public static function createLink($params) { $structure = array(); $structure['url'] = $params[0]; $structure['width'] = $params[1]; $structure['height'] = $params[2]; $structure['icon'] = str_replace('eyeos/extern/', 'index.php?extern=', $params[5]); $structure['openInNewWindow'] = $params[6]; $structure['type'] = 'web'; $linkName = utf8_basename($params[3]); $info = pathinfo($linkName); if (!isset($info['extension']) || $info['extension'] != 'lnk') { $linkName .= '.lnk'; } $path = $params[4]; $text = json_encode($structure); $linkName = str_replace('?', '_', $linkName); $linkName = str_replace('#', '_', $linkName); $newFile = FSI::getFile($path . '/' . $linkName); $newFile->createNewFile(); $newFile->putContents($text); $currentUser = ProcManager::getInstance()->getCurrentProcess()->getLoginContext()->getEyeosUser(); $settings = MetaManager::getInstance()->retrieveMeta($currentUser); //TODO: better message? $message = new ClientBusMessage('file', 'uploadComplete', self::getFileInfo($newFile, $settings)); ClientMessageBusController::getInstance()->queueMessage($message); }
/** * Fetch the an ID from request * * Uses either standard $_REQUEST variable or extracts it from * the full request URI when userewrite is set to 2 * * For $param='id' $conf['start'] is returned if no id was found. * If the second parameter is true (default) the ID is cleaned. * * @author Andreas Gohr <*****@*****.**> */ function getID($param = 'id', $clean = true) { global $INPUT; global $conf; $id = $INPUT->str($param); //construct page id from request URI if (empty($id) && $conf['userewrite'] == 2) { $request = $_SERVER['REQUEST_URI']; $script = ''; //get the script URL if ($conf['basedir']) { $relpath = ''; if ($param != 'id') { $relpath = 'lib/exe/'; } $script = $conf['basedir'] . $relpath . utf8_basename($_SERVER['SCRIPT_FILENAME']); } elseif ($_SERVER['PATH_INFO']) { $request = $_SERVER['PATH_INFO']; } elseif ($_SERVER['SCRIPT_NAME']) { $script = $_SERVER['SCRIPT_NAME']; } elseif ($_SERVER['DOCUMENT_ROOT'] && $_SERVER['SCRIPT_FILENAME']) { $script = preg_replace('/^' . preg_quote($_SERVER['DOCUMENT_ROOT'], '/') . '/', '', $_SERVER['SCRIPT_FILENAME']); $script = '/' . $script; } //clean script and request (fixes a windows problem) $script = preg_replace('/\\/\\/+/', '/', $script); $request = preg_replace('/\\/\\/+/', '/', $request); //remove script URL and Querystring to gain the id if (preg_match('/^' . preg_quote($script, '/') . '(.*)/', $request, $match)) { $id = preg_replace('/\\?.*/', '', $match[1]); } $id = urldecode($id); //strip leading slashes $id = preg_replace('!^/+!', '', $id); } // Namespace autolinking from URL if (substr($id, -1) == ':' || $conf['useslash'] && substr($id, -1) == '/') { if (page_exists($id . $conf['start'])) { // start page inside namespace $id = $id . $conf['start']; } elseif (page_exists($id . noNS(cleanID($id)))) { // page named like the NS inside the NS $id = $id . noNS(cleanID($id)); } elseif (page_exists($id)) { // page like namespace exists $id = substr($id, 0, -1); } else { // fall back to default $id = $id . $conf['start']; } send_redirect(wl($id, '', true)); } if ($clean) { $id = cleanID($id); } if (empty($id) && $param == 'id') { $id = $conf['start']; } return $id; }
function test1() { $data = array(array('/this/foo/bar.test.png', '', 'bar.test.png'), array('\\this\\foo\\bar.test.png', '', 'bar.test.png'), array('/this\\foo/bar.test.png', '', 'bar.test.png'), array('/this/foo\\bar.test.png', '', 'bar.test.png'), array('/this/ДокуВики/bar.test.png', '', 'bar.test.png'), array('\\this\\ДокуВики\\bar.test.png', '', 'bar.test.png'), array('/this\\ДокуВики/bar.test.png', '', 'bar.test.png'), array('/this/ДокуВики\\bar.test.png', '', 'bar.test.png'), array('/this/foo/ДокуВики.test.png', '', 'ДокуВики.test.png'), array('\\this\\foo\\ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this\\foo/ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this/foo\\ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this/foo/bar.test.png', '.png', 'bar.test'), array('\\this\\foo\\bar.test.png', '.png', 'bar.test'), array('/this\\foo/bar.test.png', '.png', 'bar.test'), array('/this/foo\\bar.test.png', '.png', 'bar.test'), array('/this/ДокуВики/bar.test.png', '.png', 'bar.test'), array('\\this\\ДокуВики\\bar.test.png', '.png', 'bar.test'), array('/this\\ДокуВики/bar.test.png', '.png', 'bar.test'), array('/this/ДокуВики\\bar.test.png', '.png', 'bar.test'), array('/this/foo/ДокуВики.test.png', '.png', 'ДокуВики.test'), array('\\this\\foo\\ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this\\foo/ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this/foo\\ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this/foo/bar.test.png', '.foo', 'bar.test.png'), array('\\this\\foo\\bar.test.png', '.foo', 'bar.test.png'), array('/this\\foo/bar.test.png', '.foo', 'bar.test.png'), array('/this/foo\\bar.test.png', '.foo', 'bar.test.png'), array('/this/ДокуВики/bar.test.png', '.foo', 'bar.test.png'), array('\\this\\ДокуВики\\bar.test.png', '.foo', 'bar.test.png'), array('/this\\ДокуВики/bar.test.png', '.foo', 'bar.test.png'), array('/this/ДокуВики\\bar.test.png', '.foo', 'bar.test.png'), array('/this/foo/ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('\\this\\foo\\ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this\\foo/ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this/foo\\ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this/foo/ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('\\this\\foo\\ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this\\foo/ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this/foo\\ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this/foo/ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('\\this\\foo\\ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('/this\\foo/ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('/this/foo\\ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('bar.test.png', '', 'bar.test.png'), array('bar.test.png', '.png', 'bar.test'), array('/bar.test.png', '', 'bar.test.png'), array('/bar.test.png', '.png', 'bar.test'), array('\\bar.test.png', '', 'bar.test.png'), array('\\bar.test.png', '.png', 'bar.test'), array('\\/bar.test.png', '', 'bar.test.png'), array('\\/bar.test.png', '.png', 'bar.test'), array('/\\bar.test.png', '', 'bar.test.png'), array('/\\bar.test.png', '.png', 'bar.test'), array('foo/', '', 'foo'), array('foo\\', '', 'foo'), array('foo\\/', '', 'foo'), array('foo/\\', '', 'foo'), array('foo.png/', '.png', 'foo'), array('foo.png\\', '.png', 'foo'), array('foo.png\\/', '.png', 'foo'), array('foo.png/\\', '.png', 'foo')); foreach ($data as $test) { $this->assertEquals($test[2], utf8_basename($test[0], $test[1]), "input: ('" . $test[0] . "', '" . $test[1] . "')"); } }
/** * Attach a file * * @param string $path Path to the file to attach * @param string $mime Mimetype of the attached file * @param string $name The filename to use * @param string $embed Unique key to reference this file from the HTML part */ public function attachFile($path, $mime, $name = '', $embed = '') { if (!$name) { $name = utf8_basename($path); } $this->attach[] = array('data' => file_get_contents($path), 'mime' => $mime, 'name' => $name, 'embed' => $embed); }
private static function loadModule($moduleName) { $path = FRAMEWORK_APPLICATION_EXECUTABLES_EYEOSMODULES_PATH . '/' . utf8_basename($moduleName) . '.php'; if (!is_file($path) || !is_readable($path)) { throw new EyeFileNotFoundException('File not found or not readable for module "' . $moduleName . '".'); } require $path; }
public function userCreated(UMEvent $e) { if ($e->getSource() instanceof AbstractEyeosUser) { $userDirPath = UMManager::getEyeosUserDirectory($e->getSource()->getName()); $skel = utf8_basename($e->getSkel()); AdvancedPathLib::cpdirs(SYSTEM_SKEL_PATH . '/' . USERS_DIR . '/profiles/' . $skel . '/skel_files/', $userDirPath, false); ProfileManager::executeProfile(new Profile($skel), $e->getSource()); } }
/** * @param string $zip Full path to the zip package * @param string $new_dir_name name of the directory you want to use in the zip package (leave blank if the initial steps have been run already) */ public function __construct($original_zip, $new_dir_name = '') { $this->original_zip = $original_zip; if ($new_dir_name) { $this->new_dir_name = utf8_basename($new_dir_name); $this->unzip_dir = titania::$config->contrib_temp_path . $this->new_dir_name . '/'; // Unzippage $this->extract($this->original_zip, $this->unzip_dir); } }
public static function executeProfile(Profile $profile, AbstractEyeosUser $user) { $path = SYSTEM_SKEL_PATH . '/' . USERS_DIR . '/profiles/' . utf8_basename($profile->getName()) . '/scripts/'; $directory = new DirectoryIterator($path); foreach ($directory as $fileInfo) { $fileInfoName = $fileInfo->getFileName(); if (!$fileInfo->isDot() && $fileInfoName != '.svn') { require_once $path . $fileInfoName; } } }
/** * Remote upload method * Uploads file from given url * * @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif * @return filespec $file Object "filespec" is returned, all further operations can be done with this object * @access public */ protected function remote_upload($upload_url) { $upload_ary = array(); $upload_ary['local_mode'] = true; if (!preg_match('#^(https?://).*?\\.(' . implode('|', $this->upload->allowed_extensions) . ')$#i', $upload_url, $match)) { return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'URL_INVALID')); } $url = parse_url($upload_url); $upload_ary['type'] = 'application/octet-stream'; $url['path'] = explode('.', $url['path']); $ext = array_pop($url['path']); $url['path'] = implode('', $url['path']); $upload_ary['name'] = utf8_basename($url['path']) . ($ext ? '.' . $ext : ''); $remote_max_filesize = $this->get_max_file_size(); $guzzle_options = ['timeout' => $this->upload->upload_timeout, 'connect_timeout' => $this->upload->upload_timeout, 'verify' => !empty($this->config['remote_upload_verify']) ? (bool) $this->config['remote_upload_verify'] : false]; $client = new \GuzzleHttp\Client($guzzle_options); try { $response = $client->get($upload_url, $guzzle_options); } catch (\GuzzleHttp\Exception\ClientException $clientException) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'URL_NOT_FOUND'); } catch (\GuzzleHttp\Exception\RequestException $requestException) { if (strpos($requestException->getMessage(), 'cURL error 28') !== false || preg_match('/408|504/', $requestException->getCode())) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'REMOTE_UPLOAD_TIMEOUT'); } else { return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED')); } } catch (\Exception $e) { return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED')); } $content_length = $response->getBody()->getSize(); if ($remote_max_filesize && $content_length > $remote_max_filesize) { $max_filesize = get_formatted_filesize($remote_max_filesize, false); return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit'])); } if ($content_length == 0) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'EMPTY_REMOTE_DATA'); } $data = $response->getBody(); $filename = tempnam(sys_get_temp_dir(), unique_id() . '-'); if (!($fp = @fopen($filename, 'wb'))) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'NOT_UPLOADED'); } $upload_ary['size'] = fwrite($fp, $data); fclose($fp); unset($data); $upload_ary['tmp_name'] = $filename; /** @var filespec $file */ $file = $this->factory->get('filespec')->set_upload_ary($upload_ary)->set_upload_namespace($this->upload); $this->upload->common_checks($file); return $file; }
/** * Returns information about a file path * * @author Lars Knickrehm <*****@*****.**> * @category Library * @copyright Copyright © 2009 Lars Knickrehm * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License * @link http://php.net/manual/function.pathinfo.php * @package UTF-8 * @param string $path The path being checked. * @return array The following associative array elements are returned: dirname, basename, extension (if any), and filename. * @since Version 0.5.0 * @version 0.5.0 */ function utf8_pathinfo($path) { $return['dirname'] = dirname($path); $return['basename'] = utf8_basename($path); $position = utf8_strrpos($return['basename'], '.'); if ($position !== false) { $return['extension'] = utf8_substr($return['basename'], $position + 1); $return['filename'] = $return['basename']; $return['filename'] = utf8_substr($return['filename'], 0, $position); } else { $return['filename'] = $return['basename']; } return $return; }
public function getIcons($params) { $cat = utf8_basename($params[0]); $size = utf8_basename($params[1]); $icons = array(); if ($handle = opendir('extern/images/' . $size . '/' . $cat)) { while (false !== ($file = readdir($handle))) { if ($file[0] != '.') { $icons[] = $file; } } closedir($handle); } return $icons; }
/** * @param array $files array filled with array(string filename, string data) * @param bool $compact * @return array */ function Add($files, $compact) { if (!is_array($files[0])) { $files = array($files); } $ret = array(); for ($i = 0; $files[$i]; $i++) { $fn = $files[$i]; if (!in_Array(dirname($fn[0]), $this->dirs)) { $this->add_Dir(dirname($fn[0])); } if (utf8_basename($fn[0])) { $ret[utf8_basename($fn[0])] = $this->add_File($fn[1], $fn[0], $compact); } } return $ret; }
/** * Send the wanted code block to the browser * * When the correct block was found it exits the script. */ function code($text, $language = NULL, $filename = '') { global $INPUT; if (!$language) { $language = 'txt'; } if (!$filename) { $filename = 'snippet.' . $language; } $filename = utf8_basename($filename); if ($this->_codeblock == $INPUT->str('codeblock')) { header("Content-Type: text/plain; charset=utf-8"); header("Content-Disposition: attachment; filename={$filename}"); header("X-Robots-Tag: noindex"); echo trim($text, "\r\n"); exit; } $this->_codeblock++; }
/** * Sync attachments */ public function attachments($mode, $attachment_id = false) { switch ($mode) { case 'hash': $sql = 'SELECT * FROM ' . TITANIA_ATTACHMENTS_TABLE . ($attachment_id !== false ? ' WHERE attachment_id = ' . (int) $attachment_id : ''); $result = phpbb::$db->sql_query($sql); while ($row = phpbb::$db->sql_fetchrow($result)) { $file = titania::$config->upload_path . utf8_basename($row['attachment_directory']) . '/' . utf8_basename($row['physical_filename']); $md5 = md5_file($file); if ($md5 != $row['hash']) { $sql = 'UPDATE ' . TITANIA_ATTACHMENTS_TABLE . ' SET hash = \'' . phpbb::$db->sql_escape($md5) . '\' WHERE attachment_id = ' . $row['attachment_id']; phpbb::$db->sql_query($sql); } } phpbb::$db->sql_freeresult($result); break; } }
public static function getFile($params) { $hash = utf8_basename($params[0]); $num = utf8_basename(intval($params[1])); $thubnail = $params[2]; $to = 'home:///'; //then, check the destination file $myFileDest = FSI::getFile($to); $myFileDest->checkWritePermission(); $myRealFile = $myFileDest->getRealFile(); $fileNameDestination = AdvancedPathLib::getPhpLocalHackPath($myRealFile->getPath()); header('Content-Type: image/jpeg'); if (!$thubnail) { readfile($fileNameDestination . '/.office/' . $hash . '/' . $hash . '-' . $num . '.jpg'); } else { session_write_close(); require_once 'system/Frameworks/Applications/Executables/EyeosModules/FileSystemExecModule.php'; FileSystemExecModule::getScaledImage(array('maxWidth' => '150', 'path' => $fileNameDestination . '/.office/' . $hash . '/' . $hash . '-' . $num . '.jpg')); } exit; }
/** * * @param string $handlerId The ID of the handler to return (e.g. "SQL/EyeosDAO"). * @param IStorageHandler */ public function getHandler($handlerId, array $params = null) { //TODO need a resolution of the ID here (remove leading slashes, ".." occurrences, etc.) if (!isset($this->handlers[$handlerId])) { if (!is_file(SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php')) { throw new EyeFileNotFoundException(SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php'); } require SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php'; $this->handlers[$handlerId] = utf8_basename($handlerId, '.php'); } $className = $this->handlers[$handlerId]; try { $obj = new $className($params); if ($obj === false) { throw new EyeBadMethodCallException('Unable to create instance of class ' . $className); } } catch (Exception $e) { throw new EyeRuntimeException('Unable to create instance of the security manager class ' . $className, 0, $e); } return $obj; }
public function check_friends($event) { $context = new RequestContext(); $context->fromRequest($this->symfony_request); $baseUrl = generate_board_url(true) . $context->getBaseUrl(); $scriptName = $this->symfony_request->getScriptName(); $scriptName = substr($scriptName, -1, 1) == '/' ? '' : utf8_basename($scriptName); if ($scriptName != '') { $baseUrl = str_replace('/' . $scriptName, '', $baseUrl); } $user_id = $event['member']['user_id']; $sender_id = $this->user->data['user_id']; $request = $this->friends_model->get_request_by_sender_id($sender_id); $check_friend = $this->friends_model->check_friend(array('user_id' => $this->user->data['user_id'], 'friend_id' => $user_id)); $check_request = $this->friends_model->check_request(array('user_id' => $user_id, 'sender_id' => $this->user->data['user_id'])); $check_request_confirm = $this->friends_model->check_request(array('user_id' => $this->user->data['user_id'], 'sender_id' => $user_id)); $check_widget = true; if ($user_id == $this->user->data['user_id']) { $check_widget = false; } $this->template->assign_vars(array('U_USER_ID' => $user_id, 'U_CHECK_FRIEND' => $check_friend, 'U_CHECK_REQUEST' => $check_request, 'U_CHECK_REQUEST_CONFIRM' => $check_request_confirm, 'U_CHECK_WIDGET' => $check_widget, 'U_REQUEST_ID' => $request['request_id'], 'BASE_URL' => $baseUrl)); }
/** * Send the wanted code block to the browser * * When the correct block was found it exits the script. */ function code($text, $language = null, $filename = '') { global $INPUT; if (!$language) { $language = 'txt'; } if (!$filename) { $filename = 'snippet.' . $language; } $filename = utf8_basename($filename); $filename = utf8_stripspecials($filename, '_'); // send CRLF to Windows clients if (strpos($INPUT->server->str('HTTP_USER_AGENT'), 'Windows') !== false) { $text = str_replace("\n", "\r\n", $text); } if ($this->_codeblock == $INPUT->str('codeblock')) { header("Content-Type: text/plain; charset=utf-8"); header("Content-Disposition: attachment; filename={$filename}"); header("X-Robots-Tag: noindex"); echo trim($text, "\r\n"); exit; } $this->_codeblock++; }
/** * Finds pathnames matching a pattern. * Note: This function does not return hidden files (.*) under *NIX with default pattern (*) * * @see glob() in PHP manual * @param string $path * @param mixed $pattern A simple string or an array of strings representing the patterns. * @param int $flags * GLOB_ONLY_DIR: Set it to retrieve directories only.<br /> * GLOB_DIR_IGNORE_PATTERN: Set it to apply given $pattern on files only, and retrieve all directories.<br /> * GLOB_DIR_FIRST: Set it to force placing directories first in the returned list.<br /> * GLOB_RETURN_SIMPLE_PATH: Set it to force returning a simple path (from the root) instead of a URL.<br /> * GLOB_CASEINSENSITIVE: Set it to apply given $pattern in a case insensitive way.<br /> * GLOB_FORCE_SCANDIR: Set it to force direct use of scandir() instead of glob(). * @return array(string) */ public static function glob($path, $pattern = self::WILDCARD_CHAR, $flags = self::GLOB_NORMAL) { if (!is_string($path)) { throw new EyeInvalidArgumentException('$path must be a string (given: ' . gettype($pattern) . ').'); } if (!is_string($pattern) && !is_array($pattern)) { throw new EyeInvalidArgumentException('$pattern must be a string or an array (given: ' . gettype($pattern) . ').'); } if (is_array($pattern)) { if (count($pattern) === 0) { $pattern = self::WILDCARD_CHAR; } else { if (count($pattern) === 1) { $pattern = $pattern[0]; } } } $globFlags = 0; if (is_array($pattern)) { // Clean original $pattern (common to glob & scandir) foreach ($pattern as &$subPattern) { $subPattern = str_replace('/', '', $subPattern); if ($flags & self::GLOB_CASEINSENSITIVE) { $subPattern = mb_sql_regcase($subPattern); } } // Create a glob-compatible expression with multiple patterns using braces $globPattern = '{' . implode(',', $pattern) . '}'; $globFlags |= GLOB_BRACE; } else { $globPattern =& $pattern; $pattern = str_replace('/', '', $pattern); if ($flags & self::GLOB_CASEINSENSITIVE) { $pattern = mb_sql_regcase($pattern); } } $return = array(); $globFlags |= $flags & self::GLOB_ONLY_DIR ? GLOB_ONLYDIR : 0; $globPath = self::getPhpLocalHackPath(strtr($path, array('[' => '\\[', ']' => '\\]')), self::PARSE_URL_DONTRESOLVE); //first of all, let's try with the normal glob() function (works only on localhost, but faster) if (!($flags & self::GLOB_FORCE_SCANDIR) && ($allFiles = glob($globPath . '/' . $globPattern, $globFlags))) { //_and_ glob() must succeed (an empty array may indicate that glob() failed) $onlyDirs = array(); if ($flags & self::GLOB_DIR_IGNORE_PATTERN) { $onlyDirs = glob($globPath . '/' . self::WILDCARD_CHAR, GLOB_ONLYDIR); } else { $onlyDirs = glob($globPath . '/' . $globPattern, GLOB_ONLYDIR); } //in some servers glob is returning false, documentation says it shoul //return an empty array, however, this is not happening. if (!$onlyDirs) { $onlyDirs = array(); } natcasesort($onlyDirs); $onlyFiles = array_diff($allFiles, $onlyDirs); $sortedFiles = array_merge($onlyDirs, $onlyFiles); //dirs are placed first (alphab. sorted), then files (alphab. sorted) if (!($flags & self::GLOB_DIR_FIRST)) { natcasesort($sortedFiles); } $scheme = ''; if (!($flags & self::GLOB_RETURN_SIMPLE_PATH)) { //retrieve the original scheme $urlParts = self::parse_url($path, self::PARSE_URL_NO_AUTOSET_SCHEME); if (isset($urlParts['scheme'])) { $scheme = $urlParts['scheme'] . '://'; } } foreach ($sortedFiles as $filepath) { if (utf8_basename($filepath) != '.' && utf8_basename($filepath) != '..') { $return[] = $scheme . $filepath; } } } else { $files = @scandir($path); if ($files === false) { throw new EyeIOException('Unable to list files in directory "' . $path . '"'); } $files_tmp = array(); $dirs_tmp = array(); foreach ($files as $filepath) { if ($filepath != '.' && $filepath != '..') { // Single pattern (string) if (is_string($pattern)) { $fileNameMatches = self::glob_fnmatch($pattern, $filepath); } else { $fileNameMatches = false; foreach ($pattern as &$subPattern) { if (self::glob_fnmatch($subPattern, $filepath)) { $fileNameMatches = true; break; } } } if (is_dir($path . '/' . $filepath)) { if ($fileNameMatches || $flags & self::GLOB_DIR_IGNORE_PATTERN) { $dirs_tmp[] = $path . '/' . $filepath; } } else { if (!($flags & self::GLOB_ONLY_DIR) && $fileNameMatches) { $files_tmp[] = $path . '/' . $filepath; } } } } $return = array_merge($dirs_tmp, $files_tmp); if (!($flags & self::GLOB_DIR_FIRST)) { natcasesort($return); $return = array_values($return); } } return $return; }
/** * Submit PM */ function submit_pm($mode, $subject, &$data, $put_in_outbox = true) { global $db, $auth, $config, $phpEx, $template, $user, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $request; // We do not handle erasing pms here if ($mode == 'delete') { return false; } $current_time = time(); /** * Get all parts of the PM that are to be submited to the DB. * * @event core.submit_pm_before * @var string mode PM Post mode - post|reply|quote|quotepost|forward|edit * @var string subject Subject of the private message * @var array data The whole row data of the PM. * @since 3.1.0-b3 */ $vars = array('mode', 'subject', 'data'); extract($phpbb_dispatcher->trigger_event('core.submit_pm_before', compact($vars))); // Collect some basic information about which tables and which rows to update/insert $sql_data = array(); $root_level = 0; // Recipient Information $recipients = $to = $bcc = array(); if ($mode != 'edit') { // Build Recipient List // u|g => array($user_id => 'to'|'bcc') $_types = array('u', 'g'); foreach ($_types as $ug_type) { if (isset($data['address_list'][$ug_type]) && sizeof($data['address_list'][$ug_type])) { foreach ($data['address_list'][$ug_type] as $id => $field) { $id = (int) $id; // Do not rely on the address list being "valid" if (!$id || $ug_type == 'u' && $id == ANONYMOUS) { continue; } $field = $field == 'to' ? 'to' : 'bcc'; if ($ug_type == 'u') { $recipients[$id] = $field; } ${$field}[] = $ug_type . '_' . $id; } } } if (isset($data['address_list']['g']) && sizeof($data['address_list']['g'])) { // We need to check the PM status of group members (do they want to receive PM's?) // Only check if not a moderator or admin, since they are allowed to override this user setting $sql_allow_pm = !$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_') ? ' AND u.user_allow_pm = 1' : ''; $sql = 'SELECT u.user_type, ug.group_id, ug.user_id FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug WHERE ' . $db->sql_in_set('ug.group_id', array_keys($data['address_list']['g'])) . ' AND ug.user_pending = 0 AND u.user_id = ug.user_id AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')' . $sql_allow_pm; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $field = $data['address_list']['g'][$row['group_id']] == 'to' ? 'to' : 'bcc'; $recipients[$row['user_id']] = $field; } $db->sql_freeresult($result); } if (!sizeof($recipients)) { trigger_error('NO_RECIPIENT'); } } // First of all make sure the subject are having the correct length. $subject = truncate_string($subject); $db->sql_transaction('begin'); $sql = ''; switch ($mode) { case 'reply': case 'quote': $root_level = $data['reply_from_root_level'] ? $data['reply_from_root_level'] : $data['reply_from_msg_id']; // Set message_replied switch for this user $sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . ' SET pm_replied = 1 WHERE user_id = ' . $data['from_user_id'] . ' AND msg_id = ' . $data['reply_from_msg_id']; // no break // no break case 'forward': case 'post': case 'quotepost': $sql_data = array('root_level' => $root_level, 'author_id' => $data['from_user_id'], 'icon_id' => $data['icon_id'], 'author_ip' => $data['from_user_ip'], 'message_time' => $current_time, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'message_subject' => $subject, 'message_text' => $data['message'], 'message_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'to_address' => implode(':', $to), 'bcc_address' => implode(':', $bcc), 'message_reported' => 0); break; case 'edit': $sql_data = array('icon_id' => $data['icon_id'], 'message_edit_time' => $current_time, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'message_subject' => $subject, 'message_text' => $data['message'], 'message_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid']); break; } if (sizeof($sql_data)) { $query = ''; if ($mode == 'post' || $mode == 'reply' || $mode == 'quote' || $mode == 'quotepost' || $mode == 'forward') { $db->sql_query('INSERT INTO ' . PRIVMSGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data)); $data['msg_id'] = $db->sql_nextid(); } else { if ($mode == 'edit') { $sql = 'UPDATE ' . PRIVMSGS_TABLE . ' SET message_edit_count = message_edit_count + 1, ' . $db->sql_build_array('UPDATE', $sql_data) . ' WHERE msg_id = ' . $data['msg_id']; $db->sql_query($sql); } } } if ($mode != 'edit') { if ($sql) { $db->sql_query($sql); } unset($sql); $sql_ary = array(); foreach ($recipients as $user_id => $type) { $sql_ary[] = array('msg_id' => (int) $data['msg_id'], 'user_id' => (int) $user_id, 'author_id' => (int) $data['from_user_id'], 'folder_id' => PRIVMSGS_NO_BOX, 'pm_new' => 1, 'pm_unread' => 1, 'pm_forwarded' => $mode == 'forward' ? 1 : 0); } $db->sql_multi_insert(PRIVMSGS_TO_TABLE, $sql_ary); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_new_privmsg = user_new_privmsg + 1, user_unread_privmsg = user_unread_privmsg + 1, user_last_privmsg = ' . time() . ' WHERE ' . $db->sql_in_set('user_id', array_keys($recipients)); $db->sql_query($sql); // Put PM into outbox if ($put_in_outbox) { $db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array('msg_id' => (int) $data['msg_id'], 'user_id' => (int) $data['from_user_id'], 'author_id' => (int) $data['from_user_id'], 'folder_id' => PRIVMSGS_OUTBOX, 'pm_new' => 0, 'pm_unread' => 0, 'pm_forwarded' => $mode == 'forward' ? 1 : 0))); } } // Set user last post time if ($mode == 'reply' || $mode == 'quote' || $mode == 'quotepost' || $mode == 'forward' || $mode == 'post') { $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\tSET user_lastpost_time = {$current_time}\n\t\t\tWHERE user_id = " . $data['from_user_id']; $db->sql_query($sql); } // Submit Attachments if (!empty($data['attachment_data']) && $data['msg_id'] && in_array($mode, array('post', 'reply', 'quote', 'quotepost', 'edit', 'forward'))) { $space_taken = $files_added = 0; $orphan_rows = array(); foreach ($data['attachment_data'] as $pos => $attach_row) { $orphan_rows[(int) $attach_row['attach_id']] = array(); } if (sizeof($orphan_rows)) { $sql = 'SELECT attach_id, filesize, physical_filename FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . ' AND in_message = 1 AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $orphan_rows = array(); while ($row = $db->sql_fetchrow($result)) { $orphan_rows[$row['attach_id']] = $row; } $db->sql_freeresult($result); } foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']])) { continue; } if (!$attach_row['is_orphan']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . ' AND is_orphan = 0'; $db->sql_query($sql); } else { // insert attachment into db if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) { continue; } $space_taken += $orphan_rows[$attach_row['attach_id']]['filesize']; $files_added++; $attach_sql = array('post_msg_id' => $data['msg_id'], 'topic_id' => 0, 'is_orphan' => 0, 'poster_id' => $data['from_user_id'], 'attach_comment' => $attach_row['attach_comment']); $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attach_row['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $db->sql_query($sql); } } if ($space_taken && $files_added) { $config->increment('upload_dir_size', $space_taken, false); $config->increment('num_files', $files_added, false); } } // Delete draft if post was loaded... $draft_id = $request->variable('draft_loaded', 0); if ($draft_id) { $sql = 'DELETE FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND user_id = " . $data['from_user_id']; $db->sql_query($sql); } $db->sql_transaction('commit'); // Send Notifications $pm_data = array_merge($data, array('message_subject' => $subject, 'recipients' => $recipients)); /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); if ($mode == 'edit') { $phpbb_notifications->update_notifications('notification.type.pm', $pm_data); } else { $phpbb_notifications->add_notifications('notification.type.pm', $pm_data); } /** * Get PM message ID after submission to DB * * @event core.submit_pm_after * @var string mode PM Post mode - post|reply|quote|quotepost|forward|edit * @var string subject Subject of the private message * @var array data The whole row data of the PM. * @var array pm_data The data sent to notification class * @since 3.1.0-b5 */ $vars = array('mode', 'subject', 'data', 'pm_data'); extract($phpbb_dispatcher->trigger_event('core.submit_pm_after', compact($vars))); return $data['msg_id']; }
/** * Fork Topic */ function mcp_fork_topic($topic_ids) { global $auth, $user, $db, $template, $config; global $phpEx, $phpbb_root_path, $phpbb_log, $request, $phpbb_dispatcher; if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_'))) { return; } $to_forum_id = $request->variable('to_forum_id', 0); $forum_id = $request->variable('f', 0); $redirect = $request->variable('redirect', build_url(array('action', 'quickmod'))); $additional_msg = $success_msg = ''; $counter = array(); $s_hidden_fields = build_hidden_fields(array('topic_id_list' => $topic_ids, 'f' => $forum_id, 'action' => 'fork', 'redirect' => $redirect)); if ($to_forum_id) { $forum_data = phpbb_get_forum_data($to_forum_id, 'f_post'); if (!sizeof($topic_ids)) { $additional_msg = $user->lang['NO_TOPIC_SELECTED']; } else { if (!sizeof($forum_data)) { $additional_msg = $user->lang['FORUM_NOT_EXIST']; } else { $forum_data = $forum_data[$to_forum_id]; if ($forum_data['forum_type'] != FORUM_POST) { $additional_msg = $user->lang['FORUM_NOT_POSTABLE']; } else { if (!$auth->acl_get('f_post', $to_forum_id)) { $additional_msg = $user->lang['USER_CANNOT_POST']; } } } } } else { if (isset($_POST['confirm'])) { $additional_msg = $user->lang['FORUM_NOT_EXIST']; } } if ($additional_msg) { $request->overwrite('confirm', null, \phpbb\request\request_interface::POST); $request->overwrite('confirm_key', null); } if (confirm_box(true)) { $topic_data = phpbb_get_topic_data($topic_ids, 'f_post'); $total_topics = $total_topics_unapproved = $total_topics_softdeleted = 0; $total_posts = $total_posts_unapproved = $total_posts_softdeleted = 0; $new_topic_id_list = array(); foreach ($topic_data as $topic_id => $topic_row) { if (!isset($search_type) && $topic_row['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised $search_type = $config['search_type']; if (!class_exists($search_type)) { trigger_error('NO_SUCH_SEARCH_MODULE'); } $error = false; $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); $search_mode = 'post'; if ($error) { trigger_error($error); } } else { if (!isset($search_type) && !$topic_row['enable_indexing']) { $search_type = false; } } $sql_ary = array('forum_id' => (int) $to_forum_id, 'icon_id' => (int) $topic_row['icon_id'], 'topic_attachment' => (int) $topic_row['topic_attachment'], 'topic_visibility' => (int) $topic_row['topic_visibility'], 'topic_reported' => 0, 'topic_title' => (string) $topic_row['topic_title'], 'topic_poster' => (int) $topic_row['topic_poster'], 'topic_time' => (int) $topic_row['topic_time'], 'topic_posts_approved' => (int) $topic_row['topic_posts_approved'], 'topic_posts_unapproved' => (int) $topic_row['topic_posts_unapproved'], 'topic_posts_softdeleted' => (int) $topic_row['topic_posts_softdeleted'], 'topic_status' => (int) $topic_row['topic_status'], 'topic_type' => (int) $topic_row['topic_type'], 'topic_first_poster_name' => (string) $topic_row['topic_first_poster_name'], 'topic_last_poster_id' => (int) $topic_row['topic_last_poster_id'], 'topic_last_poster_name' => (string) $topic_row['topic_last_poster_name'], 'topic_last_post_time' => (int) $topic_row['topic_last_post_time'], 'topic_last_view_time' => (int) $topic_row['topic_last_view_time'], 'topic_bumped' => (int) $topic_row['topic_bumped'], 'topic_bumper' => (int) $topic_row['topic_bumper'], 'poll_title' => (string) $topic_row['poll_title'], 'poll_start' => (int) $topic_row['poll_start'], 'poll_length' => (int) $topic_row['poll_length'], 'poll_max_options' => (int) $topic_row['poll_max_options'], 'poll_vote_change' => (int) $topic_row['poll_vote_change']); $db->sql_query('INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_topic_id = $db->sql_nextid(); $new_topic_id_list[$topic_id] = $new_topic_id; switch ($topic_row['topic_visibility']) { case ITEM_APPROVED: $total_topics++; break; case ITEM_UNAPPROVED: case ITEM_REAPPROVE: $total_topics_unapproved++; break; case ITEM_DELETED: $total_topics_softdeleted++; break; } if ($topic_row['poll_start']) { $poll_rows = array(); $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE topic_id = {$topic_id}"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $sql_ary = array('poll_option_id' => (int) $row['poll_option_id'], 'topic_id' => (int) $new_topic_id, 'poll_option_text' => (string) $row['poll_option_text'], 'poll_option_total' => 0); $db->sql_query('INSERT INTO ' . POLL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); } $db->sql_freeresult($result); } $sql = 'SELECT * FROM ' . POSTS_TABLE . "\n\t\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\tORDER BY post_time ASC, post_id ASC"; $result = $db->sql_query($sql); $post_rows = array(); while ($row = $db->sql_fetchrow($result)) { $post_rows[] = $row; } $db->sql_freeresult($result); if (!sizeof($post_rows)) { continue; } foreach ($post_rows as $row) { $sql_ary = array('topic_id' => (int) $new_topic_id, 'forum_id' => (int) $to_forum_id, 'poster_id' => (int) $row['poster_id'], 'icon_id' => (int) $row['icon_id'], 'poster_ip' => (string) $row['poster_ip'], 'post_time' => (int) $row['post_time'], 'post_visibility' => (int) $row['post_visibility'], 'post_reported' => 0, 'enable_bbcode' => (int) $row['enable_bbcode'], 'enable_smilies' => (int) $row['enable_smilies'], 'enable_magic_url' => (int) $row['enable_magic_url'], 'enable_sig' => (int) $row['enable_sig'], 'post_username' => (string) $row['post_username'], 'post_subject' => (string) $row['post_subject'], 'post_text' => (string) $row['post_text'], 'post_edit_reason' => (string) $row['post_edit_reason'], 'post_edit_user' => (int) $row['post_edit_user'], 'post_checksum' => (string) $row['post_checksum'], 'post_attachment' => (int) $row['post_attachment'], 'bbcode_bitfield' => $row['bbcode_bitfield'], 'bbcode_uid' => (string) $row['bbcode_uid'], 'post_edit_time' => (int) $row['post_edit_time'], 'post_edit_count' => (int) $row['post_edit_count'], 'post_edit_locked' => (int) $row['post_edit_locked'], 'post_postcount' => $row['post_postcount']); // Adjust post count only if the post can be incremented to the user counter if ($row['post_postcount']) { if (isset($counter[$row['poster_id']])) { ++$counter[$row['poster_id']]; } else { $counter[$row['poster_id']] = 1; } } $db->sql_query('INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $new_post_id = $db->sql_nextid(); switch ($row['post_visibility']) { case ITEM_APPROVED: $total_posts++; break; case ITEM_UNAPPROVED: case ITEM_REAPPROVE: $total_posts_unapproved++; break; case ITEM_DELETED: $total_posts_softdeleted++; break; } // Copy whether the topic is dotted markread('post', $to_forum_id, $new_topic_id, 0, $row['poster_id']); if (!empty($search_type)) { $search->index($search_mode, $new_post_id, $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], $topic_row['topic_type'] == POST_GLOBAL ? 0 : $to_forum_id); $search_mode = 'reply'; // After one we index replies } // Copy Attachments if ($row['post_attachment']) { $sql = 'SELECT * FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\t\tWHERE post_msg_id = {$row['post_id']}\n\t\t\t\t\t\t\tAND topic_id = {$topic_id}\n\t\t\t\t\t\t\tAND in_message = 0"; $result = $db->sql_query($sql); $sql_ary = array(); while ($attach_row = $db->sql_fetchrow($result)) { $sql_ary[] = array('post_msg_id' => (int) $new_post_id, 'topic_id' => (int) $new_topic_id, 'in_message' => 0, 'is_orphan' => (int) $attach_row['is_orphan'], 'poster_id' => (int) $attach_row['poster_id'], 'physical_filename' => (string) utf8_basename($attach_row['physical_filename']), 'real_filename' => (string) utf8_basename($attach_row['real_filename']), 'download_count' => (int) $attach_row['download_count'], 'attach_comment' => (string) $attach_row['attach_comment'], 'extension' => (string) $attach_row['extension'], 'mimetype' => (string) $attach_row['mimetype'], 'filesize' => (int) $attach_row['filesize'], 'filetime' => (int) $attach_row['filetime'], 'thumbnail' => (int) $attach_row['thumbnail']); } $db->sql_freeresult($result); if (sizeof($sql_ary)) { $db->sql_multi_insert(ATTACHMENTS_TABLE, $sql_ary); } } } // Copy topic subscriptions to new topic $sql = 'SELECT user_id, notify_status FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $sql_ary = array(); while ($row = $db->sql_fetchrow($result)) { $sql_ary[] = array('topic_id' => (int) $new_topic_id, 'user_id' => (int) $row['user_id'], 'notify_status' => (int) $row['notify_status']); } $db->sql_freeresult($result); if (sizeof($sql_ary)) { $db->sql_multi_insert(TOPICS_WATCH_TABLE, $sql_ary); } // Copy bookmarks to new topic $sql = 'SELECT user_id FROM ' . BOOKMARKS_TABLE . ' WHERE topic_id = ' . $topic_id; $result = $db->sql_query($sql); $sql_ary = array(); while ($row = $db->sql_fetchrow($result)) { $sql_ary[] = array('topic_id' => (int) $new_topic_id, 'user_id' => (int) $row['user_id']); } $db->sql_freeresult($result); if (sizeof($sql_ary)) { $db->sql_multi_insert(BOOKMARKS_TABLE, $sql_ary); } } // Sync new topics, parent forums and board stats $sql = 'UPDATE ' . FORUMS_TABLE . ' SET forum_posts_approved = forum_posts_approved + ' . $total_posts . ', forum_posts_unapproved = forum_posts_unapproved + ' . $total_posts_unapproved . ', forum_posts_softdeleted = forum_posts_softdeleted + ' . $total_posts_softdeleted . ', forum_topics_approved = forum_topics_approved + ' . $total_topics . ', forum_topics_unapproved = forum_topics_unapproved + ' . $total_topics_unapproved . ', forum_topics_softdeleted = forum_topics_softdeleted + ' . $total_topics_softdeleted . ' WHERE forum_id = ' . $to_forum_id; $db->sql_query($sql); if (!empty($counter)) { // Do only one query per user and not a query per post. foreach ($counter as $user_id => $count) { $sql = 'UPDATE ' . USERS_TABLE . ' SET user_posts = user_posts + ' . (int) $count . ' WHERE user_id = ' . (int) $user_id; $db->sql_query($sql); } } sync('topic', 'topic_id', $new_topic_id_list); sync('forum', 'forum_id', $to_forum_id); $config->increment('num_topics', sizeof($new_topic_id_list), false); $config->increment('num_posts', $total_posts, false); foreach ($new_topic_id_list as $topic_id => $new_topic_id) { $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_FORK', false, array('forum_id' => $to_forum_id, 'topic_id' => $new_topic_id, $topic_row['forum_name'])); } $success_msg = sizeof($topic_ids) == 1 ? 'TOPIC_FORKED_SUCCESS' : 'TOPICS_FORKED_SUCCESS'; } else { $template->assign_vars(array('S_FORUM_SELECT' => make_forum_select($to_forum_id, false, false, true, true, true), 'S_CAN_LEAVE_SHADOW' => false, 'ADDITIONAL_MSG' => $additional_msg)); confirm_box(false, 'FORK_TOPIC' . (sizeof($topic_ids) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_move.html'); } $redirect = $request->variable('redirect', "index.{$phpEx}"); $redirect = reapply_sid($redirect); if (!$success_msg) { redirect($redirect); } else { $redirect_url = append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $forum_id); meta_refresh(3, $redirect_url); $return_link = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect_url . '">', '</a>'); if ($forum_id != $to_forum_id) { $return_link .= '<br /><br />' . sprintf($user->lang['RETURN_NEW_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $to_forum_id) . '">', '</a>'); } trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_link); } }
/** * Submit Post * @todo Split up and create lightweight, simple API for this. */ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true, $update_search_index = true) { global $db, $auth, $user, $config, $phpEx, $template, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $phpbb_log, $request; /** * Modify the data for post submitting * * @event core.modify_submit_post_data * @var string mode Variable containing posting mode value * @var string subject Variable containing post subject value * @var string username Variable containing post author name * @var int topic_type Variable containing topic type value * @var array poll Array with the poll data for the post * @var array data Array with the data for the post * @var bool update_message Flag indicating if the post will be updated * @var bool update_search_index Flag indicating if the search index will be updated * @since 3.1.0-a4 */ $vars = array('mode', 'subject', 'username', 'topic_type', 'poll', 'data', 'update_message', 'update_search_index'); extract($phpbb_dispatcher->trigger_event('core.modify_submit_post_data', compact($vars))); // We do not handle erasing posts here if ($mode == 'delete') { return false; } if (!empty($data['post_time'])) { $current_time = $data['post_time']; } else { $current_time = time(); } if ($mode == 'post') { $post_mode = 'post'; $update_message = true; } else { if ($mode != 'edit') { $post_mode = 'reply'; $update_message = true; } else { if ($mode == 'edit') { $post_mode = $data['topic_posts_approved'] + $data['topic_posts_unapproved'] + $data['topic_posts_softdeleted'] == 1 ? 'edit_topic' : ($data['topic_first_post_id'] == $data['post_id'] ? 'edit_first_post' : ($data['topic_last_post_id'] == $data['post_id'] ? 'edit_last_post' : 'edit')); } } } // First of all make sure the subject and topic title are having the correct length. // To achieve this without cutting off between special chars we convert to an array and then count the elements. $subject = truncate_string($subject, 120); $data['topic_title'] = truncate_string($data['topic_title'], 120); // Collect some basic information about which tables and which rows to update/insert $sql_data = $topic_row = array(); $poster_id = $mode == 'edit' ? $data['poster_id'] : (int) $user->data['user_id']; // Retrieve some additional information if not present if ($mode == 'edit' && (!isset($data['post_visibility']) || !isset($data['topic_visibility']) || $data['post_visibility'] === false || $data['topic_visibility'] === false)) { $sql = 'SELECT p.post_visibility, t.topic_type, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_visibility FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p WHERE t.topic_id = p.topic_id AND p.post_id = ' . $data['post_id']; $result = $db->sql_query($sql); $topic_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $data['topic_visibility'] = $topic_row['topic_visibility']; $data['post_visibility'] = $topic_row['post_visibility']; } // This variable indicates if the user is able to post or put into the queue $post_visibility = ITEM_APPROVED; // Check the permissions for post approval. // Moderators must go through post approval like ordinary users. if (!$auth->acl_get('f_noapprove', $data['forum_id'])) { // Post not approved, but in queue $post_visibility = ITEM_UNAPPROVED; switch ($post_mode) { case 'edit_first_post': case 'edit': case 'edit_last_post': case 'edit_topic': $post_visibility = ITEM_REAPPROVE; break; } } // MODs/Extensions are able to force any visibility on posts if (isset($data['force_approved_state'])) { $post_visibility = in_array((int) $data['force_approved_state'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE)) ? (int) $data['force_approved_state'] : $post_visibility; } if (isset($data['force_visibility'])) { $post_visibility = in_array((int) $data['force_visibility'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE)) ? (int) $data['force_visibility'] : $post_visibility; } // Start the transaction here $db->sql_transaction('begin'); // Collect Information switch ($post_mode) { case 'post': case 'reply': $sql_data[POSTS_TABLE]['sql'] = array('forum_id' => $data['forum_id'], 'poster_id' => (int) $user->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $user->ip, 'post_time' => $current_time, 'post_visibility' => $post_visibility, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => !$user->data['is_registered'] ? $username : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_postcount' => $auth->acl_get('f_postcount', $data['forum_id']) ? 1 : 0, 'post_edit_locked' => $data['post_edit_locked']); break; case 'edit_first_post': case 'edit': case 'edit_last_post': case 'edit_topic': // If edit reason is given always display edit info // If editing last post then display no edit info // If m_edit permission then display no edit info // If normal edit display edit info // Display edit info if edit reason given or user is editing his post, which is not the last within the topic. if ($data['post_edit_reason'] || !$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post')) { $data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false); $sql_data[POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user']); $sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1'; } else { if (!$data['post_edit_reason'] && $mode == 'edit' && $auth->acl_get('m_edit', $data['forum_id'])) { $sql_data[POSTS_TABLE]['sql'] = array('post_edit_reason' => ''); } } // If the person editing this post is different to the one having posted then we will add a log entry stating the edit // Could be simplified by only adding to the log if the edit is not tracked - but this may confuse admins/mods if ($user->data['user_id'] != $poster_id) { $log_subject = $subject ? $subject : $data['topic_title']; $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_EDITED', false, array('forum_id' => $data['forum_id'], 'topic_id' => $data['topic_id'], 'post_id' => $data['post_id'], $log_subject, !empty($username) ? $username : $user->lang['GUEST'], $data['post_edit_reason'])); } if (!isset($sql_data[POSTS_TABLE]['sql'])) { $sql_data[POSTS_TABLE]['sql'] = array(); } $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('forum_id' => $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => $username && $data['poster_id'] == ANONYMOUS ? $username : '', 'post_subject' => $subject, 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked'])); if ($update_message) { $sql_data[POSTS_TABLE]['sql']['post_text'] = $data['message']; } break; } $topic_row = array(); // And the topic ladies and gentlemen switch ($post_mode) { case 'post': $sql_data[TOPICS_TABLE]['sql'] = array('topic_poster' => (int) $user->data['user_id'], 'topic_time' => $current_time, 'topic_last_view_time' => $current_time, 'forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_posts_approved' => $post_visibility == ITEM_APPROVED ? 1 : 0, 'topic_posts_softdeleted' => $post_visibility == ITEM_DELETED ? 1 : 0, 'topic_posts_unapproved' => $post_visibility == ITEM_UNAPPROVED ? 1 : 0, 'topic_visibility' => $post_visibility, 'topic_delete_user' => $post_visibility != ITEM_APPROVED ? (int) $user->data['user_id'] : 0, 'topic_title' => $subject, 'topic_first_poster_name' => !$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : ''), 'topic_first_poster_colour' => $user->data['user_colour'], 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'topic_status' => isset($data['topic_status']) ? $data['topic_status'] : ITEM_UNLOCKED); if (isset($poll['poll_options']) && !empty($poll['poll_options'])) { $poll_start = $poll['poll_start'] ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { $poll_start = $poll_start + $poll_length; if ($poll_start < 0) { $poll_start = 0; } $poll_length = 1; } $sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array('poll_title' => $poll['poll_title'], 'poll_start' => $poll_start, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => $poll_length, 'poll_vote_change' => $poll['poll_vote_change'])); } $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_visibility == ITEM_APPROVED ? ', user_posts = user_posts + 1' : ''); if ($post_visibility == ITEM_APPROVED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_approved = forum_topics_approved + 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1'; } else { if ($post_visibility == ITEM_UNAPPROVED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_unapproved = forum_topics_unapproved + 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1'; } else { if ($post_visibility == ITEM_DELETED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_softdeleted = forum_topics_softdeleted + 1'; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1'; } } } break; case 'reply': $sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_view_time = ' . $current_time . ', topic_bumped = 0, topic_bumper = 0' . ($post_visibility == ITEM_APPROVED ? ', topic_posts_approved = topic_posts_approved + 1' : '') . ($post_visibility == ITEM_UNAPPROVED ? ', topic_posts_unapproved = topic_posts_unapproved + 1' : '') . ($post_visibility == ITEM_DELETED ? ', topic_posts_softdeleted = topic_posts_softdeleted + 1' : '') . (!empty($data['attachment_data']) || isset($data['topic_attachment']) && $data['topic_attachment'] ? ', topic_attachment = 1' : ''); $sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_visibility == ITEM_APPROVED ? ', user_posts = user_posts + 1' : ''); if ($post_visibility == ITEM_APPROVED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1'; } else { if ($post_visibility == ITEM_UNAPPROVED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1'; } else { if ($post_visibility == ITEM_DELETED) { $sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1'; } } } break; case 'edit_topic': case 'edit_first_post': if (isset($poll['poll_options'])) { $poll_start = $poll['poll_start'] || empty($poll['poll_options']) ? $poll['poll_start'] : $current_time; $poll_length = $poll['poll_length'] * 86400; if ($poll_length < 0) { $poll_start = $poll_start + $poll_length; if ($poll_start < 0) { $poll_start = 0; } $poll_length = 1; } } $sql_data[TOPICS_TABLE]['sql'] = array('forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_title' => $subject, 'topic_first_poster_name' => $username, 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'poll_title' => isset($poll['poll_options']) ? $poll['poll_title'] : '', 'poll_start' => isset($poll['poll_options']) ? $poll_start : 0, 'poll_max_options' => isset($poll['poll_options']) ? $poll['poll_max_options'] : 1, 'poll_length' => isset($poll['poll_options']) ? $poll_length : 0, 'poll_vote_change' => isset($poll['poll_vote_change']) ? $poll['poll_vote_change'] : 0, 'topic_last_view_time' => $current_time, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0)); break; } /** * Modify sql query data for post submitting * * @event core.submit_post_modify_sql_data * @var array data Array with the data for the post * @var array poll Array with the poll data for the post * @var string post_mode Variable containing posting mode value * @var bool sql_data Array with the data for the posting SQL query * @var string subject Variable containing post subject value * @var int topic_type Variable containing topic type value * @var string username Variable containing post author name * @since 3.1.3-RC1 */ $vars = array('data', 'poll', 'post_mode', 'sql_data', 'subject', 'topic_type', 'username'); extract($phpbb_dispatcher->trigger_event('core.submit_post_modify_sql_data', compact($vars))); // Submit new topic if ($post_mode == 'post') { $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']); $db->sql_query($sql); $data['topic_id'] = $db->sql_nextid(); $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); unset($sql_data[TOPICS_TABLE]['sql']); } // Submit new post if ($post_mode == 'post' || $post_mode == 'reply') { if ($post_mode == 'reply') { $sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id'])); } $sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']); $db->sql_query($sql); $data['post_id'] = $db->sql_nextid(); if ($post_mode == 'post' || $post_visibility == ITEM_APPROVED) { $sql_data[TOPICS_TABLE]['sql'] = array('topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => $sql_data[POSTS_TABLE]['sql']['poster_id'], 'topic_last_poster_name' => $user->data['user_id'] == ANONYMOUS ? $sql_data[POSTS_TABLE]['sql']['post_username'] : $user->data['username'], 'topic_last_poster_colour' => $user->data['user_colour'], 'topic_last_post_subject' => (string) $subject); } if ($post_mode == 'post') { $sql_data[TOPICS_TABLE]['sql']['topic_first_post_id'] = $data['post_id']; } // Update total post count and forum information if ($post_visibility == ITEM_APPROVED) { if ($post_mode == 'post') { $config->increment('num_topics', 1, false); } $config->increment('num_posts', 1, false); $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . $data['post_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . $current_time; $sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $user->data['user_id']; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(!$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : '')) . "'"; $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($user->data['user_colour']) . "'"; } unset($sql_data[POSTS_TABLE]['sql']); } // Update the topics table if (isset($sql_data[TOPICS_TABLE]['sql'])) { $sql = 'UPDATE ' . TOPICS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . ' WHERE topic_id = ' . $data['topic_id']; $db->sql_query($sql); unset($sql_data[TOPICS_TABLE]['sql']); } // Update the posts table if (isset($sql_data[POSTS_TABLE]['sql'])) { $sql = 'UPDATE ' . POSTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . ' WHERE post_id = ' . $data['post_id']; $db->sql_query($sql); unset($sql_data[POSTS_TABLE]['sql']); } // Update Poll Tables if (isset($poll['poll_options'])) { $cur_poll_options = array(); if ($mode == 'edit') { $sql = 'SELECT * FROM ' . POLL_OPTIONS_TABLE . ' WHERE topic_id = ' . $data['topic_id'] . ' ORDER BY poll_option_id'; $result = $db->sql_query($sql); $cur_poll_options = array(); while ($row = $db->sql_fetchrow($result)) { $cur_poll_options[] = $row; } $db->sql_freeresult($result); } $sql_insert_ary = array(); for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++) { if (strlen(trim($poll['poll_options'][$i]))) { if (empty($cur_poll_options[$i])) { // If we add options we need to put them to the end to be able to preserve votes... $sql_insert_ary[] = array('poll_option_id' => (int) sizeof($cur_poll_options) + 1 + sizeof($sql_insert_ary), 'topic_id' => (int) $data['topic_id'], 'poll_option_text' => (string) $poll['poll_options'][$i]); } else { if ($poll['poll_options'][$i] != $cur_poll_options[$i]) { $sql = 'UPDATE ' . POLL_OPTIONS_TABLE . "\n\t\t\t\t\t\tSET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'\n\t\t\t\t\t\tWHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } } $db->sql_multi_insert(POLL_OPTIONS_TABLE, $sql_insert_ary); if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) { $sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . ' WHERE poll_option_id > ' . sizeof($poll['poll_options']) . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } // If edited, we would need to reset votes (since options can be re-ordered above, you can't be sure if the change is for changing the text or adding an option if ($mode == 'edit' && sizeof($poll['poll_options']) != sizeof($cur_poll_options)) { $db->sql_query('DELETE FROM ' . POLL_VOTES_TABLE . ' WHERE topic_id = ' . $data['topic_id']); $db->sql_query('UPDATE ' . POLL_OPTIONS_TABLE . ' SET poll_option_total = 0 WHERE topic_id = ' . $data['topic_id']); } } // Submit Attachments if (!empty($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) { $space_taken = $files_added = 0; $orphan_rows = array(); foreach ($data['attachment_data'] as $pos => $attach_row) { $orphan_rows[(int) $attach_row['attach_id']] = array(); } if (sizeof($orphan_rows)) { $sql = 'SELECT attach_id, filesize, physical_filename FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); $orphan_rows = array(); while ($row = $db->sql_fetchrow($result)) { $orphan_rows[$row['attach_id']] = $row; } $db->sql_freeresult($result); } foreach ($data['attachment_data'] as $pos => $attach_row) { if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']])) { continue; } if (!$attach_row['is_orphan']) { // update entry in db if attachment already stored in db and filespace $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . ' AND is_orphan = 0'; $db->sql_query($sql); } else { // insert attachment into db if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) { continue; } $space_taken += $orphan_rows[$attach_row['attach_id']]['filesize']; $files_added++; $attach_sql = array('post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'is_orphan' => 0, 'poster_id' => $poster_id, 'attach_comment' => $attach_row['attach_comment']); $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . ' WHERE attach_id = ' . $attach_row['attach_id'] . ' AND is_orphan = 1 AND poster_id = ' . $user->data['user_id']; $db->sql_query($sql); } } if ($space_taken && $files_added) { $config->increment('upload_dir_size', $space_taken, false); $config->increment('num_files', $files_added, false); } } $first_post_has_topic_info = $post_mode == 'edit_first_post' && ($post_visibility == ITEM_DELETED && $data['topic_posts_softdeleted'] == 1 || $post_visibility == ITEM_UNAPPROVED && $data['topic_posts_unapproved'] == 1 || $post_visibility == ITEM_REAPPROVE && $data['topic_posts_unapproved'] == 1 || $post_visibility == ITEM_APPROVED && $data['topic_posts_approved'] == 1); // Fix the post's and topic's visibility and first/last post information, when the post is edited if ($post_mode != 'post' && $post_mode != 'reply' && $data['post_visibility'] != $post_visibility) { // If the post was not approved, it could also be the starter, // so we sync the starter after approving/restoring, to ensure that the stats are correct // Same applies for the last post $is_starter = $post_mode == 'edit_first_post' || $post_mode == 'edit_topic' || $data['post_visibility'] != ITEM_APPROVED; $is_latest = $post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $data['post_visibility'] != ITEM_APPROVED; /* @var $phpbb_content_visibility \phpbb\content_visibility */ $phpbb_content_visibility = $phpbb_container->get('content.visibility'); $phpbb_content_visibility->set_post_visibility($post_visibility, $data['post_id'], $data['topic_id'], $data['forum_id'], $user->data['user_id'], time(), '', $is_starter, $is_latest); } else { if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $first_post_has_topic_info) { if ($post_visibility == ITEM_APPROVED || $data['topic_visibility'] == $post_visibility) { // only the subject can be changed from edit $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'"; // Maybe not only the subject, but also changing anonymous usernames. ;) if ($data['poster_id'] == ANONYMOUS) { $sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape($username) . "'"; } if ($post_visibility == ITEM_APPROVED) { // this does not _necessarily_ mean that we must update the info again, // it just means that we might have to $sql = 'SELECT forum_last_post_id, forum_last_post_subject FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $data['forum_id']; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // this post is the latest post in the forum, better update if ($row['forum_last_post_id'] == $data['post_id'] && ($row['forum_last_post_subject'] !== $subject || $data['poster_id'] == ANONYMOUS)) { // the post's subject changed if ($row['forum_last_post_subject'] !== $subject) { $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'"; } // Update the user name if poster is anonymous... just in case a moderator changed it if ($data['poster_id'] == ANONYMOUS) { $sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($username) . "'"; } } } } } } // Update forum stats $where_sql = array(POSTS_TABLE => 'post_id = ' . $data['post_id'], TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $poster_id); foreach ($sql_data as $table => $update_ary) { if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) { $sql = "UPDATE {$table} SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table]; $db->sql_query($sql); } } // Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement if ($topic_type == POST_GLOBAL) { $sql = 'DELETE FROM ' . TOPICS_TABLE . ' WHERE topic_moved_id = ' . $data['topic_id']; $db->sql_query($sql); } // Committing the transaction before updating search index $db->sql_transaction('commit'); // Delete draft if post was loaded... $draft_id = $request->variable('draft_loaded', 0); if ($draft_id) { $sql = 'DELETE FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND user_id = {$user->data['user_id']}"; $db->sql_query($sql); } // Index message contents if ($update_search_index && $data['enable_indexing']) { // Select the search method and do some additional checks to ensure it can actually be utilised $search_type = $config['search_type']; if (!class_exists($search_type)) { trigger_error('NO_SUCH_SEARCH_MODULE'); } $error = false; $search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher); if ($error) { trigger_error($error); } $search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, $data['forum_id']); } // Topic Notification, do not change if moderator is changing other users posts... if ($user->data['user_id'] == $poster_id) { if (!$data['notify_set'] && $data['notify']) { $sql = 'INSERT INTO ' . TOPICS_WATCH_TABLE . ' (user_id, topic_id) VALUES (' . $user->data['user_id'] . ', ' . $data['topic_id'] . ')'; $db->sql_query($sql); } else { if (($config['email_enable'] || $config['jab_enable']) && $data['notify_set'] && !$data['notify']) { $sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND topic_id = ' . $data['topic_id']; $db->sql_query($sql); } } } if ($mode == 'post' || $mode == 'reply' || $mode == 'quote') { // Mark this topic as posted to markread('post', $data['forum_id'], $data['topic_id']); } // Mark this topic as read // We do not use post_time here, this is intended (post_time can have a date in the past if editing a message) markread('topic', $data['forum_id'], $data['topic_id'], time()); // if ($config['load_db_lastread'] && $user->data['is_registered']) { $sql = 'SELECT mark_time FROM ' . FORUMS_TRACK_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . ' AND forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $f_mark_time = (int) $db->sql_fetchfield('mark_time'); $db->sql_freeresult($result); } else { if ($config['load_anon_lastread'] || $user->data['is_registered']) { $f_mark_time = false; } } if ($config['load_db_lastread'] && $user->data['is_registered'] || $config['load_anon_lastread'] || $user->data['is_registered']) { // Update forum info $sql = 'SELECT forum_last_post_time FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . $data['forum_id']; $result = $db->sql_query($sql); $forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time'); $db->sql_freeresult($result); update_forum_tracking_info($data['forum_id'], $forum_last_post_time, $f_mark_time, false); } // If a username was supplied or the poster is a guest, we will use the supplied username. // Doing it this way we can use "...post by guest-username..." in notifications when // "guest-username" is supplied or ommit the username if it is not. $username = $username !== '' || !$user->data['is_registered'] ? $username : $user->data['username']; // Send Notifications $notification_data = array_merge($data, array('topic_title' => isset($data['topic_title']) ? $data['topic_title'] : $subject, 'post_username' => $username, 'poster_id' => $poster_id, 'post_text' => $data['message'], 'post_time' => $current_time, 'post_subject' => $subject)); /* @var $phpbb_notifications \phpbb\notification\manager */ $phpbb_notifications = $phpbb_container->get('notification_manager'); if ($post_visibility == ITEM_APPROVED) { switch ($mode) { case 'post': $phpbb_notifications->add_notifications(array('notification.type.quote', 'notification.type.topic'), $notification_data); break; case 'reply': case 'quote': $phpbb_notifications->add_notifications(array('notification.type.quote', 'notification.type.bookmark', 'notification.type.post'), $notification_data); break; case 'edit_topic': case 'edit_first_post': case 'edit': case 'edit_last_post': $phpbb_notifications->update_notifications(array('notification.type.quote', 'notification.type.bookmark', 'notification.type.topic', 'notification.type.post'), $notification_data); break; } } else { if ($post_visibility == ITEM_UNAPPROVED) { switch ($mode) { case 'post': $phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data); break; case 'reply': case 'quote': $phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data); break; case 'edit_topic': case 'edit_first_post': case 'edit': case 'edit_last_post': // Nothing to do here break; } } else { if ($post_visibility == ITEM_REAPPROVE) { switch ($mode) { case 'edit_topic': case 'edit_first_post': $phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data); // Delete the approve_post notification so we can notify the user again, // when his post got reapproved $phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']); break; case 'edit': case 'edit_last_post': $phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data); // Delete the approve_post notification so we can notify the user again, // when his post got reapproved $phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']); break; case 'post': case 'reply': case 'quote': // Nothing to do here break; } } else { if ($post_visibility == ITEM_DELETED) { switch ($mode) { case 'post': case 'reply': case 'quote': case 'edit_topic': case 'edit_first_post': case 'edit': case 'edit_last_post': // Nothing to do here break; } } } } } $params = $add_anchor = ''; if ($post_visibility == ITEM_APPROVED) { $params .= '&t=' . $data['topic_id']; if ($mode != 'post') { $params .= '&p=' . $data['post_id']; $add_anchor = '#p' . $data['post_id']; } } else { if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic') { $params .= '&t=' . $data['topic_id']; } } $url = !$params ? "{$phpbb_root_path}viewforum.{$phpEx}" : "{$phpbb_root_path}viewtopic.{$phpEx}"; $url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor; /** * This event is used for performing actions directly after a post or topic * has been submitted. When a new topic is posted, the topic ID is * available in the $data array. * * The only action that can be done by altering data made available to this * event is to modify the return URL ($url). * * @event core.submit_post_end * @var string mode Variable containing posting mode value * @var string subject Variable containing post subject value * @var string username Variable containing post author name * @var int topic_type Variable containing topic type value * @var array poll Array with the poll data for the post * @var array data Array with the data for the post * @var int post_visibility Variable containing up to date post visibility * @var bool update_message Flag indicating if the post will be updated * @var bool update_search_index Flag indicating if the search index will be updated * @var string url The "Return to topic" URL * * @since 3.1.0-a3 * @change 3.1.0-RC3 Added vars mode, subject, username, topic_type, * poll, update_message, update_search_index */ $vars = array('mode', 'subject', 'username', 'topic_type', 'poll', 'data', 'post_visibility', 'update_message', 'update_search_index', 'url'); extract($phpbb_dispatcher->trigger_event('core.submit_post_end', compact($vars))); return $url; }
/** * Remote upload method * Uploads file from given url * * @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif * @return filespec $file Object "filespec" is returned, all further operations can be done with this object * @access public */ protected function remote_upload($upload_url) { $upload_ary = array(); $upload_ary['local_mode'] = true; if (!preg_match('#^(https?://).*?\\.(' . implode('|', $this->upload->allowed_extensions) . ')$#i', $upload_url, $match)) { return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'URL_INVALID')); } $url = parse_url($upload_url); $host = $url['host']; $path = $url['path']; $port = !empty($url['port']) ? (int) $url['port'] : 80; $upload_ary['type'] = 'application/octet-stream'; $url['path'] = explode('.', $url['path']); $ext = array_pop($url['path']); $url['path'] = implode('', $url['path']); $upload_ary['name'] = utf8_basename($url['path']) . ($ext ? '.' . $ext : ''); $filename = $url['path']; $filesize = 0; $remote_max_filesize = $this->get_max_file_size(); $errno = 0; $errstr = ''; if (!($fsock = @fsockopen($host, $port, $errno, $errstr))) { return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED')); } // Make sure $path not beginning with / if (strpos($path, '/') === 0) { $path = substr($path, 1); } fputs($fsock, 'GET /' . $path . " HTTP/1.1\r\n"); fputs($fsock, "HOST: " . $host . "\r\n"); fputs($fsock, "Connection: close\r\n\r\n"); // Set a proper timeout for the socket socket_set_timeout($fsock, $this->upload->upload_timeout); $get_info = false; $data = ''; $length = false; $timer_stop = time() + $this->upload->upload_timeout; while ((!$length || $filesize < $length) && !@feof($fsock)) { if ($get_info) { if ($length) { // Don't attempt to read past end of file if server indicated length $block = @fread($fsock, min($length - $filesize, 1024)); } else { $block = @fread($fsock, 1024); } $filesize += strlen($block); if ($remote_max_filesize && $filesize > $remote_max_filesize) { $max_filesize = get_formatted_filesize($remote_max_filesize, false); return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit'])); } $data .= $block; } else { $line = @fgets($fsock, 1024); if ($line == "\r\n") { $get_info = true; } else { if (stripos($line, 'content-type: ') !== false) { $upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line))); } else { if ($this->upload->max_filesize && stripos($line, 'content-length: ') !== false) { $length = (int) str_replace('content-length: ', '', strtolower($line)); if ($remote_max_filesize && $length && $length > $remote_max_filesize) { $max_filesize = get_formatted_filesize($remote_max_filesize, false); return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit'])); } } else { if (stripos($line, '404 not found') !== false) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'URL_NOT_FOUND'); } } } } } $stream_meta_data = stream_get_meta_data($fsock); // Cancel upload if we exceed timeout if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'REMOTE_UPLOAD_TIMEOUT'); } } @fclose($fsock); if (empty($data)) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'EMPTY_REMOTE_DATA'); } $filename = tempnam(sys_get_temp_dir(), unique_id() . '-'); if (!($fp = @fopen($filename, 'wb'))) { return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'NOT_UPLOADED'); } $upload_ary['size'] = fwrite($fp, $data); fclose($fp); unset($data); $upload_ary['tmp_name'] = $filename; /** @var filespec $file */ $file = $this->factory->get('filespec')->set_upload_ary($upload_ary)->set_upload_namespace($this->upload); $this->upload->common_checks($file); return $file; }
function copy_file($src, $trg, $overwrite = false, $die_on_failure = true, $source_relative_path = true) { global $convert, $phpbb_root_path, $config, $user, $db; if (substr($trg, -1) == '/') { $trg .= utf8_basename($src); } $src_path = relative_base($src, $source_relative_path, __LINE__, __FILE__); $trg_path = $trg; if (!$overwrite && @file_exists($trg_path)) { return true; } if (!@file_exists($src_path)) { return; } $path = $phpbb_root_path; $parts = explode('/', $trg); unset($parts[sizeof($parts) - 1]); for ($i = 0; $i < sizeof($parts); ++$i) { $path .= $parts[$i] . '/'; if (!is_dir($path)) { @mkdir($path, 0777); } } if (!phpbb_is_writable($path)) { @chmod($path, 0777); } if (!@copy($src_path, $phpbb_root_path . $trg_path)) { $convert->p_master->error(sprintf($user->lang['COULD_NOT_COPY'], $src_path, $phpbb_root_path . $trg_path), __LINE__, __FILE__, !$die_on_failure); return; } if ($perm = @fileperms($src_path)) { @chmod($phpbb_root_path . $trg_path, $perm); } return true; }
/** * Embed audio in HTML * * @author Anika Henke <*****@*****.**> * * @param string $src - ID of audio to embed * @param array $atts - additional attributes for the <audio> tag * @return string */ function _audio($src, $atts = array()) { $files = array(); $isExternal = media_isexternal($src); if ($isExternal) { // take direct source for external files list(, $srcMime) = mimetype($src); $files[$srcMime] = $src; } else { // prepare alternative formats $extensions = array('ogg', 'mp3', 'wav'); $files = media_alternativefiles($src, $extensions); } $out = ''; // open audio tag $out .= '<audio ' . buildAttributes($atts) . ' controls="controls">' . NL; $fallback = ''; // output source for each alternative audio format foreach ($files as $mime => $file) { if ($isExternal) { $url = $file; $linkType = 'externalmedia'; } else { $url = ml($file, '', true, '&'); $linkType = 'internalmedia'; } $title = $atts['title'] ? $atts['title'] : $this->_xmlEntities(utf8_basename(noNS($file))); $out .= '<source src="' . hsc($url) . '" type="' . $mime . '" />' . NL; // alternative content (just a link to the file) $fallback .= $this->{$linkType}($file, $title, null, null, null, $cache = null, $linking = 'linkonly', $return = true); } // finish $out .= $fallback; $out .= '</audio>' . NL; return $out; }
public static function createLink($params) { $structure = array(); $structure['app'] = $params[0]; $structure['type'] = 'application'; //we need to fill $structure['icon'] with the application icon! $app = new EyeosApplicationDescriptor(utf8_basename($params[0])); $icon = FSI::toExternalUrl($app->getMeta()->get('eyeos.application.iconUrl')); $structure['icon'] = str_replace('eyeos/extern/', 'index.php?extern=', $icon); $linkName = utf8_basename($params[0]); $info = pathinfo($linkName); if (!isset($info['extension']) || $info['extension'] != 'lnk') { $linkName .= '.lnk'; } $path = 'home:///Desktop/'; $text = json_encode($structure); $newFile = FSI::getFile($path . '/' . $linkName); $newFile->createNewFile(); $newFile->putContents($text); $newfile = FSI::getFile($path . '/' . $linkName); $meta = $newfile->getMeta(); $meta->set('iconPositionX', $params[1]); $meta->set('iconPositionY', $params[2]); $newfile->setMeta($meta); $return = array('class' => get_class($newfile), 'type' => $newfile->isDirectory() ? 'folder' : ($newfile->isLink() ? 'link' : 'file'), 'extension' => utf8_strtoupper($newfile->getExtension()), 'size' => $newfile->isDirectory() ? 0 : $newfile->getSize(), 'permissions' => $newfile->getPermissions(false), 'owner' => $newfile->getOwner(), 'group' => $newfile->getGroup(), 'absolutepath' => $newfile->getAbsolutePath(), 'meta' => $newfile->getMeta()->getAll()); if ($return['extension'] == 'LNK') { $return['content'] = $newfile->getContents(); } $return['name'] = $newfile->getName() != '/' ? $newfile->getName() : $return['absolutepath']; if ($newfile instanceof EyeosAbstractVirtualFile) { $return['virtual'] = 'true'; } else { $return['virtual'] = 'false'; } return $return; }
/** * General attachment parsing * * @param mixed $forum_id The forum id the attachments are displayed in (false if in private message) * @param string &$message The post/private message * @param array &$attachments The attachments to parse for (inline) display. The attachments array will hold templated data after parsing. * @param array &$update_count The attachment counts to be updated - will be filled * @param bool $preview If set to true the attachments are parsed for preview. Within preview mode the comments are fetched from the given $attachments array and not fetched from the database. */ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, $preview = false) { if (!sizeof($attachments)) { return; } global $template, $cache, $user, $phpbb_dispatcher; global $extensions, $config, $phpbb_root_path, $phpEx; // $compiled_attachments = array(); if (!isset($template->filename['attachment_tpl'])) { $template->set_filenames(array('attachment_tpl' => 'attachment.html')); } if (empty($extensions) || !is_array($extensions)) { $extensions = $cache->obtain_attach_extensions($forum_id); } // Look for missing attachment information... $attach_ids = array(); foreach ($attachments as $pos => $attachment) { // If is_orphan is set, we need to retrieve the attachments again... if (!isset($attachment['extension']) && !isset($attachment['physical_filename'])) { $attach_ids[(int) $attachment['attach_id']] = $pos; } } // Grab attachments (security precaution) if (sizeof($attach_ids)) { global $db; $new_attachment_data = array(); $sql = 'SELECT * FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', array_keys($attach_ids)); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($attach_ids[$row['attach_id']])) { continue; } // If we preview attachments we will set some retrieved values here if ($preview) { $row['attach_comment'] = $attachments[$attach_ids[$row['attach_id']]]['attach_comment']; } $new_attachment_data[$attach_ids[$row['attach_id']]] = $row; } $db->sql_freeresult($result); $attachments = $new_attachment_data; unset($new_attachment_data); } // Sort correctly if ($config['display_order']) { // Ascending sort krsort($attachments); } else { // Descending sort ksort($attachments); } foreach ($attachments as $attachment) { if (!sizeof($attachment)) { continue; } // We need to reset/empty the _file block var, because this function might be called more than once $template->destroy_block_vars('_file'); $block_array = array(); // Some basics... $attachment['extension'] = strtolower(trim($attachment['extension'])); $filename = $phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($attachment['physical_filename']); $thumbnail_filename = $phpbb_root_path . $config['upload_path'] . '/thumb_' . utf8_basename($attachment['physical_filename']); $upload_icon = ''; if (isset($extensions[$attachment['extension']])) { if ($user->img('icon_topic_attach', '') && !$extensions[$attachment['extension']]['upload_icon']) { $upload_icon = $user->img('icon_topic_attach', ''); } else { if ($extensions[$attachment['extension']]['upload_icon']) { $upload_icon = '<img src="' . $phpbb_root_path . $config['upload_icons_path'] . '/' . trim($extensions[$attachment['extension']]['upload_icon']) . '" alt="" />'; } } } $filesize = get_formatted_filesize($attachment['filesize'], false); $comment = bbcode_nl2br(censor_text($attachment['attach_comment'])); $block_array += array('UPLOAD_ICON' => $upload_icon, 'FILESIZE' => $filesize['value'], 'SIZE_LANG' => $filesize['unit'], 'DOWNLOAD_NAME' => utf8_basename($attachment['real_filename']), 'COMMENT' => $comment); $denied = false; if (!extension_allowed($forum_id, $attachment['extension'], $extensions)) { $denied = true; $block_array += array('S_DENIED' => true, 'DENIED_MESSAGE' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); } if (!$denied) { $l_downloaded_viewed = $download_link = ''; $display_cat = $extensions[$attachment['extension']]['display_cat']; if ($display_cat == ATTACHMENT_CATEGORY_IMAGE) { if ($attachment['thumbnail']) { $display_cat = ATTACHMENT_CATEGORY_THUMB; } else { if ($config['img_display_inlined']) { if ($config['img_link_width'] || $config['img_link_height']) { $dimension = @getimagesize($filename); // If the dimensions could not be determined or the image being 0x0 we display it as a link for safety purposes if ($dimension === false || empty($dimension[0]) || empty($dimension[1])) { $display_cat = ATTACHMENT_CATEGORY_NONE; } else { $display_cat = $dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height'] ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE; } } } else { $display_cat = ATTACHMENT_CATEGORY_NONE; } } } // Make some descisions based on user options being set. if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg')) { $display_cat = ATTACHMENT_CATEGORY_NONE; } if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash')) { $display_cat = ATTACHMENT_CATEGORY_NONE; } $download_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id']); $l_downloaded_viewed = 'VIEWED_COUNTS'; switch ($display_cat) { // Images case ATTACHMENT_CATEGORY_IMAGE: $inline_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id']); $download_link .= '&mode=view'; $block_array += array('S_IMAGE' => true, 'U_INLINE_LINK' => $inline_link); $update_count[] = $attachment['attach_id']; break; // Images, but display Thumbnail // Images, but display Thumbnail case ATTACHMENT_CATEGORY_THUMB: $thumbnail_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id'] . '&t=1'); $download_link .= '&mode=view'; $block_array += array('S_THUMBNAIL' => true, 'THUMB_IMAGE' => $thumbnail_link); $update_count[] = $attachment['attach_id']; break; // Windows Media Streams // Windows Media Streams case ATTACHMENT_CATEGORY_WM: // Giving the filename directly because within the wm object all variables are in local context making it impossible // to validate against a valid session (all params can differ) // $download_link = $filename; $block_array += array('U_FORUM' => generate_board_url(), 'ATTACH_ID' => $attachment['attach_id'], 'S_WM_FILE' => true); // Viewed/Heared File ... update the download count $update_count[] = $attachment['attach_id']; break; // Real Media Streams // Real Media Streams case ATTACHMENT_CATEGORY_RM: case ATTACHMENT_CATEGORY_QUICKTIME: $block_array += array('S_RM_FILE' => $display_cat == ATTACHMENT_CATEGORY_RM ? true : false, 'S_QUICKTIME_FILE' => $display_cat == ATTACHMENT_CATEGORY_QUICKTIME ? true : false, 'U_FORUM' => generate_board_url(), 'ATTACH_ID' => $attachment['attach_id']); // Viewed/Heared File ... update the download count $update_count[] = $attachment['attach_id']; break; // Macromedia Flash Files // Macromedia Flash Files case ATTACHMENT_CATEGORY_FLASH: list($width, $height) = @getimagesize($filename); $block_array += array('S_FLASH_FILE' => true, 'WIDTH' => $width, 'HEIGHT' => $height, 'U_VIEW_LINK' => $download_link . '&view=1'); // Viewed/Heared File ... update the download count $update_count[] = $attachment['attach_id']; break; default: $l_downloaded_viewed = 'DOWNLOAD_COUNTS'; $block_array += array('S_FILE' => true); break; } if (!isset($attachment['download_count'])) { $attachment['download_count'] = 0; } $block_array += array('U_DOWNLOAD_LINK' => $download_link, 'L_DOWNLOAD_COUNT' => $user->lang($l_downloaded_viewed, (int) $attachment['download_count'])); } /** * Use this event to modify the attachment template data. * * This event is triggered once per attachment. * * @event core.parse_attachments_modify_template_data * @var array attachment Array with attachment data * @var array block_array Template data of the attachment * @var int display_cat Attachment category data * @var string download_link Attachment download link * @var array extensions Array with attachment extensions data * @var mixed forum_id The forum id the attachments are displayed in (false if in private message) * @var bool preview Flag indicating if we are in post preview mode * @var array update_count Array with attachment ids to update download count * @since 3.1.0-RC5 */ $vars = array('attachment', 'block_array', 'display_cat', 'download_link', 'extensions', 'forum_id', 'preview', 'update_count'); extract($phpbb_dispatcher->trigger_event('core.parse_attachments_modify_template_data', compact($vars))); $template->assign_block_vars('_file', $block_array); $compiled_attachments[] = $template->assign_display('attachment_tpl'); } $attachments = $compiled_attachments; unset($compiled_attachments); $tpl_size = sizeof($attachments); $unset_tpl = array(); preg_match_all('#<!\\-\\- ia([0-9]+) \\-\\->(.*?)<!\\-\\- ia\\1 \\-\\->#', $message, $matches, PREG_PATTERN_ORDER); $replace = array(); foreach ($matches[0] as $num => $capture) { // Flip index if we are displaying the reverse way $index = $config['display_order'] ? $tpl_size - ($matches[1][$num] + 1) : $matches[1][$num]; $replace['from'][] = $matches[0][$num]; $replace['to'][] = isset($attachments[$index]) ? $attachments[$index] : sprintf($user->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][array_search($index, $matches[1])]); $unset_tpl[] = $index; } if (isset($replace['from'])) { $message = str_replace($replace['from'], $replace['to'], $message); } $unset_tpl = array_unique($unset_tpl); // Needed to let not display the inlined attachments at the end of the post again foreach ($unset_tpl as $index) { unset($attachments[$index]); } }
/** * Load the given file, handle include calls and print it * * @author Andreas Gohr <*****@*****.**> */ function js_load($file) { if (!@file_exists($file)) { return; } static $loaded = array(); $data = io_readFile($file); while (preg_match('#/\\*\\s*DOKUWIKI:include(_once)?\\s+([\\w\\.\\-_/]+)\\s*\\*/#', $data, $match)) { $ifile = $match[2]; // is it a include_once? if ($match[1]) { $base = utf8_basename($ifile); if ($loaded[$base]) { $data = str_replace($match[0], '', $data); continue; } $loaded[$base] = true; } if ($ifile[0] != '/') { $ifile = dirname($file) . '/' . $ifile; } if (@file_exists($ifile)) { $idata = io_readFile($ifile); } else { $idata = ''; } $data = str_replace($match[0], $idata, $data); } echo "{$data}\n"; }
/** * Renders internal and external media * * @author Andreas Gohr <*****@*****.**> */ function _media($src, $title = NULL, $align = NULL, $width = NULL, $height = NULL, $cache = NULL, $render = true) { $ret = ''; list($ext, $mime, $dl) = mimetype($src); if (substr($mime, 0, 5) == 'image') { // first get the $title if (!is_null($title)) { $title = $this->_xmlEntities($title); } elseif ($ext == 'jpg' || $ext == 'jpeg') { //try to use the caption from IPTC/EXIF require_once DOKU_INC . 'inc/JpegMeta.php'; $jpeg = new JpegMeta(mediaFN($src)); if ($jpeg !== false) { $cap = $jpeg->getTitle(); } if ($cap) { $title = $this->_xmlEntities($cap); } } if (!$render) { // if the picture is not supposed to be rendered // return the title of the picture if (!$title) { // just show the sourcename $title = $this->_xmlEntities(utf8_basename(noNS($src))); } return $title; } //add image tag $ret .= '<img src="' . ml($src, array('w' => $width, 'h' => $height, 'cache' => $cache)) . '"'; $ret .= ' class="media' . $align . '"'; if ($title) { $ret .= ' title="' . $title . '"'; $ret .= ' alt="' . $title . '"'; } else { $ret .= ' alt=""'; } if (!is_null($width)) { $ret .= ' width="' . $this->_xmlEntities($width) . '"'; } if (!is_null($height)) { $ret .= ' height="' . $this->_xmlEntities($height) . '"'; } $ret .= ' />'; } elseif ($mime == 'application/x-shockwave-flash') { if (!$render) { // if the flash is not supposed to be rendered // return the title of the flash if (!$title) { // just show the sourcename $title = utf8_basename(noNS($src)); } return $this->_xmlEntities($title); } $att = array(); $att['class'] = "media{$align}"; if ($align == 'right') { $att['align'] = 'right'; } if ($align == 'left') { $att['align'] = 'left'; } $ret .= html_flashobject(ml($src, array('cache' => $cache), true, '&'), $width, $height, array('quality' => 'high'), null, $att, $this->_xmlEntities($title)); } elseif ($title) { // well at least we have a title to display $ret .= $this->_xmlEntities($title); } else { // just show the sourcename $ret .= $this->_xmlEntities(utf8_basename(noNS($src))); } return $ret; }
/** * Delete attached file */ function phpbb_unlink($filename, $mode = 'file', $entry_removed = false) { global $db, $phpbb_root_path, $config; // Because of copying topics or modifications a physical filename could be assigned more than once. If so, do not remove the file itself. $sql = 'SELECT COUNT(attach_id) AS num_entries FROM ' . ATTACHMENTS_TABLE . "\n\t\tWHERE physical_filename = '" . $db->sql_escape(utf8_basename($filename)) . "'"; $result = $db->sql_query($sql); $num_entries = (int) $db->sql_fetchfield('num_entries'); $db->sql_freeresult($result); // Do not remove file if at least one additional entry with the same name exist. if ($entry_removed && $num_entries > 0 || !$entry_removed && $num_entries > 1) { return false; } $filename = $mode == 'thumbnail' ? 'thumb_' . utf8_basename($filename) : utf8_basename($filename); return @unlink($phpbb_root_path . $config['upload_path'] . '/' . $filename); }