Beispiel #1
0
     // This usually doesn't happen since the form element only accepts 25 characters
     message_backstage(__('Passwords must be at least 6 characters long. Please choose another (longer) password.', 'luna'));
 } elseif (!strcasecmp($username, 'Guest') || !strcasecmp($username, __('Guest', 'luna'))) {
     message_backstage(__('The username guest is reserved. Please choose another username.', 'luna'));
 } elseif (preg_match('/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/', $username)) {
     message_backstage(__('Usernames may not be in the form of an IP address. Please choose another username.', 'luna'));
 } elseif ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false) {
     message_backstage(__('Usernames may not contain all the characters \', " and [ or ] at once. Please choose another username.', 'luna'));
 } elseif (preg_match('#\\[b\\]|\\[/b\\]|\\[u\\]|\\[/u\\]|\\[i\\]|\\[/i\\]|\\[color|\\[/color\\]|\\[quote\\]|\\[quote=|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[img\\]|\\[/img\\]|\\[url|\\[/url\\]|\\[email|\\[/email\\]#i', $username)) {
     message_backstage(__('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.', 'luna'));
 }
 // Check that the username (or a too similar username) is not already registered
 $result = $db->query('SELECT username FROM ' . $db->prefix . 'users WHERE username=\'' . $db->escape($username) . '\' OR username=\'' . $db->escape(preg_replace('/[^\\w]/', '', $username)) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
 if ($db->num_rows($result)) {
     $busy = $db->result($result);
     message_backstage(__('Someone is already registered with the username', 'luna') . ' ' . luna_htmlspecialchars($busy) . '. ' . __('The username you entered is too similar. The username must differ from that by at least one alphanumerical character (a-z or 0-9). Please choose a different username.', 'luna'));
 }
 $timezone = '0';
 $language = $luna_config['o_default_lang'];
 $email_setting = intval(1);
 // Insert the new user into the database. We do this now to get the last inserted id for later use.
 $now = time();
 $intial_group_id = $_POST['random_pass'] == '0' ? $luna_config['o_default_user_group'] : LUNA_UNVERIFIED;
 $password_hash = luna_hash($password);
 // Add the user
 $db->query('INSERT INTO ' . $db->prefix . 'users (username, group_id, password, email, email_setting, php_timezone, language, style, registered, registration_ip, last_visit) VALUES(\'' . $db->escape($username) . '\', ' . $intial_group_id . ', \'' . $password_hash . '\', \'' . $email1 . '\', ' . $email_setting . ', ' . $timezone . ' , \'' . $language . '\', \'' . $luna_config['o_default_style'] . '\', ' . $now . ', \'' . get_remote_address() . '\', ' . $now . ')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
 $new_uid = $db->insert_id();
 // Must the user verify the registration?
 if ($_POST['random_pass'] == '1') {
     // Validate e-mail
     require LUNA_ROOT . 'include/email.php';
Beispiel #2
0
        message_backstage(__('You must enter a word to censor.', 'luna'));
    }
    $db->query('INSERT INTO ' . $db->prefix . 'censoring (search_for, replace_with) VALUES (\'' . $db->escape($search_for) . '\', \'' . $db->escape($replace_with) . '\')') or error('Unable to add censor word', __FILE__, __LINE__, $db->error());
    // Regenerate the censoring cache
    if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
        require LUNA_ROOT . 'include/cache.php';
    }
    generate_censoring_cache();
    redirect('backstage/censoring.php');
} elseif (isset($_POST['update'])) {
    confirm_referrer('backstage/censoring.php');
    $id = intval(key($_POST['update']));
    $search_for = luna_trim($_POST['search_for'][$id]);
    $replace_with = luna_trim($_POST['replace_with'][$id]);
    if ($search_for == '') {
        message_backstage(__('You must enter a word to censor.', 'luna'));
    }
    $db->query('UPDATE ' . $db->prefix . 'censoring SET search_for=\'' . $db->escape($search_for) . '\', replace_with=\'' . $db->escape($replace_with) . '\' WHERE id=' . $id) or error('Unable to update censor word', __FILE__, __LINE__, $db->error());
    // Regenerate the censoring cache
    if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
        require LUNA_ROOT . 'include/cache.php';
    }
    generate_censoring_cache();
    redirect('backstage/censoring.php');
} elseif (isset($_POST['remove'])) {
    confirm_referrer('backstage/censoring.php');
    $id = intval(key($_POST['remove']));
    $db->query('DELETE FROM ' . $db->prefix . 'censoring WHERE id=' . $id) or error('Unable to delete censor word', __FILE__, __LINE__, $db->error());
    // Regenerate the censoring cache
    if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
        require LUNA_ROOT . 'include/cache.php';
Beispiel #3
0
function get_table_content_mysql($table, $handler)
{
    global $db;
    // Grab the data from the table.
    if (!($result = $db->query("SELECT * FROM {$table}"))) {
        message_backstage('Failed to get table content');
    }
    // Loop through the resulting rows and build the sql statement.
    if ($row = $db->fetch_assoc($result)) {
        $handler("\n#\n# Table Data for {$table}\n#\n");
        $field_names = array();
        // Grab the list of field names.
        $num_fields = num_fields($result);
        $table_list = '(';
        for ($j = 0; $j < $num_fields; $j++) {
            $field_names[$j] = field_name($j, $result);
            $table_list .= ($j > 0 ? ', ' : '') . $field_names[$j];
        }
        $table_list .= ')';
        do {
            // Start building the SQL statement.
            $schema_insert = "INSERT INTO {$table} {$table_list} VALUES(";
            // Loop through the rows and fill in data for each column
            for ($j = 0; $j < $num_fields; $j++) {
                $schema_insert .= $j > 0 ? ', ' : '';
                if (!isset($row[$field_names[$j]])) {
                    //
                    // If there is no data for the column set it to null.
                    // There was a problem here with an extra space causing the
                    // sql file not to reimport if the last column was null in
                    // any table.  Should be fixed now :) JLH
                    //
                    $schema_insert .= 'NULL';
                } elseif ($row[$field_names[$j]] != '') {
                    $schema_insert .= '\'' . addslashes($row[$field_names[$j]]) . '\'';
                } else {
                    $schema_insert .= '\'\'';
                }
            }
            $schema_insert .= ');';
            // Go ahead and send the insert statement to the handler function.
            $handler(trim($schema_insert));
        } while ($row = $db->fetch_assoc($result));
    }
    return true;
}
Beispiel #4
0
     }
     $conditions[] = 'u.last_visit<' . $last_visit_before;
 }
 if ($registered_after != '') {
     $query_str[] = 'registered_after=' . $registered_after;
     $registered_after = strtotime($registered_after);
     if ($registered_after === false || $registered_after == -1) {
         message_backstage(__('You entered an invalid date/time.', 'luna'));
     }
     $conditions[] = 'u.registered>' . $registered_after;
 }
 if ($registered_before != '') {
     $query_str[] = 'registered_before=' . $registered_before;
     $registered_before = strtotime($registered_before);
     if ($registered_before === false || $registered_before == -1) {
         message_backstage(__('You entered an invalid date/time.', 'luna'));
     }
     $conditions[] = 'u.registered<' . $registered_before;
 }
 $like_command = $db_type == 'pgsql' ? 'ILIKE' : 'LIKE';
 foreach ($form as $key => $input) {
     if ($input != '' && in_array($key, array('username', 'email', 'title', 'realname', 'url', 'facebook', 'msn', 'twitter', 'google', 'location', 'signature', 'admin_note'))) {
         $conditions[] = 'u.' . $db->escape($key) . ' ' . $like_command . ' \'' . $db->escape(str_replace('*', '%', $input)) . '\'';
         $query_str[] = 'form%5B' . $key . '%5D=' . urlencode($input);
     }
 }
 if ($posts_greater != '') {
     $query_str[] = 'posts_greater=' . $posts_greater;
     $conditions[] = 'u.num_posts>' . $posts_greater;
 }
 if ($posts_less != '') {
Beispiel #5
0
    }
    $prune = $_POST['prune_by'] == 1 ? 'registered' : 'last_visit';
    $user_time = time() - $_POST['days'] * 86400;
    $result = $db->query('SELECT id FROM ' . $db->prefix . 'users WHERE (num_comments < ' . intval($_POST['comments']) . ') AND (' . $prune . ' < ' . intval($user_time) . ') AND (id > 2) AND (' . $admod_delete . ')' . $verified, true) or error('Unable to fetch users to prune', __FILE__, __LINE__, $db->error());
    $user_ids = array();
    while ($id = $db->result($result)) {
        $user_ids[] = $id;
    }
    if (!empty($user_ids)) {
        $db->query('DELETE FROM ' . $db->prefix . 'users WHERE id IN (' . implode(',', $user_ids) . ')') or error('Unable to delete users', __FILE__, __LINE__, $db->error());
        $db->query('UPDATE ' . $db->prefix . 'comments SET commenter_id=1 WHERE commenter_id IN (' . implode(',', $user_ids) . ')') or error('Unable to mark comments as guest comments', __FILE__, __LINE__, $db->error());
    }
    // Regenerate the users info cache
    generate_users_info_cache();
    $users_pruned = count($user_ids);
    message_backstage(__('Pruning complete, all users that matched the requirements have been pruned.', 'luna'));
}
// Get the first comment ID from the db
$result = $db->query('SELECT id FROM ' . $db->prefix . 'comments ORDER BY id ASC LIMIT 1') or error('Unable to fetch thread info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
    $first_id = $db->result($result);
}
$page_title = array(luna_htmlspecialchars($luna_config['o_board_title']), __('Admin', 'luna'), __('Maintenance', 'luna'));
define('LUNA_ACTIVE_PAGE', 'admin');
require 'header.php';
load_admin_nav('maintenance', 'prune');
?>

<form class="form-horizontal" id="notiprune" method="post" action="<?php 
echo $_SERVER['REQUEST_URI'];
?>
Beispiel #6
0
 * Based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
 * Licensed under GPLv3 (http://getluna.org/license.php)
 */
define('FORUM_ROOT', '../');
require FORUM_ROOT . 'include/common.php';
if (!$luna_user['is_admmod']) {
    header("Location: login.php");
}
$action = isset($_GET['action']) ? $_GET['action'] : null;
// Check if install.php is a thing
if ($action == 'remove_install_file') {
    $deleted = @unlink(FORUM_ROOT . 'install.php');
    if ($deleted) {
        redirect('backstage/index.php');
    } else {
        message_backstage(__('Could not remove install.php. Please do so by hand.', 'luna'));
    }
}
$install_file_exists = is_file(FORUM_ROOT . 'install.php');
if (isset($_POST['form_sent'])) {
    confirm_referrer(array('backstage/index.php', 'backstage/'));
    $db->query('UPDATE ' . $db->prefix . 'config SET conf_value=\'' . $db->escape(luna_htmlspecialchars($_POST['form']['admin_note'])) . '\' WHERE conf_name=\'o_admin_note\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
    // Regenerate the config cache
    if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
        require FORUM_ROOT . 'include/cache.php';
    }
    generate_config_cache();
    clear_feed_cache();
    redirect('backstage/index.php?saved=true');
}
if (isset($_POST['first_run_disable'])) {
Beispiel #7
0
 $query_str[] = 'order_by=' . $order_by;
 $query_str[] = 'direction=' . $direction;
 // Try to convert date/time to timestamps
 if ($expire_after != '') {
     $query_str[] = 'expire_after=' . $expire_after;
     $expire_after = strtotime($expire_after);
     if ($expire_after === false || $expire_after == -1) {
         message_backstage(__('You entered an invalid expire date.', 'luna'));
     }
     $conditions[] = 'b.expire>' . $expire_after;
 }
 if ($expire_before != '') {
     $query_str[] = 'expire_before=' . $expire_before;
     $expire_before = strtotime($expire_before);
     if ($expire_before === false || $expire_before == -1) {
         message_backstage(__('You entered an invalid expire date.', 'luna'));
     }
     $conditions[] = 'b.expire<' . $expire_before;
 }
 $like_command = $db_type == 'pgsql' ? 'ILIKE' : 'LIKE';
 foreach ($form as $key => $input) {
     if ($input != '' && in_array($key, array('username', 'ip', 'email', 'message'))) {
         $conditions[] = 'b.' . $db->escape($key) . ' ' . $like_command . ' \'' . $db->escape(str_replace('*', '%', $input)) . '\'';
         $query_str[] = 'form%5B' . $key . '%5D=' . urlencode($input);
     }
 }
 // Fetch ban count
 $result = $db->query('SELECT COUNT(id) FROM ' . $db->prefix . 'bans as b WHERE b.id>0' . (!empty($conditions) ? ' AND ' . implode(' AND ', $conditions) : '')) or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
 $num_bans = $db->result($result);
 // Determine the ban offset (based on $_GET['p'])
 $num_pages = ceil($num_bans / 50);
Beispiel #8
0
 */
// Tell common.php that we don't want output buffering
define('LUNA_DISABLE_BUFFERING', 1);
define('LUNA_ROOT', '../');
require LUNA_ROOT . 'include/common.php';
if (!$is_admin) {
    header("Location: login.php");
}
$action = isset($_REQUEST['action']) ? luna_trim($_REQUEST['action']) : '';
if ($action == 'rebuild') {
    ob_start();
    $per_page = isset($_GET['i_per_page']) ? intval($_GET['i_per_page']) : 0;
    $start_at = isset($_GET['i_start_at']) ? intval($_GET['i_start_at']) : 0;
    // Check per page is > 0
    if ($per_page < 1) {
        message_backstage(__('Comments per cycle must be a positive integer value.', 'luna'));
    }
    @set_time_limit(0);
    // If this is the first cycle of comments we empty the search index before we proceed
    if (isset($_GET['i_empty_index'])) {
        confirm_referrer('backstage/maintenance.php');
        $db->truncate_table('search_matches') or error('Unable to empty search index match table', __FILE__, __LINE__, $db->error());
        $db->truncate_table('search_words') or error('Unable to empty search index words table', __FILE__, __LINE__, $db->error());
        // Reset the sequence for the search words (not needed for SQLite)
        switch ($db_type) {
            case 'mysql':
            case 'mysqli':
            case 'mysql_innodb':
            case 'mysqli_innodb':
                $result = $db->query('ALTER TABLE ' . $db->prefix . 'search_words auto_increment=1') or error('Unable to update table auto_increment', __FILE__, __LINE__, $db->error());
                break;
Beispiel #9
0
 * Copyright (C) 2013-2015 Luna
 * Based on code by FluxBB copyright (C) 2008-2012 FluxBB
 * Based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
 * Licensed under GPLv3 (http://getluna.org/license.php)
 */
define('FORUM_ROOT', '../');
require FORUM_ROOT . 'include/common.php';
if (!$is_admin) {
    header("Location: login.php");
}
$action = isset($_GET['action']) ? $_GET['action'] : null;
// Show phpinfo() output
if ($action == 'phpinfo' && $luna_user['g_id'] == FORUM_ADMIN) {
    // Is phpinfo() a disabled function?
    if (strpos(strtolower((string) ini_get('disable_functions')), 'phpinfo') !== false) {
        message_backstage(__('The PHP function phpinfo() has been disabled on this server.', 'luna'));
    }
    phpinfo();
    exit;
}
// Get the server load averages (if possible)
if (@file_exists('/proc/loadavg') && is_readable('/proc/loadavg')) {
    // We use @ just in case
    $fh = @fopen('/proc/loadavg', 'r');
    $load_averages = @fread($fh, 64);
    @fclose($fh);
    if ($fh = @fopen('/proc/loadavg', 'r')) {
        $load_averages = fread($fh, 64);
        fclose($fh);
    } else {
        $load_averages = '';
Beispiel #10
0
define('FORUM_ROOT', '../');
require FORUM_ROOT . 'include/common.php';
if (!$is_admin) {
    header("Location: login.php");
}
if (isset($_POST['form_sent'])) {
    confirm_referrer('backstage/email.php', __('Bad HTTP_REFERER. If you have moved these forums from one location to another or switched domains, you need to update the Base URL manually in the database (look for o_base_url in the config table) and then clear the cache by deleting all .php files in the /cache directory.', 'luna'));
    $form = array('admin_email' => strtolower(luna_trim($_POST['form']['admin_email'])), 'webmaster_email' => strtolower(luna_trim($_POST['form']['webmaster_email'])), 'forum_subscriptions' => isset($_POST['form']['forum_subscriptions']) ? '1' : '0', 'topic_subscriptions' => isset($_POST['form']['topic_subscriptions']) ? '1' : '0', 'smtp_host' => luna_trim($_POST['form']['smtp_host']), 'smtp_user' => luna_trim($_POST['form']['smtp_user']), 'smtp_ssl' => isset($_POST['form']['smtp_ssl']) ? '1' : '0');
    // Change or enter a SMTP password
    if (isset($_POST['form']['smtp_change_pass'])) {
        $smtp_pass1 = isset($_POST['form']['smtp_pass1']) ? luna_trim($_POST['form']['smtp_pass1']) : '';
        $smtp_pass2 = isset($_POST['form']['smtp_pass2']) ? luna_trim($_POST['form']['smtp_pass2']) : '';
        if ($smtp_pass1 == $smtp_pass2) {
            $form['smtp_pass'] = $smtp_pass1;
        } else {
            message_backstage(__('You need to enter the SMTP password twice exactly the same to change it.', 'luna'));
        }
    }
    foreach ($form as $key => $input) {
        // Only update values that have changed
        if (array_key_exists('o_' . $key, $luna_config) && $luna_config['o_' . $key] != $input) {
            if ($input != '' || is_int($input)) {
                $value = '\'' . $db->escape($input) . '\'';
            } else {
                $value = 'NULL';
            }
            $db->query('UPDATE ' . $db->prefix . 'config SET conf_value=' . $value . ' WHERE conf_name=\'o_' . $db->escape($key) . '\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
        }
    }
    // Regenerate the config cache
    if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
Beispiel #11
0
    confirm_referrer('backstage/ranks.php');
    $rank = $_POST['rank'];
    if (empty($rank)) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    foreach ($rank as $item_id => $cur_rank) {
        $cur_rank['rank'] = luna_trim($cur_rank['rank']);
        $cur_rank['min_comments'] = luna_trim($cur_rank['min_comments']);
        if ($cur_rank['rank'] == '') {
            message_backstage(__('You must enter a title.', 'luna'));
        } elseif ($cur_rank['min_comments'] == '' || preg_match('%[^0-9]%', $cur_rank['min_comments'])) {
            message_backstage(__('Minimum comments must be a positive integer value.', 'luna'));
        } else {
            $rank_check = $db->query('SELECT 1 FROM ' . $db->prefix . 'ranks WHERE id!=' . intval($item_id) . ' AND min_comments=' . $cur_rank['min_comments']) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
            if ($db->num_rows($rank_check) != 0) {
                message_backstage(sprintf(__('There is already a rank with a minimum amount of %s comments.', 'luna'), $cur_rank['min_comments']));
            }
        }
        $db->query('UPDATE ' . $db->prefix . 'ranks SET rank=\'' . $db->escape($cur_rank['rank']) . '\', min_comments=\'' . $cur_rank['min_comments'] . '\' WHERE id=' . intval($item_id)) or error('Unable to update ranks', __FILE__, __LINE__, $db->error());
    }
    redirect('backstage/ranks.php');
} elseif (isset($_POST['remove'])) {
    $id = intval(key($_POST['remove']));
    $db->query('DELETE FROM ' . $db->prefix . 'ranks WHERE id=' . $id) or error('Unable to delete rank', __FILE__, __LINE__, $db->error());
    // Regenerate the ranks cache
    if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
        require LUNA_ROOT . 'include/cache.php';
    }
    generate_ranks_cache();
    redirect('backstage/ranks.php');
}
Beispiel #12
0
    redirect('viewtopic.php?id=' . $stick);
} elseif (isset($_GET['unstick'])) {
    confirm_referrer(array('viewtopic.php', 'backstage/moderate.php'));
    check_csrf($_GET['csrf_token']);
    $unstick = intval($_GET['unstick']);
    if ($unstick < 1) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    $db->query('UPDATE ' . $db->prefix . 'topics SET sticky=\'0\' WHERE id=' . $unstick . ' AND forum_id=' . $fid) or error('Unable to Unpin thread', __FILE__, __LINE__, $db->error());
    redirect('viewtopic.php?id=' . $unstick);
} elseif (!isset($_GET['unstick']) && !isset($_GET['stick']) && !isset($_REQUEST['open']) && !isset($_REQUEST['close']) && !isset($_POST['delete_topics']) && !isset($_POST['delete_topics_comply']) && !isset($_GET['tid']) && !isset($_POST['merge_topics']) && !isset($_POST['merge_topics_comply'])) {
    // No specific forum moderation action was specified in the query string, so we'll display the moderator forum
    // Fetch some info about the forum
    $result = $db->query('SELECT f.forum_name, f.num_topics, f.sort_by FROM ' . $db->prefix . 'forums AS f LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $luna_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id=' . $fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
    if (!$db->num_rows($result)) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    $cur_forum = $db->fetch_assoc($result);
    switch ($cur_forum['sort_by']) {
        case 0:
            $sort_by = 'last_post DESC';
            break;
        case 1:
            $sort_by = 'posted DESC';
            break;
        case 2:
            $sort_by = 'subject ASC';
            break;
        default:
            $sort_by = 'last_post DESC';
            break;
Beispiel #13
0
    if (empty($menu_items)) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    foreach ($menu_items as $item_id => $cur_item) {
        $cur_item['url'] = luna_trim($cur_item['url']);
        $cur_item['name'] = luna_trim($cur_item['name']);
        $cur_item['order'] = luna_trim($cur_item['order']);
        if (!isset($cur_item['visible'])) {
            $cur_item['visible'] = 0;
        }
        if ($cur_item['name'] == '') {
            message_backstage(__('You must give your menu item a title.', 'luna'));
        } elseif ($cur_item['url'] == '') {
            message_backstage(__('You must give your menu item an URL.', 'luna'));
        } elseif ($cur_item['order'] == '' || preg_match('%[^0-9]%', $cur_item['order'])) {
            message_backstage(__('Position must be a positive integer value.', 'luna'));
        } else {
            $db->query('UPDATE ' . $db->prefix . 'menu SET url=\'' . $db->escape($cur_item['url']) . '\', name=\'' . $db->escape($cur_item['name']) . '\', disp_position=' . $cur_item['order'] . ', visible=\'' . $cur_item['visible'] . '\' WHERE id=' . intval($item_id)) or error('Unable to update menu', __FILE__, __LINE__, $db->error());
        }
    }
    redirect('backstage/menu.php');
}
$result = $db->query('SELECT * FROM ' . $db->prefix . 'menu ORDER BY disp_position') or error('Unable to fetch menu items', __FILE__, __LINE__, $db->error());
require 'header.php';
load_admin_nav('settings', 'menu');
?>
<div class="row">
	<div class="col-sm-4 col-md-3">
		<form method="post" action="menu.php?action=add_item">
			<fieldset>
				<div class="panel panel-default">
Beispiel #14
0
    $db->query('UPDATE ' . $db->prefix . 'config SET conf_value=' . $group_id . ' WHERE conf_name=\'o_default_user_group\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
    // Regenerate the config cache
    if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
        require FORUM_ROOT . 'include/cache.php';
    }
    generate_config_cache();
    redirect('backstage/groups.php');
} elseif (isset($_GET['del_group'])) {
    confirm_referrer('backstage/groups.php');
    $group_id = isset($_POST['group_to_delete']) ? intval($_POST['group_to_delete']) : intval($_GET['del_group']);
    if ($group_id < 5) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you\'re simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    // Make sure we don't remove the default group
    if ($group_id == $luna_config['o_default_user_group']) {
        message_backstage(__('The default group cannot be removed. In order to delete this group, you must first setup a different group as the default.', 'luna'));
    }
    // Check if this group has any members
    $result = $db->query('SELECT g.g_title, COUNT(u.id) FROM ' . $db->prefix . 'groups AS g INNER JOIN ' . $db->prefix . 'users AS u ON g.g_id=u.group_id WHERE g.g_id=' . $group_id . ' GROUP BY g.g_id, g_title') or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
    // If the group doesn't have any members or if we've already selected a group to move the members to
    if (!$db->num_rows($result) || isset($_POST['del_group'])) {
        if (isset($_POST['del_group_comply']) || isset($_POST['del_group'])) {
            if (isset($_POST['del_group'])) {
                $move_to_group = intval($_POST['move_to_group']);
                $db->query('UPDATE ' . $db->prefix . 'users SET group_id=' . $move_to_group . ' WHERE group_id=' . $group_id) or error('Unable to move users into group', __FILE__, __LINE__, $db->error());
            }
            // Delete the group and any forum specific permissions
            $db->query('DELETE FROM ' . $db->prefix . 'groups WHERE g_id=' . $group_id) or error('Unable to delete group', __FILE__, __LINE__, $db->error());
            $db->query('DELETE FROM ' . $db->prefix . 'forum_perms WHERE group_id=' . $group_id) or error('Unable to delete group forum permissions', __FILE__, __LINE__, $db->error());
            redirect('backstage/groups.php');
        } else {
Beispiel #15
0
if (!preg_match('%^AM?P_(\\w*?)\\.php$%i', $plugin)) {
    message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
}
// AP_ == Admins only, AMP_ == admins and moderators
$prefix = substr($plugin, 0, strpos($plugin, '_'));
if ($luna_user['g_moderator'] == '1' && $prefix == 'AP') {
    message_backstage(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
// Make sure the file actually exists
if (!file_exists(FORUM_ROOT . 'plugins/' . $plugin)) {
    message_backstage(sprintf(__('There is no plugin called %s in the plugin directory.', 'luna'), $plugin));
}
// Construct REQUEST_URI if it isn't set
if (!isset($_SERVER['REQUEST_URI'])) {
    $_SERVER['REQUEST_URI'] = (isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : '') . '?' . (isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '');
}
$page_title = array(luna_htmlspecialchars($luna_config['o_board_title']), __('Admin', 'luna'), str_replace('_', ' ', substr($plugin, strpos($plugin, '_') + 1, -4)));
define('FORUM_ACTIVE_PAGE', 'admin');
require 'header.php';
// Attempt to load the plugin. We don't use @ here to suppress error messages,
// because if we did and a parse error occurred in the plugin, we would only
// get the "blank page of death"
include FORUM_ROOT . 'plugins/' . $plugin;
if (!defined('FORUM_PLUGIN_LOADED')) {
    message_backstage(sprintf(__('Loading of the plugin - <strong>%s</strong> - failed.', 'luna'), $plugin));
}
// Output the clearer div
?>
</div>
<?php 
require 'footer.php';
Beispiel #16
0
     $form['announcement_message'] = luna_linebreaks($form['announcement_message']);
 } else {
     $form['announcement_message'] = __('Enter your announcement here.', 'luna');
     $form['announcement'] = '0';
 }
 if ($form['feed_type'] < 0 || $form['feed_type'] > 2) {
     message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
 }
 if ($form['feed_ttl'] < 0) {
     message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
 }
 if ($form['report_method'] < 0 || $form['report_method'] > 2) {
     message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
 }
 if ($form['timeout_online'] >= $form['timeout_visit']) {
     message_backstage(__('The value of "Timeout online" must be smaller than the value of "Timeout visit".', 'luna'));
 }
 foreach ($form as $key => $input) {
     // Only update values that have changed
     if (array_key_exists('o_' . $key, $luna_config) && $luna_config['o_' . $key] != $input) {
         if ($input != '' || is_int($input)) {
             $value = '\'' . $db->escape($input) . '\'';
         } else {
             $value = 'NULL';
         }
         $db->query('UPDATE ' . $db->prefix . 'config SET conf_value=' . $value . ' WHERE conf_name=\'o_' . $db->escape($key) . '\'') or error('Unable to update board config', __FILE__, __LINE__, $db->error());
     }
 }
 // Regenerate the config cache
 if (!defined('LUNA_CACHE_FUNCTIONS_LOADED')) {
     require LUNA_ROOT . 'include/cache.php';
Beispiel #17
0
    confirm_referrer('backstage/ranks.php');
    $rank = $_POST['rank'];
    if (empty($rank)) {
        message_backstage(__('Bad request. The link you followed is incorrect, outdated or you are simply not allowed to hang around here.', 'luna'), false, '404 Not Found');
    }
    foreach ($rank as $item_id => $cur_rank) {
        $cur_rank['rank'] = luna_trim($cur_rank['rank']);
        $cur_rank['min_posts'] = luna_trim($cur_rank['min_posts']);
        if ($cur_rank['rank'] == '') {
            message_backstage(__('You must enter a title.', 'luna'));
        } elseif ($cur_rank['min_posts'] == '' || preg_match('%[^0-9]%', $cur_rank['min_posts'])) {
            message_backstage(__('Minimum posts must be a positive integer value.', 'luna'));
        } else {
            $rank_check = $db->query('SELECT 1 FROM ' . $db->prefix . 'ranks WHERE id!=' . intval($item_id) . ' AND min_posts=' . $cur_rank['min_posts']) or error('Unable to fetch rank info', __FILE__, __LINE__, $db->error());
            if ($db->num_rows($rank_check) != 0) {
                message_backstage(sprintf(__('There is already a rank with a minimum posts value of %s.', 'luna'), $cur_rank['min_posts']));
            }
        }
        $db->query('UPDATE ' . $db->prefix . 'ranks SET rank=\'' . $db->escape($cur_rank['rank']) . '\', min_posts=\'' . $cur_rank['min_posts'] . '\' WHERE id=' . intval($item_id)) or error('Unable to update ranks', __FILE__, __LINE__, $db->error());
    }
    redirect('backstage/ranks.php');
} elseif (isset($_POST['remove'])) {
    $id = intval(key($_POST['remove']));
    $db->query('DELETE FROM ' . $db->prefix . 'ranks WHERE id=' . $id) or error('Unable to delete rank', __FILE__, __LINE__, $db->error());
    // Regenerate the ranks cache
    if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) {
        require FORUM_ROOT . 'include/cache.php';
    }
    generate_ranks_cache();
    redirect('backstage/ranks.php');
}