function attach_add($at, $owner, $attach_opt = 0, $ext = 0)
{
$mime_type = (int) q_singleval("SELECT id FROM phpgw_fud_mime WHERE fl_ext='" . addslashes(substr(strrchr($at['name'], '.'), 1)) . "'");
$id = db_qid("INSERT INTO phpgw_fud_attach (location,message_id,original_name,owner,attach_opt,mime_type,fsize) VALUES('',0,'" . addslashes($at['name']) . "', " . $owner . ", " . $attach_opt . ", " . $mime_type . ", " . $at['size'] . ")");
safe_attachment_copy($at['tmp_name'], $id, $ext);
return $id;
}
function send_pmsg()
{
$this->pmsg_opt |= 16 | 32;
$this->pmsg_opt &= 16 | 32 | 1 | 2 | 4;
foreach ($GLOBALS['recv_user_id'] as $v) {
$id = db_qid("INSERT INTO phpgw_fud_pmsg (\n\t\t\t\tto_list,\n\t\t\t\touser_id,\n\t\t\t\tip_addr,\n\t\t\t\thost_name,\n\t\t\t\tpost_stamp,\n\t\t\t\ticon,\n\t\t\t\tfldr,\n\t\t\t\tsubject,\n\t\t\t\tattach_cnt,\n\t\t\t\tfoff,\n\t\t\t\tlength,\n\t\t\t\tduser_id,\n\t\t\t\tref_msg_id,\n\t\t\t\tpmsg_opt\n\t\t\t) VALUES (\n\t\t\t\t" . strnull(addslashes($this->to_list)) . ",\n\t\t\t\t" . $this->ouser_id . ",\n\t\t\t\t'" . $this->ip_addr . "',\n\t\t\t\t" . $this->host_name . ",\n\t\t\t\t" . $this->post_stamp . ",\n\t\t\t\t" . strnull($this->icon) . ",\n\t\t\t\t1,\n\t\t\t\t'" . addslashes($this->subject) . "',\n\t\t\t\t" . intzero($this->attach_cnt) . ",\n\t\t\t\t" . $this->foff . ",\n\t\t\t\t" . $this->length . ",\n\t\t\t\t" . $v . ",\n\t\t\t\t" . strnull($this->ref_msg_id) . ",\n\t\t\t\t" . $this->pmsg_opt . ")");
$GLOBALS['send_to_array'][] = array($v, $id);
$um[$v] = $id;
}
$c = uq('SELECT id, email, users_opt, icq FROM phpgw_fud_users WHERE id IN(' . implode(',', $GLOBALS['recv_user_id']) . ') AND users_opt>=64 AND (users_opt & 64) > 0');
$from = $GLOBALS['usr']->alias;
reverse_fmt($from);
$subject = $this->subject;
reverse_fmt($subject);
while ($r = db_rowarr($c)) {
/* do not send notifications about messages sent to self */
if ($r[0] == $this->ouser_id) {
continue;
}
if (!($r[2] & 4)) {
$r[1] = $r[3] . '@pager.icq.com';
}
send_pm_notification($r[1], $um[$r[0]], $subject, $from, $r[2]);
}
}
function th_add($root, $forum_id, $last_post_date, $thread_opt, $orderexpiry, $replies = 0, $lpi = 0)
{
if (!$lpi) {
$lpi = $root;
}
return db_qid("INSERT INTO\n\t\tphpgw_fud_thread\n\t\t\t(forum_id, root_msg_id, last_post_date, replies, views, rating, last_post_id, thread_opt, orderexpiry)\n\t\tVALUES\n\t\t\t(" . $forum_id . ", " . $root . ", " . $last_post_date . ", " . $replies . ", 0, 0, " . $lpi . ", " . $thread_opt . ", " . $orderexpiry . ")");
}
function add($forum_id, $message_threshold, $forum_opt, $perm, $autoapprove = true)
{
if (!$this->post_stamp) {
$this->post_stamp = __request_timestamp__;
}
if (!isset($this->ip_addr)) {
$this->ip_addr = get_ip();
}
$this->host_name = $GLOBALS['FUD_OPT_1'] & 268435456 ? "'" . addslashes(get_host($this->ip_addr)) . "'" : 'NULL';
$this->thread_id = isset($this->thread_id) ? $this->thread_id : 0;
$this->reply_to = isset($this->reply_to) ? $this->reply_to : 0;
$file_id = write_body($this->body, $length, $offset);
/* determine if preview needs building */
if ($message_threshold && $message_threshold < strlen($this->body)) {
$thres_body = trim_html($this->body, $message_threshold);
$file_id_preview = write_body($thres_body, $length_preview, $offset_preview);
} else {
$file_id_preview = $offset_preview = $length_preview = 0;
}
poll_cache_rebuild($this->poll_id, $poll_cache);
$poll_cache = $poll_cache ? @serialize($poll_cache) : null;
$this->id = db_qid("INSERT INTO phpgw_fud_msg (\n\t\t\tthread_id,\n\t\t\tposter_id,\n\t\t\treply_to,\n\t\t\tip_addr,\n\t\t\thost_name,\n\t\t\tpost_stamp,\n\t\t\tsubject,\n\t\t\tattach_cnt,\n\t\t\tpoll_id,\n\t\t\ticon,\n\t\t\tmsg_opt,\n\t\t\tfile_id,\n\t\t\tfoff,\n\t\t\tlength,\n\t\t\tfile_id_preview,\n\t\t\toffset_preview,\n\t\t\tlength_preview,\n\t\t\tmlist_msg_id,\n\t\t\tpoll_cache\n\t\t) VALUES(\n\t\t\t" . $this->thread_id . ",\n\t\t\t" . $this->poster_id . ",\n\t\t\t" . (int) $this->reply_to . ",\n\t\t\t'" . $this->ip_addr . "',\n\t\t\t" . $this->host_name . ",\n\t\t\t" . $this->post_stamp . ",\n\t\t\t" . strnull(addslashes($this->subject)) . ",\n\t\t\t" . (int) $this->attach_cnt . ",\n\t\t\t" . (int) $this->poll_id . ",\n\t\t\t" . strnull(addslashes($this->icon)) . ",\n\t\t\t" . $this->msg_opt . ",\n\t\t\t" . $file_id . ",\n\t\t\t" . (int) $offset . ",\n\t\t\t" . (int) $length . ",\n\t\t\t" . $file_id_preview . ",\n\t\t\t" . $offset_preview . ",\n\t\t\t" . $length_preview . ",\n\t\t\t" . strnull($this->mlist_msg_id) . ",\n\t\t\t" . strnull(addslashes($poll_cache)) . "\n\t\t)");
$thread_opt = (int) ($perm & 4096 && isset($_POST['thr_locked']));
if (!$this->thread_id) {
/* new thread */
if ($perm & 64 && isset($_POST['thr_ordertype'], $_POST['thr_orderexpiry'])) {
if ((int) $_POST['thr_ordertype']) {
$thread_opt |= (int) $_POST['thr_ordertype'];
$thr_orderexpiry = (int) $_POST['thr_orderexpiry'];
}
}
$this->thread_id = th_add($this->id, $forum_id, $this->post_stamp, $thread_opt, isset($thr_orderexpiry) ? $thr_orderexpiry : 0);
q('UPDATE phpgw_fud_msg SET thread_id=' . $this->thread_id . ' WHERE id=' . $this->id);
} else {
th_lock($this->thread_id, $thread_opt & 1);
}
if ($autoapprove && $forum_opt & 2) {
$this->approve($this->id, true);
}
return $this->id;
}
${$v} = $_POST[$v];
}
if (isset($_POST['btn_all'])) {
$c = uq('SELECT id FROM ' . $tbl . 'forum');
while ($r = db_rowarr($c)) {
$frm_list[$r[0]] = $r[0];
}
}
} else {
$edit = $a_subject = $a_text = '';
list($d_year, $d_month, $d_day) = explode(' ', gmdate('Y m d', __request_timestamp__));
list($d2_year, $d2_month, $d2_day) = explode(' ', gmdate('Y m d', __request_timestamp__ + 86400));
}
}
if (isset($_POST['btn_submit'])) {
$id = db_qid('INSERT INTO ' . $tbl . 'announce (date_started, date_ended, subject, text) VALUES (' . mk_date($_POST['d_year'], $_POST['d_month'], $_POST['d_day']) . ', ' . mk_date($_POST['d2_year'], $_POST['d2_month'], $_POST['d2_day']) . ', \'' . addslashes($_POST['a_subject']) . '\', \'' . addslashes($_POST['a_text']) . '\')');
} else {
if (isset($_POST['btn_update'], $_POST['edit'])) {
$id = (int) $_POST['edit'];
q('UPDATE ' . $tbl . 'announce SET
date_started=' . mk_date($_POST['d_year'], $_POST['d_month'], $_POST['d_day']) . ',
date_ended=' . mk_date($_POST['d2_year'], $_POST['d2_month'], $_POST['d2_day']) . ',
subject=\'' . addslashes($_POST['a_subject']) . '\',
text=\'' . addslashes($_POST['a_text']) . '\'
WHERE id=' . $id);
}
}
if (isset($_POST['frm_list'], $id)) {
$_POST['frm_list'] = array_unique($_POST['frm_list']);
q('DELETE FROM ' . $tbl . 'ann_forums WHERE ann_id=' . $id);
foreach ($_POST['frm_list'] as $v) {
function init_user()
{
$o1 =& $GLOBALS['FUD_OPT_1'];
$o2 =& $GLOBALS['FUD_OPT_2'];
$phpgw =& $GLOBALS['phpgw_info']['user'];
/* delete old sessions */
if (!(rand() % 10)) {
q("DELETE FROM phpgw_fud_ses WHERE time_sec+" . $GLOBALS['phpgw_info']['server']['sessions_timeout'] . " < " . __request_timestamp__);
}
$u = db_sab("SELECT \n\t\t\ts.id AS sid, s.data, s.returnto, \n\t\t\tt.id AS theme_id, t.lang, t.name AS theme_name, t.locale, t.theme, t.pspell_lang, t.theme_opt, \n\t\t\tu.alias, u.posts_ppg, u.time_zone, u.sig, u.last_visit, u.last_read, u.cat_collapse_status, u.users_opt, u.ignore_list, u.ignore_list, u.buddy_list, u.id, u.group_leader_list, u.email, u.login \n\t\t\tFROM phpgw_fud_ses s\n\t\t\tINNER JOIN phpgw_fud_users u ON u.id=(CASE WHEN s.user_id>2000000000 THEN 1 ELSE s.user_id END) \n\t\t\tINNER JOIN phpgw_fud_themes t ON t.id=u.theme WHERE s.ses_id='" . s . "'");
if (!$u) {
/* registered user */
if ($phpgw['account_lid'] != $GLOBALS['ANON_NICK']) {
/* this means we do not have an entry for this user in the sessions table */
$uid = q_singleval("SELECT id FROM phpgw_fud_users WHERE egw_id=" . (int) $phpgw['account_id']);
$id = db_qid("INSERT INTO phpgw_fud_ses (user_id, ses_id, time_sec) VALUES(" . $uid . ", '" . s . "', " . __request_timestamp__ . ")");
$u = db_sab('SELECT s.id AS sid, s.data, s.returnto, t.id AS theme_id, t.lang, t.name AS theme_name, t.locale, t.theme, t.pspell_lang, t.theme_opt, u.alias, u.posts_ppg, u.time_zone, u.sig, u.last_visit, u.last_read, u.cat_collapse_status, u.users_opt, u.ignore_list, u.ignore_list, u.buddy_list, u.id, u.group_leader_list, u.email, u.login FROM phpgw_fud_ses s INNER JOIN phpgw_fud_users u ON u.id=s.user_id INNER JOIN phpgw_fud_themes t ON t.id=u.theme WHERE s.id=' . $id);
} else {
/* anonymous user */
do {
$uid = 2000000000 + mt_rand(1, 147483647);
} while (!($id = db_li("INSERT INTO phpgw_fud_ses (time_sec, ses_id, user_id) VALUES (" . __request_timestamp__ . ", '" . s . "', " . $uid . ")", $ef, 1)));
$u = db_sab('SELECT s.id AS sid, s.data, s.returnto, t.id AS theme_id, t.lang, t.name AS theme_name, t.locale, t.theme, t.pspell_lang, t.theme_opt, u.alias, u.posts_ppg, u.time_zone, u.sig, u.last_visit, u.last_read, u.cat_collapse_status, u.users_opt, u.ignore_list, u.ignore_list, u.buddy_list, u.id, u.group_leader_list, u.email, u.login FROM phpgw_fud_ses s INNER JOIN phpgw_fud_users u ON u.id=1 INNER JOIN phpgw_fud_themes t ON t.id=u.theme WHERE s.id=' . $id);
}
}
/* grant admin access */
if (!empty($phpgw['apps']['admin'])) {
$u->users_opt |= 1048576;
}
/* this is ugly, very ugly, but there is no way around it, we need to see if the
* user's language had changed and we can only do it this way.
*/
$langl = array('bg' => 'bulgarian', 'zh' => 'chinese_big5', 'cs' => 'czech', 'nl' => 'dutch', 'fr' => 'french', 'de' => 'german', 'it' => 'italian', 'lv' => 'latvian', 'no' => 'norwegian', 'pl' => 'polish', 'pt' => 'portuguese', 'ro' => 'romanian', 'ru' => 'russian', 'sk' => 'slovak', 'es' => 'spanish', 'sv' => 'swedish', 'tr' => 'turkish', 'en' => 'english');
$lang =& $phpgw['preferences']['common']['lang'];
if (isset($langl[$lang]) && $langl[$lang] != $u->lang) {
if (!($o = db_sab("SELECT * FROM phpgw_fud_themes WHERE lang='{$langl[$lang]}'"))) {
fud_use('compiler.inc', true);
fud_use('theme.inc', true);
$thm = new fud_theme();
$thm->name = $thm->lang = $langl[$lang];
$thm->theme = 'default';
$thm->pspell_lang = file_get_contents($GLOBALS['DATA_DIR'] . 'thm/default/i18n/' . $langl[$lang] . '/pspell_lang');
$thm->locale = file_get_contents($GLOBALS['DATA_DIR'] . 'thm/default/i18n/' . $langl[$lang] . '/locale');
$thm->theme_opt = 1;
$thm->add();
compile_all('default', $langl[$lang], $langl[$lang]);
$o = db_sab("SELECT * FROM phpgw_fud_themes WHERE lang='{$langl[$lang]}'");
}
$u->lang = $o->lang;
$u->theme_name = $o->name;
$u->locale = $o->locale;
$u->theme_id = $o->id;
$u->theme = $o->theme;
$u->pspell_lang = $o->pspell_lang;
$u->theme_opt = $o->theme_opt;
q("UPDATE phpgw_fud_users SET theme=" . $u->theme_id . " WHERE id=" . $u->id);
}
if ($u->data) {
$u->data = @unserialize($u->data);
}
$u->users_opt = (int) $u->users_opt;
/* set timezone */
@putenv('TZ=' . $u->time_zone);
/* set locale */
setlocale(LC_ALL, $u->locale);
/* view format for threads & messages */
define('d_thread_view', $u->users_opt & 256 ? 'msg' : 'tree');
define('t_thread_view', $u->users_opt & 128 ? 'thread' : 'threadt');
/* theme path */
@define('fud_theme', 'theme/' . ($u->theme_name ? $u->theme_name : 'default') . '/');
/* define _uid, which, will tell us if this is a 'real' user or not */
define('__fud_real_user__', $u->id != 1 ? $u->id : 0);
define('_uid', __fud_real_user__);
if (__fud_real_user__) {
q('UPDATE phpgw_fud_users SET last_visit=' . __request_timestamp__ . ' WHERE id=' . $u->id);
}
return $u;
}
function poll_opt_add($name, $poll_id)
{
return db_qid("INSERT INTO phpgw_fud_poll_opt (poll_id,name) VALUES(" . $poll_id . ", '" . addslashes($name) . "')");
}
