Tons of work on the UCP, see my topic in the development forum for more info

on the bigger changes.

Registration should still work, the basic layout of the UCP is also done
with the start on the profile settings area.


git-svn-id: file:///svn/phpbb/trunk@3591 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/common.php

@@ -142,6 +142,7 @@ define('STYLES_IMAGE_TABLE', $table_prefix.'styles_imageset');
 define('TOPICS_TABLE', $table_prefix.'topics');
 define('TOPICS_PREFETCH_TABLE', $table_prefix.'topics_prefetch');
 define('TOPICS_WATCH_TABLE', $table_prefix.'topics_watch');
+define('UCP_MODULES_TABLE', $table_prefix.'ucp_modules');
 define('USER_GROUP_TABLE', $table_prefix.'user_group');
 define('USERS_TABLE', $table_prefix.'users');
 define('WORDS_TABLE', $table_prefix.'words');

phpBB/config.php

@@ -0,0 +1,21 @@
+<?php
+
+//
+// phpBB 2.x auto-generated config file
+// Do not change anything in this file!
+//
+
+$dbms = "mysql";
+
+$dbhost = "localhost";
+$dbport = "";
+$dbname = "phpbb";
+$dbuser = "root";
+$dbpasswd = "";
+
+$acm_type = 'file';
+$table_prefix = "phpbb_";
+
+define('PHPBB_INSTALLED', true);
+
+?>

phpBB/includes/functions.php

@@ -799,105 +799,6 @@ function redirect($url)
 	exit;
 }
 
-// Check to see if the username has been taken, or if it is disallowed.
-// Also checks if it includes the " character, which we don't allow in usernames.
-// Used for registering, changing names, and posting anonymously with a username
-function validate_username($username)
-{
-	global $db, $user;
-
-	$username = $db->sql_escape($username);
-
-	$sql = "SELECT username
-		FROM " . USERS_TABLE . "
-		WHERE LOWER(username) = '" . strtolower($username) . "'";
-	$result = $db->sql_query($sql);
-
-	if (($row = $db->sql_fetchrow($result)) && $row['username'] != $user->data['username'])
-	{
-		return $user->lang['Username_taken'];
-	}
-
-	$sql = "SELECT group_name
-		FROM " . GROUPS_TABLE . "
-		WHERE LOWER(group_name) = '" . strtolower($username) . "'";
-	$result = $db->sql_query($sql);
-
-	if ($row = $db->sql_fetchrow($result))
-	{
-		return $user->lang['Username_taken'];
-	}
-
-	$sql = "SELECT disallow_username
-		FROM " . DISALLOW_TABLE;
-	$result = $db->sql_query($sql);
-
-	while ($row = $db->sql_fetchrow($result))
-	{
-		if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['disallow_username'], '#')) . ')\b#i', $username))
-		{
-			return $user->lang['Username_disallowed'];
-		}
-	}
-
-	$sql = "SELECT word
-		FROM  " . WORDS_TABLE;
-	$result = $db->sql_query($sql);
-
-	while ($row = $db->sql_fetchrow($result))
-	{
-		if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . ')\b#i', $username))
-		{
-			return $user->lang['Username_disallowed'];
-		}
-	}
-
-	// Don't allow " in username.
-	if (strstr($username, '"'))
-	{
-		return $user->lang['Username_invalid'];
-	}
-
-	return false;
-}
-
-// Check to see if email address is banned or already present in the DB
-function validate_email($email)
-{
-	global $db, $user;
-
-	if ($email != '')
-	{
-		if (preg_match('/^[a-z0-9\.\-_\+]+@[a-z0-9\-_]+\.([a-z0-9\-_]+\.)*?[a-z]+$/is', $email))
-		{
-			$sql = "SELECT ban_email
-				FROM " . BANLIST_TABLE;
-			$result = $db->sql_query($sql);
-
-			while ($row = $db->sql_fetchrow($result))
-			{
-				if (preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#is', $email))
-				{
-					return $user->lang['Email_banned'];
-				}
-			}
-
-			$sql = "SELECT user_email
-				FROM " . USERS_TABLE . "
-				WHERE user_email = '" . $db->sql_escape($email) . "'";
-			$result = $db->sql_query($sql);
-
-			if ($row = $db->sql_fetchrow($result))
-			{
-				return $user->lang['Email_taken'];
-			}
-
-			return false;
-		}
-	}
-
-	return $user->lang['Email_invalid'];
-}
 
 // Does supplementary validation of optional profile fields. This
 // expects common stuff like trim() and strip_tags() to have already

phpBB/includes/session.php

@@ -496,6 +496,481 @@ class user extends session
 	}
 }
 
+// Handles manipulation of user data. Primary used in registration
+// and user profile manipulation
+class userdata extends user
+{
+	var $error = false;
+	var $error_msg;
+	
+	function add_new_user($userdata, $coppa)
+	{
+		global $config, $db, $user;
+
+		$userdata = $this->prepare_data($userdata, TRUE);
+		
+		if (!$this->error)
+		{
+			if (($coppa) && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
+			{
+				$user_actkey = $this->gen_png_string(10);
+				$key_len = 54 - (strlen($server_url));
+				$key_len = ($key_len > 6) ? $key_len : 6;
+	
+				$user_actkey = substr($user_actkey, 0, $key_len);
+				$user_active = 0;
+	
+				if ($user->data['user_id'] != ANONYMOUS)
+				{
+					$user->destroy();
+				}
+			}
+			else
+			{
+				$user_active = 1;
+				$user_actkey = '';
+			}
+	
+			// Begin transaction ... should this screw up we can rollback
+			$db->sql_transaction();
+	
+			$sql_ary = array(
+				'user_ip'		=> $user->ip, 
+				'user_regdate'	=> time(),
+				'username'		=> $userdata['username'], 
+				'user_password' => $userdata['password'],
+				'user_email'	=> $userdata['email'],
+				'user_viewemail'	=> $userdata['viewemail'],
+				'user_attachsig'	=> $userdata['attachsig'],
+				'user_allowsmile'	=> $userdata['allowsmilies'],
+				'user_allowhtml'	=> $userdata['allowhtml'],
+				'user_allowbbcode'	=> $userdata['allowbbcode'],
+				'user_allow_viewonline' => $userdata['allowviewonline'],
+				'user_allow_pm'		=> 1,
+				'user_notify'	=> $userdata['notifyreply'],
+				'user_allow_viewonline' => $userdata['hideonline'],
+				'user_notify_pm'=> $userdata['notifypm'],
+				'user_popup_pm' => $userdata['popup_pm'],
+				'user_timezone' => (float) $userdata['timezone'],
+				'user_dateformat'	=> $userdata['dateformat'],
+				'user_lang'			=> $userdata['language'],
+				'user_style'		=> $userdata['style'],
+				'user_active' => $user_active,
+				'user_actkey' => $user_actkey
+			);
+	//			'user_avatar' => $avatar_sql['data'],
+	//			'user_avatar_type' => $avatar_sql['type'],
+	
+			$sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
+			$db->sql_query($sql);
+			
+			$user_id = $db->sql_nextid();
+	
+			// Place into appropriate group, either REGISTERED or INACTIVE depending on config
+			$group_name = ($config['require_activation'] == USER_ACTIVATION_NONE) ? 'REGISTERED' : 'INACTIVE';
+			$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) 
+				SELECT $user_id, group_id, 0 
+					FROM " . GROUPS_TABLE . " 
+					WHERE group_name = '$group_name' 
+						AND group_type = " . GROUP_SPECIAL;
+			$result = $db->sql_query($sql);
+	
+			$db->sql_transaction('commit');
+	
+	
+			if ($coppa)
+			{
+				$message = $user->lang['COPPA'];
+				$email_template = 'coppa_welcome_inactive';
+			}
+			else if ($config['require_activation'] == USER_ACTIVATION_SELF)
+			{
+				$message = $user->lang['Account_inactive'];
+				$email_template = 'user_welcome_inactive';
+			}
+			else if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
+			{
+				$message = $user->lang['Account_inactive_admin'];
+				$email_template = 'admin_welcome_inactive';
+			}
+			else
+			{
+				$message = $user->lang['Account_added'];
+				$email_template = 'user_welcome';
+			}
+	
+	/*
+			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+			$emailer = new emailer($config['smtp_delivery']);
+	
+			// Should we just define this within the email class?
+			$email_headers = "From: " . $config['board_email'] . "\nReturn-Path: " . $config['board_email'] . "\r\n";
+	
+			$emailer->use_template($email_template, $user->data['user_lang']);
+			$emailer->email_address($email);
+			$emailer->set_subject();//sprintf($user->lang['Welcome_subject'], $config['sitename'])
+			$emailer->extra_headers($email_headers);
+	
+			if ($coppa)
+			{
+				$emailer->assign_vars(array(
+					'SITENAME' => $config['sitename'],
+					'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
+					'USERNAME' => $username,
+					'PASSWORD' => $password_confirm,
+					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
+	
+					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey,
+					'FAX_INFO' => $config['coppa_fax'],
+					'MAIL_INFO' => $config['coppa_mail'],
+					'EMAIL_ADDRESS' => $email,
+					'SITENAME' => $config['sitename']));
+			}
+			else
+			{
+				$emailer->assign_vars(array(
+					'SITENAME' => $config['sitename'],
+					'WELCOME_MSG' => sprintf($user->lang['Welcome_subject'], $config['sitename']),
+					'USERNAME' => $username,
+					'PASSWORD' => $password_confirm,
+					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
+					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
+				);
+			}
+	
+			$emailer->send();
+			$emailer->reset();
+	
+			if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
+			{
+				$emailer->use_template('admin_activate', stripslashes($user_lang));
+				$emailer->email_address($config['board_email']);
+				$emailer->set_subject(); //$user->lang['New_account_subject']
+				$emailer->extra_headers($email_headers);
+	
+				$emailer->assign_vars(array(
+					'USERNAME' => $username,
+					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
+	
+					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
+				);
+				$emailer->send();
+				$emailer->reset();
+			}
+	*/
+			$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'],  '<a href="' . "index.$phpEx$SID" . '">', '</a>');
+			
+			$return = array('user_id' => $user_id,
+				'username' => $userdata['username'],
+				'message' => $message);
+				
+			return($return);
+			
+		
+		}
+		else
+		{
+			return(array('user_id' => 0,
+				'username' => NULL,
+				'message' => $this->error_msg));
+		}
+
+	}
+	
+	function prepare_data($userdata, $registration = FALSE)
+	{
+		global $db, $user, $config;
+	
+		$strip_var_list = array('username' => 'username', 'email' => 'email'); 
+	
+		foreach ($strip_var_list as $var => $param)
+		{
+			if (!empty($userdata[$param]))
+			{
+				$userdata[$var] = trim(strip_tags($userdata[$param]));
+			}
+		}
+				
+		$trim_var_list = array('password_current' => 'cur_password', 'password' => 'new_password', 'password_confirm' => 'password_confirm');
+	
+		foreach ($trim_var_list as $var => $param)
+		{
+			if (!empty($userdata[$param]))
+			{
+				$userdata[$var] = trim($userdata[$param]);
+			}
+		}
+	
+		$userdata['username'] = str_replace('&nbsp;', '', $userdata['username']);
+		$userdata['email'] = htmlspecialchars($userdata['email']);
+	
+		// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
+		// empty strings if they fail.
+		//validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
+	
+		$userdata['viewemail'] = (isset($userdata['viewemail'])) ? (($userdata['viewemail']) ? TRUE : 0) : 0;
+		$userdata['hideonline'] = (isset($userdata['hideonline'])) ? (($userdata['hideonline']) ? 0 : TRUE) : TRUE;
+		$userdata['notifyreply'] = (isset($userdata['notifyreply'])) ? (($userdata['notifyreply']) ? TRUE : 0) : 0;
+		$userdata['notifypm'] = (isset($userdata['notifypm'])) ? (($userdata['notifypm']) ? TRUE : 0) : TRUE;
+		$userdata['popup_pm'] = (isset($userdata['popup_pm'])) ? (($userdata['popup_pm']) ? TRUE : 0) : TRUE;
+	
+		$userdata['attachsig'] = (isset($userdata['attachsig'])) ? (($userdata['attachsig']) ? TRUE : 0) : $config['allow_sig'];
+	
+		$userdata['allowhtml'] = (isset($userdata['allowhtml'])) ? (($userdata['allowhtml']) ? TRUE : 0) : $config['allow_html'];
+		$userdata['allowbbcode'] = (isset($userdata['allowbbcode'])) ? (($userdata['allowbbcode']) ? TRUE : 0) : $config['allow_bbcode'];
+		$userdata['allowsmilies'] = (isset($userdata['allowsmilies'])) ? (($userdata['allowsmilies']) ? TRUE : 0) : $config['allow_smilies'];
+	
+		$userdata['style'] = (isset($userdata['style'])) ? intval($userdata['style']) : $config['default_style'];
+	
+		if (!empty($userdata['language']))
+		{
+			if (preg_match('/^[a-z_]+$/i', $userdata['language']))
+			{
+				$userdata['language'] = $userdata['language'];
+			}
+			else
+			{
+				$this->error = true;
+				$this->error_msg = $user->lang['Fields_empty'];
+			}
+		}
+		else
+		{
+			$userdata['language'] = $config['default_lang'];
+		}
+	
+		$userdata['timezone'] = (isset($userdata['timezone'])) ? doubleval($userdata['timezone']) : $config['board_timezone'];
+		$userdata['dateformat'] = (!empty($userdata['dateformat'])) ? trim($userdata['dateformat']) : $config['default_dateformat'];
+	
+		if (empty($userdata['username']) || empty($userdata['password']) || empty($userdata['password_confirm']) || empty($userdata['email']))
+		{
+			$this->error = TRUE;
+			$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Fields_empty'];
+		}
+	
+		if (!empty($userdata['password']) && !empty($userdata['password_confirm']))
+		{
+			if ($userdata['password'] != $userdata['password_confirm'])
+			{
+				$this->error = TRUE;
+				$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Password_mismatch'];
+			}
+			else if (strlen($userdata['password']) > 32)
+			{
+				$this->error = TRUE;
+				$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Password_long'];
+			}
+			else
+			{
+				if (!$this->error)
+				{
+					$userdata['password'] = md5($userdata['password']);
+					$passwd_sql = "user_password = '$password', ";
+				}
+			}
+		}
+		else if ((empty($userdata['password']) && !empty($userdata['password_confirm'])) || (!empty($userdata['password']) && empty($userdata['password_confirm'])))
+		{
+			$this->error = TRUE;
+			$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Password_mismatch'];
+		}
+		else
+		{
+			$userdata['password'] = $user->data['user_password'];
+		}
+	
+		// Do a ban check on this email address
+		if ($userdata['email'] != $user->data['user_email'] || $registration)
+		{
+			if (($result = $this->validate_email($userdata['email'])) != false)
+			{
+				$userdata['email'] = $user->data['user_email'];
+
+				$this->error = TRUE;
+				$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $result;
+			}
+		}
+	
+		if (empty($userdata['username']))
+		{
+			$this->error = TRUE;
+			$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Username_disallowed'];
+		}
+		else
+		{
+			if (($result = $this->validate_username($userdata['username'])) != false)
+			{
+				$this->error = TRUE;
+				$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $result;
+			}
+		}
+	
+		// Visual Confirmation handling
+		if ($config['enable_confirm'] && $registration)
+		{
+			if (empty($userdata['confirm_id']))
+			{
+				$this->error = TRUE;
+				$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Confirm_code_wrong'];
+			}
+			else
+			{
+				$sql = "SELECT code 
+					FROM " . CONFIRM_TABLE . " 
+					WHERE confirm_id = '" . $userdata['confirm_id'] . "' 
+						AND session_id = '" . $user->data['session_id'] . "'";
+					
+				$result = $db->sql_query($sql);
+	
+				if ($row = $db->sql_fetchrow($result))
+				{
+					if ($row['code'] != $userdata['confirm_code'])
+					{			
+						$this->error = TRUE;
+						$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Confirm_code_wrong'];
+					}
+				}
+				else
+				{		
+					$this->error = TRUE;
+					$this->error_msg .= ((isset($this->error_msg)) ? '<br />' : '') . $user->lang['Confirm_code_wrong'];
+				}
+	
+				$sql = "DELETE FROM " . CONFIRM_TABLE . " 
+					WHERE confirm_id = '" . $userdata['confirm_id'] . "' 
+						AND session_id = '" . $user->data['session_id'] . "'";
+				$db->sql_query($sql);
+			}
+		}
+		return($userdata);
+	}
+	
+	function modify_userdata($userdata)
+	{
+		
+		
+	}
+	
+	function gen_png_string($num_chars)
+	{
+		$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+	
+		list($usec, $sec) = explode(' ', microtime()); 
+		mt_srand($sec * $usec); 
+	
+		$max_chars = count($chars) - 1;
+		$rand_str = '';
+		for ($i = 0; $i < $num_chars; $i++)
+		{
+			$rand_str .= $chars[mt_rand(0, $max_chars)];
+		}
+	
+		return $rand_str;
+	}
+
+	// Check to see if the username has been taken, or if it is disallowed.
+	// Also checks if it includes the " character, which we don't allow in usernames.
+	// Used for registering, changing names, and posting anonymously with a username
+	function validate_username($username)
+	{
+		global $db, $user;
+	
+		$username = $db->sql_escape($username);
+	
+		$sql = "SELECT username
+			FROM " . USERS_TABLE . "
+			WHERE LOWER(username) = '" . strtolower($username) . "'";
+		$result = $db->sql_query($sql);
+	
+		if (($row = $db->sql_fetchrow($result)) && $row['username'] != $user->data['username'])
+		{
+			return $user->lang['Username_taken'];
+		}
+	
+		$sql = "SELECT group_name
+			FROM " . GROUPS_TABLE . "
+			WHERE LOWER(group_name) = '" . strtolower($username) . "'";
+		$result = $db->sql_query($sql);
+	
+		if ($row = $db->sql_fetchrow($result))
+		{
+			return $user->lang['Username_taken'];
+		}
+	
+		$sql = "SELECT disallow_username
+			FROM " . DISALLOW_TABLE;
+		$result = $db->sql_query($sql);
+	
+		while ($row = $db->sql_fetchrow($result))
+		{
+			if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['disallow_username'], '#')) . ')\b#i', $username))
+			{
+				return $user->lang['Username_disallowed'];
+			}
+		}
+	
+		$sql = "SELECT word
+			FROM  " . WORDS_TABLE;
+		$result = $db->sql_query($sql);
+	
+		while ($row = $db->sql_fetchrow($result))
+		{
+			if (preg_match('#\b(' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . ')\b#i', $username))
+			{
+				return $user->lang['Username_disallowed'];
+			}
+		}
+	
+		// Don't allow " in username.
+		if (strstr($username, '"'))
+		{
+			return $user->lang['Username_invalid'];
+		}
+	
+		return false;
+	}
+	
+	// Check to see if email address is banned or already present in the DB
+	function validate_email($email)
+	{
+		global $db, $user;
+	
+		if ($email != '')
+		{
+			if (preg_match('/^[a-z0-9\.\-_\+]+@[a-z0-9\-_]+\.([a-z0-9\-_]+\.)*?[a-z]+$/is', $email))
+			{
+				$sql = "SELECT ban_email
+					FROM " . BANLIST_TABLE;
+				$result = $db->sql_query($sql);
+	
+				while ($row = $db->sql_fetchrow($result))
+				{
+					if (preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#is', $email))
+					{
+						return $user->lang['Email_banned'];
+					}
+				}
+	
+				$sql = "SELECT user_email
+					FROM " . USERS_TABLE . "
+					WHERE user_email = '" . $db->sql_escape($email) . "'";
+				$result = $db->sql_query($sql);
+	
+				if ($row = $db->sql_fetchrow($result))
+				{
+					return $user->lang['Email_taken'];
+				}
+	
+				return false;
+			}
+		}
+	
+		return $user->lang['Email_invalid'];
+	}
+	
+
+}
+
 // Will be keeping my eye of 'other products' to ensure these things don't
 // mysteriously appear elsewhere, think up your own solutions!
 class auth

phpBB/includes/ucp/usercp_modules.php

@@ -26,22 +26,22 @@
 // show up in the UCP menu. 
 //
 
-$ucp_modules['UCP_Main']['UCP_Main'] = 'ucp.' . $phpEx . "$SID";
+$ucp_modules['UCP_Main']['UCP_Main'] = '';
-$ucp_modules['UCP_Main']['Default'] = 'ucp.' . $phpEx . "$SID";
+$ucp_modules['UCP_Main']['Default'] = '';
 
-$ucp_modules['UCP_Profile']['Default'] = 'ucp/usercp_register.' . $phpEx . "?$SID&mode=editprofile&u=" . $user->data['user_id'];
+$ucp_modules['UCP_Profile']['Default'] = 'inc=ucp/usercp_profile.' . $phpEx . "&mode=editprofile&u=" . $user->data['user_id'];
-$ucp_modules['UCP_Profile']['Registration_information'] = 'ucp/usercp_register.' . $phpEx . "?$SID&mode=editprofilee&u=" . $user->data['user_id'];
+$ucp_modules['UCP_Profile']['Registration_information'] = 'inc=ucp/usercp_profile.' . $phpEx . "&mode=editprofile&u=" . $user->data['user_id'];
-$ucp_modules['UCP_Profile']['Preferances'] = 'ucp/usercp_register.' . $phpEx . "?$SID&mode=preferancese&u=" . $user->data['user_id'];
+$ucp_modules['UCP_Profile']['Preferances'] = 'inc=ucp/usercp_profile.' . $phpEx . "&mode=preferancese&u=" . $user->data['user_id'];
-$ucp_modules['UCP_Profile']['Avatar_settings'] = 'ucp/usercp_avatar.' . $phpEx . "$SIDe&u=" . $user->data['user_id'];
+$ucp_modules['UCP_Profile']['Avatar_settings'] = 'inc=ucp/usercp_avatar.' . $phpEx . "&u=" . $user->data['user_id'];
-$ucp_modules['UCP_Profile']['Signature_settings'] = 'ucp/usercp_register.' . $phpEx . "?$SID&mode=signaturee&u=" . $user->data['user_id'];
+$ucp_modules['UCP_Profile']['Signature_settings'] = 'inc=ucp/usercp_profile.' . $phpEx . "&mode=signaturee&u=" . $user->data['user_id'];
 
-$ucp_modules['UCP_Lists']['Default'] = 'ucp/usercp_lists.' . $phpEx . "?$SID&mode=settings";
+$ucp_modules['UCP_Lists']['Default'] = 'inc=ucp/usercp_lists.' . $phpEx . "&mode=settings";
-$ucp_modules['UCP_Lists']['Lists_settings'] = 'ucp/usercp_lists.' . $phpEx . "?$SID&mode=settings";
+$ucp_modules['UCP_Lists']['Lists_settings'] = 'inc=ucp/usercp_lists.' . $phpEx . "&mode=settings";
-$ucp_modules['UCP_Lists']['While_list'] = 'ucp/usercp_lists.' . $phpEx . "?$SID&mode=white";
+$ucp_modules['UCP_Lists']['While_list'] = 'inc=ucp/usercp_lists.' . $phpEx . "&mode=white";
-$ucp_modules['UCP_Lists']['Black_list'] = 'ucp/usercp_lists.' . $phpEx . "?$SID&mode=black";
+$ucp_modules['UCP_Lists']['Black_list'] = 'inc=ucp/usercp_lists.' . $phpEx . "amp;mode=black";
 
-$ucp_modules['UCP_Priv_messages']['Default'] = "privmsg.php?$SID&folder=inbox";
+$ucp_modules['UCP_Priv_messages']['Default'] = '';
-$ucp_modules['UCP_Priv_messages']['Private_messages'] = "privmsg.php?$SID&folder=inbox";
+$ucp_modules['UCP_Priv_messages']['Private_messages'] = '';
 
 
 //
@@ -53,6 +53,6 @@ $ucp_modules['UCP_Priv_messages']['Private_messages'] = "privmsg.php?$SID&fo
 
 foreach($ucp_modules as $section_title => $sections)
 {
-	$template->assign_block_vars('ucp_sections', array('U_SECTION' => $sections['Default'] ,
+	$template->assign_block_vars('ucp_sections', array('U_SECTION' => "ucp.$phpEx$SID&" . $sections['Default'] ,
 		'SECTION' => $user->lang[$section_title]));
 }

phpBB/install/schemas/mysql_basic.sql

@@ -297,7 +297,10 @@ INSERT INTO phpbb_icons (icons_url, icons_width, icons_height, icons_order, disp
 INSERT INTO phpbb_icons (icons_url, icons_width, icons_height, icons_order, display_on_posting) VALUES ('smile/question.gif', 19, 19, 6, 1);
 INSERT INTO phpbb_icons (icons_url, icons_width, icons_height, icons_order, display_on_posting) VALUES ('smile/exclaim.gif', 19, 19, 7, 1);
     
-
+# -- ucp modules
+INSERT INTO phpbb_ucp_modules (module_id, module_name, module_filename, module_order) VALUES (1, 'Profile Settings', 'ucp/usercp_profile', 1);
+INSERT INTO phpbb_ucp_modules (module_id, module_name, module_filename, module_order) VALUES (2, 'Black/While Lists', 'ucp/usercp_lists', 2);
+	 
 # -- wordlist
 INSERT INTO phpbb_search_wordlist (word_id, word_text, word_common) VALUES ( 1, 'example', 0 );
 INSERT INTO phpbb_search_wordlist (word_id, word_text, word_common) VALUES ( 2, 'post', 0 );

phpBB/install/schemas/mysql_schema.sql

@@ -654,6 +654,19 @@ CREATE TABLE phpbb_topics_watch (
   KEY notify_status (notify_status)
 );
 
+# --------------------------------------------------------
+#
+# Table structure for table 'phpbb_ucp_modules'
+#
+CREATE TABLE phpbb_ucp_modules (
+	module_id mediumint(8) DEFAULT '0' AUTO_INCREMENT NOT NULL,
+	module_name varchar(50) NOT NULL,
+	module_filename varchar(50) NOT NULL,
+	module_order mediumint(4) DEFAULT '0' NOT NULL,
+	KEY module_order (module_order),
+	PRIMARY KEY (module_id)
+);
+
 
 # --------------------------------------------------------
 #

phpBB/language/en/lang_main.php

@@ -421,8 +421,18 @@ $lang = array_merge($lang, array(
 	'UCP_Profile' => 'Profile Settings',
 	'UCP_Lists' => 'Black/White Lists',
 	'UCP_Priv_messages' => 'Private Messages',
-	'Subscribed_topics' => 'Subscribed Topics',
+	'SUBSCRIBED_TOPICS' => 'Subscribed Topics',
+	'SUBSCRIBED_FORUMS' => 'Subscribed Forums',
+	'WELCOME_USERCP' => 'Welcome to your User Control Panel',
+	'UCP_WELCOME_MESSAGE' => 'This is the UCP welcome message some text should go here that says something usefull, however I can\'t for the life of me think of anything to put so if someone coudl come up with something that would be great. Thanks.',
+	'BUDDY_LIST' => 'Buddy List',
+	'ONLINE_BUDDIES' => 'Buddies Currently Online',
+	'UNREAD_PM' => 'Unread PMs',
 	
+	'Registration_information' => 'Registration Information',
+	'Preferances' => 'Preferances',
+	'Avatar_settings' => 'Avatar Settings',
+	'Signature_settings' => 'Signature Settings',
 
 	'Private_Messaging' => 'Private Messaging',
 	'Unread_message' => 'Unread message',

phpBB/ucp.php

@@ -1,4 +1,4 @@
-<?php
+<?php 
 /***************************************************************************
  *                                ucp.php
  *                            -------------------
@@ -84,6 +84,10 @@ if($_GET['mode'] || $_POST['mode'])
 		include($phpbb_root_path . 'ucp/usercp_viewprofile.'.$phpEx);
 		exit;
 	}
+	else if($mode == 'activate')
+	{
+		include($phpbb_root_path . 'ucp/usercp_activate.'.$phpEx);
+	}
 	else if($mode == 'register')
 	{
 		if($user->data['user_id'] != ANONYMOUS)
@@ -98,10 +102,31 @@ if($_GET['mode'] || $_POST['mode'])
 	}
 }
 
-//
+// Database based module handing
-// Include our module definition file. 
+$selected_module = ($_GET['module_id']) ? $_GET['module_id'] : $_POST['module_id'];
-//
+$sql = "SELECT module_id, module_name, module_filename FROM " . UCP_MODULES_TABLE . " ORDER BY module_order";
-include($phpbb_root_path . 'includes/ucp/usercp_modules.'.$phpEx);
+
+$result = $db->sql_query($sql);
+
+$rowset = $db->sql_fetchrowset($result);
+
+// Default UCP link
+$template->assign_block_vars('ucp_sections', array('U_SECTION' => "ucp.$phpEx$SID",
+	'SECTION' => $user->lang['UCP_Main']));
+	
+foreach($rowset as $section)
+{
+	$template->assign_block_vars('ucp_sections', array('U_SECTION' => "ucp.$phpEx$SID&amp;module_id=" . $section['module_id'] ,
+		'SECTION' => $section['module_name']));
+	
+	if($section['module_id'] == $selected_module)
+	{
+		$module_to_include = $section['module_filename'] . "." . $phpEx;
+		include($phpbb_root_path . $module_to_include);
+	}
+}
+
+
 
 
 $page_title = $user->lang['User_control_panel'] . ' - ' . $this_section;
@@ -112,6 +137,12 @@ $orig_word = array();
 $replacement_word = array();
 obtain_word_list($orig_word, $replacement_word);
 
+$template->assign_vars(array('L_SUBSCRIBED_TOPICS' => $user->lang['SUBSCRIBED_TOPICS'],
+	'L_SUBSCRIBED_FORUMS' => $user->lang['SUBSCRIBED_FORUMS'],
+	'L_WELCOME_USERCP' => $user->lang['WELCOME_USERCP'],
+	'UCP_WELCOME_MSG' => $user->lang['UCP_WELCOME_MESSAGE'],
+	'L_ONLINE_BUDDIES' => $user->lang['ONLINE_BUDDIES'],
+	'L_UNREAD_PM' => $user->lang['UNREAD_PM']));
 
 //
 // Subscribed Topics

phpBB/ucp/usercp_activate.php

@@ -20,55 +20,37 @@
  *
  ***************************************************************************/
 
-if ( !defined('IN_PHPBB') )
+ 
+if (!defined('IN_PHPBB'))
 {
 	die('Hacking attempt');
 	exit;
 }
 
-//
+$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey, username
-// The User Control Panel uses Barts 'neat-o-module' system (tm) system to handle the tabs.
-// This block specifies the tabs and sub tabs for this section.
-//
-if( !empty($setmodules) )
-{
-	$filename = str_replace(".$phpEx", '', basename(__FILE__));
-
-	return;
-}
-//
-// End Modules setup
-//
-
-$sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
 	FROM " . USERS_TABLE . "
-	WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
+	WHERE user_id = " . intval($_GET['u']);
-if ( !($result = $db->sql_query($sql)) )
+$result = $db->sql_query($sql);
-{
-	message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
-}
 
 if ( $row = $db->sql_fetchrow($result) )
 {
 	if ( $row['user_active'] && $row['user_actkey'] == '' )
 	{
 		$template->assign_vars(array(
-			'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+			'META' => '<meta http-equiv="refresh" content="10;url=index.' . $phpEx . $SID . '">')
 		);
 
-		message_die(GENERAL_MESSAGE, $lang['Already_activated']);
+		trigger_error($user->lang['Already_activated']);
 	}
-	else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] )
+	else if ( $row['user_actkey'] == $_GET['act_key'] )
 	{
 		$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
 
 		$sql = "UPDATE " . USERS_TABLE . "
 			SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
 			WHERE user_id = " . $row['user_id'];
-		if ( !($result = $db->sql_query($sql)) )
+		
-		{
+		$result = $db->sql_query($sql);
-			message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
-		}
 
 		if ( $config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
 		{
@@ -92,29 +74,44 @@ if ( $row = $db->sql_fetchrow($result) )
 			$emailer->reset();
 
 			$template->assign_vars(array(
-				'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+				'META' => '<meta http-equiv="refresh" content="10;url=index.' . $phpEx . $SID . '">')
 			);
 
-			message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
+			trigger_error($user->lang['Account_active_admin']);
 		}
 		else
 		{
 			$template->assign_vars(array(
-				'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+				'META' => '<meta http-equiv="refresh" content="10;url=index.' . $phpEx . $SID . '">')
 			);
 
-			$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
+			$message = ( $sql_update_pass == '' ) ? $user->lang['Account_active'] : $user->lang['Password_activated'];
-			message_die(GENERAL_MESSAGE, $message);
+			trigger_error($message);
 		}
+
+		// Sync config
+		$sql = "UPDATE " . CONFIG_TABLE . "
+			SET config_value = " . $row['user_id'] . "
+			WHERE config_name = 'newest_user_id'";
+		$db->sql_query($sql);
+		$sql = "UPDATE " . CONFIG_TABLE . "
+			SET config_value = '" . $row['username'] . "'
+			WHERE config_name = 'newest_username'";
+		$db->sql_query($sql);
+		$sql = "UPDATE " . CONFIG_TABLE . "
+			SET config_value = " . ($config['num_users'] + 1) . "
+			WHERE config_name = 'num_users'";
+		$db->sql_query($sql);
+		
 	}
 	else
 	{
-		message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
+		trigger_error($user->lang['Wrong_activation']);
 	}
 }
 else
 {
-	message_die(GENERAL_MESSAGE, $lang['No_such_user']);
+	trigger_error($user->lang['No_such_user']);
 }
 
 ?>

phpBB/ucp/usercp_register.php

@@ -38,6 +38,9 @@ $error = FALSE;
 
 $page_title = $user->lang['Register'];
 
+// class for handling the manipulation of user data
+$userdata = new userdata();
+
 if ($mode == 'register')
 {
 	if(!isset($_POST['agree']) && !isset($_GET['agree']) && !isset($_POST['coppa_over_13']) && !isset($_GET['coppa_over_13'])  && !isset($_POST['coppa_under_13']) && !isset($_GET['coppa_under_13']) && !$_POST['agreed'])
@@ -66,8 +69,10 @@ $coppa = (empty($_POST['coppa_under_13']) && empty($_GET['coppa_under_13'])) ? 0
 
 
 // Check and initialize some variables if needed
-if (isset($_POST['submit']) || $mode == 'register')
+if (isset($_POST['submit']))
 {
+		
+/*
 	$strip_var_list = array('username' => 'username', 'email' => 'email'); 
 
 	foreach ($strip_var_list as $var => $param)
@@ -248,7 +253,7 @@ if (isset($_POST['submit']))
 	{
 		if ((($mode == 'register' || $coppa)) && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
 		{
-			$user_actkey = gen_rand_string(true);
+			$user_actkey = gen_png_string(10);
 			$key_len = 54 - (strlen($server_url));
 			$key_len = ($key_len > 6) ? $key_len : 6;
 
@@ -399,6 +404,7 @@ if (isset($_POST['submit']))
 			$emailer->reset();
 		}
 */
+/*
 		$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'],  '<a href="' . "index.$phpEx$SID" . '">', '</a>');
 
 		trigger_error($message);
@@ -408,10 +414,31 @@ if (isset($_POST['submit']))
 	{
 		trigger_error($error_msg);
 	}
+*/
+
+	$new_user_data = $userdata->add_new_user($_POST, $coppa);
+	if($new_user_data['user_id'])
+	{
+		if ($config['require_activation'] == USER_ACTIVATION_NONE)
+		{
+			set_config('newest_user_id', $new_user_data['user_id'], TRUE);
+			set_config('newest_username', $new_user_data['username'], TRUE);
+			set_config('num_users', $config['num_users'] + 1, TRUE);
+		}
+		
+		trigger_error($new_user_data['message']);
+	}
+	else
+	{
+		trigger_error($new_user_data['message']);
+	}
+	
 }	 // End of submit
 
 
-if ($error)
+
+
+if ($userdata->error)
 {
 	//
 	// If an error occured we need to stripslashes on returned data
@@ -502,7 +529,7 @@ if ($error)
 		}
 		$db->sql_freeresult($result);
 
-		$code = gen_png_string(6);
+		$code = $userdata->gen_png_string(6);
 		$confirm_id = md5(uniqid($user_ip));
 
 		$sql = "INSERT INTO " . CONFIRM_TABLE . " (confirm_id, session_id, code) 
@@ -642,22 +669,6 @@ function show_coppa()
 	);
 }
 
-function gen_png_string($num_chars)
-{
-	$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
-
-	list($usec, $sec) = explode(' ', microtime()); 
-	mt_srand($sec * $usec); 
-
-	$max_chars = count($chars) - 1;
-	$rand_str = '';
-	for ($i = 0; $i < $num_chars; $i++)
-	{
-		$rand_str .= $chars[mt_rand(0, $max_chars)];
-	}
-
-	return $rand_str;
-}
 //
 // FUNCTIONS
 // ---------