' . $ltr . '';
} else {
// Output link to letter
$OUT .= '' . $ltr . '';
}
if ((($counter / getConfig('user_alpha')) == round($counter / getConfig('user_alpha'))) && ($counter > 0)) {
$OUT .= ']
[';
} elseif ( $counter != $num ) {
$OUT .= '|';
}
} // END - while
// Prepare content
$content = array (
'alpha_selection' => $OUT
);
// Load template
$OUT = loadTemplate('admin_list_user_alpha', true, $content);
// Return generated code
return $OUT;
}
// Add links for sorting
function addSortLinks ($letter, $sortby) {
$OUT = '';
if (!isGetRequestElementSet('offset')) setGetRequestElement('offset', 0);
if (!isGetRequestElementSet('page')) setGetRequestElement('page' , 0);
// Add page and offset
$add = '&page=' . getRequestElement('page') . '&offset=' . getRequestElement('offset');
// Add status/ mode
foreach (array('mode','status') as $param) {
if (isGetRequestElementSet($param)) {
$add .= '&' . $param . '=' . getRequestElement($param);
} // END - if
} // END - foreach
// Makes order by links..
if ($letter == 'front') {
$letter = '';
} // END - if
// Prepare array with all possible sorters
$list = array(
'userid' => '{--_USERID--}',
'family' => '{--FAMILY--}',
'email' => '{--EMAIL--}',
'REMOTE_ADDR' => '{--REMOTE_IP--}'
);
// Add nickname if extension is installed
if (isExtensionActive('nickname')) {
$list['nickname'] = '{--NICKNAME--}';
} // END - if
foreach ($list as $sort => $title) {
if ($sortby == $sort) {
$OUT .= '' . $title . '|';
} else {
$OUT .= '' . $title . '|';
}
} // END - foreach
// Add output
$content['list'] = substr($OUT, 0, -1);
// Load template
$OUT = loadTemplate('admin_list_user_sort', true, $content);
// Return code
return $OUT;
}
// Add page navigation
function addPageNavigation ($numPages) {
// Start with empty content
$OUT = '';
// Create only the navigation if page count > 1
if ($numPages > 1) {
// Create navigation links for every page
for ($page = 1; $page <= $numPages; $page++) {
if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) {
$OUT .= '-';
} else {
if (!isGetRequestElementSet('letter')) setGetRequestElement('letter', '');
if (!isGetRequestElementSet('sortby')) setGetRequestElement('sortby', 'userid');
// Base link
$OUT .= '';
}
$OUT .= $page;
if (($page == getRequestElement('page')) || ((!isGetRequestElementSet('page')) && ($page == 1))) {
$OUT .= '-';
} else {
$OUT .= '';
}
if ($page < $numPages) {
$OUT .= '|';
} // END - if
} // END - for
// Add list output
$content['list'] = $OUT;
// Load template
$OUT = loadTemplate('admin_list_user_pagenav', true, $content);
} // END - if
// Return code
return $OUT;
}
// Create email link to user's account
function generateUserEmailLink ($email, $mod = 'admin') {
// Show contact link only if user is confirmed by default
$locked = " AND `status`='CONFIRMED'";
// But admins shall always see it
if (isAdmin()) {
$locked = '';
} // END - if
// Search for the email address
$result = SQL_QUERY_ESC("SELECT
`userid`
FROM
`{?_MYSQL_PREFIX?}_user_data`
WHERE
'%s' REGEXP `email`
" . $locked . "
LIMIT 1",
array($email), __FUNCTION__, __LINE__);
// Do we have an entry?
if (SQL_NUMROWS($result) == 1) {
// Load userid
list($userid) = SQL_FETCHROW($result);
// Rewrite email address to contact link
$email = '{%url=modules.php?module=' . $mod . '&what=user_contct&userid=' . bigintval($userid) . '%}';
} // END - if
// Free memory
SQL_FREERESULT($result);
// Return rewritten (?) email address
return $email;
}
// Selects a random user id as the new referal id if they have at least X confirmed mails in this run
// @TODO Double-check configuration entry here
function determineRandomReferalId () {
// Default is zero refid
$refid = NULL;
// Is the extension version fine?
if (isExtensionInstalledAndNewer('user', '0.3.4')) {
// Get all user ids
$totalUsers = countSumTotalData('CONFIRMED', 'user_data', 'userid', 'status', true, " AND `rand_confirmed` >= {?user_min_confirmed?}");
// Do we have at least one?
if ($totalUsers > 0) {
// Then choose random number
$randNum = mt_rand(0, ($totalUsers - 1));
// Look for random user
$result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `status`='CONFIRMED' AND `rand_confirmed` >= {?user_min_confirmed?} ORDER BY `rand_confirmed` DESC LIMIT %s, 1",
array($randNum), __FUNCTION__, __LINE__);
// Do we have one entry there?
if (SQL_NUMROWS($result) == 1) {
// Use that userid as new referal id
list($refid) = SQL_FETCHROW($result);
} // END - if
// Free result
SQL_FREERESULT($result);
} // END - if
} // END - if
// Return result
return $refid;
}
// Do the user login
function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.php?module=index&what=login&login=') {
// Init variables
$dmy = '';
$add = '';
$errorCode = '0';
$ext = '';
$isFound = false;
// Init array
$content = array(
'password' => '',
'userid' => '',
'last_online' => 0,
'last_login' => 0,
'hash' => ''
);
// Check login data
if ((isExtensionActive('nickname')) && (isNicknameUsed($userid))) {
// Nickname entered
fetchUserData($userid, 'nickname');
} elseif (isNicknameUsed($userid)) {
// No nickname installed
$errorCode = getCode('EXTENSION_PROBLEM');
$ext = 'nickname';
} else {
// Direct userid entered
$isFound = fetchUserData($userid);
}
// No error found?
if (($errorCode == '0') && ($isFound === true)) {
// Get user data array and set userid (e.g. important if we login with nickname)
$content = getUserDataArray();
if (!empty($content['userid'])) {
$userid = bigintval($content['userid']);
} // END - if
} // END - if
// Is there an entry?
if (($errorCode == '0') && (isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) {
// Check for old MD5 passwords
if ((strlen(getUserData('password')) == 32) && (md5($passwd) == getUserData('password'))) {
// Just set the hash to the password from DB... :)
$content['hash'] = getUserData('password');
} else {
// Hash password with improved way for comparsion
$content['hash'] = generateHash($passwd, substr(getUserData('password'), 0, -40));
}
// Does the password match the hash?
if ($content['hash'] == getUserData('password')) {
// New hashed password found so let's generate a new one
$content['hash'] = generateHash($passwd);
// ... and update database
// @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content);
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1",
array($content['hash'], $userid), __FUNCTION__, __LINE__);
// No login bonus by default
$GLOBALS['bonus_payed'] = false;
// Is bonus up-to-date?
if (isExtensionInstalledAndNewer('bonus', '0.2.2')) {
// Probe for last online timemark
$probe = time() - getUserData('last_online');
if (getUserData('last_login') > 0) {
// Use timestamp from last login
$probe = time() - getUserData('last_login');
} // END - if
// Is the timeout reached?
if ($probe >= getConfig('login_timeout')) {
// Add login bonus to user's account
$add = ', `login_bonus`=`login_bonus`+{?login_bonus?}';
$GLOBALS['bonus_payed'] = true;
// Subtract login bonus from userid's account or jackpot
if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getBonusMode() != 'ADD')) {
handleBonusPoints('login_bonus', $userid);
} // END - if
} // END - if
} // END - if
// @TODO Make this filter working: $url = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON));
// Set member id
setMemberId($userid);
// Try to set session data (which shall normally always work!)
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',hash=' . $content['hash'] . '(' . strlen($content['hash']) . ')');
if ((setSession('userid', $userid )) && (setSession('u_hash', encodeHashForCookie($content['hash'])))) {
// Update database records
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `total_logins`=`total_logins`+1" . $add . " WHERE `userid`=%s LIMIT 1",
array($userid), __FUNCTION__, __LINE__);
if (!SQL_HASZEROAFFECTED()) {
// Is a success URL set?
if (empty($successUrl)) {
// Procedure to checking for login data
if (($GLOBALS['bonus_payed'] === true) && (isExtensionActive('bonus'))) {
// Bonus added (just displaying!)
$url = 'modules.php?module=chk_login&mode=bonus';
} else {
// Bonus not added
$url = 'modules.php?module=chk_login&mode=login';
}
} else {
// Use this URL
$url = $successUrl;
}
} else {
// Cannot update counter!
$errorCode = getCode('CNTR_FAILED');
}
} else {
// Cookies not setable!
$errorCode = getCode('COOKIES_DISABLED');
}
} elseif (isExtensionInstalledAndNewer('sql_patches', '0.6.1')) {
// Update failure counter
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `userid`=%s LIMIT 1",
array($userid), __FUNCTION__, __LINE__);
// Wrong password!
$errorCode = getCode('WRONG_PASS');
}
} elseif ((isUserDataValid()) && (getUserData('status') != 'CONFIRMED')) {
// Create an error code from given status
$errorCode = generateErrorCodeFromUserStatus(getUserData('status'));
// Set userid in session
setSession('current_userid', getUserData('userid'));
} elseif (!isUserDataValid()) {
// User id not found
$errorCode = getCode('WRONG_ID');
} else {
// Unknown error
$errorCode = getCode('UNKNOWN_ERROR');
}
// Error code provided?
if ($errorCode > 0) {
// Then reconstruct the URL
$url = $errorUrl . $errorCode;
// Extension set? Then add it as well.
if (!empty($ext)) {
$url .= '&ext=' . $ext;
} // END - if
} // END - if
// Return URL
return $url;
}
// Try to send a new password for the given user account
function doNewUserPassword ($email, $userid) {
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ' - ENTERED!');
// Init found-status and error
$errorCode = '';
$accountFound = false;
// Probe userid/nickname
if (!empty($email)) {
// Email entered
$accountFound = fetchUserData($email, 'email');
} elseif ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) {
// Nickname entered
$accountFound = fetchUserData($userid, 'nickname');
} elseif ((isValidUserId($userid)) && (empty($email))) {
// Direct userid entered
$accountFound = fetchUserData($userid);
} else {
// Userid not set!
logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',email=' . $email . ': Important variables are empty.');
}
// Any entry found?
if ($accountFound === true) {
// Is the account confirmed
if (getUserData('status') == 'CONFIRMED') {
// Generate new password
$NEW_PASS = generatePassword();
// Update database
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s LIMIT 1",
array(generateHash($NEW_PASS), getUserData('userid')), __FUNCTION__, __LINE__);
// Prepare data and message for email
$message = loadEmailTemplate('guest_new_password',
array(
'new_pass' => $NEW_PASS,
'nickname' => $userid
), bigintval(getUserData('userid')));
// ... and send it away
sendEmail(bigintval(getUserData('userid')), '{--GUEST_NEW_PASSWORD--}', $message);
// Output note to user
displayMessage('{--GUEST_NEW_PASSWORD_SEND--}');
} else {
// Account is locked or unconfirmed
$errorCode = generateErrorCodeFromUserStatus(getUserData('status'));
// Load URL
redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode);
}
} else {
// id or email is wrong
displayMessage('{--GUEST_WRONG_ID_EMAIL--}');
}
// Return the error code
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ',errorCode=' . $errorCode . ' - EXIT!');
return $errorCode;
}
// Get timestamp for given stats type and data
function getEpocheTimeFromUserStats ($statsType, $statsData, $userid = NULL) {
// Default timestamp is zero
$data['inserted'] = '0';
// User id set?
if ((isMemberIdSet()) && (is_null($userid))) {
$userid = getMemberId();
} // END - if
// Is the extension installed and updated?
if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
// Return zero here
return $data['inserted'];
} // END - if
// Try to find the entry
$result = SQL_QUERY_ESC("SELECT
UNIX_TIMESTAMP(`inserted`) AS inserted
FROM
`{?_MYSQL_PREFIX?}_user_stats_data`
WHERE
`userid`=%s AND
`stats_type`='%s' AND
`stats_data`='%s'
LIMIT 1",
array(
bigintval($userid),
$statsType,
$statsData
), __FUNCTION__, __LINE__);
// Is the entry there?
if (SQL_NUMROWS($result) == 1) {
// Get this stamp
$data = SQL_FETCHARRAY($result);
} // END - if
// Free result
SQL_FREERESULT($result);
// Return stamp
return $data['inserted'];
}
// Inserts user stats
function insertUserStatsRecord ($userid, $statsType, $statsData) {
// Is the extension installed and updated?
if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) {
// Return zero here
return false;
} // END - if
// Default is not working
$return = false;
// Does it exist?
if ((!getEpocheTimeFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) {
// Then insert it!
SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')",
array(
bigintval($userid),
$statsType,
$statsData
), __FUNCTION__, __LINE__);
// Does it have worked?
$return = (!SQL_HASZEROAFFECTED());
} elseif (is_array($statsData)) {
// Invalid data!
logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',type=' . $statsType . ',data=' . gettype($statsData) . ': Invalid statistics data type!');
}
// Return status
return $return;
}
// Confirms a user account
function doConfirmUserAccount ($hash) {
// Init content
$content = array(
'message' => '{--GUEST_CONFIRMED_FAILED--}',
'userid' => 0,
);
// Initialize the user id
$userid = NULL;
// Search for an unconfirmed or confirmed account
$result = SQL_QUERY_ESC("SELECT `userid`,`refid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `user_hash`='%s' AND (`status`='UNCONFIRMED' OR `status`='CONFIRMED') LIMIT 1",
array($hash), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Ok, he want's to confirm now so we load some data
list($userid, $refid) = SQL_FETCHROW($result);
// Fetch user data
if (!fetchUserData($userid)) {
// Not found, should not happen
debug_report_bug(__FILE__, __LINE__, 'User account ' . $userid . ' not found.');
} // END - if
// Load all data and add points
$content = getUserDataArray();
// Unlock his account (but only when it is on UNCONFIRMED!)
SQL_QUERY_ESC("UPDATE
`{?_MYSQL_PREFIX?}_user_data`
SET
`status`='CONFIRMED',
`user_hash`=NULL
WHERE
`user_hash`='%s' AND
`status`='UNCONFIRMED'
LIMIT 1",
array($hash), __FILE__, __LINE__);
// Was it updated?
if (!SQL_HASZEROAFFECTED()) {
// Send email if updated
$message = loadEmailTemplate('guest_user_confirmed', $content, bigintval($userid));
// And send him right away the confirmation mail
sendEmail($userid, '{--GUEST_THANX_CONFIRM--}', $message);
// Maybe he got "referaled"?
if ((isValidUserId($refid)) && ($refid != $userid)) {
// Select the referal userid
if (fetchUserData($refid)) {
// Update ref counter...
updateReferalCounter($refid);
// If version matches add ref bonus to refid's account
if ((isExtensionInstalledAndNewer('bonus', '0.4.4')) && (isBonusRallyeActive())) {
// Add points (directly only!)
SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `bonus_ref`=`bonus_ref`+{?bonus_ref?} WHERE `userid`=%s LIMIT 1",
array(bigintval($refid)), __FILE__, __LINE__);
// Subtract points from system
handleBonusPoints(getConfig('bonus_ref'), $refid);
} // END - if
// Add one-time referal bonus over referal system or directly
initReferalSystem();
addPointsThroughReferalSystem('referal_bonus', $refid, getPointsRef(), bigintval($userid));
} // END - if
} // END - if
if (isExtensionActive('rallye')) {
// Add user to rallye (or not?)
addUserToReferalRallye(bigintval($userid));
} // END - if
// Account confirmed!
if (isExtensionActive('lead')) {
// Set special lead cookie
setSession('lead_userid', bigintval($userid));
// Lead-Code mode enabled
redirectToUrl('lead-confirm.php');
} else {
$content['message'] = '{--GUEST_CONFIRMED_DONE--}';
$content['userid'] = bigintval($userid);
}
} elseif (isExtensionActive('lead')) {
// Set special lead cookie
setSession('lead_userid', bigintval($userid));
// Lead-Code mode enabled
redirectToUrl('lead-confirm.php');
} else {
// Nobody was found unter this hash key... or our new member want's to confirm twice?
$content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
}
} else {
// Nobody was found unter this hash key... or our new member want's to confirm twice?
$content['message'] = '{--GUEST_CONFIRMED_TWICE--}';
}
// Load template
displayMessage($content['message']);
}
// Does resend the user's confirmation link for given email address
function doResendUserConfirmationLink ($email) {
// Email address not registered is default message
$message = '{--EMAIL_404--}';
// Confirmation link requested
if (fetchUserData($email, 'email')) {
// Email address found
$content = getUserDataArray();
// Is the account unconfirmed?
if ($content['status'] == 'UNCONFIRMED') {
// Load email template
$message = loadEmailTemplate('guest_request_confirm', array(), $content['userid']);
// Send email
sendEmail($content['userid'], '{--GUEST_REQUEST_CONFIRM_LINK_SUBJECT--}', $message);
} // END - if
// Create message based on the status
$message = getConfirmationMessageFromUserStatus($content['status']);
} // END - if
// Output message
displayMessage($message);
}
// Get a message (somewhat translation) from user status for confirmation link.
// This is different to translateUserStatus() in text messages.
function getConfirmationMessageFromUserStatus ($status) {
// Default is 'UNKNOWN'
$message = '{%message,GUEST_LOGIN_ID_UNKNOWN_STATUS=' . $status . '%}';
// Which status is it?
switch ($status) {
case 'UNCONFIRMED': // Account is unconfirmed
// And set message
$message = '{--GUEST_CONFIRM_LINK_SENT--}';
break;
case 'CONFIRMED': // Account already confirmed
$message = '{--GUEST_LOGIN_ID_CONFIRMED--}';
break;
case 'LOCKED': // Account is locked
$message = '{--GUEST_LOGIN_ID_LOCKED--}';
break;
default: // This should not happen
debug_report_bug(__FUNCTION__, __LINE__, 'Unknown user status ' . $status . ' detected.');
break;
} // END - switch
// Return message
return $message;
}
// Expression call-back function for fetching user data
function doExpressionUser ($data) {
// Use current userid by default
$functionName = 'getMemberId()';
// User-related data, so is there a userid?
if (!empty($data['matches'][4][$data['key']])) {
// Do we have a userid or $userid?
if (substr($data['matches'][4][$data['key']], 0, 1) == '$') {
// Use dynamic call
$functionName = "getFetchedUserData('userid', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')";
} elseif (!empty($data['matches'][4][$data['key']])) {
// Do we have a number or a dollar sign in front of it?
if (preg_replace('/[^0123456789]/', '', $data['matches'][4][$data['key']]) != $data['matches'][4][$data['key']]) {
// Possible database column, so get it again
$data['matches'][4][$data['key']] = "getFetchedUserData('userid', getMemberId(), '" . $data['matches'][4][$data['key']] . "')";
} // END - if
// Fix all together
$functionName = "getFetchedUserData('userid', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')";
}
} elseif ((!empty($data['callback'])) && (isUserDataValid())) {
// "Call-back" alias column for current logged in user's data
$functionName = "getUserData('" . $data['callback'] . "')";
}
// Do we have another function to run (e.g. translations)
if (!empty($data['extra_func'])) {
// Surround the original function call with it
$functionName = $data['extra_func'] . '(' . $functionName . ')';
} // END - if
//* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'functionName=' . $functionName);
// Generate replacer
$replacer = '{DQUOTE} . ' . $functionName . ' . {DQUOTE}';
// Now replace the code
$code = replaceExpressionCode($data, $replacer);
// Return replaced code
return $code;
}
// Template call-back function for list_user admin function
function doTemplateAdminListUserTitle ($template, $clear = false) {
// Init title with "all accounts"
$code = '{--ADMIN_LIST_ALL_ACCOUNTS--}';
// Do we have a 'status' or 'mode' set?
if (isGetRequestElementSet('status')) {
// Set title according to the 'status'
$code = sprintf("{--ADMIN_LIST_STATUS_%s_ACCOUNTS--}", strtoupper(getRequestElement('status')));
} elseif (isGetRequestElementSet('mode')) {
// Set title according to the "mode"
$code = sprintf("{--ADMIN_LIST_MODE_%s_ACCOUNTS--}", strtoupper(getRequestElement('mode')));
}
// Return the code
return $code;
}
// [EOF]
?>