array(
'modifyprofile',
'modifyprofile_birthday',
'userfield_checkbox_option',
'userfield_optional_input',
'userfield_radio',
'userfield_radio_option',
'userfield_select',
'userfield_select_option',
'userfield_select_multiple',
'userfield_textarea',
'userfield_textbox',
'userfield_wrapper',
),
'editoptions' => array(
'modifyoptions',
'modifyoptions_timezone',
'userfield_checkbox_option',
'userfield_optional_input',
'userfield_radio',
'userfield_radio_option',
'userfield_select',
'userfield_select_option',
'userfield_select_multiple',
'userfield_textarea',
'userfield_textbox',
'userfield_wrapper',
),
'editconnections' =>array(
'modifyconnections'
),
'editavatar' => array(
'modifyavatar',
'modifyavatar_category',
'modifyavatarbit',
'modifyavatarbit_custom',
'modifyavatarbit_noavatar',
),
'editusergroups' => array(
'modifyusergroups',
'modifyusergroups_joinrequestbit',
'modifyusergroups_memberbit',
'modifyusergroups_nonmemberbit',
'modifyusergroups_displaybit'
),
'editsignature' => array(
'modifysignature',
'forumrules'
),
'updatesignature' => array(
'modifysignature',
'forumrules'
),
'editpassword' => array(
'modifypassword'
),
'editprofilepic' => array(
'modifyprofilepic'
),
'joingroup' => array(
'modifyusergroups_requesttojoin'
),
'editattachments' => array(
'GENERIC_SHELL',
'modifyattachmentsbit',
'modifyattachmentsbit_post',
'modifyattachmentsbit_album',
'modifyattachmentsbit_group',
'modifyattachments'
),
'addlist' => array(
'modifyuserlist_confirm',
),
'removelist' => array(
'modifyuserlist_confirm',
),
'buddylist' => array(
'modifybuddylist',
'modifybuddylist_user',
),
'ignorelist' => array(
'modifyignorelist',
'modifyignorelist_user',
),
'customize' => array(
'memberinfo_usercss',
'modifyusercss',
'modifyusercss_backgroundbit',
'modifyusercss_backgroundrow',
'modifyusercss_bit',
'modifyusercss_error',
'modifyusercss_error_link',
'modifyusercss_headinclude',
'modifyprivacy_bit',
),
'privacy' => array(
'modifyprofileprivacy',
'modifyprivacy_bit'
),
'doprivacy' => array(
'modifyprofileprivacy',
'modifyprivacy_bit'
)
);
$actiontemplates['docustomize'] = $actiontemplates['customize'];
$actiontemplates['none'] =& $actiontemplates['editprofile'];
// ######################### REQUIRE BACK-END ############################
require_once('./global.php');
require_once(DIR . '/includes/functions_user.php');
// bootstrap framework
require_once(DIR . '/includes/class_bootstrap_framework.php');
vB_Bootstrap_Framework::init();
// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'editprofile';
}
if (!($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']))
{
print_no_permission();
}
if (empty($vbulletin->userinfo['userid']))
{
print_no_permission();
}
// set shell template name
$shelltemplatename = 'USERCP_SHELL';
$includecss = array();
// initialise onload event
$onload = '';
// start the navbar
$navbits = array('usercp.php' . $vbulletin->session->vars['sessionurl_q'] => $vbphrase['user_control_panel']);
($hook = vBulletinHook::fetch_hook('profile_start')) ? eval($hook) : false;
// ############################### start dst autodetect switch ###############################
if ($_POST['do'] == 'dst')
{
if ($vbulletin->userinfo['dstauto'])
{
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
switch ($vbulletin->userinfo['dstonoff'])
{
case 1:
{
if ($vbulletin->userinfo['options'] & $vbulletin->bf_misc_useroptions['dstonoff'])
{
$userdata->set_bitfield('options', 'dstonoff', 0);
}
}
break;
case 0:
{
if (!($vbulletin->userinfo['options'] & $vbulletin->bf_misc_useroptions['dstonoff']))
{
$userdata->set_bitfield('options', 'dstonoff', 1);
}
}
break;
}
($hook = vBulletinHook::fetch_hook('profile_dst')) ? eval($hook) : false;
$userdata->save();
}
print_standard_redirect('redirect_dst');
}
// ############################### toggle user css ###############################
if ($_REQUEST['do'] == 'switchusercss')
{
$vbulletin->input->clean_array_gpc('r', array(
'hash' => TYPE_STR,
'userid' => TYPE_UINT,
));
if (!verify_security_token($vbulletin->GPC['hash'], $vbulletin->userinfo['securitytoken_raw']))
{
print_no_permission();
}
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true);
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_profile_styling'])
{
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
$userdata->set_bitfield('options', 'showusercss', ($vbulletin->userinfo['options'] & $vbulletin->bf_misc_useroptions['showusercss'] ? 0 : 1));
$userdata->save();
}
if ($vbulletin->GPC['userid'] AND $vbulletin->url == fetch_seo_url('forumhome|nosession', array()))
{
$vbulletin->url = fetch_seo_url('member', $userinfo);
}
print_standard_redirect('redirect_usercss_toggled');
}
// ############################################################################
// ############################### EDIT PASSWORD ##############################
// ############################################################################
if ($_REQUEST['do'] == 'editpassword')
{
($hook = vBulletinHook::fetch_hook('profile_editpassword_start')) ? eval($hook) : false;
// draw cp nav bar
construct_usercp_nav('password');
// check for password history retention
$passwordhistory = $permissions['passwordhistory'];
// don't let banned people edit their email (see bug 2142)
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']))
{
$show['edit_email_field'] = false;
$navbits[''] = $vbphrase['edit_password'];
}
else
{
$show['edit_email_field'] = true;
$navbits[''] = $vbphrase['edit_email_and_password'];
}
// only show old password input if user is vb user,
// and not facebook only user (which means they have no password)
$show['oldpasswordinput'] = ($vbulletin->userinfo['logintype'] == 'vb');
// don't show optional because password expired
$show['password_optional'] = !$show['passwordexpired'];
$page_templater = vB_Template::create('modifypassword');
}
// ############################### start update password ###############################
if ($_POST['do'] == 'updatepassword')
{
$vbulletin->input->clean_array_gpc('p', array(
'currentpassword' => TYPE_STR,
'currentpassword_md5' => TYPE_STR,
'newpassword' => TYPE_STR,
'newpasswordconfirm' => TYPE_STR,
'newpassword_md5' => TYPE_STR,
'newpasswordconfirm_md5' => TYPE_STR,
'email' => TYPE_STR,
'emailconfirm' => TYPE_STR
));
// instanciate the data manager class
$userdata =& datamanager_init('user', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
($hook = vBulletinHook::fetch_hook('profile_updatepassword_start')) ? eval($hook) : false;
// if this is a Facebook only user, we will only use this form to add a password
// so we will ignore old password, email, and set the user logintype to be a vB user
if (is_facebookenabled() AND $vbulletin->userinfo['logintype'] == 'fb')
{
$userdata->set('logintype', 'vb');
// if a new email was not submitted, use whats already in the DB
if (!$vbulletin->GPC_exists['email'])
{
$vbulletin->GPC['email'] = $vbulletin->GPC['emailconfirm'] = $vbulletin->userinfo['email'];
}
}
// if not Facebook user, validate old password
else if ($userdata->hash_password($userdata->verify_md5($vbulletin->GPC['currentpassword_md5']) ? $vbulletin->GPC['currentpassword_md5'] : $vbulletin->GPC['currentpassword'], $vbulletin->userinfo['salt']) != $vbulletin->userinfo['password'])
{
eval(standard_error(fetch_error('badpassword', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'])));
}
// update password
if (!empty($vbulletin->GPC['newpassword']) OR !empty($vbulletin->GPC['newpassword_md5']))
{
// are we using javascript-hashed password strings?
if ($userdata->verify_md5($vbulletin->GPC['newpassword_md5']))
{
$vbulletin->GPC['newpassword'] =& $vbulletin->GPC['newpassword_md5'];
$vbulletin->GPC['newpasswordconfirm'] =& $vbulletin->GPC['newpasswordconfirm_md5'];
}
else
{
$vbulletin->GPC['newpassword'] =& md5($vbulletin->GPC['newpassword']);
$vbulletin->GPC['newpasswordconfirm'] =& md5($vbulletin->GPC['newpasswordconfirm']);
}
// check that new passwords match
if ($vbulletin->GPC['newpassword'] != $vbulletin->GPC['newpasswordconfirm'])
{
eval(standard_error(fetch_error('passwordmismatch')));
}
// check to see if the new password is invalid due to previous use
if ($userdata->check_password_history($userdata->hash_password($vbulletin->GPC['newpassword'], $vbulletin->userinfo['salt']), $permissions['passwordhistory']))
{
eval(standard_error(fetch_error('passwordhistory', $permissions['passwordhistory'])));
}
// everything is good - send the singly-hashed MD5 to the password update routine
$userdata->set('password', $vbulletin->GPC['newpassword']);
// Update cookie if we have one
$vbulletin->input->clean_array_gpc('c', array(
COOKIE_PREFIX . 'password' => TYPE_STR,
COOKIE_PREFIX . 'userid' => TYPE_UINT)
);
if (md5($vbulletin->userinfo['password'] . COOKIE_SALT) == $vbulletin->GPC[COOKIE_PREFIX . 'password'] AND
$vbulletin->GPC[COOKIE_PREFIX . 'userid'] == $vbulletin->userinfo['userid']
)
{
vbsetcookie('password', md5(md5($vbulletin->GPC['newpassword'] . $vbulletin->userinfo['salt']) . COOKIE_SALT), true, true, true);
}
$activate = false;
}
// update email only if user is not banned (see bug 2142) and email is changed
// also, do not update
if ($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] AND ($vbulletin->GPC['email'] != $vbulletin->userinfo['email'] OR $vbulletin->GPC['emailconfirm'] != $vbulletin->userinfo['email']))
{
// check that new email addresses match
if ($vbulletin->GPC['email'] != $vbulletin->GPC['emailconfirm'])
{
eval(standard_error(fetch_error('emailmismatch')));
}
// set the email field to be updated
$userdata->set('email', $vbulletin->GPC['email']);
// generate an activation ID if required
if ($vbulletin->options['verifyemail'] AND !can_moderate())
{
$userdata->set('usergroupid', 3);
$userdata->set_info('override_usergroupid', true);
$activate = true;
// wait lets check if we have an entry first!
$activation_exists = $db->query_first("
SELECT * FROM " . TABLE_PREFIX . "useractivation
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 0
");
if (!empty($activation_exists['usergroupid']) AND $vbulletin->userinfo['usergroupid'] == 3)
{
$usergroupid = $activation_exists['usergroupid'];
}
else
{
$usergroupid = $vbulletin->userinfo['usergroupid'];
}
$activateid = build_user_activation_id($vbulletin->userinfo['userid'], $usergroupid, 0, 1);
$username = unhtmlspecialchars($vbulletin->userinfo['username']);
$userid = $vbulletin->userinfo['userid'];
eval(fetch_email_phrases('activateaccount_change'));
vbmail($vbulletin->GPC['email'], $subject, $message, true);
}
else
{
$activate = false;
}
}
else
{
$userdata->verify_useremail($vbulletin->userinfo['email']);
}
($hook = vBulletinHook::fetch_hook('profile_updatepassword_complete')) ? eval($hook) : false;
// save the data
$userdata->save();
if ($activate)
{
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
print_standard_redirect(array('redirect_updatethanks_newemail',$vbulletin->userinfo['username']), true, true);
}
else
{
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
print_standard_redirect(array('redirect_updatethanks',$vbulletin->userinfo['username']), true, true);
}
}
else if ($_GET['do'] == 'updatepassword')
{
// add consistency with previous behavior
exec_header_redirect('profile.php?do=editpassword');
}
// ############################################################################
// ######################### EDIT BUDDY/IGNORE LISTS ##########################
// ############################################################################
if ($_REQUEST['do'] == 'addlist')
{
$vbulletin->input->clean_array_gpc('r', array(
'userid' => TYPE_UINT,
'userlist' => TYPE_NOHTML,
));
if ($vbulletin->GPC['userlist'] == 'friend' AND (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']) OR !($vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends'])))
{
$vbulletin->GPC['userlist'] = 'buddy';
}
$show['friend_checkbox'] = false;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true, FETCH_USERINFO_ISFRIEND);
cache_permissions($userinfo);
if ($vbulletin->GPC['userlist'] == 'buddy' OR $vbulletin->GPC['userlist'] == 'friend')
{
// No slave here
$ouruser = $db->query_first("
SELECT friend
FROM " . TABLE_PREFIX . "userlist
WHERE relationid = $userinfo[userid]
AND userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
");
if ($vbulletin->GPC['userlist'] == 'friend')
{
if ($ouruser['friend'] == 'pending' OR $ouruser['friend'] == 'denied')
{ // We are pending friends
print_standard_redirect(array('redirect_friendspending',$userinfo['username']), true, true);
}
else if ($ouruser['friend'] == 'yes')
{ // We are already friends
print_standard_redirect(array('redirect_friendsalready',$userinfo['username']), true, true);
}
else if ($vbulletin->GPC['userid'] == $vbulletin->userinfo['userid'])
{ // You can't be friends with yourself
print_standard_redirect('redirect_friendswithself', true, true);
}
}
else if ($ouruser)
{
if ($ouruser['friend'] == 'yes')
{
print_standard_redirect(array('redirect_friendsalready',$userinfo['username']), true, true);
}
else
{
print_standard_redirect(array('redirect_contactsalready',$userinfo['username']), true, true);
}
}
}
switch ($vbulletin->GPC['userlist'])
{
case 'friend':
$friend_checked = ' checked="checked"';
case 'buddy':
if ($userinfo['requestedfriend'])
{
$confirm_phrase = 'confirm_friendship_request_from_x';
$show['friend_checkbox'] = false;
$show['hiddenfriend'] = true;
}
else
{
$confirm_phrase = 'add_x_to_contacts_confirm';
$supplemental_phrase = 'also_send_friend_request_to_x';
$show['friend_checkbox'] = ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends'] AND $userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']);
}
construct_usercp_nav('buddylist');
break;
case 'ignore':
$uglist = $userinfo['usergroupid'] . (trim($userinfo['membergroupids']) ? ",$userinfo[membergroupids]" : '');
if (!$vbulletin->options['ignoremods'] AND can_moderate(0, '', $userinfo['userid'], $uglist) AND !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']))
{
standard_error(fetch_error('listignoreuser', $userinfo['username']));
}
else if ($vbulletin->userinfo['userid'] == $userinfo['userid'])
{
standard_error(fetch_error('cantlistself_ignore'));
}
$confirm_phrase = 'add_x_to_ignorelist_confirm';
construct_usercp_nav('ignorelist');
break;
default:
standard_error(fetch_error('invalidid', 'list', $vbulletin->options['contactuslink']));
}
$navbits[''] = $vbphrase['confirm_user_list_modification'];
// draw cp nav bar
$action = 'doaddlist';
$userid = $userinfo['userid'];
$userlist = $vbulletin->GPC['userlist'];
$url =& $vbulletin->url;
$page_templater = vB_Template::create('modifyuserlist_confirm');
$page_templater->register('action', $action);
$page_templater->register('confirm_phrase', $confirm_phrase);
$page_templater->register('friend_checked', $friend_checked);
$page_templater->register('list', $list);
$page_templater->register('supplemental_phrase', $supplemental_phrase);
$page_templater->register('url', $url);
$page_templater->register('userid', $userid);
$page_templater->register('userinfo', $userinfo);
$page_templater->register('userlist', $userlist);
}
if ($_REQUEST['do'] == 'removelist')
{
$vbulletin->input->clean_array_gpc('r', array(
'userid' => TYPE_UINT,
'userlist' => TYPE_NOHTML,
));
$show['friend_checkbox'] = false;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true);
cache_permissions($userinfo);
switch ($vbulletin->GPC['userlist'])
{
case 'friend':
$confirm_phrase = 'remove_x_from_friendlist_confirm';
$supplemental_phrase = 'also_remove_x_from_contacts';
$show['friend_checkbox'] = true;
construct_usercp_nav('buddylist');
break;
case 'buddy':
$confirm_phrase = 'remove_x_from_contacts_confirm';
construct_usercp_nav('buddylist');
break;
case 'ignore':
$confirm_phrase = 'remove_x_from_ignorelist_confirm';
construct_usercp_nav('ignorelist');
break;
default:
standard_error(fetch_error('invalidid', 'list', $vbulletin->options['contactuslink']));
}
$navbits[''] = $vbphrase['confirm_user_list_modification'];
// draw cp nav bar
$action = 'doremovelist';
$userid = $userinfo['userid'];
$userlist = $vbulletin->GPC['userlist'];
$url =& $vbulletin->url;
$page_templater = vB_Template::create('modifyuserlist_confirm');
$page_templater->register('action', $action);
$page_templater->register('confirm_phrase', $confirm_phrase);
$page_templater->register('friend_checked', $friend_checked);
$page_templater->register('list', $list);
$page_templater->register('supplemental_phrase', $supplemental_phrase);
$page_templater->register('url', $url);
$page_templater->register('userid', $userid);
$page_templater->register('userinfo', $userinfo);
$page_templater->register('userlist', $userlist);
}
// ############################### start add to list ###############################
if ($_POST['do'] == 'doaddlist')
{
$vbulletin->input->clean_array_gpc('p', array(
'userid' => TYPE_UINT,
'userlist' => TYPE_NOHTML,
'friend' => TYPE_BOOL,
'deny' => TYPE_NOHTML,
));
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true);
cache_permissions($userinfo);
($hook = vBulletinHook::fetch_hook('profile_doaddlist_start')) ? eval($hook) : false;
// no referring URL, send them back to the profile page
if ($vbulletin->url == fetch_seo_url('forumhome|nosession', array()))
{
$vbulletin->url = fetch_seo_url('member', $userinfo);
}
// No was clicked
if ($vbulletin->GPC['deny'])
{
print_standard_redirect('action_cancelled');
}
if ($vbulletin->GPC['userlist'] != 'ignore')
{
$vbulletin->GPC['userlist'] = $vbulletin->GPC['friend'] ? 'friend' : 'buddy';
}
if ($vbulletin->GPC['userlist'] == 'friend' AND (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']) OR !($userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']) OR !($vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends'])))
{
$vbulletin->GPC['userlist'] = 'buddy';
}
$users = array();
switch ($vbulletin->GPC['userlist'])
{
case 'friend':
case 'buddy':
// No slave here
$ouruser = $db->query_first("
SELECT friend
FROM " . TABLE_PREFIX . "userlist
WHERE relationid = $userinfo[userid]
AND userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
");
break;
case 'ignore':
$uglist = $userinfo['usergroupid'] . (trim($userinfo['membergroupids']) ? ",$userinfo[membergroupids]" : '');
if (!$vbulletin->options['ignoremods'] AND can_moderate(0, '', $userinfo['userid'], $uglist) AND !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']))
{
standard_error(fetch_error('listignoreuser', $userinfo['username']));
}
else if ($vbulletin->userinfo['userid'] == $userinfo['userid'])
{
standard_error(fetch_error('cantlistself_ignore'));
}
$db->query_write("
INSERT IGNORE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
(" . $vbulletin->userinfo['userid'] . ", " . intval($userinfo['userid']) . ", 'ignore', 'no')
");
$users[] = $vbulletin->userinfo['userid'];
$redirect_phrase = array('redirect_addlist_ignore',$userinfo['username']);
break;
default:
standard_error(fetch_error('invalidid', 'list', $vbulletin->options['contactuslink']));
}
if ($vbulletin->GPC['userlist'] == 'buddy')
{ // if an entry exists already then we're fine
if (empty($ouruser))
{
$db->query_write("
INSERT IGNORE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
(" . $vbulletin->userinfo['userid'] . ", " . intval($userinfo['userid']) . ", 'buddy', 'no')
");
$users[] = $vbulletin->userinfo['userid'];
}
$redirect_phrase = array('redirect_addlist_contact',$userinfo['username']);
}
else if ($vbulletin->GPC['userlist'] == 'friend')
{
if ($ouruser['friend'] == 'pending' OR $ouruser['friend'] == 'denied')
{ // We are pending friends
print_standard_redirect(array('redirect_friendspending',$userinfo['username']), true, true);
}
else if ($ouruser['friend'] == 'yes')
{ // We are already friends
print_standard_redirect(array('redirect_friendsalready',$userinfo['username']), true, true);
}
else if ($vbulletin->GPC['userid'] == $vbulletin->userinfo['userid'])
{ // You can't be friends with yourself
print_standard_redirect('redirect_friendswithself', true, true);
}
// No slave here
if ($db->query_first("
SELECT friend
FROM " . TABLE_PREFIX . "userlist
WHERE userid = $userinfo[userid]
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
AND (friend = 'pending' OR friend = 'denied')
"))
{
// Make us friends
$db->query_write("
REPLACE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
({$vbulletin->userinfo['userid']}, $userinfo[userid], 'buddy', 'yes'),
($userinfo[userid], {$vbulletin->userinfo['userid']}, 'buddy', 'yes')
");
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = friendcount + 1
WHERE userid IN ($userinfo[userid], " . $vbulletin->userinfo['userid'] . ")
");
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendreqcount = IF(friendreqcount > 0, friendreqcount - 1, 0)
WHERE userid = " . $vbulletin->userinfo['userid']
);
$users[] = $vbulletin->userinfo['userid'];
$users[] = $userinfo['userid'];
$redirect_phrase = array('redirect_friendadded',$userinfo['username']);
}
else
{
$db->query_write("
REPLACE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
({$vbulletin->userinfo['userid']}, $userinfo[userid], 'buddy', 'pending')
");
$cansendemail = (($userinfo['adminemail'] OR $userinfo['showemail']) AND $vbulletin->options['enableemail'] AND $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canemailmember']);
if ($cansendemail AND $userinfo['options'] & $vbulletin->bf_misc_useroptions['receivefriendemailrequest'])
{
$touserinfo =& $userinfo;
$fromuserinfo =& $vbulletin->userinfo;
eval(fetch_email_phrases('friendship_request_email', $touserinfo['languageid']));
require_once(DIR . '/includes/class_bbcode_alt.php');
$plaintext_parser = new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list());
$plaintext_parser->set_parsing_language($touserinfo['languageid']);
$message = $plaintext_parser->parse($message, 'privatemessage');
vbmail($touserinfo['email'], $subject, $message);
}
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendreqcount = friendreqcount + 1
WHERE userid = " . $userinfo['userid']
);
$users[] = $vbulletin->userinfo['userid'];
$redirect_phrase = array('redirect_friendrequested',$userinfo['username']);
}
}
require_once(DIR . '/includes/functions_databuild.php');
foreach($users AS $userid)
{
build_userlist($userid);
}
($hook = vBulletinHook::fetch_hook('profile_doaddlist_complete')) ? eval($hook) : false;
print_standard_redirect($redirect_phrase, true, true);
}
if ($_POST['do'] == 'doremovelist')
{
$vbulletin->input->clean_array_gpc('p', array(
'userid' => TYPE_UINT,
'userlist' => TYPE_NOHTML,
'friend' => TYPE_BOOL,
'deny' => TYPE_NOHTML,
));
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true);
cache_permissions($userinfo);
($hook = vBulletinHook::fetch_hook('profile_doremovelist_start')) ? eval($hook) : false;
// no referring URL, send them back to the profile page
if ($vbulletin->url == fetch_seo_url('forumhome|nosession', array()))
{
$vbulletin->url = fetch_seo_url('member', $userinfo);
}
// No was clicked
if ($vbulletin->GPC['deny'])
{
print_standard_redirect('action_cancelled');
}
$users = array();
switch ($vbulletin->GPC['userlist'])
{
case 'friend':
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'no'
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND relationid = $userinfo[userid]
AND type = 'buddy'
AND friend = 'yes'
");
if ($db->affected_rows())
{
$users[] = $vbulletin->userinfo['userid'];
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'no'
WHERE relationid = " . $vbulletin->userinfo['userid'] . "
AND userid = $userinfo[userid]
AND type = 'buddy'
AND friend = 'yes'
");
if ($db->affected_rows())
{
$users[] = $userinfo['userid'];
}
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = IF(friendcount >= 1, friendcount - 1, 0)
WHERE userid IN(" . implode(", ", $users) . ")
AND friendcount <> 0
");
}
// this option actually means remove buddy in this case, do don't break so we fall through.
if (!$vbulletin->GPC['friend'])
{
break;
}
case 'buddy':
$db->query_write("
DELETE FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND relationid = $userinfo[userid]
AND type = 'buddy'
");
if ($db->affected_rows())
{
$users[] = $vbulletin->userinfo['userid'];
// The user could have been a friend too
list($pendingcount) = $db->query_first("
SELECT COUNT(*)
FROM " . TABLE_PREFIX . "userlist AS userlist
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist_ignore ON(userlist_ignore.userid = " . $userinfo['userid'] . " AND userlist_ignore.relationid = userlist.userid AND userlist_ignore.type = 'ignore')
WHERE userlist.relationid = " . $userinfo['userid'] . "
AND userlist.type = 'buddy'
AND userlist.friend = 'pending'
AND userlist_ignore.type IS NULL", DBARRAY_NUM
);
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendreqcount = $pendingcount
WHERE userid = " . $userinfo['userid']
);
}
break;
case 'ignore':
$db->query_write("
DELETE FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND relationid = $userinfo[userid]
AND type = 'ignore'
");
if ($db->affected_rows())
{
$users[] = $vbulletin->userinfo['userid'];
}
break;
default:
standard_error(fetch_error('invalidid', 'list', $vbulletin->options['contactuslink']));
}
require_once(DIR . '/includes/functions_databuild.php');
foreach($users AS $userid)
{
build_userlist($userid);
}
($hook = vBulletinHook::fetch_hook('profile_doremovelist_complete')) ? eval($hook) : false;
print_standard_redirect(array('redirect_removelist_' . $vbulletin->GPC['userlist'],$userinfo['username']), true, true);
}
// ############################### start update list ###############################
if ($_POST['do'] == 'updatelist')
{
$vbulletin->input->clean_array_gpc('p', array(
'userlist' => TYPE_NOHTML,
'listbits' => TYPE_ARRAY_ARRAY,
'username' => TYPE_NOHTML,
'ajax' => TYPE_BOOL,
'makefriends' => TYPE_BOOL, // value doesn't matter since we're using GPC_exists
'incomingaction' => TYPE_NOHTML,
));
$list_types = array('buddy', 'ignore');
$clean_lists = array();
foreach ($vbulletin->GPC['listbits'] AS $type => $val)
{
$clean_lists["$type"] = array_map('intval', array_keys($vbulletin->GPC['listbits']["$type"]));
}
$remove = $add = array();
$remove['friend'] = $remove['buddy'] = $remove['ignore'] = $remove['approvals'] = array();
($hook = vBulletinHook::fetch_hook('profile_updatelist_start')) ? eval($hook) : false;
if ($vbulletin->GPC['userlist'] == 'buddy')
{ // FRIENDS LIST, BUDDY LIST or PENDING FRIENDS
foreach ($clean_lists AS $type => $val)
{
switch ($type)
{
case 'friend_original':
{ // someone who is currently my friend, if they are missing then I dont want to be their friend
if (sizeof($clean_lists['friend_original']) != sizeof($clean_lists['friend']))
{
$remove['friend'] = array_merge($remove['friend'], array_diff($clean_lists['friend_original'], (is_array($clean_lists['friend']) ? $clean_lists['friend'] : array())));
}
}
break;
case 'buddy_original':
{ // someone who is simply just a buddy or has denied me friend access, if they are missing from the buddy then they were deleted
if (sizeof($clean_lists['buddy_original']) != sizeof($clean_lists['buddy']))
{
$remove['buddy'] = array_merge($remove['buddy'], array_diff($clean_lists['buddy_original'], (is_array($clean_lists['buddy']) ? $clean_lists['buddy'] : array())));
}
}
break;
default:
($hook = vBulletinHook::fetch_hook('profile_updatelist_listtype')) ? eval($hook) : false;
break;
}
}
if (!empty($vbulletin->GPC['username']))
{ // friend request
if ($vbulletin->GPC['ajax'])
{
$vbulletin->GPC['username'] = convert_urlencoded_unicode($vbulletin->GPC['username']);
}
if ($userinfo = $db->query_first("
SELECT user.userid, userlist.friend, user.options, user.username, user.membergroupids, user.usergroupid, user.email, user.languageid
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.userid = " . $vbulletin->userinfo['userid'] . " AND type = 'buddy')
WHERE username = '" . $db->escape_string(vbstrtolower($vbulletin->GPC['username'])) . "'
") AND (!$vbulletin->GPC_exists['makefriends'] OR $userinfo['userid'] != $vbulletin->userinfo['userid']))
{ // user exists and its either not making friends or the user id is different
cache_permissions($userinfo);
if
(
$vbulletin->GPC_exists['makefriends']
AND $vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']
AND $vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']
AND $userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']
)
{ // Only add the request if its not there
if (empty($userinfo['friend']) OR $userinfo['friend'] == 'no')
{
$add['friend']["$userinfo[userid]"] = $userinfo;
$show['pending'] = true;
}
}
else
{ // regular buddy
if (empty($userinfo['friend']))
{ // we're not already a buddy so re-add it
$add['buddy']["$userinfo[userid]"] = $userinfo;
}
}
}
else if ($userinfo['userid'] == $vbulletin->userinfo['userid'])
{
eval(standard_error(fetch_error('friendswithself')));
}
else
{
eval(standard_error(fetch_error('listbaduser', $vbulletin->GPC['username'], $vbulletin->session->vars['sessionurl_q'])));
}
}
// Friends we've checked through this method will already be on the buddy list, since you can't have a friend without a buddy.
if (is_array($clean_lists['friend']))
{
$newuser = array();
foreach ($clean_lists['friend'] AS $userid)
{
if (!isset($clean_lists['friend_original']["$userid"]))
{
$newuser[] = $userid;
}
}
if (!empty($newuser))
{
$userdata = $db->query_read("
SELECT user.userid, userlist.friend, user.options, user.username, user.membergroupids, user.usergroupid, user.email, user.languageid
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.userid = " . $vbulletin->userinfo['userid'] . " AND type = 'buddy')
WHERE user.userid IN (" . implode(',', $newuser) . ")
");
while ($userinfo = $db->fetch_array($userdata))
{
cache_permissions($userinfo);
if
(
!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends'])
OR !($vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends'])
OR !($userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends'])
OR $vbulletin->userinfo['userid'] == $userinfo['userid']
)
{
continue;
}
if (empty($userinfo['friend']) OR $userinfo['friend'] == 'no')
{
$add['friend']["$userinfo[userid]"] = $userinfo;
$show['pending'] = true;
}
}
}
}
}
else if ($vbulletin->GPC['userlist'] == 'incoming')
{ // APPROVAL OF NEW FRIENDS
if (is_array($clean_lists['incoming']))
{
foreach ($clean_lists['incoming'] AS $userid)
{
if ($vbulletin->GPC['incomingaction'] == 'accept')
{
$add['approvals']["$userid"] = $userid;
}
else
{
$remove['approvals']["$userid"] = $userid;
}
}
}
}
else
{ // IGNORE LIST
$vbulletin->GPC['userlist'] = 'ignore';
if (!empty($clean_lists['ignore_original']))
{
$remove['ignore'] = array_merge($remove['ignore'], array_diff($clean_lists['ignore_original'], (is_array($clean_lists['ignore']) ? $clean_lists['ignore'] : array())));
}
if (!empty($vbulletin->GPC['username']))
{
if ($vbulletin->GPC['ajax'])
{
$vbulletin->GPC['username'] = convert_urlencoded_unicode($vbulletin->GPC['username']);
}
if ($userinfo = $db->query_first("
SELECT userid, username, usergroupid, membergroupids
FROM " . TABLE_PREFIX . "user AS user
WHERE username = '" . $db->escape_string(vbstrtolower($vbulletin->GPC['username'])) . "'
"))
{
$uglist = $userinfo['usergroupid'] . iif(trim($userinfo['membergroupids']), ",$userinfo[membergroupids]");
if (!$vbulletin->options['ignoremods'] AND can_moderate(0, '', $userinfo['userid'], $uglist) AND !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']))
{
eval(standard_error(fetch_error('listignoreuser', $userinfo['username'])));
}
else if ($vbulletin->userinfo['userid'] == $userinfo['userid'])
{
eval(standard_error(fetch_error('cantlistself_ignore')));
}
$add['ignore']["$userinfo[userid]"] = $userinfo;
}
else
{
eval(standard_error(fetch_error('listbaduser', $vbulletin->GPC['username'], $vbulletin->session->vars['sessionurl_q'])));
}
}
}
/*
$remove['buddy'] contains records of people to delete entries on our side for
$remove['ignore'] contains people we want to take off of our list
*/
$rebuild_friendreqcount = array();
($hook = vBulletinHook::fetch_hook('profile_updatelist_process')) ? eval($hook) : false;
if (!empty($remove['approvals']))
{
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'denied'
WHERE type = 'buddy'
AND friend = 'pending'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode(',', $remove['approvals']) . ")
");
$rebuild_friendreqcount[$vbulletin->userinfo['userid']] = true;
}
if (!empty($remove['buddy']) OR !empty($remove['ignore']) OR !empty($remove['friend']))
{
if (!empty($remove['buddy']))
{
/* Deal with friend request count */
$decrement_friends = array();
$friends = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
AND friend = 'yes'
AND relationid IN (" . implode($remove['buddy'], ', ') . ")
");
while ($friend = $db->fetch_array($friends))
{
$decrement_friends[] = $friend['relationid'];
}
if (!empty($decrement_friends))
{
$rebuild_my_friendcount = true;
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = IF(friendcount >= 1, friendcount - 1, 0)
WHERE userid IN (" . implode($decrement_friends, ', ') . ")
");
}
/* Deal with pending friend request count */
$decrement_pending = array();
$pendingsreqs = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
AND friend = 'pending'
AND relationid IN (" . implode($remove['buddy'], ', ') . ")
");
while ($pendingreq = $db->fetch_array($pendingsreqs))
{
$decrement_pending[] = $pendingreq['relationid'];
}
if (!empty($decrement_pending))
{
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendreqcount = IF(friendreqcount >= 1, friendreqcount - 1, 0)
WHERE userid IN (" . implode($decrement_pending, ', ') . ")
");
}
/* Perform the actual delete */
$db->query_write("
DELETE FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
AND relationid IN (" . implode($remove['buddy'], ', ') . ")
");
# remove friendships that already exist
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'no'
WHERE type='buddy'
AND friend <> 'no'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode($remove['buddy'], ', ') . ")
");
}
if (!empty($remove['friend']))
{
// Remove my friends
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'no'
WHERE type = 'buddy'
AND friend <> 'no'
AND userid = " . $vbulletin->userinfo['userid'] . "
AND relationid IN (" . implode($remove['friend'], ', ') . ")
");
$updatecount_sql = $db->query_read("
SELECT userid
FROM " . TABLE_PREFIX . "userlist
WHERE type = 'buddy'
AND friend <> 'no'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode($remove['friend'], ', ') . ")
");
$updatecount_userids = array();
while ($updatecount = $db->fetch_array($updatecount_sql))
{
$updatecount_userids[] = $updatecount['userid'];
}
if ($updatecount_userids)
{
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = IF(friendcount >= 1, friendcount - 1, 0)
WHERE userid IN (" . implode($updatecount_userids, ', ') . ")
");
}
// Remove their reference too
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'no'
WHERE type = 'buddy'
AND friend <> 'no'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode($remove['friend'], ', ') . ")
");
$rebuild_my_friendcount = true;
}
if (!empty($remove['ignore']))
{
$db->query_write("
DELETE FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'ignore'
AND relationid IN (" . implode($remove['ignore'], ', ') . ")
");
$rebuild_friendreqcount[$vbulletin->userinfo['userid']] = true;
}
}
if (!empty($add))
{ // It is possible to have multiple ADD calls when you're approving people. Just in case you think it should be only one value.
$addvalues = array();
foreach ($add AS $value)
{
if (is_array($value))
{
foreach ($value AS $userinfo)
{
if (!empty($userinfo['userid']))
{
$addvalues[] = $userinfo['userid'];
}
}
}
else
{
$addvalues[] = !empty($value['userid']) ? $value['userid'] : intval($value);
}
}
if (empty($add['approvals']))
{ // We need to know a previous state.
$current_statuses = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND relationid IN (" . implode($addvalues, ', ') . ")
");
$usercache = array();
while ($current_status = $db->fetch_array($current_statuses))
{
$usercache["$current_status[type]"]["$current_status[relationid]"] = $current_status;
}
if (!empty($add['friend']))
{
// Another query to fill the cache, this is looking on the other site of the arrangement to see if they're waiting on pending too. We should instantly just upgrade this to friend.
$pending_checks = $db->query_read("
SELECT *
FROM " . TABLE_PREFIX . "userlist
WHERE relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode(array_keys($add['friend']), ', ') . ")
");
$pendingcache = array();
while ($pending_check = $db->fetch_array($pending_checks))
{
$pendingcache["$pending_check[type]"]["$pending_check[userid]"] = $pending_check;
}
$browsing_user_in_coventry = in_coventry($vbulletin->userinfo['userid'], true);
foreach ($add['friend'] AS $userid => $userinfo)
{
if (isset($usercache['buddy']["$userid"]) AND $usercache['buddy']["$userid"]['friend'] == 'yes')
{
continue;
}
if (isset($pendingcache['buddy']["$userid"]) AND $pendingcache['buddy']["$userid"]['friend'] == 'pending')
{
$add['approvals'][] = $userid;
continue;
}
if (isset($pendingcache['buddy']["$userid"]) AND $pendingcache['buddy']["$userid"]['friend'] == 'denied')
{ // If they were denied last time you must have changed your mind, remove the block so its just a buddy
$db->query_write("UPDATE " . TABLE_PREFIX . "userlist set friend = 'no' WHERE userid = $userid AND relationid = " . $vbulletin->userinfo['userid']);
}
$db->query_write("
REPLACE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
(" . $vbulletin->userinfo['userid'] . ", " . intval($userinfo['userid']) . ", 'buddy', 'pending')
");
($hook = vBulletinHook::fetch_hook('profile_updatelist_addfriend')) ? eval($hook) : false;
// Send notification to user that a friend request has been made for them
$userinfo = array_merge($userinfo , convert_bits_to_array($userinfo['options'] , $vbulletin->bf_misc_useroptions));
$cansendemail = (($userinfo['adminemail'] OR $userinfo['showemail']) AND $vbulletin->options['enableemail'] AND $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canemailmember']);
if ($cansendemail AND $userinfo['options'] & $vbulletin->bf_misc_useroptions['receivefriendemailrequest']
AND !isset($usercache['ignore']["$userid"]) // I'm not ignoring them
AND !isset($pendingcache['ignore']["$userid"]) // they're not ignoring me
AND !$browsing_user_in_coventry
)
{
$fromuserinfo =& $vbulletin->userinfo;
$touserinfo =& $userinfo;
eval(fetch_email_phrases('friendship_request_email', $touserinfo['languageid']));
require_once(DIR . '/includes/class_bbcode_alt.php');
$plaintext_parser = new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list());
$plaintext_parser->set_parsing_language($touserinfo['languageid']);
$message = $plaintext_parser->parse($message, 'privatemessage');
vbmail($touserinfo['email'], $subject, $message);
}
$rebuild_friendreqcount[$userid] = true;
}
}
else if (!empty($add['buddy']))
{ // We only want a record if one doesn't exist
foreach($add['buddy'] AS $userid => $touserinfo)
{
if (isset($usercache['buddy']["$userid"]))
{
continue;
}
$db->query_write("
INSERT IGNORE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
(" . $vbulletin->userinfo['userid'] . ", " . intval($userid) . ", 'buddy', 'no')
");
}
}
else if (!empty($add['ignore']))
{ // Adding someone to the ignore again is fine
foreach($add['ignore'] AS $userid => $touserinfo)
{
$db->query_write("
INSERT IGNORE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
(" . $vbulletin->userinfo['userid'] . ", " . intval($userid) . ", 'ignore', 'no')
");
}
$rebuild_friendreqcount[$vbulletin->userinfo['userid']] = true;
}
}
// This may look "special" compared to above, but it shouldn't be an else. The condition block above can add an entry to $add[approvals]
if (!empty($add['approvals']))
{ // Approving a bunch of users, make sure we get an entry too
$updatecount_sql = $db->query_read("
SELECT userid
FROM " . TABLE_PREFIX . "userlist
WHERE type = 'buddy'
AND friend = 'pending'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode(',', $add['approvals']) . ")
");
$updatecount_userids = array();
while ($updatecount = $db->fetch_array($updatecount_sql))
{
$updatecount_userids[] = $updatecount['userid'];
}
if ($updatecount_userids)
{
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = friendcount + 1
WHERE userid IN (" . implode(',', $updatecount_userids) . ")
");
}
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'yes'
WHERE type = 'buddy'
AND friend = 'pending'
AND relationid = " . $vbulletin->userinfo['userid'] . "
AND userid IN (" . implode(',', $add['approvals']) . ")
");
$replacesql = array();
foreach ($add['approvals'] AS $userid)
{
$replacesql[] = "(" . $vbulletin->userinfo['userid'] . ", $userid, 'buddy', 'yes')";
}
$db->query_write("
REPLACE INTO " . TABLE_PREFIX . "userlist
(userid, relationid, type, friend)
VALUES
" . implode(", ", $replacesql) . "
");
$rebuild_my_friendcount = true;
$rebuild_friendreqcount[$vbulletin->userinfo['userid']] = true;
}
}
if (!empty($rebuild_friendreqcount))
{
if (trim($vbulletin->options['globalignore']) != '')
{
$coventry = preg_split('#\s+#s', $vbulletin->options['globalignore'], -1, PREG_SPLIT_NO_EMPTY);
$coventry_query = 'AND userlist.userid NOT IN (' . implode(',', $coventry) . ')';
}
else
{
$coventry_query = '';
}
foreach (array_keys($rebuild_friendreqcount) AS $userid)
{
// The user could have been a friend too
list($pendingcount) = $db->query_first("
SELECT COUNT(*)
FROM " . TABLE_PREFIX . "userlist AS userlist
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist_ignore ON
(userlist_ignore.userid = " . $userid . " AND userlist_ignore.relationid = userlist.userid AND userlist_ignore.type = 'ignore')
WHERE userlist.relationid = " . $userid . "
$coventry_query
AND userlist.type = 'buddy'
AND userlist.friend = 'pending'
AND userlist_ignore.type IS NULL", DBARRAY_NUM
);
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendreqcount = $pendingcount
WHERE userid = " . $userid
);
}
}
if ($rebuild_my_friendcount)
{
list($myfriendcount) = $db->query_first("
SELECT COUNT(*) FROM " . TABLE_PREFIX . "userlist
WHERE userid = " . $vbulletin->userinfo['userid'] . "
AND type = 'buddy'
AND friend = 'yes'", DBARRAY_NUM
);
$db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET friendcount = $myfriendcount
WHERE userid = " . $vbulletin->userinfo['userid']
);
}
/* Todo, force the cache variable (if we can) */
require_once(DIR . '/includes/functions_databuild.php');
build_userlist($vbulletin->userinfo['userid']);
$show["{$vbulletin->GPC['userlist']}"] = true;
($hook = vBulletinHook::fetch_hook('profile_updatelist_complete')) ? eval($hook) : false;
if ($vbulletin->GPC['ajax'])
{
$ajax = true;
$_REQUEST['do'] = ($vbulletin->GPC['userlist'] == 'ignore' ? 'ignorelist' : 'buddylist');
}
else
{
print_standard_redirect('updatelist_' . $vbulletin->GPC['userlist']);
}
}
// ################# start edit buddy list ###############
if ($_REQUEST['do'] == 'buddylist')
{
$perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT);
$pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT);
$vbulletin->input->clean_array_gpc('r', array(
'filter' => TYPE_NOHTML
));
$vbulletin->input->clean_array_gpc('p', array(
'ajax' => TYPE_BOOL,
));
if ($vbulletin->GPC['ajax'])
{
$ajax = true;
}
$buddylist = '';
$incominglist = '';
$friend_list = array();
$js_userlist = array();
$show['friend_controls'] = ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends'] AND $vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']);
$perpage = (!$perpage OR $perpage > 100) ? 20 : $perpage;
$pagenumber = !$vbulletin->GPC['pagenumber'] ? 1 : $vbulletin->GPC['pagenumber'];
$totalfriends = 0;
$condition1 = $condition2 = array(
"userlist.userid = " . $vbulletin->userinfo['userid'],
"userlist.type = 'buddy'"
);
if ($vbulletin->GPC['filter'])
{
$condition1[] = "user.username LIKE '" . $vbulletin->db->escape_string($vbulletin->GPC['filter']) . "%'";
}
$redo = false;
do
{
$start = ($pagenumber - 1) * $perpage;
$users_result = $db->query_read_slave("
SELECT SQL_CALC_FOUND_ROWS
user.*, userlist.type, userlist.friend
" . ($vbulletin->options['avatarenabled'] ? ', avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.width as avwidth, customavatar.height as avheight, customavatar.filedata_thumb' : '') . "
FROM " . TABLE_PREFIX . "userlist AS userlist
INNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = userlist.relationid)
" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON (avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON (customavatar.userid = user.userid) " : '') . "
WHERE
" . implode($condition1, " AND ") . "
ORDER BY user.username
LIMIT $start, $perpage
");
$totalfriends = $db->found_rows();
// Switch to condition with no filter
if (!$totalfriends AND $vbulletin->GPC['filter'] AND !$redo)
{
$condition1 = $condition2;
$redo = true;
}
else
{
if ($start >= $totalfriends)
{
$pagenumber = ceil($totalfriends / $perpage);
}
$redo = false;
}
}
while (($start >= $totalfriends AND $totalfriends) OR $redo);
while ($user = $db->fetch_array($users_result))
{
$user['extended_type'] = $user['type'];
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends'])
{
switch ($user['friend'])
{
case 'yes':
$user['extended_type'] = 'friend';
break;
case 'pending':
case 'denied':
$user['extended_type'] = 'outgoing';
break;
default:
($hook = vBulletinHook::fetch_hook('profile_contactlist_listtype')) ? eval($hook) : false;
}
}
fetch_avatar_from_userinfo($user, true);
cache_permissions($user);
$container = 'buddylist';
$show['incomingrequest'] = false;
$show['outgoingrequest'] = ($user['extended_type'] == 'outgoing');
$friendcheck_checked = ($user['extended_type'] == 'friend' ? ' checked="checked"' : '');
$user['checked'] = ' checked="checked"';
$friend_list["$user[userid]"] = $user['friend'];
$js_userlist["$user[username]"] = $user['userid'];
$show['friend_checkbox'] = (($show['friend_controls'] AND ($user['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2['canusefriends']) AND $vbulletin->userinfo['userid'] != $user['userid']) OR (!empty($friendcheck_checked) AND $vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']));
$templater = vB_Template::create('modifybuddylist_user');
$templater->register('container', $container);
$templater->register('friendcheck_checked', $friendcheck_checked);
$templater->register('user', $user);
$buddylist .= $templater->render();
}
$buddycount = $totalfriends;
$sorturl = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=buddylist';
if ($perpage != 20)
{
$sorturl .= "&pp=$perpage";
}
if ($vbulletin->GPC['filter'])
{
$sorturl .= "&filter=" . $vbulletin->GPC['filter'];
}
$pagenav = construct_page_nav($pagenumber, $perpage, $totalfriends, $sorturl);
if (trim($vbulletin->options['globalignore']) != '')
{
$coventry = preg_split('#\s+#s', $vbulletin->options['globalignore'], -1, PREG_SPLIT_NO_EMPTY);
$coventry_query = 'AND userlist.userid NOT IN (' . implode(',', $coventry) . ')';
}
else
{
$coventry_query = '';
}
$incomingcount = 0;
$users_result = $db->query_read_slave("
SELECT
user.*, userlist.type, userlist.friend
" . ($vbulletin->options['avatarenabled'] ? ', avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.width as avwidth, customavatar.height as avheight, customavatar.filedata_thumb' : '') . "
FROM " . TABLE_PREFIX . "userlist AS userlist
LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist_ignore ON
(userlist_ignore.userid = " . $vbulletin->userinfo['userid'] . " AND userlist_ignore.relationid = userlist.userid AND userlist_ignore.type = 'ignore')
INNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = userlist.userid)
" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON (avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON (customavatar.userid = user.userid) " : '') . "
WHERE userlist.relationid = " . $vbulletin->userinfo['userid'] . "
$coventry_query
AND userlist.type = 'buddy'
AND userlist.friend = 'pending'
AND userlist_ignore.type IS NULL
ORDER BY user.username
");
while ($user = $db->fetch_array($users_result))
{
// User is a friend already, the other side must have a broken relationship. update theirs
if ($friend_list["$user[userid]"] == 'yes')
{
$db->query_write("
UPDATE " . TABLE_PREFIX . "userlist
SET friend = 'yes'
WHERE relationid = " . $vbulletin->userinfo['userid'] . "
AND userid = " . $user['userid'] . "
AND type = 'buddy'
");
continue;
}
$user['extended_type'] = $user['type'] = 'incoming';
fetch_avatar_from_userinfo($user, true);
$container = 'incomingreqs';
$show['incomingrequest'] = true;
$show['outgoingrequest'] = false;
$friendcheck_checked = '';
$show['friend_checkbox'] = false;
$incomingcount++;
$js_userlist["$user[username]"] = $user['userid'];
$templater = vB_Template::create('modifybuddylist_user');
$templater->register('container', $container);
$templater->register('friendcheck_checked', $friendcheck_checked);
$templater->register('user', $user);
$incominglist .= $templater->render();
}
$show['incominglist'] = !empty($incominglist);
$show['buddylist'] = !empty($buddylist);
// Adjust the friend req count if it doesn't match what we really have
if ($_GET['do'] == 'buddylist' AND $vbulletin->userinfo['friendreqcount'] != $incomingcount)
{
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdata->set_condition("userid = " . $vbulletin->userinfo['userid'] . " AND friendreqcount = " . $vbulletin->userinfo['friendreqcount']);
$userdata->set('friendreqcount', $incomingcount);
$userdata->save();
}
if ($ajax)
{
require_once(DIR . '/includes/class_xml.php');
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('userlists');
$xml->add_tag('userlist', process_replacement_vars($buddylist), array('type' => 'buddylist'));
$xml->add_tag('userlist', process_replacement_vars($incominglist), array('type' => 'incomingreqs'));
$xml->add_tag('pagenav', process_replacement_vars($pagenav));
$xml->add_tag('pagenumber', $pagenumber);
$xml->add_group('counts');
$xml->add_tag('buddycount', $totalfriends);
$xml->close_group();
$xml->add_group('rollcall');
foreach ($js_userlist AS $username => $id)
{
$xml->add_tag('user', false, array('username' => $username, 'userid' => $id));
}
$xml->close_group();
$xml->close_group();
$xml->print_xml();
exit;
}
else
{
// build JS username array
$js_userlist_array = array();
foreach ($js_userlist AS $username => $userid)
{
$js_userlist_array[] = "\"$username\" : $userid";
}
$js_userlist_array = implode(",\n\t", $js_userlist_array);
// draw cp nav bar
construct_usercp_nav('buddylist');
if ($show['friend_controls'])
{
$navbits[''] = $vbphrase['contacts_and_friends'];
}
else
{
$navbits[''] = $vbphrase['contacts'];
}
$showavatarchecked = ($vbulletin->userinfo['showavatars'] ? ' checked="checked"' : '');
$show['avatars'] = $vbulletin->userinfo['showavatars'];
$includecss['buddylist'] = 'buddylist.css';
$page_templater = vB_Template::create('modifybuddylist');
$page_templater->register('buddycount', $totalfriends);
$page_templater->register('buddylist', $buddylist);
$page_templater->register('buddy_username', $buddy_username);
$page_templater->register('incominglist', $incominglist);
$page_templater->register('js_userlist_array', $js_userlist_array);
$page_templater->register('showavatarchecked', $showavatarchecked);
$page_templater->register('perpage', $perpage);
$page_templater->register('pagenumber', $pagenumber);
$page_templater->register('pagenav', $pagenav);
$page_templater->register('filtertext', $vbulletin->GPC['filter']);
}
}
// ################# start edit ignore list ###############
if ($_REQUEST['do'] == 'ignorelist')
{
$ignorelist = '';
$users_result = $db->query_read_slave("
SELECT user.*, userlist.type
FROM " . TABLE_PREFIX . "userlist AS userlist
INNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = userlist.relationid)
WHERE userlist.userid = " . $vbulletin->userinfo['userid'] . " AND userlist.type = 'ignore'
ORDER BY user.username
");
while ($user = $db->fetch_array($users_result))
{
$templater = vB_Template::create('modifyignorelist_user');
$templater->register('user', $user);
$ignorelist .= $templater->render();
}
$show['ignorelist'] = !empty($ignorelist);
if ($ajax)
{
require_once(DIR . '/includes/class_xml.php');
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('userlists');
$xml->add_tag('userlist', process_replacement_vars($ignorelist), array('type' => 'ignorelist'));
$xml->close_group();
$xml->print_xml();
exit;
}
else
{
// draw cp nav bar
construct_usercp_nav('ignorelist');
$includecss['buddylist'] = 'buddylist.css';
$navbits[''] = $vbphrase['edit_ignore_list'];
$page_templater = vB_Template::create('modifyignorelist');
$page_templater->register('ignorelist', $ignorelist);
$page_templater->register('ignore_username', $ignore_username);
}
}
// ############################################################################
// ALL FUNCTIONS BELOW HERE REQUIRE 'canmodifyprofile' PERMISSION, SO CHECK IT
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canmodifyprofile']) AND empty($page_templater))
{
print_no_permission();
}
// ############################################################################
// ############################### EDIT PROFILE ###############################
// ############################################################################
if ($_REQUEST['do'] == 'editprofile')
{
unset($tempcustom); // from functions_user.php?
($hook = vBulletinHook::fetch_hook('profile_editprofile_start')) ? eval($hook) : false;
exec_switch_bg();
// Set birthday fields right here!
if (empty($vbulletin->userinfo['birthday']))
{
$dayselected['default'] = 'selected="selected"';
$monthselected['default'] = 'selected="selected"';
}
else
{
$birthday = explode('-', $vbulletin->userinfo['birthday']);
$dayselected["$birthday[1]"] = 'selected="selected"';
$monthselected["$birthday[0]"] = 'selected="selected"';
if (date('Y') >= $birthday[2] AND $birthday[2] != '0000')
{
$year = $birthday[2];
}
}
$sbselected = array($vbulletin->userinfo['showbirthday'] => 'selected="selected"');
// custom user title
if ($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusecustomtitle'])
{
// fetch_musername modifies this value. How evil!
if ($vbulletin->userinfo['customtitle'] == 2 AND !isset($vbulletin->userinfo['musername']))
{
$vbulletin->userinfo['usertitle'] = htmlspecialchars_uni($vbulletin->userinfo['usertitle']);
}
$show['customtitleoption'] = true;
}
else
{
$show['customtitleoption'] = false;
}
require_once(DIR . '/includes/functions_misc.php');
// Set birthday required or optional
$show['birthday_readonly'] = false;
if ($vbulletin->options['reqbirthday'])
{
$show['birthday_required'] = true;
if ($birthday[2] > 1901 AND $birthday[2] <= date('Y') AND @checkdate($birthday[0], $birthday[1], $birthday[2]))
{
$vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $birthday[2]);
if ($birthday[2] >= 1970)
{
$yearpass = $birthday[2];
}
else
{
// day of the week patterns repeat every 28 years, so
// find the first year >= 1970 that has this pattern
$yearpass = $birthday[2] + 28 * ceil((1970 - $birthday[2]) / 28);
}
$birthdate = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $birthday[0], $birthday[1], $yearpass), false, true, false);
$show['birthday_readonly'] = true;
}
}
else
{
$show['birthday_optional'] = true;
}
// Get Custom profile fields
$customfields = array();
fetch_profilefields(0);
// draw cp nav bar
construct_usercp_nav('profile');
$templater = vB_Template::create('modifyprofile_birthday');
$templater->register('birthdate', $birthdate);
$templater->register('dayselected', $dayselected);
$templater->register('monthselected', $monthselected);
$templater->register('sbselected', $sbselected);
$templater->register('year', $year);
$birthdaybit = $templater->render();
$navbits[''] = $vbphrase['edit_your_details'];
$page_templater = vB_Template::create('modifyprofile');
$page_templater->register('birthdaybit', $birthdaybit);
$page_templater->register('customfields', $customfields);
}
// ############################### start update profile ###############################
if ($_POST['do'] == 'updateprofile')
{
$vbulletin->input->clean_array_gpc('p', array(
// coppa stuff
'coppauser' => TYPE_BOOL,
'parentemail' => TYPE_STR,
// IM handles / homepage
'aim' => TYPE_STR,
'yahoo' => TYPE_STR,
'icq' => TYPE_STR,
'msn' => TYPE_STR,
'skype' => TYPE_STR,
'homepage' => TYPE_STR,
// user title
'resettitle' => TYPE_STR,
'customtext' => TYPE_STR,
// birthday fields
'day' => TYPE_INT,
'month' => TYPE_INT,
'year' => TYPE_STR,
'oldbirthday' => TYPE_STR,
'showbirthday' => TYPE_UINT,
// redirect button
'gotopassword' => TYPE_NOCLEAN,
// custom profile fields
'userfield' => TYPE_ARRAY,
));
// don't make the password button submit all the details; this is confusing to users
if (!empty($vbulletin->GPC['gotopassword']))
{
exec_header_redirect('profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editpassword');
exit;
}
// init user data manager
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
// coppa stuff
$userdata->set_info('coppauser', $vbulletin->GPC['coppauser']);
$userdata->set('parentemail', $vbulletin->GPC['parentemail']);
// easy stuff
$userdata->set('icq', $vbulletin->GPC['icq']);
$userdata->set('msn', $vbulletin->GPC['msn']);
$userdata->set('aim', $vbulletin->GPC['aim']);
$userdata->set('yahoo', $vbulletin->GPC['yahoo']);
$userdata->set('skype', $vbulletin->GPC['skype']);
$userdata->set('homepage', $vbulletin->GPC['homepage']);
$userdata->set('birthday', $vbulletin->GPC);
$userdata->set('showbirthday', $vbulletin->GPC['showbirthday']);
// custom profile fields
$userdata->set_userfields($vbulletin->GPC['userfield']);
if ($vbulletin->userinfo['usertitle'] != $vbulletin->GPC['customtext'] AND
!($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) AND
$vbulletin->options['ctMaxChars'] > 0
)
{
// only trim title if changing custom title and not an admin
$vbulletin->GPC['customtext'] = vbchop($vbulletin->GPC['customtext'], $vbulletin->options['ctMaxChars']);
}
// custom user title
$userdata->set_usertitle(
$vbulletin->GPC['customtext'],
$vbulletin->GPC['resettitle'],
$vbulletin->usergroupcache[$vbulletin->userinfo['displaygroupid']],
($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusecustomtitle']) ? true : false,
($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) ? true : false
);
($hook = vBulletinHook::fetch_hook('profile_updateprofile')) ? eval($hook) : false;
// save the data
$userdata->save();
if ($vbulletin->session->vars['profileupdate'])
{
$vbulletin->session->set('profileupdate', 0);
}
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editprofile';
print_standard_redirect(array('redirect_updatethanks',$vbulletin->userinfo['username']), true, true);
}
// ############################### start edit connections ###############################
if ($_REQUEST['do'] == 'editconnections')
{
// if facebook connect is not enabled, go to the general settings page
if (!is_facebookenabled())
{
$_REQUEST['do'] = 'editoptions';
}
else
{
($hook = vBulletinHook::fetch_hook('profile_editconnections_start')) ? eval($hook) : false;
// draw cp nav bar
construct_usercp_nav('connections');
// set up navbits for shell template
$navbits[''] = $vbphrase['edit_connections'];
$show['fbaccount'] = !empty($vbulletin->userinfo['fbuserid']);
// if user is Facebook only login, allow them to add a vbpassword
$show['fbaddpasswordform'] = ($vbulletin->userinfo['logintype'] == 'fb');
$page_templater = vB_Template::create('modifyconnections');
$page_templater->register('fbuserid', $vbulletin->userinfo['fbuserid']);
$page_templater->register('fbname', $vbulletin->userinfo['fbname']);
$page_templater->register('fbjoindate', vbdate($vbulletin->options['dateformat'], $vbulletin->userinfo['fbjoindate'], true));
$page_templater->register('fbjoindatetime', vbdate($vbulletin->options['timeformat'], $vbulletin->userinfo['fbjoindate']));
$page_templater->register('fbprofileurl', get_fbprofileurl());
$page_templater->register('fbprofilepicurl', get_fbprofilepicurl());
}
}
// ############################################################################
// ############################### EDIT OPTIONS ###############################
// ############################################################################
if ($_REQUEST['do'] == 'editoptions')
{
require_once(DIR . '/includes/functions_misc.php');
($hook = vBulletinHook::fetch_hook('profile_editoptions_start')) ? eval($hook) : false;
// check the appropriate checkboxes
$checked = array();
foreach ($vbulletin->userinfo AS $key => $val)
{
if ($val != 0)
{
$checked["$key"] = 'checked="checked"';
}
else
{
$checked["$key"] = '';
}
}
// invisible option
$show['invisibleoption'] = iif(bitwise($permissions['genericpermissions'], $vbulletin->bf_ugp_genericpermissions['caninvisible']), true, false);
// Email members option
$show['receiveemail'] = ($vbulletin->options['enableemail'] AND $vbulletin->options['displayemails']) ? true : false;
// reputation options
if ($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canhiderep'] AND $vbulletin->options['reputationenable'])
{
if ($vbulletin->userinfo['showreputation'])
{
$checked['showreputation'] = 'checked="checked"';
}
$show['reputationoption'] = true;
}
else
{
$show['reputationoption'] = false;
}
// PM options
$show['pmoptions'] = ($vbulletin->options['enablepms'] AND $permissions['pmquota'] > 0) ? true : false;
$show['friend_email_request'] = (($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_friends']) AND
($vbulletin->userinfo['permissions']['genericpermissions2'] & $vbulletin->bf_ugp_genericpermissions2) ? true : false);
// VM Options
$show['vmoptions'] = (
$vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging']
AND
$vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers']
) ? true : false;
// autosubscribe selected option
$vbulletin->userinfo['autosubscribe'] = verify_subscription_choice($vbulletin->userinfo['autosubscribe'], $vbulletin->userinfo, 9999);
$emailchecked = array($vbulletin->userinfo['autosubscribe'] => 'selected="selected"');
// threaded mode options
if ($vbulletin->userinfo['threadedmode'] == 1 OR $vbulletin->userinfo['threadedmode'] == 2)
{
$threaddisplaymode["{$vbulletin->userinfo['threadedmode']}"] = 'selected="selected"';
}
else
{
if ($vbulletin->userinfo['postorder'] == 0)
{
$threaddisplaymode[0] = 'selected="selected"';
}
else
{
$threaddisplaymode[3] = 'selected="selected"';
}
}
// default days prune
if ($vbulletin->userinfo['daysprune'] == 0)
{
$daysdefaultselected = 'selected="selected"';
}
else
{
if ($vbulletin->userinfo['daysprune'] == '-1')
{
$vbulletin->userinfo['daysprune'] = 'all';
}
$dname = 'days' . $vbulletin->userinfo['daysprune'] . 'selected';
$$dname = 'selected="selected"';
}
// daylight savings time
$selectdst = array();
if ($vbulletin->userinfo['dstauto'])
{
$selectdst[2] = 'selected="selected"';
}
else if ($vbulletin->userinfo['dstonoff'])
{
$selectdst[1] = 'selected="selected"';
}
else
{
$selectdst[0] = 'selected="selected"';
}
require_once(DIR . '/includes/functions_misc.php');
$timezoneoptions = '';
foreach (fetch_timezone() AS $optionvalue => $timezonephrase)
{
$optiontitle = $vbphrase["$timezonephrase"];
$optionselected = iif($optionvalue == $vbulletin->userinfo['timezoneoffset'], 'selected="selected"', '');
$timezoneoptions .= render_option_template($optiontitle, $optionvalue, $optionselected, $optionclass);
}
$templater = vB_Template::create('modifyoptions_timezone');
$templater->register('selectdst', $selectdst);
$templater->register('timezoneoptions', $timezoneoptions);
$timezoneoptions = $templater->render();
// start of the week
if ($vbulletin->userinfo['startofweek'] > 0)
{
$dname = 'day' . $vbulletin->userinfo['startofweek'] . 'selected';
$$dname = 'selected="selected"';
}
else
{
$day1selected = 'selected="selected"';
}
// bb code editor options
if (!is_array($vbulletin->options['editormodes_array']))
{
$vbulletin->options['editormodes_array'] = unserialize($vbulletin->options['editormodes']);
}
$max_editormode = max($vbulletin->options['editormodes_array']);
if ($vbulletin->userinfo['showvbcode'] > $max_editormode)
{
$vbulletin->userinfo['showvbcode'] = $max_editormode;
}
$show['editormode_picker'] = $max_editormode ? true : false;
$show['editormode_wysiwyg'] = $max_editormode > 1 ? true : false;
$checkvbcode = array($vbulletin->userinfo['showvbcode'] => ' checked="checked"');
$selectvbcode = array($vbulletin->userinfo['showvbcode'] => ' selected="selected"');
//MaxPosts by User
$foundmatch = 0;
if ($vbulletin->options['usermaxposts'])
{
$optionArray = explode(',', $vbulletin->options['usermaxposts']);
foreach ($optionArray AS $optionvalue)
{
if ($optionvalue == $vbulletin->userinfo['maxposts'])
{
$optionselected = 'selected="selected"';
$foundmatch = 1;
}
else
{
$optionselected = '';
}
$optiontitle = construct_phrase($vbphrase['show_x_posts_per_page'], $optionvalue);
$maxpostsoptions .= render_option_template($optiontitle, $optionvalue, $optionselected, $optionclass);
}
}
if ($foundmatch == 0)
{
$postsdefaultselected = 'selected="selected"';
}
$show['maxpostsoptions'] = ($vbulletin->options['usermaxposts'] ? true : false);
if ($vbulletin->options['allowchangestyles'])
{
$stylecount = 0;
if ($vbulletin->stylecache !== null)
{
$stylesetlist = construct_style_options(-1, '', true, false, $stylecount);
}
$show['styleoption'] = iif($stylecount > 1, true, false);
}
else
{
$show['styleoption'] = false;
}
// get language options
$languagelist = '';
$languages = fetch_language_titles_array('', 0);
if (sizeof($languages) > 1)
{
foreach ($languages AS $optionvalue => $optiontitle)
{
$optionselected = iif($vbulletin->userinfo['saved_languageid'] == $optionvalue, 'selected="selected"', '');
$languagelist .= render_option_template($optiontitle, $optionvalue, $optionselected, $optionclass);
}
$show['languageoption'] = true;
}
else
{
$show['languageoption'] = false;
}
$bgclass1 = 'alt1'; // Login Section
$bgclass3 = 'alt1'; // Messaging Section
$bgclass3 = 'alt1'; // Thread View Section
$bgclass4 = 'alt1'; // Date/Time Section
$bgclass5 = 'alt1'; // Other Section
// View other users' profile styling
$show['usercssoption'] = $vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_profile_styling'];
// Get custom otions
$customfields = array();
fetch_profilefields(1);
// draw cp nav bar
construct_usercp_nav('options');
$navbits[''] = $vbphrase['edit_options'];
$page_templater = vB_Template::create('modifyoptions');
$page_templater->register('block_data', $block_data);
$page_templater->register('checked', $checked);
$page_templater->register('customfields', $customfields);
$page_templater->register('day1selected', $day1selected);
$page_templater->register('day2selected', $day2selected);
$page_templater->register('day3selected', $day3selected);
$page_templater->register('day4selected', $day4selected);
$page_templater->register('day5selected', $day5selected);
$page_templater->register('day6selected', $day6selected);
$page_templater->register('day7selected', $day7selected);
$page_templater->register('days1selected', $days1selected);
$page_templater->register('days2selected', $days2selected);
$page_templater->register('days7selected', $days7selected);
$page_templater->register('days10selected', $days10selected);
$page_templater->register('days14selected', $days14selected);
$page_templater->register('days30selected', $days30selected);
$page_templater->register('days45selected', $days45selected);
$page_templater->register('days60selected', $days60selected);
$page_templater->register('days75selected', $days75selected);
$page_templater->register('days100selected', $days100selected);
$page_templater->register('days365selected', $days365selected);
$page_templater->register('daysallselected', $daysallselected);
$page_templater->register('daysdefaultselected', $daysdefaultselected);
$page_templater->register('emailchecked', $emailchecked);
$page_templater->register('languagelist', $languagelist);
$page_templater->register('maxpostsoptions', $maxpostsoptions);
$page_templater->register('postsdefaultselected', $postsdefaultselected);
$page_templater->register('selectvbcode', $selectvbcode);
$page_templater->register('checkvbcode', $checkvbcode);
$page_templater->register('stylesetlist', $stylesetlist);
$page_templater->register('template_hook', $template_hook);
$page_templater->register('threaddisplaymode', $threaddisplaymode);
$page_templater->register('timezoneoptions', $timezoneoptions);
}
// ############################### start update options ###############################
if ($_POST['do'] == 'updateoptions')
{
require_once(DIR . '/includes/functions_misc.php');
$vbulletin->input->clean_array_gpc('p', array(
'newstyleset' => TYPE_INT,
'dst' => TYPE_INT,
'showvbcode' => TYPE_INT,
'pmpopup' => TYPE_INT,
'umaxposts' => TYPE_INT,
'prunedays' => TYPE_INT,
'timezoneoffset' => TYPE_NUM,
'startofweek' => TYPE_INT,
'languageid' => TYPE_INT,
'threadedmode' => TYPE_INT,
'invisible' => TYPE_INT,
'autosubscribe' => TYPE_INT,
'options' => TYPE_ARRAY_BOOL,
'set_options' => TYPE_ARRAY_BOOL,
'modifyavatar' => TYPE_NOCLEAN,
'userfield' => TYPE_ARRAY
));
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
// reputation
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canhiderep']))
{
$vbulletin->GPC['options']['showreputation'] = 1;
}
// options bitfield
foreach ($vbulletin->bf_misc_useroptions AS $key => $val)
{
if (isset($vbulletin->GPC['options']["$key"]) OR isset($vbulletin->GPC['set_options']["$key"]))
{
$value = $vbulletin->GPC['options']["$key"];
$userdata->set_bitfield('options', $key, $value);
}
}
// style set
if ($vbulletin->options['allowchangestyles'] AND $vbulletin->userinfo['realstyleid'] != $vbulletin->GPC['newstyleset'])
{
$userdata->set('styleid', $vbulletin->GPC['newstyleset']);
}
// language
$userdata->set('languageid', $vbulletin->GPC['languageid']);
// autosubscribe
$userdata->set('autosubscribe', $vbulletin->GPC['autosubscribe']);
// threaded mode
$userdata->set('threadedmode', $vbulletin->GPC['threadedmode']);
// time zone offset
$userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']);
$userdata->set('showvbcode', $vbulletin->GPC['showvbcode']);
$userdata->set('pmpopup', $vbulletin->GPC['pmpopup']);
$userdata->set('maxposts', $vbulletin->GPC['umaxposts']);
$userdata->set('daysprune', $vbulletin->GPC['prunedays']);
$userdata->set('startofweek', $vbulletin->GPC['startofweek']);
// custom profile fields
$userdata->set_userfields($vbulletin->GPC['userfield']);
// daylight savings
$userdata->set_dst($vbulletin->GPC['dst']);
($hook = vBulletinHook::fetch_hook('profile_updateoptions')) ? eval($hook) : false;
$userdata->save();
if (!empty($vbulletin->GPC['modifyavatar']))
{
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editavatar';
}
else
{
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editoptions';
}
// recache the global group to get the stuff from the new language
$globalgroup = $db->query_first_slave("
SELECT phrasegroup_global, languagecode, charset
FROM " . TABLE_PREFIX . "language
WHERE languageid = " . intval($userdata->fetch_field('languageid') ? $userdata->fetch_field('languageid') : $vbulletin->options['languageid'])
);
if ($globalgroup)
{
$vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global']));
if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset'])
{
// change the character set in a bunch of places - a total hack
global $headinclude;
$headinclude = str_replace(
"content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"",
"content=\"text/html; charset=$globalgroup[charset]\"",
$headinclude
);
vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset']);
$vbulletin->userinfo['lang_charset'] = $globalgroup['charset'];
exec_headers();
}
vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']);
}
print_standard_redirect(array('redirect_updatethanks',$vbulletin->userinfo['username']), true, true, $userdata->fetch_field('languageid'));
}
// ############################################################################
// ############################## EDIT SIGNATURE ##############################
// ############################################################################
// ########################### start update signature #########################
if ($_POST['do'] == 'updatesignature')
{
$vbulletin->input->clean_array_gpc('p', array(
'wysiwyg' => TYPE_BOOL,
'message' => TYPE_STR,
'preview' => TYPE_STR,
'deletesigpic' => TYPE_BOOL,
'sigpicurl' => TYPE_STR,
));
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature']))
{
eval(standard_error(fetch_error('nosignaturepermission')));
}
if ($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic'])
{
$vbulletin->input->clean_gpc('f', 'upload', TYPE_FILE);
}
require_once(DIR . '/includes/class_bbcode.php');
require_once(DIR . '/includes/class_sigparser.php');
require_once(DIR . '/includes/functions_misc.php');
$errors = array();
// DO WYSIWYG processing to get to BB code.
if ($vbulletin->GPC['wysiwyg'])
{
require_once(DIR . '/includes/class_wysiwygparser.php');
$html_parser = new vB_WysiwygHtmlParser($vbulletin);
$signature = $html_parser->parse_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowhtml']);
}
else
{
$signature = $vbulletin->GPC['message'];
}
($hook = vBulletinHook::fetch_hook('profile_updatesignature_start')) ? eval($hook) : false;
// handle image uploads
if ($vbulletin->GPC['deletesigpic'])
{
if (preg_match('#\[sigpic\](.*)\[/sigpic\]#siU', $signature))
{
$errors[] = fetch_error('sigpic_in_use');
}
else
{
$userpic =& datamanager_init('Userpic_Sigpic', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$userpic->condition = "userid = " . $vbulletin->userinfo['userid'];
$userpic->delete();
}
$redirectsig = true;
}
else if (($vbulletin->GPC['sigpicurl'] != '' AND $vbulletin->GPC['sigpicurl'] != 'http://www.') OR $vbulletin->GPC['upload']['size'] > 0)
{
require_once(DIR . '/includes/class_upload.php');
require_once(DIR . '/includes/class_image.php');
$upload = new vB_Upload_Userpic($vbulletin);
$upload->data =& datamanager_init('Userpic_Sigpic', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$upload->image =& vB_Image::fetch_library($vbulletin);
$upload->maxwidth = $vbulletin->userinfo['permissions']['sigpicmaxwidth'];
$upload->maxheight = $vbulletin->userinfo['permissions']['sigpicmaxheight'];
$upload->maxuploadsize = $vbulletin->userinfo['permissions']['sigpicmaxsize'];
$upload->allowanimation = ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cananimatesigpic']) ? true : false;
if (!$upload->process_upload($vbulletin->GPC['sigpicurl']))
{
eval(standard_error($upload->fetch_error()));
}
$redirectsig = true;
$vbulletin->userinfo['sigpicrevision']++;
}
$userinfo_sigpic = fetch_userinfo($vbulletin->userinfo['userid'], FETCH_USERINFO_SIGPIC);
// Censored Words
$censor_signature = fetch_censored_text($signature);
if ($signature != $censor_signature)
{
$signature = $censor_signature;
$errors[] = fetch_error('censoredword');
unset($censor_signature);
}
// Max number of images in the sig if imgs are allowed.
if ($vbulletin->userinfo['permissions']['sigmaximages'])
{
// Parsing the signature into BB code.
require_once(DIR . '/includes/class_bbcode_alt.php');
$bbcode_parser = new vB_BbCodeParser_ImgCheck($vbulletin, fetch_tag_list());
$bbcode_parser->set_parse_userinfo($userinfo_sigpic, $vbulletin->userinfo['permissions']);
$parsedsig = $bbcode_parser->parse($signature, 'signature');
$imagecount = fetch_character_count($parsedsig, ' $vbulletin->userinfo['permissions']['sigmaximages'])
{
$vbulletin->GPC['preview'] = true;
$errors[] = fetch_error('toomanyimages', $imagecount, $vbulletin->userinfo['permissions']['sigmaximages']);
}
}
// Count the raw characters in the signature
if ($vbulletin->userinfo['permissions']['sigmaxrawchars'] AND vbstrlen($signature) > $vbulletin->userinfo['permissions']['sigmaxrawchars'])
{
$vbulletin->GPC['preview'] = true;
$errors[] = fetch_error('sigtoolong_includingbbcode', $vbulletin->userinfo['permissions']['sigmaxrawchars']);
}
// Count the characters after stripping in the signature
else if ($vbulletin->userinfo['permissions']['sigmaxchars'] AND (vbstrlen(strip_bbcode($signature, false, false, false)) > $vbulletin->userinfo['permissions']['sigmaxchars']))
{
$vbulletin->GPC['preview'] = true;
$errors[] = fetch_error('sigtoolong_excludingbbcode', $vbulletin->userinfo['permissions']['sigmaxchars']);
}
if ($vbulletin->userinfo['permissions']['sigmaxlines'] > 0)
{
require_once(DIR . '/includes/class_sigparser_char.php');
$char_counter = new vB_SignatureParser_CharCount($vbulletin, fetch_tag_list(), $vbulletin->userinfo['permissions'], $vbulletin->userinfo['userid']);
$line_count_text = $char_counter->parse(trim($signature));
if ($vbulletin->options['softlinebreakchars'] > 0)
{
// implicitly wrap after X characters without a break
//trim it to get rid of the trailing whitechars that are inserted by the replace
$line_count_text = trim(preg_replace('#([^\r\n]{' . $vbulletin->options['softlinebreakchars'] . '})#', "\\1\n", $line_count_text));
}
// + 1, since 0 linebreaks still means 1 line
$line_count = substr_count($line_count_text, "\n") + 1;
if ($line_count > $vbulletin->userinfo['permissions']['sigmaxlines'])
{
$vbulletin->GPC['preview'] = true;
$errors[] = fetch_error('sigtoomanylines', $vbulletin->userinfo['permissions']['sigmaxlines']);
}
}
if ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['canbbcode'])
{
// Get the files we need
require_once(DIR . '/includes/functions_newpost.php');
// add # to color tags using hex if it's not there
$signature = preg_replace('#\[color=("|"|\'|)([a-f0-9]{6})\\1]#i', '[color=\1#\2\1]', $signature);
// Turn the text into bb code.
if ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['canbbcodelink'])
{
$signature = convert_url_to_bbcode($signature);
}
// Create the parser with the users sig permissions
$sig_parser = new vB_SignatureParser($vbulletin, fetch_tag_list(), $vbulletin->userinfo['permissions'], $vbulletin->userinfo['userid']);
// Parse the signature
$previewmessage = $sig_parser->parse($signature);
if ($error_num = count($sig_parser->errors))
{
foreach ($sig_parser->errors AS $tag => $error_phrase)
{
$errors[] = fetch_error($error_phrase, $tag);
}
}
unset($sig_parser, $tag_list, $sig_tag_token_array, $results);
}
// If they are previewing the signature or there were usergroup rules broken and there are $errors[]
if (!empty($errors) OR $vbulletin->GPC['preview'] != '')
{
$errorlist = '';
if (!empty($errors))
{
$show['errors'] = true;
$templater = vB_Template::create('newpost_errormessage');
$templater->register('errors', $errors);
$errorlist .= $templater->render();
}
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$bbcode_parser->set_parse_userinfo($userinfo_sigpic, $vbulletin->userinfo['permissions']);
$previewmessage = $bbcode_parser->parse($signature, 'signature');
// save a conditional by just overwriting the phrase
$vbphrase['submit_message'] =& $vbphrase['save_signature'];
$templater = vB_Template::create('newpost_preview');
$templater->register('errorlist', $errorlist);
$templater->register('newpost', $newpost);
$templater->register('post', $post);
$templater->register('previewmessage', $previewmessage);
$preview = $templater->render();
$_REQUEST['do'] = 'editsignature';
$preview_error_signature = $signature;
}
else
{
// init user data manager
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
$userdata->set('signature', $signature);
($hook = vBulletinHook::fetch_hook('profile_updatesignature_complete')) ? eval($hook) : false;
$userdata->save();
clear_autosave_text('vBForum_Signature', 0, 0, $vbulletin->userinfo['userid']);
if ($redirectsig)
{
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editsignature&url=' . $vbulletin->url . '#sigpic';
}
else
{
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
}
print_standard_redirect(array('redirect_updatethanks',$vbulletin->userinfo['username']));
}
}
// ############################### start update profile pic###########################
if ($_POST['do'] == 'updatesigpic')
{
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature']))
{
eval(standard_error(fetch_error('nosignaturepermission')));
}
if (!($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic']))
{
print_no_permission();
}
#if (!$vbulletin->options['profilepicenabled']) // add sigpicenabled?
#{
# print_no_permission();
#}
$vbulletin->input->clean_array_gpc('p', array(
'deletesigpic' => TYPE_BOOL,
'sigpicurl' => TYPE_STR,
));
($hook = vBulletinHook::fetch_hook('profile_updatesigpic_start')) ? eval($hook) : false;
if ($vbulletin->GPC['deletesigpic'])
{
$userpic =& datamanager_init('Userpic_Sigpic', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$userpic->condition = "userid = " . $vbulletin->userinfo['userid'];
$userpic->delete();
}
else
{
$vbulletin->input->clean_gpc('f', 'upload', TYPE_FILE);
require_once(DIR . '/includes/class_upload.php');
require_once(DIR . '/includes/class_image.php');
$upload = new vB_Upload_Userpic($vbulletin);
$upload->data =& datamanager_init('Userpic_Sigpic', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$upload->image =& vB_Image::fetch_library($vbulletin);
$upload->maxwidth = $vbulletin->userinfo['permissions']['sigpicmaxwidth'];
$upload->maxheight = $vbulletin->userinfo['permissions']['sigpicmaxheight'];
$upload->maxuploadsize = $vbulletin->userinfo['permissions']['sigpicmaxsize'];
$upload->allowanimation = ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cananimatesigpic']) ? true : false;
if (!$upload->process_upload($vbulletin->GPC['sigpicurl']))
{
eval(standard_error($upload->fetch_error()));
}
}
($hook = vBulletinHook::fetch_hook('profile_updatesigpic_complete')) ? eval($hook) : false;
$vbulletin->url = 'profile.php?' . $vbulletin->session->vars['sessionurl'] . 'do=editsignature#sigpic';
print_standard_redirect(array('redirect_updatethanks',$vbulletin->userinfo['username']));
}
// ############################ start edit signature ##########################
if ($_REQUEST['do'] == 'editsignature')
{
require_once(DIR . '/includes/functions_newpost.php');
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature']))
{
eval(standard_error(fetch_error('nosignaturepermission')));
}
($hook = vBulletinHook::fetch_hook('profile_editsignature_start')) ? eval($hook) : false;
// Build the permissions to display
require_once(DIR . '/includes/class_bbcode.php');
require_once(DIR . '/includes/class_sigparser.php');
// Create the parser with the users sig permissions
$sig_parser = new vB_SignatureParser($vbulletin, fetch_tag_list(), $vbulletin->userinfo['permissions'], $vbulletin->userinfo['userid']);
// Build $show variables for each signature bitfield permission
foreach ($vbulletin->bf_ugp_signaturepermissions AS $bit_name => $bit_value)
{
if ($bbcode = preg_match('#canbbcode(\w+)#i', $bit_name, $matches) AND $matches[1] AND $matches[1] != 'quote')
{
$term = $matches[1] == 'link' ? 'URL' : strtoupper($matches[1]);
$show["$bit_name"] = ($permissions['signaturepermissions'] & $bit_value AND $vbulletin->options['allowedbbcodes'] & @constant('ALLOW_BBCODE_' . $term)) ? true : false;
}
else
{
$show["$bit_name"] = ($permissions['signaturepermissions'] & $bit_value ? true : false);
}
}
// Build variables for the remaining signature permissions
$sigperms_display = array(
'sigmaxchars' => vb_number_format($permissions['maxchars']),
'sigmaxlines' => vb_number_format($permissions['maxlines']),
'sigpicmaxwidth' => vb_number_format($permissions['sigpicmaxwidth']),
'sigpicmaxheight' => vb_number_format($permissions['sigpicmaxheight']),
'sigpicmaxsize' => vb_number_format($permissions['sigpicmaxsize'], 1, true)
);
if ($preview_error_signature)
{
$signature = $preview_error_signature;
}
else
{
$signature = $vbulletin->userinfo['signature'];
}
// Free the memory, unless we need it below.
if (!$signature)
{
unset($sig_parser);
}
if ($signature)
{
if (!$previewmessage)
{
require_once(DIR . '/includes/class_bbcode.php');
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$bbcode_parser->set_parse_userinfo(fetch_userinfo($vbulletin->userinfo['userid'], FETCH_USERINFO_SIGPIC), $vbulletin->userinfo['permissions']);
$previewmessage = $bbcode_parser->parse($signature, 'signature');
}
// save a conditional by just overwriting the phrase
$vbphrase['submit_message'] =& $vbphrase['save_signature'];
$templater = vB_Template::create('newpost_preview');
$templater->register('errorlist', $errorlist);
$templater->register('newpost', $newpost);
$templater->register('post', $post);
$templater->register('previewmessage', $previewmessage);
$preview = $templater->render();
}
require_once(DIR . '/includes/functions_editor.php');
$editorid = construct_edit_toolbar(
htmlspecialchars_uni($signature),
0,
'signature',
$vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowsmilies'],
true,
false,
'fe',
'',
array(),
'content',
'vBForum_Signature'
);
$show['canbbcode'] = ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['canbbcode']) ? true : false;
// ############### DISPLAY SIG IMAGE CONTROLS ###############
require_once(DIR . '/includes/functions_file.php');
$inimaxattach = fetch_max_upload_size();
if ($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic'])
{
$show['cansigpic'] = true;
$show['sigpic_url'] = (ini_get('allow_url_fopen') != 0 OR function_exists('curl_init'));
$maxnote = '';
if ($permissions['sigpicmaxsize'] AND ($permissions['sigpicmaxwidth'] OR $permissions['sigpicmaxheight']))
{
$maxnote = construct_phrase($vbphrase['note_maximum_size_x_y_or_z'], $sigperms_display['sigpicmaxwidth'], $sigperms_display['sigpicmaxheight'], $sigperms_display['sigpicmaxsize']);
}
else if ($permissions['sigpicmaxsize'])
{
$maxnote = construct_phrase($vbphrase['note_maximum_size_x'], $sigperms_display['sigpicmaxsize']);
}
else if ($permissions['sigpicmaxwidth'] OR $permissions['sigpicmaxheight'])
{
$maxnote = construct_phrase($vbphrase['note_maximum_size_x_y_pixels'], $sigperms_display['sigpicmaxwidth'], $sigperms_display['sigpicmaxheight']);
}
$show['maxnote'] = (!empty($maxnote)) ? true : false;
// Get the current sig image info.
if ($sig_image = $db->query_first("SELECT dateline, filename, filedata FROM " . TABLE_PREFIX . "sigpic WHERE userid = " . $vbulletin->userinfo['userid']))
{
if ($sig_image['filedata'] != '')
{
// sigpic stored in the DB
$sigpicurl = 'image.php?' . $vbulletin->session->vars['sessionurl'] . 'type=sigpic&userid=' . $vbulletin->userinfo['userid'] . "&dateline=$sig_image[dateline]";
}
else
{
// sigpic stored in the FS
$sigpicurl = $vbulletin->options['sigpicurl'] . '/sigpic' . $vbulletin->userinfo['userid'] . '_' . $vbulletin->userinfo['sigpicrevision'] . '.gif';
}
}
else // No sigpic yet
{
$sigpicurl = false;
}
}
else
{
$show['cansigpic'] = false;
}
construct_usercp_nav('signature');
$navbits[''] = $vbphrase['edit_signature'];
$url =& $vbulletin->url;
$page_templater = vB_Template::create('modifysignature');
$page_templater->register('editorid', $editorid);
$page_templater->register('inimaxattach', $inimaxattach);
$page_templater->register('maxnote', $maxnote);
$page_templater->register('messagearea', $messagearea);
$page_templater->register('preview', $preview);
$page_templater->register('sigperms', $sigperms);
$page_templater->register('sigpicurl', $sigpicurl);
$page_templater->register('url', $url);
}
// ############################################################################
// ############################### EDIT AVATAR ################################
// ############################################################################
if ($_REQUEST['do'] == 'editavatar')
{
$vbulletin->input->clean_array_gpc('r', array(
'pagenumber' => TYPE_UINT,
'categoryid' => TYPE_UINT
));
if (!$vbulletin->options['avatarenabled'])
{
eval(standard_error(fetch_error('avatardisabled')));
}
($hook = vBulletinHook::fetch_hook('profile_editavatar_start')) ? eval($hook) : false;
$categorycache = array();
$bbavatar = array();
$donefirstcategory = 0;
// variables that will become templates
$avatarlist = '';
$nouseavatarchecked = '';
$categorybits = '';
$predefined_section = '';
$custom_section = '';
// initialise the bg class
$bgclass = 'alt1';
// ############### DISPLAY USER'S AVATAR ###############
if ($vbulletin->userinfo['avatarid'])
{
// using a predefined avatar
$avatar = $db->query_first_slave("SELECT * FROM " . TABLE_PREFIX . "avatar WHERE avatarid = " . $vbulletin->userinfo['avatarid']);
$avatarid =& $avatar['avatarid'];
$avatarchecked = ($avatarid == $vbulletin->userinfo['avatarid']) ? 'checked="checked"' : '';
$templater = vB_Template::create('modifyavatarbit');
$templater->register('avatar', $avatar);
$templater->register('avatarchecked', $avatarchecked);
$templater->register('avatarid', $avatarid);
$currentavatar = $templater->render();
// store avatar info in $bbavatar for later use
$bbavatar = $avatar;
$avatarchecked = '';
}
else
{
// not using a predefined avatar, check for custom
if ($avatar = $db->query_first("SELECT dateline, width, height FROM " . TABLE_PREFIX . "customavatar WHERE userid=" . $vbulletin->userinfo['userid']))
{
// using a custom avatar
if ($vbulletin->options['usefileavatar'])
{
$vbulletin->userinfo['avatarurl'] = $vbulletin->options['avatarurl'] . '/avatar' . $vbulletin->userinfo['userid'] . '_' . $vbulletin->userinfo['avatarrevision'] . '.gif';
}
else
{
$vbulletin->userinfo['avatarurl'] = 'image.php?' . $vbulletin->session->vars['sessionurl'] . 'u=' . $vbulletin->userinfo['userid'] . "&dateline=$avatar[dateline]";
}
if ($avatar['width'] AND $avatar['height'])
{
$vbulletin->userinfo['avatarurl'] .= "\" width=\"$avatar[width]\" height=\"$avatar[height]";
}
$currentavatar = vB_Template::create('modifyavatarbit_custom')->render();
}
else
{
// no avatar specified
$nouseavatarchecked = 'checked="checked"';
$avatarchecked[0] = '';
$currentavatar = vB_Template::create('modifyavatarbit_noavatar')->render();
}
}
// get rid of any lingering $avatar variables
unset($avatar);
$categorycache =& fetch_avatar_categories($vbulletin->userinfo);
foreach ($categorycache AS $category)
{
if (!$donefirstcategory OR $category['imagecategoryid'] == $vbulletin->GPC['categoryid'])
{
$displaycategory = $category;
$donefirstcategory = 1;
}
}
// get the id of the avatar category we want to display
if ($vbulletin->GPC['categoryid'] == 0)
{
if ($vbulletin->userinfo['avatarid'] != 0 AND !empty($categorycache["{$bbavatar['imagecategoryid']}"]))
{
$displaycategory = $bbavatar;
}
$vbulletin->GPC['categoryid'] = $displaycategory['imagecategoryid'];
}
// make the category