Beispiel #1
0
 public function print_users($username, $start_from, $sort_by, $sort_dir, $show_group)
 {
     $userlist_data = array();
     $username = Container::get('hooks')->fire('model.userlist.print_users_start', $username, $start_from, $sort_by, $sort_dir, $show_group);
     // Retrieve a list of user IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
     $result = DB::for_table('users')->select('u.id')->table_alias('u')->where_gt('u.id', 1)->where_not_equal('u.group_id', ForumEnv::get('FEATHER_UNVERIFIED'));
     if ($username != '') {
         $result = $result->where_like('u.username', str_replace('*', '%', $username));
     }
     if ($show_group > -1) {
         $result = $result->where('u.group_id', $show_group);
     }
     $result = $result->order_by($sort_by, $sort_dir)->order_by_asc('u.id')->limit(50)->offset($start_from);
     $result = Container::get('hooks')->fireDB('model.userlist.print_users_query', $result);
     $result = $result->find_many();
     if ($result) {
         $user_ids = array();
         foreach ($result as $cur_user_id) {
             $user_ids[] = $cur_user_id['id'];
         }
         // Grab the users
         $result['select'] = array('u.id', 'u.username', 'u.title', 'u.num_posts', 'u.registered', 'g.g_id', 'g.g_user_title');
         $result = DB::for_table('users')->table_alias('u')->select_many($result['select'])->left_outer_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->where_in('u.id', $user_ids)->order_by($sort_by, $sort_dir)->order_by_asc('u.id');
         $result = Container::get('hooks')->fireDB('model.userlist.print_users_grab_query', $result);
         $result = $result->find_many();
         foreach ($result as $user_data) {
             $userlist_data[] = $user_data;
         }
     }
     $userlist_data = Container::get('hooks')->fire('model.userlist.print_users', $userlist_data);
     return $userlist_data;
 }
Beispiel #2
0
 public function validate_search_word($word, $idx)
 {
     static $stopwords;
     // If the word is a keyword we don't want to index it, but we do want to be allowed to search it
     if ($this->is_keyword($word)) {
         return !$idx;
     }
     if (!isset($stopwords)) {
         if (!Container::get('cache')->isCached('stopwords')) {
             Container::get('cache')->store('stopwords', \FeatherBB\Model\Cache::get_config(), '+1 week');
         }
         $stopwords = Container::get('cache')->retrieve('stopwords');
     }
     // If it is a stopword it isn't valid
     if (in_array($word, $stopwords)) {
         return false;
     }
     // If the word is CJK we don't want to index it, but we do want to be allowed to search it
     if ($this->is_cjk($word)) {
         return !$idx;
     }
     // Exclude % and * when checking whether current word is valid
     $word = str_replace(array('%', '*'), '', $word);
     // Check the word is within the min/max length
     $num_chars = Utils::strlen($word);
     return $num_chars >= ForumEnv::get('FEATHER_SEARCH_MIN_WORD') && $num_chars <= ForumEnv::get('FEATHER_SEARCH_MAX_WORD');
 }
Beispiel #3
0
 public static function generateAdminMenu($page = '')
 {
     $is_admin = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') ? true : false;
     // See if there are any plugins that want to display in the menu
     $plugins = self::adminPluginsMenu($is_admin);
     \View::setPageInfo(array('page' => $page, 'is_admin' => $is_admin, 'plugins' => $plugins), 1)->addTemplate('admin/menu.php');
 }
Beispiel #4
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.register.display');
     if (!User::get()->is_guest) {
         return Router::redirect(Router::pathFor('home'));
     }
     // Antispam feature
     $lang_antispam_questions = (require ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/antispam.php');
     $index_questions = rand(0, count($lang_antispam_questions) - 1);
     // Display an error message if new registrations are disabled
     // If $_REQUEST['username'] or $_REQUEST['password'] are filled, we are facing a bot
     if (ForumSettings::get('o_regs_allow') == '0' || Input::post('username') || Input::post('password')) {
         throw new Error(__('No new regs'), 403);
     }
     $user['timezone'] = isset($user['timezone']) ? $user['timezone'] : ForumSettings::get('o_default_timezone');
     $user['dst'] = isset($user['dst']) ? $user['dst'] : ForumSettings::get('o_default_dst');
     $user['email_setting'] = isset($user['email_setting']) ? $user['email_setting'] : ForumSettings::get('o_default_email_setting');
     $user['errors'] = '';
     if (Request::isPost()) {
         $user = $this->model->check_for_errors();
         // Did everything go according to plan? Insert the user
         if (empty($user['errors'])) {
             return $this->model->insert_user($user);
         }
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Register')), 'focus_element' => array('register', 'req_user'), 'required_fields' => array('req_user' => __('Username'), 'req_password1' => __('Password'), 'req_password2' => __('Confirm pass'), 'req_email1' => __('Email'), 'req_email2' => __('Email') . ' 2', 'captcha' => __('Robot title')), 'active_page' => 'register', 'is_indexed' => true, 'errors' => $user['errors'], 'index_questions' => $index_questions, 'languages' => \FeatherBB\Core\Lister::getLangs(), 'question' => array_keys($lang_antispam_questions), 'qencoded' => md5(array_keys($lang_antispam_questions)[$index_questions])))->addTemplate('register/form.php')->display();
 }
Beispiel #5
0
 public function __construct()
 {
     $this->model = new \FeatherBB\Model\Admin\Bans();
     translate('admin/bans');
     if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator != '1' || User::get()->g_mod_ban_users == '0')) {
         throw new Error(__('No permission'), '403');
     }
 }
Beispiel #6
0
 public function __invoke($request, $response, $next)
 {
     // Redirect user to home page if not admin
     if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN')) {
         return Router::redirect(Router::pathFor('home'), __('No permission'));
     }
     $response = $next($request, $response);
     return $response;
 }
Beispiel #7
0
 public function get_smiley_files()
 {
     $imgfiles = array();
     $filelist = scandir(ForumEnv::get('FEATHER_ROOT') . 'style/img/smilies');
     $filelist = Container::get('hooks')->fire('model.admin.parser.get_smiley_files.filelist', $filelist);
     foreach ($filelist as $file) {
         if (preg_match('/\\.(?:png|gif|jpe?g)$/', $file)) {
             $imgfiles[] = $file;
         }
     }
     $imgfiles = Container::get('hooks')->fire('model.admin.parser.get_smiley_files.imgfiles', $imgfiles);
     return $imgfiles;
 }
Beispiel #8
0
 /**
  * Get available langs
  */
 public static function getLangs($folder = '')
 {
     $langs = array();
     $iterator = new \DirectoryIterator(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/');
     foreach ($iterator as $child) {
         if (!$child->isDot() && $child->isDir() && file_exists($child->getPathname() . DIRECTORY_SEPARATOR . 'common.po')) {
             // If the lang pack is well formed, add it to the list
             $langs[] = $child->getFileName();
         }
     }
     natcasesort($langs);
     return $langs;
 }
Beispiel #9
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.users.display');
     // Move multiple users to other user groups
     if (Input::post('move_users') || Input::post('move_users_comply')) {
         if (User::get()->g_id > ForumEnv::get('FEATHER_ADMIN')) {
             throw new Error(__('No permission'), 403);
         }
         AdminUtils::generateAdminMenu('users');
         return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Move users')), 'active_page' => 'moderate', 'admin_console' => true, 'move' => $this->model->move_users()))->addTemplate('admin/users/move_users.php')->display();
     }
     // Delete multiple users
     if (Input::post('delete_users') || Input::post('delete_users_comply')) {
         if (User::get()->g_id > ForumEnv::get('FEATHER_ADMIN')) {
             throw new Error(__('No permission'), 403);
         }
         AdminUtils::generateAdminMenu('users');
         return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Delete users')), 'active_page' => 'moderate', 'admin_console' => true, 'user_ids' => $this->model->delete_users()))->addTemplate('admin/users/delete_users.php')->display();
     }
     // Ban multiple users
     if (Input::post('ban_users') || Input::post('ban_users_comply')) {
         if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator != '1' || User::get()->g_mod_ban_users == '0')) {
             throw new Error(__('No permission'), 403);
         }
         AdminUtils::generateAdminMenu('users');
         return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Bans')), 'active_page' => 'moderate', 'focus_element' => array('bans2', 'ban_message'), 'admin_console' => true, 'user_ids' => $this->model->ban_users()))->addTemplate('admin/users/ban_users.php')->display();
     }
     // Display bans
     if (Input::query('find_user')) {
         // Return conditions and query string for the URL
         $search = $this->model->get_user_search();
         // Fetch user count
         $num_users = $this->model->get_num_users_search($search['conditions']);
         // Determine the user offset (based on $_GET['p'])
         $num_pages = ceil($num_users / 50);
         $p = !Input::query('p') || Input::query('p') <= 1 || Input::query('p') > $num_pages ? 1 : intval(Input::query('p'));
         $start_from = 50 * ($p - 1);
         // Generate paging links
         $paging_links = '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate_old($num_pages, $p, '?find_user=&amp;' . implode('&amp;', $search['query_str']));
         // Some helper variables for permissions
         $can_delete = $can_move = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN');
         $can_ban = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_ban_users == '1';
         $can_action = ($can_delete || $can_ban || $can_move) && $num_users > 0;
         View::addAsset('js', 'style/imports/common.js', array('type' => 'text/javascript'));
         View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Results head')), 'active_page' => 'admin', 'admin_console' => true, 'paging_links' => $paging_links, 'search' => $search, 'start_from' => $start_from, 'can_delete' => $can_delete, 'can_ban' => $can_ban, 'can_action' => $can_action, 'can_move' => $can_move, 'user_data' => $this->model->print_users($search['conditions'], $search['order_by'], $search['direction'], $start_from)))->addTemplate('admin/users/find_users.php')->display();
     } else {
         AdminUtils::generateAdminMenu('users');
         return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users')), 'active_page' => 'admin', 'admin_console' => true, 'focus_element' => array('find_user', 'form[username]'), 'group_list' => $this->model->get_group_list()))->addTemplate('admin/users/admin_users.php')->display();
     }
 }
Beispiel #10
0
 /**
  * Uninstall a plugin after deactivated
  */
 public function uninstall($name)
 {
     $name = Container::get('hooks')->fire('model.plugin.uninstall.name', $name);
     $activePlugins = $this->manager->getActivePlugins();
     // Check if plugin is disabled, for security
     if (!in_array($name, $activePlugins)) {
         $plugin = DB::for_table('plugins')->where('name', $name)->find_one();
         if ($plugin) {
             $plugin->delete();
         }
         // Allow additional uninstalling functions
         $this->manager->uninstall($name);
         if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $name)) {
             AdminUtils::delete_folder(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $name);
         }
         $this->manager->setActivePlugins();
     }
     return true;
 }
Beispiel #11
0
/**
 * Load a .mo file into the text domain $domain.
 *
 * If the text domain already exists, the translations will be merged. If both
 * sets have the same string, the translation from the original value will be taken.
 *
 * On success, the .mo file will be placed in the $l10n global by $domain
 * and will be a MO object.
 *
 * @param    string     $domain Text domain. Unique identifier for retrieving translated strings.
 * @param    string     $mofile Path to the .mo file.
 *
 * @return   boolean    True on success, false on failure.
 *
 * Inspired from Luna <http://getluna.org>
 */
function translate($mofile, $domain = 'featherbb', $language = false)
{
    global $l10n;
    if (!$language) {
        $mofile = ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/' . $mofile . '.mo';
    } else {
        $mofile = ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . $language . '/' . $mofile . '.mo';
    }
    if (!is_readable($mofile)) {
        return false;
    }
    $mo = new MO();
    if (!$mo->import_from_file($mofile)) {
        return false;
    }
    if (isset($l10n[$domain])) {
        $mo->merge_with($l10n[$domain]);
    }
    $l10n[$domain] =& $mo;
    return true;
}
Beispiel #12
0
 /**
  * Download a plugin, unzip it and rename it
  */
 public function download($req, $res, $args)
 {
     $zipFile = ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip';
     $zipResource = fopen($zipFile, "w");
     // Get the zip file straight from GitHub
     $ch = curl_init();
     curl_setopt($ch, CURLOPT_URL, 'https://codeload.github.com/featherbb/' . $args['name'] . '/zip/' . $args['version']);
     curl_setopt($ch, CURLOPT_FAILONERROR, true);
     curl_setopt($ch, CURLOPT_HEADER, 0);
     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
     curl_setopt($ch, CURLOPT_AUTOREFERER, true);
     curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
     curl_setopt($ch, CURLOPT_TIMEOUT, 10);
     curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
     curl_setopt($ch, CURLOPT_FILE, $zipResource);
     $page = curl_exec($ch);
     curl_close($ch);
     fclose($zipResource);
     if (!$page) {
         unlink(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip');
         throw new Error(__('Bad request'), 400);
     }
     $zip = new ZipArchive();
     if ($zip->open($zipFile) != true) {
         throw new Error(__('Bad request'), 400);
     }
     $zip->extractTo(ForumEnv::get('FEATHER_ROOT') . 'plugins');
     $zip->close();
     if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'])) {
         AdminUtils::delete_folder(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name']);
     }
     rename(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'], ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name']);
     unlink(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip');
     return Router::redirect(Router::pathFor('adminPlugins'), 'Plugin downloaded!');
 }
Beispiel #13
0
 public function insert_user($user)
 {
     $user = Container::get('hooks')->fire('model.register.insert_user_start', $user);
     // Insert the new user into the database. We do this now to get the last inserted ID for later use
     $now = time();
     $intial_group_id = ForumSettings::get('o_regs_verify') == '0' ? ForumSettings::get('o_default_user_group') : ForumEnv::get('FEATHER_UNVERIFIED');
     $password_hash = Random::hash($user['password1']);
     // Add the user
     $user['insert'] = array('username' => $user['username'], 'group_id' => $intial_group_id, 'password' => $password_hash, 'email' => $user['email1'], 'email_setting' => ForumSettings::get('o_default_email_setting'), 'timezone' => ForumSettings::get('o_default_timezone'), 'dst' => 0, 'language' => $user['language'], 'style' => ForumSettings::get('o_default_style'), 'registered' => $now, 'registration_ip' => Utils::getIp(), 'last_visit' => $now);
     $user = DB::for_table('users')->create()->set($user['insert']);
     $user = Container::get('hooks')->fireDB('model.register.insert_user_query', $user);
     $user = $user->save();
     $new_uid = DB::get_db()->lastInsertId(ForumSettings::get('db_prefix') . 'users');
     // If the mailing list isn't empty, we may need to send out some alerts
     if (ForumSettings::get('o_mailing_list') != '') {
         // If we previously found out that the email was banned
         if (isset($user['banned_email'])) {
             // Load the "banned email register" template
             $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/banned_email_register.tpl'));
             $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_banned_mail_tpl', $mail_tpl);
             // The first row contains the subject
             $first_crlf = strpos($mail_tpl, "\n");
             $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
             $mail_subject = Container::get('hooks')->fire('model.register.insert_user_banned_mail_subject', $mail_subject);
             $mail_message = trim(substr($mail_tpl, $first_crlf));
             $mail_message = str_replace('<username>', $user['username'], $mail_message);
             $mail_message = str_replace('<email>', $user['email1'], $mail_message);
             $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
             $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
             $mail_message = Container::get('hooks')->fire('model.register.insert_user_banned_mail_message', $mail_message);
             Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
         }
         // If we previously found out that the email was a dupe
         if (!empty($dupe_list)) {
             // Load the "dupe email register" template
             $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/dupe_email_register.tpl'));
             $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_tpl', $mail_tpl);
             // The first row contains the subject
             $first_crlf = strpos($mail_tpl, "\n");
             $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
             $mail_subject = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_subject', $mail_subject);
             $mail_message = trim(substr($mail_tpl, $first_crlf));
             $mail_message = str_replace('<username>', $user['username'], $mail_message);
             $mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message);
             $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
             $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
             $mail_message = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_message', $mail_message);
             Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
         }
         // Should we alert people on the admin mailing list that a new user has registered?
         if (ForumSettings::get('o_regs_report') == '1') {
             // Load the "new user" template
             $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/new_user.tpl'));
             $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_new_mail_tpl', $mail_tpl);
             // The first row contains the subject
             $first_crlf = strpos($mail_tpl, "\n");
             $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
             $mail_subject = Container::get('hooks')->fire('model.register.insert_user_new_mail_subject', $mail_subject);
             $mail_message = trim(substr($mail_tpl, $first_crlf));
             $mail_message = str_replace('<username>', $user['username'], $mail_message);
             $mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message);
             $mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
             $mail_message = str_replace('<admin_url>', Router::pathFor('profileSection', ['id' => $new_uid, 'section' => 'admin']), $mail_message);
             $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
             $mail_message = Container::get('hooks')->fire('model.register.insert_user_new_mail_message', $mail_message);
             Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
         }
     }
     // Must the user verify the registration or do we log him/her in right now?
     if (ForumSettings::get('o_regs_verify') == '1') {
         // Load the "welcome" template
         $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/welcome.tpl'));
         $mail_tpl = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_tpl', $mail_tpl);
         // The first row contains the subject
         $first_crlf = strpos($mail_tpl, "\n");
         $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
         $mail_subject = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_subject', $mail_subject);
         $mail_message = trim(substr($mail_tpl, $first_crlf));
         $mail_subject = str_replace('<board_title>', ForumSettings::get('o_board_title'), $mail_subject);
         $mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message);
         $mail_message = str_replace('<username>', $user['username'], $mail_message);
         $mail_message = str_replace('<password>', $user['password1'], $mail_message);
         $mail_message = str_replace('<login_url>', Router::pathFor('login'), $mail_message);
         $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
         $mail_message = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_message', $mail_message);
         Container::get('email')->feather_mail($user['email1'], $mail_subject, $mail_message);
         return Router::redirect(Router::pathFor('home'), __('Reg email') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.');
     }
     $user_object = new \stdClass();
     $user_object->id = $new_uid;
     $user_object->username = $user['username'];
     $expire = time() + ForumSettings::get('o_timeout_visit');
     $jwt = AuthModel::generate_jwt($user_object, $expire);
     AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
     // Refresh cache
     Container::get('cache')->store('users_info', Cache::get_users_info());
     Container::get('hooks')->fire('model.register.insert_user');
     return Router::redirect(Router::pathFor('home'), __('Reg complete'));
 }
?>
"><input type="hidden" name="csrf_value" value="<?php 
echo $csrf_value;
?>
">
            <div class="inform">
                <fieldset>
                    <legend><?php 
_e('Username and pass legend');
?>
</legend>
                    <div class="infldset">
                        <input type="hidden" name="form_sent" value="1" />
                        <?php 
echo $user_disp['username_field'];
if (User::get()->id == $id || User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || $user['g_moderator'] == '0' && User::get()->g_mod_change_passwords == '1') {
    ?>
                            <p class="actions"><span><a href="<?php 
    echo Router::pathFor('profileAction', ['id' => $id, 'action' => 'change_pass']);
    ?>
"><?php 
    _e('Change pass');
    ?>
</a></span></p>
<?php 
}
?>
                        </div>
                </fieldset>
            </div>
            <div class="inform">
Beispiel #15
0
<?php 
foreach ($assets as $type => $items) {
    if ($type == 'js') {
        continue;
    }
    echo "\t" . '<!-- ' . ucfirst($type) . ' -->' . "\n";
    foreach ($items as $item) {
        echo "\t" . '<link ';
        foreach ($item['params'] as $key => $value) {
            echo $key . '="' . $value . '" ';
        }
        echo 'href="' . Url::base_static() . '/' . $item['file'] . '">' . "\n";
    }
}
if ($admin_console) {
    if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'style/themes/' . User::get()->style . '/base_admin.css')) {
        echo "\t" . '<link rel="stylesheet" type="text/css" href="' . Url::base_static() . '/style/themes/' . User::get()->style . '/base_admin.css" />' . "\n";
    } else {
        echo "\t" . '<link rel="stylesheet" type="text/css" href="' . Url::base_static() . '/style/imports/base_admin.css" />' . "\n";
    }
}
if (isset($required_fields)) {
    // Output JavaScript to validate form (make sure required fields are filled out)
    ?>
    <script type="text/javascript">
        /* <![CDATA[ */
        function process_form(the_form)
        {
            var required_fields = {
                <?php 
    // Output a JavaScript object with localised field names
Beispiel #16
0
 public function __invoke($req, $res, $next)
 {
     // Set headers
     $res = $this->set_headers($res);
     // Block prefetch requests
     if (isset($this->app->environment['HTTP_X_MOZ']) && $this->app->environment['HTTP_X_MOZ'] == 'prefetch') {
         return $this->app->response->setStatus(403);
         // Send forbidden header
     }
     // Populate Slim object with forum_env vars
     Container::set('forum_env', $this->forum_env);
     // Load FeatherBB utils class
     Container::set('utils', function ($container) {
         return new Utils();
     });
     // Record start time
     Container::set('start', Utils::get_microtime());
     // Define now var
     Container::set('now', function () {
         return time();
     });
     // Load FeatherBB cache
     Container::set('cache', function ($container) {
         $path = $this->forum_env['FORUM_CACHE_DIR'];
         return new \FeatherBB\Core\Cache(array('name' => 'feather', 'path' => $path, 'extension' => '.cache'));
     });
     // Load FeatherBB permissions
     Container::set('perms', function ($container) {
         return new \FeatherBB\Core\Permissions();
     });
     // Load FeatherBB preferences
     Container::set('prefs', function ($container) {
         return new \FeatherBB\Core\Preferences();
     });
     // Load FeatherBB view
     Container::set('template', function ($container) {
         return new View();
     });
     // Load FeatherBB url class
     Container::set('url', function ($container) {
         return new Url();
     });
     // Load FeatherBB hooks
     Container::set('hooks', function ($container) {
         return new Hooks();
     });
     // Load FeatherBB email class
     Container::set('email', function ($container) {
         return new Email();
     });
     Container::set('parser', function ($container) {
         return new Parser();
     });
     // Set cookies
     Container::set('cookie', function ($container) {
         $request = $container->get('request');
         return new \Slim\Http\Cookies($request->getCookieParams());
     });
     Container::set('flash', function ($c) {
         return new \Slim\Flash\Messages();
     });
     // This is the very first hook fired
     Container::get('hooks')->fire('core.start');
     if (!is_file(ForumEnv::get('FORUM_CONFIG_FILE'))) {
         // Reset cache
         Container::get('cache')->flush();
         $installer = new \FeatherBB\Controller\Install();
         return $installer->run();
     }
     // Load config from disk
     include ForumEnv::get('FORUM_CONFIG_FILE');
     if (isset($featherbb_config) && is_array($featherbb_config)) {
         $this->forum_settings = array_merge(self::load_default_forum_settings(), $featherbb_config);
     } else {
         $this->app->response->setStatus(500);
         // Send forbidden header
         return $this->app->response->setBody('Wrong config file format');
     }
     // Init DB and configure Slim
     self::init_db($this->forum_settings, ForumEnv::get('FEATHER_SHOW_INFO'));
     Config::set('displayErrorDetails', ForumEnv::get('FEATHER_DEBUG'));
     if (!Container::get('cache')->isCached('config')) {
         Container::get('cache')->store('config', \FeatherBB\Model\Cache::get_config());
     }
     // Finalize forum_settings array
     $this->forum_settings = array_merge(Container::get('cache')->retrieve('config'), $this->forum_settings);
     Container::set('forum_settings', $this->forum_settings);
     // Set default style and assets
     Container::get('template')->setStyle(ForumSettings::get('o_default_style'));
     Container::get('template')->addAsset('js', 'style/themes/FeatherBB/phone.min.js');
     // Run activated plugins
     self::loadPlugins();
     // Define time formats and add them to the container
     Container::set('forum_time_formats', array(ForumSettings::get('o_time_format'), 'H:i:s', 'H:i', 'g:i:s a', 'g:i a'));
     Container::set('forum_date_formats', array(ForumSettings::get('o_date_format'), 'Y-m-d', 'Y-d-m', 'd-m-Y', 'm-d-Y', 'M j Y', 'jS M Y'));
     // Call FeatherBBAuth middleware
     return $next($req, $res);
 }
Beispiel #17
0
 public static function generate_avatar_markup($user_id)
 {
     $filetypes = array('jpg', 'gif', 'png');
     $avatar_markup = '';
     foreach ($filetypes as $cur_type) {
         $path = ForumSettings::get('o_avatars_dir') . '/' . $user_id . '.' . $cur_type;
         if (file_exists(ForumEnv::get('FEATHER_ROOT') . $path) && ($img_size = getimagesize(ForumEnv::get('FEATHER_ROOT') . $path))) {
             $avatar_markup = '<img src="' . \FeatherBB\Core\Utils::escape(Container::get('url')->base(true) . '/' . $path . '?m=' . filemtime(ForumEnv::get('FEATHER_ROOT') . $path)) . '" ' . $img_size[3] . ' alt="" />';
             break;
         }
     }
     return $avatar_markup;
 }
Beispiel #18
0
 public function set_default_group($groups)
 {
     $group_id = intval(Input::post('default_group'));
     $group_id = Container::get('hooks')->fire('model.admin.groups.set_default_group.group_id', $group_id);
     // Make sure it's not the admin or guest groups
     if ($group_id == ForumEnv::get('FEATHER_ADMIN') || $group_id == ForumEnv::get('FEATHER_GUEST')) {
         throw new Error(__('Bad request'), 404);
     }
     // Make sure it's not a moderator group
     if ($groups[$group_id]['g_moderator'] != 0) {
         throw new Error(__('Bad request'), 404);
     }
     DB::for_table('config')->where('conf_name', 'o_default_user_group')->update_many('conf_value', $group_id);
     // Regenerate the config cache
     Container::get('cache')->store('config', Cache::get_config());
     return Router::redirect(Router::pathFor('adminGroups'), __('Default group redirect'));
 }
Beispiel #19
0
 public function editpost($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.post.edit');
     // Fetch some informations about the post, the topic and the forum
     $cur_post = $this->model->get_info_edit($args['id']);
     // Sort out who the moderators are and if we are currently a moderator (or an admin)
     $mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
     $is_admmod = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && array_key_exists(User::get()->username, $mods_array) ? true : false;
     $can_edit_subject = $args['id'] == $cur_post['first_post_id'];
     if (ForumSettings::get('o_censoring') == '1') {
         $cur_post['subject'] = Utils::censor($cur_post['subject']);
         $cur_post['message'] = Utils::censor($cur_post['message']);
     }
     // Do we have permission to edit this post?
     if ((User::get()->g_edit_posts == '0' || $cur_post['poster_id'] != User::get()->id || $cur_post['closed'] == '1') && !$is_admmod) {
         throw new Error(__('No permission'), 403);
     }
     if ($is_admmod && User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
         throw new Error(__('No permission'), 403);
     }
     // Start with a clean slate
     $errors = array();
     if (Request::isPost()) {
         Container::get('hooks')->fire('controller.post.edit.submit', $args['id']);
         // Let's see if everything went right
         $errors = $this->model->check_errors_before_edit($can_edit_subject, $errors);
         // Setup some variables before post
         $post = $this->model->setup_edit_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
         // Did everything go according to plan?
         if (empty($errors) && !Input::post('preview')) {
             Container::get('hooks')->fire('controller.post.edit.valid', $args['id']);
             // Edit the post
             $this->model->edit_post($args['id'], $can_edit_subject, $post, $cur_post, $is_admmod);
             return Router::redirect(Router::pathFor('viewPost', ['pid' => $args['id']]) . '#p' . $args['id'], __('Post redirect'));
         }
     } else {
         $post = '';
     }
     if (Input::post('preview')) {
         $preview_message = Container::get('parser')->parse_message($post['message'], $post['hide_smilies']);
         $preview_message = Container::get('hooks')->fire('controller.post.edit.preview', $preview_message);
     } else {
         $preview_message = '';
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Edit post')), 'required_fields' => array('req_subject' => __('Subject'), 'req_message' => __('Message')), 'focus_element' => array('edit', 'req_message'), 'cur_post' => $cur_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $args['id'], 'checkboxes' => $this->model->get_edit_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'can_edit_subject' => $can_edit_subject, 'post' => $post))->addTemplate('edit.php')->display();
 }
Beispiel #20
0
 public function send_email($mail)
 {
     $mail = Container::get('hooks')->fire('model.profile.send_email_start', $mail);
     // Clean up message and subject from POST
     $subject = Utils::trim(Input::post('req_subject'));
     $message = Utils::trim(Input::post('req_message'));
     if ($subject == '') {
         throw new Error(__('No email subject'), 400);
     } elseif ($message == '') {
         throw new Error(__('No email message'), 400);
     } elseif (strlen($message) > ForumEnv::get('FEATHER_MAX_POSTSIZE')) {
         throw new Error(__('Too long email message'), 400);
     }
     if (User::get()->last_email_sent != '' && time() - User::get()->last_email_sent < User::get()->g_email_flood && time() - User::get()->last_email_sent >= 0) {
         throw new Error(sprintf(__('Email flood'), User::get()->g_email_flood, User::get()->g_email_flood - (time() - User::get()->last_email_sent)), 429);
     }
     // Load the "form email" template
     $mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/form_email.tpl'));
     $mail_tpl = Container::get('hooks')->fire('model.profile.send_email_mail_tpl', $mail_tpl);
     // The first row contains the subject
     $first_crlf = strpos($mail_tpl, "\n");
     $mail_subject = Utils::trim(substr($mail_tpl, 8, $first_crlf - 8));
     $mail_message = Utils::trim(substr($mail_tpl, $first_crlf));
     $mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
     $mail_message = str_replace('<sender>', User::get()->username, $mail_message);
     $mail_message = str_replace('<board_title>', ForumSettings::get('o_board_title'), $mail_message);
     $mail_message = str_replace('<mail_message>', $message, $mail_message);
     $mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
     $mail_message = Container::get('hooks')->fire('model.profile.send_email_mail_message', $mail_message);
     Container::get('email')->feather_mail($mail['recipient_email'], $mail_subject, $mail_message, User::get()->email, User::get()->username);
     $update_last_mail_sent = DB::for_table('users')->where('id', User::get()->id)->find_one()->set('last_email_sent', time());
     $update_last_mail_sent = Container::get('hooks')->fireDB('model.profile.send_email_update_last_mail_sent', $update_last_mail_sent);
     $update_last_mail_sent = $update_last_mail_sent->save();
     // Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after the email is sent) TODO
     //$redirect_url = validate_redirect(Input::post('redirect_url'), 'index.php');
     return Router::redirect(Router::pathFor('home'), __('Email sent redirect'));
 }
Beispiel #21
0
 public function insert_ban()
 {
     $ban_user = Utils::trim(Input::post('ban_user'));
     $ban_ip = Utils::trim(Input::post('ban_ip'));
     $ban_email = strtolower(Utils::trim(Input::post('ban_email')));
     $ban_message = Utils::trim(Input::post('ban_message'));
     $ban_expire = Utils::trim(Input::post('ban_expire'));
     Container::get('hooks')->fire('model.admin.bans.insert_ban_start', $ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire);
     if ($ban_user == '' && $ban_ip == '' && $ban_email == '') {
         throw new Error(__('Must enter message'), 400);
     } elseif (strtolower($ban_user) == 'guest') {
         throw new Error(__('Cannot ban guest message'), 400);
     }
     // Make sure we're not banning an admin or moderator
     if (!empty($ban_user)) {
         $group_id = DB::for_table('users')->where('username', $ban_user)->where_gt('id', 1)->find_one_col('group_id');
         if ($group_id) {
             if ($group_id == ForumEnv::get('FEATHER_ADMIN')) {
                 throw new Error(sprintf(__('User is admin message'), Utils::escape($ban_user)), 403);
             }
             $is_moderator_group = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator');
             if ($is_moderator_group) {
                 throw new Error(sprintf(__('User is mod message'), Utils::escape($ban_user)), 403);
             }
         }
     }
     // Validate IP/IP range (it's overkill, I know)
     if ($ban_ip != '') {
         $ban_ip = preg_replace('%\\s{2,}%S', ' ', $ban_ip);
         $addresses = explode(' ', $ban_ip);
         $addresses = array_map('trim', $addresses);
         for ($i = 0; $i < count($addresses); ++$i) {
             if (strpos($addresses[$i], ':') !== false) {
                 $octets = explode(':', $addresses[$i]);
                 for ($c = 0; $c < count($octets); ++$c) {
                     $octets[$c] = ltrim($octets[$c], "0");
                     if ($c > 7 || !empty($octets[$c]) && !ctype_xdigit($octets[$c]) || intval($octets[$c], 16) > 65535) {
                         throw new Error(__('Invalid IP message'), 400);
                     }
                 }
                 $cur_address = implode(':', $octets);
                 $addresses[$i] = $cur_address;
             } else {
                 $octets = explode('.', $addresses[$i]);
                 for ($c = 0; $c < count($octets); ++$c) {
                     $octets[$c] = strlen($octets[$c]) > 1 ? ltrim($octets[$c], "0") : $octets[$c];
                     if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255) {
                         throw new Error(__('Invalid IP message'), 400);
                     }
                 }
                 $cur_address = implode('.', $octets);
                 $addresses[$i] = $cur_address;
             }
         }
         $ban_ip = implode(' ', $addresses);
     }
     if ($ban_email != '' && !Container::get('email')->is_valid_email($ban_email)) {
         if (!preg_match('%^[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,63})$%', $ban_email)) {
             throw new Error(__('Invalid e-mail message'), 400);
         }
     }
     if ($ban_expire != '' && $ban_expire != 'Never') {
         $ban_expire = strtotime($ban_expire . ' GMT');
         if ($ban_expire == -1 || !$ban_expire) {
             throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
         }
         $diff = (User::get()->timezone + User::get()->dst) * 3600;
         $ban_expire -= $diff;
         if ($ban_expire <= time()) {
             throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
         }
     } else {
         $ban_expire = 'NULL';
     }
     $ban_user = $ban_user != '' ? $ban_user : '******';
     $ban_ip = $ban_ip != '' ? $ban_ip : 'NULL';
     $ban_email = $ban_email != '' ? $ban_email : 'NULL';
     $ban_message = $ban_message != '' ? $ban_message : 'NULL';
     $insert_update_ban = array('username' => $ban_user, 'ip' => $ban_ip, 'email' => $ban_email, 'message' => $ban_message, 'expire' => $ban_expire);
     $insert_update_ban = Container::get('hooks')->fire('model.admin.bans.insert_ban_data', $insert_update_ban);
     if (Input::post('mode') == 'add') {
         $insert_update_ban['ban_creator'] = User::get()->id;
         $result = DB::for_table('bans')->create()->set($insert_update_ban)->save();
     } else {
         $result = DB::for_table('bans')->where('id', Input::post('ban_id'))->find_one()->set($insert_update_ban)->save();
     }
     // Regenerate the bans cache
     Container::get('cache')->store('bans', Cache::get_bans());
     return Router::redirect(Router::pathFor('adminBans'), __('Ban edited redirect'));
 }
Beispiel #22
0
 public function get_default_group_permissions($fetch_admin = true)
 {
     $select_get_default_group_permissions = array('g_id', 'g_read_board', 'g_post_replies', 'g_post_topics');
     $result = DB::for_table('groups')->select_many($select_get_default_group_permissions);
     if (!$fetch_admin) {
         $result->where_not_equal('g_id', ForumEnv::get('FEATHER_ADMIN'));
     }
     $result = $result->order_by_asc('g_id');
     $result = Container::get('hooks')->fireDB('model.admin.forums.get_default_group_permissions_query', $result);
     $result = $result->find_array();
     return $result;
 }
Beispiel #23
0
 public function load_default_config(array $data)
 {
     Container::get('hooks')->fire('controller.install.load_default_config');
     return array('o_cur_version' => ForumEnv::get('FORUM_VERSION'), 'o_database_revision' => ForumEnv::get('FORUM_DB_REVISION'), 'o_searchindex_revision' => ForumEnv::get('FORUM_SI_REVISION'), 'o_parser_revision' => ForumEnv::get('FORUM_PARSER_REVISION'), 'o_board_title' => $data['title'], 'o_board_desc' => $data['description'], 'o_default_timezone' => 0, 'o_time_format' => 'H:i:s', 'o_date_format' => 'Y-m-d', 'o_timeout_visit' => 1800, 'o_timeout_online' => 300, 'o_redirect_delay' => 1, 'o_show_version' => 0, 'o_show_user_info' => 1, 'o_show_post_count' => 1, 'o_signatures' => 1, 'o_smilies' => 1, 'o_smilies_sig' => 1, 'o_make_links' => 1, 'o_default_lang' => $data['default_lang'], 'o_default_style' => $data['default_style'], 'o_default_user_group' => 4, 'o_topic_review' => 15, 'o_disp_topics_default' => 30, 'o_disp_posts_default' => 25, 'o_indent_num_spaces' => 4, 'o_quote_depth' => 3, 'o_quickpost' => 1, 'o_users_online' => 1, 'o_censoring' => 0, 'o_show_dot' => 0, 'o_topic_views' => 1, 'o_quickjump' => 1, 'o_gzip' => 0, 'o_additional_navlinks' => '', 'o_report_method' => 0, 'o_regs_report' => 0, 'o_default_email_setting' => 1, 'o_mailing_list' => $data['email'], 'o_avatars' => $data['avatars'], 'o_avatars_dir' => 'style/img/avatars', 'o_avatars_width' => 60, 'o_avatars_height' => 60, 'o_avatars_size' => 10240, 'o_search_all_forums' => 1, 'o_base_url' => $data['base_url'], 'o_admin_email' => $data['email'], 'o_webmaster_email' => $data['email'], 'o_forum_subscriptions' => 1, 'o_topic_subscriptions' => 1, 'o_smtp_host' => null, 'o_smtp_user' => null, 'o_smtp_pass' => null, 'o_smtp_ssl' => 0, 'o_regs_allow' => 1, 'o_regs_verify' => 0, 'o_announcement' => 0, 'o_announcement_message' => __('Announcement'), 'o_rules' => 0, 'o_rules_message' => __('Rules'), 'o_maintenance' => 0, 'o_maintenance_message' => __('Maintenance message'), 'o_default_dst' => 0, 'o_feed_type' => 2, 'o_feed_ttl' => 0, 'p_message_bbcode' => 1, 'p_message_img_tag' => 1, 'p_message_all_caps' => 1, 'p_subject_all_caps' => 1, 'p_sig_all_caps' => 1, 'p_sig_bbcode' => 1, 'p_sig_img_tag' => 0, 'p_sig_length' => 400, 'p_sig_lines' => 4, 'p_allow_banned_email' => 1, 'p_allow_dupe_email' => 0, 'p_force_guest_email' => 1);
 }
Beispiel #24
0
 protected function checkSimple($plugin)
 {
     return ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $plugin . DIRECTORY_SEPARATOR . $this->getNamespace($plugin) . '.php';
 }
Beispiel #25
0
 public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod)
 {
     $post_data = array();
     $post_data = Container::get('hooks')->fire('model.topic.print_posts_start', $post_data, $topic_id, $start_from, $cur_topic, $is_admmod);
     $post_count = 0;
     // Keep track of post numbers
     // Retrieve a list of post IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
     $result = DB::for_table('posts')->select('id')->where('topic_id', $topic_id)->order_by('id')->limit(User::get()->disp_topics)->offset($start_from);
     $result = Container::get('hooks')->fireDB('model.topic.print_posts_ids_query', $result);
     $result = $result->find_many();
     $post_ids = array();
     foreach ($result as $cur_post_id) {
         $post_ids[] = $cur_post_id['id'];
     }
     if (empty($post_ids)) {
         throw new Error('The post table and topic table seem to be out of sync!', 500);
     }
     // Retrieve the posts (and their respective poster/online status)
     $result['select'] = array('u.email', 'u.title', 'u.url', 'u.location', 'u.signature', 'u.email_setting', 'u.num_posts', 'u.registered', 'u.admin_note', 'p.id', 'username' => 'p.poster', 'p.poster_id', 'p.poster_ip', 'p.poster_email', 'p.message', 'p.hide_smilies', 'p.posted', 'p.edited', 'p.edited_by', 'g.g_id', 'g.g_user_title', 'g.g_promote_next_group', 'is_online' => 'o.user_id');
     $result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('users', array('u.id', '=', 'p.poster_id'), 'u')->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->raw_join('LEFT OUTER JOIN ' . ForumSettings::get('db_prefix') . 'online', "o.user_id!=1 AND o.idle=0 AND o.user_id=u.id", 'o')->where_in('p.id', $post_ids)->order_by('p.id');
     $result = Container::get('hooks')->fireDB('model.topic.print_posts_query', $result);
     $result = $result->find_array();
     foreach ($result as $cur_post) {
         $post_count++;
         $cur_post['user_avatar'] = '';
         $cur_post['user_info'] = array();
         $cur_post['user_contacts'] = array();
         $cur_post['post_actions'] = array();
         $cur_post['is_online_formatted'] = '';
         $cur_post['signature_formatted'] = '';
         // If the poster is a registered user
         if ($cur_post['poster_id'] > 1) {
             if (User::get()->g_view_users == '1') {
                 $cur_post['username_formatted'] = '<a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/">' . Utils::escape($cur_post['username']) . '</a>';
             } else {
                 $cur_post['username_formatted'] = Utils::escape($cur_post['username']);
             }
             $cur_post['user_title_formatted'] = Utils::get_title($cur_post);
             if (ForumSettings::get('o_censoring') == '1') {
                 $cur_post['user_title_formatted'] = Utils::censor($cur_post['user_title_formatted']);
             }
             // Format the online indicator
             $cur_post['is_online_formatted'] = $cur_post['is_online'] == $cur_post['poster_id'] ? '<strong>' . __('Online') . '</strong>' : '<span>' . __('Offline') . '</span>';
             if (ForumSettings::get('o_avatars') == '1' && User::get()->show_avatars != '0') {
                 if (isset($avatar_cache[$cur_post['poster_id']])) {
                     $cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']];
                 } else {
                     $cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']] = Utils::generate_avatar_markup($cur_post['poster_id']);
                 }
             }
             // We only show location, register date, post count and the contact links if "Show user info" is enabled
             if (ForumSettings::get('o_show_user_info') == '1') {
                 if ($cur_post['location'] != '') {
                     if (ForumSettings::get('o_censoring') == '1') {
                         $cur_post['location'] = Utils::censor($cur_post['location']);
                     }
                     $cur_post['user_info'][] = '<dd><span>' . __('From') . ' ' . Utils::escape($cur_post['location']) . '</span></dd>';
                 }
                 $cur_post['user_info'][] = '<dd><span>' . __('Registered topic') . ' ' . Utils::format_time($cur_post['registered'], true) . '</span></dd>';
                 if (ForumSettings::get('o_show_post_count') == '1' || User::get()->is_admmod) {
                     $cur_post['user_info'][] = '<dd><span>' . __('Posts topic') . ' ' . Utils::forum_number_format($cur_post['num_posts']) . '</span></dd>';
                 }
                 // Now let's deal with the contact links (Email and URL)
                 if (($cur_post['email_setting'] == '0' && !User::get()->is_guest || User::get()->is_admmod) && User::get()->g_send_email == '1') {
                     $cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['email']) . '">' . __('Email') . '</a></span>';
                 } elseif ($cur_post['email_setting'] == '1' && !User::get()->is_guest && User::get()->g_send_email == '1') {
                     $cur_post['user_contacts'][] = '<span class="email"><a href="' . Router::pathFor('email', ['id' => $cur_post['poster_id']]) . '">' . __('Email') . '</a></span>';
                 }
                 if ($cur_post['url'] != '') {
                     if (ForumSettings::get('o_censoring') == '1') {
                         $cur_post['url'] = Utils::censor($cur_post['url']);
                     }
                     $cur_post['user_contacts'][] = '<span class="website"><a href="' . Utils::escape($cur_post['url']) . '" rel="nofollow">' . __('Website') . '</a></span>';
                 }
             }
             if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_promote_users == '1') {
                 if ($cur_post['g_promote_next_group']) {
                     $cur_post['user_info'][] = '<dd><span><a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/action/promote/pid/' . $cur_post['id'] . '">' . __('Promote user') . '</a></span></dd>';
                 }
             }
             if (User::get()->is_admmod) {
                 $cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
                 if ($cur_post['admin_note'] != '') {
                     $cur_post['user_info'][] = '<dd><span>' . __('Note') . ' <strong>' . Utils::escape($cur_post['admin_note']) . '</strong></span></dd>';
                 }
             }
         } else {
             $cur_post['username_formatted'] = Utils::escape($cur_post['username']);
             $cur_post['user_title_formatted'] = Utils::get_title($cur_post);
             if (User::get()->is_admmod) {
                 $cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
             }
             if (ForumSettings::get('o_show_user_info') == '1' && $cur_post['poster_email'] != '' && !User::get()->is_guest && User::get()->g_send_email == '1') {
                 $cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['poster_email']) . '">' . __('Email') . '</a></span>';
             }
         }
         // Generation post action array (quote, edit, delete etc.)
         if (!$is_admmod) {
             if (!User::get()->is_guest) {
                 $cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
             }
             if ($cur_topic['closed'] == '0') {
                 if ($cur_post['poster_id'] == User::get()->id) {
                     if ($start_from + $post_count == 1 && User::get()->g_delete_topics == '1' || $start_from + $post_count > 1 && User::get()->g_delete_posts == '1') {
                         $cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
                     }
                     if (User::get()->g_edit_posts == '1') {
                         $cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
                     }
                 }
                 if ($cur_topic['post_replies'] == '' && User::get()->g_post_replies == '1' || $cur_topic['post_replies'] == '1') {
                     $cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
                 }
             }
         } else {
             $cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
             if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || !in_array($cur_post['poster_id'], $admin_ids)) {
                 $cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
                 $cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
             }
             $cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
         }
         // Perform the main parsing of the message (BBCode, smilies, censor words etc)
         $cur_post['message'] = Container::get('parser')->parse_message($cur_post['message'], $cur_post['hide_smilies']);
         // Do signature parsing/caching
         if (ForumSettings::get('o_signatures') == '1' && $cur_post['signature'] != '' && User::get()->show_sig != '0') {
             // if (isset($avatar_cache[$cur_post['poster_id']])) {
             //     $cur_post['signature_formatted'] = $avatar_cache[$cur_post['poster_id']];
             // } else {
             $cur_post['signature_formatted'] = Container::get('parser')->parse_signature($cur_post['signature']);
             //     $avatar_cache[$cur_post['poster_id']] = $cur_post['signature_formatted'];
             // }
         }
         $cur_post = Container::get('hooks')->fire('model.print_posts.one', $cur_post);
         $post_data[] = $cur_post;
     }
     $post_data = Container::get('hooks')->fire('model.topic.print_posts', $post_data);
     return $post_data;
 }
Beispiel #26
0
 protected function getDefaultPageInfo()
 {
     // Check if config file exists to avoid error when installing forum
     if (!Container::get('cache')->isCached('quickjump') && is_file(ForumEnv::get('FORUM_CONFIG_FILE'))) {
         Container::get('cache')->store('quickjump', \FeatherBB\Model\Cache::get_quickjump());
     }
     $title = Container::get('forum_settings') ? ForumSettings::get('o_board_title') : 'FeatherBB';
     $data = array('title' => Utils::escape($title), 'page_number' => null, 'active_page' => 'index', 'focus_element' => null, 'is_indexed' => true, 'admin_console' => false, 'page_head' => null, 'paging_links' => null, 'required_fields' => null, 'footer_style' => null, 'quickjump' => Container::get('cache')->retrieve('quickjump'), 'fid' => null, 'pid' => null, 'tid' => null);
     if (is_object(User::get()) && User::get()->is_admmod) {
         $data['has_reports'] = \FeatherBB\Model\Admin\Reports::has_reports();
     }
     if (ForumEnv::get('FEATHER_SHOW_INFO')) {
         $data['exec_info'] = \FeatherBB\Model\Debug::get_info();
         if (ForumEnv::get('FEATHER_SHOW_QUERIES')) {
             $data['queries_info'] = \FeatherBB\Model\Debug::get_queries();
         }
     }
     return $data;
 }
Beispiel #27
0
                                            </fieldset>
                                        </div>
                                        <p class="buttons"><input type="submit" value="<?php 
    _e('Change language');
    ?>
" /></p>
                                    </form>
                                </div>
                            </div>
                        <?php 
}
?>

                        <div class="blockform">
                            <h2><span><?php 
echo sprintf(__('Install'), ForumEnv::get('FORUM_VERSION'));
?>
</span></h2>
                            <div class="box">
                                <form id="install" method="post" action="">
                                    <input type="hidden" name="csrf_name" value="<?php 
echo $csrf_name;
?>
">
                                    <input type="hidden" name="csrf_value" value="<?php 
echo $csrf_value;
?>
">
                                    <?php 
if (!empty($errors)) {
    ?>
Beispiel #28
0
 public function moderate($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.topic.moderate');
     // Make sure that only admmods allowed access this page
     $forumModel = new \FeatherBB\Model\Forum();
     $moderators = $forumModel->get_moderators($args['id']);
     $mods_array = $moderators != '' ? unserialize($moderators) : array();
     if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator == '0' || !array_key_exists(User::get()->username, $mods_array))) {
         throw new Error(__('No permission'), 403);
     }
     $cur_topic = $this->model->get_topic_info($args['fid'], $args['id']);
     // Determine the post offset (based on $_GET['p'])
     $num_pages = ceil(($cur_topic['num_replies'] + 1) / User::get()->disp_posts);
     $p = !isset($args['page']) || $args['page'] <= 1 || $args['page'] > $num_pages ? 1 : intval($args['page']);
     $start_from = User::get()->disp_posts * ($p - 1);
     // Delete one or more posts
     if (Input::post('delete_posts_comply')) {
         return $this->model->delete_posts($args['id'], $args['fid']);
     } else {
         if (Input::post('delete_posts')) {
             $posts = $this->model->delete_posts($args['id'], $args['fid']);
             View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'active_page' => 'moderate', 'posts' => $posts))->addTemplate('moderate/delete_posts.php')->display();
         } else {
             if (Input::post('split_posts_comply')) {
                 return $this->model->split_posts($args['id'], $args['fid'], $p);
             } else {
                 if (Input::post('split_posts')) {
                     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'focus_element' => array('subject', 'new_subject'), 'page' => $p, 'active_page' => 'moderate', 'id' => $args['id'], 'posts' => $this->model->split_posts($args['id'], $args['fid'], $p), 'list_forums' => $this->model->get_forum_list_split($args['fid'])))->addTemplate('moderate/split_posts.php')->display();
                 } else {
                     // Show the moderate posts view
                     // Used to disable the Move and Delete buttons if there are no replies to this topic
                     $button_status = $cur_topic['num_replies'] == 0 ? ' disabled="disabled"' : '';
                     /*if (isset($_GET['action']) && $_GET['action'] == 'all') {
                               User::get()->disp_posts = $cur_topic['num_replies'] + 1;
                       }*/
                     if (ForumSettings::get('o_censoring') == '1') {
                         $cur_topic['subject'] = Utils::censor($cur_topic['subject']);
                     }
                     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), Utils::escape($cur_topic['forum_name']), Utils::escape($cur_topic['subject'])), 'page' => $p, 'active_page' => 'moderate', 'cur_topic' => $cur_topic, 'url_topic' => Url::url_friendly($cur_topic['subject']), 'url_forum' => Url::url_friendly($cur_topic['forum_name']), 'fid' => $args['fid'], 'id' => $args['id'], 'paging_links' => '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate($num_pages, $p, 'topic/moderate/' . $args['id'] . '/forum/' . $args['fid'] . '/#'), 'post_data' => $this->model->display_posts_moderate($args['id'], $start_from), 'button_status' => $button_status, 'start_from' => $start_from))->addTemplate('moderate/posts_view.php')->display();
                 }
             }
         }
     }
 }
Beispiel #29
0
    _e('Delete ban legend');
    ?>
</legend>
                        <div class="infldset">
                            <input type="submit" name="delete_user" value="<?php 
    _e('Delete user');
    ?>
" /> <input type="submit" name="ban" value="<?php 
    _e('Ban user');
    ?>
" />
                        </div>
                    </fieldset>
                </div>
<?php 
    if ($user['g_moderator'] == '1' || $user['g_id'] == ForumEnv::get('FEATHER_ADMIN')) {
        ?>
                <div class="inform">
                    <fieldset>
                        <legend><?php 
        _e('Set mods legend');
        ?>
</legend>
                        <div class="infldset">
                            <p><?php 
        _e('Moderator in info');
        ?>
</p>
                                                        <?php 
        echo $forum_list;
        ?>
<?php 
if (isset($title_field)) {
    ?>
                            <?php 
    echo $title_field;
}
?>
                            <label><?php 
_e('Location');
?>
<br /><input type="text" name="form_location" value="<?php 
echo Utils::escape($user['location']);
?>
" size="30" maxlength="30" /><br /></label>
<?php 
if (User::get()->g_post_links == '1' || User::get()->g_id == ForumEnv::get('FEATHER_ADMIN')) {
    ?>
                            <label><?php 
    _e('Website');
    ?>
<br /><input type="text" name="form_url" value="<?php 
    echo Utils::escape($user['url']);
    ?>
" size="50" maxlength="80" /><br /></label>
<?php 
}
?>
                    </div>
                </fieldset>
            </div>
            <p class="buttons"><input type="submit" name="update" value="<?php