function showProfile($uid) { if (!User::$IS_ONLINE) { hmsgDie('FAIL', 'Error: You must be logged in to view this users profile.'); } if (is_empty($uid) && User::$IS_ONLINE) { $this->objPage->redirect('/' . root() . 'modules/profile/view/' . $this->objUser->grab('username'), 0); return; } $vars = $this->objPage->getVar('tplVars'); $user = $this->objUser->getUserInfo($uid); if (!count($user)) { $this->objPage->setTitle('Profile > User doesnt exist.'); hmsgDie('FAIL', 'Error: User doesnt exist.'); } $this->objTPL->set_filenames(array('body' => 'modules/profile/template/viewProfile.tpl')); $this->objPage->setTitle('Profile > ' . $user['username']); $this->objPage->addCSSFile('/' . root() . 'modules/profile/contactInfo.css'); $this->objPage->addJSFile('/' . root() . 'modules/profile/scripts/profile.js'); $this->objPage->addPagecrumb(array(array('url' => '/' . root() . 'modules/profile/view/' . $user['username'], 'name' => 'Viewing ' . secureMe($user['username']) . '\'s profile'))); $icons = $this->contactInfoLinks($user); $uProfile = $this->objUser->profile($user['id']); if (preg_match('_"color: ([^;]*);" title="([^"]*)">([^<]*)</font>_i', $uProfile, $m)) { $text = $m[2]; $color = $m[1]; } $this->objComments->start('PROFILE_COMMENTS', 'cpage', 'profile', $user['id'], 20, $user['id']); $this->objTPL->assign_block_vars('profile', array('USERNAME' => $uProfile, 'USERNAME_RAW' => $user['username'], 'AVATAR' => $this->objUser->parseAvatar($user['id']), 'TITLE' => !is_empty($title) ? secureMe($user['title']) : '<font color="' . $color . '">' . $text . '</font>', 'PM' => User::$IS_ONLINE ? '<a href="/' . root() . 'modules/pm/compose/' . $user['username'] . '"><img src="' . $vars['PM_compose'] . '" /></a>' : '', 'SIGNATURE' => contentParse($user['signature']), 'INTERESTS' => contentParse($user['interests']), 'ABOUT_ME' => contentParse($user['about']), 'L_LOCALTIME' => 'Local Time', 'LOCALTIME' => $this->objTime->mk_time(time(), 'D jS M h:ia', $user['timezone']), 'CONTACT_ICONS' => $icons, 'L_COMMENTS' => 'Comments', 'L_RECENTA' => 'Recent Activity', 'L_BIO' => 'User Bio')); if (!is_empty($user['about'])) { $this->objTPL->assign_block_vars('profile.ABOUT_ME', array()); } if (!is_empty($user['interests'])) { $this->objTPL->assign_block_vars('profile.INTRESTS', array()); } $bio_info = array(); $bio_info[] = !is_empty($title) ? array('var' => 'User Title', 'val' => secureMe($user['title'])) : array('var' => 'User Privs', 'val' => '<font color="' . $color . '">' . $text . '</font>'); $bio_info[] = array('var' => 'Registered Since', 'val' => $this->objTime->mk_time($user['registerdate'], 'l jS F Y @ h:ia')); $bio_info[] = array('var' => langVar('L_LAST_LOGGED_IN'), 'val' => $this->objTime->mk_time($user['timestamp'])); if ($user['birthday'] != '00/00/0000') { $ex = explode('/', $user['birthday']); $tiem = gmmktime(0, 0, 0, $ex[1], $ex[0], $ex[2]); $bio_info[] = array('var' => 'Birthday', 'val' => $this->objTime->mk_time($tiem, 'D jS M')); } if (!is_empty($location)) { $bio_info[] = array('var' => 'Location', 'val' => $location); } $i = 0; foreach ($bio_info as $row) { $this->objTPL->assign_block_vars('profile.BINFO', array('VAR' => $row['var'], 'VAL' => $row['val'], 'ROW' => $i++ % 2 == 0 ? 'row_color1' : 'row_color2')); } $this->objTPL->assign_vars(array('RECENT_ACTIVITY_MSG' => msg('INFO', 'This part of the panel is still in development. Watch this space.', 'return'))); $this->objTPL->parse('body', false); }
/** * Generates a ACL list for categories * * @version 2.0 * @since 1.0.0 * @author xLink * * @param constant $type * @param int $forum_id * * @return array */ public function auth($type, $forum_id, $f_access = NULL) { switch ($type) { case AUTH_ALL: $a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_del, a.auth_move, a.auth_special'; $auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_del', 'auth_move', 'auth_special'); break; case AUTH_VIEW: $a_sql = 'a.auth_view'; $auth_fields = array('auth_view'); break; case AUTH_READ: $a_sql = 'a.auth_read'; $auth_fields = array('auth_read'); break; case AUTH_POST: $a_sql = 'a.auth_post'; $auth_fields = array('auth_post'); break; case AUTH_REPLY: $a_sql = 'a.auth_reply'; $auth_fields = array('auth_reply'); break; case AUTH_EDIT: $a_sql = 'a.auth_edit'; $auth_fields = array('auth_edit'); break; case AUTH_DELETE: $a_sql = 'a.auth_del'; $auth_fields = array('auth_del'); break; case AUTH_MOVE: $a_sql = 'a.auth_move'; $auth_fields = array('auth_move'); break; case AUTH_SPECIAL: $a_sql = 'a.auth_special'; $auth_fields = array('auth_special'); break; default: break; } //check if we need to return perms for a specific forum or the entire lot if (empty($f_access)) { if (!isset($this->authQuery[$type][$forum_id])) { $forum_match_sql = $forum_id != AUTH_LIST_ALL ? 'WHERE a.id = ' . $forum_id : ''; $sql = 'SELECT a.id, %s FROM `$Pforum_cats` a %s'; $function = $forum_id != AUTH_LIST_ALL ? 'getLine' : 'getTable'; if (!($this->authQuery[$type][$forum_id] = $f_access = $this->objSQL->{$function}($sql, array($a_sql, $forum_match_sql)))) { $this->objSQL->freeResult($f_access); return array(); } $this->objSQL->freeResult($f_access); } else { $f_access = $this->authQuery[$type][$forum_id]; } } // If the user isn't logged on then all we need do is check if the forum // has the type set to ALL, if yes they are good to go, if not then they // are denied access $u_access = array(); if (user::$IS_ONLINE) { if (!isset($this->authQuery2[$type][$forum_id])) { if (!isset($this->authQuery3)) { $this->authQuery3 = $query = $this->objSQL->getTable('SELECT a.cat_id, %s, a.auth_mod FROM `$Pforum_auth` a, `$Pgroup_subs` ug WHERE ug.uid = "%s" AND ug.pending = 0 AND a.group_id = ug.gid', array($a_sql, $this->objUser->grab('id'))); if ($query === false) { hmsgDie('FAIL', 'Error: Cannot retreive the forum authorization'); } } else { $query = $this->authQuery3; } if (count($query)) { foreach ($query as $row) { if ($forum_id != AUTH_LIST_ALL) { $u_access[] = $row; } else { $u_access[$row['cat_id']][] = $row; } } } $this->authQuery2[$type][$forum_id] = $u_access; $this->objSQL->freeResult($query); } else { $u_access = $this->authQuery2[$type][$forum_id]; } } $is_admin = User::$IS_ONLINE && User::$IS_ADMIN ? true : 0; $auth_user = array(); $icount = count($auth_fields); for ($i = 0; $i < $icount; $i++) { $key = $auth_fields[$i]; if ($forum_id != AUTH_LIST_ALL) { $value = $f_access[$key]; switch ($value) { case AUTH_ALL: $auth_user[$key] = true; $auth_user[$key . '_type'] = langVar('L_Auth_Anonymous_Users'); break; case AUTH_REG: $auth_user[$key] = User::$IS_ONLINE ? true : 0; $auth_user[$key . '_type'] = langVar('L_Auth_Registered_Users'); break; case AUTH_ACL: $auth_user[$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_ACL, $key, $u_access, $is_admin) : 0; $auth_user[$key . '_type'] = langVar('L_Auth_Users_granted_access'); break; case AUTH_MOD: $auth_user[$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; $auth_user[$key . '_type'] = langVar('L_Auth_Moderators'); break; case AUTH_ADMIN: $auth_user[$key] = $is_admin; $auth_user[$key . '_type'] = langVar('L_Auth_Administrators'); break; default: $auth_user[$key] = 0; break; } } else { $kcount = count($f_access); for ($k = 0; $k < $kcount; $k++) { $value = $f_access[$k][$key]; $f_fid = $f_access[$k]['id']; $u_access[$f_fid] = isset($u_access[$f_fid]) ? $u_access[$f_fid] : array(); switch ($value) { case AUTH_ALL: $auth_user[$f_fid][$key] = true; $auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Anonymous_Users'); break; case AUTH_REG: $auth_user[$f_fid][$key] = User::$IS_ONLINE ? true : 0; $auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Registered_Users'); break; case AUTH_ACL: $auth_user[$f_fid][$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_ACL, $key, $u_access[$f_fid], $is_admin) : 0; $auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Users_granted_access'); break; case AUTH_MOD: $auth_user[$f_fid][$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access[$f_fid], $is_admin) : 0; $auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Moderators'); break; case AUTH_ADMIN: $auth_user[$f_fid][$key] = $is_admin; $auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Administrators'); break; default: $auth_user[$f_fid][$key] = 0; break; } } } } // Is user a moderator? if ($forum_id != AUTH_LIST_ALL) { $auth_user['auth_mod'] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; } else { for ($k = 0; $k < count($f_access); $k++) { $f_fid = $f_access[$k]['id']; $u_access[$f_fid] = isset($u_access[$f_fid]) ? $u_access[$f_fid] : array(); $auth_user[$f_fid]['auth_mod'] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access[$f_fid], $is_admin) : 0; } } return $auth_user; }
if (doArgs($setting, false, $_POST) != $objCore->config('site', $setting, true)) { $update[$setting] = $_POST[$setting]; } } //if we have stuff to update if (count($update)) { foreach ($update as $setting => $value) { $update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting)); if (!$update) { $failed[$setting] = $objSQL->error(); } } } //if we have a setting that failed, let the user know if (!is_empty($failed)) { $msg = null; foreach ($failed as $setting => $error) { $msg .= $setting . ': ' . $error . '<br />'; } $objPage->redirect($url, 7); hmsgDie('FAIL', langVar('L_SET_NOT_UPDATED', $msg)); } //unset the panel info and reset the cache unset($_SESSION['site']['panel']); $objCache->regenerateCache('config'); //and redirect back $objPage->redirect($url, 3); hmsgDie('OK', langVar('L_SET_UPDATED')); break; } $objTPL->parse('body', false);
|| Cybershade CMS - Your CMS, Your Way || \*======================================================================*/ define('INDEX_CHECK', 1); define('cmsDEBUG', 1); include_once 'core/core.php'; //check to make sure the module has the needed function to run $module = $objCore->config('site', 'index_module'); if (is_dir(cmsROOT . 'modules/' . $module . '/') && is_readable(cmsROOT . 'modules/' . $module . '/cfg.php')) { if (!preg_match('/function\\sshowMain\\(/is', file_get_contents(cmsROOT . 'modules/' . $module . '/class.' . $module . '.php'))) { $module = 'core'; } } else { $module = 'core'; } if (!empty($module) && $objCore->loadModule($module, true)) { $objModule = new $module($objCore); if (method_exists($objModule, 'showMain')) { $objModule->showMain(); } else { hmsgDie('FAIL', 'Sorry the Module that was supposed to be supplying this page with data apparently cant....'); } } else { $objCore->throwHTTP(404); } $objPage->showHeader(); if (!$objTPL->get_html('body')) { msgDie('FAIL', 'No output received from module.'); } else { echo $objTPL->get_html('body'); } $objPage->showFooter();
/** * Generates the cache for the routing system, used as a callback in the caching class * * @version 1.0 * @since 1.0.0 * @author Daniel Noel-Davies * * @todo Use 2 Queries, One to select non-structure url's (without :'s) * and one with structure'd url's. The first should be listed * before the second, to allow for successful processing and * precedence. * * @return array */ public static function generate_cache() { $output = array(); $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('module', 'label', 'pattern', 'method', 'arguments', 'requirements', 'status', 'redirect')->addField('pattern LIKE "%:%" as `dynamic`')->from('#__routes')->where('status = 1')->orderBy('`dynamic` ASC, method DESC, CHAR_LENGTH(pattern)', 'DESC')->build(); $results = $objSQL->fetchAll($query); $methods = array('ANY', 'HEAD', 'PUT', 'GET', 'OPTIONS', 'POST', 'DELETE', 'TRACE', 'CONNECT', 'PATCH'); foreach ($results as $result) { $args = json_decode($result['arguments'], true); if ($args === null) { $args = array(); } $reqs = json_decode($result['requirements'], true); if ($reqs === null) { $reqs = array(); } // Error if the route label exists more than once if (isset($output[$result['label']])) { hmsgDie('fail', 'Route label exists more than once.. :/ Weird eh?'); } $output[$result['label']] = array('method' => in_array($result['method'], $methods) ? $result['method'] : 'ANY', 'pattern' => $result['pattern'], 'module' => $result['module'], 'arguments' => $args, 'requirements' => $reqs, 'label' => $result['label'], 'status' => $result['status'], 'redirect' => $result['redirect']); } return $output; }
} if (User::$IS_ONLINE && !$acpCheck && !isset($_GET['ajax'])) { $objPage->redirect('/' . root() . 'index.php'); } $objLogin->doLogin(isset($_GET['ajax']) && HTTP_AJAX ? true : false); break; case 'active': if (!isset($_GET['un']) || !isset($_GET['check'])) { hmsgDie('FAIL', 'Cannot activate your account, Please use all the url sent to you in the email'); } else { if ($objUser->getUserInfo($_GET['un'], 'active') == 1) { hmsgDie('Info', 'You account is already active.'); } if ($objLogin->activateAccount($_GET['un'], $_GET['check'])) { $objLogin->doError('0x08'); } else { // Make this into a form hmsgDie('FAIL', contentParse('Cannot activate your account. Please email the site administrator at [email]' . $objCore->config('site', 'admin_email') . '[/email]')); } } break; case 'logout': $objLogin->logout($_GET['check']); break; } $objPage->showHeader(isset($_GET['ajax']) ? true : false); if ($objTPL->output('body')) { msgDie('FAIL', 'No output received.'); } $objPage->showFooter(isset($_GET['ajax']) ? true : false);
} if (User::$IS_MOD) { $corePanels['mod'] = cmsROOT . 'modules/core/panels/mod/'; } if (User::$IS_USER) { $corePanels['user'] = cmsROOT . 'modules/core/panels/user/'; } if ($module == 'core') { //setup the tabs $_cp_tabs = 'modules/core/panels/' . $controlPanel . '/menu.php'; if (!is_file($_cp_tabs) || !is_readable($_cp_tabs)) { hmsgDie('FAIL', 'Error: Tabs for this panel don\'t exist.'); } $menuTabs = parse_ini_file($_cp_tabs, true); if (!is_array($menuTabs) || !count($menuTabs)) { hmsgDie('FAIL', 'Error: Tabs setup failed.'); } } else { include cmsROOT . 'modules/' . $module . '/cfg.php'; if (isset($mod_menu) && count($mod_menu)) { $menuTabs = $mod_menu[$controlPanel]; } } $_output_tabs = array(); //make sure we are in a good mode $array = array('user', 'mod', 'admin'); if (count($config['modules']) && in_array($controlPanel, $array)) { foreach ($menuTabs as $parentKey => $v) { if (is_array($v)) { foreach ($v as $key => $value) { if ($key != 'info') {
if ($objForm->loadCaptcha('verify') === false) { $_error['captcha'] = 'The captcha you provided was incorrect. Please try again.'; } if (count($_error)) { $_SESSION['register']['error'] = $_error; $_SESSION['register']['form'] = $_POST; $objPage->redirect($objCore->config('global', 'fullPath'), 3, 0); exit; } //set the input array up $userInfo['username'] = $_POST['username']; $userInfo['password'] = $_POST['password']; $userInfo['email'] = $_POST['email']; $register = $objUser->register($userInfo); if (!$register) { msgDie('FAIL', $objUser->error()); } if ($objPage->config('site', 'register_verification')) { $user = $objUser->getUserInfo($register); $emailVars['URL'] = 'http://' . $_SERVER['HTTP_HOST'] . '/' . root() . 'login.php?action=active&un=' . $user['id'] . '&check=' . $user['usercode']; $emailVars['USERNAME'] = $userInfo['username']; $emailVars['SITE_NAME'] = $objCore->config('site', 'name'); sendEmail($userInfo['email'], 'E_REG_SUCCESSFUL', $emailVars); $msg = langVar('L_REG_SUCCESS_EMAIL'); } else { $msg = langVar('L_REG_SUCCESS_NO_EMAIL'); } unset($_SESSION['register'], $_SESSION['error'], $query, $userInfo, $_error); $objCache->generate_statistics_cache(); hmsgDie('INFO', $msg); }
hmsgDie('FAIL', 'Fatal Error - BBCode\'s not available.'); } // //--Module Setup // $file = cmsROOT . 'core/classes/class.module.php'; if (is_readable($file)) { require_once $file; } else { hmsgDie('FAIL', 'Fatal Error - Modules cannot be loaded.'); } //if site is closed, make it so, kill debug, no menu is needed, 'cmsCLOSED' can be used as a bypass if ($objCore->config('site', 'site_closed') == 1 && !defined('cmsCLOSED')) { if ($objUser->grab('userlevel') != ADMIN) { $objSQL->debug = false; $objPage->setMenu(false); $objPage->setTitle('DISABLED'); hmsgDie('INFO', 'Site has been disabled. ' . contentParse("\n" . $objCore->config('site', 'closed_msg'))); } else { $objTPL->assign_block_vars('__MSG', array('MESSAGE' => langVar('L_MAINTENANCE'))); } } // //--Include the CMS's internal CRON // $file = cmsROOT . 'core/cron.php'; if (is_readable($file)) { require_once $file; } else { hmsgDie('FAIL', 'Fatal Error - Cron cannot be found.'); }
$classes['objPage'] = array($classDir . 'class.page.php'); $classes['objGroups'] = array($classDir . 'class.groups.php'); $classes['objForm'] = array($classDir . 'class.form.php'); $classes['objTime'] = array($classDir . 'class.time.php'); $classes['objNotify'] = array($classDir . 'class.notify.php'); //init these classes $doneSetup = $objCore->setup($classes); if (!$doneSetup) { msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Cannot load CMS Classes, make sure file structure is intact and $cmsROOT is defined properly if applicable.')); } //globalise the class names foreach ($objCore->classes as $objName => $args) { ${$objName} =& $objCore->{$objName}; } $objSQL = false; unset($classes, $objCore->classes); $objPage->setVar('language', $language); // //--BBCode Setup // $objBBCode = new BBCode(); $objBBCode->SetDebug(true); $objBBCode->SetDetectURLs(false); $objBBCode->ClearSmileys(); $objBBCode->SetSmileyDir('/' . root() . 'images/smilies/'); $file = cmsROOT . 'core/bbcode_tags.php'; if (is_readable($file)) { require_once $file; } else { hmsgDie('FAIL', 'Fatal Error - BBCode\'s not available.'); }
$output = null; switch ($mode) { default: $output = msg('INFO', 'WARNING: This panel is designed to keep you informed of any changes in your files, ' . 'as such the operations that are avalible here are resource intensive and may take several mins to complete ' . 'depending on the size of your installation. This panel will keep information for files inside the CMS Install ' . 'Directory "<strong>/' . root() . '</strong>".<br /><br />Please click an option from above to continue.', 'return'); break; case 'new': $empty = $objSQL->query('TRUNCATE TABLE `$Pfileregistry`'); if ($empty) { $output .= 'File Hashes removed<br />'; } //update the table with the new info recursive_filechk('./', '', 'php'); //upadte the db tell it we did an update $update = $objSQL->updateRow('config', array('value' => time()), 'var = "registry_update"'); if (!$update) { hmsgDie('FAIL', 'Error: Could not update the check time.'); } //reboot the cache $objCache->regenerateCache('config'); $output .= 'File Hashes renewed<br />'; break; case 'check': $query = $objSQL->getTable('SELECT * FROM `$Pfileregistry`'); $i = 0; foreach ($query as $row) { $current_hash = -1; if (is_file($row['filename'])) { $current_hash = @filesize($row['filename']) . '-' . count(@file($row['filename'])) . '-' . sha1(file_get_contents($row['filename'])); } if ($current_hash == '-1') { $filestatus = langVar('L_DELETED');
public function categoryModify() { //grab the ID, if its set to 0 then we want to add a category $id = doArgs('id', -1, $_GET, 'is_number'); if ($id == -1) { hmsgDie('FAIL', 'Error: Invalid ID passed.'); } //grab the forum category if ($id != 0) { $cat = $this->objForum->getForumInfo($id); if (!$cat) { hmsgDie('FAIL', 'Error: Could not find category by ID'); } $cat = $cat[0]; } else { $cat = array('title' => '', 'parent_id' => 0, 'desc' => '', 'auth_view' => 0, 'auth_read' => 0, 'auth_post' => 0, 'auth_reply' => 0, 'auth_edit' => 0, 'auth_del' => 0, 'auth_move' => 0, 'auth_special' => 0, 'auth_mod' => 0); } $this->objPage->setTitle(langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT')); $this->objPage->addPagecrumb(array(array('url' => '/' . root() . 'admin/forum/setup/', 'name' => 'Category Management'), array('url' => $_url, 'name' => langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT')))); if (!HTTP_POST) { $this->objPage->addJSFile('/' . root() . 'modules/forum/scripts/admin_catEdit.js'); $this->objTPL->set_filenames(array('body' => 'modules/forum/template/admin/panel.edit_category.tpl')); $permList = array(); $permList['0'] = 'Everyone'; $permList['1'] = 'Registered Only'; $permList['2'] = 'With Permission'; $permList['3'] = 'Moderators Only'; $permList['5'] = 'Admin Only'; $field_names = array('auth_view' => array('View', 'Determine whether it is visible on listings.'), 'auth_read' => array('Read', 'Determine whether this categories contents are readable.'), 'auth_post' => array('Post', 'Determine if this category can be posted to.'), 'auth_reply' => array('Reply', 'Determine if the threads in this category can be replied to.'), 'auth_edit' => array('Edit', 'Deternine if the threads in this category can be editable.'), 'auth_del' => array('Delete', 'Deternine if the threads in this category can be deleted.'), 'auth_move' => array('Move', 'Deternine if the threads in this category can be moved.'), 'auth_special' => array('Special', 'Determine who has the ability to add special items(attachments, polls, etc) to a thread/post.'), 'auth_mod' => array('Moderate', 'Determine who gets to moderate this category.')); $perms = NULL; $j = 0; $img = '/' . root() . 'images/icons/help.png'; foreach ($cat as $k => $v) { $match = preg_match('/auth_([a-zA-Z]*)/is', $k, $m); if (!$match) { continue; } $perms .= '<td><div class="float-left"><img src="' . $img . '" alt="' . $field_names[$m[0]][1] . '" title="' . $field_names[$m[0]][1] . '" />' . $field_names[$m[0]][0] . ':</div>' . '<div class="float-right">' . $this->objForm->select($m[0], $permList, array('fancy' => false, 'extra' => 'data-js="changeme"')) . '</div></td>'; if ($j++ == 4) { $j = 0; $perms .= '</tr><tr>'; } } //this var handles the quick permission select box, this determines // View Read Post Reply Edit Delete Move Special Moderate $simple_auth_array = array('01' => 'Change Me', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Everyone', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Registered', AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Registered [ Hidden ]', AUTH_ALL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'With Permission', AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'With Permission [ Hidden ]', AUTH_ALL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Moderators', AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Moderators [ Hidden ]', '02' => '---', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_MOD . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'News Category'); $this->objTPL->assign_vars(array('L_EDITING_CAT' => langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT'), 'FORM_START' => $this->objForm->start('admin', array('method' => 'POST', 'action' => '/' . root() . 'admin/forum/setup/edit/?action=save&id=' . $id)), 'FORM_END' => $this->objForm->finish(), 'L_CAT_NAME' => 'Category Name', 'CAT_NAME' => $this->objForm->inputbox('title', 'input', $cat['title'], array('extra' => 'style="width:99%"')), 'L_CAT_DESC' => 'Category Desc', 'CAT_DESC' => $this->objForm->textarea('desc', $cat['desc'], array('extra' => 'style="width:99%"', 'rows' => '3')), 'L_CAT_ATTACH' => 'Attach Forum To', 'CAT_ATTACH' => $this->objForum->buildJumpBox('parent_id', $this->objForum->buildJumpBoxArray(array('id' => 0, 'title' => 'Forum Root')), $cat['parentid']), 'L_CAT_PERMS' => 'Category Default Permissions', 'CAT_PERMS' => $perms, 'L_QUICK_PERMS' => 'Quick Swap Perms', 'QUICK_PERMS' => $this->objForm->select('quick_perms', $simple_auth_array, array('fancy' => false)), 'SUBMIT' => $this->objForm->button('submit', 'Save'), 'RESET' => $this->objForm->button('reset', 'Reset'))); $this->objTPL->parse('body', false); } else { $cats = $this->objSQL->getTable('SELECT id FROM `$Pforum_cats`'); #if(!$cats){ hmsgDie('FAIL', 'Error: Could not request forum categories.'); } $catRange = array(0); //set a default of 0, for the new "Master Cat" if ($cats) { foreach ($cats as $cat) { $catRange[] = $cat['id']; } } $authRange = range(0, 5); $needed = array('title' => 'string', 'parentid' => $catRange, 'desc' => 'string', 'auth_view' => $authRange, 'auth_read' => $authRange, 'auth_post' => $authRange, 'auth_reply' => $authRange, 'auth_edit' => $authRange, 'auth_del' => $authRange, 'auth_move' => $authRange, 'auth_special' => $authRange, 'auth_mod' => $authRange); unset($update); foreach ($needed as $field => $vals) { //if what we need aint there, just continue if (!isset($_POST[$field])) { continue; } //now check if its not an array, then we want to check if its empty if (!is_array($vals) && empty($_POST[$field])) { continue; } //its an array, so check if the value from the post, is in the acceptable array if (is_array($vals) && !in_array($_POST[$field], $vals)) { continue; } $update[$field] = $_POST[$field]; } if ($id != 0) { $update = $this->objSQL->updateRow('forum_cats', $update, 'id = ' . $id, 'Forum: Updated category - ' . $update['title']); $this->objPage->redirect('/' . root() . 'admin/forum/setup/edit/?id=' . $id, 2); if (!$update) { hmsgDie('FAIL', 'Error: Update Failed.'); } hmsgDie('INFO', 'Update Successful.'); } else { $AI = $this->objSQL->getAI('forum_cats'); $update = $this->objSQL->insertRow('forum_cats', $update, 'Forum: Added new category - ' . $update['title']); $this->objPage->redirect('/' . root() . 'admin/forum/setup/edit/?id=' . $AI, 2); if (!$update) { hmsgDie('FAIL', 'Error: Adding new category Failed.'); } hmsgDie('INFO', 'New Category Added.'); } } }
WHERE array NOT IN("%s") AND var NOT IN("%s") AND var NOT LIKE "%s" ORDER BY array, var ASC', array(implode('", "', $array), implode('", "', $var), '%captcha_%'))); } //and output include $path . '/cfg.php'; $objTPL->assign_vars(array('ADMIN_MODE' => $mod_name, 'MSG' => msg('INFO', langVar('L_SYSINFO_MSG'), 'return', 'Information - <a href="' . $objCore->getQueryString($url, array('config' => 'true')) . '">With Configuration</a>'), 'CONTENT' => $objForm->textarea('sysInfo', $content, array('style' => 'width: 99%;border:0;')))); break; case 'update': hmsgDie('INFO', 'This panel has yet to be implemented. Some ideas for it have been put in the source.'); /* TODO: No clue :P */ break; case 'about': // $objTPL->set_filenames(array( // 'body' => 'modules/core/template/panels/panel.settings.tpl', // )); hmsgDie('INFO', 'This panel has yet to be implemented. Some ideas for it have been put in the source.'); /* TODO: Not sure about this one either, prolly wont stay here.. */ break; default: $objCore->throwHTTP(404); break; } $objTPL->parse('body', false);
public static function getDBO() { global $errorTPL; if (!isset(Core_Classes_coreObj::$_classes['database'])) { $options = self::config('db'); if (!$options) { trigger_error('Error: Could not obtain values from the configuration file. Please ensure it is present.', E_USER_ERROR); } $name = 'Core_Drivers_' . $options['driver']; $options['persistant'] = true; $options['debug'] = cmsDEBUG ? true : false; $options['logging'] = is_file(cmsROOT . 'cache/ALLOW_LOGGING'); $objSQL = new $name(null, $options); if ($objSQL === false) { if (!headers_sent()) { header('HTTP/1.1 500 Internal Server Error'); exit; } hmsgDie('FAIL', 'Error: No DB Avaliable'); } if (!$objSQL->connect()) { msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Connecting to SQL failed. ' . $objSQL->getVar('errorMsg') . (cmsDEBUG ? '<br />' . $objSQL->getError() : NULL))); } Core_Classes_coreObj::$_classes['database'] = $objSQL; } return Core_Classes_coreObj::$_classes['database']; }
public function parseString($handle, $string, $echo = true) { if (is_empty($handle) || is_empty($string)) { hmsgDie('FAIL', 'Error: Invalid arguments passed to parseString())'); } if (isset($this->uncompiled_code[$handle])) { hmsgDie('FAIL', 'Error: Code Handle already set for ' . $handle); } $this->uncompiled_code[$handle] = $string; if ($this->use_cache) { $this->loadfile[$handle] = false; $code = $this->get_cached_code($handle); } else { if (!isset($this->compiled_code[$handle]) || is_empty($this->compiled_code[$handle])) { $this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]); } $code = $this->compiled_code[$handle]; } if (substr($code, 0, 5) == '$_str') { $code .= ' echo $_str;'; } if ($echo) { eval($code); return true; } else { $this->__eval[$handle] = $code; return; } }
/** * Loads in a instance of the requested module * * @version 2.0 * @since 0.8.0 * @author xLink * * @param string $module Module name * @param var $returnVar Variable you want the module to be loaded into * @param string $mode class, admin, mod, user */ function autoLoadModule($module, &$returnVar, $mode = 'class') { global $objCore; $objCore->objSQL->recordMessage('Loading Module: ' . $module, 'INFO'); if (!is_dir(cmsROOT . 'modules/' . $module . '/')) { hmsgDie('FAIL', 'Error loading module file "' . $module . '"'); return; } $file = cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php'; if (!is_readable($file)) { hmsgDie('FAIL', 'Error loading module file "' . $module . '"'); return; } $fileData = file_get_contents($file); $newModule = $module . '_' . substr(md5(microtime()), 0, 6); $fileData = preg_replace("/(class[\\s]){$module}([\\s]extends[\\s]module{)/i", '\\1' . $newModule . '\\2', $fileData); $success = eval('?>' . $fileData . '<?php '); if ($success === false) { hmsgdie('FAIL', 'Error: There was a syntax error in the class."' . $module . '".php file. Loading Halted.'); return; } $returnVar = new $newModule($objCore); }
if ($userava_update === NULL) { msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0); } $avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>'; $this->objLogin->setSessions($uid); msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0); } else { msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0); } } else { unset($update); $update['avatar'] = '/' . root() . 'images/avatars/' . $uid . '/' . $file; $userava_update = $this->objSQL->updateRow('users', $update, 'id = "' . $uid . '"'); $avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>'; if ($userava_update === NULL) { msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0); } $this->objLogin->setSessions($uid); msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0); } } else { $this->objTPL->set_filenames(array('body' => 'modules/profile/template/ava_upload.tpl')); $form = 'File: ' . $this->objForm->inputbox('file', '', 'avatar', array('class' => 'upload_field', 'extra' => ' size="30"')) . $this->objForm->inputbox('hidden', 30000, 'MAX_FILE_SIZE'); $this->objTPL->assign_vars(array('SFORM' => $this->objForm->start('upload', 'POST', '/' . root() . 'modules/profile/avatar/?action=upload', "\$(\"uploading\").Show;\$(\"uploader\").Hide;", ' enctype="multipart/form-data"'), 'EFORM' => $this->objForm->finish(), 'MSG' => 'Please select the image you wish to use as your avatar.', 'FIELDS' => $form, 'SUBMIT' => $this->objForm->button('Upload', 'submit'), 'IMG' => '/' . root() . 'images/ajax-loading.gif', 'YES' => $this->objForm->button('Yes', 'submit', 'boxgreen'), 'NO' => $this->objForm->button('No', 'submit', 'boxred'))); $this->objTPL->pparse('body'); } break; default: hmsgDie('FAIL', 'No idea what you were trying to do there...'); break; }
$pageUrl = $objCore->config('global', 'url'); $url = str_replace('?save', '', $objCore->config('global', 'url')); $saveUrl = $objCore->getQueryString($url, array('save' => null)); $uid = User::$IS_MOD ? doArgs('uid', $objUser->grab('id'), $_GET, 'is_number') : $objUser->grab('id'); // mode will change based on what we want, set it to null to begin with, then check for mode, and then for save // not using doArgs() in this instance due to wanting ?save to actually work $mode = null; if (isset($_GET['mode']) && !is_empty($_GET['mode'])) { $mode = $_GET['mode']; } if (isset($_GET['save'])) { $mode = 'save'; } if (!defined('NOMENU')) { if (!is_readable(cmsROOT . 'modules/core/handler.panelTabs.php')) { hmsgDie('FAIL', 'Error: Missing Panel Menu File...Cannot Continue.'); } include cmsROOT . 'modules/core/handler.panelTabs.php'; } $file = $path . '/panel.' . $panel . '.php'; if (!is_file($file) || !is_readable($file)) { $objCore->throwHTTP(404); } else { include_once $file; } if (!$objTPL->isHandle('body')) { msg('FAIL', 'Error: Panel did not output any content.', '_CONTENT'); } $objTPL->assign_var('_TABS', $objTPL->output('sys_tabs', false)); $objTPL->assign_var('_CONTENT', $objTPL->output('body', false)); $objTPL->parse('panel', false);
/** * Displays a confirmation messagebox. * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param string $type * @param string $msg * @param string $title * @param string $tplVar * * @return bool */ function confirmMsg($type, $msg, $title = NULL, $tplVar = NULL) { $objPage = Core_Classes_coreObj::getPage(); $objForm = Core_Classes_coreObj::getForm(); $objUser = Core_Classes_coreObj::getUser(); //check if we have confirmed either way yet if (!HTTP_POST) { //setup redirects and session ids $_SESSION['site']['confirm']['return'] = isset($_SERVER['HTTP_REFERER']) && !is_empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/' . root() . ''; $_SESSION['site']['confirm']['sessid'] = $sessid = $objUser->mkPassword($objUser->grab('username') . time()); //and the form, atm its gotta be crude, it'll be sexied up for the rebuild $newMsg = $objForm->start('msg', array('method' => 'POST')); $newMsg .= $msg . '<br />'; $newMsg .= $objForm->inputbox('sessid', 'hidden', $sessid) . '<br />'; $newMsg .= '<div align="center">' . $objForm->button('submit', 'Continue') . ' ' . $objForm->button('submit', 'Go Back', array('class' => 'black')) . '</div>'; $newMsg .= $objForm->finish(); //use msg() to output and return false so the code wont exec below echo msg($type, $newMsg, $tplVar, $title); return false; } else { //now we have confirmed, lets do a little sanity checking $redir = $_SESSION['site']['confirm']['return']; //we have the sessid if (!isset($_POST['sessid'])) { hmsgDie('FAIL', 'Error: Please confirm your intentions via the form.'); } if ($_POST['sessid'] != $_SESSION['site']['confirm']['sessid']) { hmsgDie('FAIL', 'Error: Could not verify your intentions.'); } //dont need this anymore unset($_SESSION['site']['confirm']); //make sure we actually have the submit if (!isset($_POST['submit'])) { hmsgDie('FAIL', 'Error: Could not verify your intentions.'); } //now check for what we expect and act accordingly if ($_POST['submit'] == 'Continue') { return true; } if ($_POST['submit'] == 'Go Back') { $objPage->redirect($redir, 3, 0); hmsgDie('INFO', 'Redirecting you back.'); } //if we get here, they tried to play us, so lets just return false anyway return false; } }
#echo dump($_GET); $mode = doArgs('__mode', null, $_GET); $module = doArgs('__module', 'core', $_GET); $action = doArgs('__action', null, $_GET); $extra = doArgs('__extra', null, $_GET); if (false) { echo dump($mode) . dump($module) . dump($action) . dump($extra); } //user isnt even logged in lets 404 them if (!User::$IS_ONLINE) { $objCore->throwHTTP(404); } //make sure they are getting at the right panel $checkMode = array('admin', 'mod', 'user'); if (!in_array($mode, $checkMode)) { hmsgDie('FAIL', 'Error: Unknown Panel Group'); } $objPage->addPagecrumb(array(array('url' => '/' . root() . $mode . '/', 'name' => ucwords($mode) . ' Control Panel'))); //if we are tryin to load a core panel.. if (strtolower($module) == 'core') { require cmsROOT . 'modules/core/handler.panels.php'; } else { $controlPanel = $mode; require cmsROOT . 'modules/core/handler.panelTabs.php'; if (!empty($module) && $objPage->loadModule($module, true, $mode)) { $objModule = new $module($objCore); $objModule->doAction($action); } else { $objCore->throwHTTP(404); } }