| [ Index ] |
|
Code source de PunBB 1.2.16 |
1 <?php 2 /*********************************************************************** 3 4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) 5 6 This file is part of PunBB. 7 8 PunBB is free software; you can redistribute it and/or modify it 9 under the terms of the GNU General Public License as published 10 by the Free Software Foundation; either version 2 of the License, 11 or (at your option) any later version. 12 13 PunBB is distributed in the hope that it will be useful, but 14 WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program; if not, write to the Free Software 20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, 21 MA 02111-1307 USA 22 23 ************************************************************************/ 24 25 26 define('PUN_ROOT', './'); 27 require PUN_ROOT.'include/common.php'; 28 29 30 $action = isset($_GET['action']) ? $_GET['action'] : null; 31 $section = isset($_GET['section']) ? $_GET['section'] : null; 32 $id = isset($_GET['id']) ? intval($_GET['id']) : 0; 33 if ($id < 2) 34 message($lang_common['Bad request']); 35 36 if ($pun_user['g_read_board'] == '0' && ($action != 'change_pass' || !isset($_GET['key']))) 37 message($lang_common['No view']); 38 39 // Load the profile.php/register.php language file 40 require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php'; 41 42 // Load the profile.php language file 43 require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php'; 44 45 46 if ($action == 'change_pass') 47 { 48 if (isset($_GET['key'])) 49 { 50 // If the user is already logged in we shouldn't be here :) 51 if (!$pun_user['is_guest']) 52 { 53 header('Location: index.php'); 54 exit; 55 } 56 57 $key = $_GET['key']; 58 59 $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error()); 60 list($new_password_hash, $new_password_key) = $db->fetch_row($result); 61 62 if ($key == '' || $key != $new_password_key) 63 message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); 64 else 65 { 66 $db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\', activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error()); 67 68 message($lang_profile['Pass updated'], true); 69 } 70 } 71 72 // Make sure we are allowed to change this users password 73 if ($pun_user['id'] != $id) 74 { 75 if ($pun_user['g_id'] > PUN_MOD) // A regular user trying to change another users password? 76 message($lang_common['No permission']); 77 else if ($pun_user['g_id'] == PUN_MOD) // A moderator trying to change a users password? 78 { 79 $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 80 if (!$db->num_rows($result)) 81 message($lang_common['Bad request']); 82 83 if ($pun_config['p_mod_edit_users'] == '0' || $pun_config['p_mod_change_passwords'] == '0' || $db->result($result) < PUN_GUEST) 84 message($lang_common['No permission']); 85 } 86 } 87 88 if (isset($_POST['form_sent'])) 89 { 90 if ($pun_user['g_id'] < PUN_GUEST) 91 confirm_referrer('profile.php'); 92 93 $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : ''; 94 $new_password1 = trim($_POST['req_new_password1']); 95 $new_password2 = trim($_POST['req_new_password2']); 96 97 if ($new_password1 != $new_password2) 98 message($lang_prof_reg['Pass not match']); 99 if (strlen($new_password1) < 4) 100 message($lang_prof_reg['Pass too short']); 101 102 $result = $db->query('SELECT password, save_pass FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error()); 103 list($db_password_hash, $save_pass) = $db->fetch_row($result); 104 105 $authorized = false; 106 107 if (!empty($db_password_hash)) 108 { 109 $sha1_in_db = (strlen($db_password_hash) == 40) ? true : false; 110 $sha1_available = (function_exists('sha1') || function_exists('mhash')) ? true : false; 111 112 $old_password_hash = pun_hash($old_password); // This could result in either an SHA-1 or an MD5 hash 113 114 if (($sha1_in_db && $sha1_available && $db_password_hash == $old_password_hash) || 115 (!$sha1_in_db && $db_password_hash == md5($old_password)) || 116 $pun_user['g_id'] < PUN_GUEST) 117 $authorized = true; 118 } 119 120 if (!$authorized) 121 message($lang_profile['Wrong pass']); 122 123 $new_password_hash = pun_hash($new_password1); 124 125 $db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error()); 126 127 if ($pun_user['id'] == $id) 128 { 129 $expire = ($save_pass == '1') ? time() + 31536000 : 0; 130 pun_setcookie($pun_user['id'], $new_password_hash, $expire); 131 } 132 133 redirect('profile.php?section=essentials&id='.$id, $lang_profile['Pass updated redirect']); 134 } 135 136 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 137 $required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']); 138 $focus_element = array('change_pass', (($pun_user['g_id'] > PUN_MOD) ? 'req_old_password' : 'req_new_password1')); 139 require PUN_ROOT.'header.php'; 140 141 ?> 142 <div class="blockform"> 143 <h2><span><?php echo $lang_profile['Change pass'] ?></span></h2> 144 <div class="box"> 145 <form id="change_pass" method="post" action="profile.php?action=change_pass&id=<?php echo $id ?>" onsubmit="return process_form(this)"> 146 <div class="inform"> 147 <input type="hidden" name="form_sent" value="1" /> 148 <fieldset> 149 <legend><?php echo $lang_profile['Change pass legend'] ?></legend> 150 <div class="infldset"> 151 <?php if ($pun_user['g_id'] > PUN_MOD): ?> <label><strong><?php echo $lang_profile['Old pass'] ?></strong><br /> 152 <input type="password" name="req_old_password" size="16" maxlength="16" /><br /></label> 153 <?php endif; ?> <label class="conl"><strong><?php echo $lang_profile['New pass'] ?></strong><br /> 154 <input type="password" name="req_new_password1" size="16" maxlength="16" /><br /></label> 155 <label class="conl"><strong><?php echo $lang_profile['Confirm new pass'] ?></strong><br /> 156 <input type="password" name="req_new_password2" size="16" maxlength="16" /><br /></label> 157 <div class="clearb"></div> 158 </div> 159 </fieldset> 160 </div> 161 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> 162 </form> 163 </div> 164 </div> 165 <?php 166 167 require PUN_ROOT.'footer.php'; 168 } 169 170 171 else if ($action == 'change_email') 172 { 173 // Make sure we are allowed to change this users e-mail 174 if ($pun_user['id'] != $id) 175 { 176 if ($pun_user['g_id'] > PUN_MOD) // A regular user trying to change another users e-mail? 177 message($lang_common['No permission']); 178 else if ($pun_user['g_id'] == PUN_MOD) // A moderator trying to change a users e-mail? 179 { 180 $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 181 if (!$db->num_rows($result)) 182 message($lang_common['Bad request']); 183 184 if ($pun_config['p_mod_edit_users'] == '0' || $db->result($result) < PUN_GUEST) 185 message($lang_common['No permission']); 186 } 187 } 188 189 if (isset($_GET['key'])) 190 { 191 $key = $_GET['key']; 192 193 $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error()); 194 list($new_email, $new_email_key) = $db->fetch_row($result); 195 196 if ($key == '' || $key != $new_email_key) 197 message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); 198 else 199 { 200 $db->query('UPDATE '.$db->prefix.'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update e-mail address', __FILE__, __LINE__, $db->error()); 201 202 message($lang_profile['E-mail updated'], true); 203 } 204 } 205 else if (isset($_POST['form_sent'])) 206 { 207 if (pun_hash($_POST['req_password']) !== $pun_user['password']) 208 message($lang_profile['Wrong pass']); 209 210 require PUN_ROOT.'include/email.php'; 211 212 // Validate the email-address 213 $new_email = strtolower(trim($_POST['req_new_email'])); 214 if (!is_valid_email($new_email)) 215 message($lang_common['Invalid e-mail']); 216 217 // Check it it's a banned e-mail address 218 if (is_banned_email($new_email)) 219 { 220 if ($pun_config['p_allow_banned_email'] == '0') 221 message($lang_prof_reg['Banned e-mail']); 222 else if ($pun_config['o_mailing_list'] != '') 223 { 224 $mail_subject = 'Alerte - Adresse e-mail bannis détectée'; 225 $mail_message = 'L\'utilisateur \''.$pun_user['username'].'\' a changé son e-mail en une adresse interdite : '.$new_email."\n\n".'Profil utilisateur : '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'E-mail automatique'."\n".'(Ne répondez pas à ce message)'; 226 227 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); 228 } 229 } 230 231 // Check if someone else already has registered with that e-mail address 232 $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($new_email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 233 if ($db->num_rows($result)) 234 { 235 if ($pun_config['p_allow_dupe_email'] == '0') 236 message($lang_prof_reg['Dupe e-mail']); 237 else if ($pun_config['o_mailing_list'] != '') 238 { 239 while ($cur_dupe = $db->fetch_assoc($result)) 240 $dupe_list[] = $cur_dupe['username']; 241 242 $mail_subject = 'Alerte - Adresse e-mail en doublon détectée'; 243 $mail_message = 'L\'utilisateur \''.$pun_user['username'].'\' a changé son e-mail pour une adresse qui appartient déjà à : '.implode(', ', $dupe_list)."\n\n".'Profil utilisateur : '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'E-mail automatique'."\n".'(Ne répondez pas à ce message)'; 244 245 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); 246 } 247 } 248 249 250 $new_email_key = random_pass(8); 251 252 $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.$db->escape($new_email).'\', activate_key=\''.$new_email_key.'\' WHERE id='.$id) or error('Unable to update activation data', __FILE__, __LINE__, $db->error()); 253 254 // Load the "activate e-mail" template 255 $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_email.tpl')); 256 257 // The first row contains the subject 258 $first_crlf = strpos($mail_tpl, "\n"); 259 $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); 260 $mail_message = trim(substr($mail_tpl, $first_crlf)); 261 262 $mail_message = str_replace('<username>', $pun_user['username'], $mail_message); 263 $mail_message = str_replace('<base_url>', $pun_config['o_base_url'], $mail_message); 264 $mail_message = str_replace('<activation_url>', $pun_config['o_base_url'].'/profile.php?action=change_email&id='.$id.'&key='.$new_email_key, $mail_message); 265 $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message); 266 267 pun_mail($new_email, $mail_subject, $mail_message); 268 269 message($lang_profile['Activate e-mail sent'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); 270 } 271 272 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 273 $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']); 274 $focus_element = array('change_email', 'req_new_email'); 275 require PUN_ROOT.'header.php'; 276 277 ?> 278 <div class="blockform"> 279 <h2><span><?php echo $lang_profile['Change e-mail'] ?></span></h2> 280 <div class="box"> 281 <form id="change_email" method="post" action="profile.php?action=change_email&id=<?php echo $id ?>" id="change_email" onsubmit="return process_form(this)"> 282 <div class="inform"> 283 <fieldset> 284 <legend><?php echo $lang_profile['E-mail legend'] ?></legend> 285 <div class="infldset"> 286 <input type="hidden" name="form_sent" value="1" /> 287 <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label> 288 <label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label> 289 <p><?php echo $lang_profile['E-mail instructions'] ?></p> 290 </div> 291 </fieldset> 292 </div> 293 <p><input type="submit" name="new_email" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> 294 </form> 295 </div> 296 </div> 297 <?php 298 299 require PUN_ROOT.'footer.php'; 300 } 301 302 303 else if ($action == 'upload_avatar' || $action == 'upload_avatar2') 304 { 305 if ($pun_config['o_avatars'] == '0') 306 message($lang_profile['Avatars disabled']); 307 308 if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD) 309 message($lang_common['No permission']); 310 311 if (isset($_POST['form_sent'])) 312 { 313 if (!isset($_FILES['req_file'])) 314 message($lang_profile['No file']); 315 316 $uploaded_file = $_FILES['req_file']; 317 318 // Make sure the upload went smooth 319 if (isset($uploaded_file['error'])) 320 { 321 switch ($uploaded_file['error']) 322 { 323 case 1: // UPLOAD_ERR_INI_SIZE 324 case 2: // UPLOAD_ERR_FORM_SIZE 325 message($lang_profile['Too large ini']); 326 break; 327 328 case 3: // UPLOAD_ERR_PARTIAL 329 message($lang_profile['Partial upload']); 330 break; 331 332 case 4: // UPLOAD_ERR_NO_FILE 333 message($lang_profile['No file']); 334 break; 335 336 case 6: // UPLOAD_ERR_NO_TMP_DIR 337 message($lang_profile['No tmp directory']); 338 break; 339 340 default: 341 // No error occured, but was something actually uploaded? 342 if ($uploaded_file['size'] == 0) 343 message($lang_profile['No file']); 344 break; 345 } 346 } 347 348 if (is_uploaded_file($uploaded_file['tmp_name'])) 349 { 350 $allowed_types = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png', 'image/x-png'); 351 if (!in_array($uploaded_file['type'], $allowed_types)) 352 message($lang_profile['Bad type']); 353 354 // Make sure the file isn't too big 355 if ($uploaded_file['size'] > $pun_config['o_avatars_size']) 356 message($lang_profile['Too large'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].'.'); 357 358 // Determine type 359 $extensions = null; 360 if ($uploaded_file['type'] == 'image/gif') 361 $extensions = array('.gif', '.jpg', '.png'); 362 else if ($uploaded_file['type'] == 'image/jpeg' || $uploaded_file['type'] == 'image/pjpeg') 363 $extensions = array('.jpg', '.gif', '.png'); 364 else 365 $extensions = array('.png', '.gif', '.jpg'); 366 367 // Move the file to the avatar directory. We do this before checking the width/height to circumvent open_basedir restrictions. 368 if (!@move_uploaded_file($uploaded_file['tmp_name'], $pun_config['o_avatars_dir'].'/'.$id.'.tmp')) 369 message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.'); 370 371 // Now check the width/height 372 list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); 373 if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height']) 374 { 375 @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); 376 message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.'); 377 } 378 else if ($type == 1 && $uploaded_file['type'] != 'image/gif') // Prevent dodgy uploads 379 { 380 @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp'); 381 message($lang_profile['Bad type']); 382 } 383 384 // Delete any old avatars and put the new one in place 385 @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]); 386 @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[1]); 387 @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[2]); 388 @rename($pun_config['o_avatars_dir'].'/'.$id.'.tmp', $pun_config['o_avatars_dir'].'/'.$id.$extensions[0]); 389 @chmod($pun_config['o_avatars_dir'].'/'.$id.$extensions[0], 0644); 390 } 391 else 392 message($lang_profile['Unknown failure']); 393 394 // Enable use_avatar (seems sane since the user just uploaded an avatar) 395 $db->query('UPDATE '.$db->prefix.'users SET use_avatar=1 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error()); 396 397 redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar upload redirect']); 398 } 399 400 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 401 $required_fields = array('req_file' => $lang_profile['File']); 402 $focus_element = array('upload_avatar', 'req_file'); 403 require PUN_ROOT.'header.php'; 404 405 ?> 406 <div class="blockform"> 407 <h2><span><?php echo $lang_profile['Upload avatar'] ?></span></h2> 408 <div class="box"> 409 <form id="upload_avatar" method="post" enctype="multipart/form-data" action="profile.php?action=upload_avatar2&id=<?php echo $id ?>" onsubmit="return process_form(this)"> 410 <div class="inform"> 411 <fieldset> 412 <legend><?php echo $lang_profile['Upload avatar legend'] ?></legend> 413 <div class="infldset"> 414 <input type="hidden" name="form_sent" value="1" /> 415 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $pun_config['o_avatars_size'] ?>" /> 416 <label><strong><?php echo $lang_profile['File'] ?></strong><br /><input name="req_file" type="file" size="40" /><br /></label> 417 <p><?php echo $lang_profile['Avatar desc'].' '.$pun_config['o_avatars_width'].' x '.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].' '.$lang_common['and'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].' ('.ceil($pun_config['o_avatars_size'] / 1024) ?> KB).</p> 418 </div> 419 </fieldset> 420 </div> 421 <p><input type="submit" name="upload" value="<?php echo $lang_profile['Upload'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> 422 </form> 423 </div> 424 </div> 425 <?php 426 427 require PUN_ROOT.'footer.php'; 428 } 429 430 431 else if ($action == 'delete_avatar') 432 { 433 if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD) 434 message($lang_common['No permission']); 435 436 confirm_referrer('profile.php'); 437 438 @unlink($pun_config['o_avatars_dir'].'/'.$id.'.jpg'); 439 @unlink($pun_config['o_avatars_dir'].'/'.$id.'.png'); 440 @unlink($pun_config['o_avatars_dir'].'/'.$id.'.gif'); 441 442 // Disable use_avatar 443 $db->query('UPDATE '.$db->prefix.'users SET use_avatar=0 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error()); 444 445 redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar deleted redirect']); 446 } 447 448 449 else if (isset($_POST['update_group_membership'])) 450 { 451 if ($pun_user['g_id'] > PUN_ADMIN) 452 message($lang_common['No permission']); 453 454 confirm_referrer('profile.php'); 455 456 $new_group_id = intval($_POST['group_id']); 457 458 $db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group_id.' WHERE id='.$id) or error('Unable to change user group', __FILE__, __LINE__, $db->error()); 459 460 // If the user was a moderator or an administrator, we remove him/her from the moderator list in all forums as well 461 if ($new_group_id > PUN_MOD) 462 { 463 $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); 464 465 while ($cur_forum = $db->fetch_assoc($result)) 466 { 467 $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); 468 469 if (in_array($id, $cur_moderators)) 470 { 471 $username = array_search($id, $cur_moderators); 472 unset($cur_moderators[$username]); 473 $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; 474 475 $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); 476 } 477 } 478 } 479 480 redirect('profile.php?section=admin&id='.$id, $lang_profile['Group membership redirect']); 481 } 482 483 484 else if (isset($_POST['update_forums'])) 485 { 486 if ($pun_user['g_id'] > PUN_ADMIN) 487 message($lang_common['No permission']); 488 489 confirm_referrer('profile.php'); 490 491 // Get the username of the user we are processing 492 $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 493 $username = $db->result($result); 494 495 $moderator_in = (isset($_POST['moderator_in'])) ? array_keys($_POST['moderator_in']) : array(); 496 497 // Loop through all forums 498 $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); 499 500 while ($cur_forum = $db->fetch_assoc($result)) 501 { 502 $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); 503 // If the user should have moderator access (and he/she doesn't already have it) 504 if (in_array($cur_forum['id'], $moderator_in) && !in_array($id, $cur_moderators)) 505 { 506 $cur_moderators[$username] = $id; 507 ksort($cur_moderators); 508 509 $db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); 510 } 511 // If the user shouldn't have moderator access (and he/she already has it) 512 else if (!in_array($cur_forum['id'], $moderator_in) && in_array($id, $cur_moderators)) 513 { 514 unset($cur_moderators[$username]); 515 $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; 516 517 $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); 518 } 519 } 520 521 redirect('profile.php?section=admin&id='.$id, $lang_profile['Update forums redirect']); 522 } 523 524 525 else if (isset($_POST['ban'])) 526 { 527 if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0')) 528 message($lang_common['No permission']); 529 530 redirect('admin_bans.php?add_ban='.$id, $lang_profile['Ban redirect']); 531 } 532 533 534 else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply'])) 535 { 536 if ($pun_user['g_id'] > PUN_ADMIN) 537 message($lang_common['No permission']); 538 539 confirm_referrer('profile.php'); 540 541 // Get the username and group of the user we are deleting 542 $result = $db->query('SELECT group_id, username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 543 list($group_id, $username) = $db->fetch_row($result); 544 545 if ($group_id == PUN_ADMIN) 546 message('Les administrateurs ne peuvent êtres supprimés. Afin de supprimer cet utilisateur vous devez d\'abord le déplacer dans un autre groupe.'); 547 548 if (isset($_POST['delete_user_comply'])) 549 { 550 // If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well 551 if ($group_id < PUN_GUEST) 552 { 553 $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); 554 555 while ($cur_forum = $db->fetch_assoc($result)) 556 { 557 $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); 558 559 if (in_array($id, $cur_moderators)) 560 { 561 unset($cur_moderators[$username]); 562 $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL'; 563 564 $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); 565 } 566 } 567 } 568 569 // Delete any subscriptions 570 $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$id) or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error()); 571 572 // Remove him/her from the online list (if they happen to be logged in) 573 $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$id) or error('Unable to remove user from online list', __FILE__, __LINE__, $db->error()); 574 575 // Should we delete all posts made by this user? 576 if (isset($_POST['delete_posts'])) 577 { 578 require PUN_ROOT.'include/search_idx.php'; 579 @set_time_limit(0); 580 581 // Find all posts made by this user 582 $result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id='.$id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error()); 583 if ($db->num_rows($result)) 584 { 585 while ($cur_post = $db->fetch_assoc($result)) 586 { 587 // Determine whether this post is the "topic post" or not 588 $result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); 589 590 if ($db->result($result2) == $cur_post['id']) 591 delete_topic($cur_post['topic_id']); 592 else 593 delete_post($cur_post['id'], $cur_post['topic_id']); 594 595 update_forum($cur_post['forum_id']); 596 } 597 } 598 } 599 else 600 // Set all his/her posts to guest 601 $db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error()); 602 603 // Delete the user 604 $db->query('DELETE FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to delete user', __FILE__, __LINE__, $db->error()); 605 606 redirect('index.php', $lang_profile['User delete redirect']); 607 } 608 609 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 610 require PUN_ROOT.'header.php'; 611 612 ?> 613 <div class="blockform"> 614 <h2><span><?php echo $lang_profile['Confirm delete user'] ?></span></h2> 615 <div class="box"> 616 <form id="confirm_del_user" method="post" action="profile.php?id=<?php echo $id ?>"> 617 <div class="inform"> 618 <fieldset> 619 <legend><?php echo $lang_profile['Confirm delete legend'] ?></legend> 620 <div class="infldset"> 621 <p><?php echo $lang_profile['Confirmation info'].' '.pun_htmlspecialchars($username).'.' ?></p> 622 <div class="rbox"> 623 <label><input type="checkbox" name="delete_posts" value="1" checked="checked" /><?php echo $lang_profile['Delete posts'] ?><br /></label> 624 </div> 625 <p class="warntext"><strong><?php echo $lang_profile['Delete warning'] ?></strong></p> 626 </div> 627 </fieldset> 628 </div> 629 <p><input type="submit" name="delete_user_comply" value="<?php echo $lang_profile['Delete'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p> 630 </form> 631 </div> 632 </div> 633 <?php 634 635 require PUN_ROOT.'footer.php'; 636 } 637 638 639 else if (isset($_POST['form_sent'])) 640 { 641 // Fetch the user group of the user we are editing 642 $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 643 if (!$db->num_rows($result)) 644 message($lang_common['Bad request']); 645 646 $group_id = $db->result($result); 647 648 if ($pun_user['id'] != $id && 649 ($pun_user['g_id'] > PUN_MOD || 650 ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_edit_users'] == '0') || 651 ($pun_user['g_id'] == PUN_MOD && $group_id < PUN_GUEST))) 652 message($lang_common['No permission']); 653 654 if ($pun_user['g_id'] < PUN_GUEST) 655 confirm_referrer('profile.php'); 656 657 // Extract allowed elements from $_POST['form'] 658 function extract_elements($allowed_elements) 659 { 660 $form = array(); 661 662 while (list($key, $value) = @each($_POST['form'])) 663 { 664 if (in_array($key, $allowed_elements)) 665 $form[$key] = $value; 666 } 667 668 return $form; 669 } 670 671 $username_updated = false; 672 673 // Validate input depending on section 674 switch ($section) 675 { 676 case 'essentials': 677 { 678 $form = extract_elements(array('timezone', 'language')); 679 680 if ($pun_user['g_id'] < PUN_GUEST) 681 { 682 $form['admin_note'] = trim($_POST['admin_note']); 683 684 // Are we allowed to change usernames? 685 if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_rename_users'] == '1')) 686 { 687 $form['username'] = trim($_POST['req_username']); 688 $old_username = trim($_POST['old_username']); 689 690 if (strlen($form['username']) < 2) 691 message($lang_prof_reg['Username too short']); 692 else if (pun_strlen($form['username']) > 25) // This usually doesn't happen since the form element only accepts 25 characters 693 message($lang_common['Bad request']); 694 else if (!strcasecmp($form['username'], 'Guest') || !strcasecmp($form['username'], 'invité') || !strcasecmp($form['username'], $lang_common['Guest'])) 695 message($lang_prof_reg['Username guest']); 696 else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $form['username'])) 697 message($lang_prof_reg['Username IP']); 698 else if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $form['username'])) 699 message($lang_prof_reg['Username BBCode']); 700 701 // Check that the username is not already registered 702 $result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE username=\''.$db->escape($form['username']).'\' AND id!='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 703 if ($db->num_rows($result)) 704 message($lang_profile['Dupe username']); 705 706 if ($form['username'] != $old_username) 707 $username_updated = true; 708 } 709 710 // We only allow administrators to update the post count 711 if ($pun_user['g_id'] == PUN_ADMIN) 712 $form['num_posts'] = intval($_POST['num_posts']); 713 } 714 715 if ($pun_config['o_regs_verify'] == '0' || $pun_user['g_id'] < PUN_GUEST) 716 { 717 require PUN_ROOT.'include/email.php'; 718 719 // Validate the email-address 720 $form['email'] = strtolower(trim($_POST['req_email'])); 721 if (!is_valid_email($form['email'])) 722 message($lang_common['Invalid e-mail']); 723 } 724 725 // Make sure we got a valid language string 726 if (isset($form['language'])) 727 { 728 $form['language'] = preg_replace('#[\.\\\/]#', '', $form['language']); 729 if (!file_exists(PUN_ROOT.'lang/'.$form['language'].'/common.php')) 730 message($lang_common['Bad request']); 731 } 732 733 break; 734 } 735 736 case 'personal': 737 { 738 $form = extract_elements(array('realname', 'url', 'location')); 739 740 if ($pun_user['g_id'] == PUN_ADMIN) 741 $form['title'] = trim($_POST['title']); 742 else if ($pun_user['g_set_title'] == '1') 743 { 744 $form['title'] = trim($_POST['title']); 745 746 if ($form['title'] != '') 747 { 748 // A list of words that the title may not contain 749 // If the language is English, there will be some duplicates, but it's not the end of the world 750 $forbidden = array('Member', 'Moderator', 'Administrator', 'Banned', 'Guest', $lang_common['Member'], $lang_common['Moderator'], $lang_common['Administrator'], $lang_common['Banned'], $lang_common['Guest']); 751 752 if (in_array($form['title'], $forbidden)) 753 message($lang_profile['Forbidden title']); 754 } 755 } 756 757 // Add http:// if the URL doesn't contain it already 758 if ($form['url'] != '' && strpos(strtolower($form['url']), 'http://') !== 0) 759 $form['url'] = 'http://'.$form['url']; 760 761 break; 762 } 763 764 case 'messaging': 765 { 766 $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo')); 767 768 // If the ICQ UIN contains anything other than digits it's invalid 769 if ($form['icq'] != '' && @preg_match('/[^0-9]/', $form['icq'])) 770 message($lang_prof_reg['Bad ICQ']); 771 772 break; 773 } 774 775 case 'personality': 776 { 777 $form = extract_elements(array('use_avatar')); 778 779 // Clean up signature from POST 780 $form['signature'] = pun_linebreaks(trim($_POST['signature'])); 781 782 // Validate signature 783 if (pun_strlen($form['signature']) > $pun_config['p_sig_length']) 784 message($lang_prof_reg['Sig too long'].' '.$pun_config['p_sig_length'].' '.$lang_prof_reg['characters'].'.'); 785 else if (substr_count($form['signature'], "\n") > ($pun_config['p_sig_lines']-1)) 786 message($lang_prof_reg['Sig too many lines'].' '.$pun_config['p_sig_lines'].' '.$lang_prof_reg['lines'].'.'); 787 else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && strtoupper($form['signature']) == $form['signature'] && $pun_user['g_id'] > PUN_MOD) 788 $form['signature'] = ucwords(strtolower($form['signature'])); 789 790 // Validate BBCode syntax 791 if ($pun_config['p_sig_bbcode'] == '1' && strpos($form['signature'], '[') !== false && strpos($form['signature'], ']') !== false) 792 { 793 require PUN_ROOT.'include/parser.php'; 794 $form['signature'] = preparse_bbcode($form['signature'], $foo, true); 795 } 796 797 if (!isset($form['use_avatar']) || $form['use_avatar'] != '1') $form['use_avatar'] = '0'; 798 799 break; 800 } 801 802 case 'display': 803 { 804 $form = extract_elements(array('disp_topics', 'disp_posts', 'show_smilies', 'show_img', 'show_img_sig', 'show_avatars', 'show_sig', 'style')); 805 806 if ($form['disp_topics'] != '' && intval($form['disp_topics']) < 3) $form['disp_topics'] = 3; 807 if ($form['disp_topics'] != '' && intval($form['disp_topics']) > 75) $form['disp_topics'] = 75; 808 if ($form['disp_posts'] != '' && intval($form['disp_posts']) < 3) $form['disp_posts'] = 3; 809 if ($form['disp_posts'] != '' && intval($form['disp_posts']) > 75) $form['disp_posts'] = 75; 810 811 if (!isset($form['show_smilies']) || $form['show_smilies'] != '1') $form['show_smilies'] = '0'; 812 if (!isset($form['show_img']) || $form['show_img'] != '1') $form['show_img'] = '0'; 813 if (!isset($form['show_img_sig']) || $form['show_img_sig'] != '1') $form['show_img_sig'] = '0'; 814 if (!isset($form['show_avatars']) || $form['show_avatars'] != '1') $form['show_avatars'] = '0'; 815 if (!isset($form['show_sig']) || $form['show_sig'] != '1') $form['show_sig'] = '0'; 816 817 break; 818 } 819 820 case 'privacy': 821 { 822 $form = extract_elements(array('email_setting', 'save_pass', 'notify_with_post')); 823 824 $form['email_setting'] = intval($form['email_setting']); 825 if ($form['email_setting'] < 0 && $form['email_setting'] > 2) $form['email_setting'] = 1; 826 827 if (!isset($form['save_pass']) || $form['save_pass'] != '1') $form['save_pass'] = '0'; 828 if (!isset($form['notify_with_post']) || $form['notify_with_post'] != '1') $form['notify_with_post'] = '0'; 829 830 // If the save_pass setting has changed, we need to set a new cookie with the appropriate expire date 831 if ($pun_user['id'] == $id && $form['save_pass'] != $pun_user['save_pass']) 832 { 833 $result = $db->query('SELECT password FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user password hash', __FILE__, __LINE__, $db->error()); 834 pun_setcookie($id, $db->result($result), ($form['save_pass'] == '1') ? time() + 31536000 : 0); 835 } 836 837 break; 838 } 839 840 default: 841 message($lang_common['Bad request']); 842 } 843 844 845 // Singlequotes around non-empty values and NULL for empty values 846 $temp = array(); 847 while (list($key, $input) = @each($form)) 848 { 849 $value = ($input !== '') ? '\''.$db->escape($input).'\'' : 'NULL'; 850 851 $temp[] = $key.'='.$value; 852 } 853 854 if (empty($temp)) 855 message($lang_common['Bad request']); 856 857 858 $db->query('UPDATE '.$db->prefix.'users SET '.implode(',', $temp).' WHERE id='.$id) or error('Unable to update profile', __FILE__, __LINE__, $db->error()); 859 860 // If we changed the username we have to update some stuff 861 if ($username_updated) 862 { 863 $db->query('UPDATE '.$db->prefix.'posts SET poster=\''.$db->escape($form['username']).'\' WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error()); 864 $db->query('UPDATE '.$db->prefix.'topics SET poster=\''.$db->escape($form['username']).'\' WHERE poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error()); 865 $db->query('UPDATE '.$db->prefix.'topics SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update topics', __FILE__, __LINE__, $db->error()); 866 $db->query('UPDATE '.$db->prefix.'forums SET last_poster=\''.$db->escape($form['username']).'\' WHERE last_poster=\''.$db->escape($old_username).'\'') or error('Unable to update forums', __FILE__, __LINE__, $db->error()); 867 $db->query('UPDATE '.$db->prefix.'online SET ident=\''.$db->escape($form['username']).'\' WHERE ident=\''.$db->escape($old_username).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error()); 868 869 // If the user is a moderator or an administrator we have to update the moderator lists 870 $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 871 $group_id = $db->result($result); 872 873 if ($group_id < PUN_GUEST) 874 { 875 $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); 876 877 while ($cur_forum = $db->fetch_assoc($result)) 878 { 879 $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); 880 881 if (in_array($id, $cur_moderators)) 882 { 883 unset($cur_moderators[$old_username]); 884 $cur_moderators[$form['username']] = $id; 885 ksort($cur_moderators); 886 887 $db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error()); 888 } 889 } 890 } 891 } 892 893 redirect('profile.php?section='.$section.'&id='.$id, $lang_profile['Profile redirect']); 894 } 895 896 897 $result = $db->query('SELECT u.username, u.email, u.title, u.realname, u.url, u.jabber, u.icq, u.msn, u.aim, u.yahoo, u.location, u.use_avatar, u.signature, u.disp_topics, u.disp_posts, u.email_setting, u.save_pass, u.notify_with_post, u.show_smilies, u.show_img, u.show_img_sig, u.show_avatars, u.show_sig, u.timezone, u.language, u.style, u.num_posts, u.last_post, u.registered, u.registration_ip, u.admin_note, g.g_id, g.g_user_title FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); 898 if (!$db->num_rows($result)) 899 message($lang_common['Bad request']); 900 901 $user = $db->fetch_assoc($result); 902 903 $last_post = format_time($user['last_post']); 904 905 if ($user['signature'] != '') 906 { 907 require PUN_ROOT.'include/parser.php'; 908 $parsed_signature = parse_signature($user['signature']); 909 } 910 911 912 // View or edit? 913 if ($pun_user['id'] != $id && 914 ($pun_user['g_id'] > PUN_MOD || 915 ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_edit_users'] == '0') || 916 ($pun_user['g_id'] == PUN_MOD && $user['g_id'] < PUN_GUEST))) 917 { 918 if ($user['email_setting'] == '0' && !$pun_user['is_guest']) 919 $email_field = '<a href="mailto:'.$user['email'].'">'.$user['email'].'</a>'; 920 else if ($user['email_setting'] == '1' && !$pun_user['is_guest']) 921 $email_field = '<a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a>'; 922 else 923 $email_field = $lang_profile['Private']; 924 925 $user_title_field = get_title($user); 926 927 if ($user['url'] != '') 928 { 929 $user['url'] = pun_htmlspecialchars($user['url']); 930 931 if ($pun_config['o_censoring'] == '1') 932 $user['url'] = censor_words($user['url']); 933 934 $url = '<a href="'.$user['url'].'">'.$user['url'].'</a>'; 935 } 936 else 937 $url = $lang_profile['Unknown']; 938 939 if ($pun_config['o_avatars'] == '1') 940 { 941 if ($user['use_avatar'] == '1') 942 { 943 if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.gif')) 944 $avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.gif" '.$img_size[3].' alt="" />'; 945 else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.jpg')) 946 $avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.jpg" '.$img_size[3].' alt="" />'; 947 else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.png')) 948 $avatar_field = '<img src="'.$pun_config['o_avatars_dir'].'/'.$id.'.png" '.$img_size[3].' alt="" />'; 949 else 950 $avatar_field = $lang_profile['No avatar']; 951 } 952 else 953 $avatar_field = $lang_profile['No avatar']; 954 } 955 956 $posts_field = ''; 957 if ($pun_config['o_show_post_count'] == '1' || $pun_user['g_id'] < PUN_GUEST) 958 $posts_field = $user['num_posts']; 959 if ($pun_user['g_search'] == '1') 960 $posts_field .= (($posts_field != '') ? ' - ' : '').'<a href="search.php?action=show_user&user_id='.$id.'">'.$lang_profile['Show posts'].'</a>'; 961 962 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 963 define('PUN_ALLOW_INDEX', 1); 964 require PUN_ROOT.'header.php'; 965 966 ?> 967 <div id="viewprofile" class="block"> 968 <h2><span><?php echo $lang_common['Profile'] ?></span></h2> 969 <div class="box"> 970 <div class="fakeform"> 971 <div class="inform"> 972 <fieldset> 973 <legend><?php echo $lang_profile['Section personal'] ?></legend> 974 <div class="infldset"> 975 <dl> 976 <dt><?php echo $lang_common['Username'] ?>: </dt> 977 <dd><?php echo pun_htmlspecialchars($user['username']) ?></dd> 978 <dt><?php echo $lang_common['Title'] ?>: </dt> 979 <dd><?php echo ($pun_config['o_censoring'] == '1') ? censor_words($user_title_field) : $user_title_field; ?></dd> 980 <dt><?php echo $lang_profile['Realname'] ?>: </dt> 981 <dd><?php echo ($user['realname'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['realname']) : $user['realname']) : $lang_profile['Unknown']; ?></dd> 982 <dt><?php echo $lang_profile['Location'] ?>: </dt> 983 <dd><?php echo ($user['location'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['location']) : $user['location']) : $lang_profile['Unknown']; ?></dd> 984 <dt><?php echo $lang_profile['Website'] ?>: </dt> 985 <dd><?php echo $url ?> </dd> 986 <dt><?php echo $lang_common['E-mail'] ?>: </dt> 987 <dd><?php echo $email_field ?></dd> 988 </dl> 989 <div class="clearer"></div> 990 </div> 991 </fieldset> 992 </div> 993 <div class="inform"> 994 <fieldset> 995 <legend><?php echo $lang_profile['Section messaging'] ?></legend> 996 <div class="infldset"> 997 <dl> 998 <dt><?php echo $lang_profile['Jabber'] ?>: </dt> 999 <dd><?php echo ($user['jabber'] !='') ? pun_htmlspecialchars($user['jabber']) : $lang_profile['Unknown']; ?></dd> 1000 <dt><?php echo $lang_profile['ICQ'] ?>: </dt> 1001 <dd><?php echo ($user['icq'] !='') ? $user['icq'] : $lang_profile['Unknown']; ?></dd> 1002 <dt><?php echo $lang_profile['MSN'] ?>: </dt> 1003 <dd><?php echo ($user['msn'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['msn']) : $user['msn']) : $lang_profile['Unknown']; ?></dd> 1004 <dt><?php echo $lang_profile['AOL IM'] ?>: </dt> 1005 <dd><?php echo ($user['aim'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['aim']) : $user['aim']) : $lang_profile['Unknown']; ?></dd> 1006 <dt><?php echo $lang_profile['Yahoo'] ?>: </dt> 1007 <dd><?php echo ($user['yahoo'] !='') ? pun_htmlspecialchars(($pun_config['o_censoring'] == '1') ? censor_words($user['yahoo']) : $user['yahoo']) : $lang_profile['Unknown']; ?></dd> 1008 </dl> 1009 <div class="clearer"></div> 1010 </div> 1011 </fieldset> 1012 </div> 1013 <div class="inform"> 1014 <fieldset> 1015 <legend><?php echo $lang_profile['Section personality'] ?></legend> 1016 <div class="infldset"> 1017 <dl> 1018 <?php if ($pun_config['o_avatars'] == '1'): ?> <dt><?php echo $lang_profile['Avatar'] ?>: </dt> 1019 <dd><?php echo $avatar_field ?></dd> 1020 <?php endif; ?> <dt><?php echo $lang_profile['Signature'] ?>: </dt> 1021 <dd><div><?php echo isset($parsed_signature) ? $parsed_signature : $lang_profile['No sig']; ?></div></dd> 1022 </dl> 1023 <div class="clearer"></div> 1024 </div> 1025 </fieldset> 1026 </div> 1027 <div class="inform"> 1028 <fieldset> 1029 <legend><?php echo $lang_profile['User activity'] ?></legend> 1030 <div class="infldset"> 1031 <dl> 1032 <?php if ($posts_field != ''): ?> <dt><?php echo $lang_common['Posts'] ?>: </dt> 1033 <dd><?php echo $posts_field ?></dd> 1034 <?php endif; ?> <dt><?php echo $lang_common['Last post'] ?>: </dt> 1035 <dd><?php echo $last_post ?></dd> 1036 <dt><?php echo $lang_common['Registered'] ?>: </dt> 1037 <dd><?php echo format_time($user['registered'], true) ?></dd> 1038 </dl> 1039 <div class="clearer"></div> 1040 </div> 1041 </fieldset> 1042 </div> 1043 </div> 1044 </div> 1045 </div> 1046 1047 <?php 1048 1049 require PUN_ROOT.'footer.php'; 1050 } 1051 else 1052 { 1053 if (!$section || $section == 'essentials') 1054 { 1055 if ($pun_user['g_id'] < PUN_GUEST) 1056 { 1057 if ($pun_user['g_id'] == PUN_ADMIN || $pun_config['p_mod_rename_users'] == '1') 1058 $username_field = '<input type="hidden" name="old_username" value="'.pun_htmlspecialchars($user['username']).'" /><label><strong>'.$lang_common['Username'].'</strong><br /><input type="text" name="req_username" value="'.pun_htmlspecialchars($user['username']).'" size="25" maxlength="25" /><br /></label>'."\n"; 1059 else 1060 $username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n"; 1061 1062 $email_field = '<label><strong>'.$lang_common['E-mail'].'</strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50" /><br /></label><p><a href="misc.php?email='.$id.'">'.$lang_common['Send e-mail'].'</a></p>'."\n"; 1063 } 1064 else 1065 { 1066 $username_field = '<p>'.$lang_common['Username'].': '.pun_htmlspecialchars($user['username']).'</p>'."\n"; 1067 1068 if ($pun_config['o_regs_verify'] == '1') 1069 $email_field = '<p>'.$lang_common['E-mail'].': '.$user['email'].' - <a href="profile.php?action=change_email&id='.$id.'">'.$lang_profile['Change e-mail'].'</a></p>'."\n"; 1070 else 1071 $email_field = '<label><strong>'.$lang_common['E-mail'].'</strong><br /><input type="text" name="req_email" value="'.$user['email'].'" size="40" maxlength="50" /><br /></label>'."\n"; 1072 } 1073 1074 if ($pun_user['g_id'] == PUN_ADMIN) 1075 $posts_field = '<label>'.$lang_common['Posts'].'<br /><input type="text" name="num_posts" value="'.$user['num_posts'].'" size="8" maxlength="8" /><br /></label><p><a href="search.php?action=show_user&user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n"; 1076 else if ($pun_config['o_show_post_count'] == '1' || $pun_user['g_id'] < PUN_GUEST) 1077 $posts_field = '<p>'.$lang_common['Posts'].': '.$user['num_posts'].' - <a href="search.php?action=show_user&user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n"; 1078 else 1079 $posts_field = '<p><a href="search.php?action=show_user&user_id='.$id.'">'.$lang_profile['Show posts'].'</a></p>'."\n"; 1080 1081 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1082 $required_fields = array('req_username' => $lang_common['Username'], 'req_email' => $lang_common['E-mail']); 1083 require PUN_ROOT.'header.php'; 1084 1085 generate_profile_menu('essentials'); 1086 1087 ?> 1088 <div class="blockform"> 1089 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section essentials'] ?></span></h2> 1090 <div class="box"> 1091 <form id="profile1" method="post" action="profile.php?section=essentials&id=<?php echo $id ?>" onsubmit="return process_form(this)"> 1092 <div class="inform"> 1093 <fieldset> 1094 <legend><?php echo $lang_profile['Username and pass legend'] ?></legend> 1095 <div class="infldset"> 1096 <input type="hidden" name="form_sent" value="1" /> 1097 <?php echo $username_field ?> 1098 <?php if ($pun_user['id'] == $id || $pun_user['g_id'] == PUN_ADMIN || ($user['g_id'] > PUN_MOD && $pun_config['p_mod_change_passwords'] == '1')): ?><p><a href="profile.php?action=change_pass&id=<?php echo $id ?>"><?php echo $lang_profile['Change pass'] ?></a></p> 1099 <?php endif; ?> </div> 1100 </fieldset> 1101 </div> 1102 <div class="inform"> 1103 <fieldset> 1104 <legend><?php echo $lang_prof_reg['E-mail legend'] ?></legend> 1105 <div class="infldset"> 1106 <?php echo $email_field ?> 1107 </div> 1108 </fieldset> 1109 </div> 1110 <div class="inform"> 1111 <fieldset> 1112 <legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend> 1113 <div class="infldset"> 1114 <label><?php echo $lang_prof_reg['Timezone'] ?>: <?php echo $lang_prof_reg['Timezone info'] ?> 1115 <br /><select name="form[timezone]"> 1116 <option value="-12"<?php if ($user['timezone'] == -12) echo ' selected="selected"' ?>>-12</option> 1117 <option value="-11"<?php if ($user['timezone'] == -11) echo ' selected="selected"' ?>>-11</option> 1118 <option value="-10"<?php if ($user['timezone'] == -10) echo ' selected="selected"' ?>>-10</option> 1119 <option value="-9.5"<?php if ($user['timezone'] == -9.5) echo ' selected="selected"' ?>>-09.5</option> 1120 <option value="-9"<?php if ($user['timezone'] == -9) echo ' selected="selected"' ?>>-09</option> 1121 <option value="-8.5"<?php if ($user['timezone'] == -8.5) echo ' selected="selected"' ?>>-08.5</option> 1122 <option value="-8"<?php if ($user['timezone'] == -8) echo ' selected="selected"' ?>>-08 PST</option> 1123 <option value="-7"<?php if ($user['timezone'] == -7) echo ' selected="selected"' ?>>-07 MST</option> 1124 <option value="-6"<?php if ($user['timezone'] == -6) echo ' selected="selected"' ?>>-06 CST</option> 1125 <option value="-5"<?php if ($user['timezone'] == -5) echo ' selected="selected"' ?>>-05 EST</option> 1126 <option value="-4"<?php if ($user['timezone'] == -4) echo ' selected="selected"' ?>>-04 AST</option> 1127 <option value="-3.5"<?php if ($user['timezone'] == -3.5) echo ' selected="selected"' ?>>-03.5</option> 1128 <option value="-3"<?php if ($user['timezone'] == -3) echo ' selected="selected"' ?>>-03 ADT</option> 1129 <option value="-2"<?php if ($user['timezone'] == -2) echo ' selected="selected"' ?>>-02</option> 1130 <option value="-1"<?php if ($user['timezone'] == -1) echo ' selected="selected"' ?>>-01</option> 1131 <option value="0"<?php if ($user['timezone'] == 0) echo ' selected="selected"' ?>>00 GMT</option> 1132 <option value="1"<?php if ($user['timezone'] == 1) echo ' selected="selected"' ?>>+01 CET</option> 1133 <option value="2"<?php if ($user['timezone'] == 2) echo ' selected="selected"' ?>>+02</option> 1134 <option value="3"<?php if ($user['timezone'] == 3) echo ' selected="selected"' ?>>+03</option> 1135 <option value="3.5"<?php if ($user['timezone'] == 3.5) echo ' selected="selected"' ?>>+03.5</option> 1136 <option value="4"<?php if ($user['timezone'] == 4) echo ' selected="selected"' ?>>+04</option> 1137 <option value="4.5"<?php if ($user['timezone'] == 4.5) echo ' selected="selected"' ?>>+04.5</option> 1138 <option value="5"<?php if ($user['timezone'] == 5) echo ' selected="selected"' ?>>+05</option> 1139 <option value="5.5"<?php if ($user['timezone'] == 5.5) echo ' selected="selected"' ?>>+05.5</option> 1140 <option value="6"<?php if ($user['timezone'] == 6) echo ' selected="selected"' ?>>+06</option> 1141 <option value="6.5"<?php if ($user['timezone'] == 6.5) echo ' selected="selected"' ?>>+06.5</option> 1142 <option value="7"<?php if ($user['timezone'] == 7) echo ' selected="selected"' ?>>+07</option> 1143 <option value="8"<?php if ($user['timezone'] == 8) echo ' selected="selected"' ?>>+08</option> 1144 <option value="9"<?php if ($user['timezone'] == 9) echo ' selected="selected"' ?>>+09</option> 1145 <option value="9.5"<?php if ($user['timezone'] == 9.5) echo ' selected="selected"' ?>>+09.5</option> 1146 <option value="10"<?php if ($user['timezone'] == 10) echo ' selected="selected"' ?>>+10</option> 1147 <option value="10.5"<?php if ($user['timezone'] == 10.5) echo ' selected="selected"' ?>>+10.5</option> 1148 <option value="11"<?php if ($user['timezone'] == 11) echo ' selected="selected"' ?>>+11</option> 1149 <option value="11.5"<?php if ($user['timezone'] == 11.5) echo ' selected="selected"' ?>>+11.5</option> 1150 <option value="12"<?php if ($user['timezone'] == 12) echo ' selected="selected"' ?>>+12</option> 1151 <option value="13"<?php if ($user['timezone'] == 13) echo ' selected="selected"' ?>>+13</option> 1152 <option value="14"<?php if ($user['timezone'] == 14) echo ' selected="selected"' ?>>+14</option> 1153 </select> 1154 <br /></label> 1155 <?php 1156 1157 $languages = array(); 1158 $d = dir(PUN_ROOT.'lang'); 1159 while (($entry = $d->read()) !== false) 1160 { 1161 if ($entry != '.' && $entry != '..' && is_dir(PUN_ROOT.'lang/'.$entry) && file_exists(PUN_ROOT.'lang/'.$entry.'/common.php')) 1162 $languages[] = $entry; 1163 } 1164 $d->close(); 1165 1166 // Only display the language selection box if there's more than one language available 1167 if (count($languages) > 1) 1168 { 1169 natsort($languages); 1170 1171 ?> 1172 <label><?php echo $lang_prof_reg['Language'] ?>: <?php echo $lang_prof_reg['Language info'] ?> 1173 <br /><select name="form[language]"> 1174 <?php 1175 1176 while (list(, $temp) = @each($languages)) 1177 { 1178 if ($user['language'] == $temp) 1179 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.$temp.'</option>'."\n"; 1180 else 1181 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.$temp.'</option>'."\n"; 1182 } 1183 1184 ?> 1185 </select> 1186 <br /></label> 1187 <?php 1188 1189 } 1190 1191 ?> 1192 </div> 1193 </fieldset> 1194 </div> 1195 <div class="inform"> 1196 <fieldset> 1197 <legend><?php echo $lang_profile['User activity'] ?></legend> 1198 <div class="infldset"> 1199 <p><?php echo $lang_common['Registered'] ?>: <?php echo format_time($user['registered'], true); if ($pun_user['g_id'] < PUN_GUEST) echo ' (<a href="moderate.php?get_host='.pun_htmlspecialchars($user['registration_ip']).'">'.pun_htmlspecialchars($user['registration_ip']).'</a>)'; ?></p> 1200 <p><?php echo $lang_common['Last post'] ?>: <?php echo $last_post ?></p> 1201 <?php echo $posts_field ?> 1202 <?php if ($pun_user['g_id'] < PUN_GUEST): ?> <label><?php echo $lang_profile['Admin note'] ?><br /> 1203 <input id="admin_note" type="text" name="admin_note" value="<?php echo pun_htmlspecialchars($user['admin_note']) ?>" size="30" maxlength="30" /><br /></label> 1204 </div> 1205 <?php endif; ?> </fieldset> 1206 </div> 1207 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p> 1208 </form> 1209 </div> 1210 </div> 1211 <?php 1212 1213 } 1214 else if ($section == 'personal') 1215 { 1216 if ($pun_user['g_set_title'] == '1') 1217 $title_field = '<label>'.$lang_common['Title'].' (<em>'.$lang_profile['Leave blank'].'</em>)<br /><input type="text" name="title" value="'.pun_htmlspecialchars($user['title']).'" size="30" maxlength="50" /><br /></label>'."\n"; 1218 1219 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1220 require PUN_ROOT.'header.php'; 1221 1222 generate_profile_menu('personal'); 1223 1224 ?> 1225 <div class="blockform"> 1226 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personal'] ?></span></h2> 1227 <div class="box"> 1228 <form id="profile2" method="post" action="profile.php?section=personal&id=<?php echo $id ?>"> 1229 <div class="inform"> 1230 <fieldset> 1231 <legend><?php echo $lang_profile['Personal details legend'] ?></legend> 1232 <div class="infldset"> 1233 <input type="hidden" name="form_sent" value="1" /> 1234 <label><?php echo $lang_profile['Realname'] ?><br /><input type="text" name="form[realname]" value="<?php echo pun_htmlspecialchars($user['realname']) ?>" size="40" maxlength="40" /><br /></label> 1235 <?php if (isset($title_field)): ?> <?php echo $title_field ?> 1236 <?php endif; ?> <label><?php echo $lang_profile['Location'] ?><br /><input type="text" name="form[location]" value="<?php echo pun_htmlspecialchars($user['location']) ?>" size="30" maxlength="30" /><br /></label> 1237 <label><?php echo $lang_profile['Website'] ?><br /><input type="text" name="form[url]" value="<?php echo pun_htmlspecialchars($user['url']) ?>" size="50" maxlength="80" /><br /></label> 1238 </div> 1239 </fieldset> 1240 </div> 1241 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p> 1242 </form> 1243 </div> 1244 </div> 1245 <?php 1246 1247 } 1248 else if ($section == 'messaging') 1249 { 1250 1251 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1252 require PUN_ROOT.'header.php'; 1253 1254 generate_profile_menu('messaging'); 1255 1256 ?> 1257 <div class="blockform"> 1258 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section messaging'] ?></span></h2> 1259 <div class="box"> 1260 <form id="profile3" method="post" action="profile.php?section=messaging&id=<?php echo $id ?>"> 1261 <div class="inform"> 1262 <fieldset> 1263 <legend><?php echo $lang_profile['Contact details legend'] ?></legend> 1264 <div class="infldset"> 1265 <input type="hidden" name="form_sent" value="1" /> 1266 <label><?php echo $lang_profile['Jabber'] ?><br /><input id="jabber" type="text" name="form[jabber]" value="<?php echo pun_htmlspecialchars($user['jabber']) ?>" size="40" maxlength="75" /><br /></label> 1267 <label><?php echo $lang_profile['ICQ'] ?><br /><input id="icq" type="text" name="form[icq]" value="<?php echo $user['icq'] ?>" size="12" maxlength="12" /><br /></label> 1268 <label><?php echo $lang_profile['MSN'] ?><br /><input id="msn" type="text" name="form[msn]" value="<?php echo pun_htmlspecialchars($user['msn']) ?>" size="40" maxlength="50" /><br /></label> 1269 <label><?php echo $lang_profile['AOL IM'] ?><br /><input id="aim" type="text" name="form[aim]" value="<?php echo pun_htmlspecialchars($user['aim']) ?>" size="20" maxlength="30" /><br /></label> 1270 <label><?php echo $lang_profile['Yahoo'] ?><br /><input id="yahoo" type="text" name="form[yahoo]" value="<?php echo pun_htmlspecialchars($user['yahoo']) ?>" size="20" maxlength="30" /><br /></label> 1271 </div> 1272 </fieldset> 1273 </div> 1274 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p> 1275 </form> 1276 </div> 1277 </div> 1278 <?php 1279 1280 } 1281 else if ($section == 'personality') 1282 { 1283 $avatar_field = '<a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Change avatar'].'</a>'; 1284 if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.gif')) 1285 $avatar_format = 'gif'; 1286 else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.jpg')) 1287 $avatar_format = 'jpg'; 1288 else if ($img_size = @getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.png')) 1289 $avatar_format = 'png'; 1290 else 1291 $avatar_field = '<a href="profile.php?action=upload_avatar&id='.$id.'">'.$lang_profile['Upload avatar'].'</a>'; 1292 1293 // Display the delete avatar link? 1294 if ($img_size) 1295 $avatar_field .= ' <a href="profile.php?action=delete_avatar&id='.$id.'">'.$lang_profile['Delete avatar'].'</a>'; 1296 1297 if ($user['signature'] != '') 1298 $signature_preview = '<p>'.$lang_profile['Sig preview'].'</p>'."\n\t\t\t\t\t".'<div class="postsignature">'."\n\t\t\t\t\t\t".'<hr />'."\n\t\t\t\t\t\t".$parsed_signature."\n\t\t\t\t\t".'</div>'."\n"; 1299 else 1300 $signature_preview = '<p>'.$lang_profile['No sig'].'</p>'."\n"; 1301 1302 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1303 require PUN_ROOT.'header.php'; 1304 1305 generate_profile_menu('personality'); 1306 1307 1308 ?> 1309 <div class="blockform"> 1310 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section personality'] ?></span></h2> 1311 <div class="box"> 1312 <form id="profile4" method="post" action="profile.php?section=personality&id=<?php echo $id ?>"> 1313 <div><input type="hidden" name="form_sent" value="1" /></div> 1314 <?php if ($pun_config['o_avatars'] == '1'): ?> <div class="inform"> 1315 <fieldset id="profileavatar"> 1316 <legend><?php echo $lang_profile['Avatar legend'] ?></legend> 1317 <div class="infldset"> 1318 <?php if (isset($avatar_format)): ?> <img src="<?php echo $pun_config['o_avatars_dir'].'/'.$id.'.'.$avatar_format ?>" <?php echo $img_size[3] ?> alt="" /> 1319 <?php endif; ?> <p><?php echo $lang_profile['Avatar info'] ?></p> 1320 <div class="rbox"> 1321 <label><input type="checkbox" name="form[use_avatar]" value="1"<?php if ($user['use_avatar'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Use avatar'] ?><br /></label> 1322 </div> 1323 <p class="clearb"><?php echo $avatar_field ?></p> 1324 </div> 1325 </fieldset> 1326 </div> 1327 <?php endif; ?> <div class="inform"> 1328 <fieldset> 1329 <legend><?php echo $lang_profile['Signature legend'] ?></legend> 1330 <div class="infldset"> 1331 <p><?php echo $lang_profile['Signature info'] ?></p> 1332 <div class="txtarea"> 1333 <label><?php echo $lang_profile['Sig max length'] ?>: <?php echo $pun_config['p_sig_length'] ?> / <?php echo $lang_profile['Sig max lines'] ?>: <?php echo $pun_config['p_sig_lines'] ?><br /> 1334 <textarea name="signature" rows="4" cols="65"><?php echo pun_htmlspecialchars($user['signature']) ?></textarea><br /></label> 1335 </div> 1336 <ul class="bblinks"> 1337 <li><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_sig_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li> 1338 <li><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_sig_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li> 1339 <li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies_sig'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li> 1340 </ul> 1341 <?php echo $signature_preview ?> 1342 </div> 1343 </fieldset> 1344 </div> 1345 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p> 1346 </form> 1347 </div> 1348 </div> 1349 <?php 1350 1351 } 1352 else if ($section == 'display') 1353 { 1354 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1355 require PUN_ROOT.'header.php'; 1356 1357 generate_profile_menu('display'); 1358 1359 ?> 1360 <div class="blockform"> 1361 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section display'] ?></span></h2> 1362 <div class="box"> 1363 <form id="profile5" method="post" action="profile.php?section=display&id=<?php echo $id ?>"> 1364 <div><input type="hidden" name="form_sent" value="1" /></div> 1365 <?php 1366 1367 $styles = array(); 1368 $d = dir(PUN_ROOT.'style'); 1369 while (($entry = $d->read()) !== false) 1370 { 1371 if (substr($entry, strlen($entry)-4) == '.css') 1372 $styles[] = substr($entry, 0, strlen($entry)-4); 1373 } 1374 $d->close(); 1375 1376 // Only display the style selection box if there's more than one style available 1377 if (count($styles) == 1) 1378 echo "\t\t\t".'<div><input type="hidden" name="form[style]" value="'.$styles[0].'" /></div>'."\n"; 1379 else if (count($styles) > 1) 1380 { 1381 natsort($styles); 1382 1383 ?> 1384 <div class="inform"> 1385 <fieldset> 1386 <legend><?php echo $lang_profile['Style legend'] ?></legend> 1387 <div class="infldset"> 1388 <label><?php echo $lang_profile['Style info'] ?><br /> 1389 1390 <select name="form[style]"> 1391 <?php 1392 1393 while (list(, $temp) = @each($styles)) 1394 { 1395 if ($user['style'] == $temp) 1396 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.str_replace('_', ' ', $temp).'</option>'."\n"; 1397 else 1398 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.str_replace('_', ' ', $temp).'</option>'."\n"; 1399 } 1400 1401 ?> 1402 </select> 1403 <br /></label> 1404 </div> 1405 </fieldset> 1406 </div> 1407 <?php 1408 1409 } 1410 1411 ?> 1412 <div class="inform"> 1413 <fieldset> 1414 <legend><?php echo $lang_profile['Post display legend'] ?></legend> 1415 <div class="infldset"> 1416 <p><?php echo $lang_profile['Post display info'] ?></p> 1417 <div class="rbox"> 1418 <label><input type="checkbox" name="form[show_smilies]" value="1"<?php if ($user['show_smilies'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show smilies'] ?><br /></label> 1419 <label><input type="checkbox" name="form[show_sig]" value="1"<?php if ($user['show_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show sigs'] ?><br /></label> 1420 <?php if ($pun_config['o_avatars'] == '1'): ?> <label><input type="checkbox" name="form[show_avatars]" value="1"<?php if ($user['show_avatars'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show avatars'] ?><br /></label> 1421 <?php endif; ?> <label><input type="checkbox" name="form[show_img]" value="1"<?php if ($user['show_img'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images'] ?><br /></label> 1422 <label><input type="checkbox" name="form[show_img_sig]" value="1"<?php if ($user['show_img_sig'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Show images sigs'] ?><br /></label> 1423 </div> 1424 </div> 1425 </fieldset> 1426 </div> 1427 <div class="inform"> 1428 <fieldset> 1429 <legend><?php echo $lang_profile['Pagination legend'] ?></legend> 1430 <div class="infldset"> 1431 <label class="conl"><?php echo $lang_profile['Topics per page'] ?><br /><input type="text" name="form[disp_topics]" value="<?php echo $user['disp_topics'] ?>" size="6" maxlength="3" /><br /></label> 1432 <label class="conl"><?php echo $lang_profile['Posts per page'] ?><br /><input type="text" name="form[disp_posts]" value="<?php echo $user['disp_posts'] ?>" size="6" maxlength="3" /><br /></label> 1433 <p class="clearb"><?php echo $lang_profile['Paginate info'] ?> <?php echo $lang_profile['Leave blank'] ?></p> 1434 </div> 1435 </fieldset> 1436 </div> 1437 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /> <?php echo $lang_profile['Instructions'] ?></p> 1438 </form> 1439 </div> 1440 </div> 1441 <?php 1442 1443 } 1444 else if ($section == 'privacy') 1445 { 1446 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1447 require PUN_ROOT.'header.php'; 1448 1449 generate_profile_menu('privacy'); 1450 1451 ?> 1452 <div class="blockform"> 1453 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section privacy'] ?></span></h2> 1454 <div class="box"> 1455 <form id="profile6" method="post" action="profile.php?section=privacy&id=<?php echo $id ?>"> 1456 <div class="inform"> 1457 <fieldset> 1458 <legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend> 1459 <div class="infldset"> 1460 <input type="hidden" name="form_sent" value="1" /> 1461 <p><?php echo $lang_prof_reg['E-mail setting info'] ?></p> 1462 <div class="rbox"> 1463 <label><input type="radio" name="form[email_setting]" value="0"<?php if ($user['email_setting'] == '0') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 1'] ?><br /></label> 1464 <label><input type="radio" name="form[email_setting]" value="1"<?php if ($user['email_setting'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 2'] ?><br /></label> 1465 <label><input type="radio" name="form[email_setting]" value="2"<?php if ($user['email_setting'] == '2') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['E-mail setting 3'] ?><br /></label> 1466 </div> 1467 <p><?php echo $lang_prof_reg['Save user/pass info'] ?></p> 1468 <div class="rbox"> 1469 <label><input type="checkbox" name="form[save_pass]" value="1"<?php if ($user['save_pass'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_prof_reg['Save user/pass'] ?><br /></label> 1470 </div> 1471 <p><?php echo $lang_profile['Notify full info'] ?></p> 1472 <div class="rbox"> 1473 <label><input type="checkbox" name="form[notify_with_post]" value="1"<?php if ($user['notify_with_post'] == '1') echo ' checked="checked"' ?> /><?php echo $lang_profile['Notify full'] ?><br /></label> 1474 </div> 1475 </div> 1476 </fieldset> 1477 </div> 1478 <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><?php echo $lang_profile['Instructions'] ?></p> 1479 </form> 1480 </div> 1481 </div> 1482 <?php 1483 1484 } 1485 else if ($section == 'admin') 1486 { 1487 if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0')) 1488 message($lang_common['Bad request']); 1489 1490 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; 1491 require PUN_ROOT.'header.php'; 1492 1493 generate_profile_menu('admin'); 1494 1495 ?> 1496 <div class="blockform"> 1497 <h2><span><?php echo pun_htmlspecialchars($user['username']).' - '.$lang_profile['Section admin'] ?></span></h2> 1498 <div class="box"> 1499 <form id="profile7" method="post" action="profile.php?section=admin&id=<?php echo $id ?>&action=foo"> 1500 <div class="inform"> 1501 <input type="hidden" name="form_sent" value="1" /> 1502 <fieldset> 1503 <?php 1504 1505 if ($pun_user['g_id'] == PUN_MOD) 1506 { 1507 1508 ?> 1509 <legend><?php echo $lang_profile['Delete ban legend'] ?></legend> 1510 <div class="infldset"> 1511 <p><input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /></p> 1512 </div> 1513 </fieldset> 1514 </div> 1515 <?php 1516 1517 } 1518 else 1519 { 1520 if ($pun_user['id'] != $id) 1521 { 1522 1523 ?> 1524 <legend><?php echo $lang_profile['Group membership legend'] ?></legend> 1525 <div class="infldset"> 1526 <select id="group_id" name="group_id"> 1527 <?php 1528 1529 $result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups WHERE g_id!='.PUN_GUEST.' ORDER BY g_title') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); 1530 1531 while ($cur_group = $db->fetch_assoc($result)) 1532 { 1533 if ($cur_group['g_id'] == $user['g_id'] || ($cur_group['g_id'] == $pun_config['o_default_user_group'] && $user['g_id'] == '')) 1534 echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n"; 1535 else 1536 echo "\t\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.pun_htmlspecialchars($cur_group['g_title']).'</option>'."\n"; 1537 } 1538 1539 ?> 1540 </select> 1541 <input type="submit" name="update_group_membership" value="<?php echo $lang_profile['Save'] ?>" /> 1542 </div> 1543 </fieldset> 1544 </div> 1545 <div class="inform"> 1546 <fieldset> 1547 <?php 1548 1549 } 1550 1551 ?> 1552 <legend><?php echo $lang_profile['Delete ban legend'] ?></legend> 1553 <div class="infldset"> 1554 <input type="submit" name="delete_user" value="<?php echo $lang_profile['Delete user'] ?>" /> <input type="submit" name="ban" value="<?php echo $lang_profile['Ban user'] ?>" /> 1555 </div> 1556 </fieldset> 1557 </div> 1558 <?php 1559 1560 if ($user['g_id'] == PUN_MOD || $user['g_id'] == PUN_ADMIN) 1561 { 1562 1563 ?> 1564 <div class="inform"> 1565 <fieldset> 1566 <legend><?php echo $lang_profile['Set mods legend'] ?></legend> 1567 <div class="infldset"> 1568 <p><?php echo $lang_profile['Moderator in info'] ?></p> 1569 <?php 1570 1571 $result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.moderators FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id WHERE f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); 1572 1573 $cur_category = 0; 1574 while ($cur_forum = $db->fetch_assoc($result)) 1575 { 1576 if ($cur_forum['cid'] != $cur_category) // A new category since last iteration? 1577 { 1578 if ($cur_category) 1579 echo "\n\t\t\t\t\t\t\t\t".'</div>'; 1580 1581 if ($cur_category != 0) 1582 echo "\n\t\t\t\t\t\t\t".'</div>'."\n"; 1583 1584 echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.$cur_forum['cat_name'].'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">'; 1585 $cur_category = $cur_forum['cid']; 1586 } 1587 1588 $moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array(); 1589 1590 echo "\n\t\t\t\t\t\t\t\t\t".'<label><input type="checkbox" name="moderator_in['.$cur_forum['fid'].']" value="1"'.((in_array($id, $moderators)) ? ' checked="checked"' : '').' />'.pun_htmlspecialchars($cur_forum['forum_name']).'<br /></label>'."\n"; 1591 } 1592 1593 ?> 1594 </div> 1595 </div> 1596 <br class="clearb" /><input type="submit" name="update_forums" value="<?php echo $lang_profile['Update forums'] ?>" /> 1597 </div> 1598 </fieldset> 1599 </div> 1600 <?php 1601 1602 } 1603 } 1604 1605 ?> 1606 </form> 1607 </div> 1608 </div> 1609 <?php 1610 1611 } 1612 1613 ?> 1614 <div class="clearer"></div> 1615 </div> 1616 <?php 1617 1618 require PUN_ROOT.'footer.php'; 1619 }
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sat Nov 24 22:44:38 2007 | par Balluche grâce à PHPXref 0.7 |
|
|