makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-10 21:38:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

Moved user cp files to /ucp insted of includes/ucp, easier to handle this

Browse source 
way with phudo-module system


git-svn-id: file:///svn/phpbb/trunk@3427 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
James Atkinson 2003-01-30 19:57:19 +00:00
parent 2e64f1aea7
commit 2b9b88f251
8 changed files with 3655 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

120
phpBB/ucp/usercp_activate.php Executable file
View file

@ -0,0 +1,120 @@
<?php
/***************************************************************************
* usercp_activate.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
$filename = str_replace(".$phpEx", '', basename(__FILE__));
return;
}
//
// End Modules setup
//
$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
FROM " . USERS_TABLE . "
WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
}
if ( $row = $db->sql_fetchrow($result) )
{
if ( $row['user_active'] && $row['user_actkey'] == '' )
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
);
message_die(GENERAL_MESSAGE, $lang['Already_activated']);
}
else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] )
{
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
WHERE user_id = " . $row['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
}
if ( $config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
{
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\n";
$emailer->use_template('admin_welcome_activated', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject();//$lang['Account_activated_subject']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']))
);
$emailer->send();
$emailer->reset();
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
);
message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
}
else
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
);
$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
message_die(GENERAL_MESSAGE, $message);
}
}
else
{
message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
}
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
?>

348
phpBB/ucp/usercp_avatar.php Executable file
View file

@ -0,0 +1,348 @@
<?php
/***************************************************************************
* usercp_avatar.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
return;
}
//
// End Modules setup
//
function check_image_type(&$type, &$error, &$error_msg)
{
global $lang;
switch( $type )
{
case 'jpeg':
case 'pjpeg':
case 'jpg':
return '.jpg';
break;
case 'gif':
return '.gif';
break;
case 'png':
return '.png';
break;
default:
$error = true;
$error_msg = (!empty($error_msg)) ? $error_msg . '<br />' . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
break;
}
return false;
}
function user_avatar_delete($avatar_type, $avatar_file)
{
global $config, $userdata;
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
if ( @file_exists('./' . $config['avatar_path'] . '/' . $avatar_file) )
{
@unlink('./' . $config['avatar_path'] . '/' . $avatar_file);
}
}
return ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
}
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY : '';
}
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
if ( !preg_match('#^http:\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/[^\"]*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
return;
}
return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_REMOTE : '';
}
function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype)
{
global $config, $user_ip, $db, $lang;
$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_filename, $url_ary) )
{
if ( empty($url_ary[4]) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
return;
}
$base_get = '/' . $url_ary[4];
$port = ( !empty($url_ary[3]) ) ? $url_ary[3] : 80;
if ( !($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr)) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['No_connection_URL'] : $lang['No_connection_URL'];
return;
}
@fputs($fsock, "GET $base_get HTTP/1.1\r\n");
@fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
unset($avatar_data);
while( !@feof($fsock) )
{
$avatar_data .= @fread($fsock, $config['avatar_filesize']);
}
@fclose($fsock);
if ( !preg_match('/Content-Length\: ([0-9]+)[^\/ ][\s]+/i', $avatar_data, $file_data1) || !preg_match('/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i', $avatar_data, $file_data2) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['File_no_data'] : $lang['File_no_data'];
return;
}
$avatar_filesize = $file_data1[1];
$avatar_filetype = $file_data2[1];
if ( !$error && $avatar_filesize > 0 && $avatar_filesize < $config['avatar_filesize'] )
{
$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);
$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $config['avatar_path'] . '/tmp';
$tmp_filename = tempnam($tmp_path, uniqid($user_ip) . '-');
$fptr = @fopen($tmp_filename, 'wb');
$bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize);
@fclose($fptr);
if ( $bytes_written != $avatar_filesize )
{
@unlink($tmp_filename);
message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__);
}
list($width, $height) = @getimagesize($tmp_filename);
}
else
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
}
}
else if ( $avatar_mode == 'local' && file_exists($avatar_filename) && preg_match('/\.(jpg|jpeg|gif|png)$/i', $avatar_realname) )
{
if ( $avatar_filesize <= $config['avatar_filesize'] && $avatar_filesize > 0 )
{
preg_match('#image\/[x\-]*([a-z]+)#', $avatar_filetype, $avatar_filetype);
$avatar_filetype = $avatar_filetype[1];
}
else
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024));
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
return;
}
list($width, $height) = @getimagesize($avatar_filename);
}
if ( !($imgtype = check_image_type($avatar_filetype, $error, $error_msg)) )
{
return;
}
if ( $width <= $config['avatar_max_width'] && $height <= $config['avatar_max_height'] )
{
$new_filename = uniqid() . $imgtype;
if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' )
{
if ( file_exists('./' . $config['avatar_path'] . '/' . $current_avatar) )
{
@unlink('./' . $config['avatar_path'] . '/' . $current_avatar);
}
}
if( $avatar_mode == 'remote' )
{
@copy($tmp_filename, './' . $config['avatar_path'] . "/$new_filename");
@unlink($tmp_filename);
}
else
{
if ( @$ini_val('open_basedir') != '' )
{
if ( @phpversion() < '4.0.3' )
{
message_die(GENERAL_ERROR, 'open_basedir is set and your PHP version does not allow move_uploaded_file', '', __LINE__, __FILE__);
}
$move_file = 'move_uploaded_file';
}
else
{
$move_file = 'copy';
}
$move_file($avatar_filename, './' . $config['avatar_path'] . "/$new_filename");
}
@chmod('./' . $config['avatar_path'] . "/$new_filename", 0777);
$avatar_sql = ( $mode == 'editprofile' ) ? ", user_avatar = '$new_filename', user_avatar_type = " . USER_AVATAR_UPLOAD : "'$new_filename', " . USER_AVATAR_UPLOAD;
}
else
{
$l_avatar_size = sprintf($lang['Avatar_imagesize'], $config['avatar_max_width'], $config['avatar_max_height']);
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
}
return $avatar_sql;
}
function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat)
{
global $config, $db, $template, $lang, $images, $theme;
global $phpbb_root_path, $phpEx;
$dir = @opendir($config['avatar_gallery_path']);
$avatar_images = array();
while( $file = @readdir($dir) )
{
if( $file != '.' && $file != '..' && !is_file($config['avatar_gallery_path'] . '/' . $file) && !is_link($config['avatar_gallery_path'] . '/' . $file) )
{
$sub_dir = @opendir($config['avatar_gallery_path'] . '/' . $file);
$avatar_row_count = 0;
$avatar_col_count = 0;
while( $sub_file = @readdir($sub_dir) )
{
if( preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $sub_file) )
{
$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . '/' . $sub_file;
$avatar_name[$file][$avatar_row_count][$avatar_col_count] = ucfirst(str_replace("_", " ", preg_replace('/^(.*)\..*$/', '\1', $sub_file)));
$avatar_col_count++;
if( $avatar_col_count == 5 )
{
$avatar_row_count++;
$avatar_col_count = 0;
}
}
}
}
}
@closedir($dir);
@ksort($avatar_images);
@reset($avatar_images);
if( empty($category) )
{
list($category, ) = each($avatar_images);
}
@reset($avatar_images);
$s_categories = '<select name="avatarcategory">';
while( list($key) = each($avatar_images) )
{
$selected = ( $key == $category ) ? ' selected="selected"' : '';
if( count($avatar_images[$key]) )
{
$s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>';
}
}
$s_categories .= '</select>';
$s_colspan = 0;
for($i = 0; $i < count($avatar_images[$category]); $i++)
{
$template->assign_block_vars("avatar_row", array());
$s_colspan = max($s_colspan, count($avatar_images[$category][$i]));
for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
{
$template->assign_block_vars('avatar_row.avatar_column', array(
"AVATAR_IMAGE" => $config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],
"AVATAR_NAME" => $avatar_name[$category][$i][$j])
);
$template->assign_block_vars('avatar_row.avatar_option_column', array(
"S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j])
);
}
}
$params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popuppm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');
$s_hidden_vars = '<input type="hidden" name="agreed" value="true" />';
for($i = 0; $i < count($params); $i++)
{
$s_hidden_vars .= '<input type="hidden" name="' . $params[$i] . '" value="' . str_replace('"', '&quot;', $$params[$i]) . '" />';
}
$template->assign_vars(array(
'L_AVATAR_GALLERY' => $lang['Avatar_gallery'],
'L_SELECT_AVATAR' => $lang['Select_avatar'],
'L_RETURN_PROFILE' => $lang['Return_profile'],
'L_CATEGORY' => $lang['Select_category'],
'S_CATEGORY_SELECT' => $s_categories,
'S_COLSPAN' => $s_colspan,
'S_PROFILE_ACTION' => append_sid("ucp.$phpEx?mode=$mode"),
'S_HIDDEN_FIELDS' => $s_hidden_vars)
);
return;
}
?>

194
phpBB/ucp/usercp_email.php Executable file
View file

@ -0,0 +1,194 @@
<?php
/***************************************************************************
* usercp_email.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}
//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
$filename = str_replace(".$phpEx", '', basename(__FILE__));
return;
}
//
// End Modules setup
//
if ( !empty($HTTP_GET_VARS['u']) || !empty($HTTP_POST_VARS['u']) )
{
$user_id = ( !empty($HTTP_GET_VARS['u']) ) ? intval($HTTP_GET_VARS['u']) : intval($HTTP_POST_VARS['u']);
}
else
{
message_die(MESSAGE, $lang['No_user_specified']);
}
if ( $userdata['user_id'] == ANONYMOUS )
{
header('Location: ' . "login.$phpEx$SID&redirect=ucp.$phpEx&mode=email&u=$user_id");
exit;
}
$sql = "SELECT username, user_email, user_viewemail, user_lang
FROM " . USERS_TABLE . "
WHERE user_id = $user_id";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
$username = $row['username'];
$user_email = $row['user_email'];
$user_lang = $row['user_lang'];
if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
{
if ( time() - $userdata['user_emailtime'] < $config['flood_interval'] )
{
message_die(MESSAGE, $lang['Flood_email_limit']);
}
if ( isset($HTTP_POST_VARS['submit']) )
{
$error = FALSE;
if ( !empty($HTTP_POST_VARS['subject']) )
{
$subject = trim(stripslashes($HTTP_POST_VARS['subject']));
}
else
{
$error = TRUE;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
}
if ( !empty($HTTP_POST_VARS['message']) )
{
$message = trim(stripslashes($HTTP_POST_VARS['message']));
}
else
{
$error = TRUE;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
}
if ( !$error )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_emailtime = " . time() . "
WHERE user_id = " . $userdata['user_id'];
$result = $db->sql_query($sql);
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $userdata['user_email'] . "\n";
if ( !empty($HTTP_POST_VARS['cc_email']) )
{
$email_headers .= "Cc: " . $userdata['user_email'] . "\n";
}
$email_headers .= 'Return-Path: ' . $userdata['user_email'] . "\n";
$email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
$email_headers .= 'X-AntiAbuse: User IP - ' . $user_ip . "\r\n";
$emailer->use_template('profile_send_email', $user_lang);
$emailer->email_address($user_email);
$emailer->set_subject($subject);
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'BOARD_EMAIL' => $config['board_email'],
'FROM_USERNAME' => $userdata['username'],
'TO_USERNAME' => $username,
'MESSAGE' => $message)
);
$emailer->send();
$emailer->reset();
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="5;url=' . "index.$phpEx$SID" . '">')
);
$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(MESSAGE, $message);
}
}
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'profile_send_email.html')
);
make_jumpbox('viewforum.'.$phpEx);
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.html')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
$template->assign_vars(array(
'USERNAME' => $username,
'S_POST_ACTION' => "ucp.$phpEx$SID&amp;mode=email&amp;u=$user_id",
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'],
'L_RECIPIENT' => $lang['Recipient'],
'L_SUBJECT' => $lang['Subject'],
'L_MESSAGE_BODY' => $lang['Message_body'],
'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'],
'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
'L_OPTIONS' => $lang['Options'],
'L_CC_EMAIL' => $lang['CC_email'],
'L_SPELLCHECK' => $lang['Spellcheck'],
'L_SEND_EMAIL' => $lang['Send_email'])
);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
message_die(MESSAGE, $lang['User_prevent_email']);
}
}
else
{
message_die(MESSAGE, $lang['User_not_exist']);
}
?>

26
phpBB/ucp/usercp_main.php Executable file
View file

@ -0,0 +1,26 @@
<?php
/***************************************************************************
* usercp_main.php
* -------------------
* begin : Friday, November 22, 2002
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
?>

1908
phpBB/ucp/usercp_messaging.php Executable file
View file

File diff suppressed because it is too large Load diff

656
phpBB/ucp/usercp_register.php Executable file
View file

@ -0,0 +1,656 @@
<?php
/***************************************************************************
* usercp_register.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
if (!defined('IN_PHPBB'))
{
die('Hacking attempt');
exit;
}
// ---------------------------------------
// Load agreement template since user has not yet
// agreed to registration conditions/coppa
//
function show_coppa()
{
global $template, $user, $phpbb_root_path, $phpEx, $config;
$template->set_filenames(array(
'body' => 'agreement.html')
);
if($config['require_activation'] == USER_ACTIVATION_SELF)
{
$template->assign_vars(array('REGISTRATION_CONDITIONS' => $user->lang['Reg_email_activation']));
}
else if($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
$template->assign_vars(array('REGISTRATION_CONDITIONS' => $user->lang['Reg_admin_activation']));
}
$template->assign_vars(array(
'REGISTRATION' => $user->lang['REGISTRATION'],
'AGREEMENT' => $user->lang['REG_AGREEMENT'],
"AGREE_OVER_13" => $user->lang['AGREE_OVER_13'],
"AGREE_UNDER_13" => $user->lang['AGREE_UNDER_13'],
'DO_NOT_AGREE' => $user->lang['AGREE_NOT'],
'AGREE' => $user->lang['AGREE'],
'U_UCP_AGREE' => 'ucp.' . $phpEx,
"U_AGREE_OVER13" => "ucp.$phpEx?$SID&amp;mode=register&amp;agreed=true",
"U_AGREE_UNDER13" => "ucp.$phpEx?$SID&amp;mode=register&amp;agreed=true&amp;coppa=true")
);
}
//
// ---------------------------------------
//
//
//
if ($mode == 'register' && $config['require_activation'] == USER_ACTIVATION_DISABLE)
{
trigger_error($user->lang['Cannot_register']);
}
//
//
//
$error = FALSE;
$page_title = $user->lang['Register'];
if ($mode == 'register')
{
if(!isset($_POST['agree']) && !isset($_GET['agree']) && !isset($_POST['coppa_over_13']) && !isset($_GET['coppa_over_13']) && !isset($_POST['coppa_under_13']) && !isset($_GET['coppa_under_13']) && !$_POST['agreed'])
{
$agreed = FALSE;
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
show_coppa();
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
$agreed = TRUE;
}
}
$coppa = (empty($_POST['coppa_under_13']) && empty($_GET['coppa_under_13'])) ? 0 : TRUE;
//
// Check and initialize some variables if needed
//
if (isset($_POST['submit']) || $mode == 'register')
{
$strip_var_list = array('username' => 'username', 'email' => 'email');
foreach ($strip_var_list as $var => $param)
{
if (!empty($_POST[$param]))
{
$$var = trim(strip_tags($_POST[$param]));
}
}
$trim_var_list = array('password_current' => 'cur_password', 'password' => 'new_password', 'password_confirm' => 'password_confirm');
foreach ($trim_var_list as $var => $param)
{
if (!empty($_POST[$param]))
{
$$var = trim($_POST[$param]);
}
}
$username = str_replace('&nbsp;', '', $username);
$email = htmlspecialchars($email);
// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
// empty strings if they fail.
//validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
$viewemail = (isset($_POST['viewemail'])) ? (($_POST['viewemail']) ? TRUE : 0) : 0;
$allowviewonline = (isset($_POST['hideonline'])) ? (($_POST['hideonline']) ? 0 : TRUE) : TRUE;
$notifyreply = (isset($_POST['notifyreply'])) ? (($_POST['notifyreply']) ? TRUE : 0) : 0;
$notifypm = (isset($_POST['notifypm'])) ? (($_POST['notifypm']) ? TRUE : 0) : TRUE;
$popuppm = (isset($_POST['popup_pm'])) ? (($_POST['popup_pm']) ? TRUE : 0) : TRUE;
$attachsig = (isset($_POST['attachsig'])) ? (($_POST['attachsig']) ? TRUE : 0) : $config['allow_sig'];
$allowhtml = (isset($_POST['allowhtml'])) ? (($_POST['allowhtml']) ? TRUE : 0) : $config['allow_html'];
$allowbbcode = (isset($_POST['allowbbcode'])) ? (($_POST['allowbbcode']) ? TRUE : 0) : $config['allow_bbcode'];
$allowsmilies = (isset($_POST['allowsmilies'])) ? (($_POST['allowsmilies']) ? TRUE : 0) : $config['allow_smilies'];
$user_style = (isset($_POST['style'])) ? intval($_POST['style']) : $config['default_style'];
if (!empty($_POST['language']))
{
if (preg_match('/^[a-z_]+$/i', $_POST['language']))
{
$user_lang = $_POST['language'];
}
else
{
$error = true;
$error_msg = $user->lang['Fields_empty'];
}
}
else
{
$user_lang = $config['default_lang'];
}
$user_timezone = (isset($_POST['timezone'])) ? doubleval($_POST['timezone']) : $config['board_timezone'];
$user_dateformat = (!empty($_POST['dateformat'])) ? trim($_POST['dateformat']) : $config['default_dateformat'];
}
//
// Did the user submit? In this case build a query to update the users profile in the DB
//
if (isset($_POST['submit']))
{
$passwd_sql = '';
if (empty($username) || empty($password) || empty($password_confirm) || empty($email))
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $user->lang['Fields_empty'];
}
$passwd_sql = '';
if (!empty($password) && !empty($password_confirm))
{
if ($password != $password_confirm)
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $user->lang['Password_mismatch'];
}
else if (strlen($password) > 32)
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $user->lang['Password_long'];
}
else
{
if (!$error)
{
$password = md5($password);
$passwd_sql = "user_password = '$password', ";
}
}
}
else if ((empty($password) && !empty($password_confirm)) || (!empty($password) && empty($password_confirm)))
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $user->lang['Password_mismatch'];
}
else
{
$password = $user->data['user_password'];
}
//
// Do a ban check on this email address
//
if ($email != $user->data['user_email'] || $mode == 'register')
{
if (($result = validate_email($email)) != false)
{
$email = $user->data['user_email'];
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $result;
}
}
$username_sql = '';
if (empty($username))
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $user->lang['Username_disallowed'];
}
else
{
if (($result = validate_username($username)) != false)
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $result;
}
else
{
$username_sql = "username = '" . $username . "', ";
}
}
//
// Visual Confirmation handling
//
if ($config['enable_confirm'])
{
if (empty($_POST['confirm_id']))
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $lang['Confirm_code_wrong'];
}
else
{
$sql = "SELECT code
FROM " . CONFIRM_TABLE . "
WHERE confirm_id = '" . $_POST['confirm_id'] . "'
AND session_id = '" . $user->data['session_id'] . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
if ($row['code'] != $_POST['confirm_code'])
{
echo "Way";
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $lang['Confirm_code_wrong'];
}
$sql = "DELETE FROM " . CONFIRM_TABLE . "
WHERE confirm_id = '" . $_POST['confirm_id'] . "'
AND session_id = '" . $userdata['session_id'] . "'";
$db->sql_query($sql);
}
else
{
$error = TRUE;
$error_msg .= ((isset($error_msg)) ? '<br />' : '') . $lang['Confirm_code_wrong'];
}
}
}
if (!$error)
{
if ( (($mode == 'register' || $coppa)) && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
{
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
$key_len = ($key_len > 6) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_active = 0;
if ($user->data['user_id'] != ANONYMOUS)
{
$user->destroy();
}
}
else
{
$user_active = 1;
$user_actkey = '';
}
$sql_ary = array(
'username' => $username,
'user_regdate' => time(),
'user_password' => $password,
'user_email' => $email,
'user_viewemail' => $viewemail,
'user_attachsig' => $attachsig,
'user_allowsmile' => $allowsmilies,
'user_allowhtml' => $allowhtml,
'user_allowbbcode' => $allowbbcode,
'user_allow_viewonline' => $allowviewonline,
'user_notify' => $notifyreply,
'user_notify_pm' => $notifypm,
'user_popup_pm' => $popuppm,
'user_avatar' => $avatar_sql['data'],
'user_avatar_type' => $avatar_sql['type'],
'user_timezone' => (float) $user_timezone,
'user_dateformat' => $user_dateformat,
'user_lang' => $user_lang,
'user_style' => $user_style,
'user_allow_pm' => 1,
'user_active' => $user_active,
'user_actkey' => $user_actkey
);
$db->sql_transaction();
$query = $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query("INSERT INTO " . USERS_TABLE . " $query");
$user_id = $db->sql_nextid();
// Place into appropriate group, either REGISTERED or INACTIVE depending on config
$group_name = ($config['require_activation'] == USER_ACTIVATION_NONE) ? 'REGISTERED' : 'INACTIVE';
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) SELECT $user_id, group_id, 0 FROM " . GROUPS_TABLE . " WHERE group_name = '$group_name'";
$result = $db->sql_query($sql);
if ($config['require_activation'] == USER_ACTIVATION_NONE)
{
// Sync config
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = $user_id
WHERE config_name = 'newest_user_id'";
$db->sql_query($sql);
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = '$username'
WHERE config_name = 'newest_username'";
$db->sql_query($sql);
$sql = "UPDATE " . CONFIG_TABLE . "
SET config_value = " . ($config['num_users'] + 1) . "
WHERE config_name = 'num_users'";
$db->sql_query($sql);
}
$db->sql_transaction('commit');
if ($coppa)
{
$message = $user->lang['COPPA'];
$email_template = 'coppa_welcome_inactive';
}
else if ($config['require_activation'] == USER_ACTIVATION_SELF)
{
$message = $user->lang['Account_inactive'];
$email_template = 'user_welcome_inactive';
}
else if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
$message = $user->lang['Account_inactive_admin'];
$email_template = 'admin_welcome_inactive';
}
else
{
$message = $user->lang['Account_added'];
$email_template = 'user_welcome';
}
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = "From: " . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template($email_template, $user->data['user_lang']);
$emailer->email_address($email);
$emailer->set_subject();//sprintf($user->lang['Welcome_subject'], $config['sitename'])
$emailer->extra_headers($email_headers);
if ($coppa)
{
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey,
'FAX_INFO' => $config['coppa_fax'],
'MAIL_INFO' => $config['coppa_mail'],
'EMAIL_ADDRESS' => $email,
'SITENAME' => $config['sitename']));
}
else
{
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
}
$emailer->send();
$emailer->reset();
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
$emailer->use_template("admin_activate", stripslashes($user_lang));
$emailer->email_address($config['board_email']);
$emailer->set_subject(); //$user->lang['New_account_subject']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'USERNAME' => $username,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
$emailer->send();
$emailer->reset();
}
$message = $message . '<br /><br />' . sprintf($user->lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
trigger_error($message);
}
else
{
trigger_error($error_msg);
}
} // End of submit
if ($error)
{
//
// If an error occured we need to stripslashes on returned data
//
$username = stripslashes($username);
$email = stripslashes($email);
$password = '';
$password_confirm = '';
$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);
}
//
// Default pages
//
if (!isset($coppa))
{
$coppa = FALSE;
}
if (!isset($user_template))
{
$selected_template = $config['system_template'];
}
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
if (!empty($user_avatar_local))
{
$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
}
$html_status = ($user->data['user_allowhtml'] && $config['allow_html']) ? $user->lang['HTML_is_ON'] : $user->lang['HTML_is_OFF'];
$bbcode_status = ($user->data['user_allowbbcode'] && $config['allow_bbcode'] ) ? $user->lang['BBCode_is_ON'] : $user->lang['BBCode_is_OFF'];
$smilies_status = ($user->data['user_allowsmile'] && $config['allow_smilies'] ) ? $user->lang['Smilies_are_ON'] : $user->lang['Smilies_are_OFF'];
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
//
$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off'|| !$config['allow_avatar_upload']) ? '' : 'enctype="multipart/form-data"';
//
// Visual Confirmation - Show images
//
$confirm_image = '';
if ( $mode == 'editprofile' )
{
$template->assign_block_vars('switch_edit_profile', array());
}
else if ($mode == 'register' && !empty($config['enable_confirm']))
{
$template->assign_block_vars('switch_confirm', array());
$confirm_id = md5(uniqid($user_ip));
$sql = "SELECT session_id
FROM " . SESSIONS_TABLE;
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$confirm_sql = '';
do
{
$confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'";
}
while ($row = $db->sql_fetchrow($result));
$sql = "DELETE FROM " . CONFIRM_TABLE . "
WHERE session_id NOT IN ($confirm_sql)";
$db->sql_query($sql);
}
$sql = "SELECT COUNT(session_id) AS attempts
FROM " . CONFIRM_TABLE . "
WHERE session_id = '" . $userdata['session_id'] . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
if ($row['attempts'] > 5)
{
trigger_error($user->lang['Too_many_registers']);
}
}
$confirm_image = (phpversion() >= '4.0.1' && @extension_loaded('zlib')) ? '<img src="' . "includes/ucp/usercp_confirm.$phpEx$SID&id=$confirm_id" . '" alt="" title="" />' : '<img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=1" alt="" title="" /><img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=2" alt="" title="" /><img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=3" alt="" title="" /><img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=4" alt="" title="" /><img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=5" alt="" title="" /><img src="includes/usercp_confirm.$phpEx?$SID&amp;id=$confirm_id&amp;c=6" alt="" title="" />';
$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
}
//
// End visual confirmation
//
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '',
'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '',
'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '',
'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '',
'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '',
'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '',
'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '',
'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '',
'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '',
'NOTIFY_REPLY_YES' => ($notifyreply) ? 'checked="checked"' : '',
'NOTIFY_REPLY_NO' => (!$notifyreply) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '',
'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '',
'LANGUAGE_SELECT' => language_select($user_lang, 'language'),
'STYLE_SELECT' => style_select($user_style, 'style'),
'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'),
'DATE_FORMAT' => $user_dateformat,
'HTML_STATUS' => $html_status,
'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
'SMILIES_STATUS' => $smilies_status,
'CONFIRM_CODE' => $confirm_image,
'L_CONFIRM_CODE' => $user->lang['CONFIRM_CODE'],
'L_CONFIRM_CODE_EXPLAIN' => $user->lang['CONFIRM_CODE_EXPLAIN'],
'L_CURRENT_PASSWORD' => $user->lang['Current_password'],
'L_NEW_PASSWORD' => ($mode == 'register') ? $user->lang['Password'] : $user->lang['New_password'],
'L_CONFIRM_PASSWORD' => $user->lang['Confirm_password'],
'L_CONFIRM_PASSWORD_EXPLAIN' => ($mode == 'editprofile') ? $user->lang['Confirm_password_explain'] : '',
'L_PASSWORD_IF_CHANGED' => ($mode == 'editprofile') ? $user->lang['password_if_changed'] : '',
'L_PASSWORD_CONFIRM_IF_CHANGED' => ($mode == 'editprofile') ? $user->lang['password_confirm_if_changed'] : '',
'L_SUBMIT' => $user->lang['Submit'],
'L_RESET' => $user->lang['Reset'],
'L_BOARD_LANGUAGE' => $user->lang['Board_lang'],
'L_BOARD_STYLE' => $user->lang['Board_style'],
'L_TIMEZONE' => $user->lang['Timezone'],
'L_DATE_FORMAT' => $user->lang['Date_format'],
'L_DATE_FORMAT_EXPLAIN' => $user->lang['Date_format_explain'],
'L_YES' => $user->lang['Yes'],
'L_NO' => $user->lang['No'],
'L_INTERESTS' => $user->lang['Interests'],
'L_ALWAYS_ALLOW_SMILIES' => $user->lang['Always_smile'],
'L_ALWAYS_ALLOW_BBCODE' => $user->lang['Always_bbcode'],
'L_ALWAYS_ALLOW_HTML' => $user->lang['Always_html'],
'L_HIDE_USER' => $user->lang['Hide_user'],
'L_ALWAYS_ADD_SIGNATURE' => $user->lang['Always_add_sig'],
'L_NOTIFY_ON_REPLY' => $user->lang['Always_notify'],
'L_NOTIFY_ON_REPLY_EXPLAIN' => $user->lang['Always_notify_explain'],
'L_NOTIFY_ON_PRIVMSG' => $user->lang['Notify_on_privmsg'],
'L_POPUP_ON_PRIVMSG' => $user->lang['Popup_on_privmsg'],
'L_POPUP_ON_PRIVMSG_EXPLAIN' => $user->lang['Popup_on_privmsg_explain'],
'L_PREFERENCES' => $user->lang['Preferences'],
'L_PUBLIC_VIEW_EMAIL' => $user->lang['Public_view_email'],
'L_ITEMS_REQUIRED' => $user->lang['Items_required'],
'L_REGISTRATION_INFO' => $user->lang['Registration_info'],
'L_PROFILE_INFO' => $user->lang['Profile_info'],
'L_PROFILE_INFO_NOTICE' => $user->lang['Profile_info_warn'],
'L_EMAIL_ADDRESS' => $user->lang['Email_address'],
'S_PROFILE_EDIT' => ($mode == 'editprofile') ? true : false,
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? 1 : 0,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_FORM_ENCTYPE' => $form_enctype,
'S_PROFILE_ACTION' => "ucp.$phpEx$SID")
);
//
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'profile_add_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>

149
phpBB/ucp/usercp_sendpasswd.php Executable file
View file

@ -0,0 +1,149 @@
<?php
/***************************************************************************
* usercp_sendpasswd.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
$filename = str_replace(".$phpEx", '', basename(__FILE__));
return;
}
//
// End Modules setup
//
if ( isset($HTTP_POST_VARS['submit']) )
{
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
FROM " . USERS_TABLE . "
WHERE user_email = '" . str_replace("\'", "''", $email) . "'
AND username = '" . str_replace("\'", "''", $username) . "'";
if ( $result = $db->sql_query($sql) )
{
if ( $row = $db->sql_fetchrow($result) )
{
if ( !$row['user_active'] )
{
message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']);
}
$username = $row['username'];
$user_actkey = gen_rand_string(true);
$key_len = 54 - strlen($server_url);
$key_len = ( $str_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_password = gen_rand_string(false);
$sql = "UPDATE " . USERS_TABLE . "
SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
WHERE user_id = " . $row['user_id'];
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update new password information', '', __LINE__, __FILE__, $sql);
}
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($config['smtp_delivery']);
$email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
$emailer->use_template('user_activate_passwd', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject();//$lang['New_password_activation']
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array(
'SITENAME' => $config['sitename'],
'USERNAME' => $username,
'PASSWORD' => $user_password,
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")
);
$emailer->send();
$emailer->reset();
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="15;url=' . append_sid("index.$phpEx") . '">')
);
$message = $lang['Password_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
else
{
message_die(GENERAL_MESSAGE, $lang['No_email_match']);
}
}
else
{
message_die(GENERAL_ERROR, 'Could not obtain user information for sendpassword', '', __LINE__, __FILE__, $sql);
}
}
else
{
$username = '';
$email = '';
}
//
// Output basic page
//
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'profile_send_pass.tpl')
);
make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
'L_SEND_PASSWORD' => $lang['Send_password'],
'L_ITEMS_REQUIRED' => $lang['Items_required'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'])
);
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>

254
phpBB/ucp/usercp_viewprofile.php Executable file
View file

@ -0,0 +1,254 @@
<?php
/***************************************************************************
* usercp_viewprofile.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die('Hacking attempt');
exit;
}
//
// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
// This block specifies the tabs and sub tabs for this section.
//
if( !empty($setmodules) )
{
$filename = str_replace(".$phpEx", '', basename(__FILE__));
return;
}
//
// End Modules setup
//
if ( empty($_GET['u']) || $_GET['u'] == ANONYMOUS )
{
message_die(MESSAGE, $user->lang['No_user_id_specified']);
}
$profiledata = get_userdata(intval($_GET['u']));
$sql = "SELECT *
FROM " . RANKS_TABLE . "
ORDER BY rank_special, rank_min";
$result = $db->sql_query($sql);
while ( $row = $db->sql_fetchrow($result) )
{
$ranksrow[] = $row;
}
$db->sql_freeresult($result);
//
// Output page header and profile_view template
//
$template->set_filenames(array(
'body' => 'profile_view_body.html')
);
make_jumpbox('viewforum.'.$phpEx);
//
// Calculate the number of days this user has been a member ($memberdays)
// Then calculate their posts per day
//
$regdate = $profiledata['user_regdate'];
$memberdays = max(1, round( ( time() - $regdate ) / 86400 ));
$posts_per_day = $profiledata['user_posts'] / $memberdays;
// Get the users percentage of total posts
if ( $profiledata['user_posts'] )
{
$sql = "SELECT SUM(forum_posts) AS total
FROM " . FORUMS_TABLE;
$result = $db->sql_query($sql);
$total_posts = ($row = $db->sql_fetchrow($result)) ? $row['total'] : 0;
$db->sql_freeresult($result);
$percentage = ( $total_posts ) ? min(100, ($profiledata['user_posts'] / $total_posts) * 100) : 0;
}
else
{
$percentage = 0;
}
$avatar_img = '';
if ( $profiledata['user_avatar_type'] && $profiledata['user_allowavatar'] )
{
switch( $profiledata['user_avatar_type'] )
{
case USER_AVATAR_UPLOAD:
$avatar_img = ( $config['allow_avatar_upload'] ) ? '<img src="' . $config['avatar_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
case USER_AVATAR_REMOTE:
$avatar_img = ( $config['allow_avatar_remote'] ) ? '<img src="' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
case USER_AVATAR_GALLERY:
$avatar_img = ( $config['allow_avatar_local'] ) ? '<img src="' . $config['avatar_gallery_path'] . '/' . $profiledata['user_avatar'] . '" alt="" border="0" />' : '';
break;
}
}
$poster_rank = '';
$rank_image = '';
if ( $profiledata['user_rank'] )
{
for($i = 0; $i < count($ranksrow); $i++)
{
if ( $profiledata['user_rank'] == $ranksrow[$i]['rank_id'] && $ranksrow[$i]['rank_special'] )
{
$poster_rank = $ranksrow[$i]['rank_title'];
$rank_image = ( $ranksrow[$i]['rank_image'] ) ? '<img src="' . $ranksrow[$i]['rank_image'] . '" alt="' . $poster_rank . '" title="' . $poster_rank . '" border="0" /><br />' : '';
}
}
}
else
{
for($i = 0; $i < count($ranksrow); $i++)
{
if ( $profiledata['user_posts'] >= $ranksrow[$i]['rank_min'] && !$ranksrow[$i]['rank_special'] )
{
$poster_rank = $ranksrow[$i]['rank_title'];
$rank_image = ( $ranksrow[$i]['rank_image'] ) ? '<img src="' . $ranksrow[$i]['rank_image'] . '" alt="' . $poster_rank . '" title="' . $poster_rank . '" border="0" /><br />' : '';
}
}
}
if ( $profiledata['user_viewemail'] || $auth->acl_get('a_') )
{
$email_uri = ( $config['board_email_form'] ) ? "ucp.$phpEx$SID&amp;mode=email&amp;u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email'];
$email_img = '<a href="' . $email_uri . '">' . $user->img('icon_email', $user->lang['Send_email']) . '</a>';
$email = '<a href="' . $email_uri . '">' . $user->lang['Send_email'] . '</a>';
}
else
{
$email_img = '&nbsp;';
$email = '&nbsp;';
}
$temp_url = "ucp.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$profile_img = '<a href="' . $temp_url . '">' . $user->img('icon_profile', $user->lang['Read_profile']) . '</a>';
$profile = '<a href="' . $temp_url . '">' . $user->lang['Read_profile'] . '</a>';
$temp_url = "privmsg.$phpEx$SID&amp;mode=post&amp;u=$user_id";
$pm_img = '<a href="' . $temp_url . '">' . $user->img('icon_pm', $user->lang['Send_private_message']) . '</a>';
$pm = '<a href="' . $temp_url . '">' . $user->lang['Send_private_message'] . '</a>';
$www_img = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww">' . $user->img('icon_www', $user->lang['Visit_website']) . '</a>' : '';
$www = ( $profiledata['user_website'] ) ? '<a href="' . $profiledata['user_website'] . '" target="_userwww">' . $user->lang['Visit_website'] . '</a>' : '';
if ( !empty($profiledata['user_icq']) )
{
$icq_status_img = '<a href="http://wwp.icq.com/' . $profiledata['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $profiledata['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
$icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $profiledata['user_icq'] . '">' . $user->img('icon_icq', $user->lang['ICQ']) . '</a>';
$icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $profiledata['user_icq'] . '">' . $user->lang['ICQ'] . '</a>';
}
else
{
$icq_status_img = '';
$icq_img = '';
$icq = '';
}
$aim_img = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $user->img('icon_aim', $user->lang['AIM']) . '</a>' : '';
$aim = ( $profiledata['user_aim'] ) ? '<a href="aim:goim?screenname=' . $profiledata['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $user->lang['AIM'] . '</a>' : '';
$temp_url = "ucp.$phpEx$SID&amp;mode=viewprofile&amp;u=$user_id";
$msn_img = ( $profiledata['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $user->img('icon_msnm', $user->lang['MSNM']) . '</a>' : '';
$msn = ( $profiledata['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $user->lang['MSNM'] . '</a>' : '';
$yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $user->img('icon_yim', $user->lang['YIM']) . '</a>' : '';
$yim = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $user->lang['YIM'] . '</a>' : '';
$temp_url = "search.$phpEx$SID&amp;search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts";
$search_img = '<a href="' . $temp_url . '">' . $user->img('icon_search', $user->lang['Search_user_posts']) . '</a>';
$search = '<a href="' . $temp_url . '">' . $user->lang['Search_user_posts'] . '</a>';
//
// Generate page
//
$page_title = $user->lang['Viewing_profile'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->assign_vars(array(
'USERNAME' => $profiledata['username'],
'JOINED' => $user->format_date($profiledata['user_regdate'], $user->lang['DATE_FORMAT']),
'POSTER_RANK' => $poster_rank,
'RANK_IMAGE' => $rank_image,
'POSTS_PER_DAY' => $posts_per_day,
'POSTS' => $profiledata['user_posts'],
'PERCENTAGE' => $percentage . '%',
'POST_DAY_STATS' => sprintf($user->lang['User_post_day_stats'], $posts_per_day),
'POST_PERCENT_STATS' => sprintf($user->lang['User_post_pct_stats'], $percentage),
'SEARCH_IMG' => $search_img,
'SEARCH' => $search,
'PM_IMG' => $pm_img,
'PM' => $pm,
'EMAIL_IMG' => $email_img,
'EMAIL' => $email,
'WWW_IMG' => $www_img,
'WWW' => $www,
'ICQ_STATUS_IMG' => $icq_status_img,
'ICQ_IMG' => $icq_img,
'ICQ' => $icq,
'AIM_IMG' => $aim_img,
'AIM' => $aim,
'MSN_IMG' => $msn_img,
'MSN' => $msn,
'YIM_IMG' => $yim_img,
'YIM' => $yim,
'LOCATION' => ( $profiledata['user_from'] ) ? $profiledata['user_from'] : '&nbsp;',
'OCCUPATION' => ( $profiledata['user_occ'] ) ? $profiledata['user_occ'] : '&nbsp;',
'INTERESTS' => ( $profiledata['user_interests'] ) ? $profiledata['user_interests'] : '&nbsp;',
'AVATAR_IMG' => $avatar_img,
'L_VIEWING_PROFILE' => sprintf($user->lang['Viewing_user_profile'], $profiledata['username']),
'L_ABOUT_USER' => sprintf($user->lang['About_user'], $profiledata['username']),
'L_AVATAR' => $user->lang['Avatar'],
'L_POSTER_RANK' => $user->lang['Poster_rank'],
'L_JOINED' => $user->lang['Joined'],
'L_TOTAL_POSTS' => $user->lang['Total_posts'],
'L_SEARCH_USER_POSTS' => sprintf($user->lang['Search_user_posts'], $profiledata['username']),
'L_CONTACT' => $user->lang['Contact'],
'L_EMAIL_ADDRESS' => $user->lang['Email_address'],
'L_EMAIL' => $user->lang['Email'],
'L_PM' => $user->lang['Private_Message'],
'L_ICQ_NUMBER' => $user->lang['ICQ'],
'L_YAHOO' => $user->lang['YIM'],
'L_AIM' => $user->lang['AIM'],
'L_MESSENGER' => $user->lang['MSNM'],
'L_WEBSITE' => $user->lang['Website'],
'L_LOCATION' => $user->lang['Location'],
'L_OCCUPATION' => $user->lang['Occupation'],
'L_INTERESTS' => $user->lang['Interests'],
'U_SEARCH_USER' => "search.$phpEx$SID&amp;search_author=" . urlencode($profiledata['username']),
'S_PROFILE_ACTION' => "ucp.$phpEx$SID")
);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>