?
GR0V Shell
GR0V shell
Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64
<?php
/**********************************************************************************
* ManageMembers.php *
***********************************************************************************
* SMF: Simple Machines Forum *
* Open-Source Project Inspired by Zef Hemel (zef@zefhemel.com) *
* =============================================================================== *
* Software Version: SMF 2.0 RC1 *
* Software by: Simple Machines (http://www.simplemachines.org) *
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
* 2001-2006 by: Lewis Media (http://www.lewismedia.com) *
* Support, News, Updates at: http://www.simplemachines.org *
***********************************************************************************
* This program is free software; you may redistribute it and/or modify it under *
* the terms of the provided license as published by Simple Machines LLC. *
* *
* This program is distributed in the hope that it is and will be useful, but *
* WITHOUT ANY WARRANTIES; without even any implied warranty of MERCHANTABILITY *
* or FITNESS FOR A PARTICULAR PURPOSE. *
* *
* See the "license.txt" file for details of the Simple Machines license. *
* The latest version can always be found at http://www.simplemachines.org. *
**********************************************************************************/
if (!defined('SMF'))
die('Hacking attempt...');
/* // Show a list of members or a selection of members.
void ViewMembers()
- the main entrance point for the Manage Members screen.
- called by ?action=admin;area=viewmembers.
- requires the moderate_forum permission.
- loads the ManageMembers template and ManageMembers language file.
- calls a function based on the given sub-action.
void ViewMemberlist()
- shows a list of members.
- called by ?action=admin;area=viewmembers;sa=all or ?action=admin;area=viewmembers;sa=query.
- requires the moderate_forum permission.
- uses the view_members sub template of the ManageMembers template.
- allows sorting on several columns.
- handles deletion of selected members.
- handles the search query sent by ?action=admin;area=viewmembers;sa=search.
void SearchMembers()
- search the member list, using one or more criteria.
- called by ?action=admin;area=viewmembers;sa=search.
- requires the moderate_forum permission.
- uses the search_members sub template of the ManageMembers template.
- form is submitted to action=admin;area=viewmembers;sa=query.
void MembersAwaitingActivation()
- show a list of members awaiting approval or activation.
- called by ?action=admin;area=viewmembers;sa=browse;type=approve or
?action=admin;area=viewmembers;sa=browse;type=activate.
- requires the moderate_forum permission.
- uses the admin_browse sub template of the ManageMembers template.
- allows instant approval or activation of (a selection of) members.
- list can be sorted on different columns.
- form submits to ?action=admin;area=viewmembers;sa=approve.
void AdminApprove()
- handles the approval, rejection, activation or deletion of members.
- called by ?action=admin;area=viewmembers;sa=approve.
- requires the moderate_forum permission.
- redirects to ?action=admin;area=viewmembers;sa=browse with the same parameters
as the calling page.
int jeffsdatediff(int old)
- nifty function to calculate the number of days ago a given date was.
- requires a unix timestamp as input, returns an integer.
- in honour of Jeff Lewis, the original creator of...this function.
- the returned number of days is based on the forum time.
*/
function ViewMembers()
{
global $txt, $scripturl, $context, $modSettings, $smcFunc;
$subActions = array(
'all' => array('ViewMemberlist', 'moderate_forum'),
'approve' => array('AdminApprove', 'moderate_forum'),
'browse' => array('MembersAwaitingActivation', 'moderate_forum'),
'search' => array('SearchMembers', 'moderate_forum'),
'query' => array('ViewMemberlist', 'moderate_forum'),
);
// Default to sub action 'index' or 'settings' depending on permissions.
$_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'all';
// We know the sub action, now we know what you're allowed to do.
isAllowedTo($subActions[$_REQUEST['sa']][1]);
// Load the essentials.
loadLanguage('ManageMembers');
loadTemplate('ManageMembers');
// Get counts on every type of activation - for sections and filtering alike.
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) AS total_members, is_activated
FROM {db_prefix}members
WHERE is_activated != {int:is_activated}
GROUP BY is_activated',
array(
'is_activated' => 1,
)
);
$context['activation_numbers'] = array();
$context['awaiting_activation'] = 0;
$context['awaiting_approval'] = 0;
while ($row = $smcFunc['db_fetch_assoc']($request))
$context['activation_numbers'][$row['is_activated']] = $row['total_members'];
$smcFunc['db_free_result']($request);
foreach ($context['activation_numbers'] as $activation_type => $total_members)
{
if (in_array($activation_type, array(0, 2)))
$context['awaiting_activation'] += $total_members;
elseif (in_array($activation_type, array(3, 4, 5)))
$context['awaiting_approval'] += $total_members;
}
// For the page header... do we show activation?
$context['show_activate'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) || !empty($context['awaiting_activation']);
// What about approval?
$context['show_approve'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($context['awaiting_approval']);
// Setup the admin tabs.
$context[$context['admin_menu_name']]['tab_data'] = array(
'title' => $txt['admin_members'],
'help' => 'view_members',
'description' => $txt['admin_members_list'],
'tabs' => array(),
);
$context['tabs'] = array(
'viewmembers' => array(
'label' => $txt['view_all_members'],
'description' => $txt['admin_members_list'],
'url' => $scripturl . '?action=admin;area=viewmembers;sa=all',
'is_selected' => $_REQUEST['sa'] == 'all',
),
'search' => array(
'label' => $txt['mlist_search'],
'description' => $txt['admin_members_list'],
'url' => $scripturl . '?action=admin;area=viewmembers;sa=search',
'is_selected' => $_REQUEST['sa'] == 'search' || $_REQUEST['sa'] == 'query',
),
'approve' => array(
'label' => sprintf($txt['admin_browse_awaiting_approval'], $context['awaiting_approval']),
'description' => $txt['admin_browse_approve_desc'],
'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve',
'is_selected' => false,
),
'activate' => array(
'label' => sprintf($txt['admin_browse_awaiting_activate'], $context['awaiting_activation']),
'description' => $txt['admin_browse_activate_desc'],
'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=activate',
'is_selected' => false,
'is_last' => true,
),
);
// Sort out the tabs for the ones which may not exist!
if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
{
$context['tabs']['approve']['is_last'] = true;
unset($context['tabs']['activate']);
}
if (!$context['show_approve'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'approve'))
{
if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
$context['tabs']['search']['is_last'] = true;
unset($context['tabs']['approve']);
}
$subActions[$_REQUEST['sa']][0]();
}
// View all members.
function ViewMemberlist()
{
global $txt, $scripturl, $context, $modSettings, $sourcedir, $smcFunc, $user_info;
// Set the current sub action.
$context['sub_action'] = $_REQUEST['sa'];
// Are we performing a delete?
if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
{
checkSession();
// Clean the input.
foreach ($_POST['delete'] as $key => $value)
{
$_POST['delete'][$key] = (int) $value;
// Don't delete yourself, idiot.
if ($value == $user_info['id'])
unset($_POST['delete'][$key]);
}
if (!empty($_POST['delete']))
{
// Delete all the selected members.
require_once($sourcedir . '/Subs-Members.php');
deleteMembers($_POST['delete'], true);
}
}
// Check input after a member search has been submitted.
if ($context['sub_action'] == 'query' && empty($_REQUEST['params']))
{
// Retrieving the membergroups and postgroups.
$context['membergroups'] = array(
array(
'id' => 0,
'name' => $txt['membergroups_members'],
'can_be_additional' => false
)
);
$context['postgroups'] = array();
$request = $smcFunc['db_query']('', '
SELECT id_group, group_name, min_posts
FROM {db_prefix}membergroups
WHERE id_group != {int:moderator_group}
ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
array(
'moderator_group' => 3,
'newbie_group' => 4,
)
);
while ($row = $smcFunc['db_fetch_assoc']($request))
{
if ($row['min_posts'] == -1)
$context['membergroups'][] = array(
'id' => $row['id_group'],
'name' => $row['group_name'],
'can_be_additional' => true
);
else
$context['postgroups'][] = array(
'id' => $row['id_group'],
'name' => $row['group_name']
);
}
$smcFunc['db_free_result']($request);
// Some data about the form fields and how they are linked to the database.
$params = array(
'mem_id' => array(
'db_fields' => array('id_member'),
'type' => 'int',
'range' => true
),
'age' => array(
'db_fields' => array('birthdate'),
'type' => 'age',
'range' => true
),
'posts' => array(
'db_fields' => array('posts'),
'type' => 'int',
'range' => true
),
'reg_date' => array(
'db_fields' => array('date_registered'),
'type' => 'date',
'range' => true
),
'last_online' => array(
'db_fields' => array('last_login'),
'type' => 'date',
'range' => true
),
'gender' => array(
'db_fields' => array('gender'),
'type' => 'checkbox',
'values' => array('0', '1', '2'),
),
'activated' => array(
'db_fields' => array('CASE WHEN is_activated IN (1, 11) THEN 1 ELSE 0 END'),
'type' => 'checkbox',
'values' => array('0', '1'),
),
'membername' => array(
'db_fields' => array('member_name', 'real_name'),
'type' => 'string'
),
'email' => array(
'db_fields' => array('email_address'),
'type' => 'string'
),
'website' => array(
'db_fields' => array('website_title', 'website_url'),
'type' => 'string'
),
'location' => array(
'db_fields' => array('location'),
'type' => 'string'
),
'ip' => array(
'db_fields' => array('member_ip'),
'type' => 'string'
),
'messenger' => array(
'db_fields' => array('icq', 'aim', 'yim', 'msn'),
'type' => 'string'
)
);
$range_trans = array(
'--' => '<',
'-' => '<=',
'=' => '=',
'+' => '>=',
'++' => '>'
);
// !!! Validate a little more.
// Loop through every field of the form.
$query_parts = array();
$where_params = array();
foreach ($params as $param_name => $param_info)
{
// Not filled in?
if (!isset($_POST[$param_name]) || $_POST[$param_name] == '')
continue;
// Make sure numeric values are really numeric.
if (in_array($param_info['type'], array('int', 'age')))
$_POST[$param_name] = (int) $_POST[$param_name];
// Date values have to match the specified format.
elseif ($param_info['type'] == 'date')
{
// Check if this date format is valid.
if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $_POST[$param_name]) == 0)
continue;
$_POST[$param_name] = strtotime($_POST[$param_name]);
}
// Those values that are in some kind of range (<, <=, =, >=, >).
if (!empty($param_info['range']))
{
// Default to '=', just in case...
if (empty($range_trans[$_POST['types'][$param_name]]))
$_POST['types'][$param_name] = '=';
// Handle special case 'age'.
if ($param_info['type'] == 'age')
{
// All people that were born between $lowerlimit and $upperlimit are currently the specified age.
$datearray = getdate(forum_time());
$upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name], $datearray['mon'], $datearray['mday']);
$lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name] - 1, $datearray['mon'], $datearray['mday']);
if (in_array($_POST['types'][$param_name], array('-', '--', '=')))
{
$query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
$where_params[$param_name . '_minlimit'] = ($_POST['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
}
if (in_array($_POST['types'][$param_name], array('+', '++', '=')))
{
$query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
$where_params[$param_name . '_pluslimit'] = ($_POST['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
// Make sure that members that didn't set their birth year are not queried.
$query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
$where_params['dec_zero_date'] = '0004-12-31';
}
}
// Special case - equals a date.
elseif ($param_info['type'] == 'date' && $_POST['types'][$param_name] == '=')
{
$query_parts[] = $param_info['db_fields'][0] . ' > ' . $_POST[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($_POST[$param_name] + 86400);
}
else
$query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$_POST['types'][$param_name]] . ' ' . $_POST[$param_name];
}
// Checkboxes.
elseif ($param_info['type'] == 'checkbox')
{
// Each checkbox or no checkbox at all is checked -> ignore.
if (!is_array($_POST[$param_name]) || count($_POST[$param_name]) == 0 || count($_POST[$param_name]) == count($param_info['values']))
continue;
$query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
$where_params[$param_name . '_check'] = $_POST[$param_name];
}
else
{
// Replace the wildcard characters ('*' and '?') into MySQL ones.
$_POST[$param_name] = strtolower(strtr($_POST[$param_name], array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
$query_parts[] = '(' . implode( ' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
$where_params[$param_name . '_normal'] = '%' . $_POST[$param_name] . '%';
}
}
// Set up the membergroup query part.
$mg_query_parts = array();
// Primary membergroups, but only if at least was was not selected.
if (!empty($_POST['membergroups'][1]) && count($context['membergroups']) != count($_POST['membergroups'][1]))
{
$mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
$where_params['group_check'] = $_POST['membergroups'][1];
}
// Additional membergroups (these are only relevant if not all primary groups where selected!).
if (!empty($_POST['membergroups'][2]) && (empty($_POST['membergroups'][1]) || count($context['membergroups']) != count($_POST['membergroups'][1])))
foreach ($_POST['membergroups'][2] as $mg)
{
$mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups)';
$where_params['add_group_' . $mg] = $mg;
}
// Combine the one or two membergroup parts into one query part linked with an OR.
if (!empty($mg_query_parts))
$query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
// Get all selected post count related membergroups.
if (!empty($_POST['postgroups']) && count($_POST['postgroups']) != count($context['postgroups']))
{
$query_parts[] = 'id_post_group IN ({array_int:post_groups})';
$where_params['post_groups'] = $_POST['postgroups'];
}
// Construct the where part of the query.
$where = empty($query_parts) ? '1' : implode('
AND ', $query_parts);
}
// If the query information was already packed in the URL, decode it.
// !!! Change this.
elseif ($context['sub_action'] == 'query')
{
list ($where, $where_params) = unserialize(base64_decode(strtr($_REQUEST['params'], array(' ' => '+'))));
}
// Construct the additional URL part with the query info in it.
$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . base64_encode(serialize(array($where, $where_params))) : '';
// Get the title and sub template ready..
$context['page_title'] = $txt['admin_members'];
$listOptions = array(
'id' => 'member_list',
'items_per_page' => $modSettings['defaultMaxMembers'],
'base_href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
'default_sort_col' => 'user_name',
'get_items' => array(
'file' => $sourcedir . '/Subs-Members.php',
'function' => 'list_getMembers',
'params' => array(
isset($where) ? $where : '1=1',
isset($where_params) ? $where_params : array(),
),
),
'get_count' => array(
'file' => $sourcedir . '/Subs-Members.php',
'function' => 'list_getNumMembers',
'params' => array(
isset($where) ? $where : '1=1',
isset($where_params) ? $where_params : array(),
),
),
'columns' => array(
'id_member' => array(
'header' => array(
'value' => $txt['member_id'],
),
'data' => array(
'db' => 'id_member',
'class' => 'windowbg',
'style' => 'text-align: center;',
),
'sort' => array(
'default' => 'id_member',
'reverse' => 'id_member DESC',
),
),
'user_name' => array(
'header' => array(
'value' => $txt['username'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
'params' => array(
'id_member' => false,
'member_name' => false,
),
),
),
'sort' => array(
'default' => 'member_name',
'reverse' => 'member_name DESC',
),
),
'display_name' => array(
'header' => array(
'value' => $txt['display_name'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
'params' => array(
'id_member' => false,
'real_name' => false,
),
),
),
'sort' => array(
'default' => 'real_name',
'reverse' => 'real_name DESC',
),
),
'email' => array(
'header' => array(
'value' => $txt['email_address'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="mailto:%1$s">%1$s</a>',
'params' => array(
'email_address' => true,
),
),
'class' => 'windowbg',
),
'sort' => array(
'default' => 'email_address',
'reverse' => 'email_address DESC',
),
),
'ip' => array(
'header' => array(
'value' => $txt['ip_address'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
'params' => array(
'member_ip' => false,
),
),
),
'sort' => array(
'default' => 'INET_ATON(member_ip)',
'reverse' => 'INET_ATON(member_ip) DESC',
),
),
'last_active' => array(
'header' => array(
'value' => $txt['viewmembers_online'],
),
'data' => array(
'function' => create_function('$rowData', '
global $txt;
// Calculate number of days since last online.
if (empty($rowData[\'last_login\']))
$difference = $txt[\'never\'];
else
{
$num_days_difference = jeffsdatediff($rowData[\'last_login\']);
// Today.
if (empty($num_days_difference))
$difference = $txt[\'viewmembers_today\'];
// Yesterday.
elseif ($num_days_difference == 1)
$difference = sprintf(\'1 %1$s\', $txt[\'viewmembers_day_ago\']);
// X days ago.
else
$difference = sprintf(\'%1$d %2$s\', $num_days_difference, $txt[\'viewmembers_days_ago\']);
}
// Show it in italics if they\'re not activated...
if ($rowData[\'is_activated\'] % 10 != 1)
$difference = sprintf(\'<i title="%1$s">%2$s</i>\', $txt[\'not_activated\'], $difference);
return $difference;
'),
),
'sort' => array(
'default' => 'last_login DESC',
'reverse' => 'last_login',
),
),
'posts' => array(
'header' => array(
'value' => $txt['member_postcount'],
),
'data' => array(
'db' => 'posts',
),
'sort' => array(
'default' => 'posts',
'reverse' => 'posts DESC',
),
),
'check' => array(
'header' => array(
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="check" />',
),
'data' => array(
'function' => create_function('$rowData', '
global $user_info;
return \'<input type="checkbox" name="delete[]" value="\' . $rowData[\'id_member\'] . \'" class="check" \' . ($rowData[\'id_member\'] == $user_info[\'id\'] || $rowData[\'id_group\'] == 1 || in_array(1, explode(\',\', $rowData[\'additional_groups\'])) ? \'disabled="disabled"\' : \'\') . \' />\';
'),
'class' => 'windowbg',
'style' => 'text-align: center',
),
),
),
'form' => array(
'href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
'include_start' => true,
'include_sort' => true,
),
'additional_rows' => array(
array(
'position' => 'below_table_data',
'value' => '<input type="submit" name="delete_members" value="' . $txt['admin_delete_members'] . '" onclick="return confirm(\'' . $txt['confirm_delete_members'] . '\');" />',
'class' => 'titlebg',
'style' => 'text-align: right;',
),
),
);
// Without not enough permissions, don't show 'delete members' checkboxes.
if (!allowedTo('profile_remove_any'))
unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
require_once($sourcedir . '/Subs-List.php');
createList($listOptions);
$context['sub_template'] = 'show_list';
$context['default_list'] = 'member_list';
}
// Search the member list, using one or more criteria.
function SearchMembers()
{
global $context, $txt, $smcFunc;
// Get a list of all the membergroups and postgroups that can be selected.
$context['membergroups'] = array(
array(
'id' => 0,
'name' => $txt['membergroups_members'],
'can_be_additional' => false
)
);
$context['postgroups'] = array();
$request = $smcFunc['db_query']('', '
SELECT id_group, group_name, min_posts
FROM {db_prefix}membergroups
WHERE id_group != {int:moderator_group}
ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
array(
'moderator_group' => 3,
'newbie_group' => 4,
)
);
while ($row = $smcFunc['db_fetch_assoc']($request))
{
if ($row['min_posts'] == -1)
$context['membergroups'][] = array(
'id' => $row['id_group'],
'name' => $row['group_name'],
'can_be_additional' => true
);
else
$context['postgroups'][] = array(
'id' => $row['id_group'],
'name' => $row['group_name']
);
}
$smcFunc['db_free_result']($request);
$context['page_title'] = $txt['admin_members'];
$context['sub_template'] = 'search_members';
}
// List all members who are awaiting approval / activation
function MembersAwaitingActivation()
{
global $txt, $context, $scripturl, $modSettings, $smcFunc;
global $sourcedir;
// Not a lot here!
$context['page_title'] = $txt['admin_members'];
$context['sub_template'] = 'admin_browse';
$context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
if (isset($context['tabs'][$context['browse_type']]))
$context['tabs'][$context['browse_type']]['is_selected'] = true;
// Allowed filters are those we can have, in theory.
$context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
$context['current_filter'] = isset($_REQUEST['filter']) && in_array($_REQUEST['filter'], $context['allowed_filters']) && !empty($context['activation_numbers'][$_REQUEST['filter']]) ? (int) $_REQUEST['filter'] : -1;
// Sort out the different sub areas that we can actually filter by.
$context['available_filters'] = array();
foreach ($context['activation_numbers'] as $type => $amount)
{
// We have some of these...
if (in_array($type, $context['allowed_filters']) && $amount > 0)
$context['available_filters'][] = array(
'type' => $type,
'amount' => $amount,
'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
'selected' => $type == $context['current_filter']
);
}
// If the filter was not sent, set it to whatever has people in it!
if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
$context['current_filter'] = $context['available_filters'][0]['type'];
// This little variable is used to determine if we should flag where we are looking.
$context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;
// The columns that can be sorted.
$context['columns'] = array(
'id_member' => array('label' => $txt['admin_browse_id']),
'member_name' => array('label' => $txt['admin_browse_username']),
'email_address' => array('label' => $txt['admin_browse_email']),
'member_ip' => array('label' => $txt['admin_browse_ip']),
'date_registered' => array('label' => $txt['admin_browse_registered']),
);
// Are we showing duplicate information?
if (isset($_GET['showdupes']))
$_SESSION['showdupes'] = (int) $_GET['showdupes'];
$context['show_duplicates'] = !empty($_SESSION['showdupes']);
// Determine which actions we should allow on this page.
if ($context['browse_type'] == 'approve')
{
// If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
if ($context['current_filter'] == 4)
$context['allowed_actions'] = array(
'reject' => $txt['admin_browse_w_approve_deletion'],
'ok' => $txt['admin_browse_w_reject'],
);
else
$context['allowed_actions'] = array(
'ok' => $txt['admin_browse_w_approve'],
'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
'require_activation' => $txt['admin_browse_w_approve_require_activate'],
'reject' => $txt['admin_browse_w_reject'],
'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
);
}
elseif ($context['browse_type'] == 'activate')
$context['allowed_actions'] = array(
'ok' => $txt['admin_browse_w_activate'],
'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
'delete' => $txt['admin_browse_w_delete'],
'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
);
// Create an option list for actions allowed to be done with selected members.
$allowed_actions = '
<option selected="selected" value="">' . $txt['admin_browse_with_selected'] . ':</option>
<option value="" disabled="disabled">-----------------------------</option>';
foreach ($context['allowed_actions'] as $key => $desc)
$allowed_actions .= '
<option value="' . $key . '">' . $desc . '</option>';
// Setup the Javascript function for selecting an action for the list.
$javascript = '
function onSelectChange()
{
if (document.forms.postForm.todo.value == "")
return;
var message = "";';
// We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
if ($context['current_filter'] == 4)
$javascript .= '
if (document.forms.postForm.todo.value.indexOf("reject") != -1)
message = "' . $txt['admin_browse_w_delete'] . '";
else
message = "' . $txt['admin_browse_w_reject'] . '";';
// Otherwise a nice standard message.
else
$javascript .= '
if (document.forms.postForm.todo.value.indexOf("delete") != -1)
message = "' . $txt['admin_browse_w_delete'] . '";
else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
message = "' . $txt['admin_browse_w_reject'] . '";
else if (document.forms.postForm.todo.value == "remind")
message = "' . $txt['admin_browse_w_remind'] . '";
else
message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
$javascript .= '
if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
document.forms.postForm.submit();
}';
$listOptions = array(
'id' => 'approve_list',
'items_per_page' => $modSettings['defaultMaxMembers'],
'base_href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : ''),
'default_sort_col' => 'date_registered',
'get_items' => array(
'file' => $sourcedir . '/Subs-Members.php',
'function' => 'list_getMembers',
'params' => array(
'is_activated = {int:activated_status}',
array('activated_status' => $context['current_filter']),
$context['show_duplicates'],
),
),
'get_count' => array(
'file' => $sourcedir . '/Subs-Members.php',
'function' => 'list_getNumMembers',
'params' => array(
'is_activated = {int:activated_status}',
array('activated_status' => $context['current_filter']),
),
),
'columns' => array(
'id_member' => array(
'header' => array(
'value' => $txt['member_id'],
),
'data' => array(
'db' => 'id_member',
'class' => 'windowbg',
'style' => 'text-align: center;',
),
'sort' => array(
'default' => 'id_member',
'reverse' => 'id_member DESC',
),
),
'user_name' => array(
'header' => array(
'value' => $txt['username'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
'params' => array(
'id_member' => false,
'member_name' => false,
),
),
),
'sort' => array(
'default' => 'member_name',
'reverse' => 'member_name DESC',
),
),
'email' => array(
'header' => array(
'value' => $txt['email_address'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="mailto:%1$s">%1$s</a>',
'params' => array(
'email_address' => true,
),
),
'class' => 'windowbg',
),
'sort' => array(
'default' => 'email_address',
'reverse' => 'email_address DESC',
),
),
'ip' => array(
'header' => array(
'value' => $txt['ip_address'],
),
'data' => array(
'sprintf' => array(
'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
'params' => array(
'member_ip' => false,
),
),
),
'sort' => array(
'default' => 'INET_ATON(member_ip)',
'reverse' => 'INET_ATON(member_ip) DESC',
),
),
'hostname' => array(
'header' => array(
'value' => $txt['hostname'],
),
'data' => array(
'function' => create_function('$rowData', '
global $modSettings;
return host_from_ip($rowData[\'member_ip\']);
'),
'class' => 'smalltext',
),
),
'date_registered' => array(
'header' => array(
'value' => $txt['date_registered'],
),
'data' => array(
'function' => create_function('$rowData', '
return timeformat($rowData[\'date_registered\']);
'),
),
'sort' => array(
'default' => 'date_registered DESC',
'reverse' => 'date_registered',
),
),
'duplicates' => array(
'header' => array(
'value' => $txt['duplicates'],
// Make sure it doesn't go too wide.
'style' => 'width: 20%',
),
'data' => array(
'function' => create_function('$rowData', '
global $scripturl, $txt;
$member_links = array();
foreach ($rowData[\'duplicate_members\'] as $member)
{
if ($member[\'id\'])
$member_links[] = \'<a href="\' . $scripturl . \'?action=profile;u=\' . $member[\'id\'] . \'" \' . (!empty($member[\'is_banned\']) ? \'style="color: red;"\' : \'\') . \'>\' . $member[\'name\'] . \'</a>\';
else
$member_links[] = $member[\'name\'] . \' (\' . $txt[\'guest\'] . \')\';
}
return implode (\', \', $member_links);
'),
'class' => 'smalltext',
),
),
'check' => array(
'header' => array(
'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="check" />',
),
'data' => array(
'sprintf' => array(
'format' => '<input type="checkbox" name="todoAction[]" value="%1$d" class="check" />',
'params' => array(
'id_member' => false,
),
),
'class' => 'windowbg',
'style' => 'text-align: center',
),
),
),
'javascript' => $javascript,
'form' => array(
'href' => $scripturl . '?action=admin;area=viewmembers;sa=approve;type=' . $context['browse_type'],
'name' => 'postForm',
'include_start' => true,
'include_sort' => true,
'hidden_fields' => array(
'orig_filter' => $context['current_filter'],
),
),
'additional_rows' => array(
array(
'position' => 'below_table_data',
'value' => '
<div style="float:left">
[<a href="' . $scripturl . '?action=admin;area=viewmembers;sa=browse;showdupes=' . ($context['show_duplicates'] ? 0 : 1) . ';type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'] . '">' . ($context['show_duplicates'] ? $txt['dont_check_for_duplicate'] : $txt['check_for_duplicate']) . '</a>]
</div>
<div style="float:right;">
<select name="todo" onchange="onSelectChange();">
' . $allowed_actions . '
</select>
<noscript><input type="submit" value="' . $txt['go'] . '" /></noscript>
</div>',
'class' => 'titlebg',
),
),
);
// Pick what column to actually include if we're showing duplicates.
if ($context['show_duplicates'])
unset($listOptions['columns']['email']);
else
unset($listOptions['columns']['duplicates']);
// Only show hostname on duplicates as it takes a lot of time.
if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
unset($listOptions['columns']['hostname']);
// Is there any need to show filters?
if (isset($context['available_filters']) && count($context['available_filters']) > 1)
{
$filterOptions = '
<b>' . $txt['admin_browse_filter_by'] . ':</b>
<select name="filter" onchange="this.form.submit();">';
foreach ($context['available_filters'] as $filter)
$filterOptions .= '
<option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected="selected"' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
$filterOptions .= '
</select>
<noscript><input type="submit" value="' . $txt['go'] . '" name="filter" /></noscript>';
$listOptions['additional_rows'][] = array(
'position' => 'above_column_headers',
'value' => $filterOptions,
'style' => 'text-align: center;',
'class' => 'titlebg',
);
}
// What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
if (!empty($context['show_filter']) && !empty($context['available_filters']))
$listOptions['additional_rows'][] = array(
'position' => 'above_column_headers',
'value' => '<span class="smalltext"><b>' . $txt['admin_browse_filter_show'] . ':</b> ' . $context['available_filters'][0]['desc'] . '</span>',
'style' => 'text-align: left;',
'class' => 'windowbg2',
);
// Now that we have all the options, create the list.
require_once($sourcedir . '/Subs-List.php');
createList($listOptions);
}
// Do the approve/activate/delete stuff
function AdminApprove()
{
global $txt, $context, $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;
require_once($sourcedir . '/Subs-Post.php');
// We also need to the login languages here - for emails.
loadLanguage('Login');
// Sort out where we are going...
$browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
$current_filter = (int) $_REQUEST['orig_filter'];
// If we are applying a filter do just that - then redirect.
if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
// Nothing to do?
if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
// Are we dealing with members who have been waiting for > set amount of time?
if (isset($_POST['time_passed']))
{
$timeBefore = time() - 86400 * (int) $_POST['time_passed'];
$condition = '
AND date_registered < {int:time_before}';
}
// Coming from checkboxes - validate the members passed through to us.
else
{
$members = array();
foreach ($_POST['todoAction'] as $id)
$members[] = (int) $id;
$condition = '
AND id_member IN ({array_int:members})';
}
// Get information on each of the members, things that are important to us, like email address...
$request = $smcFunc['db_query']('', '
SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
FROM {db_prefix}members
WHERE is_activated = {int:activated_status}' . $condition . '
ORDER BY lngfile',
array(
'activated_status' => $current_filter,
'time_before' => empty($timeBefore) ? 0 : $timeBefore,
'members' => empty($members) ? array() : $members,
)
);
$member_count = $smcFunc['db_num_rows']($request);
// If no results then just return!
if ($member_count == 0)
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
$member_info = array();
$members = array();
// Fill the info array.
while ($row = $smcFunc['db_fetch_assoc']($request))
{
$members[] = $row['id_member'];
$member_info[] = array(
'id' => $row['id_member'],
'username' => $row['member_name'],
'name' => $row['real_name'],
'email' => $row['email_address'],
'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'],
'code' => $row['validation_code']
);
}
$smcFunc['db_free_result']($request);
// Are we activating or approving the members?
if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail')
{
// Approve/activate this member.
$smcFunc['db_query']('', '
UPDATE {db_prefix}members
SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
WHERE is_activated = {int:activated_status}' . $condition,
array(
'is_activated' => 1,
'time_before' => empty($timeBefore) ? 0 : $timeBefore,
'members' => empty($members) ? array() : $members,
'activated_status' => $current_filter,
'blank_string' => '',
)
);
// Do we have to let the integration code know about the activations?
if (isset($modSettings['integrate_activate']) && function_exists($modSettings['integrate_activate']))
{
foreach ($member_info as $member)
call_user_func($modSettings['integrate_activate'], $member['username']);
}
// Check for email.
if ($_POST['todo'] == 'okemail')
{
foreach ($member_info as $member)
{
$replacements = array(
'NAME' => $member['name'],
'USERNAME' => $member['username'],
'PROFILELINK' => $scripturl . '?action=profile',
);
$emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
}
}
// Maybe we're sending it off for activation?
elseif ($_POST['todo'] == 'require_activation')
{
require_once($sourcedir . '/Subs-Members.php');
// We have to do this for each member I'm afraid.
foreach ($member_info as $member)
{
// Generate a random activation code.
$validation_code = generateValidationCode();
// Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
$smcFunc['db_query']('', '
UPDATE {db_prefix}members
SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
WHERE is_activated = {int:activated_status}
' . $condition . '
AND id_member = {int:selected_member}',
array(
'not_activated' => 0,
'activated_status' => $current_filter,
'selected_member' => $member['id'],
'validation_code' => $validation_code,
'time_before' => empty($timeBefore) ? 0 : $timeBefore,
'members' => empty($members) ? array() : $members,
)
);
$replacements = array(
'USERNAME' => $member['name'],
'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code,
);
$emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
}
// Are we rejecting them?
elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail')
{
require_once($sourcedir . '/Subs-Members.php');
deleteMembers($members);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'rejectemail')
{
foreach ($member_info as $member)
{
$replacements = array(
'USERNAME' => $member['name'],
);
$emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body']);
}
}
}
// A simple delete?
elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail')
{
require_once($sourcedir . '/Subs-Members.php');
deleteMembers($members);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'deleteemail')
{
foreach ($member_info as $member)
{
$replacements = array(
'USERNAME' => $member['name'],
);
$emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body']);
}
}
}
// Remind them to activate their account?
elseif ($_POST['todo'] == 'remind')
{
foreach ($member_info as $member)
{
$replacements = array(
'USERNAME' => $member['name'],
'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'],
);
$emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body']);
}
}
// Back to the user's language!
if (isset($current_language) && $current_language != $user_info['language'])
{
loadLanguage('index');
loadLanguage('ManageMembers');
}
// Log what we did?
if (!empty($modSettings['modlog_enabled']) && (substr($_POST['todo'], 0, 2) == 'ok' || $_POST['todo'] == 'remind'))
{
$log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';
$log_inserts = array();
foreach ($member_info as $member)
{
$log_inserts[] = array(
time(), 3, $user_info['id'], $user_info['ip'], $log_action,
0, 0, 0, serialize(array('member' => $member['id'])),
);
}
$smcFunc['db_insert']('',
'{db_prefix}log_actions',
array(
'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
),
$log_inserts,
array('id_action')
);
}
// Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
if (in_array($current_filter, array(3, 4)))
updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
// Update the member's stats. (but, we know the member didn't change their name.)
updateStats('member', false);
// If they haven't been deleted, update the post group statistics on them...
if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
updateStats('postgroups', $members);
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
function jeffsdatediff($old)
{
// Get the current time as the user would see it...
$forumTime = forum_time();
// Calculate the seconds that have passed since midnight.
$sinceMidnight = date('H', $forumTime) * 60 * 60 + date('i', $forumTime) * 60 + date('s', $forumTime);
// Take the difference between the two times.
$dis = time() - $old;
// Before midnight?
if ($dis < $sinceMidnight)
return 0;
else
$dis -= $sinceMidnight;
// Divide out the seconds in a day to get the number of days.
return ceil($dis / (24 * 60 * 60));
}
?>
T1KUS90T