$_SESSION = array();
$_SESSION['NOT_BOT'] = 1;
redirect(FORUM_ROOT . "search.php?action=show_new");
}
}
}
} else {
if ($action == 'out') {
if ($forum_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $forum_user['id']) {
header('Location: ' . forum_link($forum_url['index']));
exit;
}
// We validate the CSRF token. If it's set in POST and we're at this point, the token is valid.
// If it's in GET, we need to make sure it's valid.
if (!isset($_POST['csrf_token']) && (!isset($_GET['csrf_token']) || $_GET['csrf_token'] !== generate_form_token('logout' . $forum_user['id']))) {
csrf_confirm_form();
}
($hook = get_hook('li_logout_selected')) ? eval($hook) : null;
// Remove user from "users online" list.
$query = array('DELETE' => 'online', 'WHERE' => 'user_id=' . $forum_user['id']);
($hook = get_hook('li_logout_qr_delete_online_user')) ? eval($hook) : null;
$forum_db->query_build($query) or error(__FILE__, __LINE__);
// Update last_visit (make sure there's something to update it with)
if (isset($forum_user['logged'])) {
$query = array('UPDATE' => 'users', 'SET' => 'last_visit=' . $forum_user['logged'], 'WHERE' => 'id=' . $forum_user['id']);
($hook = get_hook('li_logout_qr_update_last_visit')) ? eval($hook) : null;
$forum_db->query_build($query) or error(__FILE__, __LINE__);
}
$expire = time() + 1209600;
forum_setcookie($cookie_name, base64_encode('1|' . random_key(8, false, true) . '|' . $expire . '|' . random_key(8, false, true)), $expire);
// Reset tracked topics
protected function _check_csrf_token($generated_token)
{
if (!isset($_POST['csrf_token']) && (!isset($this->csrf_token) || $this->csrf_token !== $generated_token)) {
csrf_confirm_form();
}
}
function pun_pm_get_page(&$page)
{
global $forum_url, $forum_user, $lang_common;
$return = ($hook = get_hook('pun_pm_fn_get_page_new_page')) ? eval($hook) : null;
if ($return != null) {
return $return;
}
if ($page == 'write') {
if (isset($_GET['message_id'])) {
if (isset($_POST['pm_delete_inbox']) || isset($_POST['pm_delete_outbox'])) {
if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== generate_form_token(forum_link($forum_url['pun_pm_edit'], $_GET['message_id']))) {
csrf_confirm_form();
}
return pun_pm_delete_message(array($_GET['message_id']));
} else {
return pun_pm_edit_message();
}
}
if (isset($_POST['pm_delete'])) {
if (isset($_POST['pm_delete_inbox']) || isset($_POST['pm_delete_outbox'])) {
if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== generate_form_token(forum_link($forum_url['pun_pm_write']))) {
csrf_confirm_form();
}
return pun_pm_delete_message($_POST['pm_delete']);
}
}
return pun_pm_send_form();
} elseif ($page == 'compose') {
$receiver_id = isset($_GET['receiver_id']) ? (int) $_GET['receiver_id'] : 0;
return pun_pm_send_form(pun_pm_get_username($receiver_id));
} elseif ($page == 'outbox') {
if (isset($_GET['message_id'])) {
$message = pun_pm_get_message((int) $_GET['message_id'], 'outbox');
if ($message === false) {
message($lang_common['Bad request']);
}
return pun_pm_message($message, 'outbox');
}
return pun_pm_outbox();
} else {
$page = 'inbox';
if (isset($_GET['message_id'])) {
$message = pun_pm_get_message((int) $_GET['message_id'], 'inbox');
if ($message === false) {
message($lang_common['Bad request']);
}
return pun_pm_message($message, 'inbox');
}
return pun_pm_inbox();
}
}
public function action_alerts_topics_off()
{
global $forum_db, $forum_user, $forum_url, $lang_common, $lang_fancy_alerts, $forum_flash, $ext_info;
if ($forum_user['is_guest']) {
message($lang_common['No permission']);
}
// TOPIC ID
$tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
if ($tid < 1) {
message($lang_common['Bad request']);
}
// We validate the CSRF token. If it's set in POST and we're at this point, the token is valid.
// If it's in GET, we need to make sure it's valid.
if (!isset($_POST['csrf_token']) && (!isset($_GET['csrf_token']) || $_GET['csrf_token'] !== generate_form_token('fancy_alerts_topics_off' . $tid . $forum_user['id']))) {
csrf_confirm_form();
}
// LOAD LANG
if (!isset($lang_fancy_alerts)) {
if ($forum_user['language'] != 'English' && file_exists($ext_info['path'] . '/lang/' . $forum_user['language'] . '/' . $ext_info['id'] . '.php')) {
require $ext_info['path'] . '/lang/' . $forum_user['language'] . '/' . $ext_info['id'] . '.php';
} else {
require $ext_info['path'] . '/lang/English/' . $ext_info['id'] . '.php';
}
}
// GET TOPIC LAST_POST_TIME AND SUBJECT
// Make sure the user can view the topic
$query = array('SELECT' => 'subject, last_post', 'FROM' => 'topics AS t', 'JOINS' => array(array('LEFT JOIN' => 'forum_perms AS fp', 'ON' => '(fp.forum_id=t.forum_id AND fp.group_id=' . $forum_user['g_id'] . ')')), 'WHERE' => '(fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=' . $tid . ' AND t.moved_to IS NULL');
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
$cur_topic = $forum_db->fetch_assoc($result);
if (!$cur_topic) {
message($lang_common['Bad request']);
}
// DEL CURRENT TOPIC ALERTS
$query = array('DELETE' => 'fancy_alerts_topics', 'WHERE' => 'user_id=' . $forum_user['id'] . ' AND topic_id=' . $tid);
$forum_db->query_build($query) or error(__FILE__, __LINE__);
$forum_flash->add_info($lang_fancy_alerts['Alerts Topics off redirect']);
// REDIRECT TO INDEX
redirect(forum_link($forum_url['topic'], array($tid, sef_friendly($cur_topic['subject']))), $lang_fancy_alerts['Alerts Topics off redirect']);
}
