/** * Grab the RSS document content and return it * * @return string RSS document */ public function returnRSSDocument() { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval(ipsRegistry::$request['member_id']); $secure_key = IPSText::md5Clean(ipsRegistry::$request['rss_key']); $rss_data = array(); $to_print = ''; if ($secure_key and $member_id) { if ($member_id == ipsRegistry::member()->getProperty('member_id')) { //----------------------------------------- // Get RSS export //----------------------------------------- $rss_data = ipsRegistry::DB()->buildAndFetch(array('select' => 'rss_cache', 'from' => 'rc_modpref', 'where' => "mem_id=" . $member_id . " AND rss_key='" . $secure_key . "'")); //----------------------------------------- // Got one? //----------------------------------------- if ($rss_data['rss_cache']) { return $rss_data['rss_cache']; } } //----------------------------------------- // Create a dummy one //----------------------------------------- ipsRegistry::getClass('class_localization')->loadLanguageFile(array('public_reports'), 'core'); $classToLoad = IPSLib::loadLibrary(IPS_KERNEL_PATH . 'classRss.php', 'classRss'); $rss = new $classToLoad(); $channel_id = $rss->createNewChannel(array('title' => ipsRegistry::getClass('class_localization')->words['rss_feed_title'], 'link' => ipsRegistry::$settings['board_url'], 'description' => ipsRegistry::getClass('class_localization')->words['reports_rss_desc'], 'pubDate' => $rss->formatDate(time()))); $rss->createRssDocument(); return $rss->rss_document; } }
/** * Class entry point * * @param object Registry reference * @return @e void [Outputs to screen] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval(ipsRegistry::$request['member_id']); $md5check = IPSText::md5Clean($this->request['md5check']); $CONFIG = array(); $tab = explode(':', ipsRegistry::$request['tab']); $app = substr(IPSText::alphanumericalClean(str_replace('..', '', trim($tab[0]))), 0, 20); $tab = substr(IPSText::alphanumericalClean(str_replace('..', '', trim($tab[1]))), 0, 20); $this->registry->class_localization->loadLanguageFile(array('public_profile'), 'members'); //----------------------------------------- // MD5 check //----------------------------------------- if ($md5check != $this->member->form_hash) { $this->returnString('error'); } //----------------------------------------- // Load member //----------------------------------------- $member = IPSMember::load($member_id); //----------------------------------------- // Check //----------------------------------------- if (!$member['member_id']) { $this->returnString('error'); } //----------------------------------------- // Load config //----------------------------------------- if (!is_file(IPSLib::getAppDir($app) . '/extensions/profileTabs/' . $tab . '.conf.php')) { $this->returnString('error'); } require IPSLib::getAppDir($app) . '/extensions/profileTabs/' . $tab . '.conf.php'; /*noLibHook*/ //----------------------------------------- // Active? //----------------------------------------- if (!$CONFIG['plugin_enabled']) { $this->returnString('error'); } //----------------------------------------- // Load main class... //----------------------------------------- if (!is_file(IPSLib::getAppDir($app) . '/extensions/profileTabs/' . $tab . '.php')) { $this->returnString('error'); } require IPSLib::getAppDir('members') . '/sources/tabs/pluginParentClass.php'; /*noLibHook*/ $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir($app) . '/extensions/profileTabs/' . $tab . '.php', 'profile_' . $tab, $app); $plugin = new $classToLoad($this->registry); $html = $plugin->return_html_block($member); //----------------------------------------- // Return it... //----------------------------------------- $this->returnHtml($html); }
/** * Get tags as pop-up window * * @return @e void */ protected function _getTagsAsPopUp() { /* init */ $tag_aai_lookup = IPSText::md5Clean($this->request['key']); /* Init tags */ require_once IPS_ROOT_PATH . 'sources/classes/tags/bootstrap.php'; /*noLibHook*/ $tagClass = classes_tags_bootstrap::run($tag_aai_lookup); $formatted = $tagClass->getTagsByCacheKey($tag_aai_lookup); return $this->returnHtml($this->registry->output->getTemplate('global_other')->tagsAsPopUp($formatted)); }
/** * Updates a session * * @access public * @param string Session id * @param int Member ID * @param array Array of information to update * @return void Updates session_data array and member data array */ public function updateSession($sessionID, $memberID, $data) { //----------------------------------------- // INIT //----------------------------------------- $memberID = intval($memberID); $sessionID = IPSText::md5Clean($sessionID); $_data = array(); $_ignore = array('id', 'member_id', 'ip_address', 'browser'); $remap = array('uagent_bypass' => 'userAgentBypass', 'item_markers' => 'itemMarkers'); //----------------------------------------- // Remove what we can't update... //----------------------------------------- foreach ($data as $key => $value) { if (in_array($key, $_ignore)) { continue; } $_data[$key] = $value; /* Update our own session? */ if ($memberID == $this->_memberData['member_id']) { $this->session_data[$key] = $value; if (in_array($key, array_keys($remap))) { $this->_memberData[$remap[$key]] = $value; } else { $this->_memberData[$key] = $value; } } } /* Now, do we have a session already saved ready for.. er..saving? */ if (isset($this->_sessionsToSave[$sessionID]) and $this->_sessionsToSave[$sessionID]['member_id'] == $memberID) { /* Just update the keys, then...*/ foreach ($_data as $k => $v) { $this->_sessionsToSave[$sessionID][$k] = $v; } } else { /* Add to the list.. */ $this->_sessionsToSave[$sessionID] = $_data; } IPSDebug::addLogMessage("Session updated - " . $sessionID . " - " . serialize($this->_sessionsToSave), 'sessions-' . $this->_memberData['member_id']); }
/** * Starts session * Loads / creates a session based on activity * * @return */ protected function _startSession() { if (!is_array($this->request['sid'])) { $session_id = IPSText::md5Clean($this->request['sid']); } else { $session_id = ''; } $requestType = $this->request['request_method'] == 'post' ? 'post' : 'get'; if ($session_id) { /* We check on member id 'cos we can. Obviously guests will have a member ID of zero, but meh */ $this->_session = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'search_sessions', 'where' => 'session_id=\'' . $session_id . '\' AND session_member_id=' . $this->memberData['member_id'])); } /* Deflate */ if ($this->_session['session_id']) { if ($this->_session['session_data']) { $this->_session['_session_data'] = unserialize($this->_session['session_data']); if (isset($this->_session['_session_data']['search_app_filters'])) { $this->request['search_app_filters'] = is_array($this->request['search_app_filters']) ? array_merge($this->_session['_session_data']['search_app_filters'], $this->request['search_app_filters']) : $this->_session['_session_data']['search_app_filters']; } } IPSDebug::addMessage("Loaded search session: <pre>" . var_export($this->_session['_session_data'], true) . "</pre>"); } else { /* Create a session */ $this->_session = array('session_id' => md5(uniqid(microtime(), true)), 'session_created' => time(), 'session_updated' => time(), 'session_member_id' => $this->memberData['member_id'], 'session_data' => serialize(array('search_app_filters' => $this->request['search_app_filters']))); $this->DB->insert('search_sessions', $this->_session); $this->_session['_session_data']['search_app_filters'] = $this->request['search_app_filters']; IPSDebug::addMessage("Created search session: <pre>" . var_export($this->_session['_session_data'], true) . "</pre>"); } /* Do we have POST infos? */ if (isset($_POST['search_app_filters'])) { $this->_session['_session_data']['search_app_filters'] = is_array($this->_session['_session_data']['search_app_filters']) ? IPSLib::arrayMergeRecursive($this->_session['_session_data']['search_app_filters'], $_POST['search_app_filters']) : $_POST['search_app_filters']; $this->request['search_app_filters'] = $this->_session['_session_data']['search_app_filters']; IPSDebug::addMessage("Updated filters: <pre>" . var_export($_POST['search_app_filters'], true) . "</pre>"); } /* Globalize the session ID */ $this->request['_sid'] = $this->_session['session_id']; }
/** * Moderate pending friends * * @access private * @return void [Prints to screen] * @since IPB 2.2.0.2006-08-09 */ private function _moderation() { //----------------------------------------- // INIT //----------------------------------------- $md5check = IPSText::md5Clean($this->request['md5check']); $friends = array(); $friend_ids = array(); $friend_member_ids = array(); $_friend_ids = array(); $friends_already = array(); $friends_update = array(); $member = array(); $pp_option = $this->request['pp_option'] == 'delete' ? 'delete' : 'add_reciprocal'; //trim( $this->request['pp_option'] ); $message = ''; $subject = ''; $msg = 'pp_friend_approved'; //----------------------------------------- // MD5 check //----------------------------------------- if ($md5check != $this->member->form_hash) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); exit; } //----------------------------------------- // Get friends... //----------------------------------------- if (!is_array($this->request['pp_friend_id']) or !count($this->request['pp_friend_id'])) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); exit; } //----------------------------------------- // Figure IDs //----------------------------------------- foreach ($this->request['pp_friend_id'] as $key => $value) { $_key = intval($key); if ($_key) { $_friend_ids[$_key] = $_key; } } if (!is_array($_friend_ids) or !count($_friend_ids)) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); exit; } //----------------------------------------- // Check our friends are OK //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'profile_friends', 'where' => 'friends_friend_id=' . $this->memberData['member_id'] . ' AND friends_approved=0 AND friends_member_id IN (' . implode(',', $_friend_ids) . ')')); $this->DB->execute(); while ($row = $this->DB->fetch()) { $friend_ids[$row['friends_id']] = $row['friends_id']; $friend_member_ids[$row['friends_member_id']] = $row['friends_member_id']; } if (!is_array($friend_ids) or !count($friend_ids)) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); exit; } //----------------------------------------- // Load friends... //----------------------------------------- $friends = IPSMember::load($friend_member_ids); //----------------------------------------- // Get member... //----------------------------------------- $member = IPSMember::load($this->memberData['member_id']); //----------------------------------------- // Check... //----------------------------------------- if (!is_array($friends) or !count($friends) or !$member['member_id']) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); exit; } //----------------------------------------- // What to do? //----------------------------------------- if ($pp_option == 'delete') { //----------------------------------------- // Ok.. delete them in the DB. //----------------------------------------- $this->DB->delete('profile_friends', 'friends_id IN(' . implode(',', $friend_ids) . ')'); //----------------------------------------- // And make sure you are no longer their friend //----------------------------------------- foreach ($friend_member_ids as $friend_id) { $this->friend_lib->removeFriend($this->memberData['member_id'], $friend_id); } $msg = 'pp_friend_removed'; } else { //----------------------------------------- // Ok.. approve them in the DB. //----------------------------------------- $this->DB->update('profile_friends', array('friends_approved' => 1), 'friends_id IN(' . implode(',', $friend_ids) . ')'); //----------------------------------------- // And make sure they're added in reverse //----------------------------------------- foreach ($friend_member_ids as $friend_id) { $this->friend_lib->addFriend($this->memberData['member_id'], $friend_id, true); } //----------------------------------------- // Reciprocal mode? //----------------------------------------- if ($pp_option == 'add_reciprocal') { //----------------------------------------- // Find out who isn't already on your list... //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'profile_friends', 'where' => 'friends_member_id=' . $this->memberData['member_id'] . ' AND friends_approved=1 AND friends_friend_id IN (' . implode(',', $_friend_ids) . ')')); $this->DB->execute(); while ($row = $this->DB->fetch()) { $friends_already[$row['friends_friend_id']] = $row['friends_friend_id']; } //----------------------------------------- // Check which aren't already members... //----------------------------------------- foreach ($friend_member_ids as $id => $_id) { if (in_array($id, $friends_already)) { continue; } $friends_update[$id] = $id; } //----------------------------------------- // Gonna do it? //----------------------------------------- if (is_array($friends_update) and count($friends_update)) { foreach ($friends_update as $id => $_id) { $this->DB->insert('profile_friends', array('friends_member_id' => $member['member_id'], 'friends_friend_id' => $id, 'friends_approved' => 1, 'friends_added' => time())); } } } //----------------------------------------- // Send out message... //----------------------------------------- foreach ($friends as $friend) { //----------------------------------------- // INIT //----------------------------------------- $message = ''; $subject = ''; if ($friend['pp_setting_notify_friend']) { IPSText::getTextClass('email')->getTemplate("new_friend_approved"); IPSText::getTextClass('email')->buildMessage(array('MEMBERS_DISPLAY_NAME' => $friend['members_display_name'], 'FRIEND_NAME' => $member['members_display_name'], 'LINK' => $this->settings['board_url'] . '/index.' . $this->settings['php_ext'] . '?app=members&module=profile&section=friends&do=list')); $message = IPSText::getTextClass('email')->message; $subject = IPSText::getTextClass('email')->subject; $return_msg = ''; } //----------------------------------------- // Got anything to send? //----------------------------------------- if ($message and $subject) { //----------------------------------------- // Email? //----------------------------------------- if ($friend['pp_setting_notify_friend'] == 'email' or $friend['members_disable_pm']) { IPSText::getTextClass('email')->subject = $subject; IPSText::getTextClass('email')->message = $message; IPSText::getTextClass('email')->to = $friend['email']; IPSText::getTextClass('email')->sendMail(); } else { require_once IPSLib::getAppDir('members') . '/sources/classes/messaging/messengerFunctions.php'; $this->messengerFunctions = new messengerFunctions($this->registry); try { $this->messengerFunctions->sendNewPersonalTopic($friend['member_id'], $member['member_id'], array(), $subject, IPSText::getTextClass('editor')->method == 'rte' ? nl2br($message) : $message, array('origMsgID' => 0, 'fromMsgID' => 0, 'postKey' => md5(microtime()), 'trackMsg' => 0, 'addToSentFolder' => 0, 'hideCCUser' => 0, 'forcePm' => 1, 'isSystem' => 1)); } catch (Exception $error) { $msg = $error->getMessage(); $toMember = IPSMember::load($toMemberID, 'core', 'displayname'); if (strstr($msg, 'BBCODE_')) { $msg = str_replace('BBCODE_', '', $msg); $this->registry->output->showError($msg, 10238); } else { if (isset($this->lang->words['err_' . $msg])) { $this->lang->words['err_' . $msg] = $this->lang->words['err_' . $msg]; $this->lang->words['err_' . $msg] = str_replace('#NAMES#', implode(",", $this->messengerFunctions->exceptionData), $this->lang->words['err_' . $msg]); $this->lang->words['err_' . $msg] = str_replace('#TONAME#', $toMember['members_display_name'], $this->lang->words['err_' . $msg]); $this->lang->words['err_' . $msg] = str_replace('#FROMNAME#', $this->memberData['members_display_name'], $this->lang->words['err_' . $msg]); $this->registry->output->showError('err_' . $msg, 10239); } else { $_msgString = $this->lang->words['err_UNKNOWN'] . ' ' . $msg; $this->registry->output->showError('err_UNKNOWN', 10240); } } } } } } $this->friend_lib->recacheFriends($friend); } //----------------------------------------- // Recache.. //----------------------------------------- $this->friend_lib->recacheFriends($member); //----------------------------------------- // Return //----------------------------------------- $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=' . $msg . '&tab=pending'); }
/** * Setting titles wrapper * * @access public * @param string Title * @param array Setting groups * @param string Application tab to start on * @return string HTML */ public function settings_titles_wrapper($title, $settings, $start_app = '') { $IPBHTML = ""; //--starthtml--// $_default_tab = isset($this->request['_dtab']) && $this->request['_dtab'] ? $this->request['_dtab'] : 'System'; $IPBHTML .= <<<EOF <div class='section_title'> \t<h2>{$this->lang->words['tol_settings']}</h2> \t<ul class='context_menu'> \t\t<li> \t\t\t<a href='{$this->settings['base_url']}module=tools&section=settings&do=settinggroup_new' style='text-decoration:none'><img src='{$this->settings['skin_acp_url']}/_newimages/icons/table_add.png' alt='' /> {$this->lang->words['tol_add_new_setting_group']}</a> \t\t</li> \t</ul> </div> <br /> <ul id='tabstrip_settings' class='tab_bar no_title'> EOF; foreach ($settings as $tab => $group) { if (ipsRegistry::$request['app'] and $tab == ipsRegistry::$request['app']) { $_default_tab = $tab; } $_tab = IPSText::md5Clean($tab); $IPBHTML .= <<<EOF \t<li id='tabtab-{$_tab}'>{$tab}</li> \t EOF; } $IPBHTML .= <<<EOF </ul> <script type="text/javascript"> //<![CDATA[ document.observe("dom:loaded",function() { ipbAcpTabStrips.register('tabstrip_settings'); ipbAcpTabStrips.doToggle(\$('tabtab-{$_default_tab}')); }); //]]> </script> <div class='acp-box'> EOF; foreach ($settings as $tab => $app_data) { $_tab = IPSText::md5Clean($tab); $IPBHTML .= <<<EOF \t<div id='tabpane-{$_tab}'> \t\t<table width='100%' class='alternate_rows double_pad' cellpadding='0' cellspacing='0' border='0'> \t\t EOF; foreach ($app_data as $r) { if (IN_DEV) { $export_settings_group = "<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=MOD_export_setting&conf_group={$r['conf_title_id']}' title='{$this->lang->words['export_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/export_settings_group.png' alt='Icon' /> {$this->lang->words['export_group']}</a>\n\t\t\t\t</li>"; } $img = file_exists(IPSLib::getAppDir($r['conf_title_app']) . '/skin_cp/appIcon.png') ? $this->settings['base_acp_url'] . '/' . IPSLib::getAppFolder($r['conf_title_app']) . '/' . $r['conf_title_app'] . '/skin_cp/appIcon.png' : "{$this->settings['skin_acp_url']}/_newimages/applications/{$r['conf_title_app']}.png"; $IPBHTML .= <<<EOF \t\t<tr> \t\t \t<td width='3%' style='text-align: center'><img src='{$img}' alt='{$this->lang->words['tol_folder']}' /></td> \t\t \t<td width='90%'> \t\t\t\t<a href='{$this->settings['base_url']}&{$this->form_code}&do=setting_view&conf_group={$r['conf_title_id']}'><b>{$r['conf_title_title']}</b></a> \t\t\t\t<span style='color:gray'>({$r['conf_title_count']} settings)</span><br /> \t\t\t\t<span class='desctext'>{$r['conf_title_desc']}</span> \t\t\t</td> \t\t\t<td style='width: 3%'> \t\t\t\t<img class='ipbmenu' id="menu{$r['conf_title_id']}" src='{$this->settings['skin_acp_url']}/_newimages/menu_open.png' alt='{$this->lang->words['frm_options']}' /> \t\t\t\t<ul class='acp-menu' id='menu{$r['conf_title_id']}_menucontent'> \t\t\t\t\t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=setting_view&conf_group={$r['conf_title_id']}' title='{$this->lang->words['tol_manage_settings']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/manage_settings.png' alt='Icon' /> {$this->lang->words['tol_manage_settings']}</a></li> \t\t\t\t\t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_showedit&id={$r['conf_title_id']}' title='{$this->lang->words['tol_edit_settings_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/edit_settings_group.png' alt='Icon' /> {$this->lang->words['tol_edit_settings_group']}</a></li> \t\t\t\t\t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_delete&id={$r['conf_title_id']}' title='{$this->lang->words['tol_delete_settings_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/delete_settings_group.png' alt='Icon' /> {$this->lang->words['tol_delete_settings_group']}</a></li> \t\t\t\t\t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_resync&id={$r['conf_title_id']}' title='{$this->lang->words['tol_recount_settings_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/rebuild_settings_group.png' alt='Icon' /> {$this->lang->words['tol_recount_settings_group']}</a></li> \t\t\t\t\t{$export_settings_group} \t\t\t\t</ul> \t\t\t</td> \t\t</tr> EOF; } $IPBHTML .= <<<EOF \t\t</table> \t</div> \t EOF; } $IPBHTML .= <<<EOF </div> <br /> <form action='{$this->settings['base_url']}&{$this->form_code}&do=settings_do_import' enctype='multipart/form-data' method='post'> \t<div class='acp-box'> \t\t<h3>{$this->lang->words['tol_import_xml_settings']}</h3> \t\t<ul class='acp-form alternate_rows'> \t\t\t<li> \t\t\t\t<label>{$this->lang->words['tol_upload_xml_settings_file_from_']}<span class='desctext'>{$this->lang->words['tol_duplicate_entries_will_not_be_']}</span></label> \t\t\t\t<input class='textinput' type='file' size='30' name='FILE_UPLOAD' /> \t\t\t</li> \t\t\t<li> \t\t\t\t<label>{$this->lang->words['tol_or_enter_the_filename_of_the_x']}<span class='desctext'>{$this->lang->words['tol_the_file_must_be_uploaded_into']}</span></label> \t\t\t\t<td class='tablerow2'><input class='textinput' type='text' size='30' name='file_location' /></td> \t\t\t</li> \t\t</ul> \t\t<div class='acp-actionbar'> \t\t\t<div class='centeraction'> \t\t\t\t<input type='submit' class='button primary' value='{$this->lang->words['t_import']}' /> \t\t\t</div> \t\t</div> \t</div> </form> EOF; //startif if (IN_DEV != 0) { $IPBHTML .= <<<EOF <br /> <div align='center'> <ul> \t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settingsImportApps'>Import all APP XML Settings</a></li> \t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settingsExportApps'>Export all APP XML Settings</a></li> </ul> EOF; } //endif $IPBHTML .= <<<EOF EOF; //--endhtml--// return $IPBHTML; }
/** * handshake_server::handshake_remove() * * Unconverges an application * * @access public * @param integer $reg_id Converge reg ID * @param string $reg_code Converge API Code (MUST BE PRESENT IN ALL RETURNED API REQUESTS). * @return mixed xml / boolean false **/ public function handshakeRemove($reg_product_id = '', $reg_code = '') { //----------------------------------------- // INIT //----------------------------------------- $reg_product_id = intval($reg_product_id); $reg_code = IPSText::md5Clean($reg_code); //----------------------------------------- // Grab data from the DB //----------------------------------------- $converge = $this->registry->DB()->buildAndFetch(array('select' => '*', 'from' => 'converge_local', 'where' => "converge_api_code='" . $reg_code . "' AND converge_product_id=" . $reg_product_id)); //----------------------------------------- // Check //----------------------------------------- if ($converge['converge_active']) { //----------------------------------------- // Remove app stuff //----------------------------------------- $this->registry->DB()->delete('converge_local', 'converge_product_id=' . intval($reg_product_id)); //----------------------------------------- // Switch over log in methods //----------------------------------------- $this->registry->DB()->update("login_methods", array("login_enabled" => 0), "login_folder_name='ipconverge'"); $cache = array(); $this->registry->DB()->build(array('select' => '*', 'from' => 'login_methods', 'where' => 'login_enabled=1')); $this->registry->DB()->execute(); while ($r = $this->registry->DB()->fetch()) { $cache[$r['login_id']] = $r; } ipsRegistry::cache()->setCache('login_methods', $cache, array('array' => 1, 'deletefirst' => 1)); $this->classApiServer->apiSendReply(array('handshake_removed' => 1)); } else { $this->classApiServer->apiSendReply(array('handshake_removed' => 0)); } }
if (!ipsRegistry::$settings['xmlrpc_enable']) { @header("Content-type: text/xml"); print "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n\t\t\t<methodResponse>\n\t\t\t <fault>\n\t\t\t <value>\n\t\t\t <struct>\n\t\t\t <member>\n\t\t\t <name>faultCode</name>\n\t\t\t <value>\n\t\t\t <int>1</int>\n\t\t\t </value>\n\t\t\t </member>\n\t\t\t <member>\n\t\t\t <name>faultString</name>\n\t\t\t <value>\n\t\t\t <string>IP.Board's XML-RPC API system is not enabled. Log into your IP.Board ACP and visit: System -> System Settings -> Advanced -> XML-RPC API and update "Enable XML-RPC API System"</string>\n\t\t\t </value>\n\t\t\t </member>\n\t\t\t </struct>\n\t\t\t </value>\n\t\t\t </fault>\n\t\t\t </methodResponse>"; exit; } //=========================================================================== // Define Service //=========================================================================== require_once IPS_KERNEL_PATH . 'classApiServer.php'; //=========================================================================== // Create the XML-RPC Server //=========================================================================== $server = new classApiServer(); $api = $server->decodeRequest(); $module = $server->params['api_module']; $user = IPSText::md5Clean($server->params['api_key']); //----------------------------------------- // Check for module //----------------------------------------- if ($module and file_exists(DOC_IPS_ROOT_PATH . 'interface/board/modules/' . $module . '/api.php')) { require_once DOC_IPS_ROOT_PATH . 'interface/board/modules/' . $module . '/api.php'; $webservice = new API_Server($registry); $webservice->classApiServer =& $server; } else { $server->apiSendError('2', "IP.Board could not locate an API module called '{$module}'"); $registry->DB()->insert('api_log', array('api_log_key' => $user, 'api_log_ip' => $_SERVER['REMOTE_ADDR'], 'api_log_date' => time(), 'api_log_query' => $server->raw_request, 'api_log_allowed' => 0)); exit; } //----------------------------------------- // Check user... //-----------------------------------------
/** * Shows the form for validating a lost password request * * @param string $msg * @return @e void */ public function lostPasswordValidateForm($msg = '') { $this->output .= $this->registry->getClass('output')->getTemplate('register')->showLostpassForm($this->lang->words[$msg]); /* Check for input and it's in a valid format. */ if ($this->request['uid'] and $this->request['aid']) { $in_user_id = intval(trim(urldecode($this->request['uid']))); $in_validate_key = IPSText::md5Clean(trim(urldecode($this->request['aid']))); $in_type = trim($this->request['type']); if ($in_type == "") { $in_type = 'reg'; } /* Check and test input */ if (!$in_validate_key) { $this->registry->output->showError('validation_key_incorrect', 10113); } if (!preg_match('/^(?:\\d){1,}$/', $in_user_id)) { $this->registry->output->showError('uid_key_incorrect', 10114); } /* Attempt to get the profile of the requesting user */ $member = IPSMember::load($in_user_id); if (!$member['member_id']) { $this->registry->output->showError('lostpass_no_member', 10115); } /* Get validating info.. */ $validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => "member_id={$in_user_id} and vid='{$in_validate_key}' and lost_pass=1")); if (!$validate['member_id']) { $this->registry->output->showError('validation_key_incorrect', 10116); } $this->output = str_replace("<!--IBF.INPUT_TYPE-->", $this->registry->output->getTemplate('register')->show_lostpass_form_auto($in_validate_key, $in_user_id), $this->output); } else { $this->output = str_replace("<!--IBF.INPUT_TYPE-->", $this->registry->output->getTemplate('register')->show_lostpass_form_manual(), $this->output); } $this->registry->output->setTitle($this->lang->words['activation_form'] . ' - ' . ipsRegistry::$settings['board_name']); $this->registry->output->addNavigation($this->lang->words['activation_form'], ''); }
/** * View all settings (form) in a group * This is public so that portal can access it * * @access public * @return void */ public function _viewSettings() { //----------------------------------------- // INIT //----------------------------------------- $search_key = trim($this->request['search']); $conf_group = trim($this->request['conf_group']); $conf_titles = array(); $in_group = array(); $last_conf_id = -1; $start = intval($this->request['st']); $end = 150; $get_by_key = isset($this->request['conf_title_keyword']) ? $this->request['conf_title_keyword'] : ''; //----------------------------------------- // Get settings in group //----------------------------------------- $this->_settingsGetGroups($get_by_key ? TRUE : FALSE); //----------------------------------------- // Grabbing by key? //----------------------------------------- if ($get_by_key) { $data = $this->DB->buildAndFetch(array('select' => 'conf_title_id, conf_title_keyword, conf_title_title', 'from' => 'core_sys_settings_titles', 'where' => "conf_title_keyword='{$get_by_key}'")); $this->request['conf_group'] = $data['conf_title_id']; $conf_group = $data['conf_title_id']; $this->request['groupHelpKey'] = $data['conf_title_keyword']; } //----------------------------------------- // check... //----------------------------------------- if ((!$conf_group and !$search_key) && !$search_key) { $this->registry->output->global_message = $this->lang->words['s_nogroup']; $this->_settingsOverview(); return; } //----------------------------------------- // Pagination //----------------------------------------- $pages = $this->registry->output->generatePagination(array('totalItems' => $this->setting_groups[$conf_group]['conf_title_count'], 'itemsPerPage' => $end, 'currentStartValue' => $start, 'baseUrl' => $this->settings['base_url'] . "&{$this->form_code}&&search={$search_key}")); //----------------------------------------- // Did we search? //----------------------------------------- if ($search_key) { $keywords = strtolower($search_key); $whereExtra = $conf_group ? " AND c.conf_group={$conf_group}" : ''; $this->DB->build(array('select' => 'c.*', 'from' => array('core_sys_conf_settings' => 'c'), 'where' => "(LOWER(conf_title) LIKE '%{$keywords}%' OR LOWER(conf_description) LIKE '%{$keywords}%' OR LOWER(conf_keywords) LIKE '%{$keywords}%')" . $whereExtra, 'order' => 'c.conf_title', 'limit' => array($start, $end), 'add_join' => array(array('select' => 'ct.conf_title_id, ct.conf_title_noshow, ct.conf_title_title, ct.conf_title_tab', 'from' => array('core_sys_settings_titles' => 'ct'), 'where' => 'ct.conf_title_id=c.conf_group', 'type' => 'left')))); $this->DB->execute(); while ($r = $this->DB->fetch()) { $r['conf_start_group'] = ""; $r['conf_end_group'] = ""; $r['conf_description'] .= '<br />' . $this->lang->words['conf_desc_search'] . "<a href='{$this->settings['base_url']}&app=core&module=tools&section=settings&do=setting_view&conf_group={$r['conf_title_id']}'>" . $r['conf_title_title'] . "</a>"; $conf_entry[$r['conf_id']] = $r; } if (!count($conf_entry)) { $this->registry->output->global_message = sprintf($this->lang->words['s_nomatches'], $keywords); $this->_settingsOverview(); return; } $title = sprintf($this->lang->words['s_searchedfor'], $keywords); $tab = ''; } else { $this->DB->build(array('select' => '*', 'from' => 'core_sys_conf_settings', 'where' => "conf_group='{$conf_group}'", 'order' => 'conf_position, conf_title', 'limit' => array($start, $end))); $this->DB->execute(); while ($r = $this->DB->fetch()) { $conf_entry[$r['conf_id']] = $r; if ($r['conf_end_group']) { $in_g = 0; } if ($in_g) { $this->in_group[] = $r['conf_id']; } if ($r['conf_start_group']) { $in_g = 1; } } $title = $this->setting_groups[$conf_group]['conf_title_title']; $tab = IPSText::md5Clean($this->setting_groups[$conf_group]['conf_title_tab']); $this->request['groupHelpKey'] = $this->setting_groups[$conf_group]['conf_title_keyword']; } //----------------------------------------- // Start output //----------------------------------------- $content = ""; if (is_array($conf_entry) and count($conf_entry)) { foreach ($conf_entry as $id => $r) { $content .= $this->_processSettingEntry($r); } } if (!$search_key and !$get_by_key) { $searchbutton = 1; } /* Navigation */ if ($tab) { $this->registry->output->extra_nav[] = array("{$this->settings['base_url']}{$this->form_code}&_dtab={$tab}", ipsRegistry::$applications[$this->setting_groups[$conf_group]['conf_title_app']]['app_title']); $this->registry->output->extra_nav[] = array("{$this->settings['base_url']}{$this->form_code}&do=setting_view&conf_group={$conf_group}", $title); } /* Output */ $this->registry->output->html .= $this->html->settings_view_wrapper($title, $content, $searchbutton, $this->return_after_save); $this->registry->output->html = str_replace('<!--HIDDEN.FIELDS-->', "<input type='hidden' name='settings_save' value='" . implode(",", $this->key_array) . "' />", $this->registry->output->html); }
/** * Stop ignoring the user's topics * * @access public * @param integer Member ID to stop ignoring * @param string Column to update * @return array Array of info */ public function stopIgnoringMember($ignoreId, $type = 'topics') { //----------------------------------------- // INIT //----------------------------------------- $this->lang->loadLanguageFile(array('public_usercp'), 'core'); $ignoreId = intval($ignoreId); $md5check = IPSText::md5Clean($this->request['md5check']); $antiType = $type == 'topics' ? 'messages' : 'topics'; //----------------------------------------- // MD5 check //----------------------------------------- if (!$ignoreId) { return array('error' => $this->lang->words['noignoreuser_noid']); } if ($md5check != $this->member->form_hash) { return array('error' => $this->lang->words['securehash_not_secure']); } //----------------------------------------- // Load member //----------------------------------------- $member = IPSMember::load($ignoreId, 'core'); //----------------------------------------- // Check //----------------------------------------- if (!$member['member_id']) { return array('error' => $this->lang->words['noignoreuser_noid']); } //----------------------------------------- // Already ignoring? //----------------------------------------- $ignoreMe = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ignored_users', 'where' => 'ignore_owner_id=' . $this->memberData['member_id'] . ' AND ignore_ignore_id=' . $member['member_id'])); if ($ignoreMe['ignore_id']) { if (!$ignoreMe['ignore_' . $antiType]) { $this->DB->delete('ignored_users', 'ignore_id=' . $ignoreMe['ignore_id']); } else { $this->DB->update('ignored_users', array('ignore_' . $type => 0), 'ignore_id=' . $ignoreMe['ignore_id']); } /* Rebuild cache */ IPSMember::rebuildIgnoredUsersCache($this->memberData); return array('message' => $this->lang->words['noignoreuser_success']); } else { return array('error' => $this->lang->words['noignoreuser_noid']); } }
/** * Completes the connection * * @access public * @return redirect * */ public function finishLogin() { /* From reg flag */ $connectData = array('t_key' => ''); if ($_REQUEST['key']) { $connectData = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'twitter_connect', 'where' => "t_key='" . IPSText::md5Clean($_REQUEST['key']) . "'")); if (!$connectData['t_key']) { throw new Exception("NO_KEY_FOUND"); } /* Delete connect row */ $this->DB->delete('twitter_connect', "t_key='" . IPSText::md5Clean($_REQUEST['key']) . "'"); $member = array('twitter_token' => $connectData['t_token'], 'twitter_secret' => $connectData['t_secret']); } if ($_REQUEST['oauth_token']) { if ($member['twitter_token'] == $_REQUEST['oauth_token']) { /* Reset api to ensure user is not logged in */ require_once IPS_KERNEL_PATH . 'twitter/twitteroauth.php'; /*noLibHook*/ $this->_api = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $member['twitter_token'], $member['twitter_secret']); /* Generate oAuth token */ $rToken = $this->_api->getAccessToken($_REQUEST['oauth_verifier']); if ($rToken['oauth_token'] and $rToken['oauth_token_secret']) { $_userData = $this->_api->get('account/verify_credentials'); /* From registration? */ if ($connectData['t_key']) { /* Got a member linked already? */ $_member = IPSMember::load($_userData['id'], 'all', 'twitter_id'); if ($_member['member_id']) { $memberData = array_merge($member, $_member); /* Ensure user's row is up to date */ IPSMember::save($memberData['member_id'], array('core' => array('twitter_token' => $rToken['oauth_token'], 'twitter_secret' => $rToken['oauth_token_secret']))); /* Check for partial member id */ $pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id'])); if ($pmember['partial_member_id']) { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']); } else { /* Here, so log us in!! */ /* changed by denchu 26/12/12 */ $r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE); if (is_array($r)) { if (isset($r[1])) { $this->registry->getClass('output')->redirectScreen($r[0], $r[1]); $this->registry->getClass('output')->silentRedirect($r[1]); } else { $this->registry->getClass('output')->silentRedirect($r[0]); } } elseif (!$r) { throw new Exception('LINKED_MEMBER_LOGIN_FAIL'); } else { $this->registry->getClass('output')->silentRedirect($this->settings['base_url']); } } } else { /* No? Create a new member */ /* Generate BW options */ foreach (array('tc_s_pic', 'tc_s_status', 'tc_s_aboutme', 'tc_si_status') as $field) { $_toSave[$field] = 1; } $tc_bwoptions = IPSBWOptions::freeze($_toSave, 'twitter'); $safeFBName = str_replace(' ', '', IPSText::convertCharsets($_userData['screen_name'], 'utf-8', IPS_DOC_CHAR_SET)); /* Make sure usernames are safe */ if ($this->settings['username_characters']) { $check_against = preg_quote($this->settings['username_characters'], "/"); $check_against = str_replace('\\-', '-', $check_against); $safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName); } $displayName = !$this->settings['auth_allow_dnames'] ? $safeFBName : FALSE; /* From reg, so create new account properly */ $toSave = array('core' => array('name' => $safeFBName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['tc_mgid'] ? $this->settings['tc_mgid'] : $this->settings['member_group'], 'email' => '', 'twitter_id' => $_userData['id'], 'twitter_token' => $rToken['oauth_token'], 'twitter_secret' => $rToken['oauth_token_secret']), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['description'], 'utf-8', IPS_DOC_CHAR_SET)), 'tc_bwoptions' => $tc_bwoptions)); $memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE); if (!$memberData['member_id']) { throw new Exception('CREATION_FAIL'); } /* Sync up photo */ $this->syncMember($memberData['member_id']); $pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id'])); if ($pmember['partial_member_id']) { $this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']); } else { throw new Exception('CREATION_FAIL'); } } } } } } }
public function helpMe($api_key, $api_module) { //----------------------------------------- // INIT //----------------------------------------- $api_key = IPSText::md5Clean($api_key); $api_module = IPSText::parseCleanValue($api_module); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($api_key, $api_module, 'helpMe') !== FALSE) { //----------------------------------------- // Add log //----------------------------------------- $this->addLogging($api_key); $this->classApiServer->apiSendReply($groups); exit; } }
/** * Delete a block * * @access protected * @return void */ protected function _deleteBlock() { if ($this->request['type'] == 'wizard') { $id = IPSText::md5Clean($this->request['block']); $this->DB->delete('ccs_block_wizard', "wizard_id='{$id}'"); $this->registry->output->global_message = $this->lang->words['wsession_deleted']; } else { $id = intval($this->request['block']); $block = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_blocks', 'where' => 'block_id=' . $id)); $config = unserialize($block['block_config']); $this->DB->delete('ccs_blocks', 'block_id=' . $id); $template = array(); switch ($block['block_type']) { case 'custom': $templateName = "block__custom_{$block['block_id']}"; $template = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_template_blocks', 'where' => "tpb_name='{$templateName}'")); break; case 'feed': require_once IPSLib::getAppDir('ccs') . '/sources/blocks/feed/feedInterface.php'; require_once IPSLib::getAppDir('ccs') . '/sources/blocks/feed/data_sources/' . $config['feed'] . '.php'; $_className = "feed_" . $config['feed']; $_class = new $_className($this->registry); $_feedConfig = $_class->returnFeedInfo(); $template = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_template_blocks', 'where' => "tpb_name='{$_feedConfig['templateBit']}_{$block['block_id']}'")); break; case 'plugin': require_once IPSLib::getAppDir('ccs') . '/sources/blocks/plugin/pluginInterface.php'; require_once IPSLib::getAppDir('ccs') . '/sources/blocks/plugin/' . $config['plugin'] . '/plugin.php'; $_className = "plugin_" . $config['plugin']; $_class = new $_className($this->registry); $_pluginConfig = $_class->returnPluginInfo(); $template = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_template_blocks', 'where' => "tpb_name='{$_pluginConfig['templateBit']}_{$block['block_id']}'")); break; } if ($template['tpb_id']) { $this->DB->delete('ccs_template_blocks', 'tpb_id=' . $template['tpb_id']); $this->DB->delete('ccs_template_cache', "cache_type='block' AND cache_type_id=" . $template['tpb_id']); } //----------------------------------------- // Clear page caches //----------------------------------------- $this->DB->update('ccs_pages', array('page_cache' => null)); $this->registry->output->global_message = $this->lang->words['block_deleted']; //----------------------------------------- // Recache the "skin" file //----------------------------------------- require_once IPSLib::getAppDir('ccs') . '/sources/pages.php'; $_pagesClass = new pageBuilder($this->registry); $_pagesClass->recacheTemplateCache(); } $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . '&module=blocks§ion=blocks'); }
/** * Returns topics based on request params * * @access public * @param string $api_key Authentication Key * @param string $api_module Module * @param string $forum_ids Comma separated list of forum ids * @param string $order_field DB field to order by * @param string $order_by One of "asc" or "desc" * @param integer $offset Start point offset for results * @param integer $limit Number of results to pull * @param bool $view_as_guest Treat user as a guest * @return string xml */ public function fetchTopics($api_key, $api_module, $forum_ids, $order_field, $order_by, $offset, $limit, $view_as_guest) { //----------------------------------------- // INIT //----------------------------------------- $api_key = IPSText::md5Clean($api_key); $api_module = IPSText::parseCleanValue($api_module); $forum_ids = IPSText::parseCleanValue($forum_ids); $order_field = IPSText::parseCleanValue($order_field); $order_by = strtolower($order_by) == 'asc' ? 'asc' : 'desc'; $offset = intval($offset); $limit = intval($limit); $view_as_guest = intval($view_as_guest); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($api_key, $api_module, 'fetchTopics') !== FALSE) { //----------------------------------------- // Add log //----------------------------------------- if (ipsRegistry::$settings['xmlrpc_log_type'] != 'failed') { $this->registry->DB()->insert('api_log', array('api_log_key' => $api_key, 'api_log_ip' => $_SERVER['REMOTE_ADDR'], 'api_log_date' => time(), 'api_log_query' => $this->classApiServer->raw_request, 'api_log_allowed' => 1)); } //----------------------------------------- // Get API classes //----------------------------------------- require_once IPS_ROOT_PATH . '/api/forums/api_topic_view.php'; $topic_view = new apiTopicView(); //----------------------------------------- // Fetch topic list //----------------------------------------- $topic_view->topic_list_config['order_field'] = $order_field; $topic_view->topic_list_config['order_by'] = $order_by; $topic_view->topic_list_config['forums'] = $forum_ids; $topic_view->topic_list_config['offset'] = $offset; $topic_view->topic_list_config['limit'] = $limit; $topics = $topic_view->return_topic_list_data($view_as_guest); //----------------------------------------- // Return the data //----------------------------------------- $this->classApiServer->apiSendReply($topics); exit; } }
/** * This is a proxy function. It determines what step of the wizard we are on and acts appropriately * * @access protected * @return void */ protected function _wizardProxy() { //----------------------------------------- // INIT //----------------------------------------- $sessionId = $this->request['wizard_session'] ? IPSText::md5Clean($this->request['wizard_session']) : md5(uniqid(microtime(), true)); $session = array(); if ($this->request['wizard_session']) { $session = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_block_wizard', 'where' => "wizard_id='{$sessionId}'")); } else { $this->DB->insert('ccs_block_wizard', array('wizard_id' => $sessionId, 'wizard_step' => 0, 'wizard_started' => time())); } //----------------------------------------- // Proxy off to appropriate function //----------------------------------------- if ($session['wizard_type'] and file_exists(IPSLib::getAppDir('ccs') . '/sources/blocks/' . $session['wizard_type'] . '/admin.php')) { require_once IPSLib::getAppDir('ccs') . '/sources/blocks/adminInterface.php'; require_once IPSLib::getAppDir('ccs') . '/sources/blocks/' . $session['wizard_type'] . '/admin.php'; $className = "adminBlockHelper_" . $session['wizard_type']; $extender = new $className($this->registry); $this->registry->output->html .= $extender->returnNextStep($session); } else { $_blockTypes = array(); require_once IPSLib::getAppDir('ccs') . '/sources/blocks/adminInterface.php'; foreach (new DirectoryIterator(IPSLib::getAppDir('ccs') . '/sources/blocks') as $object) { if ($object->isDir() and !$object->isDot()) { if (file_exists($object->getPathname() . '/admin.php')) { $_folder = str_replace(IPSLib::getAppDir('ccs') . '/sources/blocks/', '', str_replace('\\', '/', $object->getPathname())); require_once $object->getPathname() . '/admin.php'; $_className = "adminBlockHelper_" . $_folder; $_class = new $_className($this->registry); $_blockTypes[] = $_class->getBlockConfig(); } } } $this->registry->output->html .= $this->html->wizard_step_1($sessionId, $_blockTypes); } }
/** * Class entry point * * @access public * @param object Registry reference * @return void [Outputs to screen] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval($this->request['member_id']); $member = array(); $command = trim($this->request['cmd']); $value = $this->convertAndMakeSafe($this->request['value'], 0); $md5_check = IPSText::md5Clean($this->request['md5check']); $return_string = ''; $pp_b_day = intval($this->request['pp_b_day']); $pp_b_month = intval($this->request['pp_b_month']); $pp_b_year = intval($this->request['pp_b_year']); //----------------------------------------- // MD5 check //----------------------------------------- if ($md5_check != $this->member->form_hash) { $this->returnString('error'); } //----------------------------------------- // Check //----------------------------------------- if (!$member_id or !$this->memberData['member_id']) { $this->returnString('error'); } if (!$this->memberData['g_edit_profile']) { $this->returnString('error'); } //----------------------------------------- // Load member //----------------------------------------- $member = IPSMember::load($member_id, 'extendedProfile,groups'); if (!$member['member_id']) { $this->returnString('error'); } //----------------------------------------- // Not the same member? //----------------------------------------- if (!$this->memberData['g_is_supmod'] and $member_id != $this->memberData['member_id']) { $this->returnString('error'); } //----------------------------------------- // Alright.. what are we doing? //----------------------------------------- switch ($command) { case 'birthdate': $this->registry->class_localization->loadLanguageFile(array('public_profile')); if ($pp_b_month or $pp_b_day or $pp_b_year) { if (!$pp_b_month or !$pp_b_day) { $return_string = 'dateerror'; } } if ($pp_b_month and $pp_b_day and $pp_b_year and !@checkdate($pp_b_month, $pp_b_day, $pp_b_year)) { $return_string = 'dateerror'; } if ($return_string != 'dateerror') { IPSMember::save($member_id, array('core' => array('bday_month' => intval($pp_b_month), 'bday_day' => intval($pp_b_day), 'bday_year' => intval($pp_b_year)))); $_pp_b_month = ''; if ($pp_b_month > 0 and $pp_b_month < 13) { $_pp_b_month = $this->lang->words['M_' . $pp_b_month]; } $date_vars = array(); # Adding this to support birthdays that don't specify all 3 params if ($_pp_b_month) { $date_vars[] = $_pp_b_month; } if ($pp_b_day) { $date_vars[] = $pp_b_day; } if ($pp_b_year) { $date_vars[] = $pp_b_year; } $return_string = count($date_vars) ? implode('-', $date_vars) : $this->lang->words['m_bday_unknown']; } } $this->returnString($return_string); }
/** * Fetch a JSON list of template bits for the template group * * @return @e void */ protected function _getTemplateBitList() { //----------------------------------------- // INIT //----------------------------------------- $setID = intval($this->request['setID']); $templateGroup = IPSText::alphanumericalClean($this->request['templateGroup']); $sessionID = IPSText::md5Clean($this->request['sessionID']); $templates = array(); //----------------------------------------- // Checks... //----------------------------------------- if (!$setID or !$templateGroup or !$sessionID) { $this->returnJsonError($this->lang->words['ajax_missing_data']); } //----------------------------------------- // Get templates //----------------------------------------- $sessionData = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'template_sandr', 'where' => "sandr_session_id='" . addslashes($sessionID) . "'")); $templateIDs = unserialize($sessionData['sandr_results']); $this->DB->build(array('select' => '*', 'from' => 'skin_templates', 'where' => 'template_id IN (' . implode(',', array_values($templateIDs[$templateGroup])) . ')')); $this->DB->execute(); while ($row = $this->DB->fetch()) { unset($row['template_content']); $templates[] = $row; } $this->returnJsonArray(array('templates' => $templates)); }
/** * Loads the content for the comments tab * * @access private * @return void [Prints to screen] * @since IPB 2.2.0.2006-08-02 */ private function _viewComments() { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval($this->request['member_id']); $md5check = IPSText::md5Clean($this->request['md5check']); $content = ''; $comment_perpage = 10; $pages = ''; $start = intval($this->request['st']); $sql_extra = ''; //----------------------------------------- // MD5 check //----------------------------------------- if ($md5check != $this->member->form_hash) { die(''); } //----------------------------------------- // Not my tab? So no moderation... //----------------------------------------- if ($member_id != $this->memberData['member_id'] and !$this->memberData['g_is_supmod']) { $sql_extra = ' AND comment_approved=1'; } //----------------------------------------- // Load member //----------------------------------------- $member = IPSMember::load($member_id); //----------------------------------------- // Check //----------------------------------------- if (!$member['member_id']) { die(''); } //----------------------------------------- // How many comments must a man write down // before he is considered a spammer? //----------------------------------------- $comment_count = $this->DB->buildAndFetch(array('select' => 'count(*) as count_comment', 'from' => 'profile_comments', 'where' => 'comment_for_member_id=' . $member_id . $sql_extra)); //----------------------------------------- // Pages //----------------------------------------- $pages = $this->registry->output->generatePagination(array('totalItems' => intval($comment_count['count_comment']), 'itemsPerPage' => $comment_perpage, 'currentStartValue' => $start, 'baseUrl' => $this->settings['base_url'] . 'app=members&section=comments&module=profile&member_id=' . $member_id . '&do=view&md5check=' . $this->member->form_hash)); //----------------------------------------- // Regenerate comments... //----------------------------------------- $this->DB->build(array('select' => 'pc.*', 'from' => array('profile_comments' => 'pc'), 'where' => 'pc.comment_for_member_id=' . $member_id . $sql_extra, 'order' => 'pc.comment_date DESC', 'limit' => array($start, $comment_perpage), 'add_join' => array(0 => array('select' => 'm.members_display_name, m.login_anonymous', 'from' => array('members' => 'm'), 'where' => 'm.member_id=pc.comment_by_member_id', 'type' => 'left'), 1 => array('select' => 'pp.*', 'from' => array('profile_portal' => 'pp'), 'where' => 'pp.pp_member_id=m.member_id', 'type' => 'left')))); $o = $this->DB->execute(); while ($row = $this->DB->fetch($o)) { $row['comment_content'] = IPSText::wordwrap($row['comment_content'], '19', ' '); $row = IPSMember::buildDisplayData($row, 0); if (!$row['members_display_name_short']) { $row = array_merge($row, IPSMember::setUpGuest()); } $comments[] = $row; } //----------------------------------------- // Ok.. show the settings //----------------------------------------- $content = $this->registry->getClass('output')->getTemplate('profile')->showIframeComments($member, $comments, $pages); $this->registry->getClass('output')->setTitle($this->settings['board_name']); $this->registry->getClass('output')->popUpWindow($content); }
/** * This is a proxy function. It determines what step of the wizard we are on and acts appropriately * * @access protected * @return void */ protected function _wizardProxy() { //----------------------------------------- // If it's a different type - proxy there //----------------------------------------- if ($this->request['fileType'] == 'css' or $this->request['fileType'] == 'js') { return $this->easyForm('add', $this->request['fileType']); } //----------------------------------------- // INIT //----------------------------------------- $sessionId = $this->request['wizard_session'] ? IPSText::md5Clean($this->request['wizard_session']) : md5(uniqid(microtime(), true)); $session = array('wizard_step' => 0, 'wizard_id' => $sessionId, 'wizard_started' => time(), 'wizard_ipb_wrapper' => $this->settings['ccs_use_ipb_wrapper']); if ($this->request['wizard_session']) { $session = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'ccs_page_wizard', 'where' => "wizard_id='{$sessionId}'")); } else { $this->DB->insert('ccs_page_wizard', $session); } $session['wizard_step'] = $this->request['step'] ? $this->request['step'] : 0; //----------------------------------------- // Got stuff to save? //----------------------------------------- if ($session['wizard_step'] > 0 and !$this->request['continuing']) { $session = $this->_storeSubmittedData($session); } //----------------------------------------- // Proxy off to appropriate function //----------------------------------------- $step = $session['wizard_step'] + 1; $step = $step > 0 ? $step : 1; $_func = "wizard_step_" . $step; $additional = array(); switch ($step) { //----------------------------------------- // Step 1: Grab folders and templates for form //----------------------------------------- case 1: $additional['folders'] = array(); $additional['templates'] = array(); //----------------------------------------- // Get templates //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'ccs_page_templates', 'order' => 'template_name ASC')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $additional['templates'][] = array($r['template_id'], $r['template_name']); } //----------------------------------------- // Get folders //----------------------------------------- $folders = array(); $this->DB->build(array('select' => '*', 'from' => 'ccs_folders')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $additional['folders'][] = array($r['folder_path'], $r['folder_path']); } //----------------------------------------- // Edit content only by default //----------------------------------------- if (!$session['wizard_edit_id']) { $session['wizard_content_only'] = 1; } break; //----------------------------------------- // Step 2: Show the appropriate editor //----------------------------------------- //----------------------------------------- // Step 2: Show the appropriate editor //----------------------------------------- case 2: //----------------------------------------- // If we are not editing content only, not // editing an existing page, and have a // template id, get it as default content //----------------------------------------- if (!$session['wizard_content_only'] and !$session['wizard_edit_id'] and $session['wizard_template']) { $template = $this->DB->buildAndFetch(array('select' => 'template_content', 'from' => 'ccs_page_templates', 'where' => 'template_id=' . intval($session['wizard_template']))); $session['wizard_content'] = $template['template_content']; } //----------------------------------------- // Sort parse for editor //----------------------------------------- if ($session['wizard_type'] == 'bbcode') { IPSText::getTextClass('bbcode')->bypass_badwords = 1; IPSText::getTextClass('bbcode')->parse_smilies = 1; IPSText::getTextClass('bbcode')->parse_html = 1; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parse_bbcode = 1; IPSText::getTextClass('bbcode')->parsing_section = 'global'; if ($session['wizard_previous_type'] != 'bbcode') { $session['wizard_content'] = IPSText::getTextClass('bbcode')->preDbParse($session['wizard_content']); } if (IPSText::getTextClass('editor')->method == 'rte') { $content = IPSText::getTextClass('bbcode')->convertForRTE($session['wizard_content']); } else { $content = IPSText::getTextClass('bbcode')->preEditParse($session['wizard_content']); } $editor_area = IPSText::getTextClass('editor')->showEditor($content, 'content'); } else { if ($session['wizard_previous_type'] == 'bbcode') { $session['wizard_content'] = html_entity_decode($session['wizard_content'], ENT_QUOTES); } $editor_area = $this->registry->output->formTextarea("content", htmlspecialchars($session['wizard_content']), 100, 30, "content", "style='width:100%;'"); } $additional['editor'] = $editor_area; break; //----------------------------------------- // Step 4: Permissions //----------------------------------------- //----------------------------------------- // Step 4: Permissions //----------------------------------------- case 4: if ($session['wizard_perms'] == '*' or !$session['wizard_edit_id']) { $additional['all_masks'] = 1; } else { $additional['masks'] = explode(',', $session['wizard_perms']); } $additional['avail_masks'] = array(); $this->DB->build(array('select' => '*', 'from' => 'forum_perms', 'order' => 'perm_name ASC')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $additional['avail_masks'][] = array($r['perm_id'], $r['perm_name']); } break; //----------------------------------------- // Step 5: Save to DB, destroy wizard session, // show complete page //----------------------------------------- //----------------------------------------- // Step 5: Save to DB, destroy wizard session, // show complete page //----------------------------------------- case 5: $page = array('page_name' => $session['wizard_name'], 'page_seo_name' => $session['wizard_seo_name'], 'page_description' => $session['wizard_description'], 'page_folder' => $session['wizard_folder'], 'page_type' => $session['wizard_type'], 'page_last_edited' => time(), 'page_template_used' => $session['wizard_template'], 'page_content' => $session['wizard_content'], 'page_view_perms' => $session['wizard_perms'], 'page_cache_ttl' => $session['wizard_cache_ttl'], 'page_content_only' => $session['wizard_content_only'], 'page_meta_keywords' => $session['wizard_meta_keywords'], 'page_meta_description' => $session['wizard_meta_description'], 'page_content_type' => 'page', 'page_ipb_wrapper' => $session['wizard_ipb_wrapper']); if ($page['page_cache_ttl']) { require_once IPSLib::getAppDir('ccs') . '/sources/pages.php'; $pageBuilder = new pageBuilder($this->registry); $page['page_cache'] = $pageBuilder->recachePage($page); $page['page_cache_last'] = time(); } if ($session['wizard_edit_id']) { $this->DB->update('ccs_pages', $page, 'page_id=' . $session['wizard_edit_id']); $page['page_id'] = $session['wizard_edit_id']; } else { $this->DB->insert('ccs_pages', $page); $page['page_id'] = $this->DB->getInsertId(); } $this->DB->delete('ccs_page_wizard', "wizard_id='{$session['wizard_id']}'"); $session = array_merge($session, $page); break; } $this->registry->output->html .= $this->html->{$_func}($session, $additional); }
/** * Moderate pending friends * * @return @e void [Prints to screen] * @since IPB 2.2.0.2006-08-09 */ protected function _moderation() { //----------------------------------------- // INIT //----------------------------------------- $md5check = IPSText::md5Clean($this->request['md5check']); $friends = array(); $friend_ids = array(); $friend_member_ids = array(); $_friend_ids = array(); $friends_already = array(); $friends_update = array(); $member = array(); $pp_option = $this->request['pp_option'] == 'delete' ? 'delete' : 'add'; $message = ''; $subject = ''; $msg = 'pp_friend_approved'; //----------------------------------------- // MD5 check //----------------------------------------- if ($md5check != $this->member->form_hash) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); } //----------------------------------------- // Get friends... //----------------------------------------- if (!is_array($this->request['pp_friend_id']) or !count($this->request['pp_friend_id'])) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); } //----------------------------------------- // Figure IDs //----------------------------------------- foreach ($this->request['pp_friend_id'] as $key => $value) { $_key = intval($key); if ($_key) { $_friend_ids[$_key] = $_key; } } if (!is_array($_friend_ids) or !count($_friend_ids)) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); } //----------------------------------------- // Check our friends are OK //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'profile_friends', 'where' => 'friends_friend_id=' . $this->memberData['member_id'] . ' AND friends_approved=0 AND friends_member_id IN (' . implode(',', $_friend_ids) . ')')); $this->DB->execute(); while ($row = $this->DB->fetch()) { $friend_ids[$row['friends_id']] = $row['friends_id']; $friend_member_ids[$row['friends_member_id']] = $row['friends_member_id']; } if (!is_array($friend_ids) or !count($friend_ids)) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); } //----------------------------------------- // Load friends... //----------------------------------------- $friends = IPSMember::load($friend_member_ids); //----------------------------------------- // Check... //----------------------------------------- if (!is_array($friends) or !count($friends) or !$this->memberData['member_id']) { $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=error&tab=pending'); } //----------------------------------------- // What to do? //----------------------------------------- if ($pp_option == 'delete') { //----------------------------------------- // Delete friends records //----------------------------------------- foreach ($friend_member_ids as $friend_id) { $this->friend_lib->removeFriend($this->memberData['member_id'], $friend_id); $this->friend_lib->removeFriend($friend_id, $this->memberData['member_id']); } $msg = 'pp_friend_removed'; } else { //----------------------------------------- // Ok.. approve them in the DB. //----------------------------------------- $this->DB->update('profile_friends', array('friends_approved' => 1), 'friends_id IN(' . implode(',', $friend_ids) . ')'); //----------------------------------------- // And make sure they're added in reverse //----------------------------------------- foreach ($friend_member_ids as $friend_id) { $this->friend_lib->addFriend($friend_id, $this->memberData['member_id'], true, false); } //----------------------------------------- // Catch all (should find any missing friends) //----------------------------------------- if ($pp_option == 'add') { //----------------------------------------- // Find out who isn't already on your list... //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'profile_friends', 'where' => 'friends_friend_id=' . $this->memberData['member_id'] . ' AND friends_approved=1 AND friends_member_id IN (' . implode(',', $_friend_ids) . ')')); $this->DB->execute(); while ($row = $this->DB->fetch()) { $friends_already[$row['friends_member_id']] = $row['friends_member_id']; } //----------------------------------------- // Check which aren't already members... //----------------------------------------- foreach ($friend_member_ids as $id => $_id) { if (in_array($id, $friends_already)) { continue; } $friends_update[$id] = $id; } //----------------------------------------- // Gonna do it? //----------------------------------------- if (is_array($friends_update) and count($friends_update)) { foreach ($friends_update as $id) { $this->DB->insert('profile_friends', array('friends_member_id' => $id, 'friends_friend_id' => $this->memberData['member_id'], 'friends_approved' => 1, 'friends_added' => time())); } } } //----------------------------------------- // Send out message... //----------------------------------------- foreach ($friends as $friend) { //----------------------------------------- // Notifications library //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/member/notifications.php', 'notifications'); $notifyLibrary = new $classToLoad($this->registry); IPSText::getTextClass('email')->getTemplate("new_friend_approved"); IPSText::getTextClass('email')->buildMessage(array('MEMBERS_DISPLAY_NAME' => $friend['members_display_name'], 'FRIEND_NAME' => $this->memberData['members_display_name'], 'LINK' => $this->settings['board_url'] . '/index.' . $this->settings['php_ext'] . '?app=members&module=profile&section=friends&do=list')); IPSText::getTextClass('email')->subject = sprintf(IPSText::getTextClass('email')->subject, $this->registry->output->buildSEOUrl('showuser='******'member_id'], 'public', $this->memberData['members_seo_name'], 'showuser'), $this->memberData['members_display_name']); $notifyLibrary->setMember($friend); $notifyLibrary->setFrom($this->memberData); $notifyLibrary->setNotificationKey('friend_request_approve'); $notifyLibrary->setNotificationUrl($this->registry->output->buildSEOUrl('showuser='******'member_id'], 'public', $this->memberData['members_seo_name'], 'showuser')); $notifyLibrary->setNotificationText(IPSText::getTextClass('email')->message); $notifyLibrary->setNotificationTitle(IPSText::getTextClass('email')->subject); try { $notifyLibrary->sendNotification(); } catch (Exception $e) { } } $this->friend_lib->recacheFriends($friend); } //----------------------------------------- // Recache.. //----------------------------------------- $this->friend_lib->recacheFriends($this->memberData); //----------------------------------------- // Return //----------------------------------------- $this->registry->output->silentRedirect($this->settings['base_url'] . '&app=members§ion=friends&module=profile&do=list&___msg=' . $msg . '&tab=pending'); }
/** * Class entry point * * @param object Registry reference * @return @e void [Outputs to screen] */ public function doExecute(ipsRegistry $registry) { //----------------------------------------- // INIT //----------------------------------------- $rating_id = intval($this->request['rating']); $rating_id = $rating_id > 5 ? 5 : $rating_id; $rating_id = $rating_id < 1 ? 1 : $rating_id; $member_id = intval($this->request['member_id']); $member = array(); $type = 'new'; $md5_check = IPSText::md5Clean($this->request['md5check']); $error = array(); //----------------------------------------- // Check //----------------------------------------- if (!$this->settings['pp_allow_member_rate']) { $error['error_key'] = 'user_rate_no_perm'; $this->returnJsonArray($error); } if (!$member_id or !$this->memberData['member_id'] or $member_id == $this->memberData['member_id']) { $error['error_key'] = 'user_rate_no_perm'; $this->returnJsonArray($error); } //----------------------------------------- // MD5 check //----------------------------------------- if ($md5_check != $this->member->form_hash) { $error['error_key'] = 'user_rate_no_perm3'; $this->returnJsonArray($error); } $member = IPSMember::load($member_id, 'extendedProfile,groups'); if (!$member['member_id']) { $error['error_key'] = 'user_rate_no_perm4'; $this->returnJsonArray($error); } //----------------------------------------- // Have we already rated? //----------------------------------------- $rating = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'profile_ratings', 'where' => "rating_for_member_id={$member_id} AND rating_by_member_id=" . $this->memberData['member_id'])); //----------------------------------------- // Already rated? //----------------------------------------- if ($rating['rating_id']) { //----------------------------------------- // Do we allow re-ratings? //----------------------------------------- if ($rating_id != $rating['rating_value']) { $member['pp_rating_value'] = intval($member['pp_rating_value']); $member['pp_rating_value'] = $member['pp_rating_value'] + $rating_id - $rating['rating_value']; $this->DB->update('profile_ratings', array('rating_value' => $rating_id), 'rating_id=' . $rating['rating_id']); $this->DB->update('profile_portal', array('pp_rating_value' => $member['pp_rating_value'], 'pp_rating_real' => round($member['pp_rating_value'] / $member['pp_rating_hits'])), 'pp_member_id=' . $member_id); $type = 'update'; } } else { $member['pp_rating_value'] = intval($member['pp_rating_value']) + $rating_id; $member['pp_rating_hits'] = intval($member['pp_rating_hits']) + 1; $this->DB->insert('profile_ratings', array('rating_for_member_id' => $member_id, 'rating_by_member_id' => $this->memberData['member_id'], 'rating_value' => $rating_id, 'rating_ip_address' => $this->member->ip_address)); $this->DB->update('profile_portal', array('pp_rating_hits' => intval($member['pp_rating_hits']), 'pp_rating_value' => intval($member['pp_rating_value']), 'pp_rating_real' => round($member['pp_rating_value'] / $member['pp_rating_hits'])), 'pp_member_id=' . $member_id); } $member['pp_rating_real'] = round($member['pp_rating_value'] / $member['pp_rating_hits']); $return = array('rating' => $member['pp_rating_value'], 'total' => $member['pp_rating_real'], 'average' => $member['pp_rating_real'], 'rated' => $type); $this->outputResult($return, $member); }
/** * Authorize * * @access public * @return void */ public function __construct() { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); /* Grab session */ $_s = IPSText::md5Clean($this->request['s']); /* Got a session? */ if (!$_s) { return $this->_response(0, ''); } else { $this->DB->build(array('select' => '*', 'from' => 'upgrade_sessions', 'where' => "session_id='" . $_s . "'")); $this->DB->execute(); $_data = $this->DB->fetch(); if (!$_data['session_id']) { /* No record found */ return $this->_response(0, ''); } else { if (!$_data['session_member_id']) { /* No member ID found */ return $this->_response(0, 'Could not retrieve a valid member id'); } else { /* Load member */ self::instance()->data_store = $this->registry->getClass('legacy')->loadMemberData($_data['session_member_id']); /* Member exists? */ if (!self::instance()->data_store['email']) { return $this->_response(0, 'Member ID invalid'); } else { /* Authenticate */ if ($_data['session_member_key'] != $this->registry->getClass('legacy')->fetchAuthKey()) { return $this->_response(0, 'Session not authenticated'); } else { /* ACP access? */ if (self::instance()->data_store['g_access_cp'] != 1) { return $this->_response(0, 'You do not have access to the administrative CP'); } else { $this->_validated = TRUE; } } } } } } //-------------------------------------------- // If we're here, we're valid... //-------------------------------------------- if ($this->_validated === TRUE) { self::setUpMember(); if ($_data['session_current_time'] < time() - $this->_time_out_secs) { return $this->_response(0, ''); } else { if (IPB_UPGRADER_IP_MATCH) { $first_ip = preg_replace("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/", "\\1.\\2.\\3", $_data['session_ip_address']); $second_ip = preg_replace("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/", "\\1.\\2.\\3", self::instance()->ip_address); if ($first_ip != $second_ip) { return $this->_response(0, 'Your current IP address does not match the one in our records'); } } } /* Still here? Lets update the session, then */ $this->DB->update('upgrade_sessions', array('session_current_time' => time(), 'session_section' => $this->request['section'], 'session_post' => serialize($_POST), 'session_get' => serialize($_GET)), 'session_id=\'' . $this->request['s'] . '\''); /* If we're hitting the index and we have a valid session, go right to overview */ if (!$this->request['section'] or $this->request['section'] == 'index') { $this->request['section'] = 'overview'; } return $this->_response(1, ''); } }
/** * Returns topics based on request params * * @param string $api_key Authentication Key * @param string $api_module Module * @param string $forum_ids Comma separated list of forum ids * @param string $order_field DB field to order by * @param string $order_by One of "asc" or "desc" * @param integer $offset Start point offset for results * @param integer $limit Number of results to pull * @param bool $view_as_guest Treat user as a guest * @return string xml */ public function fetchTopics($api_key, $api_module, $forum_ids, $order_field, $order_by, $offset, $limit, $view_as_guest, $parse_display) { //----------------------------------------- // INIT //----------------------------------------- $api_key = IPSText::md5Clean($api_key); $api_module = IPSText::parseCleanValue($api_module); $forum_ids = IPSText::parseCleanValue($forum_ids); $order_field = IPSText::parseCleanValue($order_field); $order_by = strtolower($order_by) == 'asc' ? 'asc' : 'desc'; $offset = intval($offset); $limit = intval($limit); $view_as_guest = intval($view_as_guest); $parse_display = intval($parse_display); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($api_key, $api_module, 'fetchTopics') !== FALSE) { //----------------------------------------- // Add log //----------------------------------------- $this->addLogging($api_key); //----------------------------------------- // Get API classes //----------------------------------------- $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/api/forums/api_topic_view.php', 'apiTopicView'); $topic_view = new $classToLoad(); //----------------------------------------- // Fetch topic list //----------------------------------------- $topic_view->topic_list_config['order_field'] = $order_field; $topic_view->topic_list_config['order_by'] = $order_by; $topic_view->topic_list_config['forums'] = $forum_ids; $topic_view->topic_list_config['offset'] = $offset; $topic_view->topic_list_config['limit'] = $limit; $topics = $topic_view->return_topic_list_data($view_as_guest, $parse_display); //----------------------------------------- // Return the data //----------------------------------------- $this->classApiServer->apiSendReply($topics); exit; } }
/** * Authorize * * @access public * @return @e void */ public function __construct() { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); /* Grab session */ $_s = IPSText::md5Clean($this->request['s']); /* Got a session? */ if (!$_s) { return $this->_response(0, ''); } else { $this->DB->build(array('select' => '*', 'from' => 'upgrade_sessions', 'where' => "session_id='" . $_s . "'")); $this->DB->execute(); $_data = $this->DB->fetch(); if (!$_data['session_id']) { /* No record found */ return $this->_response(0, ''); } else { if (!$_data['session_member_id']) { /* No member ID found */ return $this->_response(0, 'Невозможно получить корректный ID пользователя'); } else { /* Load member */ self::instance()->data_store = $this->registry->getClass('legacy')->loadMemberData($_data['session_member_id']); /* Member exists? */ if (!self::instance()->data_store['email']) { return $this->_response(0, 'Неверный Email пользователя'); } else { /* Authenticate */ if ($_data['session_member_key'] != $this->registry->getClass('legacy')->fetchAuthKey()) { return $this->_response(0, 'Неверный ключ сессии'); } else { /* ACP access? */ if (self::instance()->data_store['g_access_cp'] != 1) { return $this->_response(0, 'У вас нет доступа к администраторским функциям'); } else { $this->_validated = TRUE; } } } } } } //-------------------------------------------- // If we're here, we're valid... //-------------------------------------------- if ($this->_validated === TRUE) { self::setUpMember(); if ($_data['session_current_time'] < time() - $this->_time_out_secs) { return $this->_response(0, ''); } else { if (IPB_UPGRADER_IP_MATCH) { $first_ip = preg_replace("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/", "\\1.\\2.\\3", $_data['session_ip_address']); $second_ip = preg_replace("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/", "\\1.\\2.\\3", self::instance()->ip_address); if ($first_ip != $second_ip) { return $this->_response(0, 'Ваш IP адрес не совпадает ни с одной из наших записей'); } } } /* Still here? Lets update the session, then */ $this->DB->update('upgrade_sessions', array('session_current_time' => time(), 'session_section' => $this->request['section'], 'session_post' => serialize($_POST), 'session_get' => serialize($_GET)), 'session_id=\'' . $this->request['s'] . '\''); /* If we're hitting the index and we have a valid session, go right to overview */ if (!$this->request['section'] or $this->request['section'] == 'index') { $this->request['section'] = 'overview'; } return $this->_response(1, ''); } }
/** * Request additional data from Converge * * @access public * @param string $auth_key Authenticate Key * @param string $product_id Product ID * @param string $gateway_key Gateway key * @param mixed $arg Additional arguments * @return @e void */ public function requestAdditionalData($auth_key, $product_id, $getdata_key, $arg) { //----------------------------------------- // INIT //----------------------------------------- $auth_key = IPSText::md5Clean($auth_key); $product_id = intval($product_id); $data = IPSText::parseCleanValue($data); $getdata_key = IPSText::parseCleanValue($getdata_key); //----------------------------------------- // Authenticate //----------------------------------------- if ($this->__authenticate($auth_key, $product_id) !== FALSE) { //----------------------------------------- // Grab local extension file //----------------------------------------- require_once DOC_IPS_ROOT_PATH . 'converge_local/apis/additional_methods.php'; /*noLibHook*/ $extension = new additional_methods($this->registry); if (is_callable(array($extension, $getdata_key))) { $data = @call_user_func(array($extension, $getdata_key), $arg); } $return = array('data' => base64_encode(serialize($data))); # return complex data $this->classApiServer->apiSendReply($return); exit; } }
/** * Setting titles wrapper * * @param array Setting groups * @param string Application tab to start on * @return string HTML */ public function settings_titles_wrapper($settings, $start_app = '') { $IPBHTML = ""; //--starthtml--// $_default_tab = !empty($this->request['_dtab']) ? $this->request['_dtab'] : 'System'; $IPBHTML .= <<<EOF <div class='section_title'> \t<h2>{$this->lang->words['tol_settings']}</h2> \t<div class='ipsActionBar clearfix'> \t\t<ul> \t\t\t<li class='ipsActionButton'> \t\t\t\t<a href='{$this->settings['base_url']}{$this->form_code}do=settinggroup_new'><img src='{$this->settings['skin_acp_url']}/images/icons/table_add.png' alt='' /> {$this->lang->words['tol_add_new_setting_group']}</a> \t\t\t</li> \t\t\t<!--<li class='ipsActionButton'> \t\t\t\t<a href='#'><img src='{$this->settings['skin_acp_url']}/images/icons/import.png' alt='' /> {$this->lang->words['tol_import_xml_settings']}</a> \t\t\t</li>--> \t\t\t<li class='ipsActionButton inDev'><a href='{$this->settings['base_url']}{$this->form_code}&do=settingsImportApps'><img src='{$this->settings['skin_acp_url']}/images/icons/import.png' alt='' /> Import All XML Settings</a></li> \t\t\t<li class='ipsActionButton inDev'><a href='{$this->settings['base_url']}{$this->form_code}&do=settingsExportApps'><img src='{$this->settings['skin_acp_url']}/images/icons/export.png' alt='' /> Export All XML Settings</a></li> \t\t</ul> \t</div> </div> <div class='acp-box'> <h3>{$this->lang->words['tol_settings_groups']}</h3>\t <div id='tabstrip_settings' class='ipsTabBar with_left with_right'> \t<span class='tab_left'>«</span> \t<span class='tab_right'>»</span> \t<ul> EOF; foreach ($settings as $tab => $group) { if (ipsRegistry::$request['app'] and $tab == ipsRegistry::$request['app']) { $_default_tab = $tab; } $_tab = IPSText::md5Clean($tab); $IPBHTML .= <<<EOF \t<li id='tab_{$_tab}'>{$tab}</li> \t EOF; } $IPBHTML .= <<<EOF \t</ul> </div> <div id='tabstrip_settings_content' class='ipsTabBar_content'> EOF; foreach ($settings as $tab => $app_data) { $_tab = IPSText::md5Clean($tab); $IPBHTML .= <<<EOF \t<div id='tab_{$_tab}_content'> \t\t<table class='ipsTable double_pad'> \t\t EOF; foreach ($app_data as $r) { if (IN_DEV) { $export_settings_group = "<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=MOD_export_setting&conf_group={$r['conf_title_id']}' title='{$this->lang->words['export_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/export_settings_group.png' alt='' /> {$this->lang->words['export_group']}</a>\r\n\t\t\t\t</li>"; } $img = is_file(IPSLib::getAppDir($r['conf_title_app']) . '/skin_cp/appIcon.png') ? $this->settings['base_acp_url'] . '/' . IPSLib::getAppFolder($r['conf_title_app']) . '/' . $r['conf_title_app'] . '/skin_cp/appIcon.png' : "{$this->settings['skin_acp_url']}/images/applications/{$r['conf_title_app']}.png"; $IPBHTML .= <<<EOF \t\t<tr class='ipsControlRow'> \t\t \t<td width='3%' style='text-align: center'><img src='{$img}' alt='{$this->lang->words['tol_folder']}' /></td> \t\t \t<td width='80%'> \t\t\t\t<a href='{$this->settings['base_url']}&{$this->form_code}&do=setting_view&conf_group={$r['conf_title_id']}' class='larger_text'><b>{$r['conf_title_title']}</b></a> \t\t\t\t<span class='desctext'>({$r['conf_title_count']} {$this->lang->words['settings_suffix']})</span> EOF; if ($r['conf_title_desc']) { $IPBHTML .= <<<EOF \t\t\t\t<br /><span class='desctext'>{$r['conf_title_desc']}</span> EOF; } $IPBHTML .= <<<EOF \t\t\t</td> \t\t\t<td class='col_buttons'> \t\t\t\t<ul class='ipsControlStrip'> \t\t\t\t\t<li class='i_edit'> \t\t\t\t\t\t<a href='{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_showedit&id={$r['conf_title_id']}' title='{$this->lang->words['tol_edit_settings_group']}'>{$this->lang->words['tol_edit_settings_group']}</a> \t\t\t\t\t</li> \t\t\t\t\t<li class='i_delete'> \t\t\t\t\t\t<a href='#' onclick='return acp.confirmDelete("{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_delete&id={$r['conf_title_id']}");' title='{$this->lang->words['tol_delete_settings_group']}'>{$this->lang->words['tol_delete_settings_group']}</a> \t\t\t\t\t</li> \t\t\t\t\t<li class='ipsControlStrip_more'> \t\t\t\t\t\t<a href='#' id="menu{$r['conf_title_id']}" class='ipbmenu'>{$this->lang->words['frm_options']}</a> \t\t\t\t\t</li> \t\t\t\t</ul>\t \t\t\t\t<ul class='acp-menu' id='menu{$r['conf_title_id']}_menucontent' style='display: none'> \t\t\t\t\t<li><a href='{$this->settings['base_url']}&{$this->form_code}&do=settinggroup_resync&id={$r['conf_title_id']}' title='{$this->lang->words['tol_recount_settings_group']}'><img src='{$this->settings['skin_acp_url']}/images/options_menu/rebuild_settings_group.png' alt='Icon' /> {$this->lang->words['tol_recount_settings_group']}</a></li> \t\t\t\t\t{$export_settings_group} \t\t\t\t</ul> \t\t\t</td> \t\t</tr> EOF; } $IPBHTML .= <<<EOF \t\t</table> \t</div> \t EOF; } $IPBHTML .= <<<EOF </div> </div> <script type='text/javascript'> \tjQ("#tabstrip_settings").ipsTabBar({tabWrap: "#tabstrip_settings_content", defaultTab: "tab_{$_default_tab}" }); </script> <br /> <form action='{$this->settings['base_url']}&{$this->form_code}&do=settings_do_import' enctype='multipart/form-data' method='post'> \t<div class='acp-box'> \t\t<h3>{$this->lang->words['tol_import_xml_settings']}</h3> \t\t<table class='ipsTable double_pad'> \t\t\t<tr> \t\t\t\t<td class='field_title'><strong class='title'>{$this->lang->words['tol_upload_xml_settings_file_from_']}</strong></td> \t\t\t\t<td class='field_field'><input class='textinput' type='file' size='30' name='FILE_UPLOAD' /><br /><span class='desctext'>{$this->lang->words['tol_duplicate_entries_will_not_be_']}</span></td> \t\t\t</tr> \t\t\t<tr> \t\t\t\t<td class='field_title'><strong class='title'>{$this->lang->words['tol_or_enter_the_filename_of_the_x']}</strong></td> \t\t\t\t<td class='field_field'><input class='textinput' type='text' size='30' name='file_location' /><br /><span class='desctext'>{$this->lang->words['tol_the_file_must_be_uploaded_into']}</span></td> \t\t\t</tr> \t\t</table> \t\t<div class='acp-actionbar'> \t\t\t<input type='submit' class='button primary' value='{$this->lang->words['t_import']}' /> \t\t</div> \t</div> </form> EOF; //--endhtml--// return $IPBHTML; }
/** * Verify login and extract member data information * * @access private * @return boolean */ private function _checkFirstPass() { //----------------------------------------- // Retrieve stored data //----------------------------------------- $id = IPSText::md5Clean($this->request['myopenid']); if (!$id) { $this->auth_errors[] = 'no_myopenid'; $this->return_code = 'NO_USER'; return false; } $this->data_store = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'openid_temp', 'where' => "id='{$id}'")); if (!$this->DB->getTotalRows()) { $this->auth_errors[] = 'no_myopenid'; $this->return_code = 'NO_USER'; return false; } $this->DB->delete('openid_temp', "id='{$id}'"); $consumer = $this->_getConsumer(); if ($this->is_admin_auth) { $return_to = $this->settings['base_url'] . 'app=core&module=login&do=login-complete&myopenid=' . $id; } else { $return_to = $this->settings['base_url'] . 'app=core&module=global§ion=login&do=process&myopenid=' . $id; } $response = $consumer->complete($return_to); if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $this->auth_errors[] = 'no_openid'; $this->return_code = 'WRONG_OPENID'; return false; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $this->auth_errors[] = 'no_openid'; $this->return_code = 'WRONG_OPENID'; return false; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); if (is_array($sreg) and count($sreg)) { $this->data_store = array_merge($this->data_store, $sreg); } } } } session_unset(); return true; }
/** * Delete a page * * @access protected * @return void */ protected function _deletePage() { if ($this->request['type'] == 'wizard') { $id = IPSText::md5Clean($this->request['page']); $this->DB->delete('ccs_page_wizard', "wizard_id='{$id}'"); $this->registry->output->global_message = $this->lang->words['wsession_deleted']; } else { $id = intval($this->request['page']); $this->DB->delete('ccs_pages', 'page_id=' . $id); $this->registry->output->global_message = $this->lang->words['page_deleted']; } $this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . '&module=pages§ion=list'); }