Ejemplo n.º 1
0
    echo "        </table>\n";
    echo "      </td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">&nbsp;</td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"center\">", form_submit('addcomment', gettext("Add Comment")), "</td>\n";
    echo "    </tr>\n";
    echo "  </table>\n";
    echo "  <br />\n";
    echo "</form>\n";
}
if ($user_perm_links_moderate || $link['UID'] == $_SESSION['UID']) {
    echo "<form accept-charset=\"utf-8\" name=\"link_moderation\" action=\"links_detail.php\" method=\"post\">\n";
    echo "  ", form_csrf_token_field(), "\n";
    echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "  ", form_input_hidden("type", "moderation") . "\n";
    echo "  ", form_input_hidden("lid", htmlentities_array($lid)) . "\n";
    echo "  ", form_input_hidden("parent_fid", htmlentities_array($parent_fid)), "\n";
    echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">\n";
    echo "        <table class=\"box\" width=\"100%\">\n";
    echo "          <tr>\n";
    echo "            <td align=\"left\" class=\"posthead\">\n";
    echo "              <table class=\"posthead\" width=\"100%\">\n";
    echo "                <tr>\n";
    echo "                  <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Moderation Tools"), "</td>";
    echo "                </tr>\n";
    echo "                <tr>\n";
Ejemplo n.º 2
0
function logon_draw_form($logon_options)
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    // Make sure logon form argument is valid.
    if (!is_numeric($logon_options)) {
        $logon_options = LOGON_FORM_DEFAULT;
    }
    // Check for previously failed logon.
    if (isset($_GET['logout_success']) && $_GET['logout_success'] == 'true') {
        html_display_success_msg(gettext("You have successfully logged out."), '500', 'center');
    } else {
        if (isset($_GET['logon_failed']) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
            html_display_error_msg(gettext("The username or password you supplied is not valid."), '500', 'center');
        }
    }
    // Get the original requested page url.
    $request_uri = get_request_uri();
    // If the request is for logon.php then we are performing
    // a normal login, otherwise potentially a failed session.
    if (stristr($request_uri, 'logon.php')) {
        echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"", html_get_top_frame_name(), "\">\n";
        echo "    ", form_csrf_token_field(), "\n";
    } else {
        echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
        echo "    ", form_csrf_token_field(), "\n";
    }
    // Check for any post data that we need to include in the form.
    unset($_POST['user_logon'], $_POST['user_password'], $_POST['logon'], $_POST['webtag'], $_POST['register']);
    // Add any post data into the form.
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "  <br />\n";
    echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">\n";
    echo "        <table class=\"box\" width=\"100%\">\n";
    echo "          <tr>\n";
    echo "            <td align=\"left\" class=\"posthead\">\n";
    echo "              <table class=\"posthead\" width=\"100%\">\n";
    echo "                <tr>\n";
    echo "                  <td align=\"left\" class=\"subhead\">", gettext("Logon"), "</td>\n";
    echo "                </tr>\n";
    echo "              </table>\n";
    echo "              <table class=\"posthead\" width=\"100%\">\n";
    echo "                <tr>\n";
    echo "                  <td align=\"center\">\n";
    echo "                    <table class=\"posthead\" width=\"95%\">\n";
    echo "                      <tr>\n";
    echo "                        <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
    echo "                        <td align=\"left\">", form_input_text('user_logon', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                      </tr>\n";
    echo "                      <tr>\n";
    echo "                        <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
    echo "                        <td align=\"left\">", form_input_password('user_password', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                      </tr>\n";
    if (!($logon_options & LOGON_FORM_HIDE_TICKBOX) && !($logon_options & LOGON_FORM_SESSION_EXPIRED)) {
        echo "                      <tr>\n";
        echo "                        <td align=\"left\" colspan=\"2\"><hr class=\"bhseparatorlogon\" /></td>\n";
        echo "                      </tr>\n";
        echo "                    </table>\n";
        echo "                    <table class=\"posthead\" width=\"95%\">\n";
        echo "                      <tr>\n";
        echo "                        <td align=\"right\" width=\"90\">", form_checkbox('user_remember', 'Y', null, html_get_cookie('user_logon') && html_get_cookie('user_token')), "</td>\n";
        echo "                        <td align=\"left\"><label for=\"user_remember\">", gettext("Remember me"), "</label></td>\n";
        echo "                      </tr>\n";
        echo "                      <tr>\n";
        echo "                        <td align=\"left\">&nbsp;</td>\n";
        echo "                        <td align=\"left\"><span class=\"bhinputlogon_warning\">", gettext("Not recommended for shared computers"), "</span></td>\n";
        echo "                      </tr>\n";
    }
    echo "                      <tr>\n";
    echo "                        <td align=\"left\">&nbsp;</td>\n";
    echo "                      </tr>\n";
    echo "                    </table>\n";
    echo "                  </td>\n";
    echo "                </tr>\n";
    echo "              </table>\n";
    echo "            </td>\n";
    echo "          </tr>\n";
    echo "        </table>\n";
    echo "      </td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"left\">&nbsp;</td>\n";
    echo "    </tr>\n";
    echo "    <tr>\n";
    echo "      <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
    echo "    </tr>\n";
    echo "  </table>\n";
    echo "</form>\n";
    echo "<br />\n";
    if (!($logon_options & LOGON_FORM_HIDE_LINKS)) {
        echo "<hr class=\"bhlogonseparator\" />\n";
        if (user_guest_enabled()) {
            echo "<form accept-charset=\"utf-8\" name=\"guest\" action=\"logon.php?webtag={$webtag}\" method=\"post\" target=\"", html_get_top_frame_name(), "\">\n";
            echo "  ", form_csrf_token_field(), "\n";
            echo "  <p>", sprintf(gettext("Enter as a %s"), form_submit('guest_logon', gettext("Guest"))), "</p>\n";
            echo "</form>\n";
        }
        if (isset($_GET['final_uri']) && strlen(trim($_GET['final_uri'])) > 0) {
            $available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
            if (preg_match("/^{$available_files_preg}/u", trim($_GET['final_uri'])) > 0) {
                $final_uri = href_cleanup_query_keys($_GET['final_uri']);
            }
        }
        if (isset($final_uri)) {
            $final_uri = rawurlencode($final_uri);
            $register_link = rawurlencode("register.php?webtag={$webtag}&final_uri={$final_uri}");
            $forgot_pw_link = rawurlencode("forgot_pw.php?webtag={$webtag}&final_uri={$final_uri}");
            echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&amp;final_uri={$register_link}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>") . "</p>\n";
            echo "<hr class=\"bhlogonseparator\" />\n";
            echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
            echo "<p><a href=\"logon.php?webtag={$webtag}&amp;delete_cookie=yes&amp;final_uri={$final_uri}\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
            echo "<p><a href=\"index.php?webtag={$webtag}&amp;final_uri={$forgot_pw_link}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
        } else {
            echo "<p>", sprintf(gettext("Don't have an account? %s"), "<a href=\"index.php?webtag={$webtag}&amp;final_uri=register.php%3Fwebtag%3D{$webtag}\" target=\"" . html_get_top_frame_name() . "\">" . gettext("Register now") . "</a>"), "</p>\n";
            echo "<hr class=\"bhlogonseparator\" />\n";
            echo "<h2>", gettext("Problems logging on?"), "</h2>\n";
            echo "<p><a href=\"logon.php?webtag={$webtag}&amp;delete_cookie=yes\" target=\"", html_get_top_frame_name(), "\">", gettext("Delete Cookies"), "</a></p>\n";
            echo "<p><a href=\"index.php?webtag={$webtag}&amp;final_uri=forgot_pw.php%3Fwebtag%3D{$webtag}\" target=\"", html_get_top_frame_name(), "\">", gettext("Forgotten your password?"), "</a></p>\n";
        }
        echo "<hr class=\"bhlogonseparator\" />\n";
        echo "<h2>", gettext("Using a mobile device?"), "</h2>\n";
        echo "<p><a href=\"index.php?webtag={$webtag}&amp;view=mobile\" target=\"", html_get_top_frame_name(), "\">", gettext("Mobile version"), "</a></p>\n";
    }
}
Ejemplo n.º 3
0
function forum_check_password($forum_fid)
{
    if (!is_numeric($forum_fid)) {
        return;
    }
    $webtag = get_webtag();
    if (!forum_check_webtag_available($webtag)) {
        return;
    }
    if (!($forum_passhash = forum_get_password($forum_fid))) {
        return;
    }
    if (isset($_SESSION["{$webtag}_PASSWORD"]) && is_md5($_SESSION["{$webtag}_PASSWORD"])) {
        $forum_passhash_check = $_SESSION["{$webtag}_PASSWORD"];
    } else {
        $forum_passhash_check = null;
    }
    if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) {
        $forum_passhash_check = md5($_POST['forum_password']);
    }
    if ($forum_passhash == $forum_passhash_check) {
        $_SESSION["{$webtag}_PASSWORD"] = $forum_passhash_check;
        return;
    }
    cache_disable();
    html_draw_top(array('title' => gettext("Password Protected Forum")));
    echo "<h1>", gettext("Password Protected Forum"), "</h1>\n";
    if (isset($_SESSION["{$webtag}_PASSWORD"]) && is_md5($_SESSION["{$webtag}_PASSWORD"])) {
        html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center');
    }
    if (($password_protected_message = forum_get_setting('password_protected_message')) !== false) {
        echo fix_html($password_protected_message);
    } else {
        html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center');
    }
    echo "<br />\n";
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n";
    echo "    ", form_csrf_token_field(), "\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"400\">\n";
    echo "            <tr>\n";
    echo "              <td class=\"posthead\" align=\"center\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"90%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\">", gettext("Password"), ":</td>\n";
    echo "                    <td align=\"left\">", form_input_password('forum_password', null, 40), "</td>\n";
    echo "                  </tr>\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\">", form_submit("logon", gettext("Logon")), "&nbsp;", form_submit("cancel", gettext("Cancel")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) {
        html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center');
    }
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}
Ejemplo n.º 4
0
function light_html_display_msg($header, $message, $href = null, $method = 'get', array $buttons = array(), array $vars = array())
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    $available_methods = array('get', 'post');
    if (!in_array($method, $available_methods)) {
        $method = 'get';
    }
    if (is_string($href) && strlen(trim($href)) > 0) {
        echo "<form accept-charset=\"utf-8\" action=\"{$href}\" method=\"{$method}\">\n";
        if ($method == 'post') {
            echo form_csrf_token_field(), "\n";
        }
        echo form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
        if (is_array($vars)) {
            echo form_input_hidden_array($vars), "\n";
        }
    }
    echo "<div class=\"message_box message_question\">\n";
    echo "  <h3>", html_style_image('help'), $header, "</h3>\n";
    echo "  <p>", $message, "</p>\n";
    if (is_string($href) && strlen(trim($href)) > 0) {
        $button_html_array = array();
        if (is_array($buttons) && sizeof($buttons) > 0) {
            foreach ($buttons as $button_name => $button_label) {
                $button_html_array[] = form_submit(htmlentities_array($button_name), htmlentities_array($button_label));
            }
        }
        if (sizeof($button_html_array) > 0) {
            echo "<p>", implode("&nbsp;", $button_html_array), "</p>\n";
        }
    }
    echo "</div>\n";
    if (is_string($href) && strlen(trim($href)) > 0) {
        echo "</form>\n";
    }
}
Ejemplo n.º 5
0
function poll_display($tid, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $show_sigs = true, $is_preview = false, $highlight_array = array())
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    $total_votes = 0;
    $user_votes = 0;
    $guest_votes = 0;
    $poll_data = poll_get($tid);
    $poll_results = poll_get_votes($tid);
    $user_poll_votes_array = poll_get_user_votes($tid);
    poll_get_total_votes($tid, $total_votes, $user_votes, $guest_votes);
    $request_uri = get_request_uri();
    $poll_display = "<br />\n";
    $poll_display .= "<div align=\"center\">\n";
    $poll_display .= "  <table class=\"box\" cellpadding=\"0\" cellspacing=\"0\" width=\"580\">\n";
    $poll_display .= "    <tr>\n";
    $poll_display .= "      <td align=\"center\">\n";
    $poll_display .= "        <form accept-charset=\"utf-8\" method=\"post\" action=\"{$request_uri}\" target=\"_self\">\n";
    $poll_display .= "          " . form_csrf_token_field() . "\n";
    $poll_display .= "          " . form_input_hidden("webtag", htmlentities_array($webtag)) . "\n";
    $poll_display .= "          " . form_input_hidden('msg', htmlentities_array("{$tid}.1")) . "\n";
    $poll_display .= "          <table width=\"560\">\n";
    if ((!is_array($user_poll_votes_array) || $poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) && ($_SESSION['UID'] > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) && ($poll_data['CLOSES'] == 0 || $poll_data['CLOSES'] > time()) && !$is_preview) {
        foreach ($poll_results as $question_id => $poll_question) {
            $poll_display .= "          <tr>\n";
            $poll_display .= "            <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
            $poll_display .= "          </tr>\n";
            $poll_display .= "          <tr>\n";
            $poll_display .= "            <td align=\"left\">\n";
            $poll_display .= "              <table width=\"100%\">\n";
            if ($poll_data['OPTIONTYPE'] == POLL_OPTIONS_DROPDOWN) {
                $dropdown_options_array = array_map('poll_dropdown_options_callback', $poll_question['OPTIONS_ARRAY']);
                $poll_display .= "                <tr>\n";
                $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\">" . form_dropdown_array("poll_vote[{$question_id}]", $dropdown_options_array) . "</td>\n";
                $poll_display .= "                </tr>\n";
            } else {
                foreach ($poll_question['OPTIONS_ARRAY'] as $option_id => $option) {
                    if (sizeof($poll_question['OPTIONS_ARRAY']) == 1 || $poll_question['ALLOW_MULTI'] == 'Y') {
                        $poll_display .= "                <tr>\n";
                        $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\" width=\"1%\">" . form_checkbox("poll_vote[{$question_id}][{$option_id}]", 'Y', word_filter_add_ob_tags($option['OPTION_NAME'])) . "</td>\n";
                        $poll_display .= "                </tr>\n";
                    } else {
                        $poll_display .= "                <tr>\n";
                        $poll_display .= "                  <td align=\"left\" class=\"postbody\" valign=\"top\" width=\"1%\">" . form_radio("poll_vote[{$question_id}]", $option_id, word_filter_add_ob_tags($option['OPTION_NAME'])) . "</td>\n";
                        $poll_display .= "                </tr>\n";
                    }
                }
            }
            $poll_display .= "              </table>\n";
            $poll_display .= "            </td>\n";
            $poll_display .= "          </tr>\n";
        }
    } else {
        if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS || $poll_data['CLOSES'] > 0 && $poll_data['CLOSES'] < time()) {
            if ($poll_data['POLLTYPE'] == POLL_TABLE_GRAPH && $poll_data['VOTETYPE'] != POLL_VOTE_PUBLIC) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">" . poll_table_graph($poll_results, $total_votes) . "</td>\n";
                $poll_display .= "             </tr>\n";
            } else {
                foreach ($poll_results as $poll_question) {
                    $poll_display .= "           <tr>\n";
                    $poll_display .= "               <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td align=\"left\">\n";
                    $poll_display .= "                <table width=\"100%\">\n";
                    if ($poll_data['POLLTYPE'] == POLL_HORIZONTAL_GRAPH || $poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC) {
                        $poll_display .= "                  <tr>\n";
                        $poll_display .= "                    <td align=\"left\" colspan=\"2\">" . poll_horizontal_graph($poll_question['OPTIONS_ARRAY'], $poll_data, $total_votes) . "</td>\n";
                        $poll_display .= "                   </tr>\n";
                    } else {
                        $poll_display .= "                  <tr>\n";
                        $poll_display .= "                    <td align=\"left\" colspan=\"2\">" . poll_vertical_graph($poll_question['OPTIONS_ARRAY'], $total_votes) . "</td>\n";
                        $poll_display .= "                  </tr>\n";
                    }
                    $poll_display .= "                </table>\n";
                    $poll_display .= "              </td>\n";
                    $poll_display .= "            </tr>\n";
                }
            }
        } else {
            foreach ($poll_results as $poll_question) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\"><h2>" . word_filter_add_ob_tags($poll_question['QUESTION'], true) . "</h2></td>\n";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\">\n";
                $poll_display .= "                <table width=\"100%\">\n";
                foreach ($poll_question['OPTIONS_ARRAY'] as $option) {
                    $poll_display .= "                  <tr>\n";
                    $poll_display .= "                    <td align=\"left\" class=\"postbody\">" . word_filter_add_ob_tags($option['OPTION_NAME']) . "</td>\n";
                    $poll_display .= "                  </tr>\n";
                }
                $poll_display .= "                </table>\n";
                $poll_display .= "              </td>\n";
                $poll_display .= "            </tr>\n";
            }
        }
    }
    if (!$is_preview) {
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
        $poll_display .= "            </tr>\n";
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . poll_format_vote_counts($poll_data, $user_votes, $guest_votes) . "</td>\n";
        $poll_display .= "            </tr>\n";
        $poll_display .= "            <tr>\n";
        $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
        $poll_display .= "            </tr>\n";
        if ($poll_data['CLOSES'] <= time() && $poll_data['CLOSES'] != 0) {
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . gettext("Poll has ended.") . "</td>\n";
            $poll_display .= "            </tr>\n";
            if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td colspan=\"2\" align=\"center\"><a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a></td>\n";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "             <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                $poll_display .= "             </tr>\n";
            }
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
            }
        } else {
            if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
                $poll_display .= poll_display_user_votes($user_poll_votes_array);
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
                $poll_display .= "            </tr>\n";
                if ($poll_data['CHANGEVOTE'] == POLL_VOTE_MULTI) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('poll_submit', gettext("Vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                }
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td colspan=\"2\" align=\"center\">";
                if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS && $total_votes > 0 || $_SESSION['UID'] == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                    $poll_display .= "<a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a>";
                }
                if ($_SESSION['UID'] == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                    $poll_display .= "&nbsp;<a href=\"close_poll.php?webtag={$webtag}&msg={$tid}.1&amp;return_msg={$tid}.{$first_msg}\" class=\"button\" target=\"_parent\">" . gettext("End Poll") . "</a>";
                }
                $poll_display .= "              </td>\n";
                $poll_display .= "            </tr>\n";
                $poll_display .= "            <tr>\n";
                $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                $poll_display .= "            </tr>\n";
                if ($poll_data['CHANGEVOTE'] != POLL_VOTE_CANNOT_CHANGE) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('poll_change_vote', gettext("Change vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                    $poll_display .= "            </tr>\n";
                }
                if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\" class=\"postbody\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                    $poll_display .= "            </tr>\n";
                }
            } else {
                if ($_SESSION['UID'] > 0 || $poll_data['ALLOWGUESTS'] == POLL_GUEST_ALLOWED && forum_get_setting('poll_allow_guests', 'Y')) {
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">" . form_submit('poll_submit', gettext("Vote")) . "</td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td colspan=\"2\" align=\"center\">";
                    if ($poll_data['SHOWRESULTS'] == POLL_SHOW_RESULTS && $total_votes > 0 || $_SESSION['UID'] == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                        $poll_display .= "<a href=\"poll_results.php?webtag={$webtag}&amp;tid={$tid}\" class=\"button popup 800x600\"><span>" . gettext("Results") . "</span></a>";
                    }
                    if ($_SESSION['UID'] == $poll_data['FROM_UID'] || session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid)) {
                        $poll_display .= "&nbsp;<a href=\"close_poll.php?webtag={$webtag}&msg={$tid}.1&amp;return_msg={$tid}.{$first_msg}\" class=\"button\" target=\"_parent\">" . gettext("End Poll") . "</a>";
                    }
                    $poll_display .= "              </td>\n";
                    $poll_display .= "            </tr>\n";
                    $poll_display .= "            <tr>\n";
                    $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>";
                    $poll_display .= "            </tr>\n";
                    if ($poll_data['VOTETYPE'] == POLL_VOTE_PUBLIC && $poll_data['CHANGEVOTE'] < POLL_VOTE_MULTI && $poll_data['POLLTYPE'] != POLL_TABLE_GRAPH) {
                        $poll_display .= "            <tr>\n";
                        $poll_display .= "              <td colspan=\"2\" align=\"center\" class=\"postbody\">" . gettext("<b>Warning</b>: This is a public ballot. Your name will be visible next to the option you vote for.") . "</td>\n";
                        $poll_display .= "            </tr>\n";
                        $poll_display .= "            <tr>\n";
                        $poll_display .= "              <td colspan=\"2\" align=\"center\">&nbsp;</td>\n";
                        $poll_display .= "            </tr>\n";
                    }
                }
            }
        }
    } else {
        if (is_array($user_poll_votes_array) && sizeof($user_poll_votes_array) > 0) {
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\" class=\"postbody\">" . poll_format_vote_counts($poll_data, $user_votes, $guest_votes) . "</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
            $poll_display .= poll_display_user_votes($user_poll_votes_array);
            $poll_display .= "            <tr>\n";
            $poll_display .= "              <td align=\"left\" colspan=\"2\">&nbsp;</td>\n";
            $poll_display .= "            </tr>\n";
        }
    }
    $poll_display .= "          </table>\n";
    $poll_display .= "        </form>\n";
    $poll_display .= "      </td>\n";
    $poll_display .= "    </tr>\n";
    $poll_display .= "  </table>\n";
    $poll_display .= "</div>\n";
    $poll_display .= "<br />\n";
    $poll_data['CONTENT'] = $poll_display;
    message_display($tid, $poll_data, $msg_count, $first_msg, $folder_fid, $in_list, $closed, true, $show_sigs, $is_preview, $highlight_array);
}
Ejemplo n.º 6
0
function html_display_msg($header_text, $string_msg, $href = null, $method = 'get', array $buttons = array(), array $vars = array(), $target = "_self", $align = "left", $id = null)
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    if (!is_string($header_text)) {
        return;
    }
    if (!is_string($string_msg)) {
        return;
    }
    $available_methods = array('get', 'post');
    if (!in_array($method, $available_methods)) {
        $method = 'get';
    }
    $available_alignments = array('left', 'center', 'right');
    if (!in_array($align, $available_alignments)) {
        $align = 'left';
    }
    echo "<h1>{$header_text}</h1>\n";
    echo "<br />\n";
    if (is_string($href) && strlen(trim($href)) > 0) {
        echo "<form accept-charset=\"utf-8\" action=\"{$href}\" method=\"{$method}\" target=\"{$target}\">\n";
        if ($method == 'post') {
            echo "  ", form_csrf_token_field(), "\n";
        }
        echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
        if (is_array($vars)) {
            echo "  ", form_input_hidden_array($vars), "\n";
        }
    }
    echo "  <div align=\"{$align}\"", $id ? " id=\"{$id}\"" : "", ">\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\" class=\"message_box\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"100%\">\n";
    echo "            <tr>\n";
    echo "              <td align=\"left\" class=\"posthead\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\">{$header_text}</td>\n";
    echo "                  </tr>\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"center\">\n";
    echo "                      <table class=\"posthead\" width=\"95%\">\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"left\">{$string_msg}</td>\n";
    echo "                        </tr>\n";
    echo "                      </table>\n";
    echo "                    </td>\n";
    echo "                  </tr>\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\">&nbsp;</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    if (is_string($href) && strlen(trim($href)) > 0) {
        $button_html_array = array();
        if (is_array($buttons) && sizeof($buttons) > 0) {
            foreach ($buttons as $button_name => $button_label) {
                $button_html_array[] = form_submit(htmlentities_array($button_name), htmlentities_array($button_label));
            }
        }
        if (sizeof($button_html_array) > 0) {
            echo "      <tr>\n";
            echo "        <td align=\"center\">", implode("&nbsp;", $button_html_array), "</td>\n";
            echo "      </tr>\n";
        }
    }
    echo "    </table>\n";
    echo "  </div>\n";
    if (is_string($href) && strlen(trim($href)) > 0) {
        echo "</form>\n";
    }
}
Ejemplo n.º 7
0
function messages_interest_form($tid, $pid, $interest)
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    $interest_levels_array = array(THREAD_IGNORED => gettext("Ignore"), THREAD_NOINTEREST => gettext("Normal"), THREAD_INTERESTED => gettext("Interested"), THREAD_SUBSCRIBED => gettext("Subscribed"));
    echo "<table class=\"messages_interest_form\" width=\"100%\">\n";
    echo "  <tr>\n";
    echo "    <td align=\"center\">\n";
    echo "      <form accept-charset=\"utf-8\" name=\"rate_interest\" target=\"_self\" action=\"thread_options.php?webtag={$webtag}&amp;msg={$tid}.{$pid}\" method=\"post\">\n";
    echo "        ", form_csrf_token_field(), "\n";
    echo "        ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "        ", gettext("Rate my interest"), ": ", form_radio_array("setinterest", $interest_levels_array, htmlentities_array($interest));
    echo "        ", form_input_hidden("tid", htmlentities_array($tid));
    echo "        ", form_submit("apply", gettext("Apply")), "\n";
    echo "      </form>\n";
    echo "    </td>\n";
    echo "  </tr>\n";
    echo "</table>\n";
    echo "<br />\n";
}
Ejemplo n.º 8
0
function admin_check_credentials()
{
    $webtag = get_webtag();
    forum_check_webtag_available($webtag);
    if (isset($_SESSION['ADMIN_TIMEOUT']) && is_numeric($_SESSION['ADMIN_TIMEOUT']) && $_SESSION['ADMIN_TIMEOUT'] > time()) {
        $_SESSION['ADMIN_TIMEOUT'] = time() + HOUR_IN_SECONDS;
        return true;
    }
    if (isset($_POST['admin_logon']) && isset($_POST['admin_password'])) {
        $admin_logon = $_POST['admin_logon'];
        $admin_password = $_POST['admin_password'];
        if (($admin_uid = user_logon($admin_logon, $admin_password)) && $admin_uid == $_SESSION['UID']) {
            $_SESSION['ADMIN_TIMEOUT'] = time() + HOUR_IN_SECONDS;
            return true;
        } else {
            html_display_error_msg(gettext("The username or password you supplied are not valid."), '500', 'center');
        }
    }
    html_draw_top(array('main_css' => 'admin.css'));
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        html_display_warning_msg(gettext('To save any changes you must re-authenticate yourself'), '500', 'center');
    } else {
        html_display_warning_msg(gettext('To access the Admin area you must re-authenticate yourself'), '500', 'center');
    }
    echo "<div align=\"center\">\n";
    echo "  <form accept-charset=\"utf-8\" name=\"logonform\" method=\"post\" action=\"", get_request_uri(), "\" target=\"", html_get_frame_name('main'), "\" autocomplete=\"off\">\n";
    echo "    ", form_csrf_token_field(), "\n";
    if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) {
        echo form_input_hidden_array($_POST);
    }
    echo "    ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
    echo "    <br />\n";
    echo "    <table cellpadding=\"0\" cellspacing=\"0\" width=\"325\">\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">\n";
    echo "          <table class=\"box\" width=\"100%\">\n";
    echo "            <tr>\n";
    echo "              <td align=\"left\" class=\"posthead\">\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"left\" class=\"subhead\">", gettext("Please enter your password"), "</td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "                <table class=\"posthead\" width=\"100%\">\n";
    echo "                  <tr>\n";
    echo "                    <td align=\"center\">\n";
    echo "                      <table class=\"posthead\" width=\"95%\">\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Username"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_text('admin_logon', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"right\" width=\"90\">", gettext("Password"), ":</td>\n";
    echo "                          <td align=\"left\">", form_input_password('admin_password', null, 24, 32, null, 'bhinputlogon'), "</td>\n";
    echo "                        </tr>\n";
    echo "                        <tr>\n";
    echo "                          <td align=\"left\">&nbsp;</td>\n";
    echo "                        </tr>\n";
    echo "                      </table>\n";
    echo "                    </td>\n";
    echo "                  </tr>\n";
    echo "                </table>\n";
    echo "              </td>\n";
    echo "            </tr>\n";
    echo "          </table>\n";
    echo "        </td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"left\">&nbsp;</td>\n";
    echo "      </tr>\n";
    echo "      <tr>\n";
    echo "        <td align=\"center\" colspan=\"2\">", form_submit('logon', gettext("Logon")), "</td>\n";
    echo "      </tr>\n";
    echo "    </table>\n";
    echo "  </form>\n";
    echo "</div>\n";
    html_draw_bottom();
    exit;
}