/** * Run the tool */ function run_tool() { global $db, $template; $step = request_var('step', 0); // Select the batch $sql = 'SELECT user_id, user_email, user_email_hash FROM ' . USERS_TABLE; $result = $db->sql_query_limit($sql, $this->batch_size, $step * $this->batch_size); $batch = $db->sql_fetchrowset($result); $db->sql_freeresult($result); if (!$batch) { trigger_error('UPDATE_EMAIL_HASHES_COMPLETE'); } foreach ($batch as $userrow) { $new_hash = phpbb_email_hash($userrow['user_email']); if ($userrow['user_email_hash'] == $new_hash) { // Skip if the hash hasn't changed continue; } // Update the field $sql = 'UPDATE ' . USERS_TABLE . " SET user_email_hash = '" . $new_hash . "'\n\t\t\t\tWHERE user_id = " . $userrow['user_id']; $db->sql_query($sql); } meta_refresh(0, append_sid(STK_INDEX, array('c' => 'support', 't' => 'update_email_hashes', 'submit' => true, 'step' => ++$step))); $template->assign_var('U_BACK_TOOL', false); trigger_error('UPDATE_EMAIL_HASHES_NOT_COMPLETE'); }
function thoul_redirect($url) { global $db, $cache; if (!empty($cache)) { // // Unload the Cache. // $cache->unload(); } if (!empty($db)) { $db->sql_close(); } $url = append_sid($url, true); $server = server_specs(); $url = preg_replace('#^\\/?(.*?)\\/?$#', '/\\1', trim($url)); // Redirect via an HTML form for PITA webservers if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) { header('Refresh: 0; URL=' . $server['protocol'] . $server['name'] . $server['port'] . $server['script'] . $url); echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server['protocol'] . $server['name'] . $server['port'] . $server['script'] . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server['protocol'] . $server['name'] . $server['port'] . $server['script'] . $url . '">HERE</a> to be redirected</div></body></html>'; exit; } // Behave as per HTTP/1.1 spec for others header('Location: ' . $server['protocol'] . $server['name'] . $server['port'] . $server['script'] . $url); exit; }
function show_coppa() { global $userdata, $template, $lang, $phpbb_root_path, $phpEx; $template->set_filenames(array('body' => 'agreement.tpl')); $template->assign_vars(array('REGISTRATION' => $lang['Registration'], 'AGREEMENT' => $lang['Reg_agreement'], "AGREE_OVER_13" => $lang['Agree_over_13'], "AGREE_UNDER_13" => $lang['Agree_under_13'], 'DO_NOT_AGREE' => $lang['Agree_not'], "U_AGREE_OVER13" => append_sid("profile.{$phpEx}?mode=register&agreed=true"), "U_AGREE_UNDER13" => append_sid("profile.{$phpEx}?mode=register&agreed=true&coppa=true"))); $template->pparse('body'); }
function _achievement($l_key) { global $lang; $message = $lang[$l_key] . '<br /><br />' . sprintf($lang['qp_click_return_config'], '<a href="' . append_sid($this->requester . $this->ext) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $this->ext . '?pane=right') . '">', '</a>'); message_die(GENERAL_MESSAGE, $message); return; }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('install'); $this->tpl_name = 'acp_update'; $this->page_title = 'ACP_VERSION_CHECK'; // Get current and latest version $errstr = ''; $errno = 0; $info = get_remote_file('www.phpbb.com', '/updatecheck', defined('PHPBB_QA') ? '30x_qa.txt' : '30x.txt', $errstr, $errno); if ($info === false) { trigger_error($errstr, E_USER_WARNING); } $info = explode("\n", $info); $latest_version = trim($info[0]); $announcement_url = trim($info[1]); $update_link = append_sid($phpbb_root_path . 'install/index.' . $phpEx, 'mode=update'); // Determine automatic update... $sql = 'SELECT config_value FROM ' . CONFIG_TABLE . "\n\t\t\tWHERE config_name = 'version_update_from'"; $result = $db->sql_query($sql); $version_update_from = (string) $db->sql_fetchfield('config_value'); $db->sql_freeresult($result); $current_version = !empty($version_update_from) ? $version_update_from : $config['version']; $up_to_date_automatic = version_compare(str_replace('rc', 'RC', strtolower($current_version)), str_replace('rc', 'RC', strtolower($latest_version)), '<') ? false : true; $up_to_date = version_compare(str_replace('rc', 'RC', strtolower($config['version'])), str_replace('rc', 'RC', strtolower($latest_version)), '<') ? false : true; $template->assign_vars(array('S_UP_TO_DATE' => $up_to_date, 'S_UP_TO_DATE_AUTO' => $up_to_date_automatic, 'S_VERSION_CHECK' => true, 'U_ACTION' => $this->u_action, 'LATEST_VERSION' => $latest_version, 'CURRENT_VERSION' => $config['version'], 'AUTO_VERSION' => $version_update_from, 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $announcement_url, $update_link))); }
public function confirm_image($max_attempts, &$confirm_id) { global $db, $user, $template; global $phpbb_root_path, $phpEx; $user->confirm_gc($this->confirm_type); if ($max_attempts) { $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . "\n\t\t\t\tWHERE session_id = '" . $db->sql_escape($user->session_id) . "'\n\t\t\t\t\tAND confirm_type = {$this->confirm_type}"; $result = $db->sql_query($sql); $attempts = (int) $db->sql_fetchfield('attempts'); $db->sql_freeresult($result); if ($attempts > $max_attempts) { return false; } } $code = gen_rand_string(mt_rand(5, 8)); $confirm_id = md5(unique_id($user->ip)); $seed = hexdec(substr(unique_id(), 4, 10)); // compute $seed % 0x7fffffff $seed -= 0x7fffffff * floor($seed / 0x7fffffff); $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array('confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) $this->confirm_type, 'code' => (string) $code, 'seed' => (int) $seed)); $db->sql_query($sql); $template->assign_var('S_CONFIRM_CODE', true); return '<img src="' . append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'mode=confirm&id=' . $confirm_id . '&type=' . $this->confirm_type) . '" alt="" title="" />'; }
/** * Shortcut for phpbb's append_sid function (do not send the root path/phpext in the url part) * * @param mixed $url * @param mixed $params * @param mixed $is_amp * @param mixed $session_id * @return string */ public static function append_sid($url, $params = false, $is_amp = true, $session_id = false) { if (!strpos($url, '.' . PHP_EXT)) { $url = titania::$absolute_board . $url . '.' . PHP_EXT; } return append_sid($url, $params, $is_amp, $session_id); }
function cms_block_user_block() { global $db, $cache, $config, $template, $user, $lang; /* if($user->data['session_logged_in']) { $sql = "SELECT COUNT(post_id) as total FROM " . POSTS_TABLE . " WHERE post_time >= " . $user->data['user_lastvisit'] . " AND poster_id <> " . $user->data['user_id'] . " AND post_time < " . time(); $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if($result) { $row = $db->sql_fetchrow($result); $lang['Search_new'] = $lang['Search_new'] . " (" . $row['total'] . ")"; $db->sql_freeresult($result); } } */ // Check For Anonymous User if ($user->data['user_id'] != ANONYMOUS) { $name_link = colorize_username($user->data['user_id'], $user->data['username'], $user->data['user_color'], $user->data['user_active']); $avatar_img = user_get_avatar($user->data['user_id'], $user->data['user_level'], $user->data['user_avatar'], $user->data['user_avatar_type'], $user->data['user_allowavatar']); } else { $name_link = $lang['Guest']; $avatar_img = '<img src="' . $config['default_avatar_guests_url'] . '" alt="" />'; } $s_last_visit = create_date($config['default_dateformat'], $user->data['user_lastvisit'], $config['board_timezone']); $template->assign_vars(array('U_PORTAL_NOSID' => CMS_PAGE_HOME, 'AVATAR_IMG' => $avatar_img, 'U_NAME_LINK' => $name_link, 'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit), 'L_REMEMBER_ME' => $lang['Remember_me'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], 'U_SEND_PASSWORD' => append_sid(CMS_PAGE_PROFILE . '?mode=sendpassword'), 'L_REGISTER_NEW_ACCOUNT' => sprintf($lang['Register_new_account'], '<a href="' . append_sid(CMS_PAGE_PROFILE . '?mode=register') . '">', '</a>'), 'L_NEW_SEARCH' => $lang['Search_new'])); }
function main($id, $mode) { global $db, $user, $auth, $template, $sid, $cache; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; $link = '<br /><a href="' . append_sid("index.{$phpEx}", "i=dkp_bbtooltips&mode=bbtooltips") . '"><h3>Return to Index</h3></a>'; $user->add_lang(array('mods/dkp_tooltips')); // bbtips version $template->assign_vars(array('BBTIPS_VERS' => $config['bbdkp_plugin_bbtips_version'])); switch ($mode) { case 'bbtooltips': /*** note there are more $config entries for bbtips but they aren't user-configurable yet */ $submit1 = isset($_POST['site_submit']) ? true : false; $submit2 = isset($_POST['arm_submit']) ? true : false; $gamesites = array('wowhead' => "Wowhead"); $langlist = array('en' => "English", 'fr' => "French", 'de' => "German", 'es' => "Spanish", 'ru' => "Russian"); if ($submit1) { set_config('bbtips_maxparse', request_var('maxparse', 0), true); set_config('bbtips_lang', request_var('site_lang', ''), true); set_config('bbtips_localjs', request_var('localjs', 0), true); $cache->destroy('config'); trigger_error($user->lang['BBTOOLTIPS_SETTINGSAVED'] . $link, E_USER_NOTICE); } else { foreach ($langlist as $tt_lang => $tt_langname) { $template->assign_block_vars('site_lang_row', array('VALUE' => $tt_lang, 'SELECTED' => $tt_lang == $config['bbtips_lang'] ? ' selected="selected"' : '', 'OPTION' => $tt_langname)); } $template->assign_vars(array('F_BBTOOLTIPS' => append_sid("index.{$phpEx}", "i=dkp_bbtooltips&mode=bbtooltips&"), 'MAXPARSE' => $config['bbtips_maxparse'], 'LOCALJS_YES_CHECKED' => $config['bbtips_localjs'] == '1' ? ' checked="checked"' : '', 'LOCALJS_NO_CHECKED' => $config['bbtips_localjs'] == '0' ? ' checked="checked"' : '')); } $this->page_title = $user->lang['BBTOOLTIPS']; $this->tpl_name = 'dkp/acp_' . $mode; break; } }
function recup_infos_cat() { global $db, $phpEx; $liste_cat = array(); $sql = 'SELECT arcade_catid, arcade_parent, arcade_cattitle, arcade_icone, arcade_catorder, arcade_nbelmt FROM ' . AREABB_CATEGORIES_TABLE . ' WHERE salle=' . $this->id_salle . ' ORDER BY arcade_catorder'; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, "Impossible d'accéder à la tables des catégories", '', __LINE__, __FILE__, $sql); } $i = 0; while ($row = $db->sql_fetchrow($result)) { $liste_cat[$i]['lien'] = append_sid(NOM_ARCADE . '.' . $phpEx . '?salle=' . $this->id_salle . '&cid=' . $row['arcade_catid']); $liste_cat[$i]['nbre_jeux'] = $row['arcade_nbelmt']; $liste_cat[$i]['titre'] = $row['arcade_cattitle']; $liste_cat[$i]['id'] = $row['arcade_catid']; $liste_cat[$i]['icone'] = $row['arcade_icone']; $liste_cat[$i]['parent'] = $row['arcade_parent']; $liste_cat[$i]['order'] = $row['arcade_catorder']; $i++; } $this->liste_cat = $liste_cat; $this->nbre_categorie = sizeof($liste_cat); }
function main($id, $mode) { global $config, $user, $template, $request; global $phpbb_root_path, $phpEx, $phpbb_container; $user->add_lang('install'); $this->tpl_name = 'acp_update'; $this->page_title = 'ACP_VERSION_CHECK'; /* @var $version_helper \phpbb\version_helper */ $version_helper = $phpbb_container->get('version_helper'); try { $recheck = $request->variable('versioncheck_force', false); $updates_available = $version_helper->get_suggested_updates($recheck); } catch (\RuntimeException $e) { $template->assign_var('S_VERSIONCHECK_FAIL', true); $updates_available = array(); } foreach ($updates_available as $branch => $version_data) { $template->assign_block_vars('updates_available', $version_data); } $update_link = $phpbb_root_path . 'install/app.' . $phpEx; $template->assign_vars(array('S_UP_TO_DATE' => empty($updates_available), 'U_ACTION' => $this->u_action, 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), 'CURRENT_VERSION' => $config['version'], 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $update_link))); // Incomplete update? if (phpbb_version_compare($config['version'], PHPBB_VERSION, '<')) { $database_update_link = $phpbb_root_path . 'install/app.php/update'; $template->assign_vars(array('S_UPDATE_INCOMPLETE' => true, 'FILES_VERSION' => PHPBB_VERSION, 'INCOMPLETE_INSTRUCTIONS' => $user->lang('UPDATE_INCOMPLETE_EXPLAIN', $database_update_link))); } }
private function hashtag_callback($match) { if (preg_match('#(color|background|text-shadow)[:=]|style="#i', $match[1])) { return $match[0]; } return $match[1] . '<a href="' . append_sid("{$this->phpbb_root_path}search.{$this->php_ext}", 'keywords=' . $match[2]) . '">#' . $match[2] . '</a>'; }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $cache; global $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('install'); $this->tpl_name = 'acp_update'; $this->page_title = 'ACP_VERSION_CHECK'; // Get current and latest version $info = htmlspecialchars(obtain_latest_version_info(request_var('versioncheck_force', false))); if (empty($info)) { trigger_error('VERSIONCHECK_FAIL', E_USER_WARNING); } $info = explode("\n", $info); $latest_version = trim($info[0]); $announcement_url = trim($info[1]); $announcement_url = strpos($announcement_url, '&') === false ? str_replace('&', '&', $announcement_url) : $announcement_url; $update_link = append_sid($phpbb_root_path . 'install/index.' . $phpEx, 'mode=update'); // next feature release $next_feature_version = $next_feature_announcement_url = false; if (isset($info[2]) && trim($info[2]) !== '') { $next_feature_version = trim($info[2]); $next_feature_announcement_url = trim($info[3]); } // Determine automatic update... $sql = 'SELECT config_value FROM ' . CONFIG_TABLE . "\n\t\t\tWHERE config_name = 'version_update_from'"; $result = $db->sql_query($sql); $version_update_from = (string) $db->sql_fetchfield('config_value'); $db->sql_freeresult($result); $current_version = !empty($version_update_from) ? $version_update_from : $config['version']; $template->assign_vars(array('S_UP_TO_DATE' => phpbb_version_compare($latest_version, $config['version'], '<='), 'S_UP_TO_DATE_AUTO' => phpbb_version_compare($latest_version, $current_version, '<='), 'S_VERSION_CHECK' => true, 'U_ACTION' => $this->u_action, 'U_VERSIONCHECK_FORCE' => append_sid($this->u_action . '&versioncheck_force=1'), 'LATEST_VERSION' => $latest_version, 'CURRENT_VERSION' => $config['version'], 'AUTO_VERSION' => $version_update_from, 'NEXT_FEATURE_VERSION' => $next_feature_version, 'UPDATE_INSTRUCTIONS' => sprintf($user->lang['UPDATE_INSTRUCTIONS'], $announcement_url, $update_link), 'UPGRADE_INSTRUCTIONS' => $next_feature_version ? $user->lang('UPGRADE_INSTRUCTIONS', $next_feature_version, $next_feature_announcement_url) : false)); }
/** * Outputs the list of available upgrade options */ function output_available_list() { global $template, $phpbb_root_path, $phpEx, $user; foreach ($this->available_upgrades as $name => $data) { $template->assign_block_vars('convertors', array('SOFTWARE' => $data['upgrade_title'], 'VERSION' => $data['upgrade_version'], 'AUTHOR' => $data['upgrade_copyright'], 'U_CONVERT' => append_sid("{$phpbb_root_path}blog.{$phpEx}", 'page=upgrade&stage=1&mode=' . $name))); } }
function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; global $db, $user, $auth, $template, $phpbb_container; if (!$config['allow_password_reset']) { trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>')); } $username = request_var('username', '', true); $email = strtolower(request_var('email', '')); $submit = isset($_POST['submit']) ? true : false; if ($submit) { $sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'\n\t\t\t\t\tAND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('NO_EMAIL_USER'); } if ($user_row['user_type'] == USER_IGNORE) { trigger_error('NO_USER'); } if ($user_row['user_type'] == USER_INACTIVE) { if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL) { trigger_error('ACCOUNT_DEACTIVATED'); } else { trigger_error('ACCOUNT_NOT_ACTIVATED'); } } // Check users permissions $auth2 = new \phpbb\auth\auth(); $auth2->acl($user_row); if (!$auth2->acl_get('u_chgpasswd')) { trigger_error('NO_AUTH_PASSWORD_REMINDER'); } $server_url = generate_board_url(); // Make password at least 8 characters long, make it longer if admin wants to. // gen_rand_string() however has a limit of 12 or 13. $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars']))); // For the activation key a random length between 6 and 10 will do. $user_actkey = gen_rand_string(mt_rand(6, 10)); // Instantiate passwords manager $passwords_manager = $phpbb_container->get('passwords.manager'); $sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\t\tSET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'\n\t\t\t\tWHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(false); $messenger->template('user_activate_passwd', $user_row['user_lang']); $messenger->set_addresses($user_row); $messenger->anti_abuse_headers($config, $user); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($user_row['username']), 'PASSWORD' => htmlspecialchars_decode($user_password), 'U_ACTIVATE' => "{$server_url}/ucp.{$phpEx}?mode=activate&u={$user_row['user_id']}&k={$user_actkey}")); $messenger->send($user_row['user_notify_type']); meta_refresh(3, append_sid("{$phpbb_root_path}index.{$phpEx}")); $message = $user->lang['PASSWORD_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'); trigger_error($message); } $template->assign_vars(array('USERNAME' => $username, 'EMAIL' => $email, 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword'))); $this->tpl_name = 'ucp_remind'; $this->page_title = 'UCP_REMIND'; }
/** * */ public function display_list(array $data, \phpbb\template\twig\twig &$template, $handle = 'tree') { $data = array_values($data); $current_page = $this->user->page['page_name']; $current_data = $this->get_current_item($data, $current_page); $prev_depth = 0; $this->parental_depth = array(0 => -1); for ($i = 0, $size = sizeof($data); $i < $size; $i++) { $row = $data[$i]; if (!isset($this->parental_depth[$row['parent_id']])) { continue; } $is_current_item = $this->is_current_item($row, $current_data['item_id']); $this_depth = $this->parental_depth[$row['parent_id']] + 1; $this->set_parental_depth($row, $this_depth, $current_data, $is_current_item); if ($this->max_depth && $current_data['depth'] - $row['depth'] > $this->max_depth) { continue; } $tpl_data = array('S_PREV_DEPTH' => $prev_depth, 'S_THIS_DEPTH' => $this_depth, 'S_NUM_KIDS' => $this->count_descendants($row), 'S_CURRENT' => $is_current_item); $row['full_url'] = append_sid($row['full_url']); $template->assign_block_vars($handle, array_merge($tpl_data, array_change_key_case($row, CASE_UPPER))); $this->close_open_tags($template, $handle . '.close', abs($prev_depth - $this_depth)); $prev_depth = $this_depth; } $this->close_open_tags($template, 'close_' . $handle, $prev_depth); }
function cms_block_center_downloads() { global $db, $cache, $config, $template, $theme, $images, $lang, $table_prefix, $block_id, $cms_config_vars; include IP_ROOT_PATH . PA_FILE_DB_PATH . 'pafiledb_constants.' . PHP_EXT; $template->_tpldata['dlrow.'] = array(); $template->_tpldata['dlrow2.'] = array(); $sql = "SELECT * FROM " . PA_FILES_TABLE . "\n\t\t\t\t\t\tWHERE file_approved = '1'\n\t\t\t\t\t\t\tORDER BY file_dls DESC LIMIT 0," . $cms_config_vars['md_num_top_downloads'][$block_id]; $result = $db->sql_query($sql); $i = 1; while ($file_most = $db->sql_fetchrow($result)) { $row_class = !($i % 2) ? $theme['td_class1'] : $theme['td_class2']; $template->assign_block_vars('dlrow', array('NUMBER_MOST' => strval($i), 'ROW_CLASS' => $row_class, 'FILELINK_MOST' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_most['file_id']), 'FILENAME_MOST' => $file_most['file_name'], 'DESCRIP_MOST' => $file_most['file_desc'], 'INFO_MOST' => $file_most['file_dls'] . ' ' . $lang['Dls'])); $i++; } $sql = "SELECT * FROM " . PA_FILES_TABLE . "\n\t\t\t\t\t\tWHERE file_approved = '1'\n\t\t\t\t\t\t\tORDER BY file_time DESC LIMIT 0," . $cms_config_vars['md_num_new_downloads'][$block_id]; $result = $db->sql_query($sql); $i = 1; while ($file_latest = $db->sql_fetchrow($result)) { $row_class = !($i % 2) ? $theme['td_class1'] : $theme['td_class2']; $template->assign_block_vars('dlrow2', array('NUMBER_LATEST' => strval($i), 'FILELINK_LATEST' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_latest['file_id']), 'ROW_CLASS' => $row_class, 'FILENAME_LATEST' => $file_latest['file_name'], 'DESCRIP_LATEST' => $file_latest['file_desc'], 'INFO_LATEST' => create_date_ip($config['default_dateformat'], $file_latest['file_time'], $config['board_timezone']))); $i++; } $db->sql_freeresult($result); $template->assign_vars(array('TOP_DOWNLOADS' => $lang['Top_downloads'], 'NEW_DOWNLOADS' => $lang['New_downloads'])); }
function main($id, $mode) { global $config, $db, $user, $table_prefix, $auth, $template, $phpbb_root_path, $phpEx; define('TABLE_PREFIX', $table_prefix); require_once 'class_ulogin.php'; $uLogin = new uLogin($db); if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } if (!($user_id = $uLogin->auth())) { $user_id = $uLogin->register(); } if ($user_id) { $session = $user->session_create($user_id, 0, 1); } if (!$session) { page_header($user->lang['LOGIN'], false); $template->set_filenames(array('body' => 'login_body.html')); make_jumpbox(append_sid("{$phpbb_root_path}viewforum.{$phpEx}")); page_footer(); exit; } $redirect = request_var('redirect', "{$phpbb_root_path}index.{$phpEx}"); $message = $user->lang['LOGIN_REDIRECT']; $l_redirect = $redirect === "{$phpbb_root_path}index.{$phpEx}" || $redirect === "index.{$phpEx}" ? $user->lang['RETURN_INDEX'] : $user->lang['RETURN_PAGE']; $redirect = reapply_sid($redirect); if (defined('IN_CHECK_BAN') && $session['user_row']['user_type'] != USER_FOUNDER) { return false; } $redirect = meta_refresh(3, $redirect); trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>')); }
public function buildpage(viewNavigation $Navigation) { global $config, $phpbb_root_path, $phpEx, $user, $template; $item_id = request_var(URI_ITEM, 0); if (!class_exists('\\bbdkp\\controller\\loot\\Loot')) { require "{$phpbb_root_path}includes/bbdkp/controller/loot/Loot.{$phpEx}"; } if (!class_exists('\\bbdkp\\controller\\members\\Members')) { require "{$phpbb_root_path}includes/bbdkp/controller/members/Members.{$phpEx}"; } if (!class_exists('\\bbdkp\\controller\\raids\\Raids')) { require "{$phpbb_root_path}includes/bbdkp/controller/raids/Raids.{$phpEx}"; } $loot = new \bbdkp\controller\loot\Loot($item_id); $purchased_items = $loot->Loothistory($loot->item_name); $title = $user->lang['ITEM'] . ' : ' . $loot->item_name; $sort_order = array(0 => array('item_date desc, item_value desc', 'item_date asc, item_value desc'), 1 => array('member_name asc, item_value desc', 'member_name desc, item_value desc'), 2 => array('item_value desc', 'item_value asc')); $current_order = $Navigation->switch_order($sort_order); foreach ($purchased_items as $key => $item) { $buyer = new \bbdkp\controller\members\Members($item['member_id']); $raid = new \bbdkp\controller\raids\Raids($item['raid_id']); $template->assign_block_vars('items_row', array('DATE' => !empty($item['item_date']) ? date('d.m.y', $item['item_date']) : ' ', 'CLASS_COLOR' => $buyer->colorcode, 'CLASS_IMAGE' => $buyer->class_image, 'RACE_IMAGE' => $buyer->race_image, 'RACE' => $buyer->member_race, 'BUYER' => $buyer->member_name, 'U_VIEW_BUYER' => append_sid("{$phpbb_root_path}dkp.{$phpEx}", "page=member&" . URI_NAMEID . '=' . $item['member_id'] . '&' . URI_DKPSYS . '=' . $item['dkpid']), 'U_VIEW_RAID' => append_sid("{$phpbb_root_path}dkp.{$phpEx}", 'page=raid&' . URI_RAID . '=' . $item['raid_id']), 'EVENT_COLOR' => $raid->event_color, 'RAID' => $raid->event_name, 'VALUE' => sprintf("%.2f", $item['item_value']), 'DECAY' => sprintf("%.2f", $item['item_decay']), 'TOTAL' => sprintf("%.2f", $item['item_net']))); unset($raid); unset($buyer); } $navlinks_array = array(array('DKPPAGE' => $user->lang['MENU_ITEMVAL'], 'U_DKPPAGE' => append_sid("{$phpbb_root_path}dkp.{$phpEx}", "page=listitems")), array('DKPPAGE' => $user->lang['MENU_VIEWITEM'], 'U_DKPPAGE' => append_sid("{$phpbb_root_path}dkp.{$phpEx}", "page=item&" . URI_ITEM . '=' . $item_id))); foreach ($navlinks_array as $name) { $template->assign_block_vars('dkpnavlinks', array('DKPPAGE' => $name['DKPPAGE'], 'U_DKPPAGE' => $name['U_DKPPAGE'])); } $template->assign_vars(array('S_SHOWDECAY' => $config['bbdkp_decay'] == '1' ? true : false, 'L_PURCHASE_HISTORY_FOR' => sprintf($user->lang['PURCHASE_HISTORY_FOR'], '<strong>' . $loot->item_name . '</strong>'), 'O_DATE' => $current_order['uri'][0], 'O_BUYER' => $current_order['uri'][1], 'O_VALUE' => $current_order['uri'][2], 'U_VIEW_ITEM' => append_sid("{$phpbb_root_path}dkp.{$phpEx}", 'page=item&' . URI_ITEM . '=' . $item_id), 'VIEWITEM_FOOTCOUNT' => sprintf($user->lang['VIEWITEM_FOOTCOUNT'], count($purchased_items)), 'S_DISPLAY_VIEWITEM' => true)); unset($purchased_items); // Output page page_header($title); }
function main($id, $mode) { global $config, $template, $phpbb_admin_path, $phpEx; $collect_url = "http://www.phpbb.com/stats/receive_stats.php"; $this->tpl_name = 'acp_send_statistics'; $this->page_title = 'ACP_SEND_STATISTICS'; // generate a unique id if necessary if (!isset($config['questionnaire_unique_id'])) { $install_id = unique_id(); set_config('questionnaire_unique_id', $install_id); } else { $install_id = $config['questionnaire_unique_id']; } $collector = new phpbb_questionnaire_data_collector($install_id); // Add data provider $collector->add_data_provider(new phpbb_questionnaire_php_data_provider()); $collector->add_data_provider(new phpbb_questionnaire_system_data_provider()); $collector->add_data_provider(new phpbb_questionnaire_phpbb_data_provider($config)); $template->assign_vars(array('U_COLLECT_STATS' => $collect_url, 'RAW_DATA' => $collector->get_data_for_form(), 'U_ACP_MAIN' => append_sid("{$phpbb_admin_path}index.{$phpEx}"))); $raw = $collector->get_data_raw(); foreach ($raw as $provider => $data) { if ($provider == 'install_id') { $data = array($provider => $data); } $template->assign_block_vars('providers', array('NAME' => htmlspecialchars($provider))); foreach ($data as $key => $value) { if (is_array($value)) { $value = utf8_wordwrap(serialize($value), 75, "\n", true); } $template->assign_block_vars('providers.values', array('KEY' => utf8_htmlspecialchars($key), 'VALUE' => utf8_htmlspecialchars($value))); } } }
public function main() { $topic_id = $this->request->variable('t', 0); $post_id = $this->request->variable('p', 0); $forum_id = $this->request->variable('f', 0); $mode = $this->request->variable('mode', ''); $book_submit = $this->request->variable('book', false); $viewtopic_url = append_sid("{$this->phpbb_root_path}viewtopic." . $this->php_ext . "", "f={$forum_id}&t={$topic_id}"); $return_link = '<br /><br />' . sprintf($this->user->lang['RETURN_TOPIC'], '<a href="' . $viewtopic_url . '">', '</a>'); $body = 'add_bookmark'; if ($mode == 'delete') { $sql = 'DELETE FROM ' . $this->postbookmark_table . "\n\t\t\t\tWHERE user_id = {$this->user->data['user_id']}\n\t\t\t\t\tAND post_id = {$post_id}"; $this->db->sql_query($sql); $message = $this->user->lang['POST_BOOKMARK_REMOVED']; $this->helper->output_response($message, $return_link, $viewtopic_url); } else { if ($mode == 'find') { $body = 'find_bookmark'; $this->helper->get_bookmarks($mode); } else { $bookmark_desc = $this->request->variable('bookmark_desc', '', true); if ($book_submit) { $sql = 'INSERT INTO ' . $this->postbookmark_table . ' ' . $this->db->sql_build_array('INSERT', array('user_id' => $this->user->data['user_id'], 'post_id' => $post_id, 'topic_id' => $topic_id, 'bookmark_time' => time(), 'bookmark_desc' => $bookmark_desc)); $this->db->sql_query($sql); $message = $this->user->lang['POST_BOOKMARK_ADDED']; $this->helper->output_response($message, $return_link, $viewtopic_url); } } } $this->template->assign_vars(array('U_POST_ACTION' => append_sid("{$this->phpbb_root_path}postbookmark", "f={$forum_id}&t={$topic_id}&p={$post_id}&mode={$mode}"))); page_header($this->user->lang['POST_BOOKMARK_ADD']); $this->template->set_filenames(array('body' => $body . '.html')); page_footer(); return new Response('', 200); }
public function blog() { $action = $this->request->variable('action', ''); $blog_id = (int) $this->request->variable('blog_id', 0); // When blog is disabled, redirect users back to the forum index if (empty($this->config['ub_enabled'])) { redirect(append_sid("{$this->root_path}index.{$this->php_ext}")); } switch ($action) { case 'add': $this->blog->add(); // Generate the page template return $this->helper->render('blog_add.html', $this->user->lang('BLOG_ADD')); break; case 'edit': $this->blog->edit($blog_id); // Generate the page template return $this->helper->render('blog_add.html', $this->user->lang('BLOG_EDIT')); break; case 'delete': $this->blog->delete($blog_id); break; case 'rate': $this->blog->rate($blog_id); break; default: $this->blog->latest(); // Generate the page template return $this->helper->render('blogs_latest.html', $this->user->lang('BLOG')); break; } }
function run_tool() { global $config, $db, $template; $step = request_var('step', 0); $begin = $this->_batch_size * $step; // Get the batch $sql = 'SELECT attach_id, physical_filename FROM ' . ATTACHMENTS_TABLE; $result = $db->sql_query_limit($sql, $this->_batch_size, $begin); $batch = $db->sql_fetchrowset($result); $db->sql_freeresult($result); if (empty($batch)) { // Nothing to do trigger_error('RESYNC_ATTACHMENTS_FINISHED'); } $delete_ids = array(); foreach ($batch as $row) { // Does the file still exists? $path = PHPBB_ROOT_PATH . $config['upload_path'] . "/{$row['physical_filename']}"; if (file_exists($path)) { // Yes, next please! continue; } $delete_ids[] = $row['attach_id']; } // Run all the queries if (!empty($delete_ids)) { $db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE ' . $db->sql_in_set('attach_id', $delete_ids)); } // Next step $template->assign_var('U_BACK_TOOL', false); meta_refresh(3, append_sid(STK_INDEX, array('c' => 'admin', 't' => 'resync_attachments', 'step' => ++$step, 'submit' => true))); trigger_error('RESYNC_ATTACHMENTS_PROGRESS'); }
function main($id, $mode) { global $auth, $db, $user, $template; global $config, $phpbb_root_path, $phpEx; $action = request_var('action', array('' => '')); if (is_array($action)) { list($action, ) = each($action); } $this->page_title = 'MCP_NOTES'; switch ($mode) { case 'front': $template->assign_vars(array( 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=mcp&field=username&select_single=true'), 'U_POST_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=notes&mode=user_notes'), 'L_TITLE' => $user->lang['MCP_NOTES'], )); $this->tpl_name = 'mcp_notes_front'; break; case 'user_notes': $user->add_lang('acp/common'); $this->mcp_notes_user_view($action); $this->tpl_name = 'mcp_notes_user'; break; } }
/** * Hook that is called in template::display() * @param phpbb_hook $phpbb_hook Reference to the phpBB hook object * @return void */ function phpbb_blog_pre_display(&$phpbb_hook) { global $config, $template; global $phpbb_root_path, $phpEx; // Assign the blog's main template variables $template->assign_vars(array('U_BLOG' => append_sid("{$phpbb_root_path}blog.{$phpEx}"), 'OVERALL_BLOG_TITLE' => isset($config['blog_title']) ? $config['blog_title'] : '')); }
/** * Shortcut for phpbb's append_sid function (do not send the root path/phpext in the url part) * * @param mixed $url * @param mixed $params * @param mixed $is_amp * @param mixed $session_id * @return string */ public static function append_sid($url, $params = false, $is_amp = true, $session_id = false) { if (!strpos($url, '.' . self::$php_ext)) { $url = self::$root_path . $url . '.' . self::$php_ext; } return append_sid($url, $params, $is_amp, $session_id); }
function main($id, $mode) { global $db, $user, $template, $config, $request, $table_prefix, $phpbb_root_path; $this->tpl_name = 'acp_session_active'; // Let's define image $image = array('search' => '<img src="' . $phpbb_root_path . 'ext/anavaro/sessionadmin/adm/images/spyglass.png">'); $ouptut = $users = array(); $sql = 'SELECT * FROM phpbb_session_ghost WHERE session_page NOT LIKE \'expired\' AND session_page NOT LIKE \'ucp.php?mode=logout\' ORDER BY session_time DESC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $output[] = array('user_id' => $row['session_user_id'], 'session_start' => $user->format_date($row['session_start'], 'd.m.Y, H:i'), 'session_time' => $user->format_date($row['session_time'], 'd.m.Y, H:i'), 'session_ip' => $row['session_ip'], 'session_page' => $row['session_page'], 'session_browser' => $row['session_browser'], 'session_viewonline' => $row['session_viewonline'], 'session_forum_id' => $row['session_forum_id']); $users[] = $row['session_user_id']; } $db->sql_freeresult($result); // Let's request some users if (!empty($users)) { $users_array = array(); $sql = 'SELECT user_id, username, user_colour FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $users) . ' ORDER BY user_id ASC'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $users_array[$row['user_id']] = array('id' => $row['user_id'], 'username' => $row['username'], 'colour' => $row['user_colour']); } } else { trigger_error('NO_ACTIVE_SESSIONS_FOUND'); } foreach ($output as $var) { $var['username'] = '******' . (isset($users_array[$var['user_id']]['colour']) ? $users_array[$var['user_id']]['colour'] : "000000") . '" href="' . append_sid($phpbb_root_path . 'memberlist.php?mode=viewprofile&u=' . $var['user_id']) . '" target="_blank">' . $users_array[$var['user_id']]['username'] . '</a> <a href="' . append_sid($phpbb_root_path . 'adm/index.php?i=-anavaro-sessionadmin-acp-acp_session_search_module&mode=main&case=userid&username='******'user_id']) . '">' . $image['search'] . '</a>'; // Let's buttify page a bit $var['session_page'] = '<a href="' . append_sid($phpbb_root_path . $var['session_page']) . '" target="_blank">' . $var['session_page'] . '</a>'; $template->assign_block_vars('sessions_active', array('USERNAME' => $var['username'], 'USER_IP' => '<a href="' . append_sid($phpbb_root_path . 'adm/index.php?i=-anavaro-sessionadmin-acp-acp_session_search_module&mode=main&case=userip&username='******'session_ip']) . '">' . $var['session_ip'] . '</a>', 'SESSION_START' => $var['session_start'], 'SESSION_TIME' => $var['session_time'], 'SESSION_PAGE' => $var['session_page'], 'SESSION_VIEWONLINE' => $var['session_viewonline'], 'SESSION_BROWSER' => $var['session_browser'])); } }
function main($id, $mode) { global $db, $user, $auth, $template; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('acp/board'); $captcha_vars = array('captcha_gd_x_grid' => 'CAPTCHA_GD_X_GRID', 'captcha_gd_y_grid' => 'CAPTCHA_GD_Y_GRID', 'captcha_gd_foreground_noise' => 'CAPTCHA_GD_FOREGROUND_NOISE', 'captcha_gd' => 'CAPTCHA_GD_PREVIEWED', 'captcha_gd_wave' => 'CAPTCHA_GD_WAVE', 'captcha_gd_3d_noise' => 'CAPTCHA_GD_3D_NOISE', 'captcha_gd_fonts' => 'CAPTCHA_GD_FONTS'); if (isset($_GET['demo'])) { $captcha_vars = array_keys($captcha_vars); foreach ($captcha_vars as $captcha_var) { $config[$captcha_var] = isset($_REQUEST[$captcha_var]) ? request_var($captcha_var, 0) : $config[$captcha_var]; } if ($config['captcha_gd']) { include $phpbb_root_path . 'includes/captcha/captcha_gd.' . $phpEx; } else { include $phpbb_root_path . 'includes/captcha/captcha_non_gd.' . $phpEx; } $captcha = new captcha(); $captcha->execute(gen_rand_string(mt_rand(CAPTCHA_MIN_CHARS, CAPTCHA_MAX_CHARS)), time()); exit; } $config_vars = array('enable_confirm' => 'REG_ENABLE', 'enable_post_confirm' => 'POST_ENABLE', 'confirm_refresh' => 'CONFIRM_REFRESH', 'captcha_gd' => 'CAPTCHA_GD'); $this->tpl_name = 'acp_captcha'; $this->page_title = 'ACP_VC_SETTINGS'; $form_key = 'acp_captcha'; add_form_key($form_key); $submit = request_var('submit', ''); if ($submit && check_form_key($form_key)) { $config_vars = array_keys($config_vars); foreach ($config_vars as $config_var) { set_config($config_var, request_var($config_var, '')); } $captcha_vars = array_keys($captcha_vars); foreach ($captcha_vars as $captcha_var) { $value = request_var($captcha_var, 0); if ($value >= 0) { set_config($captcha_var, $value); } } add_log('admin', 'LOG_CONFIG_VISUAL'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } else { if ($submit) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action)); } else { $preview_image_src = append_sid(append_sid("{$phpbb_admin_path}index.{$phpEx}", "i={$id}&demo=demo")); if (@extension_loaded('gd')) { $template->assign_var('GD', true); } foreach ($config_vars as $config_var => $template_var) { $template->assign_var($template_var, isset($_REQUEST[$config_var]) ? request_var($config_var, '') : $config[$config_var]); } foreach ($captcha_vars as $captcha_var => $template_var) { $var = isset($_REQUEST[$captcha_var]) ? request_var($captcha_var, 0) : $config[$captcha_var]; $template->assign_var($template_var, $var); $preview_image_src .= "&{$captcha_var}=" . $var; } $template->assign_vars(array('CAPTCHA_PREVIEW' => $preview_image_src, 'PREVIEW' => isset($_POST['preview']))); } } }
function cms_block_recent_articles() { // if article approved in the table is equal to 1 the article has been approved, else it is not approved, so don't show it. global $db, $cache, $config, $template, $user, $lang, $table_prefix, $style_row, $block_id, $cms_config_vars; $template->_tpldata['recent_articles.'] = array(); @(include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT); $sql = "SELECT * FROM " . KB_ARTICLES_TABLE . " ORDER BY article_id DESC LIMIT " . $cms_config_vars['md_total_articles'][$block_id]; $result = $db->sql_query($sql); //now lets get our info if ($row = $db->sql_fetchrow($result)) { $i = 0; do { if ($row['approved'] == 1) { $title = $row['article_title']; $author_id = $row['article_author_id']; $author = colorize_username($author_id); $article_category_id = $row['article_id']; $url = append_sid(IP_ROOT_PATH . 'kb.' . PHP_EXT . '?mode=article&k=' . $article_category_id); if ($cms_config_vars['md_recent_articles_style'][$block_id] == '1') { $style_row = 'articles_scroll'; } else { $style_row = 'articles_static'; } $template->assign_block_vars($style_row, ''); // Convert and clean special chars! $title = htmlspecialchars_clean($title); $template->assign_block_vars($style_row . '.recent_articles', array('TITLE' => $title, 'U_ARTICLE' => $url, 'AUTHOR' => $author, 'DATE' => create_date_ip($config['default_dateformat'], $row['article_date'], $config['board_timezone']))); } $i++; } while ($row = $db->sql_fetchrow($result)); $db->sql_freeresult($result); } }
public function base() { $note = utf8_normalize_nfc($this->request->variable('note', '', true)); $submit = isset($_POST['submit']) ? true : false; $error = array(); // check if user s logged in, since this page can be used only after registration... if (!$this->user->data['is_registered']) { login_box($this->helper->route('vinny_usersnotes_controller')); } // ... and also this is not for bots (especially for bad ones :) if ($this->user->data['is_bot']) { redirect(append_sid("{$this->phpbb_root_path}index.{$this->phpEx}")); } $s_action = $this->helper->route('vinny_usersnotes_controller'); $s_hidden_fields = ''; add_form_key('postform'); // create a template variables $this->template->assign_vars(array('S_POST_ACTION' => $s_action, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'ERROR' => sizeof($error) ? implode('<br />', $error) : '')); if ($submit) { /*if(!check_form_key('postform')) { trigger_error('FORM_INVALID'); }*/ $sql = 'UPDATE ' . USERS_TABLE . ' SET user_note = "' . $note . '" WHERE user_id = ' . $this->user->data['user_id']; $this->db->sql_query($sql); meta_refresh(3, $this->helper->route('vinny_usersnotes_controller')); trigger_error(sprintf($this->user->lang['NOTES_SAVED'], $this->helper->route('vinny_usersnotes_controller'))); } // create a template variables $this->template->assign_vars(array('NOTE' => $this->user->data['user_note'])); $this->template->assign_block_vars('navlinks', array('FORUM_NAME' => $this->user->lang['NOTES'])); return $this->helper->render('notes.html', $this->user->lang['NOTES']); }