Home Explore Help
Register Sign In
Stortebeker
/
Gazelle
forked from Oppaitime/Gazelle
Watch 0
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
519 Commits
2 Branches
Tree: 7123f1d731
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7123f1d731'
${ noResults }
Gazelle/classes/users.class.php

users.class.php 27KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737 
  1. <?php

  2. class Users

  3. {

  4.     /**

  5.      * Get $Classes (list of classes keyed by ID) and $ClassLevels

  6.      *    (list of classes keyed by level)

  7.      * @return array ($Classes, $ClassLevels)

  8.      */

  9.     public static function get_classes()

  10.     {

  11.         global $Debug;

  12.         // Get permissions

  13.         list($Classes, $ClassLevels) = G::$Cache->get_value('classes');

  14.         if (!$Classes || !$ClassLevels) {

  15.             $QueryID = G::$DB->get_query_id();

  16.             G::$DB->query('

  17.         SELECT ID, Name, Abbreviation, Level, Secondary

  18.         FROM permissions

  19.         ORDER BY Level');

  20.             $Classes = G::$DB->to_array('ID');

  21.             $ClassLevels = G::$DB->to_array('Level');

  22.             G::$DB->set_query_id($QueryID);

  23.             G::$Cache->cache_value('classes', [$Classes, $ClassLevels], 0);

  24.         }

  25.         $Debug->set_flag('Loaded permissions');

  26. 

  27.         return [$Classes, $ClassLevels];

  28.     }

  29. 

  30. 

  31.     /**

  32.      * Get user info, is used for the current user and usernames all over the site.

  33.      *

  34.      * @param $UserID int   The UserID to get info for

  35.      * @return array with the following keys:

  36.      *  int     ID

  37.      *  string  Username

  38.      *  int     PermissionID

  39.      *  array   Paranoia - $Paranoia array sent to paranoia.class

  40.      *  boolean Artist

  41.      *  boolean Donor

  42.      *  string  Warned - When their warning expires in international time format

  43.      *  string  Avatar - URL

  44.      *  boolean Enabled

  45.      *  string  Title

  46.      *  string  CatchupTime - When they last caught up on forums

  47.      *  boolean Visible - If false, they don't show up on peer lists

  48.      *  array   ExtraClasses - Secondary classes.

  49.      *  int     EffectiveClass - the highest level of their main and secondary classes

  50.      *  array   Badges - list of all the user's badges of the form BadgeID => Displayed

  51.      */

  52.     public static function user_info($UserID)

  53.     {

  54.         global $Classes;

  55.         $UserInfo = G::$Cache->get_value("user_info_$UserID");

  56.         // the !isset($UserInfo['Paranoia']) can be removed after a transition period

  57.         if (empty($UserInfo) || empty($UserInfo['ID']) || !isset($UserInfo['Paranoia']) || empty($UserInfo['Class'])) {

  58.             $OldQueryID = G::$DB->get_query_id();

  59. 

  60.             G::$DB->query("

  61.         SELECT

  62.           m.ID,

  63.           m.Username,

  64.           m.PermissionID,

  65.           m.Paranoia,

  66.           i.Artist,

  67.           i.Donor,

  68.           i.Warned,

  69.           i.Avatar,

  70.           m.Enabled,

  71.           m.Title,

  72.           i.CatchupTime,

  73.           m.Visible,

  74.           la.Type AS LockedAccount,

  75.           GROUP_CONCAT(ul.PermissionID SEPARATOR ',') AS Levels

  76.         FROM users_main AS m

  77.           INNER JOIN users_info AS i ON i.UserID = m.ID

  78.           LEFT JOIN locked_accounts AS la ON la.UserID = m.ID

  79.           LEFT JOIN users_levels AS ul ON ul.UserID = m.ID

  80.         WHERE m.ID = '$UserID'

  81.         GROUP BY m.ID");

  82. 

  83.             if (!G::$DB->has_results()) { // Deleted user, maybe?

  84.                 $UserInfo = [

  85.                     'ID'           => $UserID,

  86.                     'Username'     => '',

  87.                     'PermissionID' => 0,

  88.                     'Paranoia'     => [],

  89.                     'Artist'       => false,

  90.                     'Donor'        => false,

  91.                     'Warned'       => null,

  92.                     'Avatar'       => '',

  93.                     'Enabled'      => 0,

  94.                     'Title'        => '',

  95.                     'CatchupTime'  => 0,

  96.                     'Visible'      => '1',

  97.                     'Levels'       => '',

  98.                     'Class'        => 0

  99.                   ];

  100.             } else {

  101.                 $UserInfo = G::$DB->next_record(MYSQLI_ASSOC, ['Paranoia', 'Title']);

  102.                 $UserInfo['CatchupTime'] = strtotime($UserInfo['CatchupTime']);

  103.                 if (!is_array($UserInfo['Paranoia'])) {

  104.                     $UserInfo['Paranoia'] = json_decode($UserInfo['Paranoia'], true);

  105.                 }

  106.                 if (!$UserInfo['Paranoia']) {

  107.                     $UserInfo['Paranoia'] = [];

  108.                 }

  109.                 $UserInfo['Class'] = $Classes[$UserInfo['PermissionID']]['Level'];

  110. 

  111.                 G::$DB->query("

  112.           SELECT BadgeID, Displayed

  113.           FROM users_badges

  114.           WHERE UserID = ".$UserID);

  115. 

  116.                 $Badges = [];

  117.                 if (G::$DB->has_results()) {

  118.                     while (list($BadgeID, $Displayed) = G::$DB->next_record()) {

  119.                         $Badges[$BadgeID] = $Displayed;

  120.                     }

  121.                 }

  122.                 $UserInfo['Badges'] = $Badges;

  123.             }

  124. 

  125.             if (isset($UserInfo['LockedAccount']) && $UserInfo['LockedAccount'] == "") {

  126.                 unset($UserInfo['LockedAccount']);

  127.             }

  128. 

  129.             if (!empty($UserInfo['Levels'])) {

  130.                 $UserInfo['ExtraClasses'] = array_fill_keys(explode(',', $UserInfo['Levels']), 1);

  131.             } else {

  132.                 $UserInfo['ExtraClasses'] = [];

  133.             }

  134.             unset($UserInfo['Levels']);

  135.             $EffectiveClass = $UserInfo['Class'];

  136.             foreach ($UserInfo['ExtraClasses'] as $Class => $Val) {

  137.                 $EffectiveClass = max($EffectiveClass, $Classes[$Class]['Level']);

  138.             }

  139.             $UserInfo['EffectiveClass'] = $EffectiveClass;

  140. 

  141.             G::$Cache->cache_value("user_info_$UserID", $UserInfo, 2592000);

  142.             G::$DB->set_query_id($OldQueryID);

  143.         }

  144.         if (strtotime($UserInfo['Warned']) < time()) {

  145.             $UserInfo['Warned'] = null;

  146.             G::$Cache->cache_value("user_info_$UserID", $UserInfo, 2592000);

  147.         }

  148. 

  149.         return $UserInfo;

  150.     }

  151. 

  152.     /**

  153.      * Gets the heavy user info

  154.      * Only used for current user

  155.      *

  156.      * @param $UserID The userid to get the information for

  157.      * @return fetched heavy info.

  158.      *    Just read the goddamn code, I don't have time to comment this shit.

  159.      */

  160.     public static function user_heavy_info($UserID)

  161.     {

  162.         $HeavyInfo = G::$Cache->get_value("user_info_heavy_$UserID");

  163.         if (empty($HeavyInfo)) {

  164.             $QueryID = G::$DB->get_query_id();

  165.             G::$DB->query("

  166.         SELECT

  167.           m.Invites,

  168.           m.torrent_pass,

  169.           m.IP,

  170.           m.CustomPermissions,

  171.           m.can_leech AS CanLeech,

  172.           i.AuthKey,

  173.           i.RatioWatchEnds,

  174.           i.RatioWatchDownload,

  175.           i.StyleID,

  176.           i.StyleURL,

  177.           i.DisableInvites,

  178.           i.DisablePosting,

  179.           i.DisableUpload,

  180.           i.DisableWiki,

  181.           i.DisableAvatar,

  182.           i.DisablePM,

  183.           i.DisablePoints,

  184.           i.DisablePromotion,

  185.           i.DisableRequests,

  186.           i.DisableForums,

  187.           i.DisableTagging,

  188.           i.SiteOptions,

  189.           i.LastReadNews,

  190.           i.LastReadBlog,

  191.           i.RestrictedForums,

  192.           i.PermittedForums,

  193.           m.FLTokens,

  194.           m.BonusPoints,

  195.           m.HnR,

  196.           m.PermissionID

  197.         FROM users_main AS m

  198.           INNER JOIN users_info AS i ON i.UserID = m.ID

  199.         WHERE m.ID = '$UserID'");

  200.             $HeavyInfo = G::$DB->next_record(MYSQLI_ASSOC, ['CustomPermissions', 'SiteOptions']);

  201. 

  202.             $HeavyInfo['CustomPermissions'] = [];

  203.             if (!empty($HeavyInfo['CustomPermissions'])) {

  204.                 $HeavyInfo['CustomPermissions'] = json_decode($HeavyInfo['CustomPermissions'], true);

  205.             }

  206. 

  207.             $RestrictedForums = [];

  208.             if (!empty($HeavyInfo['RestrictedForums'])) {

  209.                 $RestrictedForums = array_map('trim', explode(',', $HeavyInfo['RestrictedForums']));

  210.             }

  211.             unset($HeavyInfo['RestrictedForums']);

  212. 

  213.             $PermittedForums = [];

  214.             if (!empty($HeavyInfo['PermittedForums'])) {

  215.                 $PermittedForums = array_map('trim', explode(',', $HeavyInfo['PermittedForums']));

  216.             }

  217.             unset($HeavyInfo['PermittedForums']);

  218. 

  219.             G::$DB->query("

  220.         SELECT PermissionID

  221.         FROM users_levels

  222.         WHERE UserID = $UserID");

  223.             $PermIDs = G::$DB->collect('PermissionID');

  224.             foreach ($PermIDs as $PermID) {

  225.                 $Perms = Permissions::get_permissions($PermID);

  226.                 if (!empty($Perms['PermittedForums'])) {

  227.                     $PermittedForums = array_merge($PermittedForums, array_map('trim', explode(',', $Perms['PermittedForums'])));

  228.                 }

  229.             }

  230.             $Perms = Permissions::get_permissions($HeavyInfo['PermissionID']);

  231.             unset($HeavyInfo['PermissionID']);

  232.             if (!empty($Perms['PermittedForums'])) {

  233.                 $PermittedForums = array_merge($PermittedForums, array_map('trim', explode(',', $Perms['PermittedForums'])));

  234.             }

  235. 

  236.             $HeavyInfo['CustomForums'] = null;

  237.             if (!empty($PermittedForums) || !empty($RestrictedForums)) {

  238.                 $HeavyInfo['CustomForums'] = [];

  239.                 foreach ($RestrictedForums as $ForumID) {

  240.                     $HeavyInfo['CustomForums'][$ForumID] = 0;

  241.                 }

  242.                 foreach ($PermittedForums as $ForumID) {

  243.                     $HeavyInfo['CustomForums'][$ForumID] = 1;

  244.                 }

  245.             }

  246.             if (isset($HeavyInfo['CustomForums'][''])) {

  247.                 unset($HeavyInfo['CustomForums']['']);

  248.             }

  249. 

  250.             $HeavyInfo['SiteOptions'] = json_decode($HeavyInfo['SiteOptions'], true);

  251.             if (!empty($HeavyInfo['SiteOptions'])) {

  252.                 $HeavyInfo = array_merge($HeavyInfo, $HeavyInfo['SiteOptions']);

  253.             }

  254.             unset($HeavyInfo['SiteOptions']);

  255. 

  256.             G::$DB->set_query_id($QueryID);

  257. 

  258.             G::$Cache->cache_value("user_info_heavy_$UserID", $HeavyInfo, 0);

  259.         }

  260.         return $HeavyInfo;

  261.     }

  262. 

  263.     /**

  264.      * Updates the site options in the database

  265.      *

  266.      * @param int $UserID the UserID to set the options for

  267.      * @param array $NewOptions the new options to set

  268.      * @return false if $NewOptions is empty, true otherwise

  269.      */

  270.     public static function update_site_options($UserID, $NewOptions)

  271.     {

  272.         if (!is_number($UserID)) {

  273.             error(0);

  274.         }

  275.         if (empty($NewOptions)) {

  276.             return false;

  277.         }

  278. 

  279.         $QueryID = G::$DB->get_query_id();

  280. 

  281.         // Get SiteOptions

  282.         G::$DB->query("

  283.       SELECT SiteOptions

  284.       FROM users_info

  285.       WHERE UserID = $UserID");

  286.         list($SiteOptions) = G::$DB->next_record(MYSQLI_NUM, false);

  287.         $SiteOptions = json_decode($SiteOptions, true);

  288. 

  289.         // Get HeavyInfo

  290.         $HeavyInfo = Users::user_heavy_info($UserID);

  291. 

  292.         // Insert new/replace old options

  293.         $SiteOptions = array_merge($SiteOptions, $NewOptions);

  294.         $HeavyInfo = array_merge($HeavyInfo, $NewOptions);

  295. 

  296.         // Update DB

  297.         G::$DB->query("

  298.       UPDATE users_info

  299.       SET SiteOptions = '".db_string(json_encode($SiteOptions, true))."'

  300.       WHERE UserID = $UserID");

  301.         G::$DB->set_query_id($QueryID);

  302. 

  303.         // Update cache

  304.         G::$Cache->cache_value("user_info_heavy_$UserID", $HeavyInfo, 0);

  305. 

  306.         // Update G::$LoggedUser if the options are changed for the current

  307.         if (G::$LoggedUser['ID'] == $UserID) {

  308.             G::$LoggedUser = array_merge(G::$LoggedUser, $NewOptions);

  309.             G::$LoggedUser['ID'] = $UserID; // We don't want to allow userid switching

  310.         }

  311.         return true;

  312.     }

  313. 

  314.     /**

  315.      * Generate a random string

  316.      *

  317.      * @param Length

  318.      * @return random alphanumeric string

  319.      */

  320.     public static function make_secret($Length = 32)

  321.     {

  322.         $Secret = '';

  323.         $Chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';

  324.         for ($i = 0; $i < $Length; $i++) {

  325.             $Secret .= $Chars[random_int(0, strlen($Chars)-1)];

  326.         }

  327.         return str_shuffle($Secret);

  328.     }

  329. 

  330.     /**

  331.      * Verify a password against a password hash

  332.      *

  333.      * @param $Password password

  334.      * @param $Hash password hash

  335.      * @return true on correct password

  336.      */

  337.     public static function check_password($Password, $Hash)

  338.     {

  339.         if (!$Password || !$Hash) {

  340.             return false;

  341.         }

  342.         return password_verify(str_replace("\0", "", hash("sha512", $Password, true)), $Hash);

  343.     }

  344. 

  345.     /**

  346.      * Create salted hash for a given string

  347.      *

  348.      * @param $Str string to hash

  349.      * @return salted hash

  350.      */

  351.     public static function make_sec_hash($Str)

  352.     {

  353.         return password_hash(str_replace("\0", "", hash("sha512", $Str, true)), PASSWORD_DEFAULT);

  354.     }

  355. 

  356.     /**

  357.      * Returns a username string for display

  358.      *

  359.      * @param int $UserID

  360.      * @param boolean $Badges whether or not badges (donor, warned, enabled) should be shown

  361.      * @param boolean $IsWarned

  362.      * @param boolean $IsEnabled

  363.      * @param boolean $Class whether or not to show the class

  364.      * @param boolean $Title whether or not to show the title

  365.      * @param boolean $IsDonorForum for displaying donor forum honorific prefixes and suffixes

  366.      * @return HTML formatted username

  367.      */

  368.     public static function format_username($UserID, $Badges = false, $IsWarned = true, $IsEnabled = true, $Class = false, $Title = false, $IsDonorForum = false)

  369.     {

  370.         global $Classes;

  371. 

  372.         if ($UserID == 0) {

  373.             return 'System';

  374.         }

  375. 

  376.         $UserInfo = self::user_info($UserID);

  377.         if ($UserInfo['Username'] == '') {

  378.             return "Unknown [$UserID]";

  379.         }

  380. 

  381.         $Str = '';

  382. 

  383.         $Username = $UserInfo['Username'];

  384.         $Paranoia = $UserInfo['Paranoia'];

  385. 

  386.         if ($UserInfo['Class'] < $Classes[MOD]['Level']) {

  387.             $OverrideParanoia = check_perms('users_override_paranoia', $UserInfo['Class']);

  388.         } else {

  389.             // Don't override paranoia for mods who don't want to show their donor heart

  390.             $OverrideParanoia = false;

  391.         }

  392.         $ShowDonorIcon = (!in_array('hide_donor_heart', $Paranoia) || $OverrideParanoia);

  393. 

  394.         if ($IsDonorForum) {

  395.             list($Prefix, $Suffix, $HasComma) = Donations::get_titles($UserID);

  396.             $Username = "$Prefix $Username" . ($HasComma ? ', ' : ' ') . "$Suffix ";

  397.         }

  398. 

  399.         if ($Title) {

  400.             $Str .= "<strong><a href=\"user.php?id=$UserID\">$Username</a></strong>";

  401.         } else {

  402.             $Str .= "<a href=\"user.php?id=$UserID\">$Username</a>";

  403.         }

  404.         if ($Badges) {

  405.             $DonorRank = Donations::get_rank($UserID);

  406.             if ($DonorRank == 0 && $UserInfo['Donor'] == 1) {

  407.                 $DonorRank = 1;

  408.             }

  409.             if ($ShowDonorIcon && $DonorRank > 0) {

  410.                 $IconLink = 'donate.php';

  411.                 $IconImage = 'donor.png';

  412.                 $IconText = 'Donor';

  413.                 $DonorHeart = $DonorRank;

  414.                 $SpecialRank = Donations::get_special_rank($UserID);

  415.                 $EnabledRewards = Donations::get_enabled_rewards($UserID);

  416.                 $DonorRewards = Donations::get_rewards($UserID);

  417.                 if ($EnabledRewards['HasDonorIconMouseOverText'] && !empty($DonorRewards['IconMouseOverText'])) {

  418.                     $IconText = display_str($DonorRewards['IconMouseOverText']);

  419.                 }

  420.                 if ($EnabledRewards['HasDonorIconLink'] && !empty($DonorRewards['CustomIconLink'])) {

  421.                     $IconLink = display_str($DonorRewards['CustomIconLink']);

  422.                 }

  423.                 if ($EnabledRewards['HasCustomDonorIcon'] && !empty($DonorRewards['CustomIcon'])) {

  424.                     $IconImage = ImageTools::process($DonorRewards['CustomIcon']);

  425.                 } else {

  426.                     if ($SpecialRank === MAX_SPECIAL_RANK) {

  427.                         $DonorHeart = 6;

  428.                     } elseif ($DonorRank === 5) {

  429.                         $DonorHeart = 4; // Two points between rank 4 and 5

  430.                     } elseif ($DonorRank >= MAX_RANK) {

  431.                         $DonorHeart = 5;

  432.                     }

  433.                     if ($DonorHeart === 1) {

  434.                         $IconImage = STATIC_SERVER . 'common/symbols/donor.png';

  435.                     } else {

  436.                         $IconImage = STATIC_SERVER . "common/symbols/donor_{$DonorHeart}.png";

  437.                     }

  438.                 }

  439.                 $Str .= "<a target=\"_blank\" href=\"$IconLink\"><img class=\"donor_icon tooltip\" src=\"$IconImage\" alt=\"$IconText\" title=\"$IconText\" /></a>";

  440.             }

  441.             $Str .= Badges::display_badges(Badges::get_displayed_badges($UserID), true);

  442.         }

  443. 

  444.         $Str .= ($IsWarned && $UserInfo['Warned']) ? '<a href="wiki.php?action=article&amp;name=warnings"'

  445.           . '><img src="'.STATIC_SERVER.'common/symbols/warned.png" alt="Warned" title="Warned'

  446.           . (G::$LoggedUser['ID'] === $UserID ? ' - Expires ' . date('Y-m-d H:i', strtotime($UserInfo['Warned'])) : '')

  447.           . '" class="tooltip" /></a>' : '';

  448.         $Str .= ($IsEnabled && $UserInfo['Enabled'] == 2) ? '<a href="rules.php"><img src="'.STATIC_SERVER.'common/symbols/disabled.png" alt="Banned" title="Disabled" class="tooltip" /></a>' : '';

  449. 

  450.         if ($Class) {

  451.             foreach (array_keys($UserInfo['ExtraClasses']) as $ExtraClass) {

  452.                 $Str .= ' ['.Users::make_class_abbrev_string($ExtraClass).']';

  453.             }

  454.             if ($Title) {

  455.                 $Str .= ' <strong>('.Users::make_class_string($UserInfo['PermissionID']).')</strong>';

  456.             } else {

  457.                 $Str .= ' ('.Users::make_class_string($UserInfo['PermissionID']).')';

  458.             }

  459.         }

  460. 

  461.         if ($Title) {

  462.             // Image proxy CTs

  463.             if (check_perms('site_proxy_images') && !empty($UserInfo['Title'])) {

  464.                 $UserInfo['Title'] = preg_replace_callback(

  465.                     '~src=("?)(http.+?)(["\s>])~',

  466.                     function ($Matches) {

  467.                         return 'src=' . $Matches[1] . ImageTools::process($Matches[2]) . $Matches[3];

  468.                     },

  469.                     $UserInfo['Title']

  470.                 );

  471.             }

  472. 

  473.             if ($UserInfo['Title']) {

  474.                 $Str .= ' <span class="user_title">('.$UserInfo['Title'].')</span>';

  475.             }

  476.         }

  477.         return $Str;

  478.     }

  479. 

  480.     /**

  481.      * Given a class ID, return its name.

  482.      *

  483.      * @param int $ClassID

  484.      * @return string name

  485.      */

  486.     public static function make_class_string($ClassID)

  487.     {

  488.         global $Classes;

  489.         return $Classes[$ClassID]['Name'];

  490.     }

  491. 

  492.     public static function make_class_abbrev_string($ClassID)

  493.     {

  494.         global $Classes;

  495.         return '<abbr title="'.$Classes[$ClassID]['Name'].'">'.$Classes[$ClassID]['Abbreviation'].'</abbr>';

  496.     }

  497. 

  498.     /**

  499.      * Returns an array with User Bookmark data: group IDs, collage data, torrent data

  500.      * @param string|int $UserID

  501.      * @return array Group IDs, Bookmark Data, Torrent List

  502.      */

  503.     public static function get_bookmarks($UserID)

  504.     {

  505.         $UserID = (int)$UserID;

  506. 

  507.         if (($Data = G::$Cache->get_value("bookmarks_group_ids_$UserID"))) {

  508.             list($GroupIDs, $BookmarkData) = $Data;

  509.         } else {

  510.             $QueryID = G::$DB->get_query_id();

  511.             G::$DB->query("

  512.         SELECT GroupID, Sort, `Time`

  513.         FROM bookmarks_torrents

  514.         WHERE UserID = $UserID

  515.         ORDER BY Sort, `Time` ASC");

  516.             $GroupIDs = G::$DB->collect('GroupID');

  517.             $BookmarkData = G::$DB->to_array('GroupID', MYSQLI_ASSOC);

  518.             G::$DB->set_query_id($QueryID);

  519.             G::$Cache->cache_value("bookmarks_group_ids_$UserID", [$GroupIDs, $BookmarkData], 3600);

  520.         }

  521. 

  522.         $TorrentList = Torrents::get_groups($GroupIDs);

  523. 

  524.         return [$GroupIDs, $BookmarkData, $TorrentList];

  525.     }

  526. 

  527.     /**

  528.      * Generate HTML for a user's avatar or just return the avatar URL

  529.      * @param unknown $Avatar

  530.      * @param unknown $UserID

  531.      * @param unknown $Username

  532.      * @param unknown $Setting

  533.      * @param number $Size

  534.      * @param string $ReturnHTML

  535.      * @return string

  536.      */

  537.     public static function show_avatar($Avatar, $UserID, $Username, $Setting, $Size = 150, $ReturnHTML = true)

  538.     {

  539.         $Avatar = ImageTools::process($Avatar, 'avatar');

  540.         $Style = 'style="max-height: 400px;"';

  541.         $AvatarMouseOverText = '';

  542.         $SecondAvatar = '';

  543.         $Class = 'class="double_avatar"';

  544.         $EnabledRewards = Donations::get_enabled_rewards($UserID);

  545. 

  546.         if ($EnabledRewards['HasAvatarMouseOverText']) {

  547.             $Rewards = Donations::get_rewards($UserID);

  548.             $AvatarMouseOverText = $Rewards['AvatarMouseOverText'];

  549.         }

  550.         if (!empty($AvatarMouseOverText)) {

  551.             $AvatarMouseOverText =  "title=\"$AvatarMouseOverText\" alt=\"$AvatarMouseOverText\"";

  552.         } else {

  553.             $AvatarMouseOverText = "alt=\"$Username's avatar\"";

  554.         }

  555.         if ($EnabledRewards['HasSecondAvatar'] && !empty($Rewards['SecondAvatar'])) {

  556.             $SecondAvatar = ' data-gazelle-second-avatar="' . ImageTools::process($Rewards['SecondAvatar'], 'avatar') . '"';

  557.         }

  558.         // case 1 is avatars disabled

  559.         switch ($Setting) {

  560.             case 0:

  561.                 if (!empty($Avatar)) {

  562.                     $ToReturn = ($ReturnHTML ? "<a href=\"user.php?id=$UserID\"><img src=\"$Avatar\" ".($Size?"width=\"$Size\" ":"")."$Style $AvatarMouseOverText$SecondAvatar $Class /></a>" : $Avatar);

  563.                 } else {

  564.                     $URL = STATIC_SERVER.'common/avatars/default.png';

  565.                     $ToReturn = ($ReturnHTML ? "<img src=\"$URL\" width=\"$Size\" $Style $AvatarMouseOverText$SecondAvatar />" : $URL);

  566.                 }

  567.                 break;

  568.             case 2:

  569.                 $ShowAvatar = true;

  570.                 // no break

  571.             case 3:

  572.                 switch (G::$LoggedUser['Identicons']) {

  573.                     case 0:

  574.                         $Type = 'identicon';

  575.                         break;

  576.                     case 1:

  577.                         $Type = 'monsterid';

  578.                         break;

  579.                     case 2:

  580.                         $Type = 'wavatar';

  581.                         break;

  582.                     case 3:

  583.                         $Type = 'retro';

  584.                         break;

  585.                     case 4:

  586.                         $Type = '1';

  587.                         $Robot = true;

  588.                         break;

  589.                     case 5:

  590.                         $Type = '2';

  591.                         $Robot = true;

  592.                         break;

  593.                     case 6:

  594.                         $Type = '3';

  595.                         $Robot = true;

  596.                         break;

  597.                     default:

  598.                         $Type = 'identicon';

  599.                 }

  600.                 $Rating = 'pg';

  601.                 if (!isset($Robot) || !$Robot) {

  602.                     $URL = 'https://secure.gravatar.com/avatar/'.md5(strtolower(trim($Username)))."?s=$Size&amp;d=$Type&amp;r=$Rating";

  603.                 } else {

  604.                     $URL = 'https://robohash.org/'.md5($Username)."?set=set$Type&amp;size={$Size}x$Size";

  605.                 }

  606.                 if ($ShowAvatar == true && !empty($Avatar)) {

  607.                     $ToReturn = ($ReturnHTML ? "<img src=\"$Avatar\" width=\"$Size\" $Style $AvatarMouseOverText$SecondAvatar $Class />" : $Avatar);

  608.                 } else {

  609.                     $ToReturn = ($ReturnHTML ? "<img src=\"$URL\" width=\"$Size\" $Style $AvatarMouseOverText $Class />" : $URL);

  610.                 }

  611.                 break;

  612.             default:

  613.                 $URL = STATIC_SERVER.'common/avatars/default.png';

  614.                 $ToReturn = ($ReturnHTML ? "<img src=\"$URL\" width=\"$Size\" $Style $AvatarMouseOverText$SecondAvatar $Class/>" : $URL);

  615.         }

  616.         return $ToReturn;

  617.     }

  618. 

  619.     public static function has_avatars_enabled()

  620.     {

  621.         global $HeavyInfo;

  622.         return isset($HeavyInfo['DisableAvatars']) && ($HeavyInfo['DisableAvatars'] != 1);

  623.     }

  624. 

  625.     /**

  626.      * Checks whether user has autocomplete enabled

  627.      *

  628.      * 0 - Enabled everywhere (default), 1 - Disabled, 2 - Searches only

  629.      *

  630.      * @param string $Type the type of the input.

  631.      * @param boolean $Output echo out HTML

  632.      * @return boolean

  633.      */

  634.     public static function has_autocomplete_enabled($Type, $Output = true)

  635.     {

  636.         $Enabled = false;

  637.         if (empty(G::$LoggedUser['AutoComplete'])) {

  638.             $Enabled = true;

  639.         } elseif (G::$LoggedUser['AutoComplete'] !== 1) {

  640.             switch ($Type) {

  641.                 case 'search':

  642.                     if (G::$LoggedUser['AutoComplete'] == 2) {

  643.                         $Enabled = true;

  644.                     }

  645.                     break;

  646.                 case 'other':

  647.                     if (G::$LoggedUser['AutoComplete'] != 2) {

  648.                         $Enabled = true;

  649.                     }

  650.                     break;

  651.             }

  652.         }

  653.         if ($Enabled && $Output) {

  654.             echo ' data-gazelle-autocomplete="true"';

  655.         }

  656.         if (!$Output) {

  657.             // don't return a boolean if you're echoing HTML

  658.             return $Enabled;

  659.         }

  660.     }

  661. 

  662.     /*

  663.      * Initiate a password reset

  664.      *

  665.      * @param int $UserID The user ID

  666.      * @param string $Username The username

  667.      * @param string $Email The email address

  668.      */

  669.     public static function reset_password($UserID, $Username, $Email)

  670.     {

  671.         $ResetKey = Users::make_secret();

  672.         G::$DB->query("

  673.       UPDATE users_info

  674.       SET

  675.         ResetKey = '" . db_string($ResetKey) . "',

  676.         ResetExpires = '" . time_plus(60 * 60) . "'

  677.       WHERE UserID = '$UserID'");

  678.         require_once(SERVER_ROOT . '/classes/templates.class.php');

  679.         $TPL = new TEMPLATE;

  680.         $TPL->open(SERVER_ROOT . '/templates/password_reset.tpl'); // Password reset template

  681.         $TPL->set('Username', $Username);

  682.         $TPL->set('ResetKey', $ResetKey);

  683.         $TPL->set('IP', $_SERVER['REMOTE_ADDR']);

  684.         $TPL->set('SITE_NAME', SITE_NAME);

  685.         $TPL->set('SITE_DOMAIN', SITE_DOMAIN);

  686. 

  687.         Misc::send_email($Email, 'Password reset information for ' . SITE_NAME, $TPL->get(), 'noreply');

  688.     }

  689. 

  690. 

  691.     /*

  692.      * Authorize a new location

  693.      *

  694.      * @param int $UserID The user ID

  695.      * @param string $Username The username

  696.      * @param int $ASN The ASN

  697.      * @param string $Email The email address

  698.      */

  699.     public static function auth_location($UserID, $Username, $ASN, $Email)

  700.     {

  701.         $AuthKey = Users::make_secret();

  702.         G::$Cache->cache_value('new_location_'.$AuthKey, ['UserID'=>$UserID, 'ASN'=>$ASN], 3600*2);

  703.         require_once(SERVER_ROOT . '/classes/templates.class.php');

  704.         $TPL = new TEMPLATE;

  705.         $TPL->open(SERVER_ROOT . '/templates/new_location.tpl');

  706.         $TPL->set('Username', $Username);

  707.         $TPL->set('AuthKey', $AuthKey);

  708.         $TPL->set('IP', $_SERVER['REMOTE_ADDR']);

  709.         $TPL->set('SITE_NAME', SITE_NAME);

  710.         $TPL->set('SITE_DOMAIN', SITE_DOMAIN);

  711. 

  712.         Misc::send_email($Email, 'Login from new location for '.SITE_NAME, $TPL->get(), 'noreply');

  713.     }

  714.     /*

  715.      * @return array of strings that can be added to next source flag ( [current, old] )

  716.      */

  717.     public static function get_upload_sources()

  718.     {

  719.         if (!($SourceKey = G::$Cache->get_value('source_key_new'))) {

  720.             G::$Cache->cache_value('source_key_new', $SourceKey = [Users::make_secret(), time()]);

  721.         }

  722.         $SourceKeyOld = G::$Cache->get_value('source_key_old');

  723.         if ($SourceKey[1]-time() > 3600) {

  724.             G::$Cache->cache_value('source_key_old', $SourceKeyOld = $SourceKey);

  725.             G::$Cache->cache_value('source_key_new', $SourceKey = [Users::make_secret(), time()]);

  726.         }

  727.         G::$DB->query("

  728.       SELECT

  729.         COUNT(ID)

  730.       FROM torrents

  731.       WHERE UserID = ".G::$LoggedUser['ID']);

  732.         list($Uploads) = G::$DB->next_record();

  733.         $Source[0] = SITE_NAME.'-'.substr(hash('sha256', $SourceKey[0].G::$LoggedUser['ID'].$Uploads), 0, 10);

  734.         $Source[1] = $SourceKeyOld ? SITE_NAME.'-'.substr(hash('sha256', $SourceKeyOld[0].G::$LoggedUser['ID'].$Uploads), 0, 10) : $Source[0];

  735.         return $Source;

  736.     }

  737. }