1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * Copyright (C) 2008-2011 FluxBB |
---|
5 | * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB |
---|
6 | * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher |
---|
7 | */ |
---|
8 | |
---|
9 | define('PUN_ROOT', dirname(__FILE__).'/'); |
---|
10 | require PUN_ROOT.'include/common.php'; |
---|
11 | |
---|
12 | // Include UTF-8 function |
---|
13 | require PUN_ROOT.'include/utf8/substr_replace.php'; |
---|
14 | require PUN_ROOT.'include/utf8/ucwords.php'; // utf8_ucwords needs utf8_substr_replace |
---|
15 | require PUN_ROOT.'include/utf8/strcasecmp.php'; |
---|
16 | |
---|
17 | $action = isset($_GET['action']) ? $_GET['action'] : null; |
---|
18 | $section = isset($_GET['section']) ? $_GET['section'] : null; |
---|
19 | $id = isset($_GET['id']) ? intval($_GET['id']) : 0; |
---|
20 | if ($id < 2) |
---|
21 | message($lang_common['Bad request']); |
---|
22 | |
---|
23 | if ($action != 'change_pass' || !isset($_GET['key'])) |
---|
24 | { |
---|
25 | if ($pun_user['g_read_board'] == '0') |
---|
26 | message($lang_common['No view']); |
---|
27 | else if ($pun_user['g_view_users'] == '0' && ($pun_user['is_guest'] || $pun_user['id'] != $id)) |
---|
28 | message($lang_common['No permission']); |
---|
29 | } |
---|
30 | |
---|
31 | // Load the profile.php/register.php language file |
---|
32 | require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php'; |
---|
33 | |
---|
34 | // Load the profile.php language file |
---|
35 | require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php'; |
---|
36 | |
---|
37 | |
---|
38 | if ($action == 'change_pass') |
---|
39 | { |
---|
40 | if (isset($_GET['key'])) |
---|
41 | { |
---|
42 | // If the user is already logged in we shouldn't be here :) |
---|
43 | if (!$pun_user['is_guest']) |
---|
44 | { |
---|
45 | header('Location: index.php'); |
---|
46 | exit; |
---|
47 | } |
---|
48 | |
---|
49 | $key = $_GET['key']; |
---|
50 | |
---|
51 | $result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error()); |
---|
52 | $cur_user = $db->fetch_assoc($result); |
---|
53 | |
---|
54 | if ($key == '' || $key != $cur_user['activate_key']) |
---|
55 | message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); |
---|
56 | else |
---|
57 | { |
---|
58 | $db->query('UPDATE '.$db->prefix.'users SET password=\''.$cur_user['activate_string'].'\', activate_string=NULL, activate_key=NULL'.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error()); |
---|
59 | |
---|
60 | message($lang_profile['Pass updated'], true); |
---|
61 | } |
---|
62 | } |
---|
63 | |
---|
64 | // Make sure we are allowed to change this users password |
---|
65 | if ($pun_user['id'] != $id) |
---|
66 | { |
---|
67 | if (!$pun_user['is_admmod']) // A regular user trying to change another users password? |
---|
68 | message($lang_common['No permission']); |
---|
69 | else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users password? |
---|
70 | { |
---|
71 | $result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
72 | if (!$db->num_rows($result)) |
---|
73 | message($lang_common['Bad request']); |
---|
74 | |
---|
75 | list($group_id, $is_moderator) = $db->fetch_row($result); |
---|
76 | |
---|
77 | if ($pun_user['g_mod_edit_users'] == '0' || $pun_user['g_mod_change_passwords'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1') |
---|
78 | message($lang_common['No permission']); |
---|
79 | } |
---|
80 | } |
---|
81 | |
---|
82 | if (isset($_POST['form_sent'])) |
---|
83 | { |
---|
84 | if ($pun_user['is_admmod']) |
---|
85 | confirm_referrer('profile.php'); |
---|
86 | |
---|
87 | $old_password = isset($_POST['req_old_password']) ? pun_trim($_POST['req_old_password']) : ''; |
---|
88 | $new_password1 = pun_trim($_POST['req_new_password1']); |
---|
89 | $new_password2 = pun_trim($_POST['req_new_password2']); |
---|
90 | |
---|
91 | if ($new_password1 != $new_password2) |
---|
92 | message($lang_prof_reg['Pass not match']); |
---|
93 | if (pun_strlen($new_password1) < 4) |
---|
94 | message($lang_prof_reg['Pass too short']); |
---|
95 | |
---|
96 | $result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error()); |
---|
97 | $cur_user = $db->fetch_assoc($result); |
---|
98 | |
---|
99 | $authorized = false; |
---|
100 | |
---|
101 | if (!empty($cur_user['password'])) |
---|
102 | { |
---|
103 | $old_password_hash = pun_hash($old_password); |
---|
104 | |
---|
105 | if ($cur_user['password'] == $old_password_hash || $pun_user['is_admmod']) |
---|
106 | $authorized = true; |
---|
107 | } |
---|
108 | |
---|
109 | if (!$authorized) |
---|
110 | message($lang_profile['Wrong pass']); |
---|
111 | |
---|
112 | $new_password_hash = pun_hash($new_password1); |
---|
113 | |
---|
114 | $db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\''.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error()); |
---|
115 | |
---|
116 | if ($pun_user['id'] == $id) |
---|
117 | pun_setcookie($pun_user['id'], $new_password_hash, time() + $pun_config['o_timeout_visit']); |
---|
118 | |
---|
119 | redirect('profile.php?section=essentials&id='.$id, $lang_profile['Pass updated redirect']); |
---|
120 | } |
---|
121 | |
---|
122 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Change pass']); |
---|
123 | $required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']); |
---|
124 | $focus_element = array('change_pass', ((!$pun_user['is_admmod']) ? 'req_old_password' : 'req_new_password1')); |
---|
125 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
126 | require PUN_ROOT.'header.php'; |
---|
127 | |
---|
128 | ?> |
---|
129 | <div class="blockform"> |
---|
130 | <h2><span><?php echo $lang_profile['Change pass'] ?></span></h2> |
---|
131 | <div class="box"> |
---|
132 | <form id="change_pass" method="post" action="profile.php?action=change_pass&id=<?php echo $id ?>" onsubmit="return process_form(this)"> |
---|
133 | <div class="inform"> |
---|
134 | <input type="hidden" name="form_sent" value="1" /> |
---|
135 | <fieldset> |
---|
136 | <legend><?php echo $lang_profile['Change pass legend'] ?></legend> |
---|
137 | <div class="infldset"> |
---|
138 | <?php if (!$pun_user['is_admmod']): ?> <label class="required"><strong><?php echo $lang_profile['Old pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
139 | <input type="password" name="req_old_password" size="16" /><br /></label> |
---|
140 | <?php endif; ?> <label class="conl required"><strong><?php echo $lang_profile['New pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
141 | <input type="password" name="req_new_password1" size="16" /><br /></label> |
---|
142 | <label class="conl required"><strong><?php echo $lang_profile['Confirm new pass'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /> |
---|
143 | <input type="password" name="req_new_password2" size="16" /><br /></label> |
---|
144 | <p class="clearb"><?php echo $lang_profile['Pass info'] ?></p> |
---|
145 | </div> |
---|
146 | </fieldset> |
---|
147 | </div> |
---|
148 | <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
149 | </form> |
---|
150 | </div> |
---|
151 | </div> |
---|
152 | <?php |
---|
153 | |
---|
154 | require PUN_ROOT.'footer.php'; |
---|
155 | } |
---|
156 | |
---|
157 | |
---|
158 | else if ($action == 'change_email') |
---|
159 | { |
---|
160 | // Make sure we are allowed to change this users email |
---|
161 | if ($pun_user['id'] != $id) |
---|
162 | { |
---|
163 | if (!$pun_user['is_admmod']) // A regular user trying to change another users email? |
---|
164 | message($lang_common['No permission']); |
---|
165 | else if ($pun_user['g_moderator'] == '1') // A moderator trying to change a users email? |
---|
166 | { |
---|
167 | $result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
168 | if (!$db->num_rows($result)) |
---|
169 | message($lang_common['Bad request']); |
---|
170 | |
---|
171 | list($group_id, $is_moderator) = $db->fetch_row($result); |
---|
172 | |
---|
173 | if ($pun_user['g_mod_edit_users'] == '0' || $group_id == PUN_ADMIN || $is_moderator == '1') |
---|
174 | message($lang_common['No permission']); |
---|
175 | } |
---|
176 | } |
---|
177 | |
---|
178 | if (isset($_GET['key'])) |
---|
179 | { |
---|
180 | $key = $_GET['key']; |
---|
181 | |
---|
182 | $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error()); |
---|
183 | list($new_email, $new_email_key) = $db->fetch_row($result); |
---|
184 | |
---|
185 | if ($key == '' || $key != $new_email_key) |
---|
186 | message($lang_profile['Email key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); |
---|
187 | else |
---|
188 | { |
---|
189 | $db->query('UPDATE '.$db->prefix.'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update email address', __FILE__, __LINE__, $db->error()); |
---|
190 | |
---|
191 | message($lang_profile['Email updated'], true); |
---|
192 | } |
---|
193 | } |
---|
194 | else if (isset($_POST['form_sent'])) |
---|
195 | { |
---|
196 | if (pun_hash($_POST['req_password']) !== $pun_user['password']) |
---|
197 | message($lang_profile['Wrong pass']); |
---|
198 | |
---|
199 | require PUN_ROOT.'include/email.php'; |
---|
200 | |
---|
201 | // Validate the email address |
---|
202 | $new_email = strtolower(trim($_POST['req_new_email'])); |
---|
203 | if (!is_valid_email($new_email)) |
---|
204 | message($lang_common['Invalid email']); |
---|
205 | |
---|
206 | // Check if it's a banned email address |
---|
207 | if (is_banned_email($new_email)) |
---|
208 | { |
---|
209 | if ($pun_config['p_allow_banned_email'] == '0') |
---|
210 | message($lang_prof_reg['Banned email']); |
---|
211 | else if ($pun_config['o_mailing_list'] != '') |
---|
212 | { |
---|
213 | // Load the "banned email change" template |
---|
214 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/banned_email_change.tpl')); |
---|
215 | |
---|
216 | // The first row contains the subject |
---|
217 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
218 | $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
219 | $mail_message = trim(substr($mail_tpl, $first_crlf)); |
---|
220 | |
---|
221 | $mail_message = str_replace('<username>', $pun_user['username'], $mail_message); |
---|
222 | $mail_message = str_replace('<email>', $new_email, $mail_message); |
---|
223 | $mail_message = str_replace('<profile_url>', get_base_url().'/profile.php?id='.$id, $mail_message); |
---|
224 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
225 | |
---|
226 | pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
---|
227 | } |
---|
228 | } |
---|
229 | |
---|
230 | // Check if someone else already has registered with that email address |
---|
231 | $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($new_email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
232 | if ($db->num_rows($result)) |
---|
233 | { |
---|
234 | if ($pun_config['p_allow_dupe_email'] == '0') |
---|
235 | message($lang_prof_reg['Dupe email']); |
---|
236 | else if ($pun_config['o_mailing_list'] != '') |
---|
237 | { |
---|
238 | while ($cur_dupe = $db->fetch_assoc($result)) |
---|
239 | $dupe_list[] = $cur_dupe['username']; |
---|
240 | |
---|
241 | // Load the "dupe email change" template |
---|
242 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/dupe_email_change.tpl')); |
---|
243 | |
---|
244 | // The first row contains the subject |
---|
245 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
246 | $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
247 | $mail_message = trim(substr($mail_tpl, $first_crlf)); |
---|
248 | |
---|
249 | $mail_message = str_replace('<username>', $pun_user['username'], $mail_message); |
---|
250 | $mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message); |
---|
251 | $mail_message = str_replace('<profile_url>', get_base_url().'/profile.php?id='.$id, $mail_message); |
---|
252 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
253 | |
---|
254 | pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); |
---|
255 | } |
---|
256 | } |
---|
257 | |
---|
258 | |
---|
259 | $new_email_key = random_pass(8); |
---|
260 | |
---|
261 | $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.$db->escape($new_email).'\', activate_key=\''.$new_email_key.'\' WHERE id='.$id) or error('Unable to update activation data', __FILE__, __LINE__, $db->error()); |
---|
262 | |
---|
263 | // Load the "activate email" template |
---|
264 | $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_email.tpl')); |
---|
265 | |
---|
266 | // The first row contains the subject |
---|
267 | $first_crlf = strpos($mail_tpl, "\n"); |
---|
268 | $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); |
---|
269 | $mail_message = trim(substr($mail_tpl, $first_crlf)); |
---|
270 | |
---|
271 | $mail_message = str_replace('<username>', $pun_user['username'], $mail_message); |
---|
272 | $mail_message = str_replace('<base_url>', get_base_url(), $mail_message); |
---|
273 | $mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?action=change_email&id='.$id.'&key='.$new_email_key, $mail_message); |
---|
274 | $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message); |
---|
275 | |
---|
276 | pun_mail($new_email, $mail_subject, $mail_message); |
---|
277 | |
---|
278 | message($lang_profile['Activate email sent'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
---|
279 | } |
---|
280 | |
---|
281 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Change email']); |
---|
282 | $required_fields = array('req_new_email' => $lang_profile['New email'], 'req_password' => $lang_common['Password']); |
---|
283 | $focus_element = array('change_email', 'req_new_email'); |
---|
284 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
285 | require PUN_ROOT.'header.php'; |
---|
286 | |
---|
287 | ?> |
---|
288 | <div class="blockform"> |
---|
289 | <h2><span><?php echo $lang_profile['Change email'] ?></span></h2> |
---|
290 | <div class="box"> |
---|
291 | <form id="change_email" method="post" action="profile.php?action=change_email&id=<?php echo $id ?>" id="change_email" onsubmit="return process_form(this)"> |
---|
292 | <div class="inform"> |
---|
293 | <fieldset> |
---|
294 | <legend><?php echo $lang_profile['Email legend'] ?></legend> |
---|
295 | <div class="infldset"> |
---|
296 | <input type="hidden" name="form_sent" value="1" /> |
---|
297 | <label class="required"><strong><?php echo $lang_profile['New email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_new_email" size="50" maxlength="80" /><br /></label> |
---|
298 | <label class="required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="16" /><br /></label> |
---|
299 | <p><?php echo $lang_profile['Email instructions'] ?></p> |
---|
300 | </div> |
---|
301 | </fieldset> |
---|
302 | </div> |
---|
303 | <p class="buttons"><input type="submit" name="new_email" value="<?php echo $lang_common['Submit'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
304 | </form> |
---|
305 | </div> |
---|
306 | </div> |
---|
307 | <?php |
---|
308 | |
---|
309 | require PUN_ROOT.'footer.php'; |
---|
310 | } |
---|
311 | |
---|
312 | |
---|
313 | else if ($action == 'upload_avatar' || $action == 'upload_avatar2') |
---|
314 | { |
---|
315 | if ($pun_config['o_avatars'] == '0') |
---|
316 | message($lang_profile['Avatars disabled']); |
---|
317 | |
---|
318 | if ($pun_user['id'] != $id && !$pun_user['is_admmod']) |
---|
319 | message($lang_common['No permission']); |
---|
320 | |
---|
321 | if (isset($_POST['form_sent'])) |
---|
322 | { |
---|
323 | if (!isset($_FILES['req_file'])) |
---|
324 | message($lang_profile['No file']); |
---|
325 | |
---|
326 | $uploaded_file = $_FILES['req_file']; |
---|
327 | |
---|
328 | // Make sure the upload went smooth |
---|
329 | if (isset($uploaded_file['error'])) |
---|
330 | { |
---|
331 | switch ($uploaded_file['error']) |
---|
332 | { |
---|
333 | case 1: // UPLOAD_ERR_INI_SIZE |
---|
334 | case 2: // UPLOAD_ERR_FORM_SIZE |
---|
335 | message($lang_profile['Too large ini']); |
---|
336 | break; |
---|
337 | |
---|
338 | case 3: // UPLOAD_ERR_PARTIAL |
---|
339 | message($lang_profile['Partial upload']); |
---|
340 | break; |
---|
341 | |
---|
342 | case 4: // UPLOAD_ERR_NO_FILE |
---|
343 | message($lang_profile['No file']); |
---|
344 | break; |
---|
345 | |
---|
346 | case 6: // UPLOAD_ERR_NO_TMP_DIR |
---|
347 | message($lang_profile['No tmp directory']); |
---|
348 | break; |
---|
349 | |
---|
350 | default: |
---|
351 | // No error occured, but was something actually uploaded? |
---|
352 | if ($uploaded_file['size'] == 0) |
---|
353 | message($lang_profile['No file']); |
---|
354 | break; |
---|
355 | } |
---|
356 | } |
---|
357 | |
---|
358 | if (is_uploaded_file($uploaded_file['tmp_name'])) |
---|
359 | { |
---|
360 | // Preliminary file check, adequate in most cases |
---|
361 | $allowed_types = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png', 'image/x-png'); |
---|
362 | if (!in_array($uploaded_file['type'], $allowed_types)) |
---|
363 | message($lang_profile['Bad type']); |
---|
364 | |
---|
365 | // Make sure the file isn't too big |
---|
366 | if ($uploaded_file['size'] > $pun_config['o_avatars_size']) |
---|
367 | message($lang_profile['Too large'].' '.forum_number_format($pun_config['o_avatars_size']).' '.$lang_profile['bytes'].'.'); |
---|
368 | |
---|
369 | // Move the file to the avatar directory. We do this before checking the width/height to circumvent open_basedir restrictions |
---|
370 | if (!@move_uploaded_file($uploaded_file['tmp_name'], PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp')) |
---|
371 | message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); |
---|
372 | |
---|
373 | list($width, $height, $type,) = @getimagesize(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
---|
374 | |
---|
375 | // Determine type |
---|
376 | if ($type == IMAGETYPE_GIF) |
---|
377 | $extension = '.gif'; |
---|
378 | else if ($type == IMAGETYPE_JPEG) |
---|
379 | $extension = '.jpg'; |
---|
380 | else if ($type == IMAGETYPE_PNG) |
---|
381 | $extension = '.png'; |
---|
382 | else |
---|
383 | { |
---|
384 | // Invalid type |
---|
385 | @unlink(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
---|
386 | message($lang_profile['Bad type']); |
---|
387 | } |
---|
388 | |
---|
389 | // Now check the width/height |
---|
390 | if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height']) |
---|
391 | { |
---|
392 | @unlink(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp'); |
---|
393 | message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.'); |
---|
394 | } |
---|
395 | |
---|
396 | // Delete any old avatars and put the new one in place |
---|
397 | delete_avatar($id); |
---|
398 | @rename(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.'.tmp', PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.$extension); |
---|
399 | @chmod(PUN_ROOT.$pun_config['o_avatars_dir'].'/'.$id.$extension, 0644); |
---|
400 | } |
---|
401 | else |
---|
402 | message($lang_profile['Unknown failure']); |
---|
403 | |
---|
404 | redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar upload redirect']); |
---|
405 | } |
---|
406 | |
---|
407 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Upload avatar']); |
---|
408 | $required_fields = array('req_file' => $lang_profile['File']); |
---|
409 | $focus_element = array('upload_avatar', 'req_file'); |
---|
410 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
411 | require PUN_ROOT.'header.php'; |
---|
412 | |
---|
413 | ?> |
---|
414 | <div class="blockform"> |
---|
415 | <h2><span><?php echo $lang_profile['Upload avatar'] ?></span></h2> |
---|
416 | <div class="box"> |
---|
417 | <form id="upload_avatar" method="post" enctype="multipart/form-data" action="profile.php?action=upload_avatar2&id=<?php echo $id ?>" onsubmit="return process_form(this)"> |
---|
418 | <div class="inform"> |
---|
419 | <fieldset> |
---|
420 | <legend><?php echo $lang_profile['Upload avatar legend'] ?></legend> |
---|
421 | <div class="infldset"> |
---|
422 | <input type="hidden" name="form_sent" value="1" /> |
---|
423 | <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $pun_config['o_avatars_size'] ?>" /> |
---|
424 | <label class="required"><strong><?php echo $lang_profile['File'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input name="req_file" type="file" size="40" /><br /></label> |
---|
425 | <p><?php echo $lang_profile['Avatar desc'].' '.$pun_config['o_avatars_width'].' x '.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].' '.$lang_common['and'].' '.forum_number_format($pun_config['o_avatars_size']).' '.$lang_profile['bytes'].' ('.file_size($pun_config['o_avatars_size']).').' ?></p> |
---|
426 | </div> |
---|
427 | </fieldset> |
---|
428 | </div> |
---|
429 | <p class="buttons"><input type="submit" name="upload" value="<?php echo $lang_profile['Upload'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
430 | </form> |
---|
431 | </div> |
---|
432 | </div> |
---|
433 | <?php |
---|
434 | |
---|
435 | require PUN_ROOT.'footer.php'; |
---|
436 | } |
---|
437 | |
---|
438 | |
---|
439 | else if ($action == 'delete_avatar') |
---|
440 | { |
---|
441 | if ($pun_user['id'] != $id && !$pun_user['is_admmod']) |
---|
442 | message($lang_common['No permission']); |
---|
443 | |
---|
444 | confirm_referrer('profile.php'); |
---|
445 | |
---|
446 | delete_avatar($id); |
---|
447 | |
---|
448 | redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar deleted redirect']); |
---|
449 | } |
---|
450 | |
---|
451 | |
---|
452 | else if (isset($_POST['update_group_membership'])) |
---|
453 | { |
---|
454 | if ($pun_user['g_id'] > PUN_ADMIN) |
---|
455 | message($lang_common['No permission']); |
---|
456 | |
---|
457 | confirm_referrer('profile.php'); |
---|
458 | |
---|
459 | $new_group_id = intval($_POST['group_id']); |
---|
460 | |
---|
461 | $db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group_id.' WHERE id='.$id) or error('Unable to change user group', __FILE__, __LINE__, $db->error()); |
---|
462 | |
---|
463 | // Regenerate the users info cache |
---|
464 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
465 | require PUN_ROOT.'include/cache.php'; |
---|
466 | |
---|
467 | generate_users_info_cache(); |
---|
468 | |
---|
469 | $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$new_group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error()); |
---|
470 | $new_group_mod = $db->result($result); |
---|
471 | |
---|
472 | // If the user was a moderator or an administrator, we remove him/her from the moderator list in all forums as well |
---|
473 | if ($new_group_id != PUN_ADMIN && $new_group_mod != '1') |
---|
474 | { |
---|
475 | $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); |
---|
476 | |
---|
477 | while ($cur_forum = $db->fetch_assoc($result)) |
---|
478 | { |
---|
479 | $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); |
---|
480 | |
---|
481 | if (in_array($id, $cur_moderators)) |
---|
482 | { |
---|
483 | $username = array_search($id, $cur_moderators); |
---|
484 | unset($cur_moderators[$username]); |
---|
485 | $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; |
---|
486 | |
---|
487 | $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
---|
488 | } |
---|
489 | } |
---|
490 | } |
---|
491 | |
---|
492 | redirect('profile.php?section=admin&id='.$id, $lang_profile['Group membership redirect']); |
---|
493 | } |
---|
494 | |
---|
495 | |
---|
496 | else if (isset($_POST['update_forums'])) |
---|
497 | { |
---|
498 | if ($pun_user['g_id'] > PUN_ADMIN) |
---|
499 | message($lang_common['No permission']); |
---|
500 | |
---|
501 | confirm_referrer('profile.php'); |
---|
502 | |
---|
503 | // Get the username of the user we are processing |
---|
504 | $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
505 | $username = $db->result($result); |
---|
506 | |
---|
507 | $moderator_in = (isset($_POST['moderator_in'])) ? array_keys($_POST['moderator_in']) : array(); |
---|
508 | |
---|
509 | // Loop through all forums |
---|
510 | $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); |
---|
511 | |
---|
512 | while ($cur_forum = $db->fetch_assoc($result)) |
---|
513 | { |
---|
514 | $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); |
---|
515 | // If the user should have moderator access (and he/she doesn't already have it) |
---|
516 | if (in_array($cur_forum['id'], $moderator_in) && !in_array($id, $cur_moderators)) |
---|
517 | { |
---|
518 | $cur_moderators[$username] = $id; |
---|
519 | uksort($cur_moderators, 'utf8_strcasecmp'); |
---|
520 | |
---|
521 | $db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
---|
522 | } |
---|
523 | // If the user shouldn't have moderator access (and he/she already has it) |
---|
524 | else if (!in_array($cur_forum['id'], $moderator_in) && in_array($id, $cur_moderators)) |
---|
525 | { |
---|
526 | unset($cur_moderators[$username]); |
---|
527 | $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; |
---|
528 | |
---|
529 | $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
---|
530 | } |
---|
531 | } |
---|
532 | |
---|
533 | redirect('profile.php?section=admin&id='.$id, $lang_profile['Update forums redirect']); |
---|
534 | } |
---|
535 | |
---|
536 | |
---|
537 | else if (isset($_POST['ban'])) |
---|
538 | { |
---|
539 | if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0')) |
---|
540 | message($lang_common['No permission']); |
---|
541 | |
---|
542 | // Get the username of the user we are banning |
---|
543 | $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch username', __FILE__, __LINE__, $db->error()); |
---|
544 | $username = $db->result($result); |
---|
545 | |
---|
546 | // Check whether user is already banned |
---|
547 | $result = $db->query('SELECT id FROM '.$db->prefix.'bans WHERE username = \''.$db->escape($username).'\' ORDER BY expire IS NULL DESC, expire DESC LIMIT 1') or error('Unable to fetch ban ID', __FILE__, __LINE__, $db->error()); |
---|
548 | if ($db->num_rows($result)) |
---|
549 | { |
---|
550 | $ban_id = $db->result($result); |
---|
551 | redirect('admin_bans.php?edit_ban='.$ban_id.'&exists', $lang_profile['Ban redirect']); |
---|
552 | } |
---|
553 | else |
---|
554 | redirect('admin_bans.php?add_ban='.$id, $lang_profile['Ban redirect']); |
---|
555 | } |
---|
556 | |
---|
557 | |
---|
558 | else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply'])) |
---|
559 | { |
---|
560 | if ($pun_user['g_id'] > PUN_ADMIN) |
---|
561 | message($lang_common['No permission']); |
---|
562 | |
---|
563 | confirm_referrer('profile.php'); |
---|
564 | |
---|
565 | // Get the username and group of the user we are deleting |
---|
566 | $result = $db->query('SELECT group_id, username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
567 | list($group_id, $username) = $db->fetch_row($result); |
---|
568 | |
---|
569 | if ($group_id == PUN_ADMIN) |
---|
570 | message($lang_profile['No delete admin message']); |
---|
571 | |
---|
572 | if (isset($_POST['delete_user_comply'])) |
---|
573 | { |
---|
574 | // If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well |
---|
575 | $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error()); |
---|
576 | $group_mod = $db->result($result); |
---|
577 | |
---|
578 | if ($group_id == PUN_ADMIN || $group_mod == '1') |
---|
579 | { |
---|
580 | $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); |
---|
581 | |
---|
582 | while ($cur_forum = $db->fetch_assoc($result)) |
---|
583 | { |
---|
584 | $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); |
---|
585 | |
---|
586 | if (in_array($id, $cur_moderators)) |
---|
587 | { |
---|
588 | unset($cur_moderators[$username]); |
---|
589 | $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; |
---|
590 | |
---|
591 | $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
---|
592 | } |
---|
593 | } |
---|
594 | } |
---|
595 | |
---|
596 | // Delete any subscriptions |
---|
597 | $db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$id) or error('Unable to delete topic subscriptions', __FILE__, __LINE__, $db->error()); |
---|
598 | $db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$id) or error('Unable to delete forum subscriptions', __FILE__, __LINE__, $db->error()); |
---|
599 | |
---|
600 | // Remove him/her from the online list (if they happen to be logged in) |
---|
601 | $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$id) or error('Unable to remove user from online list', __FILE__, __LINE__, $db->error()); |
---|
602 | |
---|
603 | // Should we delete all posts made by this user? |
---|
604 | if (isset($_POST['delete_posts'])) |
---|
605 | { |
---|
606 | require PUN_ROOT.'include/search_idx.php'; |
---|
607 | @set_time_limit(0); |
---|
608 | |
---|
609 | // Find all posts made by this user |
---|
610 | $result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id='.$id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error()); |
---|
611 | if ($db->num_rows($result)) |
---|
612 | { |
---|
613 | while ($cur_post = $db->fetch_assoc($result)) |
---|
614 | { |
---|
615 | // Determine whether this post is the "topic post" or not |
---|
616 | $result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); |
---|
617 | |
---|
618 | if ($db->result($result2) == $cur_post['id']) |
---|
619 | delete_topic($cur_post['topic_id']); |
---|
620 | else |
---|
621 | delete_post($cur_post['id'], $cur_post['topic_id']); |
---|
622 | |
---|
623 | update_forum($cur_post['forum_id']); |
---|
624 | } |
---|
625 | } |
---|
626 | } |
---|
627 | else |
---|
628 | // Set all his/her posts to guest |
---|
629 | $db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error()); |
---|
630 | |
---|
631 | // Delete the user |
---|
632 | $db->query('DELETE FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to delete user', __FILE__, __LINE__, $db->error()); |
---|
633 | |
---|
634 | // Delete user avatar |
---|
635 | delete_avatar($id); |
---|
636 | |
---|
637 | // Regenerate the users info cache |
---|
638 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
639 | require PUN_ROOT.'include/cache.php'; |
---|
640 | |
---|
641 | generate_users_info_cache(); |
---|
642 | |
---|
643 | redirect('index.php', $lang_profile['User delete redirect']); |
---|
644 | } |
---|
645 | |
---|
646 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Confirm delete user']); |
---|
647 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
648 | require PUN_ROOT.'header.php'; |
---|
649 | |
---|
650 | ?> |
---|
651 | <div class="blockform"> |
---|
652 | <h2><span><?php echo $lang_profile['Confirm delete user'] ?></span></h2> |
---|
653 | <div class="box"> |
---|
654 | <form id="confirm_del_user" method="post" action="profile.php?id=<?php echo $id ?>"> |
---|
655 | <div class="inform"> |
---|
656 | <fieldset> |
---|
657 | <legend><?php echo $lang_profile['Confirm delete legend'] ?></legend> |
---|
658 | <div class="infldset"> |
---|
659 | <p><?php echo $lang_profile['Confirmation info'].' <strong>'.pun_htmlspecialchars($username).'</strong>.' ?></p> |
---|
660 | <div class="rbox"> |
---|
661 | <label><input type="checkbox" name="delete_posts" value="1" checked="checked" /><?php echo $lang_profile['Delete posts'] ?><br /></label> |
---|
662 | </div> |
---|
663 | <p class="warntext"><strong><?php echo $lang_profile['Delete warning'] ?></strong></p> |
---|
664 | </div> |
---|
665 | </fieldset> |
---|
666 | </div> |
---|
667 | <p class="buttons"><input type="submit" name="delete_user_comply" value="<?php echo $lang_profile['Delete'] ?>" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> |
---|
668 | </form> |
---|
669 | </div> |
---|
670 | </div> |
---|
671 | <?php |
---|
672 | |
---|
673 | require PUN_ROOT.'footer.php'; |
---|
674 | } |
---|
675 | |
---|
676 | |
---|
677 | else if (isset($_POST['form_sent'])) |
---|
678 | { |
---|
679 | // Fetch the user group of the user we are editing |
---|
680 | $result = $db->query('SELECT u.username, u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
681 | if (!$db->num_rows($result)) |
---|
682 | message($lang_common['Bad request']); |
---|
683 | |
---|
684 | list($old_username, $group_id, $is_moderator) = $db->fetch_row($result); |
---|
685 | |
---|
686 | if ($pun_user['id'] != $id && // If we arent the user (i.e. editing your own profile) |
---|
687 | (!$pun_user['is_admmod'] || // and we are not an admin or mod |
---|
688 | ($pun_user['g_id'] != PUN_ADMIN && // or we aren't an admin and ... |
---|
689 | ($pun_user['g_mod_edit_users'] == '0' || // mods aren't allowed to edit users |
---|
690 | $group_id == PUN_ADMIN || // or the user is an admin |
---|
691 | $is_moderator)))) // or the user is another mod |
---|
692 | message($lang_common['No permission']); |
---|
693 | |
---|
694 | if ($pun_user['is_admmod']) |
---|
695 | confirm_referrer('profile.php'); |
---|
696 | |
---|
697 | $username_updated = false; |
---|
698 | |
---|
699 | // Validate input depending on section |
---|
700 | switch ($section) |
---|
701 | { |
---|
702 | case 'essentials': |
---|
703 | { |
---|
704 | $form = array( |
---|
705 | 'timezone' => floatval($_POST['form']['timezone']), |
---|
706 | 'dst' => isset($_POST['form']['dst']) ? '1' : '0', |
---|
707 | 'time_format' => intval($_POST['form']['time_format']), |
---|
708 | 'date_format' => intval($_POST['form']['date_format']), |
---|
709 | ); |
---|
710 | |
---|
711 | // Make sure we got a valid language string |
---|
712 | if (isset($_POST['form']['language'])) |
---|
713 | { |
---|
714 | $languages = forum_list_langs(); |
---|
715 | $form['language'] = pun_trim($_POST['form']['language']); |
---|
716 | if (!in_array($form['language'], $languages)) |
---|
717 | message($lang_common['Bad request']); |
---|
718 | } |
---|
719 | |
---|
720 | if ($pun_user['is_admmod']) |
---|
721 | { |
---|
722 | $form['admin_note'] = pun_trim($_POST['admin_note']); |
---|
723 | |
---|
724 | // Are we allowed to change usernames? |
---|
725 | if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_rename_users'] == '1')) |
---|
726 | { |
---|
727 | $form['username'] = pun_trim($_POST['req_username']); |
---|
728 | |
---|
729 | if ($form['username'] != $old_username) |
---|
730 | { |
---|
731 | // Check username |
---|
732 | require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php'; |
---|
733 | |
---|
734 | $errors = array(); |
---|
735 | check_username($form['username'], $id); |
---|
736 | if (!empty($errors)) |
---|
737 | message($errors[0]); |
---|
738 | |
---|
739 | $username_updated = true; |
---|
740 | } |
---|
741 | } |
---|
742 | |
---|
743 | // We only allow administrators to update the post count |
---|
744 | if ($pun_user['g_id'] == PUN_ADMIN) |
---|
745 | $form['num_posts'] = intval($_POST['num_posts']); |
---|
746 | } |
---|
747 | |
---|
748 | if ($pun_config['o_regs_verify'] == '0' || $pun_user['is_admmod']) |
---|
749 | { |
---|
750 | require PUN_ROOT.'include/email.php'; |
---|
751 | |
---|
752 | // Validate the email address |
---|
753 | $form['email'] = strtolower(trim($_POST['req_email'])); |
---|
754 | if (!is_valid_email($form['email'])) |
---|
755 | message($lang_common['Invalid email']); |
---|
756 | } |
---|
757 | |
---|
758 | break; |
---|
759 | } |
---|
760 | |
---|
761 | case 'personal': |
---|
762 | { |
---|
763 | $form = array( |
---|
764 | 'realname' => pun_trim($_POST['form']['realname']), |
---|
765 | 'url' => pun_trim($_POST['form']['url']), |
---|
766 | 'location' => pun_trim($_POST['form']['location']), |
---|
767 | ); |
---|
768 | |
---|
769 | // Add http:// if the URL doesn't contain it already (while allowing https://, too) |
---|
770 | if ($form['url'] != '') |
---|
771 | { |
---|
772 | $url = url_valid($form['url']); |
---|
773 | |
---|
774 | if ($url === false) |
---|
775 | message($lang_profile['Invalid website URL']); |
---|
776 | |
---|
777 | $form['url'] = $url['url']; |
---|
778 | } |
---|
779 | |
---|
780 | if ($pun_user['g_id'] == PUN_ADMIN) |
---|
781 | $form['title'] = pun_trim($_POST['title']); |
---|
782 | else if ($pun_user['g_set_title'] == '1') |
---|
783 | { |
---|
784 | $form['title'] = pun_trim($_POST['title']); |
---|
785 | |
---|
786 | if ($form['title'] != '') |
---|
787 | { |
---|
788 | // A list of words that the title may not contain |
---|
789 | // If the language is English, there will be some duplicates, but it's not the end of the world |
---|
790 | $forbidden = array('member', 'moderator', 'administrator', 'banned', 'guest', utf8_strtolower($lang_common['Member']), utf8_strtolower($lang_common['Moderator']), utf8_strtolower($lang_common['Administrator']), utf8_strtolower($lang_common['Banned']), utf8_strtolower($lang_common['Guest'])); |
---|
791 | |
---|
792 | if (in_array(utf8_strtolower($form['title']), $forbidden)) |
---|
793 | message($lang_profile['Forbidden title']); |
---|
794 | } |
---|
795 | } |
---|
796 | |
---|
797 | break; |
---|
798 | } |
---|
799 | |
---|
800 | case 'messaging': |
---|
801 | { |
---|
802 | $form = array( |
---|
803 | 'jabber' => pun_trim($_POST['form']['jabber']), |
---|
804 | 'icq' => pun_trim($_POST['form']['icq']), |
---|
805 | 'msn' => pun_trim($_POST['form']['msn']), |
---|
806 | 'aim' => pun_trim($_POST['form']['aim']), |
---|
807 | 'yahoo' => pun_trim($_POST['form']['yahoo']), |
---|
808 | ); |
---|
809 | |
---|
810 | // If the ICQ UIN contains anything other than digits it's invalid |
---|
811 | if (preg_match('%[^0-9]%', $form['icq'])) |
---|
812 | message($lang_prof_reg['Bad ICQ']); |
---|
813 | |
---|
814 | break; |
---|
815 | } |
---|
816 | |
---|
817 | case 'personality': |
---|
818 | { |
---|
819 | $form = array(); |
---|
820 | |
---|
821 | // Clean up signature from POST |
---|
822 | if ($pun_config['o_signatures'] == '1') |
---|
823 | { |
---|
824 | $form['signature'] = pun_linebreaks(pun_trim($_POST['signature'])); |
---|
825 | |
---|
826 | // Validate signature |
---|
827 | if (pun_strlen($form['signature']) > $pun_config['p_sig_length']) |
---|
828 | message(sprintf($lang_prof_reg['Sig too long'], $pun_config['p_sig_length'], pun_strlen($form['signature']) - $pun_config['p_sig_length'])); |
---|
829 | else if (substr_count($form['signature'], "\n") > ($pun_config['p_sig_lines']-1)) |
---|
830 | message(sprintf($lang_prof_reg['Sig too many lines'], $pun_config['p_sig_lines'])); |
---|
831 | else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$pun_user['is_admmod']) |
---|
832 | $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature'])); |
---|
833 | |
---|
834 | // Validate BBCode syntax |
---|
835 | if ($pun_config['p_sig_bbcode'] == '1') |
---|
836 | { |
---|
837 | require PUN_ROOT.'include/parser.php'; |
---|
838 | |
---|
839 | $errors = array(); |
---|
840 | |
---|
841 | $form['signature'] = preparse_bbcode($form['signature'], $errors, true); |
---|
842 | |
---|
843 | if(count($errors) > 0) |
---|
844 | message('<ul><li>'.implode('</li><li>', $errors).'</li></ul>'); |
---|
845 | } |
---|
846 | } |
---|
847 | |
---|
848 | break; |
---|
849 | } |
---|
850 | |
---|
851 | case 'display': |
---|
852 | { |
---|
853 | $form = array( |
---|
854 | 'disp_topics' => pun_trim($_POST['form']['disp_topics']), |
---|
855 | 'disp_posts' => pun_trim($_POST['form']['disp_posts']), |
---|
856 | 'show_smilies' => isset($_POST['form']['show_smilies']) ? '1' : '0', |
---|
857 | 'show_img' => isset($_POST['form']['show_img']) ? '1' : '0', |
---|
858 | 'show_img_sig' => isset($_POST['form']['show_img_sig']) ? '1' : '0', |
---|
859 | 'show_avatars' => isset($_POST['form']['show_avatars']) ? '1' : '0', |
---|
860 | 'show_sig' => isset($_POST['form']['show_sig']) ? '1' : '0', |
---|
861 | ); |
---|
862 | |
---|
863 | if ($form['disp_topics'] != '') |
---|
864 | { |
---|
865 | $form['disp_topics'] = intval($form['disp_topics']); |
---|
866 | if ($form['disp_topics'] < 3) |
---|
867 | $form['disp_topics'] = 3; |
---|
868 | else if ($form['disp_topics'] > 75) |
---|
869 | $form['disp_topics'] = 75; |
---|
870 | } |
---|
871 | |
---|
872 | if ($form['disp_posts'] != '') |
---|
873 | { |
---|
874 | $form['disp_posts'] = intval($form['disp_posts']); |
---|
875 | if ($form['disp_posts'] < 3) |
---|
876 | $form['disp_posts'] = 3; |
---|
877 | else if ($form['disp_posts'] > 75) |
---|
878 | $form['disp_posts'] = 75; |
---|
879 | } |
---|
880 | |
---|
881 | // Make sure we got a valid style string |
---|
882 | if (isset($_POST['form']['style'])) |
---|
883 | { |
---|
884 | $styles = forum_list_styles(); |
---|
885 | $form['style'] = pun_trim($_POST['form']['style']); |
---|
886 | if (!in_array($form['style'], $styles)) |
---|
887 | message($lang_common['Bad request']); |
---|
888 | } |
---|
889 | |
---|
890 | break; |
---|
891 | } |
---|
892 | |
---|
893 | case 'privacy': |
---|
894 | { |
---|
895 | $form = array( |
---|
896 | 'email_setting' => intval($_POST['form']['email_setting']), |
---|
897 | 'notify_with_post' => isset($_POST['form']['notify_with_post']) ? '1' : '0', |
---|
898 | 'auto_notify' => isset($_POST['form']['auto_notify']) ? '1' : '0', |
---|
899 | ); |
---|
900 | |
---|
901 | if ($form['email_setting'] < 0 || $form['email_setting'] > 2) |
---|
902 | $form['email_setting'] = $pun_config['o_default_email_setting']; |
---|
903 | |
---|
904 | break; |
---|
905 | } |
---|
906 | |
---|
907 | default: |
---|
908 | message($lang_common['Bad request']); |
---|
909 | } |
---|
910 | |
---|
911 | |
---|
912 | // Single quotes around non-empty values and NULL for empty values |
---|
913 | $temp = array(); |
---|
914 | foreach ($form as $key => $input) |
---|
915 | { |
---|
916 | $value = ($input !== '') ? '\''.$db->escape($input).'\'' : 'NULL'; |
---|
917 | |
---|
918 | $temp[] = $key.'='.$value; |
---|
919 | } |
---|
920 | |
---|
921 | if (empty($temp)) |
---|
922 | message($lang_common['Bad request']); |
---|
923 | |
---|
924 | |
---|
925 | $db->query('UPDATE '.$db->prefix.'users SET '.implode(',', $temp).' WHERE id='.$id) or error('Unable to update profile', __FILE__, __LINE__, $db->error()); |
---|
926 | |
---|
927 | // If we changed the username we have to update some stuff |
---|
928 | if ($username_updated) |
---|
929 | { |
---|
930 | $db->query('UPDATE '.$db->prefix.'posts SET poster=\''.$db->escape($form['username']).'\' WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error()); |
---|
931 | $db->query('UPDATE '.$db->prefix.'posts SET edited_by=\''.$db->escape($form['username']).'\' WHERE edited_by=\''.$db->escape($old_username).'\'') or error('Unable to update posts', __FILE__, __LINE__, $db->error()); |
---|
932 | $db->query('UPDATE '.$db->prefix.'topics SET poster=\''.$db->escape($form['username']).'\' WHERE poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error()); |
---|
933 | $db->query('UPDATE '.$db->prefix.'topics SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error()); |
---|
934 | $db->query('UPDATE '.$db->prefix.'forums SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update forums', __FILE__, __LINE__, $db->error()); |
---|
935 | $db->query('UPDATE '.$db->prefix.'online SET ident=\''.$db->escape($form['username']).'\' WHERE ident=\''.$db->escape($old_username).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error()); |
---|
936 | |
---|
937 | // If the user is a moderator or an administrator we have to update the moderator lists |
---|
938 | $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
939 | $group_id = $db->result($result); |
---|
940 | |
---|
941 | $result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group', __FILE__, __LINE__, $db->error()); |
---|
942 | $group_mod = $db->result($result); |
---|
943 | |
---|
944 | if ($group_id == PUN_ADMIN || $group_mod == '1') |
---|
945 | { |
---|
946 | $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); |
---|
947 | |
---|
948 | while ($cur_forum = $db->fetch_assoc($result)) |
---|
949 | { |
---|
950 | $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); |
---|
951 | |
---|
952 | if (in_array($id, $cur_moderators)) |
---|
953 | { |
---|
954 | unset($cur_moderators[$old_username]); |
---|
955 | $cur_moderators[$form['username']] = $id; |
---|
956 | uksort($cur_moderators, 'utf8_strcasecmp'); |
---|
957 | |
---|
958 | $db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); |
---|
959 | } |
---|
960 | } |
---|
961 | } |
---|
962 | |
---|
963 | // Regenerate the users info cache |
---|
964 | if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) |
---|
965 | require PUN_ROOT.'include/cache.php'; |
---|
966 | |
---|
967 | generate_users_info_cache(); |
---|
968 | } |
---|
969 | |
---|
970 | redirect('profile.php?section='.$section.'&id='.$id, $lang_profile['Profile redirect']); |
---|
971 | } |
---|
972 | |
---|
973 | |
---|
974 | $result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.notify_with_post, u.auto_notify, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.dst, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, u.date_format, u.time_format, u.last_visit, g.g_id, g.g_user_title, g.g_moderator FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
---|
975 | if (!$db->num_rows($result)) |
---|
976 | message($lang_common['Bad request']); |
---|
977 | |
---|
978 | $user = $db->fetch_assoc($result); |
---|
979 | |
---|
980 | $last_post = format_time($user['last_post']); |
---|
981 | |
---|
982 | if ($user['signature'] != '') |
---|
983 | { |
---|
984 | require PUN_ROOT.'include/parser.php'; |
---|
985 | $parsed_signature = parse_signature($user['signature']); |
---|
986 | } |
---|
987 | |
---|
988 | |
---|
989 | // View or edit? |
---|
990 | if ($pun_user['id'] != $id && // If we arent the user (i.e. editing your own profile) |
---|
991 | (!$pun_user['is_admmod'] || // and we are not an admin or mod |
---|
992 | ($pun_user['g_id'] != PUN_ADMIN && // or we aren't an admin and ... |
---|
993 | ($pun_user['g_mod_edit_users'] == '0' || // mods aren't allowed to edit users |
---|
994 | $user['g_id'] == PUN_ADMIN || // or the user is an admin |
---|
995 | $user['g_moderator'] == '1')))) // or the user is another mod |
---|
996 | { |
---|
997 | $user_personal = array(); |
---|
998 | |
---|
999 | $user_personal[] = '<dt>'.$lang_common['Username'].'</dt>'; |
---|
1000 | $user_personal[] = '<dd>'.pun_htmlspecialchars($user['username']).'</dd>'; |
---|
1001 | |
---|
1002 | $user_title_field = get_title($user); |
---|
1003 | $user_personal[] = '<dt>'.$lang_common['Title'].'</dt>'; |
---|
1004 | $user_personal[] = '<dd>'.(($pun_config['o_censoring'] == '1') ? censor_words($user_title_field) : $user_title_field).'</dd>'; |
---|
1005 | |
---|
1006 | if ($user['realname'] != '') |
---|
1007 | { |
---|
1008 | $user_personal[] = '<dt>'.$lang_profile['Realname'].'</dt>'; |
---|
1009 | $user_personal[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['realname']) : $user['realname']).'</dd>'; |
---|
1010 | } |
---|
1011 | |
---|
1012 | if ($user['location'] != '') |
---|
1013 | { |
---|
1014 | $user_personal[] = '<dt>'.$lang_profile['Location'].'</dt>'; |
---|
1015 | $user_personal[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['location']) : $user['location']).'</dd>'; |
---|
1016 | } |
---|
1017 | |
---|
1018 | if ($user['url'] != '') |
---|
1019 | { |
---|
1020 | $user['url'] = pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['url']) : $user['url']); |
---|
1021 | $user_personal[] = '<dt>'.$lang_profile['Website'].'</dt>'; |
---|
1022 | $user_personal[] = '<dd><span class="website"><a href="'.$user['url'].'">'.$user['url'].'</a></span></dd>'; |
---|
1023 | } |
---|
1024 | |
---|
1025 | if ($user['email_setting'] == '0' && !$pun_user['is_guest'] && $pun_user['g_send_email'] == '1') |
---|
1026 | $email_field = '<a href="mailto:'.$user['email'].'">'.$user['email'].'</a>'; |
---|
1027 | else if ($user['email_setting'] == '1' && !$pun_user['is_guest'] && $pun_user['g_send_email'] == '1') |
---|
1028 | $email_field = '<a href="misc.php?email='.$id.'">'.$lang_common['Send email'].'</a>'; |
---|
1029 | else |
---|
1030 | $email_field = ''; |
---|
1031 | if ($email_field != '') |
---|
1032 | { |
---|
1033 | $user_personal[] = '<dt>'.$lang_common['Email'].'</dt>'; |
---|
1034 | $user_personal[] = '<dd><span class="email">'.$email_field.'</span></dd>'; |
---|
1035 | } |
---|
1036 | |
---|
1037 | $user_messaging = array(); |
---|
1038 | |
---|
1039 | if ($user['jabber'] != '') |
---|
1040 | { |
---|
1041 | $user_messaging[] = '<dt>'.$lang_profile['Jabber'].'</dt>'; |
---|
1042 | $user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['jabber']) : $user['jabber']).'</dd>'; |
---|
1043 | } |
---|
1044 | |
---|
1045 | if ($user['icq'] != '') |
---|
1046 | { |
---|
1047 | $user_messaging[] = '<dt>'.$lang_profile['ICQ'].'</dt>'; |
---|
1048 | $user_messaging[] = '<dd>'.$user['icq'].'</dd>'; |
---|
1049 | } |
---|
1050 | |
---|
1051 | if ($user['msn'] != '') |
---|
1052 | { |
---|
1053 | $user_messaging[] = '<dt>'.$lang_profile['MSN'].'</dt>'; |
---|
1054 | $user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['msn']) : $user['msn']).'</dd>'; |
---|
1055 | } |
---|
1056 | |
---|
1057 | if ($user['aim'] != '') |
---|
1058 | { |
---|
1059 | $user_messaging[] = '<dt>'.$lang_profile['AOL IM'].'</dt>'; |
---|
1060 | $user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['aim']) : $user['aim']).'</dd>'; |
---|
1061 | } |
---|
1062 | |
---|
1063 | if ($user['yahoo'] != '') |
---|
1064 | { |
---|
1065 | $user_messaging[] = '<dt>'.$lang_profile['Yahoo'].'</dt>'; |
---|
1066 | $user_messaging[] = '<dd>'.pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['yahoo']) : $user['yahoo']).'</dd>'; |
---|
1067 | } |
---|
1068 | |
---|
1069 | $user_personality = array(); |
---|
1070 | |
---|
1071 | if ($pun_config['o_avatars'] == '1') |
---|
1072 | { |
---|
1073 | $avatar_field = generate_avatar_markup($id); |
---|
1074 | if ($avatar_field != '') |
---|
1075 | { |
---|
1076 | $user_personality[] = '<dt>'.$lang_profile['Avatar'].'</dt>'; |
---|
1077 | $user_personality[] = '<dd>'.$avatar_field.'</dd>'; |
---|
1078 | } |
---|
1079 | } |
---|
1080 | |
---|
1081 | if ($pun_config['o_signatures'] == '1') |
---|
1082 | { |
---|
1083 | if (isset($parsed_signature)) |
---|
1084 | { |
---|
1085 | $user_personality[] = '<dt>'.$lang_profile['Signature'].'</dt>'; |
---|
1086 | $user_personality[] = '<dd><div class="postsignature postmsg">'.$parsed_signature.'</div></dd>'; |
---|
1087 | } |
---|
1088 | } |
---|
1089 | |
---|
1090 | $user_activity = array(); |
---|
1091 | |
---|
1092 | $posts_field = ''; |
---|
1093 | if ($pun_config['o_show_post_count'] == '1' || $pun_user['is_admmod']) |
---|
1094 | $posts_field = forum_number_format($user['num_posts']); |
---|
1095 | if ($pun_user['g_search'] == '1') |
---|
1096 | { |
---|
1097 | $quick_searches = array(); |
---|
1098 | if ($user['num_posts'] > 0) |
---|
1099 | { |
---|
1100 | $quick_searches[] = '<a href="search.php?action=show_user_topics&user_id='.$id.'">'.$lang_profile['Show topics'].'</a>'; |
---|
1101 | $quick_searches[] = '<a href="search.php?action=show_user_posts&user_id='.$id.'">'.$lang_profile['Show posts'].'</a>'; |
---|
1102 | } |
---|
1103 | if ($pun_user['is_admmod'] && $pun_config['o_topic_subscriptions'] == '1') |
---|
1104 | $quick_searches[] = '<a href="search.php?action=show_subscriptions&user_id='.$id.'">'.$lang_profile['Show subscriptions'].'</a>'; |
---|
1105 | |
---|
1106 | if (!empty($quick_searches)) |
---|
1107 | $posts_field .= (($posts_field != '') ? ' - ' : '').implode(' - ', $quick_searches); |
---|
1108 | } |
---|
1109 | if ($posts_field != '') |
---|
1110 | { |
---|
1111 | $user_activity[] = '<dt>'.$lang_common['Posts'].'</dt>'; |
---|
1112 | $user_activity[] = '<dd>'.$posts_field.'</dd>'; |
---|
1113 | } |
---|
1114 | |
---|
1115 | if ($user['num_posts'] > 0) |
---|
1116 | { |
---|
1117 | $user_activity[] = '<dt>'.$lang_common['Last post'].'</dt>'; |
---|
1118 | $user_activity[] = '<dd>'.$last_post.'</dd>'; |
---|
1119 | } |
---|
1120 | |
---|
1121 | $user_activity[] = '<dt>'.$lang_common['Registered'].'</dt>'; |
---|
1122 | $user_activity[] = '<dd>'.format_time($user['registered'], true).'</dd>'; |
---|
1123 | |
---|
1124 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), sprintf($lang_profile['Users profile'], pun_htmlspecialchars($user['username']))); |
---|
1125 | define('PUN_ALLOW_INDEX', 1); |
---|
1126 | define('PUN_ACTIVE_PAGE', 'index'); |
---|
1127 | require PUN_ROOT.'header.php'; |
---|
1128 | |
---|
1129 | ?> |
---|
1130 | <div id="viewprofile" class="block"> |
---|
1131 | <h2><span><?php echo $lang_common['Profile'] ?></span></h2> |
---|
1132 | <div class="box"> |
---|
1133 | <div class="fakeform"> |
---|
1134 | <div class="inform"> |
---|
1135 | <fieldset> |
---|
1136 | <legend><?php echo $lang_profile['Section personal'] ?></legend> |
---|
1137 | <div class="infldset"> |
---|
1138 | <dl> |
---|
1139 | <?php echo implode("\n\t\t\t\t\t\t\t", $user_personal)."\n" ?> |
---|
1140 | </dl> |
---|
1141 | <div class="clearer"></div> |
---|
1142 | </div> |
---|
1143 | </fieldset> |
---|
1144 | </div> |
---|
1145 | <?php if (!empty($user_messaging)): ?> <div class="inform"> |
---|
1146 | <fieldset> |
---|
1147 | <legend><?php echo $lang_profile['Section messaging'] ?></legend> |
---|
1148 | <div class="infldset"> |
---|
1149 | <dl> |
---|
1150 | <?php echo implode("\n\t\t\t\t\t\t\t", $user_messaging)."\n" ?> |
---|
1151 | </dl> |
---|
1152 | <div class="clearer"></div> |
---|
1153 | </div> |
---|
1154 | </fieldset> |
---|
1155 | </div> |
---|
1156 | <?php endif; if (!empty($user_personality)): ?> <div class="inform"> |
---|
1157 | <fieldset> |
---|
1158 | <legend><?php echo $lang_profile['Section personality'] ?></legend> |
---|
1159 | <div class="infldset"> |
---|
1160 | <dl> |
---|
1161 | <?php echo implode("\n\t\t\t\t\t\t\t", $user_personality)."\n" ?> |
---|
1162 | </dl> |
---|
1163 | <div class="clearer"></div> |
---|
1164 | </div> |
---|
1165 | </fieldset> |
---|
1166 | </div> |
---|
1167 | <?php endif; ?> <div class="inform"> |
---|
1168 | <fieldset> |
---|
1169 | <legend><?php echo $lang_profile['User activity'] ?></legend> |
---|
1170 | <div class="infldset"> |
---|
1171 | <dl> |
---|
1172 | <?php echo implode("\n\t\t\t\t\t\t\t", $user_activity)."\n" ?> |
---|
1173 | </dl> |
---|
1174 | <div class="clearer"></div> |
---|
1175 | </div> |
---|
1176 | </fieldset> |
---|
1177 | </div> |
---|
1178 | </div> |
---|
1179 | </div> |
---|
1180 | </div> |
---|
1181 | |
---|
1182 | <?php |
---|
1183 | |
---|
1184 | require PUN_ROOT.'footer.php'; |
---|
1185 | } |
---|
1186 | else |
---|
1187 | { |
---|
1188 | if (!$section || $section == 'essentials') |
---|
1189 | { |
---|
1190 | if ($pun_user['is_admmod']) |
---|
1191 | { |
---|
1192 | if ($pun_user['g_id'] == PUN_ADMIN || $pun_user['g_mod_rename_users'] == '1') |
---|
1193 | $username_field = '<label class="required"><strong>'.$lang_common['Username'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25" /><br /></label>'."\n"; |
---|
1194 | else |
---|
1195 | $username_field = '<p>'.sprintf($lang_profile['Username info'], pun_htmlspecialchars($user['username'])).'</p>'."\n"; |
---|
1196 | |
---|
1197 | $email_field = '<label class="required"><strong>'.$lang_common['Email'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="80" /><br /></label><p><span class="email"><a href="misc.php?email='.$id.'">'.$lang_common['Send email'].'</a></span></p>'."\n"; |
---|
1198 | } |
---|
1199 | else |
---|
1200 | { |
---|
1201 | $username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n"; |
---|
1202 | |
---|
1203 | if ($pun_config['o_regs_verify'] == '1') |
---|
1204 | $email_field = '<p>'.sprintf($lang_profile['Email info'], $user['email'].' - <a href="profile.php?action=change_email&id='.$id.'">'.$lang_profile['Change email'].'</a>').'</p>'."\n"; |
---|
1205 | else |
---|
1206 | $email_field = '<label class="required"><strong>'.$lang_common['Email'].' <span>'.$lang_common['Required'].'</span></strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="80" /><br /></label>'."\n"; |
---|
1207 | } |
---|
1208 | |
---|
1209 | $posts_field = ''; |
---|
1210 | $posts_actions = array(); |
---|
1211 | |
---|
1212 | if ($pun_user['g_id'] == PUN_ADMIN) |
---|
1213 | $posts_field .= '<label>'.$lang_common['Posts'].'<br /><input type="text" name="num_posts" value="'.$user['num_posts'].'" size="8" maxlength="8" /><br /></label>'; |
---|
1214 | else if ($pun_config['o_show_post_count'] == '1' || $pun_user['is_admmod']) |
---|
1215 | $posts_actions[] = sprintf($lang_profile['Posts info'], forum_number_format($user['num_posts'])); |
---|
1216 | |
---|
1217 | if ($pun_user['g_search'] == '1' || $pun_user['g_id'] == PUN_ADMIN) |
---|
1218 | { |
---|
1219 | $posts_actions[] = '<a href="search.php?action=show_user_topics&user_id='.$id.'">'.$lang_profile['Show topics'].'</a>'; |
---|
1220 | $posts_actions[] = '<a href="search.php?action=show_user_posts&user_id='.$id.'">'.$lang_profile['Show posts'].'</a>'; |
---|
1221 | |
---|
1222 | if ($pun_config['o_topic_subscriptions'] == '1') |
---|
1223 | $posts_actions[] = '<a href="search.php?action=show_subscriptions&user_id='.$id.'">'.$lang_profile['Show subscriptions'].'</a>'; |
---|
1224 | } |
---|
1225 | |
---|
1226 | $posts_field .= (!empty($posts_actions) ? '<p class="actions">'.implode(' - ', $posts_actions).'</p>' : '')."\n"; |
---|
1227 | |
---|
1228 | |
---|
1229 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section essentials']); |
---|
1230 | $required_fields = array('req_username' => $lang_common['Username'], 'req_email' => $lang_common['Email']); |
---|
1231 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1232 | require PUN_ROOT.'header.php'; |
---|
1233 | |
---|
1234 | generate_profile_menu('essentials'); |
---|
1235 | |
---|
1236 | ?> |
---|
1237 | <div class="blockform"> |
---|
1238 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section essentials'] ?></span></h2> |
---|
1239 | <div class="box"> |
---|
1240 | <form id="profile1" method="post" action="profile.php?section=essentials&id=<?php echo $id ?>" onsubmit="return process_form(this)"> |
---|
1241 | <div class="inform"> |
---|
1242 | <fieldset> |
---|
1243 | <legend><?php echo $lang_profile['Username and pass legend'] ?></legend> |
---|
1244 | <div class="infldset"> |
---|
1245 | <input type="hidden" name="form_sent" value="1" /> |
---|
1246 | <?php echo $username_field ?> |
---|
1247 | <?php if ($pun_user['id'] == $id || $pun_user['g_id'] == PUN_ADMIN || ($user['g_moderator'] == '0' && $pun_user['g_mod_change_passwords'] == '1')): ?> <p class="actions"><span><a href="profile.php?action=change_pass&id=<?php echo $id ?>"><?php echo $lang_profile['Change pass'] ?></a></span></p> |
---|
1248 | <?php endif; ?> </div> |
---|
1249 | </fieldset> |
---|
1250 | </div> |
---|
1251 | <div class="inform"> |
---|
1252 | <fieldset> |
---|
1253 | <legend><?php echo $lang_prof_reg['Email legend'] ?></legend> |
---|
1254 | <div class="infldset"> |
---|
1255 | <?php echo $email_field ?> |
---|
1256 | </div> |
---|
1257 | </fieldset> |
---|
1258 | </div> |
---|
1259 | <div class="inform"> |
---|
1260 | <fieldset> |
---|
1261 | <legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend> |
---|
1262 | <div class="infldset"> |
---|
1263 | <p><?php echo $lang_prof_reg['Time zone info'] ?></p> |
---|
1264 | <label><?php echo $lang_prof_reg['Time zone']."\n" ?> |
---|
1265 | <br /><select name="form[timezone]"> |
---|
1266 | <option value="-12"<?php if ($user['timezone'] == -12) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-12:00'] ?></option> |
---|
1267 | <option value="-11"<?php if ($user['timezone'] == -11) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-11:00'] ?></option> |
---|
1268 | <option value="-10"<?php if ($user['timezone'] == -10) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-10:00'] ?></option> |
---|
1269 | <option value="-9.5"<?php if ($user['timezone'] == -9.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-09:30'] ?></option> |
---|
1270 | <option value="-9"<?php if ($user['timezone'] == -9) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-09:00'] ?></option> |
---|
1271 | <option value="-8.5"<?php if ($user['timezone'] == -8.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-08:30'] ?></option> |
---|
1272 | <option value="-8"<?php if ($user['timezone'] == -8) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-08:00'] ?></option> |
---|
1273 | <option value="-7"<?php if ($user['timezone'] == -7) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-07:00'] ?></option> |
---|
1274 | <option value="-6"<?php if ($user['timezone'] == -6) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-06:00'] ?></option> |
---|
1275 | <option value="-5"<?php if ($user['timezone'] == -5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-05:00'] ?></option> |
---|
1276 | <option value="-4"<?php if ($user['timezone'] == -4) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-04:00'] ?></option> |
---|
1277 | <option value="-3.5"<?php if ($user['timezone'] == -3.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-03:30'] ?></option> |
---|
1278 | <option value="-3"<?php if ($user['timezone'] == -3) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-03:00'] ?></option> |
---|
1279 | <option value="-2"<?php if ($user['timezone'] == -2) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-02:00'] ?></option> |
---|
1280 | <option value="-1"<?php if ($user['timezone'] == -1) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC-01:00'] ?></option> |
---|
1281 | <option value="0"<?php if ($user['timezone'] == 0) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC'] ?></option> |
---|
1282 | <option value="1"<?php if ($user['timezone'] == 1) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+01:00'] ?></option> |
---|
1283 | <option value="2"<?php if ($user['timezone'] == 2) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+02:00'] ?></option> |
---|
1284 | <option value="3"<?php if ($user['timezone'] == 3) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+03:00'] ?></option> |
---|
1285 | <option value="3.5"<?php if ($user['timezone'] == 3.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+03:30'] ?></option> |
---|
1286 | <option value="4"<?php if ($user['timezone'] == 4) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+04:00'] ?></option> |
---|
1287 | <option value="4.5"<?php if ($user['timezone'] == 4.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+04:30'] ?></option> |
---|
1288 | <option value="5"<?php if ($user['timezone'] == 5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:00'] ?></option> |
---|
1289 | <option value="5.5"<?php if ($user['timezone'] == 5.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:30'] ?></option> |
---|
1290 | <option value="5.75"<?php if ($user['timezone'] == 5.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+05:45'] ?></option> |
---|
1291 | <option value="6"<?php if ($user['timezone'] == 6) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+06:00'] ?></option> |
---|
1292 | <option value="6.5"<?php if ($user['timezone'] == 6.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+06:30'] ?></option> |
---|
1293 | <option value="7"<?php if ($user['timezone'] == 7) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+07:00'] ?></option> |
---|
1294 | <option value="8"<?php if ($user['timezone'] == 8) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+08:00'] ?></option> |
---|
1295 | <option value="8.75"<?php if ($user['timezone'] == 8.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+08:45'] ?></option> |
---|
1296 | <option value="9"<?php if ($user['timezone'] == 9) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+09:00'] ?></option> |
---|
1297 | <option value="9.5"<?php if ($user['timezone'] == 9.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+09:30'] ?></option> |
---|
1298 | <option value="10"<?php if ($user['timezone'] == 10) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+10:00'] ?></option> |
---|
1299 | <option value="10.5"<?php if ($user['timezone'] == 10.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+10:30'] ?></option> |
---|
1300 | <option value="11"<?php if ($user['timezone'] == 11) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+11:00'] ?></option> |
---|
1301 | <option value="11.5"<?php if ($user['timezone'] == 11.5) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+11:30'] ?></option> |
---|
1302 | <option value="12"<?php if ($user['timezone'] == 12) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+12:00'] ?></option> |
---|
1303 | <option value="12.75"<?php if ($user['timezone'] == 12.75) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+12:45'] ?></option> |
---|
1304 | <option value="13"<?php if ($user['timezone'] == 13) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+13:00'] ?></option> |
---|
1305 | <option value="14"<?php if ($user['timezone'] == 14) echo ' selected="selected"' ?>><?php echo $lang_prof_reg['UTC+14:00'] ?></option> |
---|
1306 | </select> |
---|
1307 | <br /></label> |
---|
1308 | <div class="rbox"> |
---|
1309 | <label><input type="checkbox" name="form[dst]" value="1"<?php if ($user['dst'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['DST'] ?><br /></label> |
---|
1310 | </div> |
---|
1311 | <label><?php echo $lang_prof_reg['Time format'] ?> |
---|
1312 | |
---|
1313 | <br /><select name="form[time_format]"> |
---|
1314 | <?php |
---|
1315 | foreach (array_unique($forum_time_formats) as $key => $time_format) |
---|
1316 | { |
---|
1317 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$key.'"'; |
---|
1318 | if ($user['time_format'] == $key) |
---|
1319 | echo ' selected="selected"'; |
---|
1320 | echo '>'. format_time(time(), false, null, $time_format, true, true); |
---|
1321 | if ($key == 0) |
---|
1322 | echo ' ('.$lang_prof_reg['Default'].')'; |
---|
1323 | echo "</option>\n"; |
---|
1324 | } |
---|
1325 | ?> |
---|
1326 | </select> |
---|
1327 | <br /></label> |
---|
1328 | <label><?php echo $lang_prof_reg['Date format'] ?> |
---|
1329 | |
---|
1330 | <br /><select name="form[date_format]"> |
---|
1331 | <?php |
---|
1332 | foreach (array_unique($forum_date_formats) as $key => $date_format) |
---|
1333 | { |
---|
1334 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$key.'"'; |
---|
1335 | if ($user['date_format'] == $key) |
---|
1336 | echo ' selected="selected"'; |
---|
1337 | echo '>'. format_time(time(), true, $date_format, null, false, true); |
---|
1338 | if ($key == 0) |
---|
1339 | echo ' ('.$lang_prof_reg['Default'].')'; |
---|
1340 | echo "</option>\n"; |
---|
1341 | } |
---|
1342 | ?> |
---|
1343 | </select> |
---|
1344 | <br /></label> |
---|
1345 | |
---|
1346 | <?php |
---|
1347 | |
---|
1348 | $languages = forum_list_langs(); |
---|
1349 | |
---|
1350 | // Only display the language selection box if there's more than one language available |
---|
1351 | if (count($languages) > 1) |
---|
1352 | { |
---|
1353 | |
---|
1354 | ?> |
---|
1355 | <label><?php echo $lang_prof_reg['Language'] ?> |
---|
1356 | <br /><select name="form[language]"> |
---|
1357 | <?php |
---|
1358 | |
---|
1359 | foreach ($languages as $temp) |
---|
1360 | { |
---|
1361 | if ($user['language'] == $temp) |
---|
1362 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.$temp.'</option>'."\n"; |
---|
1363 | else |
---|
1364 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.$temp.'</option>'."\n"; |
---|
1365 | } |
---|
1366 | |
---|
1367 | ?> |
---|
1368 | </select> |
---|
1369 | <br /></label> |
---|
1370 | <?php |
---|
1371 | |
---|
1372 | } |
---|
1373 | |
---|
1374 | ?> |
---|
1375 | </div> |
---|
1376 | </fieldset> |
---|
1377 | </div> |
---|
1378 | <div class="inform"> |
---|
1379 | <fieldset> |
---|
1380 | <legend><?php echo $lang_profile['User activity'] ?></legend> |
---|
1381 | <div class="infldset"> |
---|
1382 | <p><?php printf($lang_profile['Registered info'], format_time($user['registered'], true).(($pun_user['is_admmod']) ? ' (<a href="moderate.php?get_host='.pun_htmlspecialchars($user['registration_ip']).'">'.pun_htmlspecialchars($user['registration_ip']).'</a>)' : '')) ?></p> |
---|
1383 | <p><?php printf($lang_profile['Last post info'], $last_post) ?></p> |
---|
1384 | <p><?php printf($lang_profile['Last visit info'], format_time($user['last_visit'])) ?></p> |
---|
1385 | <?php echo $posts_field ?> |
---|
1386 | <?php if ($pun_user['is_admmod']): ?> <label><?php echo $lang_profile['Admin note'] ?><br /> |
---|
1387 | <input id="admin_note" type="text" name="admin_note" value="<?php echo pun_htmlspecialchars($user['admin_note']) ?>" size="30" maxlength="30" /><br /></label> |
---|
1388 | <?php endif; ?> </div> |
---|
1389 | </fieldset> |
---|
1390 | </div> |
---|
1391 | <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1392 | </form> |
---|
1393 | </div> |
---|
1394 | </div> |
---|
1395 | <?php |
---|
1396 | |
---|
1397 | } |
---|
1398 | else if ($section == 'personal') |
---|
1399 | { |
---|
1400 | if ($pun_user['g_set_title'] == '1') |
---|
1401 | $title_field = '<label>'.$lang_common['Title'].' <em>('.$lang_profile['Leave blank'].')</em><br /><input type="text" name="title" value="'.pun_htmlspecialchars($user['title']).'" size="30" maxlength="50" /><br /></label>'."\n"; |
---|
1402 | |
---|
1403 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personal']); |
---|
1404 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1405 | require PUN_ROOT.'header.php'; |
---|
1406 | |
---|
1407 | generate_profile_menu('personal'); |
---|
1408 | |
---|
1409 | ?> |
---|
1410 | <div class="blockform"> |
---|
1411 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personal'] ?></span></h2> |
---|
1412 | <div class="box"> |
---|
1413 | <form id="profile2" method="post" action="profile.php?section=personal&id=<?php echo $id ?>"> |
---|
1414 | <div class="inform"> |
---|
1415 | <fieldset> |
---|
1416 | <legend><?php echo $lang_profile['Personal details legend'] ?></legend> |
---|
1417 | <div class="infldset"> |
---|
1418 | <input type="hidden" name="form_sent" value="1" /> |
---|
1419 | <label><?php echo $lang_profile['Realname'] ?><br /><input type="text" name="form[realname]" value="<?php echo pun_htmlspecialchars($user['realname']) ?>" size="40" maxlength="40" /><br /></label> |
---|
1420 | <?php if (isset($title_field)): ?> <?php echo $title_field ?> |
---|
1421 | <?php endif; ?> <label><?php echo $lang_profile['Location'] ?><br /><input type="text" name="form[location]" value="<?php echo pun_htmlspecialchars($user['location']) ?>" size="30" maxlength="30" /><br /></label> |
---|
1422 | <label><?php echo $lang_profile['Website'] ?><br /><input type="text" name="form[url]" value="<?php echo pun_htmlspecialchars($user['url']) ?>" size="50" maxlength="80" /><br /></label> |
---|
1423 | </div> |
---|
1424 | </fieldset> |
---|
1425 | </div> |
---|
1426 | <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1427 | </form> |
---|
1428 | </div> |
---|
1429 | </div> |
---|
1430 | <?php |
---|
1431 | |
---|
1432 | } |
---|
1433 | else if ($section == 'messaging') |
---|
1434 | { |
---|
1435 | |
---|
1436 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section messaging']); |
---|
1437 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1438 | require PUN_ROOT.'header.php'; |
---|
1439 | |
---|
1440 | generate_profile_menu('messaging'); |
---|
1441 | |
---|
1442 | ?> |
---|
1443 | <div class="blockform"> |
---|
1444 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section messaging'] ?></span></h2> |
---|
1445 | <div class="box"> |
---|
1446 | <form id="profile3" method="post" action="profile.php?section=messaging&id=<?php echo $id ?>"> |
---|
1447 | <div class="inform"> |
---|
1448 | <fieldset> |
---|
1449 | <legend><?php echo $lang_profile['Contact details legend'] ?></legend> |
---|
1450 | <div class="infldset"> |
---|
1451 | <input type="hidden" name="form_sent" value="1" /> |
---|
1452 | <label><?php echo $lang_profile['Jabber'] ?><br /><input id="jabber" type="text" name="form[jabber]" value="<?php echo pun_htmlspecialchars($user['jabber']) ?>" size="40" maxlength="75" /><br /></label> |
---|
1453 | <label><?php echo $lang_profile['ICQ'] ?><br /><input id="icq" type="text" name="form[icq]" value="<?php echo $user['icq'] ?>" size="12" maxlength="12" /><br /></label> |
---|
1454 | <label><?php echo $lang_profile['MSN'] ?><br /><input id="msn" type="text" name="form[msn]" value="<?php echo pun_htmlspecialchars($user['msn']) ?>" size="40" maxlength="50" /><br /></label> |
---|
1455 | <label><?php echo $lang_profile['AOL IM'] ?><br /><input id="aim" type="text" name="form[aim]" value="<?php echo pun_htmlspecialchars($user['aim']) ?>" size="20" maxlength="30" /><br /></label> |
---|
1456 | <label><?php echo $lang_profile['Yahoo'] ?><br /><input id="yahoo" type="text" name="form[yahoo]" value="<?php echo pun_htmlspecialchars($user['yahoo']) ?>" size="20" maxlength="30" /><br /></label> |
---|
1457 | </div> |
---|
1458 | </fieldset> |
---|
1459 | </div> |
---|
1460 | <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1461 | </form> |
---|
1462 | </div> |
---|
1463 | </div> |
---|
1464 | <?php |
---|
1465 | |
---|
1466 | } |
---|
1467 | else if ($section == 'personality') |
---|
1468 | { |
---|
1469 | if ($pun_config['o_avatars'] == '0' && $pun_config['o_signatures'] == '0') |
---|
1470 | message($lang_common['Bad request']); |
---|
1471 | |
---|
1472 | $avatar_field = '<span><a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Change avatar'].'</a></span>'; |
---|
1473 | |
---|
1474 | $user_avatar = generate_avatar_markup($id); |
---|
1475 | if ($user_avatar) |
---|
1476 | $avatar_field .= ' <span><a href="profile.php?action=delete_avatar&id='.$id.'">'.$lang_profile['Delete avatar'].'</a></span>'; |
---|
1477 | else |
---|
1478 | $avatar_field = '<span><a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Upload avatar'].'</a></span>'; |
---|
1479 | |
---|
1480 | if ($user['signature'] != '') |
---|
1481 | $signature_preview = '<p>'.$lang_profile['Sig preview'].'</p>'."\n\t\t\t\t\t\t\t".'<div class="postsignature postmsg">'."\n\t\t\t\t\t\t\t\t".'<hr />'."\n\t\t\t\t\t\t\t\t".$parsed_signature."\n\t\t\t\t\t\t\t".'</div>'."\n"; |
---|
1482 | else |
---|
1483 | $signature_preview = '<p>'.$lang_profile['No sig'].'</p>'."\n"; |
---|
1484 | |
---|
1485 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personality']); |
---|
1486 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1487 | require PUN_ROOT.'header.php'; |
---|
1488 | |
---|
1489 | generate_profile_menu('personality'); |
---|
1490 | |
---|
1491 | |
---|
1492 | ?> |
---|
1493 | <div class="blockform"> |
---|
1494 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personality'] ?></span></h2> |
---|
1495 | <div class="box"> |
---|
1496 | <form id="profile4" method="post" action="profile.php?section=personality&id=<?php echo $id ?>"> |
---|
1497 | <div><input type="hidden" name="form_sent" value="1" /></div> |
---|
1498 | <?php if ($pun_config['o_avatars'] == '1'): ?> <div class="inform"> |
---|
1499 | <fieldset id="profileavatar"> |
---|
1500 | <legend><?php echo $lang_profile['Avatar legend'] ?></legend> |
---|
1501 | <div class="infldset"> |
---|
1502 | <?php if ($user_avatar): ?> <div class="useravatar"><?php echo $user_avatar ?></div> |
---|
1503 | <?php endif; ?> <p><?php echo $lang_profile['Avatar info'] ?></p> |
---|
1504 | <p class="clearb actions"><?php echo $avatar_field ?></p> |
---|
1505 | </div> |
---|
1506 | </fieldset> |
---|
1507 | </div> |
---|
1508 | <?php endif; if ($pun_config['o_signatures'] == '1'): ?> <div class="inform"> |
---|
1509 | <fieldset> |
---|
1510 | <legend><?php echo $lang_profile['Signature legend'] ?></legend> |
---|
1511 | <div class="infldset"> |
---|
1512 | <p><?php echo $lang_profile['Signature info'] ?></p> |
---|
1513 | <div class="txtarea"> |
---|
1514 | <label><?php printf($lang_profile['Sig max size'], forum_number_format($pun_config['p_sig_length']), $pun_config['p_sig_lines']) ?><br /> |
---|
1515 | <textarea name="signature" rows="4" cols="65"><?php echo pun_htmlspecialchars($user['signature']) ?></textarea><br /></label> |
---|
1516 | </div> |
---|
1517 | <ul class="bblinks"> |
---|
1518 | <li><span><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a> <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
1519 | <li><span><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a> <?php echo ($pun_config['p_sig_bbcode'] == '1' && $pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
1520 | <li><span><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a> <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li> |
---|
1521 | </ul> |
---|
1522 | <?php echo $signature_preview ?> |
---|
1523 | </div> |
---|
1524 | </fieldset> |
---|
1525 | </div> |
---|
1526 | <?php endif; ?> <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1527 | </form> |
---|
1528 | </div> |
---|
1529 | </div> |
---|
1530 | <?php |
---|
1531 | |
---|
1532 | } |
---|
1533 | else if ($section == 'display') |
---|
1534 | { |
---|
1535 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section display']); |
---|
1536 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1537 | require PUN_ROOT.'header.php'; |
---|
1538 | |
---|
1539 | generate_profile_menu('display'); |
---|
1540 | |
---|
1541 | ?> |
---|
1542 | <div class="blockform"> |
---|
1543 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section display'] ?></span></h2> |
---|
1544 | <div class="box"> |
---|
1545 | <form id="profile5" method="post" action="profile.php?section=display&id=<?php echo $id ?>"> |
---|
1546 | <div><input type="hidden" name="form_sent" value="1" /></div> |
---|
1547 | <?php |
---|
1548 | |
---|
1549 | $styles = forum_list_styles(); |
---|
1550 | |
---|
1551 | // Only display the style selection box if there's more than one style available |
---|
1552 | if (count($styles) == 1) |
---|
1553 | echo "\t\t\t".'<div><input type="hidden" name="form[style]" value="'.$styles[0].'" /></div>'."\n"; |
---|
1554 | else if (count($styles) > 1) |
---|
1555 | { |
---|
1556 | |
---|
1557 | ?> |
---|
1558 | <div class="inform"> |
---|
1559 | <fieldset> |
---|
1560 | <legend><?php echo $lang_profile['Style legend'] ?></legend> |
---|
1561 | <div class="infldset"> |
---|
1562 | <label><?php echo $lang_profile['Styles'] ?><br /> |
---|
1563 | <select name="form[style]"> |
---|
1564 | <?php |
---|
1565 | |
---|
1566 | foreach ($styles as $temp) |
---|
1567 | { |
---|
1568 | if ($user['style'] == $temp) |
---|
1569 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.str_replace('_', ' ', $temp).'</option>'."\n"; |
---|
1570 | else |
---|
1571 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.str_replace('_', ' ', $temp).'</option>'."\n"; |
---|
1572 | } |
---|
1573 | |
---|
1574 | ?> |
---|
1575 | </select> |
---|
1576 | <br /></label> |
---|
1577 | </div> |
---|
1578 | </fieldset> |
---|
1579 | </div> |
---|
1580 | <?php |
---|
1581 | |
---|
1582 | } |
---|
1583 | |
---|
1584 | ?> |
---|
1585 | <?php if ($pun_config['o_smilies'] == '1' || $pun_config['o_smilies_sig'] == '1' || $pun_config['o_signatures'] == '1' || $pun_config['o_avatars'] == '1' || ($pun_config['p_message_bbcode'] == '1' && $pun_config['p_message_img_tag'] == '1')): ?> |
---|
1586 | <div class="inform"> |
---|
1587 | <fieldset> |
---|
1588 | <legend><?php echo $lang_profile['Post display legend'] ?></legend> |
---|
1589 | <div class="infldset"> |
---|
1590 | <p><?php echo $lang_profile['Post display info'] ?></p> |
---|
1591 | <div class="rbox"> |
---|
1592 | <?php if ($pun_config['o_smilies'] == '1' || $pun_config['o_smilies_sig'] == '1'): ?> <label><input type="checkbox" name="form[show_smilies]" value="1"<?php if ($user['show_smilies'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show smilies'] ?><br /></label> |
---|
1593 | <?php endif; if ($pun_config['o_signatures'] == '1'): ?> <label><input type="checkbox" name="form[show_sig]" value="1"<?php if ($user['show_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show sigs'] ?><br /></label> |
---|
1594 | <?php endif; if ($pun_config['o_avatars'] == '1'): ?> <label><input type="checkbox" name="form[show_avatars]" value="1"<?php if ($user['show_avatars'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show avatars'] ?><br /></label> |
---|
1595 | <?php endif; if ($pun_config['p_message_bbcode'] == '1' && $pun_config['p_message_img_tag'] == '1'): ?> <label><input type="checkbox" name="form[show_img]" value="1"<?php if ($user['show_img'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images'] ?><br /></label> |
---|
1596 | <?php endif; if ($pun_config['o_signatures'] == '1' && $pun_config['p_sig_bbcode'] == '1' && $pun_config['p_sig_img_tag'] == '1'): ?> <label><input type="checkbox" name="form[show_img_sig]" value="1"<?php if ($user['show_img_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images sigs'] ?><br /></label> |
---|
1597 | <?php endif; ?> |
---|
1598 | </div> |
---|
1599 | </div> |
---|
1600 | </fieldset> |
---|
1601 | </div> |
---|
1602 | <?php endif; ?> |
---|
1603 | <div class="inform"> |
---|
1604 | <fieldset> |
---|
1605 | <legend><?php echo $lang_profile['Pagination legend'] ?></legend> |
---|
1606 | <div class="infldset"> |
---|
1607 | <label class="conl"><?php echo $lang_profile['Topics per page'] ?><br /><input type="text" name="form[disp_topics]" value="<?php echo $user['disp_topics'] ?>" size="6" maxlength="3" /><br /></label> |
---|
1608 | <label class="conl"><?php echo $lang_profile['Posts per page'] ?><br /><input type="text" name="form[disp_posts]" value="<?php echo $user['disp_posts'] ?>" size="6" maxlength="3" /><br /></label> |
---|
1609 | <p class="clearb"><?php echo $lang_profile['Paginate info'] ?> <?php echo $lang_profile['Leave blank'] ?></p> |
---|
1610 | </div> |
---|
1611 | </fieldset> |
---|
1612 | </div> |
---|
1613 | <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1614 | </form> |
---|
1615 | </div> |
---|
1616 | </div> |
---|
1617 | <?php |
---|
1618 | |
---|
1619 | } |
---|
1620 | else if ($section == 'privacy') |
---|
1621 | { |
---|
1622 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section privacy']); |
---|
1623 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1624 | require PUN_ROOT.'header.php'; |
---|
1625 | |
---|
1626 | generate_profile_menu('privacy'); |
---|
1627 | |
---|
1628 | ?> |
---|
1629 | <div class="blockform"> |
---|
1630 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section privacy'] ?></span></h2> |
---|
1631 | <div class="box"> |
---|
1632 | <form id="profile6" method="post" action="profile.php?section=privacy&id=<?php echo $id ?>"> |
---|
1633 | <div class="inform"> |
---|
1634 | <fieldset> |
---|
1635 | <legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend> |
---|
1636 | <div class="infldset"> |
---|
1637 | <input type="hidden" name="form_sent" value="1" /> |
---|
1638 | <p><?php echo $lang_prof_reg['Email setting info'] ?></p> |
---|
1639 | <div class="rbox"> |
---|
1640 | <label><input type="radio" name="form[email_setting]" value="0"<?php if ($user['email_setting'] == '0') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 1'] ?><br /></label> |
---|
1641 | <label><input type="radio" name="form[email_setting]" value="1"<?php if ($user['email_setting'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 2'] ?><br /></label> |
---|
1642 | <label><input type="radio" name="form[email_setting]" value="2"<?php if ($user['email_setting'] == '2') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Email setting 3'] ?><br /></label> |
---|
1643 | </div> |
---|
1644 | </div> |
---|
1645 | </fieldset> |
---|
1646 | </div> |
---|
1647 | <?php if ($pun_config['o_forum_subscriptions'] == '1' || $pun_config['o_topic_subscriptions'] == '1'): ?> <div class="inform"> |
---|
1648 | <fieldset> |
---|
1649 | <legend><?php echo $lang_profile['Subscription legend'] ?></legend> |
---|
1650 | <div class="infldset"> |
---|
1651 | <div class="rbox"> |
---|
1652 | <label><input type="checkbox" name="form[notify_with_post]" value="1"<?php if ($user['notify_with_post'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Notify full'] ?><br /></label> |
---|
1653 | <?php if ($pun_config['o_topic_subscriptions'] == '1'): ?> <label><input type="checkbox" name="form[auto_notify]" value="1"<?php if ($user['auto_notify'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Auto notify full'] ?><br /></label> |
---|
1654 | <?php endif; ?> |
---|
1655 | </div> |
---|
1656 | </div> |
---|
1657 | </fieldset> |
---|
1658 | </div> |
---|
1659 | <?php endif; ?> <p class="buttons"><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> |
---|
1660 | </form> |
---|
1661 | </div> |
---|
1662 | </div> |
---|
1663 | <?php |
---|
1664 | |
---|
1665 | } |
---|
1666 | else if ($section == 'admin') |
---|
1667 | { |
---|
1668 | if (!$pun_user['is_admmod'] || ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_ban_users'] == '0')) |
---|
1669 | message($lang_common['Bad request']); |
---|
1670 | |
---|
1671 | $page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section admin']); |
---|
1672 | define('PUN_ACTIVE_PAGE', 'profile'); |
---|
1673 | require PUN_ROOT.'header.php'; |
---|
1674 | |
---|
1675 | generate_profile_menu('admin'); |
---|
1676 | |
---|
1677 | ?> |
---|
1678 | <div class="blockform"> |
---|
1679 | <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section admin'] ?></span></h2> |
---|
1680 | <div class="box"> |
---|
1681 | <form id="profile7" method="post" action="profile.php?section=admin&id=<?php echo $id ?>"> |
---|
1682 | <div class="inform"> |
---|
1683 | <input type="hidden" name="form_sent" value="1" /> |
---|
1684 | <fieldset> |
---|
1685 | <?php |
---|
1686 | |
---|
1687 | if ($pun_user['g_moderator'] == '1') |
---|
1688 | { |
---|
1689 | |
---|
1690 | ?> |
---|
1691 | <legend><?php echo $lang_profile['Delete ban legend'] ?></legend> |
---|
1692 | <div class="infldset"> |
---|
1693 | <p><input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /></p> |
---|
1694 | </div> |
---|
1695 | </fieldset> |
---|
1696 | </div> |
---|
1697 | <?php |
---|
1698 | |
---|
1699 | } |
---|
1700 | else |
---|
1701 | { |
---|
1702 | if ($pun_user['id'] != $id) |
---|
1703 | { |
---|
1704 | |
---|
1705 | ?> |
---|
1706 | <legend><?php echo $lang_profile['Group membership legend'] ?></legend> |
---|
1707 | <div class="infldset"> |
---|
1708 | <select id="group_id" name="group_id"> |
---|
1709 | <?php |
---|
1710 | |
---|
1711 | $result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups WHERE g_id!='.PUN_GUEST.' ORDER BY g_title') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); |
---|
1712 | |
---|
1713 | while ($cur_group = $db->fetch_assoc($result)) |
---|
1714 | { |
---|
1715 | if ($cur_group['g_id'] == $user['g_id'] || ($cur_group['g_id'] == $pun_config['o_default_user_group'] && $user['g_id'] == '')) |
---|
1716 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
---|
1717 | else |
---|
1718 | echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
---|
1719 | } |
---|
1720 | |
---|
1721 | ?> |
---|
1722 | </select> |
---|
1723 | <input type="submit" name="update_group_membership" value="<?php echo $lang_profile['Save'] ?>" /> |
---|
1724 | </div> |
---|
1725 | </fieldset> |
---|
1726 | </div> |
---|
1727 | <div class="inform"> |
---|
1728 | <fieldset> |
---|
1729 | <?php |
---|
1730 | |
---|
1731 | } |
---|
1732 | |
---|
1733 | ?> |
---|
1734 | <legend><?php echo $lang_profile['Delete ban legend'] ?></legend> |
---|
1735 | <div class="infldset"> |
---|
1736 | <input type="submit" name="delete_user" value="<?php echo $lang_profile['Delete user'] ?>" /> <input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /> |
---|
1737 | </div> |
---|
1738 | </fieldset> |
---|
1739 | </div> |
---|
1740 | <?php |
---|
1741 | |
---|
1742 | if ($user['g_moderator'] == '1' || $user['g_id'] == PUN_ADMIN) |
---|
1743 | { |
---|
1744 | |
---|
1745 | ?> |
---|
1746 | <div class="inform"> |
---|
1747 | <fieldset> |
---|
1748 | <legend><?php echo $lang_profile['Set mods legend'] ?></legend> |
---|
1749 | <div class="infldset"> |
---|
1750 | <p><?php echo $lang_profile['Moderator in info'] ?></p> |
---|
1751 | <?php |
---|
1752 | |
---|
1753 | $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.moderators FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id WHERE f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); |
---|
1754 | |
---|
1755 | $cur_category = 0; |
---|
1756 | while ($cur_forum = $db->fetch_assoc($result)) |
---|
1757 | { |
---|
1758 | if ($cur_forum['cid'] != $cur_category) // A new category since last iteration? |
---|
1759 | { |
---|
1760 | if ($cur_category) |
---|
1761 | echo "\n\t\t\t\t\t\t\t\t".'</div>'; |
---|
1762 | |
---|
1763 | if ($cur_category != 0) |
---|
1764 | echo "\n\t\t\t\t\t\t\t".'</div>'."\n"; |
---|
1765 | |
---|
1766 | echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.$cur_forum['cat_name'].'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">'; |
---|
1767 | $cur_category = $cur_forum['cid']; |
---|
1768 | } |
---|
1769 | |
---|
1770 | $moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); |
---|
1771 | |
---|
1772 | echo "\n\t\t\t\t\t\t\t\t\t".'<label><input type="checkbox" name="moderator_in['.$cur_forum['fid'].']" value="1"'.((in_array($id, $moderators)) ? ' checked="checked"' : '').' />'.pun_htmlspecialchars($cur_forum['forum_name']).'<br /></label>'."\n"; |
---|
1773 | } |
---|
1774 | |
---|
1775 | ?> |
---|
1776 | </div> |
---|
1777 | </div> |
---|
1778 | <br class="clearb" /><input type="submit" name="update_forums" value="<?php echo $lang_profile['Update forums'] ?>" /> |
---|
1779 | </div> |
---|
1780 | </fieldset> |
---|
1781 | </div> |
---|
1782 | <?php |
---|
1783 | |
---|
1784 | } |
---|
1785 | } |
---|
1786 | |
---|
1787 | ?> |
---|
1788 | </form> |
---|
1789 | </div> |
---|
1790 | </div> |
---|
1791 | <?php |
---|
1792 | |
---|
1793 | } |
---|
1794 | else |
---|
1795 | message($lang_common['Bad request']); |
---|
1796 | |
---|
1797 | ?> |
---|
1798 | <div class="clearer"></div> |
---|
1799 | </div> |
---|
1800 | <?php |
---|
1801 | |
---|
1802 | require PUN_ROOT.'footer.php'; |
---|
1803 | } |
---|