$newemail = getStringFromRequest('newemail');
if (!validate_email($newemail)) {
form_release_key(getStringFromRequest('form_key'));
exit_error(_('Error'), _('Invalid email address.'));
}
$confirm_hash = substr(md5($session_hash . time()), 0, 16);
$u =& user_get_object(user_getid());
if (!$u || !is_object($u)) {
form_release_key(getStringFromRequest('form_key'));
exit_error('Error', 'Could Not Get User');
} elseif ($u->isError()) {
form_release_key(getStringFromRequest('form_key'));
exit_error('Error', $u->getErrorMessage());
}
if (!$u->setNewEmailAndHash($newemail, $confirm_hash)) {
form_release_key(getStringFromRequest('form_key'));
exit_error('Could Not Complete Operation', $u->getErrorMessage());
}
$message = stripcslashes(sprintf(_('You have requested a change of email address on %1$s.
Please visit the following URL to complete the email change:
%2$s
-- the %1$s staff'), $GLOBALS['sys_name'], util_make_url('/account/change_email-complete.php?ch=_' . $confirm_hash)));
util_send_message($newemail, sprintf(_('%1$s Verification'), $GLOBALS['sys_name']), $message);
site_user_header(array('title' => _('Email Change Confirmation')));
printf(_('<p>An email has been sent to the new address. Follow the instructions in the email to complete the email change. </p><a href="%1$s">[ Home ]</a>'), util_make_url('/'));
site_user_footer(array());
exit;
}
site_user_header(array('title' => _('Email change')));
/**
* admin_table_postadd() - update the database based on a submitted change
*
* @param $table - the table to act on
* @param $unit - the name of the "units" described by the table's records
* @param $primary_key - the primary key of the table
*/
function admin_table_postadd($table, $unit, $primary_key)
{
if (!form_key_is_valid(getStringFromRequest('form_key'))) {
exit_form_double_submit();
}
$field_list = getStringFromRequest('__fields__');
$fields = split(",", $field_list);
$values = array();
foreach ($fields as $field) {
$values[] = "'" . getStringFromPost($field) . "'";
}
$sql = "INSERT INTO {$table} (" . $field_list . ") VALUES (" . implode(",", $values) . ")";
if (db_query($sql)) {
printf(_('%1$s successfully added.'), ucfirst(getUnitLabel($unit)));
} else {
form_release_key(getStringFromRequest('form_key'));
echo db_error();
}
}
<?php
echo util_make_url('/snippet/add_snippet_to_package.php?snippet_package_version_id=' . $snippet_package_version_id, _('Add snippets to package'), array('target' => '_blank'));
?>
</p>
<p><?php
echo _('<strong>Browse the library</strong> to find the snippets you want to add, then add them using the new window link shown above.');
?>
</p>
<p>
<?php
snippet_footer(array());
exit;
}
} else {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error - Go back and fill in all the information'));
}
}
snippet_header(array('title' => _('New snippet version')));
?>
</p>
<p>
<?php
echo _('If you have modified a version of a package and you feel it is significant enough to share with others, please do so.');
?>
</p>
<p>
<form action="<?php
echo getStringFromServer('PHP_SELF');
?>
/**
* ExecuteAction - Executes the action passed as parameter
*
* @param string action to execute.
*/
function ExecuteAction($action)
{
global $HTML;
if ($action == "change_status") {
//change a forum
$forum_name = getStringFromRequest('forum_name');
$description = getStringFromRequest('description');
$send_all_posts_to = getStringFromRequest('send_all_posts_to');
$allow_anonymous = getIntFromRequest('allow_anonymous');
$is_public = getIntFromRequest('is_public');
$moderation_level = getIntFromRequest('moderation_level');
$group_forum_id = getIntFromRequest('group_forum_id');
/*
Change a forum
*/
$f = new Forum($this->g, $group_forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
if (!$f->update($forum_name, $description, $allow_anonymous, $is_public, $send_all_posts_to, $moderation_level)) {
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Forum Info Updated Successfully');
}
return $feedback;
}
if ($action == "add_forum") {
//add forum
$forum_name = getStringFromRequest('forum_name');
$description = getStringFromRequest('description');
$is_public = getStringFromRequest('is_public');
$send_all_posts_to = getStringFromRequest('send_all_posts_to');
$allow_anonymous = getStringFromRequest('allow_anonymous');
$moderation_level = getIntFromRequest('moderation_level');
/*
Adding forums to this group
*/
if (!$this->p->isForumAdmin()) {
form_release_key(getStringFromRequest("form_key"));
exit_permission_denied();
}
$f = new Forum($this->g);
if (!$f || !is_object($f)) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->create($forum_name, $description, $is_public, $send_all_posts_to, 1, $allow_anonymous, $moderation_level)) {
form_release_key(getStringFromRequest("form_key"));
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Forum created successfully');
}
return $feedback;
}
if ($action == "delete") {
//Deleting messages or threads
$msg_id = getStringFromRequest('deletemsg');
$forum_id = getIntFromRequest('forum_id');
$f = new Forum($this->g, $forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
$fm = new ForumMessage($f, $msg_id);
if (!$fm || !is_object($fm)) {
exit_error(_('Error'), _('Error Getting ForumMessage'));
} elseif ($fm->isError()) {
exit_error(_('Error'), $fm->getErrorMessage());
}
$count = $fm->delete();
if (!$count || $fm->isError()) {
exit_error(_('Error'), $fm->getErrorMessage());
} else {
$feedback = sprintf(ngettext('%1$s message deleted', '%1$s messages deleted', $count), $count);
}
return $feedback;
}
if ($action == "delete_forum") {
//delete the forum
/*
Deleting entire forum
*/
$group_forum_id = getIntFromRequest('group_forum_id');
$f = new Forum($this->g, $group_forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
if (!$f->userIsAdmin()) {
exit_permission_denied();
}
if (!$f->delete(getStringFromRequest('sure'), getStringFromRequest('really_sure'))) {
exit_error(_('Error'), $f->getErrorMessage());
} else {
$feedback = _('Successfully Deleted');
}
return $feedback;
}
if ($action == "view_pending") {
//show the pending messages, awaiting moderation
$group_id = $this->group_id;
$forum_id = getStringFromRequest("forum_id");
if ($this->isGroupAdmin()) {
$this->PrintAdminOptions();
}
$sql = "SELECT forum_name, group_forum_id FROM forum_group_list WHERE group_id='{$group_id}' and moderation_level > 0";
$res = db_query($sql);
if (!$res) {
echo db_error();
return;
}
global $sys_db_row_pointer;
$moderated_forums = array();
for ($i = 0; $i < db_numrows($res); $i++) {
$aux = db_fetch_array($res);
$moderated_forums[$aux[1]] = $aux[0];
}
if (count($moderated_forums) == 0) {
echo $HTML->feedback(_('No forums are moderated for this group'));
forum_footer(array());
exit;
}
if (!$forum_id) {
//get the first one
$keys = array_keys($moderated_forums);
$forum_id = $keys[0];
}
echo '
<script language="JavaScript" type="text/javascript">
function confirmDel() {
var agree=confirm("Proceed? Actions are permanent!");
if (agree) {
return true;
} else {
return false;
}
}
</script>
<p><form name="pending" action="pending.php" method="post">
<input type="hidden" name="action" value="update_pending" />
<input type="hidden" name="form_key" value="' . form_generate_key() . '">
<input type="hidden" name="group_id" value="' . getIntFromRequest("group_id") . '" />
<input type="hidden" name="forum_id" value="' . $forum_id . '" />
';
//$moderated_forums["A"] = "All Forums for this group"; // to show all
echo html_build_select_box_from_assoc($moderated_forums, forum_id, $forum_id);
echo ' <input name="Go" type="submit" value="Go"><p>';
$title = array();
$title[] = _('Forum Name');
$title[] = _('Message');
$title[] = "Action";
$sql = "SELECT msg_id,subject,pm.group_forum_id,gl.forum_name FROM forum_pending_messages pm, forum_group_list gl WHERE pm.group_forum_id='{$forum_id}' AND pm.group_forum_id=gl.group_forum_id AND gl.group_forum_id='{$forum_id}'";
$res = db_query($sql);
if (!$res) {
echo db_error();
return;
}
$options = array("1" => "No action", "2" => "Delete", "3" => "Release");
//array with the supported actions
//i�ll make a hidden variable, helps to determine when the user updates the info, which action corresponds to which msgID
for ($i = 0; $i < db_numrows($res); $i++) {
$ids .= db_result($res, $i, 'msg_id') . ",";
}
$i = 2;
echo $HTML->listTableTop($title);
while ($onemsg = db_fetch_array($res)) {
//$url = 'pendingmsgdetail.php?msg_id=' . $onemsg[msg_id];
//<a href=\"javascript:msgdetail('$url');\">$onemsg[subject]</a>
$url = "http://www.google.com";
echo "\n\t\t\t\t<tr" . $HTML->boxGetAltRowStyle($i++) . ">\n\t\t\t\t\t<td>{$onemsg['forum_name']}</td>\t\n\t\t\t\t\t<td><a href=\"#\" OnClick=\"window.open('pendingmsgdetail.php?msg_id={$onemsg['msg_id']}&forum_id={$onemsg['group_forum_id']}&group_id={$group_id}','PendingMessageDetail','width=800,height=600,status=no,resizable=yes');\">{$onemsg['subject']}</a></td>\n\t\t\t\t\t<td><div align=\"right\">" . html_build_select_box_from_assoc($options, "doaction[]", 1) . "</div></td>\n\t\t\t\t</tr>";
}
echo $HTML->listTableBottom();
echo '
<p>
<input type="hidden" name="msgids" value="' . $ids . '">
<div align="right"><input type="submit" onClick="return confirmDel();" name="update" value="' . _('Update') . '"></div>
</form>
';
}
if ($action == "update_pending") {
$group_id = getIntFromRequest("group_id");
$forum_id = getIntFromRequest("forum_id");
$msgids = getStringFromRequest("msgids");
//the message ids to update
$doaction = getArrayFromRequest("doaction");
//the actions for the messages
$msgids = split(",", $msgids);
array_pop($msgids);
//this last one is empty
/*if ($this->isGroupAdmin()) {
$this->PrintAdminOptions();
}*/
$results = array();
//messages
for ($i = 0; $i < count($msgids); $i++) {
switch ($doaction[$i]) {
case 1:
//no action
break;
case 2:
//delete
db_begin();
$sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
$sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
$feedback .= _('Forum deleted');
break;
case 3:
//release
$sql = "SELECT * FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
$res1 = db_query($sql);
if (!$res1) {
$feedback .= "DB Error " . db_error() . "<br>";
break;
}
$sql = "SELECT * FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
$res2 = db_query($sql);
if (!$res2) {
$feedback .= "DB Error " . db_error() . "<br>";
break;
}
$f = new Forum($this->g, $forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error'), _('Error getting new Forum'));
} elseif ($f->isError()) {
exit_error(_('Error'), $f->getErrorMessage());
}
$fm = new ForumMessage($f);
// pending = false
if (!$fm || !is_object($fm)) {
exit_error(_('Error'), "Error getting new ForumMessage");
} elseif ($fm->isError()) {
exit_error(_('Error'), "Error getting new ForumMessage: " . $fm->getErrorMessage());
}
$group_forum_id = db_result($res1, 0, "group_forum_id");
$subject = db_result($res1, 0, "subject");
$body = db_result($res1, 0, "body");
$post_date = db_result($res1, 0, "post_date");
$thread_id = db_result($res1, 0, "thread_id");
$is_followup_to = db_result($res1, 0, "is_followup_to");
$posted_by = db_result($res1, 0, "posted_by");
$has_followups = db_result($res1, 0, "has_followups");
$most_recent_date = db_result($res1, 0, "most_recent_date");
if ($fm->insertreleasedmsg($group_forum_id, $subject, $body, $post_date, $thread_id, $is_followup_to, $posted_by, $has_followups, time())) {
$feedback .= "( {$subject} ) " . _('Pending forum released') . "<br>";
if (db_numrows($res2) > 0) {
//if there�s an attachment
$am = new AttachManager();
//object that will handle and insert the attachment into the db
$am->SetForumMsg($fm);
$userid = db_result($res2, 0, "userid");
$dateline = db_result($res2, 0, "dateline");
$filename = db_result($res2, 0, "filename");
$filedata = db_result($res2, 0, "filedata");
$filesize = db_result($res2, 0, "filesize");
$visible = db_result($res2, 0, "visible");
$msg_id = db_result($res2, 0, "msg_id");
$filehash = db_result($res2, 0, "filehash");
$mimetype = db_result($res2, 0, "mimetype");
$am->AddToDBOnly($userid, $dateline, $filename, $filedata, $filesize, $visible, $filehash, $mimetype);
foreach ($am->Getmessages() as $item) {
$feedback .= "{$msg_id} - " . $item . "<br>";
}
}
$deleteok = true;
} else {
if ($fm->isError()) {
if ($fm->getErrorMessage() == _('Couldn\'t Update Master Thread parent with current time')) {
//the thread which the message was replying to doesn�t exist any more
$feedback .= "( " . $subject . " ) " . _('The thread which the message was posted to doesn\'t exist anymore, please delete the message.') . "<br>";
} else {
$feedback .= "{$msg_id} - " . $fm->getErrorMessage() . "<br>";
}
$deleteok = false;
}
}
if (isset($am) && is_object($am)) {
//if there was an attach, check if it was uploaded ok
if (!$am->isError()) {
$deleteok = true;
} else {
//undo the changes to the forum table
db_begin();
$sql = "DELETE FROM forum WHERE msg_id='{$fm->getID}()'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
$deleteok = false;
}
}
if ($deleteok) {
//delete the message and attach
db_begin();
$sql = "DELETE FROM forum_pending_attachment WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
$sql = "DELETE FROM forum_pending_messages WHERE msg_id='{$msgids[$i]}'";
if (!db_query($sql)) {
$feedback .= "DB Error ";
$feedback .= db_error() . "<br>";
db_rollback();
break;
}
db_commit();
}
}
}
html_feedback_top($feedback);
$page = 0;
$this->ExecuteAction("view_pending");
}
}
