function spa_render_options_container($formid) { switch ($formid) { case 'global': include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-global-form.php'; spa_options_global_form(); break; case 'display': include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-display-form.php'; spa_options_display_form(); break; case 'content': include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-content-form.php'; spa_options_content_form(); break; case 'members': include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-members-form.php'; spa_options_members_form(); break; case 'email': include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-email-form.php'; spa_options_email_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_render_integration_container($formid) { switch ($formid) { case 'page': include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-page-form.php'; spa_integration_page_form(); break; case 'storage': include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-storage-form.php'; spa_integration_storage_form(); break; case 'language': include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-language-form.php'; spa_integration_language_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_render_themes_container($formid) { switch ($formid) { case 'theme-list': include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-list-form.php'; spa_themes_list_form(); break; case 'mobile': include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-mobile-form.php'; spa_themes_mobile_form(); break; case 'tablet': include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-tablet-form.php'; spa_themes_tablet_form(); break; case 'editor': include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-editor-form.php'; spa_themes_editor_form(); break; case 'theme-upload': include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-upload-form.php'; spa_themes_upload_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_render_admins_container($formid) { switch ($formid) { case 'youradmin': include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-your-options-form.php'; spa_admins_your_options_form(); break; case 'globaladmin': include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-global-options-form.php'; spa_admins_global_options_form(); break; case 'manageadmin': require_once ABSPATH . 'wp-admin/includes/admin.php'; include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-manage-admins-form.php'; spa_admins_manage_admins_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function sp_build_url($forumslug, $topicslug, $pageid, $postid = 0, $postindex = 0, $rss = 0) { if ($postid != 0 && $pageid == 0) { $pageid = sp_determine_page($forumslug, $topicslug, sp_esc_int($postid), sp_esc_int($postindex)); } $url = trailingslashit(sp_url()); if ($forumslug) { $url .= $forumslug; } if ($topicslug) { $url .= '/' . $topicslug; } if ($rss) { if (!empty($forumslug) || !empty($topicslug)) { $url .= '/'; } $url .= 'rss'; } if ($pageid > 1) { $url .= '/page-' . $pageid; } $url = user_trailingslashit($url); if ($postid) { $url .= '#p' . $postid; } return esc_url($url); }
function spa_render_profiles_container($formid) { switch ($formid) { case 'options': include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-options-form.php'; spa_profiles_options_form(); break; case 'tabsmenus': include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-tabs-menus-form.php'; spa_profiles_tabs_menus_form(); break; case 'avatars': include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-avatars-form.php'; spa_profiles_avatars_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function sp_admin_bar_admin_options_save() { $options = ''; $options['dashboardposts'] = isset($_POST['dashboardposts']); sp_update_option('spAdminBar', $options); sp_update_option('spAkismet', sp_esc_int($_POST['spAkismet'])); return __('Admin bar options updated!', 'spab'); }
function spa_render_toolbox_container($formid) { switch ($formid) { case 'toolbox': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-toolbox-form.php'; spa_toolbox_toolbox_form(); break; case 'environment': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-environment-form.php'; spa_toolbox_environment_form(); break; case 'housekeeping': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-housekeeping-form.php'; spa_toolbox_housekeeping_form(); break; case 'inspector': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-inspector-form.php'; spa_toolbox_inspector_form(); break; case 'cron': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-cron-form.php'; spa_toolbox_cron_form(); break; case 'log': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-log-form.php'; spa_toolbox_log_form(); break; case 'errorlog': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-errorlog-form.php'; spa_toolbox_errorlog_form(); break; case 'changelog': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-changelog-form.php'; spa_toolbox_changelog_form(); break; case 'uninstall': include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-uninstall-form.php'; spa_toolbox_uninstall_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_render_components_container($formid) { switch ($formid) { case 'smileys': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-smileys-form.php'; spa_components_smileys_form(); break; case 'login': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-login-form.php'; spa_components_login_form(); break; case 'seo': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-seo-form.php'; spa_components_seo_form(); break; case 'forumranks': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-forumranks-form.php'; spa_components_forumranks_form(); break; case 'addmembers': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-add-form.php'; spa_components_sr_add_members_form($_GET['id']); break; case 'delmembers': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-del-form.php'; spa_components_sr_del_members_form($_GET['id']); break; case 'messages': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-messages-form.php'; spa_components_messages_form(); break; case 'policies': include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-policies-form.php'; spa_components_policies_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_get_login_data() { $sfcomps = array(); $sflogin = array(); $sflogin = sp_get_option('sflogin'); $sfcomps['sfregmath'] = $sflogin['sfregmath']; $sfcomps['sfloginurl'] = sp_filter_url_display($sflogin['sfloginurl']); $sfcomps['sfloginemailurl'] = sp_filter_url_display($sflogin['sfloginemailurl']); $sfcomps['sflogouturl'] = sp_filter_url_display($sflogin['sflogouturl']); $sfcomps['sfregisterurl'] = sp_filter_url_display($sflogin['sfregisterurl']); $sfcomps['sptimeout'] = sp_esc_int($sflogin['sptimeout']); $sfrpx = sp_get_option('sfrpx'); $sfcomps['sfrpxenable'] = $sfrpx['sfrpxenable']; $sfcomps['sfrpxkey'] = $sfrpx['sfrpxkey']; $sfcomps['sfrpxredirect'] = sp_filter_url_display($sfrpx['sfrpxredirect']); return $sfcomps; }
function spa_render_usergroups_container($formid) { switch ($formid) { case 'usergroups': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/spa-usergroups-display-main.php'; spa_usergroups_usergroup_main(); break; case 'createusergroup': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-create-usergroup-form.php'; spa_usergroups_create_usergroup_form(); break; case 'editusergroup': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-edit-usergroup-form.php'; spa_usergroups_edit_usergroup_form(sp_esc_int($_GET['id'])); break; case 'delusergroup': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-usergroup-form.php'; spa_usergroups_delete_usergroup_form(sp_esc_int($_GET['id'])); break; case 'addmembers': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-add-members-form.php'; spa_usergroups_add_members_form(sp_esc_int($_GET['id'])); break; case 'delmembers': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-members-form.php'; spa_usergroups_delete_members_form(sp_esc_int($_GET['id'])); break; case 'mapusers': include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-map-users.php'; spa_usergroups_map_users(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_render_users_container($formid) { switch ($formid) { case 'member-info': require_once ABSPATH . 'wp-admin/includes/admin.php'; include_once SF_PLUGIN_DIR . '/admin/panel-users/forms/spa-users-members-form.php'; spa_users_members_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function spa_save_integration_page_data() { check_admin_referer('forum-adminform_integration', 'forum-adminform_integration'); $mess = ''; $slugid = sp_esc_int($_POST['slug']); if ($slugid == '' || $slugid == 0) { $setslug = ''; $setpage = 0; } else { $setpage = $slugid; $page = spdb_table(SFWPPOSTS, "ID={$slugid}", 'row'); $setslug = $page->post_name; if ($page->post_parent) { $parent = $page->post_parent; while ($parent) { $thispage = spdb_table(SFWPPOSTS, "ID={$parent}", 'row'); $setslug = $thispage->post_name . '/' . $setslug; $parent = $thispage->post_parent; } } } sp_update_option('sfpage', $setpage); sp_update_option('sfslug', $setslug); spa_update_check_option('sfinloop'); spa_update_check_option('sfmultiplecontent'); spa_update_check_option('sfwpheadbypass'); spa_update_check_option('sfwplistpages'); spa_update_check_option('sfscriptfoot'); spa_update_check_option('sfuseob'); spa_update_check_option('spwptexturize'); sp_update_option('spheaderspace', sp_esc_int($_POST['spheaderspace'])); if (!$setpage) { $mess .= spa_text('Page slug missing'); $mess .= ' - ' . spa_text('Unable to determine forum permalink without it'); } else { $mess .= spa_text('Forum page and slug updated'); sp_update_permalink(true); } do_action('sph_integration_save'); return $mess; }
function spa_render_permissions_container($formid) { switch ($formid) { case 'permissions': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/spa-permissions-display-main.php'; spa_permissions_permission_main(); break; case 'createperm': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-permission-form.php'; spa_permissions_add_permission_form(); break; case 'editperm': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-edit-permission-form.php'; spa_permissions_edit_permission_form(sp_esc_int($_GET['id'])); break; case 'delperm': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-delete-permission-form.php'; spa_permissions_delete_permission_form(sp_esc_int($_GET['id'])); break; case 'resetperms': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-reset-permissions-form.php'; spa_permissions_reset_perms_form(); break; case 'newauth': include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-auth-form.php'; spa_permissions_add_auth_form(); break; # leave this for plugins to add to this panel # leave this for plugins to add to this panel case 'plugin': include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php'; $admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : ''; $save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : ''; $form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : ''; $reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : ''; spa_plugins_user_form($admin, $save, $form, $reload); break; } }
function sp_featured_do_process_actions() { global $spThisUser, $spGlobals; # only admins and mods if (!$spThisUser->admin && !$spThisUser->moderator) { return; } if (isset($_POST['featuretopic']) && !empty($_POST['featuretopicaction'])) { $topic = sp_esc_int($_POST['featuretopic']); $featured = $spGlobals['featured']['topics']; if ($_POST['featuretopicaction'] == 'add') { $featured[] = $topic; $featured = array_unique($featured); } else { $key = array_search($topic, $featured); if ($key !== false) { unset($featured[$key]); } } sp_add_sfmeta('featured', 'topics', $featured, true); $spGlobals['featured']['topics'] = $featured; } if (isset($_POST['featurepost']) && !empty($_POST['featurepostaction'])) { $post = sp_esc_int($_POST['featurepost']); $featured = $spGlobals['featured']['posts']; if ($_POST['featurepostaction'] == 'add') { $featured[] = $post; $featured = array_unique($featured); } else { $key = array_search($post, $featured); if ($key !== false) { unset($featured[$key]); } } sp_add_sfmeta('featured', 'posts', $featured, true); $spGlobals['featured']['posts'] = $featured; } }
<?php /* Simple:Press Admin Ahah call for Users $LastChangedDate: 2014-06-20 20:47:00 -0700 (Fri, 20 Jun 2014) $ $Rev: 11582 $ */ if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('Access denied - you cannot directly call this file'); } spa_admin_ahah_support(); # ---------------------------------- # Check Whether User Can Manage Users if (!sp_current_user_can('SPF Manage Users')) { spa_etext('Access denied - you do not have permission'); die; } $action = $_GET['action']; if (isset($action) && $action == 'delete') { $userid = sp_esc_int($_GET['id']); if (!current_user_can('delete_user', $userid)) { wp_die(spa_text("You can't delete that user.")); } else { require_once ABSPATH . 'wp-admin/includes/user.php'; wp_delete_user($userid); } } die;
/* Simple:Press Ahah call for View Member Profile $LastChangedDate: 2015-09-05 07:36:03 -0700 (Sat, 05 Sep 2015) $ $Rev: 13390 $ */ if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('Access denied - you cannot directly call this file'); } sp_forum_api_support(); include_once SF_PLUGIN_DIR . '/forum/content/sp-common-view-functions.php'; include_once SF_PLUGIN_DIR . '/forum/content/sp-profile-view-functions.php'; # set up some globals for theme template files (spProfilePopup in this case) to use directly global $spGroupView, $spThisGroup, $spForumView, $spThisForum, $spThisForumSubs, $spThisTopic, $spThisPost, $spThisPostUser, $spNewPosts, $spThisUser, $spProfileUser, $spMembersList, $spThisMemberGroup, $spThisMember, $spGlobals, $spDevice, $spMobile; $userid = isset($_GET['user']) ? sp_esc_int($_GET['user']) : 0; $action = isset($_GET['action']) ? $_GET['action'] : ''; do_action('sph_ProfileStart', $action); global $spIsForum; $spIsForum = true; $spGlobals['editor'] = apply_filters('sph_this_editor', $spGlobals['editor']); do_action('sph_load_editor', $spGlobals['editor']); $out = ''; # is it a popup profile? if ($action == 'popup') { if (empty($userid)) { sp_notify(SPFAILURE, sp_text('Invalid profile request')); $out .= sp_render_queued_notification(); $out .= '<div class="sfmessagestrip">'; $out .= apply_filters('sph_ProfileErrorMsg', sp_text('Sorry, an invalid profile request was detected')); $out .= '</div>';
$key = sp_esc_int($_GET['key']); # remove the forum rank $sql = 'DELETE FROM ' . SFMETA . " WHERE meta_type='forum_rank' AND meta_id='{$key}'"; spdb_query($sql); } if ($action == 'del_specialrank') { $key = sp_esc_int($_GET['key']); $specialRank = sp_get_sfmeta('special_rank', false, $key); # remove members rank first spdb_query('DELETE FROM ' . SFSPECIALRANKS . ' WHERE special_rank="' . $specialRank[0]['meta_key'] . '"'); # remove the forum rank $sql = 'DELETE FROM ' . SFMETA . " WHERE meta_type='special_rank' AND meta_id='{$key}'"; spdb_query($sql); } if ($action == 'show') { $key = sp_esc_int($_GET['key']); $specialRank = sp_get_sfmeta('special_rank', false, $key); $users = spdb_select('col', 'SELECT display_name FROM ' . SFSPECIALRANKS . ' JOIN ' . SFMEMBERS . ' ON ' . SFSPECIALRANKS . '.user_id = ' . SFMEMBERS . '.user_id WHERE special_rank = "' . $specialRank[0]['meta_key'] . '" ORDER BY display_name'); echo '<fieldset class="sfsubfieldset">'; echo '<legend>' . spa_text('Special Rank Members') . '</legend>'; if ($users) { echo '<ul class="memberlist">'; for ($x = 0; $x < count($users); $x++) { echo '<li>' . sp_filter_name_display($users[$x]) . '</li>'; } echo '</ul>'; } else {
function sp_UpdateProfile() { global $spGlobals, $spThisUser; # make sure nonce is there check_admin_referer('forum-profile', 'forum-profile'); $message = array(); # dont update forum if its locked down if ($spGlobals['lockdown']) { $message['type'] = 'error'; $message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated'); return $message; } # do we have a form to update? if (isset($_GET['form'])) { $thisForm = sp_esc_str($_GET['form']); } else { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid form'); return $message; } # do we have an actual user to update? if (isset($_GET['userid'])) { $thisUser = sp_esc_int($_GET['userid']); } else { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid user'); return $message; } # Check the user ID for current user of admin edit if ($thisUser != $spThisUser->ID && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('Profile update aborted - no valid user'); return $message; } if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) { $pass1 = $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = $_POST['pass1']; } if (isset($_POST['pass2'])) { $pass2 = $_POST['pass2']; } if (empty($pass1) || empty($pass2) || $pass1 != $pass2) { $message['type'] = 'error'; $message['text'] = sp_text('Cannot save profile until password has been changed'); return $message; } } # form save filter $thisForm = apply_filters('sph_profile_save_thisForm', $thisForm); # valid save attempt, so lets process the save switch ($thisForm) { case 'show-memberships': # update memberships # any usergroup removals? if (isset($_POST['usergroup_leave'])) { foreach ($_POST['usergroup_leave'] as $membership) { sp_remove_membership(sp_esc_str($membership), $thisUser); } } # any usergroup joins? if (isset($_POST['usergroup_join'])) { foreach ($_POST['usergroup_join'] as $membership) { sp_add_membership(sp_esc_int($membership), $thisUser); } } # fire action for plugins $message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser); # output update message if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Memberships updated'); } break; case 'account-settings': # update account settings # check for password update $pass1 = $pass2 = ''; if (isset($_POST['pass1'])) { $pass1 = $_POST['pass1']; } if (isset($_POST['pass2'])) { $pass2 = $_POST['pass2']; } if (!empty($pass1) || !empty($pass2)) { if ($pass1 != $pass2) { $message['type'] = 'error'; $message['text'] = sp_text('Please enter the same password in the two password fields'); return $message; } else { # update the password $user = new stdClass(); $user->ID = (int) $thisUser; $user->user_pass = $pass1; wp_update_user(get_object_vars($user)); if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) { delete_user_meta($spThisUser->ID, 'sp_change_pw'); } } } # now check the email is valid and unique $update = apply_filters('sph_ProfileUserEmailUpdate', true); if ($update) { $curEmail = sp_filter_email_save($_POST['curemail']); $email = sp_filter_email_save($_POST['email']); if ($email != $curEmail) { if (empty($email)) { $message['type'] = 'error'; $message['text'] = sp_text('Please enter a valid email address'); return $message; } elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) { $message['type'] = 'error'; $message['text'] = sp_text('The email address is already registered. Please choose another one'); return $message; } # save new email address $sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser; spdb_query($sql); } } # fire action for plugins $message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Account settings updated'); } break; case 'edit-profile': # update profile settings # validate any username change $update = apply_filters('sph_ProfileUserDisplayNameUpdate', true); if ($update) { $spProfile = sp_get_option('sfprofile'); if ($spProfile['nameformat'] || $spThisUser->admin) { $display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login'); $display_name = sp_filter_name_save($display_name); # make sure display name isnt already used if ($_POST['oldname'] != $display_name) { $records = spdb_table(SFMEMBERS, "display_name='{$display_name}'"); if ($records) { foreach ($records as $record) { if ($record->user_id != $thisUser) { $message['type'] = 'error'; $message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name'); return $message; } } } # validate display name $errors = new WP_Error(); $user = new stdClass(); $user->display_name = $display_name; sp_validate_display_name($errors, true, $user); if ($errors->get_error_codes()) { $message['type'] = 'error'; $message['text'] = sp_text('The display name you have chosen is not allowed on this site'); return $message; } # now save the display name sp_update_member_item($thisUser, 'display_name', $display_name); # Update new users list with changed display name sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name); # do we need to sync display name with wp? $options = sp_get_member_item($thisUser, 'user_options'); if ($options['namesync']) { spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser); } } } } # save the url $update = apply_filters('sph_ProfileUserWebsiteUpdate', true); if ($update) { $url = sp_filter_url_save($_POST['website']); $sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser; spdb_query($sql); } # update first name, last name, location and biorgraphy $update = apply_filters('sph_ProfileUserFirstNameUpdate', true); if ($update) { update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name']))); } $update = apply_filters('sph_ProfileUserLastNameUpdate', true); if ($update) { update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name']))); } $update = apply_filters('sph_ProfileUserLocationUpdate', true); if ($update) { update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location']))); } $update = apply_filters('sph_ProfileUserBiographyUpdate', true); if ($update) { update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description'])); } # fire action for plugins $message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Profile settings updated'); } break; case 'edit-identities': # update identity settings # update the user identities $update = apply_filters('sph_ProfileUserAIMUpdate', true); if ($update) { update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim']))); } $update = apply_filters('sph_ProfileUserYahooUpdate', true); if ($update) { update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim']))); } $update = apply_filters('sph_ProfileUserGoogleUpdate', true); if ($update) { update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber']))); } $update = apply_filters('sph_ProfileUserMSNUpdate', true); if ($update) { update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn']))); } $update = apply_filters('sph_ProfileUserICQUpdate', true); if ($update) { update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq']))); } $update = apply_filters('sph_ProfileUserSkypeUpdate', true); if ($update) { update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype']))); } $update = apply_filters('sph_ProfileUserFacebookUpdate', true); if ($update) { update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook']))); } $update = apply_filters('sph_ProfileUserMySpaceUpdate', true); if ($update) { update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace']))); } $update = apply_filters('sph_ProfileUserTwitterUpdate', true); if ($update) { update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter']))); } $update = apply_filters('sph_ProfileUserLinkedInUpdate', true); if ($update) { update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin']))); } $update = apply_filters('sph_ProfileUserYouTubeUpdate', true); if ($update) { update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube']))); } $update = apply_filters('sph_ProfileUserGooglePlusUpdate', true); if ($update) { update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus']))); } # fire action for plugins $message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Identities updated'); } break; case 'avatar-upload': # upload avatar # did we get an avatar to upload? if (empty($_FILES['avatar-upload']['name'])) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar filename was empty'); return $message; } # Verify the file extension global $spPaths; $uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/'; $filename = basename($_FILES['avatar-upload']['name']); $path = pathinfo($filename); $ext = strtolower($path['extension']); if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed'); return $message; } # check image file mimetype $mimetype = 0; $mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']); if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file is an invalid format'); return $message; } # make sure file extension and mime type actually match if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the file mime type does not match file extension'); return $message; } # Clean up file name just in case $filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name'])); $uploadfile = $uploaddir . $filename; # check for existence if (file_exists($uploadfile)) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file already exists'); return $message; } # check file size against limit if provided $spAvatars = sp_get_option('sfavatars'); if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size'); return $message; } # valid avatar, so try moving the uploaded file to the avatar storage directory if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) { @chmod("{$uploadfile}", 0644); # do we need to resize? $sfavatars = sp_get_option('sfavatars'); if ($sfavatars['sfavatarresize']) { $editor = wp_get_image_editor($uploadfile); if (is_wp_error($editor)) { @unlink($uploadfile); $message['type'] = 'error'; $message['text'] = sp_text('Sorry, there was a problem resizing the avatar'); return $message; } else { $editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true); $imageinfo = $editor->save($uploadfile); $filename = $imageinfo['file']; } } # update member avatar data $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['uploaded'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); } else { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location'); return $message; } # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Uploaded avatar updated'); } break; case 'avatar-pool': # pool avatar # get pool avatar name $filename = sp_filter_filename_save($_POST['spPoolAvatar']); # error if no pool avatar provided if (empty($filename)) { $message['type'] = 'error'; $message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it'); return $message; } # save the pool avatar $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['pool'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Pool avatar updated'); } break; case 'avatar-remote': # remote avatar # get remote avatar name $filename = sp_filter_url_save($_POST['spAvatarRemote']); $avatar = sp_get_member_item($thisUser, 'avatar'); $avatar['remote'] = $filename; sp_update_member_item($thisUser, 'avatar', $avatar); # fire action for plugins $message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Remote avatar updated'); } break; case 'edit-signature': # save signature # Check if maxmium links has been exceeded $numLinks = substr_count($_POST['postitem'], '</a>'); $spFilters = sp_get_option('sffilters'); if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('You are not allowed to put links in signatures'); return $message; } if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) { $message['type'] = 'error'; $message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed'); return $message; } // $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem']))); $sig = sp_filter_content_save($_POST['postitem'], 'edit'); sp_update_member_item($thisUser, 'signature', $sig); # fire action for plugins $message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Signature updated'); } break; case 'edit-photos': # save photos $photos = array(); $spProfileOptions = sp_get_option('sfprofile'); for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) { $photos[$x] = sp_filter_url_save($_POST['photo' . $x]); } update_user_meta($thisUser, 'photos', $photos); # fire action for plugins $message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Photos updated'); } break; case 'edit-global-options': # save global options $options = sp_get_member_item($thisUser, 'user_options'); $options['hidestatus'] = isset($_POST['hidestatus']) ? true : false; $update = apply_filters('sph_ProfileUserSyncNameUpdate', true); if ($update) { $options['namesync'] = isset($_POST['namesync']) ? true : false; } sp_update_member_item($thisUser, 'user_options', $options); # fire action for plugins $message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Global options updated'); } break; case 'edit-posting-options': # save posting options $update = apply_filters('sph_ProfileUserEditorUpdate', true); if ($update) { $options = sp_get_member_item($thisUser, 'user_options'); if (isset($_POST['editor'])) { $options['editor'] = sp_esc_int($_POST['editor']); } sp_update_member_item($thisUser, 'user_options', $options); } # fire action for plugins $message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Posting options updated'); } break; case 'edit-display-options': # save display options $options = sp_get_member_item($thisUser, 'user_options'); if (isset($_POST['timezone'])) { if (preg_match('/^UTC[+-]/', $_POST['timezone'])) { # correct for manual UTC offets $userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600; } else { # get timezone offset for user $date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone'])); $userOffset = timezone_offset_get($date_time_zone_selected, date_create()); } # get timezone offset for server based on wp settings $wptz = get_option('timezone_string'); if (empty($wptz)) { $serverOffset = get_option('gmt_offset'); } else { $date_time_zone_selected = new DateTimeZone($wptz); $serverOffset = timezone_offset_get($date_time_zone_selected, date_create()); } # calculate time offset between user and server $options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2); $options['timezone_string'] = sp_esc_str($_POST['timezone']); } else { $options['timezone'] = 0; $options['timezone_string'] = 'UTC'; } if (isset($_POST['unreadposts'])) { $sfcontrols = sp_get_option('sfcontrols'); $options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts']; } $options['topicASC'] = isset($_POST['topicASC']); $options['postDESC'] = isset($_POST['postDESC']); sp_update_member_item($thisUser, 'user_options', $options); # fire action for plugins $message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser); # output profile save status if (empty($message)) { $message['type'] = 'success'; $message['text'] = sp_text('Display options updated'); } break; default: break; } # let plugins do their thing on success $message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm); do_action('sph_UpdateProfile', $thisUser, $thisForm); # reset the plugin_data just in case sp_reset_member_plugindata($thisUser); # done saving - return the messages return $message; }
function sp_MemberListUsergroupSelect($args = '') { global $spMembersList; if (empty($spMembersList->userGroups)) { return; } if (!sp_get_auth('view_members_list')) { return; } global $spMembersList; $defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1); $a = wp_parse_args($args, $defs); $a = apply_filters('sph_MemberListUsergroupSelect_args', $a); extract($a, EXTR_SKIP); # sanitize before use $tagId = esc_attr($tagId); $tagClass = esc_attr($tagClass); $selectClass = esc_attr($selectClass); $echo = (int) $echo; $search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : ''; $search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search; $ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : ''; $ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug; $out = "<div id='{$tagId}' class='{$tagClass}'>"; $out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>"; $out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>"; foreach ($spMembersList->userGroups as $usergroup) { $selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : ''; $out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>'; } if (!empty($ug)) { $out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>"; } $out .= '</select>'; $out .= "</div>\n"; $out = apply_filters('sph_MemberListUsergroupSelect', $out, $a); if ($echo) { echo $out; } else { return $out; } }
function sp_render_forum($content) { global $spIsForum, $spContentLoaded, $spVars, $spGlobals, $spThisUser, $spStatus; # make sure we are at least in the html body before outputting any content if (!sp_get_option('sfwpheadbypass') && !did_action('wp_head')) { return ''; } if ($spIsForum && !post_password_required(get_post(sp_get_option('sfpage')))) { # Limit forum display to within the wp loop? if (sp_get_option('sfinloop') && !in_the_loop()) { return $content; } # Has forum content already been loaded and are we limiting? if (!sp_get_option('sfmultiplecontent') && $spContentLoaded) { return $content; } $spContentLoaded = true; sp_set_server_timezone(); # offer a way for forum display to be short circuited but always show for admins unless an upgrade $message = sp_abort_display_forum(); $content .= $message; if (!empty($message) && (!$spThisUser->admin || $spStatus != 'ok')) { return $content; } # process query arg actions # check for edit operation. Need tp check for '_x' in case using mobile as buttin is an image if (isset($_POST['editpost']) || isset($_POST['editpost_x'])) { sp_save_edited_post(); } if (isset($_POST['edittopic'])) { sp_save_edited_topic(); } if (isset($_POST['ordertopicpins'])) { sp_promote_pinned_topic(); } if (isset($_POST['makepostreassign'])) { sp_reassign_post(); } if (isset($_POST['approvepost'])) { sp_approve_post(false, sp_esc_int($_POST['approvepost']), $spVars['topicid']); } if (isset($_POST['unapprovepost'])) { sp_unapprove_post(sp_esc_int($_POST['unapprovepost'])); } if (isset($_POST['doqueue'])) { sp_remove_waiting_queue(); } if (isset($_POST['notifyuser'])) { sp_post_notification(sp_esc_str($_POST['sp_notify_user']), sp_esc_str($_POST['message']), sp_esc_int($_POST['postid'])); } # move a topic and redirect to that topic if (isset($_POST['maketopicmove'])) { if (empty($_POST['forumid'])) { sp_notify(1, sp_text('Destination forum not selected')); return; } sp_move_topic(); $forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int(sp_esc_int($_POST['forumid'])), 'forum_slug'); $topicslug = spdb_table(SFTOPICS, 'topic_id=' . sp_esc_int(sp_esc_int($_POST['currenttopicid'])), 'topic_slug'); $returnURL = sp_build_url($forumslug, $topicslug, 0); sp_redirect($returnURL); } # move a post and redirect to the post if (isset($_POST['makepostmove1']) || isset($_POST['makepostmove2']) || isset($_POST['makepostmove3'])) { sp_move_post(); if (isset($_POST['makepostmove1'])) { $returnURL = sp_permalink_from_postid(sp_esc_int($_POST['postid'])); sp_redirect($returnURL); } } # cancel a post move if (isset($_POST['cancelpostmove'])) { $meta = sp_get_sfmeta('post_move', 'post_move'); if ($meta) { $id = $meta[0]['meta_id']; sp_delete_sfmeta($id); unset($spGlobals['post_move']); } } # rebuild the forum and post indexes if (isset($_POST['rebuildforum']) || isset($_POST['rebuildtopic'])) { sp_build_post_index(sp_esc_int($_POST['topicid']), true); sp_build_forum_index(sp_esc_int($_POST['forumid']), false); } # Set display mode if topic view (for editing posts) if ($spVars['pageview'] == 'topic' && isset($_POST['postedit'])) { $spVars['displaymode'] = 'edit'; $spVars['postedit'] = $_POST['postedit']; } else { $spVars['displaymode'] = 'posts'; } # clean cache of timed our records sp_clean_cache(); #--Scratch Pad Area---Please Leave Here--------- #--End Scratch Pad Area------------------------- # let other plugins check for posted actions do_action('sph_setup_forum'); # do we use output buffering? $ob = sp_get_option('sfuseob'); if ($ob) { ob_start(); } # set up some stuff before wp page content $content .= sp_display_banner(); $content = apply_filters('sph_before_wp_page_content', $content); # run any other wp filters on page content but exclude ours if (!$ob) { remove_filter('the_content', 'sp_render_forum', 1); $content = apply_filters('the_content', $content); $content = wpautop($content); add_filter('the_content', 'sp_render_forum', 1); } # set up some stuff after wp page content $content = apply_filters('sph_after_wp_page_content', $content); $content .= '<div id="dialogcontainer" style="display:none;"></div>'; $content .= sp_js_check(); # echo any wp page content echo $content; # now add our content do_action('sph_before_template_processing'); sp_process_template(); do_action('sph_after_template_processing'); # Return if using output buffering if ($ob) { $forum = ob_get_contents(); ob_end_clean(); return $forum; } } # not returning any content since we output it already unless password needed if (post_password_required(get_post(sp_get_option('sfpage')))) { return $content; } }
function sp_setup_page_type() { global $spVars, $spGlobals, $spThisUser, $spBootCache, $spStatus; if ($spStatus != 'ok') { return; } if (isset($spGlobals['pagetypedone']) && $spGlobals['pagetypedone'] == true) { return; } $spGlobals['pagetypedone'] = true; # If user has made no posts yet optionaly load the profile form $pageview = ''; $goProfile = false; if ($spThisUser->member && $spThisUser->posts == -1) { sp_update_member_item($spThisUser->ID, 'posts', 0); # reset posts to 0 on first visit # do new users need to visit profile first? $sfprofile = sp_get_option('sfprofile'); $goProfile = $sfprofile['firstvisit']; } # do we need to redirec to profile for pw change or first visit? if ($spThisUser->member && ($goProfile || isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw)) { $spVars['member'] = (int) $spThisUser->ID; $pageview = 'profileedit'; $spVars['forumslug'] = ''; $spVars['topicslug'] = ''; } if ($pageview == '') { if (!empty($spVars['feed'])) { $pageview = 'feed'; } else { if (!empty($spVars['forumslug'])) { $pageview = 'forum'; } else { if (!empty($spVars['profile'])) { if ($spVars['profile'] == 'edit') { $pageview = 'profileedit'; } if ($spVars['profile'] == 'show') { $pageview = 'profileshow'; } } else { if (!empty($spVars['newposts'])) { $pageview = 'newposts'; } else { if (!empty($spVars['members'])) { $pageview = 'members'; } else { $pageview = 'group'; # and if a single group id is passed load ot ointo spVars if (isset($_GET['group'])) { $spVars['singlegroupid'] = sp_esc_int($_GET['group']); } # Check if single forum only is on if (isset($spGlobals['display']['forums']['singleforum']) && $spGlobals['display']['forums']['singleforum']) { $fid = sp_single_forum_user(); if ($fid) { $cforum = spdb_table(SFFORUMS, "forum_id={$fid}", 'row'); $spVars['forumid'] = $fid; $spVars['forumslug'] = $cforum->forum_slug; $spVars['forumname'] = $cforum->forum_name; $spBootCache = ''; $pageview = 'forum'; } } } } } } } if (!empty($spVars['topicslug'])) { $pageview = 'topic'; } if (isset($_GET['search']) && !empty($spVars['searchvalue'])) { $pageview = 'search'; } } # profile via ssl if doing ssl logins if ($pageview == 'profileedit' && force_ssl_admin() && !is_ssl()) { if (sp_profile_tab_active('profile') && sp_profile_menu_active('account-settings')) { if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) { wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI'])); exit; } else { wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit; } } } $spVars['pageview'] = apply_filters('sph_pageview', $pageview); }
/* Simple:Press Ahah call for View Member Profile $LastChangedDate: 2014-08-15 02:46:05 -0700 (Fri, 15 Aug 2014) $ $Rev: 11882 $ */ if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('Access denied - you cannot directly call this file'); } sp_forum_api_support(); include_once SF_PLUGIN_DIR . '/forum/content/sp-common-view-functions.php'; include_once SF_PLUGIN_DIR . '/forum/content/sp-profile-view-functions.php'; # set up some globals for theme template files (spProfilePopup in this case) to use directly global $spGroupView, $spThisGroup, $spForumView, $spThisForum, $spThisForumSubs, $spThisTopic, $spThisPost, $spThisPostUser, $spNewPosts, $spThisUser, $spProfileUser, $spMembersList, $spThisMemberGroup, $spThisMember, $spGlobals, $spVars, $spDevice, $spMobile; $userid = sp_esc_int($_GET['user']); $action = isset($_GET['action']) ? $_GET['action'] : ''; do_action('sph_ProfileStart', $action); if (isset($_GET['menu']) && $_GET['menu'] == 'account-settings') { ?> <script type="text/javascript" src="<?php echo admin_url('js/password-strength-meter.min.js'); ?> "></script> <script type="text/javascript" src="<?php echo admin_url('js/user-profile.min.js'); ?> "></script> <?php } # is it a popup profile?
function spa_save_usergroups_map_settings() { global $wp_roles; check_admin_referer('forum-adminform_mapusers', 'forum-adminform_mapusers'); # save default usergroups sp_add_sfmeta('default usergroup', 'sfguests', sp_esc_int($_POST['sfguestsgroup'])); # default usergroup for guests sp_add_sfmeta('default usergroup', 'sfmembers', sp_esc_int($_POST['sfdefgroup'])); # default usergroup for members # check for changes in wp role usergroup assignments if (isset($_POST['sfrole'])) { $roles = array_keys($wp_roles->role_names); foreach ($_POST['sfrole'] as $index => $role) { if ($_POST['sfoldrole'][$index] != $role) { sp_add_sfmeta('default usergroup', $roles[$index], sp_esc_int($role)); } } } $sfmemberopts = sp_get_option('sfmemberopts'); $sfmemberopts['sfsinglemembership'] = isset($_POST['sfsinglemembership']); sp_update_option('sfmemberopts', $sfmemberopts); $mess = spa_text('User mapping settings saved'); do_action('sph_option_map_settings_save'); return $mess; }
function sp_lock_topic() { sp_lock_topic_toggle(sp_esc_int($_GET['topic'])); die; }
function sp_promote_pinned_topic() { if (empty($_POST['orderpinsforumid'])) { return ''; } $forumid = $_POST['orderpinsforumid']; if (!sp_get_auth('pin_topics', $forumid)) { if (!is_user_logged_in()) { $msg = sp_text('Access denied - are you logged in?'); } else { $msg = sp_text('Access denied - you do not have permission'); } sp_notify(SPFAILURE, $msg); return; } if (!empty($_POST['topicid'])) { for ($x = 0; $x < count($_POST['topicid']); $x++) { if (empty($_POST['porder'][$x]) || $_POST['porder'][$x] == 0) { $o = 1; } else { $o = $_POST['porder'][$x]; } if (spdb_query('UPDATE ' . SFTOPICS . " SET topic_pinned={$o} WHERE topic_id=" . sp_esc_int($_POST['topicid'][$x])) == false) { sp_notify(SPFAILURE, sp_text('Ordering of pinned topic failed')); } else { sp_notify(SPSUCCESS, sp_text('Pinned topics re-ordered')); } } } }
function spa_save_forumranks_data() { check_admin_referer('forum-adminform_forumranks', 'forum-adminform_forumranks'); # save forum ranks for ($x = 0; $x < count($_POST['rankdesc']); $x++) { if (!empty($_POST['rankdesc'][$x])) { $rankdata = array(); $rankdata['posts'] = sp_esc_int($_POST['rankpost'][$x]); $rankdata['usergroup'] = (int) $_POST['rankug'][$x]; $rankdata['badge'] = sp_filter_filename_save($_POST['rankbadge'][$x]); if ($_POST['rankid'][$x] == -1) { sp_add_sfmeta('forum_rank', sp_filter_title_save(trim($_POST['rankdesc'][$x])), $rankdata, 1); } else { sp_update_sfmeta('forum_rank', sp_filter_title_save(trim($_POST['rankdesc'][$x])), $rankdata, sp_esc_int($_POST['rankid'][$x]), 1); } } } do_action('sph_component_ranks_save'); $mess = spa_text('Forum ranks updated'); return $mess; }
function spa_save_members_data() { check_admin_referer('forum-adminform_members', 'forum-adminform_members'); $mess = spa_text('Options updated'); $sfmemberopts = array(); $sfmemberopts['sfcheckformember'] = isset($_POST['sfcheckformember']); $sfmemberopts['sfhidestatus'] = isset($_POST['sfhidestatus']); sp_update_option('sfmemberopts', $sfmemberopts); $sfguests = array(); $sfguests['reqemail'] = isset($_POST['reqemail']); $sfguests['storecookie'] = isset($_POST['storecookie']); sp_update_option('sfguests', $sfguests); $sfuser = array(); $sfuser['sfuserinactive'] = isset($_POST['sfuserinactive']); $sfuser['sfusernoposts'] = isset($_POST['sfusernoposts']); if (isset($_POST['sfuserperiod']) && $_POST['sfuserperiod'] > 0) { $sfuser['sfuserperiod'] = intval($_POST['sfuserperiod']); } else { $sfuser['sfuserperiod'] = 365; # if not filled in make it one year } sp_update_option('account-name', sp_filter_name_save(trim($_POST['account-name']))); sp_update_option('display-name', sp_filter_name_save(trim($_POST['display-name']))); sp_update_option('guest-name', sp_filter_name_save(trim($_POST['guest-name']))); # auto removal cron job wp_clear_scheduled_hook('sph_cron_user'); if (isset($_POST['sfuserremove'])) { $sfuser['sfuserremove'] = true; wp_schedule_event(time(), 'daily', 'sph_cron_user'); } else { $sfuser['sfuserremove'] = false; } sp_update_option('sfuserremoval', $sfuser); sp_update_option('post_count_delete', isset($_POST['post_count_delete'])); $sfprofile = sp_get_option('sfprofile'); $sfprofile['namelink'] = sp_esc_int($_POST['namelink']); sp_update_option('sfprofile', $sfprofile); do_action('sph_option_members_save'); return $mess; }
function spa_users_members_form() { spa_paint_options_init(); spa_paint_open_tab(spa_text('Users') . ' - ' . spa_text('Member Information'), true); spa_paint_open_panel(); spa_paint_open_fieldset(spa_text('Member Information'), 'true', 'users-info'); if (isset($_POST['usersearch'])) { $term = sp_filter_title_save(trim($_POST['usersearch'])); } else { $term = ''; } if (isset($_GET['userspage'])) { $page = sp_esc_int($_GET['userspage']); } else { $page = ''; } $user_search = new SP_User_Search($term, $page); ?> <form id="posts-filter" name="searchfilter" action="<?php echo SFADMINUSER . '&form=member-info'; ?> " method="post"> <div class="tablenav"> <?php if ($user_search->results_are_paged()) { ?> <div class="tablenav-pages"> <?php $args = array(); if (!empty($user_search->search_term)) { $args['usersearch'] = urlencode($user_search->search_term); } $user_search->paging_text = paginate_links(array('total' => ceil($user_search->total_users_for_query / $user_search->users_per_page), 'current' => $user_search->page, 'base' => 'admin.php?page=simple-press/admin/panel-users/spa-users.php&form=member-info&%_%', 'format' => 'userspage=%#%', 'add_args' => $args)); echo $user_search->page_links(); ?> </div> <?php } ?> <div> <label class="hidden" for="post-search-input"><?php spa_etext('Search Members'); ?> :</label> <input type="text" class="sfacontrol" id="post-search-input" name="usersearch" value="<?php echo esc_attr($user_search->search_term); ?> " /> <input type="button" class="button-primary" onclick="javascript:document.searchfilter.submit();" id="sfusersearch" name="sfusersearch" value="<?php spa_etext('Search Members'); ?> " /> </div> <br class="clear" /> </div> <br class="clear" /> </form> <?php if ($user_search->get_results()) { ?> <?php if ($user_search->is_search()) { ?> <p><a href="<?php echo SFADMINUSER; ?> "><?php echo sprintf(spa_text('%s Back to All Members'), '«'); ?> </a></p> <?php } ?> <table id="memTable" class="widefat fixed spMobileTable1280"> <thead> <tr> <th style="text-align:center;width:4%"><?php spa_etext('ID'); ?> </th> <th style="text-align:center;"><?php spa_etext('Login Name'); ?> </th> <th style="text-align:center;"><?php spa_etext('Display Name'); ?> </th> <th style="text-align:center;width:15%"><?php spa_etext('First Post'); ?> </th> <th style="text-align:center;width:15%"><?php spa_etext('Last Post'); ?> </th> <th style="text-align:center;width:3.5%"><?php spa_etext('Posts'); ?> </th> <th style="text-align:center;"><?php spa_etext('Last Visit'); ?> </th> <th style="text-align:center;"><?php spa_etext('Memberships'); ?> </th> <th style="text-align:center;width:auto;"><?php spa_etext('Rank'); ?> </th> <th style="text-align:center;"><?php spa_etext('Actions'); ?> </th> </tr> </thead> <tbody id="users" class="list:user user-list"> <?php $style = ''; $class = 'class="spMobileTableData"'; # grab user post/page counts $users = $user_search->get_results(); # output users foreach ($users as $userid) { $data = spa_get_members_info($userid); if ($data) { ?> <tr id="user-delete-<?php echo $userid; ?> " <?php echo $class; ?> > <td data-label='<?php spa_etext('ID'); ?> '><?php echo $userid; ?> </td> <td data-label='<?php spa_etext('Login Name'); ?> '><?php echo $data['login']; ?> </td> <?php $displayname = !empty($data['display_name']) ? $data['display_name'] : ''; ?> <td data-label='<?php spa_etext('Display Name'); ?> '><strong><?php echo sp_filter_name_display($displayname); ?> </strong></td> <td data-label='<?php spa_etext('First Post'); ?> '><?php echo $data['first']; ?> </td> <td data-label='<?php spa_etext('Last Post'); ?> '><?php echo $data['last']; ?> </td> <td data-label='<?php spa_etext('Posts'); ?> '> <?php if ($data['posts'] == -1) { echo '<img style="vertical-align:top" src="' . SFADMINIMAGES . 'sp_UserNoPosts.png" title="' . spa_text('User has not yet visited forum') . '" alt="" />'; } else { echo $data['posts']; } ?> </td> <td data-label='<?php spa_etext('Last Visit'); ?> '><?php echo sp_date('d', $data['lastvisit']); ?> </td> <td data-label='<?php spa_etext('Memberships'); ?> '><?php echo $data['memberships']; ?> </td> <td data-label='<?php spa_etext('Rank'); ?> '><?php echo $data['rank']; ?> </td> <td style="text-align:center"> <?php $site = SFHOMEURL . 'index.php?sp_ahah=profile&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=popup&user={$userid}"; $title = spa_text('Member Profile'); $position = 'center'; echo '<a id="memberprofile' . $userid . '" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . $title . '\', 750, 0, \'' . $position . '\');"><img src="' . SFADMINIMAGES . 'sp_UserProfile.png" title="' . spa_text('View Member Profile') . '" alt="" /></a>'; # check to see if user can delete users before giving option to delete if (current_user_can('delete_user', $userid)) { $nonce = wp_create_nonce('bulk-users'); $url = admin_url('users.php?action=delete&user='******'&_wpnonce=' . $nonce . '&wp_http_referer=admin.php?page=simple-press/admin/panel-users/spa-users.php'); echo '<a href="' . $url . '"><img src="' . SFCOMMONIMAGES . 'delete.png" title="' . spa_text('Delete User') . '" alt="" />'; } ?> </td> </tr> <?php } $class = strpos($class, 'alternate') === false ? 'class="spMobileTableData alternate"' : 'class="spMobileTableData"'; } ?> </tbody> </table> <div class="tablenav"> <?php if ($user_search->results_are_paged()) { ?> <div class="tablenav-pages"><?php $user_search->page_links(); ?> </div> <?php } ?> <br class="clear" /> </div> <?php } spa_paint_close_fieldset(); spa_paint_close_panel(); do_action('sph_users_members_panel'); spa_paint_close_container(); spa_paint_close_tab(); }
$p->newpost['postername'] = $spThisUser->display_name; $p->newpost['posteremail'] = $spThisUser->user_email; $p->newpost['userid'] = $spThisUser->ID; } $p->newpost['postcontent'] = $_POST['postitem']; $p->newpost['posterip'] = sp_get_ip(); if (isset($_POST['topiclock'])) { $p->newpost['topicstatus'] = 1; } if (!empty($_POST['editTimestamp'])) { $yy = sp_esc_int($_POST['tsYear']); $mm = sp_esc_int($_POST['tsMonth']); $dd = sp_esc_int($_POST['tsDay']); $hh = sp_esc_int($_POST['tsHour']); $mn = sp_esc_int($_POST['tsMinute']); $ss = sp_esc_int($_POST['tsSecond']); $dd = $dd > 31 ? 31 : $dd; $hh = $hh > 23 ? $hh - 24 : $hh; $mn = $mn > 59 ? $mn - 60 : $mn; $ss = $ss > 59 ? $ss - 60 : $ss; $p->newpost['postdate'] = sprintf('%04d-%02d-%02d %02d:%02d:%02d', $yy, $mm, $dd, $hh, $mn, $ss); } # Permission checks on forum data -------------------------------------------------- $p->validateData(); if ($p->abort) { sp_return_to_post($p->returnURL, $p->message); die; } # let any plugins perform their stuff ---------------------------------------------- do_action('sph_editor_pre_post_create', $p->newpost); $p->newpost = apply_filters('sph_editor_new_forum_post', $p->newpost);