<?php
define ( 'USERCP_PHP', 1 );
require_once 'includes/commons.inc.php';
require_once 'includes/index.class.php';
$tpl_usercp = new Template ( TPL_DIR . 'tpl_usercp.php' );
$tpl_error = new Template ( TPL_DIR . 'tpl_error.php' );
$inf = array
(
'name' => $UPL['USER']['name'],
'email' => $UPL['USER']['email'],
'level' => $UPL['USER']['level'] == LEVEL_ADMIN ? 'Admin' : ( $UPL['USER']['level'] == LEVEL_MODERATOR ? 'Moderator' : 'Normal' ),
'reg_date' => date ( $UPL['CONFIGS']['TIME_FORMAT'], $UPL['USER']['reg_date'] ),
'bw_last_reset' => round ( ( time ( ) - $UPL['USER']['bw_last_reset'] ) / 86400, 1 ),
'bw_reset_period' => $UPL['USER']['bw_reset_period'],
'bw_auto_reset' => $UPL['USER']['bw_auto_reset'],
'bw_max' => get_size ( $UPL['USER']['bw_max'], 'MB' ),
'max_storage' => get_size ( $UPL['USER']['fl_max_storage'], 'MB' ),
'pbrowse' => $UPL['USER']['prf_public_browse'],
'pemail' => $UPL['USER']['prf_public_email'],
'pmessage' => $UPL['USER']['prf_private_msg'],
);
$tpl_usercp->set ( 'user', $inf);
$tpl_usercp->set ( 'action', $action );
$tpl_usercp->setr ( 'messages', $UPL['USER']['messages'] );
$messages =& $UPL['USER']['messages'];
$messages_count = count ( $messages );
$new_messages_count = 0;
while ( list ( , $msg ) = each ( $messages ) )
{
$new_messages_count += $msg['read'] ? 0 : 1;
}
$tpl_usercp->set ( 'new_messages_count', $new_messages_count );
$tpl_uploader->set ( 'page_title', $lang_titles['ucp_title1'] );
// what to do?
if ( $action == 'editprofile' )
{
if ( $task == 'save' )
{
if ( $demo ) exit ( 'Demo only!' );
$current_password = gpc ( 'current_password', 'P' );
$new_password = gpc ( 'new_password', 'P' );
$new_password_conf = gpc ( 'new_password_confirm', 'P' );
$email = trim ( gpc ( 'email', 'P' ) );
$error = 'none';
$user = new User;
if ( !$user->open ( $UPL['USER']['id'] ) )
{
exit ( 'Could not open user data file.' );
}
if ( $current_password == '' )
{
$error = $lang_usercp['ucp_no_pass'];
}
elseif ( md5 ( $current_password ) != $UPL['USER']['password'] )
{
$error = $lang_usercp['ucp_incorrect_pass'];
}
else
{
// new password?
if ( ( $new_password != '' ) )
{
if ( $new_password != $new_password_conf )
{
$error = $lang_usercp['ucp_pass_no_match'];
}
else
{
$user->set ( 'password', md5 ( $new_password ) );
$user->save ( );
}
}
// new email?
if ( $email != '' && strcasecmp ( $email, $UPL['USER']['email'] ) != 0 )
{
if ( !preg_match ( "#([a-z0-9_]+)\@([a-z0-9\-])#i", $email ) )
{
$error = $lang_usercp['ucp_bad_email'];
}
else
{
// create email change code
$change_code = get_rand ( 50 );
$user->set ( 'xtr_new_email_addr', $email );
$user->set ( 'xtr_change_email_code', md5 ( $change_code ) );
$user->save ( );
$email_templates = new DB;
if ( !$email_templates->open ( EMAIL_TEMPLATES ) ) { exit ( 'Unable to open email templates' ); }
$message = parse ( $email_templates->get ( 'email_header' ), '{username}', $user->get ( 'name' ) );
$message .= parse ( $email_templates->get ( 'change_email' ), array ( '{ip}' => $_SERVER['REMOTE_ADDR'], '{reset_url}' => $UPL['SETTINGS']['uploader_url'] . 'account.php?action=confirm_email_change&userid=' . $UPL['USER']['id'] . '&code=' . $change_code ) );
$message .= $email_templates->get ( 'email_footer' );
send_email ( $UPL['USER']['email'], $lang_usercp['ucp_email_subject'], $message, 'From: Glovault Admin <' . $UPL['SETTINGS']['email'] . '>' );
}
}
}
if ( $error == 'none' )
{
// show result
$tpl_message->set ( 'message', $lang_usercp['ucp_saved'] );
$tpl_message->set ( 'back_url', 'usercp.php' );
$tpl_uploader->setr ( 'content', $tpl_message );
$tpl_uploader->display ( );
}
else
{
// show form with error
$tpl_error->set ( 'error', $error );
$tpl_usercp->setr ( 'error', $tpl_error );
$tpl_uploader->setr ( 'content', $tpl_usercp );
$tpl_uploader->set ( 'page_title', $lang_misc['error'] );
$tpl_uploader->display ( );
}
}
else
{
// show form
$tpl_uploader->set ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
}
elseif ( $action == 'editoptions' )
{
if ( $task == 'save' )
{
// load user data
$user = new User;
if ( !$user->open ( $UPL['USER']['id'] ) ) { exit ( 'Could not open user data file.' ); }
// get preferences from user
//$pbrowse = gpc ( 'pbrowse', 'P', 0 );
$pemail = gpc ( 'pemail', 'P', 0 );
$pmessage= gpc ( 'pmessage', 'P', 0 );
// save preferences
//$user->set ( 'prf_public_browse', $pbrowse );
$user->set ( 'prf_public_email', $pemail );
$user->set ( 'prf_private_msg', $pmessage );
$user->save ( );
// back to preferences
header ( 'Location: ' . $_SERVER['HTTP_REFERER'] );
}
else
{
// show form
$tpl_uploader->set ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
}
elseif ( $action == 'pm' )
{
// load PM
$messages =& $UPL['USER']['messages'];
krsort ( $messages );
$msg = array ( );
reset ( $messages );
while ( list ( $time, $pm ) = each ( $messages ) )
{
// format pm
$pm['pmid'] = $time;
$pm['time'] = date ( $UPL['CONFIGS']['TIME_FORMAT'], $time );
$pm['read_url'] = 'usercp.php?action=readpm&id=' . $time;
$pm['subject'] = htmlentities ( $pm['subject'] );
$pm['send_profile_url'] = 'browse.php?action=info&userid=' . $pm['id'];
$msg [] = $pm;
}
// display them
$tpl_usercp->setr ( 'messages', $msg );
$tpl_uploader->setr ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
elseif ( $action == 'readpm' )
{
$pmid = gpc ( 'id', 'G', 0 );
if ( isset ( $UPL['USER']['messages'][$pmid] ) )
{
// mark message as Read
$user = new User;
if ( $user->open ( $UPL['USER']['id'] ) )
{
$messages =& $UPL['USER']['messages'];
$messages[$pmid]['read'] = 1;
$user->set ( 'messages', $messages );
$user->save ( );
}
$message = $UPL['USER']['messages'][$pmid];
// remove HTML
$message['subject'] = htmlentities ( $message['subject'] );
$message['message'] = htmlentities ( $message['message'] );
// Remove long words
$message['message'] = preg_replace ( '#([^\s\n\<\>]{80,})#ie', 'wordwrap ( \'$1\', 80, "<br />", 1 )', $message['message'] );
// convert newline to <br/>
$message['message'] = nl2br ( $message['message'] );
$message['message'] = str_replace ( "\t", ' ', $message['message'] );
$message['message'] = str_replace ( ' ', ' ', $message['message'] );
$message['message'] = parse_bb ( $message['message'] );
$message['time'] = date ( $UPL['CONFIGS']['TIME_FORMAT'], $pmid );
$message['send_profile_url'] = 'browse.php?action=info&userid=' . $message['id'];
$message['reply_url'] = 'usercp.php?action=sendpm&userid=' . $message['id'] . '&replyto=' . $pmid;
$message['delete_url'] = 'usercp.php?action=pmactions&task=delete&messages[]=' . $pmid;
$tpl_usercp->setr ( 'message', $message );
$tpl_uploader->setr ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
else
{
$tpl_message->set ( 'message', $lang_usercp['ucp_bad_id'] );
$tpl_uploader->set ( array ( 'page_title' => $lang_misc['error'], 'content' => &$tpl_message ) );
$tpl_uploader->display ( );
}
}
elseif ( $action == 'sendpm' )
{
$error = 'none';
// get user inputs
$userid = gpc ( 'userid', 'G', 0 );
$replyto = gpc ( 'replyto', 'G', 0 );
$newpm = gpc ( 'newpm', 'P', array ( 'to' => '', 'subject' => '', 'message' => '' ) );
$newpm['to'] = trim ( $newpm['to'] );
$newpm['subject'] = trim ( $newpm['subject'] );
$newpm['message'] = trim ( $newpm['message'] );
// if userid is submitted in the url, try to look up user's name
if ( $userid > 0 )
{
$user = new User;
if ( $newpm['to'] == '' && $user->open ( $userid ) )
{
$newpm['to'] = $user->get ( 'name' );
}
}
// If replyto is supplied, set the subject to Re: .... and attach previous message
if ( $replyto != 0 )
{
if ( isset ( $UPL['USER']['messages'][$replyto] ) )
{
$message = $UPL['USER']['messages'][$replyto];
$newpm['subject'] = 'Re: ' . htmlentities ( $message['subject'] );
$lines = explode ( "\n", $message['message'] );
$line_count = count ( $lines );
for ( $i = 0; $i < $line_count; $i++ )
{
$lines[$i] = '>> ' . $lines[$i];
}
$message['message'] = implode ( '', $lines );
$newpm['message'] = "\n\n\n" . $message['name'] . ' (' . date ( $UPL['CONFIGS']['TIME_FORMAT'], $replyto ) . "):\n" . htmlentities ( $message['message'] );
}
}
// to template
$tpl_usercp->setr ( 'newpm', $newpm );
if ( $task == 'sendpm' )
{
if ( $newpm['to'] == '' )
{
$error = $lang_usercp['ucp_no_user'];
}
elseif ( $newpm['subject'] == '' )
{
$error = $lang_usercp['ucp_no_subject'];
}
elseif ( strlen ( $newpm['subject'] ) > 100 )
{
$error = $lang_usercp['ucp_long_subject'];
}
elseif ( $newpm['message'] == '' )
{
$error = $lang_usercp['ucp_no_message'];
}
elseif ( strlen ( $newpm['message'] ) > 1000 )
{
$error = $lang_usercp['ucp_long_message'];
}
else
{
// try to access user
$users_idx = new Index;
$users_idx->open ( USERS_INDEX );
$userid = $users_idx->search ( strtolower ( trim ( $newpm['to'] ) ) );
if ( $userid === false )
{
$error = $lang_usercp['ucp_bad_user'];
}
else
{
// try to send
unset ( $user );
$user = new User;
if ( $user->open ( $userid ) )
{
// does receipient want to receive messages?
if ( $user->get ( 'prf_private_msg' ) )
{
// yes, but is inbox full?
$max_messages = $user->get ( 'max_messages' );
if ( $max_messages && count ( $user->get ( 'messages' ) ) >= $max_messages )
{
$err = $lang_usercp['ucp_inbox_full'];
}
else
{
// ok, send it
$msg = $user->get ( 'messages' );
$msg[time()] = array ( 'id' => $UPL['USER']['id'], 'name' => $UPL['USER']['name'], 'subject' => $newpm['subject'], 'message' => $newpm['message'], 'read' => 0 );
$user->set ( 'messages', $msg );
$user->save ( );
}
}
else
{
$error = parse ( $lang_usercp['ucp_message_denied'], '{username}', $newpm['to'] );
}
}
else
{
exit ( 'Unable to open user data for userid ' . $userid );
}
}
}
// any errors?
if ( $error == 'none' )
{
// show result
$tpl_message->set ( array ( 'message' => $lang_usercp['ucp_message_sent'], 'back_url' => 'usercp.php' ) );
$tpl_uploader->setr ( 'content', $tpl_message );
$tpl_uploader->display ( );
}
else
{
// show form with error
$tpl_error->set ( 'error', $error );
$tpl_usercp->setr ( 'error', $tpl_error );
$tpl_uploader->setr ( 'content', $tpl_usercp );
$tpl_uploader->set ( 'page_title', $lang_misc['error'] );
$tpl_uploader->display ( );
}
}
else
{
// show sendPM form
$tpl_usercp->setr ( 'messages', $msg );
$tpl_uploader->setr ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
}
elseif ( $action == 'pmactions' )
{
$selected = gpc ( 'messages', 'PG', array ( ) );
if ( is_array ( $selected ) && count ( $selected ) )
{
$messages =& $UPL['USER']['messages'];
while ( list ( , $pmid ) = each ( $selected ) )
{
if ( !isset ( $messages[$pmid] ) ) continue;
// what action?
switch ( $task )
{
case 'delete': unset ( $messages[$pmid] ); break;
case 'mark_read': $messages[$pmid]['read'] = true; break;
case 'mark_unread': $messages[$pmid]['read'] = false; break;
}
}
// save
$user = new User;
if ( $user->open ( $UPL['USER']['id'] ) )
{
$user->set ( 'messages', $messages );
$user->save ( );
}
}
header ( 'Location: usercp.php?action=pm' );
}
else
{
// display usercp main page
$tpl_uploader->set ( 'content', $tpl_usercp );
$tpl_uploader->display ( );
}
?>