PageRenderTime 62ms CodeModel.GetById 24ms RepoModel.GetById 1ms app.codeStats 0ms

/include/admin/users.php

https://bitbucket.org/webop/webop-forum
PHP | 1079 lines | 994 code | 59 blank | 26 comment | 43 complexity | 17dd10289c99addb16ef16f62ce3c5ea MD5 | raw file
Possible License(s): LGPL-2.1 
    

  1. <?php
    2. 

  2. 

  3. ////////////////////////////////////////////////////////////////////////////////
    4. 

  4. //                                                                            //
    5. 

  5. //   Copyright (C) 2010  Phorum Development Team                              //
    6. 

  6. //   http://www.phorum.org                                                    //
    7. 

  7. //                                                                            //
    8. 

  8. //   This program is free software. You can redistribute it and/or modify     //
    9. 

  9. //   it under the terms of either the current Phorum License (viewable at     //
    10. 

  10. //   phorum.org) or the Phorum License that was distributed with this file    //
    11. 

  11. //                                                                            //
    12. 

  12. //   This program is distributed in the hope that it will be useful,          //
    13. 

  13. //   but WITHOUT ANY WARRANTY, without even the implied warranty of           //
    14. 

  14. //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                     //
    15. 

  15. //                                                                            //
    16. 

  16. //   You should have received a copy of the Phorum License                    //
    17. 

  17. //   along with this program.                                                 //
    18. 

  18. //                                                                            //
    19. 

  19. ////////////////////////////////////////////////////////////////////////////////
    20. 

  20. 

  21. if(!defined("PHORUM_ADMIN")) return;
    22. 

  22. 

  23. include('./include/format_functions.php');
    24. 

  24. 

  25. $user_status_map = array(
    26. 

  26.     'any'                     => 'Any user status',
    27. 

  27.     'pending'                 => 'Any pending status',
    28. 

  28.     PHORUM_USER_PENDING_BOTH  => 'Pending user + moderator confirmation',
    29. 

  29.     PHORUM_USER_PENDING_EMAIL => 'Pending user confirmation',
    30. 

  30.     PHORUM_USER_PENDING_MOD   => 'Pending moderator confirmation',
    31. 

  31.     PHORUM_USER_INACTIVE      => 'Deactivated',
    32. 

  32.     PHORUM_USER_ACTIVE        => 'Active',
    33. 

  33. );
    34. 

  34. 

  35. // A utility list of field names that are used for searching.
    36. 

  36. $user_search_fields = array(
    37. 

  37.     'search_username',
    38. 

  38.     'username_search_loc',
    39. 

  39.     'search_display_name',
    40. 

  40.     'display_name_search_loc',
    41. 

  41.     'search_email',
    42. 

  42.     'email_search_loc',
    43. 

  43.     'search_signature',
    44. 

  44.     'signature_search_loc',
    45. 

  45.     'search_type',
    46. 

  46.     'search_status',
    47. 

  47.     'posts',
    48. 

  48.     'posts_op',
    49. 

  49.     'lastactive',
    50. 

  50.     'lastactive_op',
    51. 

  51.     'registered',
    52. 

  52.     'registered_op',
    53. 

  53.     'member_of_group',
    54. 

  54.     'profile_field',
    55. 

  55.     'search_profile_field',
    56. 

  56.     'profile_field_search_loc',
    57. 

  57.     'forum_permissions',
    58. 

  58.     'forum_permissions_forums'
    59. 

  59. );
    60. 

  60. 

  61. 

  62. $error="";
    63. 

  63. 

  64. // if the page and pagelength have been set from before, use them.
    65. 

  65. $page_args = "";
    66. 

  66. $page_args_array = array();
    67. 

  67. if (isset($_GET["page"])) {
    68. 

  68.     $page_args .= "&page=".(int)$_GET["page"];
    69. 

  69.     $page_args_array[] = "page=".(int)$_GET["page"];
    70. 

  70. }
    71. 

  71. if (isset($_GET["pagelength"])) {
    72. 

  72.     $page_args .= "&pagelength=".(int)$_GET["pagelength"];
    73. 

  73.     $page_args_array[] = "pagelength=".(int)$_GET["pagelength"];
    74. 

  74. }
    75. 

  75. if (isset($_GET["sort"])) {
    76. 

  76.     $page_args .= "&sort=".$_GET["sort"];
    77. 

  77.     $page_args_array[] = "sort=".$_GET["sort"];
    78. 

  78. }
    79. 

  79. if (isset($_GET["sort_dir"])) {
    80. 

  80.     $get_sort_dir = empty($_GET["sort_dir"]) ? "" : "-";
    81. 

  81.     $page_args .= "&sort_dir=".$get_sort_dir;
    82. 

  82.     $page_args_array[] = "sort_dir=".$get_sort_dir;
    83. 

  83. }
    84. 

  84.     
    85. 

  85. // The referrer to use for the user edit page, to jump back to the user list.
    86. 

  86. if (isset($_POST['referrer'])) {
    87. 

  87.     $referrer = $_POST['referrer'];
    88. 

  88.     unset($_POST['referrer']);
    89. 

  89. } elseif (isset($_SERVER['HTTP_REFERER'])) {
    90. 

  90.     $referrer = $_SERVER['HTTP_REFERER'] . $page_args;
    91. 

  91. } else {
    92. 

  92.     $input_args = array('module=users');
    93. 

  93.     if(count($page_args_array)) $input_args = array_merge($input_args,$page_args_array);
    94. 

  94.     $referrer = phorum_admin_build_url($input_args);
    95. 

  95. }
    96. 

  96. 

  97. if(count($_POST))
    98. 

  98. {
    99. 

  99.     if (isset($_POST['action']) && $_POST['action'] == "deleteUsers")
    100. 

  100.     {
    101. 

  101.         $count=count($_POST['deleteIds']);
    102. 

  102.         if($count > 0) {
    103. 

  103.             foreach($_POST['deleteIds'] as $id => $deluid) {
    104. 

  104.                 phorum_api_user_delete($deluid);
    105. 

  105.             }
    106. 

  106.             phorum_admin_okmsg("$count User(s) deleted.");
    107. 

  107.         }
    108. 

  108. 

  109.     //process new user data
    110. 

  110.     } elseif (isset($_POST["addUser"])) {
    111. 

  111. 

  112.         $user_data = $_POST;
    113. 

  113. 

  114.         //check for pre-existing username
    115. 

  115.         if (!empty($_POST["username"])) {
    116. 

  116.             $existing_user = phorum_api_user_search("username", $_POST["username"]);
    117. 

  117.             if (!empty($existing_user))
    118. 

  118.                 $error = 'The user name "'.htmlspecialchars($_POST['username']).'" is already in use!';
    119. 

  119.         } else {
    120. 

  120.             $error = "You must provide a user name!";
    121. 

  121.         }
    122. 

  122. 

  123.         //check for a valid email
    124. 

  124.         if (!empty($_POST["email"])) {
    125. 

  125.             include('./include/email_functions.php');
    126. 

  126.             $valid_email = phorum_valid_email($_POST["email"]);
    127. 

  127.             if ($valid_email !== true)
    128. 

  128.                 $error = 'The email "'.htmlspecialchars($_POST[email]).'" is not valid!';
    129. 

  129.         } else {
    130. 

  130.             $error = "You must provide an e-mail!";
    131. 

  131.         }
    132. 

  132.         
    133. 

  133. 

  134.         //check for password and password confirmation
    135. 

  135.         if(isset($_POST['password1']) && !empty($_POST['password1']) && !empty($_POST['password2']) && $_POST['password1'] != $_POST['password2']) {
    136. 

  136.             $error="Passwords don't match!";
    137. 

  137.         } elseif(!empty($_POST['password1']) && !empty($_POST['password2'])) {
    138. 

  138.             $user_data['password']=$_POST['password1'];
    139. 

  139.             $user_data['password_temp']=$_POST['password1'];
    140. 

  140.         } else {
    141. 

  141.             $error="You must assign a password!";
    142. 

  142.         }
    143. 

  143. 

  144.         unset($user_data["password1"]);
    145. 

  145.         unset($user_data["password2"]);
    146. 

  146.         unset($user_data["module"]);
    147. 

  147.         unset($user_data["addUser"]);
    148. 

  148.         unset($user_data["phorum_admin_token"]);
    149. 

  149. 

  150.         if(empty($error)){
    151. 

  151.             $user_data["user_id"] = NULL;
    152. 

  152.             $user_data["active"] = PHORUM_USER_ACTIVE;
    153. 

  153.             phorum_api_user_save($user_data);
    154. 

  154.             phorum_admin_okmsg("User Added");
    155. 

  155.         } else {
    156. 

  156.             $addUser_error = 1;
    157. 

  157.         }
    158. 

  158. 

  159. 

  160.     } else {
    161. 

  161. 

  162.         $user_data=$_POST;
    163. 

  163. 

  164.         switch( $_POST["section"] ) {
    165. 

  165. 

  166. 

  167.             case "forums":
    168. 

  168. 

  169.                 if($_POST["new_forum"]){
    170. 

  170.                     if(!is_array($_POST["new_forum_permissions"])){
    171. 

  171.                         $permission=0;
    172. 

  172.                     } else {
    173. 

  173.                         $permission = 0;
    174. 

  174.                         foreach($_POST["new_forum_permissions"] as $perm=>$check){
    175. 

  175.                            $permission = $permission | $perm;
    176. 

  176.                         }
    177. 

  177.                     }
    178. 

  178. 

  179.                     $user_data["forum_permissions"][$_POST["new_forum"]]=$permission;
    180. 

  180.                     unset($user_data["new_forum"]);
    181. 

  181.                 }
    182. 

  182. 

  183.                 if(isset($_POST["delforum"])){
    184. 

  184.                     foreach($_POST["delforum"] as $fid=>$val){
    185. 

  185.                         unset($user_data["forum_permissions"][$fid]);
    186. 

  186.                         unset($_POST["forums"][$fid]);
    187. 

  187.                     }
    188. 

  188.                     unset($user_data["delforum"]);
    189. 

  189.                 }
    190. 

  190. 

  191.                 if(isset($_POST["forums"])){
    192. 

  192.                     foreach($_POST["forums"] as $forum_id){
    193. 

  193.                         $permission=0;
    194. 

  194. 

  195.                         if(isset($user_data["forum_permissions"][$forum_id])){
    196. 

  196.                             foreach($user_data["forum_permissions"][$forum_id] as $perm=>$check){
    197. 

  197.                                 $permission = $permission | $perm;
    198. 

  198.                             }
    199. 

  199.                         }
    200. 

  200. 

  201.                         $user_data["forum_permissions"][$forum_id]=$permission;
    202. 

  202.                     }
    203. 

  203.                     unset($user_data["forums"]);
    204. 

  204.                 }
    205. 

  205. 

  206.                 if(empty($user_data["forum_permissions"])) $user_data["forum_permissions"]=array();
    207. 

  207. 

  208.                 unset($user_data["delforum"]);
    209. 

  209.                 unset($user_data["new_forum"]);
    210. 

  210.                 unset($user_data["new_forum_permissions"]);
    211. 

  211. 

  212.                 break;
    213. 

  213. 

  214.             case "groups":
    215. 

  215.                 $groupdata = array();
    216. 

  216. 

  217.                 if($_POST["new_group"]){
    218. 

  218.                     // set the new group permission to approved
    219. 

  219.                     $groupdata[$_POST["new_group"]] = PHORUM_USER_GROUP_APPROVED;
    220. 

  220.                     unset($user_data['new_group']);
    221. 

  221.                 }
    222. 

  222. 

  223.                 if(isset($_POST["group_perm"])){
    224. 

  224.                     foreach($_POST["group_perm"] as $group_id=>$perm){
    225. 

  225.                         // as long as we aren't removing them from the group, accept other values
    226. 

  226.                         if ($perm != "remove"){
    227. 

  227.                             $groupdata[$group_id] = $perm;
    228. 

  228.                         }
    229. 

  229.                     }
    230. 

  230.                     unset($user_data['group_perm']);
    231. 

  231.                 }
    232. 

  232. 

  233.                 phorum_api_user_save_groups($_POST["user_id"], $groupdata);
    234. 

  234. 

  235.                 unset($user_data["new_group"]);
    236. 

  236. 

  237.                 break;
    238. 

  238.         }
    239. 

  239. 

  240.         if(isset($_POST['password1']) && !empty($_POST['password1']) && !empty($_POST['password2']) && $_POST['password1'] != $_POST['password2']) {
    241. 

  241.             $error="Passwords don't match!";
    242. 

  242.         } elseif(!empty($_POST['password1']) && !empty($_POST['password2'])) {
    243. 

  243.             $user_data['password']=$_POST['password1'];
    244. 

  244.             $user_data['password_temp']=$_POST['password1'];
    245. 

  245.         }
    246. 

  246. 

  247.         // clean up
    248. 

  248.         unset($user_data["module"]);
    249. 

  249.         unset($user_data["section"]);
    250. 

  250.         unset($user_data["password1"]);
    251. 

  251.         unset($user_data["password2"]);
    252. 

  252.         unset($user_data["submit"]);
    253. 

  253.         unset($user_data["phorum_admin_token"]);
    254. 

  254. 

  255.         if (empty($error)){
    256. 

  256.             $user_data = phorum_hook("admin_users_form_save", $user_data);
    257. 

  257.             if (isset($user_data["error"])) {
    258. 

  258.                 $error = $user_data["error"];
    259. 

  259.                 unset($user_data["error"]);
    260. 

  260.             }
    261. 

  261.         }
    262. 

  262.         if(empty($error)){
    263. 

  263.             phorum_api_user_save($user_data);
    264. 

  264.             phorum_admin_okmsg("User Saved");
    265. 

  265.         }
    266. 

  266.     }
    267. 

  267. 

  268. }
    269. 

  269. 

  270. if ($error) {
    271. 

  271.     phorum_admin_error($error);
    272. 

  272. }
    273. 

  273. 

  274. include_once "./include/admin/PhorumInputForm.php";
    275. 

  275. include_once "./include/profile_functions.php";
    276. 

  276. 

  277. if(!defined("PHORUM_ORIGINAL_USER_CODE") || PHORUM_ORIGINAL_USER_CODE!==true){
    278. 

  278.     echo "Phorum User Admin only works with the Phorum User System.";
    279. 

  279.     return;
    280. 

  280. }
    281. 

  281. 

  282. if (!isset($_GET["edit"]) && !isset($_GET["add"]) && !isset($addUser_error) && !isset($_POST['section']))
    283. 

  283. {
    284. 

  284.     $users_url = phorum_admin_build_url(array('module=users'));
    285. 

  285.     $users_add_url = phorum_admin_build_url(array('module=users','add=1'));
    286. 

  286.     print "<a href=\"$users_url\">" .
    287. 

  287.           "Show all users</a> | <a href=\"$users_add_url\">Add User</a><br/>";
    288. 

  288. 

  289.     if (empty($_REQUEST["user_id"]))
    290. 

  290.     {
    291. 

  291.         $frm = new PhorumInputForm ("", "get", "Search");
    292. 

  292. 

  293.         $frm->addbreak("User Search");
    294. 

  294. 

  295.         $frm->hidden("module", "users");
    296. 

  296.         
    297. 

  297.         $field_search_loc_array = array("any" => "Anywhere","start" => "Start of Field","end" => "End of Field");
    298. 

  298.         
    299. 

  299.         $frm->addrow("Username contains", $frm->text_box("search_username", $_REQUEST["search_username"], 30) ."&nbsp;". $frm->select_tag("username_search_loc", $field_search_loc_array, $_REQUEST["username_search_loc"]));
    300. 

  300.         if ($PHORUM['display_name_source'] != 'username') {
    301. 

  301.             $frm->addrow("Display name contains", $frm->text_box("search_display_name", $_REQUEST["search_display_name"], 30) ."&nbsp;". $frm->select_tag("display_name_search_loc", $field_search_loc_array, $_REQUEST["display_name_search_loc"]));
    302. 

  302.         }
    303. 

  303.         $frm->addrow("Email contains", $frm->text_box("search_email", $_REQUEST["search_email"], 30) ."&nbsp;". $frm->select_tag("email_search_loc", $field_search_loc_array, $_REQUEST["email_search_loc"]));
    304. 

  304.         $frm->addrow("Signature contains", $frm->text_box("search_signature", $_REQUEST["search_signature"], 30) ."&nbsp;". $frm->select_tag("signature_search_loc", $field_search_loc_array, $_REQUEST["signature_search_loc"]));
    305. 

  305.         $frm->addrow("User status and type", $frm->select_tag("search_status", $user_status_map, $_REQUEST['search_status']) . " " . $frm->select_tag("search_type", array('any' => 'Any type of user', 'user' => 'Regular users', 'admin' => 'Administrators'), $_REQUEST['search_type']));
    306. 

  306.         $frm->addrow("Number of forum posts ",
    307. 

  307.             $frm->text_box("posts", isset($_REQUEST["posts"]) && trim($_REQUEST["posts"]) != '' ? (int) $_REQUEST["posts"] : "", 5) . " " .
    308. 

  308.             $frm->select_tag("posts_op", array("gte" => "messages or more", "lte" => "messages or less"), $_REQUEST["posts_op"]));
    309. 

  309.         $frm->addrow("Last user activity",
    310. 

  310.             $frm->select_tag("lastactive_op", array("lt" => "Longer ago than", "gte" => "Within the last"), $_REQUEST["lastactive_op"]) . " " .
    311. 

  311.             $frm->text_box("lastactive", empty($_REQUEST["lastactive"]) ? "" : (int) $_REQUEST["lastactive"], 5) . " days"
    312. 

  312.             );
    313. 

  313.         $frm->addrow("Date user registered",
    314. 

  314.             $frm->select_tag("registered_op", array("lt" => "Longer ago than", "gte" => "Within the last"), $_REQUEST["registered_op"]) . " " .
    315. 

  315.             $frm->text_box("registered", empty($_REQUEST["registered"]) ? "" : (int) $_REQUEST["registered"], 5) . " days"
    316. 

  316.             );
    317. 

  317.         
    318. 

  318.         $forum_permissions_forums_list = array();
    319. 

  319. 

  320.         $forum_permissions_forums = phorum_db_get_forums();
    321. 

  321. 

  322.         $forum_permissions_forumpaths = phorum_get_forum_info(1);
    323. 

  323.         foreach($forum_permissions_forumpaths as $forum_id => $forumname) {
    324. 

  324.             if($forums[$forum_id]['folder_flag'] == 0)
    325. 

  325.                 $forum_permissions_forums_list[$forum_id]=$forumname;
    326. 

  326.         }
    327. 

  327.         
    328. 

  328.         if(count($forum_permissions_forums_list)) {
    329. 

  329.             $forum_permissions_forums_select = "<select name=\"forum_permissions_forums[]\" multiple=\"multiple\" size=\"2\">\n";
    330. 

  330.             if(!empty($_REQUEST['forum_permissions_forums'])) {
    331. 

  331.                 if (is_array($_REQUEST['forum_permissions_forums'])) {
    332. 

  332.                     foreach ($_REQUEST['forum_permissions_forums'] as $forum_permissions_forum) {
    333. 

  333.                         $selected_forum_permissions_forums[$forum_permissions_forum] = $forum_permissions_forum;
    334. 

  334.                     }
    335. 

  335.                 } else {
    336. 

  336.                     $selected_forum_permissions_forums[(int)$_REQUEST['forum_permissions_forums']] = (int)$_REQUEST['forum_permissions_forums'];
    337. 

  337.                 }
    338. 

  338.             }
    339. 

  339.             foreach ($forum_permissions_forums_list as $forum_id => $forumname) {
    340. 

  340.                 $forum_permissions_forums_select .= "<option value=\"$forum_id\"";
    341. 

  341.                 if (isset($selected_forum_permissions_forums[$forum_id]))
    342. 

  342.                     $forum_permissions_forums_select .= " selected='selected'";
    343. 

  343.                 $forum_permissions_forums_select .= ">$forumname</option>";
    344. 

  344.             }        
    345. 

  345.             $forum_permissions_forums_select .= "</select>";
    346. 

  346.             
    347. 

  347.             $forum_permissions = array(
    348. 

  348.                 PHORUM_USER_ALLOW_READ => "Read",
    349. 

  349.                 PHORUM_USER_ALLOW_REPLY => "Reply",
    350. 

  350.                 PHORUM_USER_ALLOW_NEW_TOPIC => "Create New Topics",
    351. 

  351.                 PHORUM_USER_ALLOW_EDIT => "Edit Their Posts",
    352. 

  352.                 PHORUM_USER_ALLOW_ATTACH => "Attach Files",
    353. 

  353.                 PHORUM_USER_ALLOW_MODERATE_MESSAGES => "Moderate Messages",
    354. 

  354.                 PHORUM_USER_ALLOW_MODERATE_USERS => "Moderate Users"
    355. 

  355.                 );
    356. 

  356.             
    357. 

  357.             $forum_permissions_select = "<select name=\"forum_permissions[]\" multiple=\"multiple\" size=\"2\">\n";
    358. 

  358.             if(!empty($_REQUEST['forum_permissions'])) {
    359. 

  359.                 if (is_array($_REQUEST['forum_permissions'])) {
    360. 

  360.                     foreach ($_REQUEST['forum_permissions'] as $forum_permission) {
    361. 

  361.                         $selected_forum_permissions[$forum_permission] = $forum_permission;
    362. 

  362.                     }
    363. 

  363.                 } else {
    364. 

  364.                     $selected_forum_permissions[(int)$_REQUEST['forum_permissions']] = (int)$_REQUEST['forum_permissions'];
    365. 

  365.                 }
    366. 

  366.             }
    367. 

  367.             
    368. 

  368.             foreach($forum_permissions as $forum_permission => $forum_permission_description) {
    369. 

  369.                 
    370. 

  370.                 $forum_permissions_select .= "<option value=\"".$forum_permission."\"";
    371. 

  371.                 if (isset($selected_forum_permissions[$forum_permission]))
    372. 

  372.                     $forum_permissions_select .= " selected=\"selected\"";
    373. 

  373.                 $forum_permissions_select .= ">".$forum_permission_description."</option>\n";
    374. 

  374.             }
    375. 

  375.             
    376. 

  376.             $forum_permissions_select .= "</select>\n";
    377. 

  377.             
    378. 

  378.             $frm->addrow("Personal permission to", $forum_permissions_select . "&nbsp;in&nbsp;" . $forum_permissions_forums_select);
    379. 

  379.         }
    380. 

  380.         
    381. 

  381.         if (isset($PHORUM['PROFILE_FIELDS']["num_fields"]))
    382. 

  382.             unset($PHORUM['PROFILE_FIELDS']["num_fields"]);
    383. 

  383.     
    384. 

  384.         $active_profile_fields = 0;
    385. 

  385.         foreach($PHORUM["PROFILE_FIELDS"] as $profile_field) {
    386. 

  386.             if (empty($profile_field['deleted']) && !empty($profile_field['show_in_admin'])) $active_profile_fields ++;
    387. 

  387.         }
    388. 

  388.     
    389. 

  389.         if ($active_profile_fields > 0) {
    390. 

  390.             $profile_field_select = "<select name=\"profile_field[]\"";
    391. 

  391.             if ($active_profile_fields > 1) 
    392. 

  392.                 $profile_field_select .= " multiple=\"multiple\" size=\"2\"";
    393. 

  393.             $profile_field_select .= ">\n";
    394. 

  394.             
    395. 

  395.             if(!empty($_REQUEST['profile_field'])) {
    396. 

  396.                 if (is_array($_REQUEST['profile_field'])) {
    397. 

  397.                     foreach ($_REQUEST['profile_field'] as $profile_field_id) {
    398. 

  398.                         $selected_profile_fields[$profile_field_id] = $profile_field_id;
    399. 

  399.                     }
    400. 

  400.                 } else {
    401. 

  401.                     $selected_profile_fields[(int)$_REQUEST['profile_field']] = (int)$_REQUEST['profile_field'];
    402. 

  402.                 }
    403. 

  403.             }
    404. 

  404.             
    405. 

  405.             foreach($PHORUM["PROFILE_FIELDS"] as $key => $profile_field) {
    406. 

  406.                 // Do not show deleted fields.
    407. 

  407.                 if (!empty($profile_field['deleted']) || empty($profile_field['show_in_admin'])) continue;
    408. 

  408.                 
    409. 

  409.                 $profile_field_select .= "<option value=\"".$profile_field["id"]."\"";
    410. 

  410.                 if (isset($selected_profile_fields[$profile_field["id"]]))
    411. 

  411.                     $profile_field_select .= " selected=\"selected\"";
    412. 

  412.                 $profile_field_select .= ">".$profile_field["name"]."</option>\n";
    413. 

  413.             }
    414. 

  414.             
    415. 

  415.             $profile_field_select .= "</select>\n";
    416. 

  416.             $frm->addrow("Custom Profiles", $frm->text_box("search_profile_field", $_REQUEST["search_profile_field"], 30) ."&nbsp;"
    417. 

  417.                 . $frm->select_tag("profile_field_search_loc", $field_search_loc_array, $_REQUEST["profile_field_search_loc"])
    418. 

  418.                 . "&nbsp;in&nbsp;" . $profile_field_select);
    419. 

  419.         }
    420. 

  420.         $db_groups = phorum_db_get_groups(0,true);
    421. 

  421.         if (count($db_groups)) {
    422. 

  422.             $multiple = (count($db_groups) > 1) ? "multiple=\"multiple\" size=\"3\"" : "";
    423. 

  423. 

  424.             $group_select = "<select name=\"member_of_group[]\" $multiple>\n";
    425. 

  425.             if (!$multiple) {
    426. 

  426.                 $group_select .= '<option value="">Any group</option>';
    427. 

  427.             }
    428. 

  428. 

  429.             $selected_groups = array();
    430. 

  430.             if(!empty($_REQUEST['member_of_group'])) {
    431. 

  431.                 if (is_array($_REQUEST['member_of_group'])) {
    432. 

  432.                     foreach ($_REQUEST['member_of_group'] as $group_id) {
    433. 

  433.                         $selected_groups[$group_id] = $group_id;
    434. 

  434.                     }
    435. 

  435.                 } else {
    436. 

  436.                     $selected_groups[(int)$_REQUEST['member_of_group']] = (int)$_REQUEST['member_of_group'];
    437. 

  437.                 }
    438. 

  438.             }
    439. 

  439.             
    440. 

  440.             ksort($db_groups);
    441. 

  441.             
    442. 

  442.             foreach ($db_groups as $group_id => $group) {
    443. 

  443.                 $group_select .= "<option value=\"$group_id\"";
    444. 

  444.                 if (isset($selected_groups[$group_id])) $group_select .= " selected=\"selected\"";
    445. 

  445.                 $group_select .= ">".$group["name"]."</option>\n";
    446. 

  446.             }
    447. 

  447.             $group_select .= "</select>\n";
    448. 

  448.             $frm->addrow("Member of group", $group_select);
    449. 

  449.         }
    450. 

  450.             
    451. 

  451.         $frm->show();
    452. 

  452.     }
    453. 

  453. 

  454. ?>
    455. 

  455.     <hr class="PhorumAdminHR" />
    456. 

  456. 

  457.     <script type="text/javascript">
    458. 

  458.     <!--
    459. 

  459.     function CheckboxControl(form, onoff) {
    460. 

  460.         for (var i = 0; i < form.elements.length; i++)
    461. 

  461.             if (form.elements[i].type == "checkbox")
    462. 

  462.                 form.elements[i].checked = onoff;
    463. 

  463.     }
    464. 

  464.     // -->
    465. 

  465.     </script>
    466. 

  466. <?php
    467. 

  467. 

  468.     if (!empty($_REQUEST["member_of_group"]) && is_array($_REQUEST["member_of_group"])) {
    469. 

  469.         $_REQUEST["member_of_group"] = implode(",",$_REQUEST["member_of_group"]);
    470. 

  470.     }
    471. 

  471.     if (!empty($_REQUEST["profile_field"]) && is_array($_REQUEST["profile_field"])) {
    472. 

  472.         $_REQUEST["profile_field"] = implode(",",$_REQUEST["profile_field"]);
    473. 

  473.     }
    474. 

  474.     if (!empty($_REQUEST["forum_permissions"]) && is_array($_REQUEST["forum_permissions"])) {
    475. 

  475.         $_REQUEST["forum_permissions"] = implode(",",$_REQUEST["forum_permissions"]);
    476. 

  476.     }
    477. 

  477.     if (!empty($_REQUEST["forum_permissions_forums"]) && is_array($_REQUEST["forum_permissions_forums"])) {
    478. 

  478.         $_REQUEST["forum_permissions_forums"] = implode(",",$_REQUEST["forum_permissions_forums"]);
    479. 

  479.     }
    480. 

  480.     
    481. 

  481.     // Build the search parameters query string items.
    482. 

  482.     $url_safe_search_arr = array();
    483. 

  483.     foreach ($user_search_fields as $field) {
    484. 

  484.         if (isset($_REQUEST[$field])) {
    485. 

  485.             $url_safe_search_arr[]= "$field=" . urlencode($_REQUEST[$field]);
    486. 

  486.         }
    487. 

  487.     }
    488. 

  488.     
    489. 

  489.     if (isset($_POST["sort"])) $_GET["sort"] = $_POST["sort"];
    490. 

  490.     $sort = isset($_GET["sort"]) ? $_GET["sort"] : "display_name";
    491. 

  491.     
    492. 

  492.     if (isset($_POST["sort_dir"])) $_GET["sort_dir"] = $_POST["sort_dir"];
    493. 

  493.     $sort_dir = empty($_GET["sort_dir"]) ? "" : "-";
    494. 

  494.     $reverse_sort_dir = (empty($sort_dir)) ? "-" : "";
    495. 

  495.     
    496. 

  496.     // Build the fields to search on.
    497. 

  497.     $search_fields = array();
    498. 

  498.     $search_values = array();
    499. 

  499.     $search_operators = array();
    500. 

  500.     if (isset($_REQUEST['search_username'])) {
    501. 

  501.         $search = trim($_REQUEST['search_username']);
    502. 

  502.         if ($search != '') {
    503. 

  503.             $search_fields[] = 'username';
    504. 

  504.             $search_values[] = $search;
    505. 

  505.             if ($_REQUEST['username_search_loc'] == "start") {
    506. 

  506.                 $search_operators[] = '?*';
    507. 

  507.             } else if ($_REQUEST['username_search_loc'] == "end") {
    508. 

  508.                 $search_operators[] = '*?';
    509. 

  509.             } else {
    510. 

  510.                 $search_operators[] = '*';
    511. 

  511.             }
    512. 

  512.         }
    513. 

  513.     }
    514. 

  514.     if (isset($_REQUEST['search_display_name'])) {
    515. 

  515.         $search = trim($_REQUEST['search_display_name']);
    516. 

  516.         if ($search != '') {
    517. 

  517.             $search_fields[] = 'display_name';
    518. 

  518.             $search_values[] = $search;
    519. 

  519.             if ($_REQUEST['display_name_search_loc'] == "start") {
    520. 

  520.                 $search_operators[] = '?*';
    521. 

  521.             } else if ($_REQUEST['display_name_search_loc'] == "end") {
    522. 

  522.                 $search_operators[] = '*?';
    523. 

  523.             } else {
    524. 

  524.                 $search_operators[] = '*';
    525. 

  525.             }
    526. 

  526.         }
    527. 

  527.     }
    528. 

  528.     if (isset($_REQUEST['search_email'])) {
    529. 

  529.         $search = trim($_REQUEST['search_email']);
    530. 

  530.         if ($search != '') {
    531. 

  531.             $search_fields[] = 'email';
    532. 

  532.             $search_values[] = $search;
    533. 

  533.             if ($_REQUEST['email_search_loc'] == "start") {
    534. 

  534.                 $search_operators[] = '?*';
    535. 

  535.             } else if ($_REQUEST['email_search_loc'] == "end") {
    536. 

  536.                 $search_operators[] = '*?';
    537. 

  537.             } else {
    538. 

  538.                 $search_operators[] = '*';
    539. 

  539.             }
    540. 

  540.         }
    541. 

  541.     }
    542. 

  542.     if (isset($_REQUEST['search_signature'])) {
    543. 

  543.         $search = trim($_REQUEST['search_signature']);
    544. 

  544.         if ($search != '') {
    545. 

  545.             $search_fields[] = 'signature';
    546. 

  546.             $search_values[] = $search;
    547. 

  547.             if ($_REQUEST['signature_search_loc'] == "start") {
    548. 

  548.                 $search_operators[] = '?*';
    549. 

  549.             } else if ($_REQUEST['signature_search_loc'] == "end") {
    550. 

  550.                 $search_operators[] = '*?';
    551. 

  551.             } else {
    552. 

  552.                 $search_operators[] = '*';
    553. 

  553.             }
    554. 

  554.         }
    555. 

  555.     }
    556. 

  556.     if (isset($_REQUEST['search_profile_field'])) {
    557. 

  557.         $search = trim($_REQUEST['search_profile_field']);
    558. 

  558.         if ($search != '' && !empty($_REQUEST['profile_field'])) {
    559. 

  559.             $profile_fields = explode(",",$_REQUEST['profile_field']);
    560. 

  560.             if ($_REQUEST['profile_field_search_loc'] == "start") {
    561. 

  561.                 $search_operator = '?*';
    562. 

  562.             } else if ($_REQUEST['profile_field_search_loc'] == "end") {
    563. 

  563.                 $search_operator = '*?';
    564. 

  564.             } else {
    565. 

  565.                 $search_operator = '*';
    566. 

  566.             }
    567. 

  567.             foreach($profile_fields as $profile_field) {
    568. 

  568.                 $profile_field_search_values[] = $search;
    569. 

  569.                 $profile_field_search_operators[] = $search_operator;
    570. 

  570.             }
    571. 

  571.             $db_matching_users = phorum_api_user_search_custom_profile_field($profile_fields,$profile_field_search_values,$profile_field_search_operators, TRUE, 'OR');
    572. 

  572.             if (empty($db_matching_users)) $db_matching_users = array();
    573. 

  573.             $search_fields[] = 'user_id';
    574. 

  574.             $search_values[] = $db_matching_users;
    575. 

  575.             $search_operators[] = '()';
    576. 

  576.         }
    577. 

  577.     }
    578. 

  578.     if (isset($_REQUEST['search_type']) &&
    579. 

  579.         $_REQUEST['search_type'] != '') {
    580. 

  580.         if ($_REQUEST['search_type'] == 'user') {
    581. 

  581.             $search_fields[] = 'admin';
    582. 

  582.             $search_values[] = 0;
    583. 

  583.             $search_operators[] = '=';
    584. 

  584.         } elseif ($_REQUEST['search_type'] == 'admin') {
    585. 

  585.             $search_fields[] = 'admin';
    586. 

  586.             $search_values[] = 1;
    587. 

  587.             $search_operators[] = '=';
    588. 

  588.         }
    589. 

  589.     }
    590. 

  590.     if (isset($_REQUEST["posts"]) && trim($_REQUEST["posts"]) != '' && $_REQUEST["posts"] >= 0) {
    591. 

  591.         $search_fields[] = 'posts';
    592. 

  592.         $search_values[] = (int) $_REQUEST['posts'];
    593. 

  593.         $search_operators[] = $_REQUEST['posts_op'] == 'gte' ? '>=' : '<=';
    594. 

  594.     }
    595. 

  595.     if (!empty($_REQUEST["lastactive"]) && $_REQUEST["lastactive"] >= 0) {
    596. 

  596.         $time = time() - ($_REQUEST["lastactive"] * 86400);
    597. 

  597.         $search_fields[] = 'date_last_active';
    598. 

  598.         $search_values[] = $time;
    599. 

  599.         $search_operators[] = $_REQUEST['lastactive_op'] == 'gte' ? '>=' : '<';
    600. 

  600.     }
    601. 

  601.     if (!empty($_REQUEST["registered"]) && $_REQUEST["registered"] >= 0) {
    602. 

  602.         $time = time() - ($_REQUEST["registered"] * 86400);
    603. 

  603.         $search_fields[] = 'date_added';
    604. 

  604.         $search_values[] = $time;
    605. 

  605.         $search_operators[] = $_REQUEST['registered_op'] == 'gte' ? '>=' : '<';
    606. 

  606.     }
    607. 

  607.     if (isset($_REQUEST['search_status']) &&
    608. 

  608.         $_REQUEST['search_status'] != '' &&
    609. 

  609.         $_REQUEST['search_status'] != 'any') {
    610. 

  610. 

  611.         $search_fields[] = 'active';
    612. 

  612.         if ($_REQUEST['search_status'] == 'pending') {
    613. 

  613.             $search_values[] = 0;
    614. 

  614.             $search_operators[] = '<';
    615. 

  615.         } else {
    616. 

  616.             $search_values[] = (int) $_REQUEST['search_status'];
    617. 

  617.             $search_operators[] = '=';
    618. 

  618.         }
    619. 

  619.     }
    620. 

  620.     if (!empty($_REQUEST["member_of_group"])) {
    621. 

  621.         $groups = explode(",",$_REQUEST["member_of_group"]);
    622. 

  622.         foreach($groups as $glid => $glrid) {
    623. 

  623.         	if($glrid < 1) {
    624. 

  624.         		unset($groups[$glid]);
    625. 

  625.         	}	
    626. 

  626.         }
    627. 

  627.         if(count($groups)) {
    628. 

  628. 	        $db_group_members = phorum_db_get_group_members($groups);
    629. 

  629. 	        $group_members = array();
    630. 

  630. 	        foreach ($db_group_members as $user_id => $group_status) {
    631. 

  631. 	            $group_members[] = $user_id;
    632. 

  632. 	        }
    633. 

  633. 	        $search_fields[] = 'user_id';
    634. 

  634. 	        $search_values[] = $group_members;
    635. 

  635. 	        $search_operators[] = '()';
    636. 

  636.         }
    637. 

  637.     }
    638. 

  638.     
    639. 

  639.     if (!empty($_REQUEST["forum_permissions"]) && !empty($_REQUEST["forum_permissions_forums"])) {
    640. 

  640.         $forum_permissions = explode(",",$_REQUEST["forum_permissions"]);
    641. 

  641.         $or_forum_permissions = "";
    642. 

  642.         foreach ($forum_permissions as $forum_permission) {
    643. 

  643.             if (isset($forum_permissions_first)) {
    644. 

  644.                 $or_forum_permissions .= " OR ";
    645. 

  645.             } else {
    646. 

  646.                 $forum_permissions_first = 1;
    647. 

  647.             }
    648. 

  648.             $or_forum_permissions .= "(perm.permission>=$forum_permission AND
    649. 

  649.                       (perm.permission & $forum_permission>0))";
    650. 

  650.         }
    651. 

  651.         phorum_db_sanitize_mixed($_REQUEST["forum_permissions_forums"],"string");
    652. 

  652.         $db_forum_permissions_users = phorum_db_interact(
    653. 

  653.             DB_RETURN_ROWS,
    654. 

  654.             "SELECT DISTINCT user.user_id AS user_id
    655. 

  655.              FROM   {$PHORUM['user_table']} AS user
    656. 

  656.                     LEFT JOIN {$PHORUM['user_permissions_table']} AS perm
    657. 

  657.                     ON perm.user_id = user.user_id
    658. 

  658.              WHERE  ($or_forum_permissions) AND perm.forum_id IN ({$_REQUEST['forum_permissions_forums']})"
    659. 

  659.         );
    660. 

  660.         $forum_permissions_users = array();
    661. 

  661.         foreach($db_forum_permissions_users as $user) {
    662. 

  662.             $forum_permissions_users[] = $user[0];
    663. 

  663.         }
    664. 

  664.         $search_fields[] = 'user_id';
    665. 

  665.         $search_values[] = $forum_permissions_users;
    666. 

  666.         $search_operators[] = '()';
    667. 

  667.     }
    668. 

  668. 

  669.     // Find a list of all matching user_ids.
    670. 

  670.     $total = phorum_api_user_search(
    671. 

  671.         $search_fields, $search_values, $search_operators,
    672. 

  672.         TRUE, 'AND',NULL,0,0,true
    673. 

  673.     );
    674. 

  674.     
    675. 

  675.     $default_pagelength=30;
    676. 

  676.     
    677. 

  677.     settype($_REQUEST["page"], "integer");
    678. 

  678.     settype($_REQUEST["pagelength"], "integer");
    679. 

  679.     
    680. 

  680.     // The available page lengths.
    681. 

  681.     $pagelengths = array(
    682. 

  682.         10   =>  "10 users per page",
    683. 

  683.         20   =>  "20 users per page",
    684. 

  684.         30   =>  "30 users per page",
    685. 

  685.         50   =>  "50 users per page",
    686. 

  686.         100  => "100 users per page",
    687. 

  687.         250  => "250 users per page",
    688. 

  688.     );
    689. 

  689.     
    690. 

  690.     // What page length to use?
    691. 

  691.     if (isset($_POST["pagelength"])) $_GET["pagelength"] = $_POST["pagelength"];
    692. 

  692.     $pagelength = isset($_GET["pagelength"]) ? (int)$_GET["pagelength"] : $default_pagelength;
    693. 

  693. 

  694.     if (!isset($pagelengths[$pagelength])) $pagelength = $default_pagelength;
    695. 

  695.     
    696. 

  696.     $totalpages = ceil($total/$pagelength);
    697. 

  697.     if ($totalpages <= 0) $totalpages = 1;
    698. 

  698.     
    699. 

  699.     // Which page to show?
    700. 

  700.     if (isset($_POST["prevpage"])) {
    701. 

  701.         $page = (int)$_POST["curpage"] - 1;
    702. 

  702.     } elseif (isset($_POST["nextpage"])) {
    703. 

  703.         $page = (int)$_POST["curpage"] + 1;
    704. 

  704.     } else {
    705. 

  705.         if (isset($_POST["page"])) $_GET["page"] = $_POST["page"];
    706. 

  706.         $page = isset($_GET["page"]) ? (int)$_GET["page"] : 1;
    707. 

  707.     }
    708. 

  708.     
    709. 

  709.     if ($page <= 0) $page = 1;
    710. 

  710.     if ($page > $totalpages) $page = $totalpages;
    711. 

  711. 

  712.     $search_start = ($page-1)*$pagelength;
    713. 

  713.     
    714. 

  714.     $db_sort = ($sort == "display_name") ? $sort_dir.$sort : array($sort_dir.$sort,"display_name");
    715. 

  715.     
    716. 

  716.     // Find a list of matching user_ids to display on the current page.
    717. 

  717.     $user_ids = phorum_api_user_search(
    718. 

  718.         $search_fields, $search_values, $search_operators,
    719. 

  719.         TRUE, 'AND', $db_sort,
    720. 

  720.         $search_start, $pagelength
    721. 

  721.     );
    722. 

  722. 

  723.     // Retrieve the user data for the users on the current page.
    724. 

  724.     $users = empty($user_ids)
    725. 

  725.            ? array()
    726. 

  726.            : phorum_api_user_get($user_ids, FALSE);
    727. 

  727. 

  728.     if (count($users))
    729. 

  729.     {
    730. 

  730.         // Create a page list for a drop down menu.
    731. 

  731.         $pagelist = array();
    732. 

  732.         for($p=1; $p<=$totalpages; $p++) {
    733. 

  733.             $pagelist[$p] = $p;
    734. 

  734.         }
    735. 

  735.         
    736. 

  736.         $cols = 6;
    737. 

  737.         
    738. 

  738.         $input_args = array('module=users');
    739. 

  739.         $input_args = array_merge($input_args,$url_safe_search_arr);
    740. 

  740.         
    741. 

  741.         $frm_url = phorum_admin_build_url($input_args);
    742. 

  742.         
    743. 

  743.         $sort_input_args = array('page='.$page,'pagelength='.$pagelength);
    744. 

  744.         $sort_input_args = array_merge($sort_input_args,$input_args);
    745. 

  745.         
    746. 

  746.         $display_name_sort_dir = ($sort == "display_name") ? $reverse_sort_dir : "";
    747. 

  747.         $display_name_sort_url_args = array_merge(array('sort=display_name','sort_dir='.$display_name_sort_dir),$sort_input_args);
    748. 

  748.         $display_name_sort_url = phorum_admin_build_url($display_name_sort_url_args);
    749. 

  749.         
    750. 

  750.         $email_sort_dir = ($sort == "email") ? $reverse_sort_dir : "";
    751. 

  751.         $email_sort_url_args = array_merge(array('sort=email','sort_dir='.$email_sort_dir),$sort_input_args);
    752. 

  752.         $email_sort_url = phorum_admin_build_url($email_sort_url_args);
    753. 

  753.         
    754. 

  754.         $status_sort_dir = ($sort == "active") ? $reverse_sort_dir : "";
    755. 

  755.         $status_sort_url_args = array_merge(array('sort=active','sort_dir='.$status_sort_dir),$sort_input_args);
    756. 

  756.         $status_sort_url = phorum_admin_build_url($status_sort_url_args);
    757. 

  757.         
    758. 

  758.         $posts_sort_dir = ($sort == "posts") ? $reverse_sort_dir : "";
    759. 

  759.         $posts_sort_url_args = array_merge(array('sort=posts','sort_dir='.$posts_sort_dir),$sort_input_args);
    760. 

  760.         $posts_sort_url = phorum_admin_build_url($posts_sort_url_args);
    761. 

  761.         
    762. 

  762.         $last_activity_sort_dir = ($sort == "date_last_active") ? $reverse_sort_dir : "";
    763. 

  763.         $last_activity_sort_url_args = array_merge(array('sort=date_last_active','sort_dir='.$last_activity_sort_dir),$sort_input_args);
    764. 

  764.         $last_activity_sort_url = phorum_admin_build_url($last_activity_sort_url_args);
    765. 

  765.         
    766. 

  766.         if (!empty($_REQUEST["registered"])) {
    767. 

  767.             $cols++;
    768. 

  768.             $registered_sort_dir = ($sort == "date_added") ? $reverse_sort_dir : "";
    769. 

  769.             $registered_sort_url_args = array_merge(array('sort=date_added','sort_dir='.$registered_sort_dir),$sort_input_args);
    770. 

  770.             $registered_sort_url = phorum_admin_build_url($registered_sort_url_args);
    771. 

  771.         }
    772. 

  772.         
    773. 

  773.         echo <<<EOT
    774. 

  774.         <form name="UsersForm" action="$frm_url" method="post">
    775. 

  775.         <input type="hidden" name="phorum_admin_token" value="{$PHORUM['admin_token']}">
    776. 

  776.         <input type="hidden" name="curpage" value="$page">
    777. 

  777.         <input type="hidden" name="sort" value="$sort">
    778. 

  778.         <input type="hidden" name="sort_dir" value="$sort_dir">
    779. 

  779.         <input type="hidden" name="module" value="users">
    780. 

  780.         <input type="hidden" name="action" value="deleteUsers">
    781. 

  781.         <table border="0" cellspacing="1" cellpadding="0"
    782. 

  782.                class="PhorumAdminTable" width="100%">
    783. 

  783.         <tr>
    784. 

  784.             <td colspan="$cols">
    785. 

  785.             <span style="float:right;margin-right:10px">
    786. 

  786.             <select name="pagelength" onchange="this.form.submit()">
    787. 

  787. EOT;
    788. 

  788.         foreach ($pagelengths as $value => $description) {
    789. 

  789.             echo "<option";
    790. 

  790.             if ($value == $pagelength) echo " selected=\"selected\"";
    791. 

  791.             echo " value=\"$value\">$description</option>";
    792. 

  792.         }
    793. 

  793.         echo "</select>&nbsp;&nbsp;&nbsp;";
    794. 

  794.         if ($page > 1) echo "<input type=\"submit\" name=\"prevpage\" value=\"&lt;&lt;\"/> ";
    795. 

  795.         echo "page <select name=\"page\" onchange=\"this.form.submit()\">";
    796. 

  796.         foreach ($pagelist as $value) {
    797. 

  797.             echo "<option";
    798. 

  798.             if ($value == $page) echo " selected=\"selected\"";
    799. 

  799.             echo " value=\"$value\">$value</option>";
    800. 

  800.         }
    801. 

  801.         echo "</select> of $totalpages ";
    802. 

  802.         if ($page < $totalpages) echo "<input type=\"submit\" name=\"nextpage\" value=\"&gt;&gt;\"/>";
    803. 

  803.         echo <<<EOT
    804. 

  804.             </span>Number of users: $total
    805. 

  805.             </td>
    806. 

  806.         </tr>
    807. 

  807.         <tr>
    808. 

  808.             <td class="PhorumAdminTableHead"><a href="$display_name_sort_url" style="color: #FFF;">Display Name</a></td>
    809. 

  809.             <td class="PhorumAdminTableHead"><a href="$email_sort_url" style="color: #FFF;">Email</a></td>
    810. 

  810.             <td class="PhorumAdminTableHead"><a href="$status_sort_url" style="color: #FFF;">Status</a></td>
    811. 

  811.             <td class="PhorumAdminTableHead"><a href="$posts_sort_url" style="color: #FFF;">Posts</a></td>
    812. 

  812.             <td class="PhorumAdminTableHead"><a href="$last_activity_sort_url" style="color: #FFF;">Last Activity</a></td>
    813. 

  813. EOT;
    814. 

  814.         if (!empty($_REQUEST["registered"])) {
    815. 

  815.             echo "<td class=\"PhorumAdminTableHead\"><a href=\"$registered_sort_url\" style=\"color: #FFF;\">Registered</a></td>";
    816. 

  816.         }
    817. 

  817.         echo <<<EOT
    818. 

  818.             <td class="PhorumAdminTableHead">Delete</td>
    819. 

  819.         </tr>
    820. 

  820. EOT;
    821. 

  821.         foreach($user_ids as $user_id)
    822. 

  822.         {
    823. 

  823.             $user = $users[$user_id];
    824. 

  824. 

  825.             $status = $user_status_map[$user['active']];
    826. 

  826. 

  827.             $posts = intval($user['posts']);
    828. 

  828. 

  829.             $ta_class = "PhorumAdminTableRow".($ta_class == "PhorumAdminTableRow" ? "Alt" : "");
    830. 

  830.             
    831. 

  831.             $user_input_args = array('module=users','user_id='.$user['user_id'],'edit=1','page='.$page,'pagelength='.$pagelength,'sort='.$sort,'sort_dir='.$sort_dir);
    832. 

  832.             $user_input_args = array_merge($user_input_args,$url_safe_search_arr);
    833. 

  833.             $edit_url = phorum_admin_build_url($user_input_args);
    834. 

  834.             echo "<tr>\n";
    835. 

  835.             echo "    <td class=\"".$ta_class."\"><a href=\"$edit_url\">".(empty($PHORUM['custom_display_name']) ? htmlspecialchars($user['display_name']) : $user['display_name'])."</a></td>\n";
    836. 

  836.             echo "    <td class=\"".$ta_class."\">".htmlspecialchars($user['email'])."</td>\n";
    837. 

  837.             echo "    <td class=\"".$ta_class."\">{$status}</td>\n";
    838. 

  838.             echo "    <td class=\"".$ta_class."\" style=\"text-align:right\">{$posts}</td>\n";
    839. 

  839.             echo "    <td class=\"".$ta_class."\" align=\"right\">".(intval($user['date_last_active']) ? phorum_date($PHORUM['short_date'], intval($user['date_last_active'])) : "&nbsp;")."</td>\n";
    840. 

  840.             if (!empty($_REQUEST["registered"])) {
    841. 

  841.                 echo "    <td class=\"".$ta_class."\" align=\"right\">".(intval($user['date_added']) ? phorum_date($PHORUM['short_date'], intval($user['date_added'])) : "&nbsp;")."</td>\n";
    842. 

  842.             }
    843. 

  843.             echo "    <td class=\"".$ta_class."\"><input type=\"checkbox\" name=\"deleteIds[]\" value=\"{$user['user_id']}\"></td>\n";
    844. 

  844.             echo "</tr>\n";
    845. 

  845.         }
    846. 

  846. 

  847.         echo <<<EOT
    848. 

  848.         <tr>
    849. 

  849.           <td colspan="$cols" align="right">
    850. 

  850.           <input type="button" value="Check All"
    851. 

  851.            onClick="CheckboxControl(this.form, true);">
    852. 

  852.           <input type="button" value="Clear All"
    853. 

  853.            onClick="CheckboxControl(this.form, false);">
    854. 

  854.           <input type="submit" name="delete" value="Delete Selected Users"
    855. 

  855.            onClick="return confirm('Really delete the selected user(s)?')">
    856. 

  856.           </td>
    857. 

  857.         </tr>
    858. 

  858.         </table>
    859. 

  859.         </form>
    860. 

  860. EOT;
    861. 

  861. 

  862.     } else {
    863. 

  863. 

  864.         echo "No Users Found.";
    865. 

  865. 

  866.     }
    867. 

  867. 

  868. }
    869. 

  869. 

  870. // display edit form
    871. 

  871. if (isset($_REQUEST["user_id"]))
    872. 

  872. {
    873. 

  873.     print "<a href=\"".htmlspecialchars($referrer)."\">Back to the user overview</a>&nbsp;|&nbsp;<a href=\"#forums\">Edit Forum Permissions</a>&nbsp;|&nbsp;<a href=\"#groups\">Edit Groups</a><br />";
    874. 

  874. 

  875.     $user = phorum_api_user_get($_REQUEST["user_id"], TRUE);
    876. 

  876. 

  877.     if(count($user)){
    878. 

  878. 

  879.         $frm = new PhorumInputForm ("", "post", "Update");
    880. 

  880. 

  881.         $frm->hidden("module", "users");
    882. 

  882. 

  883.         $frm->hidden("section", "main");
    884. 

  884. 

  885.         $frm->hidden("referrer", $referrer);
    886. 

  886. 

  887.         $frm->hidden("user_id", $_REQUEST["user_id"]);
    888. 

  888. 

  889.         $frm->addbreak("Edit User");
    890. 

  890. 

  891.         $frm->addrow("User Name", $frm->text_box("username", $user["username"], 50));
    892. 

  892. 

  893.         $frm->addrow("Real Name", $frm->text_box("real_name", $user["real_name"], 50));
    894. 

  894. 

  895.         $frm->addrow("Email", $frm->text_box("email", $user["email"], 50));
    896. 

  896.         $frm->addrow("Password (Enter to change)", $frm->text_box("password1",""));
    897. 

  897.         $frm->addrow("Password (Confirmation)", $frm->text_box("password2",""));
    898. 

  898. 

  899. 

  900.         $frm->addrow("Signature", $frm->textarea("signature", $user["signature"]));
    901. 

  901. 

  902.         $frm->addrow("Active", $frm->select_tag("active", array("No", "Yes"), $user["active"]));
    903. 

  903. 

  904.         $frm->addrow("Forum posts",$user["posts"]);
    905. 

  905. 

  906.         $frm->addrow("Registration Date", phorum_date($PHORUM['short_date_time'], $user['date_added']));
    907. 

  907. 

  908.         $row=$frm->addrow("Date last active", phorum_date($PHORUM['short_date_time'], $user['date_last_active']));
    909. 

  909. 

  910.         $frm->addrow("Administrator", $frm->select_tag("admin", array("No", "Yes"), $user["admin"]));
    911. 

  911. 

  912.         $frm->addhelp($row, "Date last active", "This shows the date, when the user was last seen in the forum. Check your setting on \"Track user usage\" in the \"General Settings\". As long as this setting is not enabled, the activity will not be tracked.");
    913. 

  913. 

  914.         $cf_header_shown=0;
    915. 

  915.         foreach($PHORUM["PROFILE_FIELDS"] as $key => $item){
    916. 

  916.             if ($key === 'num_rows' || !empty($item['deleted'])) continue;
    917. 

  917.             if(!empty($item['show_in_admin'])) {
    918. 

  918.                 if(!$cf_header_shown) {
    919. 

  919.                     $frm->addbreak('Custom Profile Fields');
    920. 

  920.                     $cf_header_shown=1;
    921. 

  921.                 }
    922. 

  922.                 $itemval = "[EMPTY]";
    923. 

  923.                 if (isset($user[$item['name']]) && trim($user[$item['name']]) != '') {
    924. 

  924.                     $itemval = trim($user[$item['name']]);
    925. 

  925.                 }
    926. 

  926.                 $frm->addrow($item['name'],$itemval);
    927. 

  927.             }
    928. 

  928.         }
    929. 

  929. 

  930.         phorum_hook("admin_users_form", $frm, $user);
    931. 

  931. 

  932.         $frm->show();
    933. 

  933. 

  934.         echo "<br /><hr class=\"PhorumAdminHR\" /><br /><a name=\"forums\"></a>";
    935. 

  935. 

  936.         $frm = new PhorumInputForm ("", "post", "Update");
    937. 

  937. 

  938.         $frm->hidden("user_id", $_REQUEST["user_id"]);
    939. 

  939. 

  940.         $frm->hidden("module", "users");
    941. 

  941. 

  942.         $frm->hidden("section", "forums");
    943. 

  943. 

  944.         $frm->hidden("referrer", $referrer);
    945. 

  945. 

  946.         $row=$frm->addbreak("Edit Forum Permissions");
    947. 

  947. 

  948.         $frm->addhelp($row, "Forum Permissions", "These are permissions set exclusively for this user.  You need to grant all permisssions you want the user to have for a forum here.  No permissions from groups or a forum's properties will be used once the user has specific permissions for a forum.");
    949. 

  949. 

  950.         $forums=phorum_db_get_forums();
    951. 

  951. 

  952.         $forumpaths = phorum_get_forum_info(1);
    953. 

  953. 

  954.         $perm_frm = $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_READ."]", 1, "Read")."&nbsp;&nbsp;".
    955. 

  955.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_REPLY."]", 1, "Reply")."&nbsp;&nbsp;".
    956. 

  956.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_NEW_TOPIC."]", 1, "Create&nbsp;New&nbsp;Topics")."&nbsp;&nbsp;".
    957. 

  957.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_EDIT."]", 1, "Edit&nbsp;Their&nbsp;Posts")."<br />".
    958. 

  958.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_ATTACH."]", 1, "Attach&nbsp;Files")."<br />".
    959. 

  959.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_MODERATE_MESSAGES."]", 1, "Moderate Messages")."&nbsp;&nbsp;".
    960. 

  960.                     $frm->checkbox("new_forum_permissions[".PHORUM_USER_ALLOW_MODERATE_USERS."]", 1, "Moderate Users")."&nbsp;&nbsp;";
    961. 

  961. 

  962.         $arr[]="Add A Forum...";
    963. 

  963. 

  964.         foreach($forumpaths as $forum_id=>$forumname){
    965. 

  965.             if(!isset($user["forum_permissions"][$forum_id]) && $forums[$forum_id]['folder_flag'] == 0)
    966. 

  966.                 $arr[$forum_id]=$forumname;
    967. 

  967.         }
    968. 

  968. 

  969.         if(count($arr)>1)
    970. 

  970.             $frm->addrow($frm->select_tag("new_forum", $arr), $perm_frm);
    971. 

  971. 

  972. 

  973.         if(is_array($user["forum_permissions"])){
    974. 

  974.             foreach($user["forum_permissions"] as $forum_id=>$perms){
    975. 

  975.                 $perm_frm = $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_READ."]", 1, "Read", ($perms & PHORUM_USER_ALLOW_READ))."&nbsp;&nbsp;".
    976. 

  976.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_REPLY."]", 1, "Reply", ($perms & PHORUM_USER_ALLOW_REPLY))."&nbsp;&nbsp;".
    977. 

  977.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_NEW_TOPIC."]", 1, "Create&nbsp;New&nbsp;Topics", ($perms & PHORUM_USER_ALLOW_NEW_TOPIC))."&nbsp;&nbsp;".
    978. 

  978.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_EDIT."]", 1, "Edit&nbsp;Their&nbsp;Posts", ($perms & PHORUM_USER_ALLOW_EDIT))."<br />".
    979. 

  979.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_ATTACH."]", 1, "Attach&nbsp;Files", ($perms & PHORUM_USER_ALLOW_ATTACH))."<br />".
    980. 

  980.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_MODERATE_MESSAGES."]", 1, "Moderate Messages", ($perms & PHORUM_USER_ALLOW_MODERATE_MESSAGES))."&nbsp;&nbsp;".
    981. 

  981.                             $frm->checkbox("forum_permissions[$forum_id][".PHORUM_USER_ALLOW_MODERATE_USERS."]", 1, "Moderate Users", ($perms & PHORUM_USER_ALLOW_MODERATE_USERS))."&nbsp;&nbsp;".
    982. 

  982. 

  983.                 $frm->hidden("forums[$forum_id]", $forum_id);
    984. 

  984. 

  985.                 $row=$frm->addrow($forumpaths[$forum_id]."<br />".$frm->checkbox("delforum[$forum_id]", 1, "Delete"), $perm_frm);
    986. 

  986. 

  987.             }
    988. 

  988.         }
    989. 

  989. 

  990.         $frm->show();
    991. 

  991. 

  992.         echo "<br /><hr class=\"PhorumAdminHR\" /><br /><a name=\"groups\"></a>";
    993. 

  993. 

  994.         $frm = new PhorumInputForm ("", "post", "Update");
    995. 

  995. 

  996.         $frm->hidden("user_id", $_REQUEST["user_id"]);
    997. 

  997. 

  998.         $frm->hidden("module", "users");
    999. 

  999. 

  1000.         $frm->hidden("referrer", $referrer);
    1001. 

  1001. 

  1002.         $frm->hidden("section", "groups");
    1003. 

  1003. 

  1004.         $extra_opts = "";
    1005. 

  1005.         // if its an admin, let the user know that the admin will be able to act as a moderator no matter what
    1006. 

  1006.         if ($user["admin"]){
    1007. 

  1007.             $row=$frm->addbreak("Edit Groups (Admins can act as a moderator of every group, regardless of these values)");
    1008. 

  1008.         }
    1009. 

  1009.         else{
    1010. 

  1010.             $row=$frm->addbreak("Edit Groups");
    1011. 

  1011.         }
    1012. 

  1012. 

  1013.         $groups= phorum_db_get_groups(0, TRUE);
    1014. 

  1014.         $usergroups = phorum_api_user_check_group_access(PHORUM_USER_GROUP_SUSPENDED, PHORUM_ACCESS_LIST, $_REQUEST["user_id"]);
    1015. 

  1015. 

  1016.         $arr=array("Add A Group...");
    1017. 

  1017.         foreach($groups as $group_id=>$group){
    1018. 

  1018.             if(!isset($usergroups[$group_id]))
    1019. 

  1019.                 $arr[$group_id]=$group["name"];
    1020. 

  1020.         }
    1021. 

  1021. 

  1022.         if(count($arr)>1)
    1023. 

  1023.             $frm->addrow("Add A Group", $frm->select_tag("new_group", $arr));
    1024. 

  1024. 

  1025.         if(is_array($usergroups)){
    1026. 

  1026.             $group_options = array(
    1027. 

  1027.                     "remove" => "< Remove User From Group >",
    1028. 

  1028.                     PHORUM_USER_GROUP_SUSPENDED => "Suspended",
    1029. 

  1029.                     PHORUM_USER_GROUP_UNAPPROVED => "Unapproved",
    1030. 

  1030.                     PHORUM_USER_GROUP_APPROVED => "Approved",
    1031. 

  1031.                     PHORUM_USER_GROUP_MODERATOR => "Group Moderator");
    1032. 

  1032.             foreach($usergroups as $group_id => $group){
    1033. 

  1033.                 $group_perm = $group['user_status'];
    1034. 

  1034.                 $group_info = phorum_db_get_groups($group_id);
    1035. 

  1035.                 $frm->hidden("groups[$group_id]", "$group_id");
    1036. 

  1036.                 $frm->addrow($group_info[$group_id]["name"], $frm->select_tag("group_perm[$group_id]", $group_options, $group_perm, $extra_opts));
    1037. 

  1037.             }
    1038. 

  1038.         }
    1039. 

  1039. 

  1040.         $frm->show();
    1041. 

  1041. 

  1042.     } else {
    1043. 

  1043. 

  1044.         echo "User Not Found.";
    1045. 

  1045. 

  1046.     }
    1047. 

  1047. 

  1048. //display add user form
    1049. 

  1049. } elseif (isset($_REQUEST["add"]) || isset($addUser_error)) {
    1050. 

  1050. 

  1051.     $username = isset($user_data["username"]) ? $user_data["username"] : "";
    1052. 

  1052.     $real_name = isset($user_data["real_name"]) ? $user_data["real_name"] : "";
    1053. 

  1053.     $email = isset($user_data["email"]) ? $user_data["email"] : "";
    1054. 

  1054.     $admin = isset($user_data["admin"]) ? $user_data["admin"] : "";
    1055. 

  1055. 

  1056.     print "<a href=\"".htmlspecialchars($referrer)."\">Back to the user overview</a><br/>";
    1057. 

  1057. 

  1058.     $frm = new PhorumInputForm ("", "post", "Add User");
    1059. 

  1059. 

  1060.     $frm->hidden("module", "users");
    1061. 

  1061. 

  1062.     $frm->hidden("referrer", $referrer);
    1063. 

  1063. 

  1064.     $frm->hidden("addUser", 1);
    1065. 

  1065. 

  1066.     $frm->addbreak("Add User");
    1067. 

  1067. 

  1068.     $frm->addrow("User Name", $frm->text_box("username", $username, 50));
    1069. 

  1069.     $frm->addrow("Real Name", $frm->text_box("real_name", $real_name, 50));
    1070. 

  1070. 

  1071.     $frm->addrow("Email", $frm->text_box("email", $email, 50));
    1072. 

  1072.     $frm->addrow("Password", $frm->text_box("password1","", 0, 0, true));
    1073. 

  1073.     $frm->addrow("Password (Confirmation)", $frm->text_box("password2","", 0, 0, true));
    1074. 

  1074. 

  1075.     $frm->addrow("Administrator", $frm->select_tag("admin", array("No", "Yes"), $admin));
    1076. 

  1076. 

  1077.     $frm->show();
    1078. 

  1078. }
    1079. 

  1079. ?>
    1080. 

  1080.