Codezwiz >> Forums >> Codezwiz PHP Nuke Help >> Restrict Signature Size not working

I have this hack installed on my forum, but it does not appear to be working. I have gone back and made sure that I edited all the files I needed to edit, and I had. I made sure everything had been added to the database. It has. But folks are still able to upload any sized signature they want.

How can I help you help me fix this?

Thank you in advance.

DId you configure it an the admin panel to restrict them and to what sizes?

Sorry for not adding that.

Yes, it has been configured in the admin panel, and that configuration is showing up properly in the database as well. I have it set to limit it to 300 x 300, but it's not doing this.

Where there sigs allready made before you added this. Im not sure that it changes them so much as it doesnt allow them to make them that large. Paste you includes/usercp_register.php for me to take a look at.

Sorry for the delay on this. I had surgery and am just getting back up and running.

Answering the question: It doesn't matter if it's an existing signature or a new one. I can upload a 1024x768 image and it allows it, even though I've got it configed to 300x300.

Here is the code you asked for.

[code:1:0e1c6cf338]<?php
/***************************************************************************
* usercp_register.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : [ Register or login to view links on this board. ]
*
* $Id: usercp_register.php,v 1.20.2.56 2004/03/13 15:08:22 acydburn Exp $
*
*
***************************************************************************/
/***************************************************************************
* phpbb2 forums port version 2.0.5 (c) 2003 - Nuke Cops (http://nukecops.com)
*
* Ported by Nuke Cops to phpbb2 standalone 2.0.5 Test
* and debugging completed by the Elite Nukers and site members.
*
* You run this package at your sole risk. Nuke Cops and affiliates cannot
* be held liable if anything goes wrong. You are advised to test this
* package on a development system. Backup everything before implementing
* in a production environment. If something goes wrong, you can always
* backout and restore your backups.
*
* Installing and running this also means you agree to the terms of the AUP
* found at Nuke Cops.
*
* This is version 2.0.5 of the phpbb2 forum port for PHP-Nuke. Work is based
* on Tom Nitzschner's forum port version 2.0.6. Tom's 2.0.6 port was based
* on the phpbb2 standalone version 2.0.3. Our version 2.0.5 from Nuke Cops is
* now reflecting phpbb2 standalone 2.0.5 that fixes some bugs and the
* invalid_session error message.
***************************************************************************/
/***************************************************************************
* This file is part of the phpBB2 port to Nuke 6.0 (c) copyright 2002
* by Tom Nitzschner (tom@toms-home.com)
* http://bbtonuke.sourceforge.net (or http://www.toms-home.com)
*
* As always, make a backup before messing with anything. All code
* release by me is considered sample code only. It may be fully
* functual, but you use it at your own risk, if you break it,
* you get to fix it too. No waranty is given or implied.
*
* Please post all questions/request about this port on http://bbtonuke.sourceforge.net first,
* then on my site. All original header code and copyright messages will be maintained
* to give credit where credit is due. If you modify this, the only requirement is
* that you also maintain all original copyright messages. All my work is released
* under the GNU GENERAL PUBLIC LICENSE. Please see the README for more information.
*
***************************************************************************/

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/

if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}

$unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
$unhtml_specialchars_replace = array('>', '<', '"', '&');

// ---------------------------------------
// Load agreement template since user has not yet
// agreed to registration conditions/coppa
//
function show_coppa()
{
global $userdata, $template, $lang, $phpbb_root_path, $phpEx;

$template->set_filenames(array(
'body' => 'agreement.tpl')
);

$template->assign_vars(array(
'REGISTRATION' => $lang['Registration'],
'AGREEMENT' => $lang['Reg_agreement'],
"AGREE_OVER_13" => $lang['Agree_over_13'],
"AGREE_UNDER_13" => $lang['Agree_under_13'],
'DO_NOT_AGREE' => $lang['Agree_not'],

"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
);

$template->pparse('body');

}
//
// ---------------------------------------

$error = FALSE;
$page_title = ( $mode == 'editprofile' ) ? $lang['Edit_profile'] : $lang['Register'];

if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )
{
include("includes/page_header.php");

show_coppa();

include("includes/page_tail.php");
}

$coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE;

//
// Check and initialize some variables if needed
//
if (
isset($HTTP_POST_VARS['submit']) ||
isset($HTTP_POST_VARS['avatargallery']) ||
isset($HTTP_POST_VARS['submitavatar']) ||
isset($HTTP_POST_VARS['cancelavatar']) ||
$mode == 'register' )
{
include('includes/functions_validate.'.$phpEx);
include('includes/bbcode.'.$phpEx);
include('includes/functions_post.'.$phpEx);

if ( $mode == 'editprofile' )
{
$user_id = intval($HTTP_POST_VARS['user_id']);
$current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email']));
}

$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests', 'birthday' => 'birthday');

// Strip all tags from data ... may p**s some people off, bah, strip_tags is
// doing the job but can still break HTML output ... have no choice, have
// to use htmlspecialchars ... be prepared to be moaned at.
while( list($var, $param) = @each($strip_var_list) )
{
if ( !empty($HTTP_POST_VARS[$param]) )
{
$$var = trim(htmlspecialchars($HTTP_POST_VARS[$param]));
}
}

$trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');

while( list($var, $param) = @each($trim_var_list) )
{
if ( !empty($HTTP_POST_VARS[$param]) )
{
$$var = trim($HTTP_POST_VARS[$param]);
}
}

$signature = str_replace(' ', "\n", $signature);

// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
// empty strings if they fail.
validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);

$viewemail = ( isset($HTTP_POST_VARS['viewemail']) ) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0;
$allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
$popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;

if ( $mode == 'register' )
{
$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $board_config['allow_sig'];

$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $board_config['allow_html'];
$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $board_config['allow_bbcode'];
$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $board_config['allow_smilies'];
}
else
{
$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0;

$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml'];
$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode'];
$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmile'];
}

$user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style'];

if ( !empty($HTTP_POST_VARS['language']) )
{
if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) )
{
$user_lang = htmlspecialchars($HTTP_POST_VARS['language']);
}
else
{
$error = true;
$error_msg = $lang['Fields_empty'];
}
}
else
{
$user_lang = $board_config['default_lang'];
}

$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
$sql = "SELECT config_value
FROM " . CONFIG_TABLE . "
WHERE config_name = 'default_dateformat'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$board_config['default_dateformat'] = $row['config_value'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];

$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );

$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
$user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
$user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';

$user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
$user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';

if ( (isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) && (!isset($HTTP_POST_VARS['submit'])) )
{
$username = stripslashes($username);
$email = stripslashes($email);
$cur_password = htmlspecialchars(stripslashes($cur_password));
$new_password = htmlspecialchars(stripslashes($new_password));
$password_confirm = htmlspecialchars(stripslashes($password_confirm));

$icq = stripslashes($icq);
$aim = stripslashes($aim);
$msn = stripslashes($msn);
$yim = stripslashes($yim);

$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);

$birthday = stripslashes($birthday);
$signature = stripslashes($signature);

$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);

if ( !isset($HTTP_POST_VARS['cancelavatar']))
{
$user_avatar = $user_avatar_local;
$user_avatar_type = USER_AVATAR_GALLERY;
}
}
}

//
// Let's make sure the user isn't logged in while registering,
// and ensure that they were trying to register a second time
// (Prevents double registrations)
//
if ($mode == 'register' && ($userdata['session_logged_in'] || $username == $userdata['username']))
{
message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
}

//
// Did the user submit? In this case build a query to update the users profile in the DB
//
if ( isset($HTTP_POST_VARS['submit']) )
{
include("includes/usercp_avatar.php");

$passwd_sql = '';
if ( $mode == 'editprofile' )
{
if ( $user_id != $userdata['user_id'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Wrong_Profile'];
}
}
else if ( $mode == 'register' )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Fields_empty'];
}
}

$passwd_sql = '';
if ( !empty($new_password) && !empty($password_confirm) )
{
if ( $new_password != $password_confirm )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Password_mismatch'];
}
else if ( strlen($new_password) > 32 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Password_long'];
}
else
{
if ( $mode == 'editprofile' )
{
$sql = "SELECT user_password
FROM " . USERS_TABLE . "
WHERE user_id = '$user_id'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
}

$row = $db->sql_fetchrow($result);

if ( $row['user_password'] != md5($cur_password) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Current_password_mismatch'];
}
}

if ( !$error )
{
$new_password = md5($new_password);
$passwd_sql = "user_password = '$new_password', ";
}
}
}
else if ( ( empty($new_password) && !empty($password_confirm) ) || ( !empty($new_password) && empty($password_confirm) ) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Password_mismatch'];
}

//
// Do a ban check on this email address
//
if ( $email != $userdata['user_email'] || $mode == 'register' )
{
$result = validate_email($email);
if ( $result['error'] )
{
$email = $userdata['user_email'];

$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $result['error_msg'];
}

if ( $mode == 'editprofile' )
{
$sql = "SELECT user_password
FROM " . USERS_TABLE . "
WHERE user_id = '$user_id'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
}

$row = $db->sql_fetchrow($result);

if ( $row['user_password'] != md5($cur_password) )
{
$email = $userdata['user_email'];

$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Current_password_mismatch'];
}
}
}

$username_sql = '';
if ( $board_config['allow_namechange'] || $mode == 'register' )
{
if ( empty($username) )
{
// Error is already triggered, since one field is empty.
$error = TRUE;
}
else if ( $username != $userdata['username'] || $mode == 'register' )
{
if (strtolower($username) != strtolower($userdata['username']))
{
$result = validate_username($username);
if ( $result['error'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $result['error_msg'];
}
}

if (!$error)
{
$username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
}
}
}

if ( $signature != '' )
{
if ( strlen($signature) > $board_config['max_sig_chars'] )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $lang['Signature_too_long'];
}
else
{
if( preg_match_all("#\[img\]((ht|f)tp://)([^\r\n\t<\"]*?)\[/img\]#sie", $signature, $matches) )
{
if( count($matches[0]) > $board_config['sig_images_max_limit'] )
{
$error = TRUE;
$l_too_many_images = ( $board_config['images_max_limit'] == 1 ) ? sprintf($lang['Too_many_sig_image'], $board_config['sig_images_max_limit']) : sprintf($lang['Too_many_sig_images'], $board_config['sig_images_max_limit']);
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $l_too_many_images;
}
else
{
for( $i = 0; $i < count($matches[0]); $i++ )
{
$image = preg_replace("#\[img\](.*)\[/img\]#si", "\\1", $matches[0][$i]);
list($width, $height) = @getimagesize($image);
if( $width > $board_config['sig_images_max_width'] || $height > $board_config['sig_images_max_height'] )
{
$error = TRUE;
$l_image_too_large = sprintf($lang['Sig_image_too_large'], $board_config['sig_images_max_width'], $board_config['sig_images_max_height']);
$error_msg .= ( ( isset($error_msg) ) ? ' ' : '' ) . $l_image_too_large;
break;
}
}
}
}
}

if ( $signature_bbcode_uid == '' )
{
$signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
}
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
}

if ( $website != '' )
{
rawurlencode($website);
}

$avatar_sql = '';

if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' )
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}

if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
{
$l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));

$error = true;
$error_msg .= ( ( !empty($error_msg) ) ? ' ' : '' ) . $l_avatar_size;
}
}
else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
{
if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD )
{
@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
}
$avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
}
else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
{
if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) && $userdata['user_avatar_type'] == USER_AVATAR_UPLOAD )
{
@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
}
$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
}
// find the birthday values, reflected by the $lang['Submit_date_format']
if ($birthday || !$board_config['min_user_age']) //if a birthday is submited, then validate it
{
for ($i=0;$i<=strlen($lang['Submit_date_format']);$i++)
{
switch ($lang['Submit_date_format'][$i])
{
case d: $day=$birthday_lengt;$date_count++;
$birthday_lengt++;break;
case m: $md=$birthday_lengt;$date_count++;
$birthday_lengt++;break;
case Y: $year=$birthday_lengt;$date_count++;
$birthday_lengt=$birthday_lengt+3;break;
}
$birthday_lengt++;
}
// did we find both day,month and year
if ($date_count<3)
{
$error = TRUE;
if( isset($error_msg) )$error_msg .= " ";
$error_msg .= $lang['Wrong_birthday_format'];
} else
{
$day=$birthday[$day].$birthday[$day+1];
$md=$birthday[$md].$birthday[$md+1];
$year=$birthday[$year].$birthday[$year+1].$birthday[$year+2].$birthday[$year+3];
$user_age=(date('md')>=$md.$day) ? date('Y') - $year : date('Y') - $year - 1 ;
// Check maximum user age
if ($user_age>$board_config['max_user_age']) $md=13 ;
// Check minimum user age
if ($user_age<$board_config['min_user_age']) $md=13 ;
if (!checkdate($md,$day,$year))
{
$error = TRUE;
if( isset($error_msg) )$error_msg .= " ";
$error_msg .= $lang['Wrong_birthday_format'];
} else
{
$birthday = ($error) ? $birthday : mkrealdate($day,$md,$year);
$next_birthday_greeting = (date('md')<$md.$day) ? date('Y'):date('Y')+1 ;
}
}
} else $birthday = ($error) ? '' : 999999;

if ( !$error )
{
if ( $avatar_sql == '' )
{
$avatar_sql = ( $mode == 'editprofile' ) ? '' : "'', " . USER_AVATAR_NONE;
}

if ( $mode == 'editprofile' )
{
if ( $email != $userdata['user_email'] && $board_config['require_activation'] != USER_ACTIVATION_NONE && $userdata['user_level'] != ADMIN )
{
$user_active = 0;

$user_actkey = gen_rand_string(true);
$key_len = 54 - ( strlen($server_url) );
$key_len = ( $key_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);

if ( $userdata['session_logged_in'] )
{
session_end($userdata['sid'], $userdata['user_id']);
}
}
else
{
$user_active = 1;
$user_actkey = '';
}

$sql = "UPDATE " . USERS_TABLE . "
SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_viewemail = '$viewemail', user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = '$attachsig', user_allowsmile = '$allowsmilies', user_allowhtml = '$allowhtml', user_allowbbcode = '$allowbbcode', user_allow_viewonline = '$allowviewonline', user_notify = '$notifyreply', user_notify_pm = '$notifypm', user_popup_pm = '$popup_pm', user_timezone = '$user_timezone', user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = '$user_style', user_active = '$user_active', user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . ", user_birthday='$birthday', user_next_birthday_greeting='$next_birthday_greeting'
WHERE user_id = '$user_id'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
} else {

getusrinfo($user);
docookie($userinfo[user_id],$userinfo[username],$userinfo[user_password],$userinfo[storynum],$userinfo[umode],$userinfo[uorder],$userinfo[thold],$userinfo[noscore],$userinfo[ublockon],$userinfo[theme],$userinfo[commentmax]);
}

if ( !$user_active )
{
//
// The users account has been deactivated, send them an email with a new activation key
//
include("includes/emailer.php");
$emailer = new emailer($board_config['smtp_delivery']);

$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);

$emailer->use_template('user_activate', stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject($lang['Reactivate']);

$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']) : '',

'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
$emailer->send();
$emailer->reset();

if (is_active("Forums")) {
$message = $lang['Profile_updated_inactive'] . ' ' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
} else {
$message = $lang['Profile_updated_inactive'] . ' ' . sprintf($lang['Click_return_index'], '<a href="index.php">', '</a>');
}
}
else
{
if (is_active("Forums")) {
$message = $lang['Profile_updated'] . ' ' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
} else {

$message = $lang['Profile_updated'] . ' ' . sprintf($lang['Click_return_index'], '<a href="index.php">', '</a>');
}
}

// $template->assign_vars(array(
// "META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
// );

message_die(GENERAL_MESSAGE, $message);
}
else
{
$sql = "SELECT MAX(user_id) AS total
FROM " . USERS_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}

if ( !($row = $db->sql_fetchrow($result)) )
{
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
$user_id = $row['total'] + 1;

//
// Get current date
//
$reg_date = date("M d, Y");
$sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_birthday, user_next_birthday_greeting, user_active, user_actkey)
VALUES ('$user_id', '" . str_replace("\'", "''", $username) . "', '" . $reg_date . "', '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', '$attachsig', '$allowsmilies', '$allowhtml', '$allowbbcode', '$allowviewonline', '$notifyreply', '$notifypm', '$popup_pm', '$user_timezone', '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', '$user_style', '1', '1','$birthday','$next_birthday_greeting', ";
if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
{
$user_actkey = gen_rand_string(true);
$key_len = 54 - (strlen($server_url));
$key_len = ( $key_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
$sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
}
else
{
$sql .= "1, '')";
}

if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
}

$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
VALUES ('', 'Personal User', '1', '0')";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
}

$group_id = $db->sql_nextid();

$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
VALUES ('$user_id', '$group_id', '0')";
if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
{
message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
}

if ( $coppa )
{
$message = $lang['COPPA'];
$email_template = 'coppa_welcome_inactive';
}
else if ( $board_config['require_activation'] == USER_ACTIVATION_SELF )
{
$message = $lang['Account_inactive'];
$email_template = 'user_welcome_inactive';
}
else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
{
$message = $lang['Account_inactive_admin'];
$email_template = 'admin_welcome_inactive';
}
else
{
$message = $lang['Account_added'];
$email_template = 'user_welcome';
}

include("includes/emailer.php");
$emailer = new emailer($board_config['smtp_delivery']);

$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);

$emailer->use_template($email_template, stripslashes($user_lang));
$emailer->email_address($email);
$emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));

if( $coppa )
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']),

'FAX_INFO' => $board_config['coppa_fax'],
'MAIL_INFO' => $board_config['coppa_mail'],
'EMAIL_ADDRESS' => $email,
'ICQ' => $icq,
'AIM' => $aim,
'YIM' => $yim,
'MSN' => $msn,
'WEB_SITE' => $website,
'FROM' => $location,
'OCC' => $occupation,
'INTERESTS' => $interests,
'SITENAME' => $board_config['sitename']));
}
else
{
$emailer->assign_vars(array(
'SITENAME' => $board_config['sitename'],
'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'PASSWORD' => $password_confirm,
'EMAIL_SIG' => str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']),

'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
}

$emailer->send();
$emailer->reset();

if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
{
$sql = "SELECT user_email, user_lang
FROM " . USERS_TABLE . "
WHERE user_level = " . ADMIN;

if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
}

while ($row = $db->sql_fetchrow($result))
{
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);

$emailer->email_address(trim($row['user_email']));
$emailer->use_template("admin_activate", $row['user_lang']);
$emailer->set_subject($lang['New_account_subject']);

$emailer->assign_vars(array(
'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
'EMAIL_SIG' => str_replace(' ', "\n", "-- \n" . $board_config['board_email_sig']),

'U_ACTIVATE' => $server_url . '&mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
$emailer->send();
$emailer->reset();
}
$db->sql_freeresult($result);
}
$message = $message . ' ' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
//
// START wpm mod by Duvelske (http://www.vitrax.vze.com)
//
if($board_config['active_wpm'])
{
$sql = "SELECT *
FROM " . WPM;
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "", "", __LINE__, __FILE__, $sql);
}
else
{
while($row = $db->sql_fetchrow($result))
{
$bot_config[$row['name']] = $row['value'];
}
}

// Just a couple of replaces for better customisation on a per user basis
// no point making a special function since there are so few needed

$wpm_subject = str_replace("[username]", $username, $bot_config['wpm_subject']);
$wpm_subject = str_replace("[user_id]", $user_id, $wpm_subject);
$wpm_subject = str_replace("[sitename]", $board_config['sitename'], $wpm_subject);

$wpm_message = str_replace("[username]", $username, $bot_config['wpm_message']);
$wpm_message = str_replace("[user_id]", $user_id, $wpm_message);
$wpm_message = str_replace("[sitename]", $board_config['sitename'], $wpm_message);

// Will not send a pm notification via email (already sent the standard welcome email)
// Simply change the 0 to a 1 to turn it on
wpm_send_pm($user_id, $wpm_subject, $wpm_message, 0);
}
//
// END wpm mod
//

message_die(GENERAL_MESSAGE, $message);
} // if mode == register
}
} // End of submit

if ( $error )
{
//
// If an error occured we need to stripslashes on returned data
//
$username = stripslashes($username);
$email = stripslashes($email);
$new_password = '';
$password_confirm = '';

$icq = stripslashes($icq);
$aim = str_replace('+', ' ', stripslashes($aim));
$msn = stripslashes($msn);
$yim = stripslashes($yim);

$website = stripslashes($website);
$location = stripslashes($location);
$occupation = stripslashes($occupation);
$interests = stripslashes($interests);
$birthday = htmlspecialchars(stripslashes($birthday));
$signature = stripslashes($signature);
$signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $signature) : $signature;

$user_lang = stripslashes($user_lang);
$user_dateformat = stripslashes($user_dateformat);

}
else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
{
$user_id = $userdata['user_id'];
$username = $userdata['username'];
$email = $userdata['user_email'];
$new_password = '';
$password_confirm = '';

$icq = $userdata['user_icq'];
$aim = str_replace('+', ' ', $userdata['user_aim']);
$msn = $userdata['user_msnm'];
$yim = $userdata['user_yim'];

$website = $userdata['user_website'];
$userdata['user_from'] = str_replace(".gif", "", $userdata['user_from']);
$location = $userdata['user_from'];
$occupation = $userdata['user_occ'];
$interests = $userdata['user_interests'];
$birthday = ($userdata['user_birthday']!=999999) ? realdate($lang['Submit_date_format'],$userdata['user_birthday']):'';

$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
$signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $userdata['user_sig']) : $userdata['user_sig'];

$viewemail = $userdata['user_viewemail'];
$notifypm = $userdata['user_notify_pm'];
$popup_pm = $userdata['user_popup_pm'];
$notifyreply = $userdata['user_notify'];
$attachsig = $userdata['user_attachsig'];
$allowhtml = $userdata['user_allowhtml'];
$allowbbcode = $userdata['user_allowbbcode'];
$allowsmilies = $userdata['user_allowsmile'];
$allowviewonline = $userdata['user_allow_viewonline'];

$user_avatar = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar'] : '';
$user_avatar_type = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar_type'] : USER_AVATAR_NONE;

$user_style = $userdata['user_style'];
$user_lang = $userdata['user_lang'];
$user_timezone = $userdata['user_timezone'];
$user_dateformat = $userdata['user_dateformat'];
}

//
// Default pages
//
include("includes/page_header.php");

make_jumpbox('viewforum.'.$phpEx);

if ( $mode == 'editprofile' )
{
if ( $user_id != $userdata['user_id'] )
{
$error = TRUE;
$error_msg = $lang['Wrong_Profile'];
}
}

if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
{
include("includes/usercp_avatar.php");

$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? $HTTP_POST_VARS['avatarcategory'] : '';

$template->set_filenames(array(
'body' => 'profile_avatar_gallery.tpl')
);

$allowviewonline = !$allowviewonline;

display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id'], $birthday);
}
else
{
include("includes/functions_selects.php");

if ( !isset($coppa) )
{
$coppa = FALSE;
}

if ( !isset($user_template) )
{
$selected_template = $board_config['system_template'];
}

$avatar_img = '';
if ( $user_avatar_type )
{
switch( $user_avatar_type )
{
case USER_AVATAR_UPLOAD:
$avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />' : '';
break;
case USER_AVATAR_REMOTE:
$avatar_img = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $user_avatar . '" alt="" />' : '';
break;
case USER_AVATAR_GALLERY:
$avatar_img = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />' : '';
break;
}
}

$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
if( $mode == 'editprofile' )
{
$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';
//
// Send the users current email address. If they change it, and account activation is turned on
// the user account will be disabled and the user will have to reactivate their account.
//
$s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
}

if ( !empty($user_avatar_local) )
{
$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
}

$html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
$bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
$smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];

if ( $error )
{
$template->set_filenames(array(

'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}

$template->set_filenames(array(
'body' => 'profile_add_body.tpl')
);

if ( $mode == 'editprofile' )
{
$template->assign_block_vars('switch_edit_profile', array());
}

if ( ($mode == 'register') || ($board_config['allow_namechange']) )
{
$template->assign_block_vars('switch_namechange_allowed', array());
}
else
{
$template->assign_block_vars('switch_namechange_disallowed', array());
}

//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
//
$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';

$template->assign_vars(array(
'USERNAME' => $username,
'CUR_PASSWORD' => $cur_password,
'NEW_PASSWORD' => $new_password,
'PASSWORD_CONFIRM' => $password_confirm,
'EMAIL' => $email,
//signature editor
'SIG_EDIT_LINK' => append_sid("profile.$phpEx?mode=signature"),
'SIG_DESC' => $lang['sig_description'],
'SIG_BUTTON_DESC' => $lang['sig_edit'],
//signature editor
'YIM' => $yim,
'ICQ' => $icq,
'MSN' => $msn,
'AIM' => $aim,
'OCCUPATION' => $occupation,
'INTERESTS' => $interests,
'BIRTHDAY' => $birthday,
'LOCATION' => $location,
'WEBSITE' => $website,
'SIGNATURE' => str_replace(' ', "\n", $signature),
'VIEW_EMAIL_YES' => ( $viewemail ) ? 'checked="checked"' : '',
'VIEW_EMAIL_NO' => ( !$viewemail ) ? 'checked="checked"' :

Hi. I'm still trying to get this to work on my site. Any ideas?

Wow...

What version of PHP-Nuke are you running? This looks very old!
Also, what module is this?

Steph [ Register or login to view links on this board. ]
The IT Portal for IT People!
[ Register or login to view links on this board.] .

I am using phpnuke 7.4.

Tweaks/Hacks:

Restrict Signatures

Restrict the width, the height and the number of images in signatures. Everything is configurable from the Administration Control Panel.

Well, I'm not sure where you got the code you listed, but that's not for the restrict signatures module.

In fact, that file shouldn't be used at all in nuke 7.4.

You can get the latest restrict signatures function here at codezwiz at:
[ Register or login to view links on this board. ]

This will do what you want and doesn't have anything to do with usercp_register which is no longer used by nuke at all.

I would check your forums and make sure that they are updated to 2.0.10 before you start. Updating to 7.4 didn't necessarily update your forums (which isn't unusual). Keep in mind you must update your forums one version at a time from wherever you are. The update files should be loaded in your directory now if you are using the latest patches.

Give a shout if you have any problems with any of this!

Hope that helps!
Steph [ Register or login to view links on this board. ]
The IT Portal for IT People!
[ Register or login to view links on this board.]

Originally posted by 64bitguy @ Mon Sep 06, 2004 2:08 pm:

Well, I'm not sure where you got the code you listed, but that's not for the restrict signatures module.

In fact, that file shouldn't be used at all in nuke 7.4.

You can get the latest restrict signatures function here at codezwiz at:
[ Register or login to view links on this board. ]

This will do what you want and doesn't have anything to do with usercp_register which is no longer used by nuke at all.

I would check your forums and make sure that they are updated to 2.0.10 before you start. Updating to 7.4 didn't necessarily update your forums (which isn't unusual). Keep in mind you must update your forums one version at a time from wherever you are. The update files should be loaded in your directory now if you are using the latest patches.

Give a shout if you have any problems with any of this!

Hope that helps!
Steph [ Register or login to view links on this board. ]
The IT Portal for IT People!
[ Register or login to view links on this board.]

To clear up some of your confusion. The code that I am trying to use was downloaded from here, which would be why I have come here to try to get my questions answered. I've doubled checked, and yup... same hack that is provided here at Codewiz.

I included the code for usercp_register because that is what was requested by Telli originally in this thread. Now I don't know what Telli's intentions were by asking for this code, so you'll have to ask them.

And though upgrading to a new version of the forum sounds like a novel idea, it is not feasible, since my site is highly customized. Thank you though for suggesting it. But that is not an option.

Does anyone else have any ideas on how to get this to work?

Thanks.