| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 /*************************************************************************** 3 * usercp_register.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * Id: usercp_register.php,v 1.20.2.61 2005/06/26 12:03:44 acydburn Exp 10 11 * 12 * 13 ***************************************************************************/ 14 15 /*************************************************************************** 16 * 17 * This program is free software; you can redistribute it and/or modify 18 * it under the terms of the GNU General Public License as published by 19 * the Free Software Foundation; either version 2 of the License, or 20 * (at your option) any later version. 21 * 22 * 23 ***************************************************************************/ 24 25 /* 26 27 This code has been modified from its original form by psoTFX @ phpbb.com 28 Changes introduce the back-ported phpBB 2.2 visual confirmation code. 29 30 NOTE: Anyone using the modified code contained within this script MUST include 31 a relevant message such as this in usercp_register.php ... failure to do so 32 will affect a breach of Section 2a of the GPL and our copyright 33 34 png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved 35 36 */ 37 38 if ( !defined('IN_PHPBB') ) 39 { 40 die("Hacking attempt"); 41 exit; 42 } 43 44 $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#'); 45 $unhtml_specialchars_replace = array('>', '<', '"', '&'); 46 47 // --------------------------------------- 48 // Load agreement template since user has not yet 49 // agreed to registration conditions/coppa 50 // 51 function show_coppa() 52 { 53 global $userdata, $template, $lang, $phpbb_root_path, $phpEx; 54 55 $template->set_filenames(array( 56 'body' => 'agreement.tpl') 57 ); 58 59 $template->assign_vars(array( 60 'REGISTRATION' => $lang['Registration'], 61 'AGREEMENT' => $lang['Reg_agreement'], 62 "AGREE_OVER_13" => $lang['Agree_over_13'], 63 "AGREE_UNDER_13" => $lang['Agree_under_13'], 64 'DO_NOT_AGREE' => $lang['Agree_not'], 65 66 "U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"), 67 "U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true")) 68 ); 69 70 $template->pparse('body'); 71 72 } 73 // 74 // --------------------------------------- 75 76 $error = FALSE; 77 $page_title = ( $mode == 'editprofile' ) ? $lang['Edit_profile'] : $lang['Register']; 78 79 if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) ) 80 { 81 include ("includes/page_header.php"); 82 83 show_coppa(); 84 85 include ("includes/page_tail.php"); 86 } 87 88 $coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE; 89 90 // 91 // Check and initialize some variables if needed 92 // 93 if ( 94 isset($HTTP_POST_VARS['submit']) || 95 isset($HTTP_POST_VARS['avatargallery']) || 96 isset($HTTP_POST_VARS['submitavatar']) || 97 isset($HTTP_POST_VARS['cancelavatar']) || 98 $mode == 'register' ) 99 { 100 include ("includes/functions_validate.php"); 101 include ("includes/bbcode.php"); 102 include ("includes/functions_post.php"); 103 104 if ( $mode == 'editprofile' ) 105 { 106 $user_id = intval($HTTP_POST_VARS['user_id']); 107 $current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email'])); 108 } 109 110 $strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests'); 111 $strip_var_list['confirm_code'] = 'confirm_code'; 112 113 // Strip all tags from data ... may p**s some people off, bah, strip_tags is 114 // doing the job but can still break HTML output ... have no choice, have 115 // to use htmlspecialchars ... be prepared to be moaned at. 116 while( list($var, $param) = @each($strip_var_list) ) 117 { 118 if ( !empty($HTTP_POST_VARS[$param]) ) 119 { 120 $$var = trim(htmlspecialchars($HTTP_POST_VARS[$param])); 121 } 122 } 123 124 $trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature'); 125 126 while( list($var, $param) = @each($trim_var_list) ) 127 { 128 if ( !empty($HTTP_POST_VARS[$param]) ) 129 { 130 $$var = trim($HTTP_POST_VARS[$param]); 131 } 132 } 133 134 $signature = str_replace('<br />', "\n", $signature); 135 136 // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to 137 // empty strings if they fail. 138 validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature); 139 140 $viewemail = ( isset($HTTP_POST_VARS['viewemail']) ) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0; 141 $allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE; 142 $notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0; 143 $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE; 144 $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE; 145 146 if ( $mode == 'register' ) 147 { 148 $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( (intval($HTTP_POST_VARS['attachsig'])) ? TRUE : 0 ) : $board_config['allow_sig']; 149 150 $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( (intval($HTTP_POST_VARS['allowhtml'])) ? TRUE : 0 ) : $board_config['allow_html']; 151 $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( (intval($HTTP_POST_VARS['allowbbcode'])) ? TRUE : 0 ) : $board_config['allow_bbcode']; 152 $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( (intval($HTTP_POST_VARS['allowsmilies'])) ? TRUE : 0 ) : $board_config['allow_smilies']; 153 } 154 else 155 { 156 $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( (intval($HTTP_POST_VARS['attachsig'])) ? TRUE : 0 ) : 0; 157 158 $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( (intval($HTTP_POST_VARS['allowhtml'])) ? TRUE : 0 ) : $userdata['user_allowhtml']; 159 $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( (intval($HTTP_POST_VARS['allowbbcode'])) ? TRUE : 0 ) : $userdata['user_allowbbcode']; 160 $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( (intval($HTTP_POST_VARS['allowsmilies'])) ? TRUE : 0 ) : $userdata['user_allowsmile']; 161 } 162 163 $user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style']; 164 165 if ( !empty($HTTP_POST_VARS['language']) ) 166 { 167 if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) ) 168 { 169 $user_lang = htmlspecialchars($HTTP_POST_VARS['language']); 170 } 171 else 172 { 173 $error = true; 174 $error_msg = $lang['Fields_empty']; 175 } 176 } 177 else 178 { 179 $user_lang = $board_config['default_lang']; 180 } 181 182 $user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone']; 183 $sql = "SELECT config_value 184 FROM " . CONFIG_TABLE . " 185 WHERE config_name = 'default_dateformat'"; 186 if ( !($result = $db->sql_query($sql)) ) 187 { 188 message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql); 189 } 190 $row = $db->sql_fetchrow($result); 191 $board_config['default_dateformat'] = $row['config_value']; 192 $user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat']; 193 194 $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' ); 195 196 $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : ''; 197 $user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' ); 198 $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : ''; 199 $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0; 200 $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : ''; 201 202 $user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : ''; 203 $user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : ''; 204 205 if ( (isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) && (!isset($HTTP_POST_VARS['submit'])) ) 206 { 207 $username = stripslashes($username); 208 $email = stripslashes($email); 209 $cur_password = htmlspecialchars(stripslashes($cur_password)); 210 $new_password = htmlspecialchars(stripslashes($new_password)); 211 $password_confirm = htmlspecialchars(stripslashes($password_confirm)); 212 213 $icq = stripslashes($icq); 214 $aim = stripslashes($aim); 215 $msn = stripslashes($msn); 216 $yim = stripslashes($yim); 217 218 $website = stripslashes($website); 219 $location = stripslashes($location); 220 $occupation = stripslashes($occupation); 221 $interests = stripslashes($interests); 222 $signature = stripslashes($signature); 223 224 $user_lang = stripslashes($user_lang); 225 $user_dateformat = stripslashes($user_dateformat); 226 227 if ( !isset($HTTP_POST_VARS['cancelavatar'])) 228 { 229 $user_avatar = $user_avatar_local; 230 $user_avatar_type = USER_AVATAR_GALLERY; 231 } 232 } 233 } 234 235 // 236 // Let's make sure the user isn't logged in while registering, 237 // and ensure that they were trying to register a second time 238 // (Prevents double registrations) 239 // 240 if ($mode == 'register' && ($userdata['session_logged_in'] || $username == $userdata['username'])) 241 { 242 message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__); 243 } 244 245 // 246 // Did the user submit? In this case build a query to update the users profile in the DB 247 // 248 if ( isset($HTTP_POST_VARS['submit']) ) 249 { 250 include ("includes/usercp_avatar.php"); 251 252 $passwd_sql = ''; 253 if ( $mode == 'editprofile' ) 254 { 255 if ( $user_id != $userdata['user_id'] ) 256 { 257 $error = TRUE; 258 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Wrong_Profile']; 259 } 260 } 261 else if ( $mode == 'register' ) 262 { 263 if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) ) 264 { 265 $error = TRUE; 266 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty']; 267 } 268 } 269 270 if ($board_config['enable_confirm'] && $mode == 'register') 271 { 272 if (empty($HTTP_POST_VARS['confirm_id'])) 273 { 274 $error = TRUE; 275 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; 276 } 277 else 278 { 279 $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']); 280 if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id)) 281 { 282 $confirm_id = ''; 283 } 284 285 $sql = 'SELECT code 286 FROM ' . CONFIRM_TABLE . " 287 WHERE confirm_id = '$confirm_id' 288 AND session_id = '" . $userdata['session_id'] . "'"; 289 if (!($result = $db->sql_query($sql))) 290 { 291 message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql); 292 } 293 294 if ($row = $db->sql_fetchrow($result)) 295 { 296 if ($row['code'] != $confirm_code) 297 { 298 $error = TRUE; 299 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; 300 } 301 else 302 { 303 $sql = 'DELETE FROM ' . CONFIRM_TABLE . " 304 WHERE confirm_id = '$confirm_id' 305 AND session_id = '" . $userdata['session_id'] . "'"; 306 if (!$db->sql_query($sql)) 307 { 308 message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql); 309 } 310 } 311 } 312 else 313 { 314 $error = TRUE; 315 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; 316 } 317 $db->sql_freeresult($result); 318 } 319 } 320 321 $passwd_sql = ''; 322 if ( !empty($new_password) && !empty($password_confirm) ) 323 { 324 if ( $new_password != $password_confirm ) 325 { 326 $error = TRUE; 327 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; 328 } 329 else if ( strlen($new_password) > 32 ) 330 { 331 $error = TRUE; 332 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_long']; 333 } 334 else 335 { 336 if ( $mode == 'editprofile' ) 337 { 338 $sql = "SELECT user_password 339 FROM " . USERS_TABLE . " 340 WHERE user_id = '$user_id'"; 341 if ( !($result = $db->sql_query($sql)) ) 342 { 343 message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql); 344 } 345 346 $row = $db->sql_fetchrow($result); 347 348 if ( $row['user_password'] != md5($cur_password) ) 349 { 350 $error = TRUE; 351 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Current_password_mismatch']; 352 } 353 } 354 355 if ( !$error ) 356 { 357 $new_password = md5($new_password); 358 $passwd_sql = "user_password = '$new_password', "; 359 } 360 } 361 } 362 else if ( ( empty($new_password) && !empty($password_confirm) ) || ( !empty($new_password) && empty($password_confirm) ) ) 363 { 364 $error = TRUE; 365 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch']; 366 } 367 368 // 369 // Do a ban check on this email address 370 // 371 if ( $email != $userdata['user_email'] || $mode == 'register' ) 372 { 373 $result = validate_email($email); 374 if ( $result['error'] ) 375 { 376 $email = $userdata['user_email']; 377 378 $error = TRUE; 379 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg']; 380 } 381 382 if ( $mode == 'editprofile' ) 383 { 384 $sql = "SELECT user_password 385 FROM " . USERS_TABLE . " 386 WHERE user_id = '$user_id'"; 387 if ( !($result = $db->sql_query($sql)) ) 388 { 389 message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql); 390 } 391 392 $row = $db->sql_fetchrow($result); 393 394 if ( $row['user_password'] != md5($cur_password) ) 395 { 396 $email = $userdata['user_email']; 397 398 $error = TRUE; 399 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Current_password_mismatch']; 400 } 401 } 402 } 403 404 $username_sql = ''; 405 if ( $board_config['allow_namechange'] || $mode == 'register' ) 406 { 407 if ( empty($username) ) 408 { 409 // Error is already triggered, since one field is empty. 410 $error = TRUE; 411 } 412 else if ( $username != $userdata['username'] || $mode == 'register' ) 413 { 414 if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register') 415 { 416 $result = validate_username($username); 417 if ( $result['error'] ) 418 { 419 $error = TRUE; 420 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg']; 421 } 422 } 423 424 if (!$error) 425 { 426 $username_sql = "username = '" . str_replace("\'", "''", $username) . "', "; 427 } 428 } 429 } 430 431 if ( $signature != '' ) 432 { 433 if ( strlen($signature) > $board_config['max_sig_chars'] ) 434 { 435 $error = TRUE; 436 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long']; 437 } 438 439 if ( $signature_bbcode_uid == '' ) 440 { 441 $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : ''; 442 } 443 $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); 444 } 445 446 if ( $website != '' ) 447 { 448 rawurlencode($website); 449 } 450 451 $avatar_sql = ''; 452 453 if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' ) 454 { 455 $avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']); 456 } 457 else 458 if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] ) 459 { 460 if ( !empty($user_avatar_upload) ) 461 { 462 $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local'; 463 $avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype); 464 } 465 else if ( !empty($user_avatar_name) ) 466 { 467 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024)); 468 469 $error = true; 470 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $l_avatar_size; 471 } 472 } 473 else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] ) 474 { 475 if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD ) 476 { 477 @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])); 478 } 479 $avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl); 480 } 481 else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] ) 482 { 483 if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD ) 484 { 485 @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])); 486 } 487 $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local); 488 } 489 490 if ( !$error ) 491 { 492 if ( empty($avatar_sql) ) 493 { 494 $avatar_sql = ( $mode == 'editprofile' ) ? '' : "'', " . USER_AVATAR_NONE; 495 } 496 497 if ( $mode == 'editprofile' ) 498 { 499 if ( $email != $userdata['user_email'] && $board_config['require_activation'] != USER_ACTIVATION_NONE && $userdata['user_level'] != ADMIN ) 500 { 501 $user_active = 0; 502 503 $user_actkey = gen_rand_string(true); 504 $key_len = 54 - ( strlen($server_url) ); 505 $key_len = ( $key_len > 6 ) ? $key_len : 6; 506 $user_actkey = substr($user_actkey, 0, $key_len); 507 508 if ( $userdata['session_logged_in'] ) 509 { 510 session_end($userdata['sid'], $userdata['user_id']); 511 } 512 } 513 else 514 { 515 $user_active = 1; 516 $user_actkey = ''; 517 } 518 519 $sql = "UPDATE " . USERS_TABLE . " 520 SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = '$viewemail', user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = '$attachsig', user_allowsmile = '$allowsmilies', user_allowhtml = '$allowhtml', user_allowbbcode = '$allowbbcode', user_allow_viewonline = '$allowviewonline', user_notify = '$notifyreply', user_notify_pm = '$notifypm', user_popup_pm = '$popup_pm', user_timezone = '$user_timezone', user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = '$user_style', user_active = '$user_active', user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . " 521 WHERE user_id = '$user_id'"; 522 if ( !($result = $db->sql_query($sql)) ) 523 { 524 message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql); 525 } else { 526 527 getusrinfo($user); 528 docookie($userinfo["user_id"],$userinfo["username"],$userinfo["user_password"],$userinfo["storynum"],$userinfo["umode"],$userinfo["uorder"],$userinfo["thold"],$userinfo["noscore"],$userinfo["ublockon"],$userinfo["theme"],$userinfo["commentmax"]); 529 } 530 531 if ( !$user_active ) 532 { 533 // 534 // The users account has been deactivated, send them an email with a new activation key 535 // 536 include ("includes/emailer.php"); 537 $emailer = new emailer($board_config['smtp_delivery']); 538 539 $emailer->from($board_config['board_email']); 540 $emailer->replyto($board_config['board_email']); 541 542 $emailer->use_template('user_activate', stripslashes($user_lang)); 543 $emailer->email_address($email); 544 $emailer->set_subject($lang['Reactivate']); 545 546 $emailer->assign_vars(array( 547 'SITENAME' => $board_config['sitename'], 548 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)), 549 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 550 551 'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey) 552 ); 553 $emailer->send(); 554 $emailer->reset(); 555 //evcz mod=>logout 556 cookiedecode($user); 557 $r_uid = $cookie[0]; 558 $r_username = $cookie[1]; 559 setcookie("user"); 560 $db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$r_username'"); 561 $db->sql_query("DELETE FROM ".$prefix."_bbsessions WHERE session_user_id='$r_uid'"); 562 $user = ""; 563 //fine evcz mod=>logout 564 if (is_active("Forums")) { 565 $message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 566 } else { 567 $message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="index.php">', '</a>'); 568 } 569 } 570 else 571 { 572 if (is_active("Forums")) { 573 $message = $lang['Profile_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 574 } else { 575 $message = $lang['Profile_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="index.php">', '</a>'); 576 } 577 } 578 579 // $template->assign_vars(array( 580 // "META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">') 581 // ); 582 583 message_die(GENERAL_MESSAGE, $message); 584 } 585 else 586 { 587 $sql = "SELECT MAX(user_id) AS total 588 FROM " . USERS_TABLE; 589 if ( !($result = $db->sql_query($sql)) ) 590 { 591 message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); 592 } 593 594 if ( !($row = $db->sql_fetchrow($result)) ) 595 { 596 message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); 597 } 598 $user_id = $row['total'] + 1; 599 600 // 601 // Get current date 602 // 603 $reg_date = date("M d, Y"); 604 $sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey) 605 VALUES ('$user_id', '" . str_replace("\'", "''", $username) . "', '" . $reg_date . "', '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', '$attachsig', '$allowsmilies', '$allowhtml', '$allowbbcode', '$allowviewonline', '$notifyreply', '$notifypm', '$popup_pm', '$user_timezone', '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', '$user_style', '1', '1', "; 606 if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa ) 607 { 608 $user_actkey = gen_rand_string(true); 609 $key_len = 54 - (strlen($server_url)); 610 $key_len = ( $key_len > 6 ) ? $key_len : 6; 611 $user_actkey = substr($user_actkey, 0, $key_len); 612 $sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')"; 613 } 614 else 615 { 616 $sql .= "1, '')"; 617 } 618 619 if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) ) 620 { 621 message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql); 622 } 623 624 $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator) 625 VALUES ('', 'Personal User', '1', '0')"; 626 if ( !($result = $db->sql_query($sql)) ) 627 { 628 message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql); 629 } 630 631 $group_id = $db->sql_nextid(); 632 633 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) 634 VALUES ('$user_id', '$group_id', '0')"; 635 if( !($result = $db->sql_query($sql, END_TRANSACTION)) ) 636 { 637 message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql); 638 } 639 640 if ( $coppa ) 641 { 642 $message = $lang['COPPA']; 643 $email_template = 'coppa_welcome_inactive'; 644 } 645 else if ( $board_config['require_activation'] == USER_ACTIVATION_SELF ) 646 { 647 $message = $lang['Account_inactive']; 648 $email_template = 'user_welcome_inactive'; 649 } 650 else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) 651 { 652 $message = $lang['Account_inactive_admin']; 653 $email_template = 'admin_welcome_inactive'; 654 } 655 else 656 { 657 $message = $lang['Account_added']; 658 $email_template = 'user_welcome'; 659 } 660 661 include ("includes/emailer.php"); 662 $emailer = new emailer($board_config['smtp_delivery']); 663 664 $emailer->from($board_config['board_email']); 665 $emailer->replyto($board_config['board_email']); 666 667 $emailer->use_template($email_template, stripslashes($user_lang)); 668 $emailer->email_address($email); 669 $emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename'])); 670 671 if( $coppa ) 672 { 673 $emailer->assign_vars(array( 674 'SITENAME' => $board_config['sitename'], 675 'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']), 676 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)), 677 'PASSWORD' => $password_confirm, 678 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 679 680 'FAX_INFO' => $board_config['coppa_fax'], 681 'MAIL_INFO' => $board_config['coppa_mail'], 682 'EMAIL_ADDRESS' => $email, 683 'ICQ' => $icq, 684 'AIM' => $aim, 685 'YIM' => $yim, 686 'MSN' => $msn, 687 'WEB_SITE' => $website, 688 'FROM' => $location, 689 'OCC' => $occupation, 690 'INTERESTS' => $interests, 691 'SITENAME' => $board_config['sitename'])); 692 } 693 else 694 { 695 $emailer->assign_vars(array( 696 'SITENAME' => $board_config['sitename'], 697 'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']), 698 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)), 699 'PASSWORD' => $password_confirm, 700 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 701 702 'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey) 703 ); 704 } 705 706 $emailer->send(); 707 $emailer->reset(); 708 709 if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) 710 { 711 $sql = "SELECT user_email, user_lang 712 FROM " . USERS_TABLE . " 713 WHERE user_level = " . ADMIN; 714 715 if ( !($result = $db->sql_query($sql)) ) 716 { 717 message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql); 718 } 719 720 while ($row = $db->sql_fetchrow($result)) 721 { 722 $emailer->from($board_config['board_email']); 723 $emailer->replyto($board_config['board_email']); 724 725 $emailer->email_address(trim($row['user_email'])); 726 $emailer->use_template("admin_activate", $row['user_lang']); 727 $emailer->set_subject($lang['New_account_subject']); 728 729 $emailer->assign_vars(array( 730 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)), 731 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 732 733 'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey) 734 ); 735 $emailer->send(); 736 $emailer->reset(); 737 } 738 $db->sql_freeresult($result); 739 } 740 $message = $message . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 741 742 message_die(GENERAL_MESSAGE, $message); 743 } // if mode == register 744 } 745 } // End of submit 746 747 748 if ( $error ) 749 { 750 // 751 // If an error occured we need to stripslashes on returned data 752 // 753 $username = stripslashes($username); 754 $email = stripslashes($email); 755 $new_password = ''; 756 $password_confirm = ''; 757 758 $icq = stripslashes($icq); 759 $aim = str_replace('+', ' ', stripslashes($aim)); 760 $msn = stripslashes($msn); 761 $yim = stripslashes($yim); 762 763 $website = stripslashes($website); 764 $location = stripslashes($location); 765 $occupation = stripslashes($occupation); 766 $interests = stripslashes($interests); 767 $signature = stripslashes($signature); 768 $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $signature) : $signature; 769 770 $user_lang = stripslashes($user_lang); 771 $user_dateformat = stripslashes($user_dateformat); 772 773 } 774 else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) ) 775 { 776 $user_id = $userdata['user_id']; 777 $username = $userdata['username']; 778 $email = $userdata['user_email']; 779 $new_password = ''; 780 $password_confirm = ''; 781 782 $icq = $userdata['user_icq']; 783 $aim = str_replace('+', ' ', $userdata['user_aim']); 784 $msn = $userdata['user_msnm']; 785 $yim = $userdata['user_yim']; 786 787 $website = $userdata['user_website']; 788 $userdata['user_from'] = str_replace(".gif", "", $userdata['user_from']); 789 $location = $userdata['user_from']; 790 $occupation = $userdata['user_occ']; 791 $interests = $userdata['user_interests']; 792 $signature_bbcode_uid = $userdata['user_sig_bbcode_uid']; 793 $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $userdata['user_sig']) : $userdata['user_sig']; 794 795 $viewemail = $userdata['user_viewemail']; 796 $notifypm = $userdata['user_notify_pm']; 797 $popup_pm = $userdata['user_popup_pm']; 798 $notifyreply = $userdata['user_notify']; 799 $attachsig = $userdata['user_attachsig']; 800 $allowhtml = $userdata['user_allowhtml']; 801 $allowbbcode = $userdata['user_allowbbcode']; 802 $allowsmilies = $userdata['user_allowsmile']; 803 $allowviewonline = $userdata['user_allow_viewonline']; 804 805 $user_avatar = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar'] : ''; 806 $user_avatar_type = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar_type'] : USER_AVATAR_NONE; 807 808 $user_style = $userdata['user_style']; 809 $user_lang = $userdata['user_lang']; 810 $user_timezone = $userdata['user_timezone']; 811 $user_dateformat = $userdata['user_dateformat']; 812 } 813 814 // 815 // Default pages 816 // 817 include ("includes/page_header.php"); 818 819 make_jumpbox('viewforum.'.$phpEx); 820 821 if ( $mode == 'editprofile' ) 822 { 823 if ( $user_id != $userdata['user_id'] ) 824 { 825 $error = TRUE; 826 $error_msg = $lang['Wrong_Profile']; 827 } 828 } 829 830 if( isset($HTTP_POST_VARS['avatargallery']) && !$error ) 831 { 832 include ("includes/usercp_avatar.php"); 833 834 $avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory']) : ''; 835 836 $template->set_filenames(array( 837 'body' => 'profile_avatar_gallery.tpl') 838 ); 839 840 $allowviewonline = !$allowviewonline; 841 842 display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']); 843 } 844 else 845 { 846 include ("includes/functions_selects.php"); 847 848 if ( !isset($coppa) ) 849 { 850 $coppa = FALSE; 851 } 852 853 if ( !isset($user_template) ) 854 { 855 $selected_template = $board_config['system_template']; 856 } 857 858 $avatar_img = ''; 859 if ( $user_avatar_type ) 860 { 861 switch( $user_avatar_type ) 862 { 863 case USER_AVATAR_UPLOAD: 864 $avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />' : ''; 865 break; 866 case USER_AVATAR_REMOTE: 867 $avatar_img = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $user_avatar . '" alt="" />' : ''; 868 break; 869 case USER_AVATAR_GALLERY: 870 $avatar_img = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />' : ''; 871 break; 872 } 873 } 874 875 $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />'; 876 if( $mode == 'editprofile' ) 877 { 878 $s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />'; 879 // 880 // Send the users current email address. If they change it, and account activation is turned on 881 // the user account will be disabled and the user will have to reactivate their account. 882 // 883 $s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />'; 884 } 885 886 if ( !empty($user_avatar_local) ) 887 { 888 $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />'; 889 } 890 891 $html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF']; 892 $bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF']; 893 $smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF']; 894 895 if ( $error ) 896 { 897 $template->set_filenames(array( 898 'reg_header' => 'error_body.tpl') 899 ); 900 $template->assign_vars(array( 901 'ERROR_MESSAGE' => $error_msg) 902 ); 903 $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); 904 } 905 906 $template->set_filenames(array( 907 'body' => 'profile_add_body.tpl') 908 ); 909 910 if ( $mode == 'editprofile' ) 911 { 912 $template->assign_block_vars('switch_edit_profile', array()); 913 } 914 915 if ( ($mode == 'register') || ($board_config['allow_namechange']) ) 916 { 917 $template->assign_block_vars('switch_namechange_allowed', array()); 918 } 919 else 920 { 921 $template->assign_block_vars('switch_namechange_disallowed', array()); 922 } 923 924 925 // Visual Confirmation 926 $confirm_image = ''; 927 if (!empty($board_config['enable_confirm']) && $mode == 'register') 928 { 929 $sql = 'SELECT session_id 930 FROM ' . SESSIONS_TABLE; 931 if (!($result = $db->sql_query($sql))) 932 { 933 message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql); 934 } 935 936 if ($row = $db->sql_fetchrow($result)) 937 { 938 $confirm_sql = ''; 939 do 940 { 941 $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'"; 942 } 943 while ($row = $db->sql_fetchrow($result)); 944 945 $sql = 'DELETE FROM ' . CONFIRM_TABLE . " 946 WHERE session_id NOT IN ($confirm_sql)"; 947 if (!$db->sql_query($sql)) 948 { 949 message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql); 950 } 951 } 952 $db->sql_freeresult($result); 953 954 $sql = 'SELECT COUNT(session_id) AS attempts 955 FROM ' . CONFIRM_TABLE . " 956 WHERE session_id = '" . $userdata['session_id'] . "'"; 957 if (!($result = $db->sql_query($sql))) 958 { 959 message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql); 960 } 961 962 if ($row = $db->sql_fetchrow($result)) 963 { 964 if ($row['attempts'] > 3) 965 { 966 message_die(GENERAL_MESSAGE, $lang['Too_many_registers']); 967 } 968 } 969 $db->sql_freeresult($result); 970 971 $confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9'); 972 973 list($usec, $sec) = explode(' ', microtime()); 974 mt_srand($sec * $usec); 975 976 $max_chars = count($confirm_chars) - 1; 977 $code = ''; 978 for ($i = 0; $i < 6; $i++) 979 { 980 $code .= $confirm_chars[mt_rand(0, $max_chars)]; 981 } 982 983 $confirm_id = md5(uniqid($user_ip)); 984 985 $sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code) 986 VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')"; 987 if (!$db->sql_query($sql)) 988 { 989 message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql); 990 } 991 992 unset($code); 993 994 $confirm_image = (@extension_loaded('zlib')) ? '<img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id") . '" alt="" title="" />' : '<img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=1") . '" alt="" title="" /><img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=2") . '" alt="" title="" /><img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=3") . '" alt="" title="" /><img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=4") . '" alt="" title="" /><img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=5") . '" alt="" title="" /><img src="' . append_sid("usercp_confirm.$phpEx?id=$confirm_id&c=6") . '" alt="" title="" />'; 995 $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />'; 996 997 $template->assign_block_vars('switch_confirm', array()); 998 } 999 1000 1001 // 1002 // Let's do an overall check for settings/versions which would prevent 1003 // us from doing file uploads.... 1004 // 1005 $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; 1006 $form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"'; 1007 1008 $template->assign_vars(array( 1009 'USERNAME' => $username, 1010 'CUR_PASSWORD' => $cur_password, 1011 'NEW_PASSWORD' => $new_password, 1012 'PASSWORD_CONFIRM' => $password_confirm, 1013 'EMAIL' => $email, 1014 'CONFIRM_IMG' => $confirm_image, 1015 'YIM' => $yim, 1016 'ICQ' => $icq, 1017 'MSN' => $msn, 1018 'AIM' => $aim, 1019 'OCCUPATION' => $occupation, 1020 'INTERESTS' => $interests, 1021 'LOCATION' => $location, 1022 'WEBSITE' => $website, 1023 'SIGNATURE' => str_replace('<br />', "\n", $signature), 1024 'VIEW_EMAIL_YES' => ( $viewemail ) ? 'checked="checked"' : '', 1025 'VIEW_EMAIL_NO' => ( !$viewemail ) ? 'checked="checked"' : '', 1026 'HIDE_USER_YES' => ( !$allowviewonline ) ? 'checked="checked"' : '', 1027 'HIDE_USER_NO' => ( $allowviewonline ) ? 'checked="checked"' : '', 1028 'NOTIFY_PM_YES' => ( $notifypm ) ? 'checked="checked"' : '', 1029 'NOTIFY_PM_NO' => ( !$notifypm ) ? 'checked="checked"' : '', 1030 'POPUP_PM_YES' => ( $popup_pm ) ? 'checked="checked"' : '', 1031 'POPUP_PM_NO' => ( !$popup_pm ) ? 'checked="checked"' : '', 1032 'ALWAYS_ADD_SIGNATURE_YES' => ( $attachsig ) ? 'checked="checked"' : '', 1033 'ALWAYS_ADD_SIGNATURE_NO' => ( !$attachsig ) ? 'checked="checked"' : '', 1034 'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '', 1035 'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '', 1036 'ALWAYS_ALLOW_BBCODE_YES' => ( $allowbbcode ) ? 'checked="checked"' : '', 1037 'ALWAYS_ALLOW_BBCODE_NO' => ( !$allowbbcode ) ? 'checked="checked"' : '', 1038 'ALWAYS_ALLOW_HTML_YES' => ( $allowhtml ) ? 'checked="checked"' : '', 1039 'ALWAYS_ALLOW_HTML_NO' => ( !$allowhtml ) ? 'checked="checked"' : '', 1040 'ALWAYS_ALLOW_SMILIES_YES' => ( $allowsmilies ) ? 'checked="checked"' : '', 1041 'ALWAYS_ALLOW_SMILIES_NO' => ( !$allowsmilies ) ? 'checked="checked"' : '', 1042 'ALLOW_AVATAR' => $board_config['allow_avatar_upload'], 1043 'AVATAR' => $avatar_img, 1044 'AVATAR_SIZE' => $board_config['avatar_filesize'], 1045 'LANGUAGE_SELECT' => language_select($user_lang, 'language'), 1046 'STYLE_SELECT' => style_select($user_style, 'style'), 1047 'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'), 1048 'DATE_FORMAT' => $user_dateformat, 1049 'HTML_STATUS' => $html_status, 1050 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 1051 'SMILIES_STATUS' => $smilies_status, 1052 1053 'L_CURRENT_PASSWORD' => $lang['Current_password'], 1054 'L_NEW_PASSWORD' => ( $mode == 'register' ) ? $lang['Password'] : $lang['New_password'], 1055 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'], 1056 'L_CONFIRM_PASSWORD_EXPLAIN' => ( $mode == 'editprofile' ) ? $lang['Confirm_password_explain'] : '', 1057 'L_PASSWORD_IF_CHANGED' => ( $mode == 'editprofile' ) ? $lang['password_if_changed'] : '', 1058 'L_PASSWORD_CONFIRM_IF_CHANGED' => ( $mode == 'editprofile' ) ? $lang['password_confirm_if_changed'] : '', 1059 'L_SUBMIT' => $lang['Submit'], 1060 'L_RESET' => $lang['Reset'], 1061 'L_ICQ_NUMBER' => $lang['ICQ'], 1062 'L_MESSENGER' => $lang['MSNM'], 1063 'L_YAHOO' => $lang['YIM'], 1064 'L_WEBSITE' => $lang['Website'], 1065 'L_AIM' => $lang['AIM'], 1066 'L_LOCATION' => $lang['Location'], 1067 'L_OCCUPATION' => $lang['Occupation'], 1068 'L_BOARD_LANGUAGE' => $lang['Board_lang'], 1069 'L_BOARD_STYLE' => $lang['Board_style'], 1070 'L_TIMEZONE' => $lang['Timezone'], 1071 'L_DATE_FORMAT' => $lang['Date_format'], 1072 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'], 1073 'L_YES' => $lang['Yes'], 1074 'L_NO' => $lang['No'], 1075 'L_INTERESTS' => $lang['Interests'], 1076 'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'], 1077 'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'], 1078 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'], 1079 'L_HIDE_USER' => $lang['Hide_user'], 1080 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'], 1081 1082 'L_AVATAR_PANEL' => $lang['Avatar_panel'], 1083 'L_AVATAR_EXPLAIN' => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], (round($board_config['avatar_filesize'] / 1024))), 1084 'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'], 1085 'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'], 1086 'L_UPLOAD_AVATAR_URL_EXPLAIN' => $lang['Upload_Avatar_URL_explain'], 1087 'L_AVATAR_GALLERY' => $lang['Select_from_gallery'], 1088 'L_SHOW_GALLERY' => $lang['View_avatar_gallery'], 1089 'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'], 1090 'L_LINK_REMOTE_AVATAR_EXPLAIN' => $lang['Link_remote_Avatar_explain'], 1091 'L_DELETE_AVATAR' => $lang['Delete_Image'], 1092 'L_CURRENT_IMAGE' => $lang['Current_Image'], 1093 1094 'L_SIGNATURE' => $lang['Signature'], 1095 'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']), 1096 'L_NOTIFY_ON_REPLY' => $lang['Always_notify'], 1097 'L_NOTIFY_ON_REPLY_EXPLAIN' => $lang['Always_notify_explain'], 1098 'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'], 1099 'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'], 1100 'L_POPUP_ON_PRIVMSG_EXPLAIN' => $lang['Popup_on_privmsg_explain'], 1101 'L_PREFERENCES' => $lang['Preferences'], 1102 'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'], 1103 'L_ITEMS_REQUIRED' => $lang['Items_required'], 1104 'L_REGISTRATION_INFO' => $lang['Registration_info'], 1105 'L_PROFILE_INFO' => $lang['Profile_info'], 1106 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'], 1107 'L_EMAIL_ADDRESS' => $lang['Email_address'], 1108 1109 'L_CONFIRM_CODE_IMPAIRED' => sprintf($lang['Confirm_code_impaired'], '<a href="mailto:' . $board_config['board_email'] . '">', '</a>'), 1110 'L_CONFIRM_CODE' => $lang['Confirm_code'], 1111 'L_CONFIRM_CODE_EXPLAIN' => $lang['Confirm_code_explain'], 1112 1113 'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'], 1114 'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'], 1115 'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'], 1116 'S_HIDDEN_FIELDS' => $s_hidden_fields, 1117 'S_FORM_ENCTYPE' => $form_enctype, 1118 'S_PROFILE_ACTION' => append_sid("profile.$phpEx")) 1119 ); 1120 1121 // 1122 // This is another cheat using the block_var capability 1123 // of the templates to 'fake' an IF...ELSE...ENDIF solution 1124 // it works well :) 1125 // 1126 if ( $mode != 'register' ) 1127 { 1128 if ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) ) 1129 { 1130 $template->assign_block_vars('switch_avatar_block', array() ); 1131 1132 if ( $board_config['allow_avatar_upload'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_path'])) ) 1133 { 1134 if ( !empty($form_enctype) ) 1135 { 1136 $template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array() ); 1137 } 1138 $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array() ); 1139 } 1140 1141 if ( $board_config['allow_avatar_remote'] ) 1142 { 1143 $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array() ); 1144 } 1145 1146 if ( $board_config['allow_avatar_local'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_gallery_path'])) ) 1147 { 1148 $template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array() ); 1149 } 1150 } 1151 } 1152 } 1153 1154 function docookie($setuser_id, $setusername, $setuser_password, $setstorynum, $setumode, $setuorder, $setthold, $setnoscore, $setublockon, $settheme, $setcommentmax) { 1155 $info = base64_encode("$setuser_id:$setusername:$setuser_password:$setstorynum:$setumode:$setuorder:$setthold:$setnoscore:$setublockon:$settheme:$setcommentmax"); 1156 setcookie("user","$info",time()+15552000); 1157 } 1158 $template->pparse('body'); 1159 1160 include ("includes/page_tail.php"); 1161 1162 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |