public function getData()
{
if ($this->config['html_type'] == 'html') {
$content = $this->config['html_content'];
} elseif ($this->config['html_type'] == 'php') {
if (is_demo_mode()) {
$content = 'PHP Execution not allowed in Demo Mode!';
} else {
$content = eval($this->config['html_content']);
if ((!isset($content) or empty($content)) and isset($output) and !empty($output)) {
$content = $output;
}
}
} elseif ($this->config['html_type'] == 'text') {
$content = nl2br(htmlspecialchars_uni($this->config['html_content']));
}
return $content;
}
/**
* Prints text for an SQL query to recreate a table
*
* @param string Table name
* @param integer If set to a file pointer, will write SQL there instead
*/
function fetch_table_dump_sql($table, $fp = 0)
{
global $vbulletin;
if (is_demo_mode()) {
$fp = 0;
}
$tabledump = $vbulletin->db->query_first("SHOW CREATE TABLE {$table}");
strip_backticks($tabledump['Create Table']);
$tabledump = "DROP TABLE IF EXISTS {$table};\n" . $tabledump['Create Table'] . ";\n\n";
if ($fp) {
fwrite($fp, $tabledump);
} else {
echo $tabledump;
}
// get data
$rows = $vbulletin->db->query_read("SELECT * FROM {$table}");
$numfields = $vbulletin->db->num_fields($rows);
while ($row = $vbulletin->db->fetch_array($rows, DBARRAY_NUM)) {
$tabledump = "INSERT INTO {$table} VALUES(";
$fieldcounter = -1;
$firstfield = 1;
// get each field's data
while (++$fieldcounter < $numfields) {
if (!$firstfield) {
$tabledump .= ', ';
} else {
$firstfield = 0;
}
if (!isset($row["{$fieldcounter}"])) {
$tabledump .= 'NULL';
} else {
$tabledump .= "'" . $vbulletin->db->escape_string($row["{$fieldcounter}"]) . "'";
}
}
$tabledump .= ");\n";
if ($fp) {
fwrite($fp, $tabledump);
} else {
echo $tabledump;
}
}
$vbulletin->db->free_result($rows);
}
define('FORCE_HOOKS', true);
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('plugins');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once './global.php';
require_once DIR . '/includes/class_hook.php';
require_once DIR . '/includes/class_block.php';
require_once DIR . '/includes/adminfunctions_plugin.php';
require_once DIR . '/includes/adminfunctions_template.php';
//inits classloader -- required to make vB_Cache work
require_once DIR . '/includes/class_bootstrap_framework.php';
vB_Bootstrap_Framework::init();
// ######################## CHECK ADMIN PERMISSIONS #######################
// don't allow demo version or admin with no permission to administer plugins
if (is_demo_mode() or !can_administer('canadminplugins')) {
print_cp_no_permission();
}
$vbulletin->input->clean_array_gpc('r', array('pluginid' => TYPE_UINT));
// ############################# LOG ACTION ###############################
log_admin_action(iif($vbulletin->GPC['pluginid'] != 0, 'plugin id = ' . $vbulletin->GPC['pluginid']));
// #############################################################################
// ########################### START MAIN SCRIPT ###############################
// #############################################################################
if ($_REQUEST['do'] != 'download' and $_REQUEST['do'] != 'productexport') {
print_cp_header($vbphrase['plugin_products_system']);
}
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
if (in_array($_REQUEST['do'], array('modify', 'files', 'edit', 'add', 'product', 'productadd', 'productedit'))) {
print_submit_row($vbphrase['find']);
*/
}
// #############################################################################
// rebuilds all parent lists and id cache lists
if ($_REQUEST['do'] == 'rebuild') {
$vbulletin->input->clean_array_gpc('r', array('renumber' => TYPE_INT, 'install' => TYPE_INT));
echo "<p> </p>";
build_all_styles($vbulletin->GPC['renumber'], $vbulletin->GPC['install'], "template.php?" . $vbulletin->session->vars['sessionurl']);
}
// #############################################################################
// create template files
if ($_REQUEST['do'] == 'createfiles' and $vbulletin->debug) {
// this action requires that a web-server writable folder called
// 'template_dump' exists in the root of the vbulletin directory
if (is_demo_mode()) {
print_cp_message('This function is disabled within demo mode');
}
if (function_exists('set_time_limit') and !SAFEMODE) {
@set_time_limit(1200);
}
chdir(DIR . '/template_dump');
$templates = $db->query_read("\n\t\tSELECT title, templatetype, username, dateline, template_un AS template\n\t\tFROM " . TABLE_PREFIX . "template\n\t\tWHERE styleid = " . $vbulletin->GPC['dostyleid'] . "\n\t\t\tAND templatetype = 'template'\n\t\t\t" . iif($vbulletin->GPC['mode'] == 1, "AND templateid IN({$templateids})") . "\n\t\tORDER BY title\n\t");
echo "<ol>\n";
while ($template = $db->fetch_array($templates)) {
echo "<li><b class=\"col-c\">{$template['title']}</b>: Parsing... ";
$text = str_replace("\r\n", "\n", $template['template']);
$text = str_replace("\n", "\r\n", $text);
echo 'Writing... ';
$fp = fopen("./{$template['title']}.htm", 'w+');
fwrite($fp, $text);
/**
* Attempts to create a new css file for this style
*
* @param string CSS filename
* @param string CSS contents
*
* @return boolean Success
*/
function write_css_file($filename, $contents)
{
// attempt to write new css file - store in database if unable to write file
if ($fp = @fopen(DIR . "/{$filename}", 'w') and !is_demo_mode()) {
fwrite($fp, $contents);
@fclose($fp);
return true;
} else {
@fclose($fp);
return false;
}
}
|| # ----------------- VBULLETIN IS NOT FREE SOFTWARE ----------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| ###################################################################### ||
\*========================================================================*/
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('CVS_REVISION', '$RCSfile$ - $Revision: 83432 $');
// #################### PRE-CACHE TEMPLATES AND DATA ######################
global $phrasegroups, $specialtemplates, $vbphrase, $vbulletin;
$phrasegroups = array('cron', 'logging');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once dirname(__FILE__) . '/global.php';
// ######################## CHECK ADMIN PERMISSIONS #######################
if (is_demo_mode() or !can_administer('canadmincron')) {
print_cp_no_permission();
}
// ############################# LOG ACTION ###############################
$vbulletin->input->clean_array_gpc('r', array('cronid' => vB_Cleaner::TYPE_INT));
log_admin_action(iif($vbulletin->GPC['cronid'] != 0, 'cron id = ' . $vbulletin->GPC['cronid']));
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
$vb5_config =& vB::getConfig();
print_cp_header($vbphrase['scheduled_task_manager_gcron']);
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
// ############## quick enabled/disabled status ################
if ($_POST['do'] == 'updateenabled') {
} else {
if (!empty($vbulletin->session->vars['sessionurl_js'])) {
$pmpopupurl = 'private.php?' . $vbulletin->session->vars['sessionurl_js'];
} else {
$pmpopupurl = 'private.php';
}
}
eval('$footer .= "' . fetch_template('pm_popup_script') . '";');
}
// #############################################################################
// ######################### END TEMPLATES & STYLES ############################
// #############################################################################
// #############################################################################
// phpinfo display for support purposes
if ($_REQUEST['do'] == 'phpinfo') {
if ($vbulletin->options['allowphpinfo'] and !is_demo_mode()) {
phpinfo();
exit;
} else {
eval(standard_error(fetch_error('admin_disabled_php_info')));
}
}
// #############################################################################
// check to see if server is too busy. this is checked at the end of session.php
if ($servertoobusy and !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and THIS_SCRIPT != 'login') {
$vbulletin->options['useforumjump'] = 0;
eval(standard_error(fetch_error('toobusy')));
}
// #############################################################################
// check that board is active - if not admin, then display error
if (!$vbulletin->options['bbactive'] and THIS_SCRIPT != 'login') {
/**
* Updates the setting table based on data passed in then rebuilds the datastore.
* Only entries in the array are updated (allows partial updates).
*
* @param array Array of settings. Format: [setting_name] = new_value
*/
function save_settings($settings)
{
global $vbulletin, $vbphrase, $stylevar;
$varnames = array();
foreach (array_keys($settings) as $varname) {
$varnames[] = $vbulletin->db->escape_string($varname);
}
$oldsettings = $vbulletin->db->query_read("\n\t\tSELECT value, varname, datatype, optioncode\n\t\tFROM " . TABLE_PREFIX . "setting\n\t\tWHERE varname IN ('" . implode("', '", $varnames) . "')\n\t\tORDER BY varname\n\t");
while ($oldsetting = $vbulletin->db->fetch_array($oldsettings)) {
switch ($oldsetting['varname']) {
// **************************************************
case 'bbcode_html_colors':
$settings['bbcode_html_colors'] = serialize($settings['bbcode_html_colors']);
break;
// **************************************************
// **************************************************
case 'styleid':
$vbulletin->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "style\n\t\t\t\t\tSET userselect = 1\n\t\t\t\t\tWHERE styleid = " . $settings['styleid'] . "\n\t\t\t\t");
break;
// **************************************************
// **************************************************
case 'banemail':
build_datastore('banemail', $settings['banemail']);
$settings['banemail'] = '';
break;
// **************************************************
// **************************************************
case 'editormodes':
$vbulletin->input->clean_array_gpc('p', array('fe' => TYPE_UINT, 'qr' => TYPE_UINT, 'qe' => TYPE_UINT));
$settings['editormodes'] = serialize(array('fe' => $vbulletin->GPC['fe'], 'qr' => $vbulletin->GPC['qr'], 'qe' => $vbulletin->GPC['qe']));
break;
// **************************************************
// **************************************************
case 'cookiepath':
case 'cookiedomain':
if ($settings[$oldsetting['varname'] . '_other'] and $settings[$oldsetting['varname'] . '_value']) {
$settings[$oldsetting['varname']] = $settings[$oldsetting['varname'] . '_value'];
}
break;
// **************************************************
// **************************************************
default:
($hook = vBulletinHook::fetch_hook('admin_options_processing')) ? eval($hook) : false;
if ($oldsetting['optioncode'] == 'multiinput') {
$store = array();
foreach ($settings["{$oldsetting['varname']}"] as $value) {
if ($value != '') {
$store[] = $value;
}
}
$settings["{$oldsetting['varname']}"] = serialize($store);
} else {
if (preg_match('#^usergroup:[0-9]+$#', $oldsetting['optioncode'])) {
// serialize the array of usergroup inputs
if (!is_array($settings["{$oldsetting['varname']}"])) {
$settings["{$oldsetting['varname']}"] = array();
}
$settings["{$oldsetting['varname']}"] = array_map('intval', $settings["{$oldsetting['varname']}"]);
$settings["{$oldsetting['varname']}"] = serialize($settings["{$oldsetting['varname']}"]);
}
}
}
$newvalue = validate_setting_value($settings["{$oldsetting['varname']}"], $oldsetting['datatype']);
// this is a strict type check because we want '' to be different from 0
// some special cases below only use != checks to see if the logical value has changed
if (strval($oldsetting['value']) !== strval($newvalue)) {
switch ($oldsetting['varname']) {
case 'activememberdays':
case 'activememberoptions':
if ($oldsetting['value'] != $newvalue) {
$vbulletin->options["{$oldsetting['varname']}"] = $newvalue;
require_once DIR . '/includes/functions_databuild.php';
build_birthdays();
}
break;
case 'showevents':
case 'showholidays':
if ($oldsetting['value'] != $newvalue) {
$vbulletin->options["{$oldsetting['varname']}"] = $newvalue;
require_once DIR . '/includes/functions_calendar.php';
build_events();
}
break;
case 'languageid':
if ($oldsetting['value'] != $newvalue) {
$vbulletin->options['languageid'] = $newvalue;
require_once DIR . '/includes/adminfunctions_language.php';
build_language($vbulletin->options['languageid']);
}
break;
case 'cpstylefolder':
$admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_CP);
$admindm->set_existing($vbulletin->userinfo);
$admindm->set('cssprefs', $newvalue);
$admindm->save();
unset($admindm);
break;
case 'storecssasfile':
if (!is_demo_mode() and $oldsetting['value'] != $newvalue) {
$vbulletin->options['storecssasfile'] = $newvalue;
require_once DIR . '/includes/adminfunctions_template.php';
print_rebuild_style(-1, '', 1, 0, 0, 0);
}
break;
case 'loadlimit':
update_loadavg();
break;
case 'view_tagcloud_as_usergroup':
build_datastore('tagcloud', serialize(''), 1);
break;
case 'censorwords':
case 'codemaxlines':
if ($oldsetting['value'] != $newvalue) {
$vbulletin->db->query_write("TRUNCATE TABLE " . TABLE_PREFIX . "postparsed");
if ($vbulletin->options['templateversion'] >= '3.6') {
$vbulletin->db->query_write("TRUNCATE TABLE " . TABLE_PREFIX . "sigparsed");
}
}
($hook = vBulletinHook::fetch_hook('admin_options_processing_censorcode')) ? eval($hook) : false;
break;
default:
($hook = vBulletinHook::fetch_hook('admin_options_processing_build')) ? eval($hook) : false;
}
if (is_demo_mode() and in_array($oldsetting['varname'], array('storecssasfile', 'attachfile', 'usefileavatar', 'errorlogdatabase', 'errorlogsecurity', 'safeupload', 'tmppath'))) {
continue;
}
$vbulletin->db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "setting\n\t\t\t\tSET value = '" . $vbulletin->db->escape_string($newvalue) . "'\n\t\t\t\tWHERE varname = '" . $vbulletin->db->escape_string($oldsetting['varname']) . "'\n\t\t\t");
}
}
build_options();
}
/**
* Logs email to file
*
*/
function log_email($status = true, $errfile = false)
{
if (is_demo_mode()) {
return;
}
// log file is passed or taken from options
$errfile = $errfile ? $errfile : $this->registry->options['errorlogemail'];
// no log file specified
if (!$errfile) {
return;
}
// trim .log from logfile
$errfile = substr($errfile, -4) == '.log' ? substr($errfile, 0, -4) : $errfile;
if ($this->registry->options['errorlogmaxsize'] != 0 and $filesize = @filesize("{$errfile}.log") and $filesize >= $this->registry->options['errorlogmaxsize']) {
@copy("{$errfile}.log", $errfile . TIMENOW . '.log');
@unlink("{$errfile}.log");
}
$timenow = date('r', TIMENOW);
$fp = @fopen("{$errfile}.log", 'a+b');
if ($fp) {
if ($status === true) {
$output = "SUCCESS\r\n";
} else {
$output = "FAILED";
if ($status !== false) {
$output .= ": {$status}";
}
$output .= "\r\n";
}
if ($this->delimiter == "\n") {
$append = "{$timenow}\r\nTo: " . $this->toemail . "\r\nSubject: " . $this->subject . "\r\n" . $this->headers . "\r\n\r\n" . $this->message . "\r\n=====================================================\r\n\r\n";
@fwrite($fp, $output . $append);
} else {
$append = preg_replace("#(\r\n|\r|\n)#s", "\r\n", "{$timenow}\r\nTo: " . $this->toemail . "\r\nSubject: " . $this->subject . "\r\n" . $this->headers . "\r\n\r\n" . $this->message . "\r\n=====================================================\r\n\r\n");
@fwrite($fp, $output . $append);
}
fclose($fp);
}
}
/**
* Finishes off the current page (using templates), prints it out to the browser and halts execution
*
* @param string The HTML of the page to be printed
* @param boolean Send the content length header?
*/
function print_output($vartext, $sendheader = true)
{
global $pagestarttime, $querytime, $vbulletin, $show;
global $vbphrase, $stylevar;
if ($vbulletin->options['addtemplatename']) {
if ($doctypepos = @strpos($vartext, $stylevar['htmldoctype'])) {
$comment = substr($vartext, 0, $doctypepos);
$vartext = substr($vartext, $doctypepos + strlen($stylevar['htmldoctype']));
$vartext = $stylevar['htmldoctype'] . "\n" . $comment . $vartext;
}
}
if (!empty($vbulletin->db->explain) or $vbulletin->debug) {
$pageendtime = microtime();
$starttime = explode(' ', $pagestarttime);
$endtime = explode(' ', $pageendtime);
$totaltime = $endtime[0] - $starttime[0] + $endtime[1] - $starttime[1];
$vartext .= "<!-- Page generated in " . vb_number_format($totaltime, 5) . " seconds with " . $vbulletin->db->querycount . " queries -->";
}
// set cookies for displayed notices
if ($show['notices'] and !defined('NOPMPOPUP') and !empty($vbulletin->np_notices_displayed) and is_array($vbulletin->np_notices_displayed)) {
$np_notices_cookie = $_COOKIE[COOKIE_PREFIX . 'np_notices_displayed'];
vbsetcookie('np_notices_displayed', ($np_notices_cookie ? "{$np_notices_cookie}," : '') . implode(',', $vbulletin->np_notices_displayed), false);
}
// --------------------------------------------------------------------
// debug code
global $_TEMPLATEQUERIES, $tempusagecache, $DEVDEBUG, $vbcollapse;
if ($vbulletin->debug) {
devdebug('php_sapi_name(): ' . SAPI_NAME);
$messages = '';
if (is_array($DEVDEBUG)) {
foreach ($DEVDEBUG as $debugmessage) {
$messages .= "\t<option>" . htmlspecialchars_uni($debugmessage) . "</option>\n";
}
}
if (is_array($tempusagecache)) {
unset($tempusagecache['board_inactive_warning'], $_TEMPLATEQUERIES['board_inactive_warning']);
ksort($tempusagecache);
foreach ($tempusagecache as $template_name => $times) {
$tempusagecache["{$template_name}"] = "<span class=\"shade\" style=\"float:right\">({$times})</span>" . ($_TEMPLATEQUERIES["{$template_name}"] ? "<span style=\"color:red; font-weight:bold\">{$template_name}</span>" : $template_name);
}
} else {
$tempusagecache = array();
}
$hook_usage = '';
foreach (vBulletinHook::fetch_hookusage() as $hook_name => $has_code) {
$hook_usage .= '<li class="smallfont' . (!$has_code ? ' shade' : '') . '">' . $hook_name . '</li>';
}
if (!$hook_usage) {
$hook_usage = '<li class="smallfont"> </li>';
}
$phrase_groups = '';
sort($GLOBALS['phrasegroups']);
foreach ($GLOBALS['phrasegroups'] as $phrase_group) {
$phrase_groups .= '<li class="smallfont">' . $phrase_group . '</li>';
}
if (!$phrase_groups) {
$phrase_groups = '<li class="smallfont"> </li>';
}
$debughtml = "\n\t\t\t<table class=\"tborder\" cellpadding=\"{$stylevar['cellpadding']}\" cellspacing=\"{$stylevar['cellspacing']}\" border=\"0\" align=\"center\" style=\"margin-top:20px\" id=\"debuginfo\" dir=\"ltr\">\n\t\t\t<thead>\n\t\t\t\t<tr>\n\t\t\t\t\t<th class=\"tcat\" colspan=\"2\" align=\"left\">\n\t\t\t\t\t\t<a style=\"float:right\" href=\"#\" title=\"Close Debug Info\" onclick=\"document.getElementById('debuginfo').parentNode.removeChild(document.getElementById('debuginfo')); return false;\">X</a>\n\t\t\t\t\t\tvBulletin {$vbulletin->options[templateversion]} Debug Information\n\t\t\t\t\t</th>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=\"alt1 smallfont\" colspan=\"2\">\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">\n\t\t\t\t\t\t\t<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Page Generation</span> " . vb_number_format($totaltime, 5) . " seconds</li>\n\t\t\t\t\t\t\t" . (function_exists('memory_get_usage') ? "<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Memory Usage</span> " . number_format(memory_get_usage() / 1024) . 'KB</li>' : '') . "\n\t\t\t\t\t\t\t<li class=\"smallfont\" style=\"display:inline; margin-right:8px\"><span class=\"shade\">Queries Executed</span> " . (empty($_TEMPLATEQUERIES) ? $vbulletin->db->querycount : "<span title=\"Uncached Templates!\" style=\"color:red; font-weight:bold\">{$vbulletin->db->querycount}</span>") . " <a href=\"" . $vbulletin->scriptpath . (strpos($vbulletin->scriptpath, '?') === false ? '?' : '&') . "explain=1\" target=\"_blank\" title=\"Explain Queries\">(?)</a></li>\n\t\t\t\t\t\t</ul>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr align=\"left\">\n\t\t\t\t\t<th class=\"thead\" colspan=\"2\"><a style=\"float:right\" href=\"#\" onclick=\"return toggle_collapse('debuginfo')\"><img id=\"collapseimg_debuginfo\" src=\"{$stylevar['imgdir_button']}/collapse_thead{$vbcollapse['collapseimg_debuginfo']}.gif\" alt=\"\" border=\"0\" /></a> More Information</th>\n\t\t\t\t</tr>\n\t\t\t</thead>\n\t\t\t<tbody id=\"collapseobj_debuginfo\" style=\"{$vbcollapse['collapseobj_debuginfo']}\">\n\t\t\t\t<tr valign=\"top\">\n\t\t\t\t\t<td class=\"alt1 smallfont\">\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Template Usage:</strong></div>\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', $tempusagecache) . " </li></ul>\n\t\t\t\t\t\t<hr style=\"margin:10px 0px 10px 0px\" />\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Phrase Groups Available:</strong></div>\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">{$phrase_groups}</ul>\n\t\t\t\t\t</td>\n\t\t\t\t\t<td class=\"alt1 smallfont\">\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Included Files:</strong></div>\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\"><li class=\"smallfont\">" . implode('</li><li class="smallfont">', str_replace(str_replace('\\', '/', DIR) . '/', '', preg_replace('#^(.*/)#si', '<span class="shade">./\\1</span>', str_replace('\\', '/', get_included_files())))) . " </li></ul>\n\t\t\t\t\t\t<hr style=\"margin:10px 0px 10px 0px\" />\n\t\t\t\t\t\t<div style=\"margin-bottom:6px\"><strong>Hooks Called:</strong></div>\n\t\t\t\t\t\t<ul style=\"list-style:none; margin:0px; padding:0px\">{$hook_usage}</ul>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t\t<tbody>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=\"alt2 smallfont\" colspan=\"2\"><label>Messages:<select style=\"display:block; width:100%\">{$messages}</select></label></td>\n\t\t\t\t</tr>\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t";
$vartext = str_replace('</body>', "<!--start debug html-->{$debughtml}<!--end debug html-->\n</body>", $vartext);
}
// end debug code
// --------------------------------------------------------------------
$output = process_replacement_vars($vartext);
if ($vbulletin->debug and function_exists('memory_get_usage')) {
$output = preg_replace('#(<!--querycount-->Executed <b>\\d+</b> queries<!--/querycount-->)#siU', 'Memory Usage: <strong>' . number_format(memory_get_usage() / 1024) . 'KB</strong>, \\1', $output);
}
// parse PHP include ##################
if (!is_demo_mode()) {
($hook = vBulletinHook::fetch_hook('global_complete')) ? eval($hook) : false;
}
if ($vbulletin->options['gzipoutput'] and !headers_sent()) {
$output = fetch_gzipped_text($output, $vbulletin->options['gziplevel']);
if ($sendheader and $vbulletin->donegzip) {
@header('Content-Length: ' . strlen($output));
}
}
if (defined('NOSHUTDOWNFUNC')) {
exec_shut_down();
}
// show regular page
if (empty($vbulletin->db->explain)) {
echo $output;
} else {
$querytime = $vbulletin->db->time_total;
echo "\n<b>Page generated in {$totaltime} seconds with " . $vbulletin->db->querycount . " queries,\nspending {$querytime} doing MySQL queries and " . ($totaltime - $querytime) . " doing PHP things.\n\n<hr />Shutdown Queries:</b>" . (defined('NOSHUTDOWNFUNC') ? " <b>DISABLED</b>" : '') . "<hr />\n\n";
}
// broken if zlib.output_compression is on with Apache 2
if (SAPI_NAME != 'apache2handler' and SAPI_NAME != 'apache2filter') {
flush();
}
exit;
}
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('CVS_REVISION', '$RCSfile$ - $Revision: 83435 $');
// #################### PRE-CACHE TEMPLATES AND DATA ######################
global $phrasegroups, $specialtemplates, $vbphrase, $vbulletin;
$phrasegroups = array('hooks');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once dirname(__FILE__) . '/global.php';
require_once DIR . '/includes/adminfunctions_product.php';
require_once DIR . '/includes/adminfunctions_template.php';
$assertor = vB::getDbAssertor();
$hook_api = vB_Api::instanceInternal('Hook');
// ######################## CHECK ADMIN PERMISSIONS #######################
// don't allow demo version or admin with no permission to administer hooks
if (is_demo_mode() or !can_administer('canadminproducts')) {
print_cp_no_permission();
}
$vbulletin->input->clean_array_gpc('r', array('hookid' => vB_Cleaner::TYPE_UINT));
// ############################# LOG ACTION ###############################
log_admin_action(iif($vbulletin->GPC['hookid'] != 0, 'Hook id = ' . $vbulletin->GPC['hookid']));
// #############################################################################
// ########################### START MAIN SCRIPT ###############################
// #############################################################################
print_cp_header($vbphrase['hook_products_system']);
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
if (in_array($_REQUEST['do'], array('modify', 'edit', 'add', 'updateactive'))) {
if (!$vbulletin->options['enablehooks'] or defined('DISABLE_HOOKS')) {
if (!$vbulletin->options['enablehooks']) {
/**
* Logs email to file
*
*/
function log_email($status = true)
{
if (!empty($this->registry->options['errorlogemail']) and !is_demo_mode()) {
$errfile =& $this->registry->options['errorlogemail'];
if ($this->registry->options['errorlogmaxsize'] != 0 and $filesize = @filesize("{$errfile}.log") and $filesize >= $this->registry->options['errorlogmaxsize']) {
@copy("{$errfile}.log", $errfile . TIMENOW . '.log');
@unlink("{$errfile}.log");
}
$timenow = date('r', TIMENOW);
$is_admin = $this->registry->userinfo['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'];
$fp = @fopen("{$errfile}.log", 'a+b');
if ($fp) {
if ($status === true) {
$output = "SUCCESS\r\n";
} else {
$output = "FAILED";
if ($status !== false) {
$output .= ": {$status}";
}
$output .= "\r\n";
}
if ($this->delimiter == "\n") {
$append = "{$timenow}\r\nTo: " . $this->toemail . "\r\nSubject: " . $this->subject . "\r\n" . $this->headers . "\r\n\r\n" . $this->message . "\r\n=====================================================\r\n\r\n";
@fwrite($fp, $output . $append);
} else {
$append = preg_replace("#(\r\n|\r|\n)#s", "\r\n", "{$timenow}\r\nTo: " . $this->toemail . "\r\nSubject: " . $this->subject . "\r\n" . $this->headers . "\r\n\r\n" . $this->message . "\r\n=====================================================\r\n\r\n");
@fwrite($fp, $output . $append);
}
fclose($fp);
}
}
}
/**
* Updates the setting table based on data passed in then rebuilds the datastore.
* Only entries in the array are updated (allows partial updates).
*
* @param array Array of settings. Format: [setting_name] = new_value
*
*/
function save_settings($settings)
{
global $vbulletin, $vbphrase;
//a few variables to track changes for processing after all variables are updated.
$rebuildstyle = false;
$templatecachepathchanged = false;
$oldtemplatepath = null;
$newtemplatepath = null;
$userContext = vB::getUserContext();
$cleaner = vB::getCleaner();
$canAdminAll = $userContext->hasAdminPermission('canadminsettingsall');
$oldsettings = vB::getDbAssertor()->assertQuery('vBAdmincp:getCurrentSettings', array('varname' => array_keys($settings)));
foreach ($oldsettings as $oldsetting) {
//check the setting and group permissions
if (!empty($oldsetting['adminperm']) and !$userContext->hasAdminPermission($oldsetting['adminperm']) or !empty($oldsetting['groupperm']) and !$userContext->hasAdminPermission($oldsetting['groupperm'])) {
throw new vB_Exception_Api('no_permission');
}
switch ($oldsetting['varname']) {
// **************************************************
case 'bbcode_html_colors':
$settings['bbcode_html_colors'] = serialize($settings['bbcode_html_colors']);
break;
// **************************************************
// **************************************************
case 'styleid':
vB::getDbAssertor()->assertQuery('vBForum:style', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'userselect' => 1, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'styleid', 'value' => $settings['styleid'], 'operator' => vB_dB_Query::OPERATOR_EQ))));
break;
// **************************************************
// **************************************************
case 'banemail':
vB::getDatastore()->build('banemail', $settings['banemail']);
$settings['banemail'] = '';
break;
// **************************************************
// **************************************************
case 'editormodes':
$vbulletin->input->clean_array_gpc('p', array('fe' => vB_Cleaner::TYPE_UINT, 'qr' => vB_Cleaner::TYPE_UINT, 'qe' => vB_Cleaner::TYPE_UINT));
$settings['editormodes'] = serialize(array('fe' => $vbulletin->GPC['fe'], 'qr' => $vbulletin->GPC['qr'], 'qe' => $vbulletin->GPC['qe']));
break;
// **************************************************
// **************************************************
case 'attachresizes':
$vbulletin->input->clean_array_gpc('p', array('attachresizes' => vB_Cleaner::TYPE_ARRAY_UINT));
$value = @unserialize($oldsetting['value']);
$invalidate = array();
if ($value[vB_Api_Filedata::SIZE_ICON] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_ICON]) {
$invalidate[] = vB_Api_Filedata::SIZE_ICON;
}
if ($value[vB_Api_Filedata::SIZE_THUMB] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_THUMB]) {
$invalidate[] = vB_Api_Filedata::SIZE_THUMB;
}
if ($value[vB_Api_Filedata::SIZE_SMALL] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_SMALL]) {
$invalidate[] = vB_Api_Filedata::SIZE_SMALL;
}
if ($value[vB_Api_Filedata::SIZE_MEDIUM] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_MEDIUM]) {
$invalidate[] = vB_Api_Filedata::SIZE_MEDIUM;
}
if ($value[vB_Api_Filedata::SIZE_LARGE] != $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_LARGE]) {
$invalidate[] = vB_Api_Filedata::SIZE_LARGE;
}
if (!empty($invalidate)) {
vB::getDbAssertor()->update('vBForum:filedataresize', array('reload' => 1), array('resize_type' => $invalidate));
}
$settings['attachresizes'] = serialize(array(vB_Api_Filedata::SIZE_ICON => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_ICON], vB_Api_Filedata::SIZE_THUMB => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_THUMB], vB_Api_Filedata::SIZE_SMALL => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_SMALL], vB_Api_Filedata::SIZE_MEDIUM => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_MEDIUM], vB_Api_Filedata::SIZE_LARGE => $vbulletin->GPC['attachresizes'][vB_Api_Filedata::SIZE_LARGE]));
break;
case 'thumbquality':
if ($oldsetting['value'] != $settings['thumbquality']) {
vB::getDbAssertor()->update('vBForum:filedataresize', array('reload' => 1), vB_dB_Query::CONDITION_ALL);
}
break;
// **************************************************
// **************************************************
case 'cookiepath':
case 'cookiedomain':
if ($settings[$oldsetting['varname'] . '_other'] and $settings[$oldsetting['varname'] . '_value']) {
$settings[$oldsetting['varname']] = $settings[$oldsetting['varname'] . '_value'];
}
break;
// **************************************************
// **************************************************
default:
// Legacy Hook 'admin_options_processing' Removed //
if ($oldsetting['optioncode'] == 'multiinput') {
$store = array();
foreach ($settings["{$oldsetting['varname']}"] as $value) {
if ($value != '') {
$store[] = $value;
}
}
$settings["{$oldsetting['varname']}"] = serialize($store);
} else {
if (preg_match('#^(usergroup|forum)s?:([0-9]+|all|none)$#', $oldsetting['optioncode'])) {
// serialize the array of usergroup inputs
if (!is_array($settings["{$oldsetting['varname']}"])) {
$settings["{$oldsetting['varname']}"] = array();
}
$settings["{$oldsetting['varname']}"] = array_map('intval', $settings["{$oldsetting['varname']}"]);
$settings["{$oldsetting['varname']}"] = serialize($settings["{$oldsetting['varname']}"]);
}
}
}
$newvalue = validate_setting_value($settings["{$oldsetting['varname']}"], $oldsetting['datatype']);
if ($canAdminAll and isset($_POST['adminperm_' . $oldsetting[varname]])) {
$newAdminPerm = substr($cleaner->clean($_POST['adminperm_' . $oldsetting[varname]], vB_Cleaner::TYPE_STR), 0, 32);
} else {
$newAdminPerm = $oldsetting['adminperm'];
}
// this is a strict type check because we want '' to be different from 0
// some special cases below only use != checks to see if the logical value has changed
if ($oldsetting['value'] === NULL or strval($oldsetting['value']) !== strval($newvalue) or strval($oldsetting['adminperm']) !== strval($newAdminPerm)) {
switch ($oldsetting['varname']) {
case 'cache_templates_as_files':
if (!is_demo_mode()) {
$templatecachepathchanged = true;
}
break;
case 'template_cache_path':
if (!is_demo_mode()) {
$oldtemplatepath = strval($oldsetting['value']);
$newtemplatepath = $newvalue;
}
break;
case 'languageid':
if ($oldsetting['value'] != $newvalue) {
vB::getDatastore()->setOption('languageid', $newvalue, false);
require_once DIR . '/includes/adminfunctions_language.php';
build_language($newvalue);
}
break;
case 'cpstylefolder':
$admindm =& datamanager_init('Admin', $vbulletin, vB_DataManager_Constants::ERRTYPE_CP);
$admindm->set_existing(vB::getCurrentSession()->fetch_userinfo());
$admindm->set('cssprefs', $newvalue);
$admindm->save();
unset($admindm);
break;
case 'attachthumbssize':
if ($oldsetting['value'] != $newvalue) {
$rebuildstyle = true;
}
case 'storecssasfile':
if (!is_demo_mode() and $oldsetting['value'] != $newvalue) {
vB::getDatastore()->setOption('storecssasfile', $newvalue, false);
$rebuildstyle = true;
}
break;
case 'loadlimit':
update_loadavg();
break;
case 'tagcloud_usergroup':
build_datastore('tagcloud', serialize(''), 1);
break;
case 'censorwords':
case 'codemaxlines':
case 'url_nofollow':
case 'url_nofollow_whitelist':
if ($oldsetting['value'] != $newvalue) {
if (vB::getDatastore()->getOption('templateversion') >= '3.6') {
vB::getDbAssertor()->assertQuery('truncateTable', array('table' => 'sigparsed'));
}
}
// Legacy Hook 'admin_options_processing_censorcode' Removed //
break;
case 'album_recentalbumdays':
if ($oldsetting['value'] > $newvalue) {
require_once DIR . '/includes/functions_album.php';
exec_rebuild_album_updates();
}
default:
// Legacy Hook 'admin_options_processing_build' Removed //
}
if (is_demo_mode() and in_array($oldsetting['varname'], array('cache_templates_as_files', 'template_cache_path', 'storecssasfile', 'attachfile', 'usefileavatar', 'errorlogdatabase', 'errorlogsecurity', 'safeupload', 'tmppath'))) {
continue;
}
$updateSetting = vB::getDbAssertor()->assertQuery('setting', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'value' => $newvalue, 'adminperm' => $newAdminPerm, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'varname', 'value' => $oldsetting['varname'], 'operator' => vB_dB_Query::OPERATOR_EQ))));
}
}
if (!isset($oldsetting)) {
return false;
}
vB::getDatastore()->build_options();
if (defined('DEV_AUTOEXPORT') and DEV_AUTOEXPORT) {
require_once DIR . '/includes/functions_filesystemxml.php';
$xml = get_settings_export_xml('vbulletin');
autoexport_write_file_with_backup(DIR . '/install/vbulletin-settings.xml', $xml);
}
//handle changes for cache_templates_as_files and template_cache_path
//we do it here because there are interactions between them and we don't
//want to redo the chache changes twice if both are changed.
$api = vB_Api::instanceInternal('template');
if ($templatecachepathchanged or !is_null($oldtemplatepath) and !is_null($newtemplatepath)) {
if (vB::getDatastore()->getOption('cache_templates_as_files')) {
if (!is_null($oldtemplatepath)) {
//temporarily set the datastore path to the old value to clear it.
vB::getDatastore()->setOption('template_cache_path', $oldtemplatepath, false);
$api->deleteAllTemplateFiles();
vB::getDatastore()->setOption('template_cache_path', $newtemplatepath, false);
}
$api->saveAllTemplatesToFile();
} else {
//we we changed directories and the cache is off, delete from the old directory
if (!is_null($oldtemplatepath)) {
vB::getDatastore()->setOption('template_cache_path', $oldtemplatepath, false);
$api->deleteAllTemplateFiles();
vB::getDatastore()->setOption('template_cache_path', $newtemplatepath, false);
} else {
$api->deleteAllTemplateFiles();
}
}
}
if ($rebuildstyle) {
require_once DIR . '/includes/adminfunctions_template.php';
print_rebuild_style(-1, '', 1, 0, 0, 0);
}
return true;
}
/**
* Checks the state of the request to make sure that it's valid and that
* we have the necessary permissions to continue. Checks things like
* CSRF and banning.
*/
public function check_state()
{
global $vbulletin, $show;
if (defined('CSRF_ERROR'))
{
define('VB_ERROR_LITE', true);
$ajaxerror = $vbulletin->GPC['ajax'] ? '_ajax' : '';
switch (CSRF_ERROR)
{
case 'missing':
standard_error(fetch_error('security_token_missing', $vbulletin->options['contactuslink']));
break;
case 'guest':
standard_error(fetch_error('security_token_guest' . $ajaxerror));
break;
case 'timeout':
standard_error(fetch_error('security_token_timeout' . $ajaxerror, $vbulletin->options['contactuslink']));
break;
case 'invalid':
default:
standard_error(fetch_error('security_token_invalid', $vbulletin->options['contactuslink']));
}
exit;
}
// #############################################################################
// check to see if server is too busy. this is checked at the end of session.php
if ($this->server_overloaded() AND !($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) AND THIS_SCRIPT != 'login')
{
$vbulletin->options['useforumjump'] = 0;
standard_error(fetch_error('toobusy'));
}
// #############################################################################
// phpinfo display for support purposes
if (!empty($_REQUEST['do']) AND $_REQUEST['do'] == 'phpinfo')
{
if ($vbulletin->options['allowphpinfo'] AND !is_demo_mode())
{
phpinfo();
exit;
}
else
{
standard_error(fetch_error('admin_disabled_php_info'));
}
}
// #############################################################################
// check that board is active - if not admin, then display error
if (
!defined('BYPASS_FORUM_DISABLED')
AND
!$vbulletin->options['bbactive']
AND
!in_array(THIS_SCRIPT, array('login', 'css'))
AND
!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])
)
{
if (defined('DIE_QUIETLY'))
{
exit;
}
// If this is a post submission from an admin whose session timed out, give them a chance to log back in and save what they were working on. See bug #34258
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST' AND !empty($_POST) AND !$vbulletin->userinfo['userid'] AND !empty($_COOKIE[COOKIE_PREFIX . 'cpsession']))
{
define('VB_ERROR_PERMISSION', true);
}
$show['enableforumjump'] = true;
unset($vbulletin->db->shutdownqueries['lastvisit']);
require_once(DIR . '/includes/functions_misc.php');
eval('standard_error("' . make_string_interpolation_safe(str_replace("\\'", "'", addslashes($vbulletin->options['bbclosedreason']))) . '");');
}
// #############################################################################
// password expiry system
if ($vbulletin->userinfo['userid'] AND $vbulletin->userinfo['permissions']['passwordexpires'])
{
$passworddaysold = floor((TIMENOW - $vbulletin->userinfo['passworddate']) / 86400);
if ($passworddaysold >= $vbulletin->userinfo['permissions']['passwordexpires'])
{
if ((THIS_SCRIPT != 'login' AND THIS_SCRIPT != 'profile' AND THIS_SCRIPT != 'ajax')
OR (THIS_SCRIPT == 'profile' AND $_REQUEST['do'] != 'editpassword' AND $_POST['do'] != 'updatepassword')
OR (THIS_SCRIPT == 'ajax' AND $_REQUEST['do'] != 'imagereg' AND $_REQUEST['do'] != 'securitytoken' AND $_REQUEST['do'] != 'dismissnotice')
)
{
standard_error(fetch_error('passwordexpired',
$passworddaysold,
$vbulletin->session->vars['sessionurl']
));
}
else
{
$show['passwordexpired'] = true;
}
}
}
else
{
$show['passwordexpired'] = false;
}
// #############################################################################
// password same as username?
if (!defined('ALLOW_SAME_USERNAME_PASSWORD') AND $vbulletin->userinfo['userid'])
{
// save the resource on md5'ing if the option is not enabled or guest
if ($vbulletin->userinfo['password'] == md5(md5($vbulletin->userinfo['username']) . $vbulletin->userinfo['salt']))
{
if ((THIS_SCRIPT != 'login' AND THIS_SCRIPT != 'profile') OR (THIS_SCRIPT == 'profile' AND $_REQUEST['do'] != 'editpassword' AND $_POST['do'] != 'updatepassword'))
{
standard_error(fetch_error('username_same_as_password',
$vbulletin->session->vars['sessionurl']
));
}
}
}
// #############################################################################
// check required profile fields
if ($vbulletin->session->vars['profileupdate'] AND THIS_SCRIPT != 'login' AND THIS_SCRIPT != 'profile')
{
$vbulletin->options['useforumjump'] = 0;
standard_error(fetch_error('updateprofilefields', $vbulletin->session->vars['sessionurl']));
}
// #############################################################################
// check permission to view forum
if (!$this->has_global_view_permission())
{
if (defined('DIE_QUIETLY'))
{
exit;
}
else
{
print_no_permission();
}
}
// #############################################################################
// check for IP ban on user
verify_ip_ban();
($hook = vBulletinHook::fetch_hook('global_state_check')) ? eval($hook) : false;
}
/**
* Fetches the standard page view for a widget.
*
* @return vBCms_View_Widget - The resolved view, or array of views
*/
public function getPageView()
{
$config = $this->widget->getConfig();
// Create view
if (!isset($config['template_name']) OR ($config['template_name'] == '') )
{
$config['template_name'] = 'vbcms_widget_execphp_page';
}
if (!isset($config['cache_ttl']) )
{
$config['cache_ttl'] = 5;
}
// Create view
$view = new vBCms_View_Widget($config['template_name']);
$view->class = $this->widget->getClass();
$view->title = $view->widget_title = $this->widget->getTitle();
$view->description = $this->widget->getDescription();
$hash = $this->getHash($this->widget->getId());
$view->output = vB_Cache::instance()->read($hash, true, true);
if ($view->output)
{
return $view;
}
$this->assertWidget();
try
{
if (is_demo_mode())
{
$view->output = 'PHP Execution not allowed in Demo Mode!';
}
else
{
$content = eval($config['phpcode']);
if ((!isset($content) OR empty($content)) AND isset($output) AND !empty($output))
{
$content = $output;
}
$view->output = $content;
}
vB_Cache::instance()->write($hash,
$output, $config['cache_ttl'],
array($this->package . '_event_' . $this->class . '_' . $this->widget->getId()));
}
catch(Exception $e)
{
$view->output = '';
}
return $view;
}
