phpBB

Code Changes

File: includes/functions_user.php

  Unmodified   Added   Modified   Removed
Line 204Line 204
		'username_clean'	=> $username_clean,
'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '',
'user_email' => strtolower($user_row['user_email']),

		'username_clean'	=> $username_clean,
'user_password' => (isset($user_row['user_password'])) ? $user_row['user_password'] : '',
'user_email' => strtolower($user_row['user_email']),

		'user_email_hash'	=> phpbb_email_hash($user_row['user_email']),

 
		'group_id'			=> $user_row['group_id'],
'user_type' => $user_row['user_type'],
);

// These are the additional vars able to be specified
$additional_vars = array(

		'group_id'			=> $user_row['group_id'],
'user_type' => $user_row['user_type'],
);

// These are the additional vars able to be specified
$additional_vars = array(

		'user_permissions'	=> '',
'user_timezone' => $config['board_timezone'],
'user_dateformat' => $config['default_dateformat'],
'user_lang' => $config['default_lang'],
'user_style' => (int) $config['default_style'],
'user_actkey' => '',
'user_ip' => '',
'user_regdate' => time(),
'user_passchg' => time(),
'user_options' => 230271,

		'user_permissions'			=> '',
'user_timezone' => $config['board_timezone'],
'user_dateformat' => $config['default_dateformat'],
'user_lang' => $config['default_lang'],
'user_style' => (int) $config['default_style'],
'user_actkey' => '',
'user_ip' => '',
'user_regdate' => time(),
'user_passchg' => time(),
'user_options' => 230271,

		// We do not set the new flag here - registration scripts need to specify it

		// We do not set the new flag here - registration scripts need to specify it

		'user_new'			=> 0,

		'user_new'					=> 0,


'user_inactive_reason' => 0,
'user_inactive_time' => 0,


'user_inactive_reason' => 0,
'user_inactive_time' => 0,

Line 424Line 423
}

/**

}

/**

 * Remove User

 * Delete user(s) and their related data

 *

 *

 * @param string	$mode		Either 'retain' or 'remove'
* @param mixed $user_ids Either an array of integers or an integer
* @param bool $retain_username

 * @param string	$mode				Mode of posts deletion (retain|remove)
* @param mixed $user_ids Either an array of integers or an integer
* @param bool $retain_username True if username should be retained, false otherwise

 * @return bool
*/
function user_delete($mode, $user_ids, $retain_username = true)

 * @return bool
*/
function user_delete($mode, $user_ids, $retain_username = true)

Line 462Line 461
	}

/**

	}

/**

	* Event before a user is deleted

	 * Event before of the performing of the user(s) delete action

	*
* @event core.delete_user_before

	*
* @event core.delete_user_before

	* @var	string	mode		Mode of deletion (retain/delete posts)
* @var array user_ids IDs of the deleted user
* @var mixed retain_username True if username should be retained
* or false if not
* @var array user_rows Array containing data of the deleted users

	 * @var string	mode				Mode of posts deletion (retain|remove)
* @var array user_ids ID(s) of the user(s) bound to be deleted
* @var bool retain_username True if username should be retained, false otherwise
* @var array user_rows Array containing data of the user(s) bound to be deleted


	* @since 3.1.0-a1
* @changed 3.2.4-RC1 Added user_rows
*/

	* @since 3.1.0-a1
* @changed 3.2.4-RC1 Added user_rows
*/

Line 761Line 759
	$db->sql_query($sql);

// Clean the private messages tables from the user

	$db->sql_query($sql);

// Clean the private messages tables from the user

	if (!function_exists('phpbb_delete_user_pms'))

	if (!function_exists('phpbb_delete_users_pms'))

	{
include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
}

	{
include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
}

Line 773Line 771
	$db->sql_transaction('commit');

/**

	$db->sql_transaction('commit');

/**

	* Event after a user is deleted

	 * Event after the user(s) delete action has been performed

	*
* @event core.delete_user_after

	*
* @event core.delete_user_after

	* @var	string	mode		Mode of deletion (retain/delete posts)
* @var array user_ids IDs of the deleted user
* @var mixed retain_username True if username should be retained
* or false if not
* @var array user_rows Array containing data of the deleted users

	 * @var string	mode				Mode of posts deletion (retain|remove)
* @var array user_ids ID(s) of the deleted user(s)
* @var bool retain_username True if username should be retained, false otherwise
* @var array user_rows Array containing data of the deleted user(s)


	* @since 3.1.0-a1
* @changed 3.2.2-RC1 Added user_rows
*/

	* @since 3.1.0-a1
* @changed 3.2.2-RC1 Added user_rows
*/

Line 800Line 797
* Flips user_type from active to inactive and vice versa, handles group membership updates
*
* @param string $mode can be flip for flipping from active/inactive, activate or deactivate

* Flips user_type from active to inactive and vice versa, handles group membership updates
*
* @param string $mode can be flip for flipping from active/inactive, activate or deactivate

 
* @param array $user_id_ary
* @param int $reason

*/
function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
{

*/
function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)
{

Line 922Line 921
* @param string $ban_len_other Ban length as a date (YYYY-MM-DD)
* @param boolean $ban_exclude Exclude these entities from banning?
* @param string $ban_reason String describing the reason for this ban

* @param string $ban_len_other Ban length as a date (YYYY-MM-DD)
* @param boolean $ban_exclude Exclude these entities from banning?
* @param string $ban_reason String describing the reason for this ban

 
* @param string $ban_give_reason

* @return boolean
*/
function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason = '')

* @return boolean
*/
function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason = '')

Line 1046Line 1046
					$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));

					$banlist_ary[] = (int) $row['user_id'];
}
while ($row = $db->sql_fetchrow($result));

 

$db->sql_freeresult($result);

			}
else
{
$db->sql_freeresult($result);

			}
else
{
$db->sql_freeresult($result);

 


				trigger_error('NO_USERS', E_USER_WARNING);
}

				trigger_error('NO_USERS', E_USER_WARNING);
}

			$db->sql_freeresult($result);

 
		break;

case 'ip':

		break;

case 'ip':

Line 1455Line 1457
*/
function user_ipwhois($ip)
{

*/
function user_ipwhois($ip)
{

	if (empty($ip))
{
return '';
}

if (!preg_match(get_preg_expression('ipv4'), $ip) && !preg_match(get_preg_expression('ipv6'), $ip))

	if (!filter_var($ip, FILTER_VALIDATE_IP))






	{
return '';
}

	{
return '';
}

Line 1473Line 1470
	if (($fsk = @fsockopen($whois_host, 43)))
{
// CRLF as per RFC3912

	if (($fsk = @fsockopen($whois_host, 43)))
{
// CRLF as per RFC3912

		fputs($fsk, "$ip\r\n");


		// Z to limit the query to all possible flags (whois.arin.net)
fputs($fsk, "z $ip\r\n");

		while (!feof($fsk))
{
$ipwhois .= fgets($fsk, 1024);

		while (!feof($fsk))
{
$ipwhois .= fgets($fsk, 1024);

Line 1515Line 1513
		$ipwhois = (empty($buffer)) ? $ipwhois : $buffer;
}


		$ipwhois = (empty($buffer)) ? $ipwhois : $buffer;
}


	$ipwhois = htmlspecialchars($ipwhois);

	$ipwhois = htmlspecialchars($ipwhois, ENT_COMPAT);


// Magic URL ;)
return trim(make_clickable($ipwhois, false, ''));


// Magic URL ;)
return trim(make_clickable($ipwhois, false, ''));

Line 1577Line 1575
		return false;
}


		return false;
}


	if ($min && utf8_strlen(htmlspecialchars_decode($string)) < $min)

	if ($min && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) < $min)

	{
return 'TOO_SHORT';
}

	{
return 'TOO_SHORT';
}

	else if ($max && utf8_strlen(htmlspecialchars_decode($string)) > $max)

	else if ($max && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) > $max)

	{
return 'TOO_LONG';
}

	{
return 'TOO_LONG';
}

Line 1615Line 1613

/**
* Validate Date


/**
* Validate Date

* @param String $string a date in the dd-mm-yyyy format


* @param	string $date_string a date in the dd-mm-yyyy format
* @param bool $optional

* @return	boolean
*/
function validate_date($date_string, $optional = false)

* @return	boolean
*/
function validate_date($date_string, $optional = false)

Line 1753Line 1752
	}

// ... fast checks first.

	}

// ... fast checks first.

	if (strpos($username, '&quot;') !== false || strpos($username, '"') !== false || empty($clean_username))


	if (strpos($username, '&quot;') !== false || strpos($username, '"') !== false || empty($clean_username)
|| preg_match('/[\x{180E}\x{2005}-\x{200D}\x{202F}\x{205F}\x{2060}\x{FEFF}]/u', $username))

	{
return 'INVALID_CHARS';
}

	{
return 'INVALID_CHARS';
}

Line 1887Line 1887
* Check to see if email address is a valid address and contains a MX record
*
* @param string $email The email to check

* Check to see if email address is a valid address and contains a MX record
*
* @param string $email The email to check

 
* @param $config

*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/

*
* @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/

Line 1910Line 1911
	{
list(, $domain) = explode('@', $email);


	{
list(, $domain) = explode('@', $email);


		if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false)

		if (checkdnsrr($domain, 'A') === false && checkdnsrr($domain, 'MX') === false)

		{
return 'DOMAIN_NO_MX_RECORD';
}

		{
return 'DOMAIN_NO_MX_RECORD';
}

Line 1953Line 1954

if (!$config['allow_emailreuse'])
{


if (!$config['allow_emailreuse'])
{

		$sql = 'SELECT user_email_hash

		$sql = 'SELECT user_email

			FROM ' . USERS_TABLE . "

			FROM ' . USERS_TABLE . "

			WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email));

			WHERE user_email = '" . $db->sql_escape($email) . "'";

		$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

		$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);

Line 3626Line 3627
/**
* Funtion to make a user leave the NEWLY_REGISTERED system group.
* @access public

/**
* Funtion to make a user leave the NEWLY_REGISTERED system group.
* @access public

* @param $user_id The id of the user to remove from the group


* @param int $user_id The id of the user to remove from the group
* @param mixed $user_data The id of the user to remove from the group

*/
function remove_newly_registered($user_id, $user_data = false)
{

*/
function remove_newly_registered($user_id, $user_data = false)
{