/** * Interface to subscribe for reminders to an event. * * @return tempcode The UI */ function subscribe_event() { $title = get_page_title('SUBSCRIBE_EVENT'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('CALENDAR')))); // Check access $id = get_param_integer('id'); check_specific_permission('view_calendar'); $rows = $GLOBALS['SITE_DB']->query_select('calendar_events', array('*'), array('id' => $id), '', 1); if (!array_key_exists(0, $rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $event = $rows[0]; if ($event['e_is_public'] == 0) { enforce_personal_access($event['e_submitter'], 'view_personal_events'); } if (!has_category_access(get_member(), 'calendar', strval($event['e_type']))) { access_denied('CATEGORY_ACCESS'); } require_code('form_templates'); $post_url = build_url(array('page' => '_SELF', 'type' => '_subscribe_event', 'id' => $id), '_SELF'); $fields = new ocp_tempcode(); $fields->attach(form_input_float(do_lang_tempcode('REMINDER_TIME'), do_lang_tempcode('DESCRIPTION_REMINDER_TIME'), 'hours_before', 1.0, true)); $submit_name = do_lang_tempcode('SUBSCRIBE_EVENT'); return do_template('FORM_SCREEN', array('_GUID' => '8f6a962617031264ee1af552701804ca', 'SKIP_VALIDATION' => true, 'HIDDEN' => '', 'TITLE' => $title, 'TEXT' => '', 'FIELDS' => $fields, 'URL' => $post_url, 'SUBMIT_NAME' => $submit_name)); }
/** * The actualiser to import wordpress blog * * @return tempcode The UI */ function _import_wordpress() { check_specific_permission('mass_import', NULL, NULL, 'cms_news'); $title = get_page_title('IMPORT_WP_DB'); require_code('rss'); require_code('news'); require_code('news2'); $GLOBALS['LAX_COMCODE'] = true; require_code('uploads'); is_swf_upload(true); $is_validated = post_param_integer('wp_auto_validate', 0); $to_own_account = post_param_integer('wp_add_to_own', 0); //Wordpress post xml file importing method if (get_param('method') == 'xml') { $rss_url = post_param('xml_url', NULL); if (array_key_exists('file_novalidate', $_FILES)) { if (is_swf_upload(true) && array_key_exists('file_novalidate', $_FILES) || array_key_exists('file_novalidate', $_FILES) && is_uploaded_file($_FILES['file_novalidate']['tmp_name'])) { $rss_url = $_FILES['file_novalidate']['tmp_name']; } else { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN')); } } else { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN')); } $rss = new rss($rss_url, true); if (!is_null($rss->error)) { warn_exit($rss->error); } $cat_id = NULL; $NEWS_CATS = $GLOBALS['SITE_DB']->query_select('news_categories', array('*'), array('nc_owner' => NULL)); $NEWS_CATS = list_to_map('id', $NEWS_CATS); $extra_post_data = array(); foreach ($rss->gleamed_items as $item) { if (!array_key_exists('category', $item)) { $item['category'] = do_lang('NC_general'); } $extra_post_data[] = $item; foreach ($NEWS_CATS as $_cat => $news_cat) { if (get_translated_text($news_cat['nc_title']) == $item['category']) { $cat_id = $_cat; } } //Check for existing owner categories, if not create blog category for creator if ($to_own_account == 0) { $creator = $item['author']; $submitter_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($creator); } else { $submitter_id = get_member(); } //if(is_null($submitter_id)) continue; //Skip importing posts of nonexisting users $owner_category_id = $GLOBALS['SITE_DB']->query_value_null_ok('news_categories', 'id', array('nc_owner' => $submitter_id)); if (is_null($cat_id)) { $cat_id = add_news_category($item['category'], 'newscats/general', '', NULL); $NEWS_CATS = $GLOBALS['SITE_DB']->query_select('news_categories', array('*'), array('nc_owner' => NULL)); $NEWS_CATS = list_to_map('id', $NEWS_CATS); } // Add news add_news($item['title'], html_to_comcode($item['news']), NULL, $is_validated, 1, 1, 1, '', array_key_exists('news_article', $item) ? html_to_comcode($item['news_article']) : '', $owner_category_id, array($cat_id), NULL, $submitter_id, 0, time(), NULL, ''); } if (url_is_local($rss_url)) { // Means it is a temp file @unlink($rss_url); } } elseif (get_param('method') == 'db') { import_wordpress_db(); } breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_BLOGS')), array('_SELF:_SELF:import_wordpress', do_lang_tempcode('IMPORT_WORDPRESS')))); breadcrumb_set_self(do_lang_tempcode('DONE')); return inform_screen($title, do_lang_tempcode('IMPORT_WORDPRESS_DONE')); }
/** * The actualiser to merge two authors. * * @return tempcode The UI */ function _mg() { check_specific_permission('delete_midrange_content'); $title = get_page_title('MERGE_AUTHORS'); $from = post_param('mauthor'); $to = post_param('mauthor2'); merge_authors($from, $to); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('AUTHOR_MANAGE')))); return $this->do_next_manager($title, do_lang_tempcode('SUCCESS')); }
/** * The actualiser to add a chat room. * * @return tempcode The UI to choose a chat room (probably what was just added, but...) */ function _chat_private() { $title = get_page_title('CREATE_PRIVATE_ROOM'); require_code('chat2'); if (is_guest()) { access_denied('NOT_AS_GUEST'); } check_specific_permission('create_private_room'); // Check the input $room_name = post_param('room_name', do_lang('CHAT_PRIVATE_DEFAULT_ROOM_NAME', $GLOBALS['FORUM_DRIVER']->get_username(get_member()))); $room_lang = post_param('room_lang', user_lang()); list($allow2, $allow2_groups, $disallow2, $disallow2_groups) = read_in_chat_perm_fields(); $allow = explode(',', $allow2); $new_room_id = add_chatroom(post_param('c_welcome'), $room_name, get_member(), $allow2, $allow2_groups, $disallow2, $disallow2_groups, $room_lang); $rooms = chat_get_all_rooms(); // For each person in the allow list, insert a private message into every room (except the new one) asking them to join the new room foreach ($allow as $person) { $person = trim($person); if ($person != '' && $person != $GLOBALS['FORUM_DRIVER']->get_username(get_member()) && $person != do_lang('GUEST')) { foreach ($rooms as $room) { if ($room['id'] != $new_room_id) { chat_post_message($room['id'], '[invite="' . $person . '"]' . $room_name . '[/invite]', get_option('chat_default_post_font'), get_option('chat_default_post_colour')); } } } } // Set access $admin_groups = $GLOBALS['FORUM_DRIVER']->get_super_admin_groups(); $groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, true); $GLOBALS['SITE_DB']->query_delete('group_category_access', array('module_the_name' => 'chat', 'category_name' => strval($new_room_id))); foreach (array_keys($groups) as $group_id) { if (in_array($group_id, $admin_groups)) { continue; } $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => 'chat', 'category_name' => strval($new_room_id), 'group_id' => $group_id)); } $url = build_url(array('page' => '_SELF', 'type' => 'room', 'id' => $new_room_id), '_SELF'); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
/** * Shows an HTML page for making block Comcode. */ function block_helper_script() { require_lang('comcode'); require_lang('blocks'); require_code('zones2'); require_code('zones3'); check_specific_permission('comcode_dangerous'); $title = get_page_title('BLOCK_HELPER'); require_code('form_templates'); require_all_lang(); $type_wanted = get_param('block_type', 'main'); $type = get_param('type', 'step1'); $content = new ocp_tempcode(); if ($type == 'step1') { // Find what addons all our block files are in, and icons if possible $hooks = find_all_hooks('systems', 'addon_registry'); $hook_keys = array_keys($hooks); $hook_files = array(); foreach ($hook_keys as $hook) { $path = get_file_base() . '/sources_custom/hooks/systems/addon_registry/' . filter_naughty_harsh($hook) . '.php'; if (!file_exists($path)) { $path = get_file_base() . '/sources/hooks/systems/addon_registry/' . filter_naughty_harsh($hook) . '.php'; } $hook_files[$hook] = file_get_contents($path); } unset($hook_keys); $addon_icons = array(); $addons_blocks = array(); foreach ($hook_files as $addon_name => $hook_file) { $matches = array(); if (preg_match('#function get_file_list\\(\\)\\s*\\{([^\\}]*)\\}#', $hook_file, $matches) != 0) { if (!defined('HIPHOP_PHP')) { $addon_files = eval($matches[1]); } else { require_code('hooks/systems/addon_registry/' . $addon_name); $hook_ob = object_factory('Hook_addon_registry_' . $addon_name); $addon_files = $hook_ob->get_file_list(); } foreach ($addon_files as $file) { if (substr($file, 0, 31) == 'themes/default/images/bigicons/' && !array_key_exists($addon_name, $addon_icons)) { $addon_icons[$addon_name] = find_theme_image('bigicons/' . basename($file, '.png'), false, true); } if (substr($file, 0, 21) == 'sources_custom/blocks/' || substr($file, 0, 15) == 'sources/blocks/') { if ($addon_name == 'staff_messaging') { $addon_name = 'core_feedback_features'; } $addons_blocks[basename($file, '.php')] = $addon_name; } } } } // Find where blocks have been used $block_usage = array(); $zones = find_all_zones(false, true); foreach ($zones as $_zone) { $zone = $_zone[0]; $pages = find_all_pages_wrap($zone, true); foreach ($pages as $filename => $type) { if (substr(strtolower($filename), -4) == '.txt') { $matches = array(); $contents = file_get_contents(zone_black_magic_filterer((substr($type, 0, 15) == 'comcode_custom/' ? get_custom_file_base() : get_file_base()) . '/' . ($zone == '' ? '' : $zone . '/') . 'pages/' . $type . '/' . $filename)); //$fallback=get_file_base().'/'.(($zone=='')?'':($zone.'/')).'pages/comcode/'.fallback_lang().'/'.$filename; //if (file_exists($fallback)) $contents.=file_get_contents($fallback); $num_matches = preg_match_all('#\\[block[^\\]]*\\](.*)\\[/block\\]#U', $contents, $matches); for ($i = 0; $i < $num_matches; $i++) { $block_used = $matches[1][$i]; if (!array_key_exists($block_used, $block_usage)) { $block_usage[$block_used] = array(); } $block_usage[$block_used][] = $zone . ':' . basename($filename, '.txt'); } } } } // Show block list $links = new ocp_tempcode(); $blocks = find_all_blocks(); $dh = @opendir(get_file_base() . '/sources_custom/miniblocks'); if ($dh !== false) { while (($file = readdir($dh)) !== false) { if (substr($file, -4) == '.php' && preg_match('#^[\\w\\-]*$#', substr($file, 0, strlen($file) - 4)) != 0) { $blocks[substr($file, 0, strlen($file) - 4)] = 'sources_custom'; } } closedir($dh); } $block_types = array(); $block_types_icon = array(); $keep = symbol_tempcode('KEEP'); foreach (array_keys($blocks) as $block) { if (array_key_exists($block, $addons_blocks)) { $addon_name = $addons_blocks[$block]; $addon_icon = array_key_exists($addon_name, $addon_icons) ? $addon_icons[$addon_name] : NULL; $addon_name = preg_replace('#^core\\_#', '', $addon_name); } else { $addon_name = NULL; $addon_icon = NULL; } $this_block_type = is_null($addon_name) || strpos($addon_name, 'block') !== false || $addon_name == 'core' ? substr($block, 0, strpos($block, '_') === false ? strlen($block) : strpos($block, '_')) : $addon_name; if (!array_key_exists($this_block_type, $block_types)) { $block_types[$this_block_type] = new ocp_tempcode(); } if (!is_null($addon_icon)) { $block_types_icon[$this_block_type] = $addon_icon; } $block_description = do_lang('BLOCK_' . $block . '_DESCRIPTION', NULL, NULL, NULL, NULL, false); $block_use = do_lang('BLOCK_' . $block . '_USE', NULL, NULL, NULL, NULL, false); if (is_null($block_description)) { $block_description = ''; } if (is_null($block_use)) { $block_use = ''; } $descriptiont = $block_description == '' && $block_use == '' ? new ocp_tempcode() : do_lang_tempcode('BLOCK_HELPER_1X', $block_description, $block_use); $url = find_script('block_helper') . '?type=step2&block=' . urlencode($block) . '&field_name=' . get_param('field_name') . $keep->evaluate(); if (get_param('utheme', '') != '') { $url .= '&utheme=' . get_param('utheme'); } $url .= '&block_type=' . $type_wanted; $link_caption = do_lang_tempcode('NICE_BLOCK_NAME', escape_html(cleanup_block_name($block)), $block); $usage = array_key_exists($block, $block_usage) ? $block_usage[$block] : array(); $block_types[$this_block_type]->attach(do_template('BLOCK_HELPER_BLOCK_CHOICE', array('USAGE' => $usage, 'DESCRIPTION' => $descriptiont, 'URL' => $url, 'LINK_CAPTION' => $link_caption))); } /*if (array_key_exists($type_wanted,$block_types)) We don't do this now, as we structure by addon name { $x=$block_types[$type_wanted]; unset($block_types[$type_wanted]); $block_types=array_merge(array($type_wanted=>$x),$block_types); }*/ ksort($block_types); // We sort now instead $move_after = $block_types['adminzone_frontpage']; unset($block_types['adminzone_frontpage']); $block_types['adminzone_frontpage'] = $move_after; foreach ($block_types as $block_type => $_links) { switch ($block_type) { case 'side': case 'main': case 'bottom': $type_title = do_lang_tempcode('BLOCKS_TYPE_' . $block_type); $img = NULL; break; default: $type_title = do_lang_tempcode('BLOCKS_TYPE_ADDON', escape_html(cleanup_block_name($block_type))); $img = array_key_exists($block_type, $block_types_icon) ? $block_types_icon[$block_type] : NULL; break; } $links->attach(do_template('BLOCK_HELPER_BLOCK_GROUP', array('IMG' => $img, 'TITLE' => $type_title, 'LINKS' => $_links))); } $content = do_template('BLOCK_HELPER_START', array('_GUID' => 'd2d6837cdd8b19d80ea95ab9f5d09c9a', 'GET' => true, 'TITLE' => $title, 'LINKS' => $links)); } elseif ($type == 'step2') { require_code('comcode_text'); $defaults = parse_single_comcode_tag(get_param('parse_defaults', '', true), 'block'); $block = trim(get_param('block')); $title = get_page_title('_BLOCK_HELPER', true, array(escape_html($block))); $fields = new ocp_tempcode(); $parameters = get_block_parameters($block); $parameters[] = 'failsafe'; $parameters[] = 'cache'; $parameters[] = 'quick_cache'; if (!isset($defaults['cache'])) { $defaults['cache'] = block_cache_default($block); } if (is_null($parameters)) { $parameters = array(); } $advanced_ind = do_lang('BLOCK_IND_ADVANCED'); $param_classes = array('normal' => array(), 'advanced' => array()); foreach ($parameters as $parameter) { $param_class = 'normal'; if ($parameter == 'cache' || $parameter == 'quick_cache' || $parameter == 'failsafe' || strpos(do_lang('BLOCK_' . $block . '_PARAM_' . $parameter), $advanced_ind) !== false) { $param_class = 'advanced'; } $param_classes[$param_class][] = $parameter; } foreach ($param_classes as $param_class => $parameters) { if (count($parameters) == 0) { if ($param_class == 'normal') { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => false, 'TITLE' => do_lang_tempcode('PARAMETERS'), 'HELP' => protect_from_escaping(paragraph(do_lang_tempcode('BLOCK_HELPER_NO_PARAMETERS'), '', 'nothing_here'))))); } continue; } if ($param_class == 'advanced') { $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => true, 'TITLE' => do_lang_tempcode('ADVANCED')))); } foreach ($parameters as $parameter) { $matches = array(); switch ($parameter) { case 'quick_cache': case 'cache': case 'failsafe': $description = do_lang('BLOCK_PARAM_' . $parameter); break; default: $description = do_lang('BLOCK_' . $block . '_PARAM_' . $parameter); break; } $description = str_replace(do_lang('BLOCK_IND_STRIPPABLE_1'), '', $description); $description = trim(str_replace(do_lang('BLOCK_IND_ADVANCED'), '', $description)); // Work out default value for field $default = ''; if (preg_match('#' . do_lang('BLOCK_IND_DEFAULT') . ': ["\']([^"]*)["\']#Ui', $description, $matches) != 0) { $default = $matches[1]; $has_default = true; $description = preg_replace('#\\s*' . do_lang('BLOCK_IND_DEFAULT') . ': ["\']([^"]*)["\'](?-U)\\.?(?U)#Ui', '', $description); } else { $has_default = false; } if (isset($defaults[$parameter])) { $default = $defaults[$parameter]; $has_default = true; } // Show field if ($block . ':' . $parameter == 'side_stored_menu:type') { $matches = array(); $dh = opendir(get_file_base() . '/themes/default/templates/'); $options = array(); while (($file = readdir($dh)) !== false) { if (preg_match('^MENU\\_([a-z]+)\\.tpl$^', $file, $matches) != 0) { $options[] = $matches[1]; } } closedir($dh); $dh = opendir(get_custom_file_base() . '/themes/default/templates_custom/'); while (($file = readdir($dh)) !== false) { if (preg_match('^MENU\\_([a-z]+)\\.tpl$^', $file, $matches) != 0 && !file_exists(get_file_base() . '/themes/default/templates/' . $file)) { $options[] = $matches[1]; } } closedir($dh); sort($options); $list = new ocp_tempcode(); foreach ($options as $option) { $list->attach(form_input_list_entry($option, $has_default && $option == $default)); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($block . ':' . $parameter == 'side_stored_menu:param') { $list = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('menu_items', array('DISTINCT i_menu'), NULL, 'ORDER BY i_menu'); foreach ($rows as $row) { $list->attach(form_input_list_entry($row['i_menu'], $has_default && $row['i_menu'] == $default)); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($block . ':' . $parameter == 'side_shoutbox:param') { $list = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('chat_rooms', array('id', 'room_name'), array('is_im' => 0), '', 100); foreach ($rows as $row) { $list->attach(form_input_list_entry(strval($row['id']), $has_default && strval($row['id']) == $default, $row['room_name'])); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($block . ':' . $parameter == 'main_poll:param') { $list = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('poll', array('id', 'question'), NULL, 'ORDER BY id DESC', 100); $list->attach(form_input_list_entry('', false, do_lang('NA'))); foreach ($rows as $row) { $list->attach(form_input_list_entry(strval($row['id']), $has_default && strval($row['id']) == $default, get_translated_text($row['question']))); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($block . ':' . $parameter == 'main_awards:param') { $list = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('award_types', array('id', 'a_title')); foreach ($rows as $row) { $list->attach(form_input_list_entry(strval($row['id']), $has_default && strval($row['id']) == $default, get_translated_text($row['a_title']))); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'zone' || $parameter == 'param' && $block == 'main_as_zone_access') { $list = new ocp_tempcode(); $list->attach(form_input_list_entry('_SEARCH', $default == '')); $list->attach(nice_get_zones($default == '' ? NULL : $default)); $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif (($parameter == 'forum' || $parameter == 'param' && in_array($block, array('main_forum_topics'))) && get_forum_type() == 'ocf') { require_code('ocf_forums'); require_code('ocf_forums2'); if (!addon_installed('ocf_forum')) { warn_exit(do_lang_tempcode('NO_FORUM_INSTALLED')); } $list = ocf_get_forum_tree_secure(NULL, NULL, true, explode(',', $default)); $fields->attach(form_input_multi_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list)); } elseif ($parameter == 'param' && in_array($block, array('side_root_galleries', 'main_gallery_tease', 'main_gallery_embed', 'main_image_fader'))) { require_code('galleries'); $list = nice_get_gallery_tree($default); $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'param' && in_array($block, array('main_download_category'))) { require_code('downloads'); $list = nice_get_download_category_tree($default == '' ? NULL : intval($default)); $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'param' && in_array($block, array('main_contact_catalogues')) || $parameter == 'catalogue' && in_array($block, array('main_recent_cc_entries'))) { require_code('catalogues'); $list = nice_get_catalogues($default, false); $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'param' && in_array($block, array('main_cc_embed')) && $GLOBALS['SITE_DB']->query_value('catalogue_categories', 'COUNT(*)') < 500) { $list = new ocp_tempcode(); $categories = $GLOBALS['SITE_DB']->query_select('catalogue_categories', array('id', 'cc_title', 'c_name'), NULL, 'ORDER BY c_name,id'); $last_cat = mixed(); foreach ($categories as $cat) { if (is_null($last_cat) || $cat['c_name'] != $last_cat) { $list->attach(form_input_list_entry($cat['c_name'], $has_default && $cat['c_name'] == $default, $cat['c_name'], false, true)); $last_cat = $cat['c_name']; } $list->attach(form_input_list_entry(strval($cat['id']), $has_default && strval($cat['id']) == $default, get_translated_text($cat['cc_title']))); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'param' && in_array($block, array('main_banner_wave', 'main_topsites'))) { require_code('banners'); $list = nice_get_banner_types($default); $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'param' && in_array($block, array('main_newsletter_signup'))) { $list = new ocp_tempcode(); $rows = $GLOBALS['SITE_DB']->query_select('newsletters', array('id', 'title')); foreach ($rows as $newsletter) { $list->attach(form_input_list_entry(strval($newsletter['id']), $has_default && strval($newsletter['id']) == $default, get_translated_text($newsletter['title']))); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif ($parameter == 'filter' && in_array($block, array('bottom_news', 'main_news', 'side_news', 'side_news_archive'))) { require_code('news'); $list = nice_get_news_categories($default == '' ? -1 : intval($default)); $fields->attach(form_input_multi_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list)); } elseif ($parameter == 'font') { $fonts = array(); $dh = opendir(get_file_base() . '/data/fonts'); while ($f = readdir($dh)) { if (substr($f, -4) == '.ttf') { $fonts[] = substr($f, 0, strlen($f) - 4); } } closedir($dh); $dh = opendir(get_custom_file_base() . '/data_custom/fonts'); while ($f = readdir($dh)) { if (substr($f, -4) == '.ttf') { $fonts[] = substr($f, 0, strlen($f) - 4); } } closedir($dh); $fonts = array_unique($fonts); sort($fonts); $list = new ocp_tempcode(); foreach ($fonts as $font) { $list->attach(form_input_list_entry($font, $font == $default)); } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif (preg_match('#' . do_lang('BLOCK_IND_EITHER') . ' (.+)#i', $description, $matches) != 0) { $description = preg_replace('# \\(' . do_lang('BLOCK_IND_EITHER') . '.*\\)#U', '', $description); $list = new ocp_tempcode(); $matches2 = array(); $num_matches = preg_match_all('#\'([^\']*)\'="([^"]*)"#', $matches[1], $matches2); if ($num_matches != 0) { for ($i = 0; $i < $num_matches; $i++) { $list->attach(form_input_list_entry($matches2[1][$i], $matches2[1][$i] == $default, $matches2[2][$i])); } } else { $num_matches = preg_match_all('#\'([^\']*)\'#', $matches[1], $matches2); for ($i = 0; $i < $num_matches; $i++) { $list->attach(form_input_list_entry($matches2[1][$i], $matches2[1][$i] == $default)); } } $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } elseif (preg_match('#\\(' . do_lang('BLOCK_IND_HOOKTYPE') . ': \'([^\'/]*)/([^\'/]*)\'\\)#i', $description, $matches) != 0) { $description = preg_replace('#\\s*\\(' . do_lang('BLOCK_IND_HOOKTYPE') . ': \'([^\'/]*)/([^\'/]*)\'\\)#i', '', $description); $list = new ocp_tempcode(); $hooks = find_all_hooks($matches[1], $matches[2]); ksort($hooks); if ($default == '' && $has_default) { $list->attach(form_input_list_entry('', true)); } foreach (array_keys($hooks) as $hook) { if ($block == 'side_tag_cloud') { if (substr($hook, -1) == 'y') { $hook .= ',' . substr($hook, 0, strlen($hook) - 1) . 'ies'; } elseif (substr($hook, -1) != 's' && $hook != 'quiz') { $hook .= ',' . $hook . 's'; } } $list->attach(form_input_list_entry($hook, $hook == $default)); } if ($block == 'main_search' && $parameter == 'limit_to' || $block == 'side_tag_cloud') { $fields->attach(form_input_multi_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, 0)); } else { $fields->attach(form_input_list(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $list, NULL, false, false)); } } elseif (($default == '0' || $default == '1' || strpos($description, '\'0\'') !== false || strpos($description, '\'1\'') !== false) && do_lang('BLOCK_IND_WHETHER') != '' && strpos(strtolower($description), do_lang('BLOCK_IND_WHETHER')) !== false) { $fields->attach(form_input_tick(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $default == '1')); } elseif (do_lang('BLOCK_IND_NUMERIC') != '' && strpos($description, do_lang('BLOCK_IND_NUMERIC')) !== false) { $fields->attach(form_input_integer(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $default == '' ? NULL : intval($default), false)); } else { $fields->attach(form_input_line(ucwords(str_replace('_', ' ', $parameter)), escape_html($description), $parameter, $default, false)); } } } $keep = symbol_tempcode('KEEP'); $post_url = find_script('block_helper') . '?type=step3&field_name=' . get_param('field_name') . $keep->evaluate(); if (get_param('utheme', '') != '') { $post_url .= '&utheme=' . get_param('utheme'); } $post_url .= '&block_type=' . $type_wanted; if (get_param('save_to_id', '') != '') { $post_url .= '&save_to_id=' . urlencode(get_param('save_to_id')); $submit_name = do_lang_tempcode('SAVE'); // Allow remove option $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('SECTION_HIDDEN' => false, 'TITLE' => do_lang_tempcode('ACTIONS'), 'HELP' => ''))); $fields->attach(form_input_tick(do_lang_tempcode('REMOVE'), '', '_delete', false)); } else { $submit_name = do_lang_tempcode('USE'); } $block_description = do_lang('BLOCK_' . $block . '_DESCRIPTION', NULL, NULL, NULL, NULL, false); if (is_null($block_description)) { $block_description = ''; } $block_use = do_lang('BLOCK_' . $block . '_USE', NULL, NULL, NULL, NULL, false); if (is_null($block_use)) { $block_use = ''; } if ($block_description == '' && $block_use == '') { $text = new ocp_tempcode(); } else { $text = do_lang_tempcode('BLOCK_HELPER_2', escape_html(cleanup_block_name($block)), escape_html($block_description), escape_html($block_use)); } $hidden = form_input_hidden('block', $block); $content = do_template('FORM_SCREEN', array('_GUID' => '270058349d048a8be6570bba97c81fa2', 'TITLE' => $title, 'TARGET' => '_self', 'SKIP_VALIDATION' => true, 'FIELDS' => $fields, 'URL' => $post_url, 'TEXT' => $text, 'SUBMIT_NAME' => $submit_name, 'HIDDEN' => $hidden, 'PREVIEW' => true, 'THEME' => $GLOBALS['FORUM_DRIVER']->get_theme())); if ($fields->is_empty()) { $type = 'step3'; } } if ($type == 'step3') { require_javascript('javascript_posting'); require_javascript('javascript_editing'); $field_name = get_param('field_name'); $bparameters = ''; $bparameters_xml = ''; $bparameters_tempcode = ''; $block = trim(either_param('block')); $parameters = get_block_parameters($block); $parameters[] = 'failsafe'; $parameters[] = 'cache'; $parameters[] = 'quick_cache'; if (in_array('param', $parameters)) { $_parameters = array('param'); unset($parameters[array_search('param', $parameters)]); $parameters = array_merge($_parameters, $parameters); } foreach ($parameters as $parameter) { $value = post_param($parameter, NULL); if (is_null($value)) { if (post_param_integer('tick_on_form__' . $parameter, NULL) === NULL) { continue; } // If not on form, continue, otherwise must be 0 $value = '0'; } if ($value != '' && ($parameter != 'failsafe' || $value == '1') && ($parameter != 'cache' || $value != block_cache_default($block)) && ($parameter != 'quick_cache' || $value == '1')) { if ($parameter == 'param') { $bparameters .= '="' . str_replace('"', '\\"', $value) . '"'; } else { $bparameters .= ' ' . $parameter . '="' . str_replace('"', '\\"', $value) . '"'; } $bparameters_xml = '<blockParam key="' . escape_html($parameter) . '" val="' . escape_html($value) . '" />'; $bparameters_tempcode .= ',' . $parameter . '=' . str_replace(',', '\\,', $value); } } $comcode = '[block' . $bparameters . ']' . $block . '[/block]'; $comcode_xml = '<block>' . $bparameters_xml . $block . '</block>'; $tempcode = '{$BLOCK,block=' . $block . $bparameters_tempcode . '}'; if ($type_wanted == 'template') { $comcode = $tempcode; } // This is what will be written in $comcode_semihtml = comcode_to_tempcode($comcode, NULL, false, 60, NULL, NULL, true, false, false); $content = do_template('BLOCK_HELPER_DONE', array('_GUID' => '575d6c8120d6001c8156560be518f296', 'TITLE' => $title, 'FIELD_NAME' => $field_name, 'BLOCK' => $block, 'COMCODE_XML' => $comcode_xml, 'COMCODE' => $comcode, 'COMCODE_SEMIHTML' => $comcode_semihtml)); } global $EXTRA_HEAD; if (!isset($EXTRA_HEAD)) { $EXTRA_HEAD = new ocp_tempcode(); } $EXTRA_HEAD->attach('<meta name="robots" content="noindex" />'); // XHTMLXHTML $echo = do_template('POPUP_HTML_WRAP', array('TITLE' => do_lang_tempcode('BLOCK_HELPER'), 'CONTENT' => $content)); $echo->handle_symbol_preprocessing(); $echo->evaluate_echo(); }
/** * The actualiser to set the IOTD. * * @return tempcode The UI */ function set_iotd() { check_specific_permission('choose_iotd'); $title = get_page_title('CHOOSE_IOTD'); $id = post_param_integer('id'); set_iotd($id); return $this->do_next_manager($title, do_lang_tempcode('SUCCESS'), $id); }
/** * The UI to show a results table of banner details/statistics. * * @return tempcode The UI */ function banner_statistics() { $title = get_page_title('BANNER_STATISTICS'); check_specific_permission('view_anyones_banner_stats'); require_code('templates_internalise_screen'); $test_tpl = internalise_own_screen($title); if (is_object($test_tpl)) { $also_url = build_url(array('page' => 'cms_banners'), get_module_zone('cms_banners')); attach_message(do_lang_tempcode('menus:ALSO_SEE_ADMIN', escape_html($also_url->evaluate())), 'inform'); return $test_tpl; } $id = get_param_integer('id', -1); $start = get_param_integer('start', 0); $max = get_param_integer('max', 50); $sortables = array('name' => do_lang_tempcode('NAME'), 'add_date' => do_lang_tempcode('DATE_TIME')); $test = explode(' ', get_param('sort', 'name ASC'), 2); if (count($test) == 1) { $test[1] = 'DESC'; } list($sortable, $sort_order) = $test; if (strtoupper($sort_order) != 'ASC' && strtoupper($sort_order) != 'DESC' || !array_key_exists($sortable, $sortables)) { log_hack_attack_and_exit('ORDERBY_HACK'); } global $NON_CANONICAL_PARAMS; $NON_CANONICAL_PARAMS[] = 'sort'; $_sum = $GLOBALS['SITE_DB']->query_value('banners', 'SUM(views_from)'); $has_banner_network = $_sum != 0.0; require_code('templates_results_table'); $field_titles_arr = array(do_lang_tempcode('NAME'), do_lang_tempcode('TYPE'), do_lang_tempcode('_BANNER_TYPE')); if ($has_banner_network) { $field_titles_arr = array_merge($field_titles_arr, array(do_lang_tempcode('BANNER_HITSFROM'), do_lang_tempcode('BANNER_VIEWSFROM'))); } $field_titles_arr = array_merge($field_titles_arr, array(do_lang_tempcode('BANNER_HITSTO'), do_lang_tempcode('BANNER_VIEWSTO'), do_lang_tempcode('BANNER_CLICKTHROUGH'), do_lang_tempcode('IMPORTANCE_MODULUS'), do_lang_tempcode('SUBMITTER'), do_lang_tempcode('_ADDED'))); if (addon_installed('unvalidated')) { $field_titles_arr[] = do_lang_tempcode('VALIDATED'); } $fields_title = results_field_title($field_titles_arr, $sortables, 'sort', $sortable . ' ' . $sort_order); $rows = $GLOBALS['SITE_DB']->query_select('banners', array('*'), NULL, '', $max, $start); $max_rows = $GLOBALS['SITE_DB']->query_value('banners', 'COUNT(*)'); $fields = new ocp_tempcode(); foreach ($rows as $myrow) { $name = hyperlink(build_url(array('page' => 'banners', 'type' => 'view', 'source' => $myrow['name']), get_module_zone('banners')), $myrow['name'], false, true); switch ($myrow['the_type']) { case 0: $type = do_lang_tempcode('BANNER_PERMANENT'); break; case 1: $type = do_lang_tempcode('_BANNER_HITS_LEFT', do_lang_tempcode('BANNER_CAMPAIGN'), make_string_tempcode(integer_format($myrow['campaign_remaining']))); break; case 2: $type = do_lang_tempcode('BANNER_DEFAULT'); break; } $banner_type = $myrow['b_type']; if ($banner_type == '') { $banner_type = do_lang('GENERAL'); } $date_and_time = get_timezoned_date($myrow['add_date']); $hits_from = integer_format($myrow['hits_from']); $views_from = integer_format($myrow['views_from']); $hits_to = $myrow['site_url'] == '' ? do_lang_tempcode('CANT_TRACK') : protect_from_escaping(escape_html(integer_format($myrow['hits_to']))); $views_to = $myrow['site_url'] == '' ? do_lang_tempcode('CANT_TRACK') : protect_from_escaping(escape_html(integer_format($myrow['views_to']))); if ($myrow['views_to'] != 0) { $click_through = protect_from_escaping(escape_html(integer_format(intval(round(100.0 * ($myrow['hits_to'] / $myrow['views_to'])))))); } else { $click_through = do_lang_tempcode('NA_EM'); } $username = $GLOBALS['FORUM_DRIVER']->member_profile_hyperlink($myrow['submitter']); $importance_modulus = $myrow['importance_modulus']; $validated = $myrow['validated'] == 1 ? do_lang('YES') : do_lang('NO'); if (!is_null($myrow['expiry_date']) && $myrow['expiry_date'] < time()) { $validated .= do_lang('BUT_EXPIRED'); } $result = array(escape_html($name), escape_html($type), escape_html($banner_type)); if ($has_banner_network) { $result = array_merge($result, array(escape_html($hits_from), escape_html($views_from))); } $result = array_merge($result, array(escape_html($hits_to), escape_html($views_to), escape_html($click_through), escape_html(strval($importance_modulus)), $username, escape_html($date_and_time))); if (addon_installed('unvalidated')) { $result[] = escape_html($validated); } $fields->attach(results_entry($result, true)); } $table = results_table(do_lang_tempcode('BANNERS'), $start, 'start', $max, 'max', $max_rows, $fields_title, $fields, $sortables, $sortable, $sort_order, 'sort'); return do_template('RESULTS_TABLE_SCREEN', array('_GUID' => 'c9270fd515e76918a37edf3f573c6da2', 'RESULTS_TABLE' => $table, 'TITLE' => $title)); }
/** * Actualiser to edit a test section. * * @return tempcode The result of execution. */ function __ed() { check_specific_permission('edit_own_tests'); $id = get_param_integer('id'); $rows = $GLOBALS['SITE_DB']->query_select('test_sections', array('*'), array('id' => $id), '', 1); if (!array_key_exists(0, $rows)) { warn_exit('MISSING_RESOURCE'); } $section = $rows[0]; if (!(has_specific_permission(get_member(), 'edit_own_tests') && ($section['s_assigned_to'] == get_member() || $GLOBALS['FORUM_DRIVER']->is_staff(get_member())))) { access_denied('ACCESS_DENIED'); } if (post_param_integer('delete', 0) == 1) { $title = get_page_title('DELETE_TEST_SECTION'); $GLOBALS['SITE_DB']->query_delete('test_sections', array('id' => $id), '', 1); $GLOBALS['SITE_DB']->query_delete('tests', array('t_section' => $id)); return inform_screen($title, do_lang_tempcode('SUCCESS')); } else { $title = get_page_title('EDIT_TEST_SECTION'); // New tests $this->_add_new_tests($id); $assigned_to = post_param_integer('assigned_to'); if ($assigned_to == -1) { $assigned_to = NULL; } $GLOBALS['SITE_DB']->query_update('test_sections', array('s_section' => post_param('section'), 's_notes' => post_param('notes'), 's_inheritable' => post_param_integer('inheritable', 0), 's_assigned_to' => $assigned_to), array('id' => get_param_integer('id')), '', 1); // Tests that are edited/deleted (or possibly unchanged, but we count that as edited) foreach (array_keys($_POST) as $key) { $matches = array(); if (preg_match('#edit_(\\d+)_test#', $key, $matches) != 0) { $tid = $matches[1]; $delete = post_param_integer('edit_' . $tid . '_delete', 0); if ($delete == 1) { $GLOBALS['SITE_DB']->query_delete('tests', array('id' => $tid), '', 1); } else { $assigned_to = post_param_integer('edit_' . $tid . '_assigned_to'); if ($assigned_to == -1) { $assigned_to = NULL; } $inherit_section = post_param_integer('edit_' . $tid . '_inherit_section'); if ($inherit_section == -1) { $inherit_section = NULL; } $GLOBALS['SITE_DB']->query_update('tests', array('t_test' => post_param('edit_' . $tid . '_test'), 't_assigned_to' => $assigned_to, 't_enabled' => post_param_integer('edit_' . $tid . '_enabled', 0), 't_inherit_section' => $inherit_section), array('id' => $tid), '', 1); } } } // Show it worked / Refresh $url = build_url(array('page' => '_SELF', 'type' => 'go'), '_SELF'); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); } }
/** * The actualiser for managing the CEDI children of a page. * * @return tempcode The UI. */ function _edit_tree() { $_title = get_page_title('CEDI_EDIT_TREE'); $_id = get_param_cedi_chain('id'); $id = $_id[0]; if (!has_category_access(get_member(), 'seedy_page', strval($id))) { access_denied('CATEGORY_ACCESS'); } $childlinks = post_param('children'); $member = get_member(); check_specific_permission('seedy_manage_tree', array('seedy_page', $id)); $hide_posts = $GLOBALS['SITE_DB']->query_value('seedy_pages', 'hide_posts', array('id' => $id)); if (substr($childlinks, -1, 1) != "\n" && strlen($childlinks) > 0) { $childlinks .= "\n"; } $no_children = substr_count($childlinks, "\n"); if ($no_children > 300) { warn_exit(do_lang_tempcode('TOO_MANY_CEDI_CHILDREN')); } $start = 0; $GLOBALS['SITE_DB']->query_delete('seedy_children', array('parent_id' => $id)); require_code('seo2'); for ($i = 0; $i < $no_children; $i++) { $length = strpos($childlinks, chr(10), $start) - $start; $newlink = str_replace(chr(10), '', str_replace(chr(13), '', substr($childlinks, $start, $length))); if ($newlink != '') { // Find ID and title $q_pos = strpos($newlink, '!'); $child_id_on_start = $q_pos !== false && $q_pos > 0 && is_numeric(substr($newlink, 0, $q_pos)); if ($child_id_on_start) { $title = substr($newlink, $q_pos + 1); $child_id = intval(substr($newlink, 0, $q_pos)); $title_id = $GLOBALS['SITE_DB']->query_value_null_ok('seedy_pages', 'title', array('id' => $child_id)); if (is_null($title_id)) { continue; } if ($title == '') { $title = get_translated_text($title_id); } else { if (get_translated_text($title_id) != $title) { $GLOBALS['SITE_DB']->query_update('seedy_pages', array('title' => lang_remap($title_id, $title)), array('id' => $child_id), '', 1); } } } else { $title = $newlink; $child_id = cedi_add_page($title, '', '', $hide_posts); $admin_groups = $GLOBALS['FORUM_DRIVER']->get_super_admin_groups(); $groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, true); foreach (array_keys($groups) as $group_id) { if (in_array($group_id, $admin_groups)) { continue; } $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => 'seedy_page', 'category_name' => strval($child_id), 'group_id' => $group_id)); } } $GLOBALS['SITE_DB']->query_delete('seedy_children', array('parent_id' => $id, 'child_id' => $child_id), '', 1); // Just in case it was repeated $GLOBALS['SITE_DB']->query_insert('seedy_children', array('parent_id' => $id, 'child_id' => $child_id, 'the_order' => $i, 'title' => $title)); } $start = $start + $length + 1; } $GLOBALS['SITE_DB']->query_insert('seedy_changes', array('the_action' => 'CEDI_EDIT_TREE', 'the_page' => $id, 'date_and_time' => time(), 'ip' => get_ip_address(), 'the_user' => $member)); // Show it worked / Refresh $url = get_param('redirect'); return redirect_screen($_title, $url, do_lang_tempcode('SUCCESS')); }
/** * The actualiser to simple delete an orphan file. * * @return tempcode The UI */ function sd() { $cat = post_param('cat'); check_specific_permission('mass_import'); foreach ($_POST as $x => $file) { if (!is_string($file)) { continue; } if (substr($x, 0, 5) == 'file_') { $path = get_custom_file_base() . '/uploads/galleries/' . filter_naughty($file); @unlink($path) or intelligent_write_error($path); sync_file('uploads/galleries/' . $file); } } $title = get_page_title('DELETE_IMAGE'); // Show it worked / Refresh $url = build_url(array('page' => '_SELF', 'type' => '_gimp', 'name' => $cat), '_SELF'); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
/** * The actualiser to import news * * @return tempcode The UI */ function _import_news() { check_specific_permission('mass_import'); $title = get_page_title('IMPORT_NEWS'); require_code('rss'); require_code('news'); require_code('files'); $GLOBALS['LAX_COMCODE'] = true; disable_php_memory_limit(); $rss_url = post_param('rss_feed_url', NULL); require_code('uploads'); if (is_swf_upload(true) && array_key_exists('file_novalidate', $_FILES) || array_key_exists('file_novalidate', $_FILES) && is_uploaded_file($_FILES['file_novalidate']['tmp_name'])) { $rss_url = $_FILES['file_novalidate']['tmp_name']; } if (is_null($rss_url)) { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN')); } $is_validated = post_param_integer('auto_validate', 0); $download_images = post_param_integer('download_images', 0); $rss = new rss($rss_url, true); if (!is_null($rss->error)) { warn_exit($rss->error); } $submitter = get_member(); $NEWS_CATS = $GLOBALS['SITE_DB']->query_select('news_categories', array('*'), array('nc_owner' => NULL)); $NEWS_CATS = list_to_map('id', $NEWS_CATS); $extra_post_data = array(); foreach ($rss->gleamed_items as $i => $item) { if (!array_key_exists('category', $item)) { $item['category'] = do_lang('NC_general'); } $extra_post_data[] = $item; $cats_to_process = array($item['category']); if (array_key_exists('extra_categories', $item)) { $cats_to_process = array_merge($cats_to_process, $item['extra_categories']); } $cat_id = mixed(); $extra_categories = array(); foreach ($cats_to_process as $j => $cat) { $_cat_id = mixed(); foreach ($NEWS_CATS as $_cat => $news_cat) { if (get_translated_text($news_cat['nc_title']) == $cat) { $_cat_id = $_cat; } } if (is_null($_cat_id)) { $_cat_id = add_news_category($cat, 'newscats/general', '', NULL); // Need to reload now $NEWS_CATS = $GLOBALS['SITE_DB']->query_select('news_categories', array('*'), array('nc_owner' => NULL)); $NEWS_CATS = list_to_map('id', $NEWS_CATS); } if ($j == 0) { $cat_id = $_cat_id; } else { $extra_categories[] = $_cat_id; } } $rep_image = ''; if (array_key_exists('rep_image', $item)) { $rep_image = $item['rep_image']; if ($download_images == 1) { $stem = 'uploads/grepimages/' . basename(urldecode($rep_image)); $target_path = get_custom_file_base() . '/' . $stem; $rep_image = 'uploads/grepimages/' . basename($rep_image); while (file_exists($target_path)) { $uniqid = uniqid(''); $stem = 'uploads/grepimages/' . $uniqid . '_' . basename(urldecode($rep_image)); $target_path = get_custom_file_base() . '/' . $stem; $rep_image = 'uploads/grepimages/' . $uniqid . '_' . basename($rep_image); } $target_handle = fopen($target_path, 'wb') or intelligent_write_error($target_path); $result = http_download_file($item['rep_image'], NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $target_handle); fclose($target_handle); } } // Add news $ts = array_key_exists('clean_add_date', $item) ? $item['clean_add_date'] : (array_key_exists('add_date', $item) ? strtotime($item['add_date']) : time()); if ($ts === false) { $ts = time(); } // Seen in error email, it's if the add date won't parse by PHP $edit_date = array_key_exists('clean_edit_date', $item) ? $item['clean_edit_date'] : (array_key_exists('edit_date', $item) ? strtotime($item['edit_date']) : NULL); if ($edit_date === false) { $edit_date = NULL; } $news = array_key_exists('news', $item) ? html_to_comcode($item['news']) : ''; $news_article = array_key_exists('news_article', $item) ? html_to_comcode($item['news_article']) : ''; $news_id = add_news($item['title'], $news, array_key_exists('author', $item) ? $item['author'] : $GLOBALS['FORUM_DRIVER']->get_username(get_member()), $is_validated, 1, 1, 1, '', $news_article, $cat_id, $extra_categories, $ts, $submitter, 0, $edit_date, NULL, $rep_image); $rss->gleamed_items[$i]['import_id'] = $news_id; $rss->gleamed_items[$i]['import__news'] = $news; $rss->gleamed_items[$i]['import__news_article'] = $news_article; } foreach ($rss->gleamed_items as $i => $item) { $news = $item['import__news']; $news_article = $item['import__news_article']; $this->_grab_images_and_fix_links($download_images == 1, $news, $rss->gleamed_items); $this->_grab_images_and_fix_links($download_images == 1, $news_article, $rss->gleamed_items); lang_remap_comcode($GLOBALS['SITE_DB']->query_value('news', 'news', array('id' => $item['import_id'])), $news); lang_remap_comcode($GLOBALS['SITE_DB']->query_value('news', 'news_article', array('id' => $item['import_id'])), $news_article); } breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_NEWS')), array('_SELF:_SELF:import', do_lang_tempcode('IMPORT_NEWS')))); breadcrumb_set_self(do_lang_tempcode('DONE')); if (url_is_local($rss_url)) { // Means it is a temp file @unlink($rss_url); } return inform_screen($title, do_lang_tempcode('IMPORT_NEWS_DONE')); }
/** * The actualiser to delete some element from the post history. * * @return tempcode The UI */ function delete() { check_specific_permission('delete_content_history'); $title = get_page_title('POST_HISTORY'); $GLOBALS['FORUM_DB']->query_delete('f_post_history', array('id' => get_param_integer('h_id')), '', 1); $url = build_url(array('page' => '_SELF', 'type' => 'misc'), '_SELF', NULL, true); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }
/** * The actualiser to import ical for calendar * * @return tempcode The UI */ function _import_ical() { check_specific_permission('mass_import'); $title = get_page_title('IMPORT_ICAL'); require_code('calendar_ical'); $ical_url = post_param('ical_feed_url', NULL); require_code('uploads'); if (is_swf_upload(true) && array_key_exists('file_novalidate', $_FILES) || array_key_exists('file_novalidate', $_FILES) && is_uploaded_file($_FILES['file_novalidate']['tmp_name'])) { $ical_url = $_FILES['file_novalidate']['tmp_name']; } if (is_null($ical_url)) { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN')); } ical_import($ical_url); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_CALENDARS')), array('_SELF:_SELF:import', do_lang_tempcode('IMPORT_ICAL')))); breadcrumb_set_self(do_lang_tempcode('DONE')); return inform_screen($title, do_lang_tempcode('IMPORT_ICAL_DONE')); }
/** * The actualiser to add a reply. * * @return tempcode The UI */ function _add_reply() { if (addon_installed('captcha')) { require_code('captcha'); enforce_captcha(); } require_code('attachments2'); require_code('ocf_posts_action'); require_code('ocf_posts_action2'); $invited_members = array(); $topic_id = either_param_integer('topic_id', -1); // Posting into an existing topic? $forum_id = post_param_integer('forum_id', -1); // New topic in existing forum? (NB: -2 represents reported posts forum) $member_id = post_param_integer('member_id', -1); // Send TOPIC to specific member? Could be Private Topic (topic_id==-1, forum_id==-1), or personal post (topic_id!=-1, forum_id==-1) $parent_id = either_param_integer('parent_id', NULL); if ($member_id == -1) { $member_username = post_param('to_member_id_0', ''); if ($member_username != '') { $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($member_username); if (is_null($member_id)) { warn_exit(do_lang_tempcode('_USER_NO_EXIST', $member_username)); } } foreach ($_POST as $key => $_invited_member) { if (substr($key, 0, 13) != 'to_member_id_') { continue; } if ($key == 'to_member_id_0') { continue; } if ($_invited_member == '') { continue; } if (get_magic_quotes_gpc()) { $_invited_member = stripslashes($_invited_member); } $invited_member = $GLOBALS['FORUM_DRIVER']->get_member_from_username($_invited_member); if (is_null($invited_member)) { attach_message(do_lang_tempcode('_USER_NO_EXIST', $_invited_member), 'warn'); } else { $invited_members[] = intval($invited_member); } } } $validated = post_param_integer('validated', post_param_integer('_validated', 0)); $is_emphasised = post_param_integer('is_emphasised', 0); $skip_sig = post_param_integer('skip_sig', 0); $post = post_param('post'); $title = post_param('title', NULL); if (is_null($title)) { $title = ''; } $check_permissions = true; $add_poll = post_param_integer('add_poll', 0); $topic_validated = $validated; if ($validated == 1) { $topic_validated = 1 - $add_poll; } // If a topic is gonna have a poll added, it starts unvalidated. Adding the poll will validate it. $anonymous = post_param_integer('anonymous', 0); $poster_name_if_guest = post_param('poster_name_if_guest', NULL); if ($poster_name_if_guest == '') { $poster_name_if_guest = NULL; } if (!is_null($poster_name_if_guest)) { $poster_name_if_guest = trim($poster_name_if_guest); $restricted_usernames = explode(',', get_option('restricted_usernames')); $restricted_usernames[] = do_lang('UNKNOWN'); $restricted_usernames[] = do_lang('SYSTEM'); if (!is_null($GLOBALS['FORUM_DRIVER']->get_member_from_username($poster_name_if_guest))) { $restricted_usernames[] = $poster_name_if_guest; } foreach ($restricted_usernames as $_restricted_username) { $restricted_username = trim($_restricted_username); if ($restricted_username == '') { continue; } if ($poster_name_if_guest == $restricted_username) { $poster_name_if_guest = $poster_name_if_guest . ' (' . do_lang('GUEST') . ')'; break; } } } $new_topic = $topic_id == -1; if (!$new_topic) { $_intended_solely_for = post_param('intended_solely_for', ''); if ($_intended_solely_for == '') { $intended_solely_for = NULL; } else { $intended_solely_for = $GLOBALS['FORUM_DRIVER']->get_member_from_username($_intended_solely_for); if (is_null($intended_solely_for)) { warn_exit(do_lang_tempcode('_USER_NO_EXIST', $_intended_solely_for)); } } } else { $intended_solely_for = NULL; } require_code('ocf_topics_action'); require_code('ocf_topics_action2'); if ($new_topic) { ocf_check_post($post); if ($title == '') { warn_exit(do_lang_tempcode('NO_PARAMETER_SENT', 'title')); } $sunk = post_param_integer('sunk', 0); $topic_title = $title; if ($forum_id == -1) { require_code('ocf_members2'); if (!ocf_may_whisper($member_id)) { warn_exit(do_lang_tempcode('NO_PT_FROM_ALLOW')); } check_specific_permission('use_pt'); $topic_id = ocf_make_topic(NULL, post_param('description', ''), post_param('emoticon', ''), $topic_validated, post_param_integer('open', 0), post_param_integer('pinned', 0), $sunk, post_param_integer('cascading', 0), get_member(), $member_id); $_title = get_page_title('ADD_PERSONAL_TOPIC'); } elseif ($forum_id == -2) { $forum_id = $GLOBALS['FORUM_DRIVER']->forum_id_from_name(get_option('reported_posts_forum')); if (is_null($forum_id)) { warn_exit(do_lang_tempcode('NO_REPORTED_POST_FORUM')); } // See if post already reported... $topic_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_topics t LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts p ON p.id=t.t_cache_first_post_id', 't.id', array('p.p_title' => $title, 't.t_forum_id' => $forum_id)); if (!is_null($topic_id)) { // Already a topic } else { $topic_id = ocf_make_topic($forum_id, '', '', 1, 1, 0, 0, 0, NULL, NULL, false); } $_title = get_page_title('REPORT_POST'); $check_permissions = false; decache('main_staff_checklist'); } else { $topic_id = ocf_make_topic($forum_id, post_param('description', ''), post_param('emoticon', ''), $topic_validated, post_param_integer('open', 0), post_param_integer('pinned', 0), $sunk, post_param_integer('cascading', 0)); $_title = get_page_title('ADD_TOPIC'); if (addon_installed('awards')) { require_code('awards'); handle_award_setting('topic', strval($topic_id)); } } $first_post = true; require_code('fields'); if (has_tied_catalogue('topic')) { save_form_custom_fields('topic', strval($topic_id)); } } else { $_title = get_page_title('ADD_POST'); $first_post = false; $topic_info = $GLOBALS['FORUM_DB']->query_select('f_topics', array('t_cache_first_title', 't_sunk', 't_forum_id', 't_is_open', 't_description'), array('id' => $topic_id), '', 1); if (!array_key_exists(0, $topic_info)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $forum_id = $topic_info[0]['t_forum_id']; $topic_title = $topic_info[0]['t_cache_first_title']; $sunk = $topic_info[0]['t_sunk']; if ($topic_info[0]['t_is_open'] == 0) { $may_moderate_forum = ocf_may_moderate_forum($forum_id); if (!$may_moderate_forum) { warn_exit(do_lang_tempcode('TOPIC_IS_CLOSED')); } } // Moderator reply $new_title = post_param('new_title', NULL); if (!is_null($new_title) && !is_null($forum_id) && ocf_may_moderate_forum($forum_id, get_member())) { $cascading = post_param_integer('cascading', 0); $pinned = post_param_integer('pinned', 0); $sunk = post_param_integer('sunk', 0); $open = post_param_integer('open', 0); $topic_validated = post_param_integer('topic_validated', 0); $to = post_param_integer('to', NULL); $schedule = get_input_date('schedule'); if (!is_null($schedule) && addon_installed('calendar')) { $_intended_solely_for = is_null($intended_solely_for) ? 'NULL' : strval($intended_solely_for); $_postdetailser_name_if_guest = is_null($poster_name_if_guest) ? 'NULL' : '\'' . addslashes($poster_name_if_guest) . '\''; $_first_post = $first_post ? 'true' : 'false'; $__title = is_null($title) ? 'NULL' : '\'' . str_replace(chr(10), '\'.chr(10).\'', addslashes($title)) . '\''; $_postdetails = is_null($post) ? 'NULL' : '\'' . str_replace(chr(10), '\'.chr(10).\'', addslashes($post)) . '\''; $_new_title = is_null($new_title) ? 'NULL' : '\'' . str_replace(chr(10), '\'.chr(10).\'', addslashes($new_title)) . '\''; $schedule_code = <<<END :require_code('ocf_topics_action2'); require_code('ocf_topics_action'); ocf_edit_topic({$topic_id},NULL,NULL,{$validated},{$open},{$pinned},{$sunk},{$cascading},'',{$_new_title}); if (({$to}!={$forum_id}) && (!is_null({$to}))) ocf_move_topics({$forum_id},{$to},array({$topic_id})); \$post_id=ocf_make_post({$topic_id},{$__title},{$_postdetails},{$skip_sig},{$_first_post},{$validated},{$is_emphasised},{$_postdetailser_name_if_guest},NULL,NULL,NULL,{$_intended_solely_for},NULL,NULL,false,true,NULL,true,{$topic_title},{$sunk},NULL,{$anonymous}==1); if (addon_installed('awards')) { require_code('awards'); handle_award_setting('post',strval(\$post_id)); } END; require_code('calendar'); $start_year = post_param_integer('schedule_year'); $start_month = post_param_integer('schedule_month'); $start_day = post_param_integer('schedule_day'); $start_hour = post_param_integer('schedule_hour'); $start_minute = post_param_integer('schedule_minute'); require_code('calendar2'); $event_id = add_calendar_event(db_get_first_id(), '', NULL, 0, do_lang('ADD_POST'), $schedule_code, 3, 0, $start_year, $start_month, $start_day, $start_hour, $start_minute); regenerate_event_reminder_jobs($event_id); $text = do_lang_tempcode('SUCCESS'); $map = array('page' => 'topicview', 'id' => $topic_id, 'type' => 'first_unread'); $test = get_param_integer('kfs' . (is_null($forum_id) ? '' : strval($forum_id)), -1); if ($test != -1 && $test != 0) { $map['kfs' . (is_null($forum_id) ? '' : strval($forum_id))] = $test; } $test = get_param_integer('threaded', -1); if ($test != -1) { $map['threaded'] = $test; } $_url = build_url($map, get_module_zone('topicview')); $url = $_url->evaluate(); $url .= '#first_unread'; $url = get_param('redirect', $url); return redirect_screen($_title, $url, $text); } ocf_edit_topic($topic_id, NULL, NULL, $topic_validated, $open, $pinned, $sunk, $cascading, '', $new_title == '' ? NULL : $new_title); if ($to != $forum_id && !is_null($to)) { ocf_move_topics($forum_id, $to, array($topic_id)); } } } $post_id = ocf_make_post($topic_id, $title, $post, $skip_sig, $first_post, $validated, $is_emphasised, $poster_name_if_guest, NULL, NULL, NULL, $intended_solely_for, NULL, NULL, $check_permissions, true, NULL, true, $topic_title, $sunk, NULL, $anonymous == 1, $forum_id == -1 || is_null($forum_id), $forum_id == -1 || is_null($forum_id), false, $parent_id); if (addon_installed('awards')) { require_code('awards'); handle_award_setting('post', strval($post_id)); } if (!is_null($forum_id) && $anonymous == 0 && $intended_solely_for === NULL) { if (has_actual_page_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), 'forumview') && has_category_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), 'forums', strval($forum_id))) { syndicate_described_activity($first_post ? 'ocf:ACTIVITY_ADD_TOPIC' : 'ocf:ACTIVITY_ADD_POST_IN', $first_post ? $title : $topic_title, '', '', '_SEARCH:topicview:misc:' . strval($topic_id) . '#post_' . strval($post_id), '', '', 'ocf_forum'); } } require_code('fields'); if (has_tied_catalogue('post')) { save_form_custom_fields('post', strval($post_id)); } $validated = $GLOBALS['FORUM_DB']->query_value('f_posts', 'p_validated', array('id' => $post_id)); $rep_post_id = post_param_integer('o_post_id', -1); if ($rep_post_id != -1) { $map = array('page' => 'topicview', 'id' => $rep_post_id, 'type' => 'findpost'); $_url = build_url($map, get_module_zone('topicview')); $url = $_url->evaluate(); $url .= '#post_' . strval($rep_post_id); } else { $map = array('page' => 'topicview', 'id' => $post_id, 'type' => 'findpost'); $test = get_param_integer('kfs' . (is_null($forum_id) ? '' : strval($forum_id)), -1); if ($test != -1 && $test != 0) { $map['kfs' . (is_null($forum_id) ? '' : strval($forum_id))] = $test; } $test = get_param_integer('threaded', -1); if ($test != -1) { $map['threaded'] = $test; } $_url = build_url($map, get_module_zone('topicview')); $url = $_url->evaluate(); if ($validated != 0) { $url .= '#post_' . strval($post_id); } } if ($forum_id >= 0) { $topic_validated = $GLOBALS['FORUM_DB']->query_value('f_topics', 't_validated', array('id' => $topic_id)); if ($topic_validated == 0 && !has_specific_permission(get_member(), 'jump_to_unvalidated')) { $map = array('page' => 'forumview', 'id' => $forum_id); $test = get_param_integer('kfs' . (is_null($forum_id) ? '' : strval($forum_id)), -1); if ($test != -1 && $test != 0) { $map['kfs' . (is_null($forum_id) ? '' : strval($forum_id))] = $test; } $test = get_param_integer('threaded', -1); if ($test != -1) { $map['threaded'] = $test; } $_url = build_url($map, get_module_zone('forumview')); $url = $_url->evaluate(); } } if ($new_topic && $forum_id == -1) { require_code('notifications'); enable_notifications('ocf_topic', strval($topic_id), get_member()); // from enable_notifications('ocf_topic', strval($topic_id), $member_id); // to foreach ($invited_members as $invited_member) { enable_notifications('ocf_topic', strval($topic_id), $invited_member); ocf_invite_to_pt($invited_member, $topic_id); } } if ($anonymous == 1) { log_it('MAKE_ANONYMOUS_POST', strval($post_id), $title); } if (addon_installed('awards')) { require_code('awards'); handle_award_setting('post', strval($post_id)); } if ($forum_id == -1 && $member_id != -1) { send_pt_notification($post_id, $title, $topic_id, $member_id, NULL, $post); } if ($add_poll == 1) { if (post_param_integer('add_poll', 0) == 1) { // Show it worked / Refresh $_url = build_url(array('page' => '_SELF', 'type' => 'add_poll', 'id' => $topic_id, 'try_validate' => 1), '_SELF'); return redirect_screen($_title, $_url, do_lang_tempcode('SUCCESS')); } } if (!$new_topic && $forum_id != -1 && $member_id == -1) { handle_topic_ticket_reply($forum_id, $topic_id, $topic_title, $post); } $text = $validated == 1 ? do_lang_tempcode('SUCCESS') : do_lang_tempcode('SUBMIT_UNVALIDATED'); require_code('autosave'); clear_ocp_autosave(); // Show it worked / Refresh $url = get_param('redirect', $url); return redirect_screen($_title, $url, $text); }
/** * Create an entry-id=>value map of uploaded csv data and it's importing * * @param ID_TEXT The name of the catalogue that was used * @param array Data array of CSV imported file's lines * @param ?AUTO_LINK Catalogue root ID (NULL: Not a tree catalogue) * @param array Array of catalogue fields * @param array Array of categories * @param array Array of csv field titles */ function import_csv_lines($catalogue_name, $csv_data, $catalog_root, $fields, &$categories, $csv_field_titles) { $map = array(); $match_flag = false; check_specific_permission('mass_import'); $curr_cat = array_key_exists('CATEGORY', $csv_field_titles) ? $csv_data[$csv_field_titles['CATEGORY']] : ''; if ($curr_cat == '') { //Checks the general category exists or not if (array_key_exists($catalogue_name, $categories)) { $catid = $categories[$catalogue_name]; } else { $catalog_title = $GLOBALS['SITE_DB']->query_value_null_ok('catalogues', 'c_title', array('c_name' => $catalogue_name)); $catid = actual_add_catalogue_category($catalogue_name, $catalog_title, $catalog_title, $catalog_title, $catalog_root, ''); $categories = array_merge(array($catalogue_name => $catid), $categories); } } elseif (array_key_exists($curr_cat, $categories)) { $catid = $categories[$curr_cat]; } else { $catid = actual_add_catalogue_category($catalogue_name, $curr_cat, $curr_cat, $curr_cat, $catalog_root, ''); $categories = array_merge(array($curr_cat => $catid), $categories); if (get_value('disable_cat_cat_perms') !== '1') { $this->set_permissions(strval($catid)); } } foreach ($fields as $field) { $field_name = get_translated_text($field['cf_name']); if (array_key_exists($field_name, $csv_field_titles)) { if (!array_key_exists($csv_field_titles[$field_name], $csv_data)) { $csv_data[$csv_field_titles[$field_name]] = ''; } // Not set for this particular row, even though column exists in the CSV $value = trim($csv_data[$csv_field_titles[$field_name]]); if ($field['cf_type'] == 'picture' || $field['cf_type'] == 'video') { if (preg_replace('#\\..*$#', '', $value) == 'Noimage') { $value = ''; } if ($value != '') { if (strpos($value, '\\') === false && strpos($value, '/') === false) { $value = 'uploads/catalogues/' . rawurlencode($value); } } } else { if (strip_tags($value) != $value && strpos($value, '[html') === false && strpos($value, '[semihtml') === false) { $value = '[html]' . $value . '[/html]'; } } $map[$field['id']] = $value; $match_flag = true; // to check matching of csv and db fields } else { $map[$field['id']] = $field['cf_default']; } } if ($match_flag) { $id = actual_add_catalogue_entry($catid, 1, '', 1, 1, 1, $map); } else { warn_exit(do_lang_tempcode('FIELDS_UNMATCH')); } }
/** * The actualiser for unbanning a chatter. * * @return tempcode The UI. */ function chat_unban() { $title = get_page_title('CHAT_UNBAN'); $id = get_param_integer('id'); $room_details = $GLOBALS['SITE_DB']->query_select('chat_rooms', array('*'), array('id' => $id), '', 1); if (!array_key_exists(0, $room_details)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $row = $room_details[0]; $has_mod_access = has_specific_permission(get_member(), 'edit_lowrange_content', 'cms_chat', array('chat', $id)) || $row['room_owner'] == get_member() && has_specific_permission(get_member(), 'moderate_my_private_rooms'); if (!$has_mod_access) { access_denied('SPECIFIC_PERMISSION', 'edit_lowrange_content'); } check_specific_permission('ban_chatters_from_rooms'); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('CHOOSE')), array('_SELF:_SELF:room:id=' . strval($id), do_lang_tempcode('CHAT_MOD_PANEL')))); $member_id = post_param_integer('member_id', NULL); if (is_null($member_id)) { $member_id = get_param_integer('member_id'); $confirm_needed = true; } else { $confirm_needed = false; } $username = $GLOBALS['FORUM_DRIVER']->get_username($member_id); if (is_null($username)) { $username = do_lang('UNKNOWN'); } if ($confirm_needed) { $hidden = form_input_hidden('member_id', strval($member_id)); return do_template('YESNO_SCREEN', array('TITLE' => $title, 'TEXT' => do_lang_tempcode('Q_SURE_UNBAN', escape_html($username)), 'URL' => get_self_url(), 'HIDDEN' => $hidden)); } chatroom_unban_to($member_id, $id); return inform_screen($title, do_lang_tempcode('SUCCESS')); }
/** * Get tempcode for a Comcode tag. This function should always return (errors should be placed in the Comcode output stream), for stability reasons (i.e. if you're submitting something, you can't have the whole submit process die half way through in an unstructured fashion). * * @param string The tag being converted * @param array A map of the attributes (name=>val) for the tag. Val is usually a string, although in select places, the XML parser may pass tempcode. * @param mixed Tempcode of the inside of the tag ([between]THIS[/between]); the XML parser may pass in special stuff here, which is interpreted only for select tags * @param boolean Whether we are allowed to proceed even if this tag is marked as 'dangerous' * @param string A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post) * @param integer The position this tag occurred at in the Comcode * @param MEMBER The member who is responsible for this Comcode * @param boolean Whether to check as arbitrary admin * @param object The database connection to use * @param string The whole chunk of comcode * @param boolean Whether this is for WML output * @param boolean Whether this is only a structure sweep * @param boolean Whether we are in semi-parse-mode (some tags might convert differently) * @param ?array A list of words to highlight (NULL: none) * @param ?MEMBER The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating) * @param boolean Whether what we have came from inside a semihtml tag * @param boolean Whether what we have came from semihtml mode * @return tempcode The tempcode for the Comcode */ function _do_tags_comcode($tag, $attributes, $embed, $comcode_dangerous, $pass_id, $marker, $source_member, $as_admin, $connection, &$comcode, $wml, $structure_sweep, $semiparse_mode, $highlight_bits = NULL, $on_behalf_of_member = NULL, $in_semihtml = false, $is_all_semihtml = false) { if ($structure_sweep && $tag != 'title') { return new ocp_tempcode(); } $param_given = isset($attributes['param']); if (!isset($attributes['param']) && $tag != 'block') { $attributes['param'] = ''; } global $DANGEROUS_TAGS, $STRUCTURE_LIST, $COMCODE_PARSE_TITLE; if (isset($DANGEROUS_TAGS[$tag]) && !$comcode_dangerous) { $username = $GLOBALS['FORUM_DRIVER']->get_username($source_member); if (is_null($username)) { $username = do_lang('UNKNOWN'); } if ($semiparse_mode) { $params = ''; foreach ($attributes as $key => $val) { $params .= ' ' . $key . '="' . comcode_escape($val) . '"'; } return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />'); } return do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:NO_ACCESS_FOR_TAG', escape_html($tag), escape_html($username)))); //return new ocp_tempcode(); } // These are just bbcode compatibility tags.. we will remap to our proper comcode if ($tag == 'php') { $attributes['param'] = 'php'; $tag = 'code'; } elseif ($tag == 'sql') { $attributes['param'] = 'sql'; $tag = 'code'; } elseif ($tag == 'codebox') { $attributes['scroll'] = '1'; $tag = 'code'; } elseif ($tag == 'left') { $attributes['param'] = 'left'; $tag = 'align'; } elseif ($tag == 'center') { $attributes['param'] = 'center'; $tag = 'align'; } elseif ($tag == 'right') { $attributes['param'] = 'right'; $tag = 'align'; } elseif ($tag == 'thread') { $tag = 'topic'; } elseif ($tag == 'internal_table' || $tag == 'external_table') { $tag = 'box'; if (array_key_exists('class', $attributes)) { $attributes['type'] = $attributes['class']; } } if ($semiparse_mode) { $non_text_tags = array('attachment', 'section_controller', 'big_tab_controller', 'currency', 'block', 'contents', 'concepts', 'flash', 'menu', 'email', 'reference', 'upload', 'page', 'exp_thumb', 'exp_ref', 'thumb', 'snapback', 'post', 'thread', 'topic', 'include', 'random', 'jumping', 'shocker'); // Also in JAVASCRIPT_EDITING.tpl if ($tag == 'attachment_safe') { if (preg_match('#^new\\_\\d+$#', $embed->evaluate()) != 0) { $non_text_tags[] = 'attachment_safe'; } } if (in_array($tag, $non_text_tags)) { $params = ''; foreach ($attributes as $key => $val) { $params .= ' ' . $key . '="' . str_replace('"', '\\"', $val) . '"'; } if ($tag != 'block' || !is_file(get_file_base() . '/sources_custom/miniblocks/' . $embed->evaluate() . '.php')) { return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('comcode:COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('comcode:COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />'); } else { return make_string_tempcode('[block' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? $embed->evaluate() : escape_html($embed->evaluate())) . '[/block]'); } } } $temp_tpl = new ocp_tempcode(); switch ($tag) { case 'no_parse': $temp_tpl->attach($embed); break; case 'currency': if (addon_installed('ecommerce')) { $bracket = array_key_exists('bracket', $attributes) && $attributes['bracket'] == '1'; if ($attributes['param'] == '') { $attributes['param'] = get_option('currency'); } $temp_tpl = do_template('COMCODE_CURRENCY', array('_GUID' => 'ee1fcdae082af6397ff3bad89006e012', 'AMOUNT' => $embed, 'FROM_CURRENCY' => $attributes['param'], 'BRACKET' => $bracket)); } break; case 'overlay': $x = strval(array_key_exists('x', $attributes) ? intval($attributes['x']) : 100); $y = strval(array_key_exists('y', $attributes) ? intval($attributes['y']) : 100); $width = strval(array_key_exists('width', $attributes) ? intval($attributes['width']) : 300); $height = strval(array_key_exists('height', $attributes) ? intval($attributes['height']) : 300); $timein = strval(array_key_exists('timein', $attributes) ? intval($attributes['timein']) : 0); $timeout = strval(array_key_exists('timeout', $attributes) ? intval($attributes['timeout']) : -1); $temp_tpl = do_template('COMCODE_OVERLAY', array('_GUID' => 'dfd0f7a72cc2bf6b613b28f8165a0034', 'UNIQ_ID' => 'a' . uniqid('', true), 'EMBED' => $embed, 'ID' => $attributes['param'] != '' ? $attributes['param'] : 'rand' . uniqid('', true), 'X' => $x, 'Y' => $y, 'WIDTH' => $width, 'HEIGHT' => $height, 'TIMEIN' => $timein, 'TIMEOUT' => $timeout)); break; case 'code': if ($wml) { $temp_tpl->attach('<b>'); $temp_tpl->attach($embed); $temp_tpl->attach('</b>'); break; } list($_embed, $title) = do_code_box($attributes['param'], $embed, array_key_exists('numbers', $attributes) && $attributes['numbers'] == '1', $in_semihtml, $is_all_semihtml); if (!is_null($_embed)) { $tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE'; if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) { $style = 'height: auto'; } else { $style = ''; } $temp_tpl = do_template($tpl, array('_GUID' => 'c5d46d0927272fcacbbabcfab0ef6b0c', 'STYLE' => $style, 'TYPE' => $attributes['param'], 'CONTENT' => $_embed, 'TITLE' => $title)); } else { $_embed = ''; } if ($temp_tpl->is_empty()) { if ($in_semihtml || $is_all_semihtml) { require_code('comcode_from_html'); $back_to_comcode = semihtml_to_comcode($embed->evaluate()); // Undo what's happened already //$back_to_comcode=html_entity_decode($back_to_comcode,ENT_QUOTES,get_charset()); // Remove the escaping entities that were inside the code tag $embed = comcode_to_tempcode($back_to_comcode, $source_member, $as_admin, 80, $pass_id, $connection); // Re-parse (with full security) } $_embed = $embed->evaluate(); if (!array_key_exists('scroll', $attributes) && strlen($_embed) > 1000) { $attributes['scroll'] = '1'; } $tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE'; $title = do_lang_tempcode('CODE'); if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) { $style = 'height: auto'; } else { $style = ''; } $temp_tpl = do_template($tpl, array('CONTENT' => $_embed, 'TITLE' => $title, 'STYLE' => $style, 'TYPE' => $attributes['param'])); } break; case 'list': if (is_array($embed)) { $parts = $embed; } else { $_embed = trim($embed->evaluate()); $_embed = str_replace('[/*]', '', $_embed); $parts = explode('[*]', $_embed); } if (isset($temp_tpl->preprocessable_bits)) { $temp_tpl->preprocessable_bits = array_merge($temp_tpl->preprocessable_bits, $embed->preprocessable_bits); } if ($wml) { foreach ($parts as $i => $part) { if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') { continue; } $temp_tpl->attach('<br />* '); $temp_tpl->attach($part); } $temp_tpl->attach('<br />* '); break; } $type = $attributes['param']; if ($type != '') { if ($type == '1') { $type = 'decimal'; } elseif ($type == 'a') { $type = 'lower-alpha'; } elseif ($type == 'i') { $type = 'lower-roman'; } elseif ($type == 'x') { $type = 'none'; } elseif (!in_array($type, array('circle', 'disc', 'square', 'armenian', 'decimal', 'decimal-leading-zero', 'georgian', 'lower-alpha', 'lower-greek', 'lower-latin', 'lower-roman', 'upper-alpha', 'upper-latin', 'upper-roman'))) { $type = 'disc'; } $tag = in_array($type, array('circle', 'disc', 'square')) ? 'ul' : 'ol'; $temp_tpl->attach('<' . $tag . ' style="list-style-type: ' . $type . '">'); foreach ($parts as $i => $part) { if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') { continue; } $temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\ |\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\ |\\s)*#D', '', $part)) . '</li>'); } $temp_tpl->attach('</' . $tag . '>'); } else { $temp_tpl->attach('<ul>'); foreach ($parts as $i => $part) { if ($i == 0 && str_replace(array(' ', '<br />', ' '), array('', '', ''), trim($part)) == '') { continue; } $temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\ |\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\ |\\s)*#D', '', $part)) . '</li>'); } $temp_tpl->attach('</ul>'); } break; case 'snapback': require_lang('ocf'); $post_id = intval($embed->evaluate()); $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']); $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : ''; $temp_tpl = do_template('COMCODE_SNAPBACK', array('URL' => $GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), 'TITLE' => $s_title)); break; case 'post': require_lang('ocf'); $post_id = intval($embed->evaluate()); $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']); $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : ''; $temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), $s_title)); break; case 'topic': require_lang('ocf'); $topic_id = intval($embed->evaluate()); $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_TOPIC_NUMBERED', integer_format($topic_id)) : make_string_tempcode($attributes['param']); $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : ''; $temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->topic_url($topic_id, $forum), $s_title)); break; case 'staff_note': $temp_tpl = new ocp_tempcode(); return $temp_tpl; case 'section': if ($wml) { $temp_tpl = $embed; break; } $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'section' . strval(mt_rand(0, 100)); $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0'; $temp_tpl = do_template('COMCODE_SECTION', array('_GUID' => 'a902962ccdc80046c999d6fed907d105', 'PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed)); break; case 'section_controller': if ($wml) { break; } $sections = explode(',', $embed->evaluate()); $temp_tpl = do_template('COMCODE_SECTION_CONTROLLER', array('_GUID' => '133bf24892e9e3ec2a01146d6ec418fe', 'SECTIONS' => $sections, 'PASS_ID' => 'x' . $pass_id)); break; case 'big_tab': if ($wml) { $temp_tpl = $embed; break; } $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'big_tab' . strval(mt_rand(0, 100)); $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0'; $temp_tpl = do_template('COMCODE_BIG_TABS_TAB', array('PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed)); break; case 'big_tab_controller': if ($wml) { break; } $tabs = explode(',', $embed->evaluate()); if (!array_key_exists('switch_time', $attributes)) { $attributes['switch_time'] = '6000'; } $temp_tpl = do_template('COMCODE_BIG_TABS_CONTROLLER', array('SWITCH_TIME' => $attributes['switch_time'], 'TABS' => $tabs, 'PASS_ID' => 'x' . $pass_id)); break; case 'tab': if ($wml) { $temp_tpl = $embed; break; } $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0'; $temp_tpl = do_template('COMCODE_TAB_BODY', array('DEFAULT' => $default == '1', 'TITLE' => trim($attributes['param']), 'CONTENT' => $embed)); break; case 'tabs': if ($wml) { break; } $heads = new ocp_tempcode(); $tabs = explode(',', $attributes['param']); foreach ($tabs as $i => $tab) { $heads->attach(do_template('COMCODE_TAB_HEAD', array('TITLE' => trim($tab), 'FIRST' => $i == 0, 'LAST' => !array_key_exists($i + 1, $tabs)))); } $temp_tpl = do_template('COMCODE_TAB_CONTROLLER', array('HEADS' => $heads, 'CONTENT' => $embed)); break; case 'carousel': if ($attributes['param'] == '') { $attributes['param'] = '40'; } $temp_tpl = do_template('COMCODE_CAROUSEL', array('CONTENT' => $embed, 'SCROLL_AMOUNT' => $attributes['param'])); break; case 'menu': if ($wml) { break; } $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'mnu' . strval(mt_rand(0, 100)); $type = array_key_exists('type', $attributes) ? $attributes['type'] : 'tree'; require_code('menus'); require_code('menus_comcode'); $temp_tpl = build_comcode_menu($embed->evaluate(), $name, $source_member, $type); break; case 'if_in_group': $groups = ''; $_groups = explode(',', $attributes['param']); $all_groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(); foreach ($_groups as $group) { $find = array_search($group, $all_groups); if ($find === false) { if ($groups != '') { $groups .= ','; } $groups .= $group; } else { if ($groups != '') { $groups .= ','; } $groups .= strval($find); } } $temp_tpl = do_template('COMCODE_IF_IN_GROUP', array('_GUID' => '761a7cc07f7b4b68508d68ce19b87d2c', 'TYPE' => array_key_exists('type', $attributes) ? $attributes['type'] : '', 'CONTENT' => $embed, 'GROUPS' => $groups)); break; case 'acronym': case 'abbr': $temp_tpl = do_template('COMCODE_ABBR', array('_GUID' => 'acbc4f991dsf03f81b61919b74ac24c91', 'CONTENT' => $embed, 'TITLE' => $attributes['param'])); break; case 'address': $temp_tpl = do_template('COMCODE_ADDRESS', array('_GUID' => 'acbcsdf9910703f81b61919b74ac24c91', 'CONTENT' => $embed)); break; case 'dfn': $temp_tpl = do_template('COMCODE_DFN', array('_GUID' => 'acbc4f9910703f81b61sf19b74ac24c91', 'CONTENT' => $embed)); break; case 'pulse': $min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF'; $max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044'; if (substr($min_color, 0, 1) == '#') { $min_color = substr($min_color, 1); } if (substr($max_color, 0, 1) == '#') { $max_color = substr($max_color, 1); } $speed = $attributes['param'] == '' ? 100 : intval($attributes['param']); $temp_tpl = do_template('COMCODE_PULSE', array('_GUID' => 'adsd4f9910sfd03f81b61919b74ac24c91', 'RAND_ID' => uniqid('', true), 'CONTENT' => $embed, 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'SPEED' => strval($speed))); break; case 'del': $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL; if (!is_null($cite)) { $temp_tpl = test_url($cite, 'del', $cite, $source_member); } $datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL; $temp_tpl->attach(do_template('COMCODE_DEL', array('_GUID' => 'acsd4f9910sfd03f81b61919b74ac24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime))); break; case 'ins': $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL; if (!is_null($cite)) { $temp_tpl = test_url($cite, 'ins', $cite, $source_member); if (!$temp_tpl->is_empty()) { break; } } $datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL; $temp_tpl->attach(do_template('COMCODE_INS', array('_GUID' => 'asss4f9910703f81b61919bsfc24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime))); break; case 'cite': $temp_tpl = do_template('COMCODE_CITE', array('_GUID' => 'acbcsf910703f81b61919b74ac24c91', 'CONTENT' => $embed)); break; case 'b': if ($semiparse_mode) { $temp_tpl = make_string_tempcode('<b>' . $embed->evaluate() . '</b>'); break; } $temp_tpl = do_template('COMCODE_BOLD', array('_GUID' => 'acbc4fds910703f81b619sf74ac24c91', 'CONTENT' => $embed)); break; case 'align': if ($wml) { $temp_tpl = $embed; break; } $align = array_key_exists('param', $attributes) ? $attributes['param'] : 'left'; $temp_tpl = do_template('COMCODE_ALIGN', array('_GUID' => '950b4d9db12cac6bf536860bedd96a36', 'ALIGN' => $align, 'CONTENT' => $embed)); break; case 'indent': if ($wml) { $temp_tpl = $embed; break; } $indent = array_key_exists('param', $attributes) ? $attributes['param'] : '10'; if (!is_numeric($indent)) { $indent = '10'; } $temp_tpl = do_template('COMCODE_INDENT', array('_GUID' => 'd8e69fa17eebd5312e3ad5788e3a1343', 'INDENT' => $indent, 'CONTENT' => $embed)); break; case 'surround': if ($wml) { $temp_tpl = $embed; break; } if ($semiparse_mode && $embed->evaluate() == '') { $temp_tpl = make_string_tempcode('<kbd class="ocp_keep" title="no_parse">[surround="' . comcode_escape(array_key_exists('param', $attributes) ? $attributes['param'] : 'float_surrounder') . '"]' . $embed->evaluate() . '[/surround]</kbd>'); break; } $class = array_key_exists('param', $attributes) && $attributes['param'] != '' ? $attributes['param'] : 'float_surrounder'; $temp_tpl = do_template('COMCODE_SURROUND', array('_GUID' => 'e8e69fa17eebd5312e3ad5788e3a1343', 'CLASS' => $class, 'CONTENT' => $embed)); break; case 'i': if ($semiparse_mode) { $temp_tpl = make_string_tempcode('<i>' . $embed->evaluate() . '</i>'); break; } $temp_tpl = do_template('COMCODE_ITALICS', array('_GUID' => '4321a1fe3825418e57a29410183c0c60', 'CONTENT' => $embed)); break; case 'u': if ($semiparse_mode) { $temp_tpl = make_string_tempcode('<u>' . $embed->evaluate() . '</u>'); break; } $temp_tpl = do_template('COMCODE_UNDERLINE', array('_GUID' => '69cc8e73b17f9e6a35eb1af2bd1dc6ab', 'CONTENT' => $embed)); break; case 's': if ($wml) { $temp_tpl = $embed; break; } if ($semiparse_mode) { $temp_tpl = make_string_tempcode('<strike>' . $embed->evaluate() . '</strike>'); break; } $temp_tpl = do_template('COMCODE_STRIKE', array('_GUID' => 'ed242591cefd365497cc0c63abbb11a9', 'CONTENT' => $embed)); break; case 'tooltip': $param = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); if ($wml) { $temp_tpl->attach($embed); $temp_tpl->attach('[ '); $temp_tpl->attach($param); $temp_tpl->attach(' ]'); break; } $temp_tpl = do_template('COMCODE_TOOLTIP', array('_GUID' => 'c9f4793dc0c1a92cd7d08ae1b87c2308', 'URL' => array_key_exists('url', $attributes) ? $attributes['url'] : '', 'TOOLTIP' => $param, 'CONTENT' => $embed)); break; case 'sup': if ($wml) { $temp_tpl->attach('^'); $temp_tpl->attach($embed); break; } $temp_tpl = do_template('COMCODE_SUP', array('_GUID' => '74d2ecfe193dacb6d922bc288828196a', 'CONTENT' => $embed)); break; case 'sub': if ($wml) { $temp_tpl->attach('{'); $temp_tpl->attach($embed); $temp_tpl->attach('}'); break; } $temp_tpl = do_template('COMCODE_SUB', array('_GUID' => '515e310e00a6d7c30f7dca0a5956ebcf', 'CONTENT' => $embed)); break; case 'title': if ($semiparse_mode && strpos($comcode, '[contents') !== false) { $temp_tpl = make_string_tempcode('[title' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/title]'); break; } $level = $attributes['param'] != '' ? intval($attributes['param']) : 1; if ($level == 0) { $level = 1; } // Stop crazy Comcode causing stack errors with the toc $uniq_id = strval(count($STRUCTURE_LIST)); $STRUCTURE_LIST[] = array($level, $embed, $uniq_id); if ($level == 1) { $template = 'SCREEN_TITLE'; } elseif ($level == 2) { $template = 'COMCODE_SECTION_TITLE'; } elseif ($level == 3) { $template = 'COMCODE_MINOR_TITLE'; } elseif ($level == 4) { $template = 'COMCODE_VERY_MINOR_TITLE'; } else { $template = 'COMCODE_VERY_MINOR_TITLE'; } if ($level == 1) { if (is_null($COMCODE_PARSE_TITLE)) { $COMCODE_PARSE_TITLE = $embed->evaluate(); if (is_object($COMCODE_PARSE_TITLE)) { $COMCODE_PARSE_TITLE = $COMCODE_PARSE_TITLE->evaluate(); } } } $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 2; if (array_key_exists('number', $attributes) && $level >= $base) { $list_types = $attributes['number'] == '' ? array() : explode(',', $attributes['number']); $list_types = array_merge($list_types, array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc')); $numerals = array('i', 'ii', 'iii', 'iv', 'v', 'vi', 'viii', 'ix', 'x', 'xi', 'xii', 'xiii', 'xiv', 'xv', 'xvi', 'xvii', 'xviii', 'xix', 'xx'); $symbol_lookup = array('decimal' => range(1, 100), 'lower-alpha' => range('a', 'z'), 'lower-roman' => $numerals, 'upper-alpha' => range('A', 'Z'), 'upper-roman' => str_replace('i', 'I', str_replace('v', 'V', str_replace('x', 'X', $numerals)))); $level_text = ''; $list_pos = count($STRUCTURE_LIST) - 2; for ($j = $level; $j >= $base; $j--) { $num_before = 0; for ($i = $list_pos; $i >= 0; $i--) { $list_pos--; if ($STRUCTURE_LIST[$i][0] == $j - 1) { break; } if ($STRUCTURE_LIST[$i][0] == $j) { $num_before++; } } $level_number = @strval($symbol_lookup[$list_types[$j - $base]][$num_before]); $level_text = $level_number . ($level_text != '' ? '.' : '') . $level_text; } $old_embed = $embed; $embed = make_string_tempcode($level_text . ' – '); $embed->attach($old_embed); } if ($wml) { if ($level == 1) { $temp_tpl->attach('<br /><p><big><u><b>'); $temp_tpl->attach($embed); $temp_tpl->attach('</b></u></big></p><br />'); } elseif ($level == 2) { $temp_tpl->attach('<br /><p><big><u>'); $temp_tpl->attach($embed); $temp_tpl->attach('</u></big></p><br />'); } elseif ($level == 3) { $temp_tpl->attach('<br /><p><big>'); $temp_tpl->attach($embed); $temp_tpl->attach('</big></p><br />'); } elseif ($level == 4) { $temp_tpl->attach('<br /><p>'); $temp_tpl->attach($embed); $temp_tpl->attach('</p><br />'); } break; } if ($semiparse_mode) { $temp_tpl = make_string_tempcode('<h' . strval($level) . ($level == 1 ? ' class="main_page_title"' : '') . '><span class="inner">' . $embed->evaluate() . '</span></h' . strval($level) . '>'); break; } $tpl_map = array('ID' => substr($pass_id, 0, 5) == 'panel' ? NULL : $uniq_id, 'TITLE' => $embed, 'HELP_URL' => '', 'HELP_TERM' => ''); if (array_key_exists('sub', $attributes)) { $tpl_map['SUB'] = protect_from_escaping(comcode_to_tempcode($attributes['sub'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member)); } $temp_tpl = do_template($template, $tpl_map); break; case 'attachment': case 'attachment2': // legacy // legacy case 'attachment_safe': if ($wml) { break; } require_code('attachments'); if (is_null($on_behalf_of_member)) { $on_behalf_of_member = $source_member; } $id = $embed->evaluate(); global $COMCODE_ATTACHMENTS; if (!is_numeric($id) && !$as_admin && !has_specific_permission($source_member, 'exceed_filesize_limit')) { // We work all this out before we do any downloads, to make sure orphaned files aren't dumped on the file system (possible hack method) if (get_forum_type() == 'ocf') { require_lang('ocf'); require_code('ocf_groups'); $daily_quota = ocf_get_member_best_group_property($source_member, 'max_daily_upload_mb'); } else { $daily_quota = 5; // 5 is a hard coded default for non-OCF forums } if (!is_null($daily_quota)) { $_size_uploaded_today = $connection->query('SELECT SUM(a_file_size) AS the_answer FROM ' . $connection->get_table_prefix() . 'attachments WHERE a_member_id=' . strval((int) $source_member) . ' AND a_add_time>' . strval(time() - 60 * 60 * 24)); if (is_null($_size_uploaded_today[0]['the_answer'])) { $_size_uploaded_today[0]['the_answer'] = 0; } $size_uploaded_today = ceil((double) $_size_uploaded_today[0]['the_answer'] / 1024.0 / 1024.0); $attach_size = 0; require_code('uploads'); is_swf_upload(true); foreach ($_FILES as $_file) { $attach_size += floatval($_file['size']) / 1024.0 / 1024.0; } if ($size_uploaded_today + $attach_size > floatval($daily_quota)) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('OVER_DAILY_QUOTA', integer_format($daily_quota), float_format($size_uploaded_today)))); break; } } } $thumb_url = array_key_exists('thumb_url', $attributes) ? $attributes['thumb_url'] : ''; // Embedded attachments if (!is_numeric($id) && substr($id, 0, 4) != 'new_' && substr($id, 0, 4) != 'url_') { $file = base64_decode(str_replace(chr(10), '', $id)); if ($file === false) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:CORRUPT_ATTACHMENT'))); break; } $md5 = md5(substr($file, 0, 30)); $original_filename = array_key_exists('filename', $attributes) ? $attributes['filename'] : $md5 . '.dat'; if (get_file_extension($original_filename) != 'dat') { require_code('files2'); check_extension($original_filename, true); $new_filename = $md5 . '.' . get_file_extension($original_filename) . '.dat'; } else { $new_filename = $md5 . '.' . get_file_extension($original_filename); } $path = get_custom_file_base() . '/uploads/attachments/' . $new_filename; $myfile = @fopen($path, 'wb'); if ($myfile === false) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => intelligent_write_error_inline($path))); break; } if (fwrite($myfile, $file) < strlen($file)) { warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE')); } fclose($myfile); fix_permissions($path); sync_file($path); $_size = strlen($file); $url = 'uploads/attachments/' . $new_filename; if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) { $url = get_custom_base_url() . '/' . $url; } // Thumbnail if ($thumb_url == '') { require_code('images'); if (is_image($original_filename)) { $gd = get_option('is_on_gd') == '1' && function_exists('imagetypes'); if ($gd) { require_code('images'); if (!is_saveable_image($url)) { $ext = '.png'; } else { $ext = '.' . get_file_extension($original_filename); } $thumb_url = 'uploads/attachments_thumbs/' . $md5 . $ext; convert_image(get_custom_base_url() . '/' . $url, get_custom_file_base() . '/' . $thumb_url, -1, -1, intval(get_option('thumb_width')), true, NULL, false, true); if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) { $thumb_url = get_custom_base_url() . '/' . $thumb_url; } } else { $thumb_url = $url; } } } if (addon_installed('galleries')) { require_code('images'); if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) { require_code('transcoding'); $url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL); } } $attachment = array('a_member_id' => $on_behalf_of_member, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => 0, 'a_last_downloaded_time' => NULL, 'a_add_time' => time()); $attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : ''; $attach_id = $connection->query_insert('attachments', $attachment, true); $attachment['id'] = $attach_id; // Create and document attachment if (!array_key_exists('type', $attributes)) { $attributes['type'] = 'auto'; } $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'type' => 'new', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode); // Marker will allow us to search back and replace this with the added id } elseif (!is_numeric($id)) { require_code('uploads'); if (substr($id, 0, 4) == 'new_') { $_id = substr($id, 4); if (!is_numeric($_id)) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT'))); break; } $attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto'); if (substr($attributes['type'], -8) == '_extract') { $attributes['type'] = substr($attributes['type'], 0, strlen($attributes['type']) - 8); } $urls = get_url('', 'file' . $_id, 'uploads/attachments', 2, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true, true); if ($urls[0] == '') { return new ocp_tempcode(); } //warn_exit(do_lang_tempcode('ERROR_UPLOADING')); Can't do this, because this might not be post-calculated if something went wrong once is_swf_upload(true); $_size = $_FILES['file' . $_id]['size']; $original_filename = $_FILES['file' . $_id]['name']; if (get_magic_quotes_gpc()) { $original_filename = stripslashes($original_filename); } } elseif (substr($id, 0, 4) == 'url_') { if (!has_specific_permission($source_member, 'draw_to_server') && !$as_admin) { break; } $_id = '!'; $attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto'); $url = remove_url_mistakes(substr($id, 4)); $_POST['_specify_url'] = $url; // Little hack, as we need to read it from a POST if (get_magic_quotes_gpc()) { $_POST['_specify_url'] = addslashes($_POST['_specify_url']); } $urls = get_url('_specify_url', '', 'uploads/filedump', 1, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true); if ($urls[0] == '') { return new ocp_tempcode(); } $original_filename = rawurldecode(substr($url, strrpos($url, '/') + 1)); if (url_is_local($urls[0])) { $_size = @filesize(get_custom_file_base() . '/' . rawurldecode($urls[0])); if ($_size === false) { $_size = filesize(get_file_base() . '/' . rawurldecode($urls[0])); } } else { $_size = 0; } } else { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT'))); break; } if ($urls[0] == '') { require_code('images'); require_code('files2'); $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('ATTACHMENT_WOULD_NOT_UPLOAD', float_format(get_max_file_size() / 1024 / 1024), float_format(get_max_image_size() / 1024 / 1024)))); break; } $url = $urls[0]; if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) { $url = get_custom_base_url() . '/' . $url; } if ($thumb_url == '') { $thumb_url = array_key_exists(1, $urls) ? $urls[1] : ''; } if ($thumb_url != '' && $connection != $GLOBALS['SITE_DB']) { $thumb_url = get_custom_base_url() . '/' . $thumb_url; } $num_downloads = 0; $last_downloaded_time = NULL; $add_time = time(); $member_id = $on_behalf_of_member; if (addon_installed('galleries')) { require_code('images'); if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) { require_code('transcoding'); $url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL); } } $attachment = array('a_member_id' => $member_id, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => $num_downloads, 'a_last_downloaded_time' => $last_downloaded_time, 'a_add_time' => $add_time); $attachment['a_description'] = post_param('caption' . $_id, array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : ''); $attach_id = $connection->query_insert('attachments', $attachment, true); $attachment['id'] = $attach_id; if ($tag == 'attachment2' || $tag == 'attachment_safe' || substr($id, 0, 4) == 'url_') { $connection->query_delete('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id']), '', 1); $connection->query_insert('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id'])); } // Create and document attachment $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => time(), 'type' => substr($id, 0, 4) == 'new_' ? 'new' : 'url', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode); // Marker will allow us to search back and replace this with the added id // Existing attachments } else { $__id = intval($id); // Check we have permission to re-use this $owner = $connection->query_value_null_ok('attachments', 'a_member_id', array('id' => $__id)); if (is_null($owner)) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'attachment', escape_html(strval($__id))))); if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) { require_code('failure'); relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'attachment', strval($__id)), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference'); } break; } $_attachment = $connection->query_select('attachments', array('*'), array('id' => $__id), '', 1); $attachment = $_attachment[0]; $already_referenced = array_key_exists($__id, $GLOBALS['ATTACHMENTS_ALREADY_REFERENCED']); if ($already_referenced || $as_admin || $source_member === $owner || (has_specific_permission($source_member, 'reuse_others_attachments') || $owner == $source_member) && has_attachment_access($source_member, $__id)) { if (!array_key_exists('type', $attributes)) { $attributes['type'] = 'auto'; } $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => $attachment['a_add_time'], 'type' => 'existing', 'id' => $__id, 'attachmenttype' => $attributes['type'], 'marker' => $marker, 'comcode' => $comcode); } else { require_lang('permissions'); $username = $GLOBALS['FORUM_DRIVER']->get_username($source_member); if (is_null($username)) { $username = do_lang('DELETED'); } $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('permissions:ACCESS_DENIED__REUSE_ATTACHMENT', $username))); break; //access_denied('REUSE_ATTACHMENT'); } if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) { if (url_is_local($attachment['a_url'])) { $attachment['a_url'] = get_custom_base_url() . '/' . $attachment['a_url']; } if (url_is_local($attachment['a_url'])) { $attachment['a_thumb_url'] = get_custom_base_url() . '/' . $attachment['a_thumb_url']; } } $attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : $attachment['a_description']; } // Now, render it // ============== $temp_tpl = render_attachment($tag, $attributes, $attachment, $pass_id, $source_member, $as_admin, $connection, $highlight_bits, $on_behalf_of_member, $semiparse_mode); if (array_key_exists('float', $attributes)) { $temp_tpl = do_template('FLOATER', array('_GUID' => '802fe29019be80993296de7cc8b5cc5e', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl)); } break; case 'include': $codename = $embed->evaluate(); $zone = $attributes['param']; if ($zone == '_SEARCH') { $zone = get_comcode_zone($codename); } if ($zone == '_SELF') { $zone = get_zone_name(); } $temp_comcode_parse_title = $COMCODE_PARSE_TITLE; $temp = request_page($codename, false, $zone, NULL, true); $COMCODE_PARSE_TITLE = $temp_comcode_parse_title; if ($temp->is_empty()) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'include', hyperlink(build_url(array('page' => 'cms_comcode_pages', 'type' => '_ed', 'page_link' => $zone . ':' . $codename), get_module_zone('cms_comcode_pages')), $zone . ':' . $codename, false, true)))); if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) { require_code('failure'); relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'include', $zone . ':' . $codename), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference'); } } else { $temp_tpl = symbol_tempcode('LOAD_PAGE', array($codename, $zone)); } break; case 'random': unset($attributes['param']); if ($wml) { $top_attribute = array_pop($attributes); $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); break; } $max = $embed->evaluate() == '' ? intval($embed->evaluate()) : 0; foreach ($attributes as $num => $val) { $_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $attributes[$num] = $_temp->evaluate(); if (intval($num) > $max) { $max = intval($num); } } $_parts = new ocp_tempcode(); krsort($attributes); foreach ($attributes as $num => $val) { $_parts->attach(do_template('COMCODE_RANDOM_PART', array('_GUID' => '5fa49a916304f9caa0ddedeb01531142', 'NUM' => strval($num), 'VAL' => $val))); } $temp_tpl = do_template('COMCODE_RANDOM', array('_GUID' => '9b77aaf593b12c763fb0c367fab415b6', 'UNIQID' => uniqid('', true), 'FULL' => $embed, 'MAX' => strval($max), 'PARTS' => $_parts)); break; case 'jumping': unset($attributes['param']); if ($wml) { $top_attribute = array_pop($attributes); $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); break; } $_parts = new ocp_tempcode(); foreach ($attributes as $val) { $_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $_parts->attach(do_template('COMCODE_JUMPING_PART', array('_GUID' => 'd163bd11920f39f0cb8ff2f6ba48bc80', 'PART' => $_temp->evaluate()))); } $embed = $embed->evaluate(); $temp_tpl = do_template('COMCODE_JUMPING', array('_GUID' => '85e9f83ed134868436a7db7692f56047', 'UNIQID' => uniqid('', true), 'FULL' => implode(', ', $attributes), 'TIME' => strval((int) $embed), 'PARTS' => $_parts)); break; case 'shocker': if ($wml) { $top_attribute = array_pop($attributes); $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); break; } $_parts = new ocp_tempcode(); foreach ($attributes as $key => $val) { if (substr($key, 0, 5) == 'left_') { $left = $val; $right = array_key_exists('right_' . substr($key, 5), $attributes) ? $attributes['right_' . substr($key, 5)] : ''; $left = is_object($left) ? $left : comcode_to_tempcode($left, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $right = is_object($right) ? $right : comcode_to_tempcode($right, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $_parts->attach(do_template('COMCODE_SHOCKER_PART', array('LEFT' => $left, 'RIGHT' => $right))); } } $min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF'; $max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044'; if (substr($min_color, 0, 1) == '#') { $min_color = substr($min_color, 1); } if (substr($max_color, 0, 1) == '#') { $max_color = substr($max_color, 1); } $embed = $embed->evaluate(); $temp_tpl = do_template('COMCODE_SHOCKER', array('UNIQID' => uniqid('', true), 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'FULL' => implode(', ', $attributes), 'TIME' => strval(intval($embed)), 'PARTS' => $_parts)); break; case 'ticker': if ($wml) { $temp_tpl = $embed; break; } $width = $attributes['param']; if (!is_numeric($width)) { $width = '300'; } $fspeed = array_key_exists('speed', $attributes) ? float_to_raw_string(floatval($attributes['speed'])) : '1'; $temp_tpl = do_template('COMCODE_TICKER', array('_GUID' => 'e48893cda61995261577f0556443c537', 'UNIQID' => uniqid('', true), 'SPEED' => $fspeed, 'WIDTH' => $width, 'TEXT' => $embed)); break; case 'highlight': if ($wml) { $temp_tpl->attach('<i>'); $temp_tpl->attach($embed); $temp_tpl->attach('</i>'); break; } $temp_tpl = do_template('COMCODE_HIGHLIGHT', array('_GUID' => '695d041b6605f06ec2aeee1e82f87185', 'CONTENT' => $embed)); break; case 'size': $size = array_key_exists('param', $attributes) ? $attributes['param'] : '1'; if ($wml) { if (floatval($size) >= 1.5) { $temp_tpl->attach('<big>'); $temp_tpl->attach($embed); $temp_tpl->attach('</big>'); } elseif (floatval($size) < 0.8) { $temp_tpl->attach('<small>'); $temp_tpl->attach($embed); $temp_tpl->attach('</small>'); } else { $temp_tpl->attach($embed); } break; } if (is_numeric($size)) { $size = 'font-size: ' . $size . 'em;'; } elseif (substr($size, 0, 1) == '+') { $size = 'font-size: ' . substr($size, 1) . 'em'; } elseif (substr($size, -1) == '%') { $size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em'; } elseif (substr($size, -2) == 'of') { $new_size = '1em'; switch ($size) { case '1of': $new_size = '8pt'; break; case '2of': $new_size = '10pt'; break; case '3of': $new_size = '12pt'; break; case '4of': $new_size = '14pt'; break; case '5of': $new_size = '18pt'; break; case '6of': $new_size = '24pt'; break; case '7of': $new_size = '36pt'; break; } $size = 'font-size: ' . $new_size; } else { $size = 'font-size: ' . $size; } $size_len = strlen($size); filter_html($as_admin, $source_member, 0, $size_len, $size, false, false); $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'fb23fdcb45aabdfeca9f37ed8098948e', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => '', 'FACE' => '')); break; case 'color': if ($wml) { $temp_tpl = $embed; break; } $color = array_key_exists('param', $attributes) ? 'color: ' . $attributes['param'] . ';' : ''; $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'bd146414c9239ba2076f4b683df437d7', 'CONTENT' => $embed, 'SIZE' => '', 'COLOR' => $color, 'FACE' => '')); $color_len = strlen($color); filter_html($as_admin, $source_member, 0, $color_len, $color, false, false); break; case 'tt': if ($wml) { $temp_tpl->attach('<i>'); $temp_tpl->attach($embed); $temp_tpl->attach('</i>'); break; } $temp_tpl = do_template('COMCODE_TELETYPE', array('CONTENT' => $embed)); break; case 'samp': if ($wml) { $temp_tpl->attach('<i>'); $temp_tpl->attach($embed); $temp_tpl->attach('</i>'); break; } $temp_tpl = do_template('COMCODE_SAMP', array('CONTENT' => $embed)); break; case 'q': if ($wml) { $temp_tpl->attach('<i>'); $temp_tpl->attach($embed); $temp_tpl->attach('</i>'); break; } $temp_tpl = do_template('COMCODE_Q', array('CONTENT' => $embed)); break; case 'var': if ($wml) { $temp_tpl->attach('<i>'); $temp_tpl->attach($embed); $temp_tpl->attach('</i>'); break; } $temp_tpl = do_template('COMCODE_VAR', array('CONTENT' => $embed)); break; case 'font': $face = $attributes['param']; if ($face == '' && array_key_exists('face', $attributes)) { $face = $attributes['face']; } $color = array_key_exists('color', $attributes) ? $attributes['color'] : ''; $size = array_key_exists('size', $attributes) ? $attributes['size'] : ''; if ($face == '/') { $face = ''; } if ($color == '/') { $color = ''; } if ($size == '/') { $size = ''; } if ($wml) { $before = ''; $after = ''; if ($size != '') { if (floatval($size) >= 1.5) { $before = '<big>'; $after = '</big>'; } elseif (floatval($size) < 0.8) { $before = '<small>'; $after = '</small>'; } } $temp_tpl->attach($before); $temp_tpl->attach($embed); $temp_tpl->attach($after); break; } if ($color != '') { $color = 'color: ' . $color . ';'; } if ($size != '') { if (is_numeric($size)) { $size = 'font-size: ' . $size . 'em;'; } elseif (substr($size, 0, 1) == '+') { $size = 'font-size: ' . substr($size, 1) . 'em'; } elseif (substr($size, -1) == '%') { $size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em'; } elseif (substr($size, -2) == 'of') { $new_size = '1em'; switch ($size) { case '1of': $new_size = '8pt'; break; case '2of': $new_size = '10pt'; break; case '3of': $new_size = '12pt'; break; case '4of': $new_size = '14pt'; break; case '5of': $new_size = '18pt'; break; case '6of': $new_size = '24pt'; break; case '7of': $new_size = '36pt'; break; } $size = 'font-size: ' . $new_size; } else { $size = 'font-size: ' . $size; } } if ($face != '') { $face = 'font-family: ' . str_replace('\'', '', $face) . ';'; } $size_len = strlen($size); filter_html($as_admin, $source_member, 0, $size_len, $size, false, false); $color_len = strlen($color); filter_html($as_admin, $source_member, 0, $color_len, $color, false, false); $face_len = strlen($face); filter_html($as_admin, $source_member, 0, $face_len, $face, false, false); $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'f5fcafe737b8fdf466a6a51773e09c9b', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => $color, 'FACE' => $face)); break; case 'box': if ($wml) { $temp_tpl->attach('<br /><p>'); if ($attributes['param'] != '') { $temp_tpl->attach('<big>'); $temp_tpl->attach($attributes['param']); $temp_tpl->attach('</big><br /><br />'); } $temp_tpl->attach($embed); $temp_tpl->attach('</p></br />'); break; } // Legacy parameter. There used to be 'place' and 'nowrap' and 'class', but these are now gone. $breadth = array_key_exists('breadth', $attributes) ? $attributes['breadth'] : '100%'; if ($breadth == 'WIDE') { $breadth = '100%'; } if ($breadth == 'WIDE_HIGH') { $breadth = '100%'; } if ($breadth == 'THIN') { $breadth = 'auto'; } // The new versions $dimensions = array_key_exists('dimensions', $attributes) ? comcode_to_tempcode($attributes['dimensions'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : make_string_tempcode($breadth); $type = array_key_exists('type', $attributes) ? $attributes['type'] : ''; $options = array_key_exists('options', $attributes) ? $attributes['options'] : ''; $meta = $comcode_dangerous && array_key_exists('meta', $attributes) ? $attributes['meta'] : ''; //Insecure, unneeded here $links = $comcode_dangerous && array_key_exists('links', $attributes) ? $attributes['links'] : ''; //Insecure, unneeded here $converted = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $temp_tpl = directive_tempcode('BOX', $embed, array($converted, $dimensions, make_string_tempcode($type), make_string_tempcode($options), make_string_tempcode($meta), make_string_tempcode($links))); if (array_key_exists('float', $attributes)) { $temp_tpl = do_template('FLOATER', array('_GUID' => '54e8fc9ec1e16cfc5c8824e22f1e8745', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl)); } break; case 'concept': if ($wml) { $temp_tpl = $embed; break; } if (!array_key_exists('param', $attributes) || $attributes['param'] == '') { $key = $embed->evaluate(); $temp_tpl = symbol_tempcode('DISPLAY_CONCEPT', array($key)); } else { $temp_tpl = do_template('COMCODE_CONCEPT_INLINE', array('_GUID' => '381a59de4d6f8967446c12bf4641a9ce', 'TEXT' => $embed, 'FULL' => $attributes['param'])); } break; case 'concepts': if ($wml) { break; } $title = $embed->evaluate(); $concepts = new ocp_tempcode(); foreach ($attributes as $_key => $_value) { if (substr($_key, -4) == '_key') { $key = $_value; $cid = substr($_key, 0, strlen($_key) - 4); $to_parse = array_key_exists($cid . '_value', $attributes) ? $attributes[$cid . '_value'] : new ocp_tempcode(); $value = is_object($to_parse) ? $to_parse : comcode_to_tempcode($to_parse, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $concepts->attach(do_template('COMCODE_CONCEPTS_CONCEPT', array('_GUID' => '4baf6dabc32146c594c7fd922791b6b2', 'A' => 'concept___' . preg_replace('#[^\\w]#', '_', $key), 'KEY' => $key, 'VALUE' => $value))); } } $temp_tpl = do_template('COMCODE_CONCEPTS', array('_GUID' => '4c7a1d70753dc1d209b9951aa10f361a', 'TITLE' => $title, 'CONCEPTS' => $concepts)); break; case 'exp_ref': if ($wml) { break; } $_embed = $embed->evaluate(); if (strpos($_embed, '.') !== false) { break; } $stub = get_file_base() . '/data_custom/images/' . get_zone_name() . '/'; $stub2 = get_base_url() . '/data_custom/images/' . get_zone_name() . '/'; if (!file_exists($stub)) { $stub = get_file_base() . '/data/images/' . get_zone_name() . '/'; $stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/'; } if (!file_exists($stub)) { $stub = get_file_base() . '/data_custom/images/'; $stub2 = get_base_url() . '/data_custom/images/'; } if (!file_exists($stub)) { $stub = get_file_base() . '/data/images/'; $stub2 = get_base_url() . '/data/images/'; } if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } if (file_exists($stub . $_embed . '.png')) { $url = $stub2 . $_embed . '.png'; } elseif (file_exists($stub . $_embed . '.gif')) { $url = $stub2 . $_embed . '.gif'; } elseif (file_exists($stub . $_embed . '.jpg')) { $url = $stub2 . $_embed . '.jpg'; } elseif (file_exists($stub . $_embed . '.jpeg')) { $url = $stub2 . $_embed . '.jpeg'; } else { $stub = get_file_base() . '/data/images/docs/'; $stub2 = get_base_url() . '/data/images/docs/'; if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } if (file_exists($stub . $_embed . '.png')) { $url = $stub2 . $_embed . '.png'; } elseif (file_exists($stub . $_embed . '.gif')) { $url = $stub2 . $_embed . '.gif'; } elseif (file_exists($stub . $_embed . '.jpg')) { $url = $stub2 . $_embed . '.jpg'; } elseif (file_exists($stub . $_embed . '.jpeg')) { $url = $stub2 . $_embed . '.jpeg'; } else { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_ref', escape_html($_embed)))); if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) { $GLOBALS['COMCODE_BROKEN_URLS'][] = array($_embed, NULL); } elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) { require_code('failure'); relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_ref', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference'); } break; } } $text = make_string_tempcode($attributes['param']); if ($text->is_empty()) { $text = do_lang_tempcode('EXAMPLE'); } $temp_tpl = do_template('COMCODE_EXP_REF', array('_GUID' => '89e7f528e72096e3458d6acb70734d0b', 'TEXT' => $text, 'URL' => $url)); break; case 'exp_thumb': if ($wml) { break; } $_embed = $embed->evaluate(); if (strpos($_embed, '.') !== false) { break; } $stub = get_file_base() . '/data/images/' . get_zone_name() . '/'; $stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/'; if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } if (file_exists($stub . $_embed . '.png')) { $url_full = $stub2 . $_embed . '.png'; } elseif (file_exists($stub . $_embed . '.gif')) { $url_full = $stub2 . $_embed . '.gif'; } elseif (file_exists($stub . $_embed . '.jpg')) { $url_full = $stub2 . $_embed . '.jpg'; } elseif (file_exists($stub . $_embed . '.jpeg')) { $url_full = $stub2 . $_embed . '.jpeg'; } else { $stub = get_file_base() . '/data/images/docs/'; $stub2 = get_base_url() . '/data/images/docs/'; if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } if (file_exists($stub . $_embed . '.png')) { $url_full = $stub2 . $_embed . '.png'; } elseif (file_exists($stub . $_embed . '.gif')) { $url_full = $stub2 . $_embed . '.gif'; } elseif (file_exists($stub . $_embed . '.jpg')) { $url_full = $stub2 . $_embed . '.jpg'; } elseif (file_exists($stub . $_embed . '.jpeg')) { $url_full = $stub2 . $_embed . '.jpeg'; } else { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_thumb', escape_html($_embed)))); if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) { $GLOBALS['COMCODE_BROKEN_URLS'][] = $_embed; } elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) { require_code('failure'); relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_thumb', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference'); } break; } } $float = array_key_exists('float', $attributes) ? $attributes['float'] : 'right'; $text = $attributes['param']; if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) { $url_thumb = $url_full; } else { $new_name = $_embed . '_thumb.png'; $file_thumb = $stub . $new_name; if (file_exists($file_thumb)) { $url_thumb = $stub2 . rawurlencode($new_name); } else { $new_name = $_embed . '.png'; $file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name; if (!file_exists($file_thumb)) { require_code('images'); convert_image($url_full, $file_thumb, -1, -1, 150, false); } $url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name); } } if (get_param_integer('wide_print', 0) == 1) { $temp_tpl = do_template('COMCODE_EXP_THUMB_PRINT', array('_GUID' => 'de7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full)); } else { $temp_tpl = do_template('COMCODE_EXP_THUMB', array('_GUID' => 'ce7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full)); } break; case 'thumb': if ($wml) { break; } $_embed = $embed->evaluate(); $_embed = remove_url_mistakes($_embed); $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin); if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } if (url_is_local($_embed)) { if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) { $url_full = get_base_url() . '/' . $_embed; } else { $url_full = get_custom_base_url() . '/' . $_embed; } } else { $url_full = $_embed; } $align = array_key_exists('align', $attributes) ? $attributes['align'] : 'bottom'; if (get_option('is_on_gd') == '0' || !function_exists('imagetypes') || !has_specific_permission($source_member, 'draw_to_server') && !$as_admin) { $url_thumb = $url_full; } else { if ($attributes['param'] != '') { $url_thumb = url_is_local($attributes['param']) ? get_custom_base_url() . '/' . $attributes['param'] : $attributes['param']; } if ($attributes['param'] == '' || url_is_local($attributes['param']) && !file_exists(get_custom_file_base() . '/' . rawurldecode($attributes['param']))) { $new_name = url_to_filename($url_full); require_code('images'); if (!is_saveable_image($new_name)) { $new_name .= '.png'; } if (is_null($new_name)) { $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('URL_THUMB_TOO_LONG'))); break; } $file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name; if (!file_exists($file_thumb) && strpos($file_thumb, '{$') === false) { convert_image($url_full, $file_thumb, -1, -1, intval(get_option('thumb_width')), false); } $url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name); } } $caption = array_key_exists('caption', $attributes) ? $attributes['caption'] : ''; $temp_tpl = do_template('COMCODE_THUMB', array('_GUID' => '1b0d25f72ef5f816091269e29c586d60', 'CAPTION' => $caption, 'RAND' => strval(mt_rand(0, 32000)), 'ALIGN' => $align, 'PASS_ID' => intval($pass_id) < 0 ? strval(mt_rand(0, 10000)) : $pass_id, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full)); if (array_key_exists('float', $attributes)) { $temp_tpl = do_template('FLOATER', array('_GUID' => 'cbc56770714a44f56676f43da282cc7a', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl)); } break; case 'img': if ($wml) { break; } if ($semiparse_mode && array_key_exists('rollover', $attributes)) { $temp_tpl = make_string_tempcode('[img' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/img]'); break; } $_embed = $embed->evaluate(); $given_url = $_embed; $_embed = remove_url_mistakes($_embed); if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin); if (url_is_local($_embed)) { if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) { $url_full = get_base_url() . '/' . $_embed; } else { $url_full = get_custom_base_url() . '/' . $_embed; } } else { $url_full = $_embed; } $temp_tpl = test_url($url_full, 'img', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member); $align = array_key_exists('align', $attributes) ? $attributes['align'] : ''; $caption = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); if (array_key_exists('title', $attributes)) { $tooltip = is_object($attributes['title']) ? $attributes['title'] : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); } else { $tooltip = $caption; } $rollover = array_key_exists('rollover', $attributes) ? $attributes['rollover'] : NULL; if (!is_null($rollover) && url_is_local($rollover)) { if (file_exists(get_file_base() . '/' . $rollover) && !file_exists(get_custom_file_base() . '/' . $rollover)) { $rollover = get_base_url() . '/' . $rollover; } else { $rollover = get_custom_base_url() . '/' . $rollover; } } $refresh_time = array_key_exists('refresh_time', $attributes) ? strval(intval($attributes['refresh_time'])) : '0'; $temp_tpl->attach(do_template('COMCODE_IMG', array('_GUID' => '70166d8dbb0aff064b99c0dd30ed77a8', 'RAND' => uniqid('', true), 'REFRESH_TIME' => $refresh_time, 'ROLLOVER' => $rollover, 'ALIGN' => $align, 'URL' => $url_full, 'TOOLTIP' => $tooltip, 'CAPTION' => $caption))); if (array_key_exists('float', $attributes)) { $temp_tpl = do_template('FLOATER', array('_GUID' => '918162250c80e10212efd9a051545b9b', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl)); } break; case 'flash': if ($wml) { break; } $_embed = $embed->evaluate(); $given_url = $_embed; $_embed = remove_url_mistakes($_embed); if (substr($_embed, 0, 1) == '/') { $_embed = substr($_embed, 1); } $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin); $url_full = url_is_local($_embed) ? get_custom_base_url() . '/' . $_embed : $_embed; $temp_tpl = test_url($url_full, 'flash', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member); if ($attributes['param'] == '' || strpos($attributes['param'], 'x') === false) { if (!array_key_exists('width', $attributes)) { $attributes['width'] = '300'; } if (!array_key_exists('height', $attributes)) { $attributes['height'] = '300'; } $attributes['param'] = $attributes['width'] . 'x' . $attributes['height']; } list($width, $height) = explode('x', $attributes['param'], 2); if (addon_installed('jwplayer') && (substr($url_full, -4) == '.flv' || substr($url_full, -4) == '.mp4' || substr($url_full, -4) == '.mp3' || substr($url_full, -4) == '.webm')) { $temp_tpl->attach(do_template('COMCODE_FLV', array('_GUID' => '4746684d9e098709cc6671e1b00ce47e', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height))); } else { $temp_tpl->attach(do_template('COMCODE_SWF', array('_GUID' => '8bc61ad75977a5a85eff96454af31fe8', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height))); } break; case 'url': // Make them both HTML strings $url = $embed->evaluate(); if (is_object($attributes['param'])) { $switch_over = true; // We know if must be Comcode XML $attributes['param'] = $attributes['param']->evaluate(); } else { $switch_over = !looks_like_url($url) && looks_like_url($attributes['param'], true); if (strpos($attributes['param'], '[') !== false || strpos($attributes['param'], '{') !== false) { $param_temp = comcode_to_tempcode(escape_html($attributes['param']), $source_member, $as_admin, 60, NULL, $connection, false, false, true, false, false, $highlight_bits, $on_behalf_of_member); global $ADVERTISING_BANNERS; $temp_ab = $ADVERTISING_BANNERS; $ADVERTISING_BANNERS = array(); $caption = $param_temp; $ADVERTISING_BANNERS = $temp_ab; } else { $caption = make_string_tempcode(escape_html($attributes['param'])); // Consistency of escaping } } // Do we need to switch around? if ($switch_over) { $url = $attributes['param']; $caption = $embed; } // If we weren't given a caption, use the URL, but crop if necessary if ($caption->evaluate() == '') { $_caption = $url; // Shorten the URL if it is too long $max_link_length = 50; if (strlen($_caption) > $max_link_length) { $_caption = escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), 0, intval($max_link_length / 2 - 3))) . '…' . escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), intval(-$max_link_length / 2))); } $caption = make_string_tempcode($_caption); } // Tidy up the URL now $url = @html_entity_decode($url, ENT_QUOTES, get_charset()); $url = fixup_protocolless_urls($url); // Integrity and security $url = check_naughty_javascript_url($source_member, $url, $as_admin); // More URL tidying $local = url_is_local($url) || strpos($url, get_domain()) !== false; $given_url = $url; if ($url != '' && $url[0] != '#') { if (substr($url, 0, 1) == '/') { $url = substr($url, 1); } $url_full = url_is_local($url) ? get_base_url() . '/' . $url : $url; if ($GLOBALS['XSS_DETECT']) { ocp_mark_as_escaped($url_full); } } else { $url_full = $url; } $striped_base_url = str_replace('www.', '', str_replace('http://', '', get_base_url())); if ($striped_base_url != '' && substr($url, 0, 1) != '%' && strpos($url_full, $striped_base_url) === false) { $temp_tpl = test_url($url_full, 'url', $given_url, $source_member); } // Render if (!array_key_exists('target', $attributes)) { $attributes['target'] = $local ? '_top' : '_blank'; } if ($attributes['target'] == 'blank') { $attributes['target'] = '_blank'; } $rel = $as_admin || has_specific_permission($source_member, 'search_engine_links') ? '' : 'nofollow'; if ($attributes['target'] == '_blank') { $title = (is_object($caption) ? static_evaluate_tempcode($caption) : $caption) . ' ' . do_lang('LINK_NEW_WINDOW'); } else { $title = ''; } $temp_tpl->attach(do_template('COMCODE_URL', array('_GUID' => 'd1657530e6d3d57e6a4791fb3bfa0dd7', 'TITLE' => $title, 'REL' => $rel, 'TARGET' => $attributes['target'], 'URL' => $url_full, 'CAPTION' => $caption))); break; case 'email': $_embed = $embed->evaluate(); require_code('type_validation'); require_code('obfuscate'); // If we need to switch if (is_object($attributes['param']) || !is_valid_email_address($_embed) && is_valid_email_address($attributes['param'])) { $temp = $embed; // Is tempcode $_embed = $attributes['param']; $attributes['param'] = $temp; } else { $attributes['param'] = comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); // Becomes tempcode } if ($attributes['param']->is_empty()) { $attributes['param'] = obfuscate_email_address($_embed); } $subject = array_key_exists('subject', $attributes) ? $attributes['subject'] : ''; $body = array_key_exists('body', $attributes) ? $attributes['body'] : ''; $title = ''; if (array_key_exists('title', $attributes)) { $title = $attributes['title']; } $temp_tpl = do_template('COMCODE_EMAIL', array('_GUID' => '5f6ade8fe07701b6858575153d78f4e9', 'TITLE' => $title, 'ADDRESS' => obfuscate_email_address($_embed), 'SUBJECT' => $subject, 'BODY' => $body, 'CAPTION' => $attributes['param'])); break; case 'reference': if ($wml) { break; } if (array_key_exists('type', $attributes) && $attributes['type'] == 'url') { $_embed = $embed->evaluate(); $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin); if (!array_key_exists('title', $attributes)) { $attributes['title'] = $attributes['param']; } if (is_object($attributes['title']) || $attributes['title'] != '') { $_title = is_object($attributes['title']) ? make_string_tempcode(escape_html($attributes['title'])) : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $title = $_title->evaluate(); } else { $title = $_embed; } $embed = hyperlink($_embed, $title, true); } $temp_tpl = do_template('COMCODE_REFERENCE', array_merge($attributes, array('SOURCE' => $embed))); break; case 'upload': // This points to a file path, not a URL $_embed = $embed->evaluate(); $type = array_key_exists('type', $attributes) ? $attributes['type'] : 'downloads'; if (is_object($attributes['param']) || $attributes['param'] != '') { $_caption = is_object($attributes['param']) ? make_string_tempcode(escape_html($attributes['param'])) : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); $__caption = $_caption->evaluate(); } else { $__caption = $_embed; } $url = get_custom_base_url() . '/' . $type . '/' . rawurlencode($_embed); $url = check_naughty_javascript_url($source_member, $url, $as_admin); $temp_tpl = test_url($url, 'upload', $_embed, $source_member); $temp_tpl->attach(hyperlink($url, $__caption)); break; case 'page': $ignore_if_hidden = array_key_exists('ignore_if_hidden', $attributes) && $attributes['ignore_if_hidden'] == '1'; unset($attributes['ignore_if_hidden']); // Two sets of parameters: simple style and complex style; both are completely incompatible $hash = ''; if ($attributes == array('param' => '')) { $zone = '_SEARCH'; $caption = $embed; $attributes = array('page' => $caption->evaluate()); } elseif (array_keys($attributes) == array('param')) { $caption = $embed; if ($wml) { $temp_tpl = $embed; break; } else { if (strpos($attributes['param'], ':') !== false) { global $OVERRIDE_SELF_ZONE; $page_link = $attributes['param']; list($zone, $attributes, $hash) = page_link_decode($page_link); if (!array_key_exists('page', $attributes)) { $attributes['page'] = ''; } if ($zone == '_SELF' && !is_null($OVERRIDE_SELF_ZONE)) { $zone = $OVERRIDE_SELF_ZONE; } } else { $zone = '_SEARCH'; // Changed in v3 from '_SELF', to allow context-sensitivity $attributes = array_merge(array('page' => $attributes['param']), $attributes); } } } else { $caption = array_key_exists('caption', $attributes) ? comcode_to_tempcode($attributes['caption'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : $embed; if ($wml) { $temp_tpl = $caption; break; } else { $zone = $param_given ? $attributes['param'] : '_SEARCH'; // Changed in v3 from '_SELF', to allow context-sensitivity unset($attributes['caption']); if (!array_key_exists('page', $attributes)) { $attributes = array_merge(array('page' => $embed->evaluate()), $attributes); } } } unset($attributes['param']); foreach ($attributes as $key => $val) { if (is_object($val)) { $attributes[$key] = $val->evaluate(); } } if ($zone == '_SEARCH') { $zone = get_page_zone($attributes['page'], false); if (is_null($zone)) { $zone = ''; } } $pl_url = build_url($attributes, $zone, NULL, false, false, false, $hash); $temp_tpl = hyperlink($pl_url, $caption); $page = $attributes['page']; if ($page != '') { if ($zone == '_SELF') { $zone = get_zone_name(); } if ($zone == '_SEARCH') { $zone = get_page_zone($page, false); if (is_null($zone)) { $zone = ''; } // Oh dear, well it will be correctly identified as not found anyway } $ptest = _request_page($page, $zone); if ($ptest !== false) { if ($page == 'topicview' && array_key_exists('id', $attributes)) { if (!is_numeric($attributes['id'])) { $attributes['id'] = $GLOBALS['SITE_DB']->query_value_null_ok('url_id_monikers', 'm_resource_id', array('m_resource_page' => $page, 'm_moniker' => $attributes['id'])); } if (!is_null($attributes['id'])) { $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_topics', 'id', array('id' => $attributes['id'])); if (is_null($test)) { $ptest = false; } } else { $ptest = false; } } } if ($ptest === false) { //$temp_tpl->attach(' ['.do_lang('MISSING_RESOURCE').']'); // Don't want this as we might be making the page immediately if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !in_array($page, $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) { if ($ignore_if_hidden) { $temp_tpl = do_template('COMCODE_DEL', array('CONTENT' => $caption)); } else { require_code('failure'); relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'page_link', $page_link), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference'); } } } } break; case 'hide': if ($wml) { $temp_tpl = $embed; break; } if (array_key_exists('param', $attributes)) { $text = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member); } else { $text = do_lang_tempcode('EXPAND'); } $temp_tpl = do_template('COMCODE_HIDE', array('_GUID' => 'a591a0d1e6bb3dde0f22cebb9c7ab93e', 'TEXT' => $text, 'CONTENT' => $embed)); break; case 'quote': if ($wml) { $temp_tpl->attach('<br /><br />' . $attributes['param'] . ':'); $temp_tpl->attach($embed); break; } $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL; if (!is_null($cite)) { $temp_tpl = test_url($cite, 'quote', $cite, $source_member); } if ($attributes['param'] == '' && isset($attributes['author'])) { $attributes['param'] = $attributes['author']; } // Compatibility with SMF if ($attributes['param'] != '') { if (is_numeric($attributes['param'])) { $attributes['param'] = $GLOBALS['FORUM_DRIVER']->get_username($attributes['param']); if (is_null($attributes['param'])) { $attributes['param'] = do_lang('UNKNOWN'); } } else { $attributes['param'] = protect_from_escaping(comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member)); } $temp_tpl->attach(do_template('COMCODE_QUOTE_BY', array('_GUID' => '18f55a548892ad08b0b50b3b586b5b95', 'CITE' => $cite, 'CONTENT' => $embed, 'BY' => $attributes['param'], 'SAIDLESS' => array_key_exists('saidless', $attributes) ? $attributes['saidless'] : '0'))); } else { $temp_tpl->attach(do_template('COMCODE_QUOTE', array('_GUID' => 'fa275de59433c17da19b22814c17fdc5', 'CITE' => $cite, 'CONTENT' => $embed))); } break; case 'html': if ($wml) { break; } $temp_tpl = $embed; // Plain HTML. But it's been filtered already break; case 'semihtml': $temp_tpl = $embed; // Hybrid HTML. But it's been filtered already break; case 'block': if ($wml) { break; } $attributes['block'] = trim($embed->evaluate()); if (preg_match('#^[\\w\\-]*$#', $attributes['block']) == 0) { $temp_tpl = paragraph(do_lang_tempcode('MISSING_BLOCK_FILE', escape_html($attributes['block'])), '90dfdlksds8d7dyddssddxs', 'error_marker'); break; // Avoids a suspected hack attempt by just filtering early } $_attributes = array(); foreach ($attributes as $key => $val) { $_attributes[] = $key . '=' . $val; } $temp_tpl = symbol_tempcode('BLOCK', $_attributes); break; case 'contents': if ($wml) { break; } // Do structure sweep $urls_for = array(); $old_structure_list = $STRUCTURE_LIST; $STRUCTURE_LIST = array(); // reset for e.g. comcode_text_to_tempcode calls (which don't itself reset it, although _comcode_to_tempcode does for top level parses) if (array_key_exists('files', $attributes) && $comcode_dangerous) { $s_zone = array_key_exists('zone', $attributes) ? $attributes['zone'] : get_zone_name(); $pages = find_all_pages($s_zone, 'comcode_custom/' . get_site_default_lang(), 'txt') + find_all_pages($s_zone, 'comcode/' . get_site_default_lang(), 'txt'); $prefix = $attributes['files']; foreach ($pages as $pg_name => $pg_type) { if (substr($pg_name, 0, strlen($prefix)) == $prefix) { $i = count($STRUCTURE_LIST); comcode_to_tempcode(file_get_contents(zone_black_magic_filterer(get_file_base() . '/' . $s_zone . '/pages/' . $pg_type . '/' . $pg_name . '.txt'), FILE_TEXT), $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member); $page_url = build_url(array('page' => $pg_name), $s_zone); while (array_key_exists($i, $STRUCTURE_LIST)) { $urls_for[] = $page_url; $i++; } } } $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1; } else { if (substr($comcode, 0, 8) == '<comcode') { require_code('comcode_xml'); if (!$as_admin) { check_specific_permission('comcode_dangerous', NULL, $source_member); } $_ = new comcode_xml_to_tempcode($comcode, $source_member, 60, NULL, $connection, false, false, false, true, false, $on_behalf_of_member); } else { require_code('comcode_text'); comcode_text_to_tempcode($comcode, $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member); } $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1; } $list_types = $embed->evaluate() == '' ? array() : explode(',', $embed->evaluate()); $list_types += array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc'); $levels_allowed = array_key_exists('levels', $attributes) ? intval($attributes['levels']) : NULL; // Convert the list structure into a tree structure $past_level_stack = array(1); $subtree_stack = array(array()); $levels = 1; foreach ($STRUCTURE_LIST as $i => $struct) { $level = $struct[0]; $title = $struct[1]; $uniq_id = $struct[2]; $url = array_key_exists($i, $urls_for) ? $urls_for[$i] : ''; if ($level > $levels_allowed && !is_null($levels_allowed)) { continue; } // Going down the tree if ($level > $past_level_stack[$levels - 1]) { array_push($past_level_stack, $level); array_push($subtree_stack, array(array($uniq_id, $title->evaluate(), $url))); $levels++; } else { // Going back up the tree, destroying levels that must have now closed off while ($level < $past_level_stack[$levels - 1] && $levels > 2) { array_pop($past_level_stack); $subtree = array_pop($subtree_stack); $levels--; // Alter the last of the next level on stack so it is actually taking the closed off level as children, and changing from a property list to a pair: property list & children $subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1] = array($subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1], $subtree); } // Store the title where we are $subtree_stack[$levels - 1][] = array($uniq_id, $title->evaluate(), $url); } } // Clean up... going up until we're with 1 while ($levels > 1) { array_pop($past_level_stack); $subtree = array_pop($subtree_stack); $levels--; $parent_level_start_index = count($subtree_stack[$levels - 1]) - 1; if ($parent_level_start_index < 0) { $subtree_stack[$levels - 1] = $subtree; } else { $subtree_stack[$levels - 1][$parent_level_start_index] = array($subtree_stack[$levels - 1][$parent_level_start_index], $subtree); } } // Now we have the structure to display $levels_t = _do_contents_level($subtree_stack[0], $list_types, $base); $temp_tpl = do_template('COMCODE_CONTENTS', array('_GUID' => 'ca2f5320fa930e2257a2e74e4f98e5a0', 'LEVELS' => $levels_t)); $STRUCTURE_LIST = $old_structure_list; // Restore, so subsequent 'title' tags have correct numbering break; } // Last ditch effort: custom tags if ($temp_tpl->is_definitely_empty() && !$wml) { global $REPLACE_TARGETS; if (array_key_exists($tag, $REPLACE_TARGETS)) { $replace = $REPLACE_TARGETS[$tag]['replace']; $parameters = explode(',', $REPLACE_TARGETS[$tag]['parameters']); $binding = array('CONTENT' => $embed, 'RAND' => uniqid('', true)); foreach ($parameters as $parameter) { $parameter = trim($parameter); $parts = explode('=', $parameter); if (count($parts) == 1) { $parts[] = ''; } if (count($parts) != 2) { continue; } list($parameter, $default) = $parts; if (!array_key_exists($parameter, $attributes) || $attributes[$parameter] == '') { $attributes[$parameter] = $default; } $binding[strtoupper($parameter)] = $attributes[$parameter]; $replace = str_replace('{' . $parameter . '}', '{' . strtoupper($parameter) . '*}', $replace); } $replace = str_replace('{content}', array_key_exists($tag, $GLOBALS['TEXTUAL_TAGS']) ? '{CONTENT}' : '{CONTENT*}', $replace); require_code('tempcode_compiler'); $temp_tpl = template_to_tempcode($replace); $temp_tpl = $temp_tpl->bind($binding, '(custom comcode: ' . $tag . ')'); } } return $temp_tpl; }
/** * Script handler for downloading a gallery, as specified by GET parameters. */ function download_gallery_script() { if (function_exists('set_time_limit')) { @set_time_limit(0); } require_code('galleries'); // Closed site $site_closed = get_option('site_closed'); if ($site_closed == '1' && !has_specific_permission(get_member(), 'access_closed_site') && !$GLOBALS['IS_ACTUALLY_ADMIN']) { header('Content-Type: text/plain'); @exit(get_option('closed')); } require_lang('galleries'); require_code('zip'); $cat = get_param('cat'); if (!has_category_access(get_member(), 'galleries', $cat)) { access_denied('CATEGORY_ACCESS'); } check_specific_permission('may_download_gallery', array('galleries', $cat)); if (strpos($cat, chr(10)) !== false || strpos($cat, chr(13)) !== false) { log_hack_attack_and_exit('HEADER_SPLIT_HACK'); } $gallery_rows = $GLOBALS['SITE_DB']->query_select('galleries', array('*'), array('name' => $cat), '', 1); if (!array_key_exists(0, $gallery_rows)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $gallery_row = $gallery_rows[0]; // Send header header('Content-Type: application/octet-stream' . '; authoritative=true;'); if (strstr(ocp_srv('HTTP_USER_AGENT'), 'MSIE') !== false) { header('Content-Disposition: filename="gallery-' . $cat . '.zip"'); } else { header('Content-Disposition: attachment; filename="gallery-' . $cat . '.zip"'); } disable_php_memory_limit(); $rows = array_merge($GLOBALS['SITE_DB']->query_select('videos', array('url', 'add_date'), array('cat' => $cat, 'validated' => 1)), $GLOBALS['SITE_DB']->query_select('images', array('url', 'add_date'), array('cat' => $cat, 'validated' => 1))); $array = array(); foreach ($rows as $row) { $full_path = NULL; $data = NULL; if (url_is_local($row['url']) && file_exists(get_file_base() . '/' . urldecode($row['url']))) { $path = urldecode($row['url']); $full_path = get_file_base() . '/' . $path; if (file_exists($full_path)) { $time = filemtime($full_path); $name = $path; } else { continue; } } else { continue; // Actually we won't include them, if they are not local it implies it is not reasonable for them to lead to server load, and they may not even be native files $time = $row['add_date']; $name = basename(urldecode($row['url'])); $data = http_download_file($row['url']); } $array[] = array('name' => preg_replace('#^uploads/galleries/#', '', $name), 'time' => $time, 'data' => $data, 'full_path' => $full_path); } if ($gallery_row['rep_image'] != '') { if (url_is_local($gallery_row['rep_image']) && file_exists(get_file_base() . '/' . urldecode($gallery_row['rep_image']))) { $path = urldecode($gallery_row['rep_image']); $full_path = get_file_base() . '/' . $path; if (file_exists($full_path)) { $time = filemtime($full_path); $name = $path; $data = file_get_contents($full_path); } } else { $time = $gallery_row['add_date']; $name = basename(urldecode($gallery_row['rep_image'])); $data = http_download_file($gallery_row['rep_image']); } $array[] = array('name' => preg_replace('#^uploads/(galleries|grepimages)/#', '', $name), 'time' => $time, 'data' => $data); } @ini_set('zlib.output_compression', 'Off'); //$zip_file=create_zip_file($array); //header('Content-Length: '.strval(strlen($zip_file))); //echo $zip_file; create_zip_file($array, true); }
/** * The UI to view a banner. * * @return tempcode The UI */ function view_banner() { $title = get_page_title('BANNER_INFORMATION'); $source = get_param('source'); $rows = $GLOBALS['SITE_DB']->query_select('banners', array('*'), array('name' => $source)); if (!array_key_exists(0, $rows)) { warn_exit(do_lang_tempcode('BANNER_MISSING_SOURCE')); } $myrow = $rows[0]; if (is_guest($myrow['submitter']) || $myrow['submitter'] != get_member()) { check_specific_permission('view_anyones_banner_stats'); } switch ($myrow['the_type']) { case 0: $type = do_lang_tempcode('BANNER_PERMANENT'); break; case 1: $type = do_lang_tempcode('_BANNER_HITS_LEFT', do_lang_tempcode('BANNER_CAMPAIGN'), make_string_tempcode(integer_format($myrow['campaign_remaining']))); break; case 2: $type = do_lang_tempcode('BANNER_DEFAULT'); break; } if ($myrow['views_to'] != 0) { $click_through = protect_from_escaping(escape_html(float_format(100.0 * ($myrow['hits_to'] / $myrow['views_to'])))); } else { $click_through = do_lang_tempcode('NA_EM'); } $has_banner_network = $GLOBALS['SITE_DB']->query_value('banners', 'SUM(views_from)') != 0.0; $fields = new ocp_tempcode(); require_code('templates_view_space'); $fields->attach(view_space_field(do_lang_tempcode('TYPE'), $type)); if ($myrow['b_type'] != '') { $fields->attach(view_space_field(do_lang_tempcode('_BANNER_TYPE'), $myrow['b_type'])); } $expiry_date = is_null($myrow['expiry_date']) ? do_lang_tempcode('NA_EM') : make_string_tempcode(escape_html(get_timezoned_date($myrow['expiry_date'], true))); $fields->attach(view_space_field(do_lang_tempcode('EXPIRY_DATE'), $expiry_date)); if ($has_banner_network) { $fields->attach(view_space_field(do_lang_tempcode('BANNER_HITSFROM'), integer_format($myrow['hits_from']), false, 'hits_from')); $fields->attach(view_space_field(do_lang_tempcode('BANNER_VIEWSFROM'), integer_format($myrow['views_from']), false, 'views_from')); } $fields->attach(view_space_field(do_lang_tempcode('BANNER_HITSTO'), $myrow['site_url'] == '' ? do_lang_tempcode('CANT_TRACK') : protect_from_escaping(escape_html(integer_format($myrow['hits_to']))), false, 'hits_to')); $fields->attach(view_space_field(do_lang_tempcode('BANNER_VIEWSTO'), $myrow['site_url'] == '' ? do_lang_tempcode('CANT_TRACK') : protect_from_escaping(escape_html(integer_format($myrow['views_to']))), false, 'views_to')); $fields->attach(view_space_field(do_lang_tempcode('BANNER_CLICKTHROUGH'), $click_through)); $username = $GLOBALS['FORUM_DRIVER']->member_profile_hyperlink($myrow['submitter']); $fields->attach(view_space_field(do_lang_tempcode('SUBMITTER'), $username, true)); $view_space = do_template('VIEW_SPACE', array('_GUID' => 'eb97a46d8e9813da7081991d5beed270', 'WIDTH' => '300', 'FIELDS' => $fields)); $banner = show_banner($myrow['name'], $myrow['b_title_text'], get_translated_tempcode($myrow['caption']), $myrow['img_url'], $source, $myrow['site_url'], $myrow['b_type']); $edit_url = new ocp_tempcode(); if (has_actual_page_access(NULL, 'cms_banners', NULL, NULL) && has_edit_permission('mid', get_member(), $myrow['submitter'], 'cms_banners')) { $edit_url = build_url(array('page' => 'cms_banners', 'type' => '_ed', 'id' => $source), get_module_zone('cms_banners')); } $GLOBALS['META_DATA'] += array('created' => date('Y-m-d', $myrow['add_date']), 'creator' => $GLOBALS['FORUM_DRIVER']->get_username($myrow['submitter']), 'publisher' => '', 'modified' => is_null($myrow['edit_date']) ? '' : date('Y-m-d', $myrow['edit_date']), 'type' => 'Banner', 'title' => get_translated_text($myrow['caption']), 'identifier' => '_SEARCH:banners:view:' . $source, 'description' => '', 'image' => $myrow['img_url']); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('CHOOSE')))); return do_template('BANNER_VIEW_SCREEN', array('_GUID' => 'ed923ae0682c6ed679c0efda688c49ea', 'TITLE' => $title, 'EDIT_URL' => $edit_url, 'VIEW_SPACE' => $view_space, 'BANNER' => $banner)); }