<button id="discord-verify" class="green typcn typcn-chevron-right">Show me the command</button>
</section>
<?php } ?>
<section>
<h2><?=$sameUser? Users::PROFILE_SECTION_PRIVACY_LEVEL['private']:''?>Unlink account</h2>
<p>By unlinking your account you revoke this site's access to your account information. This will also log you out on every device where you're currently logged in. The next time you want to log in, you'll have to link your account again. This will not remove any of your <strong>public</strong> data from our site, it's still kept locally.</p>
<button id="unlink" class="orange typcn typcn-times">Unlink Account</button>
</section>
<? } ?></div>
<?php
} ?>
</div>
<?php
if ($canEdit){
$ROLES = array();
if ($canEdit){
$_Roles = Permission::ROLES_ASSOC;
unset($_Roles['guest']);
unset($_Roles['ban']);
foreach ($_Roles as $name => $label){
if (Permission::insufficient($name, $currentUser->role))
continue;
$ROLES[$name] = $label;
}
}
echo CoreUtils::exportVars(array(
'ROLES' => $ROLES,
));
} ?>
if (!$Database->where('id', $Post->id)->update("{$thing}s", array('fullsize' => $fullsize))) {
Response::dbError();
}
Response::done(array('fullsize' => $fullsize));
}
}
}
}
}
$type = (new Input('what', function ($value) {
if (!in_array($value, Posts::$TYPES)) {
return Input::ERROR_INVALID;
}
}, array(Input::IS_OPTIONAL => true, Input::CUSTOM_ERROR_MESSAGES => array(Input::ERROR_INVALID => 'Post type (@value) is invalid'))))->out();
if (!empty($type) && $type === 'reservation') {
if (Permission::insufficient('member')) {
Response::fail();
}
Users::reservationLimitExceeded();
}
$Image = Posts::checkImage(Posts::validateImageURL());
if (empty($type)) {
Response::done(array('preview' => $Image->preview, 'title' => $Image->title));
}
$insert = array('preview' => $Image->preview, 'fullsize' => $Image->fullsize);
$season = Episodes::validateSeason(Episodes::ALLOW_MOVIES);
$episode = Episodes::validateEpisode();
$epdata = Episodes::getActual($season, $episode, Episodes::ALLOW_MOVIES);
if (empty($epdata)) {
Response::fail("The specified episode (S{$season}E{$episode}) does not exist");
}
/**
* Renders the "Useful links" section of the sidebar
*/
static function renderSidebarUsefulLinks()
{
global $Database, $signedIn;
if (!$signedIn) {
return;
}
$Links = $Database->orderBy('"order"', 'ASC')->get('usefullinks');
$Render = array();
foreach ($Links as $l) {
if (Permission::insufficient($l['minrole'])) {
continue;
}
if (!empty($l['title'])) {
$title = str_replace("'", ''', $l['title']);
$title = "title='{$title}'";
} else {
$title = '';
}
$href = $l['url'][0] === '#' ? "class='action--" . CoreUtils::substring($l['url'], 1) . "'" : "href='" . self::aposEncode($l['url']) . "'";
$Render[] = "<li id='s-ufl-{$l['id']}'><a {$href} {$title}>{$l['label']}</a></li>";
}
if (!empty($Render)) {
echo '<ul class="links">' . implode('', $Render) . '</ul>';
}
}
/**
* Requests or refreshes an Access Token
* $type defaults to 'authorization_code'
*
* @param string $code
* @param null|string $type
*
* @return User|void
*/
static function getToken(string $code, string $type = null)
{
global $Database, $http_response_header;
if (empty($type) || !in_array($type, array('authorization_code', 'refresh_token'))) {
$type = 'authorization_code';
}
$URL_Start = 'https://www.deviantart.com/oauth2/token?client_id=' . DA_CLIENT . '&client_secret=' . DA_SECRET . "&grant_type={$type}";
switch ($type) {
case "authorization_code":
$json = DeviantArt::request("{$URL_Start}&code={$code}" . OAUTH_REDIRECT_URI, false);
break;
case "refresh_token":
$json = DeviantArt::request("{$URL_Start}&refresh_token={$code}", false);
break;
}
if (empty($json)) {
if (Cookie::exists('access')) {
$Database->where('access', Cookie::get('access'))->delete('sessions');
Cookie::delete('access', Cookie::HTTPONLY);
}
HTTP::redirect("/da-auth?error=server_error&error_description={$http_response_header[0]}");
}
if (empty($json['status'])) {
HTTP::redirect("/da-auth?error={$json['error']}&error_description={$json['error_description']}");
}
$userdata = DeviantArt::request('user/whoami', $json['access_token']);
/** @var $User Models\User */
$User = $Database->where('id', $userdata['userid'])->getOne('users');
if (isset($User->role) && $User->role === 'ban') {
$_GET['error'] = 'user_banned';
$BanReason = $Database->where('target', $User->id)->orderBy('entryid', 'ASC')->getOne('log__banish');
if (!empty($BanReason)) {
$_GET['error_description'] = $BanReason['reason'];
}
return;
}
$UserID = strtolower($userdata['userid']);
$UserData = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon']));
$AuthData = array('access' => $json['access_token'], 'refresh' => $json['refresh_token'], 'expires' => date('c', time() + intval($json['expires_in'])), 'scope' => $json['scope']);
$cookie = bin2hex(random_bytes(64));
$AuthData['token'] = sha1($cookie);
$browser = CoreUtils::detectBrowser();
foreach ($browser as $k => $v) {
if (!empty($v)) {
$AuthData[$k] = $v;
}
}
if (empty($User)) {
$MoreInfo = array('id' => $UserID, 'role' => 'user');
$makeDev = !$Database->has('users');
if ($makeDev) {
$MoreInfo['id'] = strtoupper($MoreInfo['id']);
}
$Insert = array_merge($UserData, $MoreInfo);
$Database->insert('users', $Insert);
$User = new User($Insert);
if ($makeDev) {
$User->updateRole('developer');
}
} else {
$Database->where('id', $UserID)->update('users', $UserData);
}
if (empty($makeDev) && !empty($User) && Permission::insufficient('member', $User->role) && $User->isClubMember()) {
$User->updateRole('member');
}
if ($type === 'refresh_token') {
$Database->where('refresh', $code)->update('sessions', $AuthData);
} else {
$Database->where('user', $User->id)->where('scope', $AuthData['scope'], '!=')->delete('sessions');
$Database->insert('sessions', array_merge($AuthData, array('user' => $UserID)));
}
$Database->rawQuery("DELETE FROM sessions WHERE \"user\" = ? && lastvisit <= NOW() - INTERVAL '1 MONTH'", array($UserID));
Cookie::set('access', $cookie, time() + Time::$IN_SECONDS['year'], Cookie::HTTPONLY);
return $User ?? null;
}
<?php
use App\CoreUtils;
use App\Permission;
if (Permission::insufficient('developer')) {
CoreUtils::notFound();
}
header('Content-Type: text/plain; charset=utf-8;');
readfile(APPATH . '../mlpvc-rr-error.log');
$SearchQuery = preg_replace(new RegExp('[^\\w\\d\\s\\*\\?]'), '', trim($_GET['q']));
$title .= "{$SearchQuery} - ";
if (preg_match(new RegExp('[\\*\\?]'), $SearchQuery)) {
$queryString = new ElasticsearchDSL\Query\QueryStringQuery($SearchQuery, ['fields' => ['label^20', 'tags'], 'default_operator' => 'and', 'phrase_slop' => 3]);
$search->addQuery($queryString);
$orderByID = false;
} else {
$multiMatch = new ElasticsearchDSL\Query\MultiMatchQuery(['label^20', 'tags'], $SearchQuery, ['type' => 'cross_fields', 'minimum_should_match' => '100%']);
$search->addQuery($multiMatch);
}
} else {
$sort = new ElasticsearchDSL\Sort\FieldSort('order', 'asc');
$search->addSort($sort);
}
$boolquery = new BoolQuery();
if (Permission::insufficient('staff')) {
$boolquery->add(new TermQuery('private', true), BoolQuery::MUST_NOT);
}
$boolquery->add(new TermQuery('ishuman', $EQG), BoolQuery::MUST);
$search->addQuery($boolquery);
$search->setSource(false);
$search = $search->toArray();
$search = CGUtils::searchElastic($search, $Pagination);
$Pagination->calcMaxPages($search['hits']['total']);
if (!empty($search['hits']['hits'])) {
$ids = [];
foreach ($search['hits']['hits'] as $hit) {
$ids[] = $hit['_id'];
}
$Ponies = $CGDb->where('id IN (' . implode(',', $ids) . ')')->orderBy('order', 'ASC')->get('appearances');
}
/**
* Get the <tbody> contents for the episode list table
*
* @param Episode[]|null $Episodes
* @param bool $areMovies
*
* @return string
*/
static function getTableTbody($Episodes = null, bool $areMovies = false) : string
{
if (empty($Episodes)) {
return "<tr class='empty align-center'><td colspan='3'><em>There are no " . ($areMovies ? 'movies' : 'episodes') . " to display</em></td></tr>";
}
$Body = '';
$PathStart = '/episode/';
$displayed = false;
foreach ($Episodes as $Episode) {
$adminControls = Permission::insufficient('staff') ? '' : <<<HTML
<span class='admincontrols'>
<button class='edit-episode typcn typcn-pencil blue' title='Edit episode'></button>
<button class='delete-episode typcn typcn-times red' title='Delete episode'></button>
</span>
HTML;
$SeasonEpisode = $DataID = '';
$title = $Episode->formatTitle(AS_ARRAY);
if (!$Episode->isMovie) {
$href = $PathStart . $title['id'];
if ($Episode->twoparter) {
$title['episode'] .= '-' . (intval($title['episode'], 10) + 1);
}
$SeasonEpisode = <<<HTML
\t\t\t<td class='season' rowspan='2'>{$title['season']}</td>
\t\t\t<td class='episode' rowspan='2'>{$title['episode']}</td>
HTML;
} else {
$href = $Episode->formatURL();
$SeasonEpisode = "<td class='episode' rowspan='2'>{$title['episode']}</td>";
}
$DataID = " data-epid='{$title['id']}'";
$star = '';
if ($Episode->isLatest()) {
$displayed = true;
$star = '<span class="typcn typcn-home" title="Curently visible on the homepage"></span> ';
}
$Episode->addAiringData();
if (!$Episode->aired) {
$star .= '<span class="typcn typcn-media-play-outline" title="' . ($Episode->isMovie ? 'Movie' : 'Episode') . ' didn\'t air yet, voting disabled"></span> ';
}
$airs = Time::tag($Episode->airs, Time::TAG_EXTENDED, Time::TAG_NO_DYNTIME);
$Body .= <<<HTML
\t<tr{$DataID}>
\t\t{$SeasonEpisode}
\t\t<td class='title'>{$star}<a href="{$href}">{$title['title']}</a>{$adminControls}</td>
\t</tr>
\t<tr><td class='airs'>{$airs}</td></tr>
HTML;
}
return $Body;
}
<meta name="msapplication-config" content="/img/favicons-v1/browserconfig.xml">
<link rel="shortcut icon" href="/favicon.ico">
<?php
if (isset($norobots)) {
echo '<meta name="robots" content="noindex, nofollow">';
}
if (isset($redirectto)) {
echo '<script>history.replaceState&&history.replaceState(history.state,"",' . JSON::encode($redirectto) . ')</script>' . "\n";
}
if (isset($customCSS)) {
foreach ($customCSS as $css) {
echo "<link rel='stylesheet' href='{$css}'>\n";
}
}
if (!empty(GA_TRACKING_CODE) && Permission::insufficient('developer')) {
?>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create','<?php
echo GA_TRACKING_CODE;
?>
','auto');
<?php
if ($signedIn && !UserPrefs::get('p_disable_ga')) {
?>
ga('set', 'userId', '<?php
/**
* List ltem generator function for request & reservation generators
*
* @param Post $Post
* @param bool $view_only Only show the "View" button
* @param bool $cachebust_url Append a random string to the image URL to force a re-fetch
*
* @return string
*/
static function getLi(Post $Post, bool $view_only = false, bool $cachebust_url = false) : string
{
$finished = !empty($Post->deviation_id);
$isRequest = $Post->isRequest;
$type = $isRequest ? 'request' : 'reservation';
$ID = "{$type}-{$Post->id}";
$alt = !empty($Post->label) ? CoreUtils::aposEncode($Post->label) : '';
$postlink = (new Episode($Post))->formatURL() . "#{$ID}";
$ImageLink = $view_only ? $postlink : $Post->fullsize;
$cachebust = $cachebust_url ? '?t=' . time() : '';
$Image = "<div class='image screencap'><a href='{$ImageLink}'><img src='{$Post->preview}{$cachebust}' alt='{$alt}'></a></div>";
$post_label = self::_getPostLabel($Post);
$permalink = "<a href='{$postlink}'>" . Time::tag($Post->posted) . '</a>';
$posted_at = '<em class="post-date">';
if ($isRequest) {
global $signedIn, $currentUser;
$isRequester = $signedIn && $Post->requested_by === $currentUser->id;
$isReserver = $signedIn && $Post->reserved_by === $currentUser->id;
$overdue = Permission::sufficient('member') && $Post->isOverdue();
$posted_at .= "Requested {$permalink}";
if ($signedIn && (Permission::sufficient('staff') || $isRequester || $isReserver)) {
$posted_at .= ' by ' . ($isRequester ? "<a href='/@{$currentUser->name}'>You</a>" : Users::get($Post->requested_by)->getProfileLink());
}
} else {
$overdue = false;
$posted_at .= "Reserved {$permalink}";
}
$posted_at .= "</em>";
$hide_reserved_status = !isset($Post->reserved_by) || $overdue && !$isReserver;
if (!empty($Post->reserved_by)) {
$Post->Reserver = Users::get($Post->reserved_by);
$reserved_by = $overdue && !$isReserver ? ' by ' . $Post->Reserver->getProfileLink() : '';
$reserved_at = $isRequest && !empty($Post->reserved_at) && !($hide_reserved_status && Permission::insufficient('staff')) ? "<em class='reserve-date'>Reserved <strong>" . Time::tag($Post->reserved_at) . "</strong>{$reserved_by}</em>" : '';
if ($finished) {
$approved = !empty($Post->lock);
$Deviation = DeviantArt::getCachedSubmission($Post->deviation_id, 'fav.me', true);
if (empty($Deviation)) {
$ImageLink = $view_only ? $postlink : "http://fav.me/{$Post->deviation_id}";
$Image = "<div class='image deviation error'><a href='{$ImageLink}'>Preview unavailable<br><small>Click to view</small></a></div>";
} else {
$alt = CoreUtils::aposEncode($Deviation['title']);
$ImageLink = $view_only ? $postlink : "http://fav.me/{$Deviation['id']}";
$Image = "<div class='image deviation'><a href='{$ImageLink}'><img src='{$Deviation['preview']}{$cachebust}' alt='{$alt}'>";
if ($approved) {
$Image .= "<span class='typcn typcn-tick' title='This submission has been accepted into the group gallery'></span>";
}
$Image .= "</a></div>";
}
if (Permission::sufficient('staff')) {
$finished_at = !empty($Post->finished_at) ? "<em class='finish-date'>Finished <strong>" . Time::tag($Post->finished_at) . "</strong></em>" : '';
$locked_at = '';
if ($approved) {
global $Database;
$LogEntry = $Database->rawQuerySingle("SELECT l.timestamp\n\t\t\t\t\t\t\tFROM log__post_lock pl\n\t\t\t\t\t\t\tLEFT JOIN log l ON l.reftype = 'post_lock' && l.refid = pl.entryid\n\t\t\t\t\t\t\tWHERE type = ? && id = ?\n\t\t\t\t\t\t\tORDER BY pl.entryid ASC\n\t\t\t\t\t\t\tLIMIT 1", array($type, $Post->id));
$locked_at = $approved ? "<em class='approve-date'>Approved <strong>" . Time::tag(strtotime($LogEntry['timestamp'])) . "</strong></em>" : '';
}
$Image .= $post_label . $posted_at . $reserved_at . $finished_at . $locked_at;
if (!empty($Post->fullsize)) {
$Image .= "<a href='{$Post->fullsize}' class='original color-green' target='_blank'><span class='typcn typcn-link'></span> Original image</a>";
}
}
} else {
$Image .= $post_label . $posted_at . $reserved_at;
}
} else {
$Image .= $post_label . $posted_at;
}
if ($overdue && (Permission::sufficient('staff') || $isReserver)) {
$Image .= self::CONTESTABLE;
}
if ($hide_reserved_status) {
$Post->Reserver = false;
}
return "<li id='{$ID}'>{$Image}" . self::_getPostActions($Post, $isRequest, $view_only ? $postlink : false) . '</li>';
}
/**
* Return the markup of a set of tags belonging to a specific pony
*
* @param int $PonyID
* @param bool $wrap
* @param string|null $Search
*
* @return string
*/
static function getTagsHTML($PonyID, $wrap = WRAP, $Search = null)
{
global $CGDb;
$Tags = Tags::getFor($PonyID, null, Permission::sufficient('staff'));
$HTML = '';
if (Permission::sufficient('staff') && $PonyID !== 0) {
$HTML .= "<input type='text' class='addtag tag' placeholder='Enter tag' pattern='" . TAG_NAME_PATTERN . "' maxlength='30' required>";
}
$HideSynon = Permission::sufficient('staff') && UserPrefs::get('cg_hidesynon');
if (!empty($Tags)) {
foreach ($Tags as $i => $t) {
$isSynon = !empty($t['synonym_of']);
$searchedFor = !empty($Search) && in_array($t['tid'], $Search['orig_tid']);
if ($isSynon && $HideSynon && !$searchedFor) {
continue;
}
$class = " class='tag id-{$t['tid']}" . ($isSynon ? ' synonym' : '') . (!empty($t['type']) ? ' typ-' . $t['type'] : '') . "'";
$title = !empty($t['title']) ? " title='" . CoreUtils::aposEncode($t['title']) . "'" : '';
if ($searchedFor || Permission::insufficient('staff') && !empty($Search['tid_assoc'][$t['tid']])) {
$t['name'] = "<mark>{$t['name']}</mark>";
}
$syn_of = $isSynon ? " data-syn-of='{$t['synonym_of']}'" : '';
$HTML .= "<span{$class}{$title}{$syn_of}>{$t['name']}</span>";
}
}
return $wrap ? "<div class='tags'>{$HTML}</div>" : $HTML;
}
