query('SELECT poster_ip, MAX(posted) AS last_used FROM '.$db->prefix.'posts WHERE poster_id='.$ip_stats.' GROUP BY poster_ip') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$num_ips = $db->num_rows($result);
// Determine the ip offset (based on $_GET['p'])
$num_pages = ceil($num_ips / 50);
$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']);
$start_from = 50 * ($p - 1);
// Generate paging links
$paging_links = ''.$lang_common['Pages'].' '.paginate($num_pages, $p, 'admin_users.php?ip_stats='.$ip_stats );
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Users'], $lang_admin_users['Results head']);
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
?>
»
»
query('SELECT poster_ip, MAX(posted) AS last_used, COUNT(id) AS used_times FROM '.$db->prefix.'posts WHERE poster_id='.$ip_stats.' GROUP BY poster_ip ORDER BY last_used DESC LIMIT '.$start_from.', 50') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
while ($cur_ip = $db->fetch_assoc($result))
{
?>
'.$lang_admin_users['Results no posts found'].'
'."\n";
?>
»
»
query('SELECT DISTINCT poster_id, poster FROM '.$db->prefix.'posts WHERE poster_ip=\''.$db->escape($ip).'\'') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$num_users = $db->num_rows($result);
// Determine the user offset (based on $_GET['p'])
$num_pages = ceil($num_users / 50);
$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']);
$start_from = 50 * ($p - 1);
// Generate paging links
$paging_links = ''.$lang_common['Pages'].' '.paginate($num_pages, $p, 'admin_users.php?show_users='.$ip);
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Users'], $lang_admin_users['Results head']);
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
?>
»
»
query('SELECT DISTINCT poster_id, poster FROM '.$db->prefix.'posts WHERE poster_ip=\''.$db->escape($ip).'\' ORDER BY poster ASC LIMIT '.$start_from.', 50') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$num_posts = $db->num_rows($result);
if ($num_posts)
{
$posters = $poster_ids = array();
while ($cur_poster = $db->fetch_assoc($result))
{
$posters[] = $cur_poster;
$poster_ids[] = $cur_poster['poster_id'];
}
$result = $db->query('SELECT u.id, u.username, u.email, u.title, u.num_posts, u.admin_note, g.g_id, g.g_user_title FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id>1 AND u.id IN('.implode(',', $poster_ids).')') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
$user_data = array();
while ($cur_user = $db->fetch_assoc($result))
$user_data[$cur_user['id']] = $cur_user;
// Loop through users and print out some info
foreach ($posters as $cur_poster)
{
if (isset($user_data[$cur_poster['poster_id']]))
{
$user_title = get_title($user_data[$cur_poster['poster_id']]);
$actions = ''.$lang_admin_users['Results view IP link'].' | '.$lang_admin_users['Results show posts link'].'';
?>
PUN_ADMIN)
message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('admin_users.php');
if (isset($_POST['users']))
{
$user_ids = is_array($_POST['users']) ? array_keys($_POST['users']) : explode(',', $_POST['users']);
$user_ids = array_map('intval', $user_ids);
// Delete invalid IDs
$user_ids = array_diff($user_ids, array(0, 1));
}
else
$user_ids = array();
if (empty($user_ids))
message($lang_admin_users['No users selected']);
// Are we trying to batch move any admins?
$result = $db->query('SELECT COUNT(*) FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).') AND group_id='.PUN_ADMIN) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->result($result) > 0)
message($lang_admin_users['No move admins message']);
// Fetch all user groups
$all_groups = array();
$result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups WHERE g_id NOT IN ('.PUN_GUEST.','.PUN_ADMIN.') ORDER BY g_title ASC') or error('Unable to fetch groups', __FILE__, __LINE__, $db->error());
while ($row = $db->fetch_row($result))
$all_groups[$row[0]] = $row[1];
if (isset($_POST['move_users_comply']))
{
$new_group = isset($_POST['new_group']) && isset($all_groups[$_POST['new_group']]) ? $_POST['new_group'] : message($lang_admin_users['Invalid group message']);
// Is the new group a moderator group?
$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$new_group) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
$new_group_mod = $db->result($result);
// Fetch user groups
$user_groups = array();
$result = $db->query('SELECT id, group_id FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).')') or error('Unable to fetch user groups', __FILE__, __LINE__, $db->error());
while ($cur_user = $db->fetch_assoc($result))
{
if (!isset($user_groups[$cur_user['group_id']]))
$user_groups[$cur_user['group_id']] = array();
$user_groups[$cur_user['group_id']][] = $cur_user['id'];
}
// Are any users moderators?
$group_ids = array_keys($user_groups);
$result = $db->query('SELECT g_id, g_moderator FROM '.$db->prefix.'groups WHERE g_id IN ('.implode(',', $group_ids).')') or error('Unable to fetch group moderators', __FILE__, __LINE__, $db->error());
while ($cur_group = $db->fetch_assoc($result))
{
if ($cur_group['g_moderator'] == '0')
unset($user_groups[$cur_group['g_id']]);
}
if (!empty($user_groups) && $new_group != PUN_ADMIN && $new_group_mod != '1')
{
// Fetch forum list and clean up their moderator list
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
foreach ($user_groups as $group_users)
$cur_moderators = array_diff($cur_moderators, $group_users);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
}
// Change user group
$db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group.' WHERE id IN ('.implode(',', $user_ids).')') or error('Unable to change user group', __FILE__, __LINE__, $db->error());
redirect('admin_users.php', $lang_admin_users['Users move redirect']);
}
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Users'], $lang_admin_users['Move users']);
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
generate_admin_menu('users');
?>
PUN_ADMIN)
message($lang_common['No permission'], false, '403 Forbidden');
confirm_referrer('admin_users.php');
if (isset($_POST['users']))
{
$user_ids = is_array($_POST['users']) ? array_keys($_POST['users']) : explode(',', $_POST['users']);
$user_ids = array_map('intval', $user_ids);
// Delete invalid IDs
$user_ids = array_diff($user_ids, array(0, 1));
}
else
$user_ids = array();
if (empty($user_ids))
message($lang_admin_users['No users selected']);
// Are we trying to delete any admins?
$result = $db->query('SELECT COUNT(*) FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).') AND group_id='.PUN_ADMIN) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->result($result) > 0)
message($lang_admin_users['No delete admins message']);
if (isset($_POST['delete_users_comply']))
{
// Fetch user groups
$user_groups = array();
$result = $db->query('SELECT id, group_id FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).')') or error('Unable to fetch user groups', __FILE__, __LINE__, $db->error());
while ($cur_user = $db->fetch_assoc($result))
{
if (!isset($user_groups[$cur_user['group_id']]))
$user_groups[$cur_user['group_id']] = array();
$user_groups[$cur_user['group_id']][] = $cur_user['id'];
}
// Are any users moderators?
$group_ids = array_keys($user_groups);
$result = $db->query('SELECT g_id, g_moderator FROM '.$db->prefix.'groups WHERE g_id IN ('.implode(',', $group_ids).')') or error('Unable to fetch group moderators', __FILE__, __LINE__, $db->error());
while ($cur_group = $db->fetch_assoc($result))
{
if ($cur_group['g_moderator'] == '0')
unset($user_groups[$cur_group['g_id']]);
}
// Fetch forum list and clean up their moderator list
$result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
while ($cur_forum = $db->fetch_assoc($result))
{
$cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
foreach ($user_groups as $group_users)
$cur_moderators = array_diff($cur_moderators, $group_users);
$cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';
$db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
}
// Delete any subscriptions
$db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id IN ('.implode(',', $user_ids).')') or error('Unable to delete topic subscriptions', __FILE__, __LINE__, $db->error());
$db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id IN ('.implode(',', $user_ids).')') or error('Unable to delete forum subscriptions', __FILE__, __LINE__, $db->error());
// Remove them from the online list (if they happen to be logged in)
$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id IN ('.implode(',', $user_ids).')') or error('Unable to remove users from online list', __FILE__, __LINE__, $db->error());
// Should we delete all posts made by these users?
if (isset($_POST['delete_posts']))
{
require PUN_ROOT.'include/search_idx.php';
@set_time_limit(0);
// Find all posts made by this user
$result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id IN ('.implode(',', $user_ids).')') or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
while ($cur_post = $db->fetch_assoc($result))
{
// Determine whether this post is the "topic post" or not
$result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if ($db->result($result2) == $cur_post['id'])
delete_topic($cur_post['topic_id']);
else
delete_post($cur_post['id'], $cur_post['topic_id']);
update_forum($cur_post['forum_id']);
}
}
}
else
// Set all their posts to guest
$db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id IN ('.implode(',', $user_ids).')') or error('Unable to update posts', __FILE__, __LINE__, $db->error());
// Delete the users
$db->query('DELETE FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).')') or error('Unable to delete users', __FILE__, __LINE__, $db->error());
// Delete user avatars
foreach ($user_ids as $user_id)
delete_avatar($user_id);
// Regenerate the users info cache
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
require PUN_ROOT.'include/cache.php';
generate_users_info_cache();
redirect('admin_users.php', $lang_admin_users['Users delete redirect']);
}
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Users'], $lang_admin_users['Delete users']);
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
generate_admin_menu('users');
?>
query('SELECT COUNT(*) FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).') AND group_id='.PUN_ADMIN) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
if ($db->result($result) > 0)
message($lang_admin_users['No ban admins message']);
// Also, we cannot ban moderators
$result = $db->query('SELECT COUNT(*) FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id WHERE g.g_moderator=1 AND u.id IN ('.implode(',', $user_ids).')') or error('Unable to fetch moderator group info', __FILE__, __LINE__, $db->error());
if ($db->result($result) > 0)
message($lang_admin_users['No ban mods message']);
if (isset($_POST['ban_users_comply']))
{
$ban_message = pun_trim($_POST['ban_message']);
$ban_expire = pun_trim($_POST['ban_expire']);
$ban_the_ip = isset($_POST['ban_the_ip']) ? intval($_POST['ban_the_ip']) : 0;
if ($ban_expire != '' && $ban_expire != 'Never')
{
$ban_expire = strtotime($ban_expire.' GMT');
if ($ban_expire == -1 || !$ban_expire)
message($lang_admin_users['Invalid date message'].' '.$lang_admin_users['Invalid date reasons']);
$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
$ban_expire -= $diff;
if ($ban_expire <= time())
message($lang_admin_users['Invalid date message'].' '.$lang_admin_users['Invalid date reasons']);
}
else
$ban_expire = 'NULL';
$ban_message = ($ban_message != '') ? '\''.$db->escape($ban_message).'\'' : 'NULL';
// Fetch user information
$user_info = array();
$result = $db->query('SELECT id, username, email, registration_ip FROM '.$db->prefix.'users WHERE id IN ('.implode(',', $user_ids).')') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
while ($cur_user = $db->fetch_assoc($result))
$user_info[$cur_user['id']] = array('username' => $cur_user['username'], 'email' => $cur_user['email'], 'ip' => $cur_user['registration_ip']);
// Overwrite the registration IP with one from the last post (if it exists)
if ($ban_the_ip != 0)
{
$result = $db->query('SELECT p.poster_id, p.poster_ip FROM '.$db->prefix.'posts AS p INNER JOIN (SELECT MAX(id) AS id FROM '.$db->prefix.'posts WHERE poster_id IN ('.implode(',', $user_ids).') GROUP BY poster_id) AS i ON p.id=i.id') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
while ($cur_address = $db->fetch_assoc($result))
$user_info[$cur_address['poster_id']]['ip'] = $cur_address['poster_ip'];
}
// And insert the bans!
foreach ($user_ids as $user_id)
{
$ban_username = '\''.$db->escape($user_info[$user_id]['username']).'\'';
$ban_email = '\''.$db->escape($user_info[$user_id]['email']).'\'';
$ban_ip = ($ban_the_ip != 0) ? '\''.$db->escape($user_info[$user_id]['ip']).'\'' : 'NULL';
$db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire, ban_creator) VALUES('.$ban_username.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.', '.$pun_user['id'].')') or error('Unable to add ban', __FILE__, __LINE__, $db->error());
}
// Regenerate the bans cache
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
require PUN_ROOT.'include/cache.php';
generate_bans_cache();
redirect('admin_users.php', $lang_admin_users['Users banned redirect']);
}
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']);
$focus_element = array('bans2', 'ban_message');
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
generate_admin_menu('users');
?>
'.$last_post_after;
}
if ($last_post_before != '')
{
$query_str[] = 'last_post_before='.$last_post_before;
$last_post_before = strtotime($last_post_before);
if ($last_post_before === false || $last_post_before == -1)
message($lang_admin_users['Invalid date time message']);
$conditions[] = 'u.last_post<'.$last_post_before;
}
if ($last_visit_after != '')
{
$query_str[] = 'last_visit_after='.$last_visit_after;
$last_visit_after = strtotime($last_visit_after);
if ($last_visit_after === false || $last_visit_after == -1)
message($lang_admin_users['Invalid date time message']);
$conditions[] = 'u.last_visit>'.$last_visit_after;
}
if ($last_visit_before != '')
{
$query_str[] = 'last_visit_before='.$last_visit_before;
$last_visit_before = strtotime($last_visit_before);
if ($last_visit_before === false || $last_visit_before == -1)
message($lang_admin_users['Invalid date time message']);
$conditions[] = 'u.last_visit<'.$last_visit_before;
}
if ($registered_after != '')
{
$query_str[] = 'registered_after='.$registered_after;
$registered_after = strtotime($registered_after);
if ($registered_after === false || $registered_after == -1)
message($lang_admin_users['Invalid date time message']);
$conditions[] = 'u.registered>'.$registered_after;
}
if ($registered_before != '')
{
$query_str[] = 'registered_before='.$registered_before;
$registered_before = strtotime($registered_before);
if ($registered_before === false || $registered_before == -1)
message($lang_admin_users['Invalid date time message']);
$conditions[] = 'u.registered<'.$registered_before;
}
$like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
foreach ($form as $key => $input)
{
if ($input != '' && in_array($key, array('username', 'email', 'title', 'realname', 'url', 'jabber', 'icq', 'msn', 'aim', 'yahoo', 'location', 'signature', 'admin_note')))
{
$conditions[] = 'u.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace(array('*', '_'), array('%', '\\_'), $input)).'\'';
$query_str[] = 'form%5B'.$key.'%5D='.urlencode($input);
}
}
if ($posts_greater != '')
{
$query_str[] = 'posts_greater='.$posts_greater;
$conditions[] = 'u.num_posts>'.$posts_greater;
}
if ($posts_less != '')
{
$query_str[] = 'posts_less='.$posts_less;
$conditions[] = 'u.num_posts<'.$posts_less;
}
if ($user_group > -1)
$conditions[] = 'u.group_id='.$user_group;
// Fetch user count
$result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'groups AS g ON g.g_id=u.group_id WHERE u.id>1'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '')) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
$num_users = $db->result($result);
// Determine the user offset (based on $_GET['p'])
$num_pages = ceil($num_users / 50);
$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']);
$start_from = 50 * ($p - 1);
// Generate paging links
$paging_links = ''.$lang_common['Pages'].' '.paginate($num_pages, $p, 'admin_users.php?find_user=&'.implode('&', $query_str));
// Some helper variables for permissions
$can_delete = $can_move = $pun_user['g_id'] == PUN_ADMIN;
$can_ban = $pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_moderator'] == '1' && $pun_user['g_mod_ban_users'] == '1');
$can_action = ($can_delete || $can_ban || $can_move) && $num_users > 0;
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Users'], $lang_admin_users['Results head']);
$page_head = array('js' => '');
define('PUN_ACTIVE_PAGE', 'admin');
require PUN_ROOT.'header.php';
?>