/**
* Execute
*/
function execute(&$observer)
{
// MOD RJH
// Modification Date: 11-18-2004
// Add Tracking for all actions into a single consolidated Admin Log Table
// using Sushi to store data
// TRACKING
// ID (pk), USER ID(ind), IP(ind), datetime, request page, POST/GET
if( preg_match("/^10./",$_SERVER['REMOTE_ADDR']) ) return TRUE;
$GAIALOG = serialize(array($_GET,$_POST));
$dao_logging =& DaoFactory::create('admincpanellog.insert');
$dao_logging->setUserId(SC::get('userdata.user_id'));
$dao_logging->setUsername(SC::get('userdata.username'));
$dao_logging->setUserIp($_SERVER['REMOTE_ADDR']);
$dao_logging->setDatetime(SC::get('board_config.time_now'));
$dao_logging->setRequestFilename($_SERVER['SCRIPT_NAME']);
$dao_logging->setRequestData($GAIALOG);
$rs =& $dao_logging->execute();
if(!$rs->isSuccess())
{
$observer->set('error.message', "Unable to connect to the database, please try again later.");
$observer->set('error.title', 'Database Error');
$observer->set('error.code', GENERAL_ERROR);
$observer->set('error.line', __LINE__);
$observer->set('error.file', __FILE__);
return FALSE;
}
return TRUE;
}
public function checkPrivileges($o)
{
$username=SC::get('userdata.username');
if(in_array($username,array('dev1','dev2'))){
return true;
}
$uid=SC::get('userdata.user_id');
$dao=DaoFactory::create('user/admin');
$dao->select('count(user_id) as count');
$dao->byUserId($uid);
$rs=$dao->execute();
if(!$rs->isSuccess())
{
throw new CircuitDatabaseException('query admin users failed', $rs);
}
$count=$rs->fetchrow(DB_ASSOC);
if($count['count']==0)
{
$message = "This page is not available under the current configuration, or ";
$message .= "you are not authorized to view this page.";
$o->set('error.message', $message);
$o->set('error.code', GENERAL_MESSAGE);
$o->set('error.title', 'Not Authorized');
$o->set('error.line', __LINE__);
$o->set('error.file', __FILE__);
return false;
}
return true;
}
/** execute
* check the password the user provided against their userdata and set an error if it is not correct
* @param $password
* @return true/false on correct password
**/
function execute($password){
if ($this->encryptPassword($password) != SC::get('userdata.user_password')) {
if( $this->messenger) {
$this->messenger->addMessage("The password you entered does not match our records. Please try again.");
}
$this->set('nopassword', true);
return false;
}
return true;
}
public function execute( $gold, $messenger = false){
$gold = intval($gold);
if( SC::get("userdata.user_gold") < $gold)
{
if( $messenger)
$messenger->addMessage('You do not have enough gold. <a href="/info/gold">Click here to find out more about getting gold</a>.');
return FALSE;
}
return TRUE;
}
public function execute(CircuitController $c)
{
//session_pagestart(PAGE_4O4);
switch (SC::get('metered_release.output_style')) {
case 'popup':
$this->set('title', 'Nothing to See Here');
$this->render('Default.MeteredReleaseMin');
break;
default:
LM::setPageTitle('Nothing to See Here');
LM::disableGapi();
LM::renderHeader();
$this->setLayout('Paul McCartney');
$this->addZoneContent('1A', 'Default.MeteredRelease');
$this->renderLayout();
LM::renderFooter();
break;
}
}
/**
* Execute
*/
function execute( & $observer )
{
if( !SC::get('userdata.session_logged_in') || ! require_level(USERLEVEL_DEVELOPER))
{
$message = "This page is not available under the current configuration, or ";
$message .= "you are not authorized to view this page.";
$observer->set('error.message', $message);
$observer->set('error.code', GENERAL_MESSAGE);
if ( !SC::get('userdata.session_logged_in') )
{
$observer->set('error.title', 'Not Logged In');
}
else
{
$observer->set('error.title', 'Not Authorized');
}
$observer->set('error.line', __LINE__);
$observer->set('error.file', __FILE__);
return FALSE;
}
return TRUE;
}
function execute(&$observer)
{
$username = $observer->get('default.validation.username');
// length check
if (strlen(trim($username)) > 25) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username must be no more than 25 characters long.');
$observer->set('default.validation.status', 'LONG');
$observer->set('login.request.status', 'LONG');
return FALSE;
}
//get the entire list of disallowed words. In the future we might have
//more specific queries eg. get only swear words, get only NPC, etc.
$filterList = UsernameFilter::filterList(1);
if (count($filterList) <= 0) {
return TRUE;
}
//nothing to filter against lol
// are they logged in -- Jakob
// if so, we don't bother doing the NPC check
// rxes defines the array of regular expressions
$rxes = array();
// MATCH 1. Variants of [NPC] using nonword characters
$delim = "[\\W\\s_]";
// Nonword, whitespace, underscore
$rx = "^(.*?)" . "{$delim} *?" . "[N]" . "{$delim} *?" . "[P]" . "{$delim} *?" . "[C]" . "{$delim} +" . "(.*)";
// match as much as possible to end of string
$rx = "/" . $rx . "/xi";
$rxes[] = $rx;
// MATCH 2, inpci, lnpcl, l_n-p_c and word variants. Much stricter so as not
// to break actual words
$delim = "[il\\|]";
// i, l, pipe
$rx = "^(.*?)" . "{$delim}" . "[\\s\\-_]*" . "n[\\s\\-_]*" . "p[\\s\\-_]*" . "c[\\s\\-_]*" . "{$delim} ?" . "(.*)";
// grab the rest by being greedy
$rx = "/" . $rx . "/xi";
$rxes[] = $rx;
$matched = false;
foreach ($rxes as $rx) {
if (preg_match($rx, $username)) {
$matched = true;
}
}
if ($matched) {
/// name found, logged in?
if (SC::get("userdata.user_level") <= 0) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is in conflict because it is the name of a NPC (Non-Playable Character). For storyline purposes, we kindly ask you to choose another username. Thank you!');
$observer->set('default.validation.status', 'NPC');
$observer->set('login.request.status', 'NPC');
return FALSE;
}
}
//-------------------------------------------------------------------------------------
//this is pretty ghetto but we don't have a consesus for handling all the names in the database
//so there is some hack-ish stuff going on eg. with checking ElfTech names it is extra
//strict that previous NPC names
//do a case insensitive check against each of the NPC names.
foreach ($filterList['NPC'] as $f) {
//in the future if we want to do other checks like against l33t names we can modify this.
$pattern = "/\\b{$f}\\b/i";
//this is more lenient than below
if ($f == 'ElfTech') {
$pattern = "/.*Elf.*Tech.*/i";
//nothing allowed!!! omg:O
}
$result = preg_match($pattern, $username);
if (!empty($result)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is in conflict because it is the name of a NPC (Non-Playable Character). For storyline purposes, we kindly ask you to choose another username. Thank you!');
$observer->set('default.validation.status', 'NPC');
$observer->set('login.request.status', 'NPC');
return FALSE;
}
}
//----------------------------------------------------------------------------------------
//do a case insensitive check against each of the Admin names.
foreach ($filterList['Admin'] as $f) {
//in the future if we want to do other checks like against l33t names we can modify this.
$pattern = "/{$f}/i";
$result = preg_match($pattern, $username);
if (!empty($result)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is in conflict with administration names. We kindly ask you to choose another username that will not confuse other user.');
$observer->set('default.validation.status', 'Admin');
$observer->set('login.request.status', 'Admin');
return FALSE;
}
}
//----------------------------------------------------------------------------------------
//do a case insensitive check against each of the Swear names.
foreach ($filterList['Swear'] as $f) {
//in the future if we want to do other checks like against l33t names we can modify this.
$pattern = "/{$f}/i";
$result = preg_match($pattern, $username);
if (!empty($result)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is in conflict with PG-13 guidelines! We kindly ask you to choose another username that is more appropriate.');
$observer->set('default.validation.status', 'Swear');
$observer->set('login.request.status', 'Swear');
return FALSE;
}
}
//----------------------------------------------------------------------------------------
// username approximate matching
// we need to munge the name now and attempt to standardize the lookups
$userdata =& SC::get('userdata');
$username = str_replace("\\'", "''", $username);
$checkname = strtolower(preg_replace("/^[_\\-\\+\\=\\)\\(\\^\\#\\!\\~\\'\\s\\.]+/", '', $username));
$checkname = preg_replace("/[_\\-\\+\\=\\)\\(\\^\\#\\!\\~\\'\\s\\.]+\$/", '', $checkname);
$checkname = preg_replace("/[\\-\\+\\=\\^\\#\\!\\~\\s\\.]/", '_', $checkname);
// compressed length check
if (strlen(trim($username)) <= 2) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username must be at least 3 characters.');
return FALSE;
}
// invalid character check
if (!preg_match('/^[a-zA-z0-9_\\-\\+\\=\\)\\(\\^\\#\\!\\~\\s\\.]+$/', $username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username contains invalid characters.');
return FALSE;
}
// check for at least one letter
if (!preg_match("/[a-zA-Z]/", $username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username must have at least one letter.');
return FALSE;
}
// check for double spaces
if (preg_match("/ /", $username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username cannot have 2 spaces in a row.');
return FALSE;
}
// Don't allow " in username.
if (strstr($username, '"') || strstr($username, ',')) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username cannot contain quotations or commas.');
return FALSE;
}
// check for exact username
$dao =& DaoFactory::create('users');
$dao->byExactUsername(strtolower($username));
$rs =& $dao->execute();
if (!$rs->isSuccess()) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Unable to validate username.');
$observer->set('error.line', __LINE__);
$observer->set('error.file', __FILE__);
$observer->set('error.debug', $rs);
return FALSE;
}
while ($row = $rs->sql_fetchrow(DB_ASSOC)) {
if ($userdata['session_logged_in'] && $row['username'] != $userdata['username'] || !$userdata['session_logged_in']) {
if (strtolower($row['username']) == strtolower($username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'That username is already taken.');
return FALSE;
} else {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is too similar to the username of ' . $row['username']);
return FALSE;
}
}
}
// perform a wildcard search for special character matching
if (strtolower($username) != $checkname) {
$dao =& DaoFactory::create('users');
$dao->byUsername(preg_replace('/_/', '\\_', $checkname));
$rs =& $dao->execute();
while ($row = $rs->sql_fetchrow(DB_ASSOC)) {
if ($userdata['session_logged_in'] && $row['username'] != $userdata['username'] || !$userdata['session_logged_in']) {
if (strtolower($row['username']) == strtolower($username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'That username is already taken.');
return FALSE;
} else {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username is too similar to the username of ' . $row['username']);
return FALSE;
}
}
}
}
// check wordlist filter
$dao =& DaoFactory::create('words');
$dao->setWhat('word');
$rs =& $dao->execute();
while ($row = $rs->sql_fetchrow(DB_ASSOC)) {
if (preg_match("#\\b(" . str_replace("\\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\\b#i", $username)) {
$observer->set('error.title', 'Username Error');
$observer->set('error.message', 'Your username contains invalid characters.');
return FALSE;
}
}
return TRUE;
}
$this->set('ad_network', 'doubleclick');
}
try {
// this observer is brought to you by the letter "O"...
$o = $this->controller->getObserver();
// if we even have a request and an id...
$l = new Locator($o);
if ($o->exists('request') && $o->get('request')->exists('id')) {
$forum_id = intval($this->controller->getObserver()->get('request')->get('id'));
unset($o);
} else {
$forum_id = 0;
}
// see if we need to show something here...
if (SC::exists('board_config.ad_display_forums') && strlen(SC::get('board_config.ad_display_forums')) > 0) {
$params = explode(";", SC::get('board_config.ad_display_forums'));
foreach ($params as $id => $param) {
if (empty($param)) {
continue;
}
// throw away empty rows...
$section = substr($param, 0, strpos($param, "("));
// get the main section name...
if ($l->location == $section) {
// if we matched sections, get the sub-section directives, otherwise skip it...
$sub = array();
$matches = ereg('\\([^\\(\\)]*\\)', $param, $sub);
$ad_params = explode(",", str_replace(array('(', ')'), NULL, $sub[0]));
}
}
// process section directives...
public function selectView()
{
// load a memcache object
$memcache = MemcacheFactory::construct('query_memcache');
// reduce path to just a dir structure. Remove funny stuff...
// .. //
$invalid_path_items = array('//', '..');
$path = str_replace($invalid_path_items, '', $this->get('path'));
$full_path = DIR_PUBLIC_HTML . $this->base_path . $path;
$extension_stub_pos = strripos($full_path, '.');
$extn = substr($full_path, -1 * (strlen($full_path) - $extension_stub_pos));
$this->outputHeaders($extn, $full_path);
// if we have a key, use it
if (!SC::get('board_config.disable_query_memcache')) {
$output = $memcache->get($this->getKeyFromPath($full_path));
}
if ($output) {
echo '/' . '* cache=true *' . '/' . "\n";
echo $output;
exit;
}
$comments = array('cache=false');
// check for rollup packages
if (strpos($path, 'pkg-') !== false) {
$comments[] = 'pkg=true';
$output = $this->getRollupPackage($path);
}
// only minify in production
// if (!SC::get('board_config.local_domain_enable') && $extn == '.js') {
// $comments[] = 'mini=true';
// $output = JSMin::minify($output);
// }
// store to memcache
if (!SC::get('board_config.disable_query_memcache') && $memcache->add('key' . $this->getKeyFromPath($full_path), 1)) {
$comments[] = 'cachewrite=true';
$memcache->set($this->getKeyFromPath($full_path), $output, MEMCACHE_COMPRESSED, 86400);
}
echo '/' . '* ' . implode(';', $comments) . ' *' . '/' . "\n";
echo $output;
exit;
}
private function initializeGapiJS()
{
// CONSTANTS
//toolbar board config enable check
//0 = Toolbar completely disabled
//1 = Toolbar enabled for mods/donators only
//2 = Toolbar enabled for everyone
//Freecause Toolbar Frob Generation
//Only generate frob if user is not logged in AND fc_toolbar_level > 0
if (SC::get('board_config.fc_toolbar_level') > 0) {
if (!SC::get('userdata.session_logged_in')) {
require_once DIR_CLASSES . '/gapi/authentication.php';
$auth = new GapiAuthentication();
$frob = session_get('frob');
if (!$frob or session_get('frob_time') + 240 < SC::get('board_config.time_now')) {
$frob = $auth->getFrob(FREECAUSE_API_KEY);
session_set('frob', $frob);
session_set('frob_time', SC::get('board_config.time_now'));
}
self::data()->set('LYT_FROB', $frob);
if (isset($_REQUEST['toolbar_id']) && ctype_digit($_REQUEST['toolbar_id'])) {
self::data()->set('LYT_TOOLBAR_ID', $_REQUEST['toolbar_id']);
}
}
}
}
<?php
include_once DIR_CLASSES . 'user.class.php';
// add in any parameters that are missing...
$default_ad_params = array('ad_network' => 'doubleclick', 'size' => 'leaderboard', 'campaign' => NULL, 'ad_type' => 'rich', 'ad_site' => 'gaia.home', 'ad_zone' => 'home', 'ad_age' => 39, 'ad_gender' => 'm', 'ad_bc_time' => SC::get('board_config.time_now'));
foreach ($default_ad_params as $p_name => $p_value) {
if (!$this->get($p_name)) {
$this->set($p_name, $p_value);
}
}
?>
<!-- START Leaderboard Ad Block -->
<? if (User::isDonator()) : ?>
<div class="leaderboard">
<span style="font-size: 10px" class="accessAid">ADVERTISEMENT</span>
<script type="text/javascript">
var ad_inject = '<?php
echo $this->generateURL('Advertise.Main', array('size' => 'leaderboard'));
?>
';
</script>
<iframe id="ad_inject" src="" scrolling="no" frameborder="0"></iframe>
</div>
<? elseif (SC::get('ads.blue_lithium.show')): ?>
<div class="leaderboard undersized">
<span style="font-size: 10px" class="accessAid">ADVERTISEMENT</span>
<script type="text/javascript">
var ad_inject = 'http://media.adrevolver.com/adrevolver/banner?place=12709&cpy=<?php
echo mt_rand(1, 9999);
$products .= "store purchase;{$store_item};{$store_quantity};;event3={$credit_amount}";
}
/**
* this is so that we can get a unique count (by user id) of how many users visit a certain page
* for example: how many user bid in the marketplace (not how many bids)
**/
$pageCount = $omniture && array_key_exists('pageCount', $omniture) ? $omniture['pageCount'] : null;
if ($pageCount && $pageCount == 'user_id') {
if (!empty($events)) {
$events .= ',';
}
$events .= sprintf("event6:{$orig_user_id}%4d%02d%02d", $now['year'], $now['mon'], $now['mday']);
$evar7 = "s.eVar7=\"{$pageName}\";";
}
if ($pageCount && $pageCount == 'pageView') {
$pv_events = SC::get('omniture.pv_events');
foreach (array_keys($pv_events) as $event_id) {
if (!empty($events)) {
$events .= ',';
}
$events .= $event_id;
}
$evar7 = 's.eVar7="' . $pageName . '";';
if (array_key_exists('pageCount_name', $omniture)) {
$evar1_value = $omniture['pageCount_name'];
$evar1 = 's.eVar1="' . $evar1_value . '";';
}
}
if (!empty($events)) {
$events = 's.events="' . $events . '";';
$evars = 's.eVar3="' . $user_id . '";s.eVar4="' . $age . '";s.eVar5="' . $gender . '";s.eVar6="' . $params['reg_date'] . '";';
<? endif; ?>
</div>
<? endif; ?>
<!-- END Penthouse Ad Block -->
<!-- START Wide Skyscraper Ad Block -->
<div class="wskyscraper">
<span style="font-size: 10px" class="accessAid">ADVERTISEMENT</span>
<script type="text/javascript">
/* <![CDATA[ */
<? if (User::isDonator() || $this->get('ad_force_donator')) : ?>
var ad_inject = '<?php
echo $this->generateURL('Advertise.Main', array('size' => 'wskyscraper'));
?>
';
<? elseif (SC::get('ads.blue_lithium.show')) : ?>
var ad_inject = 'http://media.adrevolver.com/adrevolver/banner?place=12706&cpy=<?php
echo mt_rand(1, 9999);
?>
';
<? else : ?>
<? if ($this->get('ad_network') == 'doubleclick') : ?>
var ad_inject = 'http://<?php
echo MAIN_SERVER;
?>
/advertise/doubleclick.php?size=wskyscraper&campaign=<?php
echo $this->get('ad_campaign');
?>
&t=<?php
echo $this->get('ad_type');
?>
/**
* Metered Release Function
* Looks at the global site config, and determines if a user is
* eligible to access a particular URL. This is used for metered
* rollouts and page access.
* @return bool
**/
function FUNCLIB_metered_release($key, $incoming_key = NULL)
{
// $val = <<<HEREDOC
// 1 exactuser /community 0
// HEREDOC;
// SC::set('board_config.metered_release', $val);
if ($key == 'http://' . MAIN_SERVER . '/comingsoon' || $key == '/comingsoon' || $key == '/comingsoon/' || $key == 'comingsoon') {
return true;
}
// check for any metered value
$meter = SC::get('board_config.metered_release');
if (!$meter) {
return true;
}
$meters = explode('#', $meter);
foreach ($meters as $meter) {
$meter = trim($meter);
$m_pieces = explode(' ', $meter);
if (!$m_pieces[3]) {
$m_pieces[3] = 0;
}
list($threshold, $method, $regex, $offset) = $m_pieces;
if (!$offset) {
$offset = 0;
}
$regex = str_replace(array('*', '?'), array('.*', '\\?'), $regex);
if (!preg_match('#' . $regex . '#i', $key)) {
continue;
}
switch ($method) {
case 'session':
if ($incoming_key) {
$value = $incoming_key + $offset;
} else {
$data = session_cookie();
$value = hexdec(substr($data[1], 0, 4)) + $offset;
}
return $value % METERED_RELEASE_MIGRATION_SIZE < $threshold ? true : false;
case 'userid':
if ($incoming_key) {
$value = $incoming_key + $offset;
} else {
$data = session_cookie();
$user_id = $data[0];
// anon blocked
if ($user_id <= 0) {
return false;
}
$value = $user_id + $offset;
}
return $value % METERED_RELEASE_MIGRATION_SIZE < $threshold ? true : false;
case 'exactuser':
if ($incoming_key) {
$user_id = $incoming_key;
} else {
$data = session_cookie();
$user_id = $data[0];
}
// anon blocked
if ($user_id <= 0) {
return false;
}
return $user_id == $threshold ? true : false;
}
// unknown method
return false;
}
// didn't get denied
return true;
}
function singleBar( $sb_userdata )
{
$is_mod = require_level(USERLEVEL_SITEASSISTANCE1);
$images =& SC::get('images');
$userdata =& SC::get('userdata');
$board_config =& SC::get('board_config');
# Default indicators
if (empty($use_rows)) {
$use_rows = array("status","profile","housing","journal","pm","store","trade","www","aim","yim","msn","icq");
}
# ON/OFFLINE INDICATOR
# -----------------------------------
# Make the default cutoff for on/off status 10 minutes
if (!isset($online_offline_cutoff)) { $online_offline_cutoff = SC::get('board_config.time_now') - 600; }
# If : user does not allow others to view status and viewer is not a mod and viewer is not in the user's friends list - hidden
$fu = new FriendUtility();
if (isset($user_data['user_allow_viewonline']) && $user_data['user_allow_viewonline']==0 && $is_mod==false && !$fu->isFriend($userdata['user_id']) ) {
$status_bar['status_img'] = '<img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_hidden.gif" height="22" width="72" border="0">';
$status_bar['status'] = 'Hidden';
}
# Elseif : user's last recorded session time is greater than the cutoff time - online
elseif (isset($user_data['user_session_time']) && $user_data['user_session_time'] > $online_offline_cutoff) {
$status_bar['status_img'] = '<img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_online.gif" height="22" width="72" border="0" />';
$status_bar['status'] = 'Online';
}
# Else : fails above conditions - offline
else {
$status_bar['status_img'] = '<img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_offline.gif" height="22" width="72" border="0" />';
$status_bar['status'] = 'Offline';
}
# -----------------------------------
# PROFILE
# -----------------------------------
if (isset($user_data['user_id'])) { $user_id = $user_data['user_id']; } else { $user_id = ''; }
if (isset($user_data['username'])) { $user_name = $user_data['username']; } else { $user_name = ''; }
$temp_url = append_sid("/profile/index.php?view=profile.ShowProfile&item=" . $user_id);
$status_bar['profile_img'] = '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_profile_2.gif" alt="View '.addslashes($user_name).'\'s Profile" title="View '.addslashes($user_name).'\'s Profile" border="0" /></a>';
$status_bar['profile'] = '<a href="' . $temp_url . '">' . "Profile" . '</a>';
# -----------------------------------
# HOUSING
# -----------------------------------
//$daoGH =& DaoFactory::create('gaiahousing.detailById');
//$userHouseDetails =& $daoGH->fetch($user_data['user_id']);
if (isset($user_data['user_home'])) { $user_home = $user_data['user_home']; } else { $user_home = 0; }
if ($user_home==1) {
$temp_url = append_sid("/games/housing/index.php?mode=viewer&" . POST_USERS_URL . "=".$user_id);
$status_bar['housing_img'] = '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_housing_2.gif" alt="View '.addslashes($user_name).'\'s Home" title="View '.$user_name.'\'s Home" border="0" /></a>';
$status_bar['housing'] = '<a href="' . $temp_url . '">' . "My Home" . '</a>';
}
# -----------------------------------
# JOURNAL
# -----------------------------------
if (isset($user_data['user_journal_id'])) { $user_journal_id = $user_data['user_journal_id']; } else { $user_journal_id = 0; }
$temp_url = append_sid("/journal/?u=" . $user_id);
$status_bar['journal_img'] = ($user_journal_id!=0) ? '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_journal_2.gif" alt="Read '.addslashes($user_name).'\'s Journal" title="Read '.addslashes($user_name).'\'s Journal" border="0" /></a>' : '';
$status_bar['journal'] = ($user_journal_id!=0) ? '<a href="$temp_url">Journal</a>' : '';
# -----------------------------------
# PM
# -----------------------------------
if (isset($user_data['user_receive_pm'])) { $user_receive_pm = $user_data['user_receive_pm']; } else { $user_receive_pm = 0; }
$temp_url = append_sid("/profile/privmsg.php?mode=post&" . POST_USERS_URL . "=".$user_id);
$status_bar['pm_img']
= ($user_receive_pm != 0)
? '<a href="'.$temp_url.'"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_pm_2.gif" alt="Send '.addslashes($user_name).' a PM" title="Send '.addslashes($user_name). ' a PM" border="0" /></a>' : '';
$status_bar['pm'] = ($user_receive_pm!=0) ? '<a href="$temp_url">PrivateMsg</a>' : '';
# -----------------------------------
# EMAIL
# -----------------------------------
if (isset($user_data['user_viewemail'])) { $user_viewmail = $user_data['user_viewemail']; } else { $user_viewmail = 0; }
if (isset($user_data['user_email'])) { $user_email = $user_data['user_email']; } else { $user_email = NULL; }
if (! isset($poster_id)) { $poster_id = NULL; }
if ( !empty($user_viewmail) || $is_mod==true ) {
$temp_url = ( $board_config['board_email_form'] ) ? append_sid("/profile/profile.php?mode=email&" . POST_USERS_URL .'=' . $poster_id) : 'mailto:' . htmlspecialchars($user_email);
$status_bar['email_img'] = '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_email_2.gif" alt="Send '.addslashes($user_name).'\ an Email" title="Send '.addslashes($user_name).'\ an Email" border="0" /></a>';
$status_bar['email'] = '<a href="$temp_url">Email</a>';
}
else {
$status_bar['email_img'] = '';
$status_bar['email'] = '';
}
# -----------------------------------
# STORE (VEND)
# -----------------------------------
if (isset($user_data['user_vend'])) { $user_vend = $user_data['user_vend']; } else { $user_vend = 0; }
$temp_url = append_sid('http://'.VEND_SERVER."/gaia/vend.php?mystore=" . $user_id);
$status_bar['store_img'] = ( $user_vend ) ? '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_mystore_2.gif" alt="'.addslashes($user_name).'\'s store has '.$user_vend.' item(s)" title="'.addslashes($user_name).'\'s store has '.$user_vend.' item(s)" border="0" /></a>' : '';
$status_bar['store'] = ( $user_vend ) ? '<a href="' . $temp_url . '">'."Store".'</a>' : '';
# -----------------------------------
# TRADE
# -----------------------------------
$temp_url = append_sid('http://'.BANK_SERVER."/gaia/bank.php?mode=trade&uid=".$user_id);
$status_bar['trade_img'] = '<a href="' . $temp_url . '"><img src="http://' . GRAPHICS_SERVER . '/images/template/icons/icon_trade_2.gif" alt="Trade with '.addslashes($user_name).'" title="Trade with '.addslashes($user_name).'" border="0" /></a>';
$status_bar['trade'] = '<a href="$temp_url">Trade</a>';
# -----------------------------------
# WWW (homepage)
# -----------------------------------
if (isset($user_data['user_website'])) { $user_website = $user_data['user_website']; } else { $user_website = NULL; }
$status_bar['www_img']
= ($user_website)
? '<a href="'.htmlspecialchars($user_website).'" target="_userwww"><img src="'.$images['icon_www'].'" alt="Visit posters website" title="Visit posters website" border="0" /></a>' : '';
$status_bar['www'] = ($user_website) ? '<a href="'.htmlspecialchars($user_website).'" target="_userwww">Visit posters website</a>' : '';
# -----------------------------------
# ICQ
# -----------------------------------
if (isset($user_data['user_icq'])) { $user_icq = $user_data['user_icq']; } else { $user_icq = NULL; }
$status_bar['icq_status_img']
= ($user_icq)
? '<a href="http://wwp.icq.com/'.htmlspecialchars($user_icq).'#pager"><img src="http://web.icq.com/whitepages/online?icq='.htmlspecialchars($user_icq).'&img=5" width="18" height="18" border="0" /></a>' : '';
$status_bar['icq_img']
= ($user_icq)
? '<a href="http://wwp.icq.com/scripts/search.dll?to='.htmlspecialchars($user_icq).'"><img src="'.$images['icon_icq'].'" alt="ICQ Number" title="'.htmlspecialchars($user_icq).'" border="0" /></a>' : '';
$status_bar['icq'] = ($user_icq) ? '<a href="http://wwp.icq.com/scripts/search.dll?to='.htmlspecialchars($user_icq).'">ICQ Number</a>' : '';
# -----------------------------------
# AIM
# -----------------------------------M
if (isset($user_data['user_aim'])) { $user_aim = $user_data['user_aim']; } else { $user_aim = NULL; }
$status_bar['aim_img']
= ($user_aim)
? '<a href="aim:goim?screenname='.htmlspecialchars($user_aim).'&message=Hello+Are+you+there?"><img src="'.$images['icon_aim'].'" alt="AIM Address" title="'.htmlspecialchars($user_aim).'" border="0" /></a>' : '';
$status_bar['aim'] = ($user_aim) ? '<a href="aim:goim?screenname='.htmlspecialchars($user_aim).'&message=Hello+Are+you+there?">AIM</a>' : '';
# -----------------------------------
# MSN
# -----------------------------------
if (isset($user_data['user_msnm'])) { $user_msnm = $user_data['user_msnm']; } else { $user_msnm = NULL; }
$temp_url = append_sid("/profile/profile.php?mode=viewprofile&" . POST_USERS_URL . "=".$user_id);
$status_bar['msn_img'] = ( $user_msnm ) ? '<a href="'.$temp_url.'"><img src="'.$images['icon_msnm'].'" alt="MSN Messenger" title="'.htmlspecialchars($user_msnm).'" border="0" /></a>' : '';
$status_bar['msn'] = ($user_msnm) ? '<a href="'.$temp_url.'">MSN Messenger</a>' : '';
# -----------------------------------
# YIM
# -----------------------------------
if (isset($user_data['user_yim'])) { $user_yim = $user_data['user_yim']; } else { $user_yim = NULL; }
$status_bar['yim_img']
= ($user_yim)
? '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.htmlspecialchars($user_yim).'&.src=pg"><img src="'.$images['icon_yim'].'" alt="Yahoo Messenger" title="'.htmlspecialchars($user_yim).'" border="0" /></a>'
: '';
$status_bar['yim'] = ($user_yim) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target='.htmlspecialchars($user_yim).'&.src=pg">Yahoo Messenger</a>' : '';
# -----------------------------------
# BUILD THE BAR
# -----------------------------------
if (! isset($output_bar) ) { $output_bar = NULL; }
if ($img_or_txt=='img') {
$start_cap = "<img src=\"http://" . GRAPHICS_SERVER . "/images/template/s.gif\" width=1 height=2><br><img src=\"http://" . GRAPHICS_SERVER . "/images/template/icons/icon_fend_t.gif\" height=22 width=7 border=0>";
$end_cap = "<img src=\"http://" . GRAPHICS_SERVER . "/images/template/icons/icon_end_t.gif\" height=22 width=9 border=0><br><img src=\"http://" . GRAPHICS_SERVER . "/images/template/s.gif\" width=1 height=2>";
}
else {
$start_cap = "[ ";
$end_cap = " ]";
}
foreach ($use_rows as $show_row) {
if ($img_or_txt=='img') {
$show_row_img = $show_row."_img";
if ( isset($status_bar[$show_row_img]) ) { $output_bar .= $status_bar[$show_row_img]; }
}
else {
$output_bar .= $status_bar[$show_row];
if ($status_bar[$show_row]!="") $output_bar .= " · ";
}
}
# -----------------------------------
# Display as image or text
if ($img_or_txt=="txt" && substr($output_bar,-20)==" · ") $output_bar = substr($output_bar,0,-20);
return "\n\n<!-- new profile bar :: ".$_SERVER["HTTP_HOST"]." -->\n" . $start_cap . $output_bar . $end_cap;
}
</script>
<? endif; ?>
<? if ($layout->get('pageload_tracker')) : ?>
<!-- BEGIN internal pixel tracker -->
<img src="http://<?php
echo MAIN_SERVER;
?>
/internal/dev_t.php?ip=<?php
echo ip2long(get_user_ip());
?>
&sip=<?php
echo ip2long($_SERVER['SERVER_ADDR']);
?>
&pid=<?php
echo SC::get('session_page');
?>
&cls=<?php
echo urlencode(SC::get('CIRCUIT_REQUEST_NAME'));
?>
&tm=<?php
echo SC::get('board_config.time_now');
?>
" width="1" height="1" border="0" />
<!-- END internal pixel tracker -->
<? endif; ?>
</div>
</body>
</html>
function getLiveData()
{
$this->o->append('Default.debug.steps', __CLASS__ . '.' . __FUNCTION__);
// woohoo! GET THE CACHE DATA
$cachedata =& $this->get('cachedata');
$missing =& $this->get('missing');
// so now, we check the friendlist to figure shit out,
// and have a final set of data to cache.
$fu =& new FriendUtility();
$fu->getFriendLists($missing);
$fu->getBothLists();
$final_stats = array();
$me = SC::get('userdata.user_id');
$is_mod = require_level(USERLEVEL_MODERATOR_TEAM);
$cutoff = SC::get('board_config.time_now') - 600;
foreach ($cachedata as $uid => $user_cache) {
// init the stat array
$stats = $user_cache;
// determine friend bullshit.
$is_my_friend = $fu->isFriend($uid);
$am_i_their_friend = $fu->isFriend($me, $uid);
$am_i_ignored = $fu->isIgnored($me, $uid);
// first. online status.
if ($me == $uid) {
$stats['status'] = 'online';
} else {
if ($user_cache['status'] == 'online' && $is_mod == false && $am_i_their_friend == false) {
// If : user does not allow others to view status and viewer is not a mod and
// viewer is not in the user's friends list - hidden
$stats['status'] = 'hidden';
}
}
// housing
if (isset($user['home_zip'])) {
$locked = false;
if ($uid == $me || $is_mod == true) {
$locked = false;
} else {
if ($user['home_privacy'] == 2 && $am_i_their_friend == false) {
$locked = true;
} else {
if ($am_i_ignored == true || $user['home_privacy'] == 0) {
$locked = true;
}
}
}
if ($locked == false) {
$stats['housing_url'] = append_sid("/launch/towns?home=" . $user['home_zip']);
}
}
// journal
if (isset($user['journal_view'])) {
$journalview = true;
if ($uid == $me['user_id'] || $is_mod == true) {
$journalview = true;
} else {
if ($user['journal_view'] == 2 && $am_i_their_friend == false) {
$journalview = false;
} else {
if ($am_i_ignored == true || $user['journal_view'] == 0) {
$journalview = false;
}
}
}
if ($journalview == true) {
$stats['journal_url'] = append_sid("/journal/?u=" . $uid);
}
}
// private messages
if (isset($user['pm_receive'])) {
$receive = true;
if ($uid == $me['user_id'] || $is_mod == true) {
$receive = true;
} else {
if ($user['pm_receive'] == 2 && $am_i_their_friend == false) {
$receive = false;
} else {
if ($am_i_ignored == true || $user['pm_receive'] == 0) {
$receive = false;
}
}
}
if ($receive == true) {
$stats['pm_url'] = append_sid("/profile/privmsg.php?mode=post&" . POST_USERS_URL . "=" . $uid);
}
}
$final_stats[$uid] = $stats;
}
unset($fu);
$this->remove('cachedata');
$this->set('statusbar', $final_stats);
return true;
}
private function isLegacy(){ return SC::get('board_config.itemnorm_legacy')?true:false; }
public function swapItem($from_serial, $to_item_id, $user_id = NULL)
{
// default the user_id to the current logged in user if nothing was passed in
$user_id = empty($user_id) ? SC::get('userdata.user_id') : intval($user_id);
// validate that the serial we want to delete belongs to the user
$ir = new InventoryReader($user_id);
$ir->bySerial($from_serial);
$rs = $ir->execute();
if (!$rs->isSuccess()) {
return $this->throwError('Unable to load your inventory at this time. Please try again later. Error: ' . $rs->getError(), $rs);
}
$data = $rs->getItems();
// data is empty so that means the user doesn't own this serial
if (empty($data)) {
return $this->throwError('The item was not found in your inventory.');
}
// validate that the item we want to swap to exists
// to_item_id can be either an INT (item_id that we want to grant) or
// an array of item_ids that we want to grant and how many of each we want to grant
// get the ids of the items we want to grant
$item_ids = array();
if (is_array($to_item_id)) {
foreach ($to_item_id as $item) {
$item_ids[] = $item['item_id'];
}
} else {
$item_ids[] = $to_item_id;
}
// check to see if the items we want to grant exist
$idr = new ItemDefinitionReader();
$idr->addIds($item_ids);
if (!$idr->execute('__meta__')) {
return $this->throwError('Unable to load item detail, please try again. ' . $idr->getError(), $idr);
}
$found_ids = $idr->getItemIds();
// if item_ids contains ids that arent in $found_ids then an item doesn't exist
$difference = array_diff($item_ids, $found_ids);
if (!empty($difference)) {
return $this->throwError('Item(s) not found', $difference);
}
// at this point we have a valid serial that belongs to the user_id and valid items that we want to grant
$txn = DaoFactory::create('transactionmanager');
// clear frozen status (if any) as we should allow users to open frozen letters
$prop = PropertyReader::instance()->getProperties($from_serial, $user_id);
$from_item_frozen_property = NULL;
if (isset($prop['frozen']) && FrozenChecker::isFrozenByProperty($prop)) {
$from_item_frozen_property = $prop['frozen'];
// would be nice if we can attach $txn to $iw here, but it would create a dirty read
// problem. we could potentially fail later after clearing the frozen status. we will live
// with the unlikely case for now.
$iw = new InventoryWriter(IW_APPCODE_FUNC_SWAP_ITEM);
$iw->deleteProperty($from_serial, $user_id, INVENTORY_LOCATION_MAIN, 'frozen');
$iwr = $iw->execute();
if (!$iwr->isSuccess()) {
$txn->rollback();
return $this->throwError($iwr->getError());
}
}
//delete item we are swapping out
$iw = new InventoryWriter(IW_APPCODE_FUNC_SWAP_ITEM, $txn);
$iw->deleteSerializedItem($user_id, $from_serial);
//grant item(s) we are swapping in
if (is_array($to_item_id)) {
foreach ($to_item_id as $item) {
$quantity = isset($item['quantity']) ? $item['quantity'] : 1;
$iw->grantNewItems($user_id, $item['item_id'], $quantity);
}
} else {
$iw->grantNewItems($user_id, $to_item_id, 1);
}
$iwr = $iw->execute(FALSE);
if (!$iwr->isSuccess()) {
$txn->rollback();
return $this->throwError($iwr->getError());
}
// get the serials of the granted items
$this->granted_items = $iwr->getGeneratedSerials();
if ($from_item_frozen_property) {
// transfer the frozen property value to the swapped item
// with packages it's not possible that a frozen item will grant multiple items.
// all these items should be frozen
$iw = new InventoryWriter(IW_APPCODE_FUNC_SWAP_ITEM, $txn);
foreach ($this->granted_items as $new_serial) {
$iw->setProperty($new_serial, $user_id, INVENTORY_LOCATION_MAIN, 'frozen', $from_item_frozen_property);
}
$iw->execute(FALSE);
if (!$iwr->isSuccess()) {
$txn->rollback();
return $this->throwError($iwr->getError());
}
}
$txn->commit();
// set the new serials associated with the item_ids
return TRUE;
}
public function loadFromSession($nonce)
{
$key = $nonce . '_error_model_data';
$this->_data = session_get($key, SC::get('userdata.user_id'));
session_remove($key, SC::get('userdata.user_id'));
}