From 6bdb20eacee4d0426d505fe9606321969d3c7c1e Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Wed, 5 Dec 2001 17:51:41 +0000
Subject: [PATCH] Fix bugs #487774 and #487773

git-svn-id: file:///svn/phpbb/trunk@1514 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/admin/admin_users.php                   | 836 ++++++++++++++----
 .../subSilver/admin/user_avatar_gallery.tpl   |  36 +
 .../subSilver/admin/user_edit_body.tpl        |  50 +-
 3 files changed, 748 insertions(+), 174 deletions(-)
 create mode 100644 phpBB/templates/subSilver/admin/user_avatar_gallery.tpl

diff --git a/phpBB/admin/admin_users.php b/phpBB/admin/admin_users.php
index fc2744b4fb..7d6d21b3c5 100644
--- a/phpBB/admin/admin_users.php
+++ b/phpBB/admin/admin_users.php
@@ -82,12 +82,12 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca
 	// contains at least one dot.
 	if($website != "")
 	{
-		if( !ereg("^http\:\/\/", $website) )
+		if( !preg_match("#^http:\/\/#i", $website) )
 		{
 			$website = "http://" . $website;
 		}
 
-		if (!preg_match("#^http\\:\\/\\/[a-z0-9]+\.[a-z0-9]+#i", $website))
+		if ( !preg_match("#^http\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i", $website) )
 		{
 			$website = "";
 		}
@@ -133,10 +133,16 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 	//
 	// Ok, the profile has been modified and submitted, let's update
 	//
-	if( $mode == "save" && isset($HTTP_POST_VARS['submit']) )
+	if( ( $mode == "save" && isset($HTTP_POST_VARS['submit']) ) || isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar']) )
 	{
 		$user_id = intval($HTTP_POST_VARS['id']);
 
+		$this_userdata = get_userdata_from_id($user_id);
+		if( !$this_userdata )
+		{
+			message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
+		}
+
 		$username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : "";
 		$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : "";
 
@@ -156,11 +162,12 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 
 		validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
 
-		$viewemail = (isset($HTTP_POST_VARS['viewemail'])) ? intval($HTTP_POST_VARS['viewemail']) : 0;
-		$allowviewonline = (isset($HTTP_POST_VARS['hideonline'])) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : 1 ) : 1;
-		$notifypm = (isset($HTTP_POST_VARS['notifypm'])) ? intval($HTTP_POST_VARS['notifypm']) : 1;
+		$viewemail = (isset($HTTP_POST_VARS['viewemail'])) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0;
+		$allowviewonline = (isset($HTTP_POST_VARS['hideonline'])) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
+		$notifyreply = (isset($HTTP_POST_VARS['notifyreply'])) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
+		$notifypm = (isset($HTTP_POST_VARS['notifypm'])) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
 		$popuppm = (isset($HTTP_POST_VARS['popup_pm'])) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
-		$attachsig = (isset($HTTP_POST_VARS['attachsig'])) ? intval($HTTP_POST_VARS['attachsig']) : 0;
+		$attachsig = (isset($HTTP_POST_VARS['attachsig'])) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0;
 
 		$allowhtml = (isset($HTTP_POST_VARS['allowhtml'])) ? intval($HTTP_POST_VARS['allowhtml']) : $board_config['allow_html'];
 		$allowbbcode = (isset($HTTP_POST_VARS['allowbbcode'])) ? intval($HTTP_POST_VARS['allowbbcode']) : $board_config['allow_bbcode'];
@@ -172,28 +179,58 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 		$user_template = ($HTTP_POST_VARS['template']) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
 		$user_dateformat = ($HTTP_POST_VARS['dateformat']) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat'];
 
+		$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? $HTTP_POST_VARS['avatarlocal'] : "" );
+
+		$user_avatar_remoteurl = (!empty($HTTP_POST_VARS['avatarremoteurl'])) ? trim($HTTP_POST_VARS['avatarremoteurl']) : "";
+		$user_avatar_url = (!empty($HTTP_POST_VARS['avatarurl'])) ? trim($HTTP_POST_VARS['avatarurl']) : "";
+		$user_avatar_loc = ($HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : "";
+		$user_avatar_name = (!empty($HTTP_POST_FILES['avatar']['name'])) ? $HTTP_POST_FILES['avatar']['name'] : "";
+		$user_avatar_size = (!empty($HTTP_POST_FILES['avatar']['size'])) ? $HTTP_POST_FILES['avatar']['size'] : 0;
+		$user_avatar_filetype = (!empty($HTTP_POST_FILES['avatar']['type'])) ? $HTTP_POST_FILES['avatar']['type'] : "";
+
+		$user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : "";
+		$user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : "";		
+
 		$user_status = (!empty($HTTP_POST_VARS['user_status'])) ? intval($HTTP_POST_VARS['user_status']) : 0;
 		$user_allowpm = (!empty($HTTP_POST_VARS['user_allowpm'])) ? intval($HTTP_POST_VARS['user_allowpm']) : 0;
-		$user_allowavatar = (!empty($HTTP_POST_VARS['user_allowavatar'])) ? intval($HTTP_POST_VARS['user_allowavatar']) : 0;
 		$user_rank = (!empty($HTTP_POST_VARS['user_rank'])) ? intval($HTTP_POST_VARS['user_rank']) : 0;
-		
-		if( isset($HTTP_POST_VARS['submit']) )
+		$user_allowavatar = (!empty($HTTP_POST_VARS['user_allowavatar'])) ? intval($HTTP_POST_VARS['user_allowavatar']) : 0;
+	}
+
+	if( isset($HTTP_POST_VARS['submit']) )
+	{
+		$error = FALSE;
+
+		if( $username != $this_userdata['username'] )
 		{
-			$error = FALSE;
-			$passwd_sql = "";
-		}
-		else
-		{
-			$error = TRUE;
-			$passwd_sql = "";
+			if( !validate_username($username) )
+			{
+				$error = TRUE;
+				if( isset($error_msg) )
+				{
+					$error_msg .= "<br />";
+				}
+				$error_msg .= $lang['Invalid_username'];
+			}
+			else
+			{
+				$username_sql = "username = '$username', ";
+			}
 		}
 
+		$passwd_sql = "";
 		if( !empty($password) && !empty($password_confirm) )
 		{
+			//
 			// Awww, the user wants to change their password, isn't that cute..
+			//
 			if($password != $password_confirm)
 			{
 				$error = TRUE;
+				if( isset($error_msg) )
+				{
+					$error_msg .= "<br />";
+				}
 				$error_msg .= $lang['Password_mismatch'];
 			}
 			else
@@ -205,11 +242,19 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 		else if( $password && !$password_confirm )
 		{
 			$error = TRUE;
+			if( isset($error_msg) )
+			{
+				$error_msg .= "<br />";
+			}
 			$error_msg .= $lang['Password_mismatch'];
 		}
 		else if( !$password && $password_confirm )
 		{
 			$error = TRUE;
+			if( isset($error_msg) )
+			{
+				$error_msg .= "<br />";
+			}
 			$error_msg .= $lang['Password_mismatch'];
 		}
 
@@ -219,22 +264,284 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 			$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
 		}
 
+		$avatar_sql = "";
 		if( isset($HTTP_POST_VARS['avatardel']) )
 		{
-			if( $user_avatar_type == USER_AVATAR_UPLOAD )
+			if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
 			{
-				if( @file_exists("./../" . $board_config['avatar_path'] . "/" . $user_avatar) )
+				if( @file_exists("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']) )
 				{
-					@unlink("./../" . $board_config['avatar_path'] . "/" . $user_avatar);
+					@unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
 				}
 			}
 			$avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
 		}
+		else if( !$error && ( $user_avatar_loc != "" || !empty($user_avatar_url) ) )
+		{
+			//
+			// Only allow one type of upload, either a
+			// filename or a URL
+			//
+			if( !empty($user_avatar_loc) && !empty($user_avatar_url) )
+			{
+				$error = TRUE;
+				if( isset($error_msg) )
+				{
+					$error_msg .= "<br />";
+				}
+				$error_msg .= $lang['Only_one_avatar'];
+			}
+
+			if( $user_avatar_loc != ""  )
+			{
+				if( file_exists($user_avatar_loc) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
+				{
+					if( $user_avatar_size <= $board_config['avatar_filesize'] && $avatar_size > 0)
+					{
+						$error_type = false;
+
+						//
+						// Opera appends the image name after the type, not big, not clever!
+						//
+						preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype);
+						$user_avatar_filetype = $user_avatar_filetype[1];
+
+						switch( $user_avatar_filetype )
+						{
+							case "jpeg":
+							case "pjpeg":
+								$imgtype = '.jpg';
+								break;
+							case "gif":
+								$imgtype = '.gif';
+								break;
+							case "png":
+								$imgtype = '.png';
+								break;
+							default:
+								$error = true;
+								$error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
+								break;
+						}
+
+						if( !$error )
+						{
+							list($width, $height) = @getimagesize($user_avatar_loc);
+
+							if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
+							{
+								$user_id = $this_userdata['user_id'];
+
+								$avatar_filename = $user_id . $imgtype;
+
+								if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
+								{
+									if( @file_exists("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']) )
+									{
+										@unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']);
+									}
+								}
+								@copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
+
+								$avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
+							}
+							else
+							{
+								$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
+
+								$error = true;
+								$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
+							}
+						}
+					}
+					else
+					{
+						$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
+
+						$error = true;
+						$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
+					}
+				}
+				else
+				{
+					$error = true;
+					$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
+				}
+			}
+			else if( !empty($user_avatar_url) )
+			{
+				//
+				// First check what port we should connect
+				// to, look for a :[xxxx]/ or, if that doesn't
+				// exist assume port 80 (http)
+				//
+				preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary);
+
+				if( !empty($url_ary[4]) )
+				{
+					$port = (!empty($url_ary[3])) ? $url_ary[3] : 80;
+
+					$fsock = @fsockopen($url_ary[2], $port, $errno, $errstr);
+					if( $fsock )
+					{
+						$base_get = "/" . $url_ary[4];
+
+						//
+						// Uses HTTP 1.1, could use HTTP 1.0 ...
+						//
+						@fputs($fsock, "GET $base_get HTTP/1.1\r\n");
+						@fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
+						@fputs($fsock, "Connection: close\r\n\r\n");
+
+						unset($avatar_data);
+						while( !@feof($fsock) )
+						{
+							$avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
+						}
+						@fclose($fsock);
+
+						if( preg_match("/Content-Length\: ([0-9]+)[^\/]+Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data) )
+						{
+							$file_size = $file_data[1];
+							$file_type = $file_data[2];
+
+							switch( $file_type )
+							{
+								case "jpeg":
+								case "pjpeg":
+									$imgtype = '.jpg';
+									break;
+								case "gif":
+									$imgtype = '.gif';
+									break;
+								case "png":
+									$imgtype = '.png';
+									break;
+								default:
+									$error = true;
+									$error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
+									break;
+							}
+
+							if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] )
+							{
+								$avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);
+
+								$tmp_filename = tempnam ("/tmp", $userdata['user_id'] . "-");
+								$fptr = @fopen($tmp_filename, "wb");
+								$bytes_written = @fwrite($fptr, $avatar_data, $file_size);
+								@fclose($fptr);
+
+								if( $bytes_written == $file_size )
+								{
+									list($width, $height) = @getimagesize($tmp_filename);
+
+									if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
+									{
+										$user_id = $this_userdata['user_id'];
+
+										$avatar_filename = $user_id . $imgtype;
+
+										if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "")
+										{
+											if( file_exists("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']) )
+											{
+												@unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
+											}
+										}
+										@copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
+										@unlink($tmp_filename);
+
+										$avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
+									}
+									else
+									{
+										$l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
+
+										$error = true;
+										$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
+									}
+								}
+								else
+								{
+									//
+									// Error writing file
+									//
+									@unlink($tmp_filename);
+									message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__);
+								}
+							}
+						}
+						else
+						{
+							//
+							// No data
+							//
+							$error = true;
+							$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['File_no_data'] : $lang['File_no_data'];
+						}
+					}
+					else
+					{
+						//
+						// No connection
+						//
+						$error = true;
+						$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['No_connection_URL'] : $lang['No_connection_URL'];
+					}
+				}
+				else
+				{
+					$error = true;
+					$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
+				}
+			}
+			else if( !empty($user_avatar_name) )
+			{
+				$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
+
+				$error = true;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
+			}
+		}
+		else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error )
+		{
+			if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) )
+			{
+				$user_avatar_remoteurl = "http://" . $user_avatar_remoteurl;
+			}
+
+			if( preg_match("#^http:\/\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+\/.*?\.(gif|jpg|png)$#is", $user_avatar_remoteurl) )
+			{
+				$avatar_sql = ", user_avatar = '$user_avatar_remoteurl', user_avatar_type = " . USER_AVATAR_REMOTE;
+			}
+			else
+			{
+				$error = true;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
+			}
+		}
+		else if( !$error && $user_avatar_local != "" && $avatar_sql == "" )
+		{
+			$avatar_sql = ", user_avatar = '$user_avatar_local', user_avatar_type = " . USER_AVATAR_GALLERY;
+		}
 
 		if( !$error )
 		{
 			if( $HTTP_POST_VARS['deleteuser'] )
 			{
+				$sql = "SELECT g.group_id 
+					FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g  
+					WHERE ug.user_id = $user_id 
+						AND g.group_id = ug.group_id 
+						AND g.group_single_user = 1";
+				if( !$result = $db->sql_query($sql) )
+				{
+					message_die(GENERAL_ERROR, "Couldn't obtain group information for this user", "", __LINE__, __FILE__, $sql);
+				}
+
+				$row = $db->sql_fetchrow($result);
+				
 				$sql = "UPDATE " . POSTS_TABLE . "
 					SET poster_id = '-1', post_username = '$username' 
 					WHERE poster_id = $user_id";
@@ -251,9 +558,27 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 						{
 							$sql = "DELETE FROM " . USER_GROUP_TABLE . "
 								WHERE user_id = $user_id";
-							$result = @$db->sql_query($sql);
+							if( $result = $db->sql_query($sql) )
+							{
+								$sql = "DELETE FROM " . GROUPS_TABLE . "
+									WHERE group_id = " . $row['group_id'];
+								if( $result = $db->sql_query($sql) )
+								{
+									$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
+										WHERE user_id = $user_id";
+									$result = @$db->sql_query($sql);
 
-							$message = $lang['User_deleted'];
+									$message = $lang['User_deleted'];
+								}
+								else
+								{
+									$error = TRUE;
+								}
+							}
+							else
+							{
+								$error = TRUE;
+							}
 						}
 						else
 						{
@@ -272,13 +597,17 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 
 				if( $error == TRUE )
 				{
+					if( isset($error_msg) )
+					{
+						$error_msg .= "<br />";
+					}
 					$error_msg .= $lang['Admin_user_fail'];
 				}
 			}
 			else
 			{
 				$sql = "UPDATE " . USERS_TABLE . "
-					SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '$user_lang', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_active = $user_status, user_actkey = '$user_actkey', user_rank = $user_rank" . $avatar_sql . "
+					SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '$user_lang', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_active = $user_status, user_actkey = '$user_actkey', user_rank = $user_rank" . $avatar_sql . "
 					WHERE user_id = $user_id";
 				if( $result = $db->sql_query($sql) )
 				{
@@ -287,6 +616,10 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 				else
 				{
 					$error = TRUE;
+					if( isset($error_msg) )
+					{
+						$error_msg .= "<br />";
+					}
 					$error_msg .= $lang['Admin_user_fail'];
 				}
 			}
@@ -325,11 +658,7 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 			$user_dateformat = stripslashes($user_dateformat);
 		}
 	}
-
-	//
-	// Let's find out a little about them...
-	//
-	if( !isset($HTTP_POST_VARS['submit']) && $mode != "save" )
+	else if( !isset($HTTP_POST_VARS['submit']) && $mode != "save" && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']))
 	{
 		if( isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) )
 		{
@@ -372,6 +701,7 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 		$viewemail = $this_userdata['user_viewemail'];
 		$notifypm = $this_userdata['user_notify_pm'];
 		$popuppm = $userdata['user_popup_pm'];
+		$notifyreply = $userdata['user_notify'];
 		$attachsig = $this_userdata['user_attachsig'];
 		$allowhtml = $this_userdata['user_allowhtml'];
 		$allowbbcode = $this_userdata['user_allowbbcode'];
@@ -396,161 +726,327 @@ if( $mode == "edit" || $mode == "save" && ( isset($HTTP_POST_VARS['username']) |
 		$smilies_status = ($this_userdata['user_allowsmile']) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
 	}
 
-	$s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
-	$s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />';
-	
-	if( $user_avatar_type )
+	if( isset($HTTP_POST_VARS['avatargallery']) )
 	{
-		switch( $user_avatar_type )
+		if( !$error )
 		{
-			case USER_AVATAR_UPLOAD:
-				$avatar = "<img src=\"../" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
-				break;
-			case USER_AVATAR_REMOTE:
-				$avatar = "<img src=\"$user_avatar\" alt=\"\" />";
-				break;
-			case USER_AVATAR_GALLERY:
-				$avatar = "<img src=\"../" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
-				break;
+			$user_id = intval($HTTP_POST_VARS['id']);
+
+			$template->set_filenames(array(
+				"body" => "admin/user_avatar_gallery.tpl")
+			);
+
+			$dir = @opendir("../" . $board_config['avatar_gallery_path']);
+
+			$avatar_images = array();
+			while( $file = @readdir($dir) )
+			{
+				if( $file != "." && $file != ".." && !is_file($file) && !is_link($file) )
+				{
+					$sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file);
+
+					$avatar_row_count = 0;
+					$avatar_col_count = 0;
+
+					while( $sub_file = @readdir($sub_dir) )
+					{
+						if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) )
+						{
+							$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file;
+
+							$avatar_col_count++;
+							if( $avatar_col_count == 5 )
+							{
+								$avatar_row_count++;
+								$avatar_col_count = 0;
+							}
+						}
+					}
+				}
+			}
+	
+			@closedir($dir);
+
+			if( isset($HTTP_POST_VARS['avatarcategory']) )
+			{
+				$category = $HTTP_POST_VARS['avatarcategory'];
+			}
+			else
+			{
+				list($category, ) = each($avatar_images);
+			}
+			@reset($avatar_images);
+
+			$s_categories = "";
+			while( list($key) = each($avatar_images) )
+			{
+				$selected = ( $key == $category ) ? "selected=\"selected\"" : "";
+				if( count($avatar_images[$key]) )
+				{
+					$s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>';
+				}
+			}
+
+			$s_colspan = 0;
+			for($i = 0; $i < count($avatar_images[$category]); $i++)
+			{
+				$template->assign_block_vars("avatar_row", array());
+
+				$s_colspan = max($s_colspan, count($avatar_images[$category][$i]));
+
+				for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
+				{
+					$template->assign_block_vars("avatar_row.avatar_column", array(
+						"AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j])
+					);
+
+					$template->assign_block_vars("avatar_row.avatar_option_column", array(
+						"S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j])
+					);
+				}
+			}
+
+			$coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
+
+			$s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';
+
+			$s_hidden_fields .= '<input type="hidden" name="username" value="' . addslashes($username) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="email" value="' . addslashes($email) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="icq" value="' . addslashes($icq) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="aim" value="' . addslashes($aim) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="msn" value="' . addslashes($msn) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="yim" value="' . addslashes($yim) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="website" value="' . addslashes($website) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="location" value="' . addslashes($location) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="occupation" value="' . addslashes($occupation) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="interests" value="' . addslashes($interests) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="signature" value="' . addslashes($signature) . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="popup_pm" value="' . $popuppm . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="notifyreply" value="' . $notifyreply . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="attachsig" value="' . $attachsig . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="allowhtml" value="' . $allowhtml . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; 
+			$s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . addslashes($user_dateformat) . '" />';
+
+			$s_hidden_fields .= '<input type="hidden" name="user_status" value="' . $user_status . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="user_allowpm" value="' . $user_allowpm . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="user_allowavatar" value="' . $user_allowavatar . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="user_rank" value="' . $user_rank . '" />';
+
+			$template->assign_vars(array(
+				"L_USER_TITLE" => $lang['User_admin'],
+				"L_USER_EXPLAIN" => $lang['User_admin_explain'],
+				"L_AVATAR_GALLERY" => $lang['Avatar_gallery'], 
+				"L_SELECT_AVATAR" => $lang['Select_avatar'], 
+				"L_RETURN_PROFILE" => $lang['Return_profile'], 
+				"L_CATEGORY" => $lang['Select_category'], 
+				"L_GO" => $lang['Go'],
+
+				"S_OPTIONS_CATEGORIES" => $s_categories, 
+				"S_COLSPAN" => $s_colspan, 
+				"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), 
+				"S_HIDDEN_FIELDS" => $s_hidden_fields)
+			);
 		}
 	}
 	else
 	{
-		$avatar = "";
-	}
 
-	$sql = "SELECT * FROM " . RANKS_TABLE . "
-		WHERE rank_special = 1
-		ORDER BY rank_title";
-	if( !$result = $db->sql_query($sql) )
-	{
-		message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
-	}
-	$rank_count = $db->sql_numrows($result);
+		$s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
+		$s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />';
 
-	$rank_rows = $db->sql_fetchrowset($result);
+		if( !empty($user_avatar_local) )
+		{
+			$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
+		}
 
-	$rank_select_box = "<option value=\"0\">" . $lang['No_assigned_rank'] . "</option>";
+		if( $user_avatar_type )
+		{
+			switch( $user_avatar_type )
+			{
+				case USER_AVATAR_UPLOAD:
+					$avatar = "<img src=\"../" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+					break;
+				case USER_AVATAR_REMOTE:
+					$avatar = "<img src=\"$user_avatar\" alt=\"\" />";
+					break;
+				case USER_AVATAR_GALLERY:
+					$avatar = "<img src=\"../" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+					break;
+			}
+		}
+		else
+		{
+			$avatar = "";
+		}
 
-	for($i = 0; $i < $rank_count; $i++)
-	{
-		$rank = $rank_rows[$i]['rank_title'];
-		$rank_id = $rank_rows[$i]['rank_id'];
+		$sql = "SELECT * FROM " . RANKS_TABLE . "
+			WHERE rank_special = 1
+			ORDER BY rank_title";
+		if( !$result = $db->sql_query($sql) )
+		{
+			message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
+		}
+		$rank_count = $db->sql_numrows($result);
+
+		$rank_rows = $db->sql_fetchrowset($result);
+
+		$rank_select_box = "<option value=\"0\">" . $lang['No_assigned_rank'] . "</option>";
+
+		for($i = 0; $i < $rank_count; $i++)
+		{
+			$rank = $rank_rows[$i]['rank_title'];
+			$rank_id = $rank_rows[$i]['rank_id'];
+			
+			$selected = ( $this_userdata['user_rank'] == $rank_id ) ? "selected=\"selected\"" : "";
+			$rank_select_box .= "<option value=\"" . $rank_id . "\" " . $selected . ">" . $rank . "</option>";
+		}
+
+		$signature = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $signature);
 		
-		$selected = ( $this_userdata['user_rank'] == $rank_id ) ? "selected=\"selected\"" : "";
-		$rank_select_box .= "<option value=\"" . $rank_id . "\" " . $selected . ">" . $rank . "</option>";
+		$template->set_filenames(array(
+			"body" => "admin/user_edit_body.tpl")
+		);
+
+		$template->assign_vars(array(
+			"USERNAME" => $username,
+			"EMAIL" => $email,
+			"YIM" => $yim,
+			"ICQ" => $icq,
+			"MSN" => $msn,
+			"AIM" => $aim,
+			"OCCUPATION" => $occupation,
+			"INTERESTS" => $interests,
+			"LOCATION" => $location,
+			"WEBSITE" => $website,
+			"SIGNATURE" => str_replace("<br />", "\n", $signature),
+			"VIEW_EMAIL_YES" => ($viewemail) ? "checked=\"checked\"" : "",
+			"VIEW_EMAIL_NO" => (!$viewemail) ? "checked=\"checked\"" : "",
+			"HIDE_USER_YES" => (!$allowviewonline) ? "checked=\"checked\"" : "",
+			"HIDE_USER_NO" => ($allowviewonline) ? "checked=\"checked\"" : "",
+			"NOTIFY_PM_YES" => ($notifypm) ? "checked=\"checked\"" : "",
+			"NOTIFY_PM_NO" => (!$notifypm) ? "checked=\"checked\"" : "",
+			"POPUP_PM_YES" => ($popuppm) ? "checked=\"checked\"" : "",
+			"POPUP_PM_NO" => (!$popuppm) ? "checked=\"checked\"" : "",
+			"ALWAYS_ADD_SIGNATURE_YES" => ($attachsig) ? "checked=\"checked\"" : "",
+			"ALWAYS_ADD_SIGNATURE_NO" => (!$attachsig) ? "checked=\"checked\"" : "",
+			"NOTIFY_REPLY_YES" => ($notifyreply) ? "checked=\"checked\"" : "",
+			"NOTIFY_REPLY_NO" => (!$notifyreply) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_BBCODE_YES" => ($allowbbcode) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_BBCODE_NO" => (!$allowbbcode) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "checked=\"checked\"" : "",
+			"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "checked=\"checked\"" : "",
+			"AVATAR" => $avatar,
+			"LANGUAGE_SELECT" => language_select($user_lang, 'language', '../language'),
+			"TIMEZONE_SELECT" => tz_select($user_timezone),
+			"STYLE_SELECT" => style_select($user_style, 'style'),
+			"DATE_FORMAT" => $user_dateformat,
+			"ALLOW_PM_YES" => ($user_allowpm) ? "checked=\"checked\"" : "",
+			"ALLOW_PM_NO" => (!$user_allowpm) ? "checked=\"checked\"" : "",
+			"ALLOW_AVATAR_YES" => ($user_allowavatar) ? "checked=\"checked\"" : "",
+			"ALLOW_AVATAR_NO" => (!$user_allowavatar) ? "checked=\"checked\"" : "",
+			"USER_ACTIVE_YES" => ($user_status) ? "checked=\"checked\"" : "",
+			"USER_ACTIVE_NO" => (!$user_status) ? "checked=\"checked\"" : "", 
+			"RANK_SELECT_BOX" => $rank_select_box,
+
+			"L_USER_TITLE" => $lang['User_admin'],
+			"L_USER_EXPLAIN" => $lang['User_admin_explain'],
+			"L_PASSWORD_IF_CHANGED" => $lang['password_if_changed'],
+			"L_PASSWORD_CONFIRM_IF_CHANGED" => $lang['password_confirm_if_changed'],
+			"L_SUBMIT" => $lang['Submit'],
+			"L_RESET" => $lang['Reset'],
+			"L_ICQ_NUMBER" => $lang['ICQ'],
+			"L_MESSENGER" => $lang['MSNM'],
+			"L_YAHOO" => $lang['YIM'],
+			"L_WEBSITE" => $lang['Website'],
+			"L_AIM" => $lang['AIM'],
+			"L_LOCATION" => $lang['From'],
+			"L_OCCUPATION" => $lang['Occupation'],
+			"L_BOARD_LANGUAGE" => $lang['Board_lang'],
+			"L_BOARD_STYLE" => $lang['Board_style'],
+			"L_TIMEZONE" => $lang['Timezone'],
+			"L_DATE_FORMAT" => $lang['Date_format'],
+			"L_DATE_FORMAT_EXPLAIN" => $lang['Date_format_explain'],
+			"L_YES" => $lang['Yes'],
+			"L_NO" => $lang['No'],
+			"L_INTERESTS" => $lang['Interests'],
+			"L_ALWAYS_ALLOW_SMILIES" => $lang['Always_smile'],
+			"L_ALWAYS_ALLOW_BBCODE" => $lang['Always_bbcode'],
+			"L_ALWAYS_ALLOW_HTML" => $lang['Always_html'],
+			"L_HIDE_USER" => $lang['Hide_user'],
+			"L_ALWAYS_ADD_SIGNATURE" => $lang['Always_add_sig'],
+			
+			"L_SPECIAL" => $lang['User_special'],
+			"L_SPECIAL_EXPLAIN" => $lang['User_specail_explain'],
+			"L_USER_ACTIVE" => $lang['User_status'],
+			"L_ALLOW_PM" => $lang['User_allowpm'],
+			"L_ALLOW_AVATAR" => $lang['User_allowavatar'],
+			
+			"L_AVATAR_PANEL" => $lang['Avatar_panel'],
+			"L_AVATAR_EXPLAIN" => $lang['Admin_avatar_explain'],
+			"L_DELETE_AVATAR" => $lang['Delete_Image'],
+			"L_CURRENT_IMAGE" => $lang['Current_Image'],
+			"L_UPLOAD_AVATAR_FILE" => $lang['Upload_Avatar_file'],
+			"L_UPLOAD_AVATAR_URL" => $lang['Upload_Avatar_URL'],
+			"L_AVATAR_GALLERY" => $lang['Select_from_gallery'],
+			"L_SHOW_GALLERY" => $lang['View_avatar_gallery'],
+			"L_LINK_REMOTE_AVATAR" => $lang['Link_remote_Avatar'],
+
+			"L_SIGNATURE" => $lang['Signature'],
+			"L_SIGNATURE_EXPLAIN" => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']),
+			"L_NOTIFY_ON_PRIVMSG" => $lang['Notify_on_privmsg'],
+			"L_NOTIFY_ON_REPLY" => $lang['Always_notify'],
+			"L_POPUP_ON_PRIVMSG" => $lang['Popup_on_privmsg'],
+			"L_PREFERENCES" => $lang['Preferences'],
+			"L_PUBLIC_VIEW_EMAIL" => $lang['Public_view_email'],
+			"L_ITEMS_REQUIRED" => $lang['Items_required'],
+			"L_REGISTRATION_INFO" => $lang['Registration_info'],
+			"L_PROFILE_INFO" => $lang['Profile_info'],
+			"L_PROFILE_INFO_NOTICE" => $lang['Profile_info_warn'],
+			"L_CONFIRM" => $lang['Confirm'],
+			"L_EMAIL_ADDRESS" => $lang['Email_address'],
+
+			"HTML_STATUS" => $html_status,
+			"BBCODE_STATUS" => $bbcode_status,
+			"SMILIES_STATUS" => $smilies_status,
+
+			"L_DELETE_USER" => $lang['User_delete'],
+			"L_DELETE_USER_EXPLAIN" => $lang['User_delete_explain'],
+			"L_SELECT_RANK" => $lang['Rank_title'],
+
+			"S_HIDDEN_FIELDS" => $s_hidden_fields,
+			"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx"))
+		);
+
+		if( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] )
+		{
+			$template->assign_block_vars("avatarblock", array() );
+
+			if($board_config['allow_avatar_upload'])
+			{
+				$template->assign_block_vars("avatarblock.avatarupload", array() );
+			}
+			if($board_config['allow_avatar_remote'])
+			{
+				$template->assign_block_vars("avatarblock.avatarremote", array() );
+			}
+			if($board_config['allow_avatar_local'])
+			{
+				$template->assign_block_vars("avatarblock.avatargallery", array() );
+			}
+		}
 	}
 
-	$signature = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $signature);
-	
-	$template->set_filenames(array(
-		"body" => "admin/user_edit_body.tpl")
-	);
-
-	$template->assign_vars(array(
-		"USERNAME" => $username,
-		"EMAIL" => $email,
-		"YIM" => $yim,
-		"ICQ" => $icq,
-		"MSN" => $msn,
-		"AIM" => $aim,
-		"OCCUPATION" => $occupation,
-		"INTERESTS" => $interests,
-		"LOCATION" => $location,
-		"WEBSITE" => $website,
-		"SIGNATURE" => str_replace("<br />", "\n", $signature),
-		"VIEW_EMAIL_YES" => ($viewemail) ? "checked=\"checked\"" : "",
-		"VIEW_EMAIL_NO" => (!$viewemail) ? "checked=\"checked\"" : "",
-		"HIDE_USER_YES" => (!$allowviewonline) ? "checked=\"checked\"" : "",
-		"HIDE_USER_NO" => ($allowviewonline) ? "checked=\"checked\"" : "",
-		"NOTIFY_PM_YES" => ($notifypm) ? "checked=\"checked\"" : "",
-		"NOTIFY_PM_NO" => (!$notifypm) ? "checked=\"checked\"" : "",
-		"POPUP_PM_YES" => ($popuppm) ? "checked=\"checked\"" : "",
-		"POPUP_PM_NO" => (!$popuppm) ? "checked=\"checked\"" : "",
-		"ALWAYS_ADD_SIGNATURE_YES" => ($attachsig) ? "checked=\"checked\"" : "",
-		"ALWAYS_ADD_SIGNATURE_NO" => (!$attachsig) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_BBCODE_YES" => ($allowbbcode) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_BBCODE_NO" => (!$allowbbcode) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_HTML_YES" => ($allowhtml) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_HTML_NO" => (!$allowhtml) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_SMILIES_YES" => ($allowsmilies) ? "checked=\"checked\"" : "",
-		"ALWAYS_ALLOW_SMILIES_NO" => (!$allowsmilies) ? "checked=\"checked\"" : "",
-		"AVATAR" => $avatar,
-		"LANGUAGE_SELECT" => language_select($user_lang, 'language', '../language'),
-		"TIMEZONE_SELECT" => tz_select($user_timezone),
-		"STYLE_SELECT" => style_select($user_style, 'style'),
-		"DATE_FORMAT" => $user_dateformat,
-		"ALLOW_PM_YES" => ($user_allowpm) ? "checked=\"checked\"" : "",
-		"ALLOW_PM_NO" => (!$user_allowpm) ? "checked=\"checked\"" : "",
-		"ALLOW_AVATAR_YES" => ($user_allowavatar) ? "checked=\"checked\"" : "",
-		"ALLOW_AVATAR_NO" => (!$user_allowavatar) ? "checked=\"checked\"" : "",
-		"USER_ACTIVE_YES" => ($user_status) ? "checked=\"checked\"" : "",
-		"USER_ACTIVE_NO" => (!$user_status) ? "checked=\"checked\"" : "", 
-		"RANK_SELECT_BOX" => $rank_select_box,
-
-		"L_USER_TITLE" => $lang['User_admin'],
-		"L_USER_EXPLAIN" => $lang['User_admin_explain'],
-		"L_PASSWORD_IF_CHANGED" => $lang['password_if_changed'],
-		"L_PASSWORD_CONFIRM_IF_CHANGED" => $lang['password_confirm_if_changed'],
-		"L_SUBMIT" => $lang['Submit'],
-		"L_RESET" => $lang['Reset'],
-		"L_ICQ_NUMBER" => $lang['ICQ'],
-		"L_MESSENGER" => $lang['MSNM'],
-		"L_YAHOO" => $lang['YIM'],
-		"L_WEBSITE" => $lang['Website'],
-		"L_AIM" => $lang['AIM'],
-		"L_LOCATION" => $lang['From'],
-		"L_OCCUPATION" => $lang['Occupation'],
-		"L_BOARD_LANGUAGE" => $lang['Board_lang'],
-		"L_BOARD_STYLE" => $lang['Board_style'],
-		"L_TIMEZONE" => $lang['Timezone'],
-		"L_DATE_FORMAT" => $lang['Date_format'],
-		"L_DATE_FORMAT_EXPLAIN" => $lang['Date_format_explain'],
-		"L_YES" => $lang['Yes'],
-		"L_NO" => $lang['No'],
-		"L_INTERESTS" => $lang['Interests'],
-		"L_ALWAYS_ALLOW_SMILIES" => $lang['Always_smile'],
-		"L_ALWAYS_ALLOW_BBCODE" => $lang['Always_bbcode'],
-		"L_ALWAYS_ALLOW_HTML" => $lang['Always_html'],
-		"L_HIDE_USER" => $lang['Hide_user'],
-		"L_ALWAYS_ADD_SIGNATURE" => $lang['Always_add_sig'],
-		
-		"L_SPECIAL" => $lang['User_special'],
-		"L_SPECIAL_EXPLAIN" => $lang['User_specail_explain'],
-		"L_USER_ACTIVE" => $lang['User_status'],
-		"L_ALLOW_PM" => $lang['User_allowpm'],
-		"L_ALLOW_AVATAR" => $lang['User_allowavatar'],
-		
-		"L_AVATAR_PANEL" => $lang['Avatar_panel'],
-		"L_AVATAR_EXPLAIN" => $lang['Admin_avatar_explain'],
-		"L_DELETE_AVATAR" => $lang['Delete_Image'],
-		"L_CURRENT_IMAGE" => $lang['Current_Image'],
-
-		"L_SIGNATURE" => $lang['Signature'],
-		"L_SIGNATURE_EXPLAIN" => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']),
-		"L_NOTIFY_ON_PRIVMSG" => $lang['Notify_on_privmsg'],
-		"L_POPUP_ON_PRIVMSG" => $lang['Popup_on_privmsg'],
-		"L_PREFERENCES" => $lang['Preferences'],
-		"L_PUBLIC_VIEW_EMAIL" => $lang['Public_view_email'],
-		"L_ITEMS_REQUIRED" => $lang['Items_required'],
-		"L_REGISTRATION_INFO" => $lang['Registration_info'],
-		"L_PROFILE_INFO" => $lang['Profile_info'],
-		"L_PROFILE_INFO_NOTICE" => $lang['Profile_info_warn'],
-		"L_CONFIRM" => $lang['Confirm'],
-		"L_EMAIL_ADDRESS" => $lang['Email_address'],
-
-		"HTML_STATUS" => $html_status,
-		"BBCODE_STATUS" => $bbcode_status,
-		"SMILIES_STATUS" => $smilies_status,
-
-		"L_DELETE_USER" => $lang['User_delete'],
-		"L_DELETE_USER_EXPLAIN" => $lang['User_delete_explain'],
-		"L_SELECT_RANK" => $lang['Rank_title'],
-
-		"S_HIDDEN_FIELDS" => $s_hidden_fields,
-		"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx"))
-	);
-
 	$template->pparse("body");
 
 }
diff --git a/phpBB/templates/subSilver/admin/user_avatar_gallery.tpl b/phpBB/templates/subSilver/admin/user_avatar_gallery.tpl
new file mode 100644
index 0000000000..db861ee403
--- /dev/null
+++ b/phpBB/templates/subSilver/admin/user_avatar_gallery.tpl
@@ -0,0 +1,36 @@
+
+<h1>{L_USER_TITLE}</h1>
+
+<p>{L_USER_EXPLAIN}</p>
+
+<form action="{S_PROFILE_ACTION}" method="post">
+
+<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
+	<tr> 
+	  <th class="thHead" colspan="{S_COLSPAN}" height="25" valign="middle">{L_AVATAR_GALLERY}</th>
+	</tr>
+	<tr> 
+	  <td class="catBottom" align="center" valign="middle" colspan="6" height="28"><span class="genmed">{L_CATEGORY}:&nbsp;<select name="avatarcategory">{S_OPTIONS_CATEGORIES}</select>&nbsp;<input type="submit" class="liteoption" value="{L_GO}" name="avatargallery" /></span></td>
+	</tr>
+	<!-- BEGIN avatar_row -->
+	<tr> 
+	<!-- BEGIN avatar_column -->
+		<td class="row1" align="center"><img src="{avatar_row.avatar_column.AVATAR_IMAGE}" /></td>
+	<!-- END avatar_column -->
+	</tr>
+	<tr>
+	<!-- BEGIN avatar_option_column -->
+		<td class="row2" align="center"><input type="radio" name="avatarselect" value="{avatar_row.avatar_option_column.S_OPTIONS_AVATAR}" /></td>
+	<!-- END avatar_option_column -->
+	</tr>
+
+	<!-- END avatar_row -->
+	<tr> 
+	  <td class="catBottom" colspan="{S_COLSPAN}" align="center" height="28">{S_HIDDEN_FIELDS} 
+		<input type="submit" name="submitavatar" value="{L_SELECT_AVATAR}" class="mainoption" />
+		&nbsp;&nbsp; 
+		<input type="submit" name="cancelavatar" value="{L_RETURN_PROFILE}" class="liteoption" />
+	  </td>
+	</tr>
+  </table>
+</form>
diff --git a/phpBB/templates/subSilver/admin/user_edit_body.tpl b/phpBB/templates/subSilver/admin/user_edit_body.tpl
index 517b3abef8..f527c4ea69 100644
--- a/phpBB/templates/subSilver/admin/user_edit_body.tpl
+++ b/phpBB/templates/subSilver/admin/user_edit_body.tpl
@@ -5,7 +5,7 @@
 
 {ERROR_BOX}
 
-<form action="{S_PROFILE_ACTION}" method="post"><table width="98%" cellspacing="1" cellpadding="4" border="0" align="center" class="forumline">
+<form action="{S_PROFILE_ACTION}" enctype="multipart/form-data" method="post"><table width="98%" cellspacing="1" cellpadding="4" border="0" align="center" class="forumline">
 	<tr> 
 	  <th class="thHead" colspan="2">{L_REGISTRATION_INFO}</th>
 	</tr>
@@ -128,6 +128,14 @@
 		<input type="radio" name="hideonline" value="0" {HIDE_USER_NO} />
 		<span class="gen">{L_NO}</span></td>
 	</tr>
+	<tr> 
+	  <td class="row1"><span class="gen">{L_NOTIFY_ON_REPLY}:</span></td>
+	  <td class="row2"> 
+		<input type="radio" name="notifyreply" value="1" {NOTIFY_REPLY_YES} />
+		<span class="gen">{L_YES}</span>&nbsp;&nbsp; 
+		<input type="radio" name="notifyreply" value="0" {NOTIFY_REPLY_NO} />
+		<span class="gen">{L_NO}</span></td>
+	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_NOTIFY_ON_PRIVMSG}:</span></td>
 	  <td class="row2"> 
@@ -198,11 +206,12 @@
 	<tr> 
 	  <td class="catSides" colspan="2"><span class="cattitle">&nbsp;</span></td>
 	</tr>
+	<!-- BEGIN avatarblock -->
 	<tr> 
-	  <th class="thSides" colspan="2">{L_AVATAR_PANEL}</th>
+	  <th class="thSides" colspan="2" height="12" valign="middle">{L_AVATAR_PANEL}</th>
 	</tr>
-	<tr> 
-	  <td class="row1" colspan="2" align="center"> 
+	<tr align="center"> 
+	  <td class="row1" colspan="2"> 
 		<table width="70%" cellspacing="2" cellpadding="0" border="0">
 		  <tr> 
 			<td width="65%"><span class="gensmall">{L_AVATAR_EXPLAIN}</span></td>
@@ -214,6 +223,39 @@
 		</table>
 	  </td>
 	</tr>
+	<!-- BEGIN avatarupload -->
+	<tr> 
+	  <td class="row1"><span class="gen">{L_UPLOAD_AVATAR_FILE}:</span></td>
+	  <td class="row2"> 
+		<input type="hidden" name="MAX_FILE_SIZE" value="{AVATAR_SIZE}" />
+		<input type="file" name="avatar" class="post"style="width: 200px"  />
+	  </td>
+	</tr>
+	<tr> 
+	  <td class="row1"><span class="gen">{L_UPLOAD_AVATAR_URL}:</span></td>
+	  <td class="row2"> 
+		<input type="text" name="avatarurl" size="40" class="post"style="width: 200px"  />
+	  </td>
+	</tr>
+	<!-- END avatarupload -->
+	<!-- BEGIN avatarremote -->
+	<tr> 
+	  <td class="row1"><span class="gen">{L_LINK_REMOTE_AVATAR}:</span></td>
+	  <td class="row2"> 
+		<input type="text" name="avatarremoteurl" size="40" class="post"style="width: 200px"  />
+	  </td>
+	</tr>
+	<!-- END avatarremote -->
+	<!-- BEGIN avatargallery -->
+	<tr> 
+	  <td class="row1"><span class="gen">{L_AVATAR_GALLERY}:</span></td>
+	  <td class="row2"> 
+		<input type="submit" name="avatargallery" value="{L_SHOW_GALLERY}" class="liteoption" />
+	  </td>
+	</tr>
+	<!-- END avatargallery -->
+	<!-- END avatarblock -->
+	<tr> 
 	<tr> 
 	  <td class="catSides" colspan="2">&nbsp;</td>
 	</tr>