' . $ltr . ''; } else { // Output link to letter $OUT .= '' . $ltr . ''; } if ((($counter / getConfig('user_alpha')) == round($counter / getConfig('user_alpha'))) && ($counter > 0)) { $OUT .= ']
['; } elseif ( $counter != $num ) { $OUT .= '|'; } } // END - while // Prepare content $content = array ( 'alpha_selection' => $OUT ); // Load template $OUT = loadTemplate('admin_list_user_alpha', true, $content); // Return generated code return $OUT; } // Add links for sorting function addSortLinks ($letter, $sortby) { $OUT = ''; if (!isGetRequestParameterSet('offset')) setGetRequestParameter('offset', 0); if (!isGetRequestParameterSet('page')) setGetRequestParameter('page' , 0); // Add page and offset $add = '&page=' . getRequestParameter('page') . '&offset=' . getRequestParameter('offset'); // Add status/ mode foreach (array('mode','status') as $param) { if (isGetRequestParameterSet($param)) { $add .= '&' . $param . '=' . getRequestParameter($param); } // END - if } // END - foreach // Makes order by links.. if ($letter == 'front') { $letter = ''; } // END - if // Prepare array with all possible sorters $list = array( 'userid' => '{--_USERID--}', 'family' => '{--FAMILY--}', 'email' => '{--EMAIL--}', 'REMOTE_ADDR' => '{--REMOTE_IP--}' ); // Add nickname if extension is installed if (isExtensionActive('nickname')) { $list['nickname'] = '{--NICKNAME--}'; } // END - if foreach ($list as $sort => $title) { if ($sortby == $sort) { $OUT .= '' . $title . '|'; } else { $OUT .= '' . $title . '|'; } } // END - foreach // Add output $content['list'] = substr($OUT, 0, -1); // Load template $OUT = loadTemplate('admin_list_user_sort', true, $content); // Return code return $OUT; } // Add page navigation function addPageNavigation ($numPages) { // Start with empty content $OUT = ''; // Create only the navigation if page count > 1 if ($numPages > 1) { // Create navigation links for every page for ($page = 1; $page <= $numPages; $page++) { if (($page == getRequestParameter('page')) || ((!isGetRequestParameterSet('page')) && ($page == 1))) { $OUT .= '-'; } else { if (!isGetRequestParameterSet('letter')) setGetRequestParameter('letter', ''); if (!isGetRequestParameterSet('sortby')) setGetRequestParameter('sortby', 'userid'); // Base link $OUT .= ''; } $OUT .= $page; if (($page == getRequestParameter('page')) || ((!isGetRequestParameterSet('page')) && ($page == 1))) { $OUT .= '-'; } else { $OUT .= ''; } if ($page < $numPages) { $OUT .= '|'; } // END - if } // END - for // Add list output $content['list'] = $OUT; // Load template $OUT = loadTemplate('admin_list_user_pagenav', true, $content); } // END - if // Return code return $OUT; } // Create email link to user's account function generateUserEmailLink ($email, $mod = 'admin') { // Show contact link only if user is confirmed by default $locked = " AND `status`='CONFIRMED'"; // But admins shall always see it if (isAdmin()) $locked = ''; $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `email`='%s'" . $locked." LIMIT 1", array($email), __FUNCTION__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load userid list($userid) = SQL_FETCHROW($result); // Rewrite email address to contact link $email = '{%url=modules.php?module=' . $mod . '&what=user_contct&userid=' . bigintval($userid) . '%}'; } // END - if // Free memory SQL_FREERESULT($result); // Return rewritten (?) email address return $email; } // Selects a random user id as the new referal id if they have at least X confirmed mails in this run // @TODO Double-check configuration entry here function determineRandomReferalId () { // Default is zero refid $refid = NULL; // Is the extension version fine? if (isExtensionInstalledAndNewer('user', '0.3.4')) { // Get all user ids $totalUsers = countSumTotalData('CONFIRMED', 'user_data', 'userid', 'status', true, " AND `rand_confirmed` >= {?user_min_confirmed?}"); // Do we have at least one? if ($totalUsers > 0) { // Then choose random number $randNum = mt_rand(0, ($totalUsers - 1)); // Look for random user $result = SQL_QUERY_ESC("SELECT `userid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `status`='CONFIRMED' AND `rand_confirmed` >= {?user_min_confirmed?} ORDER BY `rand_confirmed` DESC LIMIT %s, 1", array($randNum), __FUNCTION__, __LINE__); // Do we have one entry there? if (SQL_NUMROWS($result) == 1) { // Use that userid as new referal id list($refid) = SQL_FETCHROW($result); } // END - if // Free result SQL_FREERESULT($result); } // END - if } // END - if // Return result return $refid; } // Do the user login function doUserLogin ($userid, $passwd, $successUrl = '', $errorUrl = 'modules.php?module=index&what=login&login=') { // Init variables $dmy = ''; $add = ''; $errorCode = '0'; $ext = ''; $isFound = false; // Init array $content = array( 'password' => '', 'userid' => '', 'last_online' => 0, 'last_login' => 0, 'hash' => '' ); // Check login data if ((isExtensionActive('nickname')) && (isNicknameUsed($userid))) { // Nickname entered fetchUserData($userid, 'nickname'); } elseif (isNicknameUsed($userid)) { // No nickname installed $errorCode = getCode('EXTENSION_PROBLEM'); $ext = 'nickname'; } else { // Direct userid entered $isFound = fetchUserData($userid); } // No error found? if (($errorCode == '0') && ($isFound === true)) { // Get user data array and set userid (e.g. important if we login with nickname) $content = getUserDataArray(); if (!empty($content['userid'])) { $userid = bigintval($content['userid']); } // END - if } // END - if // Is there an entry? if (($errorCode == '0') && (isUserDataValid()) && (getUserData('status') == 'CONFIRMED') && (!empty($content['userid']))) { // Check for old MD5 passwords if ((strlen(getUserData('password')) == 32) && (md5($passwd) == getUserData('password'))) { // Just set the hash to the password from DB... :) $content['hash'] = getUserData('password'); } else { // Hash password with improved way for comparsion $content['hash'] = generateHash($passwd, substr(getUserData('password'), 0, -40)); } // Does the password match the hash? if ($content['hash'] == getUserData('password')) { // New hashed password found so let's generate a new one $content['hash'] = generateHash($passwd); // ... and update database // @TODO Make this filter working: $ADDON = runFilterChain('post_login_update', $content); SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s AND `status`='CONFIRMED' LIMIT 1", array($content['hash'], $userid), __FUNCTION__, __LINE__); // No login bonus by default $GLOBALS['bonus_payed'] = false; // Is bonus up-to-date? if (isExtensionInstalledAndNewer('bonus', '0.2.2')) { // Probe for last online timemark $probe = time() - getUserData('last_online'); if (getUserData('last_login') > 0) { // Use timestamp from last login $probe = time() - getUserData('last_login'); } // END - if // Is the timeout reached? if ($probe >= getConfig('login_timeout')) { // Add login bonus to user's account $add = ', `login_bonus`=`login_bonus`+{?login_bonus?}'; $GLOBALS['bonus_payed'] = true; // Subtract login bonus from userid's account or jackpot if ((isExtensionInstalledAndNewer('bonus', '0.3.5')) && (getBonusMode() != 'ADD')) { handleBonusPoints('login_bonus'); } // END - if } // END - if } // END - if // @TODO Make this filter working: $url = runFilterChain('do_login', array('content' => $content, 'addon' => $ADDON)); // Set member id setMemberId($userid); // Try to set session data (which shall normally always work!) //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',hash=' . $content['hash'] . '(' . strlen($content['hash']) . ')'); if ((setSession('userid', $userid )) && (setSession('u_hash', encodeHashForCookie($content['hash'])))) { // Update database records SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `total_logins`=`total_logins`+1" . $add . " WHERE `userid`=%s LIMIT 1", array($userid), __FUNCTION__, __LINE__); if (!SQL_HASZEROAFFECTED()) { // Is a success URL set? if (empty($successUrl)) { // Procedure to checking for login data if (($GLOBALS['bonus_payed'] === true) && (isExtensionActive('bonus'))) { // Bonus added (just displaying!) $url = 'modules.php?module=chk_login&mode=bonus'; } else { // Bonus not added $url = 'modules.php?module=chk_login&mode=login'; } } else { // Use this URL $url = $successUrl; } } else { // Cannot update counter! $errorCode = getCode('CNTR_FAILED'); } } else { // Cookies not setable! $errorCode = getCode('COOKIES_DISABLED'); } } elseif (isExtensionInstalledAndNewer('sql_patches', '0.6.1')) { // Update failure counter SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `login_failures`=`login_failures`+1,`last_failure`=NOW() WHERE `userid`=%s LIMIT 1", array($userid), __FUNCTION__, __LINE__); // Wrong password! $errorCode = getCode('WRONG_PASS'); } } elseif ((isUserDataValid()) && (getUserData('status') != 'CONFIRMED')) { // Create an error code from given status $errorCode = generateErrorCodeFromUserStatus(getUserData('status')); // Set userid in session setSession('current_userid', getUserData('userid')); } elseif (!isUserDataValid()) { // User id not found $errorCode = getCode('WRONG_ID'); } else { // Unknown error $errorCode = getCode('UNKNOWN_ERROR'); } // Error code provided? if ($errorCode > 0) { // Then reconstruct the URL $url = $errorUrl . $errorCode; // Extension set? Then add it as well. if (!empty($ext)) { $url .= '&ext=' . $ext; } // END - if } // END - if // Return URL return $url; } // Try to send a new password for the given user account function doNewUserPassword ($email, $userid) { //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ' - ENTERED!'); // Init found-status and error $errorCode = ''; $accountFound = false; // Probe userid/nickname if (!empty($email)) { // Email entered $accountFound = fetchUserData($email, 'email'); } elseif ((isExtensionActive('nickname')) && (isNicknameOrUserid($userid))) { // Nickname entered $accountFound = fetchUserData($userid, 'nickname'); } elseif ((isValidUserId($userid)) && (empty($email))) { // Direct userid entered $accountFound = fetchUserData($userid); } else { // Userid not set! logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',email=' . $email . ': Important variables are empty.'); } // Any entry found? if ($accountFound === true) { // Is the account confirmed if (getUserData('status') == 'CONFIRMED') { // Generate new password $NEW_PASS = generatePassword(); // Update database SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `password`='%s' WHERE `userid`=%s LIMIT 1", array(generateHash($NEW_PASS), getUserData('userid')), __FUNCTION__, __LINE__); // Prepare data and message for email $message = loadEmailTemplate('guest_new_password', array( 'new_pass' => $NEW_PASS, 'nickname' => $userid ), bigintval(getUserData('userid'))); // ... and send it away sendEmail(bigintval(getUserData('userid')), '{--GUEST_NEW_PASSWORD--}', $message); // Output note to user displayMessage('{--GUEST_NEW_PASSWORD_SEND--}'); } else { // Account is locked or unconfirmed $errorCode = generateErrorCodeFromUserStatus(getUserData('status')); // Load URL redirectToUrl('modules.php?module=index&what=login&login=' . $errorCode); } } else { // id or email is wrong displayMessage('{--GUEST_WRONG_ID_EMAIL--}'); } // Return the error code //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'email=' . $email . ',userid=' . $userid . ',errorCode=' . $errorCode . ' - EXIT!'); return $errorCode; } // Get timestamp for given stats type and data function getEpocheTimeFromUserStats ($statsType, $statsData, $userid = NULL) { // Default timestamp is zero $data['inserted'] = '0'; // User id set? if ((isMemberIdSet()) && ($userid == '0')) { $userid = getMemberId(); } // END - if // Is the extension installed and updated? if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) { // Return zero here return $data['inserted']; } // END - if // Try to find the entry $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`inserted`) AS inserted FROM `{?_MYSQL_PREFIX?}_user_stats_data` WHERE `userid`=%s AND `stats_type`='%s' AND `stats_data`='%s' LIMIT 1", array( bigintval($userid), $statsType, $statsData ), __FUNCTION__, __LINE__); // Is the entry there? if (SQL_NUMROWS($result) == 1) { // Get this stamp $data = SQL_FETCHARRAY($result); } // END - if // Free result SQL_FREERESULT($result); // Return stamp return $data['inserted']; } // Inserts user stats function insertUserStatsRecord ($userid, $statsType, $statsData) { // Is the extension installed and updated? if ((!isExtensionActive('sql_patches')) || (isExtensionInstalledAndOlder('sql_patches', '0.5.6'))) { // Return zero here return false; } // END - if // Does it exist? if ((!getEpocheTimeFromUserStats($statsType, $statsData, $userid)) && (!is_array($statsData))) { // Then insert it! SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_stats_data` (`userid`,`stats_type`,`stats_data`) VALUES (%s,'%s','%s')", array( bigintval($userid), $statsType, $statsData ), __FUNCTION__, __LINE__); } elseif (is_array($statsData)) { // Invalid data! logDebugMessage(__FUNCTION__, __LINE__, 'userid=' . $userid . ',type=' . $statsType . ',data=' . gettype($statsData) . ': Invalid statistics data type!'); } } // Confirms a user account function doConfirmUserAccount ($hash) { // Init content $content = array( 'message' => '{--GUEST_CONFIRMED_FAILED--}', 'userid' => 0, ); // Initialize the user id $userid = NULL; // Search for an unconfirmed or confirmed account $result = SQL_QUERY_ESC("SELECT `userid`,`refid` FROM `{?_MYSQL_PREFIX?}_user_data` WHERE `user_hash`='%s' AND (`status`='UNCONFIRMED' OR `status`='CONFIRMED') LIMIT 1", array($hash), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Ok, he want's to confirm now so we load some data list($userid, $refid) = SQL_FETCHROW($result); // Fetch user data if (!fetchUserData($userid)) { // Not found, should not happen debug_report_bug(__FILE__, __LINE__, 'User account ' . $userid . ' not found.'); } // END - if // Load all data and add points $content = getUserDataArray(); // Unlock his account (but only when it is on UNCONFIRMED!) SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `status`='CONFIRMED', `user_hash`=NULL WHERE `user_hash`='%s' AND `status`='UNCONFIRMED' LIMIT 1", array($hash), __FILE__, __LINE__); // Was it updated? if (!SQL_HASZEROAFFECTED()) { // Send email if updated $message = loadEmailTemplate('guest_user_confirmed', $content, bigintval($userid)); // And send him right away the confirmation mail sendEmail($userid, '{--GUEST_THANX_CONFIRM--}', $message); // Maybe he got "referaled"? if ((isValidUserId($refid)) && ($refid != $userid)) { // Select the referal userid if (fetchUserData($refid)) { // Update ref counter... updateReferalCounter($refid); // If version matches add ref bonus to refid's account if ((isExtensionInstalledAndNewer('bonus', '0.4.4')) && (isBonusRallyeActive())) { // Add points (directly only!) SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `bonus_ref`=`bonus_ref`+{?bonus_ref?} WHERE `userid`=%s LIMIT 1", array(bigintval($refid)), __FILE__, __LINE__); // Subtract points from system handleBonusPoints(getConfig('bonus_ref')); } // END - if // Add one-time referal bonus over referal system or directly initReferalSystem(); addPointsThroughReferalSystem('referal_bonus', $refid, getPointsRef(), bigintval($userid)); } // END - if } // END - if if (isExtensionActive('rallye')) { // Add user to rallye (or not?) addUserToReferalRallye(bigintval($userid)); } // END - if // Account confirmed! if (isExtensionActive('lead')) { // Set special lead cookie setSession('lead_userid', bigintval($userid)); // Lead-Code mode enabled redirectToUrl('lead-confirm.php'); } else { $content['message'] = '{--GUEST_CONFIRMED_DONE--}'; $content['userid'] = bigintval($userid); } } elseif (isExtensionActive('lead')) { // Set special lead cookie setSession('lead_userid', bigintval($userid)); // Lead-Code mode enabled redirectToUrl('lead-confirm.php'); } else { // Nobody was found unter this hash key... or our new member want's to confirm twice? $content['message'] = '{--GUEST_CONFIRMED_TWICE--}'; } } else { // Nobody was found unter this hash key... or our new member want's to confirm twice? $content['message'] = '{--GUEST_CONFIRMED_TWICE--}'; } // Load template displayMessage($content['message']); } // Does resend the user's confirmation link for given email address function doResendUserConfirmationLink ($email) { // Email address not registered is default message $message = '{--EMAIL_404--}'; // Confirmation link requested if (fetchUserData($email, 'email')) { // Email address found $content = getUserDataArray(); // Is the account unconfirmed? if ($content['status'] == 'UNCONFIRMED') { // Load email template $message = loadEmailTemplate('guest_request_confirm', array(), $content['userid']); // Send email sendEmail($content['userid'], '{--GUEST_REQUEST_CONFIRM_LINK_SUBJECT--}', $message); } // END - if // Create message based on the status $message = getConfirmationMessageFromUserStatus($content['status']); } // END - if // Output message displayMessage($message); } // Get a message (somewhat translation) from user status for confirmation link. // This is different to translateUserStatus() in text messages. function getConfirmationMessageFromUserStatus ($status) { // Default is 'UNKNOWN' $message = '{%message,GUEST_LOGIN_ID_UNKNOWN_STATUS=' . $status . '%}'; // Which status is it? switch ($status) { case 'UNCONFIRMED': // Account is unconfirmed // And set message $message = '{--GUEST_CONFIRM_LINK_SENT--}'; break; case 'CONFIRMED': // Account already confirmed $message = '{--GUEST_LOGIN_ID_CONFIRMED--}'; break; case 'LOCKED': // Account is locked $message = '{--GUEST_LOGIN_ID_LOCKED--}'; break; default: // This should not happen debug_report_bug(__FUNCTION__, __LINE__, 'Unknown user status ' . $status . ' detected.'); break; } // END - switch // Return message return $message; } // Expression call-back function for fetching user data function doExpressionUser ($data) { // Use current userid by default $functionName = 'getMemberId()'; // User-related data, so is there a userid? if (!empty($data['matches'][4][$data['key']])) { // Do we have a userid or $userid? if (substr($data['matches'][4][$data['key']], 0, 1) == '$') { // Use dynamic call $functionName = "getFetchedUserData('userid', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')"; } elseif (!empty($data['matches'][4][$data['key']])) { // Do we have a number or a dollar sign in front of it? if (preg_replace('/[^0123456789]/', '', $data['matches'][4][$data['key']]) != $data['matches'][4][$data['key']]) { // Possible database column, so get it again $data['matches'][4][$data['key']] = "getFetchedUserData('userid', getMemberId(), '" . $data['matches'][4][$data['key']] . "')"; } // END - if // Fix all together $functionName = "getFetchedUserData('userid', " . $data['matches'][4][$data['key']] . ", '" . $data['callback'] . "')"; } } elseif ((!empty($data['callback'])) && (isUserDataValid())) { // "Call-back" alias column for current logged in user's data $functionName = "getUserData('" . $data['callback'] . "')"; } // Do we have another function to run (e.g. translations) if (!empty($data['extra_func'])) { // Surround the original function call with it $functionName = $data['extra_func'] . '(' . $functionName . ')'; } // END - if //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'functionName=' . $functionName); // Generate replacer $replacer = '{DQUOTE} . ' . $functionName . ' . {DQUOTE}'; // Now replace the code $code = replaceExpressionCode($data, $replacer); // Return replaced code return $code; } // Template call-back function for list_user admin function function doTemplateAdminListUserTitle ($template, $clear = false) { // Init title with "all accounts" $code = '{--ADMIN_LIST_ALL_ACCOUNTS--}'; // Do we have a 'status' or 'mode' set? if (isGetRequestParameterSet('status')) { // Set title according to the 'status' $code = sprintf("{--ADMIN_LIST_STATUS_%s_ACCOUNTS--}", strtoupper(getRequestParameter('status'))); } elseif (isGetRequestParameterSet('mode')) { // Set title according to the "mode" $code = sprintf("{--ADMIN_LIST_MODE_%s_ACCOUNTS--}", strtoupper(getRequestParameter('mode'))); } // Return the code return $code; } // [EOF] ?>