Context Navigation

source: extensions/UserAdvManager/trunk/include/functions.inc.php @ 10957

Last change on this file since 10957 was 10957, checked in by Eric, 13 years ago
Use pwg_db_real_escape_string() instead of addslashes() Database upgrade process simplied (using version_compare() and code refactoring) Bug 2253 fixed - New feature to allow comments on pictures only for specific users (who belong to a group) when "comments for all" is set
Property svn:eol-style set to `LF`
File size: 67.1 KB

Line
1	<?php
2	include_once (UAM_PATH.'include/constants.php');
3	load_language('plugin.lang', UAM_PATH);
4
5
6	/**
7	* Triggered on get_admin_plugin_menu_links
8	*
9	* Plugin's administration menu
10	*/
11	function UAM_admin_menu($menu)
12	{
13	// +-----------------------------------------------------------------------+
14	// \| Getting plugin name \|
15	// +-----------------------------------------------------------------------+
16	$plugin = PluginInfos(UAM_PATH);
17	$name = $plugin['name'];
18
19	array_push($menu,
20	array(
21	'NAME' => $name,
22	'URL' => get_root_url().'admin.php?page=plugin-'.basename(UAM_PATH)
23	)
24	);
25
26	return $menu;
27	}
28
29
30	/**
31	* Triggered on loc_begin_index
32	*
33	* Initiating GhostTracker
34	*/
35	function UAM_GhostTracker()
36	{
37	global $conf, $user;
38
39	$conf_UAM = unserialize($conf['UserAdvManager']);
40
41	// Admins, Guests and Adult_Content users are not tracked for Ghost Tracker or Users Tracker
42	if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18")
43	{
44	if ((isset($conf_UAM[16]) and $conf_UAM[16] == 'true') or (isset($conf_UAM[19]) and $conf_UAM[19] == 'true'))
45	{
46
47	$userid = get_userid($user['username']);
48
49	// Looking for existing entry in last visit table
50	$query = '
51	SELECT *
52	FROM '.USER_LASTVISIT_TABLE.'
53	WHERE user_id = '.$userid.'
54	;';
55
56	$count = pwg_db_num_rows(pwg_query($query));
57
58	if ($count == 0)
59	{
60	// If not, data are inserted in table
61	$query = '
62	INSERT INTO '.USER_LASTVISIT_TABLE.' (user_id, lastvisit, reminder)
63	VALUES ('.$userid.', now(), "false")
64	;';
65	pwg_query($query);
66	}
67	else if ($count > 0)
68	{
69	// If yes, data are updated in table
70	$query = '
71	UPDATE '.USER_LASTVISIT_TABLE.'
72	SET lastvisit = now(), reminder = "false"
73	WHERE user_id = '.$userid.'
74	LIMIT 1
75	;';
76	pwg_query($query);
77	}
78	}
79	}
80	}
81
82
83	/**
84	* Triggered on register_user
85	*
86	* Additional controls on user registration
87	*/
88	function UAM_Adduser($register_user)
89	{
90	global $conf;
91
92	$conf_UAM = unserialize($conf['UserAdvManager']);
93
94	// Exclusion of Adult_Content users
95	if ($register_user['username'] != "16" and $register_user['username'] != "18")
96	{
97	if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
98	{
99	// This is to send an information email and set user to "waiting" group or status until admin validation
100	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
101	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
102	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
103	}
104	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
105	{
106	// This is to set user to "waiting" group or status until admin validation
107	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
108	}
109	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'false'))
110	{
111	// This is to send an information email without validation key
112	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
113	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
114	}
115	// Sending registration confirmation by email
116	elseif ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true' or $conf_UAM[0] == 'false') and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true'))
117	{
118	if (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'true')
119	{
120	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
121	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true);
122	}
123	elseif (is_admin() and isset($conf_UAM[20]) and $conf_UAM[20] == 'false')
124	{
125	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
126	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], false);
127	}
128	elseif (!is_admin())
129	{
130	$passwd = (isset($_POST['password'])) ? $_POST['password'] : '';
131	SendMail2User(1, $register_user['id'], $register_user['username'], $passwd, $register_user['email'], true);
132	}
133	}
134	}
135	}
136
137
138	/**
139	* Triggered on delete_user
140	*
141	* Database cleanup on user deletion
142	*/
143	function UAM_Deluser($user_id)
144	{
145	// Cleanup for ConfirmMail table
146	DeleteConfirmMail($user_id);
147	// Cleanup for LastVisit table
148	DeleteLastVisit($user_id);
149	// Cleanup Redirection settings
150	DeleteRedir($user_id);
151	}
152
153
154	/**
155	* Triggered on register_user_check
156	*
157	* Additional controls on user registration check
158	*/
159	function UAM_RegistrationCheck($errors, $user)
160	{
161	global $conf;
162
163	// Exclusion of Adult_Content users
164	if ($user['username'] != "16" and $user['username'] != "18")
165	{
166	load_language('plugin.lang', UAM_PATH);
167
168	$PasswordCheck = 0;
169
170	$conf_UAM = unserialize($conf['UserAdvManager']);
171
172	// Password enforcement control
173	if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))
174	{
175	if (!empty($user['password']) and !is_admin())
176	{
177	$PasswordCheck = testpassword($user['password']);
178
179	if ($PasswordCheck < $conf_UAM[14])
180	{
181	$message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);
182	$lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14];
183	array_push($errors, $lang['reg_err_pass']);
184	}
185	}
186	else if (!empty($user['password']) and is_admin() and isset($conf_UAM[15]) and $conf_UAM[15] == 'true')
187	{
188	$PasswordCheck = testpassword($user['password']);
189
190	if ($PasswordCheck < $conf_UAM[14])
191	{
192	$message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);
193	$lang['reg_err_pass'] = l10n_args($message).$conf_UAM[14];
194	array_push($errors, $lang['reg_err_pass']);
195	}
196	}
197	}
198
199	// Username without forbidden keys
200	if (isset($conf_UAM[6]) and $conf_UAM[6] == 'true' and !empty($user['username']) and ValidateUsername($user['username']) and !is_admin())
201	{
202	$lang['reg_err_login1'] = l10n('UAM_reg_err_login2')."'".$conf_UAM[7]."'";
203	array_push($errors, $lang['reg_err_login1']);
204	}
205
206	// Email without forbidden domains
207	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($user['email']) and ValidateEmailProvider($user['email']) and !is_admin())
208	{
209	$lang['reg_err_login1'] = l10n('UAM_reg_err_login5')."'".$conf_UAM[12]."'";
210	array_push($errors, $lang['reg_err_login1']);
211	}
212	return $errors;
213	}
214	}
215
216
217	/**
218	* Triggered on loc_begin_profile
219	*/
220	function UAM_Profile_Init()
221	{
222	global $conf, $user, $template;
223
224	$conf_UAM = unserialize($conf['UserAdvManager']);
225
226	if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true'))
227	{
228	$user_idsOK = array();
229	if (!UAM_check_profile($user['id'], $user_idsOK))
230	{
231	$user_idsOK[] = $user['id'];
232
233	$query = "
234	UPDATE ".CONFIG_TABLE."
235	SET value = \"".implode(',', $user_idsOK)."\"
236	WHERE param = 'UserAdvManager_Redir';";
237
238	pwg_query($query);
239	}
240	}
241
242	if (isset($_POST['validate']) and !is_admin())
243	{
244	// Email without forbidden domains
245	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['mail_address']))
246	{
247	if (ValidateEmailProvider($_POST['mail_address']))
248	{
249	$template->append('errors', l10n('UAM_reg_err_login5')."'".$conf_UAM[12]."'");
250	unset($_POST['validate']);
251	}
252	}
253
254	$typemail = 3;
255
256	if (!empty($_POST['use_new_pwd']))
257	{
258	$typemail = 2;
259
260	// Password enforcement control
261	if (isset($conf_UAM[13]) and $conf_UAM[13] == 'true' and !empty($conf_UAM[14]))
262	{
263	$PasswordCheck = testpassword($_POST['use_new_pwd']);
264
265	if ($PasswordCheck < $conf_UAM[14])
266	{
267	$message = get_l10n_args('UAM_reg_err_login4_%s', $PasswordCheck);
268	$template->append('errors', l10n_args($message).$conf_UAM[14]);
269	unset($_POST['use_new_pwd']);
270	unset($_POST['validate']);
271	}
272	}
273	}
274
275	// Sending registration confirmation by email
276	if ((isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'true') or (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
277	{
278	$confirm_mail_need = false;
279
280	if (!empty($_POST['mail_address']))
281	{
282	$query = '
283	SELECT '.$conf['user_fields']['email'].' AS email
284	FROM '.USERS_TABLE.'
285	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
286	;';
287
288	list($current_email) = pwg_db_fetch_row(pwg_query($query));
289
290	// This is to send a new validation key
291	if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'true'))
292
293	$confirm_mail_need = true;
294
295	// This is to set the user to "waiting" group or status until admin validation
296	if ($_POST['mail_address'] != $current_email and (isset($conf_UAM[1]) and $conf_UAM[1] == 'local'))
297
298	setgroup($register_user['id']);// Set to "waiting" group or status until admin validation
299	$confirm_mail_need = false;
300	}
301
302	if ((!empty($_POST['use_new_pwd']) and (isset($conf_UAM[0]) and $conf_UAM[0] == 'true') or $confirm_mail_need))
303	{
304	$query = '
305	SELECT '.$conf['user_fields']['username'].'
306	FROM '.USERS_TABLE.'
307	WHERE '.$conf['user_fields']['id'].' = \''.$user['id'].'\'
308	;';
309
310	list($username) = pwg_db_fetch_row(pwg_query($query));
311	SendMail2User($typemail, $user['id'], $username, $_POST['use_new_pwd'], $_POST['mail_address'], $confirm_mail_need);
312	}
313	}
314	}
315	}
316
317
318	/**
319	* Triggered on login_success
320	*
321	* Triggers scheduled tasks at login
322	* Redirects a visitor (except for admins, webmasters and generic statuses) to his profile.php page (Thx to LucMorizur)
323	*
324	*/
325	function UAM_LoginTasks()
326	{
327	global $conf, $user;
328
329	$conf_UAM = unserialize($conf['UserAdvManager']);
330
331	// Performing GhostTracker scheduled tasks
332	if ((isset($conf_UAM[22]) and $conf_UAM[22] == 'true'))
333	{
334	UAM_GT_ScheduledTasks();
335	}
336
337	// Performing User validation scheduled tasks
338	if ((isset($conf_UAM[31]) and $conf_UAM[31] == 'true'))
339	{
340	UAM_USR_ScheduledTasks();
341	}
342
343	if ((isset($conf_UAM[21]) and $conf_UAM[21] == 'true'))
344	{
345	// Performing redirection
346	$query ='
347	SELECT user_id, status
348	FROM '.USER_INFOS_TABLE.'
349	WHERE user_id = '.$user['id'].'
350	;';
351	$data = pwg_db_fetch_assoc(pwg_query($query));
352
353	if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic")
354	{
355	$user_idsOK = array();
356	if (!UAM_check_profile($user['id'], $user_idsOK))
357	redirect(PHPWG_ROOT_PATH.'profile.php');
358	}
359	}
360	}
361
362
363	/**
364	* Adds a new module settable in PWG_Stuffs - Triggered on get_stuffs_modules in main.inc.php
365	* Useful to inform unvalidated user for their status
366	*
367	*/
368	function register_UAM_stuffs_module($modules)
369	{
370	array_push($modules, array(
371	'path' => UAM_PATH.'/stuffs_module',
372	'name' => l10n('UAM_Stuffs_Title'),
373	'description' => l10n('UAM_Stuffs_Desc'),
374	)
375	);
376	return $modules;
377	}
378
379
380	/**
381	* Triggered on UAM_LoginTasks()
382	*
383	* Executes optional post-login tasks for Ghost users
384	*
385	*/
386	function UAM_GT_ScheduledTasks()
387	{
388	global $conf, $user, $page;
389
390	if (!defined('PHPWG_ROOT_PATH'))
391	{
392	die('Hacking attempt!');
393	}
394
395	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
396
397	$conf_UAM = unserialize($conf['UserAdvManager']);
398
399	$collection = array();
400	$reminder = false;
401
402	$page['filtered_users'] = get_ghosts_autotasks();
403
404	foreach($page['filtered_users'] as $listed_user)
405	{
406	array_push($collection, $listed_user['id']);
407	}
408
409	// Ghost accounts auto group or status downgrade with or without information email sending and autodeletion if user already reminded
410	if ((isset($conf_UAM[22]) and $conf_UAM[22] == 'true') and ((isset($conf_UAM[26]) and $conf_UAM[26] <> -1) or (isset($conf_UAM[27]) and $conf_UAM[27] <> -1)))
411	{
412	if (count($collection) > 0)
413	{
414	// Process if a non-admin nor webmaster user is logged
415	if (in_array($user['id'], $collection))
416	{
417	// Check lastvisit reminder state
418	$query = '
419	SELECT reminder
420	FROM '.USER_LASTVISIT_TABLE.'
421	WHERE user_id = '.$user['id'].';';
422
423	$result = pwg_db_fetch_assoc(pwg_query($query));
424
425	if (isset($result['reminder']) and $result['reminder'] == 'true')
426	{
427	$reminder = true;
428	}
429	else
430	{
431	$reminder = false;
432	}
433
434	// If user already reminded for ghost account
435	if ($reminder)
436	{
437	// delete account
438	delete_user($user['id']);
439
440	// Logged-in user cleanup, session destruction and redirected to custom page
441	invalidate_user_cache();
442	logout_user();
443	redirect(UAM_PATH.'GT_del_account.php');
444	}
445	}
446	else // Process if an admin or webmaster user is logged
447	{
448	foreach ($collection as $user_id)
449	{
450	// Check lastvisit reminder state
451	$query = '
452	SELECT reminder
453	FROM '.USER_LASTVISIT_TABLE.'
454	WHERE user_id = '.$user_id.';';
455
456	$result = pwg_db_fetch_assoc(pwg_query($query));
457
458	if (isset($result['reminder']) and $result['reminder'] == 'true')
459	{
460	$reminder = true;
461	}
462	else
463	{
464	$reminder = false;
465	}
466
467	// If never reminded before
468	if (!$reminder)
469	{
470	// Reset of lastvisit date
471	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
472
473	$query = "
474	UPDATE ".USER_LASTVISIT_TABLE."
475	SET lastvisit='".$dbnow."'
476	WHERE user_id = '".$user_id."'
477	;";
478	pwg_query($query);
479
480	// Auto change group and / or status
481	// Delete user from all groups
482	$query = "
483	DELETE FROM ".USER_GROUP_TABLE."
484	WHERE user_id = '".$user_id."'
485	AND (
486	group_id = '".$conf_UAM[2]."'
487	OR
488	group_id = '".$conf_UAM[3]."'
489	)
490	;";
491	pwg_query($query);
492
493	// Change user status
494	if ($conf_UAM[27] <> -1)
495	{
496	$query = "
497	UPDATE ".USER_INFOS_TABLE."
498	SET status = '".$conf_UAM[27]."'
499	WHERE user_id = '".$user_id."'
500	;";
501	pwg_query($query);
502	}
503
504	// Change user group
505	if ($conf_UAM[26] <> -1)
506	{
507	$query = "
508	INSERT INTO ".USER_GROUP_TABLE."
509	(user_id, group_id)
510	VALUES
511	('".$user_id."', '".$conf_UAM[26]."')
512	;";
513	pwg_query($query);
514	}
515
516	// Auto send email notification on group / status downgrade
517	if (isset($conf_UAM[23]) and $conf_UAM[23] == 'true')
518	{
519	// Set reminder true
520	$query = "
521	UPDATE ".USER_LASTVISIT_TABLE."
522	SET reminder = 'true'
523	WHERE user_id = '".$user_id."'
524	;";
525	pwg_query($query);
526
527	// Reset confirmed user status to unvalidated
528	$query = '
529	UPDATE '.USER_CONFIRM_MAIL_TABLE.'
530	SET date_check = NULL
531	WHERE user_id = "'.$user_id.'"
532	;';
533	pwg_query($query);
534
535	// Get users information for email notification
536	$query = '
537	SELECT id, username, mail_address
538	FROM '.USERS_TABLE.'
539	WHERE id = '.$user_id.'
540	;';
541	$data = pwg_db_fetch_assoc(pwg_query($query));
542
543	demotion_mail($user_id, $data['username'], $data['mail_address']);
544	}
545	}
546	elseif ($reminder) // If user already reminded for ghost account
547	{
548	// delete account
549	delete_user($user_id);
550	}
551	}
552	}
553	}
554	}
555	}
556
557
558	/**
559	* Triggered on UAM_LoginTasks()
560	*
561	* Executes optional post-login tasks for unvalidated users
562	*
563	*/
564	function UAM_USR_ScheduledTasks()
565	{
566	global $conf, $user, $page;
567
568	if (!defined('PHPWG_ROOT_PATH'))
569	{
570	die('Hacking attempt!');
571	}
572
573	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
574
575	$conf_UAM = unserialize($conf['UserAdvManager']);
576
577	$collection = array();
578	$reminder = false;
579
580	$page['filtered_users'] = get_unvalid_user_autotasks();
581
582	foreach($page['filtered_users'] as $listed_user)
583	{
584	array_push($collection, $listed_user['id']);
585	}
586
587	// Unvalidated accounts auto email sending and autodeletion if user already reminded
588	if ((isset($conf_UAM[31]) and $conf_UAM[31] == 'true'))
589	{
590	if (count($collection) > 0)
591	{
592	// Process if a non-admin nor webmaster user is logged
593	if (in_array($user['id'], $collection))
594	{
595	// Check ConfirmMail reminder state
596	$query = '
597	SELECT reminder
598	FROM '.USER_CONFIRM_MAIL_TABLE.'
599	WHERE user_id = '.$user['id'].';';
600
601	$result = pwg_db_fetch_assoc(pwg_query($query));
602
603	if (isset($result['reminder']) and $result['reminder'] == 'true')
604	{
605	$reminder = true;
606	}
607	else
608	{
609	$reminder = false;
610	}
611
612	// If never reminded before, send reminder and set reminder True
613	if (!$reminder and isset($conf_UAM[33]) and $conf_UAM[33] == 'true')
614	{
615	$typemail = 1;
616
617	// Get current user informations
618	$query = "
619	SELECT id, username, mail_address
620	FROM ".USERS_TABLE."
621	WHERE id = '".$user['id']."'
622	;";
623	$data = pwg_db_fetch_assoc(pwg_query($query));
624
625	ResendMail2User($typemail,$user['id'],stripslashes($data['username']),$data['mail_address'],true);
626	}
627
628	// If already reminded before, delete user
629	if ($reminder)
630	{
631	// delete account
632	delete_user($user['id']);
633
634	// Logged-in user cleanup, session destruction and redirected to custom page
635	invalidate_user_cache();
636	logout_user();
637	redirect(UAM_PATH.'USR_del_account.php');
638	}
639	}
640	else // Process if an admin or webmaster user is logged
641	{
642	foreach ($collection as $user_id)
643	{
644	// Check reminder state
645	$query = '
646	SELECT reminder
647	FROM '.USER_CONFIRM_MAIL_TABLE.'
648	WHERE user_id = '.$user_id.';';
649
650	$result = pwg_db_fetch_assoc(pwg_query($query));
651
652	if (isset($result['reminder']) and $result['reminder'] == 'true')
653	{
654	$reminder = true;
655	}
656	else
657	{
658	$reminder = false;
659	}
660
661	// If never reminded before, send reminder and set reminder True
662	if (!$reminder and isset($conf_UAM[33]) and $conf_UAM[33] == 'true')
663	{
664	$typemail = 1;
665
666	// Get current user informations
667	$query = "
668	SELECT id, username, mail_address
669	FROM ".USERS_TABLE."
670	WHERE id = '".$user_id."'
671	;";
672	$data = pwg_db_fetch_assoc(pwg_query($query));
673
674	ResendMail2User($typemail,$user_id,stripslashes($data['username']),$data['mail_address'],true);
675	}
676	elseif ($reminder) // If user already reminded for account validation
677	{
678	// delete account
679	delete_user($user_id);
680	}
681	}
682	}
683	}
684	}
685	}
686
687
688	/**
689	* Triggered on init
690	*
691	* Check for forbidden email domains in admin's users management panel
692	*/
693	function UAM_InitPage()
694	{
695	load_language('plugin.lang', UAM_PATH);
696	global $conf, $template, $page, $lang, $errors;
697
698	$conf_UAM = unserialize($conf['UserAdvManager']);
699
700	// Admin user management
701	if (script_basename() == 'admin' and isset($_GET['page']) and $_GET['page'] == 'user_list')
702	{
703	if (isset($_POST['submit_add']))
704	{
705	// Email without forbidden domains
706	if (isset($conf_UAM[11]) and $conf_UAM[11] == 'true' and !empty($_POST['email']) and ValidateEmailProvider($_POST['email']))
707	{
708	$template->append('errors', l10n('UAM_reg_err_login5')."'".$conf_UAM[12]."'");
709	unset($_POST['submit_add']);
710	}
711	}
712	}
713	}
714
715
716	/**
717	* Triggered on render_lost_password_mail_content
718	*
719	* Adds a customized text in lost password email content
720	* Added text is inserted before users login name and new password
721	*
722	* @param : Standard Piwigo email content
723	*
724	* @return : Customized content added to standard content
725	*
726	*/
727	function UAM_lost_password_mail_content($infos)
728	{
729	global $conf;
730
731	load_language('plugin.lang', UAM_PATH);
732
733	$conf_UAM = unserialize($conf['UserAdvManager']);
734
735	if (isset($conf_UAM[29]) and $conf_UAM[29] == 'true')
736	{
737	// Management of Extension flags ([mygallery], [myurl])
738	//$patterns[] = '#\[username\]#i';
739	//$replacements[] = stripslashes($row['username']);
740	$patterns[] = '#\[mygallery\]#i';
741	$replacements[] = $conf['gallery_title'];
742	$patterns[] = '#\[myurl\]#i';
743	$replacements[] = $conf['gallery_url'];
744
745	$infos = preg_replace($patterns, $replacements, $conf_UAM[30])."\n"."\n".$infos;
746	}
747	return $infos;
748	}
749
750
751	/**
752	* Triggered on user_comment_check
753	*
754	* checks if author is mandatory and set on comments post when comments for all is set
755	*
756	* cheks if author is in an allowed group to post comment when comments for all is not set
757	*
758	* @param : comment action, comment
759	*
760	* @return : comment action
761	*
762	*/
763	function UAM_CheckEmptyCommentAuthor($comment_action, $comm)
764	{
765	load_language('plugin.lang', UAM_PATH);
766	global $infos, $conf, $user;
767
768	$conf_UAM = unserialize($conf['UserAdvManager']);
769
770	// Does not allow empty author name on comments for all
771	if (isset($conf_UAM[5]) and $conf_UAM[5] == 'true' and $comm['author'] == 'guest' and $conf['comments_forall'])
772	{
773	$comment_action = 'reject';
774
775	array_push($infos, l10n('UAM_Empty Author'));
776	}
777
778
779	// Do not allow comments if user is not in an allowed group
780	if (isset($conf_UAM[36]) and $conf_UAM[36] == 'true' and !$conf['comments_forall'])
781	{
782	if (!UAM_CheckAuthor($comm['author']))
783	{
784	$comment_action = 'reject';
785
786	array_push($infos, l10n('UAM_Not_Allowed_Author'));
787	}
788	}
789
790	return $comment_action;
791	}
792
793
794	/**
795	* Function called from main.inc.php to send validation email
796	*
797	* @param : Type of email, user id, username, email address, confirmation (optional)
798	*
799	*/
800	function SendMail2User($typemail, $id, $username, $password, $email, $confirm)
801	{
802	global $conf;
803
804	$conf_UAM = unserialize($conf['UserAdvManager']);
805
806	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
807
808	$infos1_perso = "";
809	$infos2_perso = "";
810
811	// We have to get the user's language in database
812	$query ='
813	SELECT user_id, language
814	FROM '.USER_INFOS_TABLE.'
815	WHERE user_id = '.$id.'
816	;';
817	$data = pwg_db_fetch_assoc(pwg_query($query));
818
819	// Check if user is already registered (profile changing) - If not (new registration), language is set to current gallery language
820	if (empty($data))
821	{
822	// And switch gallery to this language before using personalized and multilangual contents
823	$language = pwg_get_session_var( 'lang_switch', $user['language'] );
824	switch_lang_to($language);
825	}
826	else
827	{
828	// And switch gallery to this language before using personalized and multilangual contents
829	$language = $data['language']; // Usefull for debugging
830	switch_lang_to($data['language']);
831	load_language('plugin.lang', UAM_PATH);
832	}
833
834	switch($typemail)
835	{
836	case 1:
837	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Add of %s', stripslashes($username)));
838	$password = $password <> '' ? $password : l10n('UAM_empty_pwd');
839
840	if (isset($conf_UAM[9]) and $conf_UAM[9] <> '')
841	{
842	// Management of Extension flags ([username], [mygallery], [myurl])
843	$patterns[] = '#\[username\]#i';
844	$replacements[] = $username;
845	$patterns[] = '#\[mygallery\]#i';
846	$replacements[] = $conf['gallery_title'];
847	$patterns[] = '#\[myurl\]#i';
848	$replacements[] = $conf['gallery_url'];
849
850	if (function_exists('get_user_language_desc'))
851	{
852	$infos1_perso = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM[9]))."\n\n";
853	}
854	else $infos1_perso = l10n(preg_replace($patterns, $replacements, $conf_UAM[9]))."\n\n";
855	}
856
857	break;
858
859	case 2:
860	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Update of %s', stripslashes($username)));
861	$password = $password <> '' ? $password : l10n('UAM_empty_pwd');
862
863	break;
864
865	case 3:
866	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Update of %s', stripslashes($username)));
867	$password = $password <> '' ? $password : l10n('UAM_no_update_pwd');
868
869	break;
870	}
871
872	if (isset($conf_UAM[0]) and $conf_UAM[0] == 'true')
873	{
874	if (isset($conf_UAM[35]) and $conf_UAM[35] == 'true') // Allow display of clear password in email
875	{
876	$infos1 = array(
877	get_l10n_args('UAM_infos_mail %s', stripslashes($username)),
878	get_l10n_args('UAM_User: %s', stripslashes($username)),
879	get_l10n_args('UAM_Password: %s', $password),
880	get_l10n_args('Email: %s', $email),
881	get_l10n_args('', ''),
882	);
883	}
884	else // Do not allow display of clear password in email
885	{
886	$infos1 = array(
887	get_l10n_args('UAM_infos_mail %s', stripslashes($username)),
888	get_l10n_args('UAM_User: %s', stripslashes($username)),
889	get_l10n_args('Email: %s', $email),
890	get_l10n_args('', ''),
891	);
892	}
893	}
894
895	if ( isset($conf_UAM[1]) and $conf_UAM[1] == 'true' and $confirm)
896	{
897	$infos2 = array
898	(
899	get_l10n_args('UAM_Link: %s', AddConfirmMail($id, $email)),
900	get_l10n_args('', ''),
901	);
902
903	if (isset($conf_UAM[10]) and $conf_UAM[10] <> '')
904	{
905	// Management of Extension flags ([username], [mygallery], [myurl])
906	$patterns[] = '#\[username\]#i';
907	$replacements[] = $username;
908	$patterns[] = '#\[mygallery\]#i';
909	$replacements[] = $conf['gallery_title'];
910	$patterns[] = '#\[myurl\]#i';
911	$replacements[] = $conf['gallery_url'];
912
913	if (function_exists('get_user_language_desc'))
914	{
915	$infos2_perso = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM[10]))."\n\n";
916	}
917	else $infos2_perso = l10n(preg_replace($patterns, $replacements, $conf_UAM[10]))."\n\n";
918	}
919	}
920
921	// ********************************************************
922	// ** Pending code since to find how to make it work **
923	// ********************************************************
924	// Testing if FCK Editor is used. Then decoding htmlchars to avoid problems with pwg_mail()
925	/*$areas = array();
926	array_push( $areas,'UAM_MailInfo_Text','UAM_ConfirmMail_Text');
927
928	if (function_exists('set_fckeditor_instance'))
929	{
930	$fcke_config = unserialize($conf['FCKEditor']);
931	foreach($areas as $area)
932	{
933	if (isset($fcke_config['UAM_MailInfo_Text']) and $fcke_config['UAM_MailInfo_Text'] = true)
934	{
935	$infos1_perso = html_entity_decode($infos1_perso,ENT_QUOTES,UTF-8);
936	}
937
938	if (isset($fcke_config['UAM_ConfirmMail_Text']) and $fcke_config['UAM_ConfirmMail_Text'] = true)
939	{
940	$infos2_perso = html_entity_decode($infos2_perso,ENT_QUOTES,UTF-8);
941	}
942	}
943	}*/
944
945
946	// Sending the email with subject and contents
947	pwg_mail($email, array(
948	'subject' => $subject,
949	'content' => (isset($infos1) ? $infos1_perso.l10n_args($infos1)."\n\n" : "").(isset($infos2) ? $infos2_perso.l10n_args($infos2)."\n\n" : "").get_absolute_root_url(),
950	));
951
952	// Switching back to default language
953	switch_lang_back();
954	}
955
956
957	/**
958	* Function called from UAM_admin.php to resend validation email with or without new validation key
959	*
960	* @param : Type of email, user id, username, email address, confirmation (optional)
961	*
962	*/
963	function ResendMail2User($typemail, $user_id, $username, $email, $confirm)
964	{
965	global $conf;
966
967	$conf_UAM = unserialize($conf['UserAdvManager']);
968
969	$conf_UAM_ConfirmMail = unserialize($conf['UserAdvManager_ConfirmMail']);
970
971	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
972
973	// We have to get the user's language in database
974	$query ='
975	SELECT user_id, language
976	FROM '.USER_INFOS_TABLE.'
977	WHERE user_id = '.$user_id.'
978	;';
979	$data = pwg_db_fetch_assoc(pwg_query($query));
980	$language = $data['language'];
981
982	// And switch gallery to this language before using personalized and multilangual contents
983	switch_lang_to($data['language']);
984
985	load_language('plugin.lang', UAM_PATH);
986
987	switch($typemail)
988	{
989	case 1:
990	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Reminder_with_key_of_%s', $username));
991
992	if (isset($conf_UAM_ConfirmMail[2]) and $conf_UAM_ConfirmMail[2] <> '' and isset($conf_UAM_ConfirmMail[3]) and $conf_UAM_ConfirmMail[3] == 'true' and $confirm)
993	{
994	// Management of Extension flags ([username], [mygallery], [myurl])
995	$patterns[] = '#\[username\]#i';
996	$replacements[] = $username;
997	$patterns[] = '#\[mygallery\]#i';
998	$replacements[] = $conf['gallery_title'];
999	$patterns[] = '#\[myurl\]#i';
1000	$replacements[] = $conf['gallery_url'];
1001
1002	if (function_exists('get_user_language_desc'))
1003	{
1004	$infos1 = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail[2]))."\n\n";
1005	}
1006	else $infos1 = l10n(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail[2]))."\n\n";
1007
1008	$infos2 = array
1009	(
1010	get_l10n_args('UAM_Link: %s', ResetConfirmMail($user_id)),
1011	get_l10n_args('', ''),
1012	);
1013	}
1014
1015	// Set reminder true
1016	$query = "
1017	UPDATE ".USER_CONFIRM_MAIL_TABLE."
1018	SET reminder = 'true'
1019	WHERE user_id = '".$user_id."'
1020	;";
1021	pwg_query($query);
1022
1023	break;
1024
1025	case 2:
1026	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Reminder_without_key_of_%s',$username));
1027
1028	if (isset($conf_UAM_ConfirmMail[4]) and $conf_UAM_ConfirmMail[4] <> '' and isset($conf_UAM_ConfirmMail[3]) and $conf_UAM_ConfirmMail[3] == 'true' and !$confirm)
1029	{
1030	// Management of Extension flags ([username], [mygallery], [myurl])
1031	$patterns[] = '#\[username\]#i';
1032	$replacements[] = $username;
1033	$patterns[] = '#\[mygallery\]#i';
1034	$replacements[] = $conf['gallery_title'];
1035	$patterns[] = '#\[myurl\]#i';
1036	$replacements[] = $conf['gallery_url'];
1037
1038	if (function_exists('get_user_language_desc'))
1039	{
1040	$infos1 = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail[4]))."\n\n";
1041	}
1042	else $infos1 = l10n(preg_replace($patterns, $replacements, $conf_UAM_ConfirmMail[4]))."\n\n";
1043	}
1044
1045	// Set reminder true
1046	$query = "
1047	UPDATE ".USER_CONFIRM_MAIL_TABLE."
1048	SET reminder = 'true'
1049	WHERE user_id = '".$user_id."'
1050	;";
1051	pwg_query($query);
1052
1053	break;
1054	}
1055
1056	pwg_mail($email, array(
1057	'subject' => $subject,
1058	'content' => ($infos1."\n\n").(isset($infos2) ? l10n_args($infos2)."\n\n" : "").get_absolute_root_url(),
1059	));
1060
1061	// Switching back to default language
1062	switch_lang_back();
1063	}
1064
1065
1066	/**
1067	* Function called from UAM_admin.php to send a reminder mail for ghost users
1068	*
1069	* @param : User id, username, email address
1070	*
1071	*/
1072	function ghostreminder($user_id, $username, $email)
1073	{
1074	global $conf;
1075
1076	$conf_UAM = unserialize($conf['UserAdvManager']);
1077
1078	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
1079
1080	$infos1_perso = "";
1081
1082	// We have to get the user's language in database
1083	$query ='
1084	SELECT user_id, language
1085	FROM '.USER_INFOS_TABLE.'
1086	WHERE user_id = '.$user_id.'
1087	;';
1088	$data = pwg_db_fetch_assoc(pwg_query($query));
1089	$language = $data['language'];
1090
1091	// And switch gallery to this language before using personalized and multilangual contents
1092	switch_lang_to($data['language']);
1093
1094	load_language('plugin.lang', UAM_PATH);
1095
1096	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Ghost_reminder_of_%s', $username));
1097
1098	if (isset($conf_UAM[18]) and $conf_UAM[18] <> '' and isset($conf_UAM[16]) and $conf_UAM[16] == 'true')
1099	{
1100	// Management of Extension flags ([username], [mygallery], [myurl])
1101	$patterns[] = '#\[username\]#i';
1102	$replacements[] = $username;
1103	$patterns[] = '#\[mygallery\]#i';
1104	$replacements[] = $conf['gallery_title'];
1105	$patterns[] = '#\[myurl\]#i';
1106	$replacements[] = $conf['gallery_url'];
1107
1108	if (function_exists('get_user_language_desc'))
1109	{
1110	$infos1 = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM[18]))."\n\n";
1111	}
1112	else
1113	{
1114	$infos1 = l10n(preg_replace($patterns, $replacements, $conf_UAM[18]))."\n\n";
1115	}
1116
1117	resetlastvisit($user_id);
1118	}
1119
1120	pwg_mail($email, array(
1121	'subject' => $subject,
1122	'content' => $infos1.get_absolute_root_url(),
1123	));
1124
1125	// Switching back to default language
1126	switch_lang_back();
1127	}
1128
1129
1130	/**
1131	* Function called from functions.inc.php to send notification email when user have been downgraded
1132	*
1133	* @param : user id, username, email address
1134	*
1135	*/
1136	function demotion_mail($id, $username, $email)
1137	{
1138	global $conf;
1139
1140	$conf_UAM = unserialize($conf['UserAdvManager']);
1141
1142	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
1143
1144	$custom_txt = "";
1145
1146	// We have to get the user's language in database
1147	$query ='
1148	SELECT user_id, language
1149	FROM '.USER_INFOS_TABLE.'
1150	WHERE user_id = '.$id.'
1151	;';
1152	$data = pwg_db_fetch_assoc(pwg_query($query));
1153
1154	// Check if user is already registered (profile changing) - If not (new registration), language is set to current gallery language
1155	if (empty($data))
1156	{
1157	// And switch gallery to this language before using personalized and multilangual contents
1158	$language = pwg_get_session_var( 'lang_switch', $user['language'] );
1159	switch_lang_to($language);
1160	}
1161	else
1162	{
1163	// And switch gallery to this language before using personalized and multilangual contents
1164	$language = $data['language']; // Usefull for debugging
1165	switch_lang_to($data['language']);
1166	load_language('plugin.lang', UAM_PATH);
1167	}
1168
1169	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Demotion of %s', stripslashes($username)));
1170
1171	if (isset($conf_UAM[25]) and $conf_UAM[25] <> '')
1172	{
1173	// Management of Extension flags ([username], [mygallery], [myurl])
1174	$patterns[] = '#\[username\]#i';
1175	$replacements[] = stripslashes($username);
1176	$patterns[] = '#\[mygallery\]#i';
1177	$replacements[] = $conf['gallery_title'];
1178	$patterns[] = '#\[myurl\]#i';
1179	$replacements[] = $conf['gallery_url'];
1180
1181	if (function_exists('get_user_language_desc'))
1182	{
1183	$custom_txt = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM[25]))."\n\n";
1184	}
1185	else $custom_txt = l10n(preg_replace($patterns, $replacements, $conf_UAM[25]))."\n\n";
1186	}
1187
1188	$infos1 = array(
1189	get_l10n_args('UAM_User: %s', stripslashes($username)),
1190	get_l10n_args('Email: %s', $email),
1191	get_l10n_args('', ''),
1192	);
1193
1194	$infos2 = array
1195	(
1196	get_l10n_args('UAM_Link: %s', ResetConfirmMail($id)),
1197	get_l10n_args('', ''),
1198	);
1199
1200	resetlastvisit($id);
1201
1202	// Sending the email with subject and contents
1203	pwg_mail($email, array(
1204	'subject' => $subject,
1205	'content' => ($custom_txt.l10n_args($infos1)."\n\n".l10n_args($infos2)."\n\n").get_absolute_root_url(),
1206	));
1207
1208	// Switching back to default language
1209	switch_lang_back();
1210	}
1211
1212
1213	/**
1214	* Function called from UAM_admin.php to send notification email when user registration have been manually validated by admin
1215	*
1216	* @param : user id
1217	*
1218	*/
1219	function validation_mail($id)
1220	{
1221	global $conf;
1222
1223	$conf_UAM = unserialize($conf['UserAdvManager']);
1224
1225	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
1226
1227	$custom_txt = "";
1228
1229	// We have to get the user's language in database
1230	$query ='
1231	SELECT user_id, language
1232	FROM '.USER_INFOS_TABLE.'
1233	WHERE user_id = '.$id.'
1234	;';
1235	$data = pwg_db_fetch_assoc(pwg_query($query));
1236
1237	// Check if user is already registered (profile changing) - If not (new registration), language is set to current gallery language
1238	if (empty($data))
1239	{
1240	// And switch gallery to this language before using personalized and multilangual contents
1241	$language = pwg_get_session_var( 'lang_switch', $user['language'] );
1242	switch_lang_to($language);
1243	}
1244	else
1245	{
1246	// And switch gallery to this language before using personalized and multilangual contents
1247	$language = $data['language']; // Usefull for debugging
1248	switch_lang_to($data['language']);
1249	load_language('plugin.lang', UAM_PATH);
1250	}
1251
1252	// Retreive users email and user name from id
1253	$query ='
1254	SELECT id, username, mail_address
1255	FROM '.USERS_TABLE.'
1256	WHERE id = '.$id.'
1257	;';
1258	$result = pwg_db_fetch_assoc(pwg_query($query));
1259
1260	$subject = '['.$conf['gallery_title'].'] '.l10n_args(get_l10n_args('UAM_Validation of %s', stripslashes($result['username'])));
1261
1262	if (isset($conf_UAM[28]) and $conf_UAM[28] <> '')
1263	{
1264	// Management of Extension flags ([username], [mygallery], [myurl])
1265	$patterns[] = '#\[username\]#i';
1266	$replacements[] = $result['username'];
1267	$patterns[] = '#\[mygallery\]#i';
1268	$replacements[] = $conf['gallery_title'];
1269	$patterns[] = '#\[myurl\]#i';
1270	$replacements[] = $conf['gallery_url'];
1271
1272	if (function_exists('get_user_language_desc'))
1273	{
1274	$custom_txt = get_user_language_desc(preg_replace($patterns, $replacements, $conf_UAM[28]))."\n\n";
1275	}
1276	else $custom_txt = l10n(preg_replace($patterns, $replacements, $conf_UAM[28]))."\n\n";
1277	}
1278
1279	$infos = array(
1280	get_l10n_args('UAM_User: %s', stripslashes($result['username'])),
1281	get_l10n_args('Email: %s', $result['mail_address']),
1282	get_l10n_args('', ''),
1283	);
1284
1285	// Sending the email with subject and contents
1286	pwg_mail($result['mail_address'], array(
1287	'subject' => $subject,
1288	'content' => (l10n_args($infos)."\n\n".$custom_txt),
1289	));
1290
1291	// Switching back to default language
1292	switch_lang_back();
1293	}
1294
1295
1296	/**
1297	* Function called from functions AddConfirmMail and ResetConfirmMail for validation key generation
1298	*
1299	* @return : validation key
1300	*
1301	*/
1302	function FindAvailableConfirmMailID()
1303	{
1304	while (true)
1305	{
1306	$id = generate_key(16);
1307	$query = "
1308	SELECT COUNT(*)
1309	FROM ".USER_CONFIRM_MAIL_TABLE."
1310	WHERE id = '".$id."'
1311	;";
1312	list($count) = pwg_db_fetch_row(pwg_query($query));
1313
1314	if ($count == 0)
1315	return $id;
1316	}
1317	}
1318
1319
1320	/**
1321	* Function called from functions SendMail2User to process unvalidated users and generate validation key link
1322	*
1323	* @param : User id, email address
1324	*
1325	* @return : Build validation key in URL
1326	*
1327	*/
1328	function AddConfirmMail($user_id, $email)
1329	{
1330	global $conf;
1331
1332	$conf_UAM = unserialize($conf['UserAdvManager']);
1333	$Confirm_Mail_ID = FindAvailableConfirmMailID();
1334
1335	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1336
1337	if (isset($Confirm_Mail_ID))
1338	{
1339	$query = "
1340	SELECT status
1341	FROM ".USER_INFOS_TABLE."
1342	WHERE user_id = '".$user_id."'
1343	;";
1344	list($status) = pwg_db_fetch_row(pwg_query($query));
1345
1346	$query = "
1347	INSERT INTO ".USER_CONFIRM_MAIL_TABLE."
1348	(id, user_id, mail_address, status, date_check)
1349	VALUES
1350	('".$Confirm_Mail_ID."', '".$user_id."', '".$email."', '".$status."', null)
1351	;";
1352	pwg_query($query);
1353
1354	// Delete user from all groups
1355	$query = "
1356	DELETE FROM ".USER_GROUP_TABLE."
1357	WHERE user_id = '".$user_id."'
1358	AND (
1359	group_id = '".$conf_UAM[2]."'
1360	OR
1361	group_id = '".$conf_UAM[3]."'
1362	)
1363	;";
1364	pwg_query($query);
1365
1366	// Set user unvalidated status
1367	if (!is_admin() and $conf_UAM[8] <> -1)
1368	{
1369	$query = "
1370	UPDATE ".USER_INFOS_TABLE."
1371	SET status = '".$conf_UAM[8]."'
1372	WHERE user_id = '".$user_id."'
1373	;";
1374	pwg_query($query);
1375	}
1376
1377	// Set user unvalidated group
1378	if (!is_admin() and $conf_UAM[2] <> -1)
1379	{
1380	$query = "
1381	INSERT INTO ".USER_GROUP_TABLE."
1382	(user_id, group_id)
1383	VALUES
1384	('".$user_id."', '".$conf_UAM[2]."')
1385	;";
1386	pwg_query($query);
1387	}
1388
1389	return get_absolute_root_url().UAM_PATH.'ConfirmMail.php?key='.$Confirm_Mail_ID.'&userid='.$user_id;
1390	}
1391	}
1392
1393
1394	/**
1395	* Function called from main.inc.php to set group to new users if manual validation is set
1396	*
1397	* @param : User id
1398	*
1399	*
1400	*/
1401	function setgroup($user_id)
1402	{
1403	global $conf;
1404
1405	$conf_UAM = unserialize($conf['UserAdvManager']);
1406
1407	$query = "
1408	DELETE FROM ".USER_GROUP_TABLE."
1409	WHERE user_id = '".$user_id."'
1410	AND (
1411	group_id = '".$conf_UAM[2]."'
1412	OR
1413	group_id = '".$conf_UAM[3]."'
1414	)
1415	;";
1416	pwg_query($query);
1417
1418	if (!is_admin() and $conf_UAM[8] <> -1)
1419	{
1420	$query = "
1421	UPDATE ".USER_INFOS_TABLE."
1422	SET status = '".$conf_UAM[8]."'
1423	WHERE user_id = '".$user_id."'
1424	;";
1425	pwg_query($query);
1426	}
1427
1428	if (!is_admin() and $conf_UAM[2] <> -1)
1429	{
1430	$query = "
1431	INSERT INTO ".USER_GROUP_TABLE."
1432	(user_id, group_id)
1433	VALUES
1434	('".$user_id."', '".$conf_UAM[2]."')
1435	;";
1436	pwg_query($query);
1437	}
1438	}
1439
1440
1441	/**
1442	* Function called from UAM_admin.php to reset validation key
1443	*
1444	* @param : User id
1445	*
1446	* @return : Build validation key in URL
1447	*
1448	*/
1449	function ResetConfirmMail($user_id)
1450	{
1451	global $conf;
1452
1453	$Confirm_Mail_ID = FindAvailableConfirmMailID();
1454
1455	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1456
1457	if (isset($Confirm_Mail_ID))
1458	{
1459	$query = "
1460	UPDATE ".USER_CONFIRM_MAIL_TABLE."
1461	SET id = '".$Confirm_Mail_ID."'
1462	WHERE user_id = '".$user_id."'
1463	;";
1464	pwg_query($query);
1465
1466	$query = "
1467	UPDATE ".USER_INFOS_TABLE."
1468	SET registration_date = '".$dbnow."'
1469	WHERE user_id = '".$user_id."'
1470	;";
1471	pwg_query($query);
1472
1473	return get_absolute_root_url().UAM_PATH.'ConfirmMail.php?key='.$Confirm_Mail_ID.'&userid='.$user_id;
1474	}
1475	}
1476
1477
1478	/**
1479	* Function called from functions.inc.php to reset last visit date after sending a reminder
1480	*
1481	* @param : User id
1482	*
1483	*/
1484	function resetlastvisit($user_id)
1485	{
1486	global $conf;
1487
1488	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1489
1490	$query = "
1491	UPDATE ".USER_LASTVISIT_TABLE."
1492	SET lastvisit = '".$dbnow."', reminder = 'true'
1493	WHERE user_id = '".$user_id."'
1494	;";
1495	pwg_query($query);
1496	}
1497
1498
1499	/**
1500	* Function called from main.inc.php - Triggered on user deletion
1501	*
1502	*/
1503	function DeleteConfirmMail($user_id)
1504	{
1505	$query = "
1506	DELETE FROM ".USER_CONFIRM_MAIL_TABLE."
1507	WHERE user_id = '".$user_id."'
1508	;";
1509	pwg_query($query);
1510	}
1511
1512	/**
1513	* Function called from main.inc.php - Triggered on user deletion
1514	*
1515	*/
1516	function DeleteLastVisit($user_id)
1517	{
1518	$query = "
1519	DELETE FROM ".USER_LASTVISIT_TABLE."
1520	WHERE user_id = '".$user_id."'
1521	;";
1522	pwg_query($query);
1523	}
1524
1525
1526	/**
1527	* Function called from main.inc.php - Triggered on user deletion
1528	*
1529	* @param : User id
1530	*
1531	*/
1532	function DeleteRedir($user_id)
1533	{
1534	$tab = array();
1535
1536	$query = '
1537	SELECT value
1538	FROM '.CONFIG_TABLE.'
1539	WHERE param = "UserAdvManager_Redir"
1540	;';
1541
1542	$tab = pwg_db_fetch_row(pwg_query($query));
1543
1544	$values = explode(',', $tab[0]);
1545
1546	unset($values[array_search($user_id, $values)]);
1547
1548	$query = "
1549	UPDATE ".CONFIG_TABLE."
1550	SET value = \"".implode(',', $values)."\"
1551	WHERE param = 'UserAdvManager_Redir';";
1552
1553	pwg_query($query);
1554	}
1555
1556
1557	/**
1558	* Function called from ConfirmMail.php to verify validation key used by user according time limit
1559	* Return true is key validation is OK else return false
1560	*
1561	* @param : User id
1562	*
1563	* @return : Bool
1564	*
1565	*/
1566	function VerifyConfirmMail($id)
1567	{
1568	global $conf;
1569
1570	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1571
1572	$conf_UAM = unserialize($conf['UserAdvManager']);
1573
1574	$conf_UAM_ConfirmMail = unserialize($conf['UserAdvManager_ConfirmMail']);
1575
1576	$query = "
1577	SELECT COUNT(*)
1578	FROM ".USER_CONFIRM_MAIL_TABLE."
1579	WHERE id = '".$id."'
1580	;";
1581	list($count) = pwg_db_fetch_row(pwg_query($query));
1582
1583	if ($count == 1)
1584	{
1585	$query = "
1586	SELECT user_id, status, date_check
1587	FROM ".USER_CONFIRM_MAIL_TABLE."
1588	WHERE id = '".$id."'
1589	;";
1590	$data = pwg_db_fetch_assoc(pwg_query($query));
1591
1592	if (!empty($data) and isset($data['user_id']))
1593	{
1594	$query = "
1595	SELECT registration_date
1596	FROM ".USER_INFOS_TABLE."
1597	WHERE user_id = '".$data['user_id']."'
1598	;";
1599	list($registration_date) = pwg_db_fetch_row(pwg_query($query));
1600
1601	// Time limit process
1602	// ********************************************
1603	if (!empty($registration_date))
1604	{
1605	// Verify Confirmmail with time limit ON
1606	if (isset ($conf_UAM_ConfirmMail[1]))
1607	{
1608	// dates formating and compare
1609	$today = date("d-m-Y"); // Get today's date
1610	list($day, $month, $year) = explode('-', $today); // explode date of today
1611	$daytimestamp = mktime(0, 0, 0, $month, $day, $year);// Generate UNIX timestamp
1612
1613	list($regdate, $regtime) = explode(' ', $registration_date); // Explode date and time from registration date
1614	list($regyear, $regmonth, $regday) = explode('-', $regdate); // Explode date from registration date
1615	$regtimestamp = mktime(0, 0, 0, $regmonth, $regday, $regyear);// Generate UNIX timestamp
1616
1617	$deltasecs = $daytimestamp - $regtimestamp;// Compare the 2 UNIX timestamps
1618	$deltadays = floor($deltasecs / 86400);// Convert result from seconds to days
1619
1620	// Condition with the value set for time limit
1621	if ($deltadays <= $conf_UAM_ConfirmMail[1]) // If Nb of days is less than the limit set
1622	{
1623	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1624
1625	$query = '
1626	UPDATE '.USER_CONFIRM_MAIL_TABLE.'
1627	SET date_check="'.$dbnow.'", reminder="false"
1628	WHERE id = "'.$id.'"
1629	;';
1630	pwg_query($query);
1631
1632	if ($conf_UAM[2] <> -1) // Delete user from unvalidated users group
1633	{
1634	$query = "
1635	DELETE FROM ".USER_GROUP_TABLE."
1636	WHERE user_id = '".$data['user_id']."'
1637	AND group_id = '".$conf_UAM[2]."'
1638	;";
1639	pwg_query($query);
1640	}
1641
1642	if ($conf_UAM[3] <> -1) // Add user to validated users group
1643	{
1644	$query = "
1645	INSERT INTO ".USER_GROUP_TABLE."
1646	(user_id, group_id)
1647	VALUES
1648	('".$data['user_id']."', '".$conf_UAM[3]."')
1649	;";
1650	pwg_query($query);
1651	}
1652
1653	if (($conf_UAM[4] <> -1 or isset($data['status']))) // Change user's status
1654	{
1655	$query = "
1656	UPDATE ".USER_INFOS_TABLE."
1657	SET status = '".(isset($data['status']) ? $data['status'] : $conf_UAM[4])."'
1658	WHERE user_id = '".$data['user_id']."'
1659	;";
1660	pwg_query($query);
1661	}
1662	// Refresh user's category cache
1663	invalidate_user_cache();
1664
1665	return true;
1666	}
1667	elseif ($deltadays > $conf_UAM_ConfirmMail[1]) // If timelimit exeeds
1668	{
1669	return false;
1670	}
1671	}
1672	// Verify Confirmmail with time limit OFF
1673	else
1674	{
1675	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1676
1677	$query = '
1678	UPDATE '.USER_CONFIRM_MAIL_TABLE.'
1679	SET date_check="'.$dbnow.'"
1680	WHERE id = "'.$id.'"
1681	;';
1682	pwg_query($query);
1683
1684	if ($conf_UAM[2] <> -1)
1685	{
1686	$query = "
1687	DELETE FROM ".USER_GROUP_TABLE."
1688	WHERE user_id = '".$data['user_id']."'
1689	AND group_id = '".$conf_UAM[2]."'
1690	;";
1691	pwg_query($query);
1692	}
1693
1694	if ($conf_UAM[3] <> -1)
1695	{
1696	$query = "
1697	DELETE FROM ".USER_GROUP_TABLE."
1698	WHERE user_id = '".$data['user_id']."'
1699	AND group_id = '".$conf_UAM[3]."'
1700	;";
1701	pwg_query($query);
1702
1703	$query = "
1704	INSERT INTO ".USER_GROUP_TABLE."
1705	(user_id, group_id)
1706	VALUES
1707	('".$data['user_id']."', '".$conf_UAM[3]."')
1708	;";
1709	pwg_query($query);
1710	}
1711
1712	if (($conf_UAM[4] <> -1 or isset($data['status'])))
1713	{
1714	$query = "
1715	UPDATE ".USER_INFOS_TABLE."
1716	SET status = '".(isset($data['status']) ? $data['status'] : $conf_UAM[4])."'
1717	WHERE user_id = '".$data['user_id']."'
1718	;";
1719	pwg_query($query);
1720	}
1721	// Refresh user's category cache
1722	invalidate_user_cache();
1723
1724	return true;
1725	}
1726	}
1727	}
1728	}
1729	else
1730	return false;
1731	}
1732
1733
1734	/**
1735	* Function called from UAM_admin.php to force users validation by admin
1736	*
1737	* @param : User id
1738	*
1739	*/
1740	function ForceValidation($id)
1741	{
1742	global $conf;
1743
1744	$conf_UAM = unserialize($conf['UserAdvManager']);
1745
1746	if (isset($conf_UAM[1]) and $conf_UAM[1] == 'true')
1747	{
1748	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1749
1750	$query = "
1751	UPDATE ".USER_CONFIRM_MAIL_TABLE."
1752	SET date_check='".$dbnow."'
1753	WHERE user_id = '".$id."'
1754	;";
1755	pwg_query($query);
1756
1757	if ($conf_UAM[2] <> -1)
1758	{
1759	$query = "
1760	DELETE FROM ".USER_GROUP_TABLE."
1761	WHERE user_id = '".$id."'
1762	AND group_id = '".$conf_UAM[2]."'
1763	;";
1764	pwg_query($query);
1765	}
1766
1767	if ($conf_UAM[3] <> -1)
1768	{
1769	$query = "
1770	DELETE FROM ".USER_GROUP_TABLE."
1771	WHERE user_id = '".$id."'
1772	AND group_id = '".$conf_UAM[3]."'
1773	;";
1774	pwg_query($query);
1775
1776	$query = "
1777	INSERT INTO ".USER_GROUP_TABLE."
1778	(user_id, group_id)
1779	VALUES
1780	('".$id."', '".$conf_UAM[3]."')
1781	;";
1782	pwg_query($query);
1783	}
1784
1785	if ($conf_UAM[4] <> -1)
1786	{
1787	$query = "
1788	UPDATE ".USER_INFOS_TABLE."
1789	SET status = '".$conf_UAM[4]."'
1790	WHERE user_id = '".$id."'
1791	;";
1792	pwg_query($query);
1793	}
1794	}
1795	elseif (isset($conf_UAM[1]) and $conf_UAM[1] == 'local')
1796	{
1797	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1798
1799	if ($conf_UAM[2] <> -1)
1800	{
1801	$query = "
1802	DELETE FROM ".USER_GROUP_TABLE."
1803	WHERE user_id = '".$id."'
1804	AND group_id = '".$conf_UAM[2]."'
1805	;";
1806	pwg_query($query);
1807	}
1808
1809	if ($conf_UAM[3] <> -1)
1810	{
1811	$query = "
1812	DELETE FROM ".USER_GROUP_TABLE."
1813	WHERE user_id = '".$id."'
1814	AND group_id = '".$conf_UAM[3]."'
1815	;";
1816	pwg_query($query);
1817
1818	$query = "
1819	INSERT INTO ".USER_GROUP_TABLE."
1820	(user_id, group_id)
1821	VALUES
1822	('".$id."', '".$conf_UAM[3]."')
1823	;";
1824	pwg_query($query);
1825	}
1826
1827	if ($conf_UAM[4] <> -1)
1828	{
1829	$query = "
1830	UPDATE ".USER_INFOS_TABLE."
1831	SET status = '".$conf_UAM[4]."'
1832	WHERE user_id = '".$id."'
1833	;";
1834	pwg_query($query);
1835	}
1836	}
1837	}
1838
1839
1840	/**
1841	* Function called from main.inc.php - Check if username matches forbidden caracters
1842	*
1843	* @param : User login
1844	*
1845	* @return : Bool
1846	*
1847	*/
1848	function ValidateUsername($login)
1849	{
1850	global $conf;
1851
1852	$conf_UAM = unserialize($conf['UserAdvManager']);
1853
1854	if (isset($login) and isset($conf_UAM[7]) and $conf_UAM[7] <> '')
1855	{
1856	$conf_CharExclusion = preg_split("/,/",$conf_UAM[7]);
1857	for ($i = 0 ; $i < count($conf_CharExclusion) ; $i++)
1858	{
1859	$pattern = '/'.$conf_CharExclusion[$i].'/i';
1860	if (preg_match($pattern, $login))
1861	{
1862	return true;
1863	}
1864	}
1865	}
1866	else
1867	{
1868	return false;
1869	}
1870	}
1871
1872
1873	/**
1874	* Function called from main.inc.php - Check if user's email is in excluded email providers list
1875	* Doesn't work on call - Must be copied in main.inc.php to work
1876	*
1877	* @param : Email address
1878	*
1879	* @return : Bool
1880	*
1881	*/
1882	function ValidateEmailProvider($email)
1883	{
1884	global $conf;
1885
1886	$conf_UAM = unserialize($conf['UserAdvManager']);
1887
1888	if (isset($email) and isset($conf_UAM[12]) and $conf_UAM[12] <> '')
1889	{
1890	$conf_MailExclusion = preg_split("/[\s,]+/",$conf_UAM[12]);
1891	for ($i = 0 ; $i < count($conf_MailExclusion) ; $i++)
1892	{
1893	$pattern = '/'.$conf_MailExclusion[$i].'/i';
1894	if (preg_match($pattern, $email))
1895	{
1896	return true;
1897	}
1898	}
1899	}
1900	else
1901	{
1902	return false;
1903	}
1904	}
1905
1906
1907	/**
1908	* Function called from UAM_admin.php - Get unvalidated users according time limit
1909	*
1910	* @return : List of users
1911	*
1912	*/
1913	function get_unvalid_user_list()
1914	{
1915	global $conf, $page;
1916
1917	// Get ConfirmMail configuration
1918	$conf_UAM_ConfirmMail = unserialize($conf['UserAdvManager_ConfirmMail']);
1919	// Get UAM configuration
1920	$conf_UAM = unserialize($conf['UserAdvManager']);
1921
1922	$users = array();
1923
1924	// search users depending expiration date
1925	$query = '
1926	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
1927	u.'.$conf['user_fields']['username'].' AS username,
1928	u.'.$conf['user_fields']['email'].' AS email,
1929	ui.status,
1930	ui.enabled_high,
1931	ui.level,
1932	ui.registration_date
1933	FROM '.USERS_TABLE.' AS u
1934	INNER JOIN '.USER_INFOS_TABLE.' AS ui
1935	ON u.'.$conf['user_fields']['id'].' = ui.user_id
1936	LEFT JOIN '.USER_GROUP_TABLE.' AS ug
1937	ON u.'.$conf['user_fields']['id'].' = ug.user_id
1938	WHERE u.'.$conf['user_fields']['id'].' >= 3
1939	AND (TO_DAYS(NOW()) - TO_DAYS(ui.registration_date) >= "'.$conf_UAM_ConfirmMail[1].'"
1940	OR TO_DAYS(NOW()) - TO_DAYS(ui.registration_date) < "'.$conf_UAM_ConfirmMail[1].'")';
1941
1942	if ($conf_UAM[2] <> '-1' and $conf_UAM[8] == '-1')
1943	{
1944	$query.= '
1945	AND ug.group_id = '.$conf_UAM[2];
1946	}
1947	if ($conf_UAM[2] == '-1' and $conf_UAM[8] <> '-1')
1948	{
1949	$query.= '
1950	AND ui.status = \''.$conf_UAM[8]."'";
1951	}
1952	if ($conf_UAM[2] <> '-1' and $conf_UAM[8] <> '-1')
1953	{
1954	$query.= '
1955	AND ug.group_id = \''.$conf_UAM[2]."'";
1956	}
1957	$query.= '
1958	ORDER BY ui.registration_date ASC
1959	;';
1960
1961	$result = pwg_query($query);
1962
1963	while ($row = pwg_db_fetch_assoc($result))
1964	{
1965	$user = $row;
1966	$user['groups'] = array();
1967
1968	array_push($users, $user);
1969	}
1970
1971	// add group lists
1972	$user_ids = array();
1973	foreach ($users as $i => $user)
1974	{
1975	$user_ids[$i] = $user['id'];
1976	}
1977
1978	$user_nums = array_flip($user_ids);
1979
1980	if (count($user_ids) > 0)
1981	{
1982	$query = '
1983	SELECT user_id, group_id
1984	FROM '.USER_GROUP_TABLE.'
1985	WHERE user_id IN ('.implode(',', $user_ids).')
1986	;';
1987
1988	$result = pwg_query($query);
1989
1990	while ($row = pwg_db_fetch_assoc($result))
1991	{
1992	array_push(
1993	$users[$user_nums[$row['user_id']]]['groups'],
1994	$row['group_id']
1995	);
1996	}
1997	}
1998
1999	return $users;
2000	}
2001
2002
2003	/**
2004	* Function called from functions.inc.php - Get all users who haven't validate their registration in configured time
2005	* to delete or remail them automatically
2006	*
2007	* @return : List of users
2008	*
2009	*/
2010	function get_unvalid_user_autotasks()
2011	{
2012	global $conf, $page;
2013
2014	// Get ConfirmMail configuration
2015	$conf_UAM_ConfirmMail = unserialize($conf['UserAdvManager_ConfirmMail']);
2016
2017	$users = array();
2018
2019	// search users depending expiration date
2020	$query = '
2021	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
2022	ui.registration_date
2023	FROM '.USERS_TABLE.' AS u
2024	INNER JOIN '.USER_INFOS_TABLE.' AS ui
2025	ON u.'.$conf['user_fields']['id'].' = ui.user_id
2026	WHERE u.'.$conf['user_fields']['id'].' >= 3
2027	AND (TO_DAYS(NOW()) - TO_DAYS(ui.registration_date) >= "'.$conf_UAM_ConfirmMail[1].'")
2028	ORDER BY ui.registration_date ASC;';
2029
2030	$result = pwg_query($query);
2031
2032	while ($row = pwg_db_fetch_assoc($result))
2033	{
2034	array_push($users, $row);
2035	}
2036
2037	return $users;
2038	}
2039
2040
2041	/**
2042	* Function called from UAM_admin.php - Get ghost users
2043	*
2044	* @return : List of users
2045	*
2046	*/
2047	function get_ghost_user_list()
2048	{
2049	global $conf, $page;
2050
2051	$conf_UAM = unserialize($conf['UserAdvManager']);
2052
2053	$users = array();
2054
2055	// search users depending expiration date
2056	$query = '
2057	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
2058	u.'.$conf['user_fields']['username'].' AS username,
2059	u.'.$conf['user_fields']['email'].' AS email,
2060	lv.lastvisit,
2061	lv.reminder
2062	FROM '.USERS_TABLE.' AS u
2063	INNER JOIN '.USER_LASTVISIT_TABLE.' AS lv
2064	ON u.'.$conf['user_fields']['id'].' = lv.user_id
2065	WHERE (TO_DAYS(NOW()) - TO_DAYS(lv.lastvisit) >= "'.$conf_UAM[17].'")
2066	ORDER BY lv.lastvisit ASC;';
2067
2068	$result = pwg_query($query);
2069
2070	while ($row = pwg_db_fetch_assoc($result))
2071	{
2072	$user = $row;
2073	$user['groups'] = array();
2074
2075	array_push($users, $user);
2076	}
2077
2078	// add group lists
2079	$user_ids = array();
2080	foreach ($users as $i => $user)
2081	{
2082	$user_ids[$i] = $user['id'];
2083	}
2084
2085	return $users;
2086	}
2087
2088
2089	/**
2090	* Function called from functions.inc.php - Get all ghost users to delete or downgrade automatically on any user login
2091	*
2092	* @return : List of users to delete or downgrade automatically
2093	*
2094	*/
2095	function get_ghosts_autotasks()
2096	{
2097	global $conf, $page;
2098
2099	$conf_UAM = unserialize($conf['UserAdvManager']);
2100
2101	$users = array();
2102
2103	// search users depending expiration date and reminder sent
2104	$query = '
2105	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
2106	lv.lastvisit
2107	FROM '.USERS_TABLE.' AS u
2108	INNER JOIN '.USER_LASTVISIT_TABLE.' AS lv
2109	ON u.'.$conf['user_fields']['id'].' = lv.user_id
2110	WHERE (TO_DAYS(NOW()) - TO_DAYS(lv.lastvisit) >= "'.$conf_UAM[17].'")
2111	ORDER BY lv.lastvisit ASC;';
2112
2113	$result = pwg_query($query);
2114
2115	while ($row = pwg_db_fetch_assoc($result))
2116	{
2117	array_push($users, $row);
2118	}
2119
2120	return $users;
2121	}
2122
2123
2124	/**
2125	* Function called from UAM_admin.php - Get all users to display the number of days since their last visit
2126	*
2127	* @return : List of users
2128	*
2129	*/
2130	function get_user_list()
2131	{
2132	global $conf, $page;
2133
2134	$users = array();
2135
2136	// search users depending expiration date
2137	$query = '
2138	SELECT DISTINCT u.'.$conf['user_fields']['id'].' AS id,
2139	u.'.$conf['user_fields']['username'].' AS username,
2140	u.'.$conf['user_fields']['email'].' AS email,
2141	ug.lastvisit
2142	FROM '.USERS_TABLE.' AS u
2143	INNER JOIN '.USER_LASTVISIT_TABLE.' AS ug
2144	ON u.'.$conf['user_fields']['id'].' = ug.user_id
2145	WHERE u.'.$conf['user_fields']['id'].' >= 3
2146	ORDER BY ug.lastvisit DESC
2147	;';
2148
2149	$result = pwg_query($query);
2150
2151	while ($row = pwg_db_fetch_assoc($result))
2152	{
2153	$user = $row;
2154	$user['groups'] = array();
2155
2156	array_push($users, $user);
2157	}
2158
2159	// add group lists
2160	$user_ids = array();
2161	foreach ($users as $i => $user)
2162	{
2163	$user_ids[$i] = $user['id'];
2164	}
2165
2166	return $users;
2167	}
2168
2169
2170	/**
2171	* Function called from UAM_admin.php - to determine who is expired or not and giving a different display color
2172	*
2173	* @param : user id
2174	*
2175	* @return : Bool
2176	*
2177	*/
2178	function expiration($id)
2179	{
2180	global $conf, $page;
2181
2182	// Get ConfirmMail configuration
2183	$conf_UAM_ConfirmMail = unserialize($conf['UserAdvManager_ConfirmMail']);
2184
2185	// Get UAM configuration
2186	$conf_UAM = unserialize($conf['UserAdvManager']);
2187
2188	$query = "
2189	SELECT registration_date
2190	FROM ".USER_INFOS_TABLE."
2191	WHERE user_id = '".$id."'
2192	;";
2193	list($registration_date) = pwg_db_fetch_row(pwg_query($query));
2194
2195	// Time limit process
2196	// ********************************************
2197	if (!empty($registration_date))
2198	{
2199	// dates formating and compare
2200	$today = date("d-m-Y"); // Get today's date
2201	list($day, $month, $year) = explode('-', $today); // explode date of today
2202	$daytimestamp = mktime(0, 0, 0, $month, $day, $year);// Generate UNIX timestamp
2203
2204	list($regdate, $regtime) = explode(' ', $registration_date); // Explode date and time from registration date
2205	list($regyear, $regmonth, $regday) = explode('-', $regdate); // Explode date from registration date
2206	$regtimestamp = mktime(0, 0, 0, $regmonth, $regday, $regyear);// Generate UNIX timestamp
2207
2208	$deltasecs = $daytimestamp - $regtimestamp;// Compare the 2 UNIX timestamps
2209	$deltadays = floor($deltasecs / 86400);// Convert result from seconds to days
2210
2211	// Condition with the value set for time limit
2212	if ($deltadays <= $conf_UAM_ConfirmMail[1]) // If Nb of days is less than the limit set
2213	{
2214	return false;
2215	}
2216	else
2217	{
2218	return true;
2219	}
2220	}
2221	}
2222
2223
2224	/**
2225	* Returns a password's score for password complexity check
2226	*
2227	* @param : password filled by user
2228	*
2229	* @return : Score calculation
2230	*
2231	* Thanx to MathieuGut from http://m-gut.developpez.com
2232	*/
2233	function testpassword($password) // Le mot de passe passé en paramètre - $password given by user
2234	{
2235
2236	// Initialisation des variables - Variables initiation
2237	$points = 0;
2238	$point_lowercase = 0;
2239	$point_uppercase = 0;
2240	$point_numbers = 0;
2241	$point_characters = 0;
2242
2243	// On récupère la longueur du mot de passe - Getting password lengh
2244	$length = strlen($password);
2245
2246	// On fait une boucle pour lire chaque lettre - Loop to read password characters
2247	for($i = 0; $i < $length; $i++)
2248	{
2249	// On sélectionne une à une chaque lettre - Select each letters
2250	// $i étant à 0 lors du premier passage de la boucle - $i is 0 at first turn
2251	$letters = $password[$i];
2252
2253	if ($letters>='a' && $letters<='z')
2254	{
2255	// On ajoute 1 point pour une minuscule - Adding 1 point to score for a lowercase
2256	$points = $points + 1;
2257
2258	// On rajoute le bonus pour une minuscule - Adding bonus points for lowercase
2259	$point_lowercase = 1;
2260	}
2261	else if ($letters>='A' && $letters <='Z')
2262	{
2263	// On ajoute 2 points pour une majuscule - Adding 2 points to score for uppercase
2264	$points = $points + 2;
2265
2266	// On rajoute le bonus pour une majuscule - Adding bonus points for uppercase
2267	$point_uppercase = 2;
2268	}
2269	else if ($letters>='0' && $letters<='9')
2270	{
2271	// On ajoute 3 points pour un chiffre - Adding 3 points to score for numbers
2272	$points = $points + 3;
2273
2274	// On rajoute le bonus pour un chiffre - Adding bonus points for numbers
2275	$point_numbers = 3;
2276	}
2277	else
2278	{
2279	// On ajoute 5 points pour un caractère autre - Adding 5 points to score for special characters
2280	$points = $points + 5;
2281
2282	// On rajoute le bonus pour un caractère autre - Adding bonus points for special characters
2283	$point_characters = 5;
2284	}
2285	}
2286
2287	// Calcul du coefficient points/longueur - calculating the coefficient points/length
2288	$step1 = $points / $length;
2289
2290	// Calcul du coefficient de la diversité des types de caractères... - Calculation of the diversity of character types...
2291	$step2 = $point_lowercase + $point_uppercase + $point_numbers + $point_characters;
2292
2293	// Multiplication du coefficient de diversité avec celui de la longueur - Multiplying the coefficient of diversity with that of the length
2294	$score = $step1 * $step2;
2295
2296	// Multiplication du resultat par la longueur de la chaine - Multiplying the result by the length of the string
2297	$finalscore = $score * $length;
2298
2299	return $finalscore;
2300	}
2301
2302
2303	/**
2304	* Function called from maintain.inc.php - to check if database upgrade is needed
2305	*
2306	* @param : table name
2307	*
2308	* @return : boolean
2309	*
2310	*/
2311	function table_exist($table)
2312	{
2313	$query = 'DESC '.$table.';';
2314	return (bool)($res=pwg_query($query));
2315	}
2316
2317
2318	/**
2319	* Function called from UAM_admin.php and main.inc.php to get the plugin version and name
2320	*
2321	* @param : plugin directory
2322	*
2323	* @return : plugin's version and name
2324	*
2325	*/
2326	function PluginInfos($dir)
2327	{
2328	$path = $dir;
2329
2330	$plg_data = implode( '', file($path.'main.inc.php') );
2331	if ( preg_match("\|Plugin Name: (.*)\|", $plg_data, $val) )
2332	{
2333	$plugin['name'] = trim( $val[1] );
2334	}
2335	if (preg_match("\|Version: (.*)\|", $plg_data, $val))
2336	{
2337	$plugin['version'] = trim($val[1]);
2338	}
2339	if ( preg_match("\|Plugin URI: (.*)\|", $plg_data, $val) )
2340	{
2341	$plugin['uri'] = trim($val[1]);
2342	}
2343	if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
2344	{
2345	$plugin['description'] = trim($desc);
2346	}
2347	elseif ( preg_match("\|Description: (.*)\|", $plg_data, $val) )
2348	{
2349	$plugin['description'] = trim($val[1]);
2350	}
2351	if ( preg_match("\|Author: (.*)\|", $plg_data, $val) )
2352	{
2353	$plugin['author'] = trim($val[1]);
2354	}
2355	if ( preg_match("\|Author URI: (.*)\|", $plg_data, $val) )
2356	{
2357	$plugin['author uri'] = trim($val[1]);
2358	}
2359	if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
2360	{
2361	list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
2362	if (is_numeric($extension)) $plugin['extension'] = $extension;
2363	}
2364	// IMPORTANT SECURITY !
2365	$plugin = array_map('htmlspecialchars', $plugin);
2366
2367	return $plugin ;
2368	}
2369
2370
2371	/**
2372	* Delete obsolete files on plugin upgrade
2373	* Obsolete files are listed in file obsolete.list
2374	*
2375	*/
2376	function clean_obsolete_files()
2377	{
2378	if (file_exists(UAM_PATH.'obsolete.list')
2379	and $old_files = file(UAM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES)
2380	and !empty($old_files))
2381	{
2382	array_push($old_files, 'obsolete.list');
2383	foreach($old_files as $old_file)
2384	{
2385	$path = UAM_PATH.$old_file;
2386	if (is_file($path))
2387	{
2388	@unlink($path);
2389	}
2390	}
2391	}
2392	}
2393
2394
2395	/**
2396	* UAM_check_profile - Thx to LucMorizur
2397	* checks if a user id is registered as having already
2398	* visited his profile.php page.
2399	*
2400	* @uid : the user id
2401	*
2402	* @user_idsOK : (returned) array of all users ids having already visited
2403	* their profile.php pages
2404	*
2405	* @returns : true or false whether the users has already visited his
2406	* profile.php page or not
2407	*
2408	*/
2409	function UAM_check_profile($uid, &$user_idsOK)
2410	{
2411	$t = array();
2412	$v = false;
2413
2414	$query = "
2415	SELECT value
2416	FROM ".CONFIG_TABLE."
2417	WHERE param = 'UserAdvManager_Redir'
2418	;";
2419
2420	if ($v = (($t = pwg_db_fetch_row(pwg_query($query))) !== false))
2421	{
2422	$user_idsOK = explode(',', $t[0]);
2423	$v = (in_array($uid, $user_idsOK));
2424	}
2425	return $v;
2426	}
2427
2428
2429	/**
2430	* UAM specific database dump (only for MySql !)
2431	* Creates an SQL dump of UAM specific tables and configuration settings
2432	*
2433	* @returns : Boolean to manage appropriate message display
2434	*
2435	*/
2436	function uam_dump($download)
2437	{
2438	global $conf;
2439
2440	// Initial backup folder creation and file initialisation
2441	if (!is_dir(UAM_PATH.'/include/backup'))
2442	mkdir(UAM_PATH.'/include/backup');
2443
2444	$Backup_File = UAM_PATH.'/include/backup/UAM_dbbackup.sql';
2445
2446	$fp = fopen($Backup_File, 'w');
2447
2448
2449	// Saving UAM specific tables
2450	$ListTables = array(USER_CONFIRM_MAIL_TABLE, USER_LASTVISIT_TABLE);
2451	$j=0;
2452
2453	while($j < count($ListTables))
2454	{
2455	$sql = 'SHOW CREATE TABLE '.$ListTables[$j];
2456	$res = pwg_query($sql);
2457
2458	if ($res)
2459	{
2460	$insertions = "-- -------------------------------------------------------\n";
2461	$insertions .= "-- Create ".$ListTables[$j]." table\n";
2462	$insertions .= "-- ------------------------------------------------------\n\n";
2463
2464	$insertions .= "DROP TABLE IF EXISTS ".$ListTables[$j].";\n\n";
2465
2466	$array = mysql_fetch_array($res);
2467	$array[1] .= ";\n\n";
2468	$insertions .= $array[1];
2469
2470	$req_table = pwg_query('SELECT * FROM '.$ListTables[$j]) or die(mysql_error());
2471	$nb_fields = mysql_num_fields($req_table);
2472	while ($line = mysql_fetch_array($req_table))
2473	{
2474	$insertions .= 'INSERT INTO '.$ListTables[$j].' VALUES (';
2475	for ($i=0; $i<$nb_fields; $i++)
2476	{
2477	$insertions .= '\'' . mysql_real_escape_string($line[$i]) . '\', ';
2478	}
2479	$insertions = substr($insertions, 0, -2);
2480	$insertions .= ");\n";
2481	}
2482	$insertions .= "\n\n";
2483	}
2484
2485	fwrite($fp, $insertions);
2486	$j++;
2487	}
2488
2489	// Saving UAM configuration
2490	$insertions = "-- -------------------------------------------------------\n";
2491	$insertions .= "-- Insert UAM configuration in ".CONFIG_TABLE."\n";
2492	$insertions .= "-- ------------------------------------------------------\n\n";
2493
2494	fwrite($fp, $insertions);
2495
2496	$pattern = "UserAdvManager%";
2497	$req_table = pwg_query('SELECT * FROM '.CONFIG_TABLE.' WHERE param LIKE "'.$pattern.'";') or die(mysql_error());
2498	$nb_fields = mysql_num_fields($req_table);
2499
2500	while ($line = mysql_fetch_array($req_table))
2501	{
2502	$insertions = 'INSERT INTO '.CONFIG_TABLE.' VALUES (';
2503	for ($i=0; $i<$nb_fields; $i++)
2504	{
2505	$insertions .= '\'' . mysql_real_escape_string($line[$i]) . '\', ';
2506	}
2507	$insertions = substr($insertions, 0, -2);
2508	$insertions .= ");\n";
2509
2510	fwrite($fp, $insertions);
2511	}
2512
2513	fclose($fp);
2514
2515	// Download generated dump file
2516	if ($download == 'true')
2517	{
2518	if (@filesize($Backup_File))
2519	{
2520	$http_headers = array(
2521	'Content-Length: '.@filesize($Backup_File),
2522	'Content-Type: text/x-sql',
2523	'Content-Disposition: attachment; filename="UAM_dbbackup.sql";',
2524	'Content-Transfer-Encoding: binary',
2525	);
2526
2527	foreach ($http_headers as $header)
2528	{
2529	header($header);
2530	}
2531
2532	@readfile($Backup_File);
2533	exit();
2534	}
2535	}
2536
2537	return true;
2538	}
2539
2540
2541	/**
2542	* Called from UAM_CheckEmptyCommentAuthor()
2543	* Checks if comment's author name is in the allowed group
2544	*
2545	* @author : author's name
2546	*
2547	* @returns : Boolean (true is user is allowed to post / false if not allowed)
2548	*
2549	*/
2550	function UAM_CheckAuthor($author)
2551	{
2552	global $conf;
2553
2554	// Get UAM configuration
2555	$conf_UAM = unserialize($conf['UserAdvManager']);
2556
2557	if (isset($conf_UAM[37]) and $conf_UAM[37] <> -1)
2558	{
2559	$query = '
2560	SELECT u.id,
2561	u.username,
2562	ug.user_id,
2563	ug.group_id
2564	FROM '.USERS_TABLE.' AS u
2565	INNER JOIN '.USER_GROUP_TABLE.' AS ug
2566	ON u.id = ug.user_id
2567	WHERE u.username LIKE "'.$author.'"
2568	AND ug.group_id = '.$conf_UAM[37].'
2569	;';
2570
2571	$count = pwg_db_num_rows(pwg_query($query));
2572
2573	if (is_null($count) or $count == 0)
2574	{
2575	return false;
2576	}
2577	else
2578	return true;
2579	}
2580	}
2581
2582
2583	/**
2584	* Useful for debugging - 4 vars can be set
2585	* Output result to log.txt file
2586	*
2587	*/
2588	function UAMLog($var1, $var2, $var3, $var4)
2589	{
2590	$fo=fopen (UAM_PATH.'log.txt','a') ;
2591	fwrite($fo,"======================\n") ;
2592	fwrite($fo,'le ' . date('D, d M Y H:i:s') . "\r\n");
2593	fwrite($fo,$var1 ."\r\n") ;
2594	fwrite($fo,$var2 ."\r\n") ;
2595	fwrite($fo,$var3 ."\r\n") ;
2596	fwrite($fo,$var4 ."\r\n") ;
2597	fclose($fo) ;
2598	}
2599	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: