<p>Enter your password: <input type="password" name="confirmpwd" /></p>
<p><input type="hidden" name="delete_id" value="<?php
echo $id;
?>
" /> <input type="submit" name="delete" value="Yes" /> <a href="<?php
echo $base_config['baseurl'];
?>
/admin/interface/pages">No</a></p>
</form>
<?php
return;
}
$q = new DBSelect('pages', array('*'), '', 'Failed to get page list');
$result = $q->commit();
if (isset($_POST['form_sent_b'])) {
if (futurebb_hash($_POST['confirmpwd']) == $futurebb_user['password']) {
foreach ($_POST as $key => $val) {
if (ctype_digit((string) $key)) {
//insert history entry
$select = new DBSelect('pages', array('*'), 'id=' . intval($key), 'Failed to get old value');
$result = $select->commit();
$element = $db->fetch_assoc($result);
$lines = array();
foreach ($element as $db_key => $db_val) {
$lines[] = $db_key . '=>' . $db_val;
}
$insertquery = new DBInsert('interface_history', array('action' => 'edit', 'area' => 'pages', 'field' => intval($key), 'user' => $futurebb_user['id'], 'time' => time(), 'old_value' => base64_encode(implode("\n", $lines))), 'Failed to insert history entry');
$insertquery->commit();
foreach ($val as $field => $field_value) {
//update the field
$updatequery = new DBUpdate('pages', array($field => $field_value), 'id=' . intval($key), 'Failed to update page entry');
#loginform {
border:1px solid #000;
padding-left:10px;
}
body {
font-family:Arial, Helvetica, sans-serif;
}
</style>
</head>
<body>
<h1>FutureBB Database Upgrade</h1>
<div>
<?php
if (isset($_POST['form_sent'])) {
$result = $db->query('SELECT 1 FROM `#^users` AS u LEFT JOIN `#^user_groups` AS g ON g.g_id=u.group_id WHERE username=\'' . $db->escape($_POST['username']) . '\' AND password=\'' . futurebb_hash($_POST['password']) . '\' AND g.g_admin_privs=1') or error('Failed to check login');
if ($db->num_rows($result)) {
?>
<ul>
<?php
//include all files between old revision and new revision
for ($i = (isset($futurebb_config['db_version']) ? $futurebb_config['db_version'] : 0) + 1; $i <= DB_VERSION; $i++) {
include FORUM_ROOT . '/app_resources/database/upgrades/' . $i . '.php';
}
?>
</ul>
<p>Database upgrade success! You may now <a href="<?php
echo $base_config['baseurl'];
?>
">visit your forum</a>.</p>
<?php
<link path="users" perm="g_user_list">userlist</link>
<link path="search">search</link>
<link path="admin" perm="g_admin_privs">administration</link>
<link path="admin/bans" perm="g_mod_privs ~g_admin_privs">administration</link>
<link path="register/$reghash$" perm="~valid">register</link>
<link path="logout" perm="valid">logout</link>
</linkset>');
set_config('admin_pages', 'PT5pbmRleApiYW5zPT5iYW5zCnJlcG9ydHM9PnJlcG9ydHMKY2Vuc29yaW5nPT5jZW5zb3JpbmcKZm9ydW1zPT5mb3J1bXMKaXBfdHJhY2tlcj0+aXB0cmFja2VyCnVzZXJfZ3JvdXBzPT51c2VyZ3JvdXBzCnRyYXNoX2Jpbj0+dHJhc2hiaW4KbWFpbnRlbmFuY2U9Pm1haW50ZW5hbmNlCnN0eWxlPT5zdHlsZQpleHRlbnNpb25zPT5leHRlbnNpb25zCmludGVyZmFjZT0+aW50ZXJmYWNl');
set_config('mod_pages', 'YmFucz0+YmFucwpyZXBvcnRzPT5yZXBvcnRzCnRyYXNoX2Jpbj0+dHJhc2hiaW4KaXBfdHJhY2tlcj0+aXB0cmFja2Vy');
set_config('date_format', 'd M Y');
set_config('time_format', 'H:i');
//create guest user
$insert = new DBInsert('users', array('username' => 'Guest', 'password' => 'Guest', 'email' => '', 'registered' => 0, 'registration_ip' => '', 'group_id' => 0, 'last_visit' => 0, 'last_page_load' => 0, 'signature' => ''), 'Failed to create admin user');
$insert->commit();
//create admin user
$insert = new DBInsert('users', array('username' => get_cookie_data('adminusername'), 'password' => futurebb_hash(get_cookie_data('adminpass')), 'email' => get_cookie_data('adminemail'), 'registered' => time(), 'registration_ip' => $_SERVER['REMOTE_ADDR'], 'group_id' => 1, 'last_visit' => time(), 'last_page_load' => time(), 'rss_token' => md5(time())), 'Failed to create admin user');
$insert->commit();
//create user groups
$insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 0, 'g_name' => 'Administrators', 'g_title' => 'Administrator', 'g_admin_privs' => 1, 'g_mod_privs' => 1, 'g_edit_posts' => 1, 'g_delete_posts' => 1, 'g_signature' => 1, 'g_user_list' => 1, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 0, 'g_posts_per_hour' => 0, 'g_post_links' => 1, 'g_post_images' => 1), 'Failed to create admin user group');
$insert->commit();
$insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 1, 'g_name' => 'Guests', 'g_title' => 'Guest', 'g_admin_privs' => 0, 'g_mod_privs' => 0, 'g_edit_posts' => 0, 'g_delete_posts' => 0, 'g_signature' => 0, 'g_user_list' => 0, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 0, 'g_posts_per_hour' => 0, 'g_post_links' => 0, 'g_post_images' => 0), 'Failed to create guest user group');
$insert->commit();
$insert = new DBInsert('user_groups', array('g_permanent' => 1, 'g_guest_group' => 0, 'g_name' => 'Members', 'g_title' => 'Member', 'g_admin_privs' => 0, 'g_mod_privs' => 0, 'g_edit_posts' => 1, 'g_delete_posts' => 1, 'g_signature' => 1, 'g_user_list' => 1, 'g_user_list_groups' => '', 'g_promote_group' => 0, 'g_promote_posts' => 0, 'g_promote_operator' => 0, 'g_promote_days' => 0, 'g_post_flood' => 60, 'g_posts_per_hour' => 0, 'g_post_links' => 1, 'g_post_images' => 1), 'Failed to create member user group');
$insert->commit();
//run through stock cache to insert pages and language keys
include FORUM_ROOT . '/app_config/cache/pages.php';
$q = 'INSERT INTO `#^pages`(url,file,template,nocontentbox,admin,moderator,subdirs) VALUES';
$page_insert_data = array();
foreach ($pages as $url => $info) {
$page_insert_data[] = '(\'' . $db->escape($url) . '\',\'' . $db->escape($info['file']) . '\',' . ($info['template'] ? '1' : '0') . ',' . (isset($info['nocontentbox']) ? '1' : '0') . ',' . ($info['admin'] ? '1' : '0') . ',' . ($info['mod'] ? '1' : '0') . ',0)';
}
echo '<b style="color:#F00">[Failed]</b></p></body></html>';
die;
}
echo '<b style="color:#0A0">[Success]</b></p>';
$db->query('TRUNCATE TABLE `#^config`') or error('Failed to wipe config', __FILE__, __LINE__, $db->error());
set_config('board_title', $_POST['config']['board_title']);
set_config('admin_email', $_POST['config']['admin_email']);
set_config('announcement_text', '');
set_config('announcement_enable', 0);
set_config('default_user_group', 3);
set_config('censoring', '');
set_config('footer_text', '');
$db->query('TRUNCATE TABLE `#^users`') or error('Failed to wipe users table', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO `#^users`(id,username,group_id,timezone) VALUES(0,\'Guest\',2,0)') or error('Failed to create guest user', __FILE__, __LINE__, $db->error());
$db->query('UPDATE `#^users` SET id=0 WHERE username=\'Guest\'') or error('Failed to zero ID of guest user', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO `#^users`(username,password,email,registered,registration_ip,group_id,last_visit,timezone) VALUES(\'' . $db->escape($_POST['username']) . '\',\'' . futurebb_hash($_POST['pwd1']) . '\',\'' . $db->escape($_POST['email']) . '\',' . time() . ',\'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\',1,' . time() . ',0)') or error('Failed to create admin user', __FILE__, __LINE__, $db->error());
$db->query('TRUNCATE TABLE `#^user_groups') or error('Failed to wipe user groups', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,0,\'Administrators\',\'Administrator\',1,1,1,1,1)') or error('Failed to create admin user group', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,1,\'Guests\',\'Guest\',0,0,0,0,0)') or error('Failed to create guest user group', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO `#^user_groups`(g_permanent,g_guest_group,g_name,g_title,g_admin_privs,g_mod_privs,g_edit_posts,g_delete_posts,g_signature) VALUES(1,0,\'Members\',\'Member\',0,0,1,1,1)') or error('Failed to create member user group', __FILE__, __LINE__, $db->error());
$config['ready'] = 1;
update_config();
header('Refresh: 0');
} else {
if (isset($config['config.xml'])) {
?>
<form action="install.php" method="post" enctype="multipart/form-data">
<h2>Board settings</h2>
<table border="0">
<tr>
<td>Board title</td>
if (isset($_GET['reset_pass'])) {
if (!isset($_GET['username'])) {
httperror(404);
}
$result = $db->query('SELECT id FROM `#^users` WHERE username=\'' . $db->escape($_GET['username']) . '\' AND recover_key=\'' . $db->escape($_GET['key']) . '\'') or error('Failed to find user', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result)) {
httperror(404);
}
list($id) = $db->fetch_row($result);
if (isset($_POST['reset_form_sent'])) {
if ($_POST['pass1'] != $_POST['pass2']) {
echo '<p>' . translate('passnomatch') . '</p>';
return;
}
$db->query('UPDATE `#^users` SET password=\'' . $db->escape(futurebb_hash($_POST['pass1'])) . '\',recover_key=NULL WHERE id=' . $id) or error('Failed to update password', __FILE__, __LINE__, $db->error());
LoginController::LogInUser($id, futurebb_hash($_POST['pass1']), $_SERVER['HTTP_USER_AGENT'], true);
echo '<p>' . translate('pwdresetsuccess') . '<br /><a href="' . $base_config['baseurl'] . '">' . translate('login') . '</a></p>';
return;
} else {
?>
<form action="<?php
echo $base_config['baseurl'];
?>
/login?reset_pass&username=<?php
echo htmlspecialchars($_GET['username']);
?>
&key=<?php
echo htmlspecialchars($_GET['key']);
?>
" method="post" enctype="multipart/form-data">
<h2><?php
echo '</form>';
PMBox();
break;
case 'security':
if (isset($_POST['form_sent'])) {
$common = explode("\n", base64_decode(file_get_contents(FORUM_ROOT . '/app_config/commonpasswords.txt')));
if ($_POST['pwd1'] != $_POST['pwd2']) {
echo '<p><b>' . translate('passnomatch') . '</b></p>';
} elseif (strlen($_POST['pwd1']) < 8) {
echo '<p><b>' . translate('shortpass') . '</b></p>';
} elseif (in_array($_POST['pwd1'], $common)) {
echo '<p><b>' . translate('commonpass') . '</b></p>';
} else {
$db->query('UPDATE `#^users` SET password=\'' . futurebb_hash($_POST['pwd1']) . '\' WHERE username=\'' . $db->escape($user) . '\'') or error('Failed to update password', __FILE__, __LINE__, $db->error());
if ($cur_user['id'] == $futurebb_user['id']) {
LoginController::LogInUser($futurebb_user['id'], futurebb_hash($_POST['pwd1']), $_SERVER['HTTP_USER_AGENT']);
}
redirect($base_config['baseurl'] . '/users/' . rawurlencode($dirs[2]));
}
}
echo '<form action="' . $base_config['baseurl'] . '/users/' . htmlspecialchars($dirs[2]) . '/security" method="post" enctype="multipart/form-data">';
?>
<h2><?php
echo translate('changepass');
?>
</h2>
<table border="0">
<tr>
<td><?php
echo translate('newpass');
?>
?>
<h2><?php
echo translate('register');
?>
</h2>
<?php
if ($futurebb_config['rules'] != '') {
echo '<h3>Rules</h3><p>' . $futurebb_config['rules'] . '</p><h3>Information</h3>';
}
$_SESSION['verified'] = 0;
?>
<form action="<?php
echo $base_config['baseurl'];
?>
/register/<?php
echo futurebb_hash(LoginController::GetRandId());
?>
" method="post" enctype="multipart/form-data">
<?php
if (isset($errors) && !empty($errors)) {
echo '<ul><li>' . implode('</li><li>', $errors) . '</li></ul>';
}
?>
<table border="0" class="in_form">
<tr>
<th><?php
echo translate('username');
?>
</th>
<td><input type="text" name="username" /></td>
</tr>
static function replace_interface_strings($text)
{
//this is for header text, when spitting it out in real time to replace stuff like $username$
global $futurebb_user;
$text = str_replace('$username$', $futurebb_user['username'], $text);
$text = str_replace('$reghash$', futurebb_hash(LoginController::GetRandID()), $text);
return $text;
}
