PageRenderTime 71ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 1ms

/forum/includes/functions_user.php

https://bitbucket.org/itoxable/chiron-gaming
PHP | 3590 lines | 2683 code | 551 blank | 356 comment | 525 complexity | 4bdf68bb81eb280a3a51cb7684dfb5fa MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0

Large files files are truncated, but you can click here to view the full file

    

  1. <?php

    2. 

  2. /**

    3. 

  3. *

    4. 

  4. * @package phpBB3

    5. 

  5. * @version $Id$

    6. 

  6. * @copyright (c) 2005 phpBB Group

    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License

    8. 

  8. *

    9. 

  9. */

    10. 

  10. 

    11. 

  11. /**

    12. 

  12. * @ignore

    13. 

  13. */

    14. 

  14. if (!defined('IN_PHPBB'))

    15. 

  15. {

    16. 

  16. 	exit;

    17. 

  17. }

    18. 

  18. 

    19. 

  19. /**

    20. 

  20. * Obtain user_ids from usernames or vice versa. Returns false on

    21. 

  21. * success else the error string

    22. 

  22. *

    23. 

  23. * @param array &$user_id_ary The user ids to check or empty if usernames used

    24. 

  24. * @param array &$username_ary The usernames to check or empty if user ids used

    25. 

  25. * @param mixed $user_type Array of user types to check, false if not restricting by user type

    26. 

  26. */

    27. 

  27. function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false)

    28. 

  28. {

    29. 

  29. 	global $db;

    30. 

  30. 

    31. 

  31. 	// Are both arrays already filled? Yep, return else

    32. 

  32. 	// are neither array filled?

    33. 

  33. 	if ($user_id_ary && $username_ary)

    34. 

  34. 	{

    35. 

  35. 		return false;

    36. 

  36. 	}

    37. 

  37. 	else if (!$user_id_ary && !$username_ary)

    38. 

  38. 	{

    39. 

  39. 		return 'NO_USERS';

    40. 

  40. 	}

    41. 

  41. 

    42. 

  42. 	$which_ary = ($user_id_ary) ? 'user_id_ary' : 'username_ary';

    43. 

  43. 

    44. 

  44. 	if ($$which_ary && !is_array($$which_ary))

    45. 

  45. 	{

    46. 

  46. 		$$which_ary = array($$which_ary);

    47. 

  47. 	}

    48. 

  48. 

    49. 

  49. 	$sql_in = ($which_ary == 'user_id_ary') ? array_map('intval', $$which_ary) : array_map('utf8_clean_string', $$which_ary);

    50. 

  50. 	unset($$which_ary);

    51. 

  51. 

    52. 

  52. 	$user_id_ary = $username_ary = array();

    53. 

  53. 

    54. 

  54. 	// Grab the user id/username records

    55. 

  55. 	$sql_where = ($which_ary == 'user_id_ary') ? 'user_id' : 'username_clean';

    56. 

  56. 	$sql = 'SELECT user_id, username

    57. 

  57. 		FROM ' . USERS_TABLE . '

    58. 

  58. 		WHERE ' . $db->sql_in_set($sql_where, $sql_in);

    59. 

  59. 

    60. 

  60. 	if ($user_type !== false && !empty($user_type))

    61. 

  61. 	{

    62. 

  62. 		$sql .= ' AND ' . $db->sql_in_set('user_type', $user_type);

    63. 

  63. 	}

    64. 

  64. 

    65. 

  65. 	$result = $db->sql_query($sql);

    66. 

  66. 

    67. 

  67. 	if (!($row = $db->sql_fetchrow($result)))

    68. 

  68. 	{

    69. 

  69. 		$db->sql_freeresult($result);

    70. 

  70. 		return 'NO_USERS';

    71. 

  71. 	}

    72. 

  72. 

    73. 

  73. 	do

    74. 

  74. 	{

    75. 

  75. 		$username_ary[$row['user_id']] = $row['username'];

    76. 

  76. 		$user_id_ary[] = $row['user_id'];

    77. 

  77. 	}

    78. 

  78. 	while ($row = $db->sql_fetchrow($result));

    79. 

  79. 	$db->sql_freeresult($result);

    80. 

  80. 

    81. 

  81. 	return false;

    82. 

  82. }

    83. 

  83. 

    84. 

  84. /**

    85. 

  85. * Get latest registered username and update database to reflect it

    86. 

  86. */

    87. 

  87. function update_last_username()

    88. 

  88. {

    89. 

  89. 	global $db;

    90. 

  90. 

    91. 

  91. 	// Get latest username

    92. 

  92. 	$sql = 'SELECT user_id, username, user_colour

    93. 

  93. 		FROM ' . USERS_TABLE . '

    94. 

  94. 		WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')

    95. 

  95. 		ORDER BY user_id DESC';

    96. 

  96. 	$result = $db->sql_query_limit($sql, 1);

    97. 

  97. 	$row = $db->sql_fetchrow($result);

    98. 

  98. 	$db->sql_freeresult($result);

    99. 

  99. 

    100. 

  100. 	if ($row)

    101. 

  101. 	{

    102. 

  102. 		set_config('newest_user_id', $row['user_id'], true);

    103. 

  103. 		set_config('newest_username', $row['username'], true);

    104. 

  104. 		set_config('newest_user_colour', $row['user_colour'], true);

    105. 

  105. 	}

    106. 

  106. }

    107. 

  107. 

    108. 

  108. /**

    109. 

  109. * Updates a username across all relevant tables/fields

    110. 

  110. *

    111. 

  111. * @param string $old_name the old/current username

    112. 

  112. * @param string $new_name the new username

    113. 

  113. */

    114. 

  114. function user_update_name($old_name, $new_name)

    115. 

  115. {

    116. 

  116. 	global $config, $db, $cache;

    117. 

  117. 

    118. 

  118. 	$update_ary = array(

    119. 

  119. 		FORUMS_TABLE			=> array('forum_last_poster_name'),

    120. 

  120. 		MODERATOR_CACHE_TABLE	=> array('username'),

    121. 

  121. 		POSTS_TABLE				=> array('post_username'),

    122. 

  122. 		TOPICS_TABLE			=> array('topic_first_poster_name', 'topic_last_poster_name'),

    123. 

  123. 	);

    124. 

  124. 

    125. 

  125. 	foreach ($update_ary as $table => $field_ary)

    126. 

  126. 	{

    127. 

  127. 		foreach ($field_ary as $field)

    128. 

  128. 		{

    129. 

  129. 			$sql = "UPDATE $table

    130. 

  130. 				SET $field = '" . $db->sql_escape($new_name) . "'

    131. 

  131. 				WHERE $field = '" . $db->sql_escape($old_name) . "'";

    132. 

  132. 			$db->sql_query($sql);

    133. 

  133. 		}

    134. 

  134. 	}

    135. 

  135. 

    136. 

  136. 	if ($config['newest_username'] == $old_name)

    137. 

  137. 	{

    138. 

  138. 		set_config('newest_username', $new_name, true);

    139. 

  139. 	}

    140. 

  140. 

    141. 

  141. 	// Because some tables/caches use username-specific data we need to purge this here.

    142. 

  142. 	$cache->destroy('sql', MODERATOR_CACHE_TABLE);

    143. 

  143. }

    144. 

  144. 

    145. 

  145. /**

    146. 

  146. * Adds an user

    147. 

  147. *

    148. 

  148. * @param mixed $user_row An array containing the following keys (and the appropriate values): username, group_id (the group to place the user in), user_email and the user_type(usually 0). Additional entries not overridden by defaults will be forwarded.

    149. 

  149. * @param string $cp_data custom profile fields, see custom_profile::build_insert_sql_array

    150. 

  150. * @return the new user's ID.

    151. 

  151. */

    152. 

  152. function user_add($user_row, $cp_data = false)

    153. 

  153. {

    154. 

  154. 	global $db, $user, $auth, $config, $phpbb_root_path, $phpEx;

    155. 

  155. 

    156. 

  156. 	if (empty($user_row['username']) || !isset($user_row['group_id']) || !isset($user_row['user_email']) || !isset($user_row['user_type']))

    157. 

  157. 	{

    158. 

  158. 		return false;

    159. 

  159. 	}

    160. 

  160. 

    161. 

  161. 	$username_clean = utf8_clean_string($user_row['username']);

    162. 

  162. 

    163. 

  163. 	if (empty($username_clean))

    164. 

  164. 	{

    165. 

  165. 		return false;

    166. 

  166. 	}

    167. 

  167. 

    168. 

  168. 	$sql_ary = array(

    169. 

  169. 		'username'			=> $user_row['username'],

    170. 

  170. 		'username_clean'	=> $username_clean,

    171. 

  171. 		'user_password'		=> (isset($user_row['user_password'])) ? $user_row['user_password'] : '',

    172. 

  172. 		'user_pass_convert'	=> 0,

    173. 

  173. 		'user_email'		=> strtolower($user_row['user_email']),

    174. 

  174. 		'user_email_hash'	=> phpbb_email_hash($user_row['user_email']),

    175. 

  175. 		'group_id'			=> $user_row['group_id'],

    176. 

  176. 		'user_type'			=> $user_row['user_type'],

    177. 

  177. 	);

    178. 

  178. 

    179. 

  179. 	// These are the additional vars able to be specified

    180. 

  180. 	$additional_vars = array(

    181. 

  181. 		'user_permissions'	=> '',

    182. 

  182. 		'user_timezone'		=> $config['board_timezone'],

    183. 

  183. 		'user_dateformat'	=> $config['default_dateformat'],

    184. 

  184. 		'user_lang'			=> $config['default_lang'],

    185. 

  185. 		'user_style'		=> (int) $config['default_style'],

    186. 

  186. 		'user_actkey'		=> '',

    187. 

  187. 		'user_ip'			=> '',

    188. 

  188. 		'user_regdate'		=> time(),

    189. 

  189. 		'user_passchg'		=> time(),

    190. 

  190. 		'user_options'		=> 230271,

    191. 

  191. 		// We do not set the new flag here - registration scripts need to specify it

    192. 

  192. 		'user_new'			=> 0,

    193. 

  193. 

    194. 

  194. 		'user_inactive_reason'	=> 0,

    195. 

  195. 		'user_inactive_time'	=> 0,

    196. 

  196. 		'user_lastmark'			=> time(),

    197. 

  197. 		'user_lastvisit'		=> 0,

    198. 

  198. 		'user_lastpost_time'	=> 0,

    199. 

  199. 		'user_lastpage'			=> '',

    200. 

  200. 		'user_posts'			=> 0,

    201. 

  201. 		'user_dst'				=> (int) $config['board_dst'],

    202. 

  202. 		'user_colour'			=> '',

    203. 

  203. 		'user_occ'				=> '',

    204. 

  204. 		'user_interests'		=> '',

    205. 

  205. 		'user_avatar'			=> '',

    206. 

  206. 		'user_avatar_type'		=> 0,

    207. 

  207. 		'user_avatar_width'		=> 0,

    208. 

  208. 		'user_avatar_height'	=> 0,

    209. 

  209. 		'user_new_privmsg'		=> 0,

    210. 

  210. 		'user_unread_privmsg'	=> 0,

    211. 

  211. 		'user_last_privmsg'		=> 0,

    212. 

  212. 		'user_message_rules'	=> 0,

    213. 

  213. 		'user_full_folder'		=> PRIVMSGS_NO_BOX,

    214. 

  214. 		'user_emailtime'		=> 0,

    215. 

  215. 

    216. 

  216. 		'user_notify'			=> 0,

    217. 

  217. 		'user_notify_pm'		=> 1,

    218. 

  218. 		'user_notify_type'		=> NOTIFY_EMAIL,

    219. 

  219. 		'user_allow_pm'			=> 1,

    220. 

  220. 		'user_allow_viewonline'	=> 1,

    221. 

  221. 		'user_allow_viewemail'	=> 1,

    222. 

  222. 		'user_allow_massemail'	=> 1,

    223. 

  223. 

    224. 

  224. 		'user_sig'					=> '',

    225. 

  225. 		'user_sig_bbcode_uid'		=> '',

    226. 

  226. 		'user_sig_bbcode_bitfield'	=> '',

    227. 

  227. 

    228. 

  228. 		'user_form_salt'			=> unique_id(),

    229. 

  229. 	);

    230. 

  230. 

    231. 

  231. 	// Now fill the sql array with not required variables

    232. 

  232. 	foreach ($additional_vars as $key => $default_value)

    233. 

  233. 	{

    234. 

  234. 		$sql_ary[$key] = (isset($user_row[$key])) ? $user_row[$key] : $default_value;

    235. 

  235. 	}

    236. 

  236. 

    237. 

  237. 	// Any additional variables in $user_row not covered above?

    238. 

  238. 	$remaining_vars = array_diff(array_keys($user_row), array_keys($sql_ary));

    239. 

  239. 

    240. 

  240. 	// Now fill our sql array with the remaining vars

    241. 

  241. 	if (sizeof($remaining_vars))

    242. 

  242. 	{

    243. 

  243. 		foreach ($remaining_vars as $key)

    244. 

  244. 		{

    245. 

  245. 			$sql_ary[$key] = $user_row[$key];

    246. 

  246. 		}

    247. 

  247. 	}

    248. 

  248. 

    249. 

  249. 	$sql = 'INSERT INTO ' . USERS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);

    250. 

  250. 	$db->sql_query($sql);

    251. 

  251. 

    252. 

  252. 	$user_id = $db->sql_nextid();

    253. 

  253. 

    254. 

  254. 	// Insert Custom Profile Fields

    255. 

  255. 	if ($cp_data !== false && sizeof($cp_data))

    256. 

  256. 	{

    257. 

  257. 		$cp_data['user_id'] = (int) $user_id;

    258. 

  258. 

    259. 

  259. 		if (!class_exists('custom_profile'))

    260. 

  260. 		{

    261. 

  261. 			include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);

    262. 

  262. 		}

    263. 

  263. 

    264. 

  264. 		$sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' .

    265. 

  265. 			$db->sql_build_array('INSERT', custom_profile::build_insert_sql_array($cp_data));

    266. 

  266. 		$db->sql_query($sql);

    267. 

  267. 	}

    268. 

  268. 

    269. 

  269. 	// Place into appropriate group...

    270. 

  270. 	$sql = 'INSERT INTO ' . USER_GROUP_TABLE . ' ' . $db->sql_build_array('INSERT', array(

    271. 

  271. 		'user_id'		=> (int) $user_id,

    272. 

  272. 		'group_id'		=> (int) $user_row['group_id'],

    273. 

  273. 		'user_pending'	=> 0)

    274. 

  274. 	);

    275. 

  275. 	$db->sql_query($sql);

    276. 

  276. 

    277. 

  277. 	// Now make it the users default group...

    278. 

  278. 	group_set_user_default($user_row['group_id'], array($user_id), false);

    279. 

  279. 

    280. 

  280. 	// Add to newly registered users group if user_new is 1

    281. 

  281. 	if ($config['new_member_post_limit'] && $sql_ary['user_new'])

    282. 

  282. 	{

    283. 

  283. 		$sql = 'SELECT group_id

    284. 

  284. 			FROM ' . GROUPS_TABLE . "

    285. 

  285. 			WHERE group_name = 'NEWLY_REGISTERED'

    286. 

  286. 				AND group_type = " . GROUP_SPECIAL;

    287. 

  287. 		$result = $db->sql_query($sql);

    288. 

  288. 		$add_group_id = (int) $db->sql_fetchfield('group_id');

    289. 

  289. 		$db->sql_freeresult($result);

    290. 

  290. 

    291. 

  291. 		if ($add_group_id)

    292. 

  292. 		{

    293. 

  293. 			// Because these actions only fill the log unneccessarily we skip the add_log() entry with a little hack. :/

    294. 

  294. 			$GLOBALS['skip_add_log'] = true;

    295. 

  295. 

    296. 

  296. 			// Add user to "newly registered users" group and set to default group if admin specified so.

    297. 

  297. 			if ($config['new_member_group_default'])

    298. 

  298. 			{

    299. 

  299. 				group_user_add($add_group_id, $user_id, false, false, true);

    300. 

  300. 				$user_row['group_id'] = $add_group_id;

    301. 

  301. 			}

    302. 

  302. 			else

    303. 

  303. 			{

    304. 

  304. 				group_user_add($add_group_id, $user_id);

    305. 

  305. 			}

    306. 

  306. 

    307. 

  307. 			unset($GLOBALS['skip_add_log']);

    308. 

  308. 		}

    309. 

  309. 	}

    310. 

  310. 

    311. 

  311. 	// set the newest user and adjust the user count if the user is a normal user and no activation mail is sent

    312. 

  312. 	if ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_FOUNDER)

    313. 

  313. 	{

    314. 

  314. 		set_config('newest_user_id', $user_id, true);

    315. 

  315. 		set_config('newest_username', $user_row['username'], true);

    316. 

  316. 		set_config_count('num_users', 1, true);

    317. 

  317. 

    318. 

  318. 		$sql = 'SELECT group_colour

    319. 

  319. 			FROM ' . GROUPS_TABLE . '

    320. 

  320. 			WHERE group_id = ' . (int) $user_row['group_id'];

    321. 

  321. 		$result = $db->sql_query_limit($sql, 1);

    322. 

  322. 		$row = $db->sql_fetchrow($result);

    323. 

  323. 		$db->sql_freeresult($result);

    324. 

  324. 

    325. 

  325. 		set_config('newest_user_colour', $row['group_colour'], true);

    326. 

  326. 	}

    327. 

  327. 

    328. 

  328. 	return $user_id;

    329. 

  329. }

    330. 

  330. 

    331. 

  331. /**

    332. 

  332. * Remove User

    333. 

  333. */

    334. 

  334. function user_delete($mode, $user_id, $post_username = false)

    335. 

  335. {

    336. 

  336. 	global $cache, $config, $db, $user, $auth;

    337. 

  337. 	global $phpbb_root_path, $phpEx;

    338. 

  338. 

    339. 

  339. 	$sql = 'SELECT *

    340. 

  340. 		FROM ' . USERS_TABLE . '

    341. 

  341. 		WHERE user_id = ' . $user_id;

    342. 

  342. 	$result = $db->sql_query($sql);

    343. 

  343. 	$user_row = $db->sql_fetchrow($result);

    344. 

  344. 	$db->sql_freeresult($result);

    345. 

  345. 

    346. 

  346. 	if (!$user_row)

    347. 

  347. 	{

    348. 

  348. 		return false;

    349. 

  349. 	}

    350. 

  350. 

    351. 

  351. 	// Before we begin, we will remove the reports the user issued.

    352. 

  352. 	$sql = 'SELECT r.post_id, p.topic_id

    353. 

  353. 		FROM ' . REPORTS_TABLE . ' r, ' . POSTS_TABLE . ' p

    354. 

  354. 		WHERE r.user_id = ' . $user_id . '

    355. 

  355. 			AND p.post_id = r.post_id';

    356. 

  356. 	$result = $db->sql_query($sql);

    357. 

  357. 

    358. 

  358. 	$report_posts = $report_topics = array();

    359. 

  359. 	while ($row = $db->sql_fetchrow($result))

    360. 

  360. 	{

    361. 

  361. 		$report_posts[] = $row['post_id'];

    362. 

  362. 		$report_topics[] = $row['topic_id'];

    363. 

  363. 	}

    364. 

  364. 	$db->sql_freeresult($result);

    365. 

  365. 

    366. 

  366. 	if (sizeof($report_posts))

    367. 

  367. 	{

    368. 

  368. 		$report_posts = array_unique($report_posts);

    369. 

  369. 		$report_topics = array_unique($report_topics);

    370. 

  370. 

    371. 

  371. 		// Get a list of topics that still contain reported posts

    372. 

  372. 		$sql = 'SELECT DISTINCT topic_id

    373. 

  373. 			FROM ' . POSTS_TABLE . '

    374. 

  374. 			WHERE ' . $db->sql_in_set('topic_id', $report_topics) . '

    375. 

  375. 				AND post_reported = 1

    376. 

  376. 				AND ' . $db->sql_in_set('post_id', $report_posts, true);

    377. 

  377. 		$result = $db->sql_query($sql);

    378. 

  378. 

    379. 

  379. 		$keep_report_topics = array();

    380. 

  380. 		while ($row = $db->sql_fetchrow($result))

    381. 

  381. 		{

    382. 

  382. 			$keep_report_topics[] = $row['topic_id'];

    383. 

  383. 		}

    384. 

  384. 		$db->sql_freeresult($result);

    385. 

  385. 

    386. 

  386. 		if (sizeof($keep_report_topics))

    387. 

  387. 		{

    388. 

  388. 			$report_topics = array_diff($report_topics, $keep_report_topics);

    389. 

  389. 		}

    390. 

  390. 		unset($keep_report_topics);

    391. 

  391. 

    392. 

  392. 		// Now set the flags back

    393. 

  393. 		$sql = 'UPDATE ' . POSTS_TABLE . '

    394. 

  394. 			SET post_reported = 0

    395. 

  395. 			WHERE ' . $db->sql_in_set('post_id', $report_posts);

    396. 

  396. 		$db->sql_query($sql);

    397. 

  397. 

    398. 

  398. 		if (sizeof($report_topics))

    399. 

  399. 		{

    400. 

  400. 			$sql = 'UPDATE ' . TOPICS_TABLE . '

    401. 

  401. 				SET topic_reported = 0

    402. 

  402. 				WHERE ' . $db->sql_in_set('topic_id', $report_topics);

    403. 

  403. 			$db->sql_query($sql);

    404. 

  404. 		}

    405. 

  405. 	}

    406. 

  406. 

    407. 

  407. 	// Remove reports

    408. 

  408. 	$db->sql_query('DELETE FROM ' . REPORTS_TABLE . ' WHERE user_id = ' . $user_id);

    409. 

  409. 

    410. 

  410. 	if ($user_row['user_avatar'] && $user_row['user_avatar_type'] == AVATAR_UPLOAD)

    411. 

  411. 	{

    412. 

  412. 		avatar_delete('user', $user_row);

    413. 

  413. 	}

    414. 

  414. 

    415. 

  415. 	switch ($mode)

    416. 

  416. 	{

    417. 

  417. 		case 'retain':

    418. 

  418. 

    419. 

  419. 			$db->sql_transaction('begin');

    420. 

  420. 

    421. 

  421. 			if ($post_username === false)

    422. 

  422. 			{

    423. 

  423. 				$post_username = $user->lang['GUEST'];

    424. 

  424. 			}

    425. 

  425. 

    426. 

  426. 			// If the user is inactive and newly registered we assume no posts from this user being there...

    427. 

  427. 			if ($user_row['user_type'] == USER_INACTIVE && $user_row['user_inactive_reason'] == INACTIVE_REGISTER && !$user_row['user_posts'])

    428. 

  428. 			{

    429. 

  429. 			}

    430. 

  430. 			else

    431. 

  431. 			{

    432. 

  432. 				$sql = 'UPDATE ' . FORUMS_TABLE . '

    433. 

  433. 					SET forum_last_poster_id = ' . ANONYMOUS . ", forum_last_poster_name = '" . $db->sql_escape($post_username) . "', forum_last_poster_colour = ''

    434. 

  434. 					WHERE forum_last_poster_id = $user_id";

    435. 

  435. 				$db->sql_query($sql);

    436. 

  436. 

    437. 

  437. 				$sql = 'UPDATE ' . POSTS_TABLE . '

    438. 

  438. 					SET poster_id = ' . ANONYMOUS . ", post_username = '" . $db->sql_escape($post_username) . "'

    439. 

  439. 					WHERE poster_id = $user_id";

    440. 

  440. 				$db->sql_query($sql);

    441. 

  441. 

    442. 

  442. 				$sql = 'UPDATE ' . POSTS_TABLE . '

    443. 

  443. 					SET post_edit_user = ' . ANONYMOUS . "

    444. 

  444. 					WHERE post_edit_user = $user_id";

    445. 

  445. 				$db->sql_query($sql);

    446. 

  446. 

    447. 

  447. 				$sql = 'UPDATE ' . TOPICS_TABLE . '

    448. 

  448. 					SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''

    449. 

  449. 					WHERE topic_poster = $user_id";

    450. 

  450. 				$db->sql_query($sql);

    451. 

  451. 

    452. 

  452. 				$sql = 'UPDATE ' . TOPICS_TABLE . '

    453. 

  453. 					SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = ''

    454. 

  454. 					WHERE topic_last_poster_id = $user_id";

    455. 

  455. 				$db->sql_query($sql);

    456. 

  456. 

    457. 

  457. 				$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '

    458. 

  458. 					SET poster_id = ' . ANONYMOUS . "

    459. 

  459. 					WHERE poster_id = $user_id";

    460. 

  460. 				$db->sql_query($sql);

    461. 

  461. 

    462. 

  462. 				// Since we change every post by this author, we need to count this amount towards the anonymous user

    463. 

  463. 

    464. 

  464. 				// Update the post count for the anonymous user

    465. 

  465. 				if ($user_row['user_posts'])

    466. 

  466. 				{

    467. 

  467. 					$sql = 'UPDATE ' . USERS_TABLE . '

    468. 

  468. 						SET user_posts = user_posts + ' . $user_row['user_posts'] . '

    469. 

  469. 						WHERE user_id = ' . ANONYMOUS;

    470. 

  470. 					$db->sql_query($sql);

    471. 

  471. 				}

    472. 

  472. 			}

    473. 

  473. 

    474. 

  474. 			$db->sql_transaction('commit');

    475. 

  475. 

    476. 

  476. 		break;

    477. 

  477. 

    478. 

  478. 		case 'remove':

    479. 

  479. 

    480. 

  480. 			if (!function_exists('delete_posts'))

    481. 

  481. 			{

    482. 

  482. 				include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);

    483. 

  483. 			}

    484. 

  484. 

    485. 

  485. 			// Delete posts, attachments, etc.

    486. 

  486. 			delete_posts('poster_id', $user_id);

    487. 

  487. 

    488. 

  488. 		break;

    489. 

  489. 	}

    490. 

  490. 

    491. 

  491. 	$db->sql_transaction('begin');

    492. 

  492. 

    493. 

  493. 	$table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE, PRIVMSGS_FOLDER_TABLE, PRIVMSGS_RULES_TABLE);

    494. 

  494. 

    495. 

  495. 	foreach ($table_ary as $table)

    496. 

  496. 	{

    497. 

  497. 		$sql = "DELETE FROM $table

    498. 

  498. 			WHERE user_id = $user_id";

    499. 

  499. 		$db->sql_query($sql);

    500. 

  500. 	}

    501. 

  501. 

    502. 

  502. 	$cache->destroy('sql', MODERATOR_CACHE_TABLE);

    503. 

  503. 

    504. 

  504. 	// Delete user log entries about this user

    505. 

  505. 	$sql = 'DELETE FROM ' . LOG_TABLE . '

    506. 

  506. 		WHERE reportee_id = ' . $user_id;

    507. 

  507. 	$db->sql_query($sql);

    508. 

  508. 

    509. 

  509. 	// Change user_id to anonymous for this users triggered events

    510. 

  510. 	$sql = 'UPDATE ' . LOG_TABLE . '

    511. 

  511. 		SET user_id = ' . ANONYMOUS . '

    512. 

  512. 		WHERE user_id = ' . $user_id;

    513. 

  513. 	$db->sql_query($sql);

    514. 

  514. 

    515. 

  515. 	// Delete the user_id from the zebra table

    516. 

  516. 	$sql = 'DELETE FROM ' . ZEBRA_TABLE . '

    517. 

  517. 		WHERE user_id = ' . $user_id . '

    518. 

  518. 			OR zebra_id = ' . $user_id;

    519. 

  519. 	$db->sql_query($sql);

    520. 

  520. 

    521. 

  521. 	// Delete the user_id from the banlist

    522. 

  522. 	$sql = 'DELETE FROM ' . BANLIST_TABLE . '

    523. 

  523. 		WHERE ban_userid = ' . $user_id;

    524. 

  524. 	$db->sql_query($sql);

    525. 

  525. 

    526. 

  526. 	// Delete the user_id from the session table

    527. 

  527. 	$sql = 'DELETE FROM ' . SESSIONS_TABLE . '

    528. 

  528. 		WHERE session_user_id = ' . $user_id;

    529. 

  529. 	$db->sql_query($sql);

    530. 

  530. 

    531. 

  531. 	// Remove any undelivered mails...

    532. 

  532. 	$sql = 'SELECT msg_id, user_id

    533. 

  533. 		FROM ' . PRIVMSGS_TO_TABLE . '

    534. 

  534. 		WHERE author_id = ' . $user_id . '

    535. 

  535. 			AND folder_id = ' . PRIVMSGS_NO_BOX;

    536. 

  536. 	$result = $db->sql_query($sql);

    537. 

  537. 

    538. 

  538. 	$undelivered_msg = $undelivered_user = array();

    539. 

  539. 	while ($row = $db->sql_fetchrow($result))

    540. 

  540. 	{

    541. 

  541. 		$undelivered_msg[] = $row['msg_id'];

    542. 

  542. 		$undelivered_user[$row['user_id']][] = true;

    543. 

  543. 	}

    544. 

  544. 	$db->sql_freeresult($result);

    545. 

  545. 

    546. 

  546. 	if (sizeof($undelivered_msg))

    547. 

  547. 	{

    548. 

  548. 		$sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '

    549. 

  549. 			WHERE ' . $db->sql_in_set('msg_id', $undelivered_msg);

    550. 

  550. 		$db->sql_query($sql);

    551. 

  551. 	}

    552. 

  552. 

    553. 

  553. 	$sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . '

    554. 

  554. 		WHERE author_id = ' . $user_id . '

    555. 

  555. 			AND folder_id = ' . PRIVMSGS_NO_BOX;

    556. 

  556. 	$db->sql_query($sql);

    557. 

  557. 

    558. 

  558. 	// Delete all to-information

    559. 

  559. 	$sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . '

    560. 

  560. 		WHERE user_id = ' . $user_id;

    561. 

  561. 	$db->sql_query($sql);

    562. 

  562. 

    563. 

  563. 	// Set the remaining author id to anonymous - this way users are still able to read messages from users being removed

    564. 

  564. 	$sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . '

    565. 

  565. 		SET author_id = ' . ANONYMOUS . '

    566. 

  566. 		WHERE author_id = ' . $user_id;

    567. 

  567. 	$db->sql_query($sql);

    568. 

  568. 

    569. 

  569. 	$sql = 'UPDATE ' . PRIVMSGS_TABLE . '

    570. 

  570. 		SET author_id = ' . ANONYMOUS . '

    571. 

  571. 		WHERE author_id = ' . $user_id;

    572. 

  572. 	$db->sql_query($sql);

    573. 

  573. 

    574. 

  574. 	foreach ($undelivered_user as $_user_id => $ary)

    575. 

  575. 	{

    576. 

  576. 		if ($_user_id == $user_id)

    577. 

  577. 		{

    578. 

  578. 			continue;

    579. 

  579. 		}

    580. 

  580. 

    581. 

  581. 		$sql = 'UPDATE ' . USERS_TABLE . '

    582. 

  582. 			SET user_new_privmsg = user_new_privmsg - ' . sizeof($ary) . ',

    583. 

  583. 				user_unread_privmsg = user_unread_privmsg - ' . sizeof($ary) . '

    584. 

  584. 			WHERE user_id = ' . $_user_id;

    585. 

  585. 		$db->sql_query($sql);

    586. 

  586. 	}

    587. 

  587. 

    588. 

  588. 	$db->sql_transaction('commit');

    589. 

  589. 

    590. 

  590. 	// Reset newest user info if appropriate

    591. 

  591. 	if ($config['newest_user_id'] == $user_id)

    592. 

  592. 	{

    593. 

  593. 		update_last_username();

    594. 

  594. 	}

    595. 

  595. 

    596. 

  596. 	// Decrement number of users if this user is active

    597. 

  597. 	if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE)

    598. 

  598. 	{

    599. 

  599. 		set_config_count('num_users', -1, true);

    600. 

  600. 	}

    601. 

  601. 

    602. 

  602. 	return false;

    603. 

  603. }

    604. 

  604. 

    605. 

  605. /**

    606. 

  606. * Flips user_type from active to inactive and vice versa, handles group membership updates

    607. 

  607. *

    608. 

  608. * @param string $mode can be flip for flipping from active/inactive, activate or deactivate

    609. 

  609. */

    610. 

  610. function user_active_flip($mode, $user_id_ary, $reason = INACTIVE_MANUAL)

    611. 

  611. {

    612. 

  612. 	global $config, $db, $user, $auth;

    613. 

  613. 

    614. 

  614. 	$deactivated = $activated = 0;

    615. 

  615. 	$sql_statements = array();

    616. 

  616. 

    617. 

  617. 	if (!is_array($user_id_ary))

    618. 

  618. 	{

    619. 

  619. 		$user_id_ary = array($user_id_ary);

    620. 

  620. 	}

    621. 

  621. 

    622. 

  622. 	if (!sizeof($user_id_ary))

    623. 

  623. 	{

    624. 

  624. 		return;

    625. 

  625. 	}

    626. 

  626. 

    627. 

  627. 	$sql = 'SELECT user_id, group_id, user_type, user_inactive_reason

    628. 

  628. 		FROM ' . USERS_TABLE . '

    629. 

  629. 		WHERE ' . $db->sql_in_set('user_id', $user_id_ary);

    630. 

  630. 	$result = $db->sql_query($sql);

    631. 

  631. 

    632. 

  632. 	while ($row = $db->sql_fetchrow($result))

    633. 

  633. 	{

    634. 

  634. 		$sql_ary = array();

    635. 

  635. 

    636. 

  636. 		if ($row['user_type'] == USER_IGNORE || $row['user_type'] == USER_FOUNDER ||

    637. 

  637. 			($mode == 'activate' && $row['user_type'] != USER_INACTIVE) ||

    638. 

  638. 			($mode == 'deactivate' && $row['user_type'] == USER_INACTIVE))

    639. 

  639. 		{

    640. 

  640. 			continue;

    641. 

  641. 		}

    642. 

  642. 

    643. 

  643. 		if ($row['user_type'] == USER_INACTIVE)

    644. 

  644. 		{

    645. 

  645. 			$activated++;

    646. 

  646. 		}

    647. 

  647. 		else

    648. 

  648. 		{

    649. 

  649. 			$deactivated++;

    650. 

  650. 

    651. 

  651. 			// Remove the users session key...

    652. 

  652. 			$user->reset_login_keys($row['user_id']);

    653. 

  653. 		}

    654. 

  654. 

    655. 

  655. 		$sql_ary += array(

    656. 

  656. 			'user_type'				=> ($row['user_type'] == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL,

    657. 

  657. 			'user_inactive_time'	=> ($row['user_type'] == USER_NORMAL) ? time() : 0,

    658. 

  658. 			'user_inactive_reason'	=> ($row['user_type'] == USER_NORMAL) ? $reason : 0,

    659. 

  659. 		);

    660. 

  660. 

    661. 

  661. 		$sql_statements[$row['user_id']] = $sql_ary;

    662. 

  662. 	}

    663. 

  663. 	$db->sql_freeresult($result);

    664. 

  664. 

    665. 

  665. 	if (sizeof($sql_statements))

    666. 

  666. 	{

    667. 

  667. 		foreach ($sql_statements as $user_id => $sql_ary)

    668. 

  668. 		{

    669. 

  669. 			$sql = 'UPDATE ' . USERS_TABLE . '

    670. 

  670. 				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '

    671. 

  671. 				WHERE user_id = ' . $user_id;

    672. 

  672. 			$db->sql_query($sql);

    673. 

  673. 		}

    674. 

  674. 

    675. 

  675. 		$auth->acl_clear_prefetch(array_keys($sql_statements));

    676. 

  676. 	}

    677. 

  677. 

    678. 

  678. 	if ($deactivated)

    679. 

  679. 	{

    680. 

  680. 		set_config_count('num_users', $deactivated * (-1), true);

    681. 

  681. 	}

    682. 

  682. 

    683. 

  683. 	if ($activated)

    684. 

  684. 	{

    685. 

  685. 		set_config_count('num_users', $activated, true);

    686. 

  686. 	}

    687. 

  687. 

    688. 

  688. 	// Update latest username

    689. 

  689. 	update_last_username();

    690. 

  690. }

    691. 

  691. 

    692. 

  692. /**

    693. 

  693. * Add a ban or ban exclusion to the banlist. Bans either a user, an IP or an email address

    694. 

  694. *

    695. 

  695. * @param string $mode Type of ban. One of the following: user, ip, email

    696. 

  696. * @param mixed $ban Banned entity. Either string or array with usernames, ips or email addresses

    697. 

  697. * @param int $ban_len Ban length in minutes

    698. 

  698. * @param string $ban_len_other Ban length as a date (YYYY-MM-DD)

    699. 

  699. * @param boolean $ban_exclude Exclude these entities from banning?

    700. 

  700. * @param string $ban_reason String describing the reason for this ban

    701. 

  701. * @return boolean

    702. 

  702. */

    703. 

  703. function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reason, $ban_give_reason = '')

    704. 

  704. {

    705. 

  705. 	global $db, $user, $auth, $cache;

    706. 

  706. 

    707. 

  707. 	// Delete stale bans

    708. 

  708. 	$sql = 'DELETE FROM ' . BANLIST_TABLE . '

    709. 

  709. 		WHERE ban_end < ' . time() . '

    710. 

  710. 			AND ban_end <> 0';

    711. 

  711. 	$db->sql_query($sql);

    712. 

  712. 

    713. 

  713. 	$ban_list = (!is_array($ban)) ? array_unique(explode("\n", $ban)) : $ban;

    714. 

  714. 	$ban_list_log = implode(', ', $ban_list);

    715. 

  715. 

    716. 

  716. 	$current_time = time();

    717. 

  717. 

    718. 

  718. 	// Set $ban_end to the unix time when the ban should end. 0 is a permanent ban.

    719. 

  719. 	if ($ban_len)

    720. 

  720. 	{

    721. 

  721. 		if ($ban_len != -1 || !$ban_len_other)

    722. 

  722. 		{

    723. 

  723. 			$ban_end = max($current_time, $current_time + ($ban_len) * 60);

    724. 

  724. 		}

    725. 

  725. 		else

    726. 

  726. 		{

    727. 

  727. 			$ban_other = explode('-', $ban_len_other);

    728. 

  728. 			if (sizeof($ban_other) == 3 && ((int)$ban_other[0] < 9999) &&

    729. 

  729. 				(strlen($ban_other[0]) == 4) && (strlen($ban_other[1]) == 2) && (strlen($ban_other[2]) == 2))

    730. 

  730. 			{

    731. 

  731. 				$time_offset = (isset($user->timezone) && isset($user->dst)) ? (int) $user->timezone + (int) $user->dst : 0;

    732. 

  732. 				$ban_end = max($current_time, gmmktime(0, 0, 0, (int)$ban_other[1], (int)$ban_other[2], (int)$ban_other[0]) - $time_offset);

    733. 

  733. 			}

    734. 

  734. 			else

    735. 

  735. 			{

    736. 

  736. 				trigger_error('LENGTH_BAN_INVALID', E_USER_WARNING);

    737. 

  737. 			}

    738. 

  738. 		}

    739. 

  739. 	}

    740. 

  740. 	else

    741. 

  741. 	{

    742. 

  742. 		$ban_end = 0;

    743. 

  743. 	}

    744. 

  744. 

    745. 

  745. 	$founder = $founder_names = array();

    746. 

  746. 

    747. 

  747. 	if (!$ban_exclude)

    748. 

  748. 	{

    749. 

  749. 		// Create a list of founder...

    750. 

  750. 		$sql = 'SELECT user_id, user_email, username_clean

    751. 

  751. 			FROM ' . USERS_TABLE . '

    752. 

  752. 			WHERE user_type = ' . USER_FOUNDER;

    753. 

  753. 		$result = $db->sql_query($sql);

    754. 

  754. 

    755. 

  755. 		while ($row = $db->sql_fetchrow($result))

    756. 

  756. 		{

    757. 

  757. 			$founder[$row['user_id']] = $row['user_email'];

    758. 

  758. 			$founder_names[$row['user_id']] = $row['username_clean'];

    759. 

  759. 		}

    760. 

  760. 		$db->sql_freeresult($result);

    761. 

  761. 	}

    762. 

  762. 

    763. 

  763. 	$banlist_ary = array();

    764. 

  764. 

    765. 

  765. 	switch ($mode)

    766. 

  766. 	{

    767. 

  767. 		case 'user':

    768. 

  768. 			$type = 'ban_userid';

    769. 

  769. 

    770. 

  770. 			// At the moment we do not support wildcard username banning

    771. 

  771. 

    772. 

  772. 			// Select the relevant user_ids.

    773. 

  773. 			$sql_usernames = array();

    774. 

  774. 

    775. 

  775. 			foreach ($ban_list as $username)

    776. 

  776. 			{

    777. 

  777. 				$username = trim($username);

    778. 

  778. 				if ($username != '')

    779. 

  779. 				{

    780. 

  780. 					$clean_name = utf8_clean_string($username);

    781. 

  781. 					if ($clean_name == $user->data['username_clean'])

    782. 

  782. 					{

    783. 

  783. 						trigger_error('CANNOT_BAN_YOURSELF', E_USER_WARNING);

    784. 

  784. 					}

    785. 

  785. 					if (in_array($clean_name, $founder_names))

    786. 

  786. 					{

    787. 

  787. 						trigger_error('CANNOT_BAN_FOUNDER', E_USER_WARNING);

    788. 

  788. 					}

    789. 

  789. 					$sql_usernames[] = $clean_name;

    790. 

  790. 				}

    791. 

  791. 			}

    792. 

  792. 

    793. 

  793. 			// Make sure we have been given someone to ban

    794. 

  794. 			if (!sizeof($sql_usernames))

    795. 

  795. 			{

    796. 

  796. 				trigger_error('NO_USER_SPECIFIED', E_USER_WARNING);

    797. 

  797. 			}

    798. 

  798. 

    799. 

  799. 			$sql = 'SELECT user_id

    800. 

  800. 				FROM ' . USERS_TABLE . '

    801. 

  801. 				WHERE ' . $db->sql_in_set('username_clean', $sql_usernames);

    802. 

  802. 

    803. 

  803. 			// Do not allow banning yourself, the guest account, or founders.

    804. 

  804. 			$non_bannable = array($user->data['user_id'], ANONYMOUS);

    805. 

  805. 			if (sizeof($founder))

    806. 

  806. 			{

    807. 

  807. 				$sql .= ' AND ' . $db->sql_in_set('user_id', array_merge(array_keys($founder), $non_bannable), true);

    808. 

  808. 			}

    809. 

  809. 			else

    810. 

  810. 			{

    811. 

  811. 				$sql .= ' AND ' . $db->sql_in_set('user_id', $non_bannable, true);

    812. 

  812. 			}

    813. 

  813. 

    814. 

  814. 			$result = $db->sql_query($sql);

    815. 

  815. 

    816. 

  816. 			if ($row = $db->sql_fetchrow($result))

    817. 

  817. 			{

    818. 

  818. 				do

    819. 

  819. 				{

    820. 

  820. 					$banlist_ary[] = (int) $row['user_id'];

    821. 

  821. 				}

    822. 

  822. 				while ($row = $db->sql_fetchrow($result));

    823. 

  823. 			}

    824. 

  824. 			else

    825. 

  825. 			{

    826. 

  826. 				$db->sql_freeresult($result);

    827. 

  827. 				trigger_error('NO_USERS', E_USER_WARNING);

    828. 

  828. 			}

    829. 

  829. 			$db->sql_freeresult($result);

    830. 

  830. 		break;

    831. 

  831. 

    832. 

  832. 		case 'ip':

    833. 

  833. 			$type = 'ban_ip';

    834. 

  834. 

    835. 

  835. 			foreach ($ban_list as $ban_item)

    836. 

  836. 			{

    837. 

  837. 				if (preg_match('#^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$#', trim($ban_item), $ip_range_explode))

    838. 

  838. 				{

    839. 

  839. 					// This is an IP range

    840. 

  840. 					// Don't ask about all this, just don't ask ... !

    841. 

  841. 					$ip_1_counter = $ip_range_explode[1];

    842. 

  842. 					$ip_1_end = $ip_range_explode[5];

    843. 

  843. 

    844. 

  844. 					while ($ip_1_counter <= $ip_1_end)

    845. 

  845. 					{

    846. 

  846. 						$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;

    847. 

  847. 						$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];

    848. 

  848. 

    849. 

  849. 						if ($ip_2_counter == 0 && $ip_2_end == 254)

    850. 

  850. 						{

    851. 

  851. 							$ip_2_counter = 256;

    852. 

  852. 							$ip_2_fragment = 256;

    853. 

  853. 

    854. 

  854. 							$banlist_ary[] = "$ip_1_counter.*";

    855. 

  855. 						}

    856. 

  856. 

    857. 

  857. 						while ($ip_2_counter <= $ip_2_end)

    858. 

  858. 						{

    859. 

  859. 							$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;

    860. 

  860. 							$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];

    861. 

  861. 

    862. 

  862. 							if ($ip_3_counter == 0 && $ip_3_end == 254)

    863. 

  863. 							{

    864. 

  864. 								$ip_3_counter = 256;

    865. 

  865. 								$ip_3_fragment = 256;

    866. 

  866. 

    867. 

  867. 								$banlist_ary[] = "$ip_1_counter.$ip_2_counter.*";

    868. 

  868. 							}

    869. 

  869. 

    870. 

  870. 							while ($ip_3_counter <= $ip_3_end)

    871. 

  871. 							{

    872. 

  872. 								$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;

    873. 

  873. 								$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];

    874. 

  874. 

    875. 

  875. 								if ($ip_4_counter == 0 && $ip_4_end == 254)

    876. 

  876. 								{

    877. 

  877. 									$ip_4_counter = 256;

    878. 

  878. 									$ip_4_fragment = 256;

    879. 

  879. 

    880. 

  880. 									$banlist_ary[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.*";

    881. 

  881. 								}

    882. 

  882. 

    883. 

  883. 								while ($ip_4_counter <= $ip_4_end)

    884. 

  884. 								{

    885. 

  885. 									$banlist_ary[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter";

    886. 

  886. 									$ip_4_counter++;

    887. 

  887. 								}

    888. 

  888. 								$ip_3_counter++;

    889. 

  889. 							}

    890. 

  890. 							$ip_2_counter++;

    891. 

  891. 						}

    892. 

  892. 						$ip_1_counter++;

    893. 

  893. 					}

    894. 

  894. 				}

    895. 

  895. 				else if (preg_match('#^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$#', trim($ban_item)) || preg_match('#^[a-f0-9:]+\*?$#i', trim($ban_item)))

    896. 

  896. 				{

    897. 

  897. 					// Normal IP address

    898. 

  898. 					$banlist_ary[] = trim($ban_item);

    899. 

  899. 				}

    900. 

  900. 				else if (preg_match('#^\*$#', trim($ban_item)))

    901. 

  901. 				{

    902. 

  902. 					// Ban all IPs

    903. 

  903. 					$banlist_ary[] = '*';

    904. 

  904. 				}

    905. 

  905. 				else if (preg_match('#^([\w\-_]\.?){2,}$#is', trim($ban_item)))

    906. 

  906. 				{

    907. 

  907. 					// hostname

    908. 

  908. 					$ip_ary = gethostbynamel(trim($ban_item));

    909. 

  909. 

    910. 

  910. 					if (!empty($ip_ary))

    911. 

  911. 					{

    912. 

  912. 						foreach ($ip_ary as $ip)

    913. 

  913. 						{

    914. 

  914. 							if ($ip)

    915. 

  915. 							{

    916. 

  916. 								if (strlen($ip) > 40)

    917. 

  917. 								{

    918. 

  918. 									continue;

    919. 

  919. 								}

    920. 

  920. 

    921. 

  921. 								$banlist_ary[] = $ip;

    922. 

  922. 							}

    923. 

  923. 						}

    924. 

  924. 					}

    925. 

  925. 				}

    926. 

  926. 

    927. 

  927. 				if (empty($banlist_ary))

    928. 

  928. 				{

    929. 

  929. 					trigger_error('NO_IPS_DEFINED', E_USER_WARNING);

    930. 

  930. 				}

    931. 

  931. 			}

    932. 

  932. 		break;

    933. 

  933. 

    934. 

  934. 		case 'email':

    935. 

  935. 			$type = 'ban_email';

    936. 

  936. 

    937. 

  937. 			foreach ($ban_list as $ban_item)

    938. 

  938. 			{

    939. 

  939. 				$ban_item = trim($ban_item);

    940. 

  940. 

    941. 

  941. 				if (preg_match('#^.*?@*|(([a-z0-9\-]+\.)+([a-z]{2,3}))$#i', $ban_item))

    942. 

  942. 				{

    943. 

  943. 					if (strlen($ban_item) > 100)

    944. 

  944. 					{

    945. 

  945. 						continue;

    946. 

  946. 					}

    947. 

  947. 

    948. 

  948. 					if (!sizeof($founder) || !in_array($ban_item, $founder))

    949. 

  949. 					{

    950. 

  950. 						$banlist_ary[] = $ban_item;

    951. 

  951. 					}

    952. 

  952. 				}

    953. 

  953. 			}

    954. 

  954. 

    955. 

  955. 			if (sizeof($ban_list) == 0)

    956. 

  956. 			{

    957. 

  957. 				trigger_error('NO_EMAILS_DEFINED', E_USER_WARNING);

    958. 

  958. 			}

    959. 

  959. 		break;

    960. 

  960. 

    961. 

  961. 		default:

    962. 

  962. 			trigger_error('NO_MODE', E_USER_WARNING);

    963. 

  963. 		break;

    964. 

  964. 	}

    965. 

  965. 

    966. 

  966. 	// Fetch currently set bans of the specified type and exclude state. Prevent duplicate bans.

    967. 

  967. 	$sql_where = ($type == 'ban_userid') ? 'ban_userid <> 0' : "$type <> ''";

    968. 

  968. 

    969. 

  969. 	$sql = "SELECT $type

    970. 

  970. 		FROM " . BANLIST_TABLE . "

    971. 

  971. 		WHERE $sql_where

    972. 

  972. 			AND ban_exclude = " . (int) $ban_exclude;

    973. 

  973. 	$result = $db->sql_query($sql);

    974. 

  974. 

    975. 

  975. 	// Reset $sql_where, because we use it later...

    976. 

  976. 	$sql_where = '';

    977. 

  977. 

    978. 

  978. 	if ($row = $db->sql_fetchrow($result))

    979. 

  979. 	{

    980. 

  980. 		$banlist_ary_tmp = array();

    981. 

  981. 		do

    982. 

  982. 		{

    983. 

  983. 			switch ($mode)

    984. 

  984. 			{

    985. 

  985. 				case 'user':

    986. 

  986. 					$banlist_ary_tmp[] = $row['ban_userid'];

    987. 

  987. 				break;

    988. 

  988. 

    989. 

  989. 				case 'ip':

    990. 

  990. 					$banlist_ary_tmp[] = $row['ban_ip'];

    991. 

  991. 				break;

    992. 

  992. 

    993. 

  993. 				case 'email':

    994. 

  994. 					$banlist_ary_tmp[] = $row['ban_email'];

    995. 

  995. 				break;

    996. 

  996. 			}

    997. 

  997. 		}

    998. 

  998. 		while ($row = $db->sql_fetchrow($result));

    999. 

  999. 

    1000. 

  1000. 		$banlist_ary_tmp = array_intersect($banlist_ary, $banlist_ary_tmp);

    1001. 

  1001. 

    1002. 

  1002. 		if (sizeof($banlist_ary_tmp))

    1003. 

  1003. 		{

    1004. 

  1004. 			// One or more entities are already banned/excluded, delete the existing bans, so they can be re-inserted with the given new length

    1005. 

  1005. 			$sql = 'DELETE FROM ' . BANLIST_TABLE . '

    1006. 

  1006. 				WHERE ' . $db->sql_in_set($type, $banlist_ary_tmp) . '

    1007. 

  1007. 					AND ban_exclude = ' . (int) $ban_exclude;

    1008. 

  1008. 			$db->sql_query($sql);

    1009. 

  1009. 		}

    1010. 

  1010. 

    1011. 

  1011. 		unset($banlist_ary_tmp);

    1012. 

  1012. 	}

    1013. 

  1013. 	$db->sql_freeresult($result);

    1014. 

  1014. 

    1015. 

  1015. 	// We have some entities to ban

    1016. 

  1016. 	if (sizeof($banlist_ary))

    1017. 

  1017. 	{

    1018. 

  1018. 		$sql_ary = array();

    1019. 

  1019. 

    1020. 

  1020. 		foreach ($banlist_ary as $ban_entry)

    1021. 

  1021. 		{

    1022. 

  1022. 			$sql_ary[] = array(

    1023. 

  1023. 				$type				=> $ban_entry,

    1024. 

  1024. 				'ban_start'			=> (int) $current_time,

    1025. 

  1025. 				'ban_end'			=> (int) $ban_end,

    1026. 

  1026. 				'ban_exclude'		=> (int) $ban_exclude,

    1027. 

  1027. 				'ban_reason'		=> (string) $ban_reason,

    1028. 

  1028. 				'ban_give_reason'	=> (string) $ban_give_reason,

    1029. 

  1029. 			);

    1030. 

  1030. 		}

    1031. 

  1031. 

    1032. 

  1032. 		$db->sql_multi_insert(BANLIST_TABLE, $sql_ary);

    1033. 

  1033. 

    1034. 

  1034. 		// If we are banning we want to logout anyone matching the ban

    1035. 

  1035. 		if (!$ban_exclude)

    1036. 

  1036. 		{

    1037. 

  1037. 			switch ($mode)

    1038. 

  1038. 			{

    1039. 

  1039. 				case 'user':

    1040. 

  1040. 					$sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $banlist_ary);

    1041. 

  1041. 				break;

    1042. 

  1042. 

    1043. 

  1043. 				case 'ip':

    1044. 

  1044. 					$sql_where = 'WHERE ' . $db->sql_in_set('session_ip', $banlist_ary);

    1045. 

  1045. 				break;

    1046. 

  1046. 

    1047. 

  1047. 				case 'email':

    1048. 

  1048. 					$banlist_ary_sql = array();

    1049. 

  1049. 

    1050. 

  1050. 					foreach ($banlist_ary as $ban_entry)

    1051. 

  1051. 					{

    1052. 

  1052. 						$banlist_ary_sql[] = (string) str_replace('*', '%', $ban_entry);

    1053. 

  1053. 					}

    1054. 

  1054. 

    1055. 

  1055. 					$sql = 'SELECT user_id

    1056. 

  1056. 						FROM ' . USERS_TABLE . '

    1057. 

  1057. 						WHERE ' . $db->sql_in_set('user_email', $banlist_ary_sql);

    1058. 

  1058. 					$result = $db->sql_query($sql);

    1059. 

  1059. 

    1060. 

  1060. 					$sql_in = array();

    1061. 

  1061. 

    1062. 

  1062. 					if ($row = $db->sql_fetchrow($result))

    1063. 

  1063. 					{

    1064. 

  1064. 						do

    1065. 

  1065. 						{

    1066. 

  1066. 							$sql_in[] = $row['user_id'];

    1067. 

  1067. 						}

    1068. 

  1068. 						while ($row = $db->sql_fetchrow($result));

    1069. 

  1069. 

    1070. 

  1070. 						$sql_where = 'WHERE ' . $db->sql_in_set('session_user_id', $sql_in);

    1071. 

  1071. 					}

    1072. 

  1072. 					$db->sql_freeresult($result);

    1073. 

  1073. 				break;

    1074. 

  1074. 			}

    1075. 

  1075. 

    1076. 

  1076. 			if (isset($sql_where) && $sql_where)

    1077. 

  1077. 			{

    1078. 

  1078. 				$sql = 'DELETE FROM ' . SESSIONS_TABLE . "

    1079. 

  1079. 					$sql_where";

    1080. 

  1080. 				$db->sql_query($sql);

    1081. 

  1081. 

    1082. 

  1082. 				if ($mode == 'user')

    1083. 

  1083. 				{

    1084. 

  1084. 					$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . ' ' . ((in_array('*', $banlist_ary)) ? '' : 'WHERE ' . $db->sql_in_set('user_id', $banlist_ary));

    1085. 

  1085. 					$db->sql_query($sql);

    1086. 

  1086. 				}

    1087. 

  1087. 			}

    1088. 

  1088. 		}

    1089. 

  1089. 

    1090. 

  1090. 		// Update log

    1091. 

  1091. 		$log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'LOG_BAN_';

    1092. 

  1092. 

    1093. 

  1093. 		// Add to moderator log, admin log and user notes

    1094. 

  1094. 		add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);

    1095. 

  1095. 		add_log('mod', 0, 0, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);

    1096. 

  1096. 		if ($mode == 'user')

    1097. 

  1097. 		{

    1098. 

  1098. 			foreach ($banlist_ary as $user_id)

    1099. 

  1099. 			{

    1100. 

  1100. 				add_log('user', $user_id, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log);

    1101. 

  1101. 			}

    1102. 

  1102. 		}

    1103. 

  1103. 

    1104. 

  1104. 		$cache->destroy('sql', BANLIST_TABLE);

    1105. 

  1105. 

    1106. 

  1106. 		return true;

    1107. 

  1107. 	}

    1108. 

  1108. 

    1109. 

  1109. 	// There was nothing to ban/exclude. But destroying the cache because of the removal of stale bans.

    1110. 

  1110. 	$cache->destroy('sql', BANLIST_TABLE);

    1111. 

  1111. 

    1112. 

  1112. 	return false;

    1113. 

  1113. }

    1114. 

  1114. 

    1115. 

  1115. /**

    1116. 

  1116. * Unban User

    1117. 

  1117. */

    1118. 

  1118. function user_unban($mode, $ban)

    1119. 

  1119. {

    1120. 

  1120. 	global $db, $user, $auth, $cache;

    1121. 

  1121. 

    1122. 

  1122. 	// Delete stale bans

    1123. 

  1123. 	$sql = 'DELETE FROM ' . BANLIST_TABLE . '

    1124. 

  1124. 		WHERE ban_end < ' . time() . '

    1125. 

  1125. 			AND ban_end <> 0';

    1126. 

  1126. 	$db->sql_query($sql);

    1127. 

  1127. 

    1128. 

  1128. 	if (!is_array($ban))

    1129. 

  1129. 	{

    1130. 

  1130. 		$ban = array($ban);

    1131. 

  1131. 	}

    1132. 

  1132. 

    1133. 

  1133. 	$unban_sql = array_map('intval', $ban);

    1134. 

  1134. 

    1135. 

  1135. 	if (sizeof($unban_sql))

    1136. 

  1136. 	{

    1137. 

  1137. 		// Grab details of bans for logging information later

    1138. 

  1138. 		switch ($mode)

    1139. 

  1139. 		{

    1140. 

  1140. 			case 'user':

    1141. 

  1141. 				$sql = 'SELECT u.username AS unban_info, u.user_id

    1142. 

  1142. 					FROM ' . USERS_TABLE . ' u, ' . BANLIST_TABLE . ' b

    1143. 

  1143. 					WHERE ' . $db->sql_in_set('b.ban_id', $unban_sql) . '

    1144. 

  1144. 						AND u.user_id = b.ban_userid';

    1145. 

  1145. 			break;

    1146. 

  1146. 

    1147. 

  1147. 			case 'email':

    1148. 

  1148. 				$sql = 'SELECT ban_email AS unban_info

    1149. 

  1149. 					FROM ' . BANLIST_TABLE . '

    1150. 

  1150. 					WHERE ' . $db->sql_in_set('ban_id', $unban_sql);

    1151. 

  1151. 			break;

    1152. 

  1152. 

    1153. 

  1153. 			case 'ip':

    1154. 

  1154. 				$sql = 'SELECT ban_ip AS unban_info

    1155. 

  1155. 					FROM ' . BANLIST_TABLE . '

    1156. 

  1156. 					WHERE ' . $db->sql_in_set('ban_id', $unban_sql);

    1157. 

  1157. 			break;

    1158. 

  1158. 		}

    1159. 

  1159. 		$result = $db->sql_query($sql);

    1160. 

  1160. 

    1161. 

  1161. 		$l_unban_list = '';

    1162. 

  1162. 		$user_ids_ary = array();

    1163. 

  1163. 		while ($row = $db->sql_fetchrow($result))

    1164. 

  1164. 		{

    1165. 

  1165. 			$l_unban_list .= (($l_unban_list != '') ? ', ' : '') . $row['unban_info'];

    1166. 

  1166. 			if ($mode == 'user')

    1167. 

  1167. 			{

    1168. 

  1168. 				$user_ids_ary[] = $row['user_id'];

    1169. 

  1169. 			}

    1170. 

  1170. 		}

    1171. 

  1171. 		$db->sql_freeresult($result);

    1172. 

  1172. 

    1173. 

  1173. 		$sql = 'DELETE FROM ' . BANLIST_TABLE . '

    1174. 

  1174. 			WHERE ' . $db->sql_in_set('ban_id', $unban_sql);

    1175. 

  1175. 		$db->sql_query($sql);

    1176. 

  1176. 

    1177. 

  1177. 		// Add to moderator log, admin log and user notes

    1178. 

  1178. 		add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);

    1179. 

  1179. 		add_log('mod', 0, 0, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);

    1180. 

  1180. 		if ($mode == 'user')

    1181. 

  1181. 		{

    1182. 

  1182. 			foreach ($user_ids_ary as $user_id)

    1183. 

  1183. 			{

    1184. 

  1184. 				add_log('user', $user_id, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list);

    1185. 

  1185. 			}

    1186. 

  1186. 		}

    1187. 

  1187. 	}

    1188. 

  1188. 

    1189. 

  1189. 	$cache->destroy('sql', BANLIST_TABLE);

    1190. 

  1190. 

    1191. 

  1191. 	return false;

    1192. 

  1192. }

    1193. 

  1193. 

    1194. 

  1194. /**

    1195. 

  1195. * Internet Protocol Address Whois

    1196. 

  1196. * RFC3912: WHOIS Protocol Specification

    1197. 

  1197. *

    1198. 

  1198. * @param string $ip		Ip address, either IPv4 or IPv6.

    1199. 

  1199. *

    1200. 

  1200. * @return string		Empty string if not a valid ip address.

    1201. 

  1201. *						Otherwise make_clickable()'ed whois result.

    1202. 

  1202. */

    1203. 

  1203. function user_ipwhois($ip)

    1204. 

  1204. {

    1205. 

  1205. 	if (empty($ip))

    1206. 

  1206. 	{

    1207. 

  1207. 		return '';

    1208. 

  1208. 	}

    1209. 

  1209. 

    1210. 

  1210. 	if (preg_match(get_preg_expression('ipv4'), $ip))

    1211. 

  1211. 	{

    1212. 

  1212. 		// IPv4 address

    1213. 

  1213. 		$whois_host = 'whois.arin.net.';

    1214. 

  1214. 	}

    1215. 

  1215. 	else if (preg_match(get_preg_expression('ipv6'), $ip))

    1216. 

  1216. 	{

    1217. 

  1217. 		// IPv6 address

    1218. 

  1218. 		$whois_host = 'whois.sixxs.net.';

    1219. 

  1219. 	}

    1220. 

  1220. 	else

    1221. 

  1221. 	{

    1222. 

  1222. 		return '';

    1223. 

  1223. 	}

    1224. 

  1224. 

    1225. 

  1225. 	$ipwhois = '';

    1226. 

  1226. 

    1227. 

  1227. 	if (($fsk = @fsockopen($whois_host, 43)))

    1228. 

  1228. 	{

    1229. 

  1229. 		// CRLF as per RFC3912

    1230. 

  1230. 		fputs($fsk, "$ip\r\n");

    1231. 

  1231. 		while (!feof($fsk))

    1232. 

  1232. 		{

    1233. 

  1233. 			$ipwhois .= fgets($fsk, 1024);

    1234. 

  1234. 		}

    1235. 

  1235. 		@fclose($fsk);

    1236. 

  1236. 	}

    1237. 

  1237. 

    1238. 

  1238. 	$match = array();

    1239. 

  1239. 

    1240. 

  1240. 	// Test for referrals from $whois_host to other whois databases, roll on rwhois

    1241. 

  1241. 	if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match))

    1242. 

  1242. 	{

    1243. 

  1243. 		if (strpos($match[1], ':') !== false)

    1244. 

  1244. 		{

    1245. 

  1245. 			$pos	= strrpos($match[1], ':');

    1246. 

  1246. 			$server	= substr($match[1], 0, $pos);

    1247. 

  1247. 			$port	= (int) substr($match[1], $pos + 1);

    1248. 

  1248. 			unset($pos);

    1249. 

  1249. 		}

    1250. 

  1250. 		else

    1251. 

  1251. 		{

    1252. 

  1252. 			$server	= $match[1];

    1253. 

  1253. 			$port	= 43;

    1254. 

  1254. 		}

    1255. 

  1255. 

    1256. 

  1256. 		$buffer = '';

    1257. 

  1257. 

    1258. 

  1258. 		if (($fsk = @fsockopen($server, $port)))

    1259. 

  1259. 		{

    1260. 

  1260. 			fputs($fsk, "$ip\r\n");

    1261. 

  1261. 			while (!feof($fsk))

    1262. 

  1262. 			{

    1263. 

  1263. 				$buffer .= fgets($fsk, 1024);

    1264. 

  1264. 			}

    1265. 

  1265. 			@fclose($fsk);

    1266. 

  1266. 		}

    1267. 

  1267. 

    1268. 

  1268. 		// Use the result from $whois_host if we don't get any result here

    1269. 

  1269. 		$ipwhois = (empty($buffer)) ? $ipwhois : $buffer;

    1270. 

  1270. 	}

    1271. 

  1271. 

    1272. 

  1272. 	$ipwhois = htmlspecialchars($ipwhois);

    1273. 

  1273. 

    1274. 

  1274. 	// Magic URL ;)

    1275. 

  1275. 	return trim(make_clickable($ipwhois, false, ''));

    1276. 

  1276. }

    1277. 

  1277. 

    1278. 

  1278. /**

    1279. 

  1279. * Data validation ... used primarily but not exclusively by ucp modules

    1280. 

  1280. *

    1281. 

  1281. * "Master" function for validating a range of data types

    1282. 

  1282. */

    1283. 

  1283. function validate_data($data, $val_ary)

    1284. 

  1284. {

    1285. 

  1285. 	global $user;

    1286. 

  1286. 

    1287. 

  1287. 	$error = array();

    1288. 

  1288. 

    1289. 

  1289. 	foreach ($val_ary as $var => $val_seq)

    1290. 

  1290. 	{

    1291. 

  1291. 		if (!is_array($val_seq[0]))

    1292. 

  1292. 		{

    1293. 

  1293. 			$val_seq = array($val_seq);

    1294. 

  1294. 		}

    1295. 

  1295. 

    1296. 

  1296. 		foreach ($val_seq as $validate)

    1297. 

  1297. 		{

    1298. 

  1298. 			$function = array_shift($validate);

    1299. 

  1299. 			array_unshift($validate, $data[$var]);

    1300. 

  1300. 

    1301. 

  1301. 			if ($result = call_user_func_array('validate_' . $function, $validate))

    1302. 

  1302. 			{

    1303. 

  1303. 				// Since errors are checked later for their language file existence, we need to make sure custom errors are not adjusted.

    1304. 

  1304. 				$error[] = (empty($user->lang[$result . '_' . strtoupper($var)])) ? $result : $result . '_' . strtoupper($var);

    1305. 

  1305. 			}

    1306. 

  1306. 		}

    1307. 

  1307. 	}

    1308. 

  1308. 

    1309. 

  1309. 	return $error;

    1310. 

  1310. }

    1311. 

  1311. 

    1312. 

  1312. /**

    1313. 

  1313. * Validate String

    1314. 

  1314. *

    1315. 

  1315. * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1316. 

  1316. */

    1317. 

  1317. function validate_string($string, $optional = false, $min = 0, $max = 0)

    1318. 

  1318. {

    1319. 

  1319. 	if (empty($string) && $optional)

    1320. 

  1320. 	{

    1321. 

  1321. 		return false;

    1322. 

  1322. 	}

    1323. 

  1323. 

    1324. 

  1324. 	if ($min && utf8_strlen(htmlspecialchars_decode($string)) < $min)

    1325. 

  1325. 	{

    1326. 

  1326. 		return 'TOO_SHORT';

    1327. 

  1327. 	}

    1328. 

  1328. 	else if ($max && utf8_strlen(htmlspecialchars_decode($string)) > $max)

    1329. 

  1329. 	{

    1330. 

  1330. 		return 'TOO_LONG';

    1331. 

  1331. 	}

    1332. 

  1332. 

    1333. 

  1333. 	return false;

    1334. 

  1334. }

    1335. 

  1335. 

    1336. 

  1336. /**

    1337. 

  1337. * Validate Number

    1338. 

  1338. *

    1339. 

  1339. * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1340. 

  1340. */

    1341. 

  1341. function validate_num($num, $optional = false, $min = 0, $max = 1E99)

    1342. 

  1342. {

    1343. 

  1343. 	if (empty($num) && $optional)

    1344. 

  1344. 	{

    1345. 

  1345. 		return false;

    1346. 

  1346. 	}

    1347. 

  1347. 

    1348. 

  1348. 	if ($num < $min)

    1349. 

  1349. 	{

    1350. 

  1350. 		return 'TOO_SMALL';

    1351. 

  1351. 	}

    1352. 

  1352. 	else if ($num > $max)

    1353. 

  1353. 	{

    1354. 

  1354. 		return 'TOO_LARGE';

    1355. 

  1355. 	}

    1356. 

  1356. 

    1357. 

  1357. 	return false;

    1358. 

  1358. }

    1359. 

  1359. 

    1360. 

  1360. /**

    1361. 

  1361. * Validate Date

    1362. 

  1362. * @param String $string a date in the dd-mm-yyyy format

    1363. 

  1363. * @return	boolean

    1364. 

  1364. */

    1365. 

  1365. function validate_date($date_string, $optional = false)

    1366. 

  1366. {

    1367. 

  1367. 	$date = explode('-', $date_string);

    1368. 

  1368. 	if ((empty($date) || sizeof($date) != 3) && $optional)

    1369. 

  1369. 	{

    1370. 

  1370. 		return false;

    1371. 

  1371. 	}

    1372. 

  1372. 	else if ($optional)

    1373. 

  1373. 	{

    1374. 

  1374. 		for ($field = 0; $field <= 1; $field++)

    1375. 

  1375. 		{

    1376. 

  1376. 			$date[$field] = (int) $date[$field];

    1377. 

  1377. 			if (empty($date[$field]))

    1378. 

  1378. 			{

    1379. 

  1379. 				$date[$field] = 1;

    1380. 

  1380. 			}

    1381. 

  1381. 		}

    1382. 

  1382. 		$date[2] = (int) $date[2];

    1383. 

  1383. 		// assume an arbitrary leap year

    1384. 

  1384. 		if (empty($date[2]))

    1385. 

  1385. 		{

    1386. 

  1386. 			$date[2] = 1980;

    1387. 

  1387. 		}

    1388. 

  1388. 	}

    1389. 

  1389. 

    1390. 

  1390. 	if (sizeof($date) != 3 || !checkdate($date[1], $date[0], $date[2]))

    1391. 

  1391. 	{

    1392. 

  1392. 		return 'INVALID';

    1393. 

  1393. 	}

    1394. 

  1394. 

    1395. 

  1395. 	return false;

    1396. 

  1396. }

    1397. 

  1397. 

    1398. 

  1398. 

    1399. 

  1399. /**

    1400. 

  1400. * Validate Match

    1401. 

  1401. *

    1402. 

  1402. * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1403. 

  1403. */

    1404. 

  1404. function validate_match($string, $optional = false, $match = '')

    1405. 

  1405. {

    1406. 

  1406. 	if (empty($string) && $optional)

    1407. 

  1407. 	{

    1408. 

  1408. 		return false;

    1409. 

  1409. 	}

    1410. 

  1410. 

    1411. 

  1411. 	if (empty($match))

    1412. 

  1412. 	{

    1413. 

  1413. 		return false;

    1414. 

  1414. 	}

    1415. 

  1415. 

    1416. 

  1416. 	if (!preg_match($match, $string))

    1417. 

  1417. 	{

    1418. 

  1418. 		return 'WRONG_DATA';

    1419. 

  1419. 	}

    1420. 

  1420. 

    1421. 

  1421. 	return false;

    1422. 

  1422. }

    1423. 

  1423. 

    1424. 

  1424. /**

    1425. 

  1425. * Validate Language Pack ISO Name

    1426. 

  1426. *

    1427. 

  1427. * Tests whether a language name is valid and installed

    1428. 

  1428. *

    1429. 

  1429. * @param string $lang_iso	The language string to test

    1430. 

  1430. *

    1431. 

  1431. * @return bool|string		Either false if validation succeeded or

    1432. 

  1432. *							a string which will be used as the error message

    1433. 

  1433. *							(with the variable name appended)

    1434. 

  1434. */

    1435. 

  1435. function validate_language_iso_name($lang_iso)

    1436. 

  1436. {

    1437. 

  1437. 	global $db;

    1438. 

  1438. 

    1439. 

  1439. 	$sql = 'SELECT lang_id

    1440. 

  1440. 		FROM ' . LANG_TABLE . "

    1441. 

  1441. 		WHERE lang_iso = '" . $db->sql_escape($lang_iso) . "'";

    1442. 

  1442. 	$result = $db->sql_query($sql);

    1443. 

  1443. 	$lang_id = (int) $db->sql_fetchfield('lang_id');

    1444. 

  1444. 	$db->sql_freeresult($result);

    1445. 

  1445. 

    1446. 

  1446. 	return ($lang_id) ? false : 'WRONG_DATA';

    1447. 

  1447. }

    1448. 

  1448. 

    1449. 

  1449. /**

    1450. 

  1450. * Check to see if the username has been taken, or if it is disallowed.

    1451. 

  1451. * Also checks if it includes the " character, which we don't allow in usernames.

    1452. 

  1452. * Used for registering, changing names, and posting anonymously with a username

    1453. 

  1453. *

    1454. 

  1454. * @param string $username The username to check

    1455. 

  1455. * @param string $allowed_username An allowed username, default being $user->data['username']

    1456. 

  1456. *

    1457. 

  1457. * @return	mixed	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1458. 

  1458. */

    1459. 

  1459. function validate_username($username, $allowed_username = false)

    1460. 

  1460. {

    1461. 

  1461. 	global $config, $db, $user, $cache;

    1462. 

  1462. 

    1463. 

  1463. 	$clean_username = utf8_clean_string($username);

    1464. 

  1464. 	$allowed_username = ($allowed_username === false) ? $user->data['username_clean'] : utf8_clean_string($allowed_username);

    1465. 

  1465. 

    1466. 

  1466. 	if ($allowed_username == $clean_username)

    1467. 

  1467. 	{

    1468. 

  1468. 		return false;

    1469. 

  1469. 	}

    1470. 

  1470. 

    1471. 

  1471. 	// ... fast checks first.

    1472. 

  1472. 	if (strpos($username, '&quot;') !== false || strpos($username, '"') !== false || empty($clean_username))

    1473. 

  1473. 	{

    1474. 

  1474. 		return 'INVALID_CHARS';

    1475. 

  1475. 	}

    1476. 

  1476. 

    1477. 

  1477. 	$mbstring = $pcre = false;

    1478. 

  1478. 

    1479. 

  1479. 	// generic UTF-8 character types supported?

    1480. 

  1480. 	if ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false)

    1481. 

  1481. 	{

    1482. 

  1482. 		$pcre = true;

    1483. 

  1483. 	}

    1484. 

  1484. 	else if (function_exists('mb_ereg_match'))

    1485. 

  1485. 	{

    1486. 

  1486. 		mb_regex_encoding('UTF-8');

    1487. 

  1487. 		$mbstring = true;

    1488. 

  1488. 	}

    1489. 

  1489. 

    1490. 

  1490. 	switch ($config['allow_name_chars'])

    1491. 

  1491. 	{

    1492. 

  1492. 		case 'USERNAME_CHARS_ANY':

    1493. 

  1493. 			$pcre = true;

    1494. 

  1494. 			$regex = '.+';

    1495. 

  1495. 		break;

    1496. 

  1496. 

    1497. 

  1497. 		case 'USERNAME_ALPHA_ONLY':

    1498. 

  1498. 			$pcre = true;

    1499. 

  1499. 			$regex = '[A-Za-z0-9]+';

    1500. 

  1500. 		break;

    1501. 

  1501. 

    1502. 

  1502. 		case 'USERNAME_ALPHA_SPACERS':

    1503. 

  1503. 			$pcre = true;

    1504. 

  1504. 			$regex = '[A-Za-z0-9-[\]_+ ]+';

    1505. 

  1505. 		break;

    1506. 

  1506. 

    1507. 

  1507. 		case 'USERNAME_LETTER_NUM':

    1508. 

  1508. 			if ($pcre)

    1509. 

  1509. 			{

    1510. 

  1510. 				$regex = '[\p{Lu}\p{Ll}\p{N}]+';

    1511. 

  1511. 			}

    1512. 

  1512. 			else if ($mbstring)

    1513. 

  1513. 			{

    1514. 

  1514. 				$regex = '[[:upper:][:lower:][:digit:]]+';

    1515. 

  1515. 			}

    1516. 

  1516. 			else

    1517. 

  1517. 			{

    1518. 

  1518. 				$pcre = true;

    1519. 

  1519. 				$regex = '[a-zA-Z0-9]+';

    1520. 

  1520. 			}

    1521. 

  1521. 		break;

    1522. 

  1522. 

    1523. 

  1523. 		case 'USERNAME_LETTER_NUM_SPACERS':

    1524. 

  1524. 			if ($pcre)

    1525. 

  1525. 			{

    1526. 

  1526. 				$regex = '[-\]_+ [\p{Lu}\p{Ll}\p{N}]+';

    1527. 

  1527. 			}

    1528. 

  1528. 			else if ($mbstring)

    1529. 

  1529. 			{

    1530. 

  1530. 				$regex = '[-\]_+ \[[:upper:][:lower:][:digit:]]+';

    1531. 

  1531. 			}

    1532. 

  1532. 			else

    1533. 

  1533. 			{

    1534. 

  1534. 				$pcre = true;

    1535. 

  1535. 				$regex = '[-\]_+ [a-zA-Z0-9]+';

    1536. 

  1536. 			}

    1537. 

  1537. 		break;

    1538. 

  1538. 

    1539. 

  1539. 		case 'USERNAME_ASCII':

    1540. 

  1540. 		default:

    1541. 

  1541. 			$pcre = true;

    1542. 

  1542. 			$regex = '[\x01-\x7F]+';

    1543. 

  1543. 		break;

    1544. 

  1544. 	}

    1545. 

  1545. 

    1546. 

  1546. 	if ($pcre)

    1547. 

  1547. 	{

    1548. 

  1548. 		if (!preg_match('#^' . $regex . '$#u', $username))

    1549. 

  1549. 		{

    1550. 

  1550. 			return 'INVALID_CHARS';

    1551. 

  1551. 		}

    1552. 

  1552. 	}

    1553. 

  1553. 	else if ($mbstring)

    1554. 

  1554. 	{

    1555. 

  1555. 		mb_ereg_search_init($username, '^' . $regex . '$');

    1556. 

  1556. 		if (!mb_ereg_search())

    1557. 

  1557. 		{

    1558. 

  1558. 			return 'INVALID_CHARS';

    1559. 

  1559. 		}

    1560. 

  1560. 	}

    1561. 

  1561. 

    1562. 

  1562. 	$sql = 'SELECT username

    1563. 

  1563. 		FROM ' . USERS_TABLE . "

    1564. 

  1564. 		WHERE username_clean = '" . $db->sql_escape($clean_username) . "'";

    1565. 

  1565. 	$result = $db->sql_query($sql);

    1566. 

  1566. 	$row = $db->sql_fetchrow($result);

    1567. 

  1567. 	$db->sql_freeresult($result);

    1568. 

  1568. 

    1569. 

  1569. 	if ($row)

    1570. 

  1570. 	{

    1571. 

  1571. 		return 'USERNAME_TAKEN';

    1572. 

  1572. 	}

    1573. 

  1573. 

    1574. 

  1574. 	$sql = 'SELECT group_name

    1575. 

  1575. 		FROM ' . GROUPS_TABLE . "

    1576. 

  1576. 		WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($username)) . "'";

    1577. 

  1577. 	$result = $db->sql_query($sql);

    1578. 

  1578. 	$row = $db->sql_fetchrow($result);

    1579. 

  1579. 	$db->sql_freeresult($result);

    1580. 

  1580. 

    1581. 

  1581. 	if ($row)

    1582. 

  1582. 	{

    1583. 

  1583. 		return 'USERNAME_TAKEN';

    1584. 

  1584. 	}

    1585. 

  1585. 

    1586. 

  1586. 	$bad_usernames = $cache->obtain_disallowed_usernames();

    1587. 

  1587. 

    1588. 

  1588. 	foreach ($bad_usernames as $bad_username)

    1589. 

  1589. 	{

    1590. 

  1590. 		if (preg_match('#^' . $bad_username . '$#', $clean_username))

    1591. 

  1591. 		{

    1592. 

  1592. 			return 'USERNAME_DISALLOWED';

    1593. 

  1593. 		}

    1594. 

  1594. 	}

    1595. 

  1595. 

    1596. 

  1596. 	return false;

    1597. 

  1597. }

    1598. 

  1598. 

    1599. 

  1599. /**

    1600. 

  1600. * Check to see if the password meets the complexity settings

    1601. 

  1601. *

    1602. 

  1602. * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1603. 

  1603. */

    1604. 

  1604. function validate_password($password)

    1605. 

  1605. {

    1606. 

  1606. 	global $config, $db, $user;

    1607. 

  1607. 

    1608. 

  1608. 	if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY')

    1609. 

  1609. 	{

    1610. 

  1610. 		// Password empty or no password complexity required.

    1611. 

  1611. 		return false;

    1612. 

  1612. 	}

    1613. 

  1613. 

    1614. 

  1614. 	$pcre = $mbstring = false;

    1615. 

  1615. 

    1616. 

  1616. 	// generic UTF-8 character types supported?

    1617. 

  1617. 	if ((version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>='))) && @preg_match('/\p{L}/u', 'a') !== false)

    1618. 

  1618. 	{

    1619. 

  1619. 		$upp = '\p{Lu}';

    1620. 

  1620. 		$low = '\p{Ll}';

    1621. 

  1621. 		$num = '\p{N}';

    1622. 

  1622. 		$sym = '[^\p{Lu}\p{Ll}\p{N}]';

    1623. 

  1623. 		$pcre = true;

    1624. 

  1624. 	}

    1625. 

  1625. 	else if (function_exists('mb_ereg_match'))

    1626. 

  1626. 	{

    1627. 

  1627. 		mb_regex_encoding('UTF-8');

    1628. 

  1628. 		$upp = '[[:upper:]]';

    1629. 

  1629. 		$low = '[[:lower:]]';

    1630. 

  1630. 		$num = '[[:digit:]]';

    1631. 

  1631. 		$sym = '[^[:upper:][:lower:][:digit:]]';

    1632. 

  1632. 		$mbstring = true;

    1633. 

  1633. 	}

    1634. 

  1634. 	else

    1635. 

  1635. 	{

    1636. 

  1636. 		$upp = '[A-Z]';

    1637. 

  1637. 		$low = '[a-z]';

    1638. 

  1638. 		$num = '[0-9]';

    1639. 

  1639. 		$sym = '[^A-Za-z0-9]';

    1640. 

  1640. 		$pcre = true;

    1641. 

  1641. 	}

    1642. 

  1642. 

    1643. 

  1643. 	$chars = array();

    1644. 

  1644. 

    1645. 

  1645. 	switch ($config['pass_complex'])

    1646. 

  1646. 	{

    1647. 

  1647. 		// No break statements below ...

    1648. 

  1648. 		// We require strong passwords in case pass_complex is not set or is invalid

    1649. 

  1649. 		default:

    1650. 

  1650. 

    1651. 

  1651. 		// Require mixed case letters, numbers and symbols

    1652. 

  1652. 		case 'PASS_TYPE_SYMBOL':

    1653. 

  1653. 			$chars[] = $sym;

    1654. 

  1654. 

    1655. 

  1655. 		// Require mixed case letters and numbers

    1656. 

  1656. 		case 'PASS_TYPE_ALPHA':

    1657. 

  1657. 			$chars[] = $num;

    1658. 

  1658. 

    1659. 

  1659. 		// Require mixed case letters

    1660. 

  1660. 		case 'PASS_TYPE_CASE':

    1661. 

  1661. 			$chars[] = $low;

    1662. 

  1662. 			$chars[] = $upp;

    1663. 

  1663. 	}

    1664. 

  1664. 

    1665. 

  1665. 	if ($pcre)

    1666. 

  1666. 	{

    1667. 

  1667. 		foreach ($chars as $char)

    1668. 

  1668. 		{

    1669. 

  1669. 			if (!preg_match('#' . $char . '#u', $password))

    1670. 

  1670. 			{

    1671. 

  1671. 				return 'INVALID_CHARS';

    1672. 

  1672. 			}

    1673. 

  1673. 		}

    1674. 

  1674. 	}

    1675. 

  1675. 	else if ($mbstring)

    1676. 

  1676. 	{

    1677. 

  1677. 		foreach ($chars as $char)

    1678. 

  1678. 		{

    1679. 

  1679. 			if (mb_ereg($char, $password) === false)

    1680. 

  1680. 			{

    1681. 

  1681. 				return 'INVALID_CHARS';

    1682. 

  1682. 			}

    1683. 

  1683. 		}

    1684. 

  1684. 	}

    1685. 

  1685. 

    1686. 

  1686. 	return false;

    1687. 

  1687. }

    1688. 

  1688. 

    1689. 

  1689. /**

    1690. 

  1690. * Check to see if email address is banned or already present in the DB

    1691. 

  1691. *

    1692. 

  1692. * @param string $email The email to check

    1693. 

  1693. * @param string $allowed_email An allowed email, default being $user->data['user_email']

    1694. 

  1694. *

    1695. 

  1695. * @return mixed Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)

    1696. 

  1696. */

    1697. 

  1697. function validate_email($email, $allowed_email = false)

    1698. 

  1698. {

    1699. 

  1699. 	global $config, $db, $user;

    1700. 

  1700. 

    1701. 

  1701. 	$email = strtolower($email);

    1702. 

  1702. 	$allowed_email = ($allowed_email === false) ? strtolower($user->data['user_email']) : strtolower($allowed_email);

    1703. 

  1703. 

    1704. 

  1704. 	if ($allowed_email == $email)

    1705. 

  1705. 	{

    1706. 

  1706. 		return false;

    1707. 

  1707. 	}

    1708. 

  1708. 

    1709. 

  1709. 	if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email))

    1710. 

  1710. 	{

    1711. 

  1711. 		return 'EMAIL_INVALID';

    1712. 

  1712. 	}

    1713. 

  1713. 

    1714. 

  1714. 	// Check MX record.

    1715. 

  1715. 	// The idea for this is from reading the UseBB blog/announcement. :)

    1716. 

  1716. 	if ($config['email_check_mx'])

    1717. 

  1717. 	{

    1718. 

  1718. 		list(, $domain) = explode('@', $email);

    1719. 

  1719. 

    1720. 

  1720. 		if (phpbb_checkdnsrr($domain, 'A') === false && phpbb_checkdnsrr($domain, 'MX') === false)

    1721. 

  1721. 		{

    1722. 

  1722. 			return 'DOMAIN_NO_MX_RECORD';

    1723. 

  1723. 		}

    1724. 

  1724. 	}

    1725. 

  1725. 

    1726. 

  1726. 	if (($ban_reason = $user->check_ban(false, false, $email, true)) !== false)

    1727. 

  1727. 	{

    1728. 

  1728. 		return ($ban_reason === true) ? 'EMAIL_BANNED' : $ban_reason;

    1729. 

  1729. 	}

    1730. 

  1730. 

    1731. 

  1731. 	if (!$config['allow_emailreuse'])

    1732. 

  1732. 	{

    1733. 

  1733. 		$sql = 'SELECT user_email_hash

    1734. 

  1734. 			FROM ' . USERS_TABLE . "

    1735. 

  1735. 			WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email));

    1736. 

  1736. 		$result = $db->sql_query($sql);

    1737. 

  1737. 		$row = $db->sql_fetchrow($result);

    1738. 

  1738. 		$db->sql_freeresult($result);

    1739. 

  1739. 

    1740. 

  1740. 		if ($row)

    1741. 

  1741. 		{

    1742. 

  1742. 			return 'EMAIL_TAKEN';

    1743. 

  1743. 		}

    1744. 

  1744. 	}

    1745. 

  1745. 

    1746. 

  1746. 	return false;

    1747. 

  1747. }

    1748. 

  1748. 

    1749. 

  1749. /**

    1750. 

  1750. * Validate jabber address

    1751. 

  1751. * Taken from the jabber class within flyspray (see author notes)

    1752. 

  1752. *

    1753. 

  1753. * @author flyspray.org

    1754. 

  1754. */

    1755. 

  1755. function validate_jabber($jid)

    1756. 

  1756. {

    1757. 

  1757. 	if (!$jid)

    1758. 

  1758. 	{

    1759. 

  1759. 		return false;

    1760. 

  1760. 	}

    1761. 

  1761. 

    1762. 

  1762. 	$seperator_pos = strpos($jid, '@');

    1763. 

  1763. 

    1764. 

  1764. 	if ($seperator_pos === false)

    1765. 

  1765. 	{

    1766. 

  1766. 		return 'WRONG_DATA';

    1767. 

  1767. 	}

    1768. 

  1768. 

    1769. 

  1769. 	$username = substr($jid, 0, $seperator_pos);

    1770. 

  1770. 	$realm = substr($jid, $seperator_pos + 1);

    1771. 

  1771. 

    1772. 

  1772. 	if (strlen($username) == 0 || strlen($realm) < 3)

    1773. 

  1773. 	{

    1774. 

  1774. 		return 'WRONG_DATA';

    1775. 

  1775. 	}

    1776. 

  1776. 

    1777. 

  1777. 	$arr = explode('.', $realm);

    1778. 

  1778. 

    1779. 

  1779. 	if (sizeof($arr) == 0)

    1780. 

  1780. 	{

    1781. 

  1781. 		return 'WRONG_DATA';

    1782. 

  1782. 	}

    1783. 

  1783. 

    1784. 

  1784. 	foreach ($arr as $part)

    1785. 

  1785. 	{

    1786. 

  1786. 		if (substr($part, 0, 1) == '-' || substr($part, -1, 1) == '-')

    1787. 

  1787. 		{

    1788. 

  1788. 			return 'WRONG_DATA';

    1789. 

  1789. 		}

    1790. 

  1790. 

    1791. 

  1791. 		if (!preg_match("@^[a-zA-Z0-9-.]+$@", $part))

    1792. 

  1792. 		{

    1793. 

  1793. 			return 'WRONG_DATA';

    1794. 

  1794. 		}

    1795. 

  1795. 	}

    1796. 

  1796. 

    1797. 

  1797. 	$boundary = array(array(0, 127), array(192, 223), array(224, 239), array(240, 247), array(248, 251), array(252, 253));

    1798. 

  1798. 

    1799. 

  1799. 	// Prohibited Characters RFC3454 + RFC3920

    1800. 

  1800. 	$prohibited = array(

    1801. 

  1801. 		// Table C.1.1

    1802. 

  1802. 		array(0x0020, 0x0020),		// SPACE

    1803. 

  1803. 		// Table C.1.2

    1804. 

  1804. 		array(0x00A0, 0x00A0),		// NO-BREAK SPACE

    1805. 

  1805. 		array(0x1680, 0x1680),		// OGHAM SPACE MARK

    1806. 

  1806. 		array(0x2000, 0x2001),		// EN QUAD

    1807. 

  1807. 		array(0x2001, 0x2001),		// EM QUAD

    1808. 

  1808. 		array(0x2002, 0x2002),		// EN SPACE

    1809. 

  1809. 		array(0x2003, 0x2003),		// EM SPACE

    1810. 

  1810. 		array(0x2004, 0x2004),		// THREE-PER-EM SPACE

    1811. 

  1811. 		array(0x2005, 0x2005),		// FOUR-PER-EM SPACE

    1812. 

  1812. 		array(0x2006, 0x2006),		// SIX-PER-EM SPACE

    1813. 

  1813. 		array(0x2007, 0x2007),		// FIGURE SPACE

    1814. 

  1814. 		array(0x2008, 0x2008),		// PUNCTUATION SPACE

    1815. 

  1815. 		array(0x2009, 0x2009),		// THIN SPACE

    1816. 

  1816. 		array(0x200A, 0x200A),		// HAIR SPACE

    1817. 

  1817. 		array(0x200B, 0x200B),		// ZERO WIDTH SPACE

    1818. 

  1818. 		array(0x202F, 0x202F),		// NARROW NO-BREAK SPACE

    1819. 

  1819. 		array(0x205F, 0x205F),		// MEDIUM MATHEMATICAL SPACE

    1820. 

  1820. 		array(0x3000, 0x3000),		// IDEOGRAPHIC SPACE

    1821. 

  1821. 		// Table C.2.1

    1822. 

  1822. 		array(0x0000, 0x001F),		// [CONTROL CHARACTERS]

    1823. 

  1823. 		array(0x007F, 0x007F),		// DELETE

    1824. 

  1824. 		// Table C.2.2

    1825. 

  1825. 		array(0x0080, 0x009F),		// [CONTROL CHARACTERS]

    1826. 

  1826. 		array(0x06DD, 0x06DD),		// ARABIC END OF AYAH

    1827. 

  1827. 		array(0x070F, 0x070F),		// SYRIAC ABBREVIATION MARK

    1828. 

  1828. 		array(0x180E, 0x180E),		// MONGOLIAN VOWEL SEPARATOR

    1829. 

  1829. 		array(0x200C, 0x200C), 		// ZERO WIDTH NON-JOINER

    1830. 

  1830. 		array(0x200D, 0x200D),		// ZERO WIDTH JOINER

    1831. 

  1831. 		array(0x2028, 0x2028),		// LINE SEPARATOR

    1832. 

  1832. 		array(0x2029, 0x2029),		// PARAGRAPH SEPARATOR

    1833. 

  1833. 		array(0x2060, 0x2060),		// WORD JOINER

    1834. 

  1834. 		array(0x2061, 0x2061),		// FUNCTION APPLICATION

    1835. 

  1835. 		array(0x2062, 0x2062),		// INVISIBLE TIMES

    1836. 

  1836. 		array(0x2063, 0x2063),		// INVISIBLE SEPARATOR

    1837. 

  1837. 		array(0x206A, 0x206F),		// [CONTROL CHARACTERS]

    1838. 

  1838. 		array(0xFEFF, 0xFEFF),		// ZERO WIDTH NO-BREAK SPACE

    1839. 

  1839. 		array(0xFFF9, 0xFFFC),		// [CONTROL CHARACTERS]

    1840. 

  1840. 		array(0x1D173, 0x1D17A),	// [MUSICAL CONTROL CHARACTERS]

    1841. 

  1841. 		// Table C.3

    1842. 

  1842. 		array(0xE000, 0xF8FF),		// [PRIVATE USE, PLANE 0]

    1843. 

  1843. 		array(0xF0000, 0xFFFFD),	// [PRIVATE USE, PLANE 15]

    1844. 

  1844. 		array(0x100000, 0x10FFFD),	// [PRIVATE USE, PLANE 16]

    1845. 

  1845. 		// Table C.4

    1846. 

  1846. 		array(0xFDD0, 0xFDEF),		// [NONCHARACTER CODE POINTS]

    1847. 

  1847. 		array(0xFFFE, 0xFFFF),		// [NONCHARACTER CODE POINTS]

    1848. 

  1848. 		array(0x1FFFE, 0x1FFFF),	// [NONCHARACTER CODE POINTS]

    1849. 

  1849. 		array(0x2FFFE, 0x2FFFF),	// [NONCHARACTER CODE POINTS]

    1850. 

  1850. 		array(0x3FFFE, 0x3FFFF),	// [NONCHARACTER CODE POINTS]

    1851. 

  1851. 		array(0x4FFFE, 0x4FFFF),	// [NONCHARACTER CODE POINTS]

    1852. 

  1852. 		array(0x5FFFE, 0x5FFFF),	// [NONCHARACTER CODE POINTS]

    1853. 

  1853. 		array(0x6FFFE, 0x6FFFF),	// [NONCHARACTER CODE POINTS]

    1854. 

  1854. 		array(0x7FFFE, 0x7FFFF),	// [NONCHARACTER CODE POINTS]

    1855. 

  1855. 		array(0x8FFFE, 0x8FFFF),	// [NONCHARACTER CODE POINTS]

    1856. 

  1856. 		array(0x9FFFE, 0x9FFFF),	// [NONCHARACTER CODE POINTS]

    1857. 

  1857. 		array(0xAFFFE, 0xAFFFF),	// [NONCHARACTER CODE POINTS]

    1858. 

  1858. 		array(0xBFFFE, 0xBFFFF),	// [NONCHARACTER CODE POINTS]

    1859. 

  1859. 		array(0xCFFFE, 0xCFFFF),	// [NONCHARACTER CODE POINTS]

    1860. 

  1860. 		array(0xDFFFE, 0xDFFFF),	// [NONCHARACTER CODE POINTS]

    1861. 

  1861. 		array(0xEFFFE, 0xEFFFF),	// [NONCHARACTER CODE POINTS]

    1862. 

  1862. 		array(0xFFFFE, 0xFFFFF),	// [NONCHARACTER CODE POINTS]

    1863. 

  1863. 		array(0x10FFFE, 0x10FFFF),	// [NONCHARACTER CODE POINTS]

    1864. 

  1864. 		// Table C.5

    1865. 

  1865. 		array(0xD800, 0xDFFF),		// [SURROGATE CODES]

    1866. 

  1866. 		// Table C.6

    1867. 

  1867. 		array(0xFFF9, 0xFFF9),		// INTERLINEAR ANNOTATION ANCHOR

    1868. 

  1868. 		array(0xFFFA, 0xFFFA),		// INTERLINEAR ANNOTATION SEPARATOR

    1869. 

  1869. 		array(0xFFFB, 0xFFFB),		// INTERLINEAR ANNOTATION TERMINATOR

    1870. 

  1870. 		array(0xFFFC, 0xFFFC),		// OBJECT REPLACEMEN…
    1871.

Large files files are truncated, but you can click here to view the full file