ManageMembers.php 44 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307
  1. <?php
  2. /**
  3. * Show a list of members or a selection of members.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2011 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.0
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * The main entrance point for the Manage Members screen.
  18. * As everyone else, it calls a function based on the given sub-action.
  19. * Called by ?action=admin;area=viewmembers.
  20. * Requires the moderate_forum permission.
  21. *
  22. * @uses ManageMembers template
  23. * @uses ManageMembers language file.
  24. */
  25. function ViewMembers()
  26. {
  27. global $txt, $scripturl, $context, $modSettings, $smcFunc;
  28. $subActions = array(
  29. 'all' => array('ViewMemberlist', 'moderate_forum'),
  30. 'approve' => array('AdminApprove', 'moderate_forum'),
  31. 'browse' => array('MembersAwaitingActivation', 'moderate_forum'),
  32. 'search' => array('SearchMembers', 'moderate_forum'),
  33. 'query' => array('ViewMemberlist', 'moderate_forum'),
  34. );
  35. // Default to sub action 'index' or 'settings' depending on permissions.
  36. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'all';
  37. // We know the sub action, now we know what you're allowed to do.
  38. isAllowedTo($subActions[$_REQUEST['sa']][1]);
  39. // Load the essentials.
  40. loadLanguage('ManageMembers');
  41. loadTemplate('ManageMembers');
  42. // Get counts on every type of activation - for sections and filtering alike.
  43. $request = $smcFunc['db_query']('', '
  44. SELECT COUNT(*) AS total_members, is_activated
  45. FROM {db_prefix}members
  46. WHERE is_activated != {int:is_activated}
  47. GROUP BY is_activated',
  48. array(
  49. 'is_activated' => 1,
  50. )
  51. );
  52. $context['activation_numbers'] = array();
  53. $context['awaiting_activation'] = 0;
  54. $context['awaiting_approval'] = 0;
  55. while ($row = $smcFunc['db_fetch_assoc']($request))
  56. $context['activation_numbers'][$row['is_activated']] = $row['total_members'];
  57. $smcFunc['db_free_result']($request);
  58. foreach ($context['activation_numbers'] as $activation_type => $total_members)
  59. {
  60. if (in_array($activation_type, array(0, 2)))
  61. $context['awaiting_activation'] += $total_members;
  62. elseif (in_array($activation_type, array(3, 4, 5)))
  63. $context['awaiting_approval'] += $total_members;
  64. }
  65. // For the page header... do we show activation?
  66. $context['show_activate'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) || !empty($context['awaiting_activation']);
  67. // What about approval?
  68. $context['show_approve'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($context['awaiting_approval']) || !empty($modSettings['approveAccountDeletion']);
  69. // Setup the admin tabs.
  70. $context[$context['admin_menu_name']]['tab_data'] = array(
  71. 'title' => $txt['admin_members'],
  72. 'help' => 'view_members',
  73. 'description' => $txt['admin_members_list'],
  74. 'tabs' => array(),
  75. );
  76. $context['tabs'] = array(
  77. 'viewmembers' => array(
  78. 'label' => $txt['view_all_members'],
  79. 'description' => $txt['admin_members_list'],
  80. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=all',
  81. 'is_selected' => $_REQUEST['sa'] == 'all',
  82. ),
  83. 'search' => array(
  84. 'label' => $txt['mlist_search'],
  85. 'description' => $txt['admin_members_list'],
  86. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=search',
  87. 'is_selected' => $_REQUEST['sa'] == 'search' || $_REQUEST['sa'] == 'query',
  88. ),
  89. 'approve' => array(
  90. 'label' => sprintf($txt['admin_browse_awaiting_approval'], $context['awaiting_approval']),
  91. 'description' => $txt['admin_browse_approve_desc'],
  92. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve',
  93. 'is_selected' => false,
  94. ),
  95. 'activate' => array(
  96. 'label' => sprintf($txt['admin_browse_awaiting_activate'], $context['awaiting_activation']),
  97. 'description' => $txt['admin_browse_activate_desc'],
  98. 'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=activate',
  99. 'is_selected' => false,
  100. 'is_last' => true,
  101. ),
  102. );
  103. // Sort out the tabs for the ones which may not exist!
  104. if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
  105. {
  106. $context['tabs']['approve']['is_last'] = true;
  107. unset($context['tabs']['activate']);
  108. }
  109. if (!$context['show_approve'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'approve'))
  110. {
  111. if (!$context['show_activate'] && ($_REQUEST['sa'] != 'browse' || $_REQUEST['type'] != 'activate'))
  112. $context['tabs']['search']['is_last'] = true;
  113. unset($context['tabs']['approve']);
  114. }
  115. $subActions[$_REQUEST['sa']][0]();
  116. }
  117. /**
  118. * View all members list. It allows sorting on several columns, and deletion of
  119. * selected members. It also handles the search query sent by
  120. * ?action=admin;area=viewmembers;sa=search.
  121. * Called by ?action=admin;area=viewmembers;sa=all or ?action=admin;area=viewmembers;sa=query.
  122. * Requires the moderate_forum permission.
  123. *
  124. * @uses the view_members sub template of the ManageMembers template.
  125. */
  126. function ViewMemberlist()
  127. {
  128. global $txt, $scripturl, $context, $modSettings, $sourcedir, $smcFunc, $user_info;
  129. // Set the current sub action.
  130. $context['sub_action'] = $_REQUEST['sa'];
  131. // Are we performing a delete?
  132. if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
  133. {
  134. checkSession();
  135. // Clean the input.
  136. foreach ($_POST['delete'] as $key => $value)
  137. {
  138. $_POST['delete'][$key] = (int) $value;
  139. // Don't delete yourself, idiot.
  140. if ($value == $user_info['id'])
  141. unset($_POST['delete'][$key]);
  142. }
  143. if (!empty($_POST['delete']))
  144. {
  145. // Delete all the selected members.
  146. require_once($sourcedir . '/Subs-Members.php');
  147. deleteMembers($_POST['delete'], true);
  148. }
  149. }
  150. if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
  151. $_POST += @unserialize(base64_decode($_REQUEST['params']));
  152. // Check input after a member search has been submitted.
  153. if ($context['sub_action'] == 'query')
  154. {
  155. // Retrieving the membergroups and postgroups.
  156. $context['membergroups'] = array(
  157. array(
  158. 'id' => 0,
  159. 'name' => $txt['membergroups_members'],
  160. 'can_be_additional' => false
  161. )
  162. );
  163. $context['postgroups'] = array();
  164. $request = $smcFunc['db_query']('', '
  165. SELECT id_group, group_name, min_posts
  166. FROM {db_prefix}membergroups
  167. WHERE id_group != {int:moderator_group}
  168. ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
  169. array(
  170. 'moderator_group' => 3,
  171. 'newbie_group' => 4,
  172. )
  173. );
  174. while ($row = $smcFunc['db_fetch_assoc']($request))
  175. {
  176. if ($row['min_posts'] == -1)
  177. $context['membergroups'][] = array(
  178. 'id' => $row['id_group'],
  179. 'name' => $row['group_name'],
  180. 'can_be_additional' => true
  181. );
  182. else
  183. $context['postgroups'][] = array(
  184. 'id' => $row['id_group'],
  185. 'name' => $row['group_name']
  186. );
  187. }
  188. $smcFunc['db_free_result']($request);
  189. // Some data about the form fields and how they are linked to the database.
  190. $params = array(
  191. 'mem_id' => array(
  192. 'db_fields' => array('id_member'),
  193. 'type' => 'int',
  194. 'range' => true
  195. ),
  196. 'age' => array(
  197. 'db_fields' => array('birthdate'),
  198. 'type' => 'age',
  199. 'range' => true
  200. ),
  201. 'posts' => array(
  202. 'db_fields' => array('posts'),
  203. 'type' => 'int',
  204. 'range' => true
  205. ),
  206. 'reg_date' => array(
  207. 'db_fields' => array('date_registered'),
  208. 'type' => 'date',
  209. 'range' => true
  210. ),
  211. 'last_online' => array(
  212. 'db_fields' => array('last_login'),
  213. 'type' => 'date',
  214. 'range' => true
  215. ),
  216. 'gender' => array(
  217. 'db_fields' => array('gender'),
  218. 'type' => 'checkbox',
  219. 'values' => array('0', '1', '2'),
  220. ),
  221. 'activated' => array(
  222. 'db_fields' => array('CASE WHEN is_activated IN (1, 11) THEN 1 ELSE 0 END'),
  223. 'type' => 'checkbox',
  224. 'values' => array('0', '1'),
  225. ),
  226. 'membername' => array(
  227. 'db_fields' => array('member_name', 'real_name'),
  228. 'type' => 'string'
  229. ),
  230. 'email' => array(
  231. 'db_fields' => array('email_address'),
  232. 'type' => 'string'
  233. ),
  234. 'website' => array(
  235. 'db_fields' => array('website_title', 'website_url'),
  236. 'type' => 'string'
  237. ),
  238. 'location' => array(
  239. 'db_fields' => array('location'),
  240. 'type' => 'string'
  241. ),
  242. 'ip' => array(
  243. 'db_fields' => array('member_ip'),
  244. 'type' => 'string'
  245. ),
  246. 'messenger' => array(
  247. 'db_fields' => array('icq', 'aim', 'yim', 'msn'),
  248. 'type' => 'string'
  249. )
  250. );
  251. $range_trans = array(
  252. '--' => '<',
  253. '-' => '<=',
  254. '=' => '=',
  255. '+' => '>=',
  256. '++' => '>'
  257. );
  258. // !!! Validate a little more.
  259. // Loop through every field of the form.
  260. $query_parts = array();
  261. $where_params = array();
  262. foreach ($params as $param_name => $param_info)
  263. {
  264. // Not filled in?
  265. if (!isset($_POST[$param_name]) || $_POST[$param_name] === '')
  266. continue;
  267. // Make sure numeric values are really numeric.
  268. if (in_array($param_info['type'], array('int', 'age')))
  269. $_POST[$param_name] = (int) $_POST[$param_name];
  270. // Date values have to match the specified format.
  271. elseif ($param_info['type'] == 'date')
  272. {
  273. // Check if this date format is valid.
  274. if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $_POST[$param_name]) == 0)
  275. continue;
  276. $_POST[$param_name] = strtotime($_POST[$param_name]);
  277. }
  278. // Those values that are in some kind of range (<, <=, =, >=, >).
  279. if (!empty($param_info['range']))
  280. {
  281. // Default to '=', just in case...
  282. if (empty($range_trans[$_POST['types'][$param_name]]))
  283. $_POST['types'][$param_name] = '=';
  284. // Handle special case 'age'.
  285. if ($param_info['type'] == 'age')
  286. {
  287. // All people that were born between $lowerlimit and $upperlimit are currently the specified age.
  288. $datearray = getdate(forum_time());
  289. $upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name], $datearray['mon'], $datearray['mday']);
  290. $lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $_POST[$param_name] - 1, $datearray['mon'], $datearray['mday']);
  291. if (in_array($_POST['types'][$param_name], array('-', '--', '=')))
  292. {
  293. $query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
  294. $where_params[$param_name . '_minlimit'] = ($_POST['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
  295. }
  296. if (in_array($_POST['types'][$param_name], array('+', '++', '=')))
  297. {
  298. $query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
  299. $where_params[$param_name . '_pluslimit'] = ($_POST['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);
  300. // Make sure that members that didn't set their birth year are not queried.
  301. $query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
  302. $where_params['dec_zero_date'] = '0004-12-31';
  303. }
  304. }
  305. // Special case - equals a date.
  306. elseif ($param_info['type'] == 'date' && $_POST['types'][$param_name] == '=')
  307. {
  308. $query_parts[] = $param_info['db_fields'][0] . ' > ' . $_POST[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($_POST[$param_name] + 86400);
  309. }
  310. else
  311. $query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$_POST['types'][$param_name]] . ' ' . $_POST[$param_name];
  312. }
  313. // Checkboxes.
  314. elseif ($param_info['type'] == 'checkbox')
  315. {
  316. // Each checkbox or no checkbox at all is checked -> ignore.
  317. if (!is_array($_POST[$param_name]) || count($_POST[$param_name]) == 0 || count($_POST[$param_name]) == count($param_info['values']))
  318. continue;
  319. $query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
  320. $where_params[$param_name . '_check'] = $_POST[$param_name];
  321. }
  322. else
  323. {
  324. // Replace the wildcard characters ('*' and '?') into MySQL ones.
  325. $parameter = strtolower(strtr($smcFunc['htmlspecialchars']($_POST[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));
  326. $query_parts[] = '(' . implode( ' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
  327. $where_params[$param_name . '_normal'] = '%' . $parameter . '%';
  328. }
  329. }
  330. // Set up the membergroup query part.
  331. $mg_query_parts = array();
  332. // Primary membergroups, but only if at least was was not selected.
  333. if (!empty($_POST['membergroups'][1]) && count($context['membergroups']) != count($_POST['membergroups'][1]))
  334. {
  335. $mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
  336. $where_params['group_check'] = $_POST['membergroups'][1];
  337. }
  338. // Additional membergroups (these are only relevant if not all primary groups where selected!).
  339. if (!empty($_POST['membergroups'][2]) && (empty($_POST['membergroups'][1]) || count($context['membergroups']) != count($_POST['membergroups'][1])))
  340. foreach ($_POST['membergroups'][2] as $mg)
  341. {
  342. $mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
  343. $where_params['add_group_' . $mg] = $mg;
  344. }
  345. // Combine the one or two membergroup parts into one query part linked with an OR.
  346. if (!empty($mg_query_parts))
  347. $query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';
  348. // Get all selected post count related membergroups.
  349. if (!empty($_POST['postgroups']) && count($_POST['postgroups']) != count($context['postgroups']))
  350. {
  351. $query_parts[] = 'id_post_group IN ({array_int:post_groups})';
  352. $where_params['post_groups'] = $_POST['postgroups'];
  353. }
  354. // Construct the where part of the query.
  355. $where = empty($query_parts) ? '1' : implode('
  356. AND ', $query_parts);
  357. $search_params = base64_encode(serialize($_POST));
  358. }
  359. else
  360. $search_params = null;
  361. // Construct the additional URL part with the query info in it.
  362. $context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';
  363. // Get the title and sub template ready..
  364. $context['page_title'] = $txt['admin_members'];
  365. $listOptions = array(
  366. 'id' => 'member_list',
  367. 'items_per_page' => $modSettings['defaultMaxMembers'],
  368. 'base_href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
  369. 'default_sort_col' => 'user_name',
  370. 'get_items' => array(
  371. 'file' => $sourcedir . '/Subs-Members.php',
  372. 'function' => 'list_getMembers',
  373. 'params' => array(
  374. isset($where) ? $where : '1=1',
  375. isset($where_params) ? $where_params : array(),
  376. ),
  377. ),
  378. 'get_count' => array(
  379. 'file' => $sourcedir . '/Subs-Members.php',
  380. 'function' => 'list_getNumMembers',
  381. 'params' => array(
  382. isset($where) ? $where : '1=1',
  383. isset($where_params) ? $where_params : array(),
  384. ),
  385. ),
  386. 'columns' => array(
  387. 'id_member' => array(
  388. 'header' => array(
  389. 'value' => $txt['member_id'],
  390. ),
  391. 'data' => array(
  392. 'db' => 'id_member',
  393. 'class' => 'windowbg',
  394. 'style' => 'text-align: center;',
  395. ),
  396. 'sort' => array(
  397. 'default' => 'id_member',
  398. 'reverse' => 'id_member DESC',
  399. ),
  400. ),
  401. 'user_name' => array(
  402. 'header' => array(
  403. 'value' => $txt['username'],
  404. ),
  405. 'data' => array(
  406. 'sprintf' => array(
  407. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  408. 'params' => array(
  409. 'id_member' => false,
  410. 'member_name' => false,
  411. ),
  412. ),
  413. ),
  414. 'sort' => array(
  415. 'default' => 'member_name',
  416. 'reverse' => 'member_name DESC',
  417. ),
  418. ),
  419. 'display_name' => array(
  420. 'header' => array(
  421. 'value' => $txt['display_name'],
  422. ),
  423. 'data' => array(
  424. 'sprintf' => array(
  425. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  426. 'params' => array(
  427. 'id_member' => false,
  428. 'real_name' => false,
  429. ),
  430. ),
  431. ),
  432. 'sort' => array(
  433. 'default' => 'real_name',
  434. 'reverse' => 'real_name DESC',
  435. ),
  436. ),
  437. 'email' => array(
  438. 'header' => array(
  439. 'value' => $txt['email_address'],
  440. ),
  441. 'data' => array(
  442. 'sprintf' => array(
  443. 'format' => '<a href="mailto:%1$s">%1$s</a>',
  444. 'params' => array(
  445. 'email_address' => true,
  446. ),
  447. ),
  448. 'class' => 'windowbg',
  449. ),
  450. 'sort' => array(
  451. 'default' => 'email_address',
  452. 'reverse' => 'email_address DESC',
  453. ),
  454. ),
  455. 'ip' => array(
  456. 'header' => array(
  457. 'value' => $txt['ip_address'],
  458. ),
  459. 'data' => array(
  460. 'sprintf' => array(
  461. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
  462. 'params' => array(
  463. 'member_ip' => false,
  464. ),
  465. ),
  466. ),
  467. 'sort' => array(
  468. 'default' => 'INET_ATON(member_ip)',
  469. 'reverse' => 'INET_ATON(member_ip) DESC',
  470. ),
  471. ),
  472. 'last_active' => array(
  473. 'header' => array(
  474. 'value' => $txt['viewmembers_online'],
  475. ),
  476. 'data' => array(
  477. 'function' => create_function('$rowData', '
  478. global $txt;
  479. // Calculate number of days since last online.
  480. if (empty($rowData[\'last_login\']))
  481. $difference = $txt[\'never\'];
  482. else
  483. {
  484. $num_days_difference = jeffsdatediff($rowData[\'last_login\']);
  485. // Today.
  486. if (empty($num_days_difference))
  487. $difference = $txt[\'viewmembers_today\'];
  488. // Yesterday.
  489. elseif ($num_days_difference == 1)
  490. $difference = sprintf(\'1 %1$s\', $txt[\'viewmembers_day_ago\']);
  491. // X days ago.
  492. else
  493. $difference = sprintf(\'%1$d %2$s\', $num_days_difference, $txt[\'viewmembers_days_ago\']);
  494. }
  495. // Show it in italics if they\'re not activated...
  496. if ($rowData[\'is_activated\'] % 10 != 1)
  497. $difference = sprintf(\'<em title="%1$s">%2$s</em>\', $txt[\'not_activated\'], $difference);
  498. return $difference;
  499. '),
  500. ),
  501. 'sort' => array(
  502. 'default' => 'last_login DESC',
  503. 'reverse' => 'last_login',
  504. ),
  505. ),
  506. 'posts' => array(
  507. 'header' => array(
  508. 'value' => $txt['member_postcount'],
  509. ),
  510. 'data' => array(
  511. 'db' => 'posts',
  512. ),
  513. 'sort' => array(
  514. 'default' => 'posts',
  515. 'reverse' => 'posts DESC',
  516. ),
  517. ),
  518. 'check' => array(
  519. 'header' => array(
  520. 'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
  521. ),
  522. 'data' => array(
  523. 'function' => create_function('$rowData', '
  524. global $user_info;
  525. return \'<input type="checkbox" name="delete[]" value="\' . $rowData[\'id_member\'] . \'" class="input_check" \' . ($rowData[\'id_member\'] == $user_info[\'id\'] || $rowData[\'id_group\'] == 1 || in_array(1, explode(\',\', $rowData[\'additional_groups\'])) ? \'disabled="disabled"\' : \'\') . \' />\';
  526. '),
  527. 'class' => 'windowbg',
  528. 'style' => 'text-align: center',
  529. ),
  530. ),
  531. ),
  532. 'form' => array(
  533. 'href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
  534. 'include_start' => true,
  535. 'include_sort' => true,
  536. ),
  537. 'additional_rows' => array(
  538. array(
  539. 'position' => 'below_table_data',
  540. 'value' => '<input type="submit" name="delete_members" value="' . $txt['admin_delete_members'] . '" onclick="return confirm(\'' . $txt['confirm_delete_members'] . '\');" class="button_submit" />',
  541. 'style' => 'text-align: right;',
  542. ),
  543. ),
  544. );
  545. // Without not enough permissions, don't show 'delete members' checkboxes.
  546. if (!allowedTo('profile_remove_any'))
  547. unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);
  548. require_once($sourcedir . '/Subs-List.php');
  549. createList($listOptions);
  550. $context['sub_template'] = 'show_list';
  551. $context['default_list'] = 'member_list';
  552. }
  553. /**
  554. * Search the member list, using one or more criteria.
  555. * Called by ?action=admin;area=viewmembers;sa=search.
  556. * Requires the moderate_forum permission.
  557. * form is submitted to action=admin;area=viewmembers;sa=query.
  558. *
  559. * @uses the search_members sub template of the ManageMembers template.
  560. */
  561. function SearchMembers()
  562. {
  563. global $context, $txt, $smcFunc;
  564. // Get a list of all the membergroups and postgroups that can be selected.
  565. $context['membergroups'] = array(
  566. array(
  567. 'id' => 0,
  568. 'name' => $txt['membergroups_members'],
  569. 'can_be_additional' => false
  570. )
  571. );
  572. $context['postgroups'] = array();
  573. $request = $smcFunc['db_query']('', '
  574. SELECT id_group, group_name, min_posts
  575. FROM {db_prefix}membergroups
  576. WHERE id_group != {int:moderator_group}
  577. ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
  578. array(
  579. 'moderator_group' => 3,
  580. 'newbie_group' => 4,
  581. )
  582. );
  583. while ($row = $smcFunc['db_fetch_assoc']($request))
  584. {
  585. if ($row['min_posts'] == -1)
  586. $context['membergroups'][] = array(
  587. 'id' => $row['id_group'],
  588. 'name' => $row['group_name'],
  589. 'can_be_additional' => true
  590. );
  591. else
  592. $context['postgroups'][] = array(
  593. 'id' => $row['id_group'],
  594. 'name' => $row['group_name']
  595. );
  596. }
  597. $smcFunc['db_free_result']($request);
  598. $context['page_title'] = $txt['admin_members'];
  599. $context['sub_template'] = 'search_members';
  600. }
  601. /**
  602. * List all members who are awaiting approval / activation, sortable on different columns.
  603. * It allows instant approval or activation of (a selection of) members.
  604. * Called by ?action=admin;area=viewmembers;sa=browse;type=approve
  605. * or ?action=admin;area=viewmembers;sa=browse;type=activate.
  606. * The form submits to ?action=admin;area=viewmembers;sa=approve.
  607. * Requires the moderate_forum permission.
  608. *
  609. * @uses the admin_browse sub template of the ManageMembers template.
  610. */
  611. function MembersAwaitingActivation()
  612. {
  613. global $txt, $context, $scripturl, $modSettings, $smcFunc;
  614. global $sourcedir;
  615. // Not a lot here!
  616. $context['page_title'] = $txt['admin_members'];
  617. $context['sub_template'] = 'admin_browse';
  618. $context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
  619. if (isset($context['tabs'][$context['browse_type']]))
  620. $context['tabs'][$context['browse_type']]['is_selected'] = true;
  621. // Allowed filters are those we can have, in theory.
  622. $context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
  623. $context['current_filter'] = isset($_REQUEST['filter']) && in_array($_REQUEST['filter'], $context['allowed_filters']) && !empty($context['activation_numbers'][$_REQUEST['filter']]) ? (int) $_REQUEST['filter'] : -1;
  624. // Sort out the different sub areas that we can actually filter by.
  625. $context['available_filters'] = array();
  626. foreach ($context['activation_numbers'] as $type => $amount)
  627. {
  628. // We have some of these...
  629. if (in_array($type, $context['allowed_filters']) && $amount > 0)
  630. $context['available_filters'][] = array(
  631. 'type' => $type,
  632. 'amount' => $amount,
  633. 'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
  634. 'selected' => $type == $context['current_filter']
  635. );
  636. }
  637. // If the filter was not sent, set it to whatever has people in it!
  638. if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
  639. $context['current_filter'] = $context['available_filters'][0]['type'];
  640. // This little variable is used to determine if we should flag where we are looking.
  641. $context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;
  642. // The columns that can be sorted.
  643. $context['columns'] = array(
  644. 'id_member' => array('label' => $txt['admin_browse_id']),
  645. 'member_name' => array('label' => $txt['admin_browse_username']),
  646. 'email_address' => array('label' => $txt['admin_browse_email']),
  647. 'member_ip' => array('label' => $txt['admin_browse_ip']),
  648. 'date_registered' => array('label' => $txt['admin_browse_registered']),
  649. );
  650. // Are we showing duplicate information?
  651. if (isset($_GET['showdupes']))
  652. $_SESSION['showdupes'] = (int) $_GET['showdupes'];
  653. $context['show_duplicates'] = !empty($_SESSION['showdupes']);
  654. // Determine which actions we should allow on this page.
  655. if ($context['browse_type'] == 'approve')
  656. {
  657. // If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
  658. if ($context['current_filter'] == 4)
  659. $context['allowed_actions'] = array(
  660. 'reject' => $txt['admin_browse_w_approve_deletion'],
  661. 'ok' => $txt['admin_browse_w_reject'],
  662. );
  663. else
  664. $context['allowed_actions'] = array(
  665. 'ok' => $txt['admin_browse_w_approve'],
  666. 'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
  667. 'require_activation' => $txt['admin_browse_w_approve_require_activate'],
  668. 'reject' => $txt['admin_browse_w_reject'],
  669. 'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
  670. );
  671. }
  672. elseif ($context['browse_type'] == 'activate')
  673. $context['allowed_actions'] = array(
  674. 'ok' => $txt['admin_browse_w_activate'],
  675. 'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
  676. 'delete' => $txt['admin_browse_w_delete'],
  677. 'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
  678. 'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
  679. );
  680. // Create an option list for actions allowed to be done with selected members.
  681. $allowed_actions = '
  682. <option selected="selected" value="">' . $txt['admin_browse_with_selected'] . ':</option>
  683. <option value="" disabled="disabled">-----------------------------</option>';
  684. foreach ($context['allowed_actions'] as $key => $desc)
  685. $allowed_actions .= '
  686. <option value="' . $key . '">' . $desc . '</option>';
  687. // Setup the Javascript function for selecting an action for the list.
  688. $javascript = '
  689. function onSelectChange()
  690. {
  691. if (document.forms.postForm.todo.value == "")
  692. return;
  693. var message = "";';
  694. // We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
  695. if ($context['current_filter'] == 4)
  696. $javascript .= '
  697. if (document.forms.postForm.todo.value.indexOf("reject") != -1)
  698. message = "' . $txt['admin_browse_w_delete'] . '";
  699. else
  700. message = "' . $txt['admin_browse_w_reject'] . '";';
  701. // Otherwise a nice standard message.
  702. else
  703. $javascript .= '
  704. if (document.forms.postForm.todo.value.indexOf("delete") != -1)
  705. message = "' . $txt['admin_browse_w_delete'] . '";
  706. else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
  707. message = "' . $txt['admin_browse_w_reject'] . '";
  708. else if (document.forms.postForm.todo.value == "remind")
  709. message = "' . $txt['admin_browse_w_remind'] . '";
  710. else
  711. message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
  712. $javascript .= '
  713. if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
  714. document.forms.postForm.submit();
  715. }';
  716. $listOptions = array(
  717. 'id' => 'approve_list',
  718. 'items_per_page' => $modSettings['defaultMaxMembers'],
  719. 'base_href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : ''),
  720. 'default_sort_col' => 'date_registered',
  721. 'get_items' => array(
  722. 'file' => $sourcedir . '/Subs-Members.php',
  723. 'function' => 'list_getMembers',
  724. 'params' => array(
  725. 'is_activated = {int:activated_status}',
  726. array('activated_status' => $context['current_filter']),
  727. $context['show_duplicates'],
  728. ),
  729. ),
  730. 'get_count' => array(
  731. 'file' => $sourcedir . '/Subs-Members.php',
  732. 'function' => 'list_getNumMembers',
  733. 'params' => array(
  734. 'is_activated = {int:activated_status}',
  735. array('activated_status' => $context['current_filter']),
  736. ),
  737. ),
  738. 'columns' => array(
  739. 'id_member' => array(
  740. 'header' => array(
  741. 'value' => $txt['member_id'],
  742. ),
  743. 'data' => array(
  744. 'db' => 'id_member',
  745. 'class' => 'windowbg',
  746. 'style' => 'text-align: center;',
  747. ),
  748. 'sort' => array(
  749. 'default' => 'id_member',
  750. 'reverse' => 'id_member DESC',
  751. ),
  752. ),
  753. 'user_name' => array(
  754. 'header' => array(
  755. 'value' => $txt['username'],
  756. ),
  757. 'data' => array(
  758. 'sprintf' => array(
  759. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
  760. 'params' => array(
  761. 'id_member' => false,
  762. 'member_name' => false,
  763. ),
  764. ),
  765. ),
  766. 'sort' => array(
  767. 'default' => 'member_name',
  768. 'reverse' => 'member_name DESC',
  769. ),
  770. ),
  771. 'email' => array(
  772. 'header' => array(
  773. 'value' => $txt['email_address'],
  774. ),
  775. 'data' => array(
  776. 'sprintf' => array(
  777. 'format' => '<a href="mailto:%1$s">%1$s</a>',
  778. 'params' => array(
  779. 'email_address' => true,
  780. ),
  781. ),
  782. 'class' => 'windowbg',
  783. ),
  784. 'sort' => array(
  785. 'default' => 'email_address',
  786. 'reverse' => 'email_address DESC',
  787. ),
  788. ),
  789. 'ip' => array(
  790. 'header' => array(
  791. 'value' => $txt['ip_address'],
  792. ),
  793. 'data' => array(
  794. 'sprintf' => array(
  795. 'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
  796. 'params' => array(
  797. 'member_ip' => false,
  798. ),
  799. ),
  800. ),
  801. 'sort' => array(
  802. 'default' => 'INET_ATON(member_ip)',
  803. 'reverse' => 'INET_ATON(member_ip) DESC',
  804. ),
  805. ),
  806. 'hostname' => array(
  807. 'header' => array(
  808. 'value' => $txt['hostname'],
  809. ),
  810. 'data' => array(
  811. 'function' => create_function('$rowData', '
  812. global $modSettings;
  813. return host_from_ip($rowData[\'member_ip\']);
  814. '),
  815. 'class' => 'smalltext',
  816. ),
  817. ),
  818. 'date_registered' => array(
  819. 'header' => array(
  820. 'value' => $txt['date_registered'],
  821. ),
  822. 'data' => array(
  823. 'function' => create_function('$rowData', '
  824. return timeformat($rowData[\'date_registered\']);
  825. '),
  826. ),
  827. 'sort' => array(
  828. 'default' => 'date_registered DESC',
  829. 'reverse' => 'date_registered',
  830. ),
  831. ),
  832. 'duplicates' => array(
  833. 'header' => array(
  834. 'value' => $txt['duplicates'],
  835. // Make sure it doesn't go too wide.
  836. 'style' => 'width: 20%',
  837. ),
  838. 'data' => array(
  839. 'function' => create_function('$rowData', '
  840. global $scripturl, $txt;
  841. $member_links = array();
  842. foreach ($rowData[\'duplicate_members\'] as $member)
  843. {
  844. if ($member[\'id\'])
  845. $member_links[] = \'<a href="\' . $scripturl . \'?action=profile;u=\' . $member[\'id\'] . \'" \' . (!empty($member[\'is_banned\']) ? \'style="color: red;"\' : \'\') . \'>\' . $member[\'name\'] . \'</a>\';
  846. else
  847. $member_links[] = $member[\'name\'] . \' (\' . $txt[\'guest\'] . \')\';
  848. }
  849. return implode (\', \', $member_links);
  850. '),
  851. 'class' => 'smalltext',
  852. ),
  853. ),
  854. 'check' => array(
  855. 'header' => array(
  856. 'value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />',
  857. ),
  858. 'data' => array(
  859. 'sprintf' => array(
  860. 'format' => '<input type="checkbox" name="todoAction[]" value="%1$d" class="input_check" />',
  861. 'params' => array(
  862. 'id_member' => false,
  863. ),
  864. ),
  865. 'class' => 'windowbg',
  866. 'style' => 'text-align: center',
  867. ),
  868. ),
  869. ),
  870. 'javascript' => $javascript,
  871. 'form' => array(
  872. 'href' => $scripturl . '?action=admin;area=viewmembers;sa=approve;type=' . $context['browse_type'],
  873. 'name' => 'postForm',
  874. 'include_start' => true,
  875. 'include_sort' => true,
  876. 'hidden_fields' => array(
  877. 'orig_filter' => $context['current_filter'],
  878. ),
  879. ),
  880. 'additional_rows' => array(
  881. array(
  882. 'position' => 'below_table_data',
  883. 'value' => '
  884. <div class="floatleft">
  885. [<a href="' . $scripturl . '?action=admin;area=viewmembers;sa=browse;showdupes=' . ($context['show_duplicates'] ? 0 : 1) . ';type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'] . '">' . ($context['show_duplicates'] ? $txt['dont_check_for_duplicate'] : $txt['check_for_duplicate']) . '</a>]
  886. </div>
  887. <div class="floatright">
  888. <select name="todo" onchange="onSelectChange();">
  889. ' . $allowed_actions . '
  890. </select>
  891. <noscript><input type="submit" value="' . $txt['go'] . '" class="button_submit" /></noscript>
  892. </div>',
  893. ),
  894. ),
  895. );
  896. // Pick what column to actually include if we're showing duplicates.
  897. if ($context['show_duplicates'])
  898. unset($listOptions['columns']['email']);
  899. else
  900. unset($listOptions['columns']['duplicates']);
  901. // Only show hostname on duplicates as it takes a lot of time.
  902. if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
  903. unset($listOptions['columns']['hostname']);
  904. // Is there any need to show filters?
  905. if (isset($context['available_filters']) && count($context['available_filters']) > 1)
  906. {
  907. $filterOptions = '
  908. <strong>' . $txt['admin_browse_filter_by'] . ':</strong>
  909. <select name="filter" onchange="this.form.submit();">';
  910. foreach ($context['available_filters'] as $filter)
  911. $filterOptions .= '
  912. <option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected="selected"' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
  913. $filterOptions .= '
  914. </select>
  915. <noscript><input type="submit" value="' . $txt['go'] . '" name="filter" class="button_submit" /></noscript>';
  916. $listOptions['additional_rows'][] = array(
  917. 'position' => 'above_column_headers',
  918. 'value' => $filterOptions,
  919. 'style' => 'text-align: center;',
  920. );
  921. }
  922. // What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
  923. if (!empty($context['show_filter']) && !empty($context['available_filters']))
  924. $listOptions['additional_rows'][] = array(
  925. 'position' => 'above_column_headers',
  926. 'value' => '<strong>' . $txt['admin_browse_filter_show'] . ':</strong> ' . $context['available_filters'][0]['desc'],
  927. 'class' => 'smalltext',
  928. 'style' => 'text-align: left;',
  929. );
  930. // Now that we have all the options, create the list.
  931. require_once($sourcedir . '/Subs-List.php');
  932. createList($listOptions);
  933. }
  934. /**
  935. * This function handles the approval, rejection, activation or deletion of members.
  936. * Called by ?action=admin;area=viewmembers;sa=approve.
  937. * Requires the moderate_forum permission.
  938. * Redirects to ?action=admin;area=viewmembers;sa=browse
  939. * with the same parameters as the calling page.
  940. */
  941. function AdminApprove()
  942. {
  943. global $txt, $context, $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;
  944. // First, check our session.
  945. checkSession();
  946. require_once($sourcedir . '/Subs-Post.php');
  947. // We also need to the login languages here - for emails.
  948. loadLanguage('Login');
  949. // Sort out where we are going...
  950. $browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
  951. $current_filter = (int) $_REQUEST['orig_filter'];
  952. // If we are applying a filter do just that - then redirect.
  953. if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
  954. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
  955. // Nothing to do?
  956. if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
  957. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  958. // Are we dealing with members who have been waiting for > set amount of time?
  959. if (isset($_POST['time_passed']))
  960. {
  961. $timeBefore = time() - 86400 * (int) $_POST['time_passed'];
  962. $condition = '
  963. AND date_registered < {int:time_before}';
  964. }
  965. // Coming from checkboxes - validate the members passed through to us.
  966. else
  967. {
  968. $members = array();
  969. foreach ($_POST['todoAction'] as $id)
  970. $members[] = (int) $id;
  971. $condition = '
  972. AND id_member IN ({array_int:members})';
  973. }
  974. // Get information on each of the members, things that are important to us, like email address...
  975. $request = $smcFunc['db_query']('', '
  976. SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
  977. FROM {db_prefix}members
  978. WHERE is_activated = {int:activated_status}' . $condition . '
  979. ORDER BY lngfile',
  980. array(
  981. 'activated_status' => $current_filter,
  982. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  983. 'members' => empty($members) ? array() : $members,
  984. )
  985. );
  986. $member_count = $smcFunc['db_num_rows']($request);
  987. // If no results then just return!
  988. if ($member_count == 0)
  989. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  990. $member_info = array();
  991. $members = array();
  992. // Fill the info array.
  993. while ($row = $smcFunc['db_fetch_assoc']($request))
  994. {
  995. $members[] = $row['id_member'];
  996. $member_info[] = array(
  997. 'id' => $row['id_member'],
  998. 'username' => $row['member_name'],
  999. 'name' => $row['real_name'],
  1000. 'email' => $row['email_address'],
  1001. 'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'],
  1002. 'code' => $row['validation_code']
  1003. );
  1004. }
  1005. $smcFunc['db_free_result']($request);
  1006. // Are we activating or approving the members?
  1007. if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail')
  1008. {
  1009. // Approve/activate this member.
  1010. $smcFunc['db_query']('', '
  1011. UPDATE {db_prefix}members
  1012. SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
  1013. WHERE is_activated = {int:activated_status}' . $condition,
  1014. array(
  1015. 'is_activated' => 1,
  1016. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  1017. 'members' => empty($members) ? array() : $members,
  1018. 'activated_status' => $current_filter,
  1019. 'blank_string' => '',
  1020. )
  1021. );
  1022. // Do we have to let the integration code know about the activations?
  1023. if (!empty($modSettings['integrate_activate']))
  1024. {
  1025. foreach ($member_info as $member)
  1026. call_integration_hook('integrate_activate', array($member['username']));
  1027. }
  1028. // Check for email.
  1029. if ($_POST['todo'] == 'okemail')
  1030. {
  1031. foreach ($member_info as $member)
  1032. {
  1033. $replacements = array(
  1034. 'NAME' => $member['name'],
  1035. 'USERNAME' => $member['username'],
  1036. 'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'],
  1037. 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
  1038. );
  1039. $emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
  1040. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
  1041. }
  1042. }
  1043. }
  1044. // Maybe we're sending it off for activation?
  1045. elseif ($_POST['todo'] == 'require_activation')
  1046. {
  1047. require_once($sourcedir . '/Subs-Members.php');
  1048. // We have to do this for each member I'm afraid.
  1049. foreach ($member_info as $member)
  1050. {
  1051. // Generate a random activation code.
  1052. $validation_code = generateValidationCode();
  1053. // Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
  1054. $smcFunc['db_query']('', '
  1055. UPDATE {db_prefix}members
  1056. SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
  1057. WHERE is_activated = {int:activated_status}
  1058. ' . $condition . '
  1059. AND id_member = {int:selected_member}',
  1060. array(
  1061. 'not_activated' => 0,
  1062. 'activated_status' => $current_filter,
  1063. 'selected_member' => $member['id'],
  1064. 'validation_code' => $validation_code,
  1065. 'time_before' => empty($timeBefore) ? 0 : $timeBefore,
  1066. 'members' => empty($members) ? array() : $members,
  1067. )
  1068. );
  1069. $replacements = array(
  1070. 'USERNAME' => $member['name'],
  1071. 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code,
  1072. 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
  1073. 'ACTIVATIONCODE' => $validation_code,
  1074. );
  1075. $emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
  1076. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
  1077. }
  1078. }
  1079. // Are we rejecting them?
  1080. elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail')
  1081. {
  1082. require_once($sourcedir . '/Subs-Members.php');
  1083. deleteMembers($members);
  1084. // Send email telling them they aren't welcome?
  1085. if ($_POST['todo'] == 'rejectemail')
  1086. {
  1087. foreach ($member_info as $member)
  1088. {
  1089. $replacements = array(
  1090. 'USERNAME' => $member['name'],
  1091. );
  1092. $emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
  1093. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1094. }
  1095. }
  1096. }
  1097. // A simple delete?
  1098. elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail')
  1099. {
  1100. require_once($sourcedir . '/Subs-Members.php');
  1101. deleteMembers($members);
  1102. // Send email telling them they aren't welcome?
  1103. if ($_POST['todo'] == 'deleteemail')
  1104. {
  1105. foreach ($member_info as $member)
  1106. {
  1107. $replacements = array(
  1108. 'USERNAME' => $member['name'],
  1109. );
  1110. $emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
  1111. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1112. }
  1113. }
  1114. }
  1115. // Remind them to activate their account?
  1116. elseif ($_POST['todo'] == 'remind')
  1117. {
  1118. foreach ($member_info as $member)
  1119. {
  1120. $replacements = array(
  1121. 'USERNAME' => $member['name'],
  1122. 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'],
  1123. 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
  1124. 'ACTIVATIONCODE' => $member['code'],
  1125. );
  1126. $emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
  1127. sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
  1128. }
  1129. }
  1130. // Back to the user's language!
  1131. if (isset($current_language) && $current_language != $user_info['language'])
  1132. {
  1133. loadLanguage('index');
  1134. loadLanguage('ManageMembers');
  1135. }
  1136. // Log what we did?
  1137. if (!empty($modSettings['modlog_enabled']) && in_array($_POST['todo'], array('ok', 'okemail', 'require_activation', 'remind')))
  1138. {
  1139. $log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';
  1140. $log_inserts = array();
  1141. foreach ($member_info as $member)
  1142. {
  1143. $log_inserts[] = array(
  1144. time(), 3, $user_info['id'], $user_info['ip'], $log_action,
  1145. 0, 0, 0, serialize(array('member' => $member['id'])),
  1146. );
  1147. }
  1148. $smcFunc['db_insert']('',
  1149. '{db_prefix}log_actions',
  1150. array(
  1151. 'log_time' => 'int', 'id_log' => 'int', 'id_member' => 'int', 'ip' => 'string-16', 'action' => 'string',
  1152. 'id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'extra' => 'string-65534',
  1153. ),
  1154. $log_inserts,
  1155. array('id_action')
  1156. );
  1157. }
  1158. // Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
  1159. if (in_array($current_filter, array(3, 4)))
  1160. updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));
  1161. // Update the member's stats. (but, we know the member didn't change their name.)
  1162. updateStats('member', false);
  1163. // If they haven't been deleted, update the post group statistics on them...
  1164. if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
  1165. updateStats('postgroups', $members);
  1166. redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
  1167. }
  1168. /**
  1169. * Nifty function to calculate the number of days ago a given date was.
  1170. * Requires a unix timestamp as input, returns an integer.
  1171. * Named in honour of Jeff Lewis, the original creator of...this function.
  1172. *
  1173. * @param $old
  1174. * @return int, the returned number of days, based on the forum time.
  1175. */
  1176. function jeffsdatediff($old)
  1177. {
  1178. // Get the current time as the user would see it...
  1179. $forumTime = forum_time();
  1180. // Calculate the seconds that have passed since midnight.
  1181. $sinceMidnight = date('H', $forumTime) * 60 * 60 + date('i', $forumTime) * 60 + date('s', $forumTime);
  1182. // Take the difference between the two times.
  1183. $dis = time() - $old;
  1184. // Before midnight?
  1185. if ($dis < $sinceMidnight)
  1186. return 0;
  1187. else
  1188. $dis -= $sinceMidnight;
  1189. // Divide out the seconds in a day to get the number of days.
  1190. return ceil($dis / (24 * 60 * 60));
  1191. }
  1192. ?>