Context Navigation

source: branches/rsr.v5.1.dev/web/punbb/profile.php @ 4

Last change on this file since 4 was 3, checked in by dj3c1t, 13 years ago
passage a Fluxbb 1.4.7
File size: 78.5 KB

Rev	Line
[1]	1	<?php
	2
[3]	3	/**
	4	* Copyright (C) 2008-2011 FluxBB
	5	* based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
	6	* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
	7	*/
[1]	8
[3]	9	define('PUN_ROOT', dirname(__FILE__).'/');
	10	require PUN_ROOT.'include/common.php';
[1]	11
[3]	12	// Include UTF-8 function
	13	require PUN_ROOT.'include/utf8/substr_replace.php';
	14	require PUN_ROOT.'include/utf8/ucwords.php'; // utf8_ucwords needs utf8_substr_replace
	15	require PUN_ROOT.'include/utf8/strcasecmp.php';
[1]	16
	17	$action = isset($_GET['action']) ? $_GET['action'] : null;
	18	$section = isset($_GET['section']) ? $_GET['section'] : null;
	19	$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
	20	if ($id < 2)
	21	message($lang_common['Bad request']);
	22
[3]	23	if ($action != 'change_pass' \|\| !isset($_GET['key']))
	24	{
	25	if ($pun_user['g_read_board'] == '0')
	26	message($lang_common['No view']);
	27	else if ($pun_user['g_view_users'] == '0' && ($pun_user['is_guest'] \|\| $pun_user['id'] != $id))
	28	message($lang_common['No permission']);
	29	}
[1]	30
	31	// Load the profile.php/register.php language file
	32	require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';
	33
	34	// Load the profile.php language file
	35	require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php';
	36
	37
	38	if ($action == 'change_pass')
	39	{
	40	if (isset($_GET['key']))
	41	{
	42	// If the user is already logged in we shouldn't be here :)
	43	if (!$pun_user['is_guest'])
	44	{
	45	header('Location: index.php');
	46	exit;
	47	}
	48
	49	$key = $_GET['key'];
	50
[3]	51	$result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error());
	52	$cur_user = $db->fetch_assoc($result);
[1]	53
[3]	54	if ($key == '' \|\| $key != $cur_user['activate_key'])
[1]	55	message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
	56	else
	57	{
[3]	58	$db->query('UPDATE '.$db->prefix.'users SET password=\''.$cur_user['activate_string'].'\', activate_string=NULL, activate_key=NULL'.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
[1]	59
	60	message($lang_profile['Pass updated'], true);
	61	}
	62	}
	63
	64	// Make sure we are allowed to change this users password
	65	if ($pun_user['id'] != $id)
	66	{
[3]	67	if (!$pun_user['is_admmod']) // A regular user trying to change another users password?
[1]	68	message($lang_common['No permission']);
[3]	69	else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users password?
[1]	70	{
[3]	71	$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	72	if (!$db->num_rows($result))
	73	message($lang_common['Bad request']);
	74
[3]	75	list($group_id, $is_moderator) = $db->fetch_row($result);
	76
	77	if ($pun_user['g_mod_edit_users'] == '0' \|\| $pun_user['g_mod_change_passwords'] == '0' \|\| $group_id == PUN_ADMIN \|\| $is_moderator == '1')
[1]	78	message($lang_common['No permission']);
	79	}
	80	}
	81
	82	if (isset($_POST['form_sent']))
	83	{
[3]	84	if ($pun_user['is_admmod'])
	85	confirm_referrer('profile.php');
[1]	86
[3]	87	$old_password = isset($_POST['req_old_password']) ? pun_trim($_POST['req_old_password']) : '';
	88	$new_password1 = pun_trim($_POST['req_new_password1']);
	89	$new_password2 = pun_trim($_POST['req_new_password2']);
	90
[1]	91	if ($new_password1 != $new_password2)
	92	message($lang_prof_reg['Pass not match']);
[3]	93	if (pun_strlen($new_password1) < 4)
[1]	94	message($lang_prof_reg['Pass too short']);
	95
[3]	96	$result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error());
	97	$cur_user = $db->fetch_assoc($result);
[1]	98
	99	$authorized = false;
	100
[3]	101	if (!empty($cur_user['password']))
[1]	102	{
[3]	103	$old_password_hash = pun_hash($old_password);
[1]	104
[3]	105	if ($cur_user['password'] == $old_password_hash \|\| $pun_user['is_admmod'])
[1]	106	$authorized = true;
	107	}
	108
	109	if (!$authorized)
	110	message($lang_profile['Wrong pass']);
	111
	112	$new_password_hash = pun_hash($new_password1);
	113
[3]	114	$db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\''.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
[1]	115
	116	if ($pun_user['id'] == $id)
[3]	117	pun_setcookie($pun_user['id'], $new_password_hash, time() + $pun_config['o_timeout_visit']);
[1]	118
	119	redirect('profile.php?section=essentials&id='.$id, $lang_profile['Pass updated redirect']);
	120	}
	121
[3]	122	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Change pass']);
[1]	123	$required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']);
[3]	124	$focus_element = array('change_pass', ((!$pun_user['is_admmod']) ? 'req_old_password' : 'req_new_password1'));
	125	define('PUN_ACTIVE_PAGE', 'profile');
[1]	126	require PUN_ROOT.'header.php';
	127
	128	?>
	129	<div class="blockform">
	130	<h2><span><?php echo $lang_profile['Change pass'] ?></span></h2>
	131	<div class="box">
	132	<form id="change_pass" method="post" action="profile.php?action=change_pass&id=<?php echo $id ?>" onsubmit="return process_form(this)">
	133	<div class="inform">
	134	<input type="hidden" name="form_sent" value="1" />
	135	<fieldset>
	136	<legend><?php echo $lang_profile['Change pass legend'] ?></legend>
	137	<div class="infldset">
[3]	138	<?php if (!$pun_user['is_admmod']): ?> <label class="required"><strong><?php echo $lang_profile['Old pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
	139	<input type="password" name="req_old_password" size="16" /><br /></label>
	140	<?php endif; ?> <label class="conl required"><strong><?php echo $lang_profile['New pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
	141	<input type="password" name="req_new_password1" size="16" /><br /></label>
	142	<label class="conl required"><strong><?php echo $lang_profile['Confirm new pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
	143	<input type="password" name="req_new_password2" size="16" /><br /></label>
	144	<p class="clearb"><?php echo $lang_profile['Pass info'] ?></p>
[1]	145	</div>
	146	</fieldset>
	147	</div>
[3]	148	<p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	149	</form>
	150	</div>
	151	</div>
	152	<?php
	153
	154	require PUN_ROOT.'footer.php';
	155	}
	156
	157
	158	else if ($action == 'change_email')
	159	{
[3]	160	// Make sure we are allowed to change this users email
[1]	161	if ($pun_user['id'] != $id)
	162	{
[3]	163	if (!$pun_user['is_admmod']) // A regular user trying to change another users email?
[1]	164	message($lang_common['No permission']);
[3]	165	else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users email?
[1]	166	{
[3]	167	$result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	168	if (!$db->num_rows($result))
	169	message($lang_common['Bad request']);
	170
[3]	171	list($group_id, $is_moderator) = $db->fetch_row($result);
	172
	173	if ($pun_user['g_mod_edit_users'] == '0' \|\| $group_id == PUN_ADMIN \|\| $is_moderator == '1')
[1]	174	message($lang_common['No permission']);
	175	}
	176	}
	177
	178	if (isset($_GET['key']))
	179	{
	180	$key = $_GET['key'];
	181
[3]	182	$result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
[1]	183	list($new_email, $new_email_key) = $db->fetch_row($result);
	184
[3]	185	if ($key == '' \|\| $key != $new_email_key)
	186	message($lang_profile['Email key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
[1]	187	else
	188	{
[3]	189	$db->query('UPDATE '.$db->prefix.'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update email address', __FILE__, __LINE__, $db->error());
[1]	190
[3]	191	message($lang_profile['Email updated'], true);
[1]	192	}
	193	}
	194	else if (isset($_POST['form_sent']))
	195	{
	196	if (pun_hash($_POST['req_password']) !== $pun_user['password'])
	197	message($lang_profile['Wrong pass']);
	198
	199	require PUN_ROOT.'include/email.php';
	200
[3]	201	// Validate the email address
[1]	202	$new_email = strtolower(trim($_POST['req_new_email']));
	203	if (!is_valid_email($new_email))
[3]	204	message($lang_common['Invalid email']);
[1]	205
[3]	206	// Check if it's a banned email address
[1]	207	if (is_banned_email($new_email))
	208	{
	209	if ($pun_config['p_allow_banned_email'] == '0')
[3]	210	message($lang_prof_reg['Banned email']);
[1]	211	else if ($pun_config['o_mailing_list'] != '')
	212	{
[3]	213	// Load the "banned email change" template
	214	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/banned_email_change.tpl'));
[1]	215
[3]	216	// The first row contains the subject
	217	$first_crlf = strpos($mail_tpl, "\n");
	218	$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
	219	$mail_message = trim(substr($mail_tpl, $first_crlf));
	220
	221	$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
	222	$mail_message = str_replace('<email>', $new_email, $mail_message);
	223	$mail_message = str_replace('<profile_url>', get_base_url().'/profile.php?id='.$id, $mail_message);
	224	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
	225
[1]	226	pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
	227	}
	228	}
	229
[3]	230	// Check if someone else already has registered with that email address
	231	$result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($new_email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	232	if ($db->num_rows($result))
	233	{
	234	if ($pun_config['p_allow_dupe_email'] == '0')
[3]	235	message($lang_prof_reg['Dupe email']);
[1]	236	else if ($pun_config['o_mailing_list'] != '')
	237	{
	238	while ($cur_dupe = $db->fetch_assoc($result))
	239	$dupe_list[] = $cur_dupe['username'];
	240
[3]	241	// Load the "dupe email change" template
	242	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/dupe_email_change.tpl'));
[1]	243
[3]	244	// The first row contains the subject
	245	$first_crlf = strpos($mail_tpl, "\n");
	246	$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
	247	$mail_message = trim(substr($mail_tpl, $first_crlf));
	248
	249	$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
	250	$mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message);
	251	$mail_message = str_replace('<profile_url>', get_base_url().'/profile.php?id='.$id, $mail_message);
	252	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
	253
[1]	254	pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
	255	}
	256	}
	257
	258
	259	$new_email_key = random_pass(8);
	260
[3]	261	$db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.$db->escape($new_email).'\', activate_key=\''.$new_email_key.'\' WHERE id='.$id) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
[1]	262
[3]	263	// Load the "activate email" template
[1]	264	$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_email.tpl'));
	265
	266	// The first row contains the subject
	267	$first_crlf = strpos($mail_tpl, "\n");
	268	$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
	269	$mail_message = trim(substr($mail_tpl, $first_crlf));
	270
	271	$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
[3]	272	$mail_message = str_replace('<base_url>', get_base_url(), $mail_message);
	273	$mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?action=change_email&id='.$id.'&key='.$new_email_key, $mail_message);
	274	$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
[1]	275
	276	pun_mail($new_email, $mail_subject, $mail_message);
	277
[3]	278	message($lang_profile['Activate email sent'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
[1]	279	}
	280
[3]	281	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Change email']);
	282	$required_fields = array('req_new_email' => $lang_profile['New email'], 'req_password' => $lang_common['Password']);
[1]	283	$focus_element = array('change_email', 'req_new_email');
[3]	284	define('PUN_ACTIVE_PAGE', 'profile');
[1]	285	require PUN_ROOT.'header.php';
	286
	287	?>
	288	<div class="blockform">
[3]	289	<h2><span><?php echo $lang_profile['Change email'] ?></span></h2>
[1]	290	<div class="box">
	291	<form id="change_email" method="post" action="profile.php?action=change_email&id=<?php echo $id ?>" id="change_email" onsubmit="return process_form(this)">
	292	<div class="inform">
	293	<fieldset>
[3]	294	<legend><?php echo $lang_profile['Email legend'] ?></legend>
[1]	295	<div class="infldset">
	296	<input type="hidden" name="form_sent" value="1" />
[3]	297	<label class="required"><strong><?php echo $lang_profile['New email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_new_email" size="50" maxlength="80" /><br /></label>
	298	<label class="required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="16" /><br /></label>
	299	<p><?php echo $lang_profile['Email instructions'] ?></p>
[1]	300	</div>
	301	</fieldset>
	302	</div>
[3]	303	<p class="buttons"><input type="submit" name="new_email" value="<?php echo $lang_common['Submit'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	304	</form>
	305	</div>
	306	</div>
	307	<?php
	308
	309	require PUN_ROOT.'footer.php';
	310	}
	311
	312
	313	else if ($action == 'upload_avatar' \|\| $action == 'upload_avatar2')
	314	{
	315	if ($pun_config['o_avatars'] == '0')
	316	message($lang_profile['Avatars disabled']);
	317
[3]	318	if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
[1]	319	message($lang_common['No permission']);
	320
	321	if (isset($_POST['form_sent']))
	322	{
	323	if (!isset($_FILES['req_file']))
	324	message($lang_profile['No file']);
[3]	325
[1]	326	$uploaded_file = $_FILES['req_file'];
	327
	328	// Make sure the upload went smooth
	329	if (isset($uploaded_file['error']))
	330	{
	331	switch ($uploaded_file['error'])
	332	{
[3]	333	case 1: // UPLOAD_ERR_INI_SIZE
	334	case 2: // UPLOAD_ERR_FORM_SIZE
[1]	335	message($lang_profile['Too large ini']);
	336	break;
	337
[3]	338	case 3: // UPLOAD_ERR_PARTIAL
[1]	339	message($lang_profile['Partial upload']);
	340	break;
	341
[3]	342	case 4: // UPLOAD_ERR_NO_FILE
[1]	343	message($lang_profile['No file']);
	344	break;
	345
[3]	346	case 6: // UPLOAD_ERR_NO_TMP_DIR
[1]	347	message($lang_profile['No tmp directory']);
	348	break;
	349
	350	default:
	351	// No error occured, but was something actually uploaded?
	352	if ($uploaded_file['size'] == 0)
	353	message($lang_profile['No file']);
	354	break;
	355	}
	356	}
	357
	358	if (is_uploaded_file($uploaded_file['tmp_name']))
	359	{
[3]	360	// Preliminary file check, adequate in most cases
[1]	361	$allowed_types = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png', 'image/x-png');
	362	if (!in_array($uploaded_file['type'], $allowed_types))
	363	message($lang_profile['Bad type']);
	364
	365	// Make sure the file isn't too big
	366	if ($uploaded_file['size'] > $pun_config['o_avatars_size'])
[3]	367	message($lang_profile['Too large'].' '.forum_number_format($pun_config['o_avatars_size']).' '.$lang_profile['bytes'].'.');
[1]	368
[3]	369	// Move the file to the avatar directory. We do this before checking the width/height to circumvent open_basedir restrictions
	370	if (!@move_uploaded_file($uploaded_file['tmp_name'], PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp'))
	371	message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
	372
	373	list($width, $height, $type,) = @getimagesize(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp');
	374
[1]	375	// Determine type
[3]	376	if ($type == IMAGETYPE_GIF)
	377	$extension = '.gif';
	378	else if ($type == IMAGETYPE_JPEG)
	379	$extension = '.jpg';
	380	else if ($type == IMAGETYPE_PNG)
	381	$extension = '.png';
[1]	382	else
[3]	383	{
	384	// Invalid type
	385	@unlink(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp');
	386	message($lang_profile['Bad type']);
	387	}
[1]	388
	389	// Now check the width/height
	390	if (empty($width) \|\| empty($height) \|\| $width > $pun_config['o_avatars_width'] \|\| $height > $pun_config['o_avatars_height'])
	391	{
[3]	392	@unlink(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp');
[1]	393	message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');
	394	}
	395
	396	// Delete any old avatars and put the new one in place
[3]	397	delete_avatar($id);
	398	@rename(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp', PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.$extension);
	399	@chmod(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.$extension, 0644);
[1]	400	}
	401	else
	402	message($lang_profile['Unknown failure']);
	403
	404	redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar upload redirect']);
	405	}
	406
[3]	407	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Upload avatar']);
[1]	408	$required_fields = array('req_file' => $lang_profile['File']);
	409	$focus_element = array('upload_avatar', 'req_file');
[3]	410	define('PUN_ACTIVE_PAGE', 'profile');
[1]	411	require PUN_ROOT.'header.php';
	412
	413	?>
	414	<div class="blockform">
	415	<h2><span><?php echo $lang_profile['Upload avatar'] ?></span></h2>
	416	<div class="box">
	417	<form id="upload_avatar" method="post" enctype="multipart/form-data" action="profile.php?action=upload_avatar2&id=<?php echo $id ?>" onsubmit="return process_form(this)">
	418	<div class="inform">
	419	<fieldset>
	420	<legend><?php echo $lang_profile['Upload avatar legend'] ?></legend>
	421	<div class="infldset">
	422	<input type="hidden" name="form_sent" value="1" />
	423	<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $pun_config['o_avatars_size'] ?>" />
[3]	424	<label class="required"><strong><?php echo $lang_profile['File'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input name="req_file" type="file" size="40" /><br /></label>
	425	<p><?php echo $lang_profile['Avatar desc'].' '.$pun_config['o_avatars_width'].' x '.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].' '.$lang_common['and'].' '.forum_number_format($pun_config['o_avatars_size']).' '.$lang_profile['bytes'].' ('.file_size($pun_config['o_avatars_size']).').' ?></p>
[1]	426	</div>
	427	</fieldset>
	428	</div>
[3]	429	<p class="buttons"><input type="submit" name="upload" value="<?php echo $lang_profile['Upload'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	430	</form>
	431	</div>
	432	</div>
	433	<?php
	434
	435	require PUN_ROOT.'footer.php';
	436	}
	437
	438
	439	else if ($action == 'delete_avatar')
	440	{
[3]	441	if ($pun_user['id'] != $id && !$pun_user['is_admmod'])
[1]	442	message($lang_common['No permission']);
	443
	444	confirm_referrer('profile.php');
	445
[3]	446	delete_avatar($id);
[1]	447
	448	redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar deleted redirect']);
	449	}
	450
	451
	452	else if (isset($_POST['update_group_membership']))
	453	{
	454	if ($pun_user['g_id'] > PUN_ADMIN)
	455	message($lang_common['No permission']);
	456
	457	confirm_referrer('profile.php');
	458
	459	$new_group_id = intval($_POST['group_id']);
	460
[3]	461	$db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group_id.' WHERE id='.$id) or error('Unable to change user group', __FILE__, __LINE__, $db->error());
[1]	462
[3]	463	// Regenerate the users info cache
	464	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
	465	require PUN_ROOT.'include/cache.php';
	466
	467	generate_users_info_cache();
	468
	469	$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$new_group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error());
	470	$new_group_mod = $db->result($result);
	471
[1]	472	// If the user was a moderator or an administrator, we remove him/her from the moderator list in all forums as well
[3]	473	if ($new_group_id != PUN_ADMIN && $new_group_mod != '1')
[1]	474	{
[3]	475	$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
[1]	476
	477	while ($cur_forum = $db->fetch_assoc($result))
	478	{
	479	$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
	480
	481	if (in_array($id, $cur_moderators))
	482	{
	483	$username = array_search($id, $cur_moderators);
	484	unset($cur_moderators[$username]);
	485	$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
	486
[3]	487	$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
[1]	488	}
	489	}
	490	}
	491
	492	redirect('profile.php?section=admin&id='.$id, $lang_profile['Group membership redirect']);
	493	}
	494
	495
	496	else if (isset($_POST['update_forums']))
	497	{
	498	if ($pun_user['g_id'] > PUN_ADMIN)
	499	message($lang_common['No permission']);
	500
	501	confirm_referrer('profile.php');
	502
	503	// Get the username of the user we are processing
[3]	504	$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	505	$username = $db->result($result);
	506
	507	$moderator_in = (isset($_POST['moderator_in'])) ? array_keys($_POST['moderator_in']) : array();
	508
	509	// Loop through all forums
[3]	510	$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
[1]	511
	512	while ($cur_forum = $db->fetch_assoc($result))
	513	{
	514	$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
	515	// If the user should have moderator access (and he/she doesn't already have it)
	516	if (in_array($cur_forum['id'], $moderator_in) && !in_array($id, $cur_moderators))
	517	{
	518	$cur_moderators[$username] = $id;
[3]	519	uksort($cur_moderators, 'utf8_strcasecmp');
[1]	520
[3]	521	$db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
[1]	522	}
	523	// If the user shouldn't have moderator access (and he/she already has it)
	524	else if (!in_array($cur_forum['id'], $moderator_in) && in_array($id, $cur_moderators))
	525	{
	526	unset($cur_moderators[$username]);
	527	$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
	528
[3]	529	$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
[1]	530	}
	531	}
	532
	533	redirect('profile.php?section=admin&id='.$id, $lang_profile['Update forums redirect']);
	534	}
	535
	536
	537	else if (isset($_POST['ban']))
	538	{
[3]	539	if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' \|\| $pun_user['g_mod_ban_users'] == '0'))
[1]	540	message($lang_common['No permission']);
	541
[3]	542	// Get the username of the user we are banning
	543	$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch username', __FILE__, __LINE__, $db->error());
	544	$username = $db->result($result);
	545
	546	// Check whether user is already banned
	547	$result = $db->query('SELECT id FROM '.$db->prefix.'bans WHERE username = \''.$db->escape($username).'\' ORDER BY expire IS NULL DESC, expire DESC LIMIT 1') or error('Unable to fetch ban ID', __FILE__, __LINE__, $db->error());
	548	if ($db->num_rows($result))
	549	{
	550	$ban_id = $db->result($result);
	551	redirect('admin_bans.php?edit_ban='.$ban_id.'&exists', $lang_profile['Ban redirect']);
	552	}
	553	else
	554	redirect('admin_bans.php?add_ban='.$id, $lang_profile['Ban redirect']);
[1]	555	}
	556
	557
	558	else if (isset($_POST['delete_user']) \|\| isset($_POST['delete_user_comply']))
	559	{
	560	if ($pun_user['g_id'] > PUN_ADMIN)
	561	message($lang_common['No permission']);
	562
	563	confirm_referrer('profile.php');
	564
	565	// Get the username and group of the user we are deleting
[3]	566	$result = $db->query('SELECT group_id, username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	567	list($group_id, $username) = $db->fetch_row($result);
	568
[3]	569	if ($group_id == PUN_ADMIN)
	570	message($lang_profile['No delete admin message']);
	571
[1]	572	if (isset($_POST['delete_user_comply']))
	573	{
	574	// If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well
[3]	575	$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error());
	576	$group_mod = $db->result($result);
	577
	578	if ($group_id == PUN_ADMIN \|\| $group_mod == '1')
[1]	579	{
[3]	580	$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
[1]	581
	582	while ($cur_forum = $db->fetch_assoc($result))
	583	{
	584	$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
	585
	586	if (in_array($id, $cur_moderators))
	587	{
	588	unset($cur_moderators[$username]);
	589	$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
	590
[3]	591	$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
[1]	592	}
	593	}
	594	}
	595
	596	// Delete any subscriptions
[3]	597	$db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$id) or error('Unable to delete topic subscriptions', __FILE__, __LINE__, $db->error());
	598	$db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$id) or error('Unable to delete forum subscriptions', __FILE__, __LINE__, $db->error());
[1]	599
	600	// Remove him/her from the online list (if they happen to be logged in)
[3]	601	$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$id) or error('Unable to remove user from online list', __FILE__, __LINE__, $db->error());
[1]	602
	603	// Should we delete all posts made by this user?
	604	if (isset($_POST['delete_posts']))
	605	{
	606	require PUN_ROOT.'include/search_idx.php';
	607	@set_time_limit(0);
	608
	609	// Find all posts made by this user
[3]	610	$result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id='.$id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
[1]	611	if ($db->num_rows($result))
	612	{
	613	while ($cur_post = $db->fetch_assoc($result))
	614	{
	615	// Determine whether this post is the "topic post" or not
[3]	616	$result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
[1]	617
	618	if ($db->result($result2) == $cur_post['id'])
	619	delete_topic($cur_post['topic_id']);
	620	else
	621	delete_post($cur_post['id'], $cur_post['topic_id']);
	622
	623	update_forum($cur_post['forum_id']);
	624	}
	625	}
	626	}
	627	else
	628	// Set all his/her posts to guest
[3]	629	$db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error());
[1]	630
	631	// Delete the user
[3]	632	$db->query('DELETE FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to delete user', __FILE__, __LINE__, $db->error());
[1]	633
[3]	634	// Delete user avatar
	635	delete_avatar($id);
	636
	637	// Regenerate the users info cache
	638	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
	639	require PUN_ROOT.'include/cache.php';
	640
	641	generate_users_info_cache();
	642
[1]	643	redirect('index.php', $lang_profile['User delete redirect']);
	644	}
	645
[3]	646	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Confirm delete user']);
	647	define('PUN_ACTIVE_PAGE', 'profile');
[1]	648	require PUN_ROOT.'header.php';
	649
	650	?>
	651	<div class="blockform">
	652	<h2><span><?php echo $lang_profile['Confirm delete user'] ?></span></h2>
	653	<div class="box">
	654	<form id="confirm_del_user" method="post" action="profile.php?id=<?php echo $id ?>">
	655	<div class="inform">
	656	<fieldset>
	657	<legend><?php echo $lang_profile['Confirm delete legend'] ?></legend>
	658	<div class="infldset">
[3]	659	<p><?php echo $lang_profile['Confirmation info'].' <strong>'.pun_htmlspecialchars($username).'</strong>.' ?></p>
[1]	660	<div class="rbox">
	661	<label><input type="checkbox" name="delete_posts" value="1" checked="checked" /><?php echo $lang_profile['Delete posts'] ?><br /></label>
	662	</div>
	663	<p class="warntext"><strong><?php echo $lang_profile['Delete warning'] ?></strong></p>
	664	</div>
	665	</fieldset>
	666	</div>
[3]	667	<p class="buttons"><input type="submit" name="delete_user_comply" value="<?php echo $lang_profile['Delete'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
[1]	668	</form>
	669	</div>
	670	</div>
	671	<?php
	672
	673	require PUN_ROOT.'footer.php';
	674	}
	675
	676
	677	else if (isset($_POST['form_sent']))
	678	{
	679	// Fetch the user group of the user we are editing
[3]	680	$result = $db->query('SELECT u.username, u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	681	if (!$db->num_rows($result))
	682	message($lang_common['Bad request']);
	683
[3]	684	list($old_username, $group_id, $is_moderator) = $db->fetch_row($result);
[1]	685
[3]	686	if ($pun_user['id'] != $id && // If we arent the user (i.e. editing your own profile)
	687	(!$pun_user['is_admmod'] \|\| // and we are not an admin or mod
	688	($pun_user['g_id'] != PUN_ADMIN && // or we aren't an admin and ...
	689	($pun_user['g_mod_edit_users'] == '0' \|\| // mods aren't allowed to edit users
	690	$group_id == PUN_ADMIN \|\| // or the user is an admin
	691	$is_moderator)))) // or the user is another mod
[1]	692	message($lang_common['No permission']);
	693
[3]	694	if ($pun_user['is_admmod'])
[1]	695	confirm_referrer('profile.php');
	696
	697	$username_updated = false;
	698
	699	// Validate input depending on section
	700	switch ($section)
	701	{
	702	case 'essentials':
	703	{
[3]	704	$form = array(
	705	'timezone' => floatval($_POST['form']['timezone']),
	706	'dst' => isset($_POST['form']['dst']) ? '1' : '0',
	707	'time_format' => intval($_POST['form']['time_format']),
	708	'date_format' => intval($_POST['form']['date_format']),
	709	);
[1]	710
[3]	711	// Make sure we got a valid language string
	712	if (isset($_POST['form']['language']))
[1]	713	{
[3]	714	$languages = forum_list_langs();
	715	$form['language'] = pun_trim($_POST['form']['language']);
	716	if (!in_array($form['language'], $languages))
	717	message($lang_common['Bad request']);
	718	}
[1]	719
[3]	720	if ($pun_user['is_admmod'])
	721	{
	722	$form['admin_note'] = pun_trim($_POST['admin_note']);
	723
[1]	724	// Are we allowed to change usernames?
[3]	725	if ($pun_user['g_id'] == PUN_ADMIN \|\| ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_rename_users'] == '1'))
[1]	726	{
[3]	727	$form['username'] = pun_trim($_POST['req_username']);
[1]	728
[3]	729	if ($form['username'] != $old_username)
	730	{
	731	// Check username
	732	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
[1]	733
[3]	734	$errors = array();
	735	check_username($form['username'], $id);
	736	if (!empty($errors))
	737	message($errors[0]);
[1]	738
	739	$username_updated = true;
[3]	740	}
[1]	741	}
	742
	743	// We only allow administrators to update the post count
	744	if ($pun_user['g_id'] == PUN_ADMIN)
	745	$form['num_posts'] = intval($_POST['num_posts']);
	746	}
	747
[3]	748	if ($pun_config['o_regs_verify'] == '0' \|\| $pun_user['is_admmod'])
[1]	749	{
	750	require PUN_ROOT.'include/email.php';
	751
[3]	752	// Validate the email address
[1]	753	$form['email'] = strtolower(trim($_POST['req_email']));
	754	if (!is_valid_email($form['email']))
[3]	755	message($lang_common['Invalid email']);
[1]	756	}
[3]	757
[1]	758	break;
	759	}
	760
	761	case 'personal':
	762	{
[3]	763	$form = array(
	764	'realname' => pun_trim($_POST['form']['realname']),
	765	'url' => pun_trim($_POST['form']['url']),
	766	'location' => pun_trim($_POST['form']['location']),
	767	);
[1]	768
[3]	769	// Add http:// if the URL doesn't contain it already (while allowing https://, too)
	770	if ($form['url'] != '')
	771	{
	772	$url = url_valid($form['url']);
	773
	774	if ($url === false)
	775	message($lang_profile['Invalid website URL']);
	776
	777	$form['url'] = $url['url'];
	778	}
	779
[1]	780	if ($pun_user['g_id'] == PUN_ADMIN)
[3]	781	$form['title'] = pun_trim($_POST['title']);
[1]	782	else if ($pun_user['g_set_title'] == '1')
	783	{
[3]	784	$form['title'] = pun_trim($_POST['title']);
[1]	785
	786	if ($form['title'] != '')
	787	{
	788	// A list of words that the title may not contain
	789	// If the language is English, there will be some duplicates, but it's not the end of the world
[3]	790	$forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest']));
[1]	791
[3]	792	if (in_array(utf8_strtolower($form['title']), $forbidden))
[1]	793	message($lang_profile['Forbidden title']);
	794	}
	795	}
	796
	797	break;
	798	}
	799
	800	case 'messaging':
	801	{
[3]	802	$form = array(
	803	'jabber' => pun_trim($_POST['form']['jabber']),
	804	'icq' => pun_trim($_POST['form']['icq']),
	805	'msn' => pun_trim($_POST['form']['msn']),
	806	'aim' => pun_trim($_POST['form']['aim']),
	807	'yahoo' => pun_trim($_POST['form']['yahoo']),
	808	);
[1]	809
	810	// If the ICQ UIN contains anything other than digits it's invalid
[3]	811	if (preg_match('%[^0-9]%', $form['icq']))
[1]	812	message($lang_prof_reg['Bad ICQ']);
	813
	814	break;
	815	}
	816
	817	case 'personality':
	818	{
[3]	819	$form = array();
[1]	820
	821	// Clean up signature from POST
[3]	822	if ($pun_config['o_signatures'] == '1')
	823	{
	824	$form['signature'] = pun_linebreaks(pun_trim($_POST['signature']));
[1]	825
[3]	826	// Validate signature
	827	if (pun_strlen($form['signature']) > $pun_config['p_sig_length'])
	828	message(sprintf($lang_prof_reg['Sig too long'], $pun_config['p_sig_length'], pun_strlen($form['signature']) - $pun_config['p_sig_length']));
	829	else if (substr_count($form['signature'], "\n") > ($pun_config['p_sig_lines']-1))
	830	message(sprintf($lang_prof_reg['Sig too many lines'], $pun_config['p_sig_lines']));
	831	else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$pun_user['is_admmod'])
	832	$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
[1]	833
[3]	834	// Validate BBCode syntax
	835	if ($pun_config['p_sig_bbcode'] == '1')
	836	{
	837	require PUN_ROOT.'include/parser.php';
	838
	839	$errors = array();
	840
	841	$form['signature'] = preparse_bbcode($form['signature'], $errors, true);
	842
	843	if(count($errors) > 0)
	844	message('<ul><li>'.implode('</li><li>', $errors).'</li></ul>');
	845	}
[1]	846	}
	847
	848	break;
	849	}
	850
	851	case 'display':
	852	{
[3]	853	$form = array(
	854	'disp_topics' => pun_trim($_POST['form']['disp_topics']),
	855	'disp_posts' => pun_trim($_POST['form']['disp_posts']),
	856	'show_smilies' => isset($_POST['form']['show_smilies']) ? '1' : '0',
	857	'show_img' => isset($_POST['form']['show_img']) ? '1' : '0',
	858	'show_img_sig' => isset($_POST['form']['show_img_sig']) ? '1' : '0',
	859	'show_avatars' => isset($_POST['form']['show_avatars']) ? '1' : '0',
	860	'show_sig' => isset($_POST['form']['show_sig']) ? '1' : '0',
	861	);
[1]	862
[3]	863	if ($form['disp_topics'] != '')
	864	{
	865	$form['disp_topics'] = intval($form['disp_topics']);
	866	if ($form['disp_topics'] < 3)
	867	$form['disp_topics'] = 3;
	868	else if ($form['disp_topics'] > 75)
	869	$form['disp_topics'] = 75;
	870	}
[1]	871
[3]	872	if ($form['disp_posts'] != '')
	873	{
	874	$form['disp_posts'] = intval($form['disp_posts']);
	875	if ($form['disp_posts'] < 3)
	876	$form['disp_posts'] = 3;
	877	else if ($form['disp_posts'] > 75)
	878	$form['disp_posts'] = 75;
	879	}
[1]	880
[3]	881	// Make sure we got a valid style string
	882	if (isset($_POST['form']['style']))
	883	{
	884	$styles = forum_list_styles();
	885	$form['style'] = pun_trim($_POST['form']['style']);
	886	if (!in_array($form['style'], $styles))
	887	message($lang_common['Bad request']);
	888	}
	889
[1]	890	break;
	891	}
	892
	893	case 'privacy':
	894	{
[3]	895	$form = array(
	896	'email_setting' => intval($_POST['form']['email_setting']),
	897	'notify_with_post' => isset($_POST['form']['notify_with_post']) ? '1' : '0',
	898	'auto_notify' => isset($_POST['form']['auto_notify']) ? '1' : '0',
	899	);
[1]	900
[3]	901	if ($form['email_setting'] < 0 \|\| $form['email_setting'] > 2)
	902	$form['email_setting'] = $pun_config['o_default_email_setting'];
[1]	903
	904	break;
	905	}
	906
	907	default:
	908	message($lang_common['Bad request']);
	909	}
	910
	911
[3]	912	// Single quotes around non-empty values and NULL for empty values
[1]	913	$temp = array();
[3]	914	foreach ($form as $key => $input)
[1]	915	{
	916	$value = ($input !== '') ? '\''.$db->escape($input).'\'' : 'NULL';
	917
	918	$temp[] = $key.'='.$value;
	919	}
	920
	921	if (empty($temp))
	922	message($lang_common['Bad request']);
	923
[3]	924
	925	$db->query('UPDATE '.$db->prefix.'users SET '.implode(',', $temp).' WHERE id='.$id) or error('Unable to update profile', __FILE__, __LINE__, $db->error());
	926
[1]	927	// If we changed the username we have to update some stuff
	928	if ($username_updated)
	929	{
	930	$db->query('UPDATE '.$db->prefix.'posts SET poster=\''.$db->escape($form['username']).'\' WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error());
[3]	931	$db->query('UPDATE '.$db->prefix.'posts SET edited_by=\''.$db->escape($form['username']).'\' WHERE edited_by=\''.$db->escape($old_username).'\'') or error('Unable to update posts', __FILE__, __LINE__, $db->error());
	932	$db->query('UPDATE '.$db->prefix.'topics SET poster=\''.$db->escape($form['username']).'\' WHERE poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error());
	933	$db->query('UPDATE '.$db->prefix.'topics SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error());
	934	$db->query('UPDATE '.$db->prefix.'forums SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update forums', __FILE__, __LINE__, $db->error());
	935	$db->query('UPDATE '.$db->prefix.'online SET ident=\''.$db->escape($form['username']).'\' WHERE ident=\''.$db->escape($old_username).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());
[1]	936
	937	// If the user is a moderator or an administrator we have to update the moderator lists
	938	$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
	939	$group_id = $db->result($result);
	940
[3]	941	$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error());
	942	$group_mod = $db->result($result);
	943
	944	if ($group_id == PUN_ADMIN \|\| $group_mod == '1')
[1]	945	{
[3]	946	$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
[1]	947
	948	while ($cur_forum = $db->fetch_assoc($result))
	949	{
	950	$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
	951
	952	if (in_array($id, $cur_moderators))
	953	{
	954	unset($cur_moderators[$old_username]);
	955	$cur_moderators[$form['username']] = $id;
[3]	956	uksort($cur_moderators, 'utf8_strcasecmp');
[1]	957
[3]	958	$db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
[1]	959	}
	960	}
	961	}
[3]	962
	963	// Regenerate the users info cache
	964	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
	965	require PUN_ROOT.'include/cache.php';
	966
	967	generate_users_info_cache();
[1]	968	}
	969
	970	redirect('profile.php?section='.$section.'&id='.$id, $lang_profile['Profile redirect']);
	971	}
	972
	973
[3]	974	$result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.notify_with_post, u.auto_notify, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.dst, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, u.date_format, u.time_format, u.last_visit, g.g_id, g.g_user_title, g.g_moderator FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
[1]	975	if (!$db->num_rows($result))
	976	message($lang_common['Bad request']);
	977
	978	$user = $db->fetch_assoc($result);
	979
	980	$last_post = format_time($user['last_post']);
	981
	982	if ($user['signature'] != '')
	983	{
	984	require PUN_ROOT.'include/parser.php';
	985	$parsed_signature = parse_signature($user['signature']);
	986	}
	987
	988
	989	// View or edit?
[3]	990	if ($pun_user['id'] != $id && // If we arent the user (i.e. editing your own profile)
	991	(!$pun_user['is_admmod'] \|\| // and we are not an admin or mod
	992	($pun_user['g_id'] != PUN_ADMIN && // or we aren't an admin and ...
	993	($pun_user['g_mod_edit_users'] == '0' \|\| // mods aren't allowed to edit users
	994	$user['g_id'] == PUN_ADMIN \|\| // or the user is an admin
	995	$user['g_moderator'] == '1')))) // or the user is another mod
[1]	996	{
[3]	997	$user_personal = array();
[1]	998
[3]	999	$user_personal[] = '<dt>'.$lang_common['Username'].'</dt>';
	1000	$user_personal[] = '<dd>'.pun_htmlspecialchars($user['username']).'</dd>';
	1001
[1]	1002	$user_title_field = get_title($user);
[3]	1003	$user_personal[] = '<dt>'.$lang_common['Title'].'</dt>';
	1004	$user_personal[] = '<dd>'.(($pun_config['o_censoring'] == '1') ? censor_words($user_title_field) : $user_title_field).'</dd>';
[1]	1005
[3]	1006	if ($user['realname'] != '')
[1]	1007	{
[3]	1008	$user_personal[] = '<dt>'.$lang_profile['Realname'].'</dt>';
	1009	$user_personal[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['realname']) : $user['realname']).'</dd>';
	1010	}
[1]	1011
[3]	1012	if ($user['location'] != '')
	1013	{
	1014	$user_personal[] = '<dt>'.$lang_profile['Location'].'</dt>';
	1015	$user_personal[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['location']) : $user['location']).'</dd>';
	1016	}
[1]	1017
[3]	1018	if ($user['url'] != '')
	1019	{
	1020	$user['url'] = pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['url']) : $user['url']);
	1021	$user_personal[] = '<dt>'.$lang_profile['Website'].'</dt>';
	1022	$user_personal[] = '<dd><span class="website"><a href="'.$user['url'].'">'.$user['url'].'</a></span></dd>';
[1]	1023	}
[3]	1024
	1025	if ($user['email_setting'] == '0' && !$pun_user['is_guest'] && $pun_user['g_send_email'] == '1')
	1026	$email_field = '<a href="mailto:'.$user['email'].'">'.$user['email'].'</a>';
	1027	else if ($user['email_setting'] == '1' && !$pun_user['is_guest'] && $pun_user['g_send_email'] == '1')
	1028	$email_field = '<a href="misc.php?email='.$id.'">'.$lang_common['Send email'].'</a>';
[1]	1029	else
[3]	1030	$email_field = '';
	1031	if ($email_field != '')
	1032	{
	1033	$user_personal[] = '<dt>'.$lang_common['Email'].'</dt>';
	1034	$user_personal[] = '<dd><span class="email">'.$email_field.'</span></dd>';
	1035	}
[1]	1036
[3]	1037	$user_messaging = array();
	1038
	1039	if ($user['jabber'] != '')
	1040	{
	1041	$user_messaging[] = '<dt>'.$lang_profile['Jabber'].'</dt>';
	1042	$user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['jabber']) : $user['jabber']).'</dd>';
	1043	}
	1044
	1045	if ($user['icq'] != '')
	1046	{
	1047	$user_messaging[] = '<dt>'.$lang_profile['ICQ'].'</dt>';
	1048	$user_messaging[] = '<dd>'.$user['icq'].'</dd>';
	1049	}
	1050
	1051	if ($user['msn'] != '')
	1052	{
	1053	$user_messaging[] = '<dt>'.$lang_profile['MSN'].'</dt>';
	1054	$user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['msn']) : $user['msn']).'</dd>';
	1055	}
	1056
	1057	if ($user['aim'] != '')
	1058	{
	1059	$user_messaging[] = '<dt>'.$lang_profile['AOL IM'].'</dt>';
	1060	$user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['aim']) : $user['aim']).'</dd>';
	1061	}
	1062
	1063	if ($user['yahoo'] != '')
	1064	{
	1065	$user_messaging[] = '<dt>'.$lang_profile['Yahoo'].'</dt>';
	1066	$user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['yahoo']) : $user['yahoo']).'</dd>';
	1067	}
	1068
	1069	$user_personality = array();
	1070
[1]	1071	if ($pun_config['o_avatars'] == '1')
	1072	{
[3]	1073	$avatar_field = generate_avatar_markup($id);
	1074	if ($avatar_field != '')
[1]	1075	{
[3]	1076	$user_personality[] = '<dt>'.$lang_profile['Avatar'].'</dt>';
	1077	$user_personality[] = '<dd>'.$avatar_field.'</dd>';
[1]	1078	}
	1079	}
	1080
[3]	1081	if ($pun_config['o_signatures'] == '1')
	1082	{
	1083	if (isset($parsed_signature))
	1084	{
	1085	$user_personality[] = '<dt>'.$lang_profile['Signature'].'</dt>';
	1086	$user_personality[] = '<dd><div class="postsignature postmsg">'.$parsed_signature.'</div></dd>';
	1087	}
	1088	}
	1089
	1090	$user_activity = array();
	1091
[1]	1092	$posts_field = '';
[3]	1093	if ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['is_admmod'])
	1094	$posts_field = forum_number_format($user['num_posts']);
[1]	1095	if ($pun_user['g_search'] == '1')
[3]	1096	{
	1097	$quick_searches = array();
	1098	if ($user['num_posts'] > 0)
	1099	{
	1100	$quick_searches[] = '<a href="search.php?action=show_user_topics&user_id='.$id.'">'.$lang_profile['Show topics'].'</a>';
	1101	$quick_searches[] = '<a href="search.php?action=show_user_posts&user_id='.$id.'">'.$lang_profile['Show posts'].'</a>';
	1102	}
	1103	if ($pun_user['is_admmod'] && $pun_config['o_topic_subscriptions'] == '1')
	1104	$quick_searches[] = '<a href="search.php?action=show_subscriptions&user_id='.$id.'">'.$lang_profile['Show subscriptions'].'</a>';
[1]	1105
[3]	1106	if (!empty($quick_searches))
	1107	$posts_field .= (($posts_field != '') ? ' - ' : '').implode(' - ', $quick_searches);
	1108	}
	1109	if ($posts_field != '')
	1110	{
	1111	$user_activity[] = '<dt>'.$lang_common['Posts'].'</dt>';
	1112	$user_activity[] = '<dd>'.$posts_field.'</dd>';
	1113	}
	1114
	1115	if ($user['num_posts'] > 0)
	1116	{
	1117	$user_activity[] = '<dt>'.$lang_common['Last post'].'</dt>';
	1118	$user_activity[] = '<dd>'.$last_post.'</dd>';
	1119	}
	1120
	1121	$user_activity[] = '<dt>'.$lang_common['Registered'].'</dt>';
	1122	$user_activity[] = '<dd>'.format_time($user['registered'], true).'</dd>';
	1123
	1124	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), sprintf($lang_profile['Users profile'], pun_htmlspecialchars($user['username'])));
[1]	1125	define('PUN_ALLOW_INDEX', 1);
[3]	1126	define('PUN_ACTIVE_PAGE', 'index');
[1]	1127	require PUN_ROOT.'header.php';
	1128
	1129	?>
	1130	<div id="viewprofile" class="block">
	1131	<h2><span><?php echo $lang_common['Profile'] ?></span></h2>
	1132	<div class="box">
	1133	<div class="fakeform">
	1134	<div class="inform">
	1135	<fieldset>
	1136	<legend><?php echo $lang_profile['Section personal'] ?></legend>
	1137	<div class="infldset">
	1138	<dl>
[3]	1139	<?php echo implode("\n\t\t\t\t\t\t\t", $user_personal)."\n" ?>
[1]	1140	</dl>
	1141	<div class="clearer"></div>
	1142	</div>
	1143	</fieldset>
	1144	</div>
[3]	1145	<?php if (!empty($user_messaging)): ?> <div class="inform">
[1]	1146	<fieldset>
	1147	<legend><?php echo $lang_profile['Section messaging'] ?></legend>
	1148	<div class="infldset">
	1149	<dl>
[3]	1150	<?php echo implode("\n\t\t\t\t\t\t\t", $user_messaging)."\n" ?>
[1]	1151	</dl>
	1152	<div class="clearer"></div>
	1153	</div>
	1154	</fieldset>
	1155	</div>
[3]	1156	<?php endif; if (!empty($user_personality)): ?> <div class="inform">
[1]	1157	<fieldset>
	1158	<legend><?php echo $lang_profile['Section personality'] ?></legend>
	1159	<div class="infldset">
	1160	<dl>
[3]	1161	<?php echo implode("\n\t\t\t\t\t\t\t", $user_personality)."\n" ?>
[1]	1162	</dl>
	1163	<div class="clearer"></div>
	1164	</div>
	1165	</fieldset>
	1166	</div>
[3]	1167	<?php endif; ?> <div class="inform">
[1]	1168	<fieldset>
	1169	<legend><?php echo $lang_profile['User activity'] ?></legend>
	1170	<div class="infldset">
	1171	<dl>
[3]	1172	<?php echo implode("\n\t\t\t\t\t\t\t", $user_activity)."\n" ?>
[1]	1173	</dl>
	1174	<div class="clearer"></div>
	1175	</div>
	1176	</fieldset>
	1177	</div>
	1178	</div>
	1179	</div>
	1180	</div>
	1181
	1182	<?php
	1183
	1184	require PUN_ROOT.'footer.php';
	1185	}
	1186	else
	1187	{
	1188	if (!$section \|\| $section == 'essentials')
	1189	{
[3]	1190	if ($pun_user['is_admmod'])
[1]	1191	{
[3]	1192	if ($pun_user['g_id'] == PUN_ADMIN \|\| $pun_user['g_mod_rename_users'] == '1')
	1193	$username_field = '<label class="required"><strong>'.$lang_common['Username'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25" /><br /></label>'."\n";
[1]	1194	else
[3]	1195	$username_field = '<p>'.sprintf($lang_profile['Username info'], pun_htmlspecialchars($user['username'])).'</p>'."\n";
[1]	1196
[3]	1197	$email_field = '<label class="required"><strong>'.$lang_common['Email'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="80" /><br /></label><p><span class="email"><a href="misc.php?email='.$id.'">'.$lang_common['Send email'].'</a></span></p>'."\n";
[1]	1198	}
	1199	else
	1200	{
	1201	$username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n";
	1202
	1203	if ($pun_config['o_regs_verify'] == '1')
[3]	1204	$email_field = '<p>'.sprintf($lang_profile['Email info'], $user['email'].' - <a href="profile.php?action=change_email&id='.$id.'">'.$lang_profile['Change email'].'</a>').'</p>'."\n";
[1]	1205	else
[3]	1206	$email_field = '<label class="required"><strong>'.$lang_common['Email'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="80" /><br /></label>'."\n";
[1]	1207	}
	1208
[3]	1209	$posts_field = '';
	1210	$posts_actions = array();
	1211
[1]	1212	if ($pun_user['g_id'] == PUN_ADMIN)
[3]	1213	$posts_field .= '<label>'.$lang_common['Posts'].'<br /><input type="text" name="num_posts" value="'.$user['num_posts'].'" size="8" maxlength="8" /><br /></label>';
	1214	else if ($pun_config['o_show_post_count'] == '1' \|\| $pun_user['is_admmod'])
	1215	$posts_actions[] = sprintf($lang_profile['Posts info'], forum_number_format($user['num_posts']));
[1]	1216
[3]	1217	if ($pun_user['g_search'] == '1' \|\| $pun_user['g_id'] == PUN_ADMIN)
	1218	{
	1219	$posts_actions[] = '<a href="search.php?action=show_user_topics&user_id='.$id.'">'.$lang_profile['Show topics'].'</a>';
	1220	$posts_actions[] = '<a href="search.php?action=show_user_posts&user_id='.$id.'">'.$lang_profile['Show posts'].'</a>';
	1221
	1222	if ($pun_config['o_topic_subscriptions'] == '1')
	1223	$posts_actions[] = '<a href="search.php?action=show_subscriptions&user_id='.$id.'">'.$lang_profile['Show subscriptions'].'</a>';
	1224	}
	1225
	1226	$posts_field .= (!empty($posts_actions) ? '<p class="actions">'.implode(' - ', $posts_actions).'</p>' : '')."\n";
	1227
	1228
	1229	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section essentials']);
	1230	$required_fields = array('req_username' => $lang_common['Username'], 'req_email' => $lang_common['Email']);
	1231	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1232	require PUN_ROOT.'header.php';
	1233
	1234	generate_profile_menu('essentials');
	1235
	1236	?>
	1237	<div class="blockform">
	1238	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section essentials'] ?></span></h2>
	1239	<div class="box">
	1240	<form id="profile1" method="post" action="profile.php?section=essentials&id=<?php echo $id ?>" onsubmit="return process_form(this)">
	1241	<div class="inform">
	1242	<fieldset>
	1243	<legend><?php echo $lang_profile['Username and pass legend'] ?></legend>
	1244	<div class="infldset">
	1245	<input type="hidden" name="form_sent" value="1" />
	1246	<?php echo $username_field ?>
[3]	1247	<?php if ($pun_user['id'] == $id \|\| $pun_user['g_id'] == PUN_ADMIN \|\| ($user['g_moderator'] == '0' && $pun_user['g_mod_change_passwords'] == '1')): ?> <p class="actions"><span><a href="profile.php?action=change_pass&id=<?php echo $id ?>"><?php echo $lang_profile['Change pass'] ?></a></span></p>
	1248	<?php endif; ?> </div>
[1]	1249	</fieldset>
	1250	</div>
	1251	<div class="inform">
	1252	<fieldset>
[3]	1253	<legend><?php echo $lang_prof_reg['Email legend'] ?></legend>
[1]	1254	<div class="infldset">
	1255	<?php echo $email_field ?>
	1256	</div>
	1257	</fieldset>
	1258	</div>
	1259	<div class="inform">
	1260	<fieldset>
	1261	<legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend>
	1262	<div class="infldset">
[3]	1263	<p><?php echo $lang_prof_reg['Time zone info'] ?></p>
	1264	<label><?php echo $lang_prof_reg['Time zone']."\n" ?>
[1]	1265	<br /><select name="form[timezone]">
[3]	1266	<option value="-12"<?php if ($user['timezone'] == -12) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-12:00'] ?></option>
	1267	<option value="-11"<?php if ($user['timezone'] == -11) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-11:00'] ?></option>
	1268	<option value="-10"<?php if ($user['timezone'] == -10) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-10:00'] ?></option>
	1269	<option value="-9.5"<?php if ($user['timezone'] == -9.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-09:30'] ?></option>
	1270	<option value="-9"<?php if ($user['timezone'] == -9) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-09:00'] ?></option>
	1271	<option value="-8.5"<?php if ($user['timezone'] == -8.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-08:30'] ?></option>
	1272	<option value="-8"<?php if ($user['timezone'] == -8) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-08:00'] ?></option>
	1273	<option value="-7"<?php if ($user['timezone'] == -7) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-07:00'] ?></option>
	1274	<option value="-6"<?php if ($user['timezone'] == -6) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-06:00'] ?></option>
	1275	<option value="-5"<?php if ($user['timezone'] == -5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-05:00'] ?></option>
	1276	<option value="-4"<?php if ($user['timezone'] == -4) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-04:00'] ?></option>
	1277	<option value="-3.5"<?php if ($user['timezone'] == -3.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-03:30'] ?></option>
	1278	<option value="-3"<?php if ($user['timezone'] == -3) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-03:00'] ?></option>
	1279	<option value="-2"<?php if ($user['timezone'] == -2) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-02:00'] ?></option>
	1280	<option value="-1"<?php if ($user['timezone'] == -1) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-01:00'] ?></option>
	1281	<option value="0"<?php if ($user['timezone'] == 0) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC'] ?></option>
	1282	<option value="1"<?php if ($user['timezone'] == 1) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+01:00'] ?></option>
	1283	<option value="2"<?php if ($user['timezone'] == 2) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+02:00'] ?></option>
	1284	<option value="3"<?php if ($user['timezone'] == 3) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+03:00'] ?></option>
	1285	<option value="3.5"<?php if ($user['timezone'] == 3.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+03:30'] ?></option>
	1286	<option value="4"<?php if ($user['timezone'] == 4) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+04:00'] ?></option>
	1287	<option value="4.5"<?php if ($user['timezone'] == 4.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+04:30'] ?></option>
	1288	<option value="5"<?php if ($user['timezone'] == 5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:00'] ?></option>
	1289	<option value="5.5"<?php if ($user['timezone'] == 5.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:30'] ?></option>
	1290	<option value="5.75"<?php if ($user['timezone'] == 5.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:45'] ?></option>
	1291	<option value="6"<?php if ($user['timezone'] == 6) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+06:00'] ?></option>
	1292	<option value="6.5"<?php if ($user['timezone'] == 6.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+06:30'] ?></option>
	1293	<option value="7"<?php if ($user['timezone'] == 7) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+07:00'] ?></option>
	1294	<option value="8"<?php if ($user['timezone'] == 8) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+08:00'] ?></option>
	1295	<option value="8.75"<?php if ($user['timezone'] == 8.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+08:45'] ?></option>
	1296	<option value="9"<?php if ($user['timezone'] == 9) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+09:00'] ?></option>
	1297	<option value="9.5"<?php if ($user['timezone'] == 9.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+09:30'] ?></option>
	1298	<option value="10"<?php if ($user['timezone'] == 10) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+10:00'] ?></option>
	1299	<option value="10.5"<?php if ($user['timezone'] == 10.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+10:30'] ?></option>
	1300	<option value="11"<?php if ($user['timezone'] == 11) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+11:00'] ?></option>
	1301	<option value="11.5"<?php if ($user['timezone'] == 11.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+11:30'] ?></option>
	1302	<option value="12"<?php if ($user['timezone'] == 12) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+12:00'] ?></option>
	1303	<option value="12.75"<?php if ($user['timezone'] == 12.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+12:45'] ?></option>
	1304	<option value="13"<?php if ($user['timezone'] == 13) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+13:00'] ?></option>
	1305	<option value="14"<?php if ($user['timezone'] == 14) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+14:00'] ?></option>
[1]	1306	</select>
	1307	<br /></label>
[3]	1308	<div class="rbox">
	1309	<label><input type="checkbox" name="form[dst]" value="1"<?php if ($user['dst'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['DST'] ?><br /></label>
	1310	</div>
	1311	<label><?php echo $lang_prof_reg['Time format'] ?>
	1312
	1313	<br /><select name="form[time_format]">
[1]	1314	<?php
[3]	1315	foreach (array_unique($forum_time_formats) as $key => $time_format)
	1316	{
	1317	echo "\t\t\t\t\t\t\t\t".'<option value="'.$key.'"';
	1318	if ($user['time_format'] == $key)
	1319	echo ' selected="selected"';
	1320	echo '>'. format_time(time(), false, null, $time_format, true, true);
	1321	if ($key == 0)
	1322	echo ' ('.$lang_prof_reg['Default'].')';
	1323	echo "</option>\n";
	1324	}
	1325	?>
	1326	</select>
	1327	<br /></label>
	1328	<label><?php echo $lang_prof_reg['Date format'] ?>
[1]	1329
[3]	1330	<br /><select name="form[date_format]">
	1331	<?php
	1332	foreach (array_unique($forum_date_formats) as $key => $date_format)
	1333	{
	1334	echo "\t\t\t\t\t\t\t\t".'<option value="'.$key.'"';
	1335	if ($user['date_format'] == $key)
	1336	echo ' selected="selected"';
	1337	echo '>'. format_time(time(), true, $date_format, null, false, true);
	1338	if ($key == 0)
	1339	echo ' ('.$lang_prof_reg['Default'].')';
	1340	echo "</option>\n";
	1341	}
	1342	?>
	1343	</select>
	1344	<br /></label>
[1]	1345
[3]	1346	<?php
	1347
	1348	$languages = forum_list_langs();
	1349
[1]	1350	// Only display the language selection box if there's more than one language available
	1351	if (count($languages) > 1)
	1352	{
	1353
	1354	?>
[3]	1355	<label><?php echo $lang_prof_reg['Language'] ?>
[1]	1356	<br /><select name="form[language]">
	1357	<?php
	1358
[3]	1359	foreach ($languages as $temp)
[1]	1360	{
	1361	if ($user['language'] == $temp)
	1362	echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.$temp.'</option>'."\n";
	1363	else
	1364	echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.$temp.'</option>'."\n";
	1365	}
	1366
	1367	?>
	1368	</select>
	1369	<br /></label>
	1370	<?php
	1371
	1372	}
	1373
	1374	?>
	1375	</div>
	1376	</fieldset>
	1377	</div>
	1378	<div class="inform">
	1379	<fieldset>
	1380	<legend><?php echo $lang_profile['User activity'] ?></legend>
	1381	<div class="infldset">
[3]	1382	<p><?php printf($lang_profile['Registered info'], format_time($user['registered'], true).(($pun_user['is_admmod']) ? ' (<a href="moderate.php?get_host='.pun_htmlspecialchars($user['registration_ip']).'">'.pun_htmlspecialchars($user['registration_ip']).'</a>)' : '')) ?></p>
	1383	<p><?php printf($lang_profile['Last post info'], $last_post) ?></p>
	1384	<p><?php printf($lang_profile['Last visit info'], format_time($user['last_visit'])) ?></p>
	1385	<?php echo $posts_field ?>
	1386	<?php if ($pun_user['is_admmod']): ?> <label><?php echo $lang_profile['Admin note'] ?><br />
[1]	1387	<input id="admin_note" type="text" name="admin_note" value="<?php echo pun_htmlspecialchars($user['admin_note']) ?>" size="30" maxlength="30" /><br /></label>
[3]	1388	<?php endif; ?> </div>
	1389	</fieldset>
[1]	1390	</div>
[3]	1391	<p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1392	</form>
	1393	</div>
	1394	</div>
	1395	<?php
	1396
	1397	}
	1398	else if ($section == 'personal')
	1399	{
	1400	if ($pun_user['g_set_title'] == '1')
[3]	1401	$title_field = '<label>'.$lang_common['Title'].' <em>('.$lang_profile['Leave blank'].')</em><br /><input type="text" name="title" value="'.pun_htmlspecialchars($user['title']).'" size="30" maxlength="50" /><br /></label>'."\n";
[1]	1402
[3]	1403	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personal']);
	1404	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1405	require PUN_ROOT.'header.php';
	1406
	1407	generate_profile_menu('personal');
	1408
	1409	?>
	1410	<div class="blockform">
	1411	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personal'] ?></span></h2>
	1412	<div class="box">
	1413	<form id="profile2" method="post" action="profile.php?section=personal&id=<?php echo $id ?>">
	1414	<div class="inform">
	1415	<fieldset>
	1416	<legend><?php echo $lang_profile['Personal details legend'] ?></legend>
	1417	<div class="infldset">
	1418	<input type="hidden" name="form_sent" value="1" />
	1419	<label><?php echo $lang_profile['Realname'] ?><br /><input type="text" name="form[realname]" value="<?php echo pun_htmlspecialchars($user['realname']) ?>" size="40" maxlength="40" /><br /></label>
[3]	1420	<?php if (isset($title_field)): ?> <?php echo $title_field ?>
[1]	1421	<?php endif; ?> <label><?php echo $lang_profile['Location'] ?><br /><input type="text" name="form[location]" value="<?php echo pun_htmlspecialchars($user['location']) ?>" size="30" maxlength="30" /><br /></label>
	1422	<label><?php echo $lang_profile['Website'] ?><br /><input type="text" name="form[url]" value="<?php echo pun_htmlspecialchars($user['url']) ?>" size="50" maxlength="80" /><br /></label>
	1423	</div>
	1424	</fieldset>
	1425	</div>
[3]	1426	<p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1427	</form>
	1428	</div>
	1429	</div>
	1430	<?php
	1431
	1432	}
	1433	else if ($section == 'messaging')
	1434	{
	1435
[3]	1436	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section messaging']);
	1437	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1438	require PUN_ROOT.'header.php';
	1439
	1440	generate_profile_menu('messaging');
	1441
	1442	?>
	1443	<div class="blockform">
	1444	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section messaging'] ?></span></h2>
	1445	<div class="box">
	1446	<form id="profile3" method="post" action="profile.php?section=messaging&id=<?php echo $id ?>">
	1447	<div class="inform">
	1448	<fieldset>
	1449	<legend><?php echo $lang_profile['Contact details legend'] ?></legend>
	1450	<div class="infldset">
	1451	<input type="hidden" name="form_sent" value="1" />
	1452	<label><?php echo $lang_profile['Jabber'] ?><br /><input id="jabber" type="text" name="form[jabber]" value="<?php echo pun_htmlspecialchars($user['jabber']) ?>" size="40" maxlength="75" /><br /></label>
	1453	<label><?php echo $lang_profile['ICQ'] ?><br /><input id="icq" type="text" name="form[icq]" value="<?php echo $user['icq'] ?>" size="12" maxlength="12" /><br /></label>
	1454	<label><?php echo $lang_profile['MSN'] ?><br /><input id="msn" type="text" name="form[msn]" value="<?php echo pun_htmlspecialchars($user['msn']) ?>" size="40" maxlength="50" /><br /></label>
	1455	<label><?php echo $lang_profile['AOL IM'] ?><br /><input id="aim" type="text" name="form[aim]" value="<?php echo pun_htmlspecialchars($user['aim']) ?>" size="20" maxlength="30" /><br /></label>
	1456	<label><?php echo $lang_profile['Yahoo'] ?><br /><input id="yahoo" type="text" name="form[yahoo]" value="<?php echo pun_htmlspecialchars($user['yahoo']) ?>" size="20" maxlength="30" /><br /></label>
	1457	</div>
	1458	</fieldset>
	1459	</div>
[3]	1460	<p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1461	</form>
	1462	</div>
	1463	</div>
	1464	<?php
	1465
	1466	}
	1467	else if ($section == 'personality')
	1468	{
[3]	1469	if ($pun_config['o_avatars'] == '0' && $pun_config['o_signatures'] == '0')
	1470	message($lang_common['Bad request']);
	1471
	1472	$avatar_field = '<span><a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Change avatar'].'</a></span>';
	1473
	1474	$user_avatar = generate_avatar_markup($id);
	1475	if ($user_avatar)
	1476	$avatar_field .= ' <span><a href="profile.php?action=delete_avatar&id='.$id.'">'.$lang_profile['Delete avatar'].'</a></span>';
[1]	1477	else
[3]	1478	$avatar_field = '<span><a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Upload avatar'].'</a></span>';
[1]	1479
	1480	if ($user['signature'] != '')
[3]	1481	$signature_preview = '<p>'.$lang_profile['Sig preview'].'</p>'."\n\t\t\t\t\t\t\t".'<div class="postsignature postmsg">'."\n\t\t\t\t\t\t\t\t".'<hr />'."\n\t\t\t\t\t\t\t\t".$parsed_signature."\n\t\t\t\t\t\t\t".'</div>'."\n";
[1]	1482	else
	1483	$signature_preview = '<p>'.$lang_profile['No sig'].'</p>'."\n";
	1484
[3]	1485	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personality']);
	1486	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1487	require PUN_ROOT.'header.php';
	1488
	1489	generate_profile_menu('personality');
	1490
	1491
	1492	?>
	1493	<div class="blockform">
	1494	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personality'] ?></span></h2>
	1495	<div class="box">
	1496	<form id="profile4" method="post" action="profile.php?section=personality&id=<?php echo $id ?>">
	1497	<div><input type="hidden" name="form_sent" value="1" /></div>
	1498	<?php if ($pun_config['o_avatars'] == '1'): ?> <div class="inform">
	1499	<fieldset id="profileavatar">
	1500	<legend><?php echo $lang_profile['Avatar legend'] ?></legend>
	1501	<div class="infldset">
[3]	1502	<?php if ($user_avatar): ?> <div class="useravatar"><?php echo $user_avatar ?></div>
	1503	<?php endif; ?> <p><?php echo $lang_profile['Avatar info'] ?></p>
	1504	<p class="clearb actions"><?php echo $avatar_field ?></p>
[1]	1505	</div>
	1506	</fieldset>
	1507	</div>
[3]	1508	<?php endif; if ($pun_config['o_signatures'] == '1'): ?> <div class="inform">
[1]	1509	<fieldset>
	1510	<legend><?php echo $lang_profile['Signature legend'] ?></legend>
	1511	<div class="infldset">
	1512	<p><?php echo $lang_profile['Signature info'] ?></p>
	1513	<div class="txtarea">
[3]	1514	<label><?php printf($lang_profile['Sig max size'], forum_number_format($pun_config['p_sig_length']), $pun_config['p_sig_lines']) ?><br />
[1]	1515	<textarea name="signature" rows="4" cols="65"><?php echo pun_htmlspecialchars($user['signature']) ?></textarea><br /></label>
	1516	</div>
	1517	<ul class="bblinks">
[3]	1518	<li><span><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a> <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
	1519	<li><span><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a> <?php echo ($pun_config['p_sig_bbcode'] == '1' && $pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
	1520	<li><span><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a> <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
[1]	1521	</ul>
	1522	<?php echo $signature_preview ?>
	1523	</div>
	1524	</fieldset>
	1525	</div>
[3]	1526	<?php endif; ?> <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1527	</form>
	1528	</div>
	1529	</div>
	1530	<?php
	1531
	1532	}
	1533	else if ($section == 'display')
	1534	{
[3]	1535	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section display']);
	1536	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1537	require PUN_ROOT.'header.php';
	1538
	1539	generate_profile_menu('display');
	1540
	1541	?>
	1542	<div class="blockform">
	1543	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section display'] ?></span></h2>
	1544	<div class="box">
	1545	<form id="profile5" method="post" action="profile.php?section=display&id=<?php echo $id ?>">
	1546	<div><input type="hidden" name="form_sent" value="1" /></div>
	1547	<?php
	1548
[3]	1549	$styles = forum_list_styles();
[1]	1550
	1551	// Only display the style selection box if there's more than one style available
	1552	if (count($styles) == 1)
	1553	echo "\t\t\t".'<div><input type="hidden" name="form[style]" value="'.$styles[0].'" /></div>'."\n";
	1554	else if (count($styles) > 1)
	1555	{
[3]	1556
[1]	1557	?>
	1558	<div class="inform">
	1559	<fieldset>
	1560	<legend><?php echo $lang_profile['Style legend'] ?></legend>
	1561	<div class="infldset">
[3]	1562	<label><?php echo $lang_profile['Styles'] ?><br />
[1]	1563	<select name="form[style]">
	1564	<?php
	1565
[3]	1566	foreach ($styles as $temp)
[1]	1567	{
	1568	if ($user['style'] == $temp)
	1569	echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.str_replace('_', ' ', $temp).'</option>'."\n";
	1570	else
	1571	echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.str_replace('_', ' ', $temp).'</option>'."\n";
	1572	}
	1573
	1574	?>
	1575	</select>
	1576	<br /></label>
	1577	</div>
	1578	</fieldset>
	1579	</div>
	1580	<?php
	1581
	1582	}
	1583
	1584	?>
[3]	1585	<?php if ($pun_config['o_smilies'] == '1' \|\| $pun_config['o_smilies_sig'] == '1' \|\| $pun_config['o_signatures'] == '1' \|\| $pun_config['o_avatars'] == '1' \|\| ($pun_config['p_message_bbcode'] == '1' && $pun_config['p_message_img_tag'] == '1')): ?>
[1]	1586	<div class="inform">
	1587	<fieldset>
	1588	<legend><?php echo $lang_profile['Post display legend'] ?></legend>
	1589	<div class="infldset">
	1590	<p><?php echo $lang_profile['Post display info'] ?></p>
	1591	<div class="rbox">
[3]	1592	<?php if ($pun_config['o_smilies'] == '1' \|\| $pun_config['o_smilies_sig'] == '1'): ?> <label><input type="checkbox" name="form[show_smilies]" value="1"<?php if ($user['show_smilies'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show smilies'] ?><br /></label>
	1593	<?php endif; if ($pun_config['o_signatures'] == '1'): ?> <label><input type="checkbox" name="form[show_sig]" value="1"<?php if ($user['show_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show sigs'] ?><br /></label>
	1594	<?php endif; if ($pun_config['o_avatars'] == '1'): ?> <label><input type="checkbox" name="form[show_avatars]" value="1"<?php if ($user['show_avatars'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show avatars'] ?><br /></label>
	1595	<?php endif; if ($pun_config['p_message_bbcode'] == '1' && $pun_config['p_message_img_tag'] == '1'): ?> <label><input type="checkbox" name="form[show_img]" value="1"<?php if ($user['show_img'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images'] ?><br /></label>
	1596	<?php endif; if ($pun_config['o_signatures'] == '1' && $pun_config['p_sig_bbcode'] == '1' && $pun_config['p_sig_img_tag'] == '1'): ?> <label><input type="checkbox" name="form[show_img_sig]" value="1"<?php if ($user['show_img_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images sigs'] ?><br /></label>
	1597	<?php endif; ?>
[1]	1598	</div>
	1599	</div>
	1600	</fieldset>
	1601	</div>
[3]	1602	<?php endif; ?>
[1]	1603	<div class="inform">
	1604	<fieldset>
	1605	<legend><?php echo $lang_profile['Pagination legend'] ?></legend>
	1606	<div class="infldset">
	1607	<label class="conl"><?php echo $lang_profile['Topics per page'] ?><br /><input type="text" name="form[disp_topics]" value="<?php echo $user['disp_topics'] ?>" size="6" maxlength="3" /><br /></label>
	1608	<label class="conl"><?php echo $lang_profile['Posts per page'] ?><br /><input type="text" name="form[disp_posts]" value="<?php echo $user['disp_posts'] ?>" size="6" maxlength="3" /><br /></label>
	1609	<p class="clearb"><?php echo $lang_profile['Paginate info'] ?> <?php echo $lang_profile['Leave blank'] ?></p>
	1610	</div>
	1611	</fieldset>
	1612	</div>
[3]	1613	<p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1614	</form>
	1615	</div>
	1616	</div>
	1617	<?php
	1618
	1619	}
	1620	else if ($section == 'privacy')
	1621	{
[3]	1622	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section privacy']);
	1623	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1624	require PUN_ROOT.'header.php';
	1625
	1626	generate_profile_menu('privacy');
	1627
	1628	?>
	1629	<div class="blockform">
	1630	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section privacy'] ?></span></h2>
	1631	<div class="box">
	1632	<form id="profile6" method="post" action="profile.php?section=privacy&id=<?php echo $id ?>">
	1633	<div class="inform">
	1634	<fieldset>
	1635	<legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend>
	1636	<div class="infldset">
	1637	<input type="hidden" name="form_sent" value="1" />
[3]	1638	<p><?php echo $lang_prof_reg['Email setting info'] ?></p>
[1]	1639	<div class="rbox">
[3]	1640	<label><input type="radio" name="form[email_setting]" value="0"<?php if ($user['email_setting'] == '0') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 1'] ?><br /></label>
	1641	<label><input type="radio" name="form[email_setting]" value="1"<?php if ($user['email_setting'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 2'] ?><br /></label>
	1642	<label><input type="radio" name="form[email_setting]" value="2"<?php if ($user['email_setting'] == '2') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 3'] ?><br /></label>
[1]	1643	</div>
[3]	1644	</div>
	1645	</fieldset>
	1646	</div>
	1647	<?php if ($pun_config['o_forum_subscriptions'] == '1' \|\| $pun_config['o_topic_subscriptions'] == '1'): ?> <div class="inform">
	1648	<fieldset>
	1649	<legend><?php echo $lang_profile['Subscription legend'] ?></legend>
	1650	<div class="infldset">
[1]	1651	<div class="rbox">
	1652	<label><input type="checkbox" name="form[notify_with_post]" value="1"<?php if ($user['notify_with_post'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Notify full'] ?><br /></label>
[3]	1653	<?php if ($pun_config['o_topic_subscriptions'] == '1'): ?> <label><input type="checkbox" name="form[auto_notify]" value="1"<?php if ($user['auto_notify'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Auto notify full'] ?><br /></label>
	1654	<?php endif; ?>
[1]	1655	</div>
	1656	</div>
	1657	</fieldset>
	1658	</div>
[3]	1659	<?php endif; ?> <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p>
[1]	1660	</form>
	1661	</div>
	1662	</div>
	1663	<?php
	1664
	1665	}
	1666	else if ($section == 'admin')
	1667	{
[3]	1668	if (!$pun_user['is_admmod'] \|\| ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_ban_users'] == '0'))
[1]	1669	message($lang_common['Bad request']);
	1670
[3]	1671	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section admin']);
	1672	define('PUN_ACTIVE_PAGE', 'profile');
[1]	1673	require PUN_ROOT.'header.php';
	1674
	1675	generate_profile_menu('admin');
	1676
	1677	?>
	1678	<div class="blockform">
	1679	<h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section admin'] ?></span></h2>
	1680	<div class="box">
[3]	1681	<form id="profile7" method="post" action="profile.php?section=admin&id=<?php echo $id ?>">
[1]	1682	<div class="inform">
	1683	<input type="hidden" name="form_sent" value="1" />
	1684	<fieldset>
	1685	<?php
	1686
[3]	1687	if ($pun_user['g_moderator'] == '1')
[1]	1688	{
	1689
	1690	?>
	1691	<legend><?php echo $lang_profile['Delete ban legend'] ?></legend>
	1692	<div class="infldset">
	1693	<p><input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /></p>
	1694	</div>
	1695	</fieldset>
	1696	</div>
	1697	<?php
	1698
	1699	}
	1700	else
	1701	{
[3]	1702	if ($pun_user['id'] != $id)
	1703	{
[1]	1704
	1705	?>
	1706	<legend><?php echo $lang_profile['Group membership legend'] ?></legend>
	1707	<div class="infldset">
	1708	<select id="group_id" name="group_id">
	1709	<?php
	1710
[3]	1711	$result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups WHERE g_id!='.PUN_GUEST.' ORDER BY g_title') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
[1]	1712
[3]	1713	while ($cur_group = $db->fetch_assoc($result))
	1714	{
	1715	if ($cur_group['g_id'] == $user['g_id'] \|\| ($cur_group['g_id'] == $pun_config['o_default_user_group'] && $user['g_id'] == ''))
	1716	echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n";
	1717	else
	1718	echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n";
	1719	}
[1]	1720
	1721	?>
	1722	</select>
	1723	<input type="submit" name="update_group_membership" value="<?php echo $lang_profile['Save'] ?>" />
	1724	</div>
	1725	</fieldset>
	1726	</div>
	1727	<div class="inform">
	1728	<fieldset>
[3]	1729	<?php
[1]	1730
	1731	}
	1732
	1733	?>
	1734	<legend><?php echo $lang_profile['Delete ban legend'] ?></legend>
	1735	<div class="infldset">
[3]	1736	<input type="submit" name="delete_user" value="<?php echo $lang_profile['Delete user'] ?>" /> <input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" />
[1]	1737	</div>
	1738	</fieldset>
	1739	</div>
	1740	<?php
	1741
[3]	1742	if ($user['g_moderator'] == '1' \|\| $user['g_id'] == PUN_ADMIN)
[1]	1743	{
	1744
	1745	?>
	1746	<div class="inform">
	1747	<fieldset>
	1748	<legend><?php echo $lang_profile['Set mods legend'] ?></legend>
	1749	<div class="infldset">
	1750	<p><?php echo $lang_profile['Moderator in info'] ?></p>
	1751	<?php
	1752
[3]	1753	$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.moderators FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id WHERE f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
[1]	1754
	1755	$cur_category = 0;
	1756	while ($cur_forum = $db->fetch_assoc($result))
	1757	{
[3]	1758	if ($cur_forum['cid'] != $cur_category) // A new category since last iteration?
[1]	1759	{
	1760	if ($cur_category)
	1761	echo "\n\t\t\t\t\t\t\t\t".'</div>';
	1762
	1763	if ($cur_category != 0)
	1764	echo "\n\t\t\t\t\t\t\t".'</div>'."\n";
	1765
	1766	echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.$cur_forum['cat_name'].'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">';
	1767	$cur_category = $cur_forum['cid'];
	1768	}
	1769
	1770	$moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
	1771
	1772	echo "\n\t\t\t\t\t\t\t\t\t".'<label><input type="checkbox" name="moderator_in['.$cur_forum['fid'].']" value="1"'.((in_array($id, $moderators)) ? ' checked="checked"' : '').' />'.pun_htmlspecialchars($cur_forum['forum_name']).'<br /></label>'."\n";
	1773	}
	1774
	1775	?>
	1776	</div>
	1777	</div>
	1778	<br class="clearb" /><input type="submit" name="update_forums" value="<?php echo $lang_profile['Update forums'] ?>" />
	1779	</div>
	1780	</fieldset>
	1781	</div>
	1782	<?php
	1783
	1784	}
	1785	}
	1786
	1787	?>
	1788	</form>
	1789	</div>
	1790	</div>
	1791	<?php
	1792
	1793	}
[3]	1794	else
	1795	message($lang_common['Bad request']);
[1]	1796
	1797	?>
	1798	<div class="clearer"></div>
	1799	</div>
	1800	<?php
	1801
	1802	require PUN_ROOT.'footer.php';
	1803	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: