From a7ad15066371ce25096623bbca9072849675ecba Mon Sep 17 00:00:00 2001
From: nanosimbiot <nanosimbiot@a8ac35ab-4ca4-ca47-4c2d-a49a94f06293>
Date: Sat, 2 Jul 2011 13:18:40 +0000
Subject: [PATCH] r58
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Началось внедрение системы запретов git-svn-id: https://torrentpier2.googlecode.com/svn/trunk@58 a8ac35ab-4ca4-ca47-4c2d-a49a94f06293
---
 upload/admin/admin_users.php                  |  3 +-
 upload/ajax.php                               | 38 ++++++++++
 upload/includes/functions.php                 |  2 +-
 upload/includes/functions_torrent.php         | 10 ++-
 upload/includes/ucp/usercp_register.php       |  2 +-
 upload/includes/ucp/usercp_viewprofile.php    | 37 +++++++++-
 upload/posting.php                            |  1 -
 upload/privmsg.php                            | 10 ++-
 upload/templates/default/page_header.tpl      |  2 -
 upload/templates/default/usercp_register.tpl  | 19 ++++-
 .../templates/default/usercp_viewprofile.tpl  | 71 +++++++++++++++++++
 upload/viewtopic.php                          | 11 +--
 12 files changed, 179 insertions(+), 27 deletions(-)

diff --git a/upload/admin/admin_users.php b/upload/admin/admin_users.php
index 539fc744f..579defc26 100644
--- a/upload/admin/admin_users.php
+++ b/upload/admin/admin_users.php
@@ -496,7 +496,6 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset(
 		{
 			$update_user_opt = array(
 				'viewemail',
-				'attachsig',
 			);
 			$user_opt = $this_userdata['user_opt'];
 
@@ -625,7 +624,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset(
 		$viewemail = bf($this_userdata['user_opt'], 'user_opt', 'viewemail');
 		$notifypm = $this_userdata['user_notify_pm'];
 		$notifyreply = $this_userdata['user_notify'];
-		$attachsig = bf($this_userdata['user_opt'], 'user_opt', 'attachsig');
+		$attachsig = bf($this_userdata['user_opt'], 'user_opt', 'allow_sig');
 		$allowviewonline = $this_userdata['user_allow_viewonline'];
 
 		$user_avatar = $this_userdata['user_avatar'];
diff --git a/upload/ajax.php b/upload/ajax.php
index ec2ad17cf..18af35bbf 100644
--- a/upload/ajax.php
+++ b/upload/ajax.php
@@ -56,6 +56,7 @@ class ajax_common
 	//   ACTION NAME             AJAX_AUTH
 		'edit_user_profile' => array('admin'),
         'change_user_rank'  => array('admin'),
+        'change_user_opt'   => array('admin'),
 
 		'change_torrent'    => array('mod'),
 		'change_tor_status' => array('mod'),
@@ -301,6 +302,43 @@ class ajax_common
 		$this->response['html'] = ($rank_id != 0) ? 'Присвоено звание <b>'. $ranks[$rank_id]['rank_title'] .'</b>' : 'Звание снято';
 	}
 
+    function change_user_opt ()
+	{
+		global $userdata, $bf;
+
+		$user_id = (int) $this->request['user_id'];
+		$new_opt = bb_json_decode($this->request['user_opt']);
+
+		if (!$user_id OR !$u_data = get_userdata($user_id))
+		{
+			$this->ajax_die('invalid user_id');
+		}
+		if (!is_array($new_opt))
+		{
+			$this->ajax_die('invalid new_opt');
+		}
+
+		$user_can_change = array(
+			'hide_porn_forums',
+		);
+
+		foreach ($bf['user_opt'] as $opt_name => $opt_bit)
+		{
+			if (isset($new_opt[$opt_name]))
+			{
+				if (!IS_ADMIN && !in_array($opt_name, $user_can_change))
+				{
+					$this->ajax_die("not admin: $opt_name");
+				}
+				setbit($u_data['user_opt'], $opt_bit, !empty($new_opt[$opt_name]));
+			}
+		}
+
+		DB()->query("UPDATE ". BB_USERS ." SET user_opt = {$u_data['user_opt']} WHERE user_id = $user_id LIMIT 1");
+
+		$this->response['resp_html'] = 'сохранено';
+	}
+
 	function gen_passkey ()
 	{
 		global $userdata, $lang;
diff --git a/upload/includes/functions.php b/upload/includes/functions.php
index 2dc9f86f1..54a4f9219 100644
--- a/upload/includes/functions.php
+++ b/upload/includes/functions.php
@@ -565,7 +565,7 @@ $bf['forum_perm'] = array(
 
 $bf['user_opt'] = array(
 	'viewemail'        => 0,
-	'attachsig'        => 1,
+	'allow_sig'        => 1,
 	'allowavatar'      => 2,
 	'allow_pm'         => 3,
 	'allow_viewonline' => 4,
diff --git a/upload/includes/functions_torrent.php b/upload/includes/functions_torrent.php
index 4f55427d1..3570d6a0e 100644
--- a/upload/includes/functions_torrent.php
+++ b/upload/includes/functions_torrent.php
@@ -465,16 +465,14 @@ function send_torrent_with_passkey ($filename)
 		}
 	}
 
-
-
 	if (!$attachment['tracker_status'])
 	{
 		message_die(GENERAL_ERROR, $lang['PASSKEY_ERR_TOR_NOT_REG']);
 	}
 
-	if ($userdata['session_logged_in'] && !$userdata['user_allow_passkey'])
+	if (bf($userdata['user_opt'], 'user_opt', 'allow_passkey'))
 	{
-		message_die(GENERAL_ERROR, 'Could not add passkey<br /><br />You are not authorized to use passkey');
+		message_die(GENERAL_ERROR, 'Could not add passkey');
 	}
 
 	if ($bt_userdata = get_bt_userdata($user_id))
@@ -658,7 +656,7 @@ function generate_passkey ($user_id, $force_generate = false)
 	// Check if user can change passkey
 	if (!$force_generate)
 	{
-		$sql = "SELECT user_allow_passkey
+		$sql = "SELECT user_opt
 			FROM ". BB_USERS ."
 			WHERE user_id = $user_id
 			LIMIT 1";
@@ -669,7 +667,7 @@ function generate_passkey ($user_id, $force_generate = false)
 		}
 		if ($row = DB()->sql_fetchrow($result))
 		{
-			if (!$row['user_allow_passkey'])
+			if (bf($row['user_opt'], 'user_opt', 'allow_passkey'))
 			{
 				message_die(GENERAL_MESSAGE, $lang['NOT_AUTHORISED']);
 			}
diff --git a/upload/includes/ucp/usercp_register.php b/upload/includes/ucp/usercp_register.php
index 59aaf7b70..dbe072ad4 100644
--- a/upload/includes/ucp/usercp_register.php
+++ b/upload/includes/ucp/usercp_register.php
@@ -413,7 +413,7 @@ foreach ($profile_fields as $field => $can_edit)
 		$sig = isset($_POST['user_sig']) ? (string) $_POST['user_sig'] : $pr_data['user_sig'];
 		if ($submit)
 		{
-			if (strlen($sig) > $bb_cfg['max_sig_chars'])
+			if (mb_strlen($sig) > $bb_cfg['max_sig_chars'])
 			{
 				$errors[] = 'Слишком длинная подпись';
 			}
diff --git a/upload/includes/ucp/usercp_viewprofile.php b/upload/includes/ucp/usercp_viewprofile.php
index 48966a13e..08a9bff91 100644
--- a/upload/includes/ucp/usercp_viewprofile.php
+++ b/upload/includes/ucp/usercp_viewprofile.php
@@ -6,6 +6,8 @@ if ( !defined('IN_PHPBB') )
 	exit;
 }
 
+require(INC_DIR .'bbcode.php');
+
 $datastore->enqueue(array(
 	'ranks',
 ));
@@ -43,8 +45,7 @@ else
 {
 	$percentage = 0;
 }
-$avatar_img = '';
-$avatar_img = get_avatar($profiledata['user_avatar'], $profiledata['user_avatar_type'], $profiledata['user_allowavatar']);
+$avatar_img = get_avatar($profiledata['user_avatar'], $profiledata['user_avatar_type'], !bf($profiledata['user_opt'], 'user_opt', 'allowavatar'));
 
 if (!$ranks = $datastore->get('ranks'))
 {
@@ -148,6 +149,17 @@ if ($profiledata['user_level'] == ADMIN && !IS_ADMIN)
 }
 // IP Mod End
 
+$signature = ($bb_cfg['allow_sig'] && $profiledata['user_sig']) ? $profiledata['user_sig'] : '';
+
+if(bf($profiledata['user_opt'], 'user_opt', 'allow_sig'))
+{
+	$signature = 'Подпись удалена.';
+}
+else if ($signature)
+{
+	$signature = bbcode2html($signature);
+}
+
 $template->assign_vars(array(
 	'PAGE_TITLE' 	=> sprintf($lang['VIEWING_USER_PROFILE'], $profiledata['username']),
 	'USERNAME' 		=> $profiledata['username'],
@@ -195,6 +207,8 @@ $template->assign_vars(array(
 	'L_SEARCH_RELEASES' => $lang['SEARCH_USER_RELEASES'],
 
 	'S_PROFILE_ACTION'  => "profile.php",
+
+	'SIGNATURE'  => $signature,
 ));
 
 //bt
@@ -219,6 +233,25 @@ if (IS_ADMIN)
 		'U_MANAGE'      => "admin/admin_users.php?mode=edit&amp;u={$profiledata['user_id']}",
 		'U_PERMISSIONS' => "admin/admin_ug_auth.php?mode=user&amp;u={$profiledata['user_id']}",
 	));
+
+	$ajax_user_opt = bb_json_encode(array(
+		'allowavatar'      => bf($profiledata['user_opt'], 'user_opt', 'allowavatar'),
+		'allow_passkey'    => bf($profiledata['user_opt'], 'user_opt', 'allow_passkey'),
+		'allow_pm'         => bf($profiledata['user_opt'], 'user_opt', 'allow_pm'),
+		'allow_sig'        => bf($profiledata['user_opt'], 'user_opt', 'allow_sig'),
+	));
+
+	$template->assign_vars(array(
+		'EDITABLE_TPLS'    => true,
+		'AJAX_USER_OPT'    => $ajax_user_opt,
+		'EMAIL_ADDRESS'    => htmlCHR($profiledata['user_email']),
+	));
+}
+else
+{
+	$user_restrictions = array();
+
+	$template->assign_var('USER_RESTRICTIONS', join('</li><li>', $user_restrictions));
 }
 
 print_page('usercp_viewprofile.tpl');
diff --git a/upload/posting.php b/upload/posting.php
index fc9c091ed..f34c0de15 100644
--- a/upload/posting.php
+++ b/upload/posting.php
@@ -314,7 +314,6 @@ else
 	}
 }
 
-$attach_sig = ($submit || $refresh) ? (int) !empty($_POST['attach_sig']) : bf($userdata['user_opt'], 'user_opt', 'attachsig');
 $update_post_time = !empty($_POST['update_post_time']);
 
 execute_posting_attachment_handling();
diff --git a/upload/privmsg.php b/upload/privmsg.php
index 233db73ec..f1218ded1 100644
--- a/upload/privmsg.php
+++ b/upload/privmsg.php
@@ -1015,10 +1015,9 @@ else if ( $submit || $refresh || $mode != '' )
 		//
 		// Has admin prevented user from sending PM's?
 		//
-		if ( !$userdata['user_allow_pm'] )
+		if ( bf($userdata['user_opt'], 'user_opt', 'allow_pm') )
 		{
-			$message = $lang['CANNOT_SEND_PRIVMSG'];
-			message_die(GENERAL_MESSAGE, $message);
+			bb_die($lang['CANNOT_SEND_PRIVMSG']);
 		}
 
 		$msg_time = time();
@@ -1307,10 +1306,9 @@ else if ( $submit || $refresh || $mode != '' )
 	//
 	// Has admin prevented user from sending PM's?
 	//
-	if ( !$userdata['user_allow_pm'] && $mode != 'edit' )
+	if ( bf($userdata['user_opt'], 'user_opt', 'allow_pm') && $mode != 'edit' )
 	{
-		$message = $lang['CANNOT_SEND_PRIVMSG'];
-		message_die(GENERAL_MESSAGE, $message);
+		$message = ($lang['CANNOT_SEND_PRIVMSG']);
 	}
 
 	//
diff --git a/upload/templates/default/page_header.tpl b/upload/templates/default/page_header.tpl
index 45ef2c8bb..6818ec5d1 100644
--- a/upload/templates/default/page_header.tpl
+++ b/upload/templates/default/page_header.tpl
@@ -297,8 +297,6 @@ function OpenInEditor ($file, $line)
 				<!-- ELSE -->
 					<a href="{U_PRIVATEMSGS}"><b>{L_PRIVATE_MESSAGES}: {PM_INFO}</b></a>
 				<!-- ENDIF -->
-			<!-- ELSE -->
-				<a href="{U_PRIVATEMSGS}"><b>{L_SEND_PM_TXTB}</b></a>
 			<!-- ENDIF -->
 		</td>
 	</tr>
diff --git a/upload/templates/default/usercp_register.tpl b/upload/templates/default/usercp_register.tpl
index 19fad1596..4727c862d 100644
--- a/upload/templates/default/usercp_register.tpl
+++ b/upload/templates/default/usercp_register.tpl
@@ -139,10 +139,25 @@ ajax.callback.gen_passkey = function(data){
 	<td colspan="2" class="tCenter pad_12">Опция управления подписью отключена за нарушение <a href="{$bb_cfg['terms_and_conditions_url']}"><b>правил форума</b></a></td>
 </tr>
 <!-- ELSE -->
+<tr colspan="2" id="view_message" class="hidden">
+	<td colspan="2">
+	    <div class="signature"></div>
+	</td>
+</tr>
 <tr>
 	<td>Подпись:<h6>максимум {$bb_cfg['max_sig_chars']} символов</h6></td>
-	<td><textarea name="user_sig" rows="5" cols="60" style="width: 96%;">{USER_SIG}</textarea></td>
+	<td>
+		<textarea id="user_sig" name="user_sig" rows="5" cols="60" style="width: 96%;">{USER_SIG}</textarea>
+		<input type="button" value="Быстрый предпросмотр" onclick="ajax.exec({ action: 'view_message', message: $('textarea#user_sig').val() });">
+	</td>
 </tr>
+<script type="text/javascript">
+ajax.callback.view_message = function(data){
+    $('#view_message').show();
+    $('.signature').html(data.html);
+    initPostBBCode('.signature');
+};
+</script>
 <!-- ENDIF -->
 
 <!-- IF $bb_cfg['pm_notify_enabled'] -->
@@ -156,7 +171,7 @@ ajax.callback.gen_passkey = function(data){
 <!-- ENDIF -->
 <!-- IF $bb_cfg['porno_forums'] -->
 <tr>
-	<td>{$bb_cfg['lang_hide_porno_forums']}:</td>
+	<td>{L_HIDE_PORN_FORUMS}:</td>
 	<td>
 		<label><input type="radio" name="hide_porn_forums" value="1" <!-- IF HIDE_PORN_FORUMS -->checked="checked"<!-- ENDIF --> />	Да</label>&nbsp;&nbsp;
 		<label><input type="radio" name="hide_porn_forums" value="0" <!-- IF not HIDE_PORN_FORUMS -->checked="checked"<!-- ENDIF --> />	Нет</label>
diff --git a/upload/templates/default/usercp_viewprofile.tpl b/upload/templates/default/usercp_viewprofile.tpl
index dad7a86a0..c633fed36 100644
--- a/upload/templates/default/usercp_viewprofile.tpl
+++ b/upload/templates/default/usercp_viewprofile.tpl
@@ -31,6 +31,44 @@ ajax.change_user_rank = function(uid, rank_id) {
 ajax.callback.change_user_rank = function(data) {
 	$('#rank-msg').html(data.html);
 }
+
+ajax.user_opt = {AJAX_USER_OPT};
+
+// change_user_opt
+ajax.change_user_opt = function() {
+	ajax.exec({
+		action   : 'change_user_opt',
+		user_id  : {PROFILE_USER_ID},
+		user_opt : $.toJSON(ajax.user_opt)
+	});
+};
+ajax.callback.change_user_opt = function(data){
+	$('#user-opt-resp').html(data.resp_html);
+	$('#user-opt-save-btn').attr({ disabled: 0 });
+}
+
+$(document).ready(function(){
+	$('#user-opt').find('input[type=checkbox]').click(function(){
+		var $chbox = $(this);
+		var opt_name = $chbox.attr('name');
+		var opt_val  = $chbox.attr('checked') ? 1 : 0;
+		ajax.user_opt[opt_name] = opt_val;
+		$chbox.parents('label').toggleClass('bold');
+		$('#user-opt-save').show();
+	});
+	$('#user-opt').find('input[type=checkbox]').each(function(){
+		if (ajax.user_opt[ $(this).attr('name') ]) {
+			$(this).attr({checked: 'checked'});
+			$(this).parents('label').addClass('bold');
+		}
+	});
+	$('#user-opt-save-btn').click(function(){
+		this.disabled = 1;
+		$('#user-opt-resp').html('&nbsp;');
+		ajax.change_user_opt();
+	});
+	$('#user-opt').show();
+});
 </script>
 
 <var class="ajax-params">{action: "edit_user_profile", id: "username"}</var>
@@ -99,6 +137,32 @@ ajax.callback.change_user_rank = function(data) {
 		<!-- ENDIF -->
 		</table><!--/user_contacts-->
 
+		<!-- IF IS_ADMIN -->
+		<div id="user-opt" style="display: none;">
+			<fieldset class="mrg_6">
+			<style type="text/css"> #user-opt label { display: block; } </style>
+			<legend>Юзеру <b style="color: darkred;">ЗАПРЕЩЕНО</b></legend>
+			<div class="tLeft" style="padding: 2px 6px 6px; display: block;">
+				<label><input type="checkbox" name="allowavatar"      />показывать аватар</label>
+				<label><input type="checkbox" name="allow_passkey"    />passkey</label>
+				<label><input type="checkbox" name="allow_pm"         />отправлять лс</label>
+				<label><input type="checkbox" name="allow_sig"        />показывать подпись</label>
+			</div>
+			</fieldset>
+			<div id="user-opt-save" class="hidden">
+				<p><input id="user-opt-save-btn" class="bold long" type="button" value="&nbsp;&nbsp;Сохранить&nbsp;&nbsp;" /></p>
+				<p id="user-opt-resp" class="mrg_6"></p>
+			</div>
+		</div>
+		<!-- ELSEIF USER_RESTRICTIONS -->
+		<fieldset class="mrg_6">
+		<legend>Юзеру <b style="color: darkred;">ЗАПРЕЩЕНО</b></legend>
+			<div class="tLeft" style="padding: 4px 6px 8px 2px;">
+			<ul><li>{USER_RESTRICTIONS}</li></ul>
+			</div>
+		</fieldset>
+		<!-- ENDIF -->
+
 	</td>
 	<td class="row1" valign="top" width="70%">
 
@@ -189,6 +253,13 @@ ajax.callback.change_user_rank = function(data) {
 
 	</td>
 </tr>
+<!-- IF SIGNATURE -->
+<tr>
+	<td class="row1" colspan="2">
+	    <div class="signature">{SIGNATURE}</div>
+	</td>
+</tr>
+<!-- ENDIF -->
 <!-- Report -->
 <!-- BEGIN switch_report_user -->
 <tr>
diff --git a/upload/viewtopic.php b/upload/viewtopic.php
index 30c7f7666..d0c0f318a 100644
--- a/upload/viewtopic.php
+++ b/upload/viewtopic.php
@@ -372,7 +372,8 @@ $sql = "
 	SELECT
 	  u.username, u.user_id, u.user_posts, u.user_from,
 	  u.user_regdate, u.user_rank, u.user_sig,
-	  u.user_avatar, u.user_avatar_type, u.user_allowavatar,
+	  u.user_avatar, u.user_avatar_type,
+	  u.user_opt,
 	  p.*,
 	  h.post_html, IF(h.post_html IS NULL, pt.post_text, NULL) AS post_text,
 	  pt.post_subject
@@ -804,7 +805,7 @@ for($i = 0; $i < $total_posts; $i++)
 	$poster_avatar = '';
 	if ( !$user->opt_js['h_av'] && $poster_id != ANONYMOUS )
 	{
-		$poster_avatar = get_avatar($postrow[$i]['user_avatar'], $postrow[$i]['user_avatar_type'], $postrow[$i]['user_allowavatar']);
+		$poster_avatar = get_avatar($postrow[$i]['user_avatar'], $postrow[$i]['user_avatar_type'], !bf($postrow[$i]['user_opt'], 'user_opt', 'allowavatar'));
 	}
 
 	//
@@ -862,9 +863,11 @@ for($i = 0; $i < $total_posts; $i++)
 
 	$message = get_parsed_post($postrow[$i]);
 
-	$user_sig = ($bb_cfg['allow_sig'] && !$user->opt_js['h_sig'] && $postrow[$i]['enable_sig'] && $postrow[$i]['user_sig']) ? $postrow[$i]['user_sig'] : '';
+	$user_sig = ($bb_cfg['allow_sig'] && !$user->opt_js['h_sig'] && $postrow[$i]['user_sig']) ? $postrow[$i]['user_sig'] : '';
 
-	if ($user_sig)
+	if(bf($postrow[$i]['user_opt'], 'user_opt', 'allow_sig'))
+	{
		$user_sig = '������� �������.';
	}
+	else if ($user_sig)
 	{
 		$user_sig = bbcode2html($user_sig);
 	}