1:    2:    3:    4:    5:    6:    7:    8:    9:   10:   11:   12:   13:   14:   15:   16:   17:   18:   19:   20:   21:   22:   23:   24:   25:   26:   27:   28:   29:   30:   31:   32:   33:   34:   35:   36:   37:   38:   39:   40:   41:   42:   43:   44:   45:   46:   47:   48:   49:   50:   51:   52:   53:   54:   55:   56:   57:   58:   59:   60:   61:   62:   63:   64:   65:   66:   67:   68:   69:   70:   71:   72:   73:   74:   75:   76:   77:   78:   79:   80:   81:   82:   83:   84:   85:   86:   87:   88:   89:   90:   91:   92:   93:   94:   95:   96:   97:   98:   99:  100:  101:  102:  103:  104:  105:  106:  107:  108:  109:  110:  111:  112:  113:  114:  115:  116:  117:  118:  119:  120:  121:  122:  123:  124:  125:  126:  127:  128:  129:  130:  131:  132:  133:  134:  135:  136:  137:  138:  139:  140:  141:  142:  143:  144:  145:  146:  147:  148:  149:  150:  151:  152:  153:  154:  155:  156:  157:  158:  159:  160:  161:  162:  163:  164:  165:  166:  167:  168:  169:  170:  171:  172:  173:  174:  175:  176:  177:  178:  179:  180:  181:  182:  183:  184:  185:  186:  187:  188:  189:  190:  191:  192:  193:  194:  195:  196:  197:  198:  199:  200:  201:  202:  203:  204:  205:  206:  207:  208:  209:  210:  211:  212:  213:  214:  215:  216:  217:  218:  219:  220:  221:  222:  223:  224:  225:  226:  227:  228:  229:  230:  231:  232:  233:  234:  235:  236:  237:  238:  239:  240:  241:  242:  243:  244:  245:  246:  247:  248:  249:  250:  251:  252:  253:  254:  255:  256:  257:  258:  259:  260:  261:  262:  263:  264:  265:  266:  267:  268:  269:  270:  271:  272:  273:  274:  275:  276:  277:  278:  279:  280:  281:  282:  283:  284:  285:  286:  287:  288:  289:  290:  291:  292:  293:  294:  295:  296:  297:  298:  299:  300:  301:  302:  303:  304:  305:  306:  307:  308:  309:  310:  311:  312:  313:  314:  315:  316:  317:  318:  319:  320:  321:  322:  323:  324:  325:  326:  327:  328:  329:  330:  331:  332:  333:  334:  335:  336:  337:  338:  339:  340:  341:  342:  343:  344:  345:  346:  347:  348:  349:  350:  351:  352:  353:  354:  355:  356:  357:  358:  359:  360:  361:  362:  363:  364:  365:  366:  367:  368:  369:  370:  371:  372:  373:  374:  375:  376:  377:  378:  379:  380:  381:  382:  383:  384:  385:  386:  387:  388:  389:  390:  391:  392:  393:  394:  395:  396:  397:  398:  399:  400:  401:  402:  403:  404:  405:  406:  407:  408:  409:  410:  411:  412:  413:  414:  415:  416:  417:  418:  419:  420:  421:  422:  423:  424:  425:  426:  427:  428:  429:  430:  431:  432:  433:  434:  435:  436:  437:  438:  439:  440:  441:  442:  443:  444:  445:  446:  447:  448:  449:  450:  451:  452:  453:  454:  455:  456:  457:  458:  459:  460:  461:  462:  463:  464:  465:  466:  467:  468:  469:  470:  471:  472:  473:  474:  475:  476:  477:  478:  479:  480:  481:  482:  483:  484:  485:  486:  487:  488:  489:  490:  491:  492:  493:  494:  495:  496:  497:  498:  499:  500:  501:  502:  503:  504:  505:  506:  507:  508:  509:  510:  511:  512:  513:  514:  515:  516:  517:  518:  519:  520:  521:  522:  523:  524:  525:  526:  527:  528:  529:  530:  531:  532:  533:  534:  535:  536:  537:  538:  539:  540:  541:  542:  543:  544:  545:  546:  547:  548:  549:  550:  551:  552:  553:  554:  555:  556:  557:  558:  559:  560:  561:  562:  563:  564:  565:  566:  567:  568:  569:  570:  571:  572:  573:  574:  575:  576:  577:  578:  579:  580:  581:  582:  583:  584:  585:  586:  587:  588:  589:  590:  591:  592:  593:  594:  595:  596:  597:  598:  599:  600:  601:  602:  603:  604:  605:  606:  607:  608:  609:  610:  611:  612:  613:  614:  615:  616:  617:  618:  619:  620:  621:  622:  623:  624:  625:  626:  627:  628:  629:  630:  631:  632:  633:  634:  635:  636:  637:  638:  639:  640:  641:  642:  643:  644:  645:  646:  647:  648:  649:  650:  651:  652:  653:  654:  655:  656:  657:  658:  659:  660:  661:  662:  663:  664:  665:  666:  667:  668:  669:  670:  671:  672:  673:  674:  675:  676:  677:  678:  679:  680:  681:  682:  683:  684:  685:  686:  687:  688:  689:  690:  691:  692:  693:  694:  695:  696:  697:  698:  699:  700:  701:  702:  703:  704:  705:  706:  707:  708:  709:  710:  711:  712:  713:  714:  715:  716:  717:  718:  719:  720:  721:  722:  723:  724:  725:  726:  727:  728:  729:  730:  731:  732:  733:  734:  735:  736:  737:  738:  739:  740:  741:  742:  743:  744:  745:  746:  747:  748:  749:  750:  751:  752:  753:  754:  755:  756:  757:  758:  759:  760:  761:  762:  763:  764:  765:  766:  767:  768:  769:  770:  771:  772:  773:  774:  775:  776:  777:  778:  779:  780:  781:  782:  783:  784:  785:  786:  787:  788:  789:  790:  791:  792:  793:  794:  795:  796:  797:  798:  799:  800:  801:  802:  803:  804:  805:  806:  807:  808:  809:  810:  811:  812:  813:  814:  815:  816:  817:  818:  819:  820:  821:  822:  823:  824:  825:  826:  827:  828:  829:  830:  831:  832:  833:  834:  835:  836:  837:  838:  839:  840:  841:  842:  843:  844:  845:  846:  847:  848:  849:  850:  851:  852:  853:  854:  855:  856:  857:  858:  859:  860:  861:  862:  863:  864:  865:  866:  867:  868:  869:  870:  871:  872:  873:  874:  875:  876:  877:  878:  879:  880:  881:  882:  883:  884:  885:  886:  887:  888:  889:  890:  891:  892:  893:  894:  895:  896:  897:  898:  899:  900:  901:  902:  903:  904:  905:  906:  907:  908:  909:  910:  911:  912:  913:  914:  915:  916:  917:  918:  919:  920:  921:  922:  923:  924:  925:  926:  927:  928:  929:  930:  931:  932:  933:  934:  935:  936:  937:  938:  939:  940:  941:  942:  943:  944:  945:  946:  947:  948:  949:  950:  951:  952:  953:  954:  955:  956:  957:  958:  959:  960:  961:  962:  963:  964:  965:  966:  967:  968:  969:  970:  971:  972:  973:  974:  975:  976:  977:  978:  979:  980:  981:  982:  983:  984:  985:  986:  987:  988:  989:  990:  991:  992:  993:  994:  995:  996:  997:  998:  999: 1000: 1001: 1002: 1003: 1004: 1005: 1006: 1007: 1008: 1009: 1010: 1011: 1012: 1013: 1014: 1015: 1016: 1017: 1018: 1019: 1020: 1021: 1022: 1023: 1024: 1025: 1026: 1027: 1028: 1029: 1030: 1031: 1032: 1033: 1034: 1035: 1036: 1037: 1038: 1039: 1040: 1041: 1042: 1043: 1044: 1045: 1046: 1047: 1048: 1049: 1050: 1051: 1052: 1053: 1054: 1055: 1056: 1057: 1058: 1059: 1060: 1061: 1062: 1063: 1064: 1065: 1066: 1067: 1068: 1069: 1070: 1071: 1072: 1073: 1074: 1075: 1076: 1077: 1078: 1079: 1080: 1081: 1082: 1083: 1084: 1085: 1086: 1087: 1088: 1089: 1090: 1091: 1092: 1093: 1094: 1095: 1096: 1097: 1098: 1099: 1100: 1101: 1102: 1103: 1104: 1105: 1106: 1107: 1108: 1109: 1110: 1111: 1112: 1113: 1114: 1115: 1116: 1117: 1118: 1119: 1120: 1121: 1122: 1123: 1124: 1125: 1126: 1127: 1128: 1129: 1130: 1131: 1132: 1133: 1134: 1135: 1136: 1137: 1138: 1139: 1140: 1141: 1142: 1143: 1144: 1145: 1146: 1147: 1148: 1149: 1150: 1151: 1152: 1153: 1154: 1155: 1156: 1157: 1158: 1159: 1160: 1161: 1162: 1163: 1164: 1165: 1166: 1167: 1168: 1169: 1170: 1171: 1172: 1173: 1174: 1175: 1176: 1177: 1178: 1179: 1180: 1181: 1182: 1183: 1184: 1185: 1186: 1187: 1188: 1189: 1190: 1191: 1192: 1193: 1194: 1195: 1196: 1197: 1198: 1199: 1200: 1201: 1202: 1203: 1204: 1205: 1206: 1207: 1208: 1209: 1210: 1211: 1212: 1213: 1214: 1215: 1216: 1217: 1218: 1219: 1220: 1221: 1222: 1223: 1224: 1225: 1226: 1227: 1228: 1229: 1230: 1231: 1232: 1233: 1234: 1235: 1236: 1237: 1238: 1239: 1240: 1241: 1242: 1243: 1244: 1245: 1246: 1247: 1248: 1249: 1250: 1251: 1252: 1253: 1254: 1255: 1256: 1257: 1258: 1259: 1260: 1261: 1262: 1263: 1264: 1265: 1266: 1267: 1268: 1269: 1270: 1271: 1272: 1273: 1274: 1275: 1276: 1277: 1278: 1279: 1280: 1281: 1282: 1283: 1284: 1285: 1286: 1287: 1288: 1289: 1290: 1291: 1292: 1293: 1294: 1295: 1296: 1297: 1298: 1299: 1300: 1301: 1302: 1303: 1304: 1305: 1306: 1307: 1308: 1309: 1310: 1311: 1312: 1313: 1314: 1315: 1316: 1317: 1318: 1319: 1320: 1321: 1322: 1323: 1324: 1325: 1326: 1327: 1328: 1329: 1330: 1331: 1332: 1333: 
<?php

/**
 * Show a list of members or a selection of members.
 *
 * Simple Machines Forum (SMF)
 *
 * @package SMF
 * @author Simple Machines http://www.simplemachines.org
 * @copyright 2019 Simple Machines and individual contributors
 * @license http://www.simplemachines.org/about/smf/license.php BSD
 *
 * @version 2.1 RC1
 */

if (!defined('SMF'))
    die('No direct access...');

/**
 * The main entrance point for the Manage Members screen.
 * As everyone else, it calls a function based on the given sub-action.
 * Called by ?action=admin;area=viewmembers.
 * Requires the moderate_forum permission.
 *
 * uses ManageMembers template
 * uses ManageMembers language file.
 */
function ViewMembers()
{
    global $txt, $scripturl, $context, $modSettings, $smcFunc;

    $subActions = array(
        'all' => array('ViewMemberlist', 'moderate_forum'),
        'approve' => array('AdminApprove', 'moderate_forum'),
        'browse' => array('MembersAwaitingActivation', 'moderate_forum'),
        'search' => array('SearchMembers', 'moderate_forum'),
        'query' => array('ViewMemberlist', 'moderate_forum'),
    );

    // Load the essentials.
    loadLanguage('ManageMembers');
    loadTemplate('ManageMembers');

    // Fetch our activation counts.
    GetMemberActivationCounts();

    // For the page header... do we show activation?
    $context['show_activate'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1) || !empty($context['awaiting_activation']);

    // What about approval?
    $context['show_approve'] = (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2) || !empty($context['awaiting_approval']) || !empty($modSettings['approveAccountDeletion']);

    // Setup the admin tabs.
    $context[$context['admin_menu_name']]['tab_data'] = array(
        'title' => $txt['admin_members'],
        'help' => 'view_members',
        'description' => $txt['admin_members_list'],
        'tabs' => array(),
    );

    $context['tabs'] = array(
        'viewmembers' => array(
            'label' => $txt['view_all_members'],
            'description' => $txt['admin_members_list'],
            'url' => $scripturl . '?action=admin;area=viewmembers;sa=all',
            'selected_actions' => array('all'),
        ),
        'search' => array(
            'label' => $txt['mlist_search'],
            'description' => $txt['admin_members_list'],
            'url' => $scripturl . '?action=admin;area=viewmembers;sa=search',
            'selected_actions' => array('search', 'query'),
        ),
    );
    $context['last_tab'] = 'search';

    // Do we have approvals
    if ($context['show_approve'])
    {
        $context['tabs']['approve'] = array(
            'label' => sprintf($txt['admin_browse_awaiting_approval'], $context['awaiting_approval']),
            'description' => $txt['admin_browse_approve_desc'],
            'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve',
        );
        $context['last_tab'] = 'approve';
    }

    // Do we have activations to show?
    if ($context['show_activate'])
    {
        $context['tabs']['activate'] = array(
            'label' => sprintf($txt['admin_browse_awaiting_activate'], $context['awaiting_activation']),
            'description' => $txt['admin_browse_activate_desc'],
            'url' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=activate',
        );
        $context['last_tab'] = 'activate';
    }

    // Call our hook now, letting customizations add to the subActions and/or modify $context as needed.
    call_integration_hook('integrate_manage_members', array(&$subActions));

    // Default to sub action 'index' or 'settings' depending on permissions.
    $context['current_subaction'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'all';

    // We know the sub action, now we know what you're allowed to do.
    isAllowedTo($subActions[$context['current_subaction']][1]);

    // Set the last tab.
    $context['tabs'][$context['last_tab']]['is_last'] = true;

    // Find the active tab.
    if (isset($context['tabs'][$context['current_subaction']]))
        $context['tabs'][$context['current_subaction']]['is_selected'] = true;
    elseif (isset($context['current_subaction']))
        foreach ($context['tabs'] as $id_tab => $tab_data)
            if (!empty($tab_data['selected_actions']) && in_array($context['current_subaction'], $tab_data['selected_actions']))
                $context['tabs'][$id_tab]['is_selected'] = true;

    call_helper($subActions[$context['current_subaction']][0]);
}

/**
 * View all members list. It allows sorting on several columns, and deletion of
 * selected members. It also handles the search query sent by
 * ?action=admin;area=viewmembers;sa=search.
 * Called by ?action=admin;area=viewmembers;sa=all or ?action=admin;area=viewmembers;sa=query.
 * Requires the moderate_forum permission.
 *
 * uses the view_members sub template of the ManageMembers template.
 */
function ViewMemberlist()
{
    global $txt, $scripturl, $context, $modSettings, $sourcedir, $smcFunc, $user_info;

    // Are we performing a delete?
    if (isset($_POST['delete_members']) && !empty($_POST['delete']) && allowedTo('profile_remove_any'))
    {
        checkSession();

        // Clean the input.
        foreach ($_POST['delete'] as $key => $value)
        {
            // Don't delete yourself, idiot.
            if ($value != $user_info['id'])
                $delete[$key] = (int) $value;
        }

        if (!empty($delete))
        {
            // Delete all the selected members.
            require_once($sourcedir . '/Subs-Members.php');
            deleteMembers($delete, true);
        }
    }

    // Check input after a member search has been submitted.
    if ($context['current_subaction'] == 'query')
    {
        // Retrieving the membergroups and postgroups.
        $context['membergroups'] = array(
            array(
                'id' => 0,
                'name' => $txt['membergroups_members'],
                'can_be_additional' => false
            )
        );
        $context['postgroups'] = array();

        $request = $smcFunc['db_query']('', '
            SELECT id_group, group_name, min_posts
            FROM {db_prefix}membergroups
            WHERE id_group != {int:moderator_group}
            ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
            array(
                'moderator_group' => 3,
                'newbie_group' => 4,
            )
        );
        while ($row = $smcFunc['db_fetch_assoc']($request))
        {
            if ($row['min_posts'] == -1)
                $context['membergroups'][] = array(
                    'id' => $row['id_group'],
                    'name' => $row['group_name'],
                    'can_be_additional' => true
                );
            else
                $context['postgroups'][] = array(
                    'id' => $row['id_group'],
                    'name' => $row['group_name']
                );
        }
        $smcFunc['db_free_result']($request);

        // Some data about the form fields and how they are linked to the database.
        $params = array(
            'mem_id' => array(
                'db_fields' => array('id_member'),
                'type' => 'int',
                'range' => true
            ),
            'age' => array(
                'db_fields' => array('birthdate'),
                'type' => 'age',
                'range' => true
            ),
            'posts' => array(
                'db_fields' => array('posts'),
                'type' => 'int',
                'range' => true
            ),
            'reg_date' => array(
                'db_fields' => array('date_registered'),
                'type' => 'date',
                'range' => true
            ),
            'last_online' => array(
                'db_fields' => array('last_login'),
                'type' => 'date',
                'range' => true
            ),
            'activated' => array(
                'db_fields' => array('CASE WHEN is_activated IN (1, 11) THEN 1 ELSE 0 END'),
                'type' => 'checkbox',
                'values' => array('0', '1'),
            ),
            'membername' => array(
                'db_fields' => array('member_name', 'real_name'),
                'type' => 'string'
            ),
            'email' => array(
                'db_fields' => array('email_address'),
                'type' => 'string'
            ),
            'website' => array(
                'db_fields' => array('website_title', 'website_url'),
                'type' => 'string'
            ),
            'ip' => array(
                'db_fields' => array('member_ip'),
                'type' => 'inet'
            ),
            'membergroups' => array(
                'db_fields' => array('id_group'),
                'type' => 'groups'
            ),
            'postgroups' => array(
                'db_fields' => array('id_group'),
                'type' => 'groups'
            )
        );
        $range_trans = array(
            '--' => '<',
            '-' => '<=',
            '=' => '=',
            '+' => '>=',
            '++' => '>'
        );

        call_integration_hook('integrate_view_members_params', array(&$params));

        $search_params = array();
        if ($context['current_subaction'] == 'query' && !empty($_REQUEST['params']) && empty($_POST['types']))
            $search_params = $smcFunc['json_decode'](base64_decode($_REQUEST['params']), true);
        elseif (!empty($_POST))
        {
            $search_params['types'] = $_POST['types'];
            foreach ($params as $param_name => $param_info)
                if (isset($_POST[$param_name]))
                    $search_params[$param_name] = $_POST[$param_name];
        }

        $search_url_params = isset($search_params) ? base64_encode($smcFunc['json_encode']($search_params)) : null;

        // @todo Validate a little more.

        // Loop through every field of the form.
        $query_parts = array();
        $where_params = array();
        foreach ($params as $param_name => $param_info)
        {
            // Not filled in?
            if (!isset($search_params[$param_name]) || $search_params[$param_name] === '')
                continue;

            // Make sure numeric values are really numeric.
            if (in_array($param_info['type'], array('int', 'age')))
                $search_params[$param_name] = (int) $search_params[$param_name];
            // Date values have to match the specified format.
            elseif ($param_info['type'] == 'date')
            {
                // Check if this date format is valid.
                if (preg_match('/^\d{4}-\d{1,2}-\d{1,2}$/', $search_params[$param_name]) == 0)
                    continue;

                $search_params[$param_name] = strtotime($search_params[$param_name]);
            }
            elseif ($param_info['type'] == 'inet')
            {
                $search_params[$param_name] = ip2range($search_params[$param_name]);
                if (empty($search_params[$param_name]))
                    continue;
            }

            // Those values that are in some kind of range (<, <=, =, >=, >).
            if (!empty($param_info['range']))
            {
                // Default to '=', just in case...
                if (empty($range_trans[$search_params['types'][$param_name]]))
                    $search_params['types'][$param_name] = '=';

                // Handle special case 'age'.
                if ($param_info['type'] == 'age')
                {
                    // All people that were born between $lowerlimit and $upperlimit are currently the specified age.
                    $datearray = getdate(forum_time());
                    $upperlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $search_params[$param_name], $datearray['mon'], $datearray['mday']);
                    $lowerlimit = sprintf('%04d-%02d-%02d', $datearray['year'] - $search_params[$param_name] - 1, $datearray['mon'], $datearray['mday']);
                    if (in_array($search_params['types'][$param_name], array('-', '--', '=')))
                    {
                        $query_parts[] = ($param_info['db_fields'][0]) . ' > {string:' . $param_name . '_minlimit}';
                        $where_params[$param_name . '_minlimit'] = ($search_params['types'][$param_name] == '--' ? $upperlimit : $lowerlimit);
                    }
                    if (in_array($search_params['types'][$param_name], array('+', '++', '=')))
                    {
                        $query_parts[] = ($param_info['db_fields'][0]) . ' <= {string:' . $param_name . '_pluslimit}';
                        $where_params[$param_name . '_pluslimit'] = ($search_params['types'][$param_name] == '++' ? $lowerlimit : $upperlimit);

                        // Make sure that members that didn't set their birth year are not queried.
                        $query_parts[] = ($param_info['db_fields'][0]) . ' > {date:dec_zero_date}';
                        $where_params['dec_zero_date'] = '0004-12-31';
                    }
                }
                // Special case - equals a date.
                elseif ($param_info['type'] == 'date' && $search_params['types'][$param_name] == '=')
                {
                    $query_parts[] = $param_info['db_fields'][0] . ' > ' . $search_params[$param_name] . ' AND ' . $param_info['db_fields'][0] . ' < ' . ($search_params[$param_name] + 86400);
                }
                else
                    $query_parts[] = $param_info['db_fields'][0] . ' ' . $range_trans[$search_params['types'][$param_name]] . ' ' . $search_params[$param_name];
            }
            // Checkboxes.
            elseif ($param_info['type'] == 'checkbox')
            {
                // Each checkbox or no checkbox at all is checked -> ignore.
                if (!is_array($search_params[$param_name]) || count($search_params[$param_name]) == 0 || count($search_params[$param_name]) == count($param_info['values']))
                    continue;

                $query_parts[] = ($param_info['db_fields'][0]) . ' IN ({array_string:' . $param_name . '_check})';
                $where_params[$param_name . '_check'] = $search_params[$param_name];
            }
            // INET.
            elseif ($param_info['type'] == 'inet')
            {
                if (count($search_params[$param_name]) === 1)
                {
                    $query_parts[] = '(' . $param_info['db_fields'][0] . ' = {inet:' . $param_name . '})';
                    $where_params[$param_name] = $search_params[$param_name][0];
                }
                elseif (count($search_params[$param_name]) === 2)
                {
                    $query_parts[] = '(' . $param_info['db_fields'][0] . ' <= {inet:' . $param_name . '_high} and ' . $param_info['db_fields'][0] . ' >= {inet:' . $param_name . '_low})';
                    $where_params[$param_name . '_low'] = $search_params[$param_name]['low'];
                    $where_params[$param_name . '_high'] = $search_params[$param_name]['high'];
                }

            }
            elseif ($param_info['type'] != 'groups')
            {
                // Replace the wildcard characters ('*' and '?') into MySQL ones.
                $parameter = strtolower(strtr($smcFunc['htmlspecialchars']($search_params[$param_name], ENT_QUOTES), array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_')));

                if ($smcFunc['db_case_sensitive'])
                    $query_parts[] = '(LOWER(' . implode(') LIKE {string:' . $param_name . '_normal} OR LOWER(', $param_info['db_fields']) . ') LIKE {string:' . $param_name . '_normal})';
                else
                    $query_parts[] = '(' . implode(' LIKE {string:' . $param_name . '_normal} OR ', $param_info['db_fields']) . ' LIKE {string:' . $param_name . '_normal})';
                $where_params[$param_name . '_normal'] = '%' . $parameter . '%';
            }
        }

        // Set up the membergroup query part.
        $mg_query_parts = array();

        // Primary membergroups, but only if at least was was not selected.
        if (!empty($search_params['membergroups'][1]) && count($context['membergroups']) != count($search_params['membergroups'][1]))
        {
            $mg_query_parts[] = 'mem.id_group IN ({array_int:group_check})';
            $where_params['group_check'] = $search_params['membergroups'][1];
        }

        // Additional membergroups (these are only relevant if not all primary groups where selected!).
        if (!empty($search_params['membergroups'][2]) && (empty($search_params['membergroups'][1]) || count($context['membergroups']) != count($search_params['membergroups'][1])))
            foreach ($search_params['membergroups'][2] as $mg)
            {
                $mg_query_parts[] = 'FIND_IN_SET({int:add_group_' . $mg . '}, mem.additional_groups) != 0';
                $where_params['add_group_' . $mg] = $mg;
            }

        // Combine the one or two membergroup parts into one query part linked with an OR.
        if (!empty($mg_query_parts))
            $query_parts[] = '(' . implode(' OR ', $mg_query_parts) . ')';

        // Get all selected post count related membergroups.
        if (!empty($search_params['postgroups']) && count($search_params['postgroups']) != count($context['postgroups']))
        {
            $query_parts[] = 'id_post_group IN ({array_int:post_groups})';
            $where_params['post_groups'] = $search_params['postgroups'];
        }

        // Construct the where part of the query.
        $where = empty($query_parts) ? '1=1' : implode('
            AND ', $query_parts);
    }
    else
        $search_url_params = null;

    // Construct the additional URL part with the query info in it.
    $context['params_url'] = $context['current_subaction'] == 'query' ? ';sa=query;params=' . $search_url_params : '';

    // Get the title and sub template ready..
    $context['page_title'] = $txt['admin_members'];

    $listOptions = array(
        'id' => 'member_list',
        'title' => $txt['members_list'],
        'items_per_page' => $modSettings['defaultMaxMembers'],
        'base_href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
        'default_sort_col' => 'user_name',
        'get_items' => array(
            'file' => $sourcedir . '/Subs-Members.php',
            'function' => 'list_getMembers',
            'params' => array(
                isset($where) ? $where : '1=1',
                isset($where_params) ? $where_params : array(),
            ),
        ),
        'get_count' => array(
            'file' => $sourcedir . '/Subs-Members.php',
            'function' => 'list_getNumMembers',
            'params' => array(
                isset($where) ? $where : '1=1',
                isset($where_params) ? $where_params : array(),
            ),
        ),
        'columns' => array(
            'id_member' => array(
                'header' => array(
                    'value' => $txt['member_id'],
                ),
                'data' => array(
                    'db' => 'id_member',
                ),
                'sort' => array(
                    'default' => 'id_member',
                    'reverse' => 'id_member DESC',
                ),
            ),
            'user_name' => array(
                'header' => array(
                    'value' => $txt['username'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
                        'params' => array(
                            'id_member' => false,
                            'member_name' => false,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'member_name',
                    'reverse' => 'member_name DESC',
                ),
            ),
            'display_name' => array(
                'header' => array(
                    'value' => $txt['display_name'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
                        'params' => array(
                            'id_member' => false,
                            'real_name' => false,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'real_name',
                    'reverse' => 'real_name DESC',
                ),
            ),
            'email' => array(
                'header' => array(
                    'value' => $txt['email_address'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="mailto:%1$s">%1$s</a>',
                        'params' => array(
                            'email_address' => true,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'email_address',
                    'reverse' => 'email_address DESC',
                ),
            ),
            'ip' => array(
                'header' => array(
                    'value' => $txt['ip_address'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
                        'params' => array(
                            'member_ip' => false,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'member_ip',
                    'reverse' => 'member_ip DESC',
                ),
            ),
            'last_active' => array(
                'header' => array(
                    'value' => $txt['viewmembers_online'],
                ),
                'data' => array(
                    'function' => function($rowData) use ($txt)
                    {
                        // Calculate number of days since last online.
                        if (empty($rowData['last_login']))
                            $difference = $txt['never'];
                        else
                        {
                            $num_days_difference = jeffsdatediff($rowData['last_login']);

                            // Today.
                            if (empty($num_days_difference))
                                $difference = $txt['viewmembers_today'];

                            // Yesterday.
                            elseif ($num_days_difference == 1)
                                $difference = sprintf('1 %1$s', $txt['viewmembers_day_ago']);

                            // X days ago.
                            else
                                $difference = sprintf('%1$d %2$s', $num_days_difference, $txt['viewmembers_days_ago']);
                        }

                        // Show it in italics if they're not activated...
                        if ($rowData['is_activated'] % 10 != 1)
                            $difference = sprintf('<em title="%1$s">%2$s</em>', $txt['not_activated'], $difference);

                        return $difference;
                    },
                ),
                'sort' => array(
                    'default' => 'last_login DESC',
                    'reverse' => 'last_login',
                ),
            ),
            'posts' => array(
                'header' => array(
                    'value' => $txt['member_postcount'],
                ),
                'data' => array(
                    'db' => 'posts',
                ),
                'sort' => array(
                    'default' => 'posts',
                    'reverse' => 'posts DESC',
                ),
            ),
            'check' => array(
                'header' => array(
                    'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">',
                    'class' => 'centercol',
                ),
                'data' => array(
                    'function' => function($rowData) use ($user_info)
                    {
                        return '<input type="checkbox" name="delete[]" value="' . $rowData['id_member'] . '"' . ($rowData['id_member'] == $user_info['id'] || $rowData['id_group'] == 1 || in_array(1, explode(',', $rowData['additional_groups'])) ? ' disabled' : '') . '>';
                    },
                    'class' => 'centercol',
                ),
            ),
        ),
        'form' => array(
            'href' => $scripturl . '?action=admin;area=viewmembers' . $context['params_url'],
            'include_start' => true,
            'include_sort' => true,
        ),
        'additional_rows' => array(
            array(
                'position' => 'below_table_data',
                'value' => '<input type="submit" name="delete_members" value="' . $txt['admin_delete_members'] . '" data-confirm="' . $txt['confirm_delete_members'] . '" class="button you_sure">',
            ),
        ),
    );

    // Without enough permissions, don't show 'delete members' checkboxes.
    if (!allowedTo('profile_remove_any'))
        unset($listOptions['cols']['check'], $listOptions['form'], $listOptions['additional_rows']);

    require_once($sourcedir . '/Subs-List.php');
    createList($listOptions);

    $context['sub_template'] = 'show_list';
    $context['default_list'] = 'member_list';
}

/**
 * Search the member list, using one or more criteria.
 * Called by ?action=admin;area=viewmembers;sa=search.
 * Requires the moderate_forum permission.
 * form is submitted to action=admin;area=viewmembers;sa=query.
 *
 * uses the search_members sub template of the ManageMembers template.
 */
function SearchMembers()
{
    global $context, $txt, $smcFunc;

    // Get a list of all the membergroups and postgroups that can be selected.
    $context['membergroups'] = array(
        array(
            'id' => 0,
            'name' => $txt['membergroups_members'],
            'can_be_additional' => false
        )
    );
    $context['postgroups'] = array();

    $request = $smcFunc['db_query']('', '
        SELECT id_group, group_name, min_posts
        FROM {db_prefix}membergroups
        WHERE id_group != {int:moderator_group}
        ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
        array(
            'moderator_group' => 3,
            'newbie_group' => 4,
        )
    );
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        if ($row['min_posts'] == -1)
            $context['membergroups'][] = array(
                'id' => $row['id_group'],
                'name' => $row['group_name'],
                'can_be_additional' => true
            );
        else
            $context['postgroups'][] = array(
                'id' => $row['id_group'],
                'name' => $row['group_name']
            );
    }
    $smcFunc['db_free_result']($request);

    $context['page_title'] = $txt['admin_members'];
    $context['sub_template'] = 'search_members';
}

/**
 * List all members who are awaiting approval / activation, sortable on different columns.
 * It allows instant approval or activation of (a selection of) members.
 * Called by ?action=admin;area=viewmembers;sa=browse;type=approve
 *  or ?action=admin;area=viewmembers;sa=browse;type=activate.
 * The form submits to ?action=admin;area=viewmembers;sa=approve.
 * Requires the moderate_forum permission.
 *
 * uses the admin_browse sub template of the ManageMembers template.
 */
function MembersAwaitingActivation()
{
    global $txt, $context, $scripturl, $modSettings;
    global $sourcedir;

    // Not a lot here!
    $context['page_title'] = $txt['admin_members'];
    $context['sub_template'] = 'admin_browse';
    $context['browse_type'] = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
    if (isset($context['tabs'][$context['browse_type']]))
        $context['tabs'][$context['browse_type']]['is_selected'] = true;

    // Allowed filters are those we can have, in theory.
    $context['allowed_filters'] = $context['browse_type'] == 'approve' ? array(3, 4, 5) : array(0, 2);
    $context['current_filter'] = isset($_REQUEST['filter']) && in_array($_REQUEST['filter'], $context['allowed_filters']) && !empty($context['activation_numbers'][$_REQUEST['filter']]) ? (int) $_REQUEST['filter'] : -1;

    // Sort out the different sub areas that we can actually filter by.
    $context['available_filters'] = array();
    foreach ($context['activation_numbers'] as $type => $amount)
    {
        // We have some of these...
        if (in_array($type, $context['allowed_filters']) && $amount > 0)
            $context['available_filters'][] = array(
                'type' => $type,
                'amount' => $amount,
                'desc' => isset($txt['admin_browse_filter_type_' . $type]) ? $txt['admin_browse_filter_type_' . $type] : '?',
                'selected' => $type == $context['current_filter']
            );
    }

    // If the filter was not sent, set it to whatever has people in it!
    if ($context['current_filter'] == -1 && !empty($context['available_filters'][0]['amount']))
        $context['current_filter'] = $context['available_filters'][0]['type'];

    // This little variable is used to determine if we should flag where we are looking.
    $context['show_filter'] = ($context['current_filter'] != 0 && $context['current_filter'] != 3) || count($context['available_filters']) > 1;

    // The columns that can be sorted.
    $context['columns'] = array(
        'id_member' => array('label' => $txt['admin_browse_id']),
        'member_name' => array('label' => $txt['admin_browse_username']),
        'email_address' => array('label' => $txt['admin_browse_email']),
        'member_ip' => array('label' => $txt['admin_browse_ip']),
        'date_registered' => array('label' => $txt['admin_browse_registered']),
    );

    // Are we showing duplicate information?
    if (isset($_GET['showdupes']))
        $_SESSION['showdupes'] = (int) $_GET['showdupes'];
    $context['show_duplicates'] = !empty($_SESSION['showdupes']);

    // Determine which actions we should allow on this page.
    if ($context['browse_type'] == 'approve')
    {
        // If we are approving deleted accounts we have a slightly different list... actually a mirror ;)
        if ($context['current_filter'] == 4)
            $context['allowed_actions'] = array(
                'reject' => $txt['admin_browse_w_approve_deletion'],
                'ok' => $txt['admin_browse_w_reject'],
            );
        else
            $context['allowed_actions'] = array(
                'ok' => $txt['admin_browse_w_approve'],
                'okemail' => $txt['admin_browse_w_approve'] . ' ' . $txt['admin_browse_w_email'],
                'require_activation' => $txt['admin_browse_w_approve_require_activate'],
                'reject' => $txt['admin_browse_w_reject'],
                'rejectemail' => $txt['admin_browse_w_reject'] . ' ' . $txt['admin_browse_w_email'],
            );
    }
    elseif ($context['browse_type'] == 'activate')
        $context['allowed_actions'] = array(
            'ok' => $txt['admin_browse_w_activate'],
            'okemail' => $txt['admin_browse_w_activate'] . ' ' . $txt['admin_browse_w_email'],
            'delete' => $txt['admin_browse_w_delete'],
            'deleteemail' => $txt['admin_browse_w_delete'] . ' ' . $txt['admin_browse_w_email'],
            'remind' => $txt['admin_browse_w_remind'] . ' ' . $txt['admin_browse_w_email'],
        );

    // Create an option list for actions allowed to be done with selected members.
    $allowed_actions = '
            <option selected value="">' . $txt['admin_browse_with_selected'] . ':</option>
            <option value="" disabled>-----------------------------</option>';
    foreach ($context['allowed_actions'] as $key => $desc)
        $allowed_actions .= '
            <option value="' . $key . '">' . $desc . '</option>';

    // Setup the Javascript function for selecting an action for the list.
    $javascript = '
        function onSelectChange()
        {
            if (document.forms.postForm.todo.value == "")
                return;

            var message = "";';

    // We have special messages for approving deletion of accounts - it's surprisingly logical - honest.
    if ($context['current_filter'] == 4)
        $javascript .= '
            if (document.forms.postForm.todo.value.indexOf("reject") != -1)
                message = "' . $txt['admin_browse_w_delete'] . '";
            else
                message = "' . $txt['admin_browse_w_reject'] . '";';
    // Otherwise a nice standard message.
    else
        $javascript .= '
            if (document.forms.postForm.todo.value.indexOf("delete") != -1)
                message = "' . $txt['admin_browse_w_delete'] . '";
            else if (document.forms.postForm.todo.value.indexOf("reject") != -1)
                message = "' . $txt['admin_browse_w_reject'] . '";
            else if (document.forms.postForm.todo.value == "remind")
                message = "' . $txt['admin_browse_w_remind'] . '";
            else
                message = "' . ($context['browse_type'] == 'approve' ? $txt['admin_browse_w_approve'] : $txt['admin_browse_w_activate']) . '";';
    $javascript .= '
            if (confirm(message + " ' . $txt['admin_browse_warn'] . '"))
                document.forms.postForm.submit();
        }';

    $listOptions = array(
        'id' => 'approve_list',
//      'title' => $txt['members_approval_title'],
        'items_per_page' => $modSettings['defaultMaxMembers'],
        'base_href' => $scripturl . '?action=admin;area=viewmembers;sa=browse;type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : ''),
        'default_sort_col' => 'date_registered',
        'get_items' => array(
            'file' => $sourcedir . '/Subs-Members.php',
            'function' => 'list_getMembers',
            'params' => array(
                'is_activated = {int:activated_status}',
                array('activated_status' => $context['current_filter']),
                $context['show_duplicates'],
            ),
        ),
        'get_count' => array(
            'file' => $sourcedir . '/Subs-Members.php',
            'function' => 'list_getNumMembers',
            'params' => array(
                'is_activated = {int:activated_status}',
                array('activated_status' => $context['current_filter']),
            ),
        ),
        'columns' => array(
            'id_member' => array(
                'header' => array(
                    'value' => $txt['member_id'],
                ),
                'data' => array(
                    'db' => 'id_member',
                ),
                'sort' => array(
                    'default' => 'id_member',
                    'reverse' => 'id_member DESC',
                ),
            ),
            'user_name' => array(
                'header' => array(
                    'value' => $txt['username'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=profile;u=%1$d">%2$s</a>',
                        'params' => array(
                            'id_member' => false,
                            'member_name' => false,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'member_name',
                    'reverse' => 'member_name DESC',
                ),
            ),
            'email' => array(
                'header' => array(
                    'value' => $txt['email_address'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="mailto:%1$s">%1$s</a>',
                        'params' => array(
                            'email_address' => true,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'email_address',
                    'reverse' => 'email_address DESC',
                ),
            ),
            'ip' => array(
                'header' => array(
                    'value' => $txt['ip_address'],
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . strtr($scripturl, array('%' => '%%')) . '?action=trackip;searchip=%1$s">%1$s</a>',
                        'params' => array(
                            'member_ip' => false,
                        ),
                    ),
                ),
                'sort' => array(
                    'default' => 'member_ip',
                    'reverse' => 'member_ip DESC',
                ),
            ),
            'hostname' => array(
                'header' => array(
                    'value' => $txt['hostname'],
                ),
                'data' => array(
                    'function' => function($rowData)
                    {
                        return host_from_ip(inet_dtop($rowData['member_ip']));
                    },
                    'class' => 'smalltext',
                ),
            ),
            'date_registered' => array(
                'header' => array(
                    'value' => $context['current_filter'] == 4 ? $txt['viewmembers_online'] : $txt['date_registered'],
                ),
                'data' => array(
                    'function' => function($rowData) use ($context)
                    {
                        return timeformat($rowData['' . ($context['current_filter'] == 4 ? 'last_login' : 'date_registered') . '']);
                    },
                ),
                'sort' => array(
                    'default' => $context['current_filter'] == 4 ? 'mem.last_login DESC' : 'date_registered DESC',
                    'reverse' => $context['current_filter'] == 4 ? 'mem.last_login' : 'date_registered',
                ),
            ),
            'duplicates' => array(
                'header' => array(
                    'value' => $txt['duplicates'],
                    // Make sure it doesn't go too wide.
                    'style' => 'width: 20%;',
                ),
                'data' => array(
                    'function' => function($rowData) use ($scripturl, $txt)
                    {
                        $member_links = array();
                        foreach ($rowData['duplicate_members'] as $member)
                        {
                            if ($member['id'])
                                $member_links[] = '<a href="' . $scripturl . '?action=profile;u=' . $member['id'] . '" ' . (!empty($member['is_banned']) ? 'class="red"' : '') . '>' . $member['name'] . '</a>';
                            else
                                $member_links[] = $member['name'] . ' (' . $txt['guest'] . ')';
                        }
                        return implode(', ', $member_links);
                    },
                    'class' => 'smalltext',
                ),
            ),
            'check' => array(
                'header' => array(
                    'value' => '<input type="checkbox" onclick="invertAll(this, this.form);">',
                    'class' => 'centercol',
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<input type="checkbox" name="todoAction[]" value="%1$d">',
                        'params' => array(
                            'id_member' => false,
                        ),
                    ),
                    'class' => 'centercol',
                ),
            ),
        ),
        'javascript' => $javascript,
        'form' => array(
            'href' => $scripturl . '?action=admin;area=viewmembers;sa=approve;type=' . $context['browse_type'],
            'name' => 'postForm',
            'include_start' => true,
            'include_sort' => true,
            'hidden_fields' => array(
                'orig_filter' => $context['current_filter'],
            ),
        ),
        'additional_rows' => array(
            array(
                'position' => 'below_table_data',
                'value' => '
                    [<a href="' . $scripturl . '?action=admin;area=viewmembers;sa=browse;showdupes=' . ($context['show_duplicates'] ? 0 : 1) . ';type=' . $context['browse_type'] . (!empty($context['show_filter']) ? ';filter=' . $context['current_filter'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'] . '">' . ($context['show_duplicates'] ? $txt['dont_check_for_duplicate'] : $txt['check_for_duplicate']) . '</a>]
                    <select name="todo" onchange="onSelectChange();">
                        ' . $allowed_actions . '
                    </select>
                    <noscript><input type="submit" value="' . $txt['go'] . '" class="button"><br class="clear_right"></noscript>
                ',
                'class' => 'floatright',
            ),
        ),
    );

    // Pick what column to actually include if we're showing duplicates.
    if ($context['show_duplicates'])
        unset($listOptions['columns']['email']);
    else
        unset($listOptions['columns']['duplicates']);

    // Only show hostname on duplicates as it takes a lot of time.
    if (!$context['show_duplicates'] || !empty($modSettings['disableHostnameLookup']))
        unset($listOptions['columns']['hostname']);

    // Is there any need to show filters?
    if (isset($context['available_filters']) && count($context['available_filters']) > 1)
    {
        $filterOptions = '
            <strong>' . $txt['admin_browse_filter_by'] . ':</strong>
            <select name="filter" onchange="this.form.submit();">';
        foreach ($context['available_filters'] as $filter)
            $filterOptions .= '
                <option value="' . $filter['type'] . '"' . ($filter['selected'] ? ' selected' : '') . '>' . $filter['desc'] . ' - ' . $filter['amount'] . ' ' . ($filter['amount'] == 1 ? $txt['user'] : $txt['users']) . '</option>';
        $filterOptions .= '
            </select>
            <noscript><input type="submit" value="' . $txt['go'] . '" name="filter" class="button"></noscript>';
        $listOptions['additional_rows'][] = array(
            'position' => 'top_of_list',
            'value' => $filterOptions,
            'class' => 'righttext',
        );
    }

    // What about if we only have one filter, but it's not the "standard" filter - show them what they are looking at.
    if (!empty($context['show_filter']) && !empty($context['available_filters']))
        $listOptions['additional_rows'][] = array(
            'position' => 'above_column_headers',
            'value' => '<strong>' . $txt['admin_browse_filter_show'] . ':</strong> ' . ((isset($context['current_filter']) && isset($txt['admin_browse_filter_type_' . $context['current_filter']])) ? $txt['admin_browse_filter_type_' . $context['current_filter']] : $context['available_filters'][0]['desc']),
            'class' => 'filter_row generic_list_wrapper smalltext',
        );

    // Now that we have all the options, create the list.
    require_once($sourcedir . '/Subs-List.php');
    createList($listOptions);
}

/**
 * This function handles the approval, rejection, activation or deletion of members.
 * Called by ?action=admin;area=viewmembers;sa=approve.
 * Requires the moderate_forum permission.
 * Redirects to ?action=admin;area=viewmembers;sa=browse
 * with the same parameters as the calling page.
 */
function AdminApprove()
{
    global $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;

    // First, check our session.
    checkSession();

    require_once($sourcedir . '/Subs-Post.php');

    // We also need to the login languages here - for emails.
    loadLanguage('Login');

    // Sort out where we are going...
    $current_filter = (int) $_REQUEST['orig_filter'];

    // If we are applying a filter do just that - then redirect.
    if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter'])
        redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);

    // Nothing to do?
    if (!isset($_POST['todoAction']) && !isset($_POST['time_passed']))
        redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);

    // Are we dealing with members who have been waiting for > set amount of time?
    if (isset($_POST['time_passed']))
    {
        $timeBefore = time() - 86400 * (int) $_POST['time_passed'];
        $condition = '
            AND date_registered < {int:time_before}';
    }
    // Coming from checkboxes - validate the members passed through to us.
    else
    {
        $members = array();
        foreach ($_POST['todoAction'] as $id)
            $members[] = (int) $id;
        $condition = '
            AND id_member IN ({array_int:members})';
    }

    // Get information on each of the members, things that are important to us, like email address...
    $request = $smcFunc['db_query']('', '
        SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
        FROM {db_prefix}members
        WHERE is_activated = {int:activated_status}' . $condition . '
        ORDER BY lngfile',
        array(
            'activated_status' => $current_filter,
            'time_before' => empty($timeBefore) ? 0 : $timeBefore,
            'members' => empty($members) ? array() : $members,
        )
    );

    $member_count = $smcFunc['db_num_rows']($request);

    // If no results then just return!
    if ($member_count == 0)
        redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);

    $member_info = array();
    $members = array();
    // Fill the info array.
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        $members[] = $row['id_member'];
        $member_info[] = array(
            'id' => $row['id_member'],
            'username' => $row['member_name'],
            'name' => $row['real_name'],
            'email' => $row['email_address'],
            'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'],
            'code' => $row['validation_code']
        );
    }
    $smcFunc['db_free_result']($request);

    // Are we activating or approving the members?
    if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail')
    {
        // Approve/activate this member.
        $smcFunc['db_query']('', '
            UPDATE {db_prefix}members
            SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
            WHERE is_activated = {int:activated_status}' . $condition,
            array(
                'is_activated' => 1,
                'time_before' => empty($timeBefore) ? 0 : $timeBefore,
                'members' => empty($members) ? array() : $members,
                'activated_status' => $current_filter,
                'blank_string' => '',
            )
        );

        // Do we have to let the integration code know about the activations?
        if (!empty($modSettings['integrate_activate']))
        {
            foreach ($member_info as $member)
                call_integration_hook('integrate_activate', array($member['username']));
        }

        // Check for email.
        if ($_POST['todo'] == 'okemail')
        {
            foreach ($member_info as $member)
            {
                $replacements = array(
                    'NAME' => $member['name'],
                    'USERNAME' => $member['username'],
                    'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'],
                    'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
                );

                $emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
                sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, 'accapp' . $member['id'], $emaildata['is_html'], 0);
            }
        }
    }
    // Maybe we're sending it off for activation?
    elseif ($_POST['todo'] == 'require_activation')
    {
        require_once($sourcedir . '/Subs-Members.php');

        // We have to do this for each member I'm afraid.
        foreach ($member_info as $member)
        {
            // Generate a random activation code.
            $validation_code = generateValidationCode();

            // Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
            $smcFunc['db_query']('', '
                UPDATE {db_prefix}members
                SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
                WHERE is_activated = {int:activated_status}
                    ' . $condition . '
                    AND id_member = {int:selected_member}',
                array(
                    'not_activated' => 0,
                    'activated_status' => $current_filter,
                    'selected_member' => $member['id'],
                    'validation_code' => $validation_code,
                    'time_before' => empty($timeBefore) ? 0 : $timeBefore,
                    'members' => empty($members) ? array() : $members,
                )
            );

            $replacements = array(
                'USERNAME' => $member['name'],
                'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code,
                'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
                'ACTIVATIONCODE' => $validation_code,
            );

            $emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
            sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, 'accact' . $member['id'], $emaildata['is_html'], 0);
        }
    }
    // Are we rejecting them?
    elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail')
    {
        require_once($sourcedir . '/Subs-Members.php');
        deleteMembers($members);

        // Send email telling them they aren't welcome?
        if ($_POST['todo'] == 'rejectemail')
        {
            foreach ($member_info as $member)
            {
                $replacements = array(
                    'USERNAME' => $member['name'],
                );

                $emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
                sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, 'accrej', $emaildata['is_html'], 1);
            }
        }
    }
    // A simple delete?
    elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail')
    {
        require_once($sourcedir . '/Subs-Members.php');
        deleteMembers($members);

        // Send email telling them they aren't welcome?
        if ($_POST['todo'] == 'deleteemail')
        {
            foreach ($member_info as $member)
            {
                $replacements = array(
                    'USERNAME' => $member['name'],
                );

                $emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
                sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, 'accdel', $emaildata['is_html'], 1);
            }
        }
    }
    // Remind them to activate their account?
    elseif ($_POST['todo'] == 'remind')
    {
        foreach ($member_info as $member)
        {
            $replacements = array(
                'USERNAME' => $member['name'],
                'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'],
                'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'],
                'ACTIVATIONCODE' => $member['code'],
            );

            $emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
            sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, 'accrem' . $member['id'], $emaildata['is_html'], 1);
        }
    }

    // @todo current_language is never set, no idea what this is for. Remove?
    // Back to the user's language!
    if (isset($current_language) && $current_language != $user_info['language'])
    {
        loadLanguage('index');
        loadLanguage('ManageMembers');
    }

    // Log what we did?
    if (!empty($modSettings['modlog_enabled']) && in_array($_POST['todo'], array('ok', 'okemail', 'require_activation', 'remind')))
    {
        $log_action = $_POST['todo'] == 'remind' ? 'remind_member' : 'approve_member';

        require_once($sourcedir . '/Logging.php');
        foreach ($member_info as $member)
            logAction($log_action, array('member' => $member['id']), 'admin');
    }

    // Although updateStats *may* catch this, best to do it manually just in case (Doesn't always sort out unapprovedMembers).
    if (in_array($current_filter, array(3, 4, 5)))
        updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > $member_count ? $modSettings['unapprovedMembers'] - $member_count : 0)));

    // Update the member's stats. (but, we know the member didn't change their name.)
    updateStats('member', false);

    // If they haven't been deleted, update the post group statistics on them...
    if (!in_array($_POST['todo'], array('delete', 'deleteemail', 'reject', 'rejectemail', 'remind')))
        updateStats('postgroups', $members);

    redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}

/**
 * Nifty function to calculate the number of days ago a given date was.
 * Requires a unix timestamp as input, returns an integer.
 * Named in honour of Jeff Lewis, the original creator of...this function.
 *
 * @param int $old The timestamp of the old date
 * @return int The number of days since $old, based on the forum time
 */
function jeffsdatediff($old)
{
    // Get the current time as the user would see it...
    $forumTime = forum_time();

    // Calculate the seconds that have passed since midnight.
    $sinceMidnight = date('H', $forumTime) * 60 * 60 + date('i', $forumTime) * 60 + date('s', $forumTime);

    // Take the difference between the two times.
    $dis = time() - $old;

    // Before midnight?
    if ($dis < $sinceMidnight)
        return 0;
    else
        $dis -= $sinceMidnight;

    // Divide out the seconds in a day to get the number of days.
    return ceil($dis / (24 * 60 * 60));
}

/**
 * Fetches all the activation counts for ViewMembers.
 *
 */
function GetMemberActivationCounts()
{
    global $smcFunc, $context;

    // Get counts on every type of activation - for sections and filtering alike.
    $request = $smcFunc['db_query']('', '
        SELECT COUNT(*) AS total_members, is_activated
        FROM {db_prefix}members
        WHERE is_activated != {int:is_activated}
        GROUP BY is_activated',
        array(
            'is_activated' => 1,
        )
    );
    $context['activation_numbers'] = array();
    $context['awaiting_activation'] = 0;
    $context['awaiting_approval'] = 0;
    while ($row = $smcFunc['db_fetch_assoc']($request))
        $context['activation_numbers'][$row['is_activated']] = $row['total_members'];
    $smcFunc['db_free_result']($request);

    foreach ($context['activation_numbers'] as $activation_type => $total_members)
    {
        if (in_array($activation_type, array(0, 2)))
            $context['awaiting_activation'] += $total_members;
        elseif (in_array($activation_type, array(3, 4, 5)))
            $context['awaiting_approval'] += $total_members;
    }

}

?>