Chris@76: 			// Don't delete yourself, idiot.
Chris@76: 			if ($value == $user_info['id'])
Chris@76: 				unset($_POST['delete'][$key]);
Chris@76: 		}
Chris@76: 
Chris@76: 		if (!empty($_POST['delete']))
Chris@76: 		{
Chris@76: 			// Delete all the selected members.
Chris@76: 			require_once($sourcedir . '/Subs-Members.php');
Chris@76: 			deleteMembers($_POST['delete'], true);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
Chris@76: 		$_POST += @unserialize(base64_decode($_REQUEST['params']));
Chris@76: 
Chris@76: 	// Check input after a member search has been submitted.
Chris@76: 	if ($context['sub_action'] == 'query')
Chris@76: 	{
Chris@76: 		// Retrieving the membergroups and postgroups.
Chris@76: 		$context['membergroups'] = array(
Chris@76: 			array(
Chris@76: 				'id' => 0,
Chris@76: 				'name' => $txt['membergroups_members'],
Chris@76: 				'can_be_additional' => false
Chris@76: 			)
Chris@76: 		);
Chris@76: 		$context['postgroups'] = array();
Chris@76: 
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_group, group_name, min_posts
Chris@76: 			FROM {db_prefix}membergroups
Chris@76: 			WHERE id_group != {int:moderator_group}
Chris@76: 			ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
Chris@76: 			array(
Chris@76: 				'moderator_group' => 3,
Chris@76: 				'newbie_group' => 4,
Chris@76: 			)
Chris@76: 		);
Chris@76: 		while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 		{
Chris@76: 			if ($row['min_posts'] == -1)
Chris@76: 				$context['membergroups'][] = array(
Chris@76: 					'id' => $row['id_group'],
Chris@76: 					'name' => $row['group_name'],
Chris@76: 					'can_be_additional' => true
Chris@76: 				);
Chris@76: 			else
Chris@76: 				$context['postgroups'][] = array(
Chris@76: 					'id' => $row['id_group'],
Chris@76: 					'name' => $row['group_name']
Chris@76: 				);
Chris@76: 		}
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 		// Some data about the form fields and how they are linked to the database.
Chris@76: 		$params = array(
Chris@76: 			'mem_id' => array(
Chris@76: 				'db_fields' => array('id_member'),
Chris@76: 				'type' => 'int',
Chris@76: 				'range' => true
Chris@76: 			),
Chris@76: 			'age' => array(
Chris@76: 				'db_fields' => array('birthdate'),
Chris@76: 				'type' => 'age',
Chris@76: 				'range' => true
Chris@76: 			),
Chris@76: 			'posts' => array(
Chris@76: 				'db_fields' => array('posts'),
Chris@76: 				'type' => 'int',
Chris@76: 				'range' => true
Chris@76: 			),
Chris@76: 			'reg_date' => array(
Chris@76: 				'db_fields' => array('date_registered'),
Chris@76: 				'type' => 'date',
Chris@76: 				'range' => true
Chris@76: 			),
Chris@76: 			'last_online' => array(
Chris@76: 				'db_fields' => array('last_login'),
Chris@76: 				'type' => 'date',
Chris@76: 				'range' => true
Chris@76: 			),
Chris@76: 			'gender' => array(
Chris@76: 				'db_fields' => array('gender'),
Chris@76: 				'type' => 'checkbox',
Chris@76: 				'values' => array('0', '1', '2'),
Chris@76: 			),
Chris@76: 			'activated' => array(
Chris@76: 				'db_fields' => array('CASE WHEN is_activated IN (1, 11) THEN 1 ELSE 0 END'),
Chris@76: 				'type' => 'checkbox',
Chris@76: 				'values' => array('0', '1'),
Chris@76: 			),
Chris@76: 			'membername' => array(
Chris@76: 				'db_fields' => array('member_name', 'real_name'),
Chris@76: 				'type' => 'string'
Chris@76: 			),
Chris@76: 			'email' => array(
Chris@76: 				'db_fields' => array('email_address'),
Chris@76: 				'type' => 'string'
Chris@76: 			),
Chris@76: 			'website' => array(
Chris@76: 				'db_fields' => array('website_title', 'website_url'),
Chris@76: 				'type' => 'string'
Chris@76: 			),
Chris@76: 			'location' => array(
Chris@76: 				'db_fields' => array('location'),
Chris@76: 				'type' => 'string'
Chris@76: 			),
Chris@76: 			'ip' => array(
Chris@76: 				'db_fields' => array('member_ip'),
Chris@76: 				'type' => 'string'
Chris@76: 			),
Chris@76: 			'messenger' => array(
Chris@76: 				'db_fields' => array('icq', 'aim', 'yim', 'msn'),
Chris@76: 				'type' => 'string'
Chris@76: 			)
Chris@76: 		);
Chris@76: 		$range_trans = array(
Chris@76: 			'--' => '<',
Chris@76: 			'-' => '<=',
Chris@76: 			'=' => '=',
Chris@76: 			'+' => '>=',
Chris@76: 			'++' => '>'
Chris@76: 		);
Chris@76: 
Chris@76: 		// !!! Validate a little more.
Chris@76: 
Chris@76: 		// Loop through every field of the form.
Chris@76: 		$query_parts = array();
Chris@76: 		$where_params = array();
Chris@76: 		foreach ($params as $param_name => $param_info)
Chris@76: 		{
Chris@76: 			// Not filled in?
Chris@76: 			if (!isset($_POST[$param_name]) || $_POST[$param_name] === '')
Chris@76: 				continue;
Chris@76: 
Chris@76: 			// Make sure numeric values are really numeric.
Chris@76: 			if (in_array($param_info['type'], array('int', 'age')))
Chris@76: 				$_POST[$param_name] = (int) $_POST[$param_name];
Chris@76: 			// Date values have to match the specified format.
Chris@76: 			elseif ($param_info['type'] == 'date')
Chris@76: 			{
Chris@76: 				// Check if this date format is valid.
Chris@76: 				if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $_POST[$param_name]) == 0)
Chris@76: 					continue;
Chris@76: 
Chris@76: 				$_POST[$param_name] = strtotime($_POST[$param_name]);
Chris@76: 			}
Chris@76: 
Chris@76: 			// Those values that are in some kind of range (<, <=, =, >=, >).
Chris@76: 			if (!empty($param_info['range']))
Chris@76: 			{
Chris@76: 				// Default to '=', just in case...
Chris@76: 				if (empty($range_trans[$_POST['types'][$param_name]]))
Chris@76: 					$_POST['types'][$param_name] = '=';
Chris@76: 
Chris@76: 				// Handle special case 'age'.
Chris@76: 				if ($param_info['type'] == 'age')
Chris@76: 				{
Chris@76: 					// All people that were born between $lowerlimit and $upperlimit are currently the specified age.
Chris@76: 					$datearray = getdate(forum_time());
Chris@76: 					$upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name], $datearray['mon'], $datearray['mday']);
Chris@76: 					$lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name] - 1, $datearray['mon'], $datearray['mday']);
Chris@76: 					if (in_array($_POST['types'][$param_name], array('-', '--', '=')))
Chris@76: 					{
Chris@76: 						$query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
Chris@76: 						$where_params[$param_name . '_minlimit'] = ($_POST['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
Chris@76: 					}
Chris@76: 					if (in_array($_POST['types'][$param_name], array('+', '++', '=')))
Chris@76: 					{
Chris@76: 						$query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
Chris@76: 						$where_params[$param_name . '_pluslimit'] = ($_POST['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
Chris@76: 
Chris@76: 						// Make sure that members that didn't set their birth year are not queried.
Chris@76: 						$query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
Chris@76: 						$where_params['dec_zero_date'] = '0004-12-31';
Chris@76: 					}
Chris@76: 				}
Chris@76: 				// Special case - equals a date.
Chris@76: 				elseif ($param_info['type'] == 'date' && $_POST['types'][$param_name] == '=')
Chris@76: 				{
Chris@76: 					$query_parts[] = $param_info['db_fields'][0] . ' > ' . $_POST[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($_POST[$param_name] + 86400);
Chris@76: 				}
Chris@76: 				else
Chris@76: 					$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$_POST['types'][$param_name]] . ' ' . $_POST[$param_name];
Chris@76: 			}
Chris@76: 			// Checkboxes.
Chris@76: 			elseif ($param_info['type'] == 'checkbox')
Chris@76: 			{
Chris@76: 				// Each checkbox or no checkbox at all is checked -> ignore.
Chris@76: 				if (!is_array($_POST[$param_name]) || count($_POST[$param_name]) == 0 || count($_POST[$param_name]) == count($param_info['values']))
Chris@76: 					continue;
Chris@76: 
Chris@76: 				$query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
Chris@76: 				$where_params[$param_name . '_check'] = $_POST[$param_name];
Chris@76: 			}
Chris@76: 			else
Chris@76: 			{
Chris@76: 				// Replace the wildcard characters ('*' and '?') into MySQL ones.
Chris@76: 				$parameter = strtolower(strtr($smcFunc['htmlspecialchars']($_POST[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
Chris@76: 
Chris@76: 				$query_parts[] = '(' . implode( ' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
Chris@76: 				$where_params[$param_name . '_normal'] = '%' . $parameter . '%';
Chris@76: 			}
Chris@76: 		}
Chris@76: 
Chris@76: 		// Set up the membergroup query part.
Chris@76: 		$mg_query_parts = array();
Chris@76: 
Chris@76: 		// Primary membergroups, but only if at least was was not selected.
Chris@76: 		if (!empty($_POST['membergroups'][1]) && count($context['membergroups']) != count($_POST['membergroups'][1]))
Chris@76: 		{
Chris@76: 			$mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
Chris@76: 			$where_params['group_check'] = $_POST['membergroups'][1];
Chris@76: 		}
Chris@76: 
Chris@76: 		// Additional membergroups (these are only relevant if not all primary groups where selected!).
Chris@76: 		if (!empty($_POST['membergroups'][2]) && (empty($_POST['membergroups'][1]) || count($context['membergroups']) != count($_POST['membergroups'][1])))
Chris@76: 			foreach ($_POST['membergroups'][2] as $mg)
Chris@76: 			{
Chris@76: 				$mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
Chris@76: 				$where_params['add_group_' . $mg] = $mg;
Chris@76: 			}
Chris@76: 
Chris@76: 		// Combine the one or two membergroup parts into one query part linked with an OR.
Chris@76: 		if (!empty($mg_query_parts))
Chris@76: 			$query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
Chris@76: 
Chris@76: 		// Get all selected post count related membergroups.
Chris@76: 		if (!empty($_POST['postgroups']) && count($_POST['postgroups']) != count($context['postgroups']))
Chris@76: 		{
Chris@76: 			$query_parts[] = 'id_post_group IN ({array_int:post_groups})';
Chris@76: 			$where_params['post_groups'] = $_POST['postgroups'];
Chris@76: 		}
Chris@76: 
Chris@76: 		// Construct the where part of the query.
Chris@76: 		$where = empty($query_parts) ? '1' : implode('
Chris@76: 			AND ', $query_parts);
Chris@76: 
Chris@76: 		$search_params = base64_encode(serialize($_POST));
Chris@76: 	}
Chris@76: 	else
Chris@76: 		$search_params = null;
Chris@76: 
Chris@76: 	// Construct the additional URL part with the query info in it.
Chris@76: 	$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';
Chris@76: 
Chris@76: 	// Get the title and sub template ready..
Chris@76: 	$context['page_title'] = $txt['admin_members'];
Chris@76: 
Chris@76: 	$listOptions = array(
Chris@76: 		'id' => 'member_list',
Chris@76: 		'items_per_page' => $modSettings['defaultMaxMembers'],
Chris@76: 		'base_href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
Chris@76: 		'default_sort_col' => 'user_name',
Chris@76: 		'get_items' => array(
Chris@76: 			'file' => $sourcedir . '/Subs-Members.php',
Chris@76: 			'function' => 'list_getMembers',
Chris@76: 			'params' => array(
Chris@76: 				isset($where) ? $where : '1=1',
Chris@76: 				isset($where_params) ? $where_params : array(),
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'get_count' => array(
Chris@76: 			'file' => $sourcedir . '/Subs-Members.php',
Chris@76: 			'function' => 'list_getNumMembers',
Chris@76: 			'params' => array(
Chris@76: 				isset($where) ? $where : '1=1',
Chris@76: 				isset($where_params) ? $where_params : array(),
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'columns' => array(
Chris@76: 			'id_member' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['member_id'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'db' => 'id_member',
Chris@76: 					'class' => 'windowbg',
Chris@76: 					'style' => 'text-align: center;',
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'id_member',
Chris@76: 					'reverse' => 'id_member DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'user_name' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['username'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'id_member' => false,
Chris@76: 							'member_name' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'member_name',
Chris@76: 					'reverse' => 'member_name DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'display_name' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['display_name'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'id_member' => false,
Chris@76: 							'real_name' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'real_name',
Chris@76: 					'reverse' => 'real_name DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'email' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['email_address'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="mailto:%1$s">%1$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'email_address' => true,
Chris@76: 						),
Chris@76: 					),
Chris@76: 					'class' => 'windowbg',
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'email_address',
Chris@76: 					'reverse' => 'email_address DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'ip' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['ip_address'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'member_ip' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'INET_ATON(member_ip)',
Chris@76: 					'reverse' => 'INET_ATON(member_ip) DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'last_active' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['viewmembers_online'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'function' => create_function('$rowData', '
Chris@76: 						global $txt;
Chris@76: 
Chris@76: 						// Calculate number of days since last online.
Chris@76: 						if (empty($rowData[\'last_login\']))
Chris@76: 							$difference = $txt[\'never\'];
Chris@76: 						else
Chris@76: 						{
Chris@76: 							$num_days_difference = jeffsdatediff($rowData[\'last_login\']);
Chris@76: 
Chris@76: 							// Today.
Chris@76: 							if (empty($num_days_difference))
Chris@76: 								$difference = $txt[\'viewmembers_today\'];
Chris@76: 
Chris@76: 							// Yesterday.
Chris@76: 							elseif ($num_days_difference == 1)
Chris@76: 								$difference = sprintf(\'1 %1$s\', $txt[\'viewmembers_day_ago\']);
Chris@76: 
Chris@76: 							// X days ago.
Chris@76: 							else
Chris@76: 								$difference = sprintf(\'%1$d %2$s\', $num_days_difference, $txt[\'viewmembers_days_ago\']);
Chris@76: 						}
Chris@76: 
Chris@76: 						// Show it in italics if they\'re not activated...
Chris@76: 						if ($rowData[\'is_activated\'] % 10 != 1)
Chris@76: 							$difference = sprintf(\'<em title="%1$s">%2$s</em>\', $txt[\'not_activated\'], $difference);
Chris@76: 
Chris@76: 						return $difference;
Chris@76: 					'),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'last_login DESC',
Chris@76: 					'reverse' => 'last_login',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'posts' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['member_postcount'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'db' => 'posts',
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'posts',
Chris@76: 					'reverse' => 'posts DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'check' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'function' => create_function('$rowData', '
Chris@76: 						global $user_info;
Chris@76: 
Chris@76: 						return \'<input type="checkbox" name="delete[]" value="\' . $rowData[\'id_member\'] . \'" class="input_check" \' . ($rowData[\'id_member\'] == $user_info[\'id\'] || $rowData[\'id_group\'] == 1 || in_array(1, explode(\',\', $rowData[\'additional_groups\'])) ? \'disabled="disabled"\' : \'\') . \' />\';
Chris@76: 					'),
Chris@76: 					'class' => 'windowbg',
Chris@76: 					'style' => 'text-align: center',
Chris@76: 				),
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'form' => array(
Chris@76: 			'href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
Chris@76: 			'include_start' => true,
Chris@76: 			'include_sort' => true,
Chris@76: 		),
Chris@76: 		'additional_rows' => array(
Chris@76: 			array(
Chris@76: 				'position' => 'below_table_data',
Chris@76: 				'value' => '<input type="submit" name="delete_members" value="' . $txt['admin_delete_members'] . '" onclick="return confirm(\'' . $txt['confirm_delete_members'] . '\');" class="button_submit" />',
Chris@76: 				'style' => 'text-align: right;',
Chris@76: 			),
Chris@76: 		),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Without not enough permissions, don't show 'delete members' checkboxes.
Chris@76: 	if (!allowedTo('profile_remove_any'))
Chris@76: 		unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
Chris@76: 
Chris@76: 	require_once($sourcedir . '/Subs-List.php');
Chris@76: 	createList($listOptions);
Chris@76: 
Chris@76: 	$context['sub_template'] = 'show_list';
Chris@76: 	$context['default_list'] = 'member_list';
Chris@76: }
Chris@76: 
Chris@76: // Search the member list, using one or more criteria.
Chris@76: function SearchMembers()
Chris@76: {
Chris@76: 	global $context, $txt, $smcFunc;
Chris@76: 
Chris@76: 	// Get a list of all the membergroups and postgroups that can be selected.
Chris@76: 	$context['membergroups'] = array(
Chris@76: 		array(
Chris@76: 			'id' => 0,
Chris@76: 			'name' => $txt['membergroups_members'],
Chris@76: 			'can_be_additional' => false
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$context['postgroups'] = array();
Chris@76: 
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_group, group_name, min_posts
Chris@76: 		FROM {db_prefix}membergroups
Chris@76: 		WHERE id_group != {int:moderator_group}
Chris@76: 		ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
Chris@76: 		array(
Chris@76: 			'moderator_group' => 3,
Chris@76: 			'newbie_group' => 4,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		if ($row['min_posts'] == -1)
Chris@76: 			$context['membergroups'][] = array(
Chris@76: 				'id' => $row['id_group'],
Chris@76: 				'name' => $row['group_name'],
Chris@76: 				'can_be_additional' => true
Chris@76: 			);
Chris@76: 		else
Chris@76: 			$context['postgroups'][] = array(
Chris@76: 				'id' => $row['id_group'],
Chris@76: 				'name' => $row['group_name']
Chris@76: 			);
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	$context['page_title'] = $txt['admin_members'];
Chris@76: 	$context['sub_template'] = 'search_members';
Chris@76: }
Chris@76: 
Chris@76: // List all members who are awaiting approval / activation
Chris@76: function MembersAwaitingActivation()
Chris@76: {
Chris@76: 	global $txt, $context, $scripturl, $modSettings, $smcFunc;
Chris@76: 	global $sourcedir;
Chris@76: 
Chris@76: 	// Not a lot here!
Chris@76: 	$context['page_title'] = $txt['admin_members'];
Chris@76: 	$context['sub_template'] = 'admin_browse';
Chris@76: 	$context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
Chris@76: 	if (isset($context['tabs'][$context['browse_type']]))
Chris@76: 		$context['tabs'][$context['browse_type']]['is_selected'] = true;
Chris@76: 
Chris@76: 	// Allowed filters are those we can have, in theory.
Chris@76: 	$context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
Chris@76: 	$context['current_filter'] = isset($_REQUEST['filter']) && in_array($_REQUEST['filter'], $context['allowed_filters']) && !empty($context['activation_numbers'][$_REQUEST['filter']]) ? (int) $_REQUEST['filter'] : -1;
Chris@76: 
Chris@76: 	// Sort out the different sub areas that we can actually filter by.
Chris@76: 	$context['available_filters'] = array();
Chris@76: 	foreach ($context['activation_numbers'] as $type => $amount)
Chris@76: 	{
Chris@76: 		// We have some of these...
Chris@76: 		if (in_array($type, $context['allowed_filters']) && $amount > 0)
Chris@76: 			$context['available_filters'][] = array(
Chris@76: 				'type' => $type,
Chris@76: 				'amount' => $amount,
Chris@76: 				'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
Chris@76: 				'selected' => $type == $context['current_filter']
Chris@76: 			);
Chris@76: 	}
Chris@76: 
Chris@76: 	// If the filter was not sent, set it to whatever has people in it!
Chris@76: 	if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
Chris@76: 		$context['current_filter'] = $context['available_filters'][0]['type'];
Chris@76: 
Chris@76: 	// This little variable is used to determine if we should flag where we are looking.
Chris@76: 	$context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;
Chris@76: 
Chris@76: 	// The columns that can be sorted.
Chris@76: 	$context['columns'] = array(
Chris@76: 		'id_member' => array('label' => $txt['admin_browse_id']),
Chris@76: 		'member_name' => array('label' => $txt['admin_browse_username']),
Chris@76: 		'email_address' => array('label' => $txt['admin_browse_email']),
Chris@76: 		'member_ip' => array('label' => $txt['admin_browse_ip']),
Chris@76: 		'date_registered' => array('label' => $txt['admin_browse_registered']),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Are we showing duplicate information?
Chris@76: 	if (isset($_GET['showdupes']))
Chris@76: 		$_SESSION['showdupes'] = (int) $_GET['showdupes'];
Chris@76: 	$context['show_duplicates'] = !empty($_SESSION['showdupes']);
Chris@76: 
Chris@76: 	// Determine which actions we should allow on this page.
Chris@76: 	if ($context['browse_type'] == 'approve')
Chris@76: 	{
Chris@76: 		// If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
Chris@76: 		if ($context['current_filter'] == 4)
Chris@76: 			$context['allowed_actions'] = array(
Chris@76: 				'reject' => $txt['admin_browse_w_approve_deletion'],
Chris@76: 				'ok' => $txt['admin_browse_w_reject'],
Chris@76: 			);
Chris@76: 		else
Chris@76: 			$context['allowed_actions'] = array(
Chris@76: 				'ok' => $txt['admin_browse_w_approve'],
Chris@76: 				'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
Chris@76: 				'require_activation' => $txt['admin_browse_w_approve_require_activate'],
Chris@76: 				'reject' => $txt['admin_browse_w_reject'],
Chris@76: 				'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
Chris@76: 			);
Chris@76: 	}
Chris@76: 	elseif ($context['browse_type'] == 'activate')
Chris@76: 		$context['allowed_actions'] = array(
Chris@76: 			'ok' => $txt['admin_browse_w_activate'],
Chris@76: 			'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
Chris@76: 			'delete' => $txt['admin_browse_w_delete'],
Chris@76: 			'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
Chris@76: 			'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
Chris@76: 		);
Chris@76: 
Chris@76: 	// Create an option list for actions allowed to be done with selected members.
Chris@76: 	$allowed_actions = '
Chris@76: 			<option selected="selected" value="">' . $txt['admin_browse_with_selected'] . ':</option>
Chris@76: 			<option value="" disabled="disabled">-----------------------------</option>';
Chris@76: 	foreach ($context['allowed_actions'] as $key => $desc)
Chris@76: 		$allowed_actions .= '
Chris@76: 			<option value="' . $key . '">' . $desc . '</option>';
Chris@76: 
Chris@76: 	// Setup the Javascript function for selecting an action for the list.
Chris@76: 	$javascript = '
Chris@76: 		function onSelectChange()
Chris@76: 		{
Chris@76: 			if (document.forms.postForm.todo.value == "")
Chris@76: 				return;
Chris@76: 
Chris@76: 			var message = "";';
Chris@76: 
Chris@76: 	// We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
Chris@76: 	if ($context['current_filter'] == 4)
Chris@76: 		$javascript .= '
Chris@76: 			if (document.forms.postForm.todo.value.indexOf("reject") != -1)
Chris@76: 				message = "' . $txt['admin_browse_w_delete'] . '";
Chris@76: 			else
Chris@76: 				message = "' . $txt['admin_browse_w_reject'] . '";';
Chris@76: 	// Otherwise a nice standard message.
Chris@76: 	else
Chris@76: 		$javascript .= '
Chris@76: 			if (document.forms.postForm.todo.value.indexOf("delete") != -1)
Chris@76: 				message = "' . $txt['admin_browse_w_delete'] . '";
Chris@76: 			else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
Chris@76: 				message = "' . $txt['admin_browse_w_reject'] . '";
Chris@76: 			else if (document.forms.postForm.todo.value == "remind")
Chris@76: 				message = "' . $txt['admin_browse_w_remind'] . '";
Chris@76: 			else
Chris@76: 				message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
Chris@76: 	$javascript .= '
Chris@76: 			if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
Chris@76: 				document.forms.postForm.submit();
Chris@76: 		}';
Chris@76: 
Chris@76: 	$listOptions = array(
Chris@76: 		'id' => 'approve_list',
Chris@76: 		'items_per_page' => $modSettings['defaultMaxMembers'],
Chris@76: 		'base_href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : ''),
Chris@76: 		'default_sort_col' => 'date_registered',
Chris@76: 		'get_items' => array(
Chris@76: 			'file' => $sourcedir . '/Subs-Members.php',
Chris@76: 			'function' => 'list_getMembers',
Chris@76: 			'params' => array(
Chris@76: 				'is_activated = {int:activated_status}',
Chris@76: 				array('activated_status' => $context['current_filter']),
Chris@76: 				$context['show_duplicates'],
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'get_count' => array(
Chris@76: 			'file' => $sourcedir . '/Subs-Members.php',
Chris@76: 			'function' => 'list_getNumMembers',
Chris@76: 			'params' => array(
Chris@76: 				'is_activated = {int:activated_status}',
Chris@76: 				array('activated_status' => $context['current_filter']),
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'columns' => array(
Chris@76: 			'id_member' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['member_id'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'db' => 'id_member',
Chris@76: 					'class' => 'windowbg',
Chris@76: 					'style' => 'text-align: center;',
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'id_member',
Chris@76: 					'reverse' => 'id_member DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'user_name' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['username'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'id_member' => false,
Chris@76: 							'member_name' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'member_name',
Chris@76: 					'reverse' => 'member_name DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'email' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['email_address'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="mailto:%1$s">%1$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'email_address' => true,
Chris@76: 						),
Chris@76: 					),
Chris@76: 					'class' => 'windowbg',
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'email_address',
Chris@76: 					'reverse' => 'email_address DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'ip' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['ip_address'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
Chris@76: 						'params' => array(
Chris@76: 							'member_ip' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'INET_ATON(member_ip)',
Chris@76: 					'reverse' => 'INET_ATON(member_ip) DESC',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'hostname' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['hostname'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'function' => create_function('$rowData', '
Chris@76: 						global $modSettings;
Chris@76: 
Chris@76: 						return host_from_ip($rowData[\'member_ip\']);
Chris@76: 					'),
Chris@76: 					'class' => 'smalltext',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'date_registered' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['date_registered'],
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'function' => create_function('$rowData', '
Chris@76: 						return timeformat($rowData[\'date_registered\']);
Chris@76: 					'),
Chris@76: 				),
Chris@76: 				'sort' => array(
Chris@76: 					'default' => 'date_registered DESC',
Chris@76: 					'reverse' => 'date_registered',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'duplicates' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => $txt['duplicates'],
Chris@76: 					// Make sure it doesn't go too wide.
Chris@76: 					'style' => 'width: 20%',
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'function' => create_function('$rowData', '
Chris@76: 						global $scripturl, $txt;
Chris@76: 
Chris@76: 						$member_links = array();
Chris@76: 						foreach ($rowData[\'duplicate_members\'] as $member)
Chris@76: 						{
Chris@76: 							if ($member[\'id\'])
Chris@76: 								$member_links[] = \'<a href="\' . $scripturl . \'?action=profile;u=\' . $member[\'id\'] . \'" \' . (!empty($member[\'is_banned\']) ? \'style="color: red;"\' : \'\') . \'>\' . $member[\'name\'] . \'</a>\';
Chris@76: 							else
Chris@76: 								$member_links[] = $member[\'name\'] . \' (\' . $txt[\'guest\'] . \')\';
Chris@76: 						}
Chris@76: 						return implode (\', \', $member_links);
Chris@76: 					'),
Chris@76: 					'class' => 'smalltext',
Chris@76: 				),
Chris@76: 			),
Chris@76: 			'check' => array(
Chris@76: 				'header' => array(
Chris@76: 					'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
Chris@76: 				),
Chris@76: 				'data' => array(
Chris@76: 					'sprintf' => array(
Chris@76: 						'format' => '<input type="checkbox" name="todoAction[]" value="%1$d" class="input_check" />',
Chris@76: 						'params' => array(
Chris@76: 							'id_member' => false,
Chris@76: 						),
Chris@76: 					),
Chris@76: 					'class' => 'windowbg',
Chris@76: 					'style' => 'text-align: center',
Chris@76: 				),
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'javascript' => $javascript,
Chris@76: 		'form' => array(
Chris@76: 			'href' => $scripturl . '?action=admin;area=viewmembers;sa=approve;type=' . $context['browse_type'],
Chris@76: 			'name' => 'postForm',
Chris@76: 			'include_start' => true,
Chris@76: 			'include_sort' => true,
Chris@76: 			'hidden_fields' => array(
Chris@76: 				'orig_filter' => $context['current_filter'],
Chris@76: 			),
Chris@76: 		),
Chris@76: 		'additional_rows' => array(
Chris@76: 			array(
Chris@76: 				'position' => 'below_table_data',
Chris@76: 				'value' => '
Chris@76: 					<div class="floatleft">
Chris@76: 						[<a href="' . $scripturl . '?action=admin;area=viewmembers;sa=browse;showdupes=' . ($context['show_duplicates'] ? 0 : 1) . ';type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'] . '">' . ($context['show_duplicates'] ? $txt['dont_check_for_duplicate'] : $txt['check_for_duplicate']) . '</a>]
Chris@76: 					</div>
Chris@76: 					<div class="floatright">
Chris@76: 						<select name="todo" onchange="onSelectChange();">
Chris@76: 							' . $allowed_actions . '
Chris@76: 						</select>
Chris@76: 						<noscript><input type="submit" value="' . $txt['go'] . '" class="button_submit" /></noscript>
Chris@76: 					</div>',
Chris@76: 			),
Chris@76: 		),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Pick what column to actually include if we're showing duplicates.
Chris@76: 	if ($context['show_duplicates'])
Chris@76: 		unset($listOptions['columns']['email']);
Chris@76: 	else
Chris@76: 		unset($listOptions['columns']['duplicates']);
Chris@76: 
Chris@76: 	// Only show hostname on duplicates as it takes a lot of time.
Chris@76: 	if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
Chris@76: 		unset($listOptions['columns']['hostname']);
Chris@76: 
Chris@76: 	// Is there any need to show filters?
Chris@76: 	if (isset($context['available_filters']) && count($context['available_filters']) > 1)
Chris@76: 	{
Chris@76: 		$filterOptions = '
Chris@76: 			<strong>' . $txt['admin_browse_filter_by'] . ':</strong>
Chris@76: 			<select name="filter" onchange="this.form.submit();">';
Chris@76: 		foreach ($context['available_filters'] as $filter)
Chris@76: 			$filterOptions .= '
Chris@76: 				<option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected="selected"' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
Chris@76: 		$filterOptions .= '
Chris@76: 			</select>
Chris@76: 			<noscript><input type="submit" value="' . $txt['go'] . '" name="filter" class="button_submit" /></noscript>';
Chris@76: 		$listOptions['additional_rows'][] = array(
Chris@76: 			'position' => 'above_column_headers',
Chris@76: 			'value' => $filterOptions,
Chris@76: 			'style' => 'text-align: center;',
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	// What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
Chris@76: 	if (!empty($context['show_filter']) && !empty($context['available_filters']))
Chris@76: 		$listOptions['additional_rows'][] = array(
Chris@76: 			'position' => 'above_column_headers',
Chris@76: 			'value' => '<strong>' . $txt['admin_browse_filter_show'] . ':</strong> ' . $context['available_filters'][0]['desc'],
Chris@76: 			'class' => 'smalltext',
Chris@76: 			'style' => 'text-align: left;',
Chris@76: 		);
Chris@76: 
Chris@76: 	// Now that we have all the options, create the list.
Chris@76: 	require_once($sourcedir . '/Subs-List.php');
Chris@76: 	createList($listOptions);
Chris@76: }
Chris@76: 
Chris@76: // Do the approve/activate/delete stuff
Chris@76: function AdminApprove()
Chris@76: {
Chris@76: 	global $txt, $context, $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;
Chris@76: 
Chris@76: 	// First, check our session.
Chris@76: 	checkSession();
Chris@76: 
Chris@76: 	require_once($sourcedir . '/Subs-Post.php');
Chris@76: 
Chris@76: 	// We also need to the login languages here - for emails.
Chris@76: 	loadLanguage('Login');
Chris@76: 
Chris@76: 	// Sort out where we are going...
Chris@76: 	$browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
Chris@76: 	$current_filter = (int) $_REQUEST['orig_filter'];
Chris@76: 
Chris@76: 	// If we are applying a filter do just that - then redirect.
Chris@76: 	if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
Chris@76: 		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
Chris@76: 
Chris@76: 	// Nothing to do?
Chris@76: 	if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
Chris@76: 		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
Chris@76: 
Chris@76: 	// Are we dealing with members who have been waiting for > set amount of time?
Chris@76: 	if (isset($_POST['time_passed']))
Chris@76: 	{
Chris@76: 		$timeBefore = time() - 86400 * (int) $_POST['time_passed'];
Chris@76: 		$condition = '
Chris@76: 			AND date_registered < {int:time_before}';
Chris@76: 	}
Chris@76: 	// Coming from checkboxes - validate the members passed through to us.
Chris@76: 	else
Chris@76: 	{
Chris@76: 		$members = array();
Chris@76: 		foreach ($_POST['todoAction'] as $id)
Chris@76: 			$members[] = (int) $id;
Chris@76: 		$condition = '
Chris@76: 			AND id_member IN ({array_int:members})';
Chris@76: 	}
Chris@76: 
Chris@76: 	// Get information on each of the members, things that are important to us, like email address...
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
Chris@76: 		FROM {db_prefix}members
Chris@76: 		WHERE is_activated = {int:activated_status}' . $condition . '
Chris@76: 		ORDER BY lngfile',
Chris@76: 		array(
Chris@76: 			'activated_status' => $current_filter,
Chris@76: 			'time_before' => empty($timeBefore) ? 0 : $timeBefore,
Chris@76: 			'members' => empty($members) ? array() : $members,
Chris@76: 		)
Chris@76: 	);
Chris@76: 
Chris@76: 	$member_count = $smcFunc['db_num_rows']($request);
Chris@76: 
Chris@76: 	// If no results then just return!
Chris@76: 	if ($member_count == 0)
Chris@76: 		redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
Chris@76: 
Chris@76: 	$member_info = array();
Chris@76: 	$members = array();
Chris@76: 	// Fill the info array.
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		$members[] = $row['id_member'];
Chris@76: 		$member_info[] = array(
Chris@76: 			'id' => $row['id_member'],
Chris@76: 			'username' => $row['member_name'],
Chris@76: 			'name' => $row['real_name'],
Chris@76: 			'email' => $row['email_address'],
Chris@76: 			'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'],
Chris@76: 			'code' => $row['validation_code']
Chris@76: 		);
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	// Are we activating or approving the members?
Chris@76: 	if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail')
Chris@76: 	{
Chris@76: 		// Approve/activate this member.
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}members
Chris@76: 			SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
Chris@76: 			WHERE is_activated = {int:activated_status}' . $condition,
Chris@76: 			array(
Chris@76: 				'is_activated' => 1,
Chris@76: 				'time_before' => empty($timeBefore) ? 0 : $timeBefore,
Chris@76: 				'members' => empty($members) ? array() : $members,
Chris@76: 				'activated_status' => $current_filter,
Chris@76: 				'blank_string' => '',
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		// Do we have to let the integration code know about the activations?
Chris@76: 		if (!empty($modSettings['integrate_activate']))
Chris@76: 		{
Chris@76: 			foreach ($member_info as $member)
Chris@76: 				call_integration_hook('integrate_activate', array($member['username']));
Chris@76: 		}
Chris@76: 
Chris@76: 		// Check for email.
Chris@76: 		if ($_POST['todo'] == 'okemail')
Chris@76: 		{
Chris@76: 			foreach ($member_info as $member)
Chris@76: 			{
Chris@76: 				$replacements = array(
Chris@76: 					'NAME' => $member['name'],
Chris@76: 					'USERNAME' => $member['username'],
Chris@76: 					'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'],
Chris@76: 					'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
Chris@76: 				);
Chris@76: 
Chris@76: 				$emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
Chris@76: 				sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 	// Maybe we're sending it off for activation?
Chris@76: 	elseif ($_POST['todo'] == 'require_activation')
Chris@76: 	{
Chris@76: 		require_once($sourcedir . '/Subs-Members.php');
Chris@76: 
Chris@76: 		// We have to do this for each member I'm afraid.
Chris@76: 		foreach ($member_info as $member)
Chris@76: 		{
Chris@76: 			// Generate a random activation code.
Chris@76: 			$validation_code = generateValidationCode();
Chris@76: 
Chris@76: 			// Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				UPDATE {db_prefix}members
Chris@76: 				SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
Chris@76: 				WHERE is_activated = {int:activated_status}
Chris@76: 					' . $condition . '
Chris@76: 					AND id_member = {int:selected_member}',
Chris@76: 				array(
Chris@76: 					'not_activated' => 0,
Chris@76: 					'activated_status' => $current_filter,
Chris@76: 					'selected_member' => $member['id'],
Chris@76: 					'validation_code' => $validation_code,
Chris@76: 					'time_before' => empty($timeBefore) ? 0 : $timeBefore,
Chris@76: 					'members' => empty($members) ? array() : $members,
Chris@76: 				)
Chris@76: 			);
Chris@76: 
Chris@76: 			$replacements = array(
Chris@76: 				'USERNAME' => $member['name'],
Chris@76: 				'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code,
Chris@76: 				'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
Chris@76: 				'ACTIVATIONCODE' => $validation_code,
Chris@76: 			);
Chris@76: 
Chris@76: 			$emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
Chris@76: 			sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
Chris@76: 		}
Chris@76: 	}
Chris@76: 	// Are we rejecting them?
Chris@76: 	elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail')
Chris@76: 	{
Chris@76: 		require_once($sourcedir . '/Subs-Members.php');
Chris@76: 		deleteMembers($members);
Chris@76: 
Chris@76: 		// Send email telling them they aren't welcome?
Chris@76: 		if ($_POST['todo'] == 'rejectemail')
Chris@76: 		{
Chris@76: 			foreach ($member_info as $member)
Chris@76: 			{
Chris@76: 				$replacements = array(
Chris@76: 					'USERNAME' => $member['name'],
Chris@76: 				);
Chris@76: 
Chris@76: 				$emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
Chris@76: 				sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 	// A simple delete?
Chris@76: 	elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail')
Chris@76: 	{
Chris@76: 		require_once($sourcedir . '/Subs-Members.php');
Chris@76: 		deleteMembers($members);
Chris@76: 
Chris@76: 		// Send email telling them they aren't welcome?
Chris@76: 		if ($_POST['todo'] == 'deleteemail')
Chris@76: 		{
Chris@76: 			foreach ($member_info as $member)
Chris@76: 			{
Chris@76: 				$replacements = array(
Chris@76: 					'USERNAME' => $member['name'],
Chris@76: 				);
Chris@76: 
Chris@76: 				$emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
Chris@76: 				sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 	// Remind them to activate their account?
Chris@76: 	elseif ($_POST['todo'] == 'remind')
Chris@76: 	{
Chris@76: 		foreach ($member_info as $member)
Chris@76: 		{
Chris@76: 			$replacements = array(
Chris@76: 				'USERNAME' => $member['name'],
Chris@76: 				'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'],
Chris@76: 				'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
Chris@76: 				'ACTIVATIONCODE' => $member['code'],
Chris@76: 			);
Chris@76: 
Chris@76: 			$emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
Chris@76: 			sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Back to the user's language!
Chris@76: 	if (isset($current_language) && $current_language != $user_info['language'])
Chris@76: 	{
Chris@76: 		loadLanguage('index');
Chris@76: 		loadLanguage('ManageMembers');
Chris@76: 	}
Chris@76: 
Chris@76: 	// Log what we did?
Chris@76: 	if (!empty($modSettings['modlog_enabled']) && in_array($_POST['todo'], array('ok', 'okemail', 'require_activation', 'remind')))
Chris@76: 	{
Chris@76: 		$log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';
Chris@76: 		$log_inserts = array();
Chris@76: 		foreach ($member_info as $member)
Chris@76: 		{
Chris@76: 			$log_inserts[] = array(
Chris@76: 				time(), 3, $user_info['id'], $user_info['ip'], $log_action,
Chris@76: 				0, 0, 0, serialize(array('member' => $member['id'])),
Chris@76: 			);
Chris@76: 		}
Chris@76: 		$smcFunc['db_insert']('',
Chris@76: 			'{db_prefix}log_actions',
Chris@76: 			array(
Chris@76: 				'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
Chris@76: 				'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
Chris@76: 			),
Chris@76: 			$log_inserts,
Chris@76: 			array('id_action')
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
Chris@76: 	if (in_array($current_filter, array(3, 4)))
Chris@76: 		updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
Chris@76: 
Chris@76: 	// Update the member's stats. (but, we know the member didn't change their name.)
Chris@76: 	updateStats('member', false);
Chris@76: 
Chris@76: 	// If they haven't been deleted, update the post group statistics on them...
Chris@76: 	if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
Chris@76: 		updateStats('postgroups', $members);
Chris@76: 
Chris@76: 	redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
Chris@76: }
Chris@76: 
Chris@76: function jeffsdatediff($old)
Chris@76: {
Chris@76: 	// Get the current time as the user would see it...
Chris@76: 	$forumTime = forum_time();
Chris@76: 
Chris@76: 	// Calculate the seconds that have passed since midnight.
Chris@76: 	$sinceMidnight = date('H', $forumTime) * 60 * 60 + date('i', $forumTime) * 60 + date('s', $forumTime);
Chris@76: 
Chris@76: 	// Take the difference between the two times.
Chris@76: 	$dis = time() - $old;
Chris@76: 
Chris@76: 	// Before midnight?
Chris@76: 	if ($dis < $sinceMidnight)
Chris@76: 		return 0;
Chris@76: 	else
Chris@76: 		$dis -= $sinceMidnight;
Chris@76: 
Chris@76: 	// Divide out the seconds in a day to get the number of days.
Chris@76: 	return ceil($dis / (24 * 60 * 60));
Chris@76: }
Chris@76: 
Chris@76: ?>