/**
* Loads article previews for display with the portal index template
*/
public function action_sportal_index()
{
global $context, $modSettings;
// Showing articles on the index page?
if (!empty($modSettings['sp_articles_index'])) {
require_once SUBSDIR . '/PortalArticle.subs.php';
$context['sub_template'] = 'portal_index';
// Set up the pages
$total_articles = sportal_get_articles_count();
$total = min($total_articles, !empty($modSettings['sp_articles_index_total']) ? $modSettings['sp_articles_index_total'] : 20);
$per_page = min($total, !empty($modSettings['sp_articles_index_per_page']) ? $modSettings['sp_articles_index_per_page'] : 5);
$start = !empty($_REQUEST['articles']) ? (int) $_REQUEST['articles'] : 0;
if ($total > $per_page) {
$context['article_page_index'] = constructPageIndex($context['portal_url'] . '?articles=%1$d', $start, $total, $per_page, true);
}
// If we have some articles
require_once SUBSDIR . '/PortalArticle.subs.php';
$context['articles'] = sportal_get_articles(0, true, true, 'spa.id_article DESC', 0, $per_page, $start);
foreach ($context['articles'] as $article) {
if (empty($modSettings['sp_articles_length']) && ($cutoff = Util::strpos($article['body'], '[cutoff]')) !== false) {
$article['body'] = Util::substr($article['body'], 0, $cutoff);
if ($article['type'] === 'bbc') {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($article['body']);
}
}
$context['articles'][$article['id']]['preview'] = sportal_parse_content($article['body'], $article['type'], 'return');
$context['articles'][$article['id']]['date'] = htmlTime($article['date']);
// Just want a shorter look on the index page
if (!empty($modSettings['sp_articles_length'])) {
$context['articles'][$article['id']]['preview'] = Util::shorten_html($context['articles'][$article['id']]['preview'], $modSettings['sp_articles_length']);
}
}
}
}
/**
* testPreparseCode, runs preparsecode on the bbcode
*/
public function testPreparseCode()
{
foreach ($this->bbPreparse_tests as $testcase) {
$test = $testcase[0];
$expected = $testcase[1];
preparsecode($test);
$this->assertEqual($expected, $test);
}
}
/**
* Save a new draft, or update an existing draft.
*/
function saveDraft()
{
global $smcFunc, $topic, $board, $user_info, $options;
if (!isset($_REQUEST['draft']) || $user_info['is_guest'] || empty($options['use_drafts'])) {
return false;
}
$msgid = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : 0;
// Clean up what we may or may not have
$subject = isset($_POST['subject']) ? $_POST['subject'] : '';
$message = isset($_POST['message']) ? $_POST['message'] : '';
$icon = isset($_POST['icon']) ? preg_replace('~[\\./\\\\*:"\'<>]~', '', $_POST['icon']) : 'xx';
// Sanitise what we do have
$subject = commonAPI::htmltrim(commonAPI::htmlspecialchars($subject));
$message = commonAPI::htmlspecialchars($message, ENT_QUOTES);
preparsecode($message);
if (commonAPI::htmltrim(commonAPI::htmlspecialchars($subject)) === '' && commonAPI::htmltrim(commonAPI::htmlspecialchars($_POST['message']), ENT_QUOTES) === '') {
fatal_lang_error('empty_draft', false);
}
// Hrm, so is this a new draft or not?
if (isset($_REQUEST['draft_id']) && (int) $_REQUEST['draft_id'] > 0 || $msgid) {
$_REQUEST['draft_id'] = (int) $_REQUEST['draft_id'];
$id_cond = $msgid ? ' 1=1 ' : ' id_draft = {int:draft} ';
$id_sel = $msgid ? ' AND id_msg = {int:message} ' : ' AND id_board = {int:board} AND id_topic = {int:topic} ';
// Does this draft exist?
smf_db_query('
UPDATE {db_prefix}drafts
SET subject = {string:subject},
body = {string:body},
updated = {int:post_time},
icon = {string:post_icon},
smileys = {int:smileys_enabled},
is_locked = {int:locked},
is_sticky = {int:sticky}
WHERE ' . $id_cond . '
AND id_member = {int:member}
' . $id_sel . '
LIMIT 1', array('draft' => $_REQUEST['draft_id'], 'board' => $board, 'topic' => $topic, 'message' => $msgid, 'member' => $user_info['id'], 'subject' => $subject, 'body' => $message, 'post_time' => time(), 'post_icon' => $icon, 'smileys_enabled' => !isset($_POST['ns']) ? 1 : 0, 'locked' => !empty($_POST['lock_draft']) ? 1 : 0, 'sticky' => isset($_POST['sticky']) ? 1 : 0));
if (smf_db_affected_rows() != 0) {
return $_REQUEST['draft_id'];
}
}
smf_db_insert('insert', '{db_prefix}drafts', array('id_board' => 'int', 'id_topic' => 'int', 'id_msg' => 'int', 'id_member' => 'int', 'subject' => 'string', 'body' => 'string', 'updated' => 'int', 'icon' => 'string', 'smileys' => 'int', 'is_locked' => 'int', 'is_sticky' => 'int'), array($board, $topic, $msgid, $user_info['id'], $subject, $message, time(), $icon, !isset($_POST['ns']) ? 1 : 0, !empty($_POST['lock_draft']) ? 1 : 0, isset($_POST['sticky']) ? 1 : 0), array('id_draft'));
return smf_db_insert_id('{db_prefix}drafts');
}
/**
* View a specific category, showing all articles it contains
*/
public function action_sportal_category()
{
global $context, $scripturl, $modSettings;
// Basic article support
require_once SUBSDIR . '/PortalArticle.subs.php';
$category_id = !empty($_REQUEST['category']) ? $_REQUEST['category'] : 0;
if (is_int($category_id)) {
$category_id = (int) $category_id;
} else {
$category_id = Util::htmlspecialchars($category_id, ENT_QUOTES);
}
$context['category'] = sportal_get_categories($category_id, true, true);
if (empty($context['category']['id'])) {
fatal_lang_error('error_sp_category_not_found', false);
}
// Set up the pages
$total_articles = sportal_get_articles_in_cat_count($context['category']['id']);
$per_page = min($total_articles, !empty($modSettings['sp_articles_per_page']) ? $modSettings['sp_articles_per_page'] : 10);
$start = !empty($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
if ($total_articles > $per_page) {
$context['page_index'] = constructPageIndex($context['category']['href'] . ';start=%1$d', $start, $total_articles, $per_page, true);
}
// Load the articles in this category
$context['articles'] = sportal_get_articles(0, true, true, 'spa.id_article DESC', $context['category']['id'], $per_page, $start);
foreach ($context['articles'] as $article) {
// Cut me mick
if (($cutoff = Util::strpos($article['body'], '[cutoff]')) !== false) {
$article['body'] = Util::substr($article['body'], 0, $cutoff);
if ($article['type'] === 'bbc') {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($article['body']);
}
}
$context['articles'][$article['id']]['preview'] = sportal_parse_content($article['body'], $article['type'], 'return');
$context['articles'][$article['id']]['date'] = htmlTime($article['date']);
}
$context['linktree'][] = array('url' => $scripturl . '?category=' . $context['category']['category_id'], 'name' => $context['category']['name']);
$context['page_title'] = $context['category']['name'];
$context['sub_template'] = 'view_category';
}
/**
* Test install a package.
*/
public function action_install()
{
global $txt, $context, $scripturl, $settings;
// You have to specify a file!!
if (!isset($_REQUEST['package']) || trim($_REQUEST['package']) == '') {
redirectexit('action=admin;area=packages');
}
$context['filename'] = preg_replace('~[\\.]+~', '.', $_REQUEST['package']);
// Do we have an existing id, for uninstalls and the like.
$context['install_id'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 0;
// These will be needed
require_once SUBSDIR . '/Package.subs.php';
require_once SUBSDIR . '/Themes.subs.php';
// Load up the package FTP information?
create_chmod_control();
// Make sure temp directory exists and is empty.
if (file_exists(BOARDDIR . '/packages/temp')) {
deltree(BOARDDIR . '/packages/temp', false);
}
// Attempt to create the temp directory
if (!mktree(BOARDDIR . '/packages/temp', 0755)) {
deltree(BOARDDIR . '/packages/temp', false);
if (!mktree(BOARDDIR . '/packages/temp', 0777)) {
deltree(BOARDDIR . '/packages/temp', false);
create_chmod_control(array(BOARDDIR . '/packages/temp/delme.tmp'), array('destination_url' => $scripturl . '?action=admin;area=packages;sa=' . $_REQUEST['sa'] . ';package=' . $context['filename'], 'crash_on_error' => true));
deltree(BOARDDIR . '/packages/temp', false);
if (!mktree(BOARDDIR . '/packages/temp', 0777)) {
fatal_lang_error('package_cant_download', false);
}
}
}
// Change our last link tree item for more information on this Packages area.
$context['uninstalling'] = $_REQUEST['sa'] === 'uninstall';
$context['linktree'][count($context['linktree']) - 1] = array('url' => $scripturl . '?action=admin;area=packages;sa=browse', 'name' => $context['uninstalling'] ? $txt['package_uninstall_actions'] : $txt['install_actions']);
$context['page_title'] .= ' - ' . ($context['uninstalling'] ? $txt['package_uninstall_actions'] : $txt['install_actions']);
$context['sub_template'] = 'view_package';
if (!file_exists(BOARDDIR . '/packages/' . $context['filename'])) {
deltree(BOARDDIR . '/packages/temp');
fatal_lang_error('package_no_file', false);
}
// Extract the files so we can get things like the readme, etc.
if (is_file(BOARDDIR . '/packages/' . $context['filename'])) {
$context['extracted_files'] = read_tgz_file(BOARDDIR . '/packages/' . $context['filename'], BOARDDIR . '/packages/temp');
if ($context['extracted_files'] && !file_exists(BOARDDIR . '/packages/temp/package-info.xml')) {
foreach ($context['extracted_files'] as $file) {
if (basename($file['filename']) == 'package-info.xml') {
$context['base_path'] = dirname($file['filename']) . '/';
break;
}
}
}
if (!isset($context['base_path'])) {
$context['base_path'] = '';
}
} elseif (is_dir(BOARDDIR . '/packages/' . $context['filename'])) {
copytree(BOARDDIR . '/packages/' . $context['filename'], BOARDDIR . '/packages/temp');
$context['extracted_files'] = listtree(BOARDDIR . '/packages/temp');
$context['base_path'] = '';
} else {
fatal_lang_error('no_access', false);
}
// Load up any custom themes we may want to install into...
$theme_paths = getThemesPathbyID();
// Get the package info...
$packageInfo = getPackageInfo($context['filename']);
if (!is_array($packageInfo)) {
fatal_lang_error($packageInfo);
}
$packageInfo['filename'] = $context['filename'];
$context['package_name'] = isset($packageInfo['name']) ? $packageInfo['name'] : $context['filename'];
// Set the type of extraction...
$context['extract_type'] = isset($packageInfo['type']) ? $packageInfo['type'] : 'modification';
// The mod isn't installed.... unless proven otherwise.
$context['is_installed'] = false;
// See if it is installed?
$package_installed = isPackageInstalled($packageInfo['id']);
$context['database_changes'] = array();
if (isset($packageInfo['uninstall']['database'])) {
$context['database_changes'][] = $txt['execute_database_changes'] . ' - ' . $packageInfo['uninstall']['database'];
} elseif (!empty($package_installed['db_changes'])) {
foreach ($package_installed['db_changes'] as $change) {
if (isset($change[2]) && isset($txt['package_db_' . $change[0]])) {
$context['database_changes'][] = sprintf($txt['package_db_' . $change[0]], $change[1], $change[2]);
} elseif (isset($txt['package_db_' . $change[0]])) {
$context['database_changes'][] = sprintf($txt['package_db_' . $change[0]], $change[1]);
} else {
$context['database_changes'][] = $change[0] . '-' . $change[1] . (isset($change[2]) ? '-' . $change[2] : '');
}
}
}
// Uninstalling?
if ($context['uninstalling']) {
// Wait, it's not installed yet!
if (!isset($package_installed['old_version']) && $context['uninstalling']) {
deltree(BOARDDIR . '/packages/temp');
fatal_lang_error('package_cant_uninstall', false);
}
$actions = parsePackageInfo($packageInfo['xml'], true, 'uninstall');
// Gadzooks! There's no uninstaller at all!?
if (empty($actions)) {
deltree(BOARDDIR . '/packages/temp');
fatal_lang_error('package_uninstall_cannot', false);
}
// Can't edit the custom themes it's edited if you're unisntalling, they must be removed.
$context['themes_locked'] = true;
// Only let them uninstall themes it was installed into.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $package_installed['old_themes'])) {
unset($theme_paths[$id]);
}
}
} elseif (isset($package_installed['old_version']) && $package_installed['old_version'] != $packageInfo['version']) {
// Look for an upgrade...
$actions = parsePackageInfo($packageInfo['xml'], true, 'upgrade', $package_installed['old_version']);
// There was no upgrade....
if (empty($actions)) {
$context['is_installed'] = true;
} else {
// Otherwise they can only upgrade themes from the first time around.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $package_installed['old_themes'])) {
unset($theme_paths[$id]);
}
}
}
} elseif (isset($package_installed['old_version']) && $package_installed['old_version'] == $packageInfo['version']) {
$context['is_installed'] = true;
}
if (!isset($package_installed['old_version']) || $context['is_installed']) {
$actions = parsePackageInfo($packageInfo['xml'], true, 'install');
}
$context['actions'] = array();
$context['ftp_needed'] = false;
$context['has_failure'] = false;
$chmod_files = array();
// No actions found, return so we can display an error
if (empty($actions)) {
return;
}
// This will hold data about anything that can be installed in other themes.
$themeFinds = array('candidates' => array(), 'other_themes' => array());
// Now prepare things for the template.
foreach ($actions as $action) {
// Not failed until proven otherwise.
$failed = false;
$thisAction = array();
if ($action['type'] == 'chmod') {
$chmod_files[] = $action['filename'];
continue;
} elseif ($action['type'] == 'readme' || $action['type'] == 'license') {
$type = 'package_' . $action['type'];
if (file_exists(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'])) {
$context[$type] = htmlspecialchars(trim(file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']), "\n\r"), ENT_COMPAT, 'UTF-8');
} elseif (file_exists($action['filename'])) {
$context[$type] = htmlspecialchars(trim(file_get_contents($action['filename']), "\n\r"), ENT_COMPAT, 'UTF-8');
}
if (!empty($action['parse_bbc'])) {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($context[$type]);
$context[$type] = parse_bbc($context[$type]);
} else {
$context[$type] = nl2br($context[$type]);
}
continue;
} elseif ($action['type'] == 'redirect') {
continue;
} elseif ($action['type'] == 'error') {
$context['has_failure'] = true;
if (isset($action['error_msg']) && isset($action['error_var'])) {
$context['failure_details'] = sprintf($txt['package_will_fail_' . $action['error_msg']], $action['error_var']);
} elseif (isset($action['error_msg'])) {
$context['failure_details'] = isset($txt['package_will_fail_' . $action['error_msg']]) ? $txt['package_will_fail_' . $action['error_msg']] : $action['error_msg'];
}
} elseif ($action['type'] == 'modification') {
if (!file_exists(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'])) {
$context['has_failure'] = true;
$context['actions'][] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($action['filename'], array(BOARDDIR => '.'))), 'description' => $txt['package_action_error'], 'failed' => true);
} else {
if ($action['boardmod']) {
$mod_actions = parseBoardMod(@file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']), true, $action['reverse'], $theme_paths);
} else {
$mod_actions = parseModification(@file_get_contents(BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename']), true, $action['reverse'], $theme_paths);
}
if (count($mod_actions) == 1 && isset($mod_actions[0]) && $mod_actions[0]['type'] == 'error' && $mod_actions[0]['filename'] == '-') {
$mod_actions[0]['filename'] = $action['filename'];
}
foreach ($mod_actions as $key => $mod_action) {
// Lets get the last section of the file name.
if (isset($mod_action['filename']) && substr($mod_action['filename'], -13) != '.template.php') {
$actual_filename = strtolower(substr(strrchr($mod_action['filename'], '/'), 1) . '||' . $action['filename']);
} elseif (isset($mod_action['filename']) && preg_match('~([\\w]*)/([\\w]*)\\.template\\.php$~', $mod_action['filename'], $matches)) {
$actual_filename = strtolower($matches[1] . '/' . $matches[2] . '.template.php||' . $action['filename']);
} else {
$actual_filename = $key;
}
if ($mod_action['type'] == 'opened') {
$failed = false;
} elseif ($mod_action['type'] == 'failure') {
if (empty($mod_action['is_custom'])) {
$context['has_failure'] = true;
}
$failed = true;
} elseif ($mod_action['type'] == 'chmod') {
$chmod_files[] = $mod_action['filename'];
} elseif ($mod_action['type'] == 'saved') {
if (!empty($mod_action['is_custom'])) {
if (!isset($context['theme_actions'][$mod_action['is_custom']])) {
$context['theme_actions'][$mod_action['is_custom']] = array('name' => $theme_paths[$mod_action['is_custom']]['name'], 'actions' => array(), 'has_failure' => $failed);
} else {
$context['theme_actions'][$mod_action['is_custom']]['has_failure'] |= $failed;
}
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $failed ? $txt['package_action_failure'] : $txt['package_action_success'], 'failed' => $failed);
} elseif (!isset($context['actions'][$actual_filename])) {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $failed ? $txt['package_action_failure'] : $txt['package_action_success'], 'failed' => $failed);
} else {
$context['actions'][$actual_filename]['failed'] |= $failed;
$context['actions'][$actual_filename]['description'] = $context['actions'][$actual_filename]['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'];
}
} elseif ($mod_action['type'] == 'skipping') {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $txt['package_action_skipping']);
} elseif ($mod_action['type'] == 'missing' && empty($mod_action['is_custom'])) {
$context['has_failure'] = true;
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $txt['package_action_missing'], 'failed' => true);
} elseif ($mod_action['type'] == 'error') {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $txt['package_action_error'], 'failed' => true);
}
}
// We need to loop again just to get the operations down correctly.
foreach ($mod_actions as $operation_key => $mod_action) {
// Lets get the last section of the file name.
if (isset($mod_action['filename']) && substr($mod_action['filename'], -13) != '.template.php') {
$actual_filename = strtolower(substr(strrchr($mod_action['filename'], '/'), 1) . '||' . $action['filename']);
} elseif (isset($mod_action['filename']) && preg_match('~([\\w]*)/([\\w]*)\\.template\\.php$~', $mod_action['filename'], $matches)) {
$actual_filename = strtolower($matches[1] . '/' . $matches[2] . '.template.php||' . $action['filename']);
} else {
$actual_filename = $operation_key;
}
// We just need it for actual parse changes.
if (!in_array($mod_action['type'], array('error', 'result', 'opened', 'saved', 'end', 'missing', 'skipping', 'chmod'))) {
if (empty($mod_action['is_custom'])) {
$context['actions'][$actual_filename]['operations'][] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $mod_action['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'], 'position' => $mod_action['position'], 'operation_key' => $operation_key, 'filename' => $action['filename'], 'is_boardmod' => $action['boardmod'], 'failed' => $mod_action['failed'], 'ignore_failure' => !empty($mod_action['ignore_failure']));
}
// Themes are under the saved type.
if (isset($mod_action['is_custom']) && isset($context['theme_actions'][$mod_action['is_custom']])) {
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array('type' => $txt['execute_modification'], 'action' => Util::htmlspecialchars(strtr($mod_action['filename'], array(BOARDDIR => '.'))), 'description' => $mod_action['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'], 'position' => $mod_action['position'], 'operation_key' => $operation_key, 'filename' => $action['filename'], 'is_boardmod' => $action['boardmod'], 'failed' => $mod_action['failed'], 'ignore_failure' => !empty($mod_action['ignore_failure']));
}
}
}
}
} elseif ($action['type'] == 'code') {
$thisAction = array('type' => $txt['execute_code'], 'action' => Util::htmlspecialchars($action['filename']));
} elseif ($action['type'] == 'database') {
$thisAction = array('type' => $txt['execute_database_changes'], 'action' => Util::htmlspecialchars($action['filename']));
} elseif (in_array($action['type'], array('create-dir', 'create-file'))) {
$thisAction = array('type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => Util::htmlspecialchars(strtr($action['destination'], array(BOARDDIR => '.'))));
} elseif ($action['type'] == 'hook') {
$action['description'] = !isset($action['hook'], $action['function']) ? $txt['package_action_failure'] : $txt['package_action_success'];
if (!isset($action['hook'], $action['function'])) {
$context['has_failure'] = true;
}
$thisAction = array('type' => $action['reverse'] ? $txt['execute_hook_remove'] : $txt['execute_hook_add'], 'action' => sprintf($txt['execute_hook_action'], Util::htmlspecialchars($action['hook'])));
} elseif ($action['type'] == 'credits') {
$thisAction = array('type' => $txt['execute_credits_add'], 'action' => sprintf($txt['execute_credits_action'], Util::htmlspecialchars($action['title'])));
} elseif ($action['type'] == 'requires') {
$installed_version = false;
$version_check = true;
// Package missing required values?
if (!isset($action['id'])) {
$context['has_failure'] = true;
} else {
// See if this dependency is installed
$installed_version = checkPackageDependency($action['id']);
// Do a version level check (if requested) in the most basic way
$version_check = isset($action['version']) ? $installed_version == $action['version'] : true;
}
// Set success or failure information
$action['description'] = $installed_version && $version_check ? $txt['package_action_success'] : $txt['package_action_failure'];
$context['has_failure'] = !($installed_version && $version_check);
$thisAction = array('type' => $txt['package_requires'], 'action' => $txt['package_check_for'] . ' ' . $action['id'] . (isset($action['version']) ? ' / ' . ($version_check ? $action['version'] : '<span class="error">' . $action['version'] . '</span>') : ''));
} elseif (in_array($action['type'], array('require-dir', 'require-file'))) {
// Do this one...
$thisAction = array('type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => Util::htmlspecialchars(strtr($action['destination'], array(BOARDDIR => '.'))));
// Could this be theme related?
if (!empty($action['unparsed_destination']) && preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir|themes_dir)~i', $action['unparsed_destination'], $matches)) {
// Is the action already stated?
$theme_action = !empty($action['theme_action']) && in_array($action['theme_action'], array('no', 'yes', 'auto')) ? $action['theme_action'] : 'auto';
// If it's not auto do we think we have something we can act upon?
if ($theme_action != 'auto' && !in_array($matches[1], array('languagedir', 'languages_dir', 'imagesdir', 'themedir'))) {
$theme_action = '';
} elseif ($theme_action == 'auto' && $matches[1] != 'imagesdir') {
$theme_action = '';
}
// So, we still want to do something?
if ($theme_action != '') {
$themeFinds['candidates'][] = $action;
} elseif ($matches[1] == 'themes_dir') {
$themeFinds['other_themes'][] = strtolower(strtr(parse_path($action['unparsed_destination']), array('\\' => '/')) . '/' . basename($action['filename']));
}
}
} elseif (in_array($action['type'], array('move-dir', 'move-file'))) {
$thisAction = array('type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => Util::htmlspecialchars(strtr($action['source'], array(BOARDDIR => '.'))) . ' => ' . Util::htmlspecialchars(strtr($action['destination'], array(BOARDDIR => '.'))));
} elseif (in_array($action['type'], array('remove-dir', 'remove-file'))) {
$thisAction = array('type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => Util::htmlspecialchars(strtr($action['filename'], array(BOARDDIR => '.'))));
// Could this be theme related?
if (!empty($action['unparsed_filename']) && preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir|themes_dir)~i', $action['unparsed_filename'], $matches)) {
// Is the action already stated?
$theme_action = !empty($action['theme_action']) && in_array($action['theme_action'], array('no', 'yes', 'auto')) ? $action['theme_action'] : 'auto';
$action['unparsed_destination'] = $action['unparsed_filename'];
// If it's not auto do we think we have something we can act upon?
if ($theme_action != 'auto' && !in_array($matches[1], array('languagedir', 'languages_dir', 'imagesdir', 'themedir'))) {
$theme_action = '';
} elseif ($theme_action == 'auto' && $matches[1] != 'imagesdir') {
$theme_action = '';
}
// So, we still want to do something?
if ($theme_action != '') {
$themeFinds['candidates'][] = $action;
} elseif ($matches[1] == 'themes_dir') {
$themeFinds['other_themes'][] = strtolower(strtr(parse_path($action['unparsed_filename']), array('\\' => '/')) . '/' . basename($action['filename']));
}
}
}
if (empty($thisAction)) {
continue;
}
if (isset($action['filename'])) {
if ($context['uninstalling']) {
$file = in_array($action['type'], array('remove-dir', 'remove-file')) ? $action['filename'] : BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'];
} else {
$file = BOARDDIR . '/packages/temp/' . $context['base_path'] . $action['filename'];
}
if (!file_exists($file)) {
$context['has_failure'] = true;
$thisAction += array('description' => $txt['package_action_error'], 'failed' => true);
}
}
// @todo None given?
if (empty($thisAction['description'])) {
$thisAction['description'] = isset($action['description']) ? $action['description'] : '';
}
$context['actions'][] = $thisAction;
}
// Have we got some things which we might want to do "multi-theme"?
if (!empty($themeFinds['candidates'])) {
foreach ($themeFinds['candidates'] as $action_data) {
// Get the part of the file we'll be dealing with.
preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir)(\\|/)*(.+)*~i', $action_data['unparsed_destination'], $matches);
if ($matches[1] == 'imagesdir') {
$path = '/' . basename($settings['default_images_url']);
} elseif ($matches[1] == 'languagedir' || $matches[1] == 'languages_dir') {
$path = '/languages';
} else {
$path = '';
}
if (!empty($matches[3])) {
$path .= $matches[3];
}
if (!$context['uninstalling']) {
$path .= '/' . basename($action_data['filename']);
}
// Loop through each custom theme to note it's candidacy!
foreach ($theme_paths as $id => $theme_data) {
if (isset($theme_data['theme_dir']) && $id != 1) {
$real_path = $theme_data['theme_dir'] . $path;
// Confirm that we don't already have this dealt with by another entry.
if (!in_array(strtolower(strtr($real_path, array('\\' => '/'))), $themeFinds['other_themes'])) {
// Check if we will need to chmod this.
if (!mktree(dirname($real_path), false)) {
$temp = dirname($real_path);
while (!file_exists($temp) && strlen($temp) > 1) {
$temp = dirname($temp);
}
$chmod_files[] = $temp;
}
if ($action_data['type'] == 'require-dir' && !is_writable($real_path) && (file_exists($real_path) || !is_writable(dirname($real_path)))) {
$chmod_files[] = $real_path;
}
if (!isset($context['theme_actions'][$id])) {
$context['theme_actions'][$id] = array('name' => $theme_data['name'], 'actions' => array());
}
if ($context['uninstalling']) {
$context['theme_actions'][$id]['actions'][] = array('type' => $txt['package_delete'] . ' ' . ($action_data['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => strtr($real_path, array('\\' => '/', BOARDDIR => '.')), 'description' => '', 'value' => base64_encode(serialize(array('type' => $action_data['type'], 'orig' => $action_data['filename'], 'future' => $real_path, 'id' => $id))), 'not_mod' => true);
} else {
$context['theme_actions'][$id]['actions'][] = array('type' => $txt['package_extract'] . ' ' . ($action_data['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => strtr($real_path, array('\\' => '/', BOARDDIR => '.')), 'description' => '', 'value' => base64_encode(serialize(array('type' => $action_data['type'], 'orig' => $action_data['destination'], 'future' => $real_path, 'id' => $id))), 'not_mod' => true);
}
}
}
}
}
}
// Trash the cache... which will also check permissions for us!
package_flush_cache(true);
if (file_exists(BOARDDIR . '/packages/temp')) {
deltree(BOARDDIR . '/packages/temp');
}
if (!empty($chmod_files)) {
$ftp_status = create_chmod_control($chmod_files);
$context['ftp_needed'] = !empty($ftp_status['files']['notwritable']) && !empty($context['package_ftp']);
}
$context['post_url'] = $scripturl . '?action=admin;area=packages;sa=' . ($context['uninstalling'] ? 'uninstall' : 'install') . ($context['ftp_needed'] ? '' : '2') . ';package=' . $context['filename'] . ';pid=' . $context['install_id'];
checkSubmitOnce('register');
}
function TP_createtopic($title, $text, $icon, $board, $sticky = 0, $submitter)
{
global $user_info, $board_info, $sourcedir;
require_once $sourcedir . '/Subs-Post.php';
$body = str_replace(array("<", ">", "\n", "\t"), array("<", ">", "<br>", " "), $text);
preparsecode($body);
// Collect all parameters for the creation or modification of a post.
$msgOptions = array('id' => empty($_REQUEST['msg']) ? 0 : (int) $_REQUEST['msg'], 'subject' => $title, 'body' => $body, 'icon' => $icon, 'smileys_enabled' => '1', 'attachments' => array());
$topicOptions = array('id' => empty($topic) ? 0 : $topic, 'board' => $board, 'poll' => null, 'lock_mode' => null, 'sticky_mode' => $sticky, 'mark_as_read' => true);
$posterOptions = array('id' => $submitter, 'name' => '', 'email' => '', 'update_post_count' => !$user_info['is_guest'] && !isset($_REQUEST['msg']) && $board_info['posts_count']);
if (createPost($msgOptions, $topicOptions, $posterOptions)) {
$topi = $topicOptions['id'];
} else {
$topi = 0;
}
return $topi;
}
// Add the changes for articles
articleUpdates();
// make sure TPShout is available
$request = $smcFunc['db_query']('', '
SELECT id FROM {db_prefix}tp_modules
WHERE modulename = {string:name}', array('name' => 'TPShout'));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_modules
SET logo = {string:logo}', array('logo' => 'tpshoutbox.png'));
} else {
$newmod = array('version' => '1.2', 'modulename' => 'TPShout', 'title' => 'TP Simple Shout', 'subquery' => 'shout', 'autoload_run' => 'TPShout.php', 'autoload_admin' => 'TPShout.php', 'autorun' => '', 'autorun_admin' => '', 'db' => '', 'permissions' => 'tp_can_admin_shout|1', 'active' => 1, 'languages' => 'english', 'blockrender' => 'tpshout_fetch', 'adminhook' => 'tpshout_adminhook', 'logo' => 'tpshoutbox.png', 'tpversion' => '1.2', 'smfversion' => '2.0.x', 'description' => '[b]TP Simple Shoutbox[/b] is the original shoutbox from v0.9 series of TinyPortal, now converted to a TP module. It allows shout in BBC format, scrolling of shouts, insert of BBC codes and smilies and an admin interface to delete or modify shouts.<br /> ', 'author' => 'IchBin', 'email' => '*****@*****.**', 'website' => 'http://www.tinyportal.net', 'profile' => 'tpshout_profile', 'frontsection' => 'tpshout_frontpage');
require_once $sourcedir . '/Subs-Post.php';
preparsecode($newmod['description']);
// ok, insert this into modules table.
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_modules', array('version' => 'string', 'modulename' => 'string', 'title' => 'string', 'subquery' => 'string', 'autoload_run' => 'string', 'autoload_admin' => 'string', 'autorun' => 'string', 'autorun_admin' => 'string', 'db' => 'string', 'permissions' => 'string', 'active' => 'int', 'languages' => 'string', 'blockrender' => 'string', 'adminhook' => 'string', 'logo' => 'string', 'tpversion' => 'string', 'smfversion' => 'string', 'description' => 'string', 'author' => 'string', 'email' => 'string', 'website' => 'string', 'profile' => 'string', 'frontsection' => 'string'), $newmod, array('id'));
}
// check if blocks access2 needs converting
if (isset($convertaccess)) {
$request = $smcFunc['db_query']('', '
SELECT id ,access2 FROM {db_prefix}tp_blocks WHERE 1');
if ($smcFunc['db_num_rows']($request) > 0) {
$new = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
unset($new);
$new = array();
$a = explode('|', $row['access2']);
if (count($a) > 1) {
foreach ($a as $b => $what) {
/**
* Prepare subject and message of an email for the preview box
*
* Used in action_mailingcompose and RetrievePreview (Xml.controller.php)
*
* @package Mail
*/
function prepareMailingForPreview()
{
global $context, $modSettings, $scripturl, $user_info, $txt;
loadLanguage('Errors');
require_once SUBSDIR . '/Post.subs.php';
$processing = array('preview_subject' => 'subject', 'preview_message' => 'message');
// Use the default time format.
$user_info['time_format'] = $modSettings['time_format'];
$variables = array('{$board_url}', '{$current_time}', '{$latest_member.link}', '{$latest_member.id}', '{$latest_member.name}');
$html = $context['send_html'];
// We might need this in a bit
$cleanLatestMember = empty($context['send_html']) || $context['send_pm'] ? un_htmlspecialchars($modSettings['latestRealName']) : $modSettings['latestRealName'];
foreach ($processing as $key => $post) {
$context[$key] = !empty($_REQUEST[$post]) ? $_REQUEST[$post] : '';
if (empty($context[$key]) && empty($_REQUEST['xml'])) {
$context['post_error']['messages'][] = $txt['error_no_' . $post];
} elseif (!empty($_REQUEST['xml'])) {
continue;
}
preparsecode($context[$key]);
// Sending as html then we convert any bbc
if ($html) {
$enablePostHTML = $modSettings['enablePostHTML'];
$modSettings['enablePostHTML'] = $context['send_html'];
$context[$key] = parse_bbc($context[$key]);
$modSettings['enablePostHTML'] = $enablePostHTML;
}
// Replace in all the standard things.
$context[$key] = str_replace($variables, array(!empty($context['send_html']) ? '<a href="' . $scripturl . '">' . $scripturl . '</a>' : $scripturl, standardTime(forum_time(), false), !empty($context['send_html']) ? '<a href="' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . '">' . $cleanLatestMember . '</a>' : ($context['send_pm'] ? '[url=' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . ']' . $cleanLatestMember . '[/url]' : $cleanLatestMember), $modSettings['latestMember'], $cleanLatestMember), $context[$key]);
}
}
function PackageInstallTest()
{
global $boarddir, $txt, $context, $scripturl, $sourcedir, $modSettings, $settings;
// You have to specify a file!!
if (!isset($_REQUEST['package']) || $_REQUEST['package'] == '') {
redirectexit('action=admin;area=packages');
}
$context['filename'] = preg_replace('~[\\.]+~', '.', $_REQUEST['package']);
// Do we have an existing id, for uninstalls and the like.
$context['install_id'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 0;
require_once $sourcedir . '/lib/Subs-Package.php';
// Load up the package FTP information?
create_chmod_control();
// Make sure temp directory exists and is empty.
if (file_exists($boarddir . '/Packages/temp')) {
deltree($boarddir . '/Packages/temp', false);
}
if (!mktree($boarddir . '/Packages/temp', 0755)) {
deltree($boarddir . '/Packages/temp', false);
if (!mktree($boarddir . '/Packages/temp', 0777)) {
deltree($boarddir . '/Packages/temp', false);
create_chmod_control(array($boarddir . '/Packages/temp/delme.tmp'), array('destination_url' => $scripturl . '?action=admin;area=packages;sa=' . $_REQUEST['sa'] . ';package=' . $_REQUEST['package'], 'crash_on_error' => true));
deltree($boarddir . '/Packages/temp', false);
if (!mktree($boarddir . '/Packages/temp', 0777)) {
fatal_lang_error('package_cant_download', false);
}
}
}
$context['uninstalling'] = $_REQUEST['sa'] == 'uninstall';
// Change our last link tree item for more information on this Packages area.
$context['linktree'][count($context['linktree']) - 1] = array('url' => $scripturl . '?action=admin;area=packages;sa=browse', 'name' => $context['uninstalling'] ? $txt['package_uninstall_actions'] : $txt['install_actions']);
$context['page_title'] .= ' - ' . ($context['uninstalling'] ? $txt['package_uninstall_actions'] : $txt['install_actions']);
$context['sub_template'] = 'view_package';
if (!file_exists($boarddir . '/Packages/' . $context['filename'])) {
deltree($boarddir . '/Packages/temp');
fatal_lang_error('package_no_file', false);
}
// Extract the files so we can get things like the readme, etc.
if (is_file($boarddir . '/Packages/' . $context['filename'])) {
$context['extracted_files'] = read_tgz_file($boarddir . '/Packages/' . $context['filename'], $boarddir . '/Packages/temp');
if ($context['extracted_files'] && !file_exists($boarddir . '/Packages/temp/package-info.xml')) {
foreach ($context['extracted_files'] as $file) {
if (basename($file['filename']) == 'package-info.xml') {
$context['base_path'] = dirname($file['filename']) . '/';
break;
}
}
}
if (!isset($context['base_path'])) {
$context['base_path'] = '';
}
} elseif (is_dir($boarddir . '/Packages/' . $context['filename'])) {
copytree($boarddir . '/Packages/' . $context['filename'], $boarddir . '/Packages/temp');
$context['extracted_files'] = listtree($boarddir . '/Packages/temp');
$context['base_path'] = '';
} else {
fatal_lang_error('no_access', false);
}
// Load up any custom themes we may want to install into...
$request = smf_db_query('
SELECT id_theme, variable, value
FROM {db_prefix}themes
WHERE (id_theme = {int:default_theme} OR id_theme IN ({array_int:known_theme_list}))
AND variable IN ({string:name}, {string:theme_dir})', array('known_theme_list' => explode(',', $modSettings['knownThemes']), 'default_theme' => 1, 'name' => 'name', 'theme_dir' => 'theme_dir'));
$theme_paths = array();
while ($row = mysql_fetch_assoc($request)) {
$theme_paths[$row['id_theme']][$row['variable']] = $row['value'];
}
mysql_free_result($request);
// Get the package info...
$packageInfo = getPackageInfo($context['filename']);
if (!is_array($packageInfo)) {
fatal_lang_error($packageInfo);
}
$packageInfo['filename'] = $context['filename'];
$context['package_name'] = isset($packageInfo['name']) ? $packageInfo['name'] : $context['filename'];
// Set the type of extraction...
$context['extract_type'] = isset($packageInfo['type']) ? $packageInfo['type'] : 'modification';
// The mod isn't installed.... unless proven otherwise.
$context['is_installed'] = false;
// See if it is installed?
$request = smf_db_query('
SELECT version, themes_installed, db_changes
FROM {db_prefix}log_packages
WHERE package_id = {string:current_package}
AND install_state != {int:not_installed}
ORDER BY time_installed DESC
LIMIT 1', array('not_installed' => 0, 'current_package' => $packageInfo['id']));
while ($row = mysql_fetch_assoc($request)) {
$old_themes = explode(',', $row['themes_installed']);
$old_version = $row['version'];
$db_changes = empty($row['db_changes']) ? array() : unserialize($row['db_changes']);
}
mysql_free_result($request);
$context['database_changes'] = array();
if (!empty($db_changes)) {
foreach ($db_changes as $change) {
if (isset($change[2]) && isset($txt['package_db_' . $change[0]])) {
$context['database_changes'][] = sprintf($txt['package_db_' . $change[0]], $change[1], $change[2]);
} elseif (isset($txt['package_db_' . $change[0]])) {
$context['database_changes'][] = sprintf($txt['package_db_' . $change[0]], $change[1]);
} else {
$context['database_changes'][] = $change[0] . '-' . $change[1] . (isset($change[2]) ? '-' . $change[2] : '');
}
}
}
// Uninstalling?
if ($context['uninstalling']) {
// Wait, it's not installed yet!
if (!isset($old_version) && $context['uninstalling']) {
deltree($boarddir . '/Packages/temp');
fatal_lang_error('package_cant_uninstall', false);
}
$actions = parsePackageInfo($packageInfo['xml'], true, 'uninstall');
// Gadzooks! There's no uninstaller at all!?
if (empty($actions)) {
deltree($boarddir . '/Packages/temp');
fatal_lang_error('package_uninstall_cannot', false);
}
// Can't edit the custom themes it's edited if you're unisntalling, they must be removed.
$context['themes_locked'] = true;
// Only let them uninstall themes it was installed into.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $old_themes)) {
unset($theme_paths[$id]);
}
}
} elseif (isset($old_version) && $old_version != $packageInfo['version']) {
// Look for an upgrade...
$actions = parsePackageInfo($packageInfo['xml'], true, 'upgrade', $old_version);
// There was no upgrade....
if (empty($actions)) {
$context['is_installed'] = true;
} else {
// Otherwise they can only upgrade themes from the first time around.
foreach ($theme_paths as $id => $data) {
if ($id != 1 && !in_array($id, $old_themes)) {
unset($theme_paths[$id]);
}
}
}
} elseif (isset($old_version) && $old_version == $packageInfo['version']) {
$context['is_installed'] = true;
}
if (!isset($old_version) || $context['is_installed']) {
$actions = parsePackageInfo($packageInfo['xml'], true, 'install');
}
$context['actions'] = array();
$context['ftp_needed'] = false;
$context['has_failure'] = false;
$chmod_files = array();
if (empty($actions)) {
return;
}
// This will hold data about anything that can be installed in other themes.
$themeFinds = array('candidates' => array(), 'other_themes' => array());
// Now prepare things for the template.
foreach ($actions as $action) {
// Not failed until proven otherwise.
$failed = false;
if ($action['type'] == 'chmod') {
$chmod_files[] = $action['filename'];
continue;
} elseif ($action['type'] == 'readme') {
if (file_exists($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename'])) {
$context['package_readme'] = htmlspecialchars(trim(file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']), "\n\r"));
} elseif (file_exists($action['filename'])) {
$context['package_readme'] = htmlspecialchars(trim(file_get_contents($action['filename']), "\n\r"));
}
if (!empty($action['parse_bbc'])) {
require_once $sourcedir . '/lib/Subs-Post.php';
preparsecode($context['package_readme']);
$context['package_readme'] = parse_bbc($context['package_readme']);
} else {
$context['package_readme'] = nl2br($context['package_readme']);
}
continue;
} elseif ($action['type'] == 'redirect') {
continue;
} elseif ($action['type'] == 'error') {
$context['has_failure'] = true;
} elseif ($action['type'] == 'modification') {
if (!file_exists($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename'])) {
$context['has_failure'] = true;
$context['actions'][] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($action['filename'], array($boarddir => '.'))), 'description' => $txt['package_action_error'], 'failed' => true);
}
if ($action['boardmod']) {
$mod_actions = parseBoardMod(@file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']), true, $action['reverse'], $theme_paths);
} else {
$mod_actions = parseModification(@file_get_contents($boarddir . '/Packages/temp/' . $context['base_path'] . $action['filename']), true, $action['reverse'], $theme_paths);
}
if (count($mod_actions) == 1 && isset($mod_actions[0]) && $mod_actions[0]['type'] == 'error' && $mod_actions[0]['filename'] == '-') {
$mod_actions[0]['filename'] = $action['filename'];
}
foreach ($mod_actions as $key => $mod_action) {
// Lets get the last section of the file name.
if (isset($mod_action['filename']) && substr($mod_action['filename'], -13) != '.template.php') {
$actual_filename = strtolower(substr(strrchr($mod_action['filename'], '/'), 1) . '||' . $action['filename']);
} elseif (isset($mod_action['filename']) && preg_match('~([\\w]*)/([\\w]*)\\.template\\.php$~', $mod_action['filename'], $matches)) {
$actual_filename = strtolower($matches[1] . '/' . $matches[2] . '.template.php' . '||' . $action['filename']);
} else {
$actual_filename = $key;
}
if ($mod_action['type'] == 'opened') {
$failed = false;
} elseif ($mod_action['type'] == 'failure') {
if (empty($mod_action['is_custom'])) {
$context['has_failure'] = true;
}
$failed = true;
} elseif ($mod_action['type'] == 'chmod') {
$chmod_files[] = $mod_action['filename'];
} elseif ($mod_action['type'] == 'saved') {
if (!empty($mod_action['is_custom'])) {
if (!isset($context['theme_actions'][$mod_action['is_custom']])) {
$context['theme_actions'][$mod_action['is_custom']] = array('name' => $theme_paths[$mod_action['is_custom']]['name'], 'actions' => array(), 'has_failure' => $failed);
} else {
$context['theme_actions'][$mod_action['is_custom']]['has_failure'] |= $failed;
}
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $failed ? $txt['package_action_failure'] : $txt['package_action_success'], 'failed' => $failed);
} elseif (!isset($context['actions'][$actual_filename])) {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $failed ? $txt['package_action_failure'] : $txt['package_action_success'], 'failed' => $failed);
} else {
$context['actions'][$actual_filename]['failed'] |= $failed;
$context['actions'][$actual_filename]['description'] = $context['actions'][$actual_filename]['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'];
}
} elseif ($mod_action['type'] == 'skipping') {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $txt['package_action_skipping']);
} elseif ($mod_action['type'] == 'missing' && empty($mod_action['is_custom'])) {
$context['has_failure'] = true;
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $txt['package_action_missing'], 'failed' => true);
} elseif ($mod_action['type'] == 'error') {
$context['actions'][$actual_filename] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $txt['package_action_error'], 'failed' => true);
}
}
// We need to loop again just to get the operations down correctly.
foreach ($mod_actions as $operation_key => $mod_action) {
// Lets get the last section of the file name.
if (isset($mod_action['filename']) && substr($mod_action['filename'], -13) != '.template.php') {
$actual_filename = strtolower(substr(strrchr($mod_action['filename'], '/'), 1) . '||' . $action['filename']);
} elseif (isset($mod_action['filename']) && preg_match('~([\\w]*)/([\\w]*)\\.template\\.php$~', $mod_action['filename'], $matches)) {
$actual_filename = strtolower($matches[1] . '/' . $matches[2] . '.template.php' . '||' . $action['filename']);
} else {
$actual_filename = $key;
}
// We just need it for actual parse changes.
if (!in_array($mod_action['type'], array('error', 'result', 'opened', 'saved', 'end', 'missing', 'skipping', 'chmod'))) {
if (empty($mod_action['is_custom'])) {
$context['actions'][$actual_filename]['operations'][] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $mod_action['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'], 'position' => $mod_action['position'], 'operation_key' => $operation_key, 'filename' => $action['filename'], 'is_boardmod' => $action['boardmod'], 'failed' => $mod_action['failed'], 'ignore_failure' => !empty($mod_action['ignore_failure']));
}
// Themes are under the saved type.
if (isset($mod_action['is_custom']) && isset($context['theme_actions'][$mod_action['is_custom']])) {
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array('type' => $txt['execute_modification'], 'action' => commonAPI::htmlspecialchars(strtr($mod_action['filename'], array($boarddir => '.'))), 'description' => $mod_action['failed'] ? $txt['package_action_failure'] : $txt['package_action_success'], 'position' => $mod_action['position'], 'operation_key' => $operation_key, 'filename' => $action['filename'], 'is_boardmod' => $action['boardmod'], 'failed' => $mod_action['failed'], 'ignore_failure' => !empty($mod_action['ignore_failure']));
}
}
}
// Don't add anything else.
$thisAction = array();
} elseif ($action['type'] == 'code') {
$thisAction = array('type' => $txt['execute_code'], 'action' => commonAPI::htmlspecialchars($action['filename']));
} elseif ($action['type'] == 'database') {
$thisAction = array('type' => $txt['execute_database_changes'], 'action' => commonAPI::htmlspecialchars($action['filename']));
} elseif (in_array($action['type'], array('create-dir', 'create-file'))) {
$thisAction = array('type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => commonAPI::htmlspecialchars(strtr($action['destination'], array($boarddir => '.'))));
} elseif (in_array($action['type'], array('require-dir', 'require-file'))) {
// Do this one...
$thisAction = array('type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => commonAPI::htmlspecialchars(strtr($action['destination'], array($boarddir => '.'))));
// Could this be theme related?
if (!empty($action['unparsed_destination']) && preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir|themes_dir)~i', $action['unparsed_destination'], $matches)) {
// Is the action already stated?
$theme_action = !empty($action['theme_action']) && in_array($action['theme_action'], array('no', 'yes', 'auto')) ? $action['theme_action'] : 'auto';
// If it's not auto do we think we have something we can act upon?
if ($theme_action != 'auto' && !in_array($matches[1], array('languagedir', 'languages_dir', 'imagesdir', 'themedir'))) {
$theme_action = '';
} elseif ($theme_action == 'auto' && $matches[1] != 'imagesdir') {
$theme_action = '';
}
// So, we still want to do something?
if ($theme_action != '') {
$themeFinds['candidates'][] = $action;
} elseif ($matches[1] == 'themes_dir') {
$themeFinds['other_themes'][] = strtolower(strtr(parse_path($action['unparsed_destination']), array('\\' => '/')) . '/' . basename($action['filename']));
}
}
} elseif (in_array($action['type'], array('move-dir', 'move-file'))) {
$thisAction = array('type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => commonAPI::htmlspecialchars(strtr($action['source'], array($boarddir => '.'))) . ' => ' . commonAPI::htmlspecialchars(strtr($action['destination'], array($boarddir => '.'))));
} elseif (in_array($action['type'], array('remove-dir', 'remove-file'))) {
$thisAction = array('type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => commonAPI::htmlspecialchars(strtr($action['filename'], array($boarddir => '.'))));
// Could this be theme related?
if (!empty($action['unparsed_filename']) && preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir|themes_dir)~i', $action['unparsed_filename'], $matches)) {
// Is the action already stated?
$theme_action = !empty($action['theme_action']) && in_array($action['theme_action'], array('no', 'yes', 'auto')) ? $action['theme_action'] : 'auto';
$action['unparsed_destination'] = $action['unparsed_filename'];
// If it's not auto do we think we have something we can act upon?
if ($theme_action != 'auto' && !in_array($matches[1], array('languagedir', 'languages_dir', 'imagesdir', 'themedir'))) {
$theme_action = '';
} elseif ($theme_action == 'auto' && $matches[1] != 'imagesdir') {
$theme_action = '';
}
// So, we still want to do something?
if ($theme_action != '') {
$themeFinds['candidates'][] = $action;
} elseif ($matches[1] == 'themes_dir') {
$themeFinds['other_themes'][] = strtolower(strtr(parse_path($action['unparsed_filename']), array('\\' => '/')) . '/' . basename($action['filename']));
}
}
}
if (empty($thisAction)) {
continue;
}
// !!! None given?
$thisAction['description'] = isset($action['description']) ? $action['description'] : '';
$context['actions'][] = $thisAction;
}
// Have we got some things which we might want to do "multi-theme"?
if (!empty($themeFinds['candidates'])) {
foreach ($themeFinds['candidates'] as $action_data) {
// Get the part of the file we'll be dealing with.
preg_match('~^\\$(languagedir|languages_dir|imagesdir|themedir)(\\|/)*(.+)*~i', $action_data['unparsed_destination'], $matches);
if ($matches[1] == 'imagesdir') {
$path = '/' . basename($settings['default_images_url']);
} elseif ($matches[1] == 'languagedir' || $matches[1] == 'languages_dir') {
$path = '/languages';
} else {
$path = '';
}
if (!empty($matches[3])) {
$path .= $matches[3];
}
if (!$context['uninstalling']) {
$path .= '/' . basename($action_data['filename']);
}
// Loop through each custom theme to note it's candidacy!
foreach ($theme_paths as $id => $theme_data) {
if (isset($theme_data['theme_dir']) && $id != 1) {
$real_path = $theme_data['theme_dir'] . $path;
// Confirm that we don't already have this dealt with by another entry.
if (!in_array(strtolower(strtr($real_path, array('\\' => '/'))), $themeFinds['other_themes'])) {
// Check if we will need to chmod this.
if (!mktree(dirname($real_path), false)) {
$temp = dirname($real_path);
while (!file_exists($temp) && strlen($temp) > 1) {
$temp = dirname($temp);
}
$chmod_files[] = $temp;
}
if ($action_data['type'] == 'require-dir' && !is_writable($real_path) && (file_exists($real_path) || !is_writable(dirname($real_path)))) {
$chmod_files[] = $real_path;
}
if (!isset($context['theme_actions'][$id])) {
$context['theme_actions'][$id] = array('name' => $theme_data['name'], 'actions' => array());
}
if ($context['uninstalling']) {
$context['theme_actions'][$id]['actions'][] = array('type' => $txt['package_delete'] . ' ' . ($action_data['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => strtr($real_path, array('\\' => '/', $boarddir => '.')), 'description' => '', 'value' => base64_encode(serialize(array('type' => $action_data['type'], 'orig' => $action_data['filename'], 'future' => $real_path, 'id' => $id))), 'not_mod' => true);
} else {
$context['theme_actions'][$id]['actions'][] = array('type' => $txt['package_extract'] . ' ' . ($action_data['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']), 'action' => strtr($real_path, array('\\' => '/', $boarddir => '.')), 'description' => '', 'value' => base64_encode(serialize(array('type' => $action_data['type'], 'orig' => $action_data['destination'], 'future' => $real_path, 'id' => $id))), 'not_mod' => true);
}
}
}
}
}
}
// Trash the cache... which will also check permissions for us!
package_flush_cache(true);
if (file_exists($boarddir . '/Packages/temp')) {
deltree($boarddir . '/Packages/temp');
}
if (!empty($chmod_files)) {
$ftp_status = create_chmod_control($chmod_files);
$context['ftp_needed'] = !empty($ftp_status['files']['notwritable']) && !empty($context['package_ftp']);
}
checkSubmitOnce('register');
}
/**
* Shows an interface to set and test censored words.
*
* - It uses the censor_vulgar, censor_proper, censorWholeWord, and
* censorIgnoreCase settings.
* - Requires the admin_forum permission.
* - Accessed from ?action=admin;area=postsettings;sa=censor.
*
* @uses the Admin template and the edit_censored sub template.
*/
public function action_censor()
{
global $txt, $modSettings, $context;
if (!empty($_POST['save_censor'])) {
// Make sure censoring is something they can do.
checkSession();
validateToken('admin-censor');
$censored_vulgar = array();
$censored_proper = array();
// Rip it apart, then split it into two arrays.
if (isset($_POST['censortext'])) {
$_POST['censortext'] = explode("\n", strtr($_POST['censortext'], array("\r" => '')));
foreach ($_POST['censortext'] as $c) {
list($censored_vulgar[], $censored_proper[]) = array_pad(explode('=', trim($c)), 2, '');
}
} elseif (isset($_POST['censor_vulgar'], $_POST['censor_proper'])) {
if (is_array($_POST['censor_vulgar'])) {
foreach ($_POST['censor_vulgar'] as $i => $value) {
if (trim(strtr($value, '*', ' ')) == '') {
unset($_POST['censor_vulgar'][$i], $_POST['censor_proper'][$i]);
}
}
$censored_vulgar = $_POST['censor_vulgar'];
$censored_proper = $_POST['censor_proper'];
} else {
$censored_vulgar = explode("\n", strtr($_POST['censor_vulgar'], array("\r" => '')));
$censored_proper = explode("\n", strtr($_POST['censor_proper'], array("\r" => '')));
}
}
// Set the new arrays and settings in the database.
$updates = array('censor_vulgar' => implode("\n", $censored_vulgar), 'censor_proper' => implode("\n", $censored_proper), 'censorWholeWord' => empty($_POST['censorWholeWord']) ? '0' : '1', 'censorIgnoreCase' => empty($_POST['censorIgnoreCase']) ? '0' : '1');
call_integration_hook('integrate_save_censors', array(&$updates));
updateSettings($updates);
}
// Testing a word to see how it will be censored?
if (isset($_POST['censortest'])) {
require_once SUBSDIR . '/Post.subs.php';
$censorText = htmlspecialchars($_POST['censortest'], ENT_QUOTES, 'UTF-8');
preparsecode($censorText);
$pre_censor = $censorText;
$context['censor_test'] = strtr(censorText($censorText), array('"' => '"'));
}
// Set everything up for the template to do its thang.
$censor_vulgar = explode("\n", $modSettings['censor_vulgar']);
$censor_proper = explode("\n", $modSettings['censor_proper']);
$context['censored_words'] = array();
for ($i = 0, $n = count($censor_vulgar); $i < $n; $i++) {
if (empty($censor_vulgar[$i])) {
continue;
}
// Skip it, it's either spaces or stars only.
if (trim(strtr($censor_vulgar[$i], '*', ' ')) == '') {
continue;
}
$context['censored_words'][htmlspecialchars(trim($censor_vulgar[$i]))] = isset($censor_proper[$i]) ? htmlspecialchars($censor_proper[$i], ENT_COMPAT, 'UTF-8') : '';
}
call_integration_hook('integrate_censors');
createToken('admin-censor');
// Using ajax?
if (isset($_REQUEST['xml'], $_POST['censortest'])) {
// Clear the templates
$template_layers = Template_Layers::getInstance();
$template_layers->removeAll();
// Send back a response
loadTemplate('Json');
$context['sub_template'] = 'send_json';
$context['json_data'] = array('result' => true, 'censor' => $pre_censor . ' <i class="fa fa-arrow-circle-right"></i> ' . $context['censor_test'], 'token_val' => $context['admin-censor_token_var'], 'token' => $context['admin-censor_token']);
} else {
$context['sub_template'] = 'edit_censored';
$context['page_title'] = $txt['admin_censored_words'];
}
}
/**
* Let the administrator(s) edit the news items for the forum.
*
* What it does:
* - It writes an entry into the moderation log.
* - This function uses the edit_news administration area.
* - Called by ?action=admin;area=news.
* - Requires the edit_news permission.
* - Can be accessed with ?action=admin;sa=editnews.
*/
public function action_editnews()
{
global $txt, $modSettings, $context, $scripturl;
require_once SUBSDIR . '/Post.subs.php';
// The 'remove selected' button was pressed.
if (!empty($_POST['delete_selection']) && !empty($_POST['remove'])) {
checkSession();
// Store the news temporarily in this array.
$temp_news = explode("\n", $modSettings['news']);
// Remove the items that were selected.
foreach ($temp_news as $i => $news) {
if (in_array($i, $_POST['remove'])) {
unset($temp_news[$i]);
}
}
// Update the database.
updateSettings(array('news' => implode("\n", $temp_news)));
logAction('news');
} elseif (!empty($_POST['save_items'])) {
checkSession();
foreach ($_POST['news'] as $i => $news) {
if (trim($news) == '') {
unset($_POST['news'][$i]);
} else {
$_POST['news'][$i] = Util::htmlspecialchars($_POST['news'][$i], ENT_QUOTES);
preparsecode($_POST['news'][$i]);
}
}
// Send the new news to the database.
updateSettings(array('news' => implode("\n", $_POST['news'])));
// Log this into the moderation log.
logAction('news');
}
// We're going to want this for making our list.
require_once SUBSDIR . '/GenericList.class.php';
require_once SUBSDIR . '/News.subs.php';
$context['page_title'] = $txt['admin_edit_news'];
// Use the standard templates for showing this.
$listOptions = array('id' => 'news_lists', 'get_items' => array('function' => 'getNews'), 'columns' => array('news' => array('header' => array('value' => $txt['admin_edit_news']), 'data' => array('function' => create_function('$news', '
return \'<textarea class="" id="data_\' . $news[\'id\'] . \'" rows="3" name="news[]">\' . $news[\'unparsed\'] . \'</textarea>
<br />
<div id="preview_\' . $news[\'id\'] . \'"></div>\';
'), 'class' => 'newsarea')), 'preview' => array('header' => array('value' => $txt['preview']), 'data' => array('function' => create_function('$news', '
return \'<div id="box_preview_\' . $news[\'id\'] . \'">\' . $news[\'parsed\'] . \'</div>\';
'), 'class' => 'newspreview')), 'check' => array('header' => array('value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />', 'class' => 'centertext'), 'data' => array('function' => create_function('$news', '
if (is_numeric($news[\'id\']))
return \'<input type="checkbox" name="remove[]" value="\' . $news[\'id\'] . \'" class="input_check" />\';
else
return \'\';
'), 'class' => 'centertext'))), 'form' => array('href' => $scripturl . '?action=admin;area=news;sa=editnews', 'hidden_fields' => array($context['session_var'] => $context['session_id'])), 'additional_rows' => array(array('position' => 'bottom_of_list', 'class' => 'submitbutton', 'value' => '
<input type="submit" name="save_items" value="' . $txt['save'] . '" class="right_submit" />
<input type="submit" name="delete_selection" value="' . $txt['editnews_remove_selected'] . '" onclick="return confirm(\'' . $txt['editnews_remove_confirm'] . '\');" class="right_submit" />
<span id="moreNewsItems_link" style="display: none;">
<a class="linkbutton" href="javascript:void(0);" onclick="addAnotherNews(); return false;">' . $txt['editnews_clickadd'] . '</a>
</span>')), 'javascript' => '
document.getElementById(\'list_news_lists_last\').style.display = "none";
document.getElementById("moreNewsItems_link").style.display = "";
var last_preview = 0;
var txt_preview = ' . javaScriptEscape($txt['preview']) . ';
var txt_news_error_no_news = ' . javaScriptEscape($txt['news_error_no_news']) . ';
$(document).ready(function () {
$("div[id ^= \'preview_\']").each(function () {
var preview_id = $(this).attr(\'id\').split(\'_\')[1];
if (last_preview < preview_id)
last_preview = preview_id;
make_preview_btn(preview_id);
});
});
');
// Create the request list.
createList($listOptions);
$context['sub_template'] = 'show_list';
$context['default_list'] = 'news_lists';
}
function JavaScriptModify()
{
global $sourcedir, $modSettings, $board, $topic, $txt;
global $user_info, $context, $smcFunc, $language;
// We have to have a topic!
if (empty($topic)) {
obExit(false);
}
checkSession('get');
require_once $sourcedir . '/Subs-Post.php';
// Assume the first message if no message ID was given.
$request = $smcFunc['db_query']('', '
SELECT
t.locked, t.num_replies, t.id_member_started, t.id_first_msg,
m.id_msg, m.id_member, m.poster_time, m.subject, m.smileys_enabled, m.body, m.icon,
m.modified_time, m.modified_name, m.approved
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
WHERE m.id_msg = {raw:id_msg}
AND m.id_topic = {int:current_topic}' . (allowedTo('approve_posts') ? '' : (!$modSettings['postmod_active'] ? '
AND (m.id_member != {int:guest_id} AND m.id_member = {int:current_member})' : '
AND (m.approved = {int:is_approved} OR (m.id_member != {int:guest_id} AND m.id_member = {int:current_member}))')), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'id_msg' => empty($_REQUEST['msg']) ? 't.id_first_msg' : (int) $_REQUEST['msg'], 'is_approved' => 1, 'guest_id' => 0));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_board', false);
}
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
// Change either body or subject requires permissions to modify messages.
if (isset($_POST['message']) || isset($_POST['subject']) || isset($_REQUEST['icon'])) {
if (!empty($row['locked'])) {
isAllowedTo('moderate_board');
}
if ($row['id_member'] == $user_info['id'] && !allowedTo('modify_any')) {
if ((!$modSettings['postmod_active'] || $row['approved']) && !empty($modSettings['edit_disable_time']) && $row['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($row['id_member_started'] == $user_info['id'] && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($row['id_member_started'] == $user_info['id'] && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_any');
}
// Only log this action if it wasn't your message.
$moderationAction = $row['id_member'] != $user_info['id'];
}
$post_errors = array();
if (isset($_POST['subject']) && $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['subject'])) !== '') {
$_POST['subject'] = strtr($smcFunc['htmlspecialchars']($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
// Maximum number of characters.
if ($smcFunc['strlen']($_POST['subject']) > 100) {
$_POST['subject'] = $smcFunc['substr']($_POST['subject'], 0, 100);
}
} elseif (isset($_POST['subject'])) {
$post_errors[] = 'no_subject';
unset($_POST['subject']);
}
if (isset($_POST['message'])) {
if ($smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['message'])) === '') {
$post_errors[] = 'no_message';
unset($_POST['message']);
} elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
unset($_POST['message']);
} else {
$_POST['message'] = $smcFunc['htmlspecialchars']($_POST['message'], ENT_QUOTES);
preparsecode($_POST['message']);
if ($smcFunc['htmltrim'](strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '') {
$post_errors[] = 'no_message';
unset($_POST['message']);
}
}
}
if (isset($_POST['lock'])) {
if (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $row['id_member']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
if ($row['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} elseif (!empty($row['locked']) && !empty($_POST['lock']) || $_POST['lock'] == $row['locked']) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
if (isset($_POST['sticky']) && !allowedTo('make_sticky')) {
unset($_POST['sticky']);
}
if (empty($post_errors)) {
$msgOptions = array('id' => $row['id_msg'], 'subject' => isset($_POST['subject']) ? $_POST['subject'] : null, 'body' => isset($_POST['message']) ? $_POST['message'] : null, 'icon' => isset($_REQUEST['icon']) ? preg_replace('~[\\./\\\\*\':"<>]~', '', $_REQUEST['icon']) : null);
$topicOptions = array('id' => $topic, 'board' => $board, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true);
$posterOptions = array();
// Only consider marking as editing if they have edited the subject, message or icon.
if (isset($_POST['subject']) && $_POST['subject'] != $row['subject'] || isset($_POST['message']) && $_POST['message'] != $row['body'] || isset($_REQUEST['icon']) && $_REQUEST['icon'] != $row['icon']) {
// And even then only if the time has passed...
if (time() - $row['poster_time'] > $modSettings['edit_wait_time'] || $user_info['id'] != $row['id_member']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = $user_info['name'];
}
} else {
$moderationAction = false;
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
// If we didn't change anything this time but had before put back the old info.
if (!isset($msgOptions['modify_time']) && !empty($row['modified_time'])) {
$msgOptions['modify_time'] = $row['modified_time'];
$msgOptions['modify_name'] = $row['modified_name'];
}
// Changing the first subject updates other subjects to 'Re: new_subject'.
if (isset($_POST['subject']) && isset($_REQUEST['change_all_subjects']) && $row['id_first_msg'] == $row['id_msg'] && !empty($row['num_replies']) && (allowedTo('modify_any') || $row['id_member_started'] == $user_info['id'] && allowedTo('modify_replies'))) {
// Get the proper (default language) response prefix first.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}messages
SET subject = {string:subject}
WHERE id_topic = {int:current_topic}
AND id_msg != {int:id_first_msg}', array('current_topic' => $topic, 'id_first_msg' => $row['id_first_msg'], 'subject' => $context['response_prefix'] . $_POST['subject']));
}
if (!empty($moderationAction)) {
logAction('modify', array('topic' => $topic, 'message' => $row['id_msg'], 'member' => $row['id_member'], 'board' => $board));
}
}
if (isset($_REQUEST['xml'])) {
$context['sub_template'] = 'modifydone';
if (empty($post_errors) && isset($msgOptions['subject']) && isset($msgOptions['body'])) {
$context['message'] = array('id' => $row['id_msg'], 'modified' => array('time' => isset($msgOptions['modify_time']) ? timeformat($msgOptions['modify_time']) : '', 'timestamp' => isset($msgOptions['modify_time']) ? forum_time(true, $msgOptions['modify_time']) : 0, 'name' => isset($msgOptions['modify_time']) ? $msgOptions['modify_name'] : ''), 'subject' => $msgOptions['subject'], 'first_in_topic' => $row['id_msg'] == $row['id_first_msg'], 'body' => strtr($msgOptions['body'], array(']]>' => ']]]]><![CDATA[>')));
censorText($context['message']['subject']);
censorText($context['message']['body']);
$context['message']['body'] = parse_bbc($context['message']['body'], $row['smileys_enabled'], $row['id_msg']);
} elseif (empty($post_errors)) {
$context['sub_template'] = 'modifytopicdone';
$context['message'] = array('id' => $row['id_msg'], 'modified' => array('time' => isset($msgOptions['modify_time']) ? timeformat($msgOptions['modify_time']) : '', 'timestamp' => isset($msgOptions['modify_time']) ? forum_time(true, $msgOptions['modify_time']) : 0, 'name' => isset($msgOptions['modify_time']) ? $msgOptions['modify_name'] : ''), 'subject' => isset($msgOptions['subject']) ? $msgOptions['subject'] : '');
censorText($context['message']['subject']);
} else {
$context['message'] = array('id' => $row['id_msg'], 'errors' => array(), 'error_in_subject' => in_array('no_subject', $post_errors), 'error_in_body' => in_array('no_message', $post_errors) || in_array('long_message', $post_errors));
loadLanguage('Errors');
foreach ($post_errors as $post_error) {
if ($post_error == 'long_message') {
$context['message']['errors'][] = sprintf($txt['error_' . $post_error], $modSettings['max_messageLength']);
} else {
$context['message']['errors'][] = $txt['error_' . $post_error];
}
}
}
} else {
obExit(false);
}
}
function warning_preview()
{
global $context, $sourcedir, $smcFunc, $txt, $user_info, $scripturl, $mbname;
require_once $sourcedir . '/Subs-Post.php';
loadLanguage('Errors');
loadLanguage('ModerationCenter');
$user = isset($_POST['user']) ? (int) $_POST['user'] : 0;
$context['post_error']['messages'] = array();
if (allowedTo('issue_warning')) {
$warning_body = !empty($_POST['body']) ? trim(censorText($_POST['body'])) : '';
$context['preview_subject'] = !empty($_POST['title']) ? trim($smcFunc['htmlspecialchars']($_POST['title'])) : '';
if (isset($_POST['issuing'])) {
if (empty($_POST['title']) || empty($_POST['body'])) {
$context['post_error']['messages'][] = $txt['warning_notify_blank'];
}
} else {
if (empty($_POST['title'])) {
$context['post_error']['messages'][] = $txt['mc_warning_template_error_no_title'];
}
if (empty($_POST['body'])) {
$context['post_error']['messages'][] = $txt['mc_warning_template_error_no_body'];
}
// Add in few replacements.
/**
* These are the defaults:
* - {MEMBER} - Member Name. => current user for review
* - {MESSAGE} - Link to Offending Post. (If Applicable) => not applicable here, so not replaced
* - {FORUMNAME} - Forum Name.
* - {SCRIPTURL} - Web address of forum.
* - {REGARDS} - Standard email sign-off.
*/
$find = array('{MEMBER}', '{FORUMNAME}', '{SCRIPTURL}', '{REGARDS}');
$replace = array($user_info['name'], $mbname, $scripturl, $txt['regards_team']);
$warning_body = str_replace($find, $replace, $warning_body);
}
if (!empty($_POST['body'])) {
preparsecode($warning_body);
$warning_body = parse_bbc($warning_body, true);
}
$context['preview_message'] = $warning_body;
} else {
$context['post_error']['messages'][] = array('value' => $txt['cannot_issue_warning'], 'attributes' => array('type' => 'error'));
}
$context['sub_template'] = 'pm';
}
function JavaScriptModify()
{
global $db_prefix, $sourcedir, $modSettings, $board, $topic, $txt;
global $user_info, $ID_MEMBER, $context, $func, $language;
// We have to have a topic!
if (empty($topic)) {
obExit(false);
}
checkSession('get');
require_once $sourcedir . '/Subs-Post.php';
// Assume the first message if no message ID was given.
$request = db_query("\n\t\t\tSELECT \n\t\t\t\tt.locked, t.numReplies, t.ID_MEMBER_STARTED, t.ID_FIRST_MSG,\n\t\t\t\tm.ID_MSG, m.ID_MEMBER, m.posterTime, m.subject, m.smileysEnabled, m.body,\n\t\t\t\tm.modifiedTime, m.modifiedName\n\t\t\tFROM ({$db_prefix}messages AS m, {$db_prefix}topics AS t)\n\t\t\tWHERE m.ID_MSG = " . (empty($_REQUEST['msg']) ? 't.ID_FIRST_MSG' : (int) $_REQUEST['msg']) . "\n\t\t\t\tAND m.ID_TOPIC = {$topic}\n\t\t\t\tAND t.ID_TOPIC = {$topic}", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error('smf232', false);
}
$row = mysql_fetch_assoc($request);
mysql_free_result($request);
// Change either body or subject requires permissions to modify messages.
if (isset($_POST['message']) || isset($_POST['subject']) || isset($_POST['icon'])) {
if (!empty($row['locked'])) {
isAllowedTo('moderate_board');
}
if ($row['ID_MEMBER'] == $ID_MEMBER && !allowedTo('modify_any')) {
if (!empty($modSettings['edit_disable_time']) && $row['posterTime'] + ($modSettings['edit_disable_time'] + 5) * 60 < time()) {
fatal_lang_error('modify_post_time_passed', false);
} elseif ($row['ID_MEMBER_STARTED'] == $ID_MEMBER && !allowedTo('modify_own')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_own');
}
} elseif ($row['ID_MEMBER_STARTED'] == $ID_MEMBER && !allowedTo('modify_any')) {
isAllowedTo('modify_replies');
} else {
isAllowedTo('modify_any');
}
// Only log this action if it wasn't your message.
$moderationAction = $row['ID_MEMBER'] != $ID_MEMBER;
}
$post_errors = array();
if (isset($_POST['subject']) && $func['htmltrim']($_POST['subject']) !== '') {
$_POST['subject'] = strtr($func['htmlspecialchars']($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
// Maximum number of characters.
if ($func['strlen']($_POST['subject']) > 100) {
$_POST['subject'] = addslashes($func['substr'](stripslashes($_POST['subject']), 0, 100));
}
} else {
$post_errors[] = 'no_subject';
unset($_POST['subject']);
}
if (isset($_POST['message'])) {
if ($func['htmltrim']($_POST['message']) === '') {
$post_errors[] = 'no_message';
unset($_POST['message']);
} elseif (!empty($modSettings['max_messageLength']) && $func['strlen']($_POST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
unset($_POST['message']);
} else {
$_POST['message'] = $func['htmlspecialchars']($_POST['message'], ENT_QUOTES);
preparsecode($_POST['message']);
if ($func['htmltrim'](strip_tags(parse_bbc($_POST['message'], false), '<img>')) === '') {
$post_errors[] = 'no_message';
unset($_POST['message']);
}
}
}
if (isset($_POST['lock'])) {
if (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $ID_MEMBER != $row['ID_MEMBER']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
if ($row['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
} elseif (!empty($row['locked']) && !empty($_POST['lock']) || $_POST['lock'] == $row['locked']) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 1;
}
}
if (isset($_POST['sticky']) && !allowedTo('make_sticky')) {
unset($_POST['sticky']);
}
if (empty($post_errors)) {
$msgOptions = array('id' => $row['ID_MSG'], 'subject' => isset($_POST['subject']) ? $_POST['subject'] : null, 'body' => isset($_POST['message']) ? $_POST['message'] : null, 'icon' => isset($_POST['icon']) ? preg_replace('~[\\./\\\\*\':"<>]~', '', $_POST['icon']) : null);
$topicOptions = array('id' => $topic, 'board' => $board, 'lock_mode' => isset($_POST['lock']) ? (int) $_POST['lock'] : null, 'sticky_mode' => isset($_POST['sticky']) && !empty($modSettings['enableStickyTopics']) ? (int) $_POST['sticky'] : null, 'mark_as_read' => true);
$posterOptions = array();
// Only consider marking as editing if they have edited the subject, message or icon.
if (isset($_POST['subject']) && $_POST['subject'] != $row['subject'] || isset($_POST['message']) && $_POST['message'] != $row['body'] || isset($_POST['icon']) && $_POST['icon'] != $row['icon']) {
// And even then only if the time has passed...
if (time() - $row['posterTime'] > $modSettings['edit_wait_time'] || $ID_MEMBER != $row['ID_MEMBER']) {
$msgOptions['modify_time'] = time();
$msgOptions['modify_name'] = addslashes($user_info['name']);
}
}
modifyPost($msgOptions, $topicOptions, $posterOptions);
// If we didn't change anything this time but had before put back the old info.
if (!isset($msgOptions['modify_time']) && !empty($row['modifiedTime'])) {
$msgOptions['modify_time'] = $row['modifiedTime'];
$msgOptions['modify_name'] = $row['modifiedName'];
}
// Changing the first subject updates other subjects to 'Re: new_subject'.
if (isset($_POST['subject']) && isset($_REQUEST['change_all_subjects']) && $row['ID_FIRST_MSG'] == $row['ID_MSG'] && !empty($row['numReplies']) && (allowedTo('modify_any') || $row['ID_MEMBER_STARTED'] == $ID_MEMBER && allowedTo('modify_replies'))) {
// Get the proper (default language) response prefix first.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
db_query("\n\t\t\t\tUPDATE {$db_prefix}messages\n\t\t\t\tSET subject = '{$context['response_prefix']}{$_POST['subject']}'\n\t\t\t\tWHERE ID_TOPIC = {$topic}\n\t\t\t\t\tAND ID_MSG != {$row['ID_FIRST_MSG']}\n\t\t\t\tLIMIT {$row['numReplies']}", __FILE__, __LINE__);
}
if ($moderationAction) {
logAction('modify', array('topic' => $topic, 'message' => $row['ID_MSG'], 'member' => $row['ID_MEMBER_STARTED']));
}
}
if (isset($_REQUEST['xml'])) {
$context['sub_template'] = 'modifydone';
if (empty($post_errors) && isset($msgOptions['subject']) && isset($msgOptions['body'])) {
$context['message'] = array('id' => $row['ID_MSG'], 'modified' => array('time' => isset($msgOptions['modify_time']) ? timeformat($msgOptions['modify_time']) : '', 'timestamp' => isset($msgOptions['modify_time']) ? forum_time(true, $msgOptions['modify_time']) : 0, 'name' => isset($msgOptions['modify_time']) ? stripslashes($msgOptions['modify_name']) : ''), 'subject' => stripslashes($msgOptions['subject']), 'first_in_topic' => $row['ID_MSG'] == $row['ID_FIRST_MSG'], 'body' => strtr(stripslashes($msgOptions['body']), array(']]>' => ']]]]><![CDATA[>')));
censorText($context['message']['subject']);
censorText($context['message']['body']);
$context['message']['body'] = parse_bbc($context['message']['body'], $row['smileysEnabled'], $row['ID_MSG']);
} elseif (empty($post_errors) && isset($msgOptions['subject'])) {
$context['sub_template'] = 'modifytopicdone';
$context['message'] = array('id' => $row['ID_MSG'], 'modified' => array('time' => isset($msgOptions['modify_time']) ? timeformat($msgOptions['modify_time']) : '', 'timestamp' => isset($msgOptions['modify_time']) ? forum_time(true, $msgOptions['modify_time']) : 0, 'name' => isset($msgOptions['modify_time']) ? stripslashes($msgOptions['modify_name']) : ''), 'subject' => stripslashes($msgOptions['subject']));
censorText($context['message']['subject']);
} else {
$context['message'] = array('id' => $row['ID_MSG'], 'errors' => array(), 'error_in_subject' => in_array('no_subject', $post_errors), 'error_in_body' => in_array('no_message', $post_errors) || in_array('long_message', $post_errors));
loadLanguage('Errors');
foreach ($post_errors as $post_error) {
$context['message']['errors'][] = $txt['error_' . $post_error];
}
}
} else {
obExit(false);
}
}
function Adk_formclear($toclean)
{
global $smcFunc, $sourcedir;
require_once $sourcedir . '/Subs-Post.php';
$toclean = $smcFunc['htmlspecialchars']($toclean, ENT_QUOTES);
$toclean = $smcFunc['htmltrim']($toclean, ENT_QUOTES);
preparsecode($toclean);
return $toclean;
}
require_once $parser_dir . '/HtmlParser.php';
require_once '../../BBCHelpers.php';
globalSettings();
$bbc = new \BBC\DefaultCodes(array(), array());
$autolink = new \BBC\Autolink($bbc);
$html = new \BBC\HtmlParser();
$parser = new \BBC\Parser($bbc, $autolink, $html);
$smiley_parser = new \BBC\SmileyParser($modSettings['smileys_url'] . '/' . $user_info['smiley_set'] . '/');
// Preparser
require_once '../../PreparserTests/OldPreparser/OldPreParser.php';
foreach ($messages as $i => $input) {
$class_name = 'Message' . $i;
$filename = 'Message' . $i . '.php';
// These aren't preparsed. This is how they will be stored.
$stored = $input;
preparsecode($stored);
if ($stored !== $input) {
echo "\nMessage {$i} needs to be preparsed<br>";
}
$output = $parser->parse($stored);
$smiley_parser->parse($output);
$escaped_input = addslashes($input);
$escaped_stored = addslashes($stored);
$escaped_output = addslashes($output);
$file_contents = <<<EOF
<?php
/* The original message
{$escaped_input}
*/
/**
* Saves a PM draft in the user_drafts table
* The core draft feature must be enable, as well as the pm draft option
* Determines if this is a new or and update to an existing draft
*
* @global type $context
* @global type $user_info
* @global type $smcFunc
* @global type $modSettings
* @param string $post_errors
* @param type $recipientList
* @return boolean
*/
function SavePMDraft(&$post_errors, $recipientList)
{
global $context, $user_info, $smcFunc, $modSettings;
// PM survey says ... can you stay or must you go
if (empty($modSettings['drafts_enabled']) || empty($modSettings['drafts_pm_enabled']) || !allowedTo('pm_draft') || !isset($_POST['save_draft'])) {
return false;
}
// read in what you sent us
$id_pm_draft = (int) $_POST['id_pm_draft'];
$draft_info = ReadDraft($id_pm_draft, 1);
// determine who this is being sent to
if (isset($_REQUEST['xml'])) {
$recipientList['to'] = isset($_POST['recipient_to']) ? explode(',', $_POST['recipient_to']) : array();
$recipientList['bcc'] = isset($_POST['recipient_bcc']) ? explode(',', $_POST['recipient_bcc']) : array();
} elseif (!empty($draft_info['to_list']) && empty($recipientList)) {
$recipientList = unserialize($draft_info['to_list']);
}
// prepare the data we got from the form
$reply_id = empty($_POST['replied_to']) ? 0 : (int) $_POST['replied_to'];
$outbox = empty($_POST['outbox']) ? 0 : 1;
$draft['body'] = $smcFunc['htmlspecialchars']($_POST['message'], ENT_QUOTES);
$draft['subject'] = strtr($smcFunc['htmlspecialchars']($_POST['subject']), array("\r" => '', "\n" => '', "\t" => ''));
// message and subject still need a bit more massaging
preparsecode($draft['body']);
if ($smcFunc['strlen']($draft['subject']) > 100) {
$draft['subject'] = $smcFunc['substr']($draft['subject'], 0, 100);
}
// Modifying an existing PM draft?
if (!empty($id_pm_draft) && !empty($draft_info) && $draft_info['id_member'] == $user_info['id']) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}user_drafts
SET id_reply = {int:id_reply},
type = {int:type},
poster_time = {int:poster_time},
subject = {string:subject},
body = {string:body},
to_list = {string:to_list},
outbox = {int:outbox}
WHERE id_draft = {int:id_pm_draft}
LIMIT 1', array('id_reply' => $reply_id, 'type' => 1, 'poster_time' => time(), 'subject' => $draft['subject'], 'body' => $draft['body'], 'id_pm_draft' => $id_pm_draft, 'to_list' => serialize($recipientList), 'outbox' => $outbox));
// some items to return to the form
$context['draft_saved'] = true;
$context['id_pm_draft'] = $id_pm_draft;
} else {
$smcFunc['db_insert']('', '{db_prefix}user_drafts', array('id_reply' => 'int', 'type' => 'int', 'poster_time' => 'int', 'id_member' => 'int', 'subject' => 'string-255', 'body' => 'string-65534', 'to_list' => 'string-255', 'outbox' => 'int'), array($reply_id, 1, time(), $user_info['id'], $draft['subject'], $draft['body'], serialize($recipientList), $outbox), array('id_draft'));
// get the new id
$id_pm_draft = $smcFunc['db_insert_id']('{db_prefix}user_drafts', 'id_draft');
// everything go as expected, if not toss an error
if (!empty($id_pm_draft)) {
$context['draft_saved'] = true;
$context['id_pm_draft'] = $id_pm_draft;
} else {
$post_errors[] = 'draft_not_saved';
}
}
// if we were called from the autosave function, send something back
if (!empty($id_pm_draft) && isset($_REQUEST['xml']) && !in_array('session_timeout', $post_errors)) {
XmlDraft($id_pm_draft);
}
return;
}
function EditNews()
{
global $txt, $modSettings, $context, $sourcedir, $user_info;
global $smcFunc;
require_once $sourcedir . '/Subs-Post.php';
// The 'remove selected' button was pressed.
if (!empty($_POST['delete_selection']) && !empty($_POST['remove'])) {
checkSession();
// Store the news temporarily in this array.
$temp_news = explode("\n", $modSettings['news']);
// Remove the items that were selected.
foreach ($temp_news as $i => $news) {
if (in_array($i, $_POST['remove'])) {
unset($temp_news[$i]);
}
}
// Update the database.
updateSettings(array('news' => implode("\n", $temp_news)));
logAction('news');
} elseif (!empty($_POST['save_items'])) {
checkSession();
foreach ($_POST['news'] as $i => $news) {
if (trim($news) == '') {
unset($_POST['news'][$i]);
} else {
$_POST['news'][$i] = $smcFunc['htmlspecialchars']($_POST['news'][$i], ENT_QUOTES);
preparsecode($_POST['news'][$i]);
}
}
// Send the new news to the database.
updateSettings(array('news' => implode("\n", $_POST['news'])));
// Log this into the moderation log.
logAction('news');
}
// Ready the current news.
foreach (explode("\n", $modSettings['news']) as $id => $line) {
$context['admin_current_news'][$id] = array('id' => $id, 'unparsed' => un_preparsecode($line), 'parsed' => preg_replace('~<([/]?)form[^>]*?[>]*>~i', '<em class="smalltext"><$1form></em>', parse_bbc($line)));
}
$context['sub_template'] = 'edit_news';
$context['page_title'] = $txt['admin_edit_news'];
}
function sendpm($recipients, $subject, $message, $store_outbox = false, $from = null, $pm_head = 0)
{
global $scripturl, $txt, $user_info, $language;
global $modSettings, $sourcedir;
// Make sure the PM language file is loaded, we might need something out of it.
loadLanguage('PersonalMessage');
$onBehalf = $from !== null;
// Initialize log array.
$log = array('failed' => array(), 'sent' => array());
if ($from === null) {
$from = array('id' => $user_info['id'], 'name' => $user_info['name'], 'username' => $user_info['username']);
} else {
$user_info['name'] = $from['name'];
}
// This is the one that will go in their inbox.
$htmlmessage = commonAPI::htmlspecialchars($message, ENT_QUOTES);
$htmlsubject = commonAPI::htmlspecialchars($subject);
preparsecode($htmlmessage);
// Integrated PMs
HookAPI::callHook('integrate_personal_message', array($recipients, $from['username'], $subject, $message));
// Get a list of usernames and convert them to IDs.
$usernames = array();
foreach ($recipients as $rec_type => $rec) {
foreach ($rec as $id => $member) {
if (!is_numeric($recipients[$rec_type][$id])) {
//$recipients[$rec_type][$id] = commonAPI::strtolower(trim(preg_replace('/[<>&"\'=\\\]/', '', $recipients[$rec_type][$id])));
$recipients[$rec_type][$id] = commonAPI::strtolower(trim(preg_replace('/[<>&"\'=\\]/', '', $recipients[$rec_type][$id])));
$usernames[$recipients[$rec_type][$id]] = 0;
}
}
}
if (!empty($usernames)) {
$request = smf_db_query('
SELECT id_member, member_name
FROM {db_prefix}members
WHERE ' . 'member_name' . ' IN ({array_string:usernames})', array('usernames' => array_keys($usernames)));
while ($row = mysql_fetch_assoc($request)) {
if (isset($usernames[commonAPI::strtolower($row['member_name'])])) {
$usernames[commonAPI::strtolower($row['member_name'])] = $row['id_member'];
}
}
mysql_free_result($request);
// Replace the usernames with IDs. Drop usernames that couldn't be found.
foreach ($recipients as $rec_type => $rec) {
foreach ($rec as $id => $member) {
if (is_numeric($recipients[$rec_type][$id])) {
continue;
}
if (!empty($usernames[$member])) {
$recipients[$rec_type][$id] = $usernames[$member];
} else {
$log['failed'][$id] = sprintf($txt['pm_error_user_not_found'], $recipients[$rec_type][$id]);
unset($recipients[$rec_type][$id]);
}
}
}
}
// Make sure there are no duplicate 'to' members.
$recipients['to'] = array_unique($recipients['to']);
// Only 'bcc' members that aren't already in 'to'.
$recipients['bcc'] = array_diff(array_unique($recipients['bcc']), $recipients['to']);
// Combine 'to' and 'bcc' recipients.
$all_to = array_merge($recipients['to'], $recipients['bcc']);
// Check no-one will want it deleted right away!
$request = smf_db_query('
SELECT
id_member, criteria, is_or
FROM {db_prefix}pm_rules
WHERE id_member IN ({array_int:to_members})
AND delete_pm = {int:delete_pm}', array('to_members' => $all_to, 'delete_pm' => 1));
$deletes = array();
// Check whether we have to apply anything...
while ($row = mysql_fetch_assoc($request)) {
$criteria = unserialize($row['criteria']);
// Note we don't check the buddy status, cause deletion from buddy = madness!
$delete = false;
foreach ($criteria as $criterium) {
$match = false;
if ($criterium['t'] == 'mid' && $criterium['v'] == $from['id'] || $criterium['t'] == 'gid' && in_array($criterium['v'], $user_info['groups']) || $criterium['t'] == 'sub' && strpos($subject, $criterium['v']) !== false || $criterium['t'] == 'msg' && strpos($message, $criterium['v']) !== false) {
$delete = true;
} elseif (!$row['is_or']) {
$delete = false;
break;
}
}
if ($delete) {
$deletes[$row['id_member']] = 1;
}
}
mysql_free_result($request);
// Load the membergrounp message limits.
//!!! Consider caching this?
static $message_limit_cache = array();
if (!allowedTo('moderate_forum') && empty($message_limit_cache)) {
$request = smf_db_query('
SELECT id_group, max_messages
FROM {db_prefix}membergroups', array());
while ($row = mysql_fetch_assoc($request)) {
$message_limit_cache[$row['id_group']] = $row['max_messages'];
}
mysql_free_result($request);
}
// Load the groups that are allowed to read PMs.
$allowed_groups = array();
$disallowed_groups = array();
$request = smf_db_query('
SELECT id_group, add_deny
FROM {db_prefix}permissions
WHERE permission = {string:read_permission}', array('read_permission' => 'pm_read'));
while ($row = mysql_fetch_assoc($request)) {
if (empty($row['add_deny'])) {
$disallowed_groups[] = $row['id_group'];
} else {
$allowed_groups[] = $row['id_group'];
}
}
mysql_free_result($request);
if (empty($modSettings['permission_enable_deny'])) {
$disallowed_groups = array();
}
$request = smf_db_query('
SELECT
member_name, real_name, id_member, email_address, lngfile,
pm_email_notify, instant_messages,' . (allowedTo('moderate_forum') ? ' 0' : '
(pm_receive_from = {int:admins_only}' . (empty($modSettings['enable_buddylist']) ? '' : ' OR
(pm_receive_from = {int:buddies_only} AND FIND_IN_SET({string:from_id}, buddy_list) = 0) OR
(pm_receive_from = {int:not_on_ignore_list} AND FIND_IN_SET({string:from_id}, pm_ignore_list) != 0)') . ')') . ' AS ignored,
FIND_IN_SET({string:from_id}, buddy_list) != 0 AS is_buddy, is_activated,
additional_groups, id_group, id_post_group
FROM {db_prefix}members
WHERE id_member IN ({array_int:recipients})
ORDER BY lngfile
LIMIT {int:count_recipients}', array('not_on_ignore_list' => 1, 'buddies_only' => 2, 'admins_only' => 3, 'recipients' => $all_to, 'count_recipients' => count($all_to), 'from_id' => $from['id']));
$notifications = array();
$as_notifications = array();
while ($row = mysql_fetch_assoc($request)) {
// Don't do anything for members to be deleted!
if (isset($deletes[$row['id_member']])) {
continue;
}
// We need to know this members groups.
$groups = explode(',', $row['additional_groups']);
$groups[] = $row['id_group'];
$groups[] = $row['id_post_group'];
$message_limit = -1;
// For each group see whether they've gone over their limit - assuming they're not an admin.
if (!in_array(1, $groups)) {
foreach ($groups as $id) {
if (isset($message_limit_cache[$id]) && $message_limit != 0 && $message_limit < $message_limit_cache[$id]) {
$message_limit = $message_limit_cache[$id];
}
}
if ($message_limit > 0 && $message_limit <= $row['instant_messages']) {
$log['failed'][$row['id_member']] = sprintf($txt['pm_error_data_limit_reached'], $row['real_name']);
unset($all_to[array_search($row['id_member'], $all_to)]);
continue;
}
// Do they have any of the allowed groups?
if (count(array_intersect($allowed_groups, $groups)) == 0 || count(array_intersect($disallowed_groups, $groups)) != 0) {
$log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
unset($all_to[array_search($row['id_member'], $all_to)]);
continue;
}
}
// Note that PostgreSQL can return a lowercase t/f for FIND_IN_SET
if (!empty($row['ignored']) && $row['ignored'] != 'f' && $row['id_member'] != $from['id']) {
$log['failed'][$row['id_member']] = sprintf($txt['pm_error_ignored_by_user'], $row['real_name']);
unset($all_to[array_search($row['id_member'], $all_to)]);
continue;
}
// If the receiving account is banned (>=10) or pending deletion (4), refuse to send the PM.
if ($row['is_activated'] >= 10 || $row['is_activated'] == 4 && !$user_info['is_admin']) {
$log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
unset($all_to[array_search($row['id_member'], $all_to)]);
continue;
}
// Send a notification, if enabled - taking the buddy list into account.
if (!empty($row['email_address']) && ($row['pm_email_notify'] == 1 || $row['pm_email_notify'] > 1 && (!empty($modSettings['enable_buddylist']) && $row['is_buddy'])) && $row['is_activated'] == 1) {
$notifications[empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']][] = $row['email_address'];
}
$as_notifications[] = $row['id_member'];
$log['sent'][$row['id_member']] = sprintf(isset($txt['pm_successfully_sent']) ? $txt['pm_successfully_sent'] : '', $row['real_name']);
}
mysql_free_result($request);
// Only 'send' the message if there are any recipients left.
if (empty($all_to)) {
return $log;
}
// Insert the message itself and then grab the last insert id.
smf_db_insert('', '{db_prefix}personal_messages', array('id_pm_head' => 'int', 'id_member_from' => 'int', 'deleted_by_sender' => 'int', 'from_name' => 'string-255', 'msgtime' => 'int', 'subject' => 'string-255', 'body' => 'string-65534'), array($pm_head, $from['id'], $store_outbox ? 0 : 1, $from['username'], time(), $htmlsubject, $htmlmessage), array('id_pm'));
$id_pm = smf_db_insert_id('{db_prefix}personal_messages', 'id_pm');
if ($modSettings['astream_active']) {
require_once $sourcedir . '/lib/Subs-Activities.php';
$id_act = aStreamAdd($from['id'], ACT_PM, array('member_name' => $from['username']), 0, 0, $id_pm, $from['id'], ACT_PLEVEL_PRIVATE);
if ((int) $id_act > 0) {
aStreamAddNotification($as_notifications, $id_act, ACT_PM);
}
}
// Add the recipients.
if (!empty($id_pm)) {
// If this is new we need to set it part of it's own conversation.
if (empty($pm_head)) {
smf_db_query('
UPDATE {db_prefix}personal_messages
SET id_pm_head = {int:id_pm_head}
WHERE id_pm = {int:id_pm_head}', array('id_pm_head' => $id_pm));
}
// Some people think manually deleting personal_messages is fun... it's not. We protect against it though :)
smf_db_query('
DELETE FROM {db_prefix}pm_recipients
WHERE id_pm = {int:id_pm}', array('id_pm' => $id_pm));
$insertRows = array();
foreach ($all_to as $to) {
$insertRows[] = array($id_pm, $to, in_array($to, $recipients['bcc']) ? 1 : 0, isset($deletes[$to]) ? 1 : 0, 1);
}
smf_db_insert('insert', '{db_prefix}pm_recipients', array('id_pm' => 'int', 'id_member' => 'int', 'bcc' => 'int', 'deleted' => 'int', 'is_new' => 'int'), $insertRows, array('id_pm', 'id_member'));
}
censorText($message);
censorText($subject);
$message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc(htmlspecialchars($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '[' => '[', ']' => ']')))));
foreach ($notifications as $lang => $notification_list) {
// Make sure to use the right language.
loadLanguage('index+PersonalMessage', $lang, false);
// Replace the right things in the message strings.
$mailsubject = str_replace(array('SUBJECT', 'SENDER'), array($subject, un_htmlspecialchars($from['name'])), $txt['new_pm_subject']);
$mailmessage = str_replace(array('SUBJECT', 'MESSAGE', 'SENDER'), array($subject, $message, un_htmlspecialchars($from['name'])), $txt['pm_email']);
$mailmessage .= "\n\n" . $txt['instant_reply'] . ' ' . $scripturl . '?action=pm;sa=send;f=inbox;pmsg=' . $id_pm . ';quote;u=' . $from['id'];
// Off the notification email goes!
sendmail($notification_list, $mailsubject, $mailmessage, null, 'p' . $id_pm, false, 2, null, true);
}
// Back to what we were on before!
loadLanguage('index+PersonalMessage');
// Add one to their unread and read message counts.
foreach ($all_to as $k => $id) {
if (isset($deletes[$id])) {
unset($all_to[$k]);
}
}
if (!empty($all_to)) {
updateMemberData($all_to, array('instant_messages' => '+', 'unread_messages' => '+', 'new_pm' => 1));
}
return $log;
}
/**
* Issue/manage an user's warning status.
* @uses ProfileAccount template issueWarning sub template
* @uses Profile template
*/
public function action_issuewarning()
{
global $txt, $scripturl, $modSettings, $mbname, $context, $cur_profile;
$memID = currentMemberID();
// make sure the sub-template is set...
loadTemplate('ProfileAccount');
$context['sub_template'] = 'issueWarning';
// We need this because of template_load_warning_variables
loadTemplate('Profile');
loadJavascriptFile('profile.js');
// jQuery-UI FTW!
$modSettings['jquery_include_ui'] = true;
loadCSSFile('jquery.ui.slider.css');
loadCSSFile('jquery.ui.theme.css');
// Get all the actual settings.
list($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
// This stores any legitimate errors.
$issueErrors = array();
// Doesn't hurt to be overly cautious.
if (empty($modSettings['warning_enable']) || $context['user']['is_owner'] && !$cur_profile['warning'] || !allowedTo('issue_warning')) {
fatal_lang_error('no_access', false);
}
// Get the base (errors related) stuff done.
loadLanguage('Errors');
$context['custom_error_title'] = $txt['profile_warning_errors_occurred'];
// Make sure things which are disabled stay disabled.
$modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
$modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
$modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
$context['warning_limit'] = allowedTo('admin_forum') ? 0 : $modSettings['user_limit'];
$context['member']['warning'] = $cur_profile['warning'];
$context['member']['name'] = $cur_profile['real_name'];
// What are the limits we can apply?
$context['min_allowed'] = 0;
$context['max_allowed'] = 100;
if ($context['warning_limit'] > 0) {
require_once SUBSDIR . '/Moderation.subs.php';
$current_applied = warningDailyLimit($memID);
$context['min_allowed'] = max(0, $cur_profile['warning'] - $current_applied - $context['warning_limit']);
$context['max_allowed'] = min(100, $cur_profile['warning'] - $current_applied + $context['warning_limit']);
}
// Defaults.
$context['warning_data'] = array('reason' => '', 'notify' => '', 'notify_subject' => '', 'notify_body' => '');
// Are we saving?
if (isset($_POST['save'])) {
// Security is good here.
checkSession('post');
// This cannot be empty!
$_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : '';
if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) {
$issueErrors[] = 'warning_no_reason';
}
$_POST['warn_reason'] = Util::htmlspecialchars($_POST['warn_reason']);
// If the value hasn't changed it's either no JS or a real no change (Which this will pass)
if ($_POST['warning_level'] == 'SAME') {
$_POST['warning_level'] = $_POST['warning_level_nojs'];
}
$_POST['warning_level'] = (int) $_POST['warning_level'];
$_POST['warning_level'] = max(0, min(100, $_POST['warning_level']));
if ($_POST['warning_level'] < $context['min_allowed']) {
$_POST['warning_level'] = $context['min_allowed'];
} elseif ($_POST['warning_level'] > $context['max_allowed']) {
$_POST['warning_level'] = $context['max_allowed'];
}
require_once SUBSDIR . '/Moderation.subs.php';
// Do we actually have to issue them with a PM?
$id_notice = 0;
if (!empty($_POST['warn_notify']) && empty($issueErrors)) {
$_POST['warn_sub'] = trim($_POST['warn_sub']);
$_POST['warn_body'] = trim($_POST['warn_body']);
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
} else {
require_once SUBSDIR . '/PersonalMessage.subs.php';
$from = array('id' => 0, 'name' => $context['forum_name'], 'username' => $context['forum_name']);
sendpm(array('to' => array($memID), 'bcc' => array()), $_POST['warn_sub'], $_POST['warn_body'], false, $from);
// Log the notice.
$id_notice = logWarningNotice($_POST['warn_sub'], $_POST['warn_body']);
}
}
// Just in case - make sure notice is valid!
$id_notice = (int) $id_notice;
// What have we changed?
$level_change = $_POST['warning_level'] - $cur_profile['warning'];
// No errors? Proceed! Only log if you're not the owner.
if (empty($issueErrors)) {
// Log what we've done!
if (!$context['user']['is_owner']) {
logWarning($memID, $cur_profile['real_name'], $id_notice, $level_change, $_POST['warn_reason']);
}
// Make the change.
updateMemberData($memID, array('warning' => $_POST['warning_level']));
// Leave a lovely message.
$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
} else {
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '');
}
// Show the new improved warning level.
$context['member']['warning'] = $_POST['warning_level'];
}
// Taking a look first, good idea that one.
if (isset($_POST['preview'])) {
$warning_body = !empty($_POST['warn_body']) ? trim(censorText($_POST['warn_body'])) : '';
$context['preview_subject'] = !empty($_POST['warn_sub']) ? trim(Util::htmlspecialchars($_POST['warn_sub'])) : '';
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
}
if (!empty($_POST['warn_body'])) {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($warning_body);
$warning_body = parse_bbc($warning_body, true);
}
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '', 'body_preview' => $warning_body);
}
if (!empty($issueErrors)) {
// Fill in the suite of errors.
$context['post_errors'] = array();
foreach ($issueErrors as $error) {
$context['post_errors'][] = $txt[$error];
}
}
$context['page_title'] = $txt['profile_issue_warning'];
// Let's use a generic list to get all the current warnings
require_once SUBSDIR . '/GenericList.class.php';
require_once SUBSDIR . '/Profile.subs.php';
// Work our the various levels.
$context['level_effects'] = array(0 => $txt['profile_warning_effect_none'], $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], $modSettings['warning_mute'] => $txt['profile_warning_effect_mute']);
$context['current_level'] = 0;
foreach ($context['level_effects'] as $limit => $dummy) {
if ($context['member']['warning'] >= $limit) {
$context['current_level'] = $limit;
}
}
// Build a list to view the warnings
$listOptions = array('id' => 'issued_warnings', 'title' => $txt['profile_viewwarning_previous_warnings'], 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $txt['profile_viewwarning_no_warnings'], 'base_href' => $scripturl . '?action=profile;area=issuewarning;sa=user;u=' . $memID, 'default_sort_col' => 'log_time', 'get_items' => array('function' => 'list_getUserWarnings', 'params' => array($memID)), 'get_count' => array('function' => 'list_getUserWarningCount', 'params' => array($memID)), 'columns' => array('issued_by' => array('header' => array('value' => $txt['profile_warning_previous_issued'], 'style' => 'width: 20%;'), 'data' => array('function' => create_function('$warning', '
return $warning[\'issuer\'][\'link\'];
')), 'sort' => array('default' => 'lc.member_name DESC', 'reverse' => 'lc.member_name')), 'log_time' => array('header' => array('value' => $txt['profile_warning_previous_time'], 'style' => 'width: 30%;'), 'data' => array('db' => 'time'), 'sort' => array('default' => 'lc.log_time DESC', 'reverse' => 'lc.log_time')), 'reason' => array('header' => array('value' => $txt['profile_warning_previous_reason']), 'data' => array('function' => create_function('$warning', '
global $scripturl, $txt, $settings;
$ret = \'
<div class="floatleft">
\' . $warning[\'reason\'] . \'
</div>\';
// If a notice was sent, provide a way to view it
if (!empty($warning[\'id_notice\']))
$ret .= \'
<div class="floatright">
<a href="\' . $scripturl . \'?action=moderate;area=notice;nid=\' . $warning[\'id_notice\'] . \'" onclick="window.open(this.href, \\\'\\\', \\\'scrollbars=yes,resizable=yes,width=400,height=250\\\');return false;" target="_blank" class="new_win" title="\' . $txt[\'profile_warning_previous_notice\'] . \'"><img src="\' . $settings[\'images_url\'] . \'/filter.png" alt="" /></a>
</div>\';
return $ret;'))), 'level' => array('header' => array('value' => $txt['profile_warning_previous_level'], 'style' => 'width: 6%;'), 'data' => array('db' => 'counter'), 'sort' => array('default' => 'lc.counter DESC', 'reverse' => 'lc.counter'))));
// Create the list for viewing.
createList($listOptions);
$warning_for_message = isset($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : false;
$warned_message_subject = '';
// Are they warning because of a message?
if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) {
require_once SUBSDIR . '/Messages.subs.php';
$message = basicMessageInfo((int) $_REQUEST['msg']);
if (!empty($message)) {
$warned_message_subject = $message['subject'];
}
}
require_once SUBSDIR . '/Maillist.subs.php';
// Any custom templates?
$context['notification_templates'] = array();
$notification_templates = maillist_templates('warntpl');
foreach ($notification_templates as $row) {
// If we're not warning for a message skip any that are.
if (!$warning_for_message && strpos($row['body'], '{MESSAGE}') !== false) {
continue;
}
$context['notification_templates'][] = array('title' => $row['title'], 'body' => $row['body']);
}
// Setup the "default" templates.
foreach (array('spamming', 'offence', 'insulting') as $type) {
$context['notification_templates'][] = array('title' => $txt['profile_warning_notify_title_' . $type], 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($warning_for_message) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]));
}
// Replace all the common variables in the templates.
foreach ($context['notification_templates'] as $k => $name) {
$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $warning_for_message . ']' . un_htmlspecialchars($warned_message_subject) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => replaceBasicActionUrl($txt['regards_team'])));
}
}
function ModifyWarningTemplate()
{
global $smcFunc, $context, $txt, $user_info, $sourcedir;
$context['id_template'] = isset($_REQUEST['tid']) ? (int) $_REQUEST['tid'] : 0;
$context['is_edit'] = $context['id_template'];
// Standard template things.
$context['page_title'] = $context['is_edit'] ? $txt['mc_warning_template_modify'] : $txt['mc_warning_template_add'];
$context['sub_template'] = 'warn_template';
$context[$context['moderation_menu_name']]['current_subsection'] = 'templates';
// Defaults.
$context['template_data'] = array('title' => '', 'body' => $txt['mc_warning_template_body_default'], 'personal' => false, 'can_edit_personal' => true);
// If it's an edit load it.
if ($context['is_edit']) {
$request = $smcFunc['db_query']('', '
SELECT id_member, id_recipient, recipient_name AS template_title, body
FROM {db_prefix}log_comments
WHERE id_comment = {int:id}
AND comment_type = {string:warntpl}
AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})', array('id' => $context['id_template'], 'warntpl' => 'warntpl', 'generic' => 0, 'current_member' => $user_info['id']));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['template_data'] = array('title' => $row['template_title'], 'body' => $smcFunc['htmlspecialchars']($row['body']), 'personal' => $row['id_recipient'], 'can_edit_personal' => $row['id_member'] == $user_info['id']);
}
$smcFunc['db_free_result']($request);
}
// Wait, we are saving?
if (isset($_POST['save'])) {
checkSession('post');
// To check the BBC is pretty good...
require_once $sourcedir . '/Subs-Post.php';
// Bit of cleaning!
$_POST['template_body'] = trim($_POST['template_body']);
$_POST['template_title'] = trim($_POST['template_title']);
// Need something in both boxes.
if (empty($_POST['template_body']) || empty($_POST['template_title'])) {
fatal_error($txt['mc_warning_template_error_empty']);
}
// Safety first.
$_POST['template_title'] = $smcFunc['htmlspecialchars']($_POST['template_title']);
// Clean up BBC.
preparsecode($_POST['template_body']);
// But put line breaks back!
$_POST['template_body'] = strtr($_POST['template_body'], array('<br />' => "\n"));
// Is this personal?
$recipient_id = !empty($_POST['make_personal']) ? $user_info['id'] : 0;
// If we are this far it's save time.
if ($context['is_edit']) {
// Simple update...
$smcFunc['db_query']('', '
UPDATE {db_prefix}log_comments
SET id_recipient = {int:personal}, recipient_name = {string:title}, body = {string:body}
WHERE id_comment = {int:id}
AND comment_type = {string:warntpl}
AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})' . ($recipient_id ? ' AND id_member = {int:current_member}' : ''), array('personal' => $recipient_id, 'title' => $_POST['template_title'], 'body' => $_POST['template_body'], 'id' => $context['id_template'], 'warntpl' => 'warntpl', 'generic' => 0, 'current_member' => $user_info['id']));
// If it wasn't visible and now is they've effectively added it.
if ($context['template_data']['personal'] && !$recipient_id) {
logAction('add_warn_template', array('template' => $_POST['template_title']));
} elseif (!$context['template_data']['personal'] && $recipient_id) {
logAction('delete_warn_template', array('template' => $_POST['template_title']));
} else {
logAction('modify_warn_template', array('template' => $_POST['template_title']));
}
} else {
$smcFunc['db_insert']('', '{db_prefix}log_comments', array('id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'id_recipient' => 'int', 'recipient_name' => 'string-255', 'body' => 'string-65535', 'log_time' => 'int'), array($user_info['id'], $user_info['name'], 'warntpl', $recipient_id, $_POST['template_title'], $_POST['template_body'], time()), array('id_comment'));
logAction('add_warn_template', array('template' => $_POST['template_title']));
}
// Get out of town...
redirectexit('action=moderate;area=warnings;sa=templates');
}
}
/**
* Send it!
*/
function MessagePost2()
{
global $txt, $context, $sourcedir;
global $user_info, $modSettings, $scripturl, $smcFunc;
isAllowedTo('pm_send');
require_once $sourcedir . '/Subs-Auth.php';
loadLanguage('PersonalMessage', '', false);
// Extract out the spam settings - it saves database space!
list($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
// Initialize the errors we're about to make.
$post_errors = array();
// Check whether we've gone over the limit of messages we can send per hour - fatal error if fails!
if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail')) && $user_info['mod_cache']['bq'] == '0=1' && $user_info['mod_cache']['gq'] == '0=1') {
// How many have they sent this last hour?
$request = $smcFunc['db_query']('', '
SELECT COUNT(pr.id_pm) AS post_count
FROM {db_prefix}personal_messages AS pm
INNER JOIN {db_prefix}pm_recipients AS pr ON (pr.id_pm = pm.id_pm)
WHERE pm.id_member_from = {int:current_member}
AND pm.msgtime > {int:msgtime}', array('current_member' => $user_info['id'], 'msgtime' => time() - 3600));
list($postCount) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
if (!empty($postCount) && $postCount >= $modSettings['pm_posts_per_hour']) {
if (!isset($_REQUEST['xml'])) {
fatal_lang_error('pm_too_many_per_hour', true, array($modSettings['pm_posts_per_hour']));
} else {
$post_errors[] = 'pm_too_many_per_hour';
}
}
}
// If your session timed out, show an error, but do allow to re-submit.
if (!isset($_REQUEST['xml']) && checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
$_REQUEST['subject'] = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
$_REQUEST['to'] = empty($_POST['to']) ? empty($_GET['to']) ? '' : $_GET['to'] : $_POST['to'];
$_REQUEST['bcc'] = empty($_POST['bcc']) ? empty($_GET['bcc']) ? '' : $_GET['bcc'] : $_POST['bcc'];
// Route the input from the 'u' parameter to the 'to'-list.
if (!empty($_POST['u'])) {
$_POST['recipient_to'] = explode(',', $_POST['u']);
}
// Construct the list of recipients.
$recipientList = array();
$namedRecipientList = array();
$namesNotFound = array();
foreach (array('to', 'bcc') as $recipientType) {
// First, let's see if there's user ID's given.
$recipientList[$recipientType] = array();
if (!empty($_POST['recipient_' . $recipientType]) && is_array($_POST['recipient_' . $recipientType])) {
foreach ($_POST['recipient_' . $recipientType] as $recipient) {
$recipientList[$recipientType][] = (int) $recipient;
}
}
// Are there also literal names set?
if (!empty($_REQUEST[$recipientType])) {
// We're going to take out the "s anyway ;).
$recipientString = strtr($_REQUEST[$recipientType], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $recipientString, $matches);
$namedRecipientList[$recipientType] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $recipientString))));
foreach ($namedRecipientList[$recipientType] as $index => $recipient) {
if (strlen(trim($recipient)) > 0) {
$namedRecipientList[$recipientType][$index] = $smcFunc['htmlspecialchars']($smcFunc['strtolower'](trim($recipient)));
} else {
unset($namedRecipientList[$recipientType][$index]);
}
}
if (!empty($namedRecipientList[$recipientType])) {
$foundMembers = findMembers($namedRecipientList[$recipientType]);
// Assume all are not found, until proven otherwise.
$namesNotFound[$recipientType] = $namedRecipientList[$recipientType];
foreach ($foundMembers as $member) {
$testNames = array($smcFunc['strtolower']($member['username']), $smcFunc['strtolower']($member['name']), $smcFunc['strtolower']($member['email']));
if (count(array_intersect($testNames, $namedRecipientList[$recipientType])) !== 0) {
$recipientList[$recipientType][] = $member['id'];
// Get rid of this username, since we found it.
$namesNotFound[$recipientType] = array_diff($namesNotFound[$recipientType], $testNames);
}
}
}
}
// Selected a recipient to be deleted? Remove them now.
if (!empty($_POST['delete_recipient'])) {
$recipientList[$recipientType] = array_diff($recipientList[$recipientType], array((int) $_POST['delete_recipient']));
}
// Make sure we don't include the same name twice
$recipientList[$recipientType] = array_unique($recipientList[$recipientType]);
}
// Are we changing the recipients some how?
$is_recipient_change = !empty($_POST['delete_recipient']) || !empty($_POST['to_submit']) || !empty($_POST['bcc_submit']);
// Check if there's at least one recipient.
if (empty($recipientList['to']) && empty($recipientList['bcc'])) {
$post_errors[] = 'no_to';
}
// Make sure that we remove the members who did get it from the screen.
if (!$is_recipient_change) {
foreach ($recipientList as $recipientType => $dummy) {
if (!empty($namesNotFound[$recipientType])) {
$post_errors[] = 'bad_' . $recipientType;
// Since we already have a post error, remove the previous one.
$post_errors = array_diff($post_errors, array('no_to'));
foreach ($namesNotFound[$recipientType] as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
}
}
// Did they make any mistakes?
if ($_REQUEST['subject'] == '') {
$post_errors[] = 'no_subject';
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
} else {
// Preparse the message.
$message = $_REQUEST['message'];
preparsecode($message);
// Make sure there's still some content left without the tags.
if ($smcFunc['htmltrim'](strip_tags(parse_bbc($smcFunc['htmlspecialchars']($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false)) {
$post_errors[] = 'no_message';
}
}
// Wrong verification code?
if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'pm');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
// If they did, give a chance to make ammends.
if (!empty($post_errors) && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml'])) {
return messagePostError($post_errors, $namedRecipientList, $recipientList);
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = $smcFunc['htmlspecialchars']($_REQUEST['subject']);
$context['preview_message'] = $smcFunc['htmlspecialchars']($_REQUEST['message'], ENT_QUOTES);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
// Pretend they messed up but don't ignore if they really did :P.
return messagePostError($post_errors, $namedRecipientList, $recipientList);
} elseif ($is_recipient_change) {
// Maybe we couldn't find one?
foreach ($namesNotFound as $recipientType => $names) {
$post_errors[] = 'bad_' . $recipientType;
foreach ($names as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
return messagePostError(array(), $namedRecipientList, $recipientList);
}
// Want to save this as a draft and think about it some more?
if (!empty($modSettings['drafts_enabled']) && !empty($modSettings['drafts_pm_enabled']) && isset($_POST['save_draft'])) {
require_once $sourcedir . '/Drafts.php';
SavePMDraft($post_errors, $recipientList);
return messagePostError($post_errors, $namedRecipientList, $recipientList);
} elseif (!empty($modSettings['max_pm_recipients']) && count($recipientList['to']) + count($recipientList['bcc']) > $modSettings['max_pm_recipients'] && !allowedTo(array('moderate_forum', 'send_mail', 'admin_forum'))) {
$context['send_log'] = array('sent' => array(), 'failed' => array(sprintf($txt['pm_too_many_recipients'], $modSettings['max_pm_recipients'])));
return messagePostError($post_errors, $namedRecipientList, $recipientList);
}
// Protect from message spamming.
spamProtection('pm');
// Prevent double submission of this form.
checkSubmitOnce('check');
// Do the actual sending of the PM.
if (!empty($recipientList['to']) || !empty($recipientList['bcc'])) {
$context['send_log'] = sendpm($recipientList, $_REQUEST['subject'], $_REQUEST['message'], !empty($_REQUEST['outbox']), null, !empty($_REQUEST['pm_head']) ? (int) $_REQUEST['pm_head'] : 0);
} else {
$context['send_log'] = array('sent' => array(), 'failed' => array());
}
// Mark the message as "replied to".
if (!empty($context['send_log']['sent']) && !empty($_REQUEST['replied_to']) && isset($_REQUEST['f']) && $_REQUEST['f'] == 'inbox') {
$smcFunc['db_query']('', '
UPDATE {db_prefix}pm_recipients
SET is_read = is_read | 2
WHERE id_pm = {int:replied_to}
AND id_member = {int:current_member}', array('current_member' => $user_info['id'], 'replied_to' => (int) $_REQUEST['replied_to']));
}
// If one or more of the recipient were invalid, go back to the post screen with the failed usernames.
if (!empty($context['send_log']['failed'])) {
return messagePostError($post_errors, $namesNotFound, array('to' => array_intersect($recipientList['to'], $context['send_log']['failed']), 'bcc' => array_intersect($recipientList['bcc'], $context['send_log']['failed'])));
}
// Message sent successfully?
if (!empty($context['send_log']) && empty($context['send_log']['failed'])) {
$context['current_label_redirect'] = $context['current_label_redirect'] . ';done=sent';
}
// Go back to the where they sent from, if possible...
redirectexit($context['current_label_redirect']);
}
function shd_validate_custom_fields($scope, $dept)
{
global $context, $smcFunc, $txt, $sourcedir;
require_once $sourcedir . '/Subs-Post.php';
if (empty($context['ticket_form']['custom_fields'][$scope])) {
return array(array(), array());
}
$missing_fields = array();
$invalid_fields = array();
foreach ($context['ticket_form']['custom_fields'][$scope] as $field_id => $field) {
if (!$field['editable'] || !in_array($dept, $field['depts'])) {
continue;
}
if (empty($field['options']['inactive'])) {
$field['options']['inactive'] = array();
}
// Multi-selects are special. Deal with them first.
if ($field['type'] == CFIELD_TYPE_MULTI) {
$newvalues = array();
foreach ($field['options'] as $k => $v) {
if (!empty($_POST['field-' . $field_id . '-' . $k])) {
if (!in_array($k, $field['options']['inactive']) || empty($field['is_required'])) {
$newvalues[] = $k;
}
}
}
$value = !empty($newvalues) ? implode(',', $newvalues) : '';
if (!empty($field['is_required']) && count($newvalues) < $field['is_required']) {
$missing_fields[$field_id] = sprintf($txt['error_missing_multi'], $field['name'], $field['is_required']);
}
} elseif (isset($_POST['field-' . $field_id])) {
if ($field['type'] != CFIELD_TYPE_MULTI) {
$value = trim($_POST['field-' . $field_id]);
}
// Now to sanitise the individual value.
switch ($field['type']) {
case CFIELD_TYPE_TEXT:
case CFIELD_TYPE_LARGETEXT:
if ($field['is_required'] && empty($value)) {
$missing_fields[$field_id] = $field['name'];
} else {
if (!empty($field['length'])) {
$value = $smcFunc['substr']($value, 0, $field['length']);
}
$value = $smcFunc['htmlspecialchars']($value, ENT_QUOTES);
preparsecode($value);
}
break;
case CFIELD_TYPE_INT:
// Well, check it was provided with a non empty value and check that that was a number and a whole one at that...
if (empty($value) && $field['is_required']) {
$missing_fields[$field_id] = $field['name'];
} elseif (!empty($value) && (!is_numeric($value) || $value != (string) (int) $value)) {
$invalid_fields[$field_id] = $field['name'];
}
break;
case CFIELD_TYPE_FLOAT:
// Ordinarily we'd use PHP internally to do this and just cast it. But prior to 5.2.17 / 5.3.5 on x86 builds... it can hang PHP.
if (empty($value) && $field['is_required']) {
$missing_fields[$field_id] = $field['name'];
} elseif (!empty($value) && !preg_match('~^[-+]?\\d*(\\.\\d{0,10}([eE][-+]?\\d{1,2})?)?$~', $value)) {
$invalid_fields[$field_id] = $field['name'];
} elseif (strpos($value, '.') === 0) {
$value = '0' . $value;
} elseif (strpos($value, '-.') === 0) {
$value = str_replace('-.', '-0.', $value);
}
break;
case CFIELD_TYPE_SELECT:
case CFIELD_TYPE_RADIO:
// It's set but is it a number and a number that represents a key in the array? Same principle for select and radio.
if ($field['is_required'] && (empty($value) || in_array($value, $field['options']['inactive']))) {
$missing_fields[$field_id] = $field['name'];
} elseif (!empty($value) && (!is_numeric($value) || !isset($field['options'][(int) $value]))) {
$invalid_fields[$field_id] = $field['name'];
}
break;
case CFIELD_TYPE_CHECKBOX:
// If there's something in it, it's on, simple as that.
$value = 1;
break;
}
} elseif ($field['is_required']) {
$missing_fields[$field_id] = $field['name'];
} elseif ($field['type'] == CFIELD_TYPE_CHECKBOX) {
$value = 0;
}
// Did we actually come up with a value in the end?
if (isset($value)) {
// OK... well, if it's a new ticket, we're saving the value. Even if it's default, so that we're clear that there is a value for it.
$context['ticket_form']['custom_fields'][$scope][$field_id]['new_value'] = $value;
unset($value);
// for next time
}
}
return array($missing_fields, $invalid_fields);
}
/**
* Post a message at the end of the original topic
*
* @param string $reason the text that will become the message body
* @param string $subject the text that will become the message subject
* @param mixed[] $board_info some board informations (at least id, name, if posts are counted)
* @param string $new_topic used to buld the url for moving to a new topic
*/
function postSplitRedirect($reason, $subject, $board_info, $new_topic)
{
global $scripturl, $user_info, $language, $txt, $topic, $board;
// Should be in the boardwide language.
if ($user_info['language'] != $language) {
loadLanguage('index', $language);
}
preparsecode($reason);
// Add a URL onto the message.
$reason = strtr($reason, array($txt['movetopic_auto_board'] => '[url=' . $scripturl . '?board=' . $board_info['id'] . '.0]' . $board_info['name'] . '[/url]', $txt['movetopic_auto_topic'] => '[iurl]' . $scripturl . '?topic=' . $new_topic . '.0[/iurl]'));
$msgOptions = array('subject' => $txt['split'] . ': ' . strtr(Util::htmltrim(Util::htmlspecialchars($subject)), array("\r" => '', "\n" => '', "\t" => '')), 'body' => $reason, 'icon' => 'moved', 'smileys_enabled' => 1);
$topicOptions = array('id' => $topic, 'board' => $board, 'mark_as_read' => true);
$posterOptions = array('id' => $user_info['id'], 'update_post_count' => empty($board_info['count_posts']));
createPost($msgOptions, $topicOptions, $posterOptions);
}
function sendpm($recipients, $subject, $message, $store_outbox = false, $from = null)
{
global $db_prefix, $ID_MEMBER, $scripturl, $txt, $user_info, $language, $func, $modSettings;
// Initialize log array.
$log = array('failed' => array(), 'sent' => array());
if ($from === null) {
$from = array('id' => $ID_MEMBER, 'name' => $user_info['name'], 'username' => $user_info['username']);
} else {
$user_info['name'] = $from['name'];
}
// This is the one that will go in their inbox.
$htmlmessage = $func['htmlspecialchars']($message, ENT_QUOTES);
$htmlsubject = $func['htmlspecialchars']($subject);
preparsecode($htmlmessage);
// Integrated PMs
if (isset($modSettings['integrate_personal_message']) && function_exists($modSettings['integrate_personal_message'])) {
$modSettings['integrate_personal_message']($recipients, $from['username'], $subject, $message);
}
// Get a list of usernames and convert them to IDs.
$usernames = array();
foreach ($recipients as $rec_type => $rec) {
foreach ($rec as $id => $member) {
if (!is_numeric($recipients[$rec_type][$id])) {
$recipients[$rec_type][$id] = $func['strtolower'](trim(preg_replace('/[<>&"\'=\\\\]/', '', $recipients[$rec_type][$id])));
$usernames[$recipients[$rec_type][$id]] = 0;
}
}
}
if (!empty($usernames)) {
$request = db_query("\n\t\t\tSELECT ID_MEMBER, memberName\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE memberName IN ('" . implode("', '", array_keys($usernames)) . "')", __FILE__, __LINE__);
while ($row = mysql_fetch_assoc($request)) {
if (isset($usernames[$func['strtolower']($row['memberName'])])) {
$usernames[$func['strtolower']($row['memberName'])] = $row['ID_MEMBER'];
}
}
mysql_free_result($request);
// Replace the usernames with IDs. Drop usernames that couldn't be found.
foreach ($recipients as $rec_type => $rec) {
foreach ($rec as $id => $member) {
if (is_numeric($recipients[$rec_type][$id])) {
continue;
}
if (!empty($usernames[$member])) {
$recipients[$rec_type][$id] = $usernames[$member];
} else {
$log['failed'][] = sprintf($txt['pm_error_user_not_found'], $recipients[$rec_type][$id]);
unset($recipients[$rec_type][$id]);
}
}
}
}
// Make sure there are no duplicate 'to' members.
$recipients['to'] = array_unique($recipients['to']);
// Only 'bcc' members that aren't already in 'to'.
$recipients['bcc'] = array_diff(array_unique($recipients['bcc']), $recipients['to']);
// Combine 'to' and 'bcc' recipients.
$all_to = array_merge($recipients['to'], $recipients['bcc']);
$request = db_query("\n\t\tSELECT\n\t\t\tmem.memberName, mem.realName, mem.ID_MEMBER, mem.emailAddress, mem.lngfile, mg.maxMessages,\n\t\t\tmem.pm_email_notify, mem.instantMessages," . (allowedTo('moderate_forum') ? ' 0' : "\n\t\t\t(mem.pm_ignore_list = '*' OR FIND_IN_SET({$from['id']}, mem.pm_ignore_list))") . " AS ignored,\n\t\t\tFIND_IN_SET({$from['id']}, mem.buddy_list) AS is_buddy, mem.is_activated,\n\t\t\t(mem.ID_GROUP = 1 OR FIND_IN_SET(1, mem.additionalGroups)) AS is_admin\n\t\tFROM {$db_prefix}members AS mem\n\t\t\tLEFT JOIN {$db_prefix}membergroups AS mg ON (mg.ID_GROUP = IF(mem.ID_GROUP = 0, mem.ID_POST_GROUP, mem.ID_GROUP))\n\t\tWHERE mem.ID_MEMBER IN (" . implode(", ", $all_to) . ")\n\t\tORDER BY mem.lngfile\n\t\tLIMIT " . count($all_to), __FILE__, __LINE__);
$notifications = array();
while ($row = mysql_fetch_assoc($request)) {
// Has the receiver gone over their message limit, assuming that neither they nor the sender are important?!
if (!empty($row['maxMessages']) && $row['maxMessages'] <= $row['instantMessages'] && !allowedTo('moderate_forum') && !$row['is_admin']) {
$log['failed'][] = sprintf($txt['pm_error_data_limit_reached'], $row['realName']);
unset($all_to[array_search($row['ID_MEMBER'], $all_to)]);
continue;
}
if (!empty($row['ignored'])) {
$log['failed'][] = sprintf($txt['pm_error_ignored_by_user'], $row['realName']);
unset($all_to[array_search($row['ID_MEMBER'], $all_to)]);
continue;
}
// Send a notification, if enabled - taking into account buddy list!.
if (!empty($row['emailAddress']) && ($row['pm_email_notify'] == 1 || $row['pm_email_notify'] > 1 && ($row['is_buddy'] || !empty($modSettings['enable_buddylist']))) && $row['is_activated'] == 1) {
$notifications[empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']][] = $row['emailAddress'];
}
$log['sent'][] = sprintf(isset($txt['pm_successfully_sent']) ? $txt['pm_successfully_sent'] : '', $row['realName']);
}
mysql_free_result($request);
// Only 'send' the message if there are any recipients left.
if (empty($all_to)) {
return $log;
}
// Insert the message itself and then grab the last insert id.
db_query("\n\t\tINSERT INTO {$db_prefix}personal_messages\n\t\t\t(ID_MEMBER_FROM, deletedBySender, fromName, msgtime, subject, body)\n\t\tVALUES ({$from['id']}, " . ($store_outbox ? '0' : '1') . ", SUBSTRING('{$from['username']}', 1, 255), " . time() . ", SUBSTRING('{$htmlsubject}', 1, 255), SUBSTRING('{$htmlmessage}', 1, 65534))", __FILE__, __LINE__);
$ID_PM = db_insert_id();
// Add the recipients.
if (!empty($ID_PM)) {
// Some people think manually deleting personal_messages is fun... it's not. We protect against it though :)
db_query("\n\t\t\tDELETE FROM {$db_prefix}pm_recipients\n\t\t\tWHERE ID_PM = {$ID_PM}", __FILE__, __LINE__);
$insertRows = array();
foreach ($all_to as $to) {
$insertRows[] = "({$ID_PM}, {$to}, " . (in_array($to, $recipients['bcc']) ? '1' : '0') . ')';
}
db_query("\n\t\t\tINSERT INTO {$db_prefix}pm_recipients\n\t\t\t\t(ID_PM, ID_MEMBER, bcc)\n\t\t\tVALUES " . implode(',
', $insertRows), __FILE__, __LINE__);
}
$message = stripslashes($message);
censorText($message);
censorText($subject);
$message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc(htmlspecialchars($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '[' => '[', ']' => ']')))));
foreach ($notifications as $lang => $notification_list) {
// Make sure to use the right language.
if (loadLanguage('PersonalMessage', $lang, false) === false) {
loadLanguage('InstantMessage', $lang, false);
}
// Replace the right things in the message strings.
$mailsubject = str_replace(array('SUBJECT', 'SENDER'), array($subject, un_htmlspecialchars($from['name'])), $txt[561]);
$mailmessage = str_replace(array('SUBJECT', 'MESSAGE', 'SENDER'), array($subject, $message, un_htmlspecialchars($from['name'])), $txt[562]);
$mailmessage .= "\n\n" . $txt['instant_reply'] . ' ' . $scripturl . '?action=pm;sa=send;f=inbox;pmsg=' . $ID_PM . ';quote;u=' . $from['id'];
// Off the notification email goes!
sendmail($notification_list, $mailsubject, $mailmessage, null, 'p' . $ID_PM);
}
// Back to what we were on before!
if (loadLanguage('PersonalMessage') === false) {
loadLanguage('InstantMessage');
}
// Add one to their unread and read message counts.
updateMemberData($all_to, array('instantMessages' => '+', 'unreadMessages' => '+'));
return $log;
}
function UpdateJSONFeedBots()
{
global $smcFunc, $txt, $context, $sourcedir, $tag_attrs, $feedcount, $smcFunc, $maxitemcount, $insideitem, $tag, $modSettings;
// Load the language files
if (loadlanguage('FeedPoster') == false) {
loadLanguage('FeedPoster', 'english');
}
// First get all the enabled bots
$context['feeds'] = array();
$request = $smcFunc['db_query']('', "\n\t\t\tSELECT\n\t\t\t\tID_FEED, ID_BOARD, feedurl, title, postername, updatetime, enabled, html,\n\t\t\t\tID_MEMBER, locked, articlelink, topicprefix, numbertoimport, importevery,\n\t\t\t\tmsgicon, footer, id_topic \n\t\t\tFROM {db_prefix}feedbot\n\t\t\tWHERE enabled = 1 AND json = 1");
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$request2 = $smcFunc['db_query']('', "\n\t\t\tSELECT\n\t\t\t\tcount_posts\n\t\t\tFROM {db_prefix}boards \n\t\t\tWHERE ID_BOARD = " . $row['ID_BOARD']);
$row2 = $smcFunc['db_fetch_assoc']($request2);
$row['count_posts'] = $row2['count_posts'];
$context['feeds'][] = $row;
}
$smcFunc['db_free_result']($request);
// For the createPost function
require_once $sourcedir . '/Subs-Post.php';
require_once $sourcedir . '/Subs-Editor.php';
// Check if a field expired
foreach ($context['feeds'] as $key => $feed) {
$current_time = time();
// If the feedbot time to next import has expired
if ($current_time > $feed['updatetime']) {
$feeddata = disguise_curl($feed['feedurl']);
$json_feed_object = json_decode($feeddata);
$feedcount = 0;
$context['feeditems'] = array();
if (!empty($json_feed_object->entries)) {
foreach ($json_feed_object->entries as $entry) {
// echo "<h2>{$entry->title}</h2>";
// $published = date("g:i A F j, Y", strtotime($entry->published));
// echo "<small>{$published}</small>";
//echo "<p>{$entry->content}</p>";
$context['feeditems'][$feedcount]['title'] = (string) $entry->title;
$context['feeditems'][$feedcount]['description'] = (string) $entry->content;
$context['feeditems'][$feedcount]['description'] = html_to_bbc($context['feeditems'][$feedcount]['description']);
$context['feeditems'][$feedcount]['link'] = (string) $entry->alternate;
$feedcount++;
}
}
if (!empty($feeddata)) {
// Process the XML
$maxitemcount = $feed['numbertoimport'];
$context['feeditems'] = array_reverse($context['feeditems']);
// Loop though all the items
$myfeedcount = 0;
for ($i = 0; $i < $feedcount; $i++) {
if ($myfeedcount >= $maxitemcount) {
continue;
}
// Check feed Log
// Generate the hash for the log
if (!isset($context['feeditems'][$i]['title']) || !isset($context['feeditems'][$i]['description'])) {
continue;
}
if (empty($context['feeditems'][$i]['title']) && empty($context['feeditems'][$i]['description'])) {
continue;
}
$itemhash = md5($context['feeditems'][$i]['title'] . $context['feeditems'][$i]['description']);
$request = $smcFunc['db_query']('', "\n\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\tfeedtime\n\t\t\t\t\t\t\tFROM {db_prefix}feedbot_log\n\t\t\t\t\t\t\tWHERE feedhash = '{$itemhash}'");
$smcFunc['db_free_result']($request);
// If no has has found that means no duplicate entry
if ($smcFunc['db_affected_rows']() == 0) {
// Create the Post
$msg_title = $smcFunc['htmlspecialchars']($feed['html'] ? $context['feeditems'][$i]['title'] : strip_tags($context['feeditems'][$i]['title']), ENT_QUOTES);
$msg_title = trim($msg_title);
$msg_body = '';
if ($feed['html']) {
$msg_body = $smcFunc['htmlspecialchars']($context['feeditems'][$i]['description'], ENT_QUOTES);
$msg_body = trim($msg_body);
preparsecode($msg_body);
$msg_body = '[html]' . $msg_body . '[/html]';
$msg_body .= $smcFunc['htmlspecialchars']("\n\n" . $txt['feedposter_source'] . "[url=" . $context['feeditems'][$i]['link'] . "]" . $msg_title . "[/url]", ENT_QUOTES);
if (!empty($feed['footer'])) {
$msg_body .= $smcFunc['htmlspecialchars']("\n\n" . $feed['footer'], ENT_QUOTES);
}
} else {
$msg_body = $smcFunc['htmlspecialchars'](strip_tags($context['feeditems'][$i]['description']), ENT_QUOTES);
$msg_body = trim($msg_body);
$msg_body .= $smcFunc['htmlspecialchars']("\n\n" . $txt['feedposter_source'] . "[url=" . $context['feeditems'][$i]['link'] . "]" . $msg_title . "[/url]", ENT_QUOTES);
if (!empty($feed['footer'])) {
$msg_body .= $smcFunc['htmlspecialchars']("\n\n" . $feed['footer'], ENT_QUOTES);
}
}
$msg_title = htmlspecialchars_decode($msg_title);
$msg_body = htmlspecialchars_decode($msg_body);
$updatePostCount = $feed['ID_MEMBER'] == 0 ? 0 : 1;
if ($feed['count_posts'] == 0) {
$updatePostCount = 0;
}
$msgOptions = array('id' => 0, 'subject' => $feed['topicprefix'] . $msg_title, 'body' => '[b]' . $msg_title . "[/b]\n\n" . $msg_body, 'icon' => $feed['msgicon'], 'smileys_enabled' => 1, 'attachments' => array());
$topicOptions = array('id' => $row['id_topic'], 'board' => $feed['ID_BOARD'], 'poll' => null, 'lock_mode' => $feed['locked'], 'sticky_mode' => null, 'mark_as_read' => false);
$posterOptions = array('id' => $feed['ID_MEMBER'], 'name' => $feed['postername'], 'email' => '', 'ip' => '127.0.0.1', 'update_post_count' => $updatePostCount);
createPost($msgOptions, $topicOptions, $posterOptions);
$topicID = 0;
if (isset($topicOptions['id'])) {
$topicID = $topicOptions['id'];
}
$msgID = 0;
if (isset($msgOptions['id'])) {
$msgID = $msgOptions['id'];
}
// Add Feed Log
$fid = $feed['ID_FEED'];
$ftime = time();
$smcFunc['db_query']('', "\n\t\t\t\t\t\t\t\tINSERT INTO {db_prefix}feedbot_log\n\t\t\t\t\t\t\t\t\t(ID_FEED, feedhash, feedtime, ID_TOPIC,ID_MSG)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t\t({$fid},'{$itemhash}',{$ftime},{$topicID},{$msgID})");
$smcFunc['db_query']('', "\n\t\t\t\t\t\t\t\tUPDATE {db_prefix}feedbot\n\t\t\t\t\t\t\t\tSET total_posts = total_posts + 1 \n\t\t\t\t\t\t\t\tWHERE ID_FEED = {$fid}\n\t\t\t\t\t\t\t\t");
$myfeedcount++;
}
}
}
// End get feed data
// Set the RSS Feed Update time
$updatetime = time() + 60 * $feed['importevery'];
$smcFunc['db_query']('', "\n\t\t\tUPDATE {db_prefix}feedbot \n\t\t\tSET \n\t\t\t\tupdatetime = '{$updatetime}'\n\t\t\n\t\t\tWHERE ID_FEED = " . $feed['ID_FEED']);
}
// End expire check
}
// End for each feed
}
function MoveTopic2()
{
global $txt, $board, $topic, $scripturl, $sourcedir, $modSettings, $context;
global $board, $language, $user_info, $smcFunc;
if (empty($topic)) {
fatal_lang_error('no_access', false);
}
// You can't choose to have a redirection topic and use an empty reason.
if (isset($_POST['postRedirect']) && (!isset($_POST['reason']) || trim($_POST['reason']) == '')) {
fatal_lang_error('movetopic_no_reason', false);
}
// Make sure this form hasn't been submitted before.
checkSubmitOnce('check');
$request = $smcFunc['db_query']('', '
SELECT id_member_started, id_first_msg, approved
FROM {db_prefix}topics
WHERE id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic));
list($id_member_started, $id_first_msg, $context['is_approved']) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Can they see it?
if (!$context['is_approved']) {
isAllowedTo('approve_posts');
}
// Can they move topics on this board?
if (!allowedTo('move_any')) {
if ($id_member_started == $user_info['id']) {
isAllowedTo('move_own');
$boards = array_merge(boardsAllowedTo('move_own'), boardsAllowedTo('move_any'));
} else {
isAllowedTo('move_any');
}
} else {
$boards = boardsAllowedTo('move_any');
}
// If this topic isn't approved don't let them move it if they can't approve it!
if ($modSettings['postmod_active'] && !$context['is_approved'] && !allowedTo('approve_posts')) {
// Only allow them to move it to other boards they can't approve it in.
$can_approve = boardsAllowedTo('approve_posts');
$boards = array_intersect($boards, $can_approve);
}
checkSession();
require_once $sourcedir . '/Subs-Post.php';
// The destination board must be numeric.
$_POST['toboard'] = (int) $_POST['toboard'];
// Make sure they can see the board they are trying to move to (and get whether posts count in the target board).
$request = $smcFunc['db_query']('', '
SELECT b.count_posts, b.name, m.subject
FROM {db_prefix}boards AS b
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
WHERE {query_see_board}
AND b.id_board = {int:to_board}
AND b.redirect = {string:blank_redirect}
LIMIT 1', array('current_topic' => $topic, 'to_board' => $_POST['toboard'], 'blank_redirect' => ''));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_board');
}
list($pcounter, $board_name, $subject) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Remember this for later.
$_SESSION['move_to_topic'] = $_POST['toboard'];
// Rename the topic...
if (isset($_POST['reset_subject'], $_POST['custom_subject']) && $_POST['custom_subject'] != '') {
$_POST['custom_subject'] = strtr($smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['custom_subject'])), array("\r" => '', "\n" => '', "\t" => ''));
// Keep checking the length.
if ($smcFunc['strlen']($_POST['custom_subject']) > 100) {
$_POST['custom_subject'] = $smcFunc['substr']($_POST['custom_subject'], 0, 100);
}
// If it's still valid move onwards and upwards.
if ($_POST['custom_subject'] != '') {
if (isset($_POST['enforce_subject'])) {
// Get a response prefix, but in the forum's default language.
if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix'))) {
if ($language === $user_info['language']) {
$context['response_prefix'] = $txt['response_prefix'];
} else {
loadLanguage('index', $language, false);
$context['response_prefix'] = $txt['response_prefix'];
loadLanguage('index');
}
cache_put_data('response_prefix', $context['response_prefix'], 600);
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}messages
SET subject = {string:subject}
WHERE id_topic = {int:current_topic}', array('current_topic' => $topic, 'subject' => $context['response_prefix'] . $_POST['custom_subject']));
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}messages
SET subject = {string:custom_subject}
WHERE id_msg = {int:id_first_msg}', array('id_first_msg' => $id_first_msg, 'custom_subject' => $_POST['custom_subject']));
// Fix the subject cache.
updateStats('subject', $topic, $_POST['custom_subject']);
}
}
// Create a link to this in the old board.
//!!! Does this make sense if the topic was unapproved before? I'd just about say so.
if (isset($_POST['postRedirect'])) {
// Should be in the boardwide language.
if ($user_info['language'] != $language) {
loadLanguage('index', $language);
}
$_POST['reason'] = $smcFunc['htmlspecialchars']($_POST['reason'], ENT_QUOTES);
preparsecode($_POST['reason']);
// Add a URL onto the message.
$_POST['reason'] = strtr($_POST['reason'], array($txt['movetopic_auto_board'] => '[url=' . $scripturl . '?board=' . $_POST['toboard'] . '.0]' . $board_name . '[/url]', $txt['movetopic_auto_topic'] => '[iurl]' . $scripturl . '?topic=' . $topic . '.0[/iurl]'));
$msgOptions = array('subject' => $txt['moved'] . ': ' . $subject, 'body' => $_POST['reason'], 'icon' => 'moved', 'smileys_enabled' => 1);
$topicOptions = array('board' => $board, 'lock_mode' => 1, 'mark_as_read' => true);
$posterOptions = array('id' => $user_info['id'], 'update_post_count' => empty($pcounter));
createPost($msgOptions, $topicOptions, $posterOptions);
}
$request = $smcFunc['db_query']('', '
SELECT count_posts
FROM {db_prefix}boards
WHERE id_board = {int:current_board}
LIMIT 1', array('current_board' => $board));
list($pcounter_from) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
if ($pcounter_from != $pcounter) {
$request = $smcFunc['db_query']('', '
SELECT id_member
FROM {db_prefix}messages
WHERE id_topic = {int:current_topic}
AND approved = {int:is_approved}', array('current_topic' => $topic, 'is_approved' => 1));
$posters = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (!isset($posters[$row['id_member']])) {
$posters[$row['id_member']] = 0;
}
$posters[$row['id_member']]++;
}
$smcFunc['db_free_result']($request);
foreach ($posters as $id_member => $posts) {
// The board we're moving from counted posts, but not to.
if (empty($pcounter_from)) {
updateMemberData($id_member, array('posts' => 'posts - ' . $posts));
} else {
updateMemberData($id_member, array('posts' => 'posts + ' . $posts));
}
}
}
// Do the move (includes statistics update needed for the redirect topic).
moveTopics($topic, $_POST['toboard']);
// Log that they moved this topic.
if (!allowedTo('move_own') || $id_member_started != $user_info['id']) {
logAction('move', array('topic' => $topic, 'board_from' => $board, 'board_to' => $_POST['toboard']));
}
// Notify people that this topic has been moved?
sendNotifications($topic, 'move');
// Why not go back to the original board in case they want to keep moving?
if (!isset($_REQUEST['goback'])) {
redirectexit('board=' . $board . '.0');
} else {
redirectexit('topic=' . $topic . '.0');
}
}
/**
* Edit a 'it bounced' template.
*
* @uses bounce_template sub template
*/
public function action_modify_bounce_templates()
{
global $context, $txt, $user_info;
require_once SUBSDIR . '/Moderation.subs.php';
$context['id_template'] = isset($_REQUEST['tid']) ? (int) $_REQUEST['tid'] : 0;
$context['is_edit'] = (bool) $context['id_template'];
// Standard template things, you know the drill
$context['page_title'] = $context['is_edit'] ? $txt['ml_bounce_template_modify'] : $txt['ml_bounce_template_add'];
$context['sub_template'] = 'bounce_template';
$context[$context['admin_menu_name']]['current_subsection'] = 'templates';
// Defaults to show
$context['template_data'] = array('title' => '', 'body' => $txt['ml_bounce_template_body_default'], 'subject' => $txt['ml_bounce_template_subject_default'], 'personal' => false, 'can_edit_personal' => true);
// If it's an edit load it.
if ($context['is_edit']) {
modLoadTemplate($context['id_template'], 'bnctpl');
}
// Wait, we are saving?
if (isset($_POST['save'])) {
checkSession('post');
validateToken('mod-mlt');
// To check the BBC is good...
require_once SUBSDIR . '/Post.subs.php';
// Bit of cleaning!
$template_body = trim($_POST['template_body']);
$template_title = trim($_POST['template_title']);
// Need something in both boxes.
if (!empty($template_body) && !empty($template_title)) {
// Safety first.
$template_title = Util::htmlspecialchars($template_title);
// Clean up BBC.
preparsecode($template_body);
// But put line breaks back!
$template_body = strtr($template_body, array('<br />' => "\n"));
// Is this personal?
$recipient_id = !empty($_POST['make_personal']) ? $user_info['id'] : 0;
// Updating or adding ?
if ($context['is_edit']) {
// Simple update...
modAddUpdateTemplate($recipient_id, $template_title, $template_body, $context['id_template'], true, 'bnctpl');
// If it wasn't visible and now is they've effectively added it.
if ($context['template_data']['personal'] && !$recipient_id) {
logAction('add_bounce_template', array('template' => $template_title));
} elseif (!$context['template_data']['personal'] && $recipient_id) {
logAction('delete_bounce_template', array('template' => $template_title));
} else {
logAction('modify_bounce_template', array('template' => $template_title));
}
} else {
modAddUpdateTemplate($recipient_id, $template_title, $template_body, $context['id_template'], false, 'bnctpl');
logAction('add_bounce_template', array('template' => $template_title));
}
// Get out of town...
redirectexit('action=admin;area=maillist;sa=emailtemplates');
} else {
$context['warning_errors'] = array();
$context['template_data']['title'] = !empty($template_title) ? $template_title : '';
$context['template_data']['body'] = !empty($template_body) ? $template_body : $txt['ml_bounce_template_body_default'];
$context['template_data']['personal'] = !empty($recipient_id);
if (empty($template_title)) {
$context['warning_errors'][] = $txt['ml_bounce_template_error_no_title'];
}
if (empty($template_body)) {
$context['warning_errors'][] = $txt['ml_bounce_template_error_no_body'];
}
}
}
createToken('mod-mlt');
}
function sportal_admin_page_edit()
{
global $txt, $context, $modSettings, $smcFunc, $sourcedir, $options;
require_once $sourcedir . '/Subs-Editor.php';
require_once $sourcedir . '/Subs-Post.php';
$context['SPortal']['is_new'] = empty($_REQUEST['page_id']);
if (!empty($_REQUEST['content_mode']) && $_POST['type'] == 'bbc') {
$_REQUEST['content'] = html_to_bbc($_REQUEST['content']);
$_REQUEST['content'] = un_htmlspecialchars($_REQUEST['content']);
$_POST['content'] = $_REQUEST['content'];
}
$context['sides'] = array(5 => $txt['sp-positionHeader'], 1 => $txt['sp-positionLeft'], 2 => $txt['sp-positionTop'], 3 => $txt['sp-positionBottom'], 4 => $txt['sp-positionRight'], 6 => $txt['sp-positionFooter']);
$blocks = getBlockInfo();
$context['page_blocks'] = array();
foreach ($blocks as $block) {
$shown = false;
$tests = array('all', 'allpages', 'sforum');
if (!$context['SPortal']['is_new']) {
$tests[] = 'p' . (int) $_REQUEST['page_id'];
}
foreach (array('display', 'display_custom') as $field) {
if (substr($block[$field], 0, 4) === '$php') {
continue 2;
}
$block[$field] = explode(',', $block[$field]);
if (!$context['SPortal']['is_new'] && in_array('-p' . (int) $_REQUEST['page_id'], $block[$field])) {
continue;
}
foreach ($tests as $test) {
if (in_array($test, $block[$field])) {
$shown = true;
break;
}
}
}
$context['page_blocks'][$block['column']][] = array('id' => $block['id'], 'label' => $block['label'], 'shown' => $shown);
}
if (!empty($_POST['submit'])) {
checkSession();
if (!isset($_POST['title']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES)) === '') {
fatal_lang_error('sp_error_page_name_empty', false);
}
if (!isset($_POST['namespace']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES)) === '') {
fatal_lang_error('sp_error_page_namespace_empty', false);
}
$result = $smcFunc['db_query']('', '
SELECT id_page
FROM {db_prefix}sp_pages
WHERE namespace = {string:namespace}
AND id_page != {int:current}
LIMIT 1', array('limit' => 1, 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'current' => (int) $_POST['page_id']));
list($has_duplicate) = $smcFunc['db_fetch_row']($result);
$smcFunc['db_free_result']($result);
if (!empty($has_duplicate)) {
fatal_lang_error('sp_error_page_namespace_duplicate', false);
}
if (preg_match('~[^A-Za-z0-9_]+~', $_POST['namespace']) != 0) {
fatal_lang_error('sp_error_page_namespace_invalid_chars', false);
}
if (preg_replace('~[0-9]+~', '', $_POST['namespace']) === '') {
fatal_lang_error('sp_error_page_namespace_numeric', false);
}
if ($_POST['type'] == 'php' && !empty($_POST['content']) && empty($modSettings['sp_disable_php_validation'])) {
$error = sp_validate_php($_POST['content']);
if ($error) {
fatal_lang_error('error_sp_php_' . $error, false);
}
}
$permission_set = 0;
$groups_allowed = $groups_denied = '';
if (!empty($_POST['permission_set'])) {
$permission_set = (int) $_POST['permission_set'];
} elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) {
$groups_allowed = $groups_denied = array();
foreach ($_POST['membergroups'] as $id => $value) {
if ($value == 1) {
$groups_allowed[] = (int) $id;
} elseif ($value == -1) {
$groups_denied[] = (int) $id;
}
}
$groups_allowed = implode(',', $groups_allowed);
$groups_denied = implode(',', $groups_denied);
}
if (!empty($_POST['blocks']) && is_array($_POST['blocks'])) {
foreach ($_POST['blocks'] as $id => $block) {
$_POST['blocks'][$id] = (int) $block;
}
} else {
$_POST['blocks'] = array();
}
$fields = array('namespace' => 'string', 'title' => 'string', 'body' => 'string', 'type' => 'string', 'permission_set' => 'int', 'groups_allowed' => 'string', 'groups_denied' => 'string', 'style' => 'string', 'status' => 'int');
$page_info = array('id' => (int) $_POST['page_id'], 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']) ? 1 : 0);
if ($page_info['type'] == 'bbc') {
preparsecode($page_info['body']);
}
if ($context['SPortal']['is_new']) {
unset($page_info['id']);
$smcFunc['db_insert']('', '{db_prefix}sp_pages', $fields, $page_info, array('id_page'));
$page_info['id'] = $smcFunc['db_insert_id']('{db_prefix}sp_pages', 'id_page');
} else {
$update_fields = array();
foreach ($fields as $name => $type) {
$update_fields[] = $name . ' = {' . $type . ':' . $name . '}';
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}sp_pages
SET ' . implode(', ', $update_fields) . '
WHERE id_page = {int:id}', $page_info);
}
$to_show = array();
$not_to_show = array();
$changes = array();
foreach ($context['page_blocks'] as $page_blocks) {
foreach ($page_blocks as $block) {
if ($block['shown'] && !in_array($block['id'], $_POST['blocks'])) {
$not_to_show[] = $block['id'];
} elseif (!$block['shown'] && in_array($block['id'], $_POST['blocks'])) {
$to_show[] = $block['id'];
}
}
}
foreach ($to_show as $id) {
if (empty($blocks[$id]['display']) && empty($blocks[$id]['display_custom']) || $blocks[$id]['display'] == 'sportal') {
$changes[$id] = array('display' => 'portal,p' . $page_info['id'], 'display_custom' => '');
} elseif (in_array($blocks[$id]['display'], array('allaction', 'allboard'))) {
$changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . ',p' . $page_info['id']);
} elseif (in_array('-p' . $page_info['id'], explode(',', $blocks[$id]['display_custom']))) {
$changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('-p' . $page_info['id']))));
} elseif (empty($blocks[$id]['display_custom'])) {
$changes[$id] = array('display' => implode(',', array_merge(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => '');
} else {
$changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_merge(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id']))));
}
}
foreach ($not_to_show as $id) {
if (count(array_intersect(array($blocks[$id]['display'], $blocks[$id]['display_custom']), array('sforum', 'allpages', 'all'))) > 0) {
$changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . $blocks[$id]['display_custom'] . ',-p' . $page_info['id']);
} elseif (empty($blocks[$id]['display_custom'])) {
$changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => '');
} else {
$changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id']))));
}
}
foreach ($changes as $id => $data) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}sp_blocks
SET
display = {string:display},
display_custom = {string:display_custom}
WHERE id_block = {int:id}', array('id' => $id, 'display' => $data['display'], 'display_custom' => $data['display_custom']));
}
redirectexit('action=admin;area=portalpages');
}
if (!empty($_POST['preview'])) {
$permission_set = 0;
$groups_allowed = $groups_denied = array();
if (!empty($_POST['permission_set'])) {
$permission_set = (int) $_POST['permission_set'];
} elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) {
foreach ($_POST['membergroups'] as $id => $value) {
if ($value == 1) {
$groups_allowed[] = (int) $id;
} elseif ($value == -1) {
$groups_denied[] = (int) $id;
}
}
}
$context['SPortal']['page'] = array('id' => $_POST['page_id'], 'page_id' => $_POST['namespace'], 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']));
if ($context['SPortal']['page']['type'] == 'bbc') {
preparsecode($context['SPortal']['page']['body']);
}
loadTemplate('PortalPages');
$context['SPortal']['preview'] = true;
} elseif ($context['SPortal']['is_new']) {
$context['SPortal']['page'] = array('id' => 0, 'page_id' => 'page' . mt_rand(1, 5000), 'title' => $txt['sp_pages_default_title'], 'body' => '', 'type' => 'bbc', 'permission_set' => 3, 'groups_allowed' => array(), 'groups_denied' => array(), 'style' => '', 'status' => 1);
} else {
$_REQUEST['page_id'] = (int) $_REQUEST['page_id'];
$context['SPortal']['page'] = sportal_get_pages($_REQUEST['page_id']);
}
if ($context['SPortal']['page']['type'] == 'bbc') {
$context['SPortal']['page']['body'] = str_replace(array('"', '<', '>', ' '), array('"', '<', '>', ' '), un_preparsecode($context['SPortal']['page']['body']));
}
if ($context['SPortal']['page']['type'] != 'bbc') {
$temp_editor = !empty($options['wysiwyg_default']);
$options['wysiwyg_default'] = false;
}
$editorOptions = array('id' => 'content', 'value' => $context['SPortal']['page']['body'], 'width' => '95%', 'height' => '200px', 'preview_type' => 0);
create_control_richedit($editorOptions);
$context['post_box_name'] = $editorOptions['id'];
if (isset($temp_editor)) {
$options['wysiwyg_default'] = $temp_editor;
}
$context['SPortal']['page']['groups'] = sp_load_membergroups();
$context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], !empty($context['SPortal']['preview']));
$context['page_title'] = $context['SPortal']['is_new'] ? $txt['sp_admin_pages_add'] : $txt['sp_admin_pages_edit'];
$context['sub_template'] = 'pages_edit';
}
function tpshout_admin()
{
global $context, $scripturl, $txt, $smcFunc, $sourcedir;
// check permissions
isAllowedTo('tp_can_admin_shout');
if (!isset($context['tp_panels'])) {
$context['tp_panels'] = array();
}
if (isset($_GET['p']) && is_numeric($_GET['p'])) {
$tpstart = $_GET['p'];
} else {
$tpstart = 0;
}
require_once $sourcedir . '/Subs-Post.php';
loadtemplate('TPShout');
$context['template_layers'][] = 'tpadm';
$context['template_layers'][] = 'subtab';
loadlanguage('TPortalAdmin');
TPadminIndex('shout', true);
$context['current_action'] = 'admin';
if (isset($_REQUEST['send']) || isset($_REQUEST[$txt['tp-send']]) || isset($_REQUEST['tp_preview']) || isset($_REQUEST['TPadmin_blocks'])) {
$go = 0;
$changeArray = array();
foreach ($_POST as $what => $value) {
if (substr($what, 0, 18) == 'tp_shoutbox_remove') {
$val = substr($what, 18);
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_shoutbox
WHERE id = {int:shout}', array('shout' => $val));
$go = 2;
} elseif (substr($what, 0, 18) == 'tp_shoutbox_hidden') {
$val = substr($what, 18);
if (!empty($_POST['tp_shoutbox_sticky' . $val])) {
$value = '1';
} else {
$value = '';
}
if (!empty($_POST['tp_shoutbox_sticky_layout' . $val]) && is_numeric($_POST['tp_shoutbox_sticky_layout' . $val])) {
$svalue = $_POST['tp_shoutbox_sticky_layout' . $val];
} else {
$svalue = '0';
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_shoutbox
SET value6 = "' . $value . '",value8 = "' . $svalue . '"
WHERE id = {int:shout}', array('shout' => $val));
$go = 2;
} elseif ($what == 'tp_shoutsdelall' && $value == 'ON') {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}', array('type' => 'shoutbox'));
$go = 2;
} elseif ($what == 'tp_shoutsunstickall' && $value == 'ON') {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_shoutbox
SET value6 = "0", value8 = "0"
WHERE 1');
$go = 2;
} elseif (substr($what, 0, 16) == 'tp_shoutbox_item') {
$val = substr($what, 16);
$bshout = $smcFunc['htmlspecialchars'](substr($value, 0, 300));
preparsecode($bshout);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_shoutbox
SET value1 = {string:val1}
WHERE id = {int:val}', array('val1' => $bshout, 'val' => $val));
$go = 2;
} else {
$what = substr($what, 3);
if ($what == 'shoutbox_smile') {
$changeArray['show_shoutbox_smile'] = $value;
}
if ($what == 'shoutbox_icons') {
$changeArray['show_shoutbox_icons'] = $value;
}
if ($what == 'shoutbox_height') {
$changeArray['shoutbox_height'] = $value;
}
if ($what == 'shoutbox_usescroll') {
$changeArray['shoutbox_usescroll'] = $value;
}
if ($what == 'shoutbox_scrollduration') {
if ($value > 5) {
$value = 5;
} elseif ($value < 1) {
$value = 1;
}
$changeArray['shoutbox_scrollduration'] = $value;
}
if ($what == 'shoutbox_limit') {
if (!is_numeric($value)) {
$value = 10;
}
$changeArray['shoutbox_limit'] = $value;
}
if ($what == 'shoutbox_refresh') {
if (empty($value)) {
$value = '0';
}
$changeArray['shoutbox_refresh'] = $value;
}
if ($what == 'show_profile_shouts') {
$changeArray['profile_shouts_hide'] = $value;
}
if ($what == 'shout_allow_links') {
$changeArray['shout_allow_links'] = $value;
}
if ($what == 'shoutbox_layout') {
$changeArray['shoutbox_layout'] = $value;
}
if ($what == 'shout_submit_returnkey') {
$changeArray['shout_submit_returnkey'] = $value;
}
if ($what == 'shoutbox_stitle') {
$changeArray['shoutbox_stitle'] = $value;
}
}
}
updateTPSettings($changeArray, true);
if (empty($go)) {
redirectexit('action=tpmod;shout=admin;settings');
} else {
redirectexit('action=tpmod;shout=admin');
}
}
// get latest shouts for admin section
// check that a member has been filtered
if (isset($_GET['u'])) {
$memID = $_GET['u'];
}
// check that a IP has been filtered
if (isset($_GET['ip'])) {
$ip = $_GET['ip'];
}
if (isset($_GET['s'])) {
$single = $_GET['s'];
}
$context['TPortal']['admin_shoutbox_items'] = array();
if (isset($memID)) {
$shouts = $smcFunc['db_query']('', '
SELECT COUNT(*) FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value5 = {int:val5}
AND value7 = {int:val7}', array('type' => 'shoutbox', 'val5' => $memID, 'val7' => 0));
$weh = $smcFunc['db_fetch_row']($shouts);
$smcFunc['db_free_result']($shouts);
$allshouts = $weh[0];
$context['TPortal']['admin_shoutbox_items_number'] = $allshouts;
$context['TPortal']['shoutbox_pageindex'] = 'Member ' . $memID . ' filtered (<a href="' . $scripturl . '?action=tpmod;shout=admin">' . $txt['remove'] . '</a>) <br />' . TPageIndex($scripturl . '?action=tpmod;shout=admin;u=' . $memID, $tpstart, $allshouts, 10, true);
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value5 = {int:val5}
AND value7 = {int:val7}
ORDER BY value2 DESC LIMIT {int:start},10', array('type' => 'shoutbox', 'val5' => $memID, 'val7' => 0, 'start' => $tpstart));
} elseif (isset($ip)) {
$shouts = $smcFunc['db_query']('', '
SELECT COUNT(*) FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value4 = {string:val4}
AND value7 = {int:val7}', array('type' => 'shoutbox', 'val4' => $ip, 'val7' => 0));
$weh = $smcFunc['db_fetch_row']($shouts);
$smcFunc['db_free_result']($shouts);
$allshouts = $weh[0];
$context['TPortal']['admin_shoutbox_items_number'] = $allshouts;
$context['TPortal']['shoutbox_pageindex'] = 'IP ' . $ip . ' filtered (<a href="' . $scripturl . '?action=tpmod;shout=admin">' . $txt['remove'] . '</a>) <br />' . TPageIndex($scripturl . '?action=tpmod;shout=admin;ip=' . urlencode($ip), $tpstart, $allshouts, 10, true);
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value4 = {string:val4}
AND value7 = {int:val7}
ORDER BY value2 DESC LIMIT {int:start}, 10', array('type' => 'shoutbox', 'val4' => $ip, 'val7' => 0, 'start' => $tpstart));
} elseif (isset($single)) {
// check session
checkSession('get');
$context['TPortal']['shoutbox_pageindex'] = '';
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value7 = {int:val7}
AND id = {int:shout}', array('type' => 'shoutbox', 'val7' => 0, 'shout' => $single));
} else {
$shouts = $smcFunc['db_query']('', '
SELECT COUNT(*) FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value7 = {int:val7}', array('type' => 'shoutbox', 'val7' => 0));
$weh = $smcFunc['db_fetch_row']($shouts);
$smcFunc['db_free_result']($shouts);
$allshouts = $weh[0];
$context['TPortal']['admin_shoutbox_items_number'] = $allshouts;
$context['TPortal']['shoutbox_pageindex'] = TPageIndex($scripturl . '?action=tpmod;shout=admin', $tpstart, $allshouts, 10, true);
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_shoutbox
WHERE type = {string:type}
AND value7 = {int:val7}
ORDER BY value2 DESC LIMIT {int:start}, 10', array('type' => 'shoutbox', 'val7' => 0, 'start' => $tpstart));
}
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['admin_shoutbox_items'][] = array('id' => $row['id'], 'body' => html_entity_decode($row['value1'], ENT_QUOTES), 'poster' => $row['value3'], 'timestamp' => $row['value2'], 'time' => timeformat($row['value2']), 'ip' => $row['value4'], 'ID_MEMBER' => $row['value5'], 'sort_member' => '<a href="' . $scripturl . '?action=tpmod;shout=admin;u=' . $row['value5'] . '">' . $txt['tp-allshoutsbymember'] . '</a>', 'sticky' => $row['value6'], 'sticky_layout' => $row['value8'], 'sort_ip' => '<a href="' . $scripturl . '?action=tpmod;shout=admin;ip=' . $row['value4'] . '">' . $txt['tp-allshoutsbyip'] . '</a>', 'single' => isset($single) ? '<hr><a href="' . $scripturl . '?action=tpmod;shout=admin"><b>' . $txt['tp-allshouts'] . '</b></a>' : '');
}
$smcFunc['db_free_result']($request);
}
$context['TPortal']['subtabs'] = '';
// setup menu items
if (allowedTo('tp_can_admin_shout')) {
$context['TPortal']['subtabs'] = array('shoutbox_settings' => array('text' => 'tp-settings', 'url' => $scripturl . '?action=tpmod;shout=admin;settings', 'active' => isset($_GET['action']) && ($_GET['action'] == 'tpmod' || $_GET['action'] == 'tpadmin') && isset($_GET['shout']) && $_GET['shout'] == 'admin' && isset($_GET['settings']) ? true : false), 'shoutbox' => array('text' => 'tp-tabs10', 'url' => $scripturl . '?action=tpmod;shout=admin', 'active' => isset($_GET['action']) && ($_GET['action'] == 'tpmod' || $_GET['action'] == 'tpadmin') && isset($_GET['shout']) && $_GET['shout'] == 'admin' && !isset($_GET['settings']) ? true : false));
$context['admin_header']['tp_shout'] = $txt['tp_shout'];
}
// on settings screen?
if (isset($_GET['settings'])) {
$context['sub_template'] = 'tpshout_admin_settings';
} else {
$context['sub_template'] = 'tpshout_admin';
}
$context['page_title'] = 'Shoutbox admin';
tp_hidebars();
}
