diff --git a/phpBB/ucp/usercp_activate.php b/phpBB/ucp/usercp_activate.php new file mode 100755 index 0000000000..e8cf61a2aa --- /dev/null +++ b/phpBB/ucp/usercp_activate.php @@ -0,0 +1,120 @@ +sql_query($sql)) ) +{ + message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql); +} + +if ( $row = $db->sql_fetchrow($result) ) +{ + if ( $row['user_active'] && $row['user_actkey'] == '' ) + { + $template->assign_vars(array( + 'META' => '') + ); + + message_die(GENERAL_MESSAGE, $lang['Already_activated']); + } + else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] ) + { + $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : ''; + + $sql = "UPDATE " . USERS_TABLE . " + SET user_active = 1, user_actkey = ''" . $sql_update_pass . " + WHERE user_id = " . $row['user_id']; + if ( !($result = $db->sql_query($sql)) ) + { + message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update); + } + + if ( $config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' ) + { + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($config['smtp_delivery']); + + $email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\n"; + + $emailer->use_template('admin_welcome_activated', $row['user_lang']); + $emailer->email_address($row['user_email']); + $emailer->set_subject();//$lang['Account_activated_subject'] + $emailer->extra_headers($email_headers); + + $emailer->assign_vars(array( + 'SITENAME' => $config['sitename'], + 'USERNAME' => $username, + 'PASSWORD' => $password_confirm, + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig'])) + ); + $emailer->send(); + $emailer->reset(); + + $template->assign_vars(array( + 'META' => '') + ); + + message_die(GENERAL_MESSAGE, $lang['Account_active_admin']); + } + else + { + $template->assign_vars(array( + 'META' => '') + ); + + $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated']; + message_die(GENERAL_MESSAGE, $message); + } + } + else + { + message_die(GENERAL_MESSAGE, $lang['Wrong_activation']); + } +} +else +{ + message_die(GENERAL_MESSAGE, $lang['No_such_user']); +} + +?> \ No newline at end of file diff --git a/phpBB/ucp/usercp_avatar.php b/phpBB/ucp/usercp_avatar.php new file mode 100755 index 0000000000..2a9ef1a304 --- /dev/null +++ b/phpBB/ucp/usercp_avatar.php @@ -0,0 +1,348 @@ +' . $lang['Avatar_filetype'] : $lang['Avatar_filetype']; + break; + } + + return false; +} + +function user_avatar_delete($avatar_type, $avatar_file) +{ + global $config, $userdata; + + if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' ) + { + if ( @file_exists('./' . $config['avatar_path'] . '/' . $avatar_file) ) + { + @unlink('./' . $config['avatar_path'] . '/' . $avatar_file); + } + } + + return ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE; +} + +function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename) +{ + return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY : ''; +} + +function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename) +{ + if ( !preg_match('#^http:\/\/#i', $avatar_filename) ) + { + $avatar_filename = 'http://' . $avatar_filename; + } + + if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/[^\"]*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) ) + { + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format']; + return; + } + + return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_REMOTE : ''; + +} + +function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype) +{ + global $config, $user_ip, $db, $lang; + + $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; + + if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_filename, $url_ary) ) + { + if ( empty($url_ary[4]) ) + { + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Incomplete_URL'] : $lang['Incomplete_URL']; + return; + } + + $base_get = '/' . $url_ary[4]; + $port = ( !empty($url_ary[3]) ) ? $url_ary[3] : 80; + + if ( !($fsock = @fsockopen($url_ary[2], $port, $errno, $errstr)) ) + { + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['No_connection_URL'] : $lang['No_connection_URL']; + return; + } + + @fputs($fsock, "GET $base_get HTTP/1.1\r\n"); + @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n"); + @fputs($fsock, "Connection: close\r\n\r\n"); + + unset($avatar_data); + while( !@feof($fsock) ) + { + $avatar_data .= @fread($fsock, $config['avatar_filesize']); + } + @fclose($fsock); + + if ( !preg_match('/Content-Length\: ([0-9]+)[^\/ ][\s]+/i', $avatar_data, $file_data1) || !preg_match('/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i', $avatar_data, $file_data2) ) + { + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['File_no_data'] : $lang['File_no_data']; + return; + } + + $avatar_filesize = $file_data1[1]; + $avatar_filetype = $file_data2[1]; + + if ( !$error && $avatar_filesize > 0 && $avatar_filesize < $config['avatar_filesize'] ) + { + $avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize); + + $tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $config['avatar_path'] . '/tmp'; + $tmp_filename = tempnam($tmp_path, uniqid($user_ip) . '-'); + + $fptr = @fopen($tmp_filename, 'wb'); + $bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize); + @fclose($fptr); + + if ( $bytes_written != $avatar_filesize ) + { + @unlink($tmp_filename); + message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__); + } + + list($width, $height) = @getimagesize($tmp_filename); + } + else + { + $l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024)); + + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $l_avatar_size : $l_avatar_size; + } + } + else if ( $avatar_mode == 'local' && file_exists($avatar_filename) && preg_match('/\.(jpg|jpeg|gif|png)$/i', $avatar_realname) ) + { + if ( $avatar_filesize <= $config['avatar_filesize'] && $avatar_filesize > 0 ) + { + preg_match('#image\/[x\-]*([a-z]+)#', $avatar_filetype, $avatar_filetype); + $avatar_filetype = $avatar_filetype[1]; + } + else + { + $l_avatar_size = sprintf($lang['Avatar_filesize'], round($config['avatar_filesize'] / 1024)); + + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $l_avatar_size : $l_avatar_size; + return; + } + + list($width, $height) = @getimagesize($avatar_filename); + } + + if ( !($imgtype = check_image_type($avatar_filetype, $error, $error_msg)) ) + { + return; + } + + if ( $width <= $config['avatar_max_width'] && $height <= $config['avatar_max_height'] ) + { + $new_filename = uniqid() . $imgtype; + + if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' ) + { + if ( file_exists('./' . $config['avatar_path'] . '/' . $current_avatar) ) + { + @unlink('./' . $config['avatar_path'] . '/' . $current_avatar); + } + } + + if( $avatar_mode == 'remote' ) + { + @copy($tmp_filename, './' . $config['avatar_path'] . "/$new_filename"); + @unlink($tmp_filename); + } + else + { + if ( @$ini_val('open_basedir') != '' ) + { + if ( @phpversion() < '4.0.3' ) + { + message_die(GENERAL_ERROR, 'open_basedir is set and your PHP version does not allow move_uploaded_file', '', __LINE__, __FILE__); + } + + $move_file = 'move_uploaded_file'; + } + else + { + $move_file = 'copy'; + } + + $move_file($avatar_filename, './' . $config['avatar_path'] . "/$new_filename"); + } + + @chmod('./' . $config['avatar_path'] . "/$new_filename", 0777); + + $avatar_sql = ( $mode == 'editprofile' ) ? ", user_avatar = '$new_filename', user_avatar_type = " . USER_AVATAR_UPLOAD : "'$new_filename', " . USER_AVATAR_UPLOAD; + } + else + { + $l_avatar_size = sprintf($lang['Avatar_imagesize'], $config['avatar_max_width'], $config['avatar_max_height']); + + $error = true; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $l_avatar_size : $l_avatar_size; + } + + return $avatar_sql; +} + +function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat) +{ + global $config, $db, $template, $lang, $images, $theme; + global $phpbb_root_path, $phpEx; + + $dir = @opendir($config['avatar_gallery_path']); + + $avatar_images = array(); + while( $file = @readdir($dir) ) + { + if( $file != '.' && $file != '..' && !is_file($config['avatar_gallery_path'] . '/' . $file) && !is_link($config['avatar_gallery_path'] . '/' . $file) ) + { + $sub_dir = @opendir($config['avatar_gallery_path'] . '/' . $file); + + $avatar_row_count = 0; + $avatar_col_count = 0; + while( $sub_file = @readdir($sub_dir) ) + { + if( preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $sub_file) ) + { + $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . '/' . $sub_file; + $avatar_name[$file][$avatar_row_count][$avatar_col_count] = ucfirst(str_replace("_", " ", preg_replace('/^(.*)\..*$/', '\1', $sub_file))); + + $avatar_col_count++; + if( $avatar_col_count == 5 ) + { + $avatar_row_count++; + $avatar_col_count = 0; + } + } + } + } + } + + @closedir($dir); + + @ksort($avatar_images); + @reset($avatar_images); + + if( empty($category) ) + { + list($category, ) = each($avatar_images); + } + @reset($avatar_images); + + $s_categories = ''; + + $s_colspan = 0; + for($i = 0; $i < count($avatar_images[$category]); $i++) + { + $template->assign_block_vars("avatar_row", array()); + + $s_colspan = max($s_colspan, count($avatar_images[$category][$i])); + + for($j = 0; $j < count($avatar_images[$category][$i]); $j++) + { + $template->assign_block_vars('avatar_row.avatar_column', array( + "AVATAR_IMAGE" => $config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j], + "AVATAR_NAME" => $avatar_name[$category][$i][$j]) + ); + + $template->assign_block_vars('avatar_row.avatar_option_column', array( + "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j]) + ); + } + } + + $params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popuppm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat'); + + $s_hidden_vars = ''; + + for($i = 0; $i < count($params); $i++) + { + $s_hidden_vars .= ''; + } + + $template->assign_vars(array( + 'L_AVATAR_GALLERY' => $lang['Avatar_gallery'], + 'L_SELECT_AVATAR' => $lang['Select_avatar'], + 'L_RETURN_PROFILE' => $lang['Return_profile'], + 'L_CATEGORY' => $lang['Select_category'], + + 'S_CATEGORY_SELECT' => $s_categories, + 'S_COLSPAN' => $s_colspan, + 'S_PROFILE_ACTION' => append_sid("ucp.$phpEx?mode=$mode"), + 'S_HIDDEN_FIELDS' => $s_hidden_vars) + ); + + return; +} + +?> diff --git a/phpBB/ucp/usercp_email.php b/phpBB/ucp/usercp_email.php new file mode 100755 index 0000000000..28245d4b28 --- /dev/null +++ b/phpBB/ucp/usercp_email.php @@ -0,0 +1,194 @@ +sql_query($sql); + +if ( $row = $db->sql_fetchrow($result) ) +{ + $username = $row['username']; + $user_email = $row['user_email']; + $user_lang = $row['user_lang']; + + if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) + { + if ( time() - $userdata['user_emailtime'] < $config['flood_interval'] ) + { + message_die(MESSAGE, $lang['Flood_email_limit']); + } + + if ( isset($HTTP_POST_VARS['submit']) ) + { + $error = FALSE; + + if ( !empty($HTTP_POST_VARS['subject']) ) + { + $subject = trim(stripslashes($HTTP_POST_VARS['subject'])); + } + else + { + $error = TRUE; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; + } + + if ( !empty($HTTP_POST_VARS['message']) ) + { + $message = trim(stripslashes($HTTP_POST_VARS['message'])); + } + else + { + $error = TRUE; + $error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Empty_message_email'] : $lang['Empty_message_email']; + } + + if ( !$error ) + { + $sql = "UPDATE " . USERS_TABLE . " + SET user_emailtime = " . time() . " + WHERE user_id = " . $userdata['user_id']; + $result = $db->sql_query($sql); + + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($config['smtp_delivery']); + + $email_headers = 'From: ' . $userdata['user_email'] . "\n"; + if ( !empty($HTTP_POST_VARS['cc_email']) ) + { + $email_headers .= "Cc: " . $userdata['user_email'] . "\n"; + } + $email_headers .= 'Return-Path: ' . $userdata['user_email'] . "\n"; + $email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; + $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; + $email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n"; + $email_headers .= 'X-AntiAbuse: User IP - ' . $user_ip . "\r\n"; + + $emailer->use_template('profile_send_email', $user_lang); + $emailer->email_address($user_email); + $emailer->set_subject($subject); + $emailer->extra_headers($email_headers); + + $emailer->assign_vars(array( + 'SITENAME' => $config['sitename'], + 'BOARD_EMAIL' => $config['board_email'], + 'FROM_USERNAME' => $userdata['username'], + 'TO_USERNAME' => $username, + 'MESSAGE' => $message) + ); + $emailer->send(); + $emailer->reset(); + + $template->assign_vars(array( + 'META' => '') + ); + + $message = $lang['Email_sent'] . '

' . sprintf($lang['Click_return_index'], '', ''); + + message_die(MESSAGE, $message); + } + } + + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + $template->set_filenames(array( + 'body' => 'profile_send_email.html') + ); + make_jumpbox('viewforum.'.$phpEx); + + if ( $error ) + { + $template->set_filenames(array( + 'reg_header' => 'error_body.html') + ); + $template->assign_vars(array( + 'ERROR_MESSAGE' => $error_msg) + ); + $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); + } + + $template->assign_vars(array( + 'USERNAME' => $username, + + 'S_POST_ACTION' => "ucp.$phpEx$SID&mode=email&u=$user_id", + + 'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], + 'L_RECIPIENT' => $lang['Recipient'], + 'L_SUBJECT' => $lang['Subject'], + 'L_MESSAGE_BODY' => $lang['Message_body'], + 'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], + 'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'], + 'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'], + 'L_OPTIONS' => $lang['Options'], + 'L_CC_EMAIL' => $lang['CC_email'], + 'L_SPELLCHECK' => $lang['Spellcheck'], + 'L_SEND_EMAIL' => $lang['Send_email']) + ); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + } + else + { + message_die(MESSAGE, $lang['User_prevent_email']); + } +} +else +{ + message_die(MESSAGE, $lang['User_not_exist']); +} + +?> \ No newline at end of file diff --git a/phpBB/ucp/usercp_main.php b/phpBB/ucp/usercp_main.php new file mode 100755 index 0000000000..ac8b2ad2ec --- /dev/null +++ b/phpBB/ucp/usercp_main.php @@ -0,0 +1,26 @@ + diff --git a/phpBB/ucp/usercp_messaging.php b/phpBB/ucp/usercp_messaging.php new file mode 100755 index 0000000000..5dcfe4844f --- /dev/null +++ b/phpBB/ucp/usercp_messaging.php @@ -0,0 +1,1908 @@ +#'); +$html_entities_replace = array('&', '<', '>'); + +// +// Parameters +// +$submit = ( isset($_POST['post']) ) ? TRUE : 0; +$submit_search = ( isset($_POST['usersubmit']) ) ? TRUE : 0; +$submit_msgdays = ( isset($_POST['submit_msgdays']) ) ? TRUE : 0; +$cancel = ( isset($_POST['cancel']) ) ? TRUE : 0; +$preview = ( isset($_POST['preview']) ) ? TRUE : 0; +$confirm = ( isset($_POST['confirm']) ) ? TRUE : 0; +$delete = ( isset($_POST['delete']) ) ? TRUE : 0; +$delete_all = ( isset($_POST['deleteall']) ) ? TRUE : 0; + +$refresh = $preview || $submit_search; + +$mark_list = ( !empty($_POST['mark']) ) ? $_POST['mark'] : 0; + +if ( isset($_POST['folder']) || isset($_GET['folder']) ) +{ + $folder = ( isset($_POST['folder']) ) ? $_POST['folder'] : $_GET['folder']; + + if ( $folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox' ) + { + $folder = 'inbox'; + } +} +else +{ + $folder = 'inbox'; +} + +// +// Cancel +// +if ( $cancel ) +{ + redirect("privmsg.$phpEx$SIDfolder=$folder"); +} + +// Start session management +$user->start(); +$user->setup(); +$auth->acl($user->data); +// End session management + +// +// Var definitions +// +if ( !empty($_POST['mode']) || !empty($_GET['mode']) ) +{ + $mode = ( !empty($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode']; +} +else +{ + $mode = ''; +} + +$start = ( !empty($_GET['start']) ) ? intval($_GET['start']) : 0; + +if ( isset($_POST['p']) || isset($_GET['p']) ) +{ + $privmsg_id = ( isset($_POST['p']) ) ? intval($_POST['p']) : intval($_GET['p']); +} +else +{ + $privmsg_id = ''; +} + +$error = FALSE; + +// +// Define the box image links +// +$inbox_img = ( $folder != 'inbox' || $mode != '' ) ? '' . $lang['Inbox'] . '' : '' . $lang['Inbox'] . ''; +$inbox_url = ( $folder != 'inbox' || $mode != '' ) ? '' . $lang['Inbox'] . '' : $lang['Inbox']; + +$outbox_img = ( $folder != 'outbox' || $mode != '' ) ? '' . $lang['Outbox'] . '' : '' . $lang['Outbox'] . ''; +$outbox_url = ( $folder != 'outbox' || $mode != '' ) ? '' . $lang['Outbox'] . '' : $lang['Outbox']; + +$sentbox_img = ( $folder != 'sentbox' || $mode != '' ) ? '' . $lang['Sentbox'] . '' : '' . $lang['Sentbox'] . ''; +$sentbox_url = ( $folder != 'sentbox' || $mode != '' ) ? '' . $lang['Sentbox'] . '' : $lang['Sentbox']; + +$savebox_img = ( $folder != 'savebox' || $mode != '' ) ? '' . $lang['Savebox'] . '' : '' . $lang['Savebox'] . ''; +$savebox_url = ( $folder != 'savebox' || $mode != '' ) ? '' . $lang['Savebox'] . '' : $lang['Savebox']; + +// ---------- +// Start main +// +if ( $mode == 'newpm' ) +{ + $gen_simple_header = TRUE; + + $page_title = $lang['Private_Messaging']; + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + $template->set_filenames(array( + 'body' => 'privmsgs_popup.tpl') + ); + + if ( $userdata['user_id'] ) + { + if ( $userdata['user_new_privmsg'] ) + { + $l_new_message = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['You_new_pm'] : $lang['You_new_pms']; + } + else + { + $l_new_message = $lang['You_no_new_pm']; + } + + $l_new_message .= '

' . sprintf($lang['Click_view_privmsg'], '', ''); + } + else + { + $l_new_message = $lang['Login_check_pm']; + } + + $template->assign_vars(array( + 'L_CLOSE_WINDOW' => $lang['Close_window'], + 'L_MESSAGE' => $l_new_message) + ); + + $template->pparse('body'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +} +else if ( $mode == 'read' ) +{ + if ( !empty($_GET['p']) ) + { + $privmsgs_id = intval($_GET['p']); + } + else + { + message_die(MESSAGE, $lang['No_post_id']); + } + + if ( !$userdata['user_id'] ) + { + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true)); + } + + // + // SQL to pull appropriate message, prevents nosey people + // reading other peoples messages ... hopefully! + // + switch( $folder ) + { + case 'inbox': + $l_box_name = $lang['Inbox']; + $pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . " + AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + case 'outbox': + $l_box_name = $lang['Outbox']; + $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) "; + break; + case 'sentbox': + $l_box_name = $lang['Sentbox']; + $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL; + break; + case 'savebox': + $l_box_name = $lang['Savebox']; + $pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . " + AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) + OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) + )"; + break; + default: + message_die(MESSAGE, $lang['No_such_folder']); + break; + } + + // + // Major query obtains the message ... + // + $sql = "SELECT u.username AS username_1, u.user_id AS user_id_1, u2.username AS username_2, u2.user_id AS user_id_2, u.user_sig_bbcode_uid, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text + FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u, " . USERS_TABLE . " u2 + WHERE pm.privmsgs_id = $privmsgs_id + AND pmt.privmsgs_text_id = pm.privmsgs_id + $pm_sql_user + AND u.user_id = pm.privmsgs_from_userid + AND u2.user_id = pm.privmsgs_to_userid"; + $result = $db->sql_query($sql); + + // + // Did the query return any data? + // + if ( !($privmsg = $db->sql_fetchrow($result)) ) + { + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true)); + } + + $privmsg_id = $privmsg['privmsgs_id']; + + // + // Is this a new message in the inbox? If it is then save + // a copy in the posters sent box + // + if ( ( $privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL ) && $folder == 'inbox' ) + { + $sql = "UPDATE " . PRIVMSGS_TABLE . " + SET privmsgs_type = " . PRIVMSGS_READ_MAIL . " + WHERE privmsgs_id = " . $privmsg['privmsgs_id']; + $db->sql_query($sql); + + $sql = "UPDATE " . USERS_TABLE . " + SET user_unread_privmsg = user_unread_privmsg - 1 + WHERE user_id = " . $userdata['user_id']; + $db->sql_query($sql); + + // + // Check to see if the poster has a 'full' sent box + // + $sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time + FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . " + AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid']; + $result = $db->sql_query($sql); + + $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; + + if ( $sent_info = $db->sql_fetchrow($result) ) + { + if ( $sent_info['sent_items'] >= $config['max_sentbox_privmsgs'] ) + { + $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . " + AND privmsgs_date = " . $sent_info['oldest_post_time'] . " + AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid']; + $db->sql_query($sql); + } + } + + // + // This makes a copy of the post and stores it as a SENT message from the sendee. Perhaps + // not the most DB friendly way but a lot easier to manage, besides the admin will be able to + // set limits on numbers of storable posts for users ... hopefully! + // + $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) + VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_subject'])) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " . $privmsg['privmsgs_attach_sig'] . ")"; + $db->sql_query($sql); + + $privmsg_sent_id = $db->sql_nextid(); + + $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text) + VALUES ($privmsg_sent_id, '" . $privmsg['privmsgs_bbcode_uid'] . "', '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_text'])) . "')"; + $db->sql_query($sql); + } + + // + // Pick a folder, any folder, so long as it's one below ... + // + $post_urls = array( + 'post' => append_sid("privmsg.$phpEx?mode=post"), + 'reply' => append_sid("privmsg.$phpEx?mode=reply&" . POST_POST_URL . "=$privmsg_id"), + 'quote' => append_sid("privmsg.$phpEx?mode=quote&" . POST_POST_URL . "=$privmsg_id"), + 'edit' => append_sid("privmsg.$phpEx?mode=edit&" . POST_POST_URL . "=$privmsg_id") + ); + $post_icons = array( + 'post_img' => '' . $lang['Post_new_pm'] . '', + 'post' => '' . $lang['Post_new_pm'] . '', + 'reply_img' => '' . $lang['Post_reply_pm'] . '', + 'reply' => '' . $lang['Post_reply_pm'] . '', + 'quote_img' => '' . $lang['Post_quote_pm'] . '', + 'quote' => '' . $lang['Post_quote_pm'] . '', + 'edit_img' => '' . $lang['Edit_pm'] . '', + 'edit' => '' . $lang['Edit_pm'] . '' + ); + + if ( $folder == 'inbox' ) + { + $post_img = $post_icons['post_img']; + $reply_img = $post_icons['reply_img']; + $quote_img = $post_icons['quote_img']; + $edit_img = ''; + $post = $post_icons['post']; + $reply = $post_icons['reply']; + $quote = $post_icons['quote']; + $edit = ''; + $l_box_name = $lang['Inbox']; + } + else if ( $folder == 'outbox' ) + { + $post_img = $post_icons['post_img']; + $reply_img = ''; + $quote_img = ''; + $edit_img = $post_icons['edit_img']; + $post = $post_icons['post']; + $reply = ''; + $quote = ''; + $edit = $post_icons['edit']; + $l_box_name = $lang['Outbox']; + } + else if ( $folder == 'savebox' ) + { + if ( $privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL ) + { + $post_img = $post_icons['post_img']; + $reply_img = $post_icons['reply_img']; + $quote_img = $post_icons['quote_img']; + $edit_img = ''; + $post = $post_icons['post']; + $reply = $post_icons['reply']; + $quote = $post_icons['quote']; + $edit = ''; + } + else + { + $post_img = $post_icons['post_img']; + $reply_img = ''; + $quote_img = ''; + $edit_img = ''; + $post = $post_icons['post']; + $reply = ''; + $quote = ''; + $edit = ''; + } + $l_box_name = $lang['Saved']; + } + else if ( $folder == 'sentbox' ) + { + $post_img = $post_icons['post_img']; + $reply_img = ''; + $quote_img = ''; + $edit_img = ''; + $post = $post_icons['post']; + $reply = ''; + $quote = ''; + $edit = ''; + $l_box_name = $lang['Sent']; + } + + $s_hidden_fields = ''; + + $page_title = $lang['Read_private_message']; + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + // + // Load templates + // + $template->set_filenames(array( + 'body' => 'privmsgs_read_body.tpl') + ); + make_jumpbox('viewforum.'.$phpEx); + + $template->assign_vars(array( + 'INBOX_IMG' => $inbox_img, + 'SENTBOX_IMG' => $sentbox_img, + 'OUTBOX_IMG' => $outbox_img, + 'SAVEBOX_IMG' => $savebox_img, + 'INBOX' => $inbox_url, + + 'POST_PM_IMG' => $post_img, + 'REPLY_PM_IMG' => $reply_img, + 'EDIT_PM_IMG' => $edit_img, + 'QUOTE_PM_IMG' => $quote_img, + 'POST_PM' => $post, + 'REPLY_PM' => $reply, + 'EDIT_PM' => $edit, + 'QUOTE_PM' => $quote, + + 'SENTBOX' => $sentbox_url, + 'OUTBOX' => $outbox_url, + 'SAVEBOX' => $savebox_url, + + 'BOX_NAME' => $l_box_name, + + 'L_INBOX' => $lang['Inbox'], + 'L_OUTBOX' => $lang['Outbox'], + 'L_SENTBOX' => $lang['Sent'], + 'L_SAVEBOX' => $lang['Saved'], + 'L_FLAG' => $lang['Flag'], + 'L_SUBJECT' => $lang['Subject'], + 'L_POSTED' => $lang['Posted'], + 'L_DATE' => $lang['Date'], + 'L_FROM' => $lang['From'], + 'L_TO' => $lang['To'], + 'L_SAVE_MSG' => $lang['Save_message'], + 'L_DELETE_MSG' => $lang['Delete_message'], + + 'S_PRIVMSGS_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"), + 'S_HIDDEN_FIELDS' => $s_hidden_fields) + ); + + $username_from = $privmsg['username_1']; + $user_id_from = $privmsg['user_id_1']; + $username_to = $privmsg['username_2']; + $user_id_to = $privmsg['user_id_2']; + + $post_date = $user->format_date($privmsg['privmsgs_date']); + + $temp_url = append_sid("ucp.$phpEx?mode=viewprofile&u=$user_id_from"); + $profile_img = '' . $lang['Read_profile'] . ''; + $profile = '' . $lang['Read_profile'] . ''; + + $temp_url = append_sid("privmsg.$phpEx?mode=post&u=$poster_id"); + $pm_img = '' . $lang['Send_private_message'] . ''; + $pm = '' . $lang['Send_private_message'] . ''; + + if ( !empty($privmsg['user_viewemail']) || $auth->acl_get('a_') ) + { + $email_uri = ( $config['board_email_form'] ) ? append_sid("ucp.$phpEx?mode=email&u$user_id_from") : 'mailto:' . $privmsg['user_email']; + + $email_img = '' . $lang['Send_email'] . ''; + $email = '' . $lang['Send_email'] . ''; + } + else + { + $email_img = ''; + $email = ''; + } + + $www_img = ( $privmsg['user_website'] ) ? '' . $lang['Visit_website'] . '' : ''; + $www = ( $privmsg['user_website'] ) ? '' . $lang['Visit_website'] . '' : ''; + + if ( !empty($privmsg['user_icq']) ) + { + $icq_status_img = ''; + $icq_img = '' . $lang['ICQ'] . ''; + $icq = '' . $lang['ICQ'] . ''; + } + else + { + $icq_status_img = ''; + $icq_img = ''; + $icq = ''; + } + + $aim_img = ( $privmsg['user_aim'] ) ? '' . $lang['AIM'] . '' : ''; + $aim = ( $privmsg['user_aim'] ) ? '' . $lang['AIM'] . '' : ''; + + $temp_url = append_sid("ucp.$phpEx?mode=viewprofile&u=$poster_id"); + $msn_img = ( $privmsg['user_msnm'] ) ? '' . $lang['MSNM'] . '' : ''; + $msn = ( $privmsg['user_msnm'] ) ? '' . $lang['MSNM'] . '' : ''; + + $yim_img = ( $privmsg['user_yim'] ) ? '' . $lang['YIM'] . '' : ''; + $yim = ( $privmsg['user_yim'] ) ? '' . $lang['YIM'] . '' : ''; + + $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&showresults=posts"); + $search_img = '' . $lang['Search_user_posts'] . ''; + $search = '' . $lang['Search_user_posts'] . ''; + + // + // Processing of post + // + $post_subject = $privmsg['privmsgs_subject']; + + $private_message = $privmsg['privmsgs_text']; + $bbcode_uid = $privmsg['privmsgs_bbcode_uid']; + + if ( $config['allow_sig'] ) + { + $user_sig = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig'] : $privmsg['user_sig']; + } + else + { + $user_sig = ''; + } + + $user_sig_bbcode_uid = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig_bbcode_uid'] : $privmsg['user_sig_bbcode_uid']; + + // + // If the board has HTML off but the post has HTML + // on then we process it, else leave it alone + // + if ( !$config['allow_html'] ) + { + if ( $user_sig != '' && $privmsg['privmsgs_enable_sig'] && $userdata['user_allowhtml'] ) + { + $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig); + } + + if ( $privmsg['privmsgs_enable_html'] ) + { + $private_message = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $private_message); + } + } + + if ( $user_sig != '' && $privmsg['privmsgs_attach_sig'] && $user_sig_bbcode_uid != '' ) + { + $user_sig = ( $config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig); + } + + if ( $bbcode_uid != '' ) + { + $private_message = ( $config['allow_bbcode'] ) ? bbencode_second_pass($private_message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $private_message); + } + + $private_message = make_clickable($private_message); + + if ( $privmsg['privmsgs_attach_sig'] && $user_sig != '' ) + { + $private_message .= '

_________________
' . make_clickable($user_sig); + } + + if ( count($orig_word) ) + { + $post_subject = preg_replace($orig_word, $replacement_word, $post_subject); + $private_message = preg_replace($orig_word, $replacement_word, $private_message); + } + + if ( $config['allow_smilies'] && $privmsg['privmsgs_enable_smilies'] ) + { + $private_message = smilies_pass($private_message); + } + + $private_message = nl2br($private_message); + + // + // Dump it to the templating engine + // + $template->assign_vars(array( + 'MESSAGE_TO' => $username_to, + 'MESSAGE_FROM' => $username_from, + 'RANK_IMAGE' => $rank_image, + 'POSTER_JOINED' => $poster_joined, + 'POSTER_POSTS' => $poster_posts, + 'POSTER_FROM' => $poster_from, + 'POSTER_AVATAR' => $poster_avatar, + 'POST_SUBJECT' => $post_subject, + 'POST_DATE' => $post_date, + 'MESSAGE' => $private_message, + + 'PROFILE_IMG' => $profile_img, + 'PROFILE' => $profile, + 'SEARCH_IMG' => $search_img, + 'SEARCH' => $search, + 'EMAIL_IMG' => $email_img, + 'EMAIL' => $email, + 'WWW_IMG' => $www_img, + 'WWW' => $www, + 'ICQ_STATUS_IMG' => $icq_status_img, + 'ICQ_IMG' => $icq_img, + 'ICQ' => $icq, + 'AIM_IMG' => $aim_img, + 'AIM' => $aim, + 'MSN_IMG' => $msn_img, + 'MSN' => $msn, + 'YIM_IMG' => $yim_img, + 'YIM' => $yim) + ); + + $template->pparse('body'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +} +else if ( ( $delete && $mark_list ) || $delete_all ) +{ + if ( !$userdata['user_id'] ) + { + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); + } + if ( isset($mark_list) && !is_array($mark_list) ) + { + // Set to empty array instead of '0' if nothing is selected. + $mark_list = array(); + } + + if ( !$confirm ) + { + $s_hidden_fields = ''; + $s_hidden_fields .= ( isset($_POST['delete']) ) ? '' : ''; + + for($i = 0; $i < count($mark_list); $i++) + { + $s_hidden_fields .= ''; + } + + // + // Output confirmation page + // + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + $template->set_filenames(array( + 'confirm_body' => 'confirm_body.tpl') + ); + $template->assign_vars(array( + 'MESSAGE_TITLE' => $lang['Information'], + 'MESSAGE_TEXT' => ( count($mark_list) == 1 ) ? $lang['Confirm_delete_pm'] : $lang['Confirm_delete_pms'], + + 'L_YES' => $lang['Yes'], + 'L_NO' => $lang['No'], + + 'S_CONFIRM_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"), + 'S_HIDDEN_FIELDS' => $s_hidden_fields) + ); + + $template->pparse('confirm_body'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + + } + else if ( $confirm ) + { + if ( $delete_all ) + { + switch($folder) + { + case 'inbox': + $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND ( + privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'outbox': + $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'sentbox': + $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL; + break; + + case 'savebox': + $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) + OR ( privmsgs_to_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )"; + break; + } + + $sql = "SELECT privmsgs_id + FROM " . PRIVMSGS_TABLE . " + WHERE $delete_type"; + $result = $db->sql_query($sql); + + while ( $row = $db->sql_fetchrow($result) ) + { + $mark_list[] = $row['privmsgs_id']; + } + + unset($delete_type); + } + + if ( count($mark_list) ) + { + $delete_sql_id = implode(', ', $mark_list); + + // Need to decrement the new message counter of recipient + // problem is this doesn't affect the unread counter even + // though it may be the one that needs changing ... hhmmm + if ( $folder == 'outbox' ) + { + $sql = "SELECT privmsgs_to_userid + FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_id IN ($delete_sql_id) + AND privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_NEW_MAIL; + $result = $db->sql_query($sql); + + $update_pm_sql = ''; + while( $row = $db->sql_fetchrow($result) ) + { + $update_pm_sql .= ( ( $update_pm_sql != '' ) ? ', ' : '' ) . $row['privmsgs_to_userid']; + } + + if ( $update_pm_sql != '' ) + { + $sql = "UPDATE " . USERS_TABLE . " + SET user_new_privmsg = user_new_privmsg - 1 + WHERE user_id IN ($update_pm_sql)"; + $db->sql_query($sql); + } + + $sql = "SELECT privmsgs_to_userid + FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_id IN ($delete_sql_id) + AND privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL; + $result = $db->sql_query($sql); + + $update_pm_sql = ''; + while( $row = $db->sql_fetchrow($result) ) + { + $update_pm_sql .= ( ( $update_pm_sql != '' ) ? ', ' : '' ) . $row['privmsgs_to_userid']; + } + + if ( $update_pm_sql != '' ) + { + $sql = "UPDATE " . USERS_TABLE . " + SET user_unread_privmsg = user_unread_privmsg - 1 + WHERE user_id IN ($update_pm_sql)"; + $db->sql_query($sql); + } + } + + $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . " + WHERE privmsgs_text_id IN ($delete_sql_id)"; + $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_id IN ($delete_sql_id) + AND "; + + switch( $folder ) + { + case 'inbox': + $delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND ( + privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'outbox': + $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( + privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'sentbox': + $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL; + break; + + case 'savebox': + $delete_sql .= "( ( privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) + OR ( privmsgs_to_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )"; + break; + } + + $db->sql_query($delete_sql); + $db->sql_query($delete_text_sql); + } + } +} +else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' ) +{ + if ( !$userdata['user_id'] ) + { + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); + } + + // + // See if recipient is at their savebox limit + // + $sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time + FROM " . PRIVMSGS_TABLE . " + WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) + OR ( privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )"; + $result = $db->sql_query($sql); + + $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; + + if ( $saved_info = $db->sql_fetchrow($result) ) + { + if ( $saved_info['savebox_items'] >= $config['max_savebox_privmsgs'] ) + { + $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " + WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) + OR ( privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") ) + AND privmsgs_date = " . $saved_info['oldest_post_time']; + $db->sql_query($sql); + } + } + + // + // Process request + // + $saved_sql = "UPDATE " . PRIVMSGS_TABLE; + + switch( $folder ) + { + case 'inbox': + $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " + WHERE privmsgs_to_userid = " . $userdata['user_id'] . " + AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")"; + break; + + case 'outbox': + $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " + WHERE privmsgs_from_userid = " . $userdata['user_id'] . " + AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) "; + break; + + case 'sentbox': + $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " + WHERE privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SENT_MAIL; + break; + } + + if ( count($mark_list) ) + { + $saved_sql_id = ''; + for($i = 0; $i < count($mark_list); $i++) + { + $saved_sql_id .= ( ( $saved_sql_id != '' ) ? ', ' : '' ) . $mark_list[$i]; + } + + $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)"; + + $db->sql_query($saved_sql); + } + +} +else if ( $submit || $refresh || $mode != '' ) +{ + + if ( !$userdata['user_id'] ) + { + $user_id = ( isset($_GET['u']) ) ? '&u=' . intval($_GET['u']) : ''; + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true)); + } + + // + // Toggles + // + if ( !$config['allow_html'] ) + { + $html_on = 0; + } + else + { + $html_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml']; + } + + if ( !$config['allow_bbcode'] ) + { + $bbcode_on = 0; + } + else + { + $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode']; + } + + if ( !$config['allow_smilies'] ) + { + $smilies_on = 0; + } + else + { + $smilies_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile']; + } + + $attach_sig = ( $submit || $refresh ) ? ( ( !empty($_POST['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig']; + $user_sig = ( $userdata['user_sig'] != '' && $config['allow_sig'] ) ? $userdata['user_sig'] : ""; + + if ( $submit && $mode != 'edit' ) + { + // Flood control + $sql = "SELECT MAX(privmsgs_date) AS last_post_time + FROM " . PRIVMSGS_TABLE . " + WHERE privmsgs_from_userid = " . $userdata['user_id']; + $result = $db->sql_query($sql); + + $db_row = $db->sql_fetchrow($result); + + $last_post_time = $db_row['last_post_time']; + $current_time = time(); + + if ( ( $current_time - $last_post_time ) < $config['flood_interval']) + { + message_die(MESSAGE, $lang['Flood_Error']); + } + // End Flood control + } + + if ( $submit ) + { + if ( !empty($_POST['username']) ) + { + $to_username = $_POST['username']; + + $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active + FROM " . USERS_TABLE . " + WHERE username = '" . str_replace("\'", "''", $to_username) . "' + AND user_id <> " . ANONYMOUS; + if ( !($result = $db->sql_query($sql)) ) + { + $error = TRUE; + $error_msg = $lang['No_such_user']; + } + + $to_userdata = $db->sql_fetchrow($result); + } + else + { + $error = TRUE; + $error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['No_to_user']; + } + + $privmsg_subject = trim(strip_tags($_POST['subject'])); + if ( empty($privmsg_subject) ) + { + $error = TRUE; + $error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['Empty_subject']; + } + + if ( !empty($_POST['message']) ) + { + if ( !$error ) + { + if ( $bbcode_on ) + { + $bbcode_uid = make_bbcode_uid(); + } + + $privmsg_message = prepare_message($_POST['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid); + + } + } + else + { + $error = TRUE; + $error_msg .= ( ( !empty($error_msg) ) ? '
' : '' ) . $lang['Empty_message']; + } + } + + if ( $submit && !$error ) + { + // + // Has admin prevented user from sending PM's? + // + if ( !$userdata['user_allow_pm'] ) + { + $message = $lang['Cannot_send_privmsg']; + message_die(MESSAGE, $message); + } + + $msg_time = time(); + + if ( $mode != 'edit' ) + { + // + // See if recipient is at their inbox limit + // + $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time + FROM " . PRIVMSGS_TABLE . " + WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) + AND privmsgs_to_userid = " . $to_userdata['user_id']; + $result = $db->sql_query($sql); + + $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : ''; + + if ( $inbox_info = $db->sql_fetchrow($result) ) + { + if ( $inbox_info['inbox_items'] >= $config['max_inbox_privmsgs'] ) + { + $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . " + WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) + AND privmsgs_date = " . $inbox_info['oldest_post_time'] . " + AND privmsgs_to_userid = " . $to_userdata['user_id']; + $db->sql_query($sql); + } + } + + $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) + VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\'", "''", $privmsg_subject) . "', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '$user_ip', $html_on, $bbcode_on, $smilies_on, $attach_sig)"; + } + else + { + $sql_info = "UPDATE " . PRIVMSGS_TABLE . " + SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '" . str_replace("\'", "''", $privmsg_subject) . "', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '$user_ip', privmsgs_enable_html = $html_on, privmsgs_enable_bbcode = $bbcode_on, privmsgs_enable_smilies = $smilies_on, privmsgs_attach_sig = $attach_sig + WHERE privmsgs_id = $privmsg_id"; + } + + $db->sql_query($sql_info); + + if ( $mode != 'edit' ) + { + $privmsg_sent_id = $db->sql_nextid(); + + $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text) + VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '" . str_replace("\'", "''", $privmsg_message) . "')"; + } + else + { + $sql = "UPDATE " . PRIVMSGS_TEXT_TABLE . " + SET privmsgs_text = '" . str_replace("\'", "''", $privmsg_message) . "', privmsgs_bbcode_uid = '$bbcode_uid' + WHERE privmsgs_text_id = $privmsg_id"; + } + + $db->sql_query($sql); + + if ( $mode != 'edit' ) + { + // + // Add to the users new pm counter + // + $sql = "UPDATE " . USERS_TABLE . " + SET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . " + WHERE user_id = " . $to_userdata['user_id']; + if ( !$status = $db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql); + } + + if ( $to_userdata['user_notify_pm'] && !empty($to_userdata['user_email']) && $to_userdata['user_active'] ) + { + $email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n"; + + $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($config['script_path'])); + $script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx; + $server_name = trim($config['server_name']); + $server_protocol = ( $config['cookie_secure'] ) ? 'https://' : 'http://'; + $server_port = ( $config['server_port'] <> 80 ) ? ':' . trim($config['server_port']) . '/' : '/'; + + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($config['smtp_delivery']); + + $emailer->use_template('privmsg_notify', $to_userdata['user_lang']); + $emailer->extra_headers($email_headers); + $emailer->email_address($to_userdata['user_email']); + $emailer->set_subject(); //$lang['Notification_subject'] + + $emailer->assign_vars(array( + 'USERNAME' => $to_username, + 'SITENAME' => $config['sitename'], + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + + 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox') + ); + + $emailer->send(); + $emailer->reset(); + } + } + + $template->assign_vars(array( + 'META' => '') + ); + + $msg = $lang['Message_sent'] . '

' . sprintf($lang['Click_return_inbox'], '', ' ') . '

' . sprintf($lang['Click_return_index'], '', ''); + + message_die(GMESSAGE, $msg); + } + else if ( $preview || $refresh || $error ) + { + + // + // If we're previewing or refreshing then obtain the data + // passed to the script, process it a little, do some checks + // where neccessary, etc. + // + $to_username = ( isset($_POST['username']) ) ? trim(strip_tags(stripslashes($_POST['username']))) : ''; + $privmsg_subject = ( isset($_POST['subject']) ) ? trim(strip_tags(stripslashes($_POST['subject']))) : ''; + $privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : ''; + $privmsg_message = preg_replace('##si', '</textarea>', $privmsg_message); + + $user_sig = ( $config['allow_sig'] ) ? $privmsg['user_sig'] : ''; + + $to_username = $privmsg['username']; + $to_userid = $privmsg['user_id']; + + } + else if ( $mode == 'reply' || $mode == 'quote' ) + { + + $sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id + FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u + WHERE pm.privmsgs_id = $privmsg_id + AND pmt.privmsgs_text_id = pm.privmsgs_id + AND pm.privmsgs_to_userid = " . $userdata['user_id'] . " + AND u.user_id = pm.privmsgs_from_userid"; + $result = $db->sql_query($sql); + + if ( !($privmsg = $db->sql_fetchrow($result)) ) + { + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("privmsg.$phpEx?folder=$folder", true)); + } + + $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject']; + + $to_username = $privmsg['username']; + $to_userid = $privmsg['user_id']; + + if ( $mode == 'quote' ) + { + $privmsg_message = $privmsg['privmsgs_text']; + $privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid']; + + $privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message); + $privmsg_message = str_replace('
', "\n", $privmsg_message); + $privmsg_message = preg_replace('##si', '</textarea>', $privmsg_message); + + $msg_date = $user->format_date($privmsg['privmsgs_date']); + + $privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]'; + + $mode = 'reply'; + } + } + } + + // + // Has admin prevented user from sending PM's? + // + if ( !$userdata['user_allow_pm'] && $mode != 'edit' ) + { + $message = $lang['Cannot_send_privmsg']; + message_die(MESSAGE, $message); + } + + // + // Start output, first preview, then errors then post form + // + $page_title = $lang['Send_private_message']; + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + if ( $preview && !$error ) + { + $orig_word = array(); + $replacement_word = array(); + obtain_word_list($orig_word, $replacement_word); + + if ( $bbcode_on ) + { + $bbcode_uid = make_bbcode_uid(); + } + + $preview_message = stripslashes(prepare_message($privmsg_message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid)); + $privmsg_message = stripslashes(preg_replace($html_entities_match, $html_entities_replace, $privmsg_message)); + + // + // Finalise processing as per viewtopic + // + if ( !$html_on ) + { + if ( $user_sig != '' || !$userdata['user_allowhtml'] ) + { + $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig); + } + } + + if ( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] ) + { + $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']); + } + + if ( $bbcode_on ) + { + $preview_message = bbencode_second_pass($preview_message, $bbcode_uid); + } + + if ( $attach_sig && $user_sig != '' ) + { + $preview_message = $preview_message . '

_________________
' . $user_sig; + } + + if ( count($orig_word) ) + { + $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject); + $preview_message = preg_replace($orig_word, $replacement_word, $preview_message); + } + else + { + $preview_subject = $privmsg_subject; + } + + if ( $smilies_on ) + { + $preview_message = smilies_pass($preview_message); + } + + $preview_message = make_clickable($preview_message); + $preview_message = nl2br($preview_message); + + $s_hidden_fields = ''; + $s_hidden_fields .= ''; + + if ( isset($privmsg_id) ) + { + $s_hidden_fields .= ''; + } + + $template->set_filenames(array( + "preview" => 'privmsgs_preview.tpl') + ); + + $template->assign_vars(array( + 'TOPIC_TITLE' => $preview_subject, + 'POST_SUBJECT' => $preview_subject, + 'MESSAGE_TO' => $to_username, + 'MESSAGE_FROM' => $userdata['username'], + 'POST_DATE' => $user->date_format(time()), + 'MESSAGE' => $preview_message, + + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + + 'L_SUBJECT' => $lang['Subject'], + 'L_DATE' => $lang['Date'], + 'L_FROM' => $lang['From'], + 'L_TO' => $lang['To'], + 'L_PREVIEW' => $lang['Preview'], + 'L_POSTED' => $lang['Posted']) + ); + + $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview'); + } + + // + // Start error handling + // + if ($error) + { + $template->set_filenames(array( + 'reg_header' => 'error_body.tpl') + ); + $template->assign_vars(array( + 'ERROR_MESSAGE' => $error_msg) + ); + $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); + } + + // + // Load templates + // + $template->set_filenames(array( + 'body' => 'posting_body.tpl') + ); + make_jumpbox('viewforum.'.$phpEx); + + // + // Enable extensions in posting_body + // + $template->assign_block_vars('switch_privmsg', array()); + + // + // HTML toggle selection + // + if ( $config['allow_html'] ) + { + $html_status = $lang['HTML_is_ON']; + $template->assign_block_vars('switch_html_checkbox', array()); + } + else + { + $html_status = $lang['HTML_is_OFF']; + } + + // + // BBCode toggle selection + // + if ( $config['allow_bbcode'] ) + { + $bbcode_status = $lang['BBCode_is_ON']; + $template->assign_block_vars('switch_bbcode_checkbox', array()); + } + else + { + $bbcode_status = $lang['BBCode_is_OFF']; + } + + // + // Smilies toggle selection + // + if ( $config['allow_smilies'] ) + { + $smilies_status = $lang['Smilies_are_ON']; + $template->assign_block_vars('switch_smilies_checkbox', array()); + } + else + { + $smilies_status = $lang['Smilies_are_OFF']; + } + + // + // Signature toggle selection - only show if + // the user has a signature + // + if ( $user_sig != '' ) + { + $template->assign_block_vars('switch_signature_checkbox', array()); + } + + if ( $mode == 'post' ) + { + $post_a = $lang['Send_a_new_message']; + } + else if ( $mode == 'reply' ) + { + $post_a = $lang['Send_a_reply']; + $mode = 'post'; + } + else if ( $mode == 'edit' ) + { + $post_a = $lang['Edit_message']; + } + + $s_hidden_fields = ''; + $s_hidden_fields .= ''; + if ( $mode == 'edit' ) + { + $s_hidden_fields .= ''; + } + + // + // Send smilies to template + // + generate_smilies('inline', PAGE_PRIVMSGS); + + $template->assign_vars(array( + 'SUBJECT' => preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject), + 'USERNAME' => preg_replace($html_entities_match, $html_entities_replace, $to_username), + 'MESSAGE' => $privmsg_message, + 'HTML_STATUS' => $html_status, + 'SMILIES_STATUS' => $smilies_status, + 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), + 'FORUM_NAME' => $lang['Private_message'], + + 'BOX_NAME' => $l_box_name, + 'INBOX_IMG' => $inbox_img, + 'SENTBOX_IMG' => $sentbox_img, + 'OUTBOX_IMG' => $outbox_img, + 'SAVEBOX_IMG' => $savebox_img, + 'INBOX' => $inbox_url, + 'SENTBOX' => $sentbox_url, + 'OUTBOX' => $outbox_url, + 'SAVEBOX' => $savebox_url, + + 'L_SUBJECT' => $lang['Subject'], + 'L_MESSAGE_BODY' => $lang['Message_body'], + 'L_OPTIONS' => $lang['Options'], + 'L_SPELLCHECK' => $lang['Spellcheck'], + 'L_PREVIEW' => $lang['Preview'], + 'L_SUBMIT' => $lang['Submit'], + 'L_CANCEL' => $lang['Cancel'], + 'L_POST_A' => $post_a, + 'L_FIND_USERNAME' => $lang['Find_username'], + 'L_FIND' => $lang['Find'], + 'L_DISABLE_HTML' => $lang['Disable_HTML_pm'], + 'L_DISABLE_BBCODE' => $lang['Disable_BBCode_pm'], + 'L_DISABLE_SMILIES' => $lang['Disable_Smilies_pm'], + 'L_ATTACH_SIGNATURE' => $lang['Attach_signature'], + + 'L_BBCODE_B_HELP' => $lang['bbcode_b_help'], + 'L_BBCODE_I_HELP' => $lang['bbcode_i_help'], + 'L_BBCODE_U_HELP' => $lang['bbcode_u_help'], + 'L_BBCODE_Q_HELP' => $lang['bbcode_q_help'], + 'L_BBCODE_C_HELP' => $lang['bbcode_c_help'], + 'L_BBCODE_L_HELP' => $lang['bbcode_l_help'], + 'L_BBCODE_O_HELP' => $lang['bbcode_o_help'], + 'L_BBCODE_P_HELP' => $lang['bbcode_p_help'], + 'L_BBCODE_W_HELP' => $lang['bbcode_w_help'], + 'L_BBCODE_A_HELP' => $lang['bbcode_a_help'], + 'L_BBCODE_S_HELP' => $lang['bbcode_s_help'], + 'L_BBCODE_F_HELP' => $lang['bbcode_f_help'], + 'L_EMPTY_MESSAGE' => $lang['Empty_message'], + + 'L_FONT_SIZE' => $lang['Font_size'], + 'L_FONT_TINY' => $lang['font_tiny'], + 'L_FONT_SMALL' => $lang['font_small'], + 'L_FONT_NORMAL' => $lang['font_normal'], + 'L_FONT_LARGE' => $lang['font_large'], + 'L_FONT_HUGE' => $lang['font_huge'], + + 'L_BBCODE_CLOSE_TAGS' => $lang['Close_Tags'], + 'L_STYLES_TIP' => $lang['Styles_tip'], + + 'S_HTML_CHECKED' => ( !$html_on ) ? ' checked="checked"' : '', + 'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? ' checked="checked"' : '', + 'S_SMILIES_CHECKED' => ( !$smilies_on ) ? ' checked="checked"' : '', + 'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? ' checked="checked"' : '', + 'S_NAMES_SELECT' => $user_names_select, + 'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields, + 'S_POST_ACTION' => append_sid("privmsg.$phpEx"), + + 'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser"), + 'U_VIEW_FORUM' => append_sid("privmsg.$phpEx")) + ); + + $template->display('body'); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); +} + +// +// Default page +// +if ( !$userdata['user_id'] ) +{ + $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: '; + header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true)); +} + +// Update unread status +$sql = "UPDATE " . USERS_TABLE . " + SET user_unread_privmsg = user_unread_privmsg + user_new_privmsg, user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . " + WHERE user_id = " . $userdata['user_id']; +$db->sql_query($sql); + +$sql = "UPDATE " . PRIVMSGS_TABLE . " + SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " + WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + AND privmsgs_to_userid = " . $userdata['user_id']; +$db->sql_query($sql); + +// Reset PM counters +$userdata['user_new_privmsg'] = 0; +$userdata['user_unread_privmsg'] = ( $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'] ); + +// Generate page +$page_title = $lang['Private_Messaging']; +include($phpbb_root_path . 'includes/page_header.'.$phpEx); + +// Load templates +$template->set_filenames(array( + 'body' => 'privmsgs_body.tpl') +); +make_jumpbox('viewforum.'.$phpEx); + +// +// New message +// +$post_new_mesg_url = '' . $lang['Post_new_message'] . ''; + +// +// General SQL to obtain messages +// +$sql_tot = "SELECT COUNT(privmsgs_id) AS total + FROM " . PRIVMSGS_TABLE . " "; +$sql = "SELECT pm.privmsgs_type, pm.privmsgs_id, pm.privmsgs_date, pm.privmsgs_subject, u.user_id, u.username + FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u "; +switch( $folder ) +{ + case 'inbox': + $sql_tot .= "WHERE privmsgs_to_userid = " . $userdata['user_id'] . " + AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + + $sql .= "WHERE pm.privmsgs_to_userid = " . $userdata['user_id'] . " + AND u.user_id = pm.privmsgs_from_userid + AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'outbox': + $sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . " + AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + + $sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND u.user_id = pm.privmsgs_to_userid + AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " + OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; + break; + + case 'sentbox': + $sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SENT_MAIL; + + $sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND u.user_id = pm.privmsgs_to_userid + AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL; + break; + + case 'savebox': + $sql_tot .= "WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) + OR ( privmsgs_from_userid = " . $userdata['user_id'] . " + AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )"; + + $sql .= "WHERE ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . " + AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " + AND u.user_id = pm.privmsgs_from_userid ) + OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . " + AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " + AND u.user_id = pm.privmsgs_from_userid ) )"; + break; + + default: + message_die(MESSAGE, $lang['No_such_folder']); + break; +} + +// +// Show messages over previous x days/months +// +if ( $submit_msgdays && ( !empty($_POST['msgdays']) || !empty($_GET['msgdays']) ) ) +{ + $msg_days = ( !empty($_POST['msgdays']) ) ? intval($_POST['msgdays']) : intval($_GET['msgdays']); + $min_msg_time = time() - ($msg_days * 86400); + + $limit_msg_time_total = " AND privmsgs_date > $min_msg_time"; + $limit_msg_time = " AND pm.privmsgs_date > $min_msg_time "; + + if ( !empty($_POST['msgdays']) ) + { + $start = 0; + } +} +else +{ + $limit_msg_time = ''; + $post_days = 0; +} + +$sql .= $limit_msg_time . " ORDER BY pm.privmsgs_date DESC LIMIT $start, " . $config['topics_per_page']; +$sql_all_tot = $sql_tot; +$sql_tot .= $limit_msg_time_total; + +// +// Get messages +// +$result = $db->sql_query($sql_tot); +$pm_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0; + +$result = $db->sql_query($sql_all_tot); +$pm_all_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0; + +// +// Build select box +// +$previous_days = array(0, 1, 7, 14, 30, 90, 180, 364); +$previous_days_text = array($lang['All_Posts'], $lang['1_Day'], $lang['7_Days'], $lang['2_Weeks'], $lang['1_Month'], $lang['3_Months'], $lang['6_Months'], $lang['1_Year']); + +$select_msg_days = ''; +for($i = 0; $i < count($previous_days); $i++) +{ + $selected = ( $msg_days == $previous_days[$i] ) ? ' selected="selected"' : ''; + $select_msg_days .= ''; +} + +// +// Define correct icons +// +if ( $folder == 'inbox' ) +{ + $post_pm_img = '' . $lang['Post_new_pm'] . ''; + $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $edit_pm_img = ''; + + $l_box_name = $lang['Inbox']; +} +else if ( $folder == 'outbox' ) +{ + $post_pm_img = '' . $lang['Post_new_pm'] . ''; + $reply_pm_img = ''; + $quote_pm_img = ''; + $edit_pm_img = '' . $lang['Edit_pm'] . ''; + + $l_box_name = $lang['Outbox']; +} +else if ( $folder == 'savebox' ) +{ + $post_pm_img = '' . $lang['Post_new_pm'] . ''; + $reply_pm_img = '' . $lang['Post_reply_pm'] . ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $edit_pm_img = ''; + + $l_box_name = $lang['Savedbox']; +} +else if ( $folder == 'sentbox' ) +{ + $post_pm_img = '' . $lang['Post_new_pm'] . ''; + $reply_pm_img = ''; + $quote_pm_img = '' . $lang['Post_quote_pm'] . ''; + $edit_pm_img = ''; + + $l_box_name = $lang['Sentbox']; +} + +// +// Output data for inbox status +// +if ( $folder != 'outbox' ) +{ + if ( $config['max_' . $folder . '_privmsgs'] > 0 ) + { + $inbox_limit_pct = round(( $pm_all_total / $config['max_' . $folder . '_privmsgs'] ) * 100); + } + else + { + $inbox_limit_pct = 100; + } + if ( $config['max_' . $folder . '_privmsgs'] > 0 ) + { + $inbox_limit_img_length = round(( $pm_all_total / $config['max_' . $folder . '_privmsgs'] ) * $config['privmsg_graphic_length']); + } + else + { + $inbox_limit_img_length = $config['privmsg_graphic_length']; + } + if ( $config['max_' . $folder . '_privmsgs'] > 0 ) + { + $inbox_limit_remain = $config['max_' . $folder . '_privmsgs'] - $pm_all_total; + } + else + { + $inbox_limit_remain = 0; + } + + $template->assign_block_vars('switch_box_size_notice', array()); + + switch( $folder ) + { + case 'inbox': + $l_box_size_status = sprintf($lang['Inbox_size'], $inbox_limit_pct); + break; + case 'sentbox': + $l_box_size_status = sprintf($lang['Sentbox_size'], $inbox_limit_pct); + break; + case 'savebox': + $l_box_size_status = sprintf($lang['Savebox_size'], $inbox_limit_pct); + break; + default: + $l_box_size_status = ''; + break; + } +} + +// +// Dump vars to template +// +$template->assign_vars(array( + 'BOX_NAME' => $l_box_name, + 'INBOX_IMG' => $inbox_img, + 'SENTBOX_IMG' => $sentbox_img, + 'OUTBOX_IMG' => $outbox_img, + 'SAVEBOX_IMG' => $savebox_img, + 'INBOX' => $inbox_url, + 'SENTBOX' => $sentbox_url, + 'OUTBOX' => $outbox_url, + 'SAVEBOX' => $savebox_url, + + 'POST_PM_IMG' => $post_pm_img, + + 'INBOX_LIMIT_IMG_WIDTH' => $inbox_limit_img_length, + 'INBOX_LIMIT_PERCENT' => $inbox_limit_pct, + + 'BOX_SIZE_STATUS' => $l_box_size_status, + + 'L_INBOX' => $lang['Inbox'], + 'L_OUTBOX' => $lang['Outbox'], + 'L_SENTBOX' => $lang['Sent'], + 'L_SAVEBOX' => $lang['Saved'], + 'L_MARK' => $lang['Mark'], + 'L_FLAG' => $lang['Flag'], + 'L_SUBJECT' => $lang['Subject'], + 'L_DATE' => $lang['Date'], + 'L_DISPLAY_MESSAGES' => $lang['Display_messages'], + 'L_FROM_OR_TO' => ( $folder == 'inbox' || $folder == 'savebox' ) ? $lang['From'] : $lang['To'], + 'L_MARK_ALL' => $lang['Mark_all'], + 'L_UNMARK_ALL' => $lang['Unmark_all'], + 'L_DELETE_MARKED' => $lang['Delete_marked'], + 'L_DELETE_ALL' => $lang['Delete_all'], + 'L_SAVE_MARKED' => $lang['Save_marked'], + + 'S_PRIVMSGS_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"), + 'S_HIDDEN_FIELDS' => '', + 'S_POST_NEW_MSG' => $post_new_mesg_url, + 'S_SELECT_MSG_DAYS' => $select_msg_days, + + 'U_POST_NEW_TOPIC' => $post_new_topic_url) +); + +// Okay, let's build the correct folder +$result = $db->sql_query($sql); + +if ( $row = $db->sql_fetchrow($result) ) +{ + do + { + $privmsg_id = $row['privmsgs_id']; + + $flag = $row['privmsgs_type']; + + $icon_flag = ( $flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? $images['pm_unreadmsg'] : $images['pm_readmsg']; + $icon_flag_alt = ( $flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? $lang['Unread_message'] : $lang['Read_message']; + + $msg_userid = $row['user_id']; + $msg_username = $row['username']; + + $u_from_user_profile = append_sid("ucp.$phpEx?mode=viewprofile&u=$msg_userid"); + + $msg_subject = $row['privmsgs_subject']; + + if ( count($orig_word) ) + { + $msg_subject = preg_replace($orig_word, $replacement_word, $msg_subject); + } + + $u_subject = append_sid("privmsg.$phpEx?folder=$folder&mode=read&p=$privmsg_id"); + + $msg_date = $user_format_date($row['privmsgs_date']); + + if ( $flag == PRIVMSGS_NEW_MAIL && $folder == 'inbox' ) + { + $msg_subject = '' . $msg_subject . ''; + $msg_date = '' . $msg_date . ''; + $msg_username = '' . $msg_username . ''; + } + + $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; + $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; + + $template->assign_block_vars('listrow', array( + 'ROW_COLOR' => '#' . $row_color, + 'ROW_CLASS' => $row_class, + 'FROM' => $msg_username, + 'SUBJECT' => $msg_subject, + 'DATE' => $msg_date, + 'PRIVMSG_FOLDER_IMG' => $icon_flag, + + 'L_PRIVMSG_FOLDER_ALT' => $icon_flag_alt, + + 'S_MARK_ID' => $privmsg_id, + + 'U_READ' => $u_subject, + 'U_FROM_USER_PROFILE' => $u_from_user_profile) + ); + } + while( $row = $db->sql_fetchrow($result) ); + + $template->assign_vars(array( + 'PAGINATION' => generate_pagination("privmsg.$phpEx?folder=$folder", $pm_total, $config['topics_per_page'], $start), + 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $config['topics_per_page'] ) + 1 ), ceil( $pm_total / $config['topics_per_page'] )), + + 'L_GOTO_PAGE' => $lang['Goto_page']) + ); + +} +else +{ + $template->assign_vars(array( + 'L_NO_MESSAGES' => $lang['No_messages_folder']) + ); + + $template->assign_block_vars("switch_no_messages", array() ); +} + +$template->pparse('body'); + +include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +?> \ No newline at end of file diff --git a/phpBB/ucp/usercp_register.php b/phpBB/ucp/usercp_register.php new file mode 100755 index 0000000000..21472bd4df --- /dev/null +++ b/phpBB/ucp/usercp_register.php @@ -0,0 +1,656 @@ +set_filenames(array( + 'body' => 'agreement.html') + ); + + if($config['require_activation'] == USER_ACTIVATION_SELF) + { + $template->assign_vars(array('REGISTRATION_CONDITIONS' => $user->lang['Reg_email_activation'])); + } + else if($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + $template->assign_vars(array('REGISTRATION_CONDITIONS' => $user->lang['Reg_admin_activation'])); + } + + $template->assign_vars(array( + 'REGISTRATION' => $user->lang['REGISTRATION'], + 'AGREEMENT' => $user->lang['REG_AGREEMENT'], + "AGREE_OVER_13" => $user->lang['AGREE_OVER_13'], + "AGREE_UNDER_13" => $user->lang['AGREE_UNDER_13'], + 'DO_NOT_AGREE' => $user->lang['AGREE_NOT'], + 'AGREE' => $user->lang['AGREE'], + + 'U_UCP_AGREE' => 'ucp.' . $phpEx, + + "U_AGREE_OVER13" => "ucp.$phpEx?$SID&mode=register&agreed=true", + "U_AGREE_UNDER13" => "ucp.$phpEx?$SID&mode=register&agreed=true&coppa=true") + ); +} +// +// --------------------------------------- + +// +// +// +if ($mode == 'register' && $config['require_activation'] == USER_ACTIVATION_DISABLE) +{ + trigger_error($user->lang['Cannot_register']); +} + +// +// +// +$error = FALSE; + +$page_title = $user->lang['Register']; + +if ($mode == 'register') +{ + if(!isset($_POST['agree']) && !isset($_GET['agree']) && !isset($_POST['coppa_over_13']) && !isset($_GET['coppa_over_13']) && !isset($_POST['coppa_under_13']) && !isset($_GET['coppa_under_13']) && !$_POST['agreed']) + { + $agreed = FALSE; + include($phpbb_root_path . 'includes/page_header.'.$phpEx); + + show_coppa(); + + include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + } + else + { + $agreed = TRUE; + } +} + +$coppa = (empty($_POST['coppa_under_13']) && empty($_GET['coppa_under_13'])) ? 0 : TRUE; + +// +// Check and initialize some variables if needed +// +if (isset($_POST['submit']) || $mode == 'register') +{ + $strip_var_list = array('username' => 'username', 'email' => 'email'); + + foreach ($strip_var_list as $var => $param) + { + if (!empty($_POST[$param])) + { + $$var = trim(strip_tags($_POST[$param])); + } + } + + $trim_var_list = array('password_current' => 'cur_password', 'password' => 'new_password', 'password_confirm' => 'password_confirm'); + + foreach ($trim_var_list as $var => $param) + { + if (!empty($_POST[$param])) + { + $$var = trim($_POST[$param]); + } + } + + $username = str_replace(' ', '', $username); + $email = htmlspecialchars($email); + + // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to + // empty strings if they fail. + //validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); + + $viewemail = (isset($_POST['viewemail'])) ? (($_POST['viewemail']) ? TRUE : 0) : 0; + $allowviewonline = (isset($_POST['hideonline'])) ? (($_POST['hideonline']) ? 0 : TRUE) : TRUE; + $notifyreply = (isset($_POST['notifyreply'])) ? (($_POST['notifyreply']) ? TRUE : 0) : 0; + $notifypm = (isset($_POST['notifypm'])) ? (($_POST['notifypm']) ? TRUE : 0) : TRUE; + $popuppm = (isset($_POST['popup_pm'])) ? (($_POST['popup_pm']) ? TRUE : 0) : TRUE; + + $attachsig = (isset($_POST['attachsig'])) ? (($_POST['attachsig']) ? TRUE : 0) : $config['allow_sig']; + + $allowhtml = (isset($_POST['allowhtml'])) ? (($_POST['allowhtml']) ? TRUE : 0) : $config['allow_html']; + $allowbbcode = (isset($_POST['allowbbcode'])) ? (($_POST['allowbbcode']) ? TRUE : 0) : $config['allow_bbcode']; + $allowsmilies = (isset($_POST['allowsmilies'])) ? (($_POST['allowsmilies']) ? TRUE : 0) : $config['allow_smilies']; + + $user_style = (isset($_POST['style'])) ? intval($_POST['style']) : $config['default_style']; + + if (!empty($_POST['language'])) + { + if (preg_match('/^[a-z_]+$/i', $_POST['language'])) + { + $user_lang = $_POST['language']; + } + else + { + $error = true; + $error_msg = $user->lang['Fields_empty']; + } + } + else + { + $user_lang = $config['default_lang']; + } + + $user_timezone = (isset($_POST['timezone'])) ? doubleval($_POST['timezone']) : $config['board_timezone']; + $user_dateformat = (!empty($_POST['dateformat'])) ? trim($_POST['dateformat']) : $config['default_dateformat']; + +} + + +// +// Did the user submit? In this case build a query to update the users profile in the DB +// +if (isset($_POST['submit'])) +{ + $passwd_sql = ''; + + if (empty($username) || empty($password) || empty($password_confirm) || empty($email)) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $user->lang['Fields_empty']; + } + + $passwd_sql = ''; + if (!empty($password) && !empty($password_confirm)) + { + if ($password != $password_confirm) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $user->lang['Password_mismatch']; + } + else if (strlen($password) > 32) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $user->lang['Password_long']; + } + else + { + if (!$error) + { + $password = md5($password); + $passwd_sql = "user_password = '$password', "; + } + } + } + else if ((empty($password) && !empty($password_confirm)) || (!empty($password) && empty($password_confirm))) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $user->lang['Password_mismatch']; + } + else + { + $password = $user->data['user_password']; + } + + // + // Do a ban check on this email address + // + if ($email != $user->data['user_email'] || $mode == 'register') + { + if (($result = validate_email($email)) != false) + { + $email = $user->data['user_email']; + + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $result; + } + } + + $username_sql = ''; + + if (empty($username)) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $user->lang['Username_disallowed']; + } + else + { + if (($result = validate_username($username)) != false) + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $result; + } + else + { + $username_sql = "username = '" . $username . "', "; + } + } + + // + // Visual Confirmation handling + // + if ($config['enable_confirm']) + { + + if (empty($_POST['confirm_id'])) + { + + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $lang['Confirm_code_wrong']; + } + else + { + $sql = "SELECT code + FROM " . CONFIRM_TABLE . " + WHERE confirm_id = '" . $_POST['confirm_id'] . "' + AND session_id = '" . $user->data['session_id'] . "'"; + + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + if ($row['code'] != $_POST['confirm_code']) + { + echo "Way"; + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $lang['Confirm_code_wrong']; + } + + $sql = "DELETE FROM " . CONFIRM_TABLE . " + WHERE confirm_id = '" . $_POST['confirm_id'] . "' + AND session_id = '" . $userdata['session_id'] . "'"; + + $db->sql_query($sql); + } + else + { + $error = TRUE; + $error_msg .= ((isset($error_msg)) ? '
' : '') . $lang['Confirm_code_wrong']; + } + } + } + + if (!$error) + { + if ( (($mode == 'register' || $coppa)) && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN)) + { + $user_actkey = gen_rand_string(true); + $key_len = 54 - (strlen($server_url)); + $key_len = ($key_len > 6) ? $key_len : 6; + + $user_actkey = substr($user_actkey, 0, $key_len); + $user_active = 0; + + if ($user->data['user_id'] != ANONYMOUS) + { + $user->destroy(); + } + } + else + { + $user_active = 1; + $user_actkey = ''; + } + + $sql_ary = array( + 'username' => $username, + 'user_regdate' => time(), + 'user_password' => $password, + 'user_email' => $email, + 'user_viewemail' => $viewemail, + 'user_attachsig' => $attachsig, + 'user_allowsmile' => $allowsmilies, + 'user_allowhtml' => $allowhtml, + 'user_allowbbcode' => $allowbbcode, + 'user_allow_viewonline' => $allowviewonline, + 'user_notify' => $notifyreply, + 'user_notify_pm' => $notifypm, + 'user_popup_pm' => $popuppm, + 'user_avatar' => $avatar_sql['data'], + 'user_avatar_type' => $avatar_sql['type'], + 'user_timezone' => (float) $user_timezone, + 'user_dateformat' => $user_dateformat, + 'user_lang' => $user_lang, + 'user_style' => $user_style, + 'user_allow_pm' => 1, + 'user_active' => $user_active, + 'user_actkey' => $user_actkey + ); + + $db->sql_transaction(); + + $query = $db->sql_build_array('INSERT', $sql_ary); + + $db->sql_query("INSERT INTO " . USERS_TABLE . " $query"); + + $user_id = $db->sql_nextid(); + + // Place into appropriate group, either REGISTERED or INACTIVE depending on config + $group_name = ($config['require_activation'] == USER_ACTIVATION_NONE) ? 'REGISTERED' : 'INACTIVE'; + $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) SELECT $user_id, group_id, 0 FROM " . GROUPS_TABLE . " WHERE group_name = '$group_name'"; + $result = $db->sql_query($sql); + + if ($config['require_activation'] == USER_ACTIVATION_NONE) + { + // Sync config + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = $user_id + WHERE config_name = 'newest_user_id'"; + $db->sql_query($sql); + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = '$username' + WHERE config_name = 'newest_username'"; + $db->sql_query($sql); + $sql = "UPDATE " . CONFIG_TABLE . " + SET config_value = " . ($config['num_users'] + 1) . " + WHERE config_name = 'num_users'"; + $db->sql_query($sql); + } + + $db->sql_transaction('commit'); + if ($coppa) + { + $message = $user->lang['COPPA']; + $email_template = 'coppa_welcome_inactive'; + } + else if ($config['require_activation'] == USER_ACTIVATION_SELF) + { + $message = $user->lang['Account_inactive']; + $email_template = 'user_welcome_inactive'; + } + else if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + $message = $user->lang['Account_inactive_admin']; + $email_template = 'admin_welcome_inactive'; + } + else + { + $message = $user->lang['Account_added']; + $email_template = 'user_welcome'; + } + + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($config['smtp_delivery']); + + $email_headers = "From: " . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n"; + + $emailer->use_template($email_template, $user->data['user_lang']); + $emailer->email_address($email); + $emailer->set_subject();//sprintf($user->lang['Welcome_subject'], $config['sitename']) + $emailer->extra_headers($email_headers); + + if ($coppa) + { + $emailer->assign_vars(array( + 'SITENAME' => $config['sitename'], + 'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']), + 'USERNAME' => $username, + 'PASSWORD' => $password_confirm, + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + + 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey, + 'FAX_INFO' => $config['coppa_fax'], + 'MAIL_INFO' => $config['coppa_mail'], + 'EMAIL_ADDRESS' => $email, + 'SITENAME' => $config['sitename'])); + } + else + { + $emailer->assign_vars(array( + 'SITENAME' => $config['sitename'], + 'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']), + 'USERNAME' => $username, + 'PASSWORD' => $password_confirm, + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey) + ); + } + + $emailer->send(); + $emailer->reset(); + + if ($config['require_activation'] == USER_ACTIVATION_ADMIN) + { + $emailer->use_template("admin_activate", stripslashes($user_lang)); + $emailer->email_address($config['board_email']); + $emailer->set_subject(); //$user->lang['New_account_subject'] + $emailer->extra_headers($email_headers); + + $emailer->assign_vars(array( + 'USERNAME' => $username, + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + + 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey) + ); + $emailer->send(); + $emailer->reset(); + } + + $message = $message . '

' . sprintf($user->lang['Click_return_index'], '', ''); + + trigger_error($message); + + } + else + { + trigger_error($error_msg); + } +} // End of submit + + +if ($error) +{ + // + // If an error occured we need to stripslashes on returned data + // + $username = stripslashes($username); + $email = stripslashes($email); + $password = ''; + $password_confirm = ''; + + $user_lang = stripslashes($user_lang); + $user_dateformat = stripslashes($user_dateformat); +} + +// +// Default pages +// + + + + if (!isset($coppa)) + { + $coppa = FALSE; + } + + if (!isset($user_template)) + { + $selected_template = $config['system_template']; + } + + $s_hidden_fields = ''; + + + if (!empty($user_avatar_local)) + { + $s_hidden_fields .= ''; + } + + $html_status = ($user->data['user_allowhtml'] && $config['allow_html']) ? $user->lang['HTML_is_ON'] : $user->lang['HTML_is_OFF']; + $bbcode_status = ($user->data['user_allowbbcode'] && $config['allow_bbcode'] ) ? $user->lang['BBCode_is_ON'] : $user->lang['BBCode_is_OFF']; + $smilies_status = ($user->data['user_allowsmile'] && $config['allow_smilies'] ) ? $user->lang['Smilies_are_ON'] : $user->lang['Smilies_are_OFF']; + + // + // Let's do an overall check for settings/versions which would prevent + // us from doing file uploads.... + // + $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off'|| !$config['allow_avatar_upload']) ? '' : 'enctype="multipart/form-data"'; + + // + // Visual Confirmation - Show images + // + $confirm_image = ''; + if ( $mode == 'editprofile' ) + { + $template->assign_block_vars('switch_edit_profile', array()); + } + else if ($mode == 'register' && !empty($config['enable_confirm'])) + { + $template->assign_block_vars('switch_confirm', array()); + $confirm_id = md5(uniqid($user_ip)); + + $sql = "SELECT session_id + FROM " . SESSIONS_TABLE; + + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + $confirm_sql = ''; + do + { + $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'"; + + } + while ($row = $db->sql_fetchrow($result)); + + $sql = "DELETE FROM " . CONFIRM_TABLE . " + WHERE session_id NOT IN ($confirm_sql)"; + + $db->sql_query($sql); + } + + $sql = "SELECT COUNT(session_id) AS attempts + FROM " . CONFIRM_TABLE . " + WHERE session_id = '" . $userdata['session_id'] . "'"; + + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + if ($row['attempts'] > 5) + { + trigger_error($user->lang['Too_many_registers']); + } + } + + $confirm_image = (phpversion() >= '4.0.1' && @extension_loaded('zlib')) ? '' : ''; + $s_hidden_fields .= ''; + + } + // + // End visual confirmation + // + + + + $template->assign_vars(array( + 'USERNAME' => $username, + 'EMAIL' => $email, + 'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '', + 'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '', + 'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '', + 'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '', + 'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '', + 'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '', + 'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '', + 'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '', + 'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '', + 'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '', + 'NOTIFY_REPLY_YES' => ($notifyreply) ? 'checked="checked"' : '', + 'NOTIFY_REPLY_NO' => (!$notifyreply) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '', + 'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '', + 'LANGUAGE_SELECT' => language_select($user_lang, 'language'), + 'STYLE_SELECT' => style_select($user_style, 'style'), + 'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'), + 'DATE_FORMAT' => $user_dateformat, + 'HTML_STATUS' => $html_status, + 'BBCODE_STATUS' => sprintf($bbcode_status, '', ''), + 'SMILIES_STATUS' => $smilies_status, + + 'CONFIRM_CODE' => $confirm_image, + + 'L_CONFIRM_CODE' => $user->lang['CONFIRM_CODE'], + 'L_CONFIRM_CODE_EXPLAIN' => $user->lang['CONFIRM_CODE_EXPLAIN'], + + 'L_CURRENT_PASSWORD' => $user->lang['Current_password'], + 'L_NEW_PASSWORD' => ($mode == 'register') ? $user->lang['Password'] : $user->lang['New_password'], + 'L_CONFIRM_PASSWORD' => $user->lang['Confirm_password'], + 'L_CONFIRM_PASSWORD_EXPLAIN' => ($mode == 'editprofile') ? $user->lang['Confirm_password_explain'] : '', + 'L_PASSWORD_IF_CHANGED' => ($mode == 'editprofile') ? $user->lang['password_if_changed'] : '', + 'L_PASSWORD_CONFIRM_IF_CHANGED' => ($mode == 'editprofile') ? $user->lang['password_confirm_if_changed'] : '', + 'L_SUBMIT' => $user->lang['Submit'], + 'L_RESET' => $user->lang['Reset'], + 'L_BOARD_LANGUAGE' => $user->lang['Board_lang'], + 'L_BOARD_STYLE' => $user->lang['Board_style'], + 'L_TIMEZONE' => $user->lang['Timezone'], + 'L_DATE_FORMAT' => $user->lang['Date_format'], + 'L_DATE_FORMAT_EXPLAIN' => $user->lang['Date_format_explain'], + 'L_YES' => $user->lang['Yes'], + 'L_NO' => $user->lang['No'], + 'L_INTERESTS' => $user->lang['Interests'], + 'L_ALWAYS_ALLOW_SMILIES' => $user->lang['Always_smile'], + 'L_ALWAYS_ALLOW_BBCODE' => $user->lang['Always_bbcode'], + 'L_ALWAYS_ALLOW_HTML' => $user->lang['Always_html'], + 'L_HIDE_USER' => $user->lang['Hide_user'], + 'L_ALWAYS_ADD_SIGNATURE' => $user->lang['Always_add_sig'], + + 'L_NOTIFY_ON_REPLY' => $user->lang['Always_notify'], + 'L_NOTIFY_ON_REPLY_EXPLAIN' => $user->lang['Always_notify_explain'], + 'L_NOTIFY_ON_PRIVMSG' => $user->lang['Notify_on_privmsg'], + 'L_POPUP_ON_PRIVMSG' => $user->lang['Popup_on_privmsg'], + 'L_POPUP_ON_PRIVMSG_EXPLAIN' => $user->lang['Popup_on_privmsg_explain'], + 'L_PREFERENCES' => $user->lang['Preferences'], + 'L_PUBLIC_VIEW_EMAIL' => $user->lang['Public_view_email'], + 'L_ITEMS_REQUIRED' => $user->lang['Items_required'], + 'L_REGISTRATION_INFO' => $user->lang['Registration_info'], + 'L_PROFILE_INFO' => $user->lang['Profile_info'], + 'L_PROFILE_INFO_NOTICE' => $user->lang['Profile_info_warn'], + 'L_EMAIL_ADDRESS' => $user->lang['Email_address'], + + 'S_PROFILE_EDIT' => ($mode == 'editprofile') ? true : false, + 'S_CONFIRM_CODE' => ($config['enable_confirm']) ? 1 : 0, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_FORM_ENCTYPE' => $form_enctype, + 'S_PROFILE_ACTION' => "ucp.$phpEx$SID") + ); + +// +// +include($phpbb_root_path . 'includes/page_header.'.$phpEx); + +$template->set_filenames(array( + 'body' => 'profile_add_body.html') +); +make_jumpbox('viewforum.'.$phpEx); + +include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +?> \ No newline at end of file diff --git a/phpBB/ucp/usercp_sendpasswd.php b/phpBB/ucp/usercp_sendpasswd.php new file mode 100755 index 0000000000..6103aeaf67 --- /dev/null +++ b/phpBB/ucp/usercp_sendpasswd.php @@ -0,0 +1,149 @@ +sql_query($sql) ) + { + if ( $row = $db->sql_fetchrow($result) ) + { + if ( !$row['user_active'] ) + { + message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']); + } + + $username = $row['username']; + + $user_actkey = gen_rand_string(true); + $key_len = 54 - strlen($server_url); + $key_len = ( $str_len > 6 ) ? $key_len : 6; + $user_actkey = substr($user_actkey, 0, $key_len); + $user_password = gen_rand_string(false); + + $sql = "UPDATE " . USERS_TABLE . " + SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' + WHERE user_id = " . $row['user_id']; + if ( !$db->sql_query($sql) ) + { + message_die(GENERAL_ERROR, 'Could not update new password information', '', __LINE__, __FILE__, $sql); + } + + include($phpbb_root_path . 'includes/emailer.'.$phpEx); + $emailer = new emailer($config['smtp_delivery']); + + $email_headers = 'From: ' . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n"; + + $emailer->use_template('user_activate_passwd', $row['user_lang']); + $emailer->email_address($row['user_email']); + $emailer->set_subject();//$lang['New_password_activation'] + $emailer->extra_headers($email_headers); + + $emailer->assign_vars(array( + 'SITENAME' => $config['sitename'], + 'USERNAME' => $username, + 'PASSWORD' => $user_password, + 'EMAIL_SIG' => str_replace('
', "\n", "-- \n" . $config['board_email_sig']), + + 'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey") + ); + $emailer->send(); + $emailer->reset(); + + $template->assign_vars(array( + 'META' => '') + ); + + $message = $lang['Password_updated'] . '

' . sprintf($lang['Click_return_index'], '', ''); + + message_die(GENERAL_MESSAGE, $message); + } + else + { + message_die(GENERAL_MESSAGE, $lang['No_email_match']); + } + } + else + { + message_die(GENERAL_ERROR, 'Could not obtain user information for sendpassword', '', __LINE__, __FILE__, $sql); + } +} +else +{ + $username = ''; + $email = ''; +} + +// +// Output basic page +// +include($phpbb_root_path . 'includes/page_header.'.$phpEx); + +$template->set_filenames(array( + 'body' => 'profile_send_pass.tpl') +); +make_jumpbox('viewforum.'.$phpEx); + +$template->assign_vars(array( + 'USERNAME' => $username, + 'EMAIL' => $email, + + 'L_SEND_PASSWORD' => $lang['Send_password'], + 'L_ITEMS_REQUIRED' => $lang['Items_required'], + 'L_EMAIL_ADDRESS' => $lang['Email_address'], + 'L_SUBMIT' => $lang['Submit'], + 'L_RESET' => $lang['Reset']) +); + +$template->pparse('body'); + +include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +?> diff --git a/phpBB/ucp/usercp_viewprofile.php b/phpBB/ucp/usercp_viewprofile.php new file mode 100755 index 0000000000..73584596d1 --- /dev/null +++ b/phpBB/ucp/usercp_viewprofile.php @@ -0,0 +1,254 @@ +lang['No_user_id_specified']); +} +$profiledata = get_userdata(intval($_GET['u'])); + +$sql = "SELECT * + FROM " . RANKS_TABLE . " + ORDER BY rank_special, rank_min"; +$result = $db->sql_query($sql); + +while ( $row = $db->sql_fetchrow($result) ) +{ + $ranksrow[] = $row; +} +$db->sql_freeresult($result); + +// +// Output page header and profile_view template +// +$template->set_filenames(array( + 'body' => 'profile_view_body.html') +); +make_jumpbox('viewforum.'.$phpEx); + +// +// Calculate the number of days this user has been a member ($memberdays) +// Then calculate their posts per day +// +$regdate = $profiledata['user_regdate']; +$memberdays = max(1, round( ( time() - $regdate ) / 86400 )); +$posts_per_day = $profiledata['user_posts'] / $memberdays; + +// Get the users percentage of total posts +if ( $profiledata['user_posts'] ) +{ + $sql = "SELECT SUM(forum_posts) AS total + FROM " . FORUMS_TABLE; + $result = $db->sql_query($sql); + + $total_posts = ($row = $db->sql_fetchrow($result)) ? $row['total'] : 0; + $db->sql_freeresult($result); + + $percentage = ( $total_posts ) ? min(100, ($profiledata['user_posts'] / $total_posts) * 100) : 0; +} +else +{ + $percentage = 0; +} + +$avatar_img = ''; +if ( $profiledata['user_avatar_type'] && $profiledata['user_allowavatar'] ) +{ + switch( $profiledata['user_avatar_type'] ) + { + case USER_AVATAR_UPLOAD: + $avatar_img = ( $config['allow_avatar_upload'] ) ? '' : ''; + break; + case USER_AVATAR_REMOTE: + $avatar_img = ( $config['allow_avatar_remote'] ) ? '' : ''; + break; + case USER_AVATAR_GALLERY: + $avatar_img = ( $config['allow_avatar_local'] ) ? '' : ''; + break; + } +} + +$poster_rank = ''; +$rank_image = ''; +if ( $profiledata['user_rank'] ) +{ + for($i = 0; $i < count($ranksrow); $i++) + { + if ( $profiledata['user_rank'] == $ranksrow[$i]['rank_id'] && $ranksrow[$i]['rank_special'] ) + { + $poster_rank = $ranksrow[$i]['rank_title']; + $rank_image = ( $ranksrow[$i]['rank_image'] ) ? '' . $poster_rank . '
' : ''; + } + } +} +else +{ + for($i = 0; $i < count($ranksrow); $i++) + { + if ( $profiledata['user_posts'] >= $ranksrow[$i]['rank_min'] && !$ranksrow[$i]['rank_special'] ) + { + $poster_rank = $ranksrow[$i]['rank_title']; + $rank_image = ( $ranksrow[$i]['rank_image'] ) ? '' . $poster_rank . '
' : ''; + } + } +} + +if ( $profiledata['user_viewemail'] || $auth->acl_get('a_') ) +{ + $email_uri = ( $config['board_email_form'] ) ? "ucp.$phpEx$SID&mode=email&u=" . $profiledata['user_id'] : 'mailto:' . $profiledata['user_email']; + + $email_img = '' . $user->img('icon_email', $user->lang['Send_email']) . ''; + $email = '' . $user->lang['Send_email'] . ''; +} +else +{ + $email_img = ' '; + $email = ' '; +} + +$temp_url = "ucp.$phpEx$SID&mode=viewprofile&u=$user_id"; +$profile_img = '' . $user->img('icon_profile', $user->lang['Read_profile']) . ''; +$profile = '' . $user->lang['Read_profile'] . ''; + +$temp_url = "privmsg.$phpEx$SID&mode=post&u=$user_id"; +$pm_img = '' . $user->img('icon_pm', $user->lang['Send_private_message']) . ''; +$pm = '' . $user->lang['Send_private_message'] . ''; + +$www_img = ( $profiledata['user_website'] ) ? '' . $user->img('icon_www', $user->lang['Visit_website']) . '' : ''; +$www = ( $profiledata['user_website'] ) ? '' . $user->lang['Visit_website'] . '' : ''; + +if ( !empty($profiledata['user_icq']) ) +{ + $icq_status_img = ''; + $icq_img = '' . $user->img('icon_icq', $user->lang['ICQ']) . ''; + $icq = '' . $user->lang['ICQ'] . ''; +} +else +{ + $icq_status_img = ''; + $icq_img = ''; + $icq = ''; +} + +$aim_img = ( $profiledata['user_aim'] ) ? '' . $user->img('icon_aim', $user->lang['AIM']) . '' : ''; +$aim = ( $profiledata['user_aim'] ) ? '' . $user->lang['AIM'] . '' : ''; + +$temp_url = "ucp.$phpEx$SID&mode=viewprofile&u=$user_id"; +$msn_img = ( $profiledata['user_msnm'] ) ? '' . $user->img('icon_msnm', $user->lang['MSNM']) . '' : ''; +$msn = ( $profiledata['user_msnm'] ) ? '' . $user->lang['MSNM'] . '' : ''; + +$yim_img = ( $profiledata['user_yim'] ) ? '' . $user->img('icon_yim', $user->lang['YIM']) . '' : ''; +$yim = ( $profiledata['user_yim'] ) ? '' . $user->lang['YIM'] . '' : ''; + +$temp_url = "search.$phpEx$SID&search_author=" . urlencode($profiledata['username']) . "&showresults=posts"; +$search_img = '' . $user->img('icon_search', $user->lang['Search_user_posts']) . ''; +$search = '' . $user->lang['Search_user_posts'] . ''; + +// +// Generate page +// +$page_title = $user->lang['Viewing_profile']; +include($phpbb_root_path . 'includes/page_header.'.$phpEx); + +$template->assign_vars(array( + 'USERNAME' => $profiledata['username'], + 'JOINED' => $user->format_date($profiledata['user_regdate'], $user->lang['DATE_FORMAT']), + 'POSTER_RANK' => $poster_rank, + 'RANK_IMAGE' => $rank_image, + 'POSTS_PER_DAY' => $posts_per_day, + 'POSTS' => $profiledata['user_posts'], + 'PERCENTAGE' => $percentage . '%', + 'POST_DAY_STATS' => sprintf($user->lang['User_post_day_stats'], $posts_per_day), + 'POST_PERCENT_STATS' => sprintf($user->lang['User_post_pct_stats'], $percentage), + + 'SEARCH_IMG' => $search_img, + 'SEARCH' => $search, + 'PM_IMG' => $pm_img, + 'PM' => $pm, + 'EMAIL_IMG' => $email_img, + 'EMAIL' => $email, + 'WWW_IMG' => $www_img, + 'WWW' => $www, + 'ICQ_STATUS_IMG' => $icq_status_img, + 'ICQ_IMG' => $icq_img, + 'ICQ' => $icq, + 'AIM_IMG' => $aim_img, + 'AIM' => $aim, + 'MSN_IMG' => $msn_img, + 'MSN' => $msn, + 'YIM_IMG' => $yim_img, + 'YIM' => $yim, + + 'LOCATION' => ( $profiledata['user_from'] ) ? $profiledata['user_from'] : ' ', + 'OCCUPATION' => ( $profiledata['user_occ'] ) ? $profiledata['user_occ'] : ' ', + 'INTERESTS' => ( $profiledata['user_interests'] ) ? $profiledata['user_interests'] : ' ', + 'AVATAR_IMG' => $avatar_img, + + 'L_VIEWING_PROFILE' => sprintf($user->lang['Viewing_user_profile'], $profiledata['username']), + 'L_ABOUT_USER' => sprintf($user->lang['About_user'], $profiledata['username']), + 'L_AVATAR' => $user->lang['Avatar'], + 'L_POSTER_RANK' => $user->lang['Poster_rank'], + 'L_JOINED' => $user->lang['Joined'], + 'L_TOTAL_POSTS' => $user->lang['Total_posts'], + 'L_SEARCH_USER_POSTS' => sprintf($user->lang['Search_user_posts'], $profiledata['username']), + 'L_CONTACT' => $user->lang['Contact'], + 'L_EMAIL_ADDRESS' => $user->lang['Email_address'], + 'L_EMAIL' => $user->lang['Email'], + 'L_PM' => $user->lang['Private_Message'], + 'L_ICQ_NUMBER' => $user->lang['ICQ'], + 'L_YAHOO' => $user->lang['YIM'], + 'L_AIM' => $user->lang['AIM'], + 'L_MESSENGER' => $user->lang['MSNM'], + 'L_WEBSITE' => $user->lang['Website'], + 'L_LOCATION' => $user->lang['Location'], + 'L_OCCUPATION' => $user->lang['Occupation'], + 'L_INTERESTS' => $user->lang['Interests'], + + 'U_SEARCH_USER' => "search.$phpEx$SID&search_author=" . urlencode($profiledata['username']), + + 'S_PROFILE_ACTION' => "ucp.$phpEx$SID") +); + +include($phpbb_root_path . 'includes/page_tail.'.$phpEx); + +?> \ No newline at end of file