]> git.vanrenterghem.biz Git - www.vanrenterghem.biz.git/blob - phpBB2_old/admin/admin_users.php
Baseline
[www.vanrenterghem.biz.git] / phpBB2_old / admin / admin_users.php
1 <?php
2 /***************************************************************************
3  *                              admin_users.php
4  *                            -------------------
5  *   begin                : Saturday, Feb 13, 2001
6  *   copyright            : (C) 2001 The phpBB Group
7  *   email                : support@phpbb.com
8  *
9  *   $Id: admin_users.php,v 1.57.2.26 2004/03/25 15:57:20 acydburn Exp $
10  *
11  *
12  ***************************************************************************/
14 /***************************************************************************
15  *
16  *   This program is free software; you can redistribute it and/or modify
17  *   it under the terms of the GNU General Public License as published by
18  *   the Free Software Foundation; either version 2 of the License, or
19  *   (at your option) any later version.
20  *
21  ***************************************************************************/
23 define('IN_PHPBB', 1);
25 if( !empty($setmodules) )
26 {
27         $filename = basename(__FILE__);
28         $module['Users']['Manage'] = $filename;
30         return;
31 }
33 $phpbb_root_path = './../';
34 require($phpbb_root_path . 'extension.inc');
35 require('./pagestart.' . $phpEx);
36 require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
37 require($phpbb_root_path . 'includes/functions_post.'.$phpEx);
38 require($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
39 require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
41 $html_entities_match = array('#<#', '#>#');
42 $html_entities_replace = array('&lt;', '&gt;');
44 //
45 // Set mode
46 //
47 if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
48 {
49         $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
50         $mode = htmlspecialchars($mode);
51 }
52 else
53 {
54         $mode = '';
55 }
57 //
58 // Begin program
59 //
60 if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) )
61 {
62         //
63         // Ok, the profile has been modified and submitted, let's update
64         //
65         if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
66         {
67                 $user_id = intval($HTTP_POST_VARS['id']);
69                 if (!($this_userdata = get_userdata($user_id)))
70                 {
71                         message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
72                 }
74                 if( $HTTP_POST_VARS['deleteuser'] )
75                 {
76                         $sql = "SELECT g.group_id 
77                                 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g  
78                                 WHERE ug.user_id = $user_id 
79                                         AND g.group_id = ug.group_id 
80                                         AND g.group_single_user = 1";
81                         if( !($result = $db->sql_query($sql)) )
82                         {
83                                 message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
84                         }
86                         $row = $db->sql_fetchrow($result);
87                         
88                         $sql = "UPDATE " . POSTS_TABLE . "
89                                 SET poster_id = " . DELETED . ", post_username = '$username' 
90                                 WHERE poster_id = $user_id";
91                         if( !$db->sql_query($sql) )
92                         {
93                                 message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql);
94                         }
96                         $sql = "UPDATE " . TOPICS_TABLE . "
97                                 SET topic_poster = " . DELETED . " 
98                                 WHERE topic_poster = $user_id";
99                         if( !$db->sql_query($sql) )
100                         {
101                                 message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
102                         }
103                         
104                         $sql = "UPDATE " . VOTE_USERS_TABLE . "
105                                 SET vote_user_id = " . DELETED . "
106                                 WHERE vote_user_id = $user_id";
107                         if( !$db->sql_query($sql) )
108                         {
109                                 message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
110                         }
111                         
112                         $sql = "SELECT group_id
113                                 FROM " . GROUPS_TABLE . "
114                                 WHERE group_moderator = $user_id";
115                         if( !($result = $db->sql_query($sql)) )
116                         {
117                                 message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
118                         }
119                         
120                         while ( $row_group = $db->sql_fetchrow($result) )
121                         {
122                                 $group_moderator[] = $row_group['group_id'];
123                         }
124                         
125                         if ( count($group_moderator) )
126                         {
127                                 $update_moderator_id = implode(', ', $group_moderator);
128                                 
129                                 $sql = "UPDATE " . GROUPS_TABLE . "
130                                         SET group_moderator = " . $userdata['user_id'] . "
131                                         WHERE group_moderator IN ($update_moderator_id)";
132                                 if( !$db->sql_query($sql) )
133                                 {
134                                         message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
135                                 }
136                         }
138                         $sql = "DELETE FROM " . USERS_TABLE . "
139                                 WHERE user_id = $user_id";
140                         if( !$db->sql_query($sql) )
141                         {
142                                 message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql);
143                         }
145                         $sql = "DELETE FROM " . USER_GROUP_TABLE . "
146                                 WHERE user_id = $user_id";
147                         if( !$db->sql_query($sql) )
148                         {
149                                 message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql);
150                         }
152                         $sql = "DELETE FROM " . GROUPS_TABLE . "
153                                 WHERE group_id = " . $row['group_id'];
154                         if( !$db->sql_query($sql) )
155                         {
156                                 message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
157                         }
159                         $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
160                                 WHERE group_id = " . $row['group_id'];
161                         if( !$db->sql_query($sql) )
162                         {
163                                 message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
164                         }
166                         $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
167                                 WHERE user_id = $user_id";
168                         if ( !$db->sql_query($sql) )
169                         {
170                                 message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
171                         }
172                         
173                         $sql = "DELETE FROM " . BANLIST_TABLE . "
174                                 WHERE ban_userid = $user_id";
175                         if ( !$db->sql_query($sql) )
176                         {
177                                 message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql);
178                         }
180                         $sql = "SELECT privmsgs_id
181                                 FROM " . PRIVMSGS_TABLE . "
182                                 WHERE privmsgs_from_userid = $user_id 
183                                         OR privmsgs_to_userid = $user_id";
184                         if ( !($result = $db->sql_query($sql)) )
185                         {
186                                 message_die(GENERAL_ERROR, 'Could not select all users private messages', '', __LINE__, __FILE__, $sql);
187                         }
189                         // This little bit of code directly from the private messaging section.
190                         while ( $row_privmsgs = $db->sql_fetchrow($result) )
191                         {
192                                 $mark_list[] = $row_privmsgs['privmsgs_id'];
193                         }
194                         
195                         if ( count($mark_list) )
196                         {
197                                 $delete_sql_id = implode(', ', $mark_list);
198                                 
199                                 $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
200                                         WHERE privmsgs_text_id IN ($delete_sql_id)";
201                                 $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
202                                         WHERE privmsgs_id IN ($delete_sql_id)";
203                                 
204                                 if ( !$db->sql_query($delete_sql) )
205                                 {
206                                         message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
207                                 }
208                                 
209                                 if ( !$db->sql_query($delete_text_sql) )
210                                 {
211                                         message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
212                                 }
213                         }
215                         $message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
217                         message_die(GENERAL_MESSAGE, $message);
218                 }
220                 $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : '';
221                 $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
223                 $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
224                 $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : '';
226                 $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : '';
227                 $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : '';
228                 $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : '';
229                 $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : '';
231                 $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : '';
232                 $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : '';
233                 $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : '';
234                 $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : '';
235                 $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : '';
237                 validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
239                 $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0;
240                 $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE;
241                 $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0;
242                 $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE;
243                 $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE;
244                 $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0;
246                 $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html'];
247                 $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode'];
248                 $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies'];
250                 $user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
251                 $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
252                 $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
253                 $user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
254                 $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat'];
256                 $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] )  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
258                 $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : '';
259                 $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : '';
260                 $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
261                 $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
262                 $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
263                 $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
265                 $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : '';
266                 $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';              
268                 $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0;
269                 $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0;
270                 $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0;
271                 $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0;
273                 if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
274                 {
275                         $username = stripslashes($username);
276                         $email = stripslashes($email);
277                         $password = '';
278                         $password_confirm = '';
280                         $icq = stripslashes($icq);
281                         $aim = htmlspecialchars(stripslashes($aim));
282                         $msn = htmlspecialchars(stripslashes($msn));
283                         $yim = htmlspecialchars(stripslashes($yim));
285                         $website = htmlspecialchars(stripslashes($website));
286                         $location = htmlspecialchars(stripslashes($location));
287                         $occupation = htmlspecialchars(stripslashes($occupation));
288                         $interests = htmlspecialchars(stripslashes($interests));
289                         $signature = htmlspecialchars(stripslashes($signature));
291                         $user_lang = stripslashes($user_lang);
292                         $user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
294                         if ( !isset($HTTP_POST_VARS['cancelavatar'])) 
295                         {
296                                 $user_avatar = $user_avatar_local;
297                                 $user_avatar_type = USER_AVATAR_GALLERY;
298                         }
299                 }
300         }
302         if( isset( $HTTP_POST_VARS['submit'] ) )
303         {
304                 include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
306                 $error = FALSE;
308                 if (stripslashes($username) != $this_userdata['username'])
309                 {
310                         unset($rename_user);
312                         if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) ) 
313                         {
314                                 $result = validate_username($username);
315                                 if ( $result['error'] )
316                                 {
317                                         $error = TRUE;
318                                         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
319                                 }
320                                 else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) )
321                                 {
322                                         $error = TRUE;
323                                         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken'];
324                                 }
325                         }
327                         if (!$error)
328                         {
329                                 $username_sql = "username = '" . str_replace("\\'", "''", $username) . "', ";
330                                 $rename_user = $username; // Used for renaming usergroup
331                         }
332                 }
334                 $passwd_sql = '';
335                 if( !empty($password) && !empty($password_confirm) )
336                 {
337                         //
338                         // Awww, the user wants to change their password, isn't that cute..
339                         //
340                         if($password != $password_confirm)
341                         {
342                                 $error = TRUE;
343                                 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
344                         }
345                         else
346                         {
347                                 $password = md5($password);
348                                 $passwd_sql = "user_password = '$password', ";
349                         }
350                 }
351                 else if( $password && !$password_confirm )
352                 {
353                         $error = TRUE;
354                         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
355                 }
356                 else if( !$password && $password_confirm )
357                 {
358                         $error = TRUE;
359                         $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
360                 }
362                 if ($signature != '')
363                 {
364                         $sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
365                         if ( $allowhtml )
366                         {
367                                 $sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check);
368                         }
370                         // Only create a new bbcode_uid when there was no uid yet.
371                         if ( $signature_bbcode_uid == '' )
372                         {
373                                 $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
374                         }
375                         $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
377                         if ( strlen($sig_length_check) > $board_config['max_sig_chars'] )
378                         { 
379                                 $error = TRUE;
380                                 $error_msg .=  ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
381                         }
382                 }
384                 //
385                 // Avatar stuff
386                 //
387                 $avatar_sql = "";
388                 if( isset($HTTP_POST_VARS['avatardel']) )
389                 {
390                         if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
391                         {
392                                 if( @file_exists(@phpbb_realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
393                                 {
394                                         @unlink("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
395                                 }
396                         }
397                         $avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
398                 }
399                 else if( ( $user_avatar_loc != "" || !empty($user_avatar_url) ) && !$error )
400                 {
401                         //
402                         // Only allow one type of upload, either a
403                         // filename or a URL
404                         //
405                         if( !empty($user_avatar_loc) && !empty($user_avatar_url) )
406                         {
407                                 $error = TRUE;
408                                 if( isset($error_msg) )
409                                 {
410                                         $error_msg .= "<br />";
411                                 }
412                                 $error_msg .= $lang['Only_one_avatar'];
413                         }
415                         if( $user_avatar_loc != "" )
416                         {
417                                 if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
418                                 {
419                                         if( $user_avatar_size <= $board_config['avatar_filesize'] && $user_avatar_size > 0)
420                                         {
421                                                 $error_type = false;
423                                                 //
424                                                 // Opera appends the image name after the type, not big, not clever!
425                                                 //
426                                                 preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype);
427                                                 $user_avatar_filetype = $user_avatar_filetype[1];
429                                                 switch( $user_avatar_filetype )
430                                                 {
431                                                         case "jpeg":
432                                                         case "pjpeg":
433                                                         case "jpg":
434                                                                 $imgtype = '.jpg';
435                                                                 break;
436                                                         case "gif":
437                                                                 $imgtype = '.gif';
438                                                                 break;
439                                                         case "png":
440                                                                 $imgtype = '.png';
441                                                                 break;
442                                                         default:
443                                                                 $error = true;
444                                                                 $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
445                                                                 break;
446                                                 }
448                                                 if( !$error )
449                                                 {
450                                                         list($width, $height) = @getimagesize($user_avatar_loc);
452                                                         if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
453                                                         {
454                                                                 $user_id = $this_userdata['user_id'];
456                                                                 $avatar_filename = $user_id . $imgtype;
458                                                                 if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
459                                                                 {
460                                                                         if( @file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
461                                                                         {
462                                                                                 @unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']);
463                                                                         }
464                                                                 }
465                                                                 @copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
467                                                                 $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
468                                                         }
469                                                         else
470                                                         {
471                                                                 $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
473                                                                 $error = true;
474                                                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
475                                                         }
476                                                 }
477                                         }
478                                         else
479                                         {
480                                                 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
482                                                 $error = true;
483                                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
484                                         }
485                                 }
486                                 else
487                                 {
488                                         $error = true;
489                                         $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
490                                 }
491                         }
492                         else if( !empty($user_avatar_url) )
493                         {
494                                 //
495                                 // First check what port we should connect
496                                 // to, look for a :[xxxx]/ or, if that doesn't
497                                 // exist assume port 80 (http)
498                                 //
499                                 preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary);
501                                 if( !empty($url_ary[4]) )
502                                 {
503                                         $port = (!empty($url_ary[3])) ? $url_ary[3] : 80;
505                                         $fsock = @fsockopen($url_ary[2], $port, $errno, $errstr);
506                                         if( $fsock )
507                                         {
508                                                 $base_get = "/" . $url_ary[4];
510                                                 //
511                                                 // Uses HTTP 1.1, could use HTTP 1.0 ...
512                                                 //
513                                                 @fputs($fsock, "GET $base_get HTTP/1.1\r\n");
514                                                 @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
515                                                 @fputs($fsock, "Connection: close\r\n\r\n");
517                                                 unset($avatar_data);
518                                                 while( !@feof($fsock) )
519                                                 {
520                                                         $avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
521                                                 }
522                                                 @fclose($fsock);
524                                                 if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) )
525                                                 {
526                                                         $file_size = $file_data1[1]; 
527                                                         $file_type = $file_data2[1];
529                                                         switch( $file_type )
530                                                         {
531                                                                 case "jpeg":
532                                                                 case "pjpeg":
533                                                                 case "jpg":
534                                                                         $imgtype = '.jpg';
535                                                                         break;
536                                                                 case "gif":
537                                                                         $imgtype = '.gif';
538                                                                         break;
539                                                                 case "png":
540                                                                         $imgtype = '.png';
541                                                                         break;
542                                                                 default:
543                                                                         $error = true;
544                                                                         $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
545                                                                         break;
546                                                         }
548                                                         if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] )
549                                                         {
550                                                                 $avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);
552                                                                 $tmp_filename = tempnam ("/tmp", $this_userdata['user_id'] . "-");
553                                                                 $fptr = @fopen($tmp_filename, "wb");
554                                                                 $bytes_written = @fwrite($fptr, $avatar_data, $file_size);
555                                                                 @fclose($fptr);
557                                                                 if( $bytes_written == $file_size )
558                                                                 {
559                                                                         list($width, $height) = @getimagesize($tmp_filename);
561                                                                         if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
562                                                                         {
563                                                                                 $user_id = $this_userdata['user_id'];
565                                                                                 $avatar_filename = $user_id . $imgtype;
567                                                                                 if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "")
568                                                                                 {
569                                                                                         if( file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
570                                                                                         {
571                                                                                                 @unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
572                                                                                         }
573                                                                                 }
574                                                                                 @copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
575                                                                                 @unlink($tmp_filename);
577                                                                                 $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
578                                                                         }
579                                                                         else
580                                                                         {
581                                                                                 $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
583                                                                                 $error = true;
584                                                                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
585                                                                         }
586                                                                 }
587                                                                 else
588                                                                 {
589                                                                         //
590                                                                         // Error writing file
591                                                                         //
592                                                                         @unlink($tmp_filename);
593                                                                         message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__);
594                                                                 }
595                                                         }
596                                                 }
597                                                 else
598                                                 {
599                                                         //
600                                                         // No data
601                                                         //
602                                                         $error = true;
603                                                         $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['File_no_data'] : $lang['File_no_data'];
604                                                 }
605                                         }
606                                         else
607                                         {
608                                                 //
609                                                 // No connection
610                                                 //
611                                                 $error = true;
612                                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['No_connection_URL'] : $lang['No_connection_URL'];
613                                         }
614                                 }
615                                 else
616                                 {
617                                         $error = true;
618                                         $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
619                                 }
620                         }
621                         else if( !empty($user_avatar_name) )
622                         {
623                                 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
625                                 $error = true;
626                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
627                         }
628                 }
629                 else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error )
630                 {
631                         if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) )
632                         {
633                                 $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl;
634                         }
636                         if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|png)$)#is", $user_avatar_remoteurl) )
637                         {
638                                 $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE;
639                         }
640                         else
641                         {
642                                 $error = true;
643                                 $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
644                         }
645                 }
646                 else if( $user_avatar_local != "" && $avatar_sql == "" && !$error )
647                 {
648                         $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
649                 }
650         
651                 //
652                 // Update entry in DB
653                 //
654                 if( !$error )
655                 {
656                         $sql = "UPDATE " . USERS_TABLE . "
657                                 SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . "
658                                 WHERE user_id = $user_id";
660                         if( $result = $db->sql_query($sql) )
661                         {
662                                 if( isset($rename_user) )
663                                 {
664                                         $sql = "UPDATE " . GROUPS_TABLE . "
665                                                 SET group_name = '".str_replace("\'", "''", $rename_user)."'
666                                                 WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'";
667                                         if( !$result = $db->sql_query($sql) )
668                                         {
669                                                 message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql);
670                                         }
671                                 }
672                                 
673                                 // Delete user session, to prevent the user navigating the forum (if logged in) when disabled
674                                 if (!$user_status)
675                                 {
676                                         $sql = "DELETE FROM " . SESSIONS_TABLE . " 
677                                                 WHERE session_user_id = " . $user_id;
679                                         if ( !$db->sql_query($sql) )
680                                         {
681                                                 message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
682                                         }
683                                 }
684                                 
685                                 $message .= $lang['Admin_user_updated'];
686                         }
687                         else
688                         {
689                                 $error = TRUE;
690                                 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Admin_user_fail'];
691                         }
693                         $message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
695                         message_die(GENERAL_MESSAGE, $message);
696                 }
697                 else
698                 {
699                         $template->set_filenames(array(
700                                 'reg_header' => 'error_body.tpl')
701                         );
703                         $template->assign_vars(array(
704                                 'ERROR_MESSAGE' => $error_msg)
705                         );
707                         $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
709                         $username = htmlspecialchars(stripslashes($username));
710                         $email = stripslashes($email);
711                         $password = '';
712                         $password_confirm = '';
714                         $icq = stripslashes($icq);
715                         $aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
716                         $msn = htmlspecialchars(stripslashes($msn));
717                         $yim = htmlspecialchars(stripslashes($yim));
719                         $website = htmlspecialchars(stripslashes($website));
720                         $location = htmlspecialchars(stripslashes($location));
721                         $occupation = htmlspecialchars(stripslashes($occupation));
722                         $interests = htmlspecialchars(stripslashes($interests));
723                         $signature = htmlspecialchars(stripslashes($signature));
725                         $user_lang = stripslashes($user_lang);
726                         $user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
727                 }
728         }
729         else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) )
730         {
731                 if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) )
732                 {
733                         $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]);
734                         $this_userdata = get_userdata($user_id);
735                         if( !$this_userdata )
736                         {
737                                 message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
738                         }
739                 }
740                 else
741                 {
742                         $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
743                         if( !$this_userdata )
744                         {
745                                 message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
746                         }
747                 }
749                 //
750                 // Now parse and display it as a template
751                 //
752                 $user_id = $this_userdata['user_id'];
753                 $username = $this_userdata['username'];
754                 $email = $this_userdata['user_email'];
755                 $password = '';
756                 $password_confirm = '';
758                 $icq = $this_userdata['user_icq'];
759                 $aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ));
760                 $msn = htmlspecialchars($this_userdata['user_msnm']);
761                 $yim = htmlspecialchars($this_userdata['user_yim']);
763                 $website = htmlspecialchars($this_userdata['user_website']);
764                 $location = htmlspecialchars($this_userdata['user_from']);
765                 $occupation = htmlspecialchars($this_userdata['user_occ']);
766                 $interests = htmlspecialchars($this_userdata['user_interests']);
768                 $signature = ($this_userdata['user_sig_bbcode_uid'] != '') ? preg_replace('#:' . $this_userdata['user_sig_bbcode_uid'] . '#si', '', $this_userdata['user_sig']) : $this_userdata['user_sig'];
769                 $signature = preg_replace($html_entities_match, $html_entities_replace, $signature);
771                 $viewemail = $this_userdata['user_viewemail'];
772                 $notifypm = $this_userdata['user_notify_pm'];
773                 $popuppm = $this_userdata['user_popup_pm'];
774                 $notifyreply = $this_userdata['user_notify'];
775                 $attachsig = $this_userdata['user_attachsig'];
776                 $allowhtml = $this_userdata['user_allowhtml'];
777                 $allowbbcode = $this_userdata['user_allowbbcode'];
778                 $allowsmilies = $this_userdata['user_allowsmile'];
779                 $allowviewonline = $this_userdata['user_allow_viewonline'];
781                 $user_avatar = $this_userdata['user_avatar'];
782                 $user_avatar_type = $this_userdata['user_avatar_type'];
783                 $user_style = $this_userdata['user_style'];
784                 $user_lang = $this_userdata['user_lang'];
785                 $user_timezone = $this_userdata['user_timezone'];
786                 $user_dateformat = htmlspecialchars($this_userdata['user_dateformat']);
787                 
788                 $user_status = $this_userdata['user_active'];
789                 $user_allowavatar = $this_userdata['user_allowavatar'];
790                 $user_allowpm = $this_userdata['user_allow_pm'];
791                 
792                 $COPPA = false;
794                 $html_status =  ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
795                 $bbcode_status = ($this_userdata['user_allowbbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
796                 $smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
797         }
799         if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
800         {
801                 if( !$error )
802                 {
803                         $user_id = intval($HTTP_POST_VARS['id']);
805                         $template->set_filenames(array(
806                                 "body" => "admin/user_avatar_gallery.tpl")
807                         );
809                         $dir = @opendir("../" . $board_config['avatar_gallery_path']);
811                         $avatar_images = array();
812                         while( $file = @readdir($dir) )
813                         {
814                                 if( $file != "." && $file != ".." && !is_file(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) )
815                                 {
816                                         $sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file);
818                                         $avatar_row_count = 0;
819                                         $avatar_col_count = 0;
821                                         while( $sub_file = @readdir($sub_dir) )
822                                         {
823                                                 if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) )
824                                                 {
825                                                         $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file;
827                                                         $avatar_col_count++;
828                                                         if( $avatar_col_count == 5 )
829                                                         {
830                                                                 $avatar_row_count++;
831                                                                 $avatar_col_count = 0;
832                                                         }
833                                                 }
834                                         }
835                                 }
836                         }
837         
838                         @closedir($dir);
840                         if( isset($HTTP_POST_VARS['avatarcategory']) )
841                         {
842                                 $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
843                         }
844                         else
845                         {
846                                 list($category, ) = each($avatar_images);
847                         }
848                         @reset($avatar_images);
850                         $s_categories = "";
851                         while( list($key) = each($avatar_images) )
852                         {
853                                 $selected = ( $key == $category ) ? "selected=\"selected\"" : "";
854                                 if( count($avatar_images[$key]) )
855                                 {
856                                         $s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>';
857                                 }
858                         }
860                         $s_colspan = 0;
861                         for($i = 0; $i < count($avatar_images[$category]); $i++)
862                         {
863                                 $template->assign_block_vars("avatar_row", array());
865                                 $s_colspan = max($s_colspan, count($avatar_images[$category][$i]));
867                                 for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
868                                 {
869                                         $template->assign_block_vars("avatar_row.avatar_column", array(
870                                                 "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j])
871                                         );
873                                         $template->assign_block_vars("avatar_row.avatar_option_column", array(
874                                                 "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j])
875                                         );
876                                 }
877                         }
879                         $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
881                         $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
882                         $s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';
884                         $s_hidden_fields .= '<input type="hidden" name="username" value="' . str_replace("\"", "&quot;", $username) . '" />';
885                         $s_hidden_fields .= '<input type="hidden" name="email" value="' . str_replace("\"", "&quot;", $email) . '" />';
886                         $s_hidden_fields .= '<input type="hidden" name="icq" value="' . str_replace("\"", "&quot;", $icq) . '" />';
887                         $s_hidden_fields .= '<input type="hidden" name="aim" value="' . str_replace("\"", "&quot;", $aim) . '" />';
888                         $s_hidden_fields .= '<input type="hidden" name="msn" value="' . str_replace("\"", "&quot;", $msn) . '" />';
889                         $s_hidden_fields .= '<input type="hidden" name="yim" value="' . str_replace("\"", "&quot;", $yim) . '" />';
890                         $s_hidden_fields .= '<input type="hidden" name="website" value="' . str_replace("\"", "&quot;", $website) . '" />';
891                         $s_hidden_fields .= '<input type="hidden" name="location" value="' . str_replace("\"", "&quot;", $location) . '" />';
892                         $s_hidden_fields .= '<input type="hidden" name="occupation" value="' . str_replace("\"", "&quot;", $occupation) . '" />';
893                         $s_hidden_fields .= '<input type="hidden" name="interests" value="' . str_replace("\"", "&quot;", $interests) . '" />';
894                         $s_hidden_fields .= '<input type="hidden" name="signature" value="' . str_replace("\"", "&quot;", $signature) . '" />';
895                         $s_hidden_fields .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
896                         $s_hidden_fields .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
897                         $s_hidden_fields .= '<input type="hidden" name="popup_pm" value="' . $popuppm . '" />';
898                         $s_hidden_fields .= '<input type="hidden" name="notifyreply" value="' . $notifyreply . '" />';
899                         $s_hidden_fields .= '<input type="hidden" name="attachsig" value="' . $attachsig . '" />';
900                         $s_hidden_fields .= '<input type="hidden" name="allowhtml" value="' . $allowhtml . '" />';
901                         $s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />';
902                         $s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />';
903                         $s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />';
904                         $s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; 
905                         $s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
906                         $s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
907                         $s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", "&quot;", $user_dateformat) . '" />';
909                         $s_hidden_fields .= '<input type="hidden" name="user_status" value="' . $user_status . '" />';
910                         $s_hidden_fields .= '<input type="hidden" name="user_allowpm" value="' . $user_allowpm . '" />';
911                         $s_hidden_fields .= '<input type="hidden" name="user_allowavatar" value="' . $user_allowavatar . '" />';
912                         $s_hidden_fields .= '<input type="hidden" name="user_rank" value="' . $user_rank . '" />';
914                         $template->assign_vars(array(
915                                 "L_USER_TITLE" => $lang['User_admin'],
916                                 "L_USER_EXPLAIN" => $lang['User_admin_explain'],
917                                 "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], 
918                                 "L_SELECT_AVATAR" => $lang['Select_avatar'], 
919                                 "L_RETURN_PROFILE" => $lang['Return_profile'], 
920                                 "L_CATEGORY" => $lang['Select_category'], 
921                                 "L_GO" => $lang['Go'],
923                                 "S_OPTIONS_CATEGORIES" => $s_categories, 
924                                 "S_COLSPAN" => $s_colspan, 
925                                 "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), 
926                                 "S_HIDDEN_FIELDS" => $s_hidden_fields)
927                         );
928                 }
929         }
930         else
931         {
932                 $s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
933                 $s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />';
935                 if( !empty($user_avatar_local) )
936                 {
937                         $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
938                 }
940                 if( $user_avatar_type )
941                 {
942                         switch( $user_avatar_type )
943                         {
944                                 case USER_AVATAR_UPLOAD:
945                                         $avatar = '<img src="../' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />';
946                                         break;
947                                 case USER_AVATAR_REMOTE:
948                                         $avatar = '<img src="' . $user_avatar . '" alt="" />';
949                                         break;
950                                 case USER_AVATAR_GALLERY:
951                                         $avatar = '<img src="../' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />';
952                                         break;
953                         }
954                 }
955                 else
956                 {
957                         $avatar = "";
958                 }
960                 $sql = "SELECT * FROM " . RANKS_TABLE . "
961                         WHERE rank_special = 1
962                         ORDER BY rank_title";
963                 if ( !($result = $db->sql_query($sql)) )
964                 {
965                         message_die(GENERAL_ERROR, 'Could not obtain ranks data', '', __LINE__, __FILE__, $sql);
966                 }
968                 $rank_select_box = '<option value="0">' . $lang['No_assigned_rank'] . '</option>';
969                 while( $row = $db->sql_fetchrow($result) )
970                 {
971                         $rank = $row['rank_title'];
972                         $rank_id = $row['rank_id'];
973                         
974                         $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : '';
975                         $rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>';
976                 }
978                 $template->set_filenames(array(
979                         "body" => "admin/user_edit_body.tpl")
980                 );
981                 
982                 //
983                 // Let's do an overall check for settings/versions which would prevent
984                 // us from doing file uploads....
985                 //
986                 $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
987                 $form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
989                 $template->assign_vars(array(
990                         'USERNAME' => $username,
991                         'EMAIL' => $email,
992                         'YIM' => $yim,
993                         'ICQ' => $icq,
994                         'MSN' => $msn,
995                         'AIM' => $aim,
996                         'OCCUPATION' => $occupation,
997                         'INTERESTS' => $interests,
998                         'LOCATION' => $location,
999                         'WEBSITE' => $website,
1000                         'SIGNATURE' => str_replace('<br />', "\n", $signature),
1001                         'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '',
1002                         'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '',
1003                         'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '',
1004                         'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '',
1005                         'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '',
1006                         'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '',
1007                         'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '',
1008                         'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '',
1009                         'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '',
1010                         'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '',
1011                         'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
1012                         'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '',
1013                         'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '',
1014                         'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '',
1015                         'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '',
1016                         'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '',
1017                         'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '',
1018                         'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '',
1019                         'AVATAR' => $avatar,
1020                         'LANGUAGE_SELECT' => language_select($user_lang),
1021                         'TIMEZONE_SELECT' => tz_select($user_timezone),
1022                         'STYLE_SELECT' => style_select($user_style, 'style'),
1023                         'DATE_FORMAT' => $user_dateformat,
1024                         'ALLOW_PM_YES' => ($user_allowpm) ? 'checked="checked"' : '',
1025                         'ALLOW_PM_NO' => (!$user_allowpm) ? 'checked="checked"' : '',
1026                         'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '',
1027                         'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '',
1028                         'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '',
1029                         'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 
1030                         'RANK_SELECT_BOX' => $rank_select_box,
1032                         'L_USERNAME' => $lang['Username'],
1033                         'L_USER_TITLE' => $lang['User_admin'],
1034                         'L_USER_EXPLAIN' => $lang['User_admin_explain'],
1035                         'L_NEW_PASSWORD' => $lang['New_password'], 
1036                         'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'],
1037                         'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
1038                         'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'],
1039                         'L_SUBMIT' => $lang['Submit'],
1040                         'L_RESET' => $lang['Reset'],
1041                         'L_ICQ_NUMBER' => $lang['ICQ'],
1042                         'L_MESSENGER' => $lang['MSNM'],
1043                         'L_YAHOO' => $lang['YIM'],
1044                         'L_WEBSITE' => $lang['Website'],
1045                         'L_AIM' => $lang['AIM'],
1046                         'L_LOCATION' => $lang['Location'],
1047                         'L_OCCUPATION' => $lang['Occupation'],
1048                         'L_BOARD_LANGUAGE' => $lang['Board_lang'],
1049                         'L_BOARD_STYLE' => $lang['Board_style'],
1050                         'L_TIMEZONE' => $lang['Timezone'],
1051                         'L_DATE_FORMAT' => $lang['Date_format'],
1052                         'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'],
1053                         'L_YES' => $lang['Yes'],
1054                         'L_NO' => $lang['No'],
1055                         'L_INTERESTS' => $lang['Interests'],
1056                         'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'],
1057                         'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'],
1058                         'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'],
1059                         'L_HIDE_USER' => $lang['Hide_user'],
1060                         'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
1061                         
1062                         'L_SPECIAL' => $lang['User_special'],
1063                         'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'],
1064                         'L_USER_ACTIVE' => $lang['User_status'],
1065                         'L_ALLOW_PM' => $lang['User_allowpm'],
1066                         'L_ALLOW_AVATAR' => $lang['User_allowavatar'],
1067                         
1068                         'L_AVATAR_PANEL' => $lang['Avatar_panel'],
1069                         'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'],
1070                         'L_DELETE_AVATAR' => $lang['Delete_Image'],
1071                         'L_CURRENT_IMAGE' => $lang['Current_Image'],
1072                         'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'],
1073                         'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'],
1074                         'L_AVATAR_GALLERY' => $lang['Select_from_gallery'],
1075                         'L_SHOW_GALLERY' => $lang['View_avatar_gallery'],
1076                         'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'],
1078                         'L_SIGNATURE' => $lang['Signature'],
1079                         'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars'] ),
1080                         'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'],
1081                         'L_NOTIFY_ON_REPLY' => $lang['Always_notify'],
1082                         'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'],
1083                         'L_PREFERENCES' => $lang['Preferences'],
1084                         'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'],
1085                         'L_ITEMS_REQUIRED' => $lang['Items_required'],
1086                         'L_REGISTRATION_INFO' => $lang['Registration_info'],
1087                         'L_PROFILE_INFO' => $lang['Profile_info'],
1088                         'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
1089                         'L_EMAIL_ADDRESS' => $lang['Email_address'],
1090                         'S_FORM_ENCTYPE' => $form_enctype,
1092                         'HTML_STATUS' => $html_status,
1093                         'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 
1094                         'SMILIES_STATUS' => $smilies_status,
1096                         'L_DELETE_USER' => $lang['User_delete'],
1097                         'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'],
1098                         'L_SELECT_RANK' => $lang['Rank_title'],
1100                         'S_HIDDEN_FIELDS' => $s_hidden_fields,
1101                         'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx"))
1102                 );
1104                 if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) )
1105                 {
1106                         if ( $form_enctype != '' )
1107                         {
1108                                 $template->assign_block_vars('avatar_local_upload', array() );
1109                         }
1110                         $template->assign_block_vars('avatar_remote_upload', array() );
1111                 }
1113                 if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) )
1114                 {
1115                         $template->assign_block_vars('avatar_local_gallery', array() );
1116                 }
1117                 
1118                 if( $board_config['allow_avatar_remote'] == TRUE )
1119                 {
1120                         $template->assign_block_vars('avatar_remote_link', array() );
1121                 }
1122         }
1124         $template->pparse('body');
1126 else
1128         //
1129         // Default user selection box
1130         //
1131         $template->set_filenames(array(
1132                 'body' => 'admin/user_select_body.tpl')
1133         );
1135         $template->assign_vars(array(
1136                 'L_USER_TITLE' => $lang['User_admin'],
1137                 'L_USER_EXPLAIN' => $lang['User_admin_explain'],
1138                 'L_USER_SELECT' => $lang['Select_a_User'],
1139                 'L_LOOK_UP' => $lang['Look_up_user'],
1140                 'L_FIND_USERNAME' => $lang['Find_username'],
1142                 'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"), 
1144                 'S_USER_ACTION' => append_sid("admin_users.$phpEx"),
1145                 'S_USER_SELECT' => $select_list)
1146         );
1147         $template->pparse('body');
1151 include('./page_footer_admin.'.$phpEx);
1153 ?>