Documentation

User
in package
implements ArrayAccess uses BackwardCompatibility, ArrayAccessHelper

Represents a user, including both guests and registered members.

All loaded users are available via User::$loaded[$id], where $id is the ID number of a user.

The current user is available as User::$me. For example, if you need to know the current user's ID number, use User::$me->id.

For the convenience of theme creators, User::$me is also available as Utils::$context['user'], and its properties can be accessed as if they were array elements. This means that Utils::$context['user']['id'] is interchangeable with User::$me->id.

The data previously available in the deprecated global $user_profile array is now available as User::$profiles. For example, where old code might have used $user_profile[$id_member]['last_login'], the same information is now available as User::profiles[$id_member]['last_login'].

The data previously available in the deprecated $memberContext array is now available via the $formatted property of a User object. For example, where old code might have used $memberContext[$id_member], the same information is now available via User::$loaded[$id_member]->formatted. Also note that, in the same way that loadMemberContext($id_member) had to be called in order to populate $memberContext[$id_member], User::$loaded[$id_member]->format() must be called in order to populate User::$loaded[$id_member]->formatted.

To facilitate backward compatibility, the deprecated global $user_info array is still available, but it is simply a reference to User::$me.

Similarly, the deprecated global $user_settings array is still available, but it is simply a reference to User::$profiles[User::$me->id].

Similarly, the deprecated global $cur_profile array is still available, but it is simply a reference to User::$profiles[$id], where $id is the ID of the user whose profile is being viewed.

NOTE: It is STRONGLY RECOMMENDED that new and updated code use User::$me, User::$loaded, and User::$profiles directly, rather than using any of the deprecated global variables. A future version of SMF will remove backward compatibility support for these deprecated globals.

Table of Contents

Interfaces

ArrayAccess

Constants

ACTIVATED  = 1
ACTIVATED_BANNED  = 11
BANNED  = 10
LOAD_BY_EMAIL  = 2
LOAD_BY_ID  = 0
Constants to define loading methods.
LOAD_BY_NAME  = 1
NEED_COPPA  = 5
NEED_COPPA_BANNED  = 15
NOT_ACTIVATED  = 0
Constants to define activation states.
REQUESTED_DELETE  = 4
REQUESTED_DELETE_ANONYMIZE  = 6
REQUESTED_DELETE_ANONYMIZE_BANNED  = 16
REQUESTED_DELETE_BANNED  = 14
UNAPPROVED  = 3
UNAPPROVED_BANNED  = 13
UNVALIDATED  = 2
UNVALIDATED_BANNED  = 12

Properties

$additional_groups  : array<string|int, mixed>
$alerts  : int
$avatar  : array<string|int, mixed>
$birthdate  : string
$buddies  : array<string|int, mixed>
$can_manage_boards  : bool
$can_mod  : bool
$date_registered  : int
$email  : string
$formatted  : array<string|int, mixed>
$group_color  : string
$group_id  : int
$group_name  : string
$groups  : array<string|int, mixed>
$heavy_permissions  : array<string|int, mixed>
$icons  : array<string|int, mixed>
$id  : int
$id_msg_last_visit  : int
$ignoreboards  : array<string|int, mixed>
$ignoreusers  : array<string|int, mixed>
$info  : object
$integration_vars  : array<string|int, mixed>
$ip  : string
$ip2  : string
$is_activated  : int
$is_admin  : bool
$is_banned  : bool
$is_guest  : bool
$is_mod  : bool
$is_online  : bool
$knownFloats  : array<string|int, mixed>
$knownInts  : array<string|int, mixed>
$language  : string
$last_login  : int
$loaded  : array<string|int, mixed>
$me  : self
$memberContext  : array<string|int, mixed>
$messages  : int
$mod_cache  : array<string|int, mixed>
$mod_prefs  : string
$my_id  : int
$name  : string
$new_pm  : int
$options  : array<string|int, mixed>
$passwd  : string
$password_salt  : string
$permissions  : array<string|int, mixed>
$personal_text  : string
$pm_prefs  : int
$pm_receive_from  : int
$possibly_robot  : bool
$post_ban_permissions  : array<string|int, mixed>
$post_group_color  : string
$post_group_id  : int
$post_group_name  : string
$posts  : int
$primary_group_name  : string
$profiles  : array<string|int, mixed>
$query_see_board  : string
$query_see_message_board  : string
$query_see_topic_board  : string
$query_wanna_see_board  : string
$query_wanna_see_message_board  : string
$query_wanna_see_topic_board  : string
$sc  : string
$secret_answer  : string
$secret_question  : string
$settings  : array<string|int, mixed>
$show_online  : bool
$signature  : string
$smiley_set  : string
$tfa_backup  : string
$tfa_secret  : string
$theme  : int
$time_format  : string
$time_offset  : int
$timezone  : string
$title  : string
$total_time_logged_in  : int
$unread_messages  : int
$url  : string
$username  : string
$validation_code  : string
$warn_permissions  : array<string|int, mixed>
$warning  : int
$website  : array<string|int, mixed>
$dataset_levels  : array<string|int, mixed>
$prop_aliases  : array<string|int, mixed>
$already_verified  : bool
$backcompat  : array<string|int, mixed>
$custom_fields_displayed  : bool
$dataset  : string
$perm_cache  : array<string|int, mixed>

Methods

__set()  : void
Sets custom properties.
adjustPermissions()  : void
Fix permissions according to ban and warning status.
allowedTo()  : bool
Checks whether the user has a given permissions (e.g. 'post_new').
boardsAllowedTo()  : array<string|int, mixed>
Returns a list of boards in which the user is allowed to do the specified permission.
buildQueryBoard()  : array<string|int, mixed>
Builds query_see_board and query_wanna_see_board (plus variants) for the given user.
checkSession()  : string|null
Make sure the user's correct session was passed, and they came from here.
delete()  : void
Delete one or more members.
exportStatic()  : void
Provides a way to export a class's public static properties and methods to global namespace.
find()  : array<string|int, mixed>
Finds members by email address, username, or real name.
format()  : array<string|int, mixed>
Sets the formatted versions of user data for use in themes and templates.
getGroupsWithPermissions()  : array<string|int, mixed>
Similar to self::groupsAllowedTo, except that:
getTimezone()  : string
Gets a member's selected time zone identifier
groupsAllowedTo()  : array<string|int, mixed>
Retrieves a list of membergroups that have the given permission(s), either on a given board or in general.
isAllowedTo()  : void
Checks whether the user has the given permissions, and exits with a fatal error if not.
isBannedEmail()  : void
Checks whether a given email address is be banned.
isReservedName()  : bool
Check if a name is in the reserved words list.
kickIfBanned()  : void
Does banning related stuff (i.e. disallowing access).
kickIfGuest()  : void
Requires a user who is logged in (not a guest).
load()  : array<string|int, mixed>
Loads an array of users by ID, member_name, or email_address.
loadPermissions()  : void
Load this user's permissions.
logBan()  : void
Logs a ban in the database.
logOnline()  : void
Put this user in the online log.
logSpider()  : void
Log the spider presence online.
membersAllowedTo()  : array<string|int, mixed>
Retrieves a list of members that have a given permission, either on a given board or in general.
offsetExists()  : bool
Checks whether a property has been set when object is accessed as an array.
offsetGet()  : mixed
Gets properties when object is accessed as an array.
offsetSet()  : void
Sets properties when object is accessed as an array.
offsetUnset()  : void
Unsets properties when object is accessed as an array.
rebuildModCache()  : void
Quickly find out what moderation authority the current user has
reload()  : array<string|int, mixed>
Reloads an array of users, specified by ID number.
setAvatarData()  : array<string|int, mixed>
Helper function to set an array of data for a user's avatar.
setMe()  : void
Sets User::$me to the loaded object for the given user.
setModerators()  : void
Figures out which users are moderators on the current board, and sets them as such.
updateMemberData()  : void
Updates the columns in the members table.
validateSession()  : string|null
Check if the user is who he/she says he is.
validateUsername()  : array<string|int, mixed>|null
Checks whether a username obeys a load of rules.
__construct()  : mixed
Constructor. Protected in order to force instantiation via User::load().
anonymize()  : void
Anonymizes the specified member's personally identifying information.
chooseMyDataset()  : string
Figures out which dataset we want to load for the current user.
fixTimezoneSetting()  : void
Ensures timezone and time_offset are both set to correct values.
getGravatarUrl()  : string
Return a Gravatar URL based on - the supplied email address, - the global maximum rating, - the global default fallback, - maximum sizes as set in the admin panel.
initializeGuest()  : void
Sets User::$profiles[0], cookie, etc., to appropriate values for a guest.
integrateVerifyUser()  : void
Wrapper for integrate_verify_user hook. Allows integrations to verify the current user's identity for us.
loadOptions()  : void
Loads theme options for the given users.
loadUserData()  : array<string|int, mixed>
Loads users' settings from the database.
setGroups()  : void
Determines which membergroups the current user belongs to.
setLanguage()  : void
Sets the current user's preferred language.
setLastVisit()  : void
Determines the 'id_msg_last_visit' value, which is used to figure out what counts as new content for this user.
setMyId()  : void
Sets User::$my_id to the current user's ID from the login cookie.
setPossiblyRobot()  : void
Do we perhaps think this is a search robot?
setProperties()  : void
Sets object properties based on data in User::$profiles[$this->id].
verifyPassword()  : void
Verifies that the supplied password was correct.
verifyTfa()  : void
If appropriate for this user, performs two factor authentication check.

Constants

ACTIVATED

public mixed ACTIVATED = 1

ACTIVATED_BANNED

public mixed ACTIVATED_BANNED = 11

BANNED

public mixed BANNED = 10

LOAD_BY_EMAIL

public mixed LOAD_BY_EMAIL = 2

LOAD_BY_ID

Constants to define loading methods.

public mixed LOAD_BY_ID = 0

LOAD_BY_NAME

public mixed LOAD_BY_NAME = 1

NEED_COPPA

public mixed NEED_COPPA = 5

NEED_COPPA_BANNED

public mixed NEED_COPPA_BANNED = 15

NOT_ACTIVATED

Constants to define activation states.

public mixed NOT_ACTIVATED = 0

REQUESTED_DELETE

public mixed REQUESTED_DELETE = 4

REQUESTED_DELETE_ANONYMIZE

public mixed REQUESTED_DELETE_ANONYMIZE = 6

REQUESTED_DELETE_ANONYMIZE_BANNED

public mixed REQUESTED_DELETE_ANONYMIZE_BANNED = 16

REQUESTED_DELETE_BANNED

public mixed REQUESTED_DELETE_BANNED = 14

UNAPPROVED

public mixed UNAPPROVED = 3

UNAPPROVED_BANNED

public mixed UNAPPROVED_BANNED = 13

UNVALIDATED

public mixed UNVALIDATED = 2

UNVALIDATED_BANNED

public mixed UNVALIDATED_BANNED = 12

Properties

$additional_groups

public array<string|int, mixed> $additional_groups = []

IDs of any additional groups this user belongs to.

$alerts

public int $alerts

Number of unread alerts the user has.

$avatar

public array<string|int, mixed> $avatar = ['original_url' => null, 'url' => null, 'href' => null, 'name' => null, 'filename' => null, 'custom_dir' => null, 'id_attach' => null, 'width' => null, 'height' => null, 'image' => null]

Info about the user's avatar.

$birthdate

public string $birthdate

The user's birthdate.

$buddies

public array<string|int, mixed> $buddies = []

IDs of users on this user's buddy list.

$can_manage_boards

public bool $can_manage_boards = false

Whether this user can manage boards.

$can_mod

public bool $can_mod = false

Whether this user can access the moderation center.

$date_registered

public int $date_registered

Unix timestamp when this user registered.

$email

public string $email

The user's email address.

$formatted

public array<string|int, mixed> $formatted = []

Formatted versions of this user's properties, suitable for display.

$group_color

public string $group_color

The color associated with this user's group.

$group_id

public int $group_id

ID of this user's primary group.

$group_name

public string $group_name

Name of the user's group.

Usually the same as $primary_group_name, but might change if the user is a moderator on the current board.

$groups

public array<string|int, mixed> $groups = []

IDs of all the groups this user belongs to.

$heavy_permissions

public static array<string|int, mixed> $heavy_permissions = ['admin_forum', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news', 'moderate_forum', 'manage_bans', 'manage_membergroups', 'manage_permissions']

Permissions that should only be given to highly trusted members.

$icons

public array<string|int, mixed> $icons

Info about the icons associated with this user's group. (Exactly which group will depend on the situation.)

$id

public int $id

The user's ID number.

$id_msg_last_visit

public int $id_msg_last_visit

ID of the latest message the last time they visited. All messages with higher IDs than this are new to this user.

$ignoreboards

public array<string|int, mixed> $ignoreboards = []

IDs of boards that this user is ignoring.

$ignoreusers

public array<string|int, mixed> $ignoreusers = []

IDs of users that this user is ignoring.

$info

public static object $info

Processed data about the current user. This is set to a reference to User::$me once the latter exists. Only exists for backward compatibility reasons.

$integration_vars

public static array<string|int, mixed> $integration_vars = ['avatar', 'birthdate', 'email_address', 'gender', 'id_group', 'lngfile', 'location', 'member_name', 'real_name', 'time_format', 'time_offset', 'timezone', 'website_title', 'website_url']

Names of variables to pass to the integrate_change_member_data hook.

$ip

public string $ip

The user's current IP address.

$ip2

public string $ip2

The user's previous known IP address, if any.

$is_activated

public int $is_activated

Activation status of this user's account.

$is_admin

public bool $is_admin

Whether this user is an admin.

$is_banned

public bool $is_banned

Whether this user has been banned.

$is_guest

public bool $is_guest

Whether this user is a guest.

$is_mod

public bool $is_mod

Whether this user is a moderator on the current board.

$is_online

public bool $is_online

Whether this user is currently browsing the forum.

$knownFloats

public static array<string|int, mixed> $knownFloats = ['time_offset']

Fields in the member table that take floats.

$knownInts

public static array<string|int, mixed> $knownInts = ['alerts', 'date_registered', 'gender', 'id_group', 'id_msg_last_visit', 'id_post_group', 'id_theme', 'instant_messages', 'is_activated', 'last_login', 'new_pm', 'pm_prefs', 'pm_receive_from', 'posts', 'show_online', 'total_time_logged_in', 'unread_messages', 'warning']

Fields in the member table that take integers.

$language

public string $language

The user's preferred language.

$last_login

public int $last_login

Unix timestamp of the last time the user logged in.

$loaded

public static array<string|int, mixed> $loaded = []

All loaded instances of this class.

$me

public static self $me

Instance of this class for the current user.

$memberContext

public static array<string|int, mixed> $memberContext

Alternative way to get formatted data about users. A reference to User::$loaded[$id]->formatted (where $id is a user ID). Only exists for backward compatibility reasons.

$messages

public int $messages

Total number of personal messages the user has.

$mod_cache

public array<string|int, mixed> $mod_cache = []

Moderator access info.

$mod_prefs

public string $mod_prefs = ''

Moderator preferences.

Tags
todo

This doesn't appear to be used anywhere.

$my_id

public static int $my_id

ID number of the current user.

As a general rule, code outside this class should use User::$me->id rather than User::$my_id. The only exception to this rule is in code executed during the login and logout processes, because User::$me->id is not set at all points during those processes.

$name

public string $name

The user's real_name, a.k.a display name.

$new_pm

public int $new_pm

Whether the user has new personal messages.

$options

public array<string|int, mixed> $options = []

The user's theme options.

$passwd

public string $passwd

The user's password.

$password_salt

public string $password_salt

The user's password salt.

$permissions

public array<string|int, mixed> $permissions = []

Permissions that this user has been granted.

$personal_text

public string $personal_text

The user's personal text blurb.

$pm_prefs

public int $pm_prefs

This user's display preferences for personal messages.

$pm_receive_from

public int $pm_receive_from

This user's preference about who to receive personal messages from.

$possibly_robot

public bool $possibly_robot

If true, probably a search engine spider.

$post_ban_permissions

public static array<string|int, mixed> $post_ban_permissions = ['admin_forum', 'calendar_edit_any', 'calendar_edit_own', 'calendar_post', 'delete_any', 'delete_own', 'delete_replies', 'edit_news', 'lock_any', 'lock_own', 'make_sticky', 'manage_attachments', 'manage_bans', 'manage_boards', 'manage_membergroups', 'manage_permissions', 'manage_smileys', 'merge_any', 'moderate_forum', 'modify_any', 'modify_own', 'modify_replies', 'move_any', 'pm_send', 'poll_add_any', 'poll_add_own', 'poll_edit_any', 'poll_edit_own', 'poll_lock_any', 'poll_lock_own', 'poll_post', 'poll_remove_any', 'poll_remove_own', 'post_new', 'post_reply_any', 'post_reply_own', 'post_unapproved_replies_any', 'post_unapproved_replies_own', 'post_unapproved_topics', 'profile_extra_any', 'profile_forum_any', 'profile_identity_any', 'profile_other_any', 'profile_signature_any', 'profile_title_any', 'remove_any', 'remove_own', 'send_mail', 'split_any']

Permissions to deny to users who are banned from posting.

$post_group_color

public string $post_group_color

The color associated with this user's post group.

$post_group_id

public int $post_group_id

ID of this user's post-count based group.

$post_group_name

public string $post_group_name

Name of the user's post-count based group.

$posts

public int $posts

Number of posts the user has made.

$primary_group_name

public string $primary_group_name

Name of the user's primary group.

Does not change even if the user is a moderator on the current board.

$profiles

public static array<string|int, mixed> $profiles = []

Basic data from the database about all loaded users.

$query_see_board

public string $query_see_board

SQL query string to get only boards this user can see.

$query_see_message_board

public string $query_see_message_board

Variant of $query_see_board that checks against posts' id_board field.

$query_see_topic_board

public string $query_see_topic_board

Variant of $query_see_board that checks against topics' id_board field.

$query_wanna_see_board

public string $query_wanna_see_board

SQL query string to get only boards this user can see and is not ignoring.

$query_wanna_see_message_board

public string $query_wanna_see_message_board

Variant of $query_wanna_see_board that checks against posts' id_board field.

$query_wanna_see_topic_board

public string $query_wanna_see_topic_board

Variant of $query_wanna_see_board that checks against topics' id_board field.

$sc

public static string $sc

"Session check" value for the current user. Set by Session::load(). Used by checkSession().

$secret_answer

public string $secret_answer

Answer to the user's secret question (used for password resets).

$secret_question

public string $secret_question

The user's secret question (used for password resets).

$settings

public static array<string|int, mixed> $settings

Basic data from the database about the current user. A reference to User::$profiles[User::$my_id]. Only exists for backward compatibility reasons.

$show_online

public bool $show_online

Whether to show that this user is currently browsing the forum.

$signature

public string $signature

The user's signature.

$smiley_set

public string $smiley_set

The user's preferred smiley set.

$tfa_backup

public string $tfa_backup

The user's two factor authentication backup code.

$tfa_secret

public string $tfa_secret

The user's two factor authentication secret.

$theme

public int $theme

The user's preferred theme.

$time_format

public string $time_format

The user's preferred time format.

$time_offset

public int $time_offset

The UTC offset of the user's time zone.

$timezone

public string $timezone

The user's time zone.

$title

public string $title

The user's title.

$total_time_logged_in

public int $total_time_logged_in = 0

Total amount of time the user has been logged in, measured in seconds.

$unread_messages

public int $unread_messages

Number of unread personal messages the user has.

$url

public string $url

JSON data about the URL this user is currently viewing.

$username

public string $username

The user's member_name.

$validation_code

public string $validation_code

The user's validation code (used for password resets).

$warn_permissions

public static array<string|int, mixed> $warn_permissions = ['post_new' => 'post_unapproved_topics', 'post_reply_own' => 'post_unapproved_replies_own', 'post_reply_any' => 'post_unapproved_replies_any', 'post_attachment' => 'post_unapproved_attachments']

Permissions to change for users with a high warning level.

$warning

public int $warning

This user's warning level.

$website

public array<string|int, mixed> $website = ['url' => null, 'title' => null]

Info about the user's website.

$dataset_levels

protected static array<string|int, mixed> $dataset_levels = ['minimal' => 0, 'basic' => 1, 'normal' => 2, 'profile' => 3]

Maps names of dataset levels to numeric values.

$prop_aliases

protected array<string|int, mixed> $prop_aliases = [ 'id_member' => 'id', 'member_name' => 'username', 'real_name' => 'name', 'display_name' => 'name', 'email_address' => 'email', 'lngfile' => 'language', 'member_group' => 'group_name', 'primary_group' => 'primary_group_name', 'member_group_color' => 'group_color', 'member_ip' => 'ip', 'member_ip2' => 'ip2', 'usertitle' => 'title', 'blurb' => 'title', 'id_theme' => 'theme', 'ignore_boards' => 'ignoreboards', 'pm_ignore_list' => 'ignoreusers', 'buddy_list' => 'buddies', 'instant_messages' => 'messages', 'birth_date' => 'birthdate', 'last_login_timestamp' => 'last_login', // Square brackets are parsed to find array elements. 'website_url' => 'website[url]', 'website_title' => 'website[title]', // Initial exclamation mark means inverse of the property. 'is_logged' => '!is_guest', ]

Alternate names for some object properties.

$already_verified

private bool $already_verified = false

Whether the integrate_verify_user hook verified this user for us.

$backcompat

private static array<string|int, mixed> $backcompat = ['prop_names' => ['profiles' => 'user_profile', 'settings' => 'user_settings', 'info' => 'user_info', 'sc' => 'sc', 'memberContext' => 'memberContext']]

BackwardCompatibility settings for this class.

$custom_fields_displayed

private bool $custom_fields_displayed = false

Whether custom profile fields are in the formatted data for this user.

$dataset

private string $dataset

The dataset that was loaded for this user.

$perm_cache

private array<string|int, mixed> $perm_cache = []

Cache for the allowedTo() method.

Methods

__set()

Sets custom properties.

public __set(string $prop, mixed $value) : void
Parameters
$prop : string

The property name.

$value : mixed

The value to set.

adjustPermissions()

Fix permissions according to ban and warning status.

public adjustPermissions() : void

Applies any states of banning and/or warning moderation by removing permissions the user cannot have.

allowedTo()

Checks whether the user has a given permissions (e.g. 'post_new').

public allowedTo(string|array<string|int, mixed> $permission[, int|array<string|int, mixed> $boards = null ][, bool $any = false ]) : bool

If $boards is specified, checks those boards instead of the current one.

If $any is true, will return true if the user has the permission on any of the specified boards

Always returns true if the user is an administrator.

Parameters
$permission : string|array<string|int, mixed>

A single permission to check or an array of permissions to check.

$boards : int|array<string|int, mixed> = null

The ID of a board or an array of board IDs if we want to check board-level permissions

$any : bool = false

Whether to check for permission on at least one board instead of all the passed boards.

Return values
bool

Whether the user has the specified permission.

boardsAllowedTo()

Returns a list of boards in which the user is allowed to do the specified permission.

public boardsAllowedTo(string|array<string|int, mixed> $permissions[, bool $check_access = true ][, bool $simple = true ]) : array<string|int, mixed>

Returns an array with only a 0 in it if the user has permission to do this on every board.

Returns an empty array if he or she cannot do this on any board.

If $check_access is true, will also make sure the group has proper access to that board.

Parameters
$permissions : string|array<string|int, mixed>

A single permission to check or an array of permissions to check.

$check_access : bool = true

Whether to check only the boards the user has access to.

$simple : bool = true

Whether to return a simple array of board IDs or one with permissions as the keys.

Return values
array<string|int, mixed>

An array of board IDs if $simple is true. Otherwise, an array containing 'permission' => array(id, id, id...) pairs.

buildQueryBoard()

Builds query_see_board and query_wanna_see_board (plus variants) for the given user.

public static buildQueryBoard(int $id) : array<string|int, mixed>

Returns array with keys:

  • query_see_board
  • query_see_message_board
  • query_see_topic_board
  • query_wanna_see_board
  • query_wanna_see_message_board
  • query_wanna_see_topic_board
Parameters
$id : int

The ID of the user.

Return values
array<string|int, mixed>

All board query variants.

checkSession()

Make sure the user's correct session was passed, and they came from here.

public checkSession([string $type = 'post' ][, string $from_action = '' ][, bool $is_fatal = true ]) : string|null

Checks the current session, verifying that the person is who he or she should be.

Also checks the referrer to make sure they didn't get sent here, unless the disableCheckUA setting is present and true. (It's usually missing.)

Will check $_GET, $_POST, or $_REQUEST, depending on the passed $type.

Also optionally checks the referring action if $from_action is passed. (Note that the referring action must be in $_GET)

Parameters
$type : string = 'post'

The type of check (post, get, request).

$from_action : string = ''

The action this is coming from.

$is_fatal : bool = true

Whether to die with a fatal error if the check fails.

Return values
string|null

The error message, or '' if everything was fine.

delete()

Delete one or more members.

public static delete(int|array<string|int, mixed> $users[, bool $check_not_admin = false ][, bool $anonymize = false ]) : void

Requires profile_remove_own or profile_remove_any permission for respectively removing your own account or any account. Non-admins cannot delete admins. The function:

  • changes author of messages, topics and polls to guest authors.
  • removes all log entries concerning the deleted members, except the error logs, ban logs and moderation logs.
  • removes these members' personal messages (only the inbox), avatars, ban entries, theme settings, moderator positions, poll and votes.
  • updates member statistics afterwards.
Parameters
$users : int|array<string|int, mixed>

The ID of a user or an array of user IDs.

$check_not_admin : bool = false

Whether to verify the users aren't admins. Default: false.

$anonymize : bool = false

If true, force anonymization of all deleted users. If false, deleted users will be anonymized only if they requested it or Config::$modSettings['always_anonymize_deleted_accounts'] is true. Default: false.

exportStatic()

Provides a way to export a class's public static properties and methods to global namespace.

public static exportStatic() : void

To do so:

  1. Use this trait in the class.
  2. At the END of the class's file, call its exportStatic() method.

Although it might not seem that way at first glance, this approach conforms to section 2.3 of PSR 1, since executing this method is simply a dynamic means of declaring functions when the file is included; it has no other side effects.

Regarding the $backcompat items:

A class's static properties are not exported to global variables unless explicitly included in $backcompat['prop_names'].

$backcompat['prop_names'] is a simple array where the keys are the names of one or more of a class's static properties, and the values are the names of global variables. In each case, the global variable will be set to a reference to the static property. Static properties that are not named in this array will not be exported.

Adding non-static properties to the $backcompat arrays will produce runtime errors. It is the responsibility of the developer to make sure not to do this.

find()

Finds members by email address, username, or real name.

public static find(string|array<string|int, mixed> $names[, bool $use_wildcards = false ][, bool $buddies_only = false ][, int $max = 500 ]) : array<string|int, mixed>

Searches for members whose username, display name, or e-mail address match the given pattern of array names.

Searches only buddies if $buddies_only is set.

Parameters
$names : string|array<string|int, mixed>

The names of members to search for.

$use_wildcards : bool = false

Whether to use wildcards. Accepts wildcards '?' and '*' in the pattern if true.

$buddies_only : bool = false

Whether to only search for the user's buddies.

$max : int = 500

The maximum number of results.

Return values
array<string|int, mixed>

Information about the matching members.

format()

Sets the formatted versions of user data for use in themes and templates.

public format([bool $display_custom_fields = false ]) : array<string|int, mixed>
Parameters
$display_custom_fields : bool = false

Whether to get custom profile fields ready for display.

Return values
array<string|int, mixed>

A copy of $this->formatted.

getGroupsWithPermissions()

Similar to self::groupsAllowedTo, except that:

public static getGroupsWithPermissions([array<string|int, mixed> $general_permissions = [] ][, array<string|int, mixed> $board_permissions = [] ][, int $profile_id = 1 ]) : array<string|int, mixed>

  1. It allows looking up any arbitrary combination of general permissions and board permissions in one call.

  2. When looking up board permissions, the ID of a permission profile must be provided, rather than the ID of a board.

  3. There is no $simple option.

Parameters
$general_permissions : array<string|int, mixed> = []

The general permissions to check.

$board_permissions : array<string|int, mixed> = []

The board permissions to check.

$profile_id : int = 1

The permission profile for the board permissions. Default: 1

Return values
array<string|int, mixed>

Multidimensional array where each key is a permission name and each value is an array containing to sub-arrays: 'allowed', which lists the groups that have the permission, and 'denied', which lists the groups that are denied the permission.

getTimezone()

Gets a member's selected time zone identifier

public static getTimezone([int $id_member = null ]) : string
Parameters
$id_member : int = null

The member id to look up. If not provided, the current user's id will be used.

Return values
string

The time zone identifier string for the user's time zone.

groupsAllowedTo()

Retrieves a list of membergroups that have the given permission(s), either on a given board or in general.

public static groupsAllowedTo(array<string|int, mixed>|string $permissions[, int $board_id = null ][, bool $simple = true ][, int $profile_id = null ]) : array<string|int, mixed>

If $board_id is set, a board permission is assumed.

Parameters
$permissions : array<string|int, mixed>|string

The permission(s) to check.

$board_id : int = null

If set, checks permissions for the specified board.

$simple : bool = true

If true, and $permission contains a single permission to check, the returned array will contain only the relevant sub-array for that permission. Default: true.

$profile_id : int = null

The permission profile for the board. If not set, will be looked up automatically.

Return values
array<string|int, mixed>

Multidimensional array where each key is a permission name and each value is an array containing to sub-arrays: 'allowed', which lists the groups that have the permission, and 'denied', which lists the groups that are denied the permission. However, if $simple is true and only one permission was asked for, the returned value will contain only the relevant sub-array for that permission.

isAllowedTo()

Checks whether the user has the given permissions, and exits with a fatal error if not.

public isAllowedTo(string|array<string|int, mixed> $permission[, int|array<string|int, mixed> $boards = null ][, bool $any = false ]) : void

Uses allowedTo() to check if the user is allowed to do permission.

Checks the passed boards or current board for the permission.

If $any is true, the user only needs permission on at least one of the boards to pass.

If the user is not allowed, loads the Errors language file and shows an error using Lang::$txt['cannot_' . $permission].

If the user is a guest and cannot do it, calls $this->kickIfGuest().

Parameters
$permission : string|array<string|int, mixed>

A single permission to check or an array of permissions to check.

$boards : int|array<string|int, mixed> = null

The ID of a board or an array of board IDs if we want to check board-level permissions

$any : bool = false

Whether to check for permission on at least one board instead of all the passed boards.

isBannedEmail()

Checks whether a given email address is be banned.

public static isBannedEmail(string $email, string $restriction, string $error) : void

Performs an immediate ban if the check turns out positive.

Parameters
$email : string

The email to check.

$restriction : string

What type of restriction to check for. E.g.: cannot_post, cannot_register, etc.

$error : string

The error message to display if they are banned.

isReservedName()

Check if a name is in the reserved words list.

public static isReservedName(string $name[, int $current_id_member = 0 ][, bool $is_name = true ][, bool $fatal = true ]) : bool

(name, current member id, name/username?.)

  • checks if name is a reserved name or username.
  • if is_name is false, the name is assumed to be a username.
  • the id_member variable is used to ignore duplicate matches with the current member.
Parameters
$name : string

The name to check

$current_id_member : int = 0

The ID of the current member (to avoid false positives with the current member)

$is_name : bool = true

Whether we're checking against reserved names or just usernames

$fatal : bool = true

Whether to die with a fatal error if the name is reserved

Return values
bool

False if name is not reserved, otherwise true if $fatal is false or dies with a fatal_lang_error if $fatal is true

kickIfBanned()

Does banning related stuff (i.e. disallowing access).

public kickIfBanned([bool $force_check = false ]) : void

Checks if the user is banned, and if so dies with an error. Caches this information for optimization purposes.

Parameters
$force_check : bool = false

Whether to force a recheck.

kickIfGuest()

Requires a user who is logged in (not a guest).

public kickIfGuest([string $message = null ][, bool $log = true ]) : void

Checks if the user is currently a guest, and if so asks them to login with a message telling them why. If $message is empty, a default message will be used.

Parameters
$message : string = null

The message to display to the guest.

$log : bool = true

Whether to log what they were trying to do.

load()

Loads an array of users by ID, member_name, or email_address.

public static load([mixed $users = [] ][, int $type = self::LOAD_BY_ID ][, string $dataset = null ]) : array<string|int, mixed>
Parameters
$users : mixed = []

Users specified by ID, name, or email address.

$type : int = self::LOAD_BY_ID

Whether $users contains IDs, names, or email addresses. Possible values are this class's LOAD_BY_* constants.

$dataset : string = null

What kind of data to load: 'profile', 'normal', 'basic', 'minimal'. Leave null for a dynamically determined default.

Return values
array<string|int, mixed>

Instances of this class for the loaded users.

loadPermissions()

Load this user's permissions.

public loadPermissions() : void

logBan()

Logs a ban in the database.

public logBan([array<string|int, mixed> $ban_ids = [] ][, string $email = null ]) : void

Increments the hit counters for the specified ban ID's (if any).

Parameters
$ban_ids : array<string|int, mixed> = []

The IDs of the bans.

$email : string = null

The email address associated with the user that triggered this hit. If not set, uses the current user's email address.

logOnline()

Put this user in the online log.

public logOnline([bool $force = false ]) : void
Parameters
$force : bool = false

Whether to force logging the data

logSpider()

Log the spider presence online.

public static logSpider() : void

membersAllowedTo()

Retrieves a list of members that have a given permission, either on a given board or in general.

public static membersAllowedTo(string $permission[, int $board_id = null ]) : array<string|int, mixed>

Will check for a board permission if $board_id is set, and any moderators assigned to that board will be fetched in addition to global moderators. Pass in 0 as a special case to fetch moderators on all boards.

Parameters
$permission : string

The permission to check.

$board_id : int = null

If set, checks permission for that specific board.

Return values
array<string|int, mixed>

IDs of the members who have that permission.

offsetExists()

Checks whether a property has been set when object is accessed as an array.

public offsetExists(mixed $prop) : bool
Parameters
$prop : mixed

The property name.

Return values
bool

offsetGet()

Gets properties when object is accessed as an array.

public & offsetGet(mixed $prop) : mixed
Parameters
$prop : mixed

The property name.

Return values
mixed

A reference to the property.

offsetSet()

Sets properties when object is accessed as an array.

public offsetSet(mixed $prop, mixed $value) : void
Parameters
$prop : mixed

The property name.

$value : mixed

The value to set.

offsetUnset()

Unsets properties when object is accessed as an array.

public offsetUnset(mixed $prop) : void
Parameters
$prop : mixed

The property name.

rebuildModCache()

Quickly find out what moderation authority the current user has

public rebuildModCache() : void

Builds the moderator, group and board level queries for the user.

Stores the information on the current users moderation powers in User::$me->mod_cache and $_SESSION['mc'].

reload()

Reloads an array of users, specified by ID number.

public static reload([int|array<string|int, mixed> $users = [] ][, string $dataset = null ]) : array<string|int, mixed>
Parameters
$users : int|array<string|int, mixed> = []

One or more users specified by ID.

$dataset : string = null

What kind of data to load: 'profile', 'normal', 'basic', 'minimal'. Leave null for a dynamically determined default.

Return values
array<string|int, mixed>

The ids of the loaded members.

setAvatarData()

Helper function to set an array of data for a user's avatar.

public static setAvatarData([array<string|int, mixed> $data = [] ]) : array<string|int, mixed>

The following keys are required:

  • avatar: The raw "avatar" column in members table.
  • email: The user's email address. Used to get the gravatar info.
  • filename: The attachment filename.
Parameters
$data : array<string|int, mixed> = []

An array of raw info.

Return values
array<string|int, mixed>

An array of avatar data.

setMe()

Sets User::$me to the loaded object for the given user.

public static setMe(int $id) : void
Parameters
$id : int

The ID of a user.

setModerators()

Figures out which users are moderators on the current board, and sets them as such.

public static setModerators() : void

updateMemberData()

Updates the columns in the members table.

public static updateMemberData(int|array<string|int, mixed>|null $members, array<string|int, mixed> $data) : void

Assumes the data has been htmlspecialchar'd.

This function should be used whenever member data needs to be updated in place of an UPDATE query.

$members is either an int or an array of ints to be updated.

$data is an associative array of the columns to be updated and their respective values. Any string values updated should be quoted and slashed.

The value of any column can be '+' or '-', which mean 'increment' and decrement, respectively.

If a member's post count is updated, this method also updates their post groups.

Parameters
$members : int|array<string|int, mixed>|null

An array of member IDs, the ID of a single member, or null to update this for all members.

$data : array<string|int, mixed>

The info to update for the members.

validateSession()

Check if the user is who he/she says he is.

public validateSession([string $type = 'admin' ][, bool $force = false ]) : string|null

Makes sure the user is who they claim to be by requiring a password to be typed in every hour.

Is turned on and off by the securityDisable setting.

Uses the SMF\Actions\Admin\ACP::adminLogin() method if they need to login, which saves all request (post and get) data.

Parameters
$type : string = 'admin'

What type of session this is.

$force : bool = false

If true, require a password even if we normally wouldn't.

Return values
string|null

Returns 'session_verify_fail' if verification failed, or null if it passed.

validateUsername()

Checks whether a username obeys a load of rules.

public static validateUsername(int $memID, string $username[, bool $return_error = false ][, bool $check_reserved_name = true ]) : array<string|int, mixed>|null
Parameters
$memID : int
$username : string

The username to validate.

$return_error : bool = false

Whether to return errors.

$check_reserved_name : bool = true

Whether to check this against the list of reserved names.

Return values
array<string|int, mixed>|null

Null if there are no errors, otherwise an array of errors if $return_error is true.

__construct()

Constructor. Protected in order to force instantiation via User::load().

protected __construct([int $id = null ][, string|null $dataset = null ]) : mixed
Parameters
$id : int = null

The ID number of the user, or null for current user.

$dataset : string|null = null

What kind of data to load. Can be one of 'profile', 'normal', 'basic', or 'minimal'. If left null, the default depends on the value of $id:

  • If $id is an integer, then $dataset will default to 'normal'.
  • If $id is also null (i.e. we are loading the current user), then $dataset will be determined automatically based on what the user is doing on the forum.

anonymize()

Anonymizes the specified member's personally identifying information.

protected static anonymize(int $member) : void
Parameters
$member : int

The ID of the member to anonymize.

chooseMyDataset()

Figures out which dataset we want to load for the current user.

protected chooseMyDataset() : string
Return values
string

The name of a dataset to load.

fixTimezoneSetting()

Ensures timezone and time_offset are both set to correct values.

protected fixTimezoneSetting() : void

getGravatarUrl()

Return a Gravatar URL based on - the supplied email address, - the global maximum rating, - the global default fallback, - maximum sizes as set in the admin panel.

protected static getGravatarUrl(string $email_address) : string

It is SSL aware, and caches most of the parameters.

Parameters
$email_address : string

The user's email address

Return values
string

The gravatar URL

initializeGuest()

Sets User::$profiles[0], cookie, etc., to appropriate values for a guest.

protected initializeGuest() : void

integrateVerifyUser()

Wrapper for integrate_verify_user hook. Allows integrations to verify the current user's identity for us.

protected integrateVerifyUser() : void

loadOptions()

Loads theme options for the given users.

protected static loadOptions(array<string|int, mixed>|int $ids) : void
Parameters
$ids : array<string|int, mixed>|int

One or more user ID numbers.

loadUserData()

Loads users' settings from the database.

protected static loadUserData(array<string|int, mixed> $users[, int $type = self::LOAD_BY_ID ][, string $dataset = 'normal' ]) : array<string|int, mixed>

The retrieved information is stored in User::$profiles[$id].

Parameters
$users : array<string|int, mixed>

Users specified by ID, name, or email address.

$type : int = self::LOAD_BY_ID

Whether $users contains IDs, names, or email addresses. Possible values are this class's LOAD_BY_* constants.

$dataset : string = 'normal'

The set of data to load.

Return values
array<string|int, mixed>

The IDs of the loaded members.

setGroups()

Determines which membergroups the current user belongs to.

protected setGroups() : void

setLanguage()

Sets the current user's preferred language.

protected setLanguage() : void

Uses their saved setting, unless they are requesting a different one.

setLastVisit()

Determines the 'id_msg_last_visit' value, which is used to figure out what counts as new content for this user.

protected setLastVisit() : void

setMyId()

Sets User::$my_id to the current user's ID from the login cookie.

protected setMyId() : void

If no cookie was provided, checks $_SESSION to see if there is a match with an existing session.

On failure, User::$my_id is set to 0.

setPossiblyRobot()

Do we perhaps think this is a search robot?

protected setPossiblyRobot() : void

setProperties()

Sets object properties based on data in User::$profiles[$this->id].

protected setProperties() : void

verifyPassword()

Verifies that the supplied password was correct.

protected verifyPassword() : void

If not, User::$my_id is set to 0, and we take steps to prevent brute force hacking attempts.

verifyTfa()

If appropriate for this user, performs two factor authentication check.

protected verifyTfa() : void 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results