function api_auth_oauth2_get_access_token(&$method)
{
# https://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20#section-2.1
$require_header = $GLOBALS['cfg']['api_oauth2_require_authentication_header'];
$check_header = $GLOBALS['cfg']['api_oauth2_check_authentication_header'];
if ($require_header || $check_header) {
$headers = apache_request_headers();
$token = null;
if (!isset($headers['authorization'])) {
if ($require_header) {
return null;
}
} else {
if (preg_match("/Bearer\\s+([a-zA-Z0-9\\+\\/\\=]+)\$/", $headers['authorization'], $m)) {
$token = $m[1];
$token = base64_decode($token);
}
}
if ($token || $require_header) {
return $token;
}
}
if ($GLOBALS['cfg']['api_oauth2_allow_get_parameters']) {
return request_str('access_token');
}
return post_str('access_token');
}
function mod_comment()
{
$x = "";
$reason = post_str('reason', true);
if ($reason) {
$x .= "\nModerator comment: {$reason}\n";
}
return $x;
}
function crumb_ensure_valid_crumb($template = '/page_bad_crumb.txt')
{
$crumb = post_str('crumb');
if (!crumb_validate_crumb($crumb, $GLOBALS['cfg']['user'])) {
$GLOBALS['error']['badcrumb'] = 1;
$smarty->display($template);
exit;
}
return 1;
}
function do_updates()
{
$apps = BoincApp::enum("");
foreach ($apps as $app) {
$id = $app->id;
// Change deprecated status?
//
$field = "deprecated_" . $id;
$new_v = post_str($field, true) == 'on' ? 1 : 0;
$old_v = $app->deprecated;
if ($new_v != $old_v) {
$app->update("deprecated={$new_v}");
}
$field = "weight_" . $id;
$new_v = $_POST[$field] + 0;
$old_v = $app->weight;
if ($new_v != $old_v) {
$app->update("weight={$new_v}");
}
$field = "homogeneous_redundancy_" . $id;
$new_v = $_POST[$field];
$old_v = $app->homogeneous_redundancy;
if ($new_v != $old_v) {
$app->update("homogeneous_redundancy={$new_v}");
}
$field = "homogeneous_app_version_" . $id;
$new_v = post_str($field, true) == 'on' ? 1 : 0;
$old_v = $app->homogeneous_app_version;
if ($new_v != $old_v) {
$app->update("homogeneous_app_version={$new_v}");
}
$field = "non_cpu_intensive_" . $id;
$new_v = post_str($field, true) == 'on' ? 1 : 0;
$old_v = $app->non_cpu_intensive;
if ($new_v != $old_v) {
$app->update("non_cpu_intensive={$new_v}");
}
}
// Adding a new application
if (post_str('add_app', true)) {
$name = mysql_real_escape_string($_POST['add_name']);
$user_friendly_name = mysql_real_escape_string($_POST['add_user_friendly_name']);
if (empty($name) || empty($user_friendly_name)) {
$commands .= "<p><font color='red'>\n To add a new application please supply both a brief name and a\n longer 'user-friendly' name.</font></p>\n ";
} else {
$now = time();
$cmd = "INSERT INTO app (name,user_friendly_name,create_time) " . "VALUES ('{$name}', '{$user_friendly_name}',{$now})";
$commands .= "<P><pre>{$cmd}</pre>\n";
mysql_query($cmd);
}
}
}
function api_privatesquare_venues_checkin()
{
$venue_id = post_str("venue_id");
$status_id = post_int32("status_id");
if (!$venue_id) {
api_output_error(999, "Missing venue ID");
}
if (!isset($status_id)) {
api_output_error(999, "Missing status ID");
}
$fsq_user = foursquare_users_get_by_user_id($GLOBALS['cfg']['user']['id']);
$checkin = array('user_id' => $GLOBALS['cfg']['user']['id'], 'venue_id' => $venue_id, 'status_id' => $status_id);
# where am I?
$venue = foursquare_venues_get_by_venue_id($venue_id);
if (!$venue) {
$rsp = foursquare_venues_archive_venue($venue_id);
if ($rsp['ok']) {
$venue = $rsp['venue'];
}
}
if ($venue) {
$checkin['locality'] = $venue['locality'];
$checkin['latitude'] = $venue['latitude'];
$checkin['longitude'] = $venue['longitude'];
}
# check to see if we're checking in to 4sq too
if ($broadcast = post_str("broadcast")) {
$method = 'checkins/add';
$args = array('oauth_token' => $fsq_user['oauth_token'], 'venueId' => $venue_id, 'broadcast' => $broadcast);
$more = array('method' => 'POST');
$rsp = foursquare_api_call($method, $args, $more);
if ($rsp['ok']) {
$checkin['checkin_id'] = $rsp['rsp']['checkin']['id'];
}
# on error, then what?
}
if ($GLOBALS['cfg']['enable_feature_weather_tracking']) {
loadlib("weather_google");
$rsp = weather_google_conditions($checkin['latitude'], $checkin['longitude']);
if ($rsp['ok']) {
$conditions = $rsp['conditions'];
$conditions['source'] = $rsp['source'];
$checkin['weather'] = json_encode($conditions);
}
}
$rsp = privatesquare_checkins_create($checkin);
if (!$rsp['ok']) {
api_output_error(999, "Check in failed");
}
$out = array('checkin' => $rsp['checkin']);
api_output_ok($out);
}
function add_app()
{
$name = BoincDb::escape_string(post_str('add_name'));
$user_friendly_name = BoincDb::escape_string(post_str('add_user_friendly_name'));
if (empty($name) || empty($user_friendly_name)) {
admin_error_page("To add a new application please supply both a brief name and a longer 'user-friendly' name.</font></p>");
}
$now = time();
$id = BoincApp::insert("(name,user_friendly_name,create_time) VALUES ('{$name}', '{$user_friendly_name}', {$now})");
if (!$id) {
admin_error_page("insert failed");
}
echo "Application added.\n <p>\n You must restart the project for this to take effect.\n ";
}
function update()
{
$id = post_int("id");
$av = BoincAppVersion::lookup_id($id);
if (!$av) {
error_page("no such app version");
}
$n = post_str("beta", true) ? 1 : 0;
$av->update("beta={$n}");
$n = post_str("deprecated", true) ? 1 : 0;
$av->update("deprecated={$n}");
$n = post_int("min_core_version");
$av->update("min_core_version={$n}");
$n = post_int("max_core_version");
$av->update("max_core_version={$n}");
echo "<b>Updated app version {$id}. This change will take effect when you restart the project.</b><p>";
}
include "../include/init.php";
loadlib("god");
features_ensure_enabled("flickr_push");
loadlib("flickr_push");
loadlib("flickr_backups");
loadlib("flickr_push_photos");
loadlib("flickr_push_subscriptions");
$id = get_int32("id");
$sub = flickr_push_subscriptions_get_by_id($id);
if (!$sub) {
error_404();
}
$crumb_key = "delete_feed";
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
if (post_str("delete") && crumb_check($crumb_key)) {
$feed_rsp = flickr_push_unsubscribe($sub);
$GLOBALS['smarty']->assign("delete_feed", $feed_rsp);
if ($feed_rsp['ok']) {
$sub_rsp = flickr_push_subscriptions_delete($sub);
$GLOBALS['smarty']->assign("delete_sub", $sub_rsp);
if ($sub_rsp['ok']) {
$redir = "{$GLOBALS['cfg']['abs_root_url']}god/push/subscriptions/{$sub['user_id']}/";
header("location: {$redir}");
exit;
}
}
}
$topic_map = flickr_push_topic_map();
$sub['str_topic'] = $topic_map[$sub['topic_id']];
if ($sub['last_update_details']) {
$parent_post_id = 0;
}
if ($filter != "false") {
$filter = true;
} else {
$filter = false;
}
check_reply_access($logged_in_user, $forum, $thread);
if (!$sort_style) {
$sort_style = $logged_in_user->prefs->thread_sorting;
} else {
$logged_in_user->prefs->update("thread_sorting={$sort_style}");
}
$warning = null;
if ($content && !$preview) {
if (post_str('add_signature', true) == "add_it") {
$add_signature = true;
} else {
$add_signature = false;
}
check_tokens($logged_in_user->authenticator);
if (!akismet_check($logged_in_user, $content)) {
$warning = "Your post has been flagged as spam by the Akismet anti-spam system. Please modify your text and try again.";
$preview = tra("Preview");
} else {
create_post($content, $parent_post_id, $logged_in_user, $forum, $thread, $add_signature);
header('Location: forum_thread.php?id=' . $thread->id);
}
}
page_head(tra("Post to thread"));
show_forum_header($logged_in_user);
$next_url = urldecode($next_url);
$next_url = sanitize_local_url($next_url);
if (strlen($next_url) == 0) {
$next_url = "home.php";
}
$perm = false;
if (isset($_POST['stay_logged_in'])) {
$perm = $_POST['stay_logged_in'];
}
// check for account key case.
// see if key is in URL; if not then check for POST data
//
$authenticator = get_str("key", true);
if (!$authenticator) {
$authenticator = post_str("authenticator", true);
}
if ($authenticator) {
login_with_auth($authenticator, $next_url, $perm);
exit;
}
$email_addr = strtolower(sanitize_tags(post_str("email_addr", true)));
$passwd = post_str("passwd", true);
if ($email_addr && $passwd) {
if (LDAP_HOST && !is_valid_email_addr($email_addr)) {
login_with_ldap($email_addr, $passwd, $next_url, $perm);
} else {
login_with_email($email_addr, $passwd, $next_url, $perm);
}
exit;
}
error_page("You must supply an email address and password");
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
// This file allows people to rate posts in a thread
require_once '../inc/forum.inc';
require_once '../inc/util.inc';
$config = get_config();
if (parse_bool($config, "no_forum_rating")) {
page_head(tra("Rating offline"));
echo tra("This function is turned off by the project");
page_tail();
exit(0);
}
if (!empty($_GET['post'])) {
$postId = get_int('post');
$choice = post_str('submit', true);
$rating = post_int('rating', true);
if (!$choice) {
$choice = get_str('choice', true);
}
if ($choice == SOLUTION or $choice == "p") {
$rating = 1;
} else {
$rating = -1;
}
$user = get_logged_in_user();
if ($choice == null && ($rating == null || $rating > 2 || $rating < -2)) {
show_result_page(false, NULL, NULL, $choice);
}
$post = BoincPost::lookup_id($postId);
$thread = BoincThread::lookup_id($post->thread);
function simulation_action()
{
$user = get_logged_in_user();
$scen = post_str("scen");
if (!is_dir("scenarios/{$scen}")) {
error_page("no such scenario");
}
$sim_dir = "scenarios/{$scen}/simulations";
$sim_name = create_dir_seqno($sim_dir);
$sim_path = "{$sim_dir}/{$sim_name}";
$policy = new POLICY("");
$policy->duration = (double) post_str("duration");
$policy->delta = (double) post_str("delta");
$policy->rec_half_life = (double) post_str("rec_half_life_days") * 86400;
$policy->existing_jobs_only = post_str("existing_jobs_only", true);
$policy->use_hyst_fetch = post_str("use_hyst_fetch", true);
$policy->cpu_sched_rr_only = post_str("cpu_sched_rr_only", true);
$policy->server_uses_workload = post_str("server_uses_workload", true);
file_put_contents("{$sim_path}/userid", "{$user->id}");
$x = "<log_flags>\n";
if (post_str("cpu_sched_debug", true)) {
$x .= "<cpu_sched_debug/>\n";
}
if (post_str("rr_simulation", true)) {
$x .= "<rr_simulation/>\n";
}
if (post_str("work_fetch_debug", true)) {
$x .= "<work_fetch_debug/>\n";
}
$x .= "</log_flags>\n";
file_put_contents("{$sim_path}/log_flags.xml", $x);
do_sim("scenarios/{$scen}", $sim_path, $policy);
header("Location: sim_web.php?action=show_simulation&scen={$scen}&sim={$sim_name}");
}
case "unlock":
$result = $thread->update("locked=0");
$action_name = "unlocked";
break;
case "move":
if ($forum->parent_type != 0) {
error_page("No");
}
$fid = post_int('forumid');
$new_forum = BoincForum::lookup_id($fid);
$result = move_thread($thread, $forum, $new_forum);
$action_name = "moved from {$forum->title} to {$new_forum->title}";
break;
case "title":
$new_title = post_str('newtitle');
$title = BoincDb::escape_string($new_title);
$result = $thread->update("title='{$title}'");
$action_name = "renamed from '{$thread->title}' to '{$new_title}'";
break;
default:
error_page("Unknown action");
}
if (!$result) {
error_page("Moderation failed");
}
$reason = post_str('reason', true);
if (!$reason) {
$reason = "None given";
}
send_thread_moderation_email($forum, $thread, $reason, $action_name, $explanation);
header('Location: forum_thread.php?id=' . $thread->id);
if ($x != $h) {
error_page("Invalid authenticator.\r\n\t\t\tPlease make sure you visited the complete URL;\r\n\t\t\tit may have been split across lines by your email reader.");
}
if (time() - $t > 86400) {
error_page("Link has expired;\r\n\t\t\tgo <a href=get_passwd.php>here</a> to\r\n\t\t\tget a new login link by email.");
}
send_cookie('auth', $user->authenticator, true);
Header("Location: home.php");
exit;
}
// check for account key case.
// see if key is in URL; if not then check for POST data
//
$authenticator = get_str("key", true);
if (!$authenticator) {
$authenticator = post_str("authenticator", true);
}
if (!$authenticator) {
error_page("You must supply an account key");
}
if (substr($user->authenticator, 0, 1) == 'x') {
//User has been bad so we are going to take away ability to post for awhile.
error_page("This account has been administratively disabled.");
}
$user = lookup_user_auth($authenticator);
if (!$user) {
page_head("Login failed");
echo "There is no account with that authenticator.\r\n\t\tPlease <a href=get_passwd.php>try again</a>.\r\n\t";
page_tail();
} else {
Header("Location: {$next_url}");
}
if (!is_valid_country($country)) {
echo "bad country";
exit;
}
$postal_code = '';
$user = make_user($new_email_addr, $new_name, $passwd_hash, $country, $postal_code, $project_prefs = "", $teamid = 0);
if (!$user) {
show_error("Couldn't create account");
}
if (defined('INVITE_CODES')) {
error_log("Account '{$new_email_addr}' created using invitation code '{$invite_code}'");
}
}
// Log-in user in the web
// In success case, redirect to a fixed page so that user can
// return to it without getting "Repost form data" stuff
$next_url = post_str('next_url', true);
$next_url = sanitize_local_url($next_url);
if ($next_url) {
Header("Location: " . URL_BASE . "{$next_url}");
} else {
Header("Location: " . URL_BASE . "home.php");
send_cookie('init', "1", true);
send_cookie('via_web', "1", true);
}
send_cookie('auth', $user->authenticator, true);
}
} catch (ErrorException $e) {
echo $e->getMessage();
}
// This file was modified by contributors of "BOINC Web Tweak" project.
require_once "../inc/boinc_db.inc";
require_once "../inc/util.inc";
require_once "../inc/email.inc";
require_once "../project/project.inc";
function email_sent_message($email_addr)
{
if (defined('EMAIL_FROM')) {
$email_from = EMAIL_FROM;
} else {
$email_from = URL_BASE;
}
page_head("Email sent");
echo "\r\n\t\tInstructions have been emailed to {$email_addr}.\r\n\t\t<p>\r\n\t\tIf the email doesn't arrive in a few minutes,\r\n\t\tyour ISP may be blocking it as spam.\r\n\t\tIn this case please contact your ISP and\r\n\t\task them to not block email from {$email_from}.\r\n\t";
}
$email_addr = strtolower(post_str("email_addr"));
if (!strlen($email_addr)) {
error_page("no address given");
}
$user = lookup_user_email_addr($email_addr);
if (!$user) {
page_head("No such user");
echo "There is no user with email address {$email_addr}. <br>\r\n\t\tTry reentering your email address.<p>\r\n\t";
} else {
if (substr($user->authenticator, 0, 1) == 'x') {
page_head("Account Currently Disabled");
echo "This account has been administratively disabled.";
} else {
$user->email_addr = $email_addr;
$retval = send_auth_email($user);
if ($retval) {
if (count($pre_process['errors'])) {
$_errors = array();
foreach ($pre_process['errors'] as $e) {
$_errors[$e['record']] = $e;
}
$pre_process['errors'] = $_errors;
}
$GLOBALS['smarty']->assign_by_ref("pre_process", $pre_process);
$GLOBALS['smarty']->assign('step', 'process');
} else {
if ($crumb_ok && post_str("data")) {
$GLOBALS['smarty']->assign('step', 'process');
$fingerprint = post_str('fingerprint');
$mime_type = post_str('mime_type');
$simplified = post_str('simplified');
$raw_data = post_str("data");
$data = json_decode($raw_data, "as hash");
$ok = 1;
if (!$data) {
$GLOBALS['error']['missing_data'] = 1;
$ok = 0;
}
if ($ok) {
$more = array('dots_index_on' => $dots_index_on);
$pre_process = import_ensure_valid_data($data);
if (!$pre_process['ok']) {
# Don't get $GLOBALS['error'] because that will prevent
# the data from being displayed/corrected.
$ok = 0;
$pre_process['data'] = $data;
if (count($pre_process['errors'])) {
{
$founder = BoincUser::lookup_id($team->userid);
// send founder a private message for good measure
$subject = "Team founder transfer request";
$body = "Team member " . $user->name . " has asked that you\ntransfer foundership of {$team->name}.\nPlease go [url=" . URL_BASE . "team_change_founder_form.php?teamid={$team->id}]here[/url] to grant or decline the request.\n \nIf you do not respond within 60 days, " . $user->name . " will\nbe allowed to become the team founder.\n";
pm_send($user, $founder, $subject, $body, false);
$subject = PROJECT . " team founder transfer";
$body = "Team member " . $user->name . " has asked that you\ntransfer foundership of {$team->name} in " . PROJECT . ".\nPlease visit\n" . URL_BASE . "team_change_founder_form.php?teamid=" . $team->id . "\nto grant or decline the request.\n \nIf you do not respond within 60 days, " . $user->name . " will\nbe allowed to become the team founder.\n \nPlease do not respond to this email.\nThe mailbox is not monitored and the email\nwas sent using an automated system.";
return send_email($founder, $subject, $body);
}
function send_founder_transfer_decline_email($team, $user)
{
$body = "The founder of " . $team->name . " has declined your request\nto become the founder in " . PROJECT . ".\nYou can repeat the request at least 90 days after the initial request.\n \nPlease do not respond to this email.\nThe mailbox is not monitored and the email\nwas sent using an automated system.";
return send_email($user, PROJECT . " team founder transfer declined", $body);
}
$action = post_str("action");
switch ($action) {
case "initiate_transfer":
$team = BoincTeam::lookup_id($user->teamid);
$now = time();
if (new_transfer_request_ok($team, $now)) {
page_head(tra("Requesting foundership of %1", $team->name));
$success = send_founder_transfer_email($team, $user);
// Go ahead with the transfer even if the email send fails.
// Otherwise it would be impossible to rescue a team
// whose founder email is invalid
//
$team->update("ping_user={$user->id}, ping_time={$now}");
echo "<p>" . tra("The current founder has been notified of your request by email and private message.<br /><br />\n If the founder does not respond within 60 days you will be allowed to become the founder.") . "</p>\n";
} else {
error_page(tra("Foundership request not allowed now"));
$post_owner = BoincUser::lookup_id($post->user);
if ($logged_in_user->id != $post_owner->id || can_reply($thread, $forum, $logged_in_user) == false) {
error_page(tra("You are not authorized to edit this post."));
}
$thread_owner = BoincUser::lookup_id($thread->owner);
// If this post belongs to the creator of the thread and is at top-level
// (ie. not a response to another post)
// allow the user to modify the thread title
//
$can_edit_title = $post->parent_post == 0 && $thread_owner->id == $logged_in_user->id && !is_banished($logged_in_user);
$content = post_str("content", true);
$title = post_str("title", true);
$preview = post_str("preview", true);
if (post_str('submit', true) && !$preview) {
check_tokens($logged_in_user->authenticator);
$add_signature = post_str('add_signature', true) == "1" ? 1 : 0;
$content = substr($content, 0, 64000);
$content = trim($content);
if (strlen($content)) {
$content = BoincDb::escape_string($content);
$now = time();
$post->update("signature={$add_signature}, content='{$content}', modified={$now}");
if ($can_edit_title) {
$title = trim($title);
$title = sanitize_tags($title);
$title = BoincDb::escape_string($title);
$thread->update("title='{$title}'");
}
header("Location: forum_thread.php?id={$thread->id}&postid={$postid}");
} else {
delete_post($post, $thread, $forum);
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once "../inc/util_ops.inc";
$cancel = post_int('cancel', true);
$hide_canceled = post_str('hide_canceled', true);
$hide_dlerr = post_str('hide_dlerr', true);
$appid = post_int('appid', true);
$WU = post_arr('WU', true);
$back = post_str('back', true);
$clause = post_str('clause', true);
$limit = post_int('limit', true);
if (!$limit || $limit == 0) {
$limit = 20;
}
admin_page_head("Cancel Workunits");
// check for WUs to cancel
//
$WUs = "";
if ($cancel && $cancel == 1) {
if ($WU) {
foreach ($WU as $key => $value) {
if ($WUs != "") {
$WUs = $WUs . ",";
}
$WUs = $WUs . $value;
function edit_action($forum)
{
$title = strip_tags(post_str('title'));
$title = BoincDb::escape_string($title);
$description = strip_tags(post_str('description'));
$description = BoincDb::escape_string($description);
$post_min_interval = post_int('post_min_interval');
$post_min_total_credit = post_int('post_min_total_credit');
$post_min_expavg_credit = post_int('post_min_expavg_credit');
$ret = $forum->update("title='{$title}', description='{$description}', post_min_interval={$post_min_interval}, post_min_total_credit={$post_min_total_credit}, post_min_expavg_credit={$post_min_expavg_credit}");
if ($ret) {
page_head("Team Message Board Updated");
echo "Update successful";
page_tail();
} else {
error_page("update failed");
}
}
# $Id$
#
include "include/init.php";
login_ensure_loggedin();
#
# crumb key
#
$crumb_key = 'account_password';
$smarty->assign("crumb_key", $crumb_key);
#
# update?
#
if (post_str('change') && crumb_check($crumb_key)) {
$old_pass = trim(post_str('old_password'));
$new_pass1 = trim(post_str('new_password1'));
$new_pass2 = trim(post_str('new_password2'));
$ok = 1;
if (login_encrypt_password($old_pass) !== $GLOBALS['cfg']['user']['password']) {
$smarty->assign('error_oldpass_mismatch', 1);
$ok = 0;
}
if ($ok && $new_pass1 !== $new_pass2) {
$smarty->assign('error_newpass_mismatch', 1);
$ok = 0;
}
if ($ok && !strlen($new_pass2)) {
$smarty->assign('error_newpass_empty', 1);
$ok = 0;
}
if ($ok) {
if (!users_update_password($GLOBALS['cfg']['user'], $new_pass1)) {
if (!is_file($p)) {
error_page("no such physical file");
}
echo "<pre>\n";
readfile($p);
echo "</pre>\n";
}
$user = get_logged_in_user();
//print_r($user);
$user_submit = BoincUserSubmit::lookup_userid($user->id);
if (!$user_submit) {
error_page("no job submission access");
}
$action = get_str('action', true);
if (!$action) {
$action = post_str('action', true);
}
switch ($action) {
case '':
list_files($user, "");
break;
case 'upload_file':
upload_file($user);
break;
case 'delete_file':
delete_file($user);
break;
case 'download_file':
download_file($user);
break;
case 'view_file':
$avatar_url = IMAGE_URL . $user->id . "_avatar.jpg";
//$newfile;
} else {
//User didn't upload a compatible file or it went lost on the server
$avatar_url = "";
}
}
$images_as_links = $_POST["forum_images_as_links"] != "" ? 1 : 0;
$link_popup = $_POST["forum_link_popup"] != "" ? 1 : 0;
$hide_avatars = $_POST["forum_hide_avatars"] != "" ? 1 : 0;
$hide_signatures = $_POST["forum_hide_signatures"] != "" ? 1 : 0;
$highlight_special = $_POST["forum_highlight_special"] != "" ? 1 : 0;
$jump_to_unread = $_POST["forum_jump_to_unread"] != "" ? 1 : 0;
$ignore_sticky_posts = $_POST["forum_ignore_sticky_posts"] != "" ? 1 : 0;
$no_signature_by_default = $_POST["signature_by_default"] != "" ? 0 : 1;
$signature = post_str("signature", true);
if (strlen($signature) > 250) {
error_page(tra("Your signature was too long, please keep it less than 250 characters."));
}
$forum_sort = post_int("forum_sort");
$thread_sort = post_int("thread_sort");
$display_wrap_postcount = post_int("forum_display_wrap_postcount");
if ($display_wrap_postcount < 1) {
$display_wrap_postcount = 1;
}
$signature = BoincDb::escape_string($signature);
$user->prefs->update("images_as_links={$images_as_links}, link_popup={$link_popup}, hide_avatars={$hide_avatars}, hide_signatures={$hide_signatures}, highlight_special={$highlight_special}, jump_to_unread={$jump_to_unread}, ignore_sticky_posts={$ignore_sticky_posts}, no_signature_by_default={$no_signature_by_default}, avatar='{$avatar_url}', signature='{$signature}', forum_sorting={$forum_sort}, thread_sorting={$thread_sort}, display_wrap_postcount={$display_wrap_postcount}");
}
// DISABLE_FORUMS
$add_user_to_filter = $_POST["add_user_to_filter"] != "";
if ($add_user_to_filter) {
default:
$query .= ' ORDER BY post.timestamp DESC';
break;
}
$query .= " limit {$limit}";
return BoincPost::enum_general($query);
}
$logged_in_user = get_logged_in_user(false);
BoincForumPrefs::lookup($logged_in_user);
if ($logged_in_user && $logged_in_user->prefs->privilege(S_MODERATOR)) {
$show_hidden_posts = true;
} else {
$show_hidden_posts = false;
}
page_head(tra("Forum search results"));
$search_keywords = post_str("search_keywords", true);
$search_author = post_int("search_author", true);
$search_max_time = post_int("search_max_time");
$search_forum = post_int("search_forum");
$search_sort = post_int("search_sort");
$search_list = explode(" ", $search_keywords);
if ($search_max_time) {
$min_timestamp = time() - $search_max_time * 3600 * 24;
} else {
$min_timestamp = 0;
}
$limit = 100;
if ($search_forum == -1) {
$forum = null;
} else {
if ($search_forum) {
function do_delete_selected($logged_in_user)
{
check_tokens($logged_in_user->authenticator);
$msgs = BoincPrivateMessage::enum("userid={$logged_in_user->id}");
foreach ($msgs as $msg) {
$x = "pm_select_{$msg->id}";
if (post_str($x, true)) {
$msg = BoincPrivateMessage::lookup_id($msg->id);
$msg->delete();
}
}
Header("Location: pm.php?action=inbox&deleted=1");
}
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once "../inc/boinc_db.inc";
require_once "../inc/util.inc";
require_once "../inc/team.inc";
check_get_args(array());
$user = get_logged_in_user();
$name = post_str("name", true);
if (strlen($name) == 0) {
error_page(tra("You must choose a non-blank team name"));
}
$new_team = lookup_team_name($name);
if ($new_team) {
error_page(tra("A team named %1 already exists - try another name", htmlentities($name)));
}
$url = post_str("url", true);
$type = post_str("type", true);
$name_html = post_str("name_html", true);
$description = post_str("description", true);
$country = post_str("country", true);
if ($country == "") {
$country = "International";
}
$new_team = make_team($user->id, $name, $url, $type, $name_html, $description, $country);
if ($new_team) {
user_join_team($new_team, $user);
Header("Location: team_display.php?teamid={$new_team->id}");
} else {
error_page(tra("Could not create team - please try later."));
}
require_once "../inc/countries.inc";
$user = get_logged_in_user();
check_tokens($user->authenticator);
$name = boinc_htmlentities(post_str("user_name"));
if ($name != strip_tags($name)) {
error_page("HTML tags not allowed in name");
}
if (strlen($name) == 0) {
error_page("You must supply a name for your account.");
}
$url = post_str("url", true);
$url = strip_tags($url);
$country = post_str("country");
if ($country == "") {
$country = "International";
}
if (!is_valid_country($country)) {
error_page("bad country");
}
$country = BoincDb::escape_string($country);
$postal_code = post_str("postal_code", true);
$postal_code = strip_tags($postal_code);
$name = BoincDb::escape_string($name);
$url = BoincDb::escape_string($url);
$postal_code = BoincDb::escape_string($postal_code);
$result = $user->update("name='{$name}', url='{$url}', country='{$country}', postal_code='{$postal_code}'");
if ($result) {
Header("Location: home.php");
} else {
error_page("Couldn't update user info.");
}
if (! $user){
$GLOBALS['error']['nouser'] = 1;
$GLOBALS['smarty']->display('page_reset.txt');
exit();
}
$new_reset_code = users_generate_password_reset_code($user);
$GLOBALS['smarty']->assign('reset_code', $new_reset_code);
if (post_str('reset')){
$new_password1 = post_str('new_password1');
$new_password2 = post_str('new_password2');
if ((! $new_password1) || (! $new_password2)){
$GLOBALS['error']['missing_password'] = 1;
$GLOBALS['smarty']->display('page_reset.txt');
exit();
}
if ($new_password1 !== $new_password2){
$GLOBALS['error']['password_mismatch'] = 1;
$GLOBALS['smarty']->display('page_reset.txt');
exit();
}
if (!$GLOBALS['cfg']['enable_feature_signin']) {
$smarty->display('page_signin_disabled.txt');
exit;
}
login_ensure_loggedout();
#
# pass through
#
$redir = request_str('redir');
$smarty->assign('redir', $redir);
#
# try and sign in?
#
if (post_str('signin')) {
$email = post_str('email');
$password = post_str('password');
$smarty->assign('email', $email);
$ok = 1;
#
# required fields?
#
if (!strlen($email) || !strlen($password)) {
$smarty->assign('error_missing', 1);
$ok = 0;
}
#
# user exists?
#
if ($ok) {
$user = users_get_by_email($email);
if (!$user['id']) {
