ManageMembers.php 44 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314
  1. <?php
  2. /**
  3. * Show a list of members or a selection of members.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2011 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * The main entrance point for the Manage Members screen.
  18. * As everyone else, it calls a function based on the given sub-action.
  19. * Called by ?action=admin;area=viewmembers.
  20. * Requires the moderate_forum permission.
  21. *
  22. * @uses ManageMembers template
  23. * @uses ManageMembers language file.
  24. */
  25. function ViewMembers()
  26. {
  27. global $txt, $scripturl, $context, $modSettings, $smcFunc;
  28. $subActions = array(
  29. 'all' => array('ViewMemberlist', 'moderate_forum'),
  30. 'approve' => array('AdminApprove', 'moderate_forum'),
  31. 'browse' => array('MembersAwaitingActivation', 'moderate_forum'),
  32. 'search' => array('SearchMembers', 'moderate_forum'),
  33. 'query' => array('ViewMemberlist', 'moderate_forum'),
  34. );
  35. call_integration_hook('integrate_manage_members', array(&$subActions));
  36. // Default to sub action 'index' or 'settings' depending on permissions.
  37. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'all';
  38. // We know the sub action, now we know what you're allowed to do.
  39. isAllowedTo($subActions[$_REQUEST['sa']][1]);
  40. // Load the essentials.
  41. loadLanguage('ManageMembers');
  42. loadTemplate('ManageMembers');
  43. // Get counts on every type of activation - for sections and filtering alike.
  44. $request = $smcFunc['db_query']('', '
  45. SELECT COUNT(*) AS total_members, is_activated
  46. FROM {db_prefix}members
  47. WHERE is_activated != {int:is_activated}
  48. GROUP BY is_activated',
  49. array(
  50. 'is_activated' => 1,
  51. )
  52. );
  53. $context['activation_numbers'] = array();
  54. $context['awaiting_activation'] = 0;
  55. $context['awaiting_approval'] = 0;
  56. while ($row = $smcFunc['db_fetch_assoc']($request))
  57. $context['activation_numbers'][$row['is_activated']] = $row['total_members'];
  58. $smcFunc['db_free_result']($request);
  59. foreach ($context['activation_numbers'] as $activation_type => $total_members)
  60. {
  61. if (in_array($activation_type, array(0, 2)))
  62. $context['awaiting_activation'] += $total_members;
  63. elseif (in_array($activation_type, array(3, 4, 5)))
  64. $context['awaiting_approval'] += $total_members;
  65. }
  66. // For the page header... do we show activation?
  67. $context['show_activate'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) || !empty($context['awaiting_activation']);
  68. // What about approval?
  69. $context['show_approve'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($context['awaiting_approval']) || !empty($modSettings['approveAccountDeletion']);
  70. // Setup the admin tabs.
  71. $context[$context['admin_menu_name']]['tab_data'] = array(
  72. 'title' => $txt['admin_members'],
  73. 'help' => 'view_members',
  74. 'description' => $txt['admin_members_list'],
  75. 'tabs' => array(),
  76. );
  77. $context['tabs'] = array(
  78. 'viewmembers' => array(
  79. 'label' => $txt['view_all_members'],
  80. 'description' => $txt['admin_members_list'],
  81. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=all',
  82. 'is_selected' => $_REQUEST['sa'] == 'all',
  83. ),
  84. 'search' => array(
  85. 'label' => $txt['mlist_search'],
  86. 'description' => $txt['admin_members_list'],
  87. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=search',
  88. 'is_selected' => $_REQUEST['sa'] == 'search' || $_REQUEST['sa'] == 'query',
  89. ),
  90. 'approve' => array(
  91. 'label' => sprintf($txt['admin_browse_awaiting_approval'], $context['awaiting_approval']),
  92. 'description' => $txt['admin_browse_approve_desc'],
  93. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve',
  94. 'is_selected' => false,
  95. ),
  96. 'activate' => array(
  97. 'label' => sprintf($txt['admin_browse_awaiting_activate'], $context['awaiting_activation']),
  98. 'description' => $txt['admin_browse_activate_desc'],
  99. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=activate',
  100. 'is_selected' => false,
  101. 'is_last' => true,
  102. ),
  103. );
  104. // Sort out the tabs for the ones which may not exist!
  105. if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
  106. {
  107. $context['tabs']['approve']['is_last'] = true;
  108. unset($context['tabs']['activate']);
  109. }
  110. if (!$context['show_approve'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'approve'))
  111. {
  112. if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
  113. $context['tabs']['search']['is_last'] = true;
  114. unset($context['tabs']['approve']);
  115. }
  116. $subActions[$_REQUEST['sa']][0]();
  117. }
  118. /**
  119. * View all members list. It allows sorting on several columns, and deletion of
  120. * selected members. It also handles the search query sent by
  121. * ?action=admin;area=viewmembers;sa=search.
  122. * Called by ?action=admin;area=viewmembers;sa=all or ?action=admin;area=viewmembers;sa=query.
  123. * Requires the moderate_forum permission.
  124. *
  125. * @uses the view_members sub template of the ManageMembers template.
  126. */
  127. function ViewMemberlist()
  128. {
  129. global $txt, $scripturl, $context, $modSettings, $sourcedir, $smcFunc, $user_info;
  130. // Set the current sub action.
  131. $context['sub_action'] = $_REQUEST['sa'];
  132. // Are we performing a delete?
  133. if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
  134. {
  135. checkSession();
  136. // Clean the input.
  137. foreach ($_POST['delete'] as $key => $value)
  138. {
  139. $_POST['delete'][$key] = (int) $value;
  140. // Don't delete yourself, idiot.
  141. if ($value == $user_info['id'])
  142. unset($_POST['delete'][$key]);
  143. }
  144. if (!empty($_POST['delete']))
  145. {
  146. // Delete all the selected members.
  147. require_once($sourcedir . '/Subs-Members.php');
  148. deleteMembers($_POST['delete'], true);
  149. }
  150. }
  151. if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
  152. $_POST += @unserialize(base64_decode($_REQUEST['params']));
  153. // Check input after a member search has been submitted.
  154. if ($context['sub_action'] == 'query')
  155. {
  156. // Retrieving the membergroups and postgroups.
  157. $context['membergroups'] = array(
  158. array(
  159. 'id' => 0,
  160. 'name' => $txt['membergroups_members'],
  161. 'can_be_additional' => false
  162. )
  163. );
  164. $context['postgroups'] = array();
  165. $request = $smcFunc['db_query']('', '
  166. SELECT id_group, group_name, min_posts
  167. FROM {db_prefix}membergroups
  168. WHERE id_group != {int:moderator_group}
  169. ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
  170. array(
  171. 'moderator_group' => 3,
  172. 'newbie_group' => 4,
  173. )
  174. );
  175. while ($row = $smcFunc['db_fetch_assoc']($request))
  176. {
  177. if ($row['min_posts'] == -1)
  178. $context['membergroups'][] = array(
  179. 'id' => $row['id_group'],
  180. 'name' => $row['group_name'],
  181. 'can_be_additional' => true
  182. );
  183. else
  184. $context['postgroups'][] = array(
  185. 'id' => $row['id_group'],
  186. 'name' => $row['group_name']
  187. );
  188. }
  189. $smcFunc['db_free_result']($request);
  190. // Some data about the form fields and how they are linked to the database.
  191. $params = array(
  192. 'mem_id' => array(
  193. 'db_fields' => array('id_member'),
  194. 'type' => 'int',
  195. 'range' => true
  196. ),
  197. 'age' => array(
  198. 'db_fields' => array('birthdate'),
  199. 'type' => 'age',
  200. 'range' => true
  201. ),
  202. 'posts' => array(
  203. 'db_fields' => array('posts'),
  204. 'type' => 'int',
  205. 'range' => true
  206. ),
  207. 'reg_date' => array(
  208. 'db_fields' => array('date_registered'),
  209. 'type' => 'date',
  210. 'range' => true
  211. ),
  212. 'last_online' => array(
  213. 'db_fields' => array('last_login'),
  214. 'type' => 'date',
  215. 'range' => true
  216. ),
  217. 'gender' => array(
  218. 'db_fields' => array('gender'),
  219. 'type' => 'checkbox',
  220. 'values' => array('0', '1', '2'),
  221. ),
  222. 'activated' => array(
  223. 'db_fields' => array('CASE WHEN is_activated IN (1, 11) THEN 1 ELSE 0 END'),
  224. 'type' => 'checkbox',
  225. 'values' => array('0', '1'),
  226. ),
  227. 'membername' => array(
  228. 'db_fields' => array('member_name', 'real_name'),
  229. 'type' => 'string'
  230. ),
  231. 'email' => array(
  232. 'db_fields' => array('email_address'),
  233. 'type' => 'string'
  234. ),
  235. 'website' => array(
  236. 'db_fields' => array('website_title', 'website_url'),
  237. 'type' => 'string'
  238. ),
  239. 'location' => array(
  240. 'db_fields' => array('location'),
  241. 'type' => 'string'
  242. ),
  243. 'ip' => array(
  244. 'db_fields' => array('member_ip'),
  245. 'type' => 'string'
  246. ),
  247. 'messenger' => array(
  248. 'db_fields' => array('icq', 'aim', 'yim', 'msn'),
  249. 'type' => 'string'
  250. )
  251. );
  252. $range_trans = array(
  253. '--' => '<',
  254. '-' => '<=',
  255. '=' => '=',
  256. '+' => '>=',
  257. '++' => '>'
  258. );
  259. call_integration_hook('integrate_view_members_params', array(&$params));
  260. // @todo Validate a little more.
  261. // Loop through every field of the form.
  262. $query_parts = array();
  263. $where_params = array();
  264. foreach ($params as $param_name => $param_info)
  265. {
  266. // Not filled in?
  267. if (!isset($_POST[$param_name]) || $_POST[$param_name] === '')
  268. continue;
  269. // Make sure numeric values are really numeric.
  270. if (in_array($param_info['type'], array('int', 'age')))
  271. $_POST[$param_name] = (int) $_POST[$param_name];
  272. // Date values have to match the specified format.
  273. elseif ($param_info['type'] == 'date')
  274. {
  275. // Check if this date format is valid.
  276. if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $_POST[$param_name]) == 0)
  277. continue;
  278. $_POST[$param_name] = strtotime($_POST[$param_name]);
  279. }
  280. // Those values that are in some kind of range (<, <=, =, >=, >).
  281. if (!empty($param_info['range']))
  282. {
  283. // Default to '=', just in case...
  284. if (empty($range_trans[$_POST['types'][$param_name]]))
  285. $_POST['types'][$param_name] = '=';
  286. // Handle special case 'age'.
  287. if ($param_info['type'] == 'age')
  288. {
  289. // All people that were born between $lowerlimit and $upperlimit are currently the specified age.
  290. $datearray = getdate(forum_time());
  291. $upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name], $datearray['mon'], $datearray['mday']);
  292. $lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name] - 1, $datearray['mon'], $datearray['mday']);
  293. if (in_array($_POST['types'][$param_name], array('-', '--', '=')))
  294. {
  295. $query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
  296. $where_params[$param_name . '_minlimit'] = ($_POST['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
  297. }
  298. if (in_array($_POST['types'][$param_name], array('+', '++', '=')))
  299. {
  300. $query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
  301. $where_params[$param_name . '_pluslimit'] = ($_POST['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
  302. // Make sure that members that didn't set their birth year are not queried.
  303. $query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
  304. $where_params['dec_zero_date'] = '0004-12-31';
  305. }
  306. }
  307. // Special case - equals a date.
  308. elseif ($param_info['type'] == 'date' && $_POST['types'][$param_name] == '=')
  309. {
  310. $query_parts[] = $param_info['db_fields'][0] . ' > ' . $_POST[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($_POST[$param_name] + 86400);
  311. }
  312. else
  313. $query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$_POST['types'][$param_name]] . ' ' . $_POST[$param_name];
  314. }
  315. // Checkboxes.
  316. elseif ($param_info['type'] == 'checkbox')
  317. {
  318. // Each checkbox or no checkbox at all is checked -> ignore.
  319. if (!is_array($_POST[$param_name]) || count($_POST[$param_name]) == 0 || count($_POST[$param_name]) == count($param_info['values']))
  320. continue;
  321. $query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
  322. $where_params[$param_name . '_check'] = $_POST[$param_name];
  323. }
  324. else
  325. {
  326. // Replace the wildcard characters ('*' and '?') into MySQL ones.
  327. $parameter = strtolower(strtr($smcFunc['htmlspecialchars']($_POST[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
  328. $query_parts[] = '(' . implode( ' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
  329. $where_params[$param_name . '_normal'] = '%' . $parameter . '%';
  330. }
  331. }
  332. // Set up the membergroup query part.
  333. $mg_query_parts = array();
  334. // Primary membergroups, but only if at least was was not selected.
  335. if (!empty($_POST['membergroups'][1]) && count($context['membergroups']) != count($_POST['membergroups'][1]))
  336. {
  337. $mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
  338. $where_params['group_check'] = $_POST['membergroups'][1];
  339. }
  340. // Additional membergroups (these are only relevant if not all primary groups where selected!).
  341. if (!empty($_POST['membergroups'][2]) && (empty($_POST['membergroups'][1]) || count($context['membergroups']) != count($_POST['membergroups'][1])))
  342. foreach ($_POST['membergroups'][2] as $mg)
  343. {
  344. $mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
  345. $where_params['add_group_' . $mg] = $mg;
  346. }
  347. // Combine the one or two membergroup parts into one query part linked with an OR.
  348. if (!empty($mg_query_parts))
  349. $query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
  350. // Get all selected post count related membergroups.
  351. if (!empty($_POST['postgroups']) && count($_POST['postgroups']) != count($context['postgroups']))
  352. {
  353. $query_parts[] = 'id_post_group IN ({array_int:post_groups})';
  354. $where_params['post_groups'] = $_POST['postgroups'];
  355. }
  356. // Construct the where part of the query.
  357. $where = empty($query_parts) ? '1' : implode('
  358. AND ', $query_parts);
  359. $search_params = base64_encode(serialize($_POST));
  360. }
  361. else
  362. $search_params = null;
  363. // Construct the additional URL part with the query info in it.
  364. $context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';
  365. // Get the title and sub template ready..
  366. $context['page_title'] = $txt['admin_members'];
  367. $listOptions = array(
  368. 'id' => 'member_list',
  369. 'items_per_page' => $modSettings['defaultMaxMembers'],
  370. 'base_href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
  371. 'default_sort_col' => 'user_name',
  372. 'get_items' => array(
  373. 'file' => $sourcedir . '/Subs-Members.php',
  374. 'function' => 'list_getMembers',
  375. 'params' => array(
  376. isset($where) ? $where : '1=1',
  377. isset($where_params) ? $where_params : array(),
  378. ),
  379. ),
  380. 'get_count' => array(
  381. 'file' => $sourcedir . '/Subs-Members.php',
  382. 'function' => 'list_getNumMembers',
  383. 'params' => array(
  384. isset($where) ? $where : '1=1',
  385. isset($where_params) ? $where_params : array(),
  386. ),
  387. ),
  388. 'columns' => array(
  389. 'id_member' => array(
  390. 'header' => array(
  391. 'value' => $txt['member_id'],
  392. ),
  393. 'data' => array(
  394. 'db' => 'id_member',
  395. 'class' => 'windowbg',
  396. 'style' => 'text-align: center;',
  397. ),
  398. 'sort' => array(
  399. 'default' => 'id_member',
  400. 'reverse' => 'id_member DESC',
  401. ),
  402. ),
  403. 'user_name' => array(
  404. 'header' => array(
  405. 'value' => $txt['username'],
  406. ),
  407. 'data' => array(
  408. 'sprintf' => array(
  409. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  410. 'params' => array(
  411. 'id_member' => false,
  412. 'member_name' => false,
  413. ),
  414. ),
  415. ),
  416. 'sort' => array(
  417. 'default' => 'member_name',
  418. 'reverse' => 'member_name DESC',
  419. ),
  420. ),
  421. 'display_name' => array(
  422. 'header' => array(
  423. 'value' => $txt['display_name'],
  424. ),
  425. 'data' => array(
  426. 'sprintf' => array(
  427. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  428. 'params' => array(
  429. 'id_member' => false,
  430. 'real_name' => false,
  431. ),
  432. ),
  433. ),
  434. 'sort' => array(
  435. 'default' => 'real_name',
  436. 'reverse' => 'real_name DESC',
  437. ),
  438. ),
  439. 'email' => array(
  440. 'header' => array(
  441. 'value' => $txt['email_address'],
  442. ),
  443. 'data' => array(
  444. 'sprintf' => array(
  445. 'format' => '<a href="mailto:%1$s">%1$s</a>',
  446. 'params' => array(
  447. 'email_address' => true,
  448. ),
  449. ),
  450. 'class' => 'windowbg',
  451. ),
  452. 'sort' => array(
  453. 'default' => 'email_address',
  454. 'reverse' => 'email_address DESC',
  455. ),
  456. ),
  457. 'ip' => array(
  458. 'header' => array(
  459. 'value' => $txt['ip_address'],
  460. ),
  461. 'data' => array(
  462. 'sprintf' => array(
  463. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
  464. 'params' => array(
  465. 'member_ip' => false,
  466. ),
  467. ),
  468. ),
  469. 'sort' => array(
  470. 'default' => 'INET_ATON(member_ip)',
  471. 'reverse' => 'INET_ATON(member_ip) DESC',
  472. ),
  473. ),
  474. 'last_active' => array(
  475. 'header' => array(
  476. 'value' => $txt['viewmembers_online'],
  477. ),
  478. 'data' => array(
  479. 'function' => create_function('$rowData', '
  480. global $txt;
  481. // Calculate number of days since last online.
  482. if (empty($rowData[\'last_login\']))
  483. $difference = $txt[\'never\'];
  484. else
  485. {
  486. $num_days_difference = jeffsdatediff($rowData[\'last_login\']);
  487. // Today.
  488. if (empty($num_days_difference))
  489. $difference = $txt[\'viewmembers_today\'];
  490. // Yesterday.
  491. elseif ($num_days_difference == 1)
  492. $difference = sprintf(\'1 %1$s\', $txt[\'viewmembers_day_ago\']);
  493. // X days ago.
  494. else
  495. $difference = sprintf(\'%1$d %2$s\', $num_days_difference, $txt[\'viewmembers_days_ago\']);
  496. }
  497. // Show it in italics if they\'re not activated...
  498. if ($rowData[\'is_activated\'] % 10 != 1)
  499. $difference = sprintf(\'<em title="%1$s">%2$s</em>\', $txt[\'not_activated\'], $difference);
  500. return $difference;
  501. '),
  502. ),
  503. 'sort' => array(
  504. 'default' => 'last_login DESC',
  505. 'reverse' => 'last_login',
  506. ),
  507. ),
  508. 'posts' => array(
  509. 'header' => array(
  510. 'value' => $txt['member_postcount'],
  511. ),
  512. 'data' => array(
  513. 'db' => 'posts',
  514. ),
  515. 'sort' => array(
  516. 'default' => 'posts',
  517. 'reverse' => 'posts DESC',
  518. ),
  519. ),
  520. 'check' => array(
  521. 'header' => array(
  522. 'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
  523. ),
  524. 'data' => array(
  525. 'function' => create_function('$rowData', '
  526. global $user_info;
  527. return \'<input type="checkbox" name="delete[]" value="\' . $rowData[\'id_member\'] . \'" class="input_check" \' . ($rowData[\'id_member\'] == $user_info[\'id\'] || $rowData[\'id_group\'] == 1 || in_array(1, explode(\',\', $rowData[\'additional_groups\'])) ? \'disabled="disabled"\' : \'\') . \' />\';
  528. '),
  529. 'class' => 'windowbg',
  530. 'style' => 'text-align: center',
  531. ),
  532. ),
  533. ),
  534. 'form' => array(
  535. 'href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
  536. 'include_start' => true,
  537. 'include_sort' => true,
  538. ),
  539. 'additional_rows' => array(
  540. array(
  541. 'position' => 'below_table_data',
  542. 'value' => '<input type="submit" name="delete_members" value="' . $txt['admin_delete_members'] . '" onclick="return confirm(\'' . $txt['confirm_delete_members'] . '\');" class="button_submit" />',
  543. 'style' => 'text-align: right;',
  544. ),
  545. ),
  546. );
  547. // Without not enough permissions, don't show 'delete members' checkboxes.
  548. if (!allowedTo('profile_remove_any'))
  549. unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
  550. call_integration_hook('integrate_view_members_list', array(&$listOptions));
  551. require_once($sourcedir . '/Subs-List.php');
  552. createList($listOptions);
  553. $context['sub_template'] = 'show_list';
  554. $context['default_list'] = 'member_list';
  555. }
  556. /**
  557. * Search the member list, using one or more criteria.
  558. * Called by ?action=admin;area=viewmembers;sa=search.
  559. * Requires the moderate_forum permission.
  560. * form is submitted to action=admin;area=viewmembers;sa=query.
  561. *
  562. * @uses the search_members sub template of the ManageMembers template.
  563. */
  564. function SearchMembers()
  565. {
  566. global $context, $txt, $smcFunc;
  567. // Get a list of all the membergroups and postgroups that can be selected.
  568. $context['membergroups'] = array(
  569. array(
  570. 'id' => 0,
  571. 'name' => $txt['membergroups_members'],
  572. 'can_be_additional' => false
  573. )
  574. );
  575. $context['postgroups'] = array();
  576. $request = $smcFunc['db_query']('', '
  577. SELECT id_group, group_name, min_posts
  578. FROM {db_prefix}membergroups
  579. WHERE id_group != {int:moderator_group}
  580. ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
  581. array(
  582. 'moderator_group' => 3,
  583. 'newbie_group' => 4,
  584. )
  585. );
  586. while ($row = $smcFunc['db_fetch_assoc']($request))
  587. {
  588. if ($row['min_posts'] == -1)
  589. $context['membergroups'][] = array(
  590. 'id' => $row['id_group'],
  591. 'name' => $row['group_name'],
  592. 'can_be_additional' => true
  593. );
  594. else
  595. $context['postgroups'][] = array(
  596. 'id' => $row['id_group'],
  597. 'name' => $row['group_name']
  598. );
  599. }
  600. $smcFunc['db_free_result']($request);
  601. $context['page_title'] = $txt['admin_members'];
  602. $context['sub_template'] = 'search_members';
  603. }
  604. /**
  605. * List all members who are awaiting approval / activation, sortable on different columns.
  606. * It allows instant approval or activation of (a selection of) members.
  607. * Called by ?action=admin;area=viewmembers;sa=browse;type=approve
  608. * or ?action=admin;area=viewmembers;sa=browse;type=activate.
  609. * The form submits to ?action=admin;area=viewmembers;sa=approve.
  610. * Requires the moderate_forum permission.
  611. *
  612. * @uses the admin_browse sub template of the ManageMembers template.
  613. */
  614. function MembersAwaitingActivation()
  615. {
  616. global $txt, $context, $scripturl, $modSettings, $smcFunc;
  617. global $sourcedir;
  618. // Not a lot here!
  619. $context['page_title'] = $txt['admin_members'];
  620. $context['sub_template'] = 'admin_browse';
  621. $context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
  622. if (isset($context['tabs'][$context['browse_type']]))
  623. $context['tabs'][$context['browse_type']]['is_selected'] = true;
  624. // Allowed filters are those we can have, in theory.
  625. $context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
  626. $context['current_filter'] = isset($_REQUEST['filter']) && in_array($_REQUEST['filter'], $context['allowed_filters']) && !empty($context['activation_numbers'][$_REQUEST['filter']]) ? (int) $_REQUEST['filter'] : -1;
  627. // Sort out the different sub areas that we can actually filter by.
  628. $context['available_filters'] = array();
  629. foreach ($context['activation_numbers'] as $type => $amount)
  630. {
  631. // We have some of these...
  632. if (in_array($type, $context['allowed_filters']) && $amount > 0)
  633. $context['available_filters'][] = array(
  634. 'type' => $type,
  635. 'amount' => $amount,
  636. 'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
  637. 'selected' => $type == $context['current_filter']
  638. );
  639. }
  640. // If the filter was not sent, set it to whatever has people in it!
  641. if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
  642. $context['current_filter'] = $context['available_filters'][0]['type'];
  643. // This little variable is used to determine if we should flag where we are looking.
  644. $context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;
  645. // The columns that can be sorted.
  646. $context['columns'] = array(
  647. 'id_member' => array('label' => $txt['admin_browse_id']),
  648. 'member_name' => array('label' => $txt['admin_browse_username']),
  649. 'email_address' => array('label' => $txt['admin_browse_email']),
  650. 'member_ip' => array('label' => $txt['admin_browse_ip']),
  651. 'date_registered' => array('label' => $txt['admin_browse_registered']),
  652. );
  653. // Are we showing duplicate information?
  654. if (isset($_GET['showdupes']))
  655. $_SESSION['showdupes'] = (int) $_GET['showdupes'];
  656. $context['show_duplicates'] = !empty($_SESSION['showdupes']);
  657. // Determine which actions we should allow on this page.
  658. if ($context['browse_type'] == 'approve')
  659. {
  660. // If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
  661. if ($context['current_filter'] == 4)
  662. $context['allowed_actions'] = array(
  663. 'reject' => $txt['admin_browse_w_approve_deletion'],
  664. 'ok' => $txt['admin_browse_w_reject'],
  665. );
  666. else
  667. $context['allowed_actions'] = array(
  668. 'ok' => $txt['admin_browse_w_approve'],
  669. 'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
  670. 'require_activation' => $txt['admin_browse_w_approve_require_activate'],
  671. 'reject' => $txt['admin_browse_w_reject'],
  672. 'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
  673. );
  674. }
  675. elseif ($context['browse_type'] == 'activate')
  676. $context['allowed_actions'] = array(
  677. 'ok' => $txt['admin_browse_w_activate'],
  678. 'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
  679. 'delete' => $txt['admin_browse_w_delete'],
  680. 'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
  681. 'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
  682. );
  683. // Create an option list for actions allowed to be done with selected members.
  684. $allowed_actions = '
  685. <option selected="selected" value="">' . $txt['admin_browse_with_selected'] . ':</option>
  686. <option value="" disabled="disabled">-----------------------------</option>';
  687. foreach ($context['allowed_actions'] as $key => $desc)
  688. $allowed_actions .= '
  689. <option value="' . $key . '">' . $desc . '</option>';
  690. // Setup the Javascript function for selecting an action for the list.
  691. $javascript = '
  692. function onSelectChange()
  693. {
  694. if (document.forms.postForm.todo.value == "")
  695. return;
  696. var message = "";';
  697. // We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
  698. if ($context['current_filter'] == 4)
  699. $javascript .= '
  700. if (document.forms.postForm.todo.value.indexOf("reject") != -1)
  701. message = "' . $txt['admin_browse_w_delete'] . '";
  702. else
  703. message = "' . $txt['admin_browse_w_reject'] . '";';
  704. // Otherwise a nice standard message.
  705. else
  706. $javascript .= '
  707. if (document.forms.postForm.todo.value.indexOf("delete") != -1)
  708. message = "' . $txt['admin_browse_w_delete'] . '";
  709. else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
  710. message = "' . $txt['admin_browse_w_reject'] . '";
  711. else if (document.forms.postForm.todo.value == "remind")
  712. message = "' . $txt['admin_browse_w_remind'] . '";
  713. else
  714. message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
  715. $javascript .= '
  716. if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
  717. document.forms.postForm.submit();
  718. }';
  719. $listOptions = array(
  720. 'id' => 'approve_list',
  721. 'items_per_page' => $modSettings['defaultMaxMembers'],
  722. 'base_href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : ''),
  723. 'default_sort_col' => 'date_registered',
  724. 'get_items' => array(
  725. 'file' => $sourcedir . '/Subs-Members.php',
  726. 'function' => 'list_getMembers',
  727. 'params' => array(
  728. 'is_activated = {int:activated_status}',
  729. array('activated_status' => $context['current_filter']),
  730. $context['show_duplicates'],
  731. ),
  732. ),
  733. 'get_count' => array(
  734. 'file' => $sourcedir . '/Subs-Members.php',
  735. 'function' => 'list_getNumMembers',
  736. 'params' => array(
  737. 'is_activated = {int:activated_status}',
  738. array('activated_status' => $context['current_filter']),
  739. ),
  740. ),
  741. 'columns' => array(
  742. 'id_member' => array(
  743. 'header' => array(
  744. 'value' => $txt['member_id'],
  745. ),
  746. 'data' => array(
  747. 'db' => 'id_member',
  748. 'class' => 'windowbg',
  749. 'style' => 'text-align: center;',
  750. ),
  751. 'sort' => array(
  752. 'default' => 'id_member',
  753. 'reverse' => 'id_member DESC',
  754. ),
  755. ),
  756. 'user_name' => array(
  757. 'header' => array(
  758. 'value' => $txt['username'],
  759. ),
  760. 'data' => array(
  761. 'sprintf' => array(
  762. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  763. 'params' => array(
  764. 'id_member' => false,
  765. 'member_name' => false,
  766. ),
  767. ),
  768. ),
  769. 'sort' => array(
  770. 'default' => 'member_name',
  771. 'reverse' => 'member_name DESC',
  772. ),
  773. ),
  774. 'email' => array(
  775. 'header' => array(
  776. 'value' => $txt['email_address'],
  777. ),
  778. 'data' => array(
  779. 'sprintf' => array(
  780. 'format' => '<a href="mailto:%1$s">%1$s</a>',
  781. 'params' => array(
  782. 'email_address' => true,
  783. ),
  784. ),
  785. 'class' => 'windowbg',
  786. ),
  787. 'sort' => array(
  788. 'default' => 'email_address',
  789. 'reverse' => 'email_address DESC',
  790. ),
  791. ),
  792. 'ip' => array(
  793. 'header' => array(
  794. 'value' => $txt['ip_address'],
  795. ),
  796. 'data' => array(
  797. 'sprintf' => array(
  798. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
  799. 'params' => array(
  800. 'member_ip' => false,
  801. ),
  802. ),
  803. ),
  804. 'sort' => array(
  805. 'default' => 'INET_ATON(member_ip)',
  806. 'reverse' => 'INET_ATON(member_ip) DESC',
  807. ),
  808. ),
  809. 'hostname' => array(
  810. 'header' => array(
  811. 'value' => $txt['hostname'],
  812. ),
  813. 'data' => array(
  814. 'function' => create_function('$rowData', '
  815. global $modSettings;
  816. return host_from_ip($rowData[\'member_ip\']);
  817. '),
  818. 'class' => 'smalltext',
  819. ),
  820. ),
  821. 'date_registered' => array(
  822. 'header' => array(
  823. 'value' => $txt['date_registered'],
  824. ),
  825. 'data' => array(
  826. 'function' => create_function('$rowData', '
  827. return timeformat($rowData[\'date_registered\']);
  828. '),
  829. ),
  830. 'sort' => array(
  831. 'default' => 'date_registered DESC',
  832. 'reverse' => 'date_registered',
  833. ),
  834. ),
  835. 'duplicates' => array(
  836. 'header' => array(
  837. 'value' => $txt['duplicates'],
  838. // Make sure it doesn't go too wide.
  839. 'style' => 'width: 20%',
  840. ),
  841. 'data' => array(
  842. 'function' => create_function('$rowData', '
  843. global $scripturl, $txt;
  844. $member_links = array();
  845. foreach ($rowData[\'duplicate_members\'] as $member)
  846. {
  847. if ($member[\'id\'])
  848. $member_links[] = \'<a href="\' . $scripturl . \'?action=profile;u=\' . $member[\'id\'] . \'" \' . (!empty($member[\'is_banned\']) ? \'style="color: red;"\' : \'\') . \'>\' . $member[\'name\'] . \'</a>\';
  849. else
  850. $member_links[] = $member[\'name\'] . \' (\' . $txt[\'guest\'] . \')\';
  851. }
  852. return implode (\', \', $member_links);
  853. '),
  854. 'class' => 'smalltext',
  855. ),
  856. ),
  857. 'check' => array(
  858. 'header' => array(
  859. 'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
  860. ),
  861. 'data' => array(
  862. 'sprintf' => array(
  863. 'format' => '<input type="checkbox" name="todoAction[]" value="%1$d" class="input_check" />',
  864. 'params' => array(
  865. 'id_member' => false,
  866. ),
  867. ),
  868. 'class' => 'windowbg',
  869. 'style' => 'text-align: center',
  870. ),
  871. ),
  872. ),
  873. 'javascript' => $javascript,
  874. 'form' => array(
  875. 'href' => $scripturl . '?action=admin;area=viewmembers;sa=approve;type=' . $context['browse_type'],
  876. 'name' => 'postForm',
  877. 'include_start' => true,
  878. 'include_sort' => true,
  879. 'hidden_fields' => array(
  880. 'orig_filter' => $context['current_filter'],
  881. ),
  882. ),
  883. 'additional_rows' => array(
  884. array(
  885. 'position' => 'below_table_data',
  886. 'value' => '
  887. <div class="floatleft">
  888. [<a href="' . $scripturl . '?action=admin;area=viewmembers;sa=browse;showdupes=' . ($context['show_duplicates'] ? 0 : 1) . ';type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'] . '">' . ($context['show_duplicates'] ? $txt['dont_check_for_duplicate'] : $txt['check_for_duplicate']) . '</a>]
  889. </div>
  890. <div class="floatright">
  891. <select name="todo" onchange="onSelectChange();">
  892. ' . $allowed_actions . '
  893. </select>
  894. <noscript><input type="submit" value="' . $txt['go'] . '" class="button_submit" /></noscript>
  895. </div>',
  896. ),
  897. ),
  898. );
  899. // Pick what column to actually include if we're showing duplicates.
  900. if ($context['show_duplicates'])
  901. unset($listOptions['columns']['email']);
  902. else
  903. unset($listOptions['columns']['duplicates']);
  904. // Only show hostname on duplicates as it takes a lot of time.
  905. if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
  906. unset($listOptions['columns']['hostname']);
  907. // Is there any need to show filters?
  908. if (isset($context['available_filters']) && count($context['available_filters']) > 1)
  909. {
  910. $filterOptions = '
  911. <strong>' . $txt['admin_browse_filter_by'] . ':</strong>
  912. <select name="filter" onchange="this.form.submit();">';
  913. foreach ($context['available_filters'] as $filter)
  914. $filterOptions .= '
  915. <option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected="selected"' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
  916. $filterOptions .= '
  917. </select>
  918. <noscript><input type="submit" value="' . $txt['go'] . '" name="filter" class="button_submit" /></noscript>';
  919. $listOptions['additional_rows'][] = array(
  920. 'position' => 'above_column_headers',
  921. 'value' => $filterOptions,
  922. 'style' => 'text-align: center;',
  923. );
  924. }
  925. // What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
  926. if (!empty($context['show_filter']) && !empty($context['available_filters']))
  927. $listOptions['additional_rows'][] = array(
  928. 'position' => 'above_column_headers',
  929. 'value' => '<strong>' . $txt['admin_browse_filter_show'] . ':</strong> ' . $context['available_filters'][0]['desc'],
  930. 'class' => 'smalltext',
  931. 'style' => 'text-align: left;',
  932. );
  933. // Now that we have all the options, create the list.
  934. require_once($sourcedir . '/Subs-List.php');
  935. createList($listOptions);
  936. }
  937. /**
  938. * This function handles the approval, rejection, activation or deletion of members.
  939. * Called by ?action=admin;area=viewmembers;sa=approve.
  940. * Requires the moderate_forum permission.
  941. * Redirects to ?action=admin;area=viewmembers;sa=browse
  942. * with the same parameters as the calling page.
  943. */
  944. function AdminApprove()
  945. {
  946. global $txt, $context, $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;
  947. // First, check our session.
  948. checkSession();
  949. require_once($sourcedir . '/Subs-Post.php');
  950. // We also need to the login languages here - for emails.
  951. loadLanguage('Login');
  952. // Sort out where we are going...
  953. $browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
  954. $current_filter = (int) $_REQUEST['orig_filter'];
  955. // If we are applying a filter do just that - then redirect.
  956. if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
  957. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
  958. // Nothing to do?
  959. if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
  960. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  961. // Are we dealing with members who have been waiting for > set amount of time?
  962. if (isset($_POST['time_passed']))
  963. {
  964. $timeBefore = time() - 86400 * (int) $_POST['time_passed'];
  965. $condition = '
  966. AND date_registered < {int:time_before}';
  967. }
  968. // Coming from checkboxes - validate the members passed through to us.
  969. else
  970. {
  971. $members = array();
  972. foreach ($_POST['todoAction'] as $id)
  973. $members[] = (int) $id;
  974. $condition = '
  975. AND id_member IN ({array_int:members})';
  976. }
  977. // Get information on each of the members, things that are important to us, like email address...
  978. $request = $smcFunc['db_query']('', '
  979. SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
  980. FROM {db_prefix}members
  981. WHERE is_activated = {int:activated_status}' . $condition . '
  982. ORDER BY lngfile',
  983. array(
  984. 'activated_status' => $current_filter,
  985. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  986. 'members' => empty($members) ? array() : $members,
  987. )
  988. );
  989. $member_count = $smcFunc['db_num_rows']($request);
  990. // If no results then just return!
  991. if ($member_count == 0)
  992. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  993. $member_info = array();
  994. $members = array();
  995. // Fill the info array.
  996. while ($row = $smcFunc['db_fetch_assoc']($request))
  997. {
  998. $members[] = $row['id_member'];
  999. $member_info[] = array(
  1000. 'id' => $row['id_member'],
  1001. 'username' => $row['member_name'],
  1002. 'name' => $row['real_name'],
  1003. 'email' => $row['email_address'],
  1004. 'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'],
  1005. 'code' => $row['validation_code']
  1006. );
  1007. }
  1008. $smcFunc['db_free_result']($request);
  1009. // Are we activating or approving the members?
  1010. if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail')
  1011. {
  1012. // Approve/activate this member.
  1013. $smcFunc['db_query']('', '
  1014. UPDATE {db_prefix}members
  1015. SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
  1016. WHERE is_activated = {int:activated_status}' . $condition,
  1017. array(
  1018. 'is_activated' => 1,
  1019. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  1020. 'members' => empty($members) ? array() : $members,
  1021. 'activated_status' => $current_filter,
  1022. 'blank_string' => '',
  1023. )
  1024. );
  1025. // Do we have to let the integration code know about the activations?
  1026. if (!empty($modSettings['integrate_activate']))
  1027. {
  1028. foreach ($member_info as $member)
  1029. call_integration_hook('integrate_activate', array($member['username']));
  1030. }
  1031. // Check for email.
  1032. if ($_POST['todo'] == 'okemail')
  1033. {
  1034. foreach ($member_info as $member)
  1035. {
  1036. $replacements = array(
  1037. 'NAME' => $member['name'],
  1038. 'USERNAME' => $member['username'],
  1039. 'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'],
  1040. 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
  1041. );
  1042. $emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
  1043. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
  1044. }
  1045. }
  1046. }
  1047. // Maybe we're sending it off for activation?
  1048. elseif ($_POST['todo'] == 'require_activation')
  1049. {
  1050. require_once($sourcedir . '/Subs-Members.php');
  1051. // We have to do this for each member I'm afraid.
  1052. foreach ($member_info as $member)
  1053. {
  1054. // Generate a random activation code.
  1055. $validation_code = generateValidationCode();
  1056. // Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
  1057. $smcFunc['db_query']('', '
  1058. UPDATE {db_prefix}members
  1059. SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
  1060. WHERE is_activated = {int:activated_status}
  1061. ' . $condition . '
  1062. AND id_member = {int:selected_member}',
  1063. array(
  1064. 'not_activated' => 0,
  1065. 'activated_status' => $current_filter,
  1066. 'selected_member' => $member['id'],
  1067. 'validation_code' => $validation_code,
  1068. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  1069. 'members' => empty($members) ? array() : $members,
  1070. )
  1071. );
  1072. $replacements = array(
  1073. 'USERNAME' => $member['name'],
  1074. 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code,
  1075. 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
  1076. 'ACTIVATIONCODE' => $validation_code,
  1077. );
  1078. $emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
  1079. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
  1080. }
  1081. }
  1082. // Are we rejecting them?
  1083. elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail')
  1084. {
  1085. require_once($sourcedir . '/Subs-Members.php');
  1086. deleteMembers($members);
  1087. // Send email telling them they aren't welcome?
  1088. if ($_POST['todo'] == 'rejectemail')
  1089. {
  1090. foreach ($member_info as $member)
  1091. {
  1092. $replacements = array(
  1093. 'USERNAME' => $member['name'],
  1094. );
  1095. $emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
  1096. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1097. }
  1098. }
  1099. }
  1100. // A simple delete?
  1101. elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail')
  1102. {
  1103. require_once($sourcedir . '/Subs-Members.php');
  1104. deleteMembers($members);
  1105. // Send email telling them they aren't welcome?
  1106. if ($_POST['todo'] == 'deleteemail')
  1107. {
  1108. foreach ($member_info as $member)
  1109. {
  1110. $replacements = array(
  1111. 'USERNAME' => $member['name'],
  1112. );
  1113. $emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
  1114. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1115. }
  1116. }
  1117. }
  1118. // Remind them to activate their account?
  1119. elseif ($_POST['todo'] == 'remind')
  1120. {
  1121. foreach ($member_info as $member)
  1122. {
  1123. $replacements = array(
  1124. 'USERNAME' => $member['name'],
  1125. 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'],
  1126. 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
  1127. 'ACTIVATIONCODE' => $member['code'],
  1128. );
  1129. $emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
  1130. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1131. }
  1132. }
  1133. // @todo current_language is never set, no idea what this is for. Remove?
  1134. // Back to the user's language!
  1135. if (isset($current_language) && $current_language != $user_info['language'])
  1136. {
  1137. loadLanguage('index');
  1138. loadLanguage('ManageMembers');
  1139. }
  1140. // Log what we did?
  1141. if (!empty($modSettings['modlog_enabled']) && in_array($_POST['todo'], array('ok', 'okemail', 'require_activation', 'remind')))
  1142. {
  1143. $log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';
  1144. $log_inserts = array();
  1145. foreach ($member_info as $member)
  1146. {
  1147. $log_inserts[] = array(
  1148. time(), 3, $user_info['id'], $user_info['ip'], $log_action,
  1149. 0, 0, 0, serialize(array('member' => $member['id'])),
  1150. );
  1151. }
  1152. $smcFunc['db_insert']('',
  1153. '{db_prefix}log_actions',
  1154. array(
  1155. 'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
  1156. 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
  1157. ),
  1158. $log_inserts,
  1159. array('id_action')
  1160. );
  1161. }
  1162. // Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
  1163. if (in_array($current_filter, array(3, 4)))
  1164. updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
  1165. // Update the member's stats. (but, we know the member didn't change their name.)
  1166. updateStats('member', false);
  1167. // If they haven't been deleted, update the post group statistics on them...
  1168. if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
  1169. updateStats('postgroups', $members);
  1170. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  1171. }
  1172. /**
  1173. * Nifty function to calculate the number of days ago a given date was.
  1174. * Requires a unix timestamp as input, returns an integer.
  1175. * Named in honour of Jeff Lewis, the original creator of...this function.
  1176. *
  1177. * @param $old
  1178. * @return int, the returned number of days, based on the forum time.
  1179. */
  1180. function jeffsdatediff($old)
  1181. {
  1182. // Get the current time as the user would see it...
  1183. $forumTime = forum_time();
  1184. // Calculate the seconds that have passed since midnight.
  1185. $sinceMidnight = date('H', $forumTime) * 60 * 60 + date('i', $forumTime) * 60 + date('s', $forumTime);
  1186. // Take the difference between the two times.
  1187. $dis = time() - $old;
  1188. // Before midnight?
  1189. if ($dis < $sinceMidnight)
  1190. return 0;
  1191. else
  1192. $dis -= $sinceMidnight;
  1193. // Divide out the seconds in a day to get the number of days.
  1194. return ceil($dis / (24 * 60 * 60));
  1195. }
  1196. ?>