function delete(&$vars)
{
extract($vars);
$resource->delete_from_post($request);
header_status('200 OK');
redirect_to($request->url_for(array('action' => 'entry', 'resource' => 'auctions', 'id' => $request->params['auctionbullet']['auction_id'])));
}
function delete(&$vars)
{
extract($vars);
$resource->delete_from_post($request);
header_status('200 OK');
redirect_to($request->resource);
}
function updatePassword($data, $db)
{
$response = array();
try {
$search = 'SELECT password FROM users WHERE BINARY id=? ';
$search_stmt = $db->stmt_init();
if (!$search_stmt->prepare($search)) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $search_stmt->error;
echo json_encode($response);
die;
} else {
$search_stmt->bind_param('i', $data->id);
$search_stmt->execute();
$result = $search_stmt->get_result();
$count = $result->num_rows;
if ($count == 1) {
$row = $result->fetch_assoc();
if (password_verify($data->currentPassword, $row['password'])) {
$update = 'UPDATE users SET password=? WHERE id=?';
$update_stmt = $db->stmt_init();
if (!$update_stmt->prepare($update)) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $update_stmt->error;
echo json_encode($response);
die;
} else {
$update_stmt->bind_param('si', password_hash($data->newPassword, PASSWORD_BCRYPT), $data->id);
if ($update_stmt->execute()) {
header_status(200);
$response['status'] = 'Success';
$response['message'] = 'Password Updated';
} else {
header_status(200);
$response['status'] = 'Error';
$response['message'] = 'Password Not Updated';
}
}
} else {
header_status(200);
$response['status'] = 'Error';
$response['message'] = 'Incorrect password. Please enter your current password';
}
} else {
header_status(200);
$response['status'] = 'Error';
$response['message'] = 'User does not exist';
}
}
echo json_encode($response);
} catch (Exception $e) {
header_status(503);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
die;
}
}
function delete(&$vars)
{
extract($vars);
$resource->delete_from_post($request);
header_status('200 OK');
redirect_to($request->url_for(array('resource' => 'identities', 'id' => $profile->id, 'action' => 'edit')));
}
function delete(&$vars)
{
extract($vars);
$s = $collection->MoveFirst();
if (!$s || $s->profile_id != get_profile_id()) {
trigger_error('Sorry, the setting could not be deleted', E_USER_ERROR);
}
$resource->delete_from_post($request);
header_status('200 OK');
redirect_to($request->resource);
}
function post_as_notice(&$vars)
{
extract($vars);
$Member = $Auction->find($request->id);
$o = owner_of($Member);
if (!($o->id == get_profile_id())) {
trigger_error('your profile id does not match the owner of the auction', E_USER_ERROR);
}
$adsrc = '
<div style="background-color:#ddd; padding:15px; margin:15px;">
<p>' . $Member->headline . '</p>
<p>' . $Member->body . '</p>
<ul style="list-style: square; margin-left: 20px; margin-top: 0px;">';
while ($bullet = $Member->NextChild("auction_bullets")) {
$adsrc .= ' <li>' . $bullet->bullet . '</li>';
}
$adsrc .= '</ul>
<p>
' . $Member->close . '
</p>';
while ($photo = $Member->NextChild("auction_photos")) {
$adsrc .= ' <img src="' . $request->url_for(array("resource" => "auction_photos", "id" => $photo->id, "action" => "photo.jpg")) . '" border="0" />';
}
$adsrc .= '</div>';
$p = $Post->base();
$p->set_value('profile_id', $o->id);
$p->set_value('parent_id', 0);
$p->set_value('title', $Member->headline);
$p->set_value('body', $adsrc);
$p->save_changes();
$p->set_etag();
header_status('200 OK');
redirect_to($request->base);
}
} elseif ($di->getConfig()->application->env === 'test') {
$debug = new \Phalcon\Debug();
$debug->listen();
echo $application->handle()->getContent();
} else {
try {
echo $application->handle()->getContent();
} catch (\Application\Common\Exceptions\NotFoundException $e) {
header_status(404);
readfile('404.html');
} catch (\Exception $e) {
// // TODO: log errors.
// echo get_class($e), ": ", $e->getMessage(), "\n";
// echo " File=", $e->getFile(), "\n";
// echo " Line=", $e->getLine(), "\n";
// echo $e->getTraceAsString();
header_status(500);
readfile('500.html');
}
}
function header_status($statusCode)
{
static $status_codes = null;
if ($status_codes === null) {
$status_codes = array(100 => 'Continue', 101 => 'Switching Protocols', 102 => 'Processing', 200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content', 207 => 'Multi-Status', 300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect', 400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Timeout', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Long', 415 => 'Unsupported Media Type', 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', 422 => 'Unprocessable Entity', 423 => 'Locked', 424 => 'Failed Dependency', 426 => 'Upgrade Required', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Timeout', 505 => 'HTTP Version Not Supported', 506 => 'Variant Also Negotiates', 507 => 'Insufficient Storage', 509 => 'Bandwidth Limit Exceeded', 510 => 'Not Extended');
}
if ($status_codes[$statusCode] !== null) {
$status_string = $statusCode . ' ' . $status_codes[$statusCode];
header($_SERVER['SERVER_PROTOCOL'] . ' ' . $status_string, true, $statusCode);
}
}
function deletePhoto($data, $db)
{
$response = array();
try {
$filename = $data->name;
$delete_photo = "DELETE FROM photos WHERE id=?";
$delete_photo_stmt = $db->stmt_init();
if (!$delete_photo_stmt->prepare($delete_photo)) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $delete_photo_stmt->error;
echo json_encode($response);
die;
} else {
$delete_photo_stmt->bind_param('i', $data->id);
if ($delete_photo_stmt->execute()) {
if (file_exists("../assets/photos/{$filename}")) {
unlink("../assets/photos/{$filename}");
}
if (file_exists("../assets/thumbnails/{$filename}")) {
unlink("../assets/thumbnails/{$filename}");
}
header_status(200);
$response['status'] = 'Success';
$response['message'] = 'Photo Deleted';
} else {
header_status(503);
$response['status'] = 'Error';
$response['message'] = 'Photo Deletion failed';
}
}
echo json_encode($response);
} catch (Exception $e) {
header_status(503);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
die;
}
}
function sendMail($data, $gCaptchaSecretKey, $SendGrid_API_KEY)
{
$captcha = $data->g_recaptcha_response;
$postdata = http_build_query(array('secret' => $gCaptchaSecretKey, 'response' => $captcha, 'remoteip' => $_SERVER['REMOTE_ADDR']));
$opts = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata));
$context = stream_context_create($opts);
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify", false, $context);
$response = json_decode($response, true);
$mailResponse = array();
if ($response["success"] === false) {
header_status(200);
$mailResponse['status'] = 'Error';
$mailResponse['message'] = 'Robots Not allowed (Captcha verification failed)';
echo json_encode($mailResponse);
} else {
try {
$sendgrid = new SendGrid($SendGrid_API_KEY);
$email = new SendGrid\Email();
$email->addTo(array(' '), array('Clinton D\'souza'))->setFrom('*****@*****.**')->setFromName($data->name . ' (via. v12eventsdubai.com - Website)')->setReplyTo($data->address)->setSubject($data->subject)->setText(htmlentities($data->msg))->setHtml(htmlentities($data->msg));
if (!$sendgrid->send($email)) {
header_status(503);
$response['status'] = 'Error';
$response['message'] = 'Error sending message';
} else {
header_status(200);
$response['status'] = 'Success';
$response['message'] = 'Message Sent';
}
echo json_encode($response);
} catch (exception $e) {
header_status(503);
$mailResponse['status'] = 'Error';
$mailResponse['message'] = $e->getMessage();
echo json_encode($response);
die;
}
}
}
function ban_check($user_data, $send_error = true)
{
if (!($db = db::get())) {
return false;
}
if (!is_array($user_data)) {
return false;
}
$user_data_keys = array('UID', 'IPADDRESS', 'REFERER', 'LOGON', 'NICKNAME', 'EMAIL');
$user_data = array_intersect_key($user_data, array_flip($user_data_keys));
if (!($table_prefix = get_table_prefix())) {
return false;
}
$admin_log_types_array = array(BAN_TYPE_IP => BAN_HIT_TYPE_IP, BAN_TYPE_LOGON => BAN_HIT_TYPE_LOGON, BAN_TYPE_NICK => BAN_HIT_TYPE_NICK, BAN_TYPE_EMAIL => BAN_HIT_TYPE_EMAIL, BAN_TYPE_REF => BAN_HIT_TYPE_REF);
$ban_check_select_array = array();
$ban_check_where_array = array();
$user_banned = false;
if (isset($user_data['IPADDRESS']) && strlen(trim($user_data['IPADDRESS'])) > 0) {
$ban_check_select_array[] = sprintf("'%s' AS IPADDRESS", $db->escape($user_data['IPADDRESS']));
$ban_check_where_array[] = sprintf("('%s' LIKE BANDATA AND BANTYPE = %d)", $db->escape($user_data['IPADDRESS']), BAN_TYPE_IP);
}
if (isset($user_data['REFERER']) && strlen(trim($user_data['REFERER'])) > 0) {
$ban_check_select_array[] = sprintf("'%s' AS REFERER", $db->escape($user_data['REFERER']));
$ban_check_where_array[] = sprintf("('%s' LIKE BANDATA AND BANTYPE = %d)", $db->escape($user_data['REFERER']), BAN_TYPE_REF);
}
if (!isset($user_data['UID']) || $user_data['UID'] > 0) {
if (isset($user_data['LOGON']) && strlen(trim($user_data['LOGON'])) > 0) {
$ban_check_select_array[] = sprintf("'%s' AS LOGON", $db->escape($user_data['LOGON']));
$ban_check_where_array[] = sprintf("('%s' LIKE BANDATA AND BANTYPE = %d)", $db->escape($user_data['LOGON']), BAN_TYPE_LOGON);
}
if (isset($user_data['NICKNAME']) && strlen(trim($user_data['NICKNAME'])) > 0) {
$ban_check_select_array[] = sprintf("'%s' AS NICKNAME", $db->escape($user_data['NICKNAME']));
$ban_check_where_array[] = sprintf("('%s' LIKE BANDATA AND BANTYPE = %d)", $db->escape($user_data['NICKNAME']), BAN_TYPE_NICK);
}
if (isset($user_data['EMAIL']) && strlen(trim($user_data['EMAIL'])) > 0) {
$ban_check_select_array[] = sprintf("'%s' AS EMAIL", $db->escape($user_data['EMAIL']));
$ban_check_where_array[] = sprintf("('%s' LIKE BANDATA AND BANTYPE = %d)", $db->escape($user_data['EMAIL']), BAN_TYPE_EMAIL);
}
}
$ban_check_select_list = implode(", ", $ban_check_select_array);
$ban_check_where_query = implode(" OR ", $ban_check_where_array);
if (strlen(trim($ban_check_where_query)) > 0 && strlen(trim($ban_check_select_list)) > 0) {
$current_datetime = date(MYSQL_DATETIME_MIDNIGHT, time());
$sql = "SELECT ID, BANTYPE, BANDATA, {$ban_check_select_list} ";
$sql .= "FROM `{$table_prefix}BANNED` WHERE ({$ban_check_where_query}) ";
$sql .= "AND (EXPIRES > CAST('{$current_datetime}' AS DATETIME) OR EXPIRES = 0)";
if (!($result = $db->query($sql))) {
return false;
}
if ($result->num_rows > 0) {
$user_banned = true;
while (($ban_check_result_array = $result->fetch_assoc()) !== null) {
if (isset($ban_check_result_array['BANTYPE']) && is_numeric($ban_check_result_array['BANTYPE'])) {
$ban_check_type = $ban_check_result_array['BANTYPE'];
if (($ban_check_data = ban_check_process_data($ban_check_result_array)) !== false) {
if (isset($user_data['UID']) && $user_data['UID'] > 0) {
array_push($ban_check_data, $user_data['UID'], $user_data['LOGON']);
}
admin_add_log_entry($admin_log_types_array[$ban_check_type], $ban_check_data);
}
}
}
}
}
if ($user_banned !== true) {
$cached_response = false;
if (($user_banned = sfs_check_banned($user_data, $cached_response)) !== false) {
if ($cached_response === false) {
$log_data = array($user_data['IPADDRESS'], $user_data['LOGON'], $user_data['EMAIL']);
if (isset($user_data['UID'])) {
$log_data[] = $user_data['UID'];
}
admin_add_log_entry(BAN_HIT_TYPE_SFS, $log_data);
}
}
}
if ($user_banned === true && $send_error === true) {
header_status(500, 'Internal Server Error');
exit;
}
return $user_banned;
}
function light_html_user_banned()
{
header_status(500, 'Internal Server Error');
exit;
}
function DNS_LINKER()
{
include_once "ressources/class.pdns.inc";
$ME = $_SERVER["SERVER_ADDR"];
$content_dir = dirname(__FILE__) . "/ressources/conf/upload";
writelogs("DNS_LINKER:: Request from " . $_SERVER["REMOTE_ADDR"] . " tmp_file={$tmp_file}", __FILE__, __FUNCTION__, __LINE__);
writelogs("DNS_LINKER:: ->LDAP()", __FILE__, __FUNCTION__, __LINE__);
$ldap = new clladp();
if (preg_match("#^(.+?):(.+)#", $_POST["CREDS"], $re)) {
$SuperAdmin = $re[1];
$SuperAdminPass = $re[2];
}
if ($SuperAdmin != $ldap->ldap_admin) {
writelogs("DNS_LINKER:: Invalid credential...", __FILE__, __FUNCTION__, __LINE__);
header_status(500);
echo "Invalid credential...\n";
die("Invalid credential...");
}
if (md5($ldap->ldap_password) != $SuperAdminPass) {
writelogs("DNS_LINKER:: Invalid credential...", __FILE__, __FUNCTION__, __LINE__);
header_status(500);
echo "Invalid credential...\n";
die("Invalid credential...");
}
$TFILE = tempnam($content_dir, "dns-linker-");
@file_put_contents($TFILE, base64_decode($_POST["DNS_LINKER"]));
writelogs("DNS_LINKER:: zuncompress() {$TFILE}", __FILE__, __FUNCTION__, __LINE__);
zuncompress($TFILE, "{$TFILE}.txt");
@unlink($TFILE);
$filesize = @filesize("{$TFILE}.txt");
echo "{$TFILE}.txt -> {$filesize} bytes\n";
$curlparms = unserialize(base64_decode(@file_get_contents("{$TFILE}.txt")));
writelogs("DNS_LINKER:: Loading() {$TFILE}.txt -> ( " . count($curlparms) . " items )", __FILE__, __FUNCTION__, __LINE__);
@unlink("{$TFILE}.txt");
if (!is_array($curlparms)) {
writelogs("DNS_LINKER:: Loading() curlparms no such array", __FILE__, __FUNCTION__, __LINE__);
header_status(500);
die;
}
$zdate = time();
$sql = "SELECT name,domain_id FROM records WHERE `content`='{$curlparms["listen_addr"]}'";
$hostname = $curlparms["hostname"];
$q = new mysql();
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "powerdns"));
if ($ligne["name"] == null) {
$tr = explode(".", $hostname);
$netbiosname = $tr[0];
$dnsname = str_replace("{$netbiosname}.", "", $hostname);
$dns = new pdns($dnsname);
$dns->EditIPName($netbiosname, $curlparms["listen_addr"], "A");
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "powerdns"));
}
if ($ligne["name"] == null) {
writelogs("DNS_LINKER:: Error, unable to get name", __FILE__, __FUNCTION__, __LINE__);
header_status(500);
die;
}
$domain_id = $ligne["domain_id"];
$hostname_sql = $ligne["name"];
while (list($name, $val) = each($curlparms["FREEWEBS_SRV"])) {
if ($name == $hostname_sql) {
continue;
}
$ligne = mysql_fetch_array($q->QUERY_SQL("SELECT name FROM records WHERE `name`='{$name}' AND `type`='CNAME'", "powerdns"));
writelogs("DNS_LINKER::{$hostname_sql}:: {$name} QUERY = `{$ligne["name"]}`", __FILE__, __FUNCTION__, __LINE__);
if ($ligne["name"] != null) {
continue;
}
writelogs("DNS_LINKER:: {$name} ADD {$curlparms["listen_addr"]}", __FILE__, __FUNCTION__, __LINE__);
$q->QUERY_SQL("INSERT INTO records (`domain_id`,`name`,`type`,`content`,`ttl`,`prio`,`change_date`)\n\t\t\tVALUES({$domain_id},'{$name}','CNAME','{$hostname_sql}','86400','0','{$zdate}')", "powerdns");
header_status(500);
if (!$q->ok) {
echo $q->mysql_error . "\n";
}
}
header_status(200);
die;
}
function bh_exception_handler(Exception $exception)
{
$config = server_get_config();
if (isset($config['error_report_verbose']) && $config['error_report_verbose'] == true) {
$error_report_verbose = true;
} else {
$error_report_verbose = false;
}
cache_disable();
while (@ob_end_clean()) {
}
ob_start();
ob_implicit_flush(0);
bh_error_send_email($exception);
$error_msg_array = bh_error_process($exception);
$error_log_message = sprintf('BEEHIVE_ERROR: %s', strip_tags(implode(". ", $error_msg_array)));
@error_log($error_log_message);
header_status(500, 'Internal Server Error');
if ($exception->getCode() == MYSQL_ERROR_NO_SUCH_TABLE || $exception->getCode() == MYSQL_ERROR_WRONG_COLUMN_NAME) {
if (function_exists('install_incomplete') && !defined('BEEHIVE_DEVELOPER_MODE')) {
install_incomplete();
}
}
if (preg_match('/include|include_once/u', $exception->getMessage()) > 0) {
if (function_exists('install_missing_files') && !defined('BEEHIVE_DEVELOPER_MODE')) {
install_missing_files();
}
}
$forum_path = server_get_forum_path();
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"utf-8\" lang=\"en\" dir=\"ltr\">\n";
echo "<head>\n";
echo "<title>Beehive Forum - Error Handler</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo "<link rel=\"icon\" href=\"images/favicon.ico\" type=\"image/ico\" />\n";
echo "<link rel=\"stylesheet\" href=\"", $forum_path, "/styles/default/style.css?", md5(uniqid(rand())), "\" type=\"text/css\" />\n";
echo "</head>\n";
echo "<body>\n";
echo "<h1>Error</h1>\n";
echo "<br />\n";
if (defined('BEEHIVEMODE_LIGHT') && !defined('BEEHIVE_DEVELOPER_MODE')) {
echo '<p>An error has occured. Please wait a few moments before trying again.</p>';
echo '<p>Details of the error have been saved to the default error log.</p>';
if (isset($error_report_verbose) && $error_report_verbose == true) {
echo '<p>When reporting a bug in Project Beehive or when requesting support please include the details below.</p>';
echo "<table cellpadding=\"0\" cellspacing=\"0\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<p>", implode("</p><p>", $error_msg_array), "</p>\n";
}
} else {
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"f_error\" method=\"post\" action=\"\" target=\"_self\">\n";
echo " ", form_input_hidden_array($_POST), "\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"postbody\">An error has occured. Please wait a few moments and then click the Retry button below. Details of the error have been saved to the default error log.</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
if (isset($error_report_verbose) && $error_report_verbose == true || defined('BEEHIVE_DEVELOPER_MODE')) {
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error Details</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">When reporting a bug in Project Beehive or when requesting support please include the details below.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><img src=\"styles/default/images/warning.png\" alt=\"Warning\" title=\"Warning\" /></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td>\n";
echo " <div class=\"error_handler_details\">", implode("\n", $error_msg_array), "</div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
}
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"600\">\n";
echo " <tr>\n";
echo " <td align=\"center\"><input class=\"button\" type=\"submit\" name=\"", md5(uniqid(mt_rand())), "\" value=\"Retry\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</form>\n";
echo "</div>\n";
}
echo "</body>\n";
echo "</html>\n";
exit;
}
function cache_check_etag($local_etag)
{
if (browser_check(BROWSER_AOL)) {
return false;
}
if (headers_sent()) {
return false;
}
$local_last_modified = gmdate("D, d M Y H:i:s", time()) . "GMT";
if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && strlen(trim($_SERVER['HTTP_IF_NONE_MATCH'])) > 0) {
$remote_etag = mb_substr($_SERVER['HTTP_IF_NONE_MATCH'], 1, -1);
} else {
$remote_etag = false;
}
if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && strlen(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) > 0) {
$remote_last_modified = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
} else {
$remote_last_modified = false;
}
$local_last_modified = gmdate("D, d M Y H:i:s", time()) . "GMT";
if (strcmp($remote_etag, $local_etag) == 0) {
header("Etag: \"{$remote_etag}\"", true);
header("Expires: {$local_last_modified}", true);
header("Last-Modified: {$remote_last_modified}", true);
header('Cache-Control: private, must-revalidate', true);
header_status(304, 'Not Modified');
exit;
}
header("Etag: \"{$local_etag}\"", true);
header("Expires: {$local_last_modified}", true);
header("Last-Modified: {$local_last_modified}", true);
header('Cache-Control: private, must-revalidate', true);
return true;
}
$file_path = "{$attachment_dir}/{$attachment_details['hash']}";
// Increment the view count only if the attachment
// isn't being used as an avatar or profile picture.
if (!isset($_GET['profile_picture']) && !isset($_GET['avatar_picture'])) {
attachments_inc_download_count($hash);
}
}
// Check the mimetype is allowed. If it's not, send a 404 error.
if (sizeof($attachment_mime_types) > 0 && !in_array($attachment_details['mimetype'], $attachment_mime_types)) {
html_draw_error(gettext('Attachment type is not permitted.'));
}
// Use the filename quite a few times, so assign it to a variable to save some time.
$file_name = rawurldecode(basename($attachment_details['filename']));
// Check the filepath is set and exists.
if (!isset($file_path) || !@file_exists($file_path)) {
header_status('404', 'File Not Found');
exit;
}
// Turn off all output buffers
while (@ob_end_clean()) {
}
// Filesize for Content-Length header.
$file_size = filesize($file_path);
// Last Modified Header for cache control
cache_check_last_modified(filemtime($file_path), md5_file($file_path));
// Send remaining headers for length and filename.
header("Content-length: {$file_size}");
header("Content-type: {$attachment_details['mimetype']}");
header("Content-disposition: inline; filename=\"{$file_name}\"");
// Output the file directly to the browser.
readfile($file_path);
function bh_exception_handler(Exception $exception)
{
try {
$config = server_get_config();
if (isset($config['error_report_verbose']) && $config['error_report_verbose'] == true) {
$error_report_verbose = true;
} else {
$error_report_verbose = false;
}
cache_disable();
while (@ob_end_clean()) {
}
ob_start();
ob_implicit_flush(0);
bh_error_send_email($exception);
$error_msg_array = bh_error_process($exception);
$error_log_message = sprintf('BEEHIVE_ERROR: %s', strip_tags(implode(". ", $error_msg_array)));
@error_log($error_log_message);
header_status(500, 'Internal Server Error');
$forum_path = server_get_forum_path();
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en-gb\" lang=\"en-gb\" dir=\"ltr\">\n";
echo "<head>\n";
echo "<title>Beehive Forum - Error Handler</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo "<link rel=\"icon\" href=\"", rtrim($forum_path, '/'), "/styles/images/favicon.ico\" type=\"image/ico\" />\n";
echo "<link rel=\"stylesheet\" href=\"", rtrim($forum_path, '/'), "/styles/default/style.css?", md5(uniqid(rand())), "\" type=\"text/css\" />\n";
echo "<link rel=\"stylesheet\" href=\"", rtrim($forum_path, '/'), "/styles/default/images.css?", md5(uniqid(rand())), "\" type=\"text/css\" />\n";
echo "</head>\n";
echo "<body>\n";
echo "<h1>Error</h1>\n";
echo "<br />\n";
if (defined('BEEHIVEMODE_LIGHT') && !defined('BEEHIVE_DEVELOPER_MODE')) {
echo '<p>An error has occurred. Please wait a few moments before trying again.</p>';
echo '<p>Details of the error have been saved to the default error log.</p>';
if (isset($error_report_verbose) && $error_report_verbose == true) {
echo '<p>When reporting a bug in Project Beehive or when requesting support please include the details below.</p>';
echo "<table cellpadding=\"0\" cellspacing=\"0\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><span class=\"image warning\"></span></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "<p>", implode("</p><p>", $error_msg_array), "</p>\n";
}
} else {
echo "<div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"800\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"98%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"postbody\">An error has occured. Please wait a few moments and then click the Retry button below. Details of the error have been saved to the default error log.</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
if (isset($error_report_verbose) && $error_report_verbose == true || defined('BEEHIVE_DEVELOPER_MODE')) {
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"800\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"100%\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">Error Details</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"98%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><span class=\"image warning\"></span></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">When reporting a bug in Project Beehive or when requesting support please include the details below.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"warning_msg\">\n";
echo " <tr>\n";
echo " <td valign=\"top\" width=\"25\" class=\"warning_msg_icon\"><span class=\"image warning\"></span></td>\n";
echo " <td valign=\"top\" class=\"warning_msg_text\">Please note that there may be sensitive information such as passwords displayed here.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td>\n";
echo " <div class=\"error_handler_details\">", implode("\n", $error_msg_array), "</div>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
}
echo " <br />\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"800\">\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <button class=\"button\" type=\"button\" onclick=\"window.location.reload()\">Retry</button>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</div>\n";
}
echo "</body>\n";
echo "</html>\n";
exit;
} catch (Exception $e) {
printf('Exception thrown when handling an exception: %s', $exception->getMessage());
exit;
}
}
function cache_check_last_modified($last_modified, $etag, $expires = null)
{
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
return false;
}
if (browser_check(BROWSER_AOL)) {
return false;
}
if (headers_sent()) {
return false;
}
$cache_expires = gmdate("D, d M Y H:i:s", is_numeric($expires) ? $expires : $last_modified) . " GMT";
$last_modified = gmdate("D, d M Y H:i:s", $last_modified) . " GMT";
$remote_last_modified = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? $_SERVER['HTTP_IF_MODIFIED_SINCE'] : null;
if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && preg_match('/^W\\/"([^"]+)"/', $_SERVER['HTTP_IF_NONE_MATCH'], $matches_array)) {
$remote_etag = isset($matches_array[1]) ? $matches_array[1] : false;
} else {
$remote_etag = false;
}
if ($remote_etag == $etag && $remote_last_modified == $last_modified) {
header("Etag: W/\"{$remote_etag}\"", true);
header("Expires: {$cache_expires}", true);
header("Last-Modified: {$remote_last_modified}", true);
header('Cache-Control: private, must-revalidate', true);
header_status(304, 'Not Modified');
exit;
}
header("Etag: W/\"{$etag}\"", true);
header("Expires: {$cache_expires}", true);
header("Last-Modified: {$last_modified}", true);
header('Cache-Control: private, must-revalidate', true);
return true;
}
function deleteVideo($data, $db)
{
$response = array();
try {
$delete_video = "DELETE FROM videos WHERE id=?";
$delete_video_stmt = $db->stmt_init();
if (!$delete_video_stmt->prepare($delete_video)) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $delete_video_stmt->error;
echo json_encode($response);
die;
} else {
$delete_video_stmt->bind_param('i', $data->id);
if ($delete_video_stmt->execute()) {
header_status(200);
$response['status'] = 'Success';
$response['message'] = 'Video Deleted';
} else {
header_status(503);
$response['status'] = 'Error';
$response['message'] = 'Video Deletion failed';
}
}
echo json_encode($response);
} catch (Exception $e) {
header_status(503);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
die;
}
}
$response['status'] = 'Error';
$response['message'] = $update_user_stmt->error;
die;
} else {
$update_user_stmt->bind_param('si', $randomString, $id);
$update_user_stmt->execute();
header_status(200);
$response['status'] = 'Success';
$response['message'] = 'Message Sent. Please check your Inbox';
}
echo json_encode($response);
} catch (Exception $e) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
}
} else {
header_status(401);
$response['status'] = 'Error';
$response['message'] = 'No user registered with that email id';
echo json_encode($response);
}
}
} catch (exception $e) {
header_status(503);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
}
}
// Bootstrap
require_once 'boot.php';
// Required includes
require_once BH_INCLUDE_PATH . 'attachments.inc.php';
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'forum.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'image.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
// End Required includes
if (!session::logged_in()) {
exit;
}
if (!($attachment_dir = attachments_check_dir())) {
header_status(500, 'Internal Server Error');
exit;
}
$valid = true;
$error = null;
$attachment_details = null;
$content = null;
$file_type = null;
$temp_file = null;
$file_size = null;
$file_name = null;
$content_type = 'text/html; charset=UTF-8';
$file_hash = md5(uniqid(mt_rand()));
$max_user_attachment_space = forum_get_setting('attachments_max_user_space', 'is_numeric', 1048576);
$free_upload_space = attachments_get_free_user_space($_SESSION['UID']);
$attachment_mime_types = attachments_get_mime_types();
use Firebase\JWT\JWT;
try {
include 'connection.config.php';
include 'HttpFunction.php';
} catch (Exception $e) {
header_status(500);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
die;
}
$headers = apache_request_headers();
$data = str_replace("Bearer ", "", $headers['Authorization']);
$JWT = new JWT();
try {
$old_token = $JWT->decode($data, $key, array($alg));
$claim = array('id' => $old_token->id, 'name' => $old_token->name, 'email' => $old_token->email, 'ttl' => strtotime('+3 days'));
$response = array();
$response['status'] = 'Success';
$response['message'] = 'Token Refreshed';
$response['token'] = $JWT->encode($claim, $key, $alg);
$response['name'] = $claim['name'];
$response['id'] = $claim['id'];
echo json_encode($response);
} catch (DomainException $e) {
header_status(401);
$response['status'] = 'Error';
$response['message'] = $e->getMessage();
echo json_encode($response);
die;
}