| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: usercp.php 5616 2011-09-20 13:24:59Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define('THIS_SCRIPT', 'usercp.php'); 14 15 $templatelist = "usercp,usercp_home,usercp_nav,usercp_profile,error_nopermission,buddy_online,buddy_offline,usercp_changename,usercp_nav_changename"; 16 $templatelist .= ",usercp_usergroups_memberof_usergroup,usercp_usergroups_memberof,usercp_usergroups_joinable_usergroup,usercp_usergroups_joinable,usercp_usergroups"; 17 $templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,usercp_usergroups_leader_usergroup,usercp_usergroups_leader,usercp_currentavatar,usercp_reputation"; 18 $templatelist .= ",usercp_attachments_attachment,usercp_attachments,usercp_profile_away,usercp_profile_customfield,usercp_profile_profilefields,usercp_profile_customtitle,usercp_forumsubscriptions_none,usercp_forumsubscriptions,usercp_subscriptions_none,usercp_subscriptions,usercp_options_pms_from_buddys,usercp_options_tppselect,usercp_options_pppselect,usercp_options"; 19 $templatelist .= ",usercp_nav_editsignature,usercp_referrals,usercp_notepad,usercp_latest_threads_threads,forumdisplay_thread_gotounread,usercp_latest_threads,usercp_subscriptions_remove"; 20 21 require_once "./global.php"; 22 require_once MYBB_ROOT."inc/functions_post.php"; 23 require_once MYBB_ROOT."inc/functions_user.php"; 24 require_once MYBB_ROOT."inc/class_parser.php"; 25 $parser = new postParser; 26 27 // Load global language phrases 28 $lang->load("usercp"); 29 30 if($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) 31 { 32 error_no_permission(); 33 } 34 35 if(!$mybb->user['pmfolders']) 36 { 37 $mybb->user['pmfolders'] = "1**".$lang->folder_inbox."$%%$2**".$lang->folder_sent_items."$%%$3**".$lang->folder_drafts."$%%$4**".$lang->folder_trash; 38 $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='".$mybb->user['uid']."'"); 39 } 40 41 $errors = ''; 42 43 usercp_menu(); 44 45 $plugins->run_hooks("usercp_start"); 46 if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") 47 { 48 $parser_options = array( 49 'allow_html' => $mybb->settings['sightml'], 50 'filter_badwords' => 1, 51 'allow_mycode' => $mybb->settings['sigmycode'], 52 'allow_smilies' => $mybb->settings['sigsmilies'], 53 'allow_imgcode' => $mybb->settings['sigimgcode'], 54 "filter_badwords" => 1 55 ); 56 $parsed_sig = $parser->parse_message($mybb->input['signature'], $parser_options); 57 if((($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1) && 58 substr_count($parsed_sig, "<img") > 0) || 59 (($mybb->settings['sigimgcode'] == 1 || $mybb->settings['sigsmilies'] == 1) && 60 substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']) 61 ) 62 { 63 if($mybb->settings['sigimgcode'] == 1) 64 { 65 $imgsallowed = $mybb->settings['maxsigimages']; 66 } 67 else 68 { 69 $imgsallowed = 0; 70 } 71 $lang->too_many_sig_images2 = $lang->sprintf($lang->too_many_sig_images2, $imgsallowed); 72 $error = inline_error($lang->too_many_sig_images." ".$lang->too_many_sig_images2); 73 $mybb->input['preview'] = 1; 74 } 75 else if($mybb->settings['siglength'] > 0) 76 { 77 if($mybb->settings['sigcountmycode'] == 0) 78 { 79 $parsed_sig = $parser->text_parse_message($mybb->input['signature']); 80 } 81 else 82 { 83 $parsed_sig = $mybb->input['signature']; 84 } 85 $parsed_sig = preg_replace("#\s#", "", $parsed_sig); 86 $sig_length = my_strlen($parsed_sig); 87 if($sig_length > $mybb->settings['siglength']) 88 { 89 $lang->sig_too_long = $lang->sprintf($lang->sig_too_long, $mybb->settings['siglength']); 90 if($sig_length - $mybb->settings['siglength'] > 1) 91 { 92 $lang->sig_too_long .= $lang->sprintf($lang->sig_remove_chars_plural, $sig_length-$mybb->settings['siglength']); 93 } 94 else 95 { 96 $lang->sig_too_long .= $lang->sig_remove_chars_singular; 97 } 98 $error = inline_error($lang->sig_too_long); 99 } 100 } 101 if($error || $mybb->input['preview']) 102 { 103 $mybb->input['action'] = "editsig"; 104 } 105 } 106 107 // Make navigation 108 add_breadcrumb($lang->nav_usercp, "usercp.php"); 109 110 switch($mybb->input['action']) 111 { 112 case "profile": 113 case "do_profile": 114 add_breadcrumb($lang->ucp_nav_profile); 115 break; 116 case "options": 117 case "do_options": 118 add_breadcrumb($lang->nav_options); 119 break; 120 case "email": 121 case "do_email": 122 add_breadcrumb($lang->nav_email); 123 break; 124 case "password": 125 case "do_password": 126 add_breadcrumb($lang->nav_password); 127 break; 128 case "changename": 129 case "do_changename": 130 add_breadcrumb($lang->nav_changename); 131 break; 132 case "subscriptions": 133 add_breadcrumb($lang->ucp_nav_subscribed_threads); 134 break; 135 case "forumsubscriptions": 136 add_breadcrumb($lang->ucp_nav_forum_subscriptions); 137 break; 138 case "editsig": 139 case "do_editsig": 140 add_breadcrumb($lang->nav_editsig); 141 break; 142 case "avatar": 143 case "do_avatar": 144 add_breadcrumb($lang->nav_avatar); 145 break; 146 case "notepad": 147 case "do_notepad": 148 add_breadcrumb($lang->ucp_nav_notepad); 149 break; 150 case "editlists": 151 case "do_editlists": 152 add_breadcrumb($lang->ucp_nav_editlists); 153 break; 154 case "drafts": 155 add_breadcrumb($lang->ucp_nav_drafts); 156 break; 157 case "usergroups": 158 add_breadcrumb($lang->ucp_nav_usergroups); 159 break; 160 case "attachments": 161 add_breadcrumb($lang->ucp_nav_attachments); 162 break; 163 } 164 165 if($mybb->input['action'] == "do_profile" && $mybb->request_method == "post") 166 { 167 // Verify incoming POST request 168 verify_post_check($mybb->input['my_post_key']); 169 170 $plugins->run_hooks("usercp_do_profile_start"); 171 172 if($mybb->input['away'] == 1 && $mybb->settings['allowaway'] != 0) 173 { 174 $awaydate = TIME_NOW; 175 if($mybb->input['awayday']) 176 { 177 // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year 178 if(!$mybb->input['awaymonth']) 179 { 180 $mybb->input['awaymonth'] = my_date('n', $awaydate); 181 } 182 if(!$mybb->input['awayyear']) 183 { 184 $mybb->input['awayyear'] = my_date('Y', $awaydate); 185 } 186 187 $return_month = intval(substr($mybb->input['awaymonth'], 0, 2)); 188 $return_day = intval(substr($mybb->input['awayday'], 0, 2)); 189 $return_year = min(intval($mybb->input['awayyear']), 9999); 190 191 // Check if return date is after the away date. 192 $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year); 193 $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate)); 194 if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate))) 195 { 196 error($lang->error_usercp_return_date_past); 197 } 198 199 $returndate = "{$return_day}-{$return_month}-{$return_year}"; 200 } 201 else 202 { 203 $returndate = ""; 204 } 205 $away = array( 206 "away" => 1, 207 "date" => $awaydate, 208 "returndate" => $returndate, 209 "awayreason" => $mybb->input['awayreason'] 210 ); 211 } 212 else 213 { 214 $away = array( 215 "away" => 0, 216 "date" => '', 217 "returndate" => '', 218 "awayreason" => '' 219 ); 220 } 221 222 $bday = array( 223 "day" => $mybb->input['bday1'], 224 "month" => $mybb->input['bday2'], 225 "year" => $mybb->input['bday3'] 226 ); 227 228 // Set up user handler. 229 require_once "inc/datahandlers/user.php"; 230 $userhandler = new UserDataHandler("update"); 231 232 $user = array( 233 "uid" => $mybb->user['uid'], 234 "website" => $mybb->input['website'], 235 "icq" => intval($mybb->input['icq']), 236 "aim" => $mybb->input['aim'], 237 "yahoo" => $mybb->input['yahoo'], 238 "msn" => $mybb->input['msn'], 239 "birthday" => $bday, 240 "birthdayprivacy" => $mybb->input['birthdayprivacy'], 241 "away" => $away, 242 "profile_fields" => $mybb->input['profile_fields'] 243 ); 244 245 if($mybb->usergroup['cancustomtitle'] == 1) 246 { 247 if($mybb->input['usertitle'] != '') 248 { 249 $user['usertitle'] = $mybb->input['usertitle']; 250 } 251 else if($mybb->input['reverttitle']) 252 { 253 $user['usertitle'] = ''; 254 } 255 } 256 $userhandler->set_data($user); 257 258 if(!$userhandler->validate_user()) 259 { 260 $errors = $userhandler->get_friendly_errors(); 261 $errors = inline_error($errors); 262 $mybb->input['action'] = "profile"; 263 } 264 else 265 { 266 $userhandler->update_user(); 267 268 $plugins->run_hooks("usercp_do_profile_end"); 269 redirect("usercp.php", $lang->redirect_profileupdated); 270 } 271 } 272 273 if($mybb->input['action'] == "profile") 274 { 275 if($errors) 276 { 277 $user = $mybb->input; 278 $bday = array(); 279 $bday[0] = $mybb->input['bday1']; 280 $bday[1] = $mybb->input['bday2']; 281 $bday[2] = intval($mybb->input['bday3']); 282 } 283 else 284 { 285 $user = $mybb->user; 286 $bday = explode("-", $user['birthday']); 287 } 288 289 $plugins->run_hooks("usercp_profile_start"); 290 291 $bdaysel = ''; 292 for($i = 1; $i <= 31; ++$i) 293 { 294 if($bday[0] == $i) 295 { 296 $bdaydaysel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 297 } 298 else 299 { 300 $bdaydaysel .= "<option value=\"$i\">$i</option>\n"; 301 } 302 } 303 $bdaymonthsel[$bday[1]] = 'selected="selected"'; 304 305 $bdayprivacysel = ''; 306 if($user['birthdayprivacy'] == 'all' || !$user['birthdayprivacy']) 307 { 308 $bdayprivacysel .= "<option value=\"all\" selected=\"selected\">{$lang->birthdayprivacyall}</option>\n"; 309 $bdayprivacysel .= "<option value=\"none\">{$lang->birthdayprivacynone}</option>\n"; 310 $bdayprivacysel .= "<option value=\"age\">{$lang->birthdayprivacyage}</option>"; 311 } 312 else if($user['birthdayprivacy'] == 'none') 313 { 314 $bdayprivacysel .= "<option value=\"all\">{$lang->birthdayprivacyall}</option>\n"; 315 $bdayprivacysel .= "<option value=\"none\" selected=\"selected\">{$lang->birthdayprivacynone}</option>\n"; 316 $bdayprivacysel .= "<option value=\"age\">{$lang->birthdayprivacyage}</option>"; 317 } 318 else if($user['birthdayprivacy'] == 'age') 319 { 320 $bdayprivacysel .= "<option value=\"all\">{$lang->birthdayprivacyall}</option>\n"; 321 $bdayprivacysel .= "<option value=\"none\">{$lang->birthdayprivacynone}</option>\n"; 322 $bdayprivacysel .= "<option value=\"age\" selected=\"selected\">{$lang->birthdayprivacyage}</option>"; 323 } 324 325 if($user['website'] == "" || $user['website'] == "http://") 326 { 327 $user['website'] = "http://"; 328 } 329 else 330 { 331 $user['website'] = htmlspecialchars_uni($user['website']); 332 } 333 334 if($user['icq'] != "0") 335 { 336 $user['icq'] = intval($user['icq']); 337 } 338 if($user['icq'] == 0) 339 { 340 $user['icq'] = ""; 341 } 342 if($errors) 343 { 344 $user['msn'] = htmlspecialchars_uni($user['msn']); 345 $user['aim'] = htmlspecialchars_uni($user['aim']); 346 $user['yahoo'] = htmlspecialchars_uni($user['yahoo']); 347 } 348 if($mybb->settings['allowaway'] != 0) 349 { 350 if($errors) 351 { 352 if($user['away'] == 1) 353 { 354 $awaycheck[1] = "checked=\"checked\""; 355 } 356 else 357 { 358 $awaycheck[0] = "checked=\"checked\""; 359 } 360 $returndate = array(); 361 $returndate[0] = $mybb->input['awayday']; 362 $returndate[1] = $mybb->input['awaymonth']; 363 $returndate[2] = intval($mybb->input['awayyear']); 364 $user['awayreason'] = htmlspecialchars_uni($mybb->input['awayreason']); 365 } 366 else 367 { 368 $user['awayreason'] = htmlspecialchars_uni($user['awayreason']); 369 if($mybb->user['away'] == 1) 370 { 371 $awaydate = my_date($mybb->settings['dateformat'], $mybb->user['awaydate']); 372 $awaycheck[1] = "checked=\"checked\""; 373 $awaynotice = $lang->sprintf($lang->away_notice_away, $awaydate); 374 } 375 else 376 { 377 $awaynotice = $lang->away_notice; 378 $awaycheck[0] = "checked=\"checked\""; 379 } 380 $returndate = explode("-", $mybb->user['returndate']); 381 } 382 $returndatesel = ''; 383 for($i = 1; $i <= 31; ++$i) 384 { 385 if($returndate[0] == $i) 386 { 387 $returndatesel .= "<option value=\"$i\" selected=\"selected\">$i</option>\n"; 388 } 389 else 390 { 391 $returndatesel .= "<option value=\"$i\">$i</option>\n"; 392 } 393 } 394 $returndatemonthsel[$returndate[1]] = "selected"; 395 396 eval("\$awaysection = \"".$templates->get("usercp_profile_away")."\";"); 397 } 398 // Custom profile fields baby! 399 $altbg = "trow1"; 400 $requiredfields = ''; 401 $customfields = ''; 402 $query = $db->simple_select("profilefields", "*", "editable=1", array('order_by' => 'disporder')); 403 while($profilefield = $db->fetch_array($query)) 404 { 405 // Does this field have a minimum post count? 406 if($profilefield['postnum'] && $profilefield['postnum'] > $user['postnum']) 407 { 408 continue; 409 } 410 411 $profilefield['type'] = htmlspecialchars_uni($profilefield['type']); 412 $profilefield['name'] = htmlspecialchars_uni($profilefield['name']); 413 $profilefield['description'] = htmlspecialchars_uni($profilefield['description']); 414 $thing = explode("\n", $profilefield['type'], "2"); 415 $type = $thing[0]; 416 $options = $thing[1]; 417 $field = "fid{$profilefield['fid']}"; 418 $select = ''; 419 if($errors) 420 { 421 $userfield = $mybb->input['profile_fields'][$field]; 422 } 423 else 424 { 425 $userfield = $user[$field]; 426 } 427 if($type == "multiselect") 428 { 429 if($errors) 430 { 431 $useropts = $userfield; 432 } 433 else 434 { 435 $useropts = explode("\n", $userfield); 436 } 437 if(is_array($useropts)) 438 { 439 foreach($useropts as $key => $val) 440 { 441 $val = htmlspecialchars_uni($val); 442 $seloptions[$val] = $val; 443 } 444 } 445 $expoptions = explode("\n", $options); 446 if(is_array($expoptions)) 447 { 448 foreach($expoptions as $key => $val) 449 { 450 $val = trim($val); 451 $val = str_replace("\n", "\\n", $val); 452 453 $sel = ""; 454 if($val == $seloptions[$val]) 455 { 456 $sel = " selected=\"selected\""; 457 } 458 $select .= "<option value=\"$val\"$sel>$val</option>\n"; 459 } 460 if(!$profilefield['length']) 461 { 462 $profilefield['length'] = 3; 463 } 464 $code = "<select name=\"profile_fields[$field][]\" size=\"{$profilefield['length']}\" multiple=\"multiple\">$select</select>"; 465 } 466 } 467 elseif($type == "select") 468 { 469 $expoptions = explode("\n", $options); 470 if(is_array($expoptions)) 471 { 472 foreach($expoptions as $key => $val) 473 { 474 $val = trim($val); 475 $val = str_replace("\n", "\\n", $val); 476 $sel = ""; 477 if($val == htmlspecialchars_uni($userfield)) 478 { 479 $sel = " selected=\"selected\""; 480 } 481 $select .= "<option value=\"$val\"$sel>$val</option>"; 482 } 483 if(!$profilefield['length']) 484 { 485 $profilefield['length'] = 1; 486 } 487 $code = "<select name=\"profile_fields[$field]\" size=\"{$profilefield['length']}\">$select</select>"; 488 } 489 } 490 elseif($type == "radio") 491 { 492 $expoptions = explode("\n", $options); 493 if(is_array($expoptions)) 494 { 495 foreach($expoptions as $key => $val) 496 { 497 $checked = ""; 498 if($val == $userfield) 499 { 500 $checked = " checked=\"checked\""; 501 } 502 $code .= "<input type=\"radio\" class=\"radio\" name=\"profile_fields[$field]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 503 } 504 } 505 } 506 elseif($type == "checkbox") 507 { 508 if($errors) 509 { 510 $useropts = $userfield; 511 } 512 else 513 { 514 $useropts = explode("\n", $userfield); 515 } 516 if(is_array($useropts)) 517 { 518 foreach($useropts as $key => $val) 519 { 520 $seloptions[$val] = $val; 521 } 522 } 523 $expoptions = explode("\n", $options); 524 if(is_array($expoptions)) 525 { 526 foreach($expoptions as $key => $val) 527 { 528 $checked = ""; 529 if($val == $seloptions[$val]) 530 { 531 $checked = " checked=\"checked\""; 532 } 533 $code .= "<input type=\"checkbox\" class=\"checkbox\" name=\"profile_fields[$field][]\" value=\"$val\"$checked /> <span class=\"smalltext\">$val</span><br />"; 534 } 535 } 536 } 537 elseif($type == "textarea") 538 { 539 $value = htmlspecialchars_uni($userfield); 540 $code = "<textarea name=\"profile_fields[$field]\" rows=\"6\" cols=\"30\" style=\"width: 95%\">$value</textarea>"; 541 } 542 else 543 { 544 $value = htmlspecialchars_uni($userfield); 545 $maxlength = ""; 546 if($profilefield['maxlength'] > 0) 547 { 548 $maxlength = " maxlength=\"{$profilefield['maxlength']}\""; 549 } 550 $code = "<input type=\"text\" name=\"profile_fields[$field]\" class=\"textbox\" size=\"{$profilefield['length']}\"{$maxlength} value=\"$value\" />"; 551 } 552 if($profilefield['required'] == 1) 553 { 554 eval("\$requiredfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 555 } 556 else 557 { 558 eval("\$customfields .= \"".$templates->get("usercp_profile_customfield")."\";"); 559 } 560 $altbg = alt_trow(); 561 $code = ""; 562 $select = ""; 563 $val = ""; 564 $options = ""; 565 $expoptions = ""; 566 $useropts = ""; 567 $seloptions = ""; 568 } 569 if($customfields) 570 { 571 eval("\$customfields = \"".$templates->get("usercp_profile_profilefields")."\";"); 572 } 573 574 if($mybb->usergroup['cancustomtitle'] == 1) 575 { 576 if($mybb->usergroup['usertitle'] == "") 577 { 578 $query = $db->simple_select("usertitles", "*", "posts <='".$mybb->user['postnum']."'", array('order_by' => 'posts', 'order_dir' => 'DESC', 'limit' => 1)); 579 $utitle = $db->fetch_array($query); 580 $defaulttitle = $utitle['title']; 581 } 582 else 583 { 584 $defaulttitle = $mybb->usergroup['usertitle']; 585 } 586 587 if(trim($user['usertitle']) == '') 588 { 589 $lang->current_custom_usertitle = ''; 590 } 591 else 592 { 593 if($errors) 594 { 595 $newtitle = htmlspecialchars_uni($user['usertitle']); 596 $user['usertitle'] = $mybb->user['usertitle']; 597 } 598 } 599 eval("\$customtitle = \"".$templates->get("usercp_profile_customtitle")."\";"); 600 } 601 else 602 { 603 $customtitle = ""; 604 } 605 606 $plugins->run_hooks("usercp_profile_end"); 607 608 eval("\$editprofile = \"".$templates->get("usercp_profile")."\";"); 609 output_page($editprofile); 610 } 611 612 if($mybb->input['action'] == "do_options" && $mybb->request_method == "post") 613 { 614 // Verify incoming POST request 615 verify_post_check($mybb->input['my_post_key']); 616 617 $plugins->run_hooks("usercp_do_options_start"); 618 619 // Set up user handler. 620 require_once MYBB_ROOT."inc/datahandlers/user.php"; 621 $userhandler = new UserDataHandler("update"); 622 623 $user = array( 624 "uid" => $mybb->user['uid'], 625 "style" => intval($mybb->input['style']), 626 "dateformat" => intval($mybb->input['dateformat']), 627 "timeformat" => intval($mybb->input['timeformat']), 628 "timezone" => $db->escape_string($mybb->input['timezoneoffset']), 629 "language" => $mybb->input['language'] 630 ); 631 632 $user['options'] = array( 633 "allownotices" => $mybb->input['allownotices'], 634 "hideemail" => $mybb->input['hideemail'], 635 "subscriptionmethod" => $mybb->input['subscriptionmethod'], 636 "invisible" => $mybb->input['invisible'], 637 "dstcorrection" => $mybb->input['dstcorrection'], 638 "threadmode" => $mybb->input['threadmode'], 639 "showsigs" => $mybb->input['showsigs'], 640 "showavatars" => $mybb->input['showavatars'], 641 "showquickreply" => $mybb->input['showquickreply'], 642 "receivepms" => $mybb->input['receivepms'], 643 "pmnotice" => $mybb->input['pmnotice'], 644 "receivefrombuddy" => $mybb->input['receivefrombuddy'], 645 "daysprune" => $mybb->input['daysprune'], 646 "showcodebuttons" => intval($mybb->input['showcodebuttons']), 647 "pmnotify" => $mybb->input['pmnotify'], 648 "showredirect" => $mybb->input['showredirect'], 649 "classicpostbit" => $mybb->input['classicpostbit'] 650 ); 651 652 if($mybb->settings['usertppoptions']) 653 { 654 $user['options']['tpp'] = intval($mybb->input['tpp']); 655 } 656 657 if($mybb->settings['userpppoptions']) 658 { 659 $user['options']['ppp'] = intval($mybb->input['ppp']); 660 } 661 662 $userhandler->set_data($user); 663 664 665 if(!$userhandler->validate_user()) 666 { 667 $errors = $userhandler->get_friendly_errors(); 668 $errors = inline_error($errors); 669 $mybb->input['action'] = "options"; 670 } 671 else 672 { 673 $userhandler->update_user(); 674 675 $plugins->run_hooks("usercp_do_options_end"); 676 677 redirect("usercp.php", $lang->redirect_optionsupdated); 678 } 679 } 680 681 if($mybb->input['action'] == "options") 682 { 683 $plugins->run_hooks("usercp_options_start"); 684 685 if($errors != '') 686 { 687 $user = $mybb->input; 688 } 689 else 690 { 691 $user = $mybb->user; 692 } 693 $languages = $lang->get_languages(); 694 $langoptions = ''; 695 foreach($languages as $lname => $language) 696 { 697 $sel = ""; 698 if($user['language'] == $lname) 699 { 700 $sel = " selected=\"selected\""; 701 } 702 $langoptions .= "<option value=\"$lname\"$sel>".htmlspecialchars_uni($language)."</option>\n"; 703 } 704 705 // Lets work out which options the user has selected and check the boxes 706 if($user['allownotices'] == 1) 707 { 708 $allownoticescheck = "checked=\"checked\""; 709 } 710 else 711 { 712 $allownoticescheck = ""; 713 } 714 715 if($user['invisible'] == 1) 716 { 717 $invisiblecheck = "checked=\"checked\""; 718 } 719 else 720 { 721 $invisiblecheck = ""; 722 } 723 724 if($user['hideemail'] == 1) 725 { 726 $hideemailcheck = "checked=\"checked\""; 727 } 728 else 729 { 730 $hideemailcheck = ""; 731 } 732 733 if($user['subscriptionmethod'] == 1) 734 { 735 $no_email_subscribe_selected = "selected=\"selected\""; 736 } 737 else if($user['subscriptionmethod'] == 2) 738 { 739 $instant_email_subscribe_selected = "selected=\"selected\""; 740 } 741 else 742 743 { 744 $no_subscribe_selected = "selected=\"selected\""; 745 } 746 747 if($user['showsigs'] == 1) 748 { 749 $showsigscheck = "checked=\"checked\""; 750 } 751 else 752 { 753 $showsigscheck = ""; 754 } 755 756 if($user['showavatars'] == 1) 757 { 758 $showavatarscheck = "checked=\"checked\""; 759 } 760 else 761 { 762 $showavatarscheck = ""; 763 } 764 765 if($user['showquickreply'] == 1) 766 { 767 $showquickreplycheck = "checked=\"checked\""; 768 } 769 else 770 { 771 $showquickreplycheck = ""; 772 } 773 774 if($user['receivepms'] == 1) 775 { 776 $receivepmscheck = "checked=\"checked\""; 777 } 778 else 779 { 780 $receivepmscheck = ""; 781 } 782 783 if($user['receivefrombuddy'] == 1) 784 { 785 $receivefrombuddycheck = "checked=\"checked\""; 786 } 787 else 788 { 789 $receivefrombuddycheck = ""; 790 } 791 792 if($user['pmnotice'] == 1 || $user['pmnotice'] == 2) 793 { 794 $pmnoticecheck = " checked=\"checked\""; 795 } 796 else 797 { 798 $pmnoticecheck = ""; 799 } 800 801 if($user['dstcorrection'] == 2) 802 { 803 $dst_auto_selected = "selected=\"selected\""; 804 } 805 else if($user['dstcorrection'] == 1) 806 { 807 $dst_enabled_selected = "selected=\"selected\""; 808 } 809 else 810 { 811 $dst_disabled_selected = "selected=\"selected\""; 812 } 813 814 if($user['showcodebuttons'] == 1) 815 { 816 $showcodebuttonscheck = "checked=\"checked\""; 817 } 818 else 819 { 820 $showcodebuttonscheck = ""; 821 } 822 823 if($user['showredirect'] != 0) 824 { 825 $showredirectcheck = "checked=\"checked\""; 826 } 827 else 828 { 829 $showredirectcheck = ""; 830 } 831 832 if($user['pmnotify'] != 0) 833 { 834 $pmnotifycheck = "checked=\"checked\""; 835 } 836 else 837 { 838 $pmnotifycheck = ''; 839 } 840 841 842 if($user['threadmode'] != "threaded" && $user['threadmode'] != "linear") 843 { 844 $user['threadmode'] = ''; // Leave blank to show default 845 } 846 847 if($user['classicpostbit'] != 0) 848 { 849 $classicpostbitcheck = "checked=\"checked\""; 850 } 851 else 852 { 853 $classicpostbitcheck = ''; 854 } 855 856 857 $date_format_options = "<option value=\"0\">{$lang->use_default}</option>"; 858 foreach($date_formats as $key => $format) 859 { 860 if($user['dateformat'] == $key) 861 { 862 $date_format_options .= "<option value=\"$key\" selected=\"selected\">".my_date($format, TIME_NOW, "", 0)."</option>"; 863 } 864 else 865 { 866 $date_format_options .= "<option value=\"$key\">".my_date($format, TIME_NOW, "", 0)."</option>"; 867 } 868 } 869 870 $time_format_options = "<option value=\"0\">{$lang->use_default}</option>"; 871 foreach($time_formats as $key => $format) 872 { 873 if($user['timeformat'] == $key) 874 { 875 $time_format_options .= "<option value=\"$key\" selected=\"selected\">".my_date($format, TIME_NOW, "", 0)."</option>"; 876 } 877 else 878 { 879 $time_format_options .= "<option value=\"$key\">".my_date($format, TIME_NOW, "", 0)."</option>"; 880 } 881 } 882 883 $tzselect = build_timezone_select("timezoneoffset", $mybb->user['timezone'], true); 884 885 if($mybb->settings['allowbuddyonly'] == 1) 886 { 887 eval("\$pms_from_buddys = \"".$templates->get("usercp_options_pms_from_buddys")."\";"); 888 } 889 890 $threadview[$user['threadmode']] = 'selected="selected"'; 891 $daysprunesel[$user['daysprune']] = 'selected="selected"'; 892 $stylelist = build_theme_select("style", $user['style']); 893 if($mybb->settings['usertppoptions']) 894 { 895 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 896 $tppoptions = ''; 897 if(is_array($explodedtpp)) 898 { 899 foreach($explodedtpp as $key => $val) 900 { 901 $val = trim($val); 902 $selected = ""; 903 if($user['tpp'] == $val) 904 { 905 $selected = "selected=\"selected\""; 906 } 907 $tppoptions .= "<option value=\"$val\" $selected>".$lang->sprintf($lang->tpp_option, $val)."</option>\n"; 908 } 909 } 910 eval("\$tppselect = \"".$templates->get("usercp_options_tppselect")."\";"); 911 } 912 if($mybb->settings['userpppoptions']) 913 { 914 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 915 $pppoptions = ''; 916 if(is_array($explodedppp)) 917 { 918 foreach($explodedppp as $key => $val) 919 { 920 $val = trim($val); 921 $selected = ""; 922 if($user['ppp'] == $val) 923 { 924 $selected = "selected=\"selected\""; 925 } 926 $pppoptions .= "<option value=\"$val\" $selected>".$lang->sprintf($lang->ppp_option, $val)."</option>\n"; 927 } 928 } 929 eval("\$pppselect = \"".$templates->get("usercp_options_pppselect")."\";"); 930 } 931 932 $plugins->run_hooks("usercp_options_end"); 933 934 eval("\$editprofile = \"".$templates->get("usercp_options")."\";"); 935 output_page($editprofile); 936 } 937 938 if($mybb->input['action'] == "do_email" && $mybb->request_method == "post") 939 { 940 // Verify incoming POST request 941 verify_post_check($mybb->input['my_post_key']); 942 943 $errors = array(); 944 945 $plugins->run_hooks("usercp_do_email_start"); 946 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) 947 { 948 $errors[] = $lang->error_invalidpassword; 949 } 950 else 951 { 952 // Set up user handler. 953 require_once "inc/datahandlers/user.php"; 954 $userhandler = new UserDataHandler("update"); 955 956 $user = array( 957 "uid" => $mybb->user['uid'], 958 "email" => $mybb->input['email'], 959 "email2" => $mybb->input['email2'] 960 ); 961 962 $userhandler->set_data($user); 963 964 if(!$userhandler->validate_user()) 965 { 966 $errors = $userhandler->get_friendly_errors(); 967 } 968 else 969 { 970 if($mybb->user['usergroup'] != "5" && $mybb->usergroup['cancp'] != 1) 971 { 972 $activationcode = random_str(); 973 $now = TIME_NOW; 974 $db->delete_query("awaitingactivation", "uid='".$mybb->user['uid']."'"); 975 $newactivation = array( 976 "uid" => $mybb->user['uid'], 977 "dateline" => TIME_NOW, 978 "code" => $activationcode, 979 "type" => "e", 980 "oldgroup" => $mybb->user['usergroup'], 981 "misc" => $db->escape_string($mybb->input['email']) 982 ); 983 $db->insert_query("awaitingactivation", $newactivation); 984 985 $username = $mybb->user['username']; 986 $uid = $mybb->user['uid']; 987 $lang->emailsubject_changeemail = $lang->sprintf($lang->emailsubject_changeemail, $mybb->settings['bbname']); 988 $lang->email_changeemail = $lang->sprintf($lang->email_changeemail, $mybb->user['username'], $mybb->settings['bbname'], $mybb->user['email'], $mybb->input['email'], $mybb->settings['bburl'], $activationcode, $mybb->user['username'], $mybb->user['uid']); 989 my_mail($mybb->input['email'], $lang->emailsubject_changeemail, $lang->email_changeemail); 990 991 $plugins->run_hooks("usercp_do_email_verify"); 992 error($lang->redirect_changeemail_activation); 993 } 994 else 995 { 996 $userhandler->update_user(); 997 $plugins->run_hooks("usercp_do_email_changed"); 998 redirect("usercp.php", $lang->redirect_emailupdated); 999 } 1000 } 1001 } 1002 if(count($errors) > 0) 1003 { 1004 $mybb->input['action'] = "email"; 1005 $errors = inline_error($errors); 1006 } 1007 } 1008 1009 if($mybb->input['action'] == "email") 1010 { 1011 // Coming back to this page after one or more errors were experienced, show fields the user previously entered (with the exception of the password) 1012 if($errors) 1013 { 1014 $email = htmlspecialchars_uni($mybb->input['email']); 1015 $email2 = htmlspecialchars_uni($mybb->input['email2']); 1016 } 1017 else 1018 { 1019 $email = $email2 = ''; 1020 } 1021 1022 $plugins->run_hooks("usercp_email"); 1023 1024 eval("\$changemail = \"".$templates->get("usercp_email")."\";"); 1025 output_page($changemail); 1026 } 1027 1028 if($mybb->input['action'] == "do_password" && $mybb->request_method == "post") 1029 { 1030 // Verify incoming POST request 1031 verify_post_check($mybb->input['my_post_key']); 1032 1033 $errors = array(); 1034 1035 $plugins->run_hooks("usercp_do_password_start"); 1036 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['oldpassword']) == false) 1037 { 1038 $errors[] = $lang->error_invalidpassword; 1039 } 1040 else 1041 { 1042 // Set up user handler. 1043 require_once "inc/datahandlers/user.php"; 1044 $userhandler = new UserDataHandler("update"); 1045 1046 $user = array( 1047 "uid" => $mybb->user['uid'], 1048 "password" => $mybb->input['password'], 1049 "password2" => $mybb->input['password2'] 1050 ); 1051 1052 $userhandler->set_data($user); 1053 1054 if(!$userhandler->validate_user()) 1055 { 1056 $errors = $userhandler->get_friendly_errors(); 1057 } 1058 else 1059 { 1060 $userhandler->update_user(); 1061 my_setcookie("mybbuser", $mybb->user['uid']."_".$userhandler->data['loginkey']); 1062 $plugins->run_hooks("usercp_do_password_end"); 1063 redirect("usercp.php", $lang->redirect_passwordupdated); 1064 } 1065 } 1066 if(count($errors) > 0) 1067 { 1068 $mybb->input['action'] = "password"; 1069 $errors = inline_error($errors); 1070 } 1071 } 1072 1073 if($mybb->input['action'] == "password") 1074 { 1075 $plugins->run_hooks("usercp_password"); 1076 1077 eval("\$editpassword = \"".$templates->get("usercp_password")."\";"); 1078 output_page($editpassword); 1079 } 1080 1081 if($mybb->input['action'] == "do_changename" && $mybb->request_method == "post") 1082 { 1083 // Verify incoming POST request 1084 verify_post_check($mybb->input['my_post_key']); 1085 1086 $plugins->run_hooks("usercp_do_changename_start"); 1087 if($mybb->usergroup['canchangename'] != 1) 1088 { 1089 error_no_permission(); 1090 } 1091 1092 if(validate_password_from_uid($mybb->user['uid'], $mybb->input['password']) == false) 1093 { 1094 $errors[] = $lang->error_invalidpassword; 1095 } 1096 else 1097 { 1098 // Set up user handler. 1099 require_once "inc/datahandlers/user.php"; 1100 $userhandler = new UserDataHandler("update"); 1101 1102 $user = array( 1103 "uid" => $mybb->user['uid'], 1104 "username" => $mybb->input['username'] 1105 ); 1106 1107 $userhandler->set_data($user); 1108 1109 if(!$userhandler->validate_user()) 1110 { 1111 $errors = $userhandler->get_friendly_errors(); 1112 } 1113 else 1114 { 1115 $userhandler->update_user(); 1116 $plugins->run_hooks("usercp_do_changename_end"); 1117 redirect("usercp.php", $lang->redirect_namechanged); 1118 1119 } 1120 } 1121 if(count($errors) > 0) 1122 { 1123 $errors = inline_error($errors); 1124 $mybb->input['action'] = "changename"; 1125 } 1126 } 1127 1128 if($mybb->input['action'] == "changename") 1129 { 1130 $plugins->run_hooks("usercp_changename_start"); 1131 if($mybb->usergroup['canchangename'] != 1) 1132 { 1133 error_no_permission(); 1134 } 1135 1136 $plugins->run_hooks("usercp_changename_end"); 1137 1138 eval("\$changename = \"".$templates->get("usercp_changename")."\";"); 1139 output_page($changename); 1140 } 1141 1142 if($mybb->input['action'] == "do_subscriptions") 1143 { 1144 // Verify incoming POST request 1145 verify_post_check($mybb->input['my_post_key']); 1146 1147 $plugins->run_hooks("usercp_do_subscriptions_start"); 1148 1149 if(!is_array($mybb->input['check'])) 1150 { 1151 error($lang->no_subscriptions_selected); 1152 } 1153 1154 // Clean input - only accept integers thanks! 1155 $mybb->input['check'] = array_map('intval', $mybb->input['check']); 1156 $tids = implode(",", $mybb->input['check']); 1157 1158 // Deleting these subscriptions? 1159 if($mybb->input['do'] == "delete") 1160 { 1161 $db->delete_query("threadsubscriptions", "tid IN ($tids) AND uid='{$mybb->user['uid']}'"); 1162 } 1163 // Changing subscription type 1164 else 1165 { 1166 if($mybb->input['do'] == "no_notification") 1167 { 1168 $new_notification = 0; 1169 } 1170 else if($mybb->input['do'] == "instant_notification") 1171 { 1172 $new_notification = 1; 1173 } 1174 1175 // Update 1176 $update_array = array("notification" => $new_notification); 1177 $db->update_query("threadsubscriptions", $update_array, "tid IN ($tids) AND uid='{$mybb->user['uid']}'"); 1178 } 1179 1180 // Done, redirect 1181 redirect("usercp.php?action=subscriptions", $lang->redirect_subscriptions_updated); 1182 } 1183 1184 if($mybb->input['action'] == "subscriptions") 1185 { 1186 $plugins->run_hooks("usercp_subscriptions_start"); 1187 1188 // Thread visiblity 1189 $visible = "AND t.visible != 0"; 1190 if(is_moderator() == true) 1191 { 1192 $visible = ''; 1193 } 1194 1195 // Do Multi Pages 1196 $query = $db->query(" 1197 SELECT COUNT(ts.tid) as threads 1198 FROM ".TABLE_PREFIX."threadsubscriptions ts 1199 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = ts.tid) 1200 WHERE ts.uid = '".$mybb->user['uid']."' {$visible} 1201 "); 1202 $threadcount = $db->fetch_field($query, "threads"); 1203 1204 if(!$mybb->settings['threadsperpage']) 1205 { 1206 $mybb->settings['threadsperpage'] = 20; 1207 } 1208 1209 $perpage = $mybb->settings['threadsperpage']; 1210 $page = intval($mybb->input['page']); 1211 if($page > 0) 1212 { 1213 $start = ($page-1) *$perpage; 1214 } 1215 else 1216 { 1217 $start = 0; 1218 $page = 1; 1219 } 1220 $end = $start + $perpage; 1221 $lower = $start+1; 1222 $upper = $end; 1223 if($upper > $threadcount) 1224 { 1225 $upper = $threadcount; 1226 } 1227 $multipage = multipage($threadcount, $perpage, $page, "usercp.php?action=subscriptions"); 1228 $fpermissions = forum_permissions(); 1229 1230 // Fetch subscriptions 1231 $query = $db->query(" 1232 SELECT s.*, t.*, t.username AS threadusername, u.username, p.displaystyle AS threadprefix 1233 FROM ".TABLE_PREFIX."threadsubscriptions s 1234 LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) 1235 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 1236 LEFT JOIN ".TABLE_PREFIX."threadprefixes p ON (p.pid=t.prefix) 1237 WHERE s.uid='".$mybb->user['uid']."' {$visible} 1238 ORDER BY t.lastpost DESC 1239 LIMIT $start, $perpage 1240 "); 1241 while($subscription = $db->fetch_array($query)) 1242 { 1243 $forumpermissions = $fpermissions[$subscription['fid']]; 1244 1245 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) 1246 { 1247 // Hmm, you don't have permission to view this thread - unsubscribe! 1248 $del_subscriptions[] = $subscription['tid']; 1249 } 1250 else if($subscription['tid']) 1251 { 1252 $subscriptions[$subscription['tid']] = $subscription; 1253 } 1254 } 1255 1256 if(is_array($del_subscriptions)) 1257 { 1258 $tids = implode(',', $del_subscriptions); 1259 if($tids) 1260 { 1261 $db->delete_query("threadsubscriptions", "tid IN ({$tids}) AND uid='{$mybb->user['uid']}'"); 1262 } 1263 } 1264 1265 if(is_array($subscriptions)) 1266 { 1267 $tids = implode(",", array_keys($subscriptions)); 1268 1269 if($mybb->user['uid'] == 0) 1270 { 1271 // Build a forum cache. 1272 $query = $db->query(" 1273 SELECT fid 1274 FROM ".TABLE_PREFIX."forums 1275 WHERE active != 0 1276 ORDER BY pid, disporder 1277 "); 1278 1279 $forumsread = unserialize($mybb->cookies['mybb']['forumread']); 1280 } 1281 else 1282 { 1283 // Build a forum cache. 1284 $query = $db->query(" 1285 SELECT f.fid, fr.dateline AS lastread 1286 FROM ".TABLE_PREFIX."forums f 1287 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1288 WHERE f.active != 0 1289 ORDER BY pid, disporder 1290 "); 1291 } 1292 while($forum = $db->fetch_array($query)) 1293 { 1294 if($mybb->user['uid'] == 0) 1295 { 1296 if($forumsread[$forum['fid']]) 1297 { 1298 $forum['lastread'] = $forumsread[$forum['fid']]; 1299 } 1300 } 1301 $readforums[$forum['fid']] = $forum['lastread']; 1302 } 1303 1304 // Check participation by the current user in any of these threads - for 'dot' folder icons 1305 if($mybb->settings['dotfolders'] != 0) 1306 { 1307 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 1308 while($post = $db->fetch_array($query)) 1309 { 1310 $subscriptions[$post['tid']]['doticon'] = 1; 1311 } 1312 } 1313 1314 // Read threads 1315 if($mybb->settings['threadreadcut'] > 0) 1316 { 1317 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 1318 while($readthread = $db->fetch_array($query)) 1319 { 1320 $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; 1321 } 1322 } 1323 1324 $icon_cache = $cache->read("posticons"); 1325 1326 // Now we can build our subscription list 1327 foreach($subscriptions as $thread) 1328 { 1329 $bgcolor = alt_trow(); 1330 1331 $folder = ''; 1332 $prefix = ''; 1333 1334 // If this thread has a prefix, insert a space between prefix and subject 1335 if($thread['prefix'] != 0) 1336 { 1337 $thread['threadprefix'] .= ' '; 1338 } 1339 1340 // Sanitize 1341 $thread['subject'] = $parser->parse_badwords($thread['subject']); 1342 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 1343 1344 // Build our links 1345 $thread['threadlink'] = get_thread_link($thread['tid']); 1346 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 1347 1348 // Fetch the thread icon if we have one 1349 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 1350 { 1351 $icon = $icon_cache[$thread['icon']]; 1352 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 1353 } 1354 else 1355 { 1356 $icon = " "; 1357 } 1358 1359 // Determine the folder 1360 $folder = ''; 1361 $folder_label = ''; 1362 1363 if($thread['doticon']) 1364 { 1365 $folder = "dot_"; 1366 $folder_label .= $lang->icon_dot; 1367 } 1368 1369 $gotounread = ''; 1370 $isnew = 0; 1371 $donenew = 0; 1372 $lastread = 0; 1373 1374 if($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) 1375 { 1376 $forum_read = $readforums[$thread['fid']]; 1377 1378 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 1379 if($forum_read == 0 || $forum_read < $read_cutoff) 1380 { 1381 $forum_read = $read_cutoff; 1382 } 1383 } 1384 else 1385 { 1386 $forum_read = $forumsread[$thread['fid']]; 1387 } 1388 1389 if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) 1390 { 1391 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 1392 } 1393 1394 if($thread['lastpost'] > $cutoff) 1395 { 1396 if($thread['lastread']) 1397 { 1398 $lastread = $thread['lastread']; 1399 } 1400 else 1401 { 1402 $lastread = 1; 1403 } 1404 } 1405 1406 if(!$lastread) 1407 { 1408 $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); 1409 if($readcookie > $forum_read) 1410 { 1411 $lastread = $readcookie; 1412 } 1413 else 1414 { 1415 $lastread = $forum_read; 1416 } 1417 } 1418 1419 if($lastread && $lastread < $thread['lastpost']) 1420 { 1421 $folder .= "new"; 1422 $folder_label .= $lang->icon_new; 1423 $new_class = "subject_new"; 1424 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 1425 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 1426 $unreadpost = 1; 1427 } 1428 else 1429 { 1430 $folder_label .= $lang->icon_no_new; 1431 $new_class = "subject_old"; 1432 } 1433 1434 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 1435 { 1436 $folder .= "hot"; 1437 $folder_label .= $lang->icon_hot; 1438 } 1439 1440 if($thread['closed'] == 1) 1441 { 1442 $folder .= "lock"; 1443 $folder_label .= $lang->icon_lock; 1444 } 1445 1446 $folder .= "folder"; 1447 1448 if($thread['visible'] == 0) 1449 { 1450 $bgcolor = "trow_shaded"; 1451 } 1452 1453 // Build last post info 1454 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 1455 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 1456 $lastposter = $thread['lastposter']; 1457 $lastposteruid = $thread['lastposteruid']; 1458 1459 // Don't link to guest's profiles (they have no profile). 1460 if($lastposteruid == 0) 1461 { 1462 $lastposterlink = $lastposter; 1463 } 1464 else 1465 { 1466 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 1467 } 1468 1469 $thread['replies'] = my_number_format($thread['replies']); 1470 $thread['views'] = my_number_format($thread['views']); 1471 1472 // What kind of notification type do we have here? 1473 switch($thread['notification']) 1474 { 1475 case "1": // Instant 1476 $notification_type = $lang->instant_notification; 1477 break; 1478 default: // No notification 1479 $notification_type = $lang->no_notification; 1480 } 1481 1482 eval("\$threads .= \"".$templates->get("usercp_subscriptions_thread")."\";"); 1483 } 1484 1485 // Provide remove options 1486 eval("\$remove_options = \"".$templates->get("usercp_subscriptions_remove")."\";"); 1487 } 1488 else 1489 { 1490 eval("\$threads = \"".$templates->get("usercp_subscriptions_none")."\";"); 1491 } 1492 1493 $plugins->run_hooks("usercp_subscriptions_end"); 1494 1495 eval("\$subscriptions = \"".$templates->get("usercp_subscriptions")."\";"); 1496 output_page($subscriptions); 1497 } 1498 if($mybb->input['action'] == "forumsubscriptions") 1499 { 1500 $plugins->run_hooks("usercp_forumsubscriptions_start"); 1501 $query = $db->simple_select("forumpermissions", "*", "gid='".$db->escape_string($mybb->user['usergroup'])."'"); 1502 while($permissions = $db->fetch_array($query)) 1503 { 1504 $permissioncache[$permissions['gid']][$permissions['fid']] = $permissions; 1505 } 1506 1507 if($mybb->user['uid'] == 0) 1508 { 1509 // Build a forum cache. 1510 $query = $db->query(" 1511 SELECT fid 1512 FROM ".TABLE_PREFIX."forums 1513 WHERE active != 0 1514 ORDER BY pid, disporder 1515 "); 1516 1517 $forumsread = unserialize($mybb->cookies['mybb']['forumread']); 1518 } 1519 else 1520 { 1521 // Build a forum cache. 1522 $query = $db->query(" 1523 SELECT f.fid, fr.dateline AS lastread 1524 FROM ".TABLE_PREFIX."forums f 1525 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1526 WHERE f.active != 0 1527 ORDER BY pid, disporder 1528 "); 1529 } 1530 while($forum = $db->fetch_array($query)) 1531 { 1532 if($mybb->user['uid'] == 0) 1533 { 1534 if($forumsread[$forum['fid']]) 1535 { 1536 $forum['lastread'] = $forumsread[$forum['fid']]; 1537 } 1538 } 1539 $readforums[$forum['fid']] = $forum['lastread']; 1540 } 1541 1542 require_once MYBB_ROOT."inc/functions_forumlist.php"; 1543 1544 $fpermissions = forum_permissions(); 1545 $query = $db->query(" 1546 SELECT fs.*, f.*, t.subject AS lastpostsubject, fr.dateline AS lastread 1547 FROM ".TABLE_PREFIX."forumsubscriptions fs 1548 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid = fs.fid) 1549 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid = f.lastposttid) 1550 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 1551 WHERE f.type='f' AND fs.uid='".$mybb->user['uid']."' 1552 ORDER BY f.name ASC 1553 "); 1554 $forums = ''; 1555 while($forum = $db->fetch_array($query)) 1556 { 1557 $forum_url = get_forum_link($forum['fid']); 1558 $forumpermissions = $fpermissions[$forum['fid']]; 1559 if($forumpermissions['canview'] != 0) 1560 { 1561 $lightbulb = get_forum_lightbulb(array('open' => $forum['open'], 'lastread' => $forum['lastread']), array('lastpost' => $forum['lastpost'])); 1562 $folder = $lightbulb['folder']; 1563 if($forum['lastpost'] == 0 || $forum['lastposter'] == "") 1564 { 1565 $lastpost = "<div align=\"center\">$lang->never</div>"; 1566 } 1567 else 1568 { 1569 $lastpost_date = my_date($mybb->settings['dateformat'], $forum['lastpost']); 1570 $lastpost_time = my_date($mybb->settings['timeformat'], $forum['lastpost']); 1571 $lastposttid = $forum['lastposttid']; 1572 $lastposter = $forum['lastposter']; 1573 $lastpost_profilelink = build_profile_link($lastposter, $forum['lastposteruid']); 1574 $lastpost_subject = $forum['lastpostsubject']; 1575 if(my_strlen($lastpost_subject) > 25) 1576 { 1577 $lastpost_subject = my_substr($lastpost_subject, 0, 25) . "..."; 1578 } 1579 $lastpost_link = get_thread_link($forum['lastposttid'], 0, "lastpost"); 1580 eval("\$lastpost = \"".$templates->get("forumbit_depth2_forum_lastpost")."\";"); 1581 } 1582 } 1583 $posts = my_number_format($forum['posts']); 1584 $threads = my_number_format($forum['threads']); 1585 if($mybb->settings['showdescriptions'] == 0) 1586 { 1587 $forum['description'] = ""; 1588 } 1589 eval("\$forums .= \"".$templates->get("usercp_forumsubscriptions_forum")."\";"); 1590 } 1591 if(!$forums) 1592 { 1593 eval("\$forums = \"".$templates->get("usercp_forumsubscriptions_none")."\";"); 1594 } 1595 $plugins->run_hooks("usercp_forumsubscriptions_end"); 1596 eval("\$forumsubscriptions = \"".$templates->get("usercp_forumsubscriptions")."\";"); 1597 output_page($forumsubscriptions); 1598 } 1599 1600 if($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") 1601 { 1602 // Verify incoming POST request 1603 verify_post_check($mybb->input['my_post_key']); 1604 1605 $plugins->run_hooks("usercp_do_editsig_start"); 1606 1607 // User currently has a suspended signature 1608 if($mybb->user['suspendsignature'] == 1 && $mybb->user['suspendsigtime'] > TIME_NOW) 1609 { 1610 error_no_permission(); 1611 } 1612 1613 if($mybb->input['updateposts'] == "enable") 1614 { 1615 $update_signature = array( 1616 "includesig" => 1 1617 ); 1618 $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'"); 1619 } 1620 elseif($mybb->input['updateposts'] == "disable") 1621 { 1622 $update_signature = array( 1623 "includesig" => 0 1624 ); 1625 $db->update_query("posts", $update_signature, "uid='".$mybb->user['uid']."'"); 1626 } 1627 $new_signature = array( 1628 "signature" => $db->escape_string($mybb->input['signature']) 1629 ); 1630 $plugins->run_hooks("usercp_do_editsig_process"); 1631 $db->update_query("users", $new_signature, "uid='".$mybb->user['uid']."'"); 1632 $plugins->run_hooks("usercp_do_editsig_end"); 1633 redirect("usercp.php?action=editsig", $lang->redirect_sigupdated); 1634 1635 } 1636 1637 if($mybb->input['action'] == "editsig") 1638 { 1639 $plugins->run_hooks("usercp_editsig_start"); 1640 if($mybb->input['preview'] && !$error) 1641 { 1642 $sig = $mybb->input['signature']; 1643 $template = "usercp_editsig_preview"; 1644 } 1645 elseif(!$error) 1646 { 1647 $sig = $mybb->user['signature']; 1648 $template = "usercp_editsig_current"; 1649 } 1650 else if($error) 1651 { 1652 $sig = $mybb->input['signature']; 1653 $template = false; 1654 } 1655 1656 if($mybb->user['suspendsignature'] && ($mybb->user['suspendsigtime'] == 0 || $mybb->user['suspendsigtime'] > 0 && $mybb->user['suspendsigtime'] > TIME_NOW)) 1657 { 1658 // User currently has no signature and they're suspended 1659 error($lang->sig_suspended); 1660 } 1661 1662 if($mybb->usergroup['canusesig'] != 1) 1663 { 1664 // Usergroup has no permission to use this facility 1665 error_no_permission(); 1666 } 1667 else if($mybb->usergroup['canusesig'] == 1 && $mybb->usergroup['canusesigxposts'] > 0 && $mybb->user['postnum'] < $mybb->usergroup['canusesigxposts']) 1668 { 1669 // Usergroup can use this facility, but only after x posts 1670 error($lang->sprintf($lang->sig_suspended_posts, $mybb->usergroup['canusesigxposts'])); 1671 } 1672 1673 if($sig && $template) 1674 { 1675 $sig_parser = array( 1676 "allow_html" => $mybb->settings['sightml'], 1677 "allow_mycode" => $mybb->settings['sigmycode'], 1678 "allow_smilies" => $mybb->settings['sigsmilies'], 1679 "allow_imgcode" => $mybb->settings['sigimgcode'], 1680 "me_username" => $mybb->user['username'], 1681 ); 1682 1683 $sigpreview = $parser->parse_message($sig, $sig_parser); 1684 eval("\$signature = \"".$templates->get($template)."\";"); 1685 } 1686 1687 // User has a current signature, so let's display it (but show an error message) 1688 if($mybb->user['suspendsignature'] && $mybb->user['suspendsigtime'] > TIME_NOW) 1689 { 1690 $plugins->run_hooks("usercp_editsig_end"); 1691 1692 // User either doesn't have permission, or has their signature suspended 1693 eval("\$editsig = \"".$templates->get("usercp_editsig_suspended")."\";"); 1694 } 1695 else 1696 { 1697 // User is allowed to edit their signature 1698 if($mybb->settings['sigsmilies'] == 1) 1699 { 1700 $sigsmilies = $lang->on; 1701 $smilieinserter = build_clickable_smilies(); 1702 } 1703 else 1704 { 1705 $sigsmilies = $lang->off; 1706 } 1707 if($mybb->settings['sigmycode'] == 1) 1708 { 1709 $sigmycode = $lang->on; 1710 } 1711 else 1712 { 1713 $sigmycode = $lang->off; 1714 } 1715 if($mybb->settings['sightml'] == 1) 1716 { 1717 $sightml = $lang->on; 1718 } 1719 else 1720 { 1721 $sightml = $lang->off; 1722 } 1723 if($mybb->settings['sigimgcode'] == 1) 1724 { 1725 $sigimgcode = $lang->on; 1726 } 1727 else 1728 { 1729 $sigimgcode = $lang->off; 1730 } 1731 $sig = htmlspecialchars_uni($sig); 1732 $lang->edit_sig_note2 = $lang->sprintf($lang->edit_sig_note2, $sigsmilies, $sigmycode, $sigimgcode, $sightml, $mybb->settings['siglength']); 1733 1734 if($mybb->settings['bbcodeinserter'] != 0 || $mybb->user['showcodebuttons'] != 0) 1735 { 1736 $codebuttons = build_mycode_inserter("signature"); 1737 } 1738 1739 $plugins->run_hooks("usercp_editsig_end"); 1740 1741 eval("\$editsig = \"".$templates->get("usercp_editsig")."\";"); 1742 } 1743 1744 output_page($editsig); 1745 } 1746 1747 if($mybb->input['action'] == "do_avatar" && $mybb->request_method == "post") 1748 { 1749 // Verify incoming POST request 1750 verify_post_check($mybb->input['my_post_key']); 1751 1752 $plugins->run_hooks("usercp_do_avatar_start"); 1753 require_once MYBB_ROOT."inc/functions_upload.php"; 1754 1755 $avatar_error = ""; 1756 1757 if($mybb->input['remove']) // remove avatar 1758 { 1759 $updated_avatar = array( 1760 "avatar" => "", 1761 "avatardimensions" => "", 1762 "avatartype" => "" 1763 ); 1764 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1765 remove_avatars($mybb->user['uid']); 1766 } 1767 elseif($mybb->input['gallery']) // Gallery avatar 1768 { 1769 if(empty($mybb->input['avatar'])) 1770 { 1771 $avatar_error = $lang->error_noavatar; 1772 } 1773 1774 $mybb->input['gallery'] = str_replace(array("./", ".."), "", $mybb->input['gallery']); 1775 $mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']); 1776 1777 if(empty($avatar_error)) 1778 { 1779 if($mybb->input['gallery'] == "default") 1780 { 1781 $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar']); 1782 } 1783 else 1784 { 1785 $avatarpath = $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['gallery']."/".$mybb->input['avatar']); 1786 } 1787 1788 if(file_exists($avatarpath)) 1789 { 1790 $dimensions = @getimagesize($avatarpath); 1791 1792 $updated_avatar = array( 1793 "avatar" => $avatarpath.'?dateline='.TIME_NOW, 1794 "avatardimensions" => "{$dimensions[0]}|{$dimensions[1]}", 1795 "avatartype" => "gallery" 1796 ); 1797 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1798 } 1799 remove_avatars($mybb->user['uid']); 1800 } 1801 } 1802 elseif($_FILES['avatarupload']['name']) // upload avatar 1803 { 1804 if($mybb->usergroup['canuploadavatars'] == 0) 1805 { 1806 error_no_permission(); 1807 } 1808 $avatar = upload_avatar(); 1809 if($avatar['error']) 1810 { 1811 $avatar_error = $avatar['error']; 1812 } 1813 else 1814 { 1815 if($avatar['width'] > 0 && $avatar['height'] > 0) 1816 { 1817 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 1818 } 1819 $updated_avatar = array( 1820 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 1821 "avatardimensions" => $avatar_dimensions, 1822 "avatartype" => "upload" 1823 ); 1824 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1825 } 1826 } 1827 else // remote avatar 1828 { 1829 $mybb->input['avatarurl'] = preg_replace("#script:#i", "", $mybb->input['avatarurl']); 1830 $ext = get_extension($mybb->input['avatarurl']); 1831 1832 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 1833 $file = fetch_remote_file($mybb->input['avatarurl']); 1834 if(!$file) 1835 { 1836 $avatar_error = $lang->error_invalidavatarurl; 1837 } 1838 else 1839 { 1840 $tmp_name = $mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 1841 $fp = @fopen($tmp_name, "wb"); 1842 if(!$fp) 1843 { 1844 $avatar_error = $lang->error_invalidavatarurl; 1845 } 1846 else 1847 { 1848 fwrite($fp, $file); 1849 fclose($fp); 1850 list($width, $height, $type) = @getimagesize($tmp_name); 1851 @unlink($tmp_name); 1852 if(!$type) 1853 { 1854 $avatar_error = $lang->error_invalidavatarurl; 1855 } 1856 } 1857 } 1858 1859 if(empty($avatar_error)) 1860 { 1861 if($width && $height && $mybb->settings['maxavatardims'] != "") 1862 { 1863 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 1864 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 1865 { 1866 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 1867 $avatar_error = $lang->error_avatartoobig; 1868 } 1869 } 1870 } 1871 1872 if(empty($avatar_error)) 1873 { 1874 if($width > 0 && $height > 0) 1875 { 1876 $avatar_dimensions = intval($width)."|".intval($height); 1877 } 1878 $updated_avatar = array( 1879 "avatar" => $db->escape_string($mybb->input['avatarurl'].'?dateline='.TIME_NOW), 1880 "avatardimensions" => $avatar_dimensions, 1881 "avatartype" => "remote" 1882 ); 1883 $db->update_query("users", $updated_avatar, "uid='".$mybb->user['uid']."'"); 1884 remove_avatars($mybb->user['uid']); 1885 } 1886 } 1887 1888 if(empty($avatar_error)) 1889 { 1890 $plugins->run_hooks("usercp_do_avatar_end"); 1891 redirect("usercp.php", $lang->redirect_avatarupdated); 1892 } 1893 else 1894 { 1895 $mybb->input['action'] = "avatar"; 1896 $avatar_error = inline_error($avatar_error); 1897 } 1898 } 1899 1900 if($mybb->input['action'] == "avatar") 1901 { 1902 $plugins->run_hooks("usercp_avatar_start"); 1903 // Get a listing of available galleries 1904 $gallerylist['default'] = $lang->default_gallery; 1905 $avatardir = @opendir($mybb->settings['avatardir']); 1906 while($dir = @readdir($avatardir)) 1907 { 1908 if(is_dir($mybb->settings['avatardir']."/$dir") && substr($dir, 0, 1) != ".") 1909 { 1910 $gallerylist[$dir] = str_replace("_", " ", $dir); 1911 } 1912 } 1913 @closedir($avatardir); 1914 natcasesort($gallerylist); 1915 reset($gallerylist); 1916 $galleries = ''; 1917 foreach($gallerylist as $dir => $friendlyname) 1918 { 1919 if($dir == $mybb->input['gallery']) 1920 { 1921 $activegallery = $friendlyname; 1922 $selected = "selected=\"selected\""; 1923 } 1924 $galleries .= "<option value=\"$dir\" $selected>$friendlyname</option>\n"; 1925 $selected = ""; 1926 } 1927 1928 // Check to see if we're in a gallery or not 1929 if($activegallery) 1930 { 1931 $gallery = str_replace("..", "", $mybb->input['gallery']); 1932 $lang->avatars_in_gallery = $lang->sprintf($lang->avatars_in_gallery, $activegallery); 1933 // Get a listing of avatars in this gallery 1934 $avatardir = $mybb->settings['avatardir']; 1935 if($gallery != "default") 1936 { 1937 $avatardir .= "/$gallery"; 1938 } 1939 $opendir = opendir($avatardir); 1940 while($avatar = @readdir($opendir)) 1941 { 1942 $avatarpath = $avatardir."/".$avatar; 1943 if(is_file($avatarpath) && preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $avatar)) 1944 { 1945 $avatars[] = $avatar; 1946 } 1947 } 1948 @closedir($opendir); 1949 1950 if(is_array($avatars)) 1951 { 1952 natcasesort($avatars); 1953 reset($avatars); 1954 $count = 0; 1955 $avatarlist = "<tr>\n"; 1956 foreach($avatars as $avatar) 1957 { 1958 $avatarpath = $avatardir."/".$avatar; 1959 $avatarname = preg_replace("#\.(jpg|jpeg|gif|bmp|png)$#i", "", $avatar); 1960 $avatarname = ucwords(str_replace("_", " ", $avatarname)); 1961 if($mybb->user['avatar'] == $avatarpath) 1962 { 1963 $checked = "checked=\"checked\""; 1964 } 1965 if($count == 5) 1966 { 1967 $avatarlist .= "</tr>\n<tr>\n"; 1968 $count = 0; 1969 } 1970 ++$count; 1971 eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_avatar")."\";"); 1972 } 1973 if($count != 0) 1974 { 1975 for($i = $count; $i <= 5; ++$i) 1976 { 1977 eval("\$avatarlist .= \"".$templates->get("usercp_avatar_gallery_blankblock")."\";"); 1978 } 1979 } 1980 } 1981 else 1982 { 1983 eval("\$avatarlist = \"".$templates->get("usercp_avatar_gallery_noavatars")."\";"); 1984 } 1985 1986 $plugins->run_hooks("usercp_avatar_end"); 1987 1988 eval("\$gallery = \"".$templates->get("usercp_avatar_gallery")."\";"); 1989 output_page($gallery); 1990 } 1991 // Show main avatar page 1992 else 1993 { 1994 if($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath'])) 1995 { 1996 $avatarmsg = "<br /><strong>".$lang->already_uploaded_avatar."</strong>"; 1997 } 1998 elseif($mybb->user['avatartype'] == "gallery" || stristr($mybb->user['avatar'], $mybb->settings['avatardir'])) 1999 { 2000 $avatarmsg = "<br /><strong>".$lang->using_gallery_avatar."</strong>"; 2001 } 2002 elseif($mybb->user['avatartype'] == "remote" || my_strpos(my_strtolower($mybb->user['avatar']), "http://") !== false) 2003 { 2004 $avatarmsg = "<br /><strong>".$lang->using_remote_avatar."</strong>"; 2005 $avatarurl = htmlspecialchars_uni($mybb->user['avatar']); 2006 } 2007 $urltoavatar = htmlspecialchars_uni($mybb->user['avatar']); 2008 if($mybb->user['avatar']) 2009 { 2010 $avatar_dimensions = explode("|", $mybb->user['avatardimensions']); 2011 if($avatar_dimensions[0] && $avatar_dimensions[1]) 2012 { 2013 $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; 2014 } 2015 eval("\$currentavatar = \"".$templates->get("usercp_avatar_current")."\";"); 2016 $colspan = 1; 2017 } 2018 else 2019 { 2020 $colspan = 2; 2021 } 2022 if($mybb->settings['maxavatardims'] != "") 2023 { 2024 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 2025 $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_dimensions, $maxwidth, $maxheight); 2026 } 2027 if($mybb->settings['avatarsize']) 2028 { 2029 $maxsize = get_friendly_size($mybb->settings['avatarsize']*1024); 2030 $lang->avatar_note .= "<br />".$lang->sprintf($lang->avatar_note_size, $maxsize); 2031 } 2032 if($mybb->settings['avatarresizing'] == "auto") 2033 { 2034 $auto_resize = "<br /><span class=\"smalltext\">{$lang->avatar_auto_resize_note}</span>\n"; 2035 } 2036 else if($mybb->settings['avatarresizing'] == "user") 2037 { 2038 $auto_resize = "<br /><span class=\"smalltext\"><input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->avatar_auto_resize_option}</label></span>"; 2039 } 2040 2041 $plugins->run_hooks("usercp_avatar_end"); 2042 2043 eval("\$avatar = \"".$templates->get("usercp_avatar")."\";"); 2044 output_page($avatar); 2045 } 2046 } 2047 2048 if($mybb->input['action'] == "do_editlists") 2049 { 2050 // Verify incoming POST request 2051 verify_post_check($mybb->input['my_post_key']); 2052 2053 $plugins->run_hooks("usercp_do_editlists_start"); 2054 2055 $existing_users = array(); 2056 $selected_list = array(); 2057 if($mybb->input['manage'] == "ignored") 2058 { 2059 if($mybb->user['ignorelist']) 2060 { 2061 $existing_users = explode(",", $mybb->user['ignorelist']); 2062 } 2063 2064 if($mybb->user['buddylist']) 2065 { 2066 // Create a list of buddies... 2067 $selected_list = explode(",", $mybb->user['buddylist']); 2068 } 2069 } 2070 else 2071 { 2072 if($mybb->user['buddylist']) 2073 { 2074 $existing_users = explode(",", $mybb->user['buddylist']); 2075 } 2076 2077 if($mybb->user['ignorelist']) 2078 { 2079 // Create a list of ignored users 2080 $selected_list = explode(",", $mybb->user['ignorelist']); 2081 } 2082 } 2083 2084 $error_message = ""; 2085 $message = ""; 2086 2087 // Adding one or more users to this list 2088 if($mybb->input['add_username']) 2089 { 2090 // Split up any usernames we have 2091 $found_users = 0; 2092 $adding_self = false; 2093 $users = explode(",", $mybb->input['add_username']); 2094 $users = array_map("trim", $users); 2095 $users = array_unique($users); 2096 foreach($users as $key => $username) 2097 { 2098 if(empty($username)) 2099 { 2100 unset($users[$key]); 2101 continue; 2102 } 2103 2104 if(my_strtoupper($mybb->user['username']) == my_strtoupper($username)) 2105 { 2106 $adding_self = true; 2107 unset($users[$key]); 2108 continue; 2109 } 2110 $users[$key] = $db->escape_string($username); 2111 } 2112 2113 // Fetch out new users 2114 if(count($users) > 0) 2115 { 2116 $query = $db->simple_select("users", "uid", "LOWER(username) IN ('".my_strtolower(implode("','", $users))."')"); 2117 while($user = $db->fetch_array($query)) 2118 { 2119 ++$found_users; 2120 2121 // Make sure we're not adding a duplicate 2122 if(in_array($user['uid'], $existing_users) || in_array($user['uid'], $selected_list)) 2123 { 2124 if($mybb->input['manage'] == "ignored") 2125 { 2126 $error_message = "ignore"; 2127 } 2128 else 2129 { 2130 $error_message = "buddy"; 2131 } 2132 2133 // On another list? 2134 $string = "users_already_on_".$error_message."_list"; 2135 if(in_array($user['uid'], $selected_list)) 2136 { 2137 $string .= "_alt"; 2138 } 2139 2140 $error_message = $lang->$string; 2141 array_pop($users); // To maintain a proper count when we call count($users) 2142 continue; 2143 } 2144 2145 $existing_users[] = $user['uid']; 2146 } 2147 } 2148 2149 if(($adding_self != true || ($adding_self == true && count($users) > 0)) && ($error_message == "" || count($users) > 1)) 2150 { 2151 if($mybb->input['manage'] == "ignored") 2152 { 2153 $message = $lang->users_added_to_ignore_list; 2154 } 2155 else 2156 { 2157 $message = $lang->users_added_to_buddy_list; 2158 } 2159 } 2160 2161 if($adding_self == true) 2162 { 2163 if($mybb->input['manage'] == "ignored") 2164 { 2165 $error_message = $lang->cant_add_self_to_ignore_list; 2166 } 2167 else 2168 { 2169 $error_message = $lang->cant_add_self_to_buddy_list; 2170 } 2171 } 2172 2173 if(count($existing_users) == 0) 2174 { 2175 $message = ""; 2176 } 2177 2178 if($found_users < count($users)) 2179 { 2180 if($error_message) 2181 { 2182 $error_message .= "<br />"; 2183 } 2184 2185 $error_message .= $lang->invalid_user_selected; 2186 } 2187 } 2188 2189 // Removing a user from this list 2190 else if($mybb->input['delete']) 2191 { 2192 // Check if user exists on the list 2193 $key = array_search($mybb->input['delete'], $existing_users); 2194 if($key !== false) 2195 { 2196 unset($existing_users[$key]); 2197 $user = get_user($mybb->input['delete']); 2198 if($mybb->input['manage'] == "ignored") 2199 { 2200 $message = $lang->removed_from_ignore_list; 2201 } 2202 else 2203 { 2204 $message = $lang->removed_from_buddy_list; 2205 } 2206 $message = $lang->sprintf($message, $user['username']); 2207 } 2208 } 2209 2210 // Now we have the new list, so throw it all back together 2211 $new_list = implode(",", $existing_users); 2212 2213 // And clean it up a little to ensure there is no possibility of bad values 2214 $new_list = preg_replace("#,{2,}#", ",", $new_list); 2215 $new_list = preg_replace("#[^0-9,]#", "", $new_list); 2216 2217 if(my_substr($new_list, 0, 1) == ",") 2218 { 2219 $new_list = my_substr($new_list, 1); 2220 } 2221 if(my_substr($new_list, -1) == ",") 2222 { 2223 $new_list = my_substr($new_list, 0, my_strlen($new_list)-2); 2224 } 2225 2226 // And update 2227 $user = array(); 2228 if($mybb->input['manage'] == "ignored") 2229 { 2230 $user['ignorelist'] = $db->escape_string($new_list); 2231 $mybb->user['ignorelist'] = $user['ignorelist']; 2232 } 2233 else 2234 { 2235 $user['buddylist'] = $db->escape_string($new_list); 2236 $mybb->user['buddylist'] = $user['buddylist']; 2237 } 2238 2239 $db->update_query("users", $user, "uid='".$mybb->user['uid']."'"); 2240 2241 $plugins->run_hooks("usercp_do_editlists_end"); 2242 2243 // Ajax based request, throw new list to browser 2244 if($mybb->input['ajax']) 2245 { 2246 if($mybb->input['manage'] == "ignored") 2247 { 2248 $list = "ignore"; 2249 } 2250 else 2251 { 2252 $list = "buddy"; 2253 } 2254 2255 if($message) 2256 { 2257 $message_js = "var success = document.createElement('div'); var element = \$('{$list}_list'); element.parentNode.insertBefore(success, element); success.innerHTML = '{$message}'; success.className = 'success_message'; window.setTimeout(function() { Element.remove(success) }, 5000);"; 2258 } 2259 2260 if($error_message) 2261 { 2262 $message_js .= " var error = document.createElement('div'); var element = \$('{$list}_list'); element.parentNode.insertBefore(error, element); error.innerHTML = '{$error_message}'; error.className = 'error_message'; window.setTimeout(function() { Element.remove(error) }, 5000);"; 2263 } 2264 2265 if($mybb->input['delete']) 2266 { 2267 header("Content-type: text/javascript"); 2268 echo "Element.remove('{$mybb->input['manage']}_{$mybb->input['delete']}');\n"; 2269 if($new_list == "") 2270 { 2271 echo "\$('{$mybb->input['manage']}_count').innerHTML = '0';\n"; 2272 if($mybb->input['manage'] == "ignored") 2273 { 2274 echo "\$('ignore_list').innerHTML = '<li>{$lang->ignore_list_empty}</li>';\n"; 2275 } 2276 else 2277 { 2278 echo "\$('buddy_list').innerHTML = '<li>{$lang->buddy_list_empty}</li>';\n"; 2279 } 2280 } 2281 else 2282 { 2283 echo "\$('{$mybb->input['manage']}_count').innerHTML = '".count(explode(",", $new_list))."';\n"; 2284 } 2285 echo $message_js; 2286 exit; 2287 } 2288 $mybb->input['action'] = "editlists"; 2289 } 2290 else 2291 { 2292 if($error_message) 2293 { 2294 $message .= "<br />".$error_message; 2295 } 2296 redirect("usercp.php?action=editlists#{$mybb->input['manage']}", $message); 2297 } 2298 } 2299 2300 if($mybb->input['action'] == "editlists") 2301 { 2302 $plugins->run_hooks("usercp_editlists_start"); 2303 2304 $timecut = TIME_NOW - $mybb->settings['wolcutoff']; 2305 2306 // Fetch out buddies 2307 $buddy_count = 0; 2308 if($mybb->user['buddylist']) 2309 { 2310 $type = "buddy"; 2311 $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array("order_by" => "username")); 2312 while($user = $db->fetch_array($query)) 2313 { 2314 $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); 2315 if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) 2316 { 2317 $status = "online"; 2318 } 2319 else 2320 { 2321 $status = "offline"; 2322 } 2323 eval("\$buddy_list .= \"".$templates->get("usercp_editlists_user")."\";"); 2324 ++$buddy_count; 2325 } 2326 } 2327 2328 $lang->current_buddies = $lang->sprintf($lang->current_buddies, $buddy_count); 2329 if(!$buddy_list) 2330 { 2331 $buddy_list = "<li>{$lang->buddy_list_empty}</li>"; 2332 } 2333 2334 // Fetch out ignore list users 2335 $ignore_count = 0; 2336 if($mybb->user['ignorelist']) 2337 { 2338 $type = "ignored"; 2339 $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['ignorelist']})", array("order_by" => "username")); 2340 while($user = $db->fetch_array($query)) 2341 { 2342 $profile_link = build_profile_link(format_name($user['username'], $user['usergroup'], $user['displaygroup']), $user['uid']); 2343 if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive']) 2344 { 2345 $status = "online"; 2346 } 2347 else 2348 { 2349 $status = "offline"; 2350 } 2351 eval("\$ignore_list .= \"".$templates->get("usercp_editlists_user")."\";"); 2352 ++$ignore_count; 2353 } 2354 } 2355 2356 $lang->current_ignored_users = $lang->sprintf($lang->current_ignored_users, $ignore_count); 2357 if(!$ignore_list) 2358 { 2359 $ignore_list = "<li>{$lang->ignore_list_empty}</li>"; 2360 } 2361 2362 // If an AJAX request from buddy management, echo out whatever the new list is. 2363 if($mybb->request_method == "post" && $mybb->input['ajax'] == 1) 2364 { 2365 if($mybb->input['manage'] == "ignored") 2366 { 2367 echo $ignore_list; 2368 echo "<script type=\"text/javascript\"> $('ignored_count').innerHTML = '{$ignore_count}'; {$message_js}</script>"; 2369 } 2370 else 2371 { 2372 echo $buddy_list; 2373 echo "<script type=\"text/javascript\"> $('buddy_count').innerHTML = '{$buddy_count}'; {$message_js}</script>"; 2374 } 2375 exit; 2376 } 2377 2378 $plugins->run_hooks("usercp_editlists_end"); 2379 2380 eval("\$listpage = \"".$templates->get("usercp_editlists")."\";"); 2381 output_page($listpage); 2382 } 2383 2384 if($mybb->input['action'] == "drafts") 2385 { 2386 $plugins->run_hooks("usercp_drafts_start"); 2387 // Show a listing of all of the current 'draft' posts or threads the user has. 2388 $drafts = ''; 2389 $query = $db->query(" 2390 SELECT p.subject, p.pid, t.tid, t.subject AS threadsubject, t.fid, f.name AS forumname, p.dateline, t.visible AS threadvisible, p.visible AS postvisible 2391 FROM ".TABLE_PREFIX."posts p 2392 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 2393 LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=t.fid) 2394 WHERE p.uid='".$mybb->user['uid']."' AND p.visible='-2' 2395 ORDER BY p.dateline DESC 2396 "); 2397 while($draft = $db->fetch_array($query)) 2398 { 2399 $trow = alt_trow(); 2400 if($draft['threadvisible'] == 1) // We're looking at a draft post 2401 { 2402 $detail = $lang->thread." <a href=\"".get_thread_link($draft['tid'])."\">".htmlspecialchars_uni($draft['threadsubject'])."</a>"; 2403 $editurl = "newreply.php?action=editdraft&pid={$draft['pid']}"; 2404 $id = $draft['pid']; 2405 $type = "post"; 2406 } 2407 elseif($draft['threadvisible'] == -2) // We're looking at a draft thread 2408 { 2409 $detail = $lang->forum." <a href=\"".get_forum_link($draft['fid'])."\">".htmlspecialchars_uni($draft['forumname'])."</a>"; 2410 $editurl = "newthread.php?action=editdraft&tid={$draft['tid']}"; 2411 $id = $draft['tid']; 2412 $type = "thread"; 2413 } 2414 $draft['subject'] = htmlspecialchars_uni($draft['subject']); 2415 $savedate = my_date($mybb->settings['dateformat'], $draft['dateline']); 2416 $savetime = my_date($mybb->settings['timeformat'], $draft['dateline']); 2417 eval("\$drafts .= \"".$templates->get("usercp_drafts_draft")."\";"); 2418 } 2419 if(!$drafts) 2420 { 2421 eval("\$drafts = \"".$templates->get("usercp_drafts_none")."\";"); 2422 $disable_delete_drafts = 'disabled="disabled"'; 2423 } 2424 else 2425 { 2426 eval("\$draftsubmit = \"".$templates->get("usercp_drafts_submit")."\";"); 2427 $disable_delete_drafts = ''; 2428 } 2429 2430 $query = $db->simple_select("posts", "COUNT(*) AS draftcount", "visible='-2' AND uid='".$mybb->user['uid']."'"); 2431 $count = $db->fetch_array($query); 2432 $draftcount = "(".my_number_format($count['draftcount']).")"; 2433 2434 $plugins->run_hooks("usercp_drafts_end"); 2435 2436 eval("\$draftlist = \"".$templates->get("usercp_drafts")."\";"); 2437 output_page($draftlist); 2438 2439 } 2440 if($mybb->input['action'] == "do_drafts" && $mybb->request_method == "post") 2441 { 2442 // Verify incoming POST request 2443 verify_post_check($mybb->input['my_post_key']); 2444 2445 $plugins->run_hooks("usercp_do_drafts_start"); 2446 if(!$mybb->input['deletedraft']) 2447 { 2448 error($lang->no_drafts_selected); 2449 } 2450 $pidin = array(); 2451 $tidin = array(); 2452 foreach($mybb->input['deletedraft'] as $id => $val) 2453 { 2454 if($val == "post") 2455 { 2456 $pidin[] = "'".intval($id)."'"; 2457 } 2458 elseif($val == "thread") 2459 { 2460 $tidin[] = "'".intval($id)."'"; 2461 } 2462 } 2463 if($tidin) 2464 { 2465 $tidin = implode(",", $tidin); 2466 $db->delete_query("threads", "tid IN ($tidin) AND visible='-2' AND uid='".$mybb->user['uid']."'"); 2467 $tidinp = "OR tid IN ($tidin)"; 2468 } 2469 if($pidin || $tidinp) 2470 { 2471 if($pidin) 2472 { 2473 $pidin = implode(",", $pidin); 2474 $pidinq = "pid IN ($pidin)"; 2475 } 2476 else 2477 { 2478 $pidinq = "1=0"; 2479 } 2480 $db->delete_query("posts", "($pidinq $tidinp) AND visible='-2' AND uid='".$mybb->user['uid']."'"); 2481 } 2482 $plugins->run_hooks("usercp_do_drafts_end"); 2483 redirect("usercp.php?action=drafts", $lang->selected_drafts_deleted); 2484 } 2485 if($mybb->input['action'] == "usergroups") 2486 { 2487 $plugins->run_hooks("usercp_usergroups_start"); 2488 $ingroups = ",".$mybb->user['usergroup'].",".$mybb->user['additionalgroups'].",".$mybb->user['displaygroup'].","; 2489 2490 // Changing our display group 2491 if($mybb->input['displaygroup']) 2492 { 2493 // Verify incoming POST request 2494 verify_post_check($mybb->input['my_post_key']); 2495 2496 if(my_strpos($ingroups, ",".$mybb->input['displaygroup'].",") === false) 2497 { 2498 error($lang->not_member_of_group); 2499 } 2500 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['displaygroup'])."'"); 2501 $dispgroup = $db->fetch_array($query); 2502 if($dispgroup['candisplaygroup'] != 1) 2503 { 2504 error($lang->cannot_set_displaygroup); 2505 } 2506 $db->update_query("users", array('displaygroup' => intval($mybb->input['displaygroup'])), "uid='".$mybb->user['uid']."'"); 2507 $cache->update_moderators(); 2508 $plugins->run_hooks("usercp_usergroups_change_displaygroup"); 2509 redirect("usercp.php?action=usergroups", $lang->display_group_changed); 2510 exit; 2511 } 2512 2513 // Leaving a group 2514 if($mybb->input['leavegroup']) 2515 { 2516 // Verify incoming POST request 2517 verify_post_check($mybb->input['my_post_key']); 2518 2519 if(my_strpos($ingroups, ",".$mybb->input['leavegroup'].",") === false) 2520 { 2521 error($lang->not_member_of_group); 2522 } 2523 if($mybb->user['usergroup'] == $mybb->input['leavegroup']) 2524 { 2525 error($lang->cannot_leave_primary_group); 2526 } 2527 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['leavegroup'])."'"); 2528 $usergroup = $db->fetch_array($query); 2529 if($usergroup['type'] != 4 && $usergroup['type'] != 3) 2530 { 2531 error($lang->cannot_leave_group); 2532 } 2533 leave_usergroup($mybb->user['uid'], $mybb->input['leavegroup']); 2534 $plugins->run_hooks("usercp_usergroups_leave_group"); 2535 redirect("usercp.php?action=usergroups", $lang->left_group); 2536 exit; 2537 } 2538 2539 // Joining a group 2540 if($mybb->input['joingroup']) 2541 { 2542 // Verify incoming POST request 2543 verify_post_check($mybb->input['my_post_key']); 2544 2545 $mybb->input['joingroup'] = intval($mybb->input['joingroup']); 2546 $query = $db->simple_select("usergroups", "*", "gid='".intval($mybb->input['joingroup'])."'"); 2547 $usergroup = $db->fetch_array($query); 2548 2549 if(($usergroup['type'] != 4 && $usergroup['type'] != 3) || !$usergroup['gid']) 2550 { 2551 error($lang->cannot_join_group); 2552 } 2553 2554 if(my_strpos($ingroups, ",".intval($mybb->input['joingroup']).",") !== false) 2555 { 2556 error($lang->already_member_of_group); 2557 } 2558 2559 $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."' AND gid='".intval($mybb->input['joingroup'])."'"); 2560 $joinrequest = $db->fetch_array($query); 2561 if($joinrequest['rid']) 2562 { 2563 error($lang->already_sent_join_request); 2564 } 2565 if($mybb->input['do'] == "joingroup" && $usergroup['type'] == 4) 2566 { 2567 $reason = $db->escape_string($reason); 2568 $now = TIME_NOW; 2569 $joinrequest = array( 2570 "uid" => $mybb->user['uid'], 2571 "gid" => intval($mybb->input['joingroup']), 2572 "reason" => $db->escape_string($mybb->input['reason']), 2573 "dateline" => TIME_NOW 2574 ); 2575 2576 $db->insert_query("joinrequests", $joinrequest); 2577 $plugins->run_hooks("usercp_usergroups_join_group_request"); 2578 redirect("usercp.php?action=usergroups", $lang->group_join_requestsent); 2579 exit; 2580 } 2581 elseif($usergroup['type'] == 4) 2582 { 2583 $joingroup = $mybb->input['joingroup']; 2584 eval("\$joinpage = \"".$templates->get("usercp_usergroups_joingroup")."\";"); 2585 output_page($joinpage); 2586 exit(); 2587 } 2588 else 2589 { 2590 join_usergroup($mybb->user['uid'], $mybb->input['joingroup']); 2591 $plugins->run_hooks("usercp_usergroups_join_group"); 2592 redirect("usercp.php?action=usergroups", $lang->joined_group); 2593 } 2594 } 2595 // Show listing of various group related things 2596 2597 // List of usergroup leaders 2598 $query = $db->query(" 2599 SELECT g.*, u.username, u.displaygroup, u.usergroup 2600 FROM ".TABLE_PREFIX."groupleaders g 2601 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=g.uid) 2602 ORDER BY u.username ASC 2603 "); 2604 while($leader = $db->fetch_array($query)) 2605 { 2606 $groupleaders[$leader['gid']][$leader['uid']] = $leader; 2607 } 2608 2609 // List of groups this user is a leader of 2610 $groupsledlist = ''; 2611 2612 2613 switch($db->type) 2614 { 2615 case "pgsql": 2616 case "sqlite": 2617 $query = $db->query(" 2618 SELECT g.title, g.gid, g.type, COUNT(u.uid) AS users, COUNT(j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers 2619 FROM ".TABLE_PREFIX."groupleaders l 2620 LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) 2621 LEFT JOIN ".TABLE_PREFIX."users u ON(((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid)) 2622 LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) 2623 WHERE l.uid='".$mybb->user['uid']."' 2624 GROUP BY g.gid, g.title, g.type, l.canmanagerequests, l.canmanagemembers 2625 "); 2626 break; 2627 default: 2628 $query = $db->query(" 2629 SELECT g.title, g.gid, g.type, COUNT(DISTINCT u.uid) AS users, COUNT(DISTINCT j.rid) AS joinrequests, l.canmanagerequests, l.canmanagemembers 2630 FROM ".TABLE_PREFIX."groupleaders l 2631 LEFT JOIN ".TABLE_PREFIX."usergroups g ON(g.gid=l.gid) 2632 LEFT JOIN ".TABLE_PREFIX."users u ON(((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid)) 2633 LEFT JOIN ".TABLE_PREFIX."joinrequests j ON(j.gid=g.gid AND j.uid != 0) 2634 WHERE l.uid='".$mybb->user['uid']."' 2635 GROUP BY l.gid 2636 "); 2637 } 2638 2639 while($usergroup = $db->fetch_array($query)) 2640 { 2641 $memberlistlink = $moderaterequestslink = ''; 2642 $memberlistlink = " [<a href=\"managegroup.php?gid=".$usergroup['gid']."\">".$lang->view_members."</a>]"; 2643 if($usergroup['type'] != 4) 2644 { 2645 $usergroup['joinrequests'] = '--'; 2646 } 2647 if($usergroup['joinrequests'] > 0 && $usergroup['canmanagerequests'] == 1) 2648 { 2649 $moderaterequestslink = " [<a href=\"managegroup.php?action=joinrequests&gid={$usergroup['gid']}\">{$lang->view_requests}</a>]"; 2650 } 2651 $groupleader[$usergroup['gid']] = 1; 2652 $trow = alt_trow(); 2653 eval("\$groupsledlist .= \"".$templates->get("usercp_usergroups_leader_usergroup")."\";"); 2654 } 2655 if($groupsledlist) 2656 { 2657 eval("\$leadinggroups = \"".$templates->get("usercp_usergroups_leader")."\";"); 2658 } 2659 2660 // Fetch the list of groups the member is in 2661 // Do the primary group first 2662 $query = $db->simple_select("usergroups", "*", "gid='".$mybb->user['usergroup']."'"); 2663 $usergroup = $db->fetch_array($query); 2664 $leavelink = "<div style=\"text-align:center;\"><span class=\"smalltext\">{$lang->usergroup_leave_primary}</span></div>"; 2665 $trow = alt_trow(); 2666 if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup']) 2667 { 2668 $displaycode = " ({$lang->display_group})"; 2669 } 2670 elseif($usergroup['candisplaygroup'] == 1) 2671 { 2672 $displaycode = " (<a href=\"usercp.php?action=usergroups&displaygroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->set_as_display_group}</a>)"; 2673 } 2674 else 2675 { 2676 $displaycode = ''; 2677 } 2678 2679 eval("\$memberoflist = \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); 2680 $showmemberof = false; 2681 if($mybb->user['additionalgroups']) 2682 { 2683 $query = $db->simple_select("usergroups", "*", "gid IN (".$mybb->user['additionalgroups'].") AND gid !='".$mybb->user['usergroup']."'", array('order_by' => 'title')); 2684 while($usergroup = $db->fetch_array($query)) 2685 { 2686 $showmemberof = true; 2687 2688 if($groupleader[$usergroup['gid']]) 2689 { 2690 $leavelink = "<div style=\"text-align: center;\"><span class=\"smalltext\">$lang->usergroup_leave_leader</span></div>"; 2691 } 2692 elseif($usergroup['type'] != 4 && $usergroup['type'] != 3) 2693 { 2694 $leavelink = "<div style=\"text-align: center;\"><span class=\"smalltext\">{$lang->usergroup_cannot_leave}</span></div>"; 2695 } 2696 else 2697 { 2698 $leavelink = "<div style=\"text-align: center;\"><a href=\"usercp.php?action=usergroups&leavegroup=".$usergroup['gid']."&my_post_key={$mybb->post_code}\">".$lang->usergroup_leave."</a></div>"; 2699 } 2700 if($usergroup['description']) 2701 { 2702 $description = "<br /><span class=\"smalltext\">".$usergroup['description']."</span>"; 2703 } 2704 else 2705 { 2706 $description = ''; 2707 } 2708 if(!$usergroup['usertitle']) 2709 { 2710 // fetch title here 2711 } 2712 $trow = alt_trow(); 2713 if($usergroup['candisplaygroup'] == 1 && $usergroup['gid'] == $mybb->user['displaygroup']) 2714 { 2715 $displaycode = " ({$lang->display_group})"; 2716 } 2717 elseif($usergroup['candisplaygroup'] == 1) 2718 { 2719 $displaycode = "(<a href=\"usercp.php?action=usergroups&displaygroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->set_as_display_group}</a>)"; 2720 } 2721 else 2722 { 2723 $displaycode = ''; 2724 } 2725 eval("\$memberoflist .= \"".$templates->get("usercp_usergroups_memberof_usergroup")."\";"); 2726 } 2727 } 2728 eval("\$membergroups = \"".$templates->get("usercp_usergroups_memberof")."\";"); 2729 2730 // List of groups this user has applied for but has not been accepted in to 2731 $query = $db->simple_select("joinrequests", "*", "uid='".$mybb->user['uid']."'"); 2732 while($request = $db->fetch_array($query)) 2733 { 2734 $appliedjoin[$request['gid']] = $request['dateline']; 2735 } 2736 2737 // Fetch list of groups the member can join 2738 $existinggroups = $mybb->user['usergroup']; 2739 if($mybb->user['additionalgroups']) 2740 { 2741 $existinggroups .= ",".$mybb->user['additionalgroups']; 2742 } 2743 2744 $joinablegroups = ''; 2745 $query = $db->simple_select("usergroups", "*", "(type='3' OR type='4') AND gid NOT IN ($existinggroups)", array('order_by' => 'title')); 2746 while($usergroup = $db->fetch_array($query)) 2747 { 2748 $trow = alt_trow(); 2749 if($usergroup['description']) 2750 { 2751 $description = "<br /><span class=\"smallfont\">".$usergroup['description']."</span>"; 2752 } 2753 else 2754 { 2755 $description = ''; 2756 } 2757 2758 // Moderating join requests? 2759 if($usergroup['type'] == 4) 2760 { 2761 $conditions = $lang->usergroup_joins_moderated; 2762 } 2763 else 2764 { 2765 $conditions = $lang->usergroup_joins_anyone; 2766 } 2767 2768 if($appliedjoin[$usergroup['gid']]) 2769 { 2770 $applydate = my_date($mybb->settings['dateformat'], $appliedjoin[$usergroup['gid']]); 2771 $applytime = my_date($mybb->settings['timeformat'], $appliedjoin[$usergroup['gid']]); 2772 $joinlink = $lang->sprintf($lang->join_group_applied, $applydate, $applytime); 2773 } 2774 else 2775 { 2776 $joinlink = "<a href=\"usercp.php?action=usergroups&joingroup={$usergroup['gid']}&my_post_key={$mybb->post_code}\">{$lang->join_group}</a>"; 2777 } 2778 2779 $usergroupleaders = ''; 2780 if($groupleaders[$usergroup['gid']]) 2781 { 2782 $comma = ''; 2783 $usergroupleaders = ''; 2784 foreach($groupleaders[$usergroup['gid']] as $leader) 2785 { 2786 $leader['username'] = format_name($leader['username'], $leader['usergroup'], $leader['displaygroup']); 2787 $usergroupleaders .= $comma.build_profile_link($leader['username'], $leader['uid']); 2788 $comma = $lang->comma; 2789 } 2790 $usergroupleaders = $lang->usergroup_leaders." ".$usergroupleaders; 2791 } 2792 2793 if(my_strpos($usergroupleaders, $mybb->user['username']) === false) 2794 { 2795 // User is already a leader of the group, so don't show as a "Join Group" 2796 eval("\$joinablegrouplist .= \"".$templates->get("usercp_usergroups_joinable_usergroup")."\";"); 2797 } 2798 } 2799 if($joinablegrouplist) 2800 { 2801 eval("\$joinablegroups = \"".$templates->get("usercp_usergroups_joinable")."\";"); 2802 } 2803 2804 $plugins->run_hooks("usercp_usergroups_end"); 2805 2806 eval("\$groupmemberships = \"".$templates->get("usercp_usergroups")."\";"); 2807 output_page($groupmemberships); 2808 } 2809 if($mybb->input['action'] == "attachments") 2810 { 2811 $plugins->run_hooks("usercp_attachments_start"); 2812 require_once MYBB_ROOT."inc/functions_upload.php"; 2813 2814 $attachments = ''; 2815 2816 // Pagination 2817 if(!$mybb->settings['threadsperpage']) 2818 { 2819 $mybb->settings['threadsperpage'] = 20; 2820 } 2821 2822 $perpage = $mybb->settings['threadsperpage']; 2823 $page = intval($mybb->input['page']); 2824 2825 if(intval($mybb->input['page']) > 0) 2826 { 2827 $start = ($page-1) *$perpage; 2828 } 2829 else 2830 { 2831 $start = 0; 2832 $page = 1; 2833 } 2834 2835 $end = $start + $perpage; 2836 $lower = $start+1; 2837 2838 $query = $db->query(" 2839 SELECT a.*, p.subject, p.dateline, t.tid, t.subject AS threadsubject 2840 FROM ".TABLE_PREFIX."attachments a 2841 LEFT JOIN ".TABLE_PREFIX."posts p ON (a.pid=p.pid) 2842 LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid) 2843 WHERE a.uid='".$mybb->user['uid']."' 2844 ORDER BY p.dateline DESC LIMIT {$start}, {$perpage} 2845 "); 2846 2847 $bandwidth = $totaldownloads = 0; 2848 while($attachment = $db->fetch_array($query)) 2849 { 2850 if($attachment['dateline'] && $attachment['tid']) 2851 { 2852 $attachment['subject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['subject'])); 2853 $attachment['postlink'] = get_post_link($attachment['pid'], $attachment['tid']); 2854 $attachment['threadlink'] = get_thread_link($attachment['tid']); 2855 $attachment['threadsubject'] = htmlspecialchars_uni($parser->parse_badwords($attachment['threadsubject'])); 2856 $size = get_friendly_size($attachment['filesize']); 2857 $icon = get_attachment_icon(get_extension($attachment['filename'])); 2858 $sizedownloads = $lang->sprintf($lang->attachment_size_downloads, $size, $attachment['downloads']); 2859 $attachdate = my_date($mybb->settings['dateformat'], $attachment['dateline']); 2860 $attachtime = my_date($mybb->settings['timeformat'], $attachment['dateline']); 2861 $altbg = alt_trow(); 2862 eval("\$attachments .= \"".$templates->get("usercp_attachments_attachment")."\";"); 2863 // Add to bandwidth total 2864 $bandwidth += ($attachment['filesize'] * $attachment['downloads']); 2865 $totaldownloads += $attachment['downloads']; 2866 } 2867 else 2868 { 2869 // This little thing delets attachments without a thread/post 2870 remove_attachment($attachment['pid'], $attachment['posthash'], $attachment['aid']); 2871 } 2872 } 2873 2874 $query = $db->simple_select("attachments", "SUM(filesize) AS ausage, COUNT(aid) AS acount", "uid='".$mybb->user['uid']."'"); 2875 $usage = $db->fetch_array($query); 2876 $totalusage = $usage['ausage']; 2877 $totalattachments = $usage['acount']; 2878 $friendlyusage = get_friendly_size($totalusage); 2879 if($mybb->usergroup['attachquota']) 2880 { 2881 $percent = round(($totalusage/($mybb->usergroup['attachquota']*1024))*100)."%"; 2882 $attachquota = get_friendly_size($mybb->usergroup['attachquota']*1024); 2883 $usagenote = $lang->sprintf($lang->attachments_usage_quota, $friendlyusage, $attachquota, $percent, $totalattachments); 2884 } 2885 else 2886 { 2887 $percent = $lang->unlimited; 2888 $attachquota = $lang->unlimited; 2889 $usagenote = $lang->sprintf($lang->attachments_usage, $friendlyusage, $totalattachments); 2890 } 2891 2892 $multipage = multipage($totalattachments, $perpage, $page, "usercp.php?action=attachments"); 2893 $bandwidth = get_friendly_size($bandwidth); 2894 2895 if(!$attachments) 2896 { 2897 eval("\$attachments = \"".$templates->get("usercp_attachments_none")."\";"); 2898 $usagenote = ''; 2899 } 2900 2901 $plugins->run_hooks("usercp_attachments_end"); 2902 2903 eval("\$manageattachments = \"".$templates->get("usercp_attachments")."\";"); 2904 output_page($manageattachments); 2905 } 2906 2907 if($mybb->input['action'] == "do_attachments" && $mybb->request_method == "post") 2908 { 2909 // Verify incoming POST request 2910 verify_post_check($mybb->input['my_post_key']); 2911 2912 $plugins->run_hooks("usercp_do_attachments_start"); 2913 require_once MYBB_ROOT."inc/functions_upload.php"; 2914 if(!is_array($mybb->input['attachments'])) 2915 { 2916 error($lang->no_attachments_selected); 2917 } 2918 $aids = implode(',', array_map('intval', $mybb->input['attachments'])); 2919 $query = $db->simple_select("attachments", "*", "aid IN ($aids) AND uid='".$mybb->user['uid']."'"); 2920 while($attachment = $db->fetch_array($query)) 2921 { 2922 remove_attachment($attachment['pid'], '', $attachment['aid']); 2923 } 2924 $plugins->run_hooks("usercp_do_attachments_end"); 2925 redirect("usercp.php?action=attachments", $lang->attachments_deleted); 2926 } 2927 2928 if($mybb->input['action'] == "do_notepad" && $mybb->request_method == "post") 2929 { 2930 // Verify incoming POST request 2931 verify_post_check($mybb->input['my_post_key']); 2932 2933 $plugins->run_hooks("usercp_do_notepad_start"); 2934 $db->update_query("users", array('notepad' => $db->escape_string($mybb->input['notepad'])), "uid='".$mybb->user['uid']."'"); 2935 $plugins->run_hooks("usercp_do_notepad_end"); 2936 redirect("usercp.php", $lang->redirect_notepadupdated); 2937 } 2938 2939 if(!$mybb->input['action']) 2940 { 2941 // Get posts per day 2942 $daysreg = (TIME_NOW - $mybb->user['regdate']) / (24*3600); 2943 2944 if($daysreg < 1) 2945 { 2946 $daysreg = 1; 2947 } 2948 2949 $perday = $mybb->user['postnum'] / $daysreg; 2950 $perday = round($perday, 2); 2951 if($perday > $mybb->user['postnum']) 2952 { 2953 $perday = $mybb->user['postnum']; 2954 } 2955 2956 $stats = $cache->read("stats"); 2957 $posts = $stats['numposts']; 2958 if($posts == 0) 2959 { 2960 $percent = "0"; 2961 } 2962 else 2963 { 2964 $percent = $mybb->user['postnum']*100/$posts; 2965 $percent = round($percent, 2); 2966 } 2967 2968 $lang->posts_day = $lang->sprintf($lang->posts_day, my_number_format($perday), $percent); 2969 $usergroup = $groupscache[$mybb->user['usergroup']]['title']; 2970 2971 $colspan = 1; 2972 if($mybb->user['avatar']) 2973 { 2974 $avatar_dimensions = explode("|", $mybb->user['avatardimensions']); 2975 if($avatar_dimensions[0] && $avatar_dimensions[1]) 2976 { 2977 $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; 2978 } 2979 $mybb->user['avatar'] = htmlspecialchars($mybb->user['avatar']); 2980 eval("\$avatar = \"".$templates->get("usercp_currentavatar")."\";"); 2981 $colspan = 2; 2982 } 2983 else 2984 { 2985 $avatar = ''; 2986 } 2987 $regdate = my_date($mybb->settings['dateformat'].", ".$mybb->settings['timeformat'], $mybb->user['regdate']); 2988 2989 if($mybb->user['usergroup'] == 5 && $mybb->settings['regtype'] != "admin") 2990 { 2991 $usergroup .= "<br />(<a href=\"member.php?action=resendactivation\">$lang->resend_activation</a>)"; 2992 } 2993 // Make reputations row 2994 $reputations = ''; 2995 if($mybb->usergroup['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 2996 { 2997 $reputation_link = get_reputation($mybb->user['reputation']); 2998 eval("\$reputation = \"".$templates->get("usercp_reputation")."\";"); 2999 } 3000 3001 if($mybb->settings['enablewarningsystem'] != 0 && $mybb->settings['canviewownwarning'] != 0) 3002 { 3003 $warning_level = round($mybb->user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3004 if($warning_level > 100) 3005 { 3006 $warning_level = 100; 3007 } 3008 3009 if($mybb->user['warningpoints'] > $mybb->settings['maxwarningpoints']) 3010 { 3011 $mybb->user['warningpoints'] = $mybb->settings['maxwarningpoints']; 3012 } 3013 3014 if($warning_level > 0) 3015 { 3016 expire_warnings(); 3017 3018 $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $mybb->user['warningpoints'], $mybb->settings['maxwarningpoints']); 3019 // Fetch latest warnings 3020 $query = $db->query(" 3021 SELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject 3022 FROM ".TABLE_PREFIX."warnings w 3023 LEFT JOIN ".TABLE_PREFIX."warningtypes t ON (t.tid=w.tid) 3024 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=w.issuedby) 3025 LEFT JOIN ".TABLE_PREFIX."posts p ON (p.pid=w.pid) 3026 WHERE w.uid='{$mybb->user['uid']}' 3027 ORDER BY w.expired ASC, w.dateline DESC 3028 LIMIT 5 3029 "); 3030 while($warning = $db->fetch_array($query)) 3031 { 3032 $post_link = ""; 3033 if($warning['post_subject']) 3034 { 3035 $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); 3036 $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); 3037 $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"".get_post_link($warning['pid'])."\">{$warning['post_subject']}</a></small>"; 3038 } 3039 $issuedby = build_profile_link($warning['username'], $warning['issuedby']); 3040 $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']).", ".my_date($mybb->settings['timeformat'], $warning['dateline']); 3041 if($warning['type_title']) 3042 { 3043 $warning_type = $warning['type_title']; 3044 } 3045 else 3046 { 3047 $warning_type = $warning['title']; 3048 } 3049 $warning_type = htmlspecialchars_uni($warning_type); 3050 if($warning['points'] > 0) 3051 { 3052 $warning['points'] = "+{$warning['points']}"; 3053 } 3054 $points = $lang->sprintf($lang->warning_points, $warning['points']); 3055 3056 // Figure out expiration time 3057 if($warning['daterevoked']) 3058 { 3059 $expires = $lang->warning_revoked; 3060 } 3061 elseif($warning['expired']) 3062 { 3063 $expires = $lang->already_expired; 3064 } 3065 elseif($warning['expires'] == 0) 3066 { 3067 $expires = $lang->never; 3068 } 3069 else 3070 { 3071 $expires = my_date($mybb->settings['dateformat'], $warning['expires']).", ".my_date($mybb->settings['timeformat'], $warning['expires']); 3072 } 3073 3074 $alt_bg = alt_trow(); 3075 eval("\$warnings .= \"".$templates->get("usercp_warnings_warning")."\";"); 3076 } 3077 if($warnings) 3078 { 3079 eval("\$latest_warnings = \"".$templates->get("usercp_warnings")."\";"); 3080 } 3081 } 3082 } 3083 3084 // Format username 3085 $username = format_name($mybb->user['username'], $mybb->user['usergroup'], $mybb->user['displaygroup']); 3086 $username = build_profile_link($username, $mybb->user['uid']); 3087 3088 // Format post numbers 3089 $mybb->user['posts'] = my_number_format($mybb->user['postnum']); 3090 3091 // Build referral link 3092 if($mybb->settings['usereferrals'] == 1) 3093 { 3094 $referral_link = $lang->sprintf($lang->referral_link, $settings['bburl'], $mybb->user['uid']); 3095 eval("\$referral_info = \"".$templates->get("usercp_referrals")."\";"); 3096 } 3097 3098 // User Notepad 3099 $plugins->run_hooks("usercp_notepad_start"); 3100 $mybb->user['notepad'] = htmlspecialchars_uni($mybb->user['notepad']); 3101 eval("\$user_notepad = \"".$templates->get("usercp_notepad")."\";"); 3102 $plugins->run_hooks("usercp_notepad_end"); 3103 3104 // Thread Subscriptions with New Posts 3105 $query = $db->simple_select("threadsubscriptions", "sid", "uid = '".$mybb->user['uid']."'", array("limit" => 1)); 3106 if($db->num_rows($query)) 3107 { 3108 $visible = "AND t.visible != 0"; 3109 if(is_moderator() == true) 3110 { 3111 $visible = ''; 3112 } 3113 3114 $query = $db->query(" 3115 SELECT s.*, t.*, t.username AS threadusername, u.username 3116 FROM ".TABLE_PREFIX."threadsubscriptions s 3117 LEFT JOIN ".TABLE_PREFIX."threads t ON (s.tid=t.tid) 3118 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 3119 WHERE s.uid='".$mybb->user['uid']."' {$visible} 3120 ORDER BY t.lastpost DESC 3121 LIMIT 0, 10 3122 "); 3123 3124 $fpermissions = forum_permissions(); 3125 while($subscription = $db->fetch_array($query)) 3126 { 3127 $forumpermissions = $fpermissions[$subscription['fid']]; 3128 if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0) 3129 { 3130 $subscriptions[$subscription['tid']] = $subscription; 3131 } 3132 } 3133 3134 if(is_array($subscriptions)) 3135 { 3136 $tids = implode(",", array_keys($subscriptions)); 3137 3138 // Checking read 3139 if($mybb->settings['threadreadcut'] > 0) 3140 { 3141 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3142 while($readthread = $db->fetch_array($query)) 3143 { 3144 if($readthread['dateline'] >= $subscriptions[$readthread['tid']]['lastpost']) 3145 { 3146 unset($subscriptions[$readthread['tid']]); // If it's already been read, then don't display the thread 3147 } 3148 else 3149 { 3150 $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; 3151 } 3152 } 3153 } 3154 3155 if($subscriptions) 3156 { 3157 if($mybb->settings['dotfolders'] != 0) 3158 { 3159 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3160 while($post = $db->fetch_array($query)) 3161 { 3162 $subscriptions[$post['tid']]['doticon'] = 1; 3163 } 3164 } 3165 3166 $icon_cache = $cache->read("posticons"); 3167 3168 foreach($subscriptions as $thread) 3169 { 3170 $folder = ''; 3171 $folder_label = ''; 3172 $gotounread = ''; 3173 3174 if($thread['tid']) 3175 { 3176 $bgcolor = alt_trow(); 3177 $thread['subject'] = $parser->parse_badwords($thread['subject']); 3178 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 3179 $thread['threadlink'] = get_thread_link($thread['tid']); 3180 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 3181 3182 // If this thread has a prefix... 3183 if($thread['prefix'] != 0) 3184 { 3185 $query = $db->simple_select('threadprefixes', 'prefix, displaystyle', "pid='{$thread['prefix']}'"); 3186 $threadprefix = $db->fetch_array($query); 3187 3188 $thread['displayprefix'] = $threadprefix['displaystyle'].' '; 3189 } 3190 else 3191 { 3192 $thread['displayprefix'] = ''; 3193 } 3194 3195 // Icons 3196 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 3197 { 3198 $icon = $icon_cache[$thread['icon']]; 3199 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 3200 } 3201 else 3202 { 3203 $icon = " "; 3204 } 3205 3206 if($thread['doticon']) 3207 { 3208 $folder = "dot_"; 3209 $folder_label .= $lang->icon_dot; 3210 } 3211 3212 // Check to see which icon we display 3213 if($thread['lastread'] && $thread['lastread'] < $thread['lastpost']) 3214 { 3215 $folder .= "new"; 3216 $folder_label .= $lang->icon_new; 3217 $new_class = "subject_new"; 3218 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 3219 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 3220 } 3221 else 3222 { 3223 $folder_label .= $lang->icon_no_new; 3224 $new_class = "subject_old"; 3225 } 3226 3227 $folder .= "folder"; 3228 3229 if($thread['visible'] == 0) 3230 { 3231 $bgcolor = "trow_shaded"; 3232 } 3233 3234 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 3235 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 3236 $lastposter = $thread['lastposter']; 3237 $lastposteruid = $thread['lastposteruid']; 3238 3239 if($lastposteruid == 0) 3240 { 3241 $lastposterlink = $lastposter; 3242 } 3243 else 3244 { 3245 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 3246 } 3247 3248 $thread['replies'] = my_number_format($thread['replies']); 3249 $thread['views'] = my_number_format($thread['views']); 3250 $thread['author'] = build_profile_link($thread['username'], $thread['uid']); 3251 3252 eval("\$latest_subscribed_threads .= \"".$templates->get("usercp_latest_subscribed_threads")."\";"); 3253 } 3254 } 3255 eval("\$latest_subscribed = \"".$templates->get("usercp_latest_subscribed")."\";"); 3256 } 3257 } 3258 } 3259 3260 // User's Latest Threads 3261 3262 // Get unviewable forums 3263 $unviewable_forums = get_unviewable_forums(); 3264 if($unviewable_forums) 3265 { 3266 $f_perm_sql = "AND t.fid NOT IN (".$unviewable_forums.")"; 3267 } 3268 3269 $visible = " AND t.visible != 0"; 3270 if(is_moderator() == true) 3271 { 3272 $visible = ''; 3273 } 3274 3275 $query = $db->query(" 3276 SELECT t.*, t.username AS threadusername, u.username 3277 FROM ".TABLE_PREFIX."threads t 3278 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) 3279 WHERE t.uid='".$mybb->user['uid']."' AND t.firstpost != 0 AND t.visible != '-2' {$visible} {$f_perm_sql} 3280 ORDER BY t.lastpost DESC 3281 LIMIT 0, 5 3282 "); 3283 3284 // Figure out whether we can view these threads... 3285 $threadcache = array(); 3286 $fpermissions = forum_permissions(); 3287 while($thread = $db->fetch_array($query)) 3288 { 3289 // Moderated, and not moderator? 3290 if($thread['visible'] == 0 && is_moderator($thread['fid']) === false) 3291 { 3292 continue; 3293 } 3294 3295 $forumpermissions = $fpermissions[$thread['fid']]; 3296 if($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0) 3297 { 3298 $threadcache[$thread['tid']] = $thread; 3299 } 3300 } 3301 3302 if(!empty($threadcache)) 3303 { 3304 $tids = implode(",", array_keys($threadcache)); 3305 3306 // Read Forums 3307 $query = $db->query(" 3308 SELECT f.fid, fr.dateline AS lastread 3309 FROM ".TABLE_PREFIX."forums f 3310 LEFT JOIN ".TABLE_PREFIX."forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}') 3311 WHERE f.active != 0 3312 ORDER BY pid, disporder 3313 "); 3314 while($forum = $db->fetch_array($query)) 3315 { 3316 $readforums[$forum['fid']] = $forum['lastread']; 3317 } 3318 3319 // Threads being read? 3320 if($mybb->settings['threadreadcut'] > 0) 3321 { 3322 $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3323 while($readthread = $db->fetch_array($query)) 3324 { 3325 $threadcache[$readthread['tid']]['lastread'] = $readthread['dateline']; 3326 } 3327 } 3328 3329 // Icon Stuff 3330 if($mybb->settings['dotfolders'] != 0) 3331 { 3332 $query = $db->simple_select("posts", "tid,uid", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); 3333 while($post = $db->fetch_array($query)) 3334 { 3335 $threadcache[$post['tid']]['doticon'] = 1; 3336 } 3337 } 3338 3339 $icon_cache = $cache->read("posticons"); 3340 3341 // Run the threads... 3342 foreach($threadcache as $thread) 3343 { 3344 if($thread['tid']) 3345 { 3346 $bgcolor = alt_trow(); 3347 $folder = ''; 3348 $folder_label = ''; 3349 $prefix = ''; 3350 $gotounread = ''; 3351 $isnew = 0; 3352 $donenew = 0; 3353 $lastread = 0; 3354 3355 // If this thread has a prefix... 3356 if($thread['prefix'] != 0) 3357 { 3358 $query = $db->simple_select('threadprefixes', 'prefix, displaystyle', "pid='{$thread['prefix']}'"); 3359 $threadprefix = $db->fetch_array($query); 3360 3361 $thread['displayprefix'] = $threadprefix['displaystyle'].' '; 3362 } 3363 else 3364 { 3365 $thread['displayprefix'] = ''; 3366 } 3367 3368 $thread['subject'] = $parser->parse_badwords($thread['subject']); 3369 $thread['subject'] = htmlspecialchars_uni($thread['subject']); 3370 $thread['threadlink'] = get_thread_link($thread['tid']); 3371 $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); 3372 3373 if($thread['icon'] > 0 && $icon_cache[$thread['icon']]) 3374 { 3375 $icon = $icon_cache[$thread['icon']]; 3376 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />"; 3377 } 3378 else 3379 { 3380 $icon = " "; 3381 } 3382 3383 if($mybb->settings['threadreadcut'] > 0) 3384 { 3385 $forum_read = $readforums[$thread['fid']]; 3386 3387 $read_cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 3388 if($forum_read == 0 || $forum_read < $read_cutoff) 3389 { 3390 $forum_read = $read_cutoff; 3391 } 3392 } 3393 3394 if($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) 3395 { 3396 $cutoff = TIME_NOW-$mybb->settings['threadreadcut']*60*60*24; 3397 } 3398 3399 if($thread['lastpost'] > $cutoff) 3400 { 3401 if($thread['lastread']) 3402 { 3403 $lastread = $thread['lastread']; 3404 } 3405 } 3406 3407 if(!$lastread) 3408 { 3409 $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); 3410 if($readcookie > $forum_read) 3411 { 3412 $lastread = $readcookie; 3413 } 3414 else 3415 { 3416 $lastread = $forum_read; 3417 } 3418 } 3419 3420 // Folder Icons 3421 if($thread['doticon']) 3422 { 3423 $folder = "dot_"; 3424 $folder_label .= $lang->icon_dot; 3425 } 3426 3427 if($thread['lastpost'] > $lastread && $lastread) 3428 { 3429 $folder .= "new"; 3430 $folder_label .= $lang->icon_new; 3431 $new_class = "subject_new"; 3432 $thread['newpostlink'] = get_thread_link($thread['tid'], 0, "newpost"); 3433 eval("\$gotounread = \"".$templates->get("forumdisplay_thread_gotounread")."\";"); 3434 $unreadpost = 1; 3435 } 3436 else 3437 { 3438 $folder_label .= $lang->icon_no_new; 3439 $new_class = "subject_old"; 3440 } 3441 3442 if($thread['replies'] >= $mybb->settings['hottopic'] || $thread['views'] >= $mybb->settings['hottopicviews']) 3443 { 3444 $folder .= "hot"; 3445 $folder_label .= $lang->icon_hot; 3446 } 3447 3448 // Is our thread visible? 3449 if($thread['visible'] == 0) 3450 { 3451 $bgcolor = 'trow_shaded'; 3452 } 3453 3454 if($thread['closed'] == 1) 3455 { 3456 $folder .= "lock"; 3457 $folder_label .= $lang->icon_lock; 3458 } 3459 3460 $folder .= "folder"; 3461 3462 $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); 3463 $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); 3464 $lastposter = $thread['lastposter']; 3465 $lastposteruid = $thread['lastposteruid']; 3466 3467 if($lastposteruid == 0) 3468 { 3469 $lastposterlink = $lastposter; 3470 } 3471 else 3472 { 3473 $lastposterlink = build_profile_link($lastposter, $lastposteruid); 3474 } 3475 3476 $thread['replies'] = my_number_format($thread['replies']); 3477 $thread['views'] = my_number_format($thread['views']); 3478 $thread['author'] = build_profile_link($thread['username'], $thread['uid']); 3479 3480 eval("\$latest_threads_threads .= \"".$templates->get("usercp_latest_threads_threads")."\";"); 3481 } 3482 } 3483 3484 eval("\$latest_threads = \"".$templates->get("usercp_latest_threads")."\";"); 3485 } 3486 3487 $plugins->run_hooks("usercp_end"); 3488 3489 eval("\$usercp = \"".$templates->get("usercp")."\";"); 3490 output_page($usercp); 3491 } 3492 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Jan 1 10:49:49 2012 | Cross-referenced by PHPXref 0.7.1 |