1:    2:    3:    4:    5:    6:    7:    8:    9:   10:   11:   12:   13:   14:   15:   16:   17:   18:   19:   20:   21:   22:   23:   24:   25:   26:   27:   28:   29:   30:   31:   32:   33:   34:   35:   36:   37:   38:   39:   40:   41:   42:   43:   44:   45:   46:   47:   48:   49:   50:   51:   52:   53:   54:   55:   56:   57:   58:   59:   60:   61:   62:   63:   64:   65:   66:   67:   68:   69:   70:   71:   72:   73:   74:   75:   76:   77:   78:   79:   80:   81:   82:   83:   84:   85:   86:   87:   88:   89:   90:   91:   92:   93:   94:   95:   96:   97:   98:   99:  100:  101:  102:  103:  104:  105:  106:  107:  108:  109:  110:  111:  112:  113:  114:  115:  116:  117:  118:  119:  120:  121:  122:  123:  124:  125:  126:  127:  128:  129:  130:  131:  132:  133:  134:  135:  136:  137:  138:  139:  140:  141:  142:  143:  144:  145:  146:  147:  148:  149:  150:  151:  152:  153:  154:  155:  156:  157:  158:  159:  160:  161:  162:  163:  164:  165:  166:  167:  168:  169:  170:  171:  172:  173:  174:  175:  176:  177:  178:  179:  180:  181:  182:  183:  184:  185:  186:  187:  188:  189:  190:  191:  192:  193:  194:  195:  196:  197:  198:  199:  200:  201:  202:  203:  204:  205:  206:  207:  208:  209:  210:  211:  212:  213:  214:  215:  216:  217:  218:  219:  220:  221:  222:  223:  224:  225:  226:  227:  228:  229:  230:  231:  232:  233:  234:  235:  236:  237:  238:  239:  240:  241:  242:  243:  244:  245:  246:  247:  248:  249:  250:  251:  252:  253:  254:  255:  256:  257:  258:  259:  260:  261:  262:  263:  264:  265:  266:  267:  268:  269:  270:  271:  272:  273:  274:  275:  276:  277:  278:  279:  280:  281:  282:  283:  284:  285:  286:  287:  288:  289:  290:  291:  292:  293:  294:  295:  296:  297:  298:  299:  300:  301:  302:  303:  304:  305:  306:  307:  308:  309:  310:  311:  312:  313:  314:  315:  316:  317:  318:  319:  320:  321:  322:  323:  324:  325:  326:  327:  328:  329:  330:  331:  332:  333:  334:  335:  336:  337:  338:  339:  340:  341:  342:  343:  344:  345:  346:  347:  348:  349:  350:  351:  352:  353:  354:  355:  356:  357:  358:  359:  360:  361:  362:  363:  364:  365:  366:  367:  368:  369:  370:  371:  372:  373:  374:  375:  376:  377:  378:  379:  380:  381:  382:  383:  384:  385:  386:  387:  388:  389:  390:  391:  392:  393:  394:  395:  396:  397:  398:  399:  400:  401:  402:  403:  404:  405:  406:  407:  408:  409:  410:  411:  412:  413:  414:  415:  416:  417:  418:  419:  420:  421:  422:  423:  424:  425:  426:  427:  428:  429:  430:  431:  432:  433:  434:  435:  436:  437:  438:  439:  440:  441:  442:  443:  444:  445:  446:  447:  448:  449:  450:  451:  452:  453:  454:  455:  456:  457:  458:  459:  460:  461:  462:  463:  464:  465:  466:  467:  468:  469:  470:  471:  472:  473:  474:  475:  476:  477:  478:  479:  480:  481:  482:  483:  484:  485:  486:  487:  488:  489:  490:  491:  492:  493:  494:  495:  496:  497:  498:  499:  500:  501:  502:  503:  504:  505:  506:  507:  508:  509:  510:  511:  512:  513:  514:  515:  516:  517:  518:  519:  520:  521:  522:  523:  524:  525:  526:  527:  528:  529:  530:  531:  532:  533:  534:  535:  536:  537:  538:  539:  540:  541:  542:  543:  544:  545:  546:  547:  548:  549:  550:  551:  552:  553:  554:  555:  556:  557:  558:  559:  560:  561:  562:  563:  564:  565:  566:  567:  568:  569:  570:  571:  572:  573:  574:  575:  576:  577:  578:  579:  580:  581:  582:  583:  584:  585:  586:  587:  588:  589:  590:  591:  592:  593:  594:  595:  596:  597:  598:  599:  600:  601:  602:  603:  604:  605:  606:  607:  608:  609:  610:  611:  612:  613:  614:  615:  616:  617:  618:  619:  620:  621:  622:  623:  624:  625:  626:  627:  628:  629:  630:  631:  632:  633:  634:  635:  636:  637:  638:  639:  640:  641:  642:  643:  644:  645:  646:  647:  648:  649:  650:  651:  652:  653:  654:  655:  656:  657:  658:  659:  660:  661:  662:  663:  664:  665:  666:  667:  668:  669:  670:  671:  672:  673:  674:  675:  676:  677:  678:  679:  680:  681:  682:  683:  684:  685:  686:  687:  688:  689:  690:  691:  692:  693:  694:  695:  696:  697:  698:  699:  700:  701:  702:  703:  704:  705:  706:  707:  708:  709:  710:  711:  712:  713:  714:  715:  716:  717:  718:  719:  720:  721:  722:  723:  724:  725:  726:  727:  728:  729:  730:  731:  732:  733:  734:  735:  736:  737:  738:  739:  740:  741:  742:  743:  744:  745:  746:  747:  748:  749:  750:  751:  752:  753:  754:  755:  756:  757:  758:  759:  760:  761:  762:  763:  764:  765:  766:  767:  768:  769:  770:  771:  772:  773:  774:  775:  776:  777:  778:  779:  780:  781:  782:  783:  784:  785:  786:  787:  788:  789:  790:  791:  792:  793:  794:  795:  796:  797:  798:  799:  800:  801:  802:  803:  804:  805:  806:  807:  808:  809:  810:  811:  812:  813:  814:  815:  816:  817:  818:  819:  820:  821:  822:  823:  824:  825:  826:  827:  828:  829:  830:  831:  832:  833:  834:  835:  836:  837:  838:  839:  840:  841:  842:  843:  844:  845:  846:  847:  848:  849:  850:  851:  852:  853:  854:  855:  856:  857:  858:  859:  860:  861:  862:  863:  864:  865:  866:  867:  868:  869:  870:  871:  872:  873:  874:  875:  876:  877:  878:  879:  880:  881:  882:  883:  884:  885:  886:  887:  888:  889:  890:  891:  892:  893:  894:  895:  896:  897:  898:  899:  900:  901:  902:  903:  904:  905:  906:  907:  908:  909:  910:  911:  912:  913:  914:  915:  916:  917:  918:  919:  920:  921:  922:  923:  924:  925:  926:  927:  928:  929:  930:  931:  932:  933:  934:  935:  936:  937:  938:  939:  940:  941:  942:  943:  944:  945:  946:  947:  948:  949:  950:  951:  952:  953:  954:  955:  956:  957:  958:  959:  960:  961:  962:  963:  964:  965:  966:  967:  968:  969:  970:  971:  972:  973:  974:  975:  976:  977:  978:  979:  980:  981:  982:  983:  984:  985:  986:  987:  988:  989:  990:  991:  992:  993:  994:  995:  996:  997:  998:  999: 1000: 1001: 1002: 1003: 1004: 1005: 1006: 1007: 1008: 1009: 1010: 1011: 1012: 1013: 1014: 1015: 1016: 1017: 1018: 1019: 1020: 1021: 1022: 1023: 1024: 1025: 1026: 1027: 1028: 1029: 1030: 1031: 1032: 1033: 1034: 1035: 1036: 1037: 1038: 1039: 1040: 1041: 1042: 1043: 1044: 1045: 1046: 1047: 1048: 1049: 1050: 1051: 1052: 1053: 1054: 1055: 1056: 1057: 1058: 1059: 1060: 1061: 1062: 1063: 1064: 1065: 1066: 1067: 1068: 1069: 1070: 1071: 1072: 1073: 1074: 1075: 1076: 1077: 1078: 1079: 1080: 1081: 1082: 1083: 1084: 1085: 1086: 1087: 1088: 1089: 1090: 1091: 1092: 1093: 1094: 1095: 1096: 1097: 1098: 1099: 1100: 1101: 1102: 1103: 1104: 1105: 1106: 1107: 1108: 1109: 1110: 1111: 1112: 1113: 1114: 1115: 1116: 1117: 1118: 1119: 1120: 1121: 1122: 1123: 1124: 1125: 1126: 1127: 1128: 1129: 1130: 1131: 1132: 1133: 1134: 1135: 1136: 1137: 1138: 1139: 1140: 1141: 1142: 1143: 1144: 1145: 1146: 1147: 1148: 1149: 1150: 1151: 1152: 1153: 1154: 1155: 1156: 1157: 1158: 1159: 1160: 1161: 1162: 1163: 1164: 1165: 1166: 1167: 1168: 1169: 1170: 1171: 1172: 1173: 1174: 1175: 1176: 1177: 1178: 1179: 1180: 1181: 1182: 1183: 1184: 1185: 1186: 1187: 1188: 1189: 1190: 1191: 1192: 1193: 1194: 1195: 1196: 1197: 1198: 1199: 1200: 1201: 1202: 1203: 1204: 1205: 1206: 1207: 1208: 1209: 1210: 1211: 1212: 1213: 1214: 1215: 1216: 1217: 1218: 1219: 1220: 1221: 1222: 1223: 1224: 1225: 1226: 1227: 1228: 1229: 1230: 1231: 1232: 1233: 1234: 1235: 1236: 1237: 1238: 1239: 1240: 1241: 1242: 1243: 1244: 1245: 1246: 1247: 1248: 1249: 1250: 1251: 1252: 1253: 1254: 1255: 1256: 1257: 1258: 1259: 1260: 1261: 1262: 1263: 1264: 1265: 1266: 1267: 1268: 1269: 1270: 1271: 1272: 1273: 1274: 1275: 1276: 1277: 1278: 1279: 1280: 1281: 1282: 1283: 1284: 1285: 1286: 1287: 1288: 1289: 1290: 1291: 1292: 1293: 1294: 1295: 1296: 1297: 1298: 1299: 1300: 1301: 1302: 1303: 1304: 1305: 1306: 1307: 1308: 1309: 1310: 1311: 1312: 1313: 1314: 1315: 1316: 1317: 1318: 1319: 1320: 1321: 1322: 1323: 1324: 1325: 1326: 1327: 1328: 1329: 1330: 1331: 1332: 1333: 1334: 1335: 1336: 1337: 1338: 1339: 1340: 1341: 1342: 1343: 1344: 1345: 1346: 1347: 1348: 1349: 1350: 1351: 1352: 1353: 1354: 1355: 1356: 1357: 1358: 1359: 1360: 1361: 1362: 1363: 1364: 1365: 1366: 1367: 1368: 1369: 1370: 1371: 1372: 1373: 1374: 1375: 1376: 1377: 1378: 1379: 1380: 1381: 1382: 1383: 1384: 1385: 1386: 1387: 1388: 1389: 1390: 1391: 1392: 1393: 1394: 1395: 1396: 1397: 1398: 1399: 1400: 1401: 1402: 1403: 1404: 1405: 1406: 1407: 1408: 1409: 1410: 1411: 1412: 1413: 1414: 1415: 1416: 1417: 1418: 1419: 1420: 1421: 1422: 1423: 1424: 1425: 1426: 1427: 1428: 1429: 1430: 1431: 1432: 1433: 1434: 1435: 1436: 1437: 1438: 1439: 1440: 1441: 1442: 1443: 1444: 1445: 1446: 1447: 1448: 1449: 1450: 1451: 1452: 1453: 1454: 1455: 1456: 1457: 1458: 1459: 1460: 1461: 1462: 1463: 1464: 1465: 1466: 1467: 1468: 1469: 1470: 1471: 1472: 1473: 1474: 1475: 1476: 1477: 1478: 1479: 1480: 1481: 1482: 1483: 1484: 1485: 1486: 1487: 1488: 1489: 1490: 1491: 1492: 1493: 1494: 1495: 1496: 1497: 1498: 1499: 1500: 1501: 1502: 1503: 1504: 1505: 1506: 1507: 1508: 1509: 1510: 1511: 1512: 1513: 1514: 1515: 1516: 1517: 1518: 1519: 1520: 1521: 1522: 1523: 1524: 1525: 1526: 1527: 1528: 1529: 

<?php

/**
 * This file contains some useful functions for members and membergroups.
 *
 * Simple Machines Forum (SMF)
 *
 * @package SMF
 * @author Simple Machines http://www.simplemachines.org
 * @copyright 2019 Simple Machines and individual contributors
 * @license http://www.simplemachines.org/about/smf/license.php BSD
 *
 * @version 2.1 RC1
 */

if (!defined('SMF'))
    die('No direct access...');

/**
 * Delete one or more members.
 * Requires profile_remove_own or profile_remove_any permission for
 * respectively removing your own account or any account.
 * Non-admins cannot delete admins.
 * The function:
 *   - changes author of messages, topics and polls to guest authors.
 *   - removes all log entries concerning the deleted members, except the
 * error logs, ban logs and moderation logs.
 *   - removes these members' personal messages (only the inbox), avatars,
 * ban entries, theme settings, moderator positions, poll and votes.
 *   - updates member statistics afterwards.
 *
 * @param int|array $users The ID of a user or an array of user IDs
 * @param bool $check_not_admin Whether to verify that the users aren't admins
 */
function deleteMembers($users, $check_not_admin = false)
{
    global $sourcedir, $modSettings, $user_info, $smcFunc;

    // Try give us a while to sort this out...
    @set_time_limit(600);

    // Try to get some more memory.
    setMemoryLimit('128M');

    // If it's not an array, make it so!
    if (!is_array($users))
        $users = array($users);
    else
        $users = array_unique($users);

    // Make sure there's no void user in here.
    $users = array_diff($users, array(0));

    // How many are they deleting?
    if (empty($users))
        return;
    elseif (count($users) == 1)
    {
        list ($user) = $users;

        if ($user == $user_info['id'])
            isAllowedTo('profile_remove_own');
        else
            isAllowedTo('profile_remove_any');
    }
    else
    {
        foreach ($users as $k => $v)
            $users[$k] = (int) $v;

        // Deleting more than one?  You can't have more than one account...
        isAllowedTo('profile_remove_any');
    }

    // Get their names for logging purposes.
    $request = $smcFunc['db_query']('', '
        SELECT id_member, member_name, CASE WHEN id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0 THEN 1 ELSE 0 END AS is_admin
        FROM {db_prefix}members
        WHERE id_member IN ({array_int:user_list})
        LIMIT {int:limit}',
        array(
            'user_list' => $users,
            'admin_group' => 1,
            'limit' => count($users),
        )
    );
    $admins = array();
    $user_log_details = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        if ($row['is_admin'])
            $admins[] = $row['id_member'];
        $user_log_details[$row['id_member']] = array($row['id_member'], $row['member_name']);
    }
    $smcFunc['db_free_result']($request);

    if (empty($user_log_details))
        return;

    // Make sure they aren't trying to delete administrators if they aren't one.  But don't bother checking if it's just themself.
    if (!empty($admins) && ($check_not_admin || (!allowedTo('admin_forum') && (count($users) != 1 || $users[0] != $user_info['id']))))
    {
        $users = array_diff($users, $admins);
        foreach ($admins as $id)
            unset($user_log_details[$id]);
    }

    // No one left?
    if (empty($users))
        return;

    // Log the action - regardless of who is deleting it.
    $log_changes = array();
    foreach ($user_log_details as $user)
    {
        $log_changes[] = array(
            'action' => 'delete_member',
            'log_type' => 'admin',
            'extra' => array(
                'member' => $user[0],
                'name' => $user[1],
                'member_acted' => $user_info['name'],
            ),
        );

        // Remove any cached data if enabled.
        if (!empty($modSettings['cache_enable']) && $modSettings['cache_enable'] >= 2)
            cache_put_data('user_settings-' . $user[0], null, 60);
    }

    // Make these peoples' posts guest posts.
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}messages
        SET id_member = {int:guest_id}' . (!empty($modSettings['deleteMembersRemovesEmail']) ? ',
            poster_email = {string:blank_email}' : '') . '
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'blank_email' => '',
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}polls
        SET id_member = {int:guest_id}
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    // Make these peoples' posts guest first posts and last posts.
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}topics
        SET id_member_started = {int:guest_id}
        WHERE id_member_started IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}topics
        SET id_member_updated = {int:guest_id}
        WHERE id_member_updated IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    $smcFunc['db_query']('', '
        UPDATE {db_prefix}log_actions
        SET id_member = {int:guest_id}
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    $smcFunc['db_query']('', '
        UPDATE {db_prefix}log_banned
        SET id_member = {int:guest_id}
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    $smcFunc['db_query']('', '
        UPDATE {db_prefix}log_errors
        SET id_member = {int:guest_id}
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    // Delete the member.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}members
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Delete any drafts...
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}user_drafts
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Delete anything they liked.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}user_likes
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Delete their mentions
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}mentions
        WHERE id_member IN ({array_int:members})',
        array(
            'members' => $users,
        )
    );

    // Delete the logs...
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_actions
        WHERE id_log = {int:log_type}
            AND id_member IN ({array_int:users})',
        array(
            'log_type' => 2,
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_boards
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_comments
        WHERE id_recipient IN ({array_int:users})
            AND comment_type = {string:warntpl}',
        array(
            'users' => $users,
            'warntpl' => 'warntpl',
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_group_requests
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_mark_read
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_notify
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_online
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_subscribed
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}log_topics
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Make their votes appear as guest votes - at least it keeps the totals right.
    // @todo Consider adding back in cookie protection.
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}log_polls
        SET id_member = {int:guest_id}
        WHERE id_member IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    // Delete personal messages.
    require_once($sourcedir . '/PersonalMessage.php');
    deleteMessages(null, null, $users);

    $smcFunc['db_query']('', '
        UPDATE {db_prefix}personal_messages
        SET id_member_from = {int:guest_id}
        WHERE id_member_from IN ({array_int:users})',
        array(
            'guest_id' => 0,
            'users' => $users,
        )
    );

    // They no longer exist, so we don't know who it was sent to.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}pm_recipients
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Delete avatar.
    require_once($sourcedir . '/ManageAttachments.php');
    removeAttachments(array('id_member' => $users));

    // It's over, no more moderation for you.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}moderators
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}group_moderators
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // If you don't exist we can't ban you.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}ban_items
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // Remove individual theme settings.
    $smcFunc['db_query']('', '
        DELETE FROM {db_prefix}themes
        WHERE id_member IN ({array_int:users})',
        array(
            'users' => $users,
        )
    );

    // These users are nobody's buddy nomore.
    $request = $smcFunc['db_query']('', '
        SELECT id_member, pm_ignore_list, buddy_list
        FROM {db_prefix}members
        WHERE FIND_IN_SET({raw:pm_ignore_list}, pm_ignore_list) != 0 OR FIND_IN_SET({raw:buddy_list}, buddy_list) != 0',
        array(
            'pm_ignore_list' => implode(', pm_ignore_list) != 0 OR FIND_IN_SET(', $users),
            'buddy_list' => implode(', buddy_list) != 0 OR FIND_IN_SET(', $users),
        )
    );
    while ($row = $smcFunc['db_fetch_assoc']($request))
        $smcFunc['db_query']('', '
            UPDATE {db_prefix}members
            SET
                pm_ignore_list = {string:pm_ignore_list},
                buddy_list = {string:buddy_list}
            WHERE id_member = {int:id_member}',
            array(
                'id_member' => $row['id_member'],
                'pm_ignore_list' => implode(',', array_diff(explode(',', $row['pm_ignore_list']), $users)),
                'buddy_list' => implode(',', array_diff(explode(',', $row['buddy_list']), $users)),
            )
        );
    $smcFunc['db_free_result']($request);

    // Make sure no member's birthday is still sticking in the calendar...
    updateSettings(array(
        'calendar_updated' => time(),
    ));

    // Integration rocks!
    call_integration_hook('integrate_delete_members', array($users));

    updateStats('member');

    require_once($sourcedir . '/Logging.php');
    logActions($log_changes);
}

/**
 * Registers a member to the forum.
 * Allows two types of interface: 'guest' and 'admin'. The first
 * includes hammering protection, the latter can perform the
 * registration silently.
 * The strings used in the options array are assumed to be escaped.
 * Allows to perform several checks on the input, e.g. reserved names.
 * The function will adjust member statistics.
 * If an error is detected will fatal error on all errors unless return_errors is true.
 *
 * @param array $regOptions An array of registration options
 * @param bool $return_errors Whether to return the errors
 * @return int|array The ID of the newly registered user or an array of error info if $return_errors is true
 */
function registerMember(&$regOptions, $return_errors = false)
{
    global $scripturl, $txt, $modSettings, $context, $sourcedir;
    global $user_info, $smcFunc;

    loadLanguage('Login');

    // We'll need some external functions.
    require_once($sourcedir . '/Subs-Auth.php');
    require_once($sourcedir . '/Subs-Post.php');

    // Put any errors in here.
    $reg_errors = array();

    // Registration from the admin center, let them sweat a little more.
    if ($regOptions['interface'] == 'admin')
    {
        is_not_guest();
        isAllowedTo('moderate_forum');
    }
    // If you're an admin, you're special ;).
    elseif ($regOptions['interface'] == 'guest')
    {
        // You cannot register twice...
        if (empty($user_info['is_guest']))
            redirectexit();

        // Make sure they didn't just register with this session.
        if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck']))
            fatal_lang_error('register_only_once', false);
    }

    // Spaces and other odd characters are evil...
    $regOptions['username'] = trim(preg_replace('~[\t\n\r \x0B\0' . ($context['utf8'] ? '\x{A0}\x{AD}\x{2000}-\x{200F}\x{201F}\x{202F}\x{3000}\x{FEFF}' : '\x00-\x08\x0B\x0C\x0E-\x19\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $regOptions['username']));

    // Convert character encoding for non-utf8mb4 database
    $regOptions['username'] = $smcFunc['htmlspecialchars']($regOptions['username']);

    // @todo Separate the sprintf?
    if (empty($regOptions['email']) || !filter_var($regOptions['email'], FILTER_VALIDATE_EMAIL) || strlen($regOptions['email']) > 255)
        $reg_errors[] = array('lang', 'profile_error_bad_email');

    $username_validation_errors = validateUsername(0, $regOptions['username'], true, !empty($regOptions['check_reserved_name']));
    if (!empty($username_validation_errors))
        $reg_errors = array_merge($reg_errors, $username_validation_errors);

    // Generate a validation code if it's supposed to be emailed.
    $validation_code = '';
    if ($regOptions['require'] == 'activation')
        $validation_code = generateValidationCode();

    // If you haven't put in a password generate one.
    if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '')
    {
        mt_srand(time() + 1277);
        $regOptions['password'] = generateValidationCode();
        $regOptions['password_check'] = $regOptions['password'];
    }
    // Does the first password match the second?
    elseif ($regOptions['password'] != $regOptions['password_check'])
        $reg_errors[] = array('lang', 'passwords_dont_match');

    // That's kind of easy to guess...
    if ($regOptions['password'] == '')
    {
        $reg_errors[] = array('lang', 'no_password');
    }

    // Now perform hard password validation as required.
    if (!empty($regOptions['check_password_strength']) && $regOptions['password'] != '')
    {
        $passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));

        // Password isn't legal?
        if ($passwordError != null)
            $reg_errors[] = array('lang', 'profile_error_password_' . $passwordError);
    }

    // You may not be allowed to register this email.
    if (!empty($regOptions['check_email_ban']))
        isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);

    // Check if the email address is in use.
    $request = $smcFunc['db_query']('', '
        SELECT id_member
        FROM {db_prefix}members
        WHERE email_address = {string:email_address}
            OR email_address = {string:username}
        LIMIT 1',
        array(
            'email_address' => $regOptions['email'],
            'username' => $regOptions['username'],
        )
    );
    // @todo Separate the sprintf?
    if ($smcFunc['db_num_rows']($request) != 0)
        $reg_errors[] = array('lang', 'email_in_use', false, array($smcFunc['htmlspecialchars']($regOptions['email'])));

    $smcFunc['db_free_result']($request);

    // Perhaps someone else wants to check this user.
    call_integration_hook('integrate_register_check', array(&$regOptions, &$reg_errors));

    // If we found any errors we need to do something about it right away!
    foreach ($reg_errors as $key => $error)
    {
        /* Note for each error:
            0 = 'lang' if it's an index, 'done' if it's clear text.
            1 = The text/index.
            2 = Whether to log.
            3 = sprintf data if necessary. */
        if ($error[0] == 'lang')
            loadLanguage('Errors');
        $message = $error[0] == 'lang' ? (empty($error[3]) ? $txt[$error[1]] : vsprintf($txt[$error[1]], $error[3])) : $error[1];

        // What to do, what to do, what to do.
        if ($return_errors)
        {
            if (!empty($error[2]))
                log_error($message, $error[2]);
            $reg_errors[$key] = $message;
        }
        else
            fatal_error($message, empty($error[2]) ? false : $error[2]);
    }

    // If there's any errors left return them at once!
    if (!empty($reg_errors))
        return $reg_errors;

    $reservedVars = array(
        'actual_theme_url',
        'actual_images_url',
        'base_theme_dir',
        'base_theme_url',
        'default_images_url',
        'default_theme_dir',
        'default_theme_url',
        'default_template',
        'images_url',
        'number_recent_posts',
        'smiley_sets_default',
        'theme_dir',
        'theme_id',
        'theme_layers',
        'theme_templates',
        'theme_url',
    );

    // Can't change reserved vars.
    if (isset($regOptions['theme_vars']) && count(array_intersect(array_keys($regOptions['theme_vars']), $reservedVars)) != 0)
        fatal_lang_error('no_theme');

    // Some of these might be overwritten. (the lower ones that are in the arrays below.)
    $regOptions['register_vars'] = array(
        'member_name' => $regOptions['username'],
        'email_address' => $regOptions['email'],
        'passwd' => hash_password($regOptions['username'], $regOptions['password']),
        'password_salt' => substr(md5($smcFunc['random_int']()), 0, 4),
        'posts' => 0,
        'date_registered' => time(),
        'member_ip' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $user_info['ip'],
        'member_ip2' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $_SERVER['BAN_CHECK_IP'],
        'validation_code' => $validation_code,
        'real_name' => $regOptions['username'],
        'personal_text' => $modSettings['default_personal_text'],
        'id_theme' => 0,
        'id_post_group' => 4,
        'lngfile' => '',
        'buddy_list' => '',
        'pm_ignore_list' => '',
        'website_title' => '',
        'website_url' => '',
        'time_format' => '',
        'signature' => '',
        'avatar' => '',
        'usertitle' => '',
        'secret_question' => '',
        'secret_answer' => '',
        'additional_groups' => '',
        'ignore_boards' => '',
        'smiley_set' => '',
        'timezone' => !empty($regOptions['timezone']) ? $regOptions['timezone'] : 'UTC',
    );

    // Setup the activation status on this new account so it is correct - firstly is it an under age account?
    if ($regOptions['require'] == 'coppa')
    {
        $regOptions['register_vars']['is_activated'] = 5;
        // @todo This should be changed.  To what should be it be changed??
        $regOptions['register_vars']['validation_code'] = '';
    }
    // Maybe it can be activated right away?
    elseif ($regOptions['require'] == 'nothing')
        $regOptions['register_vars']['is_activated'] = 1;
    // Maybe it must be activated by email?
    elseif ($regOptions['require'] == 'activation')
        $regOptions['register_vars']['is_activated'] = 0;
    // Otherwise it must be awaiting approval!
    else
        $regOptions['register_vars']['is_activated'] = 3;

    if (isset($regOptions['memberGroup']))
    {
        // Make sure the id_group will be valid, if this is an administrator.
        $regOptions['register_vars']['id_group'] = $regOptions['memberGroup'] == 1 && !allowedTo('admin_forum') ? 0 : $regOptions['memberGroup'];

        // Check if this group is assignable.
        $unassignableGroups = array(-1, 3);
        $request = $smcFunc['db_query']('', '
            SELECT id_group
            FROM {db_prefix}membergroups
            WHERE min_posts != {int:min_posts}' . (allowedTo('admin_forum') ? '' : '
                OR group_type = {int:is_protected}'),
            array(
                'min_posts' => -1,
                'is_protected' => 1,
            )
        );
        while ($row = $smcFunc['db_fetch_assoc']($request))
            $unassignableGroups[] = $row['id_group'];
        $smcFunc['db_free_result']($request);

        if (in_array($regOptions['register_vars']['id_group'], $unassignableGroups))
            $regOptions['register_vars']['id_group'] = 0;
    }

    // Integrate optional member settings to be set.
    if (!empty($regOptions['extra_register_vars']))
        foreach ($regOptions['extra_register_vars'] as $var => $value)
            $regOptions['register_vars'][$var] = $value;

    // Integrate optional user theme options to be set.
    $theme_vars = array();
    if (!empty($regOptions['theme_vars']))
        foreach ($regOptions['theme_vars'] as $var => $value)
            $theme_vars[$var] = $value;

    // Right, now let's prepare for insertion.
    $knownInts = array(
        'date_registered', 'posts', 'id_group', 'last_login', 'instant_messages', 'unread_messages',
        'new_pm', 'pm_prefs', 'show_online',
        'id_theme', 'is_activated', 'id_msg_last_visit', 'id_post_group', 'total_time_logged_in', 'warning',
    );
    $knownFloats = array(
        'time_offset',
    );
    $knownInets = array(
        'member_ip', 'member_ip2',
    );

    // Call an optional function to validate the users' input.
    call_integration_hook('integrate_register', array(&$regOptions, &$theme_vars, &$knownInts, &$knownFloats));

    $column_names = array();
    $values = array();
    foreach ($regOptions['register_vars'] as $var => $val)
    {
        $type = 'string';
        if (in_array($var, $knownInts))
            $type = 'int';
        elseif (in_array($var, $knownFloats))
            $type = 'float';
        elseif (in_array($var, $knownInets))
            $type = 'inet';
        elseif ($var == 'birthdate')
            $type = 'date';

        $column_names[$var] = $type;
        $values[$var] = $val;
    }

    // Register them into the database.
    $memberID = $smcFunc['db_insert']('',
        '{db_prefix}members',
        $column_names,
        $values,
        array('id_member'),
        1
    );

    // Call an optional function as notification of registration.
    call_integration_hook('integrate_post_register', array(&$regOptions, &$theme_vars, &$memberID));

    // Update the number of members and latest member's info - and pass the name, but remove the 's.
    if ($regOptions['register_vars']['is_activated'] == 1)
        updateStats('member', $memberID, $regOptions['register_vars']['real_name']);
    else
        updateStats('member');

    // Theme variables too?
    if (!empty($theme_vars))
    {
        $inserts = array();
        foreach ($theme_vars as $var => $val)
            $inserts[] = array($memberID, $var, $val);
        $smcFunc['db_insert']('insert',
            '{db_prefix}themes',
            array('id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'),
            $inserts,
            array('id_member', 'variable')
        );
    }

    // If it's enabled, increase the registrations for today.
    trackStats(array('registers' => '+'));

    // Administrative registrations are a bit different...
    if ($regOptions['interface'] == 'admin')
    {
        if ($regOptions['require'] == 'activation')
            $email_message = 'admin_register_activate';
        elseif (!empty($regOptions['send_welcome_email']))
            $email_message = 'admin_register_immediate';

        if (isset($email_message))
        {
            $replacements = array(
                'REALNAME' => $regOptions['register_vars']['real_name'],
                'USERNAME' => $regOptions['username'],
                'PASSWORD' => $regOptions['password'],
                'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
                'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
                'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
                'ACTIVATIONCODE' => $validation_code,
            );

            $emaildata = loadEmailTemplate($email_message, $replacements);

            sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, $email_message . $memberID, $emaildata['is_html'], 0);
        }

        // All admins are finished here.
        return $memberID;
    }

    // Can post straight away - welcome them to your fantastic community...
    if ($regOptions['require'] == 'nothing')
    {
        if (!empty($regOptions['send_welcome_email']))
        {
            $replacements = array(
                'REALNAME' => $regOptions['register_vars']['real_name'],
                'USERNAME' => $regOptions['username'],
                'PASSWORD' => $regOptions['password'],
                'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
            );
            $emaildata = loadEmailTemplate('register_immediate', $replacements);
            sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, 'register', $emaildata['is_html'], 0);
        }

        // Send admin their notification.
        adminNotify('standard', $memberID, $regOptions['username']);
    }
    // Need to activate their account - or fall under COPPA.
    elseif ($regOptions['require'] == 'activation' || $regOptions['require'] == 'coppa')
    {
        $replacements = array(
            'REALNAME' => $regOptions['register_vars']['real_name'],
            'USERNAME' => $regOptions['username'],
            'PASSWORD' => $regOptions['password'],
            'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
        );

        if ($regOptions['require'] == 'activation')
            $replacements += array(
                'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code,
                'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID,
                'ACTIVATIONCODE' => $validation_code,
            );
        else
            $replacements += array(
                'COPPALINK' => $scripturl . '?action=coppa;u=' . $memberID,
            );

        $emaildata = loadEmailTemplate('register_' . ($regOptions['require'] == 'activation' ? 'activate' : 'coppa'), $replacements);

        sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, 'reg_' . $regOptions['require'] . $memberID, $emaildata['is_html'], 0);
    }
    // Must be awaiting approval.
    else
    {
        $replacements = array(
            'REALNAME' => $regOptions['register_vars']['real_name'],
            'USERNAME' => $regOptions['username'],
            'PASSWORD' => $regOptions['password'],
            'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder',
        );

        $emaildata = loadEmailTemplate('register_pending', $replacements);

        sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, 'reg_pending', $emaildata['is_html'], 0);

        // Admin gets informed here...
        adminNotify('approval', $memberID, $regOptions['username']);
    }

    // Okay, they're for sure registered... make sure the session is aware of this for security. (Just married :P!)
    $_SESSION['just_registered'] = 1;

    // If they are for sure registered, let other people to know about it
    call_integration_hook('integrate_register_after', array($regOptions, $memberID));

    return $memberID;
}

/**
 * Check if a name is in the reserved words list.
 * (name, current member id, name/username?.)
 * - checks if name is a reserved name or username.
 * - if is_name is false, the name is assumed to be a username.
 * - the id_member variable is used to ignore duplicate matches with the
 * current member.
 *
 * @param string $name The name to check
 * @param int $current_ID_MEMBER The ID of the current member (to avoid false positives with the current member)
 * @param bool $is_name Whether we're checking against reserved names or just usernames
 * @param bool $fatal Whether to die with a fatal error if the name is reserved
 * @return bool|void False if name is not reserved, otherwise true if $fatal is false or dies with a fatal_lang_error if $fatal is true
 */
function isReservedName($name, $current_ID_MEMBER = 0, $is_name = true, $fatal = true)
{
    global $modSettings, $smcFunc;

    $name = preg_replace_callback('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~', 'replaceEntities__callback', $name);
    $checkName = $smcFunc['strtolower']($name);

    // Administrators are never restricted ;).
    if (!allowedTo('moderate_forum') && ((!empty($modSettings['reserveName']) && $is_name) || !empty($modSettings['reserveUser']) && !$is_name))
    {
        $reservedNames = explode("\n", $modSettings['reserveNames']);
        // Case sensitive check?
        $checkMe = empty($modSettings['reserveCase']) ? $checkName : $name;

        // Check each name in the list...
        foreach ($reservedNames as $reserved)
        {
            if ($reserved == '')
                continue;

            // The admin might've used entities too, level the playing field.
            $reservedCheck = preg_replace('~(&#(\d{1,7}|x[0-9a-fA-F]{1,6});)~', 'replaceEntities__callback', $reserved);

            // Case sensitive name?
            if (empty($modSettings['reserveCase']))
                $reservedCheck = $smcFunc['strtolower']($reservedCheck);

            // If it's not just entire word, check for it in there somewhere...
            if ($checkMe == $reservedCheck || ($smcFunc['strpos']($checkMe, $reservedCheck) !== false && empty($modSettings['reserveWord'])))
                if ($fatal)
                    fatal_lang_error('username_reserved', 'password', array($reserved));
                else
                    return true;
        }

        $censor_name = $name;
        if (censorText($censor_name) != $name)
            if ($fatal)
                fatal_lang_error('name_censored', 'password', array($name));
            else
                return true;
    }

    // Characters we just shouldn't allow, regardless.
    foreach (array('*') as $char)
        if (strpos($checkName, $char) !== false)
            if ($fatal)
                fatal_lang_error('username_reserved', 'password', array($char));
            else
                return true;

    // Get rid of any SQL parts of the reserved name...
    $checkName = strtr($name, array('_' => '\\_', '%' => '\\%'));

    //when we got no wildcard we can use equal -> fast
    $operator = (strpos($checkName, '%') || strpos($checkName, '_') ? 'LIKE' : '=');

    // Make sure they don't want someone else's name.
    $request = $smcFunc['db_query']('', '
        SELECT id_member
        FROM {db_prefix}members
        WHERE ' . (empty($current_ID_MEMBER) ? '' : 'id_member != {int:current_member}
            AND ') . '({raw:real_name} {raw:operator} LOWER({string:check_name}) OR {raw:member_name} {raw:operator} LOWER({string:check_name}))
        LIMIT 1',
        array(
            'real_name' => $smcFunc['db_case_sensitive'] ? 'LOWER(real_name)' : 'real_name',
            'member_name' => $smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name',
            'current_member' => $current_ID_MEMBER,
            'check_name' => $checkName,
            'operator' => $operator,
        )
    );
    if ($smcFunc['db_num_rows']($request) > 0)
    {
        $smcFunc['db_free_result']($request);
        return true;
    }

    // Does name case insensitive match a member group name?
    $request = $smcFunc['db_query']('', '
        SELECT id_group
        FROM {db_prefix}membergroups
        WHERE {raw:group_name} LIKE {string:check_name}
        LIMIT 1',
        array(
            'group_name' => $smcFunc['db_case_sensitive'] ? 'LOWER(group_name)' : 'group_name',
            'check_name' => $checkName,
        )
    );
    if ($smcFunc['db_num_rows']($request) > 0)
    {
        $smcFunc['db_free_result']($request);
        return true;
    }

    // Okay, they passed.
    return false;
}

// Get a list of groups that have a given permission (on a given board).
/**
 * Retrieves a list of membergroups that are allowed to do the given
 * permission. (on the given board)
 * If board_id is not null, a board permission is assumed.
 * The function takes different permission settings into account.
 *
 * @param string $permission The permission to check
 * @param int $board_id = null If set, checks permissions for the specified board
 * @return array An array containing two arrays - 'allowed', which has which groups are allowed to do it and 'denied' which has the groups that are denied
 */
function groupsAllowedTo($permission, $board_id = null)
{
    global $board_info, $smcFunc;

    // Admins are allowed to do anything.
    $member_groups = array(
        'allowed' => array(1),
        'denied' => array(),
    );

    // Assume we're dealing with regular permissions (like profile_view).
    if ($board_id === null)
    {
        $request = $smcFunc['db_query']('', '
            SELECT id_group, add_deny
            FROM {db_prefix}permissions
            WHERE permission = {string:permission}',
            array(
                'permission' => $permission,
            )
        );
        while ($row = $smcFunc['db_fetch_assoc']($request))
            $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
        $smcFunc['db_free_result']($request);
    }

    // Otherwise it's time to look at the board.
    else
    {
        // First get the profile of the given board.
        if (isset($board_info['id']) && $board_info['id'] == $board_id)
            $profile_id = $board_info['profile'];
        elseif ($board_id !== 0)
        {
            $request = $smcFunc['db_query']('', '
                SELECT id_profile
                FROM {db_prefix}boards
                WHERE id_board = {int:id_board}
                LIMIT 1',
                array(
                    'id_board' => $board_id,
                )
            );
            if ($smcFunc['db_num_rows']($request) == 0)
                fatal_lang_error('no_board');
            list ($profile_id) = $smcFunc['db_fetch_row']($request);
            $smcFunc['db_free_result']($request);
        }
        else
            $profile_id = 1;

        $request = $smcFunc['db_query']('', '
            SELECT bp.id_group, bp.add_deny
            FROM {db_prefix}board_permissions AS bp
            WHERE bp.permission = {string:permission}
                AND bp.id_profile = {int:profile_id}',
            array(
                'profile_id' => $profile_id,
                'permission' => $permission,
            )
        );
        while ($row = $smcFunc['db_fetch_assoc']($request))
            $member_groups[$row['add_deny'] === '1' ? 'allowed' : 'denied'][] = $row['id_group'];
        $smcFunc['db_free_result']($request);

        $moderator_groups = array();

        // "Inherit" any moderator permissions as needed
        if (isset($board_info['moderator_groups']))
        {
            $moderator_groups = array_keys($board_info['moderator_groups']);
        }
        elseif ($board_id !== 0)
        {
            // Get the groups that can moderate this board
            $request = $smcFunc['db_query']('', '
                SELECT id_group
                FROM {db_prefix}moderator_groups
                WHERE id_board = {int:board_id}',
                array(
                    'board_id' => $board_id,
                )
            );

            while ($row = $smcFunc['db_fetch_assoc']($request))
            {
                $moderator_groups[] = $row['id_group'];
            }

            $smcFunc['db_free_result']($request);
        }

        // "Inherit" any additional permissions from the "Moderators" group
        foreach ($moderator_groups as $mod_group)
        {
            // If they're not specifically allowed, but the moderator group is, then allow it
            if (in_array(3, $member_groups['allowed']) && !in_array($mod_group, $member_groups['allowed']))
            {
                $member_groups['allowed'][] = $mod_group;
            }

            // They're not denied, but the moderator group is, so deny it
            if (in_array(3, $member_groups['denied']) && !in_array($mod_group, $member_groups['denied']))
            {
                $member_groups['denied'][] = $mod_group;
            }
        }
    }

    // Denied is never allowed.
    $member_groups['allowed'] = array_diff($member_groups['allowed'], $member_groups['denied']);

    return $member_groups;
}

/**
 * Retrieves a list of members that have a given permission
 * (on a given board).
 * If board_id is not null, a board permission is assumed.
 * Takes different permission settings into account.
 * Takes possible moderators (on board 'board_id') into account.
 *
 * @param string $permission The permission to check
 * @param int $board_id If set, checks permission for that specific board
 * @return array An array containing the IDs of the members having that permission
 */
function membersAllowedTo($permission, $board_id = null)
{
    global $smcFunc;

    $member_groups = groupsAllowedTo($permission, $board_id);

    $all_groups = array_merge($member_groups['allowed'], $member_groups['denied']);

    $include_moderators = in_array(3, $member_groups['allowed']) && $board_id !== null;
    $member_groups['allowed'] = array_diff($member_groups['allowed'], array(3));

    $exclude_moderators = in_array(3, $member_groups['denied']) && $board_id !== null;
    $member_groups['denied'] = array_diff($member_groups['denied'], array(3));

    $request = $smcFunc['db_query']('', '
        SELECT mem.id_member
        FROM {db_prefix}members AS mem' . ($include_moderators || $exclude_moderators ? '
            LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_member = mem.id_member AND mods.id_board = {int:board_id})
            LEFT JOIN {db_prefix}moderator_groups AS modgs ON (modgs.id_group IN ({array_int:all_member_groups}) AND modgs.id_board = {int:board_id})' : '') . '
        WHERE (' . ($include_moderators ? 'mods.id_member IS NOT NULL OR modgs.id_group IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_allowed}) OR FIND_IN_SET({raw:member_group_allowed_implode}, mem.additional_groups) != 0 OR mem.id_post_group IN ({array_int:member_groups_allowed}))' . (empty($member_groups['denied']) ? '' : '
            AND NOT (' . ($exclude_moderators ? 'mods.id_member IS NOT NULL OR modgs.id_group IS NOT NULL OR ' : '') . 'mem.id_group IN ({array_int:member_groups_denied}) OR FIND_IN_SET({raw:member_group_denied_implode}, mem.additional_groups) != 0 OR mem.id_post_group IN ({array_int:member_groups_denied}))'),
        array(
            'member_groups_allowed' => $member_groups['allowed'],
            'member_groups_denied' => $member_groups['denied'],
            'all_member_groups' => $all_groups,
            'board_id' => $board_id,
            'member_group_allowed_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['allowed']),
            'member_group_denied_implode' => implode(', mem.additional_groups) != 0 OR FIND_IN_SET(', $member_groups['denied']),
        )
    );
    $members = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
        $members[] = $row['id_member'];
    $smcFunc['db_free_result']($request);

    return $members;
}

/**
 * This function is used to reassociate members with relevant posts.
 * Reattribute guest posts to a specified member.
 * Does not check for any permissions.
 * If add_to_post_count is set, the member's post count is increased.
 *
 * @param int $memID The ID of the original poster
 * @param bool|string $email If set, should be the email of the poster
 * @param bool|string $membername If set, the membername of the poster
 * @param bool $post_count Whether to adjust post counts
 * @return array An array containing the number of messages, topics and reports updated
 */
function reattributePosts($memID, $email = false, $membername = false, $post_count = false)
{
    global $smcFunc, $modSettings;

    $updated = array(
        'messages' => 0,
        'topics' => 0,
        'reports' => 0,
    );

    // Firstly, if email and username aren't passed find out the members email address and name.
    if ($email === false && $membername === false)
    {
        $request = $smcFunc['db_query']('', '
            SELECT email_address, member_name
            FROM {db_prefix}members
            WHERE id_member = {int:memID}
            LIMIT 1',
            array(
                'memID' => $memID,
            )
        );
        list ($email, $membername) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
    }

    // If they want the post count restored then we need to do some research.
    if ($post_count)
    {
        $recycle_board = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) ? (int) $modSettings['recycle_board'] : 0;
        $request = $smcFunc['db_query']('', '
            SELECT COUNT(*)
            FROM {db_prefix}messages AS m
                INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board AND b.count_posts = {int:count_posts})
            WHERE m.id_member = {int:guest_id}
                AND m.approved = {int:is_approved}' . (!empty($recycle_board) ? '
                AND m.id_board != {int:recycled_board}' : '') . (empty($email) ? '' : '
                AND m.poster_email = {string:email_address}') . (empty($membername) ? '' : '
                AND m.poster_name = {string:member_name}'),
            array(
                'count_posts' => 0,
                'guest_id' => 0,
                'email_address' => $email,
                'member_name' => $membername,
                'is_approved' => 1,
                'recycled_board' => $recycle_board,
            )
        );
        list ($messageCount) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);

        updateMemberData($memID, array('posts' => 'posts + ' . $messageCount));
    }

    $query_parts = array();
    if (!empty($email))
        $query_parts[] = 'poster_email = {string:email_address}';
    if (!empty($membername))
        $query_parts[] = 'poster_name = {string:member_name}';
    $query = implode(' AND ', $query_parts);

    // Finally, update the posts themselves!
    $smcFunc['db_query']('', '
        UPDATE {db_prefix}messages
        SET id_member = {int:memID}
        WHERE ' . $query,
        array(
            'memID' => $memID,
            'email_address' => $email,
            'member_name' => $membername,
        )
    );
    $updated['messages'] = $smcFunc['db_affected_rows']();

    // Did we update any messages?
    if ($updated['messages'] > 0)
    {
        // First, check for updated topics.
        $smcFunc['db_query']('', '
            UPDATE {db_prefix}topics as t, {db_prefix}messages as m
            SET t.id_member_started = {int:memID}
            WHERE m.id_member = {int:memID}
                AND t.id_first_msg = m.id_msg',
            array(
                'memID' => $memID,
            )
        );
        $updated['topics'] = $smcFunc['db_affected_rows']();

        // Second, check for updated reports.
        $smcFunc['db_query']('', '
            UPDATE {db_prefix}log_reported AS lr, {db_prefix}messages AS m
            SET lr.id_member = {int:memID}
            WHERE lr.id_msg = m.id_msg
                AND m.id_member = {int:memID}',
            array(
                'memID' => $memID,
            )
        );
        $updated['reports'] = $smcFunc['db_affected_rows']();
    }

    // Allow mods with their own post tables to reattribute posts as well :)
    call_integration_hook('integrate_reattribute_posts', array($memID, $email, $membername, $post_count, &$updated));

    return $updated;
}

/**
 * This simple function adds/removes the passed user from the current users buddy list.
 * Requires profile_identity_own permission.
 * Called by ?action=buddy;u=x;session_id=y.
 * Redirects to ?action=profile;u=x.
 */
function BuddyListToggle()
{
    global $user_info, $smcFunc;

    checkSession('get');

    isAllowedTo('profile_extra_own');
    is_not_guest();

    $userReceiver = (int) !empty($_REQUEST['u']) ? $_REQUEST['u'] : 0;

    if (empty($userReceiver))
        fatal_lang_error('no_access', false);

    // Remove if it's already there...
    if (in_array($userReceiver, $user_info['buddies']))
        $user_info['buddies'] = array_diff($user_info['buddies'], array($userReceiver));

    // ...or add if it's not and if it's not you.
    elseif ($user_info['id'] != $userReceiver)
    {
        $user_info['buddies'][] = $userReceiver;

        // And add a nice alert. Don't abuse though!
        if ((cache_get_data('Buddy-sent-' . $user_info['id'] . '-' . $userReceiver, 86400)) == null)
        {
            $smcFunc['db_insert']('insert',
                '{db_prefix}background_tasks',
                array('task_file' => 'string', 'task_class' => 'string', 'task_data' => 'string', 'claimed_time' => 'int'),
                array('$sourcedir/tasks/Buddy-Notify.php', 'Buddy_Notify_Background', $smcFunc['json_encode'](array(
                    'receiver_id' => $userReceiver,
                    'id_member' => $user_info['id'],
                    'member_name' => $user_info['username'],
                    'time' => time(),
                )), 0),
                array('id_task')
            );

            // Store this in a cache entry to avoid creating multiple alerts. Give it a long life cycle.
            cache_put_data('Buddy-sent-' . $user_info['id'] . '-' . $userReceiver, '1', 86400);
        }
    }

    // Update the settings.
    updateMemberData($user_info['id'], array('buddy_list' => implode(',', $user_info['buddies'])));

    // Redirect back to the profile
    redirectexit('action=profile;u=' . $userReceiver);
}

/**
 * Callback for createList().
 *
 * @param int $start Which item to start with (for pagination purposes)
 * @param int $items_per_page How many items to show per page
 * @param string $sort An SQL query indicating how to sort the results
 * @param string $where An SQL query used to filter the results
 * @param array $where_params An array of parameters for $where
 * @param bool $get_duplicates Whether to get duplicates (used for the admin member list)
 * @return array An array of information for displaying the list of members
 */
function list_getMembers($start, $items_per_page, $sort, $where, $where_params = array(), $get_duplicates = false)
{
    global $smcFunc;

    $request = $smcFunc['db_query']('', '
        SELECT
            mem.id_member, mem.member_name, mem.real_name, mem.email_address, mem.member_ip, mem.member_ip2, mem.last_login,
            mem.posts, mem.is_activated, mem.date_registered, mem.id_group, mem.additional_groups, mg.group_name
        FROM {db_prefix}members AS mem
            LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = mem.id_group)
        WHERE ' . ($where == '1' ? '1=1' : $where) . '
        ORDER BY {raw:sort}
        LIMIT {int:start}, {int:per_page}',
        array_merge($where_params, array(
            'sort' => $sort,
            'start' => $start,
            'per_page' => $items_per_page,
        ))
    );

    $members = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        $row['member_ip'] = inet_dtop($row['member_ip']);
        $row['member_ip2'] = inet_dtop($row['member_ip2']);
        $members[] = $row;
    }
    $smcFunc['db_free_result']($request);

    // If we want duplicates pass the members array off.
    if ($get_duplicates)
        populateDuplicateMembers($members);

    return $members;
}

/**
 * Callback for createList().
 *
 * @param string $where An SQL query to filter the results
 * @param array $where_params An array of parameters for $where
 * @return int The number of members matching the given situation
 */
function list_getNumMembers($where, $where_params = array())
{
    global $smcFunc, $modSettings;

    // We know how many members there are in total.
    if (empty($where) || $where == '1=1')
        $num_members = $modSettings['totalMembers'];

    // The database knows the amount when there are extra conditions.
    else
    {
        $request = $smcFunc['db_query']('', '
            SELECT COUNT(*)
            FROM {db_prefix}members AS mem
            WHERE ' . $where,
            array_merge($where_params, array(
            ))
        );
        list ($num_members) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
    }

    return $num_members;
}

/**
 * Find potential duplicate registration members based on the same IP address
 *
 * @param array $members An array of members
 */
function populateDuplicateMembers(&$members)
{
    global $smcFunc;

    // This will hold all the ip addresses.
    $ips = array();
    foreach ($members as $key => $member)
    {
        // Create the duplicate_members element.
        $members[$key]['duplicate_members'] = array();

        // Store the IPs.
        if (!empty($member['member_ip']))
            $ips[] = $member['member_ip'];
        if (!empty($member['member_ip2']))
            $ips[] = $member['member_ip2'];
    }

    $ips = array_unique($ips);

    if (empty($ips))
        return false;

    // Fetch all members with this IP address, we'll filter out the current ones in a sec.
    $request = $smcFunc['db_query']('', '
        SELECT
            id_member, member_name, email_address, member_ip, member_ip2, is_activated
        FROM {db_prefix}members
        WHERE member_ip IN ({array_inet:ips})
            OR member_ip2 IN ({array_inet:ips})',
        array(
            'ips' => $ips,
        )
    );
    $duplicate_members = array();
    $duplicate_ids = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        //$duplicate_ids[] = $row['id_member'];
        $row['member_ip'] = inet_dtop($row['member_ip']);
        $row['member_ip2'] = inet_dtop($row['member_ip2']);

        $member_context = array(
            'id' => $row['id_member'],
            'name' => $row['member_name'],
            'email' => $row['email_address'],
            'is_banned' => $row['is_activated'] > 10,
            'ip' => $row['member_ip'],
            'ip2' => $row['member_ip2'],
        );

        if (in_array($row['member_ip'], $ips))
            $duplicate_members[$row['member_ip']][] = $member_context;
        if ($row['member_ip'] != $row['member_ip2'] && in_array($row['member_ip2'], $ips))
            $duplicate_members[$row['member_ip2']][] = $member_context;
    }
    $smcFunc['db_free_result']($request);

    // Also try to get a list of messages using these ips.
    $request = $smcFunc['db_query']('', '
        SELECT
            m.poster_ip, mem.id_member, mem.member_name, mem.email_address, mem.is_activated
        FROM {db_prefix}messages AS m
            INNER JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
        WHERE m.id_member != 0
            ' . (!empty($duplicate_ids) ? 'AND m.id_member NOT IN ({array_int:duplicate_ids})' : '') . '
            AND m.poster_ip IN ({array_inet:ips})',
        array(
            'duplicate_ids' => $duplicate_ids,
            'ips' => $ips,
        )
    );

    $had_ips = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        $row['poster_ip'] = inet_dtop($row['poster_ip']);

        // Don't collect lots of the same.
        if (isset($had_ips[$row['poster_ip']]) && in_array($row['id_member'], $had_ips[$row['poster_ip']]))
            continue;
        $had_ips[$row['poster_ip']][] = $row['id_member'];

        $duplicate_members[$row['poster_ip']][] = array(
            'id' => $row['id_member'],
            'name' => $row['member_name'],
            'email' => $row['email_address'],
            'is_banned' => $row['is_activated'] > 10,
            'ip' => $row['poster_ip'],
            'ip2' => $row['poster_ip'],
        );
    }
    $smcFunc['db_free_result']($request);

    // Now we have all the duplicate members, stick them with their respective member in the list.
    if (!empty($duplicate_members))
        foreach ($members as $key => $member)
        {
            if (isset($duplicate_members[$member['member_ip']]))
                $members[$key]['duplicate_members'] = $duplicate_members[$member['member_ip']];
            if ($member['member_ip'] != $member['member_ip2'] && isset($duplicate_members[$member['member_ip2']]))
                $members[$key]['duplicate_members'] = array_merge($member['duplicate_members'], $duplicate_members[$member['member_ip2']]);

            // Check we don't have lots of the same member.
            $member_track = array($member['id_member']);
            foreach ($members[$key]['duplicate_members'] as $duplicate_id_member => $duplicate_member)
            {
                if (in_array($duplicate_member['id'], $member_track))
                {
                    unset($members[$key]['duplicate_members'][$duplicate_id_member]);
                    continue;
                }

                $member_track[] = $duplicate_member['id'];
            }
        }
}

/**
 * Generate a random validation code.
 *
 * @todo Err. Whatcha doin' here.
 *
 * @return string A random validation code
 */
function generateValidationCode()
{
    global $smcFunc, $modSettings;

    $request = $smcFunc['db_query']('get_random_number', '
        SELECT RAND()',
        array(
        )
    );

    list ($dbRand) = $smcFunc['db_fetch_row']($request);
    $smcFunc['db_free_result']($request);

    return substr(preg_replace('/\W/', '', sha1(microtime() . $smcFunc['random_int']() . $dbRand . $modSettings['rand_seed'])), 0, 10);
}

?>