Ejemplo n.º 1
0
/**
 * Add a member.
 *
 * @param  SHORT_TEXT		The username.
 * @param  SHORT_TEXT		The password.
 * @param  SHORT_TEXT		The e-mail address.
 * @param  ?array				A list of usergroups (NULL: default/current usergroups).
 * @param  ?integer			Day of date of birth (NULL: unknown).
 * @param  ?integer			Month of date of birth (NULL: unknown).
 * @param  ?integer			Year of date of birth (NULL: unknown).
 * @param  array				A map of custom field values (field-id=>value).
 * @param  ?ID_TEXT			The member timezone (NULL: auto-detect).
 * @param  ?GROUP				The member's primary (NULL: default).
 * @param  BINARY				Whether the profile has been validated.
 * @param  ?TIME				When the member joined (NULL: now).
 * @param  ?TIME				When the member last visited (NULL: now).
 * @param  ID_TEXT			The member's default theme.
 * @param  ?URLPATH			The URL to the member's avatar (blank: none) (NULL: choose one automatically).
 * @param  LONG_TEXT			The member's signature (blank: none).
 * @param  BINARY				Whether the member is permanently banned.
 * @param  BINARY				Whether posts are previewed before they are made.
 * @param  BINARY				Whether the member's age may be shown.
 * @param  SHORT_TEXT		The member's title (blank: get from primary).
 * @param  URLPATH			The URL to the member's photo (blank: none).
 * @param  URLPATH			The URL to the member's photo thumbnail (blank: none).
 * @param  BINARY				Whether the member sees signatures in posts.
 * @param  ?BINARY			Whether the member automatically is enabled for notifications for content they contribute to (NULL: get default from config).
 * @param  ?LANGUAGE_NAME	The member's language (NULL: auto detect).
 * @param  BINARY				Whether the member allows e-mails via the site.
 * @param  BINARY				Whether the member allows e-mails from staff via the site.
 * @param  LONG_TEXT			Personal notes of the member.
 * @param  ?IP					The member's IP address (NULL: IP address of current user).
 * @param  SHORT_TEXT		The code required before the account becomes active (blank: already entered).
 * @param  boolean			Whether to check details for correctness.
 * @param  ?ID_TEXT			The compatibility scheme that the password operates in (blank: none) (NULL: none [meaning normal ocPortal salted style] or plain, depending on whether passwords are encrypted).
 * @param  SHORT_TEXT		The password salt (blank: password compatibility scheme does not use a salt / auto-generate).
 * @param  BINARY				Whether the member likes to view zones without menus, when a choice is available.
 * @param  ?TIME				The time the member last made a submission (NULL: set to now).
 * @param  ?AUTO_LINK		Force an ID (NULL: don't force an ID)
 * @param  BINARY				Whether the member username will be highlighted.
 * @param  SHORT_TEXT		Usergroups that may PT the member.
 * @param  LONG_TEXT			Rules that other members must agree to before they may start a PT with the member.
 * @return AUTO_LINK			The ID of the new member.
 */
function ocf_make_member($username, $password, $email_address, $secondary_groups, $dob_day, $dob_month, $dob_year, $custom_fields, $timezone = NULL, $primary_group = NULL, $validated = 1, $join_time = NULL, $last_visit_time = NULL, $theme = '', $avatar_url = NULL, $signature = '', $is_perm_banned = 0, $preview_posts = 0, $reveal_age = 1, $title = '', $photo_url = '', $photo_thumb_url = '', $views_signatures = 1, $auto_monitor_contrib_content = NULL, $language = NULL, $allow_emails = 1, $allow_emails_from_staff = 1, $personal_notes = '', $ip_address = NULL, $validated_email_confirm_code = '', $check_correctness = true, $password_compatibility_scheme = NULL, $salt = '', $zone_wide = 1, $last_submit_time = NULL, $id = NULL, $highlighted_name = 0, $pt_allow = '*', $pt_rules_text = '')
{
    if (is_null($auto_monitor_contrib_content)) {
        $auto_monitor_contrib_content = get_value('no_auto_notifications') === '1' ? 0 : 1;
    }
    if (is_null($password_compatibility_scheme)) {
        if (get_value('no_password_hashing') === '1') {
            $password_compatibility_scheme = 'plain';
        } else {
            $password_compatibility_scheme = '';
        }
    }
    if (is_null($language)) {
        $language = '';
    }
    if (is_null($signature)) {
        $signature = '';
    }
    if (is_null($title)) {
        $title = '';
    }
    if (is_null($timezone)) {
        $timezone = get_site_timezone();
    }
    if (is_null($allow_emails)) {
        $allow_emails = 1;
    }
    if (is_null($allow_emails_from_staff)) {
        $allow_emails_from_staff = 1;
    }
    if (is_null($personal_notes)) {
        $personal_notes = '';
    }
    if (is_null($avatar_url)) {
        if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 1 || !addon_installed('ocf_member_avatars')) {
            $avatar_url = '';
        } else {
            if (get_option('random_avatars') == '1' && !running_script('stress_test_loader')) {
                require_code('themes2');
                $codes = get_all_image_ids_type('ocf_default_avatars/default_set', false, $GLOBALS['FORUM_DB']);
                shuffle($codes);
                $results = array();
                foreach ($codes as $code) {
                    if (strpos($code, 'ocp_fanatic') !== false) {
                        continue;
                    }
                    $count = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT SUM(m_cache_num_posts) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_avatar_url', find_theme_image($code, false, true)));
                    if (is_null($count)) {
                        $count = 0;
                    }
                    $results[$code] = $count;
                }
                @asort($results);
                // @'d as type checker fails for some odd reason
                $found_avatars = array_keys($results);
                $avatar_url = find_theme_image(array_shift($found_avatars), true, true);
            }
            if (is_null($avatar_url)) {
                $GLOBALS['SITE_DB']->query_delete('theme_images', array('id' => 'ocf_default_avatars/default', 'path' => ''));
                // In case failure cached, gets very confusing
                $avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
                if (is_null($avatar_url)) {
                    $avatar_url = '';
                }
            }
        }
    }
    if ($check_correctness) {
        if (!in_array($password_compatibility_scheme, array('ldap', 'httpauth'))) {
            ocf_check_name_valid($username, NULL, $password_compatibility_scheme == '' ? $password : NULL);
        }
        if (!function_exists('has_actual_page_access') || !has_actual_page_access(get_member(), 'admin_ocf_join')) {
            require_code('type_validation');
            if (!is_valid_email_address($email_address) && $email_address != '') {
                warn_exit(do_lang_tempcode('_INVALID_EMAIL_ADDRESS', escape_html($email_address)));
            }
        }
    }
    require_code('ocf_members');
    require_code('ocf_groups');
    if (is_null($last_submit_time)) {
        $last_submit_time = time();
    }
    if (is_null($join_time)) {
        $join_time = time();
    }
    if (is_null($last_visit_time)) {
        $last_visit_time = time();
    }
    if (is_null($primary_group)) {
        $primary_group = get_first_default_group();
        // This is members
    }
    if (is_null($secondary_groups)) {
        $secondary_groups = ocf_get_all_default_groups(false);
    }
    foreach ($secondary_groups as $_g_id => $g_id) {
        if ($g_id == $primary_group) {
            unset($secondary_groups[$_g_id]);
        }
    }
    if (is_null($ip_address)) {
        $ip_address = get_ip_address();
    }
    if ($password_compatibility_scheme == '' && get_value('no_password_hashing') === '1') {
        $password_compatibility_scheme = 'plain';
        $salt = '';
    }
    if ($salt == '' && $password_compatibility_scheme == '') {
        $salt = produce_salt();
        $password_salted = md5($salt . md5($password));
    } else {
        $password_salted = $password;
    }
    // Supplement custom field values given with defaults, and check constraints
    $all_fields = list_to_map('id', ocf_get_all_custom_fields_match($secondary_groups));
    require_code('fields');
    foreach ($all_fields as $field) {
        $field_id = $field['id'];
        if (array_key_exists($field_id, $custom_fields)) {
            if ($check_correctness && $field[array_key_exists('cf_show_on_join_form', $field) ? 'cf_show_on_join_form' : 'cf_required'] == 0 && $field['cf_owner_set'] == 0 && !has_actual_page_access(get_member(), 'admin_ocf_join')) {
                access_denied('I_ERROR');
            }
        } else {
            $custom_fields[$field_id] = '';
        }
    }
    if (!addon_installed('unvalidated')) {
        $validated = 1;
    }
    $map = array('m_username' => $username, 'm_pass_hash_salted' => $password_salted, 'm_pass_salt' => $salt, 'm_theme' => $theme, 'm_avatar_url' => $avatar_url, 'm_validated' => $validated, 'm_validated_email_confirm_code' => $validated_email_confirm_code, 'm_cache_num_posts' => 0, 'm_cache_warnings' => 0, 'm_max_email_attach_size_mb' => 5, 'm_join_time' => $join_time, 'm_timezone_offset' => $timezone, 'm_primary_group' => $primary_group, 'm_last_visit_time' => $last_visit_time, 'm_last_submit_time' => $last_submit_time, 'm_signature' => insert_lang_comcode($signature, 4, $GLOBALS['FORUM_DB']), 'm_is_perm_banned' => $is_perm_banned, 'm_preview_posts' => $preview_posts, 'm_notes' => $personal_notes, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year, 'm_reveal_age' => $reveal_age, 'm_email_address' => $email_address, 'm_title' => $title, 'm_photo_url' => $photo_url, 'm_photo_thumb_url' => $photo_thumb_url, 'm_views_signatures' => $views_signatures, 'm_auto_monitor_contrib_content' => $auto_monitor_contrib_content, 'm_highlighted_name' => $highlighted_name, 'm_pt_allow' => $pt_allow, 'm_pt_rules_text' => insert_lang_comcode($pt_rules_text, 4, $GLOBALS['FORUM_DB']), 'm_language' => $language, 'm_ip_address' => $ip_address, 'm_zone_wide' => $zone_wide, 'm_allow_emails' => $allow_emails, 'm_allow_emails_from_staff' => $allow_emails_from_staff, 'm_password_change_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_on_probation_until' => NULL);
    if (!is_null($id)) {
        $map['id'] = $id;
    }
    $member_id = $GLOBALS['FORUM_DB']->query_insert('f_members', $map, true);
    if ($check_correctness) {
        // If it was an invite/recommendation, award the referrer
        if (addon_installed('recommend')) {
            $inviter = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address), 'ORDER BY i_time');
            if (!is_null($inviter)) {
                if (addon_installed('points')) {
                    require_code('points2');
                    require_lang('recommend');
                    system_gift_transfer(do_lang('RECOMMEND_SITE_TO', $username, get_site_name()), intval(get_option('points_RECOMMEND_SITE')), $inviter);
                }
                if (addon_installed('chat')) {
                    require_code('chat2');
                    buddy_add($inviter, $member_id);
                    buddy_add($member_id, $inviter);
                }
            }
        }
    }
    $value = mixed();
    // Store custom fields
    $row = array('mf_member_id' => $member_id);
    $all_fields_types = collapse_2d_complexity('id', 'cf_type', $all_fields);
    foreach ($custom_fields as $field_num => $value) {
        if (!array_key_exists($field_num, $all_fields_types)) {
            continue;
        }
        // Trying to set a field we're not allowed to (doesn't apply to our group)
        $ob = get_fields_hook($all_fields_types[$field_num]);
        list(, , $storage_type) = $ob->get_field_value_row_bits($all_fields[$field_num]);
        if (strpos($storage_type, '_trans') !== false) {
            $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
        }
        $row['field_' . strval($field_num)] = $value;
    }
    // Set custom field row
    $all_fields_regardless = $GLOBALS['FORUM_DB']->query_select('f_custom_fields', array('id', 'cf_type'));
    foreach ($all_fields_regardless as $field) {
        if (!array_key_exists('field_' . strval($field['id']), $row)) {
            $ob = get_fields_hook($field['cf_type']);
            list(, , $storage_type) = $ob->get_field_value_row_bits($field);
            $value = '';
            if (strpos($storage_type, '_trans') !== false) {
                $value = insert_lang($value, 3, $GLOBALS['FORUM_DB']);
            }
            $row['field_' . strval($field['id'])] = $value;
        }
    }
    $GLOBALS['FORUM_DB']->query_insert('f_member_custom_fields', $row);
    // Any secondary work
    foreach ($secondary_groups as $g) {
        if ($g != $primary_group) {
            $GLOBALS['FORUM_DB']->query_delete('f_group_members', array('gm_member_id' => $member_id, 'gm_group_id' => $g), '', 1);
            $GLOBALS['FORUM_DB']->query_insert('f_group_members', array('gm_group_id' => $g, 'gm_member_id' => $member_id, 'gm_validated' => 1));
        }
    }
    if ($check_correctness) {
        if (function_exists('decache')) {
            decache('side_stats');
        }
    }
    return $member_id;
}
Ejemplo n.º 2
0
 /**
  * Standard modular render function for profile tabs edit hooks.
  *
  * @param  MEMBER			The ID of the member who is being viewed
  * @param  MEMBER			The ID of the member who is doing the viewing
  * @param  boolean		Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later
  * @return ?array			A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set)
  */
 function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false)
 {
     $order = 0;
     // Actualiser
     if (post_param('submitting_settings_tab', NULL) !== NULL) {
         require_code('ocf_members_action2');
         $is_ldap = ocf_is_ldap_member($member_id_of);
         $is_httpauth = ocf_is_httpauth_member($member_id_of);
         $is_remote = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_password_compat_scheme') == 'remote';
         if ($is_ldap || $is_httpauth || $is_remote || $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'assume_any_member')) {
             $password = NULL;
         } else {
             $password = post_param('edit_password');
             if ($password == '') {
                 $password = NULL;
             } else {
                 $password_confirm = trim(post_param('password_confirm'));
                 if ($password != $password_confirm) {
                     warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
                 }
             }
         }
         $custom_fields = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id_of), $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'view_any_profile_field') ? 1 : NULL, $member_id_of != $member_id_viewing ? NULL : 1, $member_id_of != $member_id_viewing ? NULL : 1);
         $actual_custom_fields = ocf_read_in_custom_fields($custom_fields, $member_id_of);
         $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : '';
         $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true);
         $all_pt_allow = '';
         foreach (array_keys($tmp_groups) as $key) {
             if ($key != db_get_first_id()) {
                 if ($all_pt_allow != '') {
                     $all_pt_allow .= ',';
                 }
                 $all_pt_allow .= strval($key);
             }
         }
         if ($pt_allow == $all_pt_allow) {
             $pt_allow = '*';
         }
         $pt_rules_text = post_param('pt_rules_text', NULL);
         if (has_specific_permission($member_id_viewing, 'member_maintenance')) {
             $validated = post_param_integer('validated', 0);
             $primary_group = $is_ldap || !has_specific_permission($member_id_viewing, 'assume_any_member') ? NULL : post_param_integer('primary_group', NULL);
             $is_perm_banned = post_param_integer('is_perm_banned', 0);
             $old_is_perm_banned = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_is_perm_banned');
             if ($old_is_perm_banned != $is_perm_banned) {
                 if ($is_perm_banned == 1) {
                     ocf_ban_member($member_id_of);
                 } else {
                     ocf_unban_member($member_id_of);
                 }
             }
             $highlighted_name = post_param_integer('highlighted_name', 0);
             if (has_specific_permission($member_id_viewing, 'probate_members')) {
                 $on_probation_until = get_input_date('on_probation_until');
                 $current__on_probation_until = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_on_probation_until');
                 if ((is_null($on_probation_until) || $on_probation_until <= time()) && $current__on_probation_until > time()) {
                     log_it('STOP_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
                 } elseif (!is_null($on_probation_until) && $on_probation_until > time() && $current__on_probation_until <= time()) {
                     log_it('START_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
                 } elseif (!is_null($on_probation_until) && $current__on_probation_until > $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) {
                     log_it('REDUCE_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
                 } elseif (!is_null($on_probation_until) && $current__on_probation_until < $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) {
                     log_it('EXTEND_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of));
                 }
             } else {
                 $on_probation_until = NULL;
             }
         } else {
             $validated = NULL;
             $primary_group = NULL;
             $highlighted_name = NULL;
             $on_probation_until = NULL;
         }
         if (has_actual_page_access($member_id_viewing, 'admin_ocf_join') || has_specific_permission($member_id_of, 'rename_self')) {
             $username = $is_ldap || $is_remote ? NULL : post_param('edit_username', NULL);
         } else {
             $username = NULL;
         }
         $email = post_param('email_address', NULL);
         if (!is_null($email)) {
             $email = trim($email);
         }
         $theme = post_param('theme', NULL);
         if ($is_remote) {
             $preview_posts = NULL;
             $zone_wide = NULL;
             $auto_monitor_contrib_content = NULL;
             $views_signatures = NULL;
             $timezone = NULL;
         } else {
             $preview_posts = post_param_integer('preview_posts', 0);
             $zone_wide = post_param_integer('zone_wide', 0);
             $auto_monitor_contrib_content = NULL;
             //post_param_integer('auto_monitor_contrib_content',0);	Moved to notifications tab
             $views_signatures = post_param_integer('views_signatures', 0);
             $timezone = post_param('timezone', get_site_timezone());
         }
         ocf_edit_member($member_id_of, $email, $preview_posts, post_param_integer('dob_day', -1), post_param_integer('dob_month', -1), post_param_integer('dob_year', -1), $timezone, $primary_group, $actual_custom_fields, $theme, post_param_integer('reveal_age', 0), $views_signatures, $auto_monitor_contrib_content, post_param('language', NULL), post_param_integer('allow_emails', 0), post_param_integer('allow_emails_from_staff', 0), $validated, $username, $password, $zone_wide, $highlighted_name, $pt_allow, $pt_rules_text, $on_probation_until);
         if (!array_key_exists('secondary_groups', $_POST)) {
             $_POST['secondary_groups'] = array();
         }
         require_code('ocf_groups_action2');
         $members_groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id_of);
         $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
         $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL));
         foreach ($_POST['secondary_groups'] as $group_id) {
             $group = $groups[intval($group_id)];
             if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission($member_id_viewing, 'see_hidden_groups')) {
                 continue;
             }
             if (!in_array($group['id'], $members_groups) && (has_specific_permission($member_id_viewing, 'assume_any_member') || $group['g_open_membership'] == 1)) {
                 ocf_add_member_to_group($member_id_of, $group['id']);
             }
         }
         foreach ($members_groups as $group_id) {
             if (!in_array(strval($group_id), $_POST['secondary_groups'])) {
                 ocf_member_leave_group($group_id, $member_id_of);
             }
         }
         $GLOBALS['FORUM_DB']->query('DELETE FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_known_login_ips WHERE i_member_id=' . strval($member_id_of) . ' AND ' . db_string_not_equal_to('i_val_code', ''));
         // So any re-confirms can happen
         if (addon_installed('awards')) {
             require_code('awards');
             handle_award_setting('member', strval($member_id_of));
         }
         attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform');
     }
     if ($leave_to_ajax_if_possible) {
         return NULL;
     }
     // UI
     $title = do_lang_tempcode('SETTINGS');
     $myrow = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id_of);
     if (is_null($myrow)) {
         warn_exit(do_lang_tempcode('USER_NO_EXIST'));
     }
     require_code('ocf_members_action2');
     list($fields, $hidden) = ocf_get_member_fields_settings(false, $member_id_of, NULL, $myrow['m_email_address'], $myrow['m_preview_posts'], $myrow['m_dob_day'], $myrow['m_dob_month'], $myrow['m_dob_year'], get_users_timezone($member_id_of), $myrow['m_theme'], $myrow['m_reveal_age'], $myrow['m_views_signatures'], $myrow['m_auto_monitor_contrib_content'], $myrow['m_language'], $myrow['m_allow_emails'], $myrow['m_allow_emails_from_staff'], $myrow['m_validated'], $myrow['m_primary_group'], $myrow['m_username'], $myrow['m_is_perm_banned'], '', $myrow['m_zone_wide'], $myrow['m_highlighted_name'], $myrow['m_pt_allow'], get_translated_text($myrow['m_pt_rules_text'], $GLOBALS['FORUM_DB']), $myrow['m_on_probation_until']);
     // Awards?
     if (addon_installed('awards')) {
         require_code('awards');
         $fields->attach(get_award_fields('member', strval($member_id_of)));
     }
     $redirect = get_param('redirect', NULL);
     if (!is_null($redirect)) {
         $hidden->attach(form_input_hidden('redirect', $redirect));
     }
     $hidden->attach(form_input_hidden('submitting_settings_tab', '1'));
     $javascript = "\n\t\t\tvar form=document.getElementById('email_address').form;\n\t\t\tform.prior_profile_edit_submit=form.onsubmit;\n\t\t\tform.onsubmit=function()\n\t\t\t\t{\n\t\t\t\t\tif (typeof form.elements['edit_password']!='undefined')\n\t\t\t\t\t{\n\t\t\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['edit_password'].value))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (typeof form.prior_profile_edit_submit!='undefined' && form.prior_profile_edit_submit) return form.prior_profile_edit_submit();\n\t\t\t\t\treturn true;\n\t\t\t\t};\n\t\t";
     $text = '';
     return array($title, $fields, $text, $javascript, $order, $hidden);
 }
Ejemplo n.º 3
0
/**
 * Show bookings ical feed (NB: the event type for this is admins only, unless edited).
 */
function bookings_ical_script()
{
    $pass_ok = get_param('pass', '') == md5('booking_salt_' . $GLOBALS['SITE_INFO']['admin_password']);
    if (!$pass_ok && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
        access_denied('I_ERROR');
    }
    require_code('calendar_ical');
    require_code('booking');
    @ini_set('ocproducts.xss_detect', '0');
    if ($pass_ok) {
        header('Content-Type: text/calendar');
        header('Content-Disposition: filename="bookings_export.ics"');
    }
    // If not, it's an admin testing, so just display contents
    if (function_exists('set_time_limit')) {
        @set_time_limit(0);
    }
    $time = get_param_integer('from', time());
    if ($time < 0) {
        $time = time() + 60 * 60 * 24 * $time;
    }
    require_lang('booking');
    $id = get_param_integer('id');
    $where = 'bookable_id=' . strval($id) . ' AND (b_year>' . date('Y', $time) . ' OR (b_year=' . date('Y', $time) . ' AND b_month>' . date('m', $time) . ') OR (b_year=' . date('Y', $time) . ' AND b_month=' . date('m', $time) . ' AND b_day>=' . date('d', $time) . '))';
    $members_with_bookings = $GLOBALS['SITE_DB']->query('SELECT DISTINCT member_id FROM ' . get_table_prefix() . 'booking WHERE ' . $where . ' ORDER BY booked_at DESC', 10000);
    echo "BEGIN:VCALENDAR\n";
    echo "VERSION:2.0\n";
    echo "PRODID:-//ocProducts/ocPortal//NONSGML v1.0//EN\n";
    echo "CALSCALE:GREGORIAN\n";
    $bookable_category = get_translated_text($GLOBALS['SITE_DB']->query_value('bookable', 'title', array('id' => $id)));
    echo "X-WR-CALNAME:" . ical_escape(get_site_name() . ': ' . do_lang('BOOKINGS') . ': ' . $bookable_category) . "\n";
    require_code('booking2');
    require_lang('booking');
    $max_time = time();
    foreach ($members_with_bookings as $member_with_booking) {
        $bookings = $GLOBALS['SITE_DB']->query('SELECT id FROM ' . get_table_prefix() . 'booking WHERE (' . $where . ') AND member_id=' . strval($member_with_booking['member_id']) . ' ORDER BY booked_at DESC', 10000);
        $request = get_booking_request_from_db(collapse_1d_complexity('id', $bookings));
        foreach ($request as $i => $r) {
            $booking = $r['_rows'][0];
            $codes = '';
            foreach ($r['_rows'] as $row) {
                if ($codes != '') {
                    $codes .= ', ';
                }
                $codes .= $row['code_allocation'];
            }
            $supplements = $GLOBALS['SITE_DB']->query_select('booking_supplement a JOIN ' . get_table_prefix() . 'bookable_supplement b ON a.supplement_id=b.id', array('quantity', 'notes', 'title'), array('booking_id' => $booking['id']));
            $_url = build_url(array('page' => 'cms_booking', 'type' => '_eb', 'id' => find_booking_under($booking['member_id'], $booking['id'])), get_module_zone('cms_booking'), NULL, false, false, true);
            $url = $_url->evaluate();
            $time_start = mktime(0, 0, 0, $r['start_month'], $r['start_day'], $r['start_year']);
            $time_end = mktime(0, 0, 0, $r['end_month'], $r['end_day'] + 1, $r['end_year']);
            if ($time_end > $max_time) {
                $max_time = $time_end;
            }
            $description = $booking['notes'];
            foreach ($supplements as $supplement) {
                $description .= "\n\n+ " . get_translated_text($supplement['title']) . 'x' . integer_format($supplement['quantity']);
                if ($supplement['notes'] != '') {
                    $description .= ' (' . $supplement['notes'] . ')';
                }
            }
            for ($j = 0; $j < $r['quantity']; $j++) {
                echo "BEGIN:VEVENT\n";
                echo "DTSTAMP:" . date('Ymd', $booking['booked_at']) . "T" . date('His', $booking['booked_at']) . "\n";
                echo "CREATED:" . date('Ymd', $booking['booked_at']) . "T" . date('His', $booking['booked_at']) . "\n";
                echo "SUMMARY:" . ical_escape($bookable_category) . "\n";
                echo "DESCRIPTION:" . ical_escape($description) . "\n";
                if (!is_guest($booking['member_id'])) {
                    echo "ORGANIZER;CN=" . ical_escape($GLOBALS['FORUM_DRIVER']->get_username($booking['member_id'])) . ";DIR=" . ical_escape($GLOBALS['FORUM_DRIVER']->member_profile_url($booking['member_id'])) . ":MAILTO:" . ical_escape($GLOBALS['FORUM_DRIVER']->get_member_email_address($booking['member_id'])) . "\n";
                }
                echo "CATEGORIES:" . ical_escape($bookable_category) . "\n";
                echo "CLASS:PRIVATE\n";
                echo "STATUS:" . ($booking['paid_at'] !== NULL ? 'CONFIRMED' : 'TENTATIVE') . "\n";
                echo "UID:" . ical_escape(strval($booking['id']) . '-booking@' . get_base_url()) . "\n";
                echo "URL:" . ical_escape($url) . "\n";
                echo "DTSTART:" . str_pad($r['start_year'], 4, '0', STR_PAD_LEFT) . str_pad($r['start_month'], 2, '0', STR_PAD_LEFT) . str_pad($r['start_day'], 2, '0', STR_PAD_LEFT) . "\n";
                echo "DTEND:" . str_pad($r['end_year'], 4, '0', STR_PAD_LEFT) . str_pad($r['end_month'], 2, '0', STR_PAD_LEFT) . str_pad($r['end_day'], 2, '0', STR_PAD_LEFT) . "\n";
                echo 'TZID:' . get_site_timezone() . "\n";
                echo "END:VEVENT\n";
            }
        }
    }
    // Show free slots
    if (get_param_integer('free', 0) == 1) {
        $codes_in_total = collapse_1d_complexity('code', $GLOBALS['SITE_DB']->query_select('bookable_codes', array('code'), array('bookable_id' => $id)));
        $i = $time;
        $up_to = strtotime('+2 days', $max_time);
        do {
            $day = intval(date('d', $i));
            $month = intval(date('m', $i));
            $year = intval(date('Y', $i));
            $codes_taken_already = collapse_1d_complexity('code_allocation', $GLOBALS['SITE_DB']->query_select('booking', array('code_allocation'), array('b_day' => $day, 'b_month' => $month, 'b_year' => $year)));
            foreach (array_diff($codes_in_total, $codes_taken_already) as $code) {
                echo "BEGIN:VEVENT\n";
                echo "DTSTAMP:" . date('Ymd', time()) . "T" . date('His', time()) . "\n";
                echo "CREATED:" . date('Ymd', time()) . "T" . date('His', time()) . "\n";
                echo "SUMMARY:" . ical_escape(do_lang('NOT_TAKEN', $code)) . "\n";
                echo "CATEGORIES:" . ical_escape($bookable_category) . "\n";
                echo "CLASS:PUBLIC\n";
                echo "STATUS:TENTATIVE\n";
                echo "UID:" . ical_escape(strval($day) . '/' . strval($month) . '/' . strval($year) . '-' . $code . '-booking@' . get_base_url()) . "\n";
                $_url = build_url(array('page' => 'cms_booking', 'type' => 'ab', 'bookable_id' => $id, 'day' => $day, 'month' => $month, 'year' => $year, 'code' => $code), get_module_zone('cms_booking'), NULL, false, false, true);
                $url = $_url->evaluate();
                echo "URL:" . ical_escape($url) . "\n";
                $time = mktime(0, 0, 0, $month, $day, $year);
                if ($time > $max_time) {
                    $max_time = $time;
                }
                echo "DTSTART:" . date('Ymd', $time) . "\n";
                echo "END:VEVENT\n";
            }
            $i = strtotime('+1 day', $i);
        } while ($i <= $up_to);
    }
    echo "END:VCALENDAR\n";
    exit;
}
Ejemplo n.º 4
0
 /**
  * The UI to edit a configuration page.
  *
  * @return tempcode		The UI
  */
 function config_category()
 {
     require_javascript('javascript_validation');
     /*$GLOBALS['HELPER_PANEL_PIC']='pagepics/config';
     		$GLOBALS['HELPER_PANEL_TUTORIAL']='tut_adv_configuration';*/
     $page = get_param('id');
     $title = get_page_title(do_lang_tempcode('CONFIG_CATEGORY_' . $page), false);
     $post_url = build_url(array('page' => '_SELF', 'type' => 'set', 'id' => $page, 'redirect' => get_param('redirect', NULL)), '_SELF');
     $category_description = do_lang_tempcode('CONFIG_CATEGORY_DESCRIPTION__' . $page);
     $rows = $GLOBALS['SITE_DB']->query_select('config', array('*'), array('the_page' => $page));
     // Addin special ones
     if ($page == 'SITE') {
         $rows[] = array('the_name' => 'timezone', 'human_name' => 'TIME_ZONE', 'config_value' => '', 'the_type' => 'special', 'eval' => '', 'the_page' => 'SITE', 'section' => 'GENERAL', 'explanation' => '', 'shared_hosting_restricted' => 0);
     }
     /*global $M_SORT_KEY;	This is a lame sort - it doesn't preserve internal order
     		$M_SORT_KEY='section';
     		usort($rows,'multi_sort');*/
     // Better sort
     $all_known_groups = array();
     foreach ($rows as $myrow) {
         $_group = do_lang($myrow['section'], NULL, NULL, NULL, NULL, false);
         if (is_null($_group)) {
             $_group = $myrow['section'];
         }
         $_group = strtolower(trim(preg_replace('#(&.*;)|[^\\w\\d\\s]#U', '', $_group)));
         if (array_key_exists($_group, $all_known_groups) && $all_known_groups[$_group] != $myrow['section']) {
             $_group = 'std_' . $myrow['section'];
         }
         // If cat names translate to same things or are in non-latin characters like Cyrillic
         $all_known_groups[$_group] = $myrow['section'];
     }
     $old_rows = $rows;
     $rows = array();
     ksort($all_known_groups);
     foreach ($all_known_groups as $group_codename) {
         foreach ($old_rows as $myrow) {
             if ($myrow['section'] == $group_codename) {
                 $rows[] = $myrow;
             }
         }
     }
     // Move advanced group options to the end
     $rows2 = array();
     foreach ($rows as $i => $row) {
         if ($row['section'] == 'ADVANCED') {
             $rows2[] = $row;
             unset($rows[$i]);
         }
     }
     $rows = array_merge($rows, $rows2);
     // UI hooks
     $ui_hooks = find_all_hooks('modules', 'admin_config');
     $upload_max_filesize = ini_get('upload_max_filesize') == '0' ? do_lang('NA') : clean_file_size(php_return_bytes(ini_get('upload_max_filesize')));
     $post_max_size = ini_get('post_max_size') == '0' ? do_lang('NA') : clean_file_size(php_return_bytes(ini_get('post_max_size')));
     $groups = new ocp_tempcode();
     require_code('form_templates');
     $current_group = '';
     $out = '';
     $_groups = array();
     foreach ($rows as $myrow) {
         if ($myrow['eval'] != '' && $myrow['the_name'] != 'detect_lang_forum') {
             if (defined('HIPHOP_PHP')) {
                 require_code('hooks/systems/config_default/' . $myrow['the_name']);
                 $hook = object_factory('Hook_config_default_' . $myrow['the_name']);
                 if (is_null($hook->get_default())) {
                     continue;
                 }
             } else {
                 $GLOBALS['REQUIRE_LANG_LOOP'] = 10;
                 // LEGACY Workaround for corrupt webhost installers
                 if (is_null(@eval($myrow['eval'] . ';'))) {
                     continue;
                 }
                 // @'d in case default is corrupt, don't want it to give errors forever
                 $GLOBALS['REQUIRE_LANG_LOOP'] = 0;
                 // LEGACY
             }
         }
         $_group = do_lang($myrow['section'], NULL, NULL, NULL, NULL, false);
         $name = do_lang($myrow['human_name'], NULL, NULL, NULL, NULL, false);
         $_group_tempcode = is_null($_group) ? make_string_tempcode($myrow['section']) : do_lang_tempcode($myrow['section']);
         $name_tempcode = is_null($name) ? make_string_tempcode($myrow['human_name']) : do_lang_tempcode($myrow['human_name']);
         if (get_forum_type() == 'ocf' && $myrow['explanation'] == 'CONFIG_OPTION_forum_in_portal') {
             $exp_string = $myrow['explanation'] . '__ocf';
         } else {
             $exp_string = $myrow['explanation'];
         }
         $_explanation = do_lang($exp_string, NULL, NULL, NULL, NULL, false);
         if (is_null($_explanation)) {
             $_explanation = do_lang('CONFIG_GROUP_DEFAULT_DESCRIP_' . $myrow['section'], NULL, NULL, NULL, NULL, false);
             if (is_null($_explanation)) {
                 $explanation = new ocp_tempcode();
             } else {
                 $explanation = do_lang_tempcode('CONFIG_GROUP_DEFAULT_DESCRIP_' . $myrow['section']);
             }
         } else {
             $explanation = do_lang_tempcode($exp_string);
         }
         if ($myrow['shared_hosting_restricted'] == 1 && !is_null($GLOBALS['CURRENT_SHARE_USER'])) {
             continue;
         }
         if ($myrow['section'] != $current_group && $current_group != '') {
             $_current_group = do_lang_tempcode($current_group);
             $_group_description = do_lang('CONFIG_GROUP_DESCRIP_' . $current_group, escape_html($post_max_size), escape_html($upload_max_filesize), NULL, NULL, false);
             if (is_null($_group_description)) {
                 $group_description = new ocp_tempcode();
             } else {
                 $group_description = do_lang_tempcode('CONFIG_GROUP_DESCRIP_' . $current_group, escape_html($post_max_size), escape_html($upload_max_filesize));
             }
             $group = do_template('CONFIG_GROUP', array('_GUID' => 'af4c31daa1bc39714ab83b11bd6d3e51', 'GROUP_DESCRIPTION' => $group_description, 'GROUP_NAME' => $current_group, 'GROUP' => $out, 'CURRENT_GROUP' => $_current_group));
             $groups->attach($group->evaluate());
             $out = '';
         }
         $_groups[$myrow['section']] = $_group_tempcode;
         switch ($myrow['the_type']) {
             case 'special':
                 switch ($myrow['the_name']) {
                     case 'timezone':
                         $list = '';
                         $timezone = get_site_timezone();
                         foreach (get_timezone_list() as $_timezone => $timezone_nice) {
                             $list .= static_evaluate_tempcode(form_input_list_entry($_timezone, $_timezone == $timezone, $timezone_nice));
                         }
                         $out .= static_evaluate_tempcode(form_input_list(do_lang_tempcode('TIME_ZONE'), do_lang_tempcode('DESCRIPTION_TIMEZONE_SITE'), 'timezone', make_string_tempcode($list)));
                         break;
                     default:
                         require_code('hooks/modules/admin_config/' . filter_naughty_harsh($myrow['the_name']));
                         $hook_ob = object_factory('Hook_admin_config_' . filter_naughty_harsh($myrow['the_name']));
                         $out .= static_evaluate_tempcode($hook_ob->run($myrow));
                         break;
                 }
                 break;
             case 'integer':
                 $out .= static_evaluate_tempcode(form_input_integer($name_tempcode, $explanation, $myrow['the_name'], intval(get_option($myrow['the_name'])), false));
                 break;
             case 'line':
                 if (strpos($myrow['the_name'], 'colour') !== false && substr(get_option($myrow['the_name']), 0, 1) == '#') {
                     $out .= static_evaluate_tempcode(form_input_colour($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false, NULL, true));
                 } elseif ($myrow['the_name'] == 'currency') {
                     $list = '';
                     require_code('currency');
                     $currencies = array_keys(get_currency_map());
                     foreach ($currencies as $currency) {
                         $list .= static_evaluate_tempcode(form_input_list_entry($currency, $currency == get_option($myrow['the_name'])));
                     }
                     $out .= static_evaluate_tempcode(form_input_list($name_tempcode, $explanation, $myrow['the_name'], make_string_tempcode($list)));
                 } elseif ($myrow['the_name'] == 'payment_gateway') {
                     $list = '';
                     $all_via = find_all_hooks('systems', 'ecommerce_via');
                     foreach (array_keys($all_via) as $via) {
                         $list .= static_evaluate_tempcode(form_input_list_entry($via, $via == get_option($myrow['the_name'])));
                     }
                     $out .= static_evaluate_tempcode(form_input_list($name_tempcode, $explanation, $myrow['the_name'], make_string_tempcode($list)));
                 } else {
                     /*if (strpos($myrow['the_name'],'password')!==false)  password fields can't take defaults
                     			$out.=static_evaluate_tempcode(form_input_password($name_tempcode,$explanation,$myrow['the_name'],get_option($myrow['the_name']),false));
                     		else
                     			*/
                     $out .= static_evaluate_tempcode(form_input_line($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false));
                 }
                 break;
             case 'list':
                 $list = '';
                 $_value = get_option($myrow['the_name']);
                 $values = explode('|', $myrow['c_data']);
                 foreach ($values as $value) {
                     $_option_text = do_lang('CONFIG_OPTION_' . $myrow['the_name'] . '_VALUE_' . $value, NULL, NULL, NULL, NULL, false);
                     if (!is_null($_option_text)) {
                         $option_text = do_lang_tempcode('CONFIG_OPTION_' . $myrow['the_name'] . '_VALUE_' . $value);
                     } else {
                         $option_text = make_string_tempcode($value);
                     }
                     $list .= static_evaluate_tempcode(form_input_list_entry($value, $_value == $value, $option_text));
                 }
                 $out .= static_evaluate_tempcode(form_input_list($name_tempcode, $explanation, $myrow['the_name'], make_string_tempcode($list), NULL, false, false));
                 break;
             case 'transline':
                 $out .= static_evaluate_tempcode(form_input_line($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false));
                 break;
             case 'text':
                 $out .= static_evaluate_tempcode(form_input_text($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false, NULL, true));
                 break;
             case 'transtext':
                 $out .= static_evaluate_tempcode(form_input_text($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false, NULL, true));
                 break;
             case 'float':
                 $out .= static_evaluate_tempcode(form_input_float($name_tempcode, $explanation, $myrow['the_name'], floatval(get_option($myrow['the_name'])), false));
                 break;
             case 'tick':
                 $out .= static_evaluate_tempcode(form_input_tick($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']) == '1'));
                 break;
             case 'date':
                 $out .= static_evaluate_tempcode(form_input_date($name_tempcode, $explanation, $myrow['the_name'], false, false, false, intval(get_option($myrow['the_name'])), 40, intval(date('Y')) - 20, NULL, false));
                 break;
             case 'forum':
             case '?forum':
                 if (get_forum_type() == 'ocf' && addon_installed('ocf_forum')) {
                     $current_setting = get_option($myrow['the_name']);
                     if (!is_numeric($current_setting)) {
                         $_current_setting = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $current_setting));
                         if (is_null($_current_setting)) {
                             if ($myrow['the_type'] == '?forum') {
                                 $current_setting = NULL;
                             } else {
                                 $current_setting = strval(db_get_first_id());
                                 attach_message(do_lang_tempcode('FORUM_CURRENTLY_UNSET', $name_tempcode), 'notice');
                             }
                         } else {
                             $current_setting = strval($_current_setting);
                         }
                     }
                     $out .= static_evaluate_tempcode(form_input_tree_list($name_tempcode, $explanation, $myrow['the_name'], NULL, 'choose_forum', array(), false, $current_setting));
                 } else {
                     $out .= static_evaluate_tempcode(form_input_line($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false));
                 }
                 break;
             case 'category':
                 if (get_forum_type() == 'ocf') {
                     $tmp_value = $GLOBALS['FORUM_DB']->query_value_null_ok('f_categories', 'id', array('c_title' => get_option($myrow['the_name'])));
                     require_code('ocf_forums2');
                     $_list = ocf_nice_get_categories(NULL, $tmp_value);
                     $out .= static_evaluate_tempcode(form_input_list($name_tempcode, $explanation, $myrow['the_name'], $_list));
                 } else {
                     $out .= static_evaluate_tempcode(form_input_line($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false));
                 }
                 break;
             case 'usergroup':
                 if (get_forum_type() == 'ocf') {
                     $tmp_value = $GLOBALS['FORUM_DB']->query_value_null_ok('f_groups g LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'translate t ON t.id=g.g_name', 'g.id', array('text_original' => get_option($myrow['the_name'])));
                     require_code('ocf_groups');
                     $_list = ocf_nice_get_usergroups($tmp_value);
                     $out .= static_evaluate_tempcode(form_input_list($name_tempcode, $explanation, $myrow['the_name'], $_list));
                 } else {
                     $out .= static_evaluate_tempcode(form_input_line($name_tempcode, $explanation, $myrow['the_name'], get_option($myrow['the_name']), false));
                 }
                 break;
         }
         $current_group = $myrow['section'];
     }
     if ($out != '') {
         $_group_description = do_lang('CONFIG_GROUP_DESCRIP_' . $current_group, escape_html($post_max_size), escape_html($upload_max_filesize), NULL, NULL, false);
         if (is_null($_group_description)) {
             $group_description = new ocp_tempcode();
         } else {
             $group_description = do_lang_tempcode('CONFIG_GROUP_DESCRIP_' . $current_group, escape_html($post_max_size), escape_html($upload_max_filesize));
         }
         $group = do_template('CONFIG_GROUP', array('_GUID' => '84c0db86002a33a383a7c2e195dd3913', 'GROUP_DESCRIPTION' => $group_description, 'GROUP_NAME' => $current_group, 'GROUP' => $out, 'CURRENT_GROUP' => $_group_tempcode));
         $groups->attach($group->evaluate());
     }
     list($warning_details, $ping_url) = handle_conflict_resolution();
     breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('CONFIGURATION'))));
     breadcrumb_set_self(do_lang_tempcode('CONFIG_CATEGORY_' . $page));
     return do_template('CONFIG_CATEGORY_SCREEN', array('_GUID' => 'd01b28b71c38bbb52b6aaf877c7f7b0e', 'CATEGORY_DESCRIPTION' => $category_description, '_GROUPS' => $_groups, 'PING_URL' => $ping_url, 'WARNING_DETAILS' => $warning_details, 'TITLE' => $title, 'URL' => $post_url, 'GROUPS' => $groups, 'SUBMIT_NAME' => do_lang_tempcode('SAVE')));
 }
Ejemplo n.º 5
0
 /**
  * The actualiser for adding a member.
  *
  * @return tempcode		The UI
  */
 function step2()
 {
     $title = get_page_title('ADD_MEMBER');
     // Read in data
     $username = trim(post_param('username'));
     $password = trim(post_param('password'));
     /*	$password_confirm=trim(post_param('password_confirm'));
     		if ($password!=$password_confirm) warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));*/
     $email_address = trim(post_param('email_address', ''));
     $dob_day = post_param_integer('dob_day', NULL);
     $dob_month = post_param_integer('dob_month', NULL);
     $dob_year = post_param_integer('dob_year', NULL);
     $reveal_age = post_param_integer('reveal_age', 0);
     $timezone = post_param('timezone', get_site_timezone());
     $language = post_param('language', get_site_default_lang());
     $allow_emails = post_param_integer('allow_emails', 0);
     $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
     $custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true));
     $actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
     $validated = post_param_integer('validated', 0);
     $primary_group = has_specific_permission(get_member(), 'assume_any_member') ? post_param_integer('primary_group') : NULL;
     $theme = post_param('theme', '');
     $views_signatures = post_param_integer('views_signatures', 0);
     $preview_posts = post_param_integer('preview_posts', 0);
     $auto_monitor_contrib_content = post_param_integer('auto_monitor_contrib_content', 0);
     $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : '';
     $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true);
     $all_pt_allow = '';
     foreach (array_keys($tmp_groups) as $key) {
         if ($key != db_get_first_id()) {
             if ($all_pt_allow != '') {
                 $all_pt_allow .= ',';
             }
             $all_pt_allow .= strval($key);
         }
     }
     if ($pt_allow == $all_pt_allow) {
         $pt_allow = '*';
     }
     $pt_rules_text = post_param('pt_rules_text', '');
     breadcrumb_set_parents(array(array('_SEARCH:admin_ocf_join:menu', do_lang_tempcode('MEMBERS')), array('_SELF:_SELF:misc', do_lang_tempcode('ADD_MEMBER'))));
     breadcrumb_set_self(do_lang_tempcode('DETAILS'));
     // Add member
     $id = ocf_make_member($username, $password, $email_address, NULL, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), NULL, '', NULL, '', 0, $preview_posts, $reveal_age, '', '', '', $views_signatures, $auto_monitor_contrib_content, $language, $allow_emails, $allow_emails_from_staff, '', '', '', true, '', '', post_param_integer('zone_wide', 0), NULL, NULL, post_param_integer('highlighted_name', 0), $pt_allow, $pt_rules_text);
     // Secondary groups
     if (array_key_exists('secondary_groups', $_POST)) {
         require_code('ocf_groups_action2');
         $members_groups = array();
         $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)');
         $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL));
         foreach ($_POST['secondary_groups'] as $group_id) {
             $group = $groups[intval($group_id)];
             if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission(get_member(), 'see_hidden_groups')) {
                 continue;
             }
             if (in_array($group['id'], $members_groups) || has_specific_permission(get_member(), 'assume_any_member') || $group['g_open_membership'] == 1) {
                 ocf_add_member_to_group($id, $group['id']);
             }
         }
     }
     $special_links = array();
     if (addon_installed('galleries')) {
         require_lang('galleries');
         $special_links[] = array('galleries', array('cms_galleries', array('type' => 'gimp', 'id' => $id), get_module_zone('cms_galleries')), do_lang('ADD_GALLERY'));
     }
     require_code('templates_donext');
     return do_next_manager($title, do_lang_tempcode('SUCCESS'), NULL, NULL, array('_SELF', array('type' => 'misc'), '_SELF'), NULL, NULL, array('members', array('type' => 'view', 'id' => $id), get_module_zone('members')), array('members', array('type' => 'misc'), get_module_zone('members'), do_lang_tempcode('MEMBERS')), NULL, NULL, NULL, NULL, NULL, $special_links, NULL, NULL, NULL, NULL, do_lang_tempcode('MEMBERS'));
 }
Ejemplo n.º 6
0
/**
 * Given a timezone offset, make it into a formal timezone.
 *
 * @param  float			Timezone offset.
 * @return string			Users timezone in "boring" format.
 */
function convert_timezone_offset_to_formal_timezone($offset)
{
    $time_now = time();
    $expected = time() + intval(60 * 60 * $offset);
    $zones = get_timezone_list();
    foreach (array_keys($zones) as $zone) {
        $converted = tz_time($time_now, $zone);
        if ($converted == $expected) {
            if (tz_time($time_now, get_server_timezone()) == $converted) {
                return get_server_timezone();
            }
            // Prefer to set the site timezone if it is currently the same
            return $zone;
        }
    }
    // Could not find one
    if (!is_numeric(get_value('timezone'))) {
        return get_site_timezone();
    }
    return get_server_timezone();
}
/**
 * Set up a new session / Restore an existing one that was lost.
 *
 * @param  MEMBER			Logged in member
 * @param  BINARY			Whether the session should be considered confirmed
 * @param  boolean		Whether the session should be invisible
 * @return AUTO_LINK		New session ID
 */
function create_session($member, $session_confirmed = 0, $invisible = false)
{
    global $SESSION_CACHE;
    global $MEMBER_CACHED;
    $MEMBER_CACHED = $member;
    if ($invisible && get_option('is_on_invisibility') == '0') {
        $invisible = false;
    }
    $new_session = mixed();
    $restored_session = delete_expired_sessions_or_recover($member);
    if (is_null($restored_session)) {
        // Generate random session
        $new_session = mt_rand(0, mt_getrandmax() - 1);
        // Store session
        $username = $GLOBALS['FORUM_DRIVER']->get_username($member);
        $new_session_row = array('the_session' => $new_session, 'last_activity' => time(), 'the_user' => $member, 'ip' => get_ip_address(3), 'session_confirmed' => $session_confirmed, 'session_invisible' => $invisible ? 1 : 0, 'cache_username' => $username, 'the_title' => '', 'the_zone' => get_zone_name(), 'the_page' => substr(get_page_name(), 0, 80), 'the_type' => substr(get_param('type', '', true), 0, 80), 'the_id' => substr(either_param('id', ''), 0, 80));
        $GLOBALS['SITE_DB']->query_insert('sessions', $new_session_row, false, true);
        $SESSION_CACHE[$new_session] = $new_session_row;
        $big_change = true;
    } else {
        $new_session = $restored_session;
        $prior_session_row = $SESSION_CACHE[$new_session];
        $new_session_row = array('the_title' => '', 'the_zone' => get_zone_name(), 'the_page' => get_page_name(), 'the_type' => substr(either_param('type', ''), 0, 80), 'the_id' => substr(either_param('id', ''), 0, 80), 'last_activity' => time(), 'ip' => get_ip_address(3), 'session_confirmed' => $session_confirmed);
        $big_change = $prior_session_row['last_activity'] < time() - 10 || $prior_session_row['session_confirmed'] != $session_confirmed || $prior_session_row['ip'] != $new_session_row['ip'];
        if ($big_change) {
            $GLOBALS['SITE_DB']->query_update('sessions', $new_session_row, array('the_session' => $new_session), '', 1, NULL, false, true);
        }
        $SESSION_CACHE[$new_session] = array_merge($SESSION_CACHE[$new_session], $new_session_row);
    }
    if ($big_change) {
        if (get_value('session_prudence') !== '1') {
            // With session prudence we don't store all these in persistant cache due to the size of it all. So only re-save if that's not on.
            persistant_cache_set('SESSION_CACHE', $SESSION_CACHE);
        }
    }
    set_session_id($new_session);
    // We won't set it true here, but something that really needs it to persist might come back and re-set it
    // New sessions = Login points
    if (!is_null($member) && addon_installed('points') && addon_installed('stats') && !is_guest($member)) {
        $points_per_daily_visit = intval(get_option('points_per_daily_visit', true));
        if ($points_per_daily_visit != 0) {
            // See if this is the first visit today
            $test = $GLOBALS['SITE_DB']->query_value('stats', 'MAX(date_and_time)', array('the_user' => $member));
            if (!is_null($test)) {
                require_code('temporal');
                require_code('tempcode');
                if (date('d/m/Y', tz_time($test, get_site_timezone())) != date('d/m/Y', tz_time(time(), get_site_timezone()))) {
                    require_code('points');
                    $_before = point_info($member);
                    if (array_key_exists('points_gained_given', $_before)) {
                        $GLOBALS['FORUM_DRIVER']->set_custom_field($member, 'points_gained_given', strval(intval($_before['points_gained_given']) + $points_per_daily_visit));
                    }
                }
            }
        }
    }
    $GLOBALS['SESSION_CONFIRMED'] = $session_confirmed;
    return $new_session;
}
Ejemplo n.º 8
0
/**
 * Evaluate a conventional tempcode variable, handling escaping
 *
 * @param  LANGUAGE_NAME	The language to evaluate this symbol in (some symbols refer to language elements)
 * @param  array				Array of escaping operations
 * @param  integer			The type of symbol this is (TC_SYMBOL, TC_LANGUAGE_REFERENCE)
 * @set    0 2
 * @param  ID_TEXT			The name of the symbol
 * @param  array				Parameters to the symbol. For all but directive it is an array of strings. For directives it is an array of Tempcode objects. Actually there may be template-style parameters in here, as an influence of singular_bind and these may be Tempcode, but we ignore them.
 * @return mixed				The result. Either tempcode, or a string.
 */
function ecv($lang, $escaped, $type, $name, $param)
{
    global $TEMPCODE_SETGET, $CYCLES, $PREPROCESSABLE_SYMBOLS, $DISPLAYED_TITLE;
    //echo '<!--'.$name.'-->'."\n";
    if ($type == TC_SYMBOL) {
        $escaped_codes = $name . ($escaped == array() ? '' : serialize($escaped));
        $cacheable = $param == array() && !isset($GLOBALS['NON_CACHEABLE_SYMBOLS'][$name]);
        if ($cacheable) {
            global $SYMBOL_CACHE;
            if (isset($SYMBOL_CACHE[$escaped_codes])) {
                return $SYMBOL_CACHE[$escaped_codes];
            }
        }
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        $temp_array = array();
        if (isset($PREPROCESSABLE_SYMBOLS[$name]) && $name != 'PAGE_LINK') {
            handle_symbol_preprocessing(array($escaped, $type, $name, $param), $temp_array);
        }
        // Late preprocessing. Should not be needed in case of full screen output (as this was properly preprocessed), but is in other cases
        switch ($name) {
            case 'PAGE_LINK':
                if (isset($param[0])) {
                    list($zone, $map, $hash) = page_link_decode(is_object($param[0]) ? $param[0]->evaluate() : $param[0]);
                    $skip = NULL;
                    if (isset($param[4])) {
                        $skip = array_flip(explode('|', $param[4]));
                    }
                    $avoid_remap = isset($param[1]) && $param[1] == '1';
                    $skip_keep = isset($param[2]) && $param[2] == '1';
                    $keep_all = isset($param[3]) && $param[3] == '1';
                    foreach ($map as $key => $val) {
                        if (is_object($val)) {
                            $map[$key] = $val->evaluate();
                        }
                    }
                    $value = _build_url($map, $zone, $skip, $keep_all, $avoid_remap, $skip_keep, $hash);
                } else {
                    $value = get_zone_name() . ':' . get_page_name();
                    foreach ($_GET as $key => $val) {
                        if ($key == 'page') {
                            continue;
                        }
                        if (is_array($val)) {
                            continue;
                        }
                        if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val)) {
                            continue;
                        }
                        $value .= ':' . $key . '=' . $val;
                    }
                }
                break;
            case 'SET':
                if (isset($param[1])) {
                    if (isset($param[1]) && is_object($param[1])) {
                        $TEMPCODE_SETGET[$param[0]] = $param[1];
                    } else {
                        $param_copy = $param;
                        unset($param_copy[0]);
                        $TEMPCODE_SETGET[$param[0]] = implode(',', $param_copy);
                    }
                }
                break;
            case 'GET':
                if (isset($param[0])) {
                    if (isset($TEMPCODE_SETGET[$param[0]])) {
                        if (is_object($TEMPCODE_SETGET[$param[0]])) {
                            $TEMPCODE_SETGET[$param[0]] = $TEMPCODE_SETGET[$param[0]]->evaluate();
                        }
                        $value = $TEMPCODE_SETGET[$param[0]];
                    }
                }
                break;
            case 'EQ':
                if (isset($param[1])) {
                    $first = array_shift($param);
                    $count = 0;
                    foreach ($param as $test) {
                        if ($first == $test) {
                            $count++;
                            break;
                        }
                    }
                    $value = $count != 0 ? '1' : '0';
                }
                break;
            case 'NEQ':
                if (isset($param[1])) {
                    $first = array_shift($param);
                    $count = 0;
                    foreach ($param as $test) {
                        if ($first == $test) {
                            $count++;
                        }
                    }
                    $value = $count == 0 ? '1' : '0';
                }
                break;
            case 'NOT':
                if (isset($param[0])) {
                    $value = $param[0] == '1' || $param[0] == '1' ? '0' : '1';
                }
                break;
            case 'OR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count > 0 ? '1' : '0';
                break;
            case 'AND':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == count($param) ? '1' : '0';
                break;
            case 'HAS_ACTUAL_PAGE_ACCESS':
                if (isset($param[0])) {
                    $value = has_actual_page_access($param !== NULL && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], isset($param[1]) ? $param[1] : NULL) ? '1' : '0';
                }
                break;
            case '?':
                if (isset($param[1])) {
                    $value = $param[0] == '1' || $param[0] == '1' ? $param[1] : (isset($param[2]) ? $param[2] : $value);
                }
                break;
            case 'IMG':
                if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
                    $value = find_theme_image($param[0], isset($param[3]) && $param[3] == '1', false, array_key_exists(2, $param) && $param[2] != '' ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
                }
                break;
            case '':
                break;
            case 'META_DATA':
                if (isset($param[0])) {
                    global $META_DATA;
                    if (isset($param[1])) {
                        $matches = array();
                        if ($param[0] == 'image' && preg_match('#^' . preg_quote(find_script('attachment'), '#') . '\\?id=(\\d+)#', $param[1], $matches) != 0) {
                            require_code('attachments');
                            if (!has_attachment_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), intval($matches[1]))) {
                                break;
                            }
                        }
                        $META_DATA[$param[0]] = $param[1];
                    } else {
                        $value = isset($META_DATA[$param[0]]) ? strip_comcode($META_DATA[$param[0]]) : '';
                        if ($value === NULL) {
                            $value = '';
                        }
                    }
                }
                break;
            case 'SPECIAL_CLICK_TO_EDIT':
                $_value = do_lang_tempcode('SPECIAL_CLICK_TO_EDIT');
                $value = $_value->evaluate();
                break;
            case 'KEEP':
                // What needs preserving in the URL
                $value = keep_symbol($param);
                break;
            case 'BROWSER':
                if (isset($param[1])) {
                    $q = false;
                    foreach (explode('|', $param[0]) as $browser) {
                        $q = browser_matches($browser);
                        if ($q) {
                            break;
                        }
                    }
                    $value = $q ? $param[1] : (isset($param[2]) ? $param[2] : '');
                    if ($GLOBALS['XSS_DETECT']) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'JAVASCRIPT_INCLUDE':
                if (isset($param[0])) {
                    require_javascript($param[0]);
                    /*// Has to do this inline, as you're not allowed to reference scripts outside head
                    		if (!array_key_exists($param[0],$GLOBALS['JAVASCRIPTS']))
                    		{
                    			$GLOBALS['JAVASCRIPTS'][$param[0]]=1;
                    			$file=javascript_enforce($param[0]);
                    			$_value=do_template('JAVASCRIPT_NEED_INLINE',array('_GUID'=>'d6c907e26c5a8dd8c65f1d36a1a674a9','CODE'=>file_get_contents($file,FILE_TEXT)));
                    			$value=$_value->evaluate();
                    		}*/
                }
                break;
            case 'FACILITATE_AJAX_BLOCK_CALL':
                if (isset($param[0])) {
                    require_javascript('javascript_ajax');
                    require_code('blocks');
                    $_block_constraints = block_params_to_block_signature(block_params_str_to_arr($param[0]));
                    if (array_key_exists(1, $param)) {
                        $_block_constraints = array_merge($_block_constraints, block_params_str_to_arr($param[1]));
                        ksort($_block_constraints);
                    }
                    $block_constraints = block_params_arr_to_str($_block_constraints);
                    // Store permissions
                    $_auth_key = $GLOBALS['SITE_DB']->query_select('temp_block_permissions', array('id', 'p_time'), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
                    if (!array_key_exists(0, $_auth_key)) {
                        $auth_key = $GLOBALS['SITE_DB']->query_insert('temp_block_permissions', array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints, 'p_time' => time()), true);
                    } else {
                        $auth_key = $_auth_key[0]['id'];
                        if (time() - $_auth_key[0]['p_time'] > 100) {
                            $GLOBALS['SITE_DB']->query_update('temp_block_permissions', array('p_time' => time()), array('p_session_id' => get_session_id(), 'p_block_constraints' => $block_constraints), '', 1);
                        }
                    }
                    $keep = symbol_tempcode('KEEP');
                    $value = find_script('snippet') . '?snippet=block&auth_key=' . urlencode(strval($auth_key)) . '&block_map=' . urlencode($param[0]) . $keep->evaluate();
                }
                break;
            case 'LANG':
                $value = user_lang();
                break;
            case '_GET':
                if (isset($param[0])) {
                    $value = get_param($param[0], isset($param[1]) ? $param[1] : '', true);
                }
                break;
            case 'QUERY_STRING':
                $value = ocp_srv('QUERY_STRING');
                break;
            case 'USER_AGENT':
                $value = ocp_srv('HTTP_USER_AGENT');
                break;
            case 'STRIP_TAGS':
                if (isset($param[0])) {
                    if (isset($param[1]) && $param[1] == '1') {
                        $value = strip_tags(str_replace('))', ')', str_replace('((', '(', str_replace('<em>', '(', str_replace('</em>', ')', $param[0])))));
                    } else {
                        $value = strip_tags($param[0], array_key_exists(2, $param) ? $param[2] : '');
                    }
                    if (isset($param[1]) && $param[1] == '1') {
                        $value = @html_entity_decode($value, ENT_QUOTES, get_charset());
                    }
                }
                break;
            case 'CONFIG_OPTION':
                if (isset($param[0])) {
                    if (!isset($GLOBALS['OPTIONS'])) {
                        $value = '0';
                    } else {
                        $value = get_option($param[0], true);
                        if ($value === NULL) {
                            $value = '';
                        }
                    }
                }
                break;
            case 'TRUNCATE_LEFT':
                // Truncate the left length of a string. 0: text to truncate, 1: the truncate length, 2: whether to use a tooltip mouse-over if it is truncated, 3: whether it is encoded as HTML (0=no [default, plain-text], 1=yes)
                $value = symbol_truncator($param, 'left');
                break;
            case 'TRUNCATE_RIGHT':
                $value = symbol_truncator($param, 'right');
                break;
            case 'TRUNCATE_SPREAD':
                $value = symbol_truncator($param, 'spread');
                break;
            case 'TRUNCATE_EXPAND':
                $value = symbol_truncator($param, 'expand');
                break;
            case 'THEME':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->get_theme();
                } else {
                    $value = 'default';
                }
                break;
            case 'REVERSE':
                if (isset($param[0])) {
                    $value = implode(',', array_reverse(explode(',', $param[0])));
                }
                break;
            case 'COMMA_LIST_GET':
                if (isset($param[1])) {
                    require_code('blocks');
                    $values = block_params_str_to_arr($param[0]);
                    $value = isset($values[$param[1]]) ? $values[$param[1]] : '';
                }
                break;
            case 'COMMA_LIST_SET':
                if (isset($param[2])) {
                    require_code('blocks');
                    $values = block_params_str_to_arr($param[0]);
                    $values[$param[1]] = $param[2];
                    $value = block_params_arr_to_str($values);
                }
                break;
            case 'IS_EMPTY':
                if (isset($param[0])) {
                    $value = $param[0] == '' ? '1' : '0';
                }
                break;
            case 'IS_NON_EMPTY':
                if (isset($param[0])) {
                    $value = $param[0] != '' ? '1' : '0';
                }
                break;
            case 'CUSTOM_BASE_URL':
                $value = get_custom_base_url(isset($param[0]) && $param[0] != '' ? $param[0] == '1' : NULL);
                if (isset($param[1]) && $param[1] == '1') {
                    $value = cdn_filter($value);
                }
                break;
            case 'LOAD_PANEL':
                foreach ($param as $i => $p) {
                    if (is_object($p)) {
                        $param[$i] = $p->evaluate();
                    }
                }
                global $LOADED_PANELS;
                if (strpos($param[0], ':') !== false) {
                    $param = array_reverse(explode(':', $param[0], 2));
                }
                if (substr($param[0], 0, 6) == 'panel_') {
                    $param[0] = substr($param[0], 6);
                }
                $sr = serialize($param);
                $value = array_key_exists($sr, $LOADED_PANELS) ? $LOADED_PANELS[$sr] : '';
                break;
            case 'HAS_JS':
            case 'JS_ON':
                if (isset($param[1])) {
                    $value = has_js() ? $param[0] : $param[1];
                } else {
                    $value = has_js() ? '1' : '0';
                }
                break;
            case 'BASE_URL_NOHTTP':
                $value = preg_replace('#^https?://[^/]+#', '', get_base_url());
                if (substr($value, 0, 2) == '//') {
                    $value = substr($value, 1);
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'CUSTOM_BASE_URL_NOHTTP':
                $value = preg_replace('#^https?://[^/]+/#', '/', get_custom_base_url());
                if (substr($value, 0, 2) == '//') {
                    $value = substr($value, 1);
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'BASE_URL':
                $value = get_base_url(isset($param[0]) ? $param[0] == '1' : NULL);
                break;
            case 'ZONE':
                $value = get_zone_name();
                break;
            case 'PAGE':
                $value = get_page_name();
                break;
            case 'SITE_NAME':
                $value = get_site_name();
                break;
            case 'HEADER_TEXT':
                global $ZONE;
                $value = $ZONE['zone_header_text_trans'];
                break;
            case 'PANEL_WIDTH':
                if (isset($TEMPCODE_SETGET['PANEL_WIDTH']) && $TEMPCODE_SETGET['PANEL_WIDTH'] != '') {
                    $value = $TEMPCODE_SETGET['PANEL_WIDTH'];
                } else {
                    $value = get_option('panel_width', true);
                    if ($value === NULL) {
                        $value = '13.3em';
                    }
                }
                break;
            case 'PANEL_WIDTH_SPACED':
                if (isset($TEMPCODE_SETGET['PANEL_WIDTH_SPACED']) && $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'] != '') {
                    $value = $TEMPCODE_SETGET['PANEL_WIDTH_SPACED'];
                } else {
                    $value = get_option('panel_width_spaced', true);
                    if (is_null($value)) {
                        $value = '14.3em';
                    }
                }
                break;
            case 'TRIM':
                if (isset($param[0])) {
                    $value = preg_replace(array('#^\\s+#', '#^(<br\\s*/?' . '>\\s*)+#', '#^(&nbsp;)+#', '#\\s+$#', '#(<br\\s*/?' . '>\\s*)+$#', '#(&nbsp;)+$#'), array('', '', '', '', '', ''), $param[0]);
                }
                break;
            case 'CPF_VALUE':
                if (isset($param[0])) {
                    if (is_numeric($param[0])) {
                        require_code('ocf_members');
                        $fields = ocf_get_custom_fields_member(isset($param[1]) ? intval($param[1]) : get_member());
                        if (array_key_exists(intval($param[0]), $fields)) {
                            $_value = $fields[intval($param[0])];
                        }
                    } elseif (substr($param[0], 0, 2) == 'm_' && strpos(strtolower($param[0]), 'hash') === false && strpos(strtolower($param[0]), 'salt') === false) {
                        $_value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(isset($param[1]) ? intval($param[1]) : get_member(), $param[0]);
                    } else {
                        $_value = get_ocp_cpf($param[0], isset($param[1]) ? intval($param[1]) : NULL);
                    }
                    if (!is_string($_value)) {
                        $value = is_null($_value) ? '' : strval($_value);
                    } else {
                        $value = $_value;
                    }
                }
                break;
            case 'BANNER':
                if (addon_installed('banners')) {
                    global $SITE_INFO;
                    $is_on_banners = get_option('is_on_banners') == '1' && (!has_specific_permission(get_member(), 'banner_free') || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member()) && get_option('admin_banners') == '1' || !is_null($GLOBALS['CURRENT_SHARE_USER']));
                    if (array_key_exists('throttle_bandwidth_registered', $SITE_INFO)) {
                        $views_till_now = intval(get_value('page_views'));
                        $bandwidth_allowed = $SITE_INFO['throttle_bandwidth_registered'];
                        $total_bandwidth = intval(get_value('download_bandwidth'));
                        if ($bandwidth_allowed * 1024 * 1024 >= $total_bandwidth) {
                            $is_on_banners = false;
                        }
                    }
                    if ($is_on_banners && !is_page_https(get_zone_name(), get_page_name())) {
                        require_code('banners');
                        $b_type = isset($param[0]) ? $param[0] : '';
                        $internal_only = isset($param[1]) ? intval($param[1]) : ($b_type == '' ? 0 : 1);
                        if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                            $_value = banners_script(true, '', '', $b_type, $internal_only, '');
                            $value = $_value->evaluate();
                        } else {
                            $value = 'Banner goes here';
                        }
                    }
                }
                break;
            case 'AVATAR':
                $value = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url(isset($param[0]) ? intval($param[0]) : get_member());
                if (url_is_local($value) && $value != '') {
                    $value = get_custom_base_url() . '/' . $value;
                }
                break;
            case 'IS_GUEST':
                if (isset($param[0])) {
                    $value = is_guest(intval($param[0])) ? '1' : '0';
                } else {
                    $value = is_guest() ? '1' : '0';
                }
                break;
            case 'MEMBER':
                $value = strval(get_member());
                break;
            case 'USER':
                if (!isset($param[0])) {
                    $value = strval(get_member());
                } else {
                    $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($param[0]);
                    $value = is_null($member_id) ? '' : strval($member_id);
                }
                break;
            case 'CSS_INCLUDE':
                if (isset($param[0])) {
                    require_css($param[0]);
                    /*// Has to do this inline, as you're not allowed to reference sheets outside head
                    		if (!array_key_exists($param[0],$GLOBALS['CSSS']))
                    		{
                    			$GLOBALS['CSSS'][$param[0]]=1;
                    			$file=css_enforce($param[0]);
                    			$_value=do_template('CSS_NEED_INLINE',array('_GUID'=>'9de994d2f6d47a622d49347feb7ebe96','CSS'=>str_replace('../../../../',get_base_url().'/',file_get_contents($file,FILE_TEXT))));
                    			$value=$_value->evaluate();
                    		}*/
                }
                break;
            case 'USER_OVERIDE':
                $value = get_param('id', '');
                if (!is_numeric($value) || $value == '') {
                    $value = strval(get_member());
                }
                break;
            case 'IS_HTTPAUTH_LOGIN':
                $value = is_httpauth_login() ? '1' : '0';
                break;
            case 'MEMBER_PROFILE_LINK':
                $value = $GLOBALS['FORUM_DRIVER']->member_profile_url(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member(), false, true);
                if (is_null($value)) {
                    $value = '';
                }
                break;
            case 'USERNAME':
                $value = $GLOBALS['FORUM_DRIVER']->get_username(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member());
                if (is_null($value)) {
                    $value = do_lang('UNKNOWN');
                }
                break;
            case 'CYCLE':
                if (isset($param[0])) {
                    if (!isset($CYCLES[$param[0]])) {
                        $CYCLES[$param[0]] = 0;
                    }
                    if (!isset($param[1])) {
                        $value = strval($CYCLES[$param[0]]);
                    } else {
                        if (count($param) == 2) {
                            $param = array_merge(array($param[0]), explode(',', $param[1]));
                        }
                        ++$CYCLES[$param[0]];
                        if (!array_key_exists($CYCLES[$param[0]], $param)) {
                            $CYCLES[$param[0]] = 1;
                        }
                        $value = $param[$CYCLES[$param[0]]];
                    }
                }
                break;
            case 'THUMBNAIL':
                require_code('images');
                $value = _symbol_thumbnail($param);
                break;
            case 'IMAGE_WIDTH':
                require_code('images');
                list($value, ) = _symbol_image_dims($param);
                break;
            case 'IMAGE_HEIGHT':
                require_code('images');
                list(, $value) = _symbol_image_dims($param);
                break;
            case 'IS_IN_GROUP':
                if (isset($param[0])) {
                    if (in_array($param[count($param) - 1], array('', 'primary', 'secondary'))) {
                        $last_param = $param[count($param) - 1];
                        unset($param[count($param) - 1]);
                    } else {
                        $last_param = '';
                    }
                    $member_id = get_member();
                    $new_param = '';
                    $param_2 = array();
                    foreach ($param as $group) {
                        if (substr($group, 0, 1) == '!' && is_numeric(substr($group, 1))) {
                            $member_id = intval(substr($group, 1));
                        } else {
                            $param_2 = array_merge($param_2, explode(',', $group));
                        }
                    }
                    foreach ($param_2 as $group) {
                        if ($new_param != '') {
                            $new_param .= ',';
                        }
                        $new_param .= $group;
                    }
                    if ($last_param == 'primary') {
                        $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
                        $real_group_list = array($GLOBALS['FORUM_DRIVER']->pname_group($member_row));
                    } elseif ($last_param == 'secondary') {
                        $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
                        $member_row = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id);
                        $real_group_list = array_diff($real_group_list, array($GLOBALS['FORUM_DRIVER']->pname_group($member_row)));
                    } else {
                        $real_group_list = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id);
                    }
                    require_code('ocfiltering');
                    $value = count(array_intersect(ocfilter_to_idlist_using_memory($new_param, $GLOBALS['FORUM_DRIVER']->get_usergroup_list()), $real_group_list)) != 0 ? '1' : '0';
                }
                break;
            case 'IS_STAFF':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->is_staff(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
                } else {
                    $value = '0';
                }
                break;
            case 'IS_SUPER_ADMIN':
                if (isset($GLOBALS['FORUM_DRIVER'])) {
                    $value = $GLOBALS['FORUM_DRIVER']->is_super_admin(!is_null($param) && isset($param[0]) ? intval($param[0]) : get_member()) ? '1' : '0';
                } else {
                    $value = '0';
                }
                break;
            case 'PHOTO':
                if (isset($param[0])) {
                    $value = $GLOBALS['FORUM_DRIVER']->get_member_photo_url(intval($param[0]));
                    if (url_is_local($value) && $value != '') {
                        $value = get_custom_base_url() . '/' . $value;
                    }
                }
                break;
            case 'OCF_RANK_IMAGE':
                if (addon_installed('ocf_forum')) {
                    require_code('ocf_groups');
                    $rank_images = new ocp_tempcode();
                    $member_id = isset($param[0]) ? intval($param[0]) : get_member();
                    $posters_groups = $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id, true);
                    foreach ($posters_groups as $group) {
                        $rank_image = ocf_get_group_property($group, 'rank_image');
                        $group_leader = ocf_get_group_property($group, 'group_leader');
                        $group_name = ocf_get_group_name($group);
                        $rank_image_pri_only = ocf_get_group_property($group, 'rank_image_pri_only');
                        if ($rank_image != '' && ($rank_image_pri_only == 0 || $group == $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_primary_group'))) {
                            $rank_images->attach(do_template('OCF_RANK_IMAGE', array('USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id), 'GROUP_NAME' => $group_name, 'IMG' => $rank_image, 'IS_LEADER' => $group_leader == $member_id)));
                        }
                    }
                    $value = $rank_images->evaluate();
                }
                break;
            case 'TOTAL_POINTS':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(total_points(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'POINTS_USED':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(points_used(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'AVAILABLE_POINTS':
                if (addon_installed('points')) {
                    require_code('points');
                    $value = strval(available_points(isset($param[0]) ? intval($param[0]) : get_member()));
                }
                break;
            case 'URL_FOR_GET_FORM':
                if (isset($param[0])) {
                    $url_bits = parse_url($param[0]);
                    if (array_key_exists('scheme', $url_bits)) {
                        $value = $url_bits['scheme'] . '://' . (array_key_exists('host', $url_bits) ? $url_bits['host'] : 'localhost');
                        if (array_key_exists('port', $url_bits) && $url_bits['port'] != 80) {
                            $value .= ':' . strval($url_bits['port']);
                        }
                    }
                    if (array_key_exists('path', $url_bits)) {
                        $value .= $url_bits['path'];
                    }
                }
                break;
            case 'HIDDENS_FOR_GET_FORM':
                $_value = new ocp_tempcode();
                $url_bits = parse_url($param[0]);
                if (array_key_exists('query', $url_bits) && $url_bits['query'] != '') {
                    foreach (explode('&', $url_bits['query']) as $exp) {
                        $parts = explode('=', $exp, 2);
                        if (count($parts) == 2) {
                            if (!in_array($parts[0], $param)) {
                                $_value->attach(form_input_hidden($parts[0], urldecode($parts[1])));
                            }
                        }
                    }
                }
                $value = $_value->evaluate();
                break;
            case 'NOTIFICATIONS_ENABLED':
                $value = '';
                if (array_key_exists(0, $param)) {
                    require_code('notifications');
                    $value = notifications_enabled(array_key_exists(1, $param) ? $param[1] : get_page_name(), $param[0]) ? '1' : '0';
                }
                break;
            case 'DOCUMENT_HELP':
                global $DOCUMENT_HELP, $HELPER_PANEL_TUTORIAL;
                $value = $DOCUMENT_HELP;
                if ($value == '' && $HELPER_PANEL_TUTORIAL != '') {
                    $value = brand_base_url() . '/docs' . strval(ocp_version()) . '/pg/' . $HELPER_PANEL_TUTORIAL;
                }
                break;
            case 'HTTP_STATUS_CODE':
                global $HTTP_STATUS_CODE;
                $value = $HTTP_STATUS_CODE;
                break;
            case 'TEMPCODE':
                if (isset($param[0])) {
                    require_code('tempcode_compiler');
                    $_value = template_to_tempcode($param[0]);
                    $value = $_value->evaluate();
                }
                break;
            case 'COMCODE':
                if (isset($param[0])) {
                    $_value = comcode_to_tempcode($param[0], NULL, true);
                    $value = $_value->evaluate();
                }
                break;
            case 'FLAGRANT':
                $_value = get_flagrant();
                $value = $_value->evaluate();
                break;
            case 'IMG_WIDTH':
            case 'IMG_HEIGHT':
                if (isset($param[0]) && isset($GLOBALS['SITE_DB']) && function_exists('find_theme_image') && $GLOBALS['IN_MINIKERNEL_VERSION'] == 0) {
                    global $THEME_IMG_DIMS_CACHE;
                    if (!isset($THEME_IMG_DIMS_CACHE)) {
                        $THEME_IMG_DIMS_CACHE = function_exists('persistant_cache_get') ? persistant_cache_get('THEME_IMG_DIMS') : array();
                    }
                    if (isset($THEME_IMG_DIMS_CACHE[$param[0]])) {
                        list($width, $height) = $THEME_IMG_DIMS_CACHE[$param[0]];
                        $value = $name == 'IMG_WIDTH' ? $width : $height;
                    } else {
                        if (strpos($param[0], '://') === false) {
                            $img_url = find_theme_image($param[0], false, false, array_key_exists(2, $param) ? $param[2] : NULL, NULL, isset($param[1]) && $param[1] == '1' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB']);
                        } else {
                            $img_url = $param[0];
                        }
                        require_code('images');
                        list($width, $height) = _symbol_image_dims(array($img_url));
                        $value = $name == 'IMG_WIDTH' ? $width : $height;
                        $THEME_IMG_DIMS_CACHE[$param[0]] = array($width, $height);
                        if (function_exists('persistant_cache_set')) {
                            persistant_cache_set('THEME_IMG_DIMS', $THEME_IMG_DIMS_CACHE);
                        }
                    }
                }
                break;
            case 'CLEAN_FILE_SIZE':
                if (isset($param[0])) {
                    $bytes = is_numeric($param[0]) ? intval($param[0]) : NULL;
                    require_code('files');
                    $value = clean_file_size($bytes);
                }
                break;
            case 'TIME_PERIOD':
                if (isset($param[0])) {
                    $value = display_time_period(intval($param[0]));
                }
                break;
            case 'MAKE_RELATIVE_DATE':
                if (isset($param[0])) {
                    if (get_option('use_contextual_dates') == '0' && (!array_key_exists(1, $param) || $param[1] != '1')) {
                        $value = get_timezoned_date(intval($param[0]));
                    } else {
                        $value = display_time_period(time() - intval($param[0]));
                    }
                }
                break;
            case 'TIMEZONE':
                $value = make_nice_timezone_name(get_site_timezone());
                break;
            case 'LOAD_PAGE':
                foreach ($param as $i => $p) {
                    if (is_object($p)) {
                        $param[$i] = $p->evaluate();
                    }
                }
                global $LOADED_PAGES;
                if (strpos($param[0], ':') !== false) {
                    $param = array_reverse(explode(':', $param[0], 2));
                }
                $_value = $LOADED_PAGES[serialize($param)];
                $value = $_value->evaluate();
                break;
            case 'RUNNING_SCRIPT':
                if (isset($param[0])) {
                    $value = running_script($param[0]) ? '1' : '0';
                }
                break;
            case 'MATCH_KEY_MATCH':
                $value = '0';
                foreach ($param as $match_key) {
                    if ($match_key == '1' || $match_key == '0' || $match_key == '') {
                        continue;
                    }
                    if (match_key_match($match_key, isset($param[1]) && $match_key == '1')) {
                        $value = '1';
                    }
                }
                break;
            case 'VERSION':
                $value = strval(ocp_version());
                break;
            case 'PREVIEW_VALIDATION':
                $value = get_option('is_on_preview_validation') == '1' ? '1' : '0';
                break;
            case 'BLOCK':
                if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                    foreach ($param as $i => $p) {
                        if (is_object($p)) {
                            $param[$i] = $p->evaluate();
                        }
                    }
                    if (count($param) == 1 && strpos($param[0], ',') !== false) {
                        $param = preg_split('#((?<!\\\\)|(?<=\\\\\\\\)|(?<=^)),#', $param[0]);
                        foreach ($param as $key => $val) {
                            $param[$key] = str_replace('\\,', ',', $val);
                        }
                    }
                    global $LOADED_BLOCKS;
                    if (isset($LOADED_BLOCKS[serialize($param)])) {
                        // Will always be set
                        $value = $LOADED_BLOCKS[serialize($param)]->evaluate();
                    }
                }
                break;
            case 'CURRENCY':
                if (addon_installed('ecommerce')) {
                    if (isset($param[0])) {
                        require_code('currency');
                        $value = currency_convert(floatval(str_replace(',', '', $param[0])), isset($param[1]) && $param[1] != '' ? $param[1] : get_option('currency'), isset($param[2]) && $param[2] != '' ? $param[2] : NULL, isset($param[3]) && $param[3] == '1');
                        if (is_null($value)) {
                            $value = do_lang('INTERNAL_ERROR');
                        }
                    } else {
                        $value = get_option('currency');
                    }
                }
                break;
            case 'CURRENCY_SYMBOL':
                if (addon_installed('ecommerce')) {
                    require_code('ecommerce');
                    $value = ecommerce_get_currency_symbol();
                }
                break;
            case 'GEOLOCATE':
                $value = geolocate_ip(isset($param[0]) ? $param[0] : NULL);
                break;
            case 'NO_SAFE_MODE':
                $value = str_replace(array('on', 'true', 'yes'), array('1', '1', '1'), strtolower(ini_get('safe_mode'))) == '1' ? '0' : '1';
                break;
            case 'FORCE_PREVIEWS':
                if (get_option('forced_preview_option') == '1') {
                    if (get_forum_type() == 'ocf') {
                        if (is_guest() && get_option('default_preview_guests') == '0') {
                            $value = '0';
                        } else {
                            $value = $GLOBALS['FORUM_DRIVER']->get_member_row_field(get_member(), 'm_preview_posts') == 1 ? '1' : '0';
                        }
                    } else {
                        $value = get_option('default_preview_guests') == '0' ? '0' : '1';
                    }
                } else {
                    $value = '0';
                }
                break;
            case 'PREVIEW_URL':
                $value = find_script('preview');
                $value .= '?page=' . get_page_name();
                $value .= '&type=' . get_param('type', '', true);
                break;
            case 'ADDON_INSTALLED':
                if (isset($param[0]) && !running_script('install')) {
                    $value = addon_installed($param[0]) ? '1' : '0';
                }
                break;
            case 'VALUE_OPTION':
                if (isset($param[0])) {
                    $value = function_exists('get_value') ? get_value($param[0]) : '';
                    if (is_null($value)) {
                        $value = function_exists('get_long_value') ? get_long_value($param[0]) : '';
                        if (is_null($value)) {
                            $value = isset($param[1]) ? $param[1] : '';
                            if ($param[0] == 'textmate' && (ocp_srv('HTTP_HOST') == 'localhost' && strpos(ocp_srv('HTTP_USER_AGENT'), 'Macintosh') !== false)) {
                                $value = '1';
                            }
                        }
                    }
                }
                break;
            case 'KEEP_INDEX':
                // What needs preserving in the URL
                $value = 'index.php';
                if (count($_GET) > 0) {
                    foreach ($_GET as $key => $val) {
                        if (is_array($val)) {
                            continue;
                        }
                        if (get_magic_quotes_gpc()) {
                            $val = stripslashes($val);
                        }
                        if (substr($key, 0, 5) == 'keep_' && !skippable_keep($key, $val) && strpos($key, '_expand_') === false) {
                            $value .= ($value == 'index.php' ? '?' : '&') . urlencode($key) . '=' . ocp_url_encode($val);
                        }
                    }
                }
                break;
            case 'HIDE_HELP_PANEL':
                $value = array_key_exists('hide_help_panel', $_COOKIE) && $_COOKIE['hide_help_panel'] == '1' ? '1' : '0';
                break;
            case 'URLISE_LANG':
                if (isset($param[1])) {
                    $_value = urlise_lang($param[0], $param[1], isset($param[2]) ? $param[2] : '', isset($param[3]) ? $param[3] == '1' : false);
                    $value = $_value->evaluate();
                }
                break;
            case 'FIND_SCRIPT_NOHTTP':
                if (isset($param[0]) && function_exists('find_script')) {
                    $value = preg_replace('#^https?://[^/]+#', '', find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0));
                }
                if (!$GLOBALS['DEBUG_MODE']) {
                    break;
                }
                // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            // Debug mode changes base domain so we need to actually use it in full (fine, we don't have HTTPS in debug mode). Bubble on...
            case 'FIND_SCRIPT':
                if (isset($param[0]) && function_exists('find_script')) {
                    $value = find_script($param[0], false, isset($param[1]) ? intval($param[1]) : 0);
                }
                break;
            case 'MOBILE':
                $value = is_mobile(NULL, array_key_exists(0, $param) ? $param[0] == '1' : false) ? '1' : '0';
                break;
            case 'VALID_FILE_TYPES':
                $value = get_option('valid_types');
                $types = array_flip(explode(',', $value));
                $value = '';
                ksort($types);
                foreach (array_flip($types) as $val) {
                    $value .= $val . ',';
                }
                $value = substr($value, 0, strlen($value) - 1);
                break;
            case 'BROWSER_UA':
                $browser = get_browser_string();
                $value = $browser;
                break;
            case 'OS':
                $os = get_os_string();
                if (is_null($os)) {
                    $os = '';
                }
                $value = $os;
                break;
            case 'ANCHOR':
                if (isset($param[0])) {
                    $_value = do_template('ANCHOR', array('_GUID' => '8795c70c9dd7c6217bb765264ac24092', 'NAME' => $param[0]));
                    $value = $_value->evaluate();
                }
                break;
            case 'CSS_TEMPCODE':
                $_value = css_tempcode();
                $value = $_value->evaluate();
                break;
            case 'JS_TEMPCODE':
                $_value = javascript_tempcode(isset($param[0]) ? $param[0] : NULL);
                $value = $_value->evaluate();
                break;
            case 'PAD_LEFT':
                if (array_key_exists(1, $param)) {
                    $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_LEFT);
                }
                break;
            case 'PAD_RIGHT':
                if (array_key_exists(1, $param)) {
                    $value = str_pad($param[0], intval($param[1]), array_key_exists(2, $param) ? $param[2] : '', STR_PAD_RIGHT);
                }
                break;
            case 'PAGE_TITLE':
                $value = is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate();
                break;
            case 'SET_TITLE':
                if (array_key_exists(0, $param)) {
                    get_page_title($param[0], false);
                }
                break;
            case 'EXTRA_HEAD':
                $_value = $GLOBALS['EXTRA_HEAD'];
                if ($_value === NULL) {
                    $_value = new ocp_tempcode();
                }
                $value = $_value->evaluate();
                break;
            case 'EXTRA_FOOT':
                if ($GLOBALS['EXTRA_FOOT'] === NULL) {
                    $GLOBALS['EXTRA_FOOT'] = new ocp_tempcode();
                }
                $_value = $GLOBALS['EXTRA_FOOT'];
                if (array_key_exists(0, $param)) {
                    $GLOBALS['EXTRA_FOOT']->attach($param[0]);
                } else {
                    $value = $_value->evaluate();
                }
                break;
            case 'RAND':
                if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['RAND'])) {
                    $GLOBALS['NO_EVAL_CACHE'] = true;
                    $value = strval(mt_rand(0, 32000));
                } else {
                    $value = '4';
                }
                break;
            case 'SET_RAND':
                if (isset($param[0])) {
                    if (isset($GLOBALS['NON_CACHEABLE_SYMBOLS']['SET_RAND'])) {
                        $GLOBALS['NO_EVAL_CACHE'] = true;
                        $value = $param[mt_rand(0, count($param) - 1)];
                    } else {
                        $value = $param[0];
                    }
                }
                break;
            case 'COPYRIGHT':
                $value = str_replace('$CURRENT_YEAR', date('Y'), get_option('copyright'));
                break;
            case 'KEYWORDS_SPACED':
                $value = str_replace(',', ' ', get_option('keywords'));
                break;
            case 'STAFF_ADDRESS_PURE':
                $value = get_option('staff_address');
                break;
            case 'STAFF_ADDRESS':
                require_code('obfuscate');
                $value = obfuscate_email_address(get_option('staff_address'));
                break;
            case 'DOMAIN':
                $value = get_domain();
                break;
            case 'BRAND_NAME':
                $value = function_exists('get_value') ? get_value('rebrand_name') : NULL;
                if (is_null($value)) {
                    $value = 'ocPortal';
                }
                break;
            case 'BRAND_BASE_URL':
                $value = brand_base_url();
                break;
            case 'SHOW_DOCS':
                $value = get_option('show_docs') === '0' ? '0' : '1';
                break;
            case 'MEMBER_EMAIL':
                $value = $GLOBALS['FORUM_DRIVER']->get_member_email_address(isset($param[0]) ? intval($param[0]) : get_member());
                break;
            case 'OCF_MEMBER_HTML':
                if (get_forum_type() == 'ocf') {
                    require_code('ocf_members');
                    require_code('ocf_members2');
                    $_value = ocf_show_member_box(isset($param[0]) ? intval($param[0]) : get_member());
                    $value = $_value->evaluate();
                }
                break;
            case 'HAS_SPECIFIC_PERMISSION':
                if (isset($param[0])) {
                    $value = has_specific_permission(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_ZONE_ACCESS':
                if (isset($param[0])) {
                    $value = has_zone_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_PAGE_ACCESS':
                if (isset($param[0]) && isset($param[1])) {
                    $value = has_page_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1], !is_null($param) && isset($param[3]) ? $param[3] == '1' : false) ? '1' : '0';
                }
                break;
            case 'HAS_CATEGORY_ACCESS':
                if (isset($param[0])) {
                    $value = has_category_access(!is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), $param[0], $param[1]) ? '1' : '0';
                }
                break;
            case 'HAS_ATTACHMENT_ACCESS':
                if (isset($param[0])) {
                    require_code('attachments');
                    $value = has_attachment_access(!is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), $param[0]) ? '1' : '0';
                }
                break;
            case 'HAS_SUBMIT_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high')) {
                    $value = has_submit_permission(strtolower($param[0]), !is_null($param) && isset($param[1]) ? intval($param[1]) : get_member(), !is_null($param) && isset($param[2]) ? $param[2] : get_ip_address(), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'HAS_DELETE_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
                    $value = has_delete_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'HAS_EDIT_PERMISSION':
                if (isset($param[0]) && (strtolower($param[0]) == 'low' || strtolower($param[0]) == 'mid' || strtolower($param[0]) == 'high') && isset($param[1])) {
                    $value = has_edit_permission(strtolower($param[0]), !is_null($param) && isset($param[2]) ? intval($param[2]) : get_member(), intval($param[1]), !is_null($param) && isset($param[3]) ? $param[3] : get_page_name()) ? '1' : '0';
                }
                break;
            case 'ENTITY_DECODE':
                if (isset($param[0])) {
                    $value = @html_entity_decode($param[0], ENT_QUOTES, get_charset());
                }
                break;
            case 'RESET_CYCLE':
                if (isset($param[0])) {
                    $CYCLES[$param[0]] = 0;
                }
                break;
            case 'SITE_SCOPE':
                $value = get_option('site_scope');
                break;
            case 'LAST_VISIT_TIME':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $value = strval($member_info['last_visit_time']);
                }
                break;
            case 'NUM_NEW_TOPICS':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $_new_topics = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics WHERE NOT t_forum_id IS NULL AND t_cache_first_time>' . strval((int) $member_info['last_visit_time']));
                    $new_topics = $_new_topics[0]['mycnt'];
                    $value = strval($new_topics);
                }
                break;
            case 'NUM_NEW_POSTS':
                if (get_forum_type() == 'ocf') {
                    $member_info = ocf_read_in_member_profile(get_member(), true);
                    $_new_posts = $GLOBALS['FORUM_DB']->query('SELECT COUNT(*) AS mycnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE NOT p_cache_forum_id IS NULL AND p_time>' . strval((int) $member_info['last_visit_time']));
                    $new_posts = $_new_posts[0]['mycnt'];
                    $value = strval($new_posts);
                }
                break;
            case 'HAS_FORUM':
                $value = has_no_forum() ? '0' : '1';
                break;
            case 'OCF':
                $value = get_forum_type() == 'ocf' ? '1' : '0';
                break;
            case 'BOARD_PREFIX':
                $value = get_forum_base_url();
                break;
            case 'DATE_AND_TIME':
                $use_contextual_dates = isset($param[0]) && $param[0] == '1';
                $verbose = isset($param[1]) && $param[1] == '1';
                $server_time = isset($param[2]) && $param[2] == '1';
                $time = isset($param[3]) ? intval($param[3]) : time();
                $value = get_timezoned_date($time, true, $verbose, $server_time, !$use_contextual_dates);
                break;
            case 'DATE':
                $use_contextual_dates = isset($param[0]) && $param[0] == '1';
                $verbose = isset($param[1]) && $param[1] == '1';
                $server_time = isset($param[2]) && $param[2] == '1';
                $time = isset($param[3]) ? intval($param[3]) : time();
                $value = get_timezoned_date($time, false, $verbose, $server_time, !$use_contextual_dates);
                break;
            case 'TIME':
                $time = isset($param[0]) ? intval($param[0]) : time();
                $value = get_timezoned_time($time);
                break;
            case 'SECONDS_PERIOD':
                if (array_key_exists(0, $param)) {
                    $value = display_seconds_period(intval($param[0]));
                }
                break;
            case 'FROM_TIMESTAMP':
                if (isset($param[0])) {
                    $timestamp = isset($param[1]) ? intval($param[1]) : time();
                    if (!array_key_exists(2, $param) || $param[2] == '1') {
                        $timestamp = utctime_to_usertime($timestamp);
                    }
                    $value = locale_filter(my_strftime($param[0], $timestamp));
                    if ($value == $param[0]) {
                        // If no conversion happened then the syntax must have been for 'date' not 'strftime'
                        $value = date($param[0], $timestamp);
                    }
                } else {
                    $timestamp = time();
                    $value = strval($timestamp);
                }
                break;
            case 'TO_TIMESTAMP':
                if (isset($param[0])) {
                    $value = strval(strtotime($param[0]));
                    if (array_key_exists(1, $param) && $param[1] == '1') {
                        $value = strval(usertime_to_utctime(intval($value)));
                    }
                    // '1' means date was in user-time so needs converting to a UTC timestamp
                } else {
                    $value = strval(time());
                }
                break;
            case 'SESSION_HASHED':
                $value = md5(strval(get_session_id()));
                break;
            case 'SESSION':
                $value = strval(get_session_id());
                break;
            case 'IN_ARRAY':
                if (isset($param[1])) {
                    $array = array_slice($param, 1);
                    $value = in_array($param[0], $array) ? '1' : '0';
                }
                break;
            case 'MULT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval($param[0]) * floatval($param[1]), 2, true);
                }
                break;
            case 'ROUND':
                if (isset($param[0])) {
                    $amount = isset($param[1]) ? intval($param[1]) : 0;
                    if ($amount > 0) {
                        $value = float_format(floatval($param[0]), $amount);
                    } else {
                        $value = strval(intval(round(floatval($param[0]), $amount)));
                    }
                }
                break;
            case 'DEV_MODE':
                $value = $GLOBALS['DEBUG_MODE'] ? '1' : '0';
                break;
            case 'BROWSER_MATCHES':
                if (isset($param[0])) {
                    $q = false;
                    foreach (explode('|', $param[0]) as $browser) {
                        $q = browser_matches($browser);
                        if ($q) {
                            break;
                        }
                    }
                    $value = $q ? '1' : '0';
                }
                break;
            case 'ISSET':
                if (isset($param[0])) {
                    $value = isset($TEMPCODE_SETGET[$param[0]]) ? '1' : '0';
                }
                break;
            case 'INIT':
                if (isset($param[1])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = $param[1];
                    }
                }
                break;
            case 'INC':
                if (isset($param[0])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = '0';
                    }
                    $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) + 1);
                }
                break;
            case 'DEC':
                if (isset($param[0])) {
                    if (!isset($TEMPCODE_SETGET[$param[0]])) {
                        $TEMPCODE_SETGET[$param[0]] = '0';
                    }
                    $TEMPCODE_SETGET[$param[0]] = strval(intval($TEMPCODE_SETGET[$param[0]]) - 1);
                }
                break;
            case 'PREG_MATCH':
                if (isset($param[1])) {
                    $value = preg_match('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[2]) ? str_replace('e', '', $param[2]) : ''), $param[1]) != 0 ? '1' : '0';
                }
                break;
            case 'PREG_REPLACE':
                if (isset($param[2])) {
                    $value = preg_replace('#' . str_replace('#', '\\#', $param[0]) . '#' . (isset($param[3]) ? str_replace('e', '', $param[3]) : ''), $param[1], $param[2]);
                }
                break;
            case 'MAX':
                if (isset($param[0])) {
                    $value = strval(max(intval($param[0]), intval($param[1])));
                }
                break;
            case 'MIN':
                if (isset($param[0])) {
                    $value = strval(min(intval($param[0]), intval($param[1])));
                }
                break;
            case 'MOD':
                if (isset($param[0])) {
                    $value = strval(max(intval($param[0]), -intval($param[0])));
                }
                break;
            case 'REM':
                if (isset($param[1])) {
                    $value = strval(intval($param[0]) % intval($param[1]));
                }
                break;
            case 'DIV_FLOAT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval($param[0]) / floatval($param[1]), 2, true);
                }
                break;
            case 'DIV':
                if (isset($param[1])) {
                    $value = strval(intval(floor(floatval($param[0]) / floatval($param[1]))));
                }
                break;
            case 'SUBTRACT':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) - floatval(str_replace(',', '', $param[1])), 2, true);
                }
                break;
            case 'ADD':
                if (isset($param[1])) {
                    $value = float_to_raw_string(floatval(str_replace(',', '', $param[0])) + floatval(str_replace(',', '', $param[1])), 2, true);
                }
                break;
            case 'WCASE':
                if (isset($param[0])) {
                    $value = ucwords($param[0]);
                }
                break;
            case 'LCASE':
                if (isset($param[0])) {
                    $value = ocp_mb_strtolower($param[0]);
                }
                break;
            case 'UCASE':
                if (isset($param[0])) {
                    $value = ocp_mb_strtoupper($param[0]);
                }
                break;
            case '_POST':
                if (isset($param[0])) {
                    $value = post_param($param[0], isset($param[1]) ? $param[1] : '');
                }
                break;
            case 'REPLACE':
                if (isset($param[2])) {
                    $value = str_replace($param[0], $param[1], $param[2]);
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'AT':
                if (isset($param[1])) {
                    $value = ocp_mb_substr($param[0], intval($param[1]), 1);
                }
                break;
            case 'STRPOS':
                if (isset($param[1])) {
                    $t_value = strpos($param[0], $param[1]);
                    $value = $t_value === false ? '0' : strval($t_value);
                }
                break;
            case 'IN_STR':
                if (isset($param[1])) {
                    if ($param[1] == '') {
                        $value = '0';
                    } else {
                        $value = '0';
                        foreach ($param as $i => $check) {
                            if (is_integer($i) && $i != 0 && $check != '') {
                                if (strpos($param[0], $check) !== false) {
                                    $value = '1';
                                    break;
                                }
                            }
                        }
                    }
                }
                break;
            case 'SUBSTR_COUNT':
                if (isset($param[1])) {
                    $value = strval(substr_count($param[0], $param[1]));
                }
                break;
            case 'SUBSTR':
                if (isset($param[1])) {
                    $value = ocp_mb_substr($param[0], intval($param[1]), isset($param[2]) ? intval($param[2]) : strlen($param[0]));
                }
                break;
            case 'LENGTH':
                if (isset($param[0])) {
                    $value = strval(ocp_mb_strlen($param[0]));
                }
                break;
            case 'WORDWRAP':
                if (isset($param[1])) {
                    $cut = isset($param[3]) && $param[3] == '1';
                    $value = wordwrap($param[0], intval($param[1]), isset($param[2]) ? $param[2] : '<br />', $cut);
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'ALTERNATOR_TRUNCATED':
                // Alternate values according to whether some given text WOULD have been truncated. 0: text to check against, 1: the truncate length, 2:IF would not be do this, 3: if it would be do this, 4: whether given text is encoded as HTML (0=no [default, plain-text], 1=yes)
                if (isset($param[3])) {
                    $amount = intval($param[1]);
                    $is_html = isset($param[4]) && $param[4] == '1';
                    if (strlen($is_html ? strip_tags($param[0]) : $param[0]) > $amount) {
                        $value = $param[3];
                    } else {
                        $value = $param[2];
                    }
                }
                break;
            case 'ESCAPE':
                if (isset($param[0])) {
                    $d_escaping = array(isset($param[1]) ? constant($param[1]) : ENTITY_ESCAPED);
                    if (is_string($param[0])) {
                        apply_tempcode_escaping($d_escaping, $param[0]);
                    }
                    $value = $param[0];
                }
                break;
            case 'COOKIE_PATH':
                $value = function_exists('get_cookie_path') ? get_cookie_path() : '/';
                break;
            case 'COOKIE_DOMAIN':
                $s_value = function_exists('get_cookie_domain') ? get_cookie_domain() : '';
                $value = is_null($s_value) ? '' : $s_value;
                break;
            case 'IS_A_COOKIE_LOGIN':
                global $IS_A_COOKIE_LOGIN;
                $value = $IS_A_COOKIE_LOGIN && ini_get('suhosin.cookie.max_name_length') !== '64' ? '1' : '0';
                break;
            case 'GROUP_ID':
                if (isset($param[0])) {
                    $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
                    $value = array_key_exists(intval($param[0]), $groups) ? strval($groups[intval($param[0])]) : '';
                }
                break;
            case 'GROUP_NAME':
                if (isset($param[0])) {
                    $groups = $GLOBALS['FORUM_DRIVER']->get_members_groups(isset($param[1]) ? intval($param[1]) : get_member());
                    if (array_key_exists(intval($param[0]), $groups)) {
                        $all_usergroups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
                        $value = $all_usergroups[$groups[intval($param[0])]];
                    }
                    if ($GLOBALS['XSS_DETECT'] && ocp_is_escaped($param[0])) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'NEGATE':
                if (isset($param[0])) {
                    $value = strval(-intval($param[0]));
                }
                break;
            case 'XOR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == 1 ? '1' : '0';
                break;
            case 'NOR':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count > 0 ? '0' : '1';
                break;
            case 'NAND':
                $count = 0;
                foreach ($param as $test) {
                    if ($test == '1' || $test == '1') {
                        $count++;
                    }
                }
                $value = $count == count($param) ? '0' : '1';
                break;
            case 'LT':
                if (isset($param[1])) {
                    $value = intval($param[0]) < intval($param[1]) ? '1' : '0';
                }
                break;
            case 'GT':
                if (isset($param[1])) {
                    $value = intval($param[0]) > intval($param[1]) ? '1' : '0';
                }
                break;
            case 'COPPA_ON':
                $value = get_option('is_on_coppa') == '1' ? '1' : '0';
                break;
            case 'OBFUSCATE':
                if (isset($param[0])) {
                    require_code('obfuscate');
                    $value = obfuscate_entities($param[0]);
                }
                break;
            case 'FIX_ID':
                if (isset($param[0])) {
                    $value = fix_id($param[0]);
                    if ($GLOBALS['XSS_DETECT']) {
                        ocp_mark_as_escaped($value);
                    }
                }
                break;
            case 'MAILTO':
                require_code('obfuscate');
                $value = mailto_obfuscated();
                break;
            case 'INLINE_STATS':
                $value = get_option('show_inline_stats') == '1' ? '1' : '0';
                break;
            case 'ATTACHMENT_DOWNLOADS':
                if (isset($param[0])) {
                    $db = $GLOBALS['SITE_DB'];
                    if (isset($param[1]) && $param[1] == '1') {
                        $db = $GLOBALS['FORUM_DB'];
                    }
                    $_value = $db->query_value_null_ok('attachments', 'a_num_downloads', array('id' => intval($param[0])));
                    $value = is_null($_value) ? '?' : strval($_value);
                }
                break;
            case 'CSS_DIMENSION_REDUCE':
                if (isset($param[1])) {
                    $value = $param[0];
                    if (substr($value, -2) == 'px') {
                        $b = $param[1];
                        $value = strval(intval(substr($value, 0, -2)) - intval($b)) . 'px';
                    }
                    if ($value == '') {
                        $value = '0px';
                    }
                }
                break;
            case 'COMMENT_COUNT':
                if (isset($param[1])) {
                    if (get_option('is_on_comments') == '1') {
                        $count = 0;
                        $_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier(get_option('comments_forum_name'), $param[0] . '_' . $param[1]), $count, 0, 0, false);
                        $_value = do_lang_tempcode('_COMMENTS', integer_format(0));
                        if (is_array($_comments)) {
                            $_value = do_lang_tempcode('_COMMENTS', escape_html(integer_format($count)));
                        }
                        $value = $_value->evaluate();
                    } else {
                        $value = do_lang('VIEW');
                    }
                }
                break;
            case 'CAN_SPELLCHECK':
                $value = function_exists('pspell_check') ? '1' : '0';
                break;
            case 'AWARD_ID':
                if (array_key_exists(0, $param)) {
                    $value = $GLOBALS['SITE_DB']->query_value_null_ok('award_archive', 'content_id', array('a_type_id' => intval($param[0])), 'ORDER BY date_and_time DESC');
                    if (is_null($value)) {
                        $value = '';
                    }
                }
                break;
            case 'SELF_PAGE_LINK':
                $value = '';
                if (running_script('index') || running_script('iframe')) {
                    $value = get_zone_name() . ':' . get_page_name();
                    foreach ($_GET as $key => $val) {
                        if ($key == 'page') {
                            continue;
                        }
                        if (is_array($val)) {
                            continue;
                        }
                        if (substr($key, 0, 5) == 'keep_') {
                            continue;
                        }
                        $value .= ':' . $key . '=' . $val;
                    }
                }
                break;
            case 'SET_TUTORIAL_LINK':
                $value = '';
                if (array_key_exists(1, $param) && $param[1] != '' && $param[1][0] != '#') {
                    set_tutorial_link($param[0], $param[1]);
                }
                break;
            case 'DISPLAY_CONCEPT':
                $value = '';
                if (array_key_exists(0, $param)) {
                    $key = $param[0];
                    $page_link = get_tutorial_link('concept___' . preg_replace('#[^\\w_]#', '_', $key));
                    if (is_null($page_link)) {
                        $temp_tpl = make_string_tempcode($key);
                    } else {
                        list($zone, $attributes, $hash) = page_link_decode($page_link);
                        $_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
                        $temp_tpl = do_template('COMCODE_CONCEPT', array('_GUID' => 'ee0cd05f87329923f05145180004d8a8', 'TEXT' => $key, 'URL' => $_url));
                    }
                    $value = $temp_tpl->evaluate();
                }
                break;
            case 'SELF_URL':
                $extra_params = NULL;
                if (isset($param[3])) {
                    $extra_params = array();
                    $i = 3;
                    while (isset($param[$i])) {
                        $bits = explode('=', $param[$i], 2);
                        if ($bits[1] == '<null>') {
                            $bits[1] = NULL;
                        }
                        $extra_params[$bits[0]] = $bits[1];
                        $i++;
                    }
                }
                $value = get_self_url(true, isset($param[0]) && $param[0] == '1', $extra_params, isset($param[1]) && $param[1] == '1', isset($param[2]) && $param[2] == '1');
                break;
            case 'SHIFT_DECODE':
                if (isset($param[0])) {
                    global $SHIFT_VARIABLES;
                    $key = $param[0];
                    $value = isset($SHIFT_VARIABLES[$key]) ? $SHIFT_VARIABLES[$key]->evaluate() : '';
                }
                break;
            case 'NUMBER_FORMAT':
                if (isset($param[0])) {
                    $value = integer_format(intval($param[0]));
                }
                break;
            case 'FLOAT_FORMAT':
                if (isset($param[0])) {
                    $value = float_format(floatval($param[0]));
                }
                break;
            case 'CURRENTLY_INVISIBLE':
                $value = is_invisible() ? '1' : '0';
                break;
            case 'IS_FRIEND':
                if (isset($param[0])) {
                    $test = $GLOBALS['SITE_DB']->query_value_null_ok('chat_buddies', 'member_likes', array('member_likes' => isset($param[1]) ? intval($param[1]) : get_member(), 'member_liked' => intval($param[0])));
                    $value = is_null($test) ? '0' : '1';
                }
                break;
            case 'SSW':
                $value = get_option('ssw') == '1' ? '1' : '0';
                break;
            case 'RATING':
                if (isset($param[1])) {
                    require_code('feedback');
                    $rating = get_rating_simple_array(array_key_exists(3, $param) ? $param[3] : get_self_url(true), array_key_exists(4, $param) ? $param[4] : (is_null($DISPLAYED_TITLE) ? '' : $DISPLAYED_TITLE->evaluate()), $param[0], $param[1], array_key_exists(5, $param) ? $param[5] : 'RATING_FORM', array_key_exists(2, $param) ? $param[2] : NULL);
                    if ($rating !== NULL) {
                        if (!array_key_exists(2, $param) || $param[2] == '0') {
                            $value = isset($rating['ALL_RATING_CRITERIA'][0]['RATING']) ? $rating['ALL_RATING_CRITERIA'][0]['RATING'] : '';
                        } else {
                            $value = do_template('RATING_INLINE_STATIC', $rating);
                        }
                        if (is_object($value)) {
                            $value = $value->evaluate();
                        }
                    }
                }
                break;
            case 'VIEWS':
                if (isset($param[2])) {
                    $id_field = 'id';
                    // Not allowed for security reasons
                    if (preg_match('#^\\w*views\\w*$#', $param[1]) != 0) {
                        $test = $GLOBALS['SITE_DB']->query_value_null_ok($param[0], $param[1], array($id_field => $param[2]));
                        if (!is_null($test)) {
                            $value = integer_format($test);
                        }
                    }
                }
                break;
            default:
                global $EXTRA_SYMBOLS;
                if (is_null($EXTRA_SYMBOLS)) {
                    $EXTRA_SYMBOLS = array();
                    $hooks = find_all_hooks('systems', 'symbols');
                    foreach (array_keys($hooks) as $hook) {
                        $EXTRA_SYMBOLS[$hook] = array();
                    }
                }
                if (array_key_exists($name, $EXTRA_SYMBOLS)) {
                    if (!array_key_exists('ob', $EXTRA_SYMBOLS[$name])) {
                        require_code('hooks/systems/symbols/' . filter_naughty_harsh($name));
                        $EXTRA_SYMBOLS[$name]['ob'] = object_factory('Hook_symbol_' . filter_naughty_harsh($name));
                    }
                    $value = $EXTRA_SYMBOLS[$name]['ob']->run($param);
                    break;
                }
                if (defined($name)) {
                    $value = @strval(constant($name));
                    break;
                }
                $value = '';
                require_code('site');
                attach_message(do_lang_tempcode('MISSING_SYMBOL', escape_html($name)), 'warn');
        }
        if ($escaped != array()) {
            if (is_object($value)) {
                $value = $value->evaluate();
            }
            apply_tempcode_escaping($escaped, $value);
        }
        if ($cacheable) {
            $SYMBOL_CACHE[$escaped_codes] = $value;
        }
        return $value;
    }
    // Is it a directive?
    if ($type == TC_DIRECTIVE) {
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        // In our param we should have a map of bubbled template parameters (under 'vars') and our numbered directive parameters
        if ($param === NULL) {
            $param = array();
        }
        // Closure-based Tempcode parser may send in strings, so we need to adapt...
        foreach ($param as $key => $val) {
            if (is_string($val)) {
                $param[$key] = make_string_tempcode($val);
            }
        }
        if (!isset($param['vars'])) {
            $param['vars'] = array();
        }
        switch ($name) {
            case 'SHIFT_ENCODE':
                break;
            case 'PARAM_INFO':
                $_value = do_template('PARAM_INFO', array('MAP' => $param['vars']));
                $value = $_value->evaluate();
                break;
            case 'CSS_INHERIT':
                // e.g. {+START,CSS_INHERIT,global,default,#886aa9}{+END}
                if (isset($param[0])) {
                    require_code('css_and_js');
                    $css_file = $param[0]->evaluate();
                    $theme = isset($param[1]) ? $param[1]->evaluate() : 'default';
                    $seed = isset($param[2]) ? $param[2]->evaluate() : NULL;
                    if ($seed == '') {
                        $seed = NULL;
                    }
                    $dark = isset($param[3]) ? $param[3]->evaluate() == '1' : false;
                    $algorithm = isset($param[4]) ? $param[4]->evaluate() : 'equations';
                    $value = css_inherit($css_file, $theme, $GLOBALS['FORUM_DRIVER']->get_theme(), $seed, $dark, $algorithm);
                }
                break;
            case 'FRACTIONAL_EDITABLE':
                foreach (array_keys($param) as $key) {
                    if (!is_numeric($key)) {
                        unset($param[$key]);
                    }
                }
                if (isset($param[3])) {
                    $edit_text = $param[0]->evaluate();
                    $edit_param_name = $param[1]->evaluate();
                    $edit_pagelink = $param[2]->evaluate();
                    $supports_comcode = (isset($param[4]) ? $param[3]->evaluate() : '0') == '1';
                    list($zone, $attributes, ) = page_link_decode($edit_pagelink);
                    if ($zone == '_SEARCH') {
                        $zone = get_module_zone($attributes['page']);
                    }
                    if (has_actual_page_access(get_member(), $attributes['page'], $zone) && has_zone_access(get_member(), 'adminzone')) {
                        $keep = symbol_tempcode('KEEP');
                        $url = find_script('fractional_edit') . '?edit_param_name=' . urlencode($edit_param_name) . '&supports_comcode=' . ($supports_comcode ? '1' : '0') . '&zone=' . urlencode($zone) . $keep->evaluate();
                        foreach ($attributes as $key => $val) {
                            $url .= '&' . $key . '=' . urlencode($val);
                        }
                        $_value = $param[count($param) - 1];
                        $_value = do_template('FRACTIONAL_EDIT', array('_GUID' => '075ac126c427d28b309004bc67b32b08', 'VALUE' => $_value, 'URL' => $url, 'EDIT_TEXT' => $edit_text, 'EDIT_PARAM_NAME' => $edit_param_name));
                        $value = $_value->evaluate();
                    } else {
                        $value = $param[count($param) - 1]->evaluate();
                    }
                }
                break;
            case 'SET':
                if (isset($param[1])) {
                    $var = $param[0]->evaluate();
                    $set_val = '';
                    $i = 1;
                    while (isset($param[$i])) {
                        if ($i != 1) {
                            $set_val .= ',';
                        }
                        $set_val .= $param[1]->evaluate();
                        $i++;
                    }
                    $TEMPCODE_SETGET[$var] = $set_val;
                }
                break;
            case 'IN_ARRAY':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '1' : '0';
                }
                break;
            case 'NOT_IN_ARRAY':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '0' : '1';
                }
                break;
            case 'IF_IN_ARRAY':
                if (isset($param[2])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? $param[2]->evaluate() : '';
                }
                break;
            case 'IF_NOT_IN_ARRAY':
                if (isset($param[2])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = in_array($param[0]->evaluate(), $array) ? '' : $param[2]->evaluate();
                }
                break;
            case 'IMPLODE':
                if (isset($param[1])) {
                    $key = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    if (isset($param[2]) && $param[2]->evaluate() == '1') {
                        $delim = $param[0]->evaluate();
                        foreach ($array as $key => $val) {
                            if ($value != '') {
                                $value .= $delim;
                            }
                            $value .= (is_integer($key) ? integer_format($key) : $key) . ' = ' . $val;
                        }
                    } else {
                        $value = implode($param[0]->evaluate(), $array);
                    }
                }
                break;
            case 'COUNT':
                if (isset($param[0])) {
                    $key = $param[0]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $value = strval(count($array));
                }
                break;
            case 'BOX':
                unset($param['vars']);
                $title = isset($param[1]) ? $param[0]->evaluate() : '';
                $dimensions = isset($param[2]) ? $param[1]->evaluate() : '100%';
                if ($dimensions == '') {
                    $dimensions = '100%';
                }
                $box_type = isset($param[3]) ? $param[2]->evaluate() : 'classic';
                $options = isset($param[4]) ? $param[3]->evaluate() : '';
                $meta = isset($param[5]) ? $param[4]->evaluate() : '';
                $links = isset($param[6]) ? $param[5]->evaluate() : '';
                $expand = isset($param[7]) ? $param[6]->evaluate() == '1' : false;
                $toplink = isset($param[8]) ? $param[7]->evaluate() : '';
                $tmp = put_in_standard_box(array_pop($param), $title, $dimensions, $box_type, $options, $meta, $links, $expand, $toplink);
                $value = $tmp->evaluate();
                break;
            case 'IF_NON_EMPTY':
                if (isset($param[1])) {
                    if (!$param[0]->is_really_empty()) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_PASSED':
                if (isset($param[1])) {
                    $t = $param[0]->evaluate();
                    if (isset($param['vars'][$t])) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_NON_PASSED':
                if (isset($param[1])) {
                    $t = $param[0]->evaluate();
                    if (!isset($param['vars'][$t])) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_EMPTY':
                if (isset($param[1])) {
                    if ($param[0]->is_really_empty()) {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'IF_ARRAY_EMPTY':
                if (isset($param[0])) {
                    $looking_at = $param[0]->evaluate();
                    if (array_key_exists($looking_at, $param['vars'])) {
                        if (count($param['vars'][$looking_at]) == 0) {
                            $value = $param[1]->evaluate();
                        }
                    }
                }
                break;
            case 'IF_ARRAY_NON_EMPTY':
                if (isset($param[0])) {
                    $looking_at = $param[0]->evaluate();
                    if (array_key_exists($looking_at, $param['vars'])) {
                        if (count($param['vars'][$looking_at]) != 0) {
                            $value = $param[1]->evaluate();
                        }
                    }
                }
                break;
            case 'OF':
                if (isset($param[1])) {
                    $key = $param[0]->evaluate();
                    $x = $param[1]->evaluate();
                    $array = array_key_exists($key, $param['vars']) ? $param['vars'][$key] : array();
                    $x2 = is_numeric($x) ? intval($x) : $x;
                    if (is_integer($x2)) {
                        if ($x2 < 0) {
                            $x2 = count($array) - 1;
                        } elseif ($x2 >= count($array)) {
                            $x2 -= count($array);
                        }
                    }
                    $value = array_key_exists($x2, $array) ? $array[$x2] : '';
                    if (is_object($value)) {
                        $value = $value->evaluate();
                    }
                }
                break;
            case 'INCLUDE':
                if (isset($param[1])) {
                    $tpl_params = $param['vars'];
                    $explode = explode(chr(10), $param[1]->evaluate());
                    foreach ($explode as $val) {
                        $bits = explode('=', $val, 2);
                        if (count($bits) == 2) {
                            $tpl_params[ltrim($bits[0])] = $bits[1];
                        }
                    }
                    $td = isset($param[3]) ? $param[2]->evaluate() : '';
                    if ($td == '') {
                        $td = 'templates';
                    }
                    $ex = isset($param[2]) ? $param[1]->evaluate() : '';
                    if ($ex == '') {
                        $ex = '.tpl';
                    }
                    $_value = do_template($param[0]->evaluate(), $tpl_params, NULL, false, NULL, $ex, $td);
                    $value = $_value->evaluate();
                }
                break;
            case 'WHILE':
                if (isset($param[1])) {
                    $_p = $param[0]->evaluate();
                    if ($_p == '1' || $_p == '1') {
                        $value = '';
                        $value .= $param[1]->evaluate();
                        $value .= ecv($lang, $escaped, $type, $name, $param);
                    }
                }
                break;
            case 'IF':
                if (isset($param[1])) {
                    $_p = $param[0]->evaluate();
                    if ($_p == '1' || $_p == '1') {
                        $value = $param[1]->evaluate();
                    }
                }
                break;
            case 'LOOP':
                if (isset($param[0])) {
                    if (!array_key_exists($param[0]->evaluate(), $param['vars'])) {
                        require_code('site');
                        attach_message(do_lang_tempcode('MISSING_TEMPLATE_PARAMETER', $param[0]->evaluate(), '???'), 'warn');
                        return '';
                    }
                    $array_key = $param[0]->evaluate();
                    if (is_numeric($array_key) || strpos($array_key, ',') !== false) {
                        $array = explode(',', $array_key);
                    } else {
                        $array = array_key_exists($array_key, $param['vars']) ? $param['vars'][$array_key] : array();
                        if (!is_array($array)) {
                            $array = array();
                        }
                    }
                    $value = '';
                    if (array_key_exists(1 + 1, $param)) {
                        $columns = $param[1]->evaluate();
                        $row_starter = array_key_exists(2 + 1, $param) ? $param[2]->evaluate() : '<tr>';
                        $row_terminator = array_key_exists(3 + 1, $param) ? $param[3]->evaluate() : '</tr>';
                        $value .= $row_starter;
                        // Sorting
                        if (array_key_exists(4 + 1, $param)) {
                            $sort_key = $param[4]->evaluate();
                            $rev = array_key_exists(5 + 1, $param) && $param[5]->evaluate() == 'DESC';
                            if ($sort_key != '') {
                                global $M_SORT_KEY;
                                $M_SORT_KEY = $sort_key;
                                uasort($array, 'multi_sort');
                            }
                            if ($rev) {
                                $array = array_reverse($array);
                            }
                        }
                    }
                    $last = count($param) - 2;
                    $col = 0;
                    $first = true;
                    foreach ($array as $go_key => $go) {
                        if (!is_array($go)) {
                            $go = array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_loop_var' => make_string_tempcode($go));
                        }
                        // In case it's not a list of maps, but just a list
                        if (isset($param[2]) && $col % $columns == 0 && $col != 0) {
                            $value .= $row_starter;
                        }
                        $ps = $go + $param['vars'] + array('_loop_key' => make_string_tempcode(is_integer($go_key) ? strval($go_key) : $go_key), '_i' => strval($col), '_first' => $first, '_last' => $col == count($array) - 1);
                        $bound = $param[$last]->bind($ps, '');
                        $value .= $bound->evaluate();
                        ++$col;
                        if (isset($param[3]) && $col % $columns == 0) {
                            $value .= $row_terminator;
                        }
                        $first = false;
                    }
                    if (isset($param[2]) && $col % $columns != 0) {
                        $value .= $row_terminator;
                    }
                }
                break;
            default:
                require_code('site');
                attach_message(do_lang_tempcode('UNKNOWN_DIRECTIVE', escape_html($name)), 'warn');
        }
        if ($escaped != array()) {
            apply_tempcode_escaping($escaped, $value);
        }
        return $value;
    }
    // By elimination, it's language
    $a = isset($param[0]) ? is_object($param[0]) ? $param[0]->evaluate() : $param[0] : NULL;
    $b = isset($param[1]) ? is_object($param[1]) ? $param[1]->evaluate() : $param[1] : NULL;
    $c = isset($param[2]) ? array_splice($param, 2) : NULL;
    if ($c !== NULL) {
        foreach ($c as $i => $cc) {
            if (is_object($cc)) {
                $c[$i] = $cc->evaluate();
            }
        }
    }
    static $dle = false;
    if (!$dle) {
        $dle = function_exists('do_lang');
    }
    $ret = $dle ? do_lang($name, $a, $b, $c, $lang, false) : escape_html($name . ':' . (!is_null($a) ? $a : '') . ',' . (!is_null($b) ? $b : ''));
    if ($ret === NULL) {
        if ($type != TC_PARAMETER) {
            require_code('site');
            attach_message(do_lang_tempcode('MISSING_LANG_ENTRY', escape_html($name)), 'warn');
        }
        $value = '';
        if ($GLOBALS['XSS_DETECT']) {
            ocp_mark_as_escaped($value);
        }
        return $value;
    }
    if ($escaped != array() && $escaped != array(ENTITY_ESCAPED)) {
        apply_tempcode_escaping(array_diff($escaped, array(ENTITY_ESCAPED)), $ret);
    }
    // Escape but without ENTITY_ESCAPED because we don't do that on lang strings
    return $ret;
}
Ejemplo n.º 9
0
/**
 * Finishing off of a member profile (such as for LDAP or httpauth, where a partial profile is automatically made, but needs completion).
 *
 * @param  SHORT_TEXT 	The username for the member profile.
 * @param  SHORT_TEXT	The password for the member profile.
 * @param  ID_TEXT		The type of member profile we are finishing off.
 * @param  boolean		Whether to check for duplicated email addresses.
 * @param  string			Auto-detected e-mail address (blank: none)
 * @param  ?integer		Auto-detected DOB day (NULL: unknown)
 * @param  ?integer		Auto-detected DOB month (NULL: unknown)
 * @param  ?integer		Auto-detected DOB year (NULL: unknown)
 * @param  ?ID_TEXT		Auto-detected Timezone (NULL: unknown)
 * @param  ?ID_TEXT		Auto-detected Language (NULL: unknown)
 * @param  ?URLPATH		The URL to the member's avatar (blank: none) (NULL: choose one automatically).
 * @param  URLPATH		The URL to the member's photo (blank: none).
 * @param  URLPATH		The URL to the member's photo thumbnail (blank: none).
 * @return MEMBER			The member ID for the finished off profile.
 */
function ocf_member_external_linker($username, $password, $type, $email_check = true, $email_address = '', $dob_day = NULL, $dob_month = NULL, $dob_year = NULL, $timezone = NULL, $language = NULL, $avatar_url = NULL, $photo_url = '', $photo_thumb_url = '')
{
    // Read in data
    $email_address = trim(post_param('email_address', $email_address));
    $dob_day = post_param_integer('dob_day', $dob_day);
    $dob_month = post_param_integer('dob_month', $dob_month);
    $dob_year = post_param_integer('dob_year', $dob_year);
    $reveal_age = post_param_integer('reveal_age', 0);
    // For default privacy, default off
    require_code('temporal');
    if (is_null($timezone)) {
        $timezone = get_site_timezone();
    }
    $timezone = post_param('timezone', $timezone);
    if (is_null($language)) {
        $language = get_site_default_lang();
    }
    $language = post_param('language', $language);
    $allow_emails = post_param_integer('allow_emails', 0);
    // For default privacy, default off
    $allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
    // For default privacy, default off
    require_code('ocf_groups');
    $custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, NULL, NULL, NULL, 0, true);
    $actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
    foreach ($actual_custom_fields as $key => $val) {
        if ($val == STRING_MAGIC_NULL) {
            $actual_custom_fields[$key] = '';
        }
    }
    $groups = ocf_get_all_default_groups(true);
    // $groups will contain the built in default primary group too (it is not $secondary_groups)
    $primary_group = post_param_integer('primary_group', NULL);
    if ($primary_group !== NULL && !in_array($primary_group, $groups)) {
        // Check security
        $test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group));
        if ($test == 1) {
            $groups = ocf_get_all_default_groups(false);
            // Get it so it does not include the built in default primary group
            $groups[] = $primary_group;
            // And add in the *chosen* primary group
        } else {
            $primary_group = NULL;
        }
    } else {
        $primary_group = NULL;
    }
    if ($primary_group === NULL) {
        $primary_group = get_first_default_group();
    }
    // Check that the given address isn't already used (if one_per_email_address on)
    if (get_option('one_per_email_address') == '1' && $email_address != '' && $email_check) {
        $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'm_username', array('m_email_address' => $email_address));
        if (!is_null($test)) {
            global $MEMBER_CACHED;
            $MEMBER_CACHED = db_get_first_id();
            $reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword'));
            warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate())));
        }
    }
    // Add member
    require_code('ocf_members_action');
    $ret = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, NULL, 1, time(), time(), '', $avatar_url, '', 0, 1, $reveal_age, '', $photo_url, $photo_thumb_url, 1, 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), '', false, $type, '');
    return $ret;
}