function showProfile($uid)
{
if (!User::$IS_ONLINE) {
hmsgDie('FAIL', 'Error: You must be logged in to view this users profile.');
}
if (is_empty($uid) && User::$IS_ONLINE) {
$this->objPage->redirect('/' . root() . 'modules/profile/view/' . $this->objUser->grab('username'), 0);
return;
}
$vars = $this->objPage->getVar('tplVars');
$user = $this->objUser->getUserInfo($uid);
if (!count($user)) {
$this->objPage->setTitle('Profile > User doesnt exist.');
hmsgDie('FAIL', 'Error: User doesnt exist.');
}
$this->objTPL->set_filenames(array('body' => 'modules/profile/template/viewProfile.tpl'));
$this->objPage->setTitle('Profile > ' . $user['username']);
$this->objPage->addCSSFile('/' . root() . 'modules/profile/contactInfo.css');
$this->objPage->addJSFile('/' . root() . 'modules/profile/scripts/profile.js');
$this->objPage->addPagecrumb(array(array('url' => '/' . root() . 'modules/profile/view/' . $user['username'], 'name' => 'Viewing ' . secureMe($user['username']) . '\'s profile')));
$icons = $this->contactInfoLinks($user);
$uProfile = $this->objUser->profile($user['id']);
if (preg_match('_"color: ([^;]*);" title="([^"]*)">([^<]*)</font>_i', $uProfile, $m)) {
$text = $m[2];
$color = $m[1];
}
$this->objComments->start('PROFILE_COMMENTS', 'cpage', 'profile', $user['id'], 20, $user['id']);
$this->objTPL->assign_block_vars('profile', array('USERNAME' => $uProfile, 'USERNAME_RAW' => $user['username'], 'AVATAR' => $this->objUser->parseAvatar($user['id']), 'TITLE' => !is_empty($title) ? secureMe($user['title']) : '<font color="' . $color . '">' . $text . '</font>', 'PM' => User::$IS_ONLINE ? '<a href="/' . root() . 'modules/pm/compose/' . $user['username'] . '"><img src="' . $vars['PM_compose'] . '" /></a>' : '', 'SIGNATURE' => contentParse($user['signature']), 'INTERESTS' => contentParse($user['interests']), 'ABOUT_ME' => contentParse($user['about']), 'L_LOCALTIME' => 'Local Time', 'LOCALTIME' => $this->objTime->mk_time(time(), 'D jS M h:ia', $user['timezone']), 'CONTACT_ICONS' => $icons, 'L_COMMENTS' => 'Comments', 'L_RECENTA' => 'Recent Activity', 'L_BIO' => 'User Bio'));
if (!is_empty($user['about'])) {
$this->objTPL->assign_block_vars('profile.ABOUT_ME', array());
}
if (!is_empty($user['interests'])) {
$this->objTPL->assign_block_vars('profile.INTRESTS', array());
}
$bio_info = array();
$bio_info[] = !is_empty($title) ? array('var' => 'User Title', 'val' => secureMe($user['title'])) : array('var' => 'User Privs', 'val' => '<font color="' . $color . '">' . $text . '</font>');
$bio_info[] = array('var' => 'Registered Since', 'val' => $this->objTime->mk_time($user['registerdate'], 'l jS F Y @ h:ia'));
$bio_info[] = array('var' => langVar('L_LAST_LOGGED_IN'), 'val' => $this->objTime->mk_time($user['timestamp']));
if ($user['birthday'] != '00/00/0000') {
$ex = explode('/', $user['birthday']);
$tiem = gmmktime(0, 0, 0, $ex[1], $ex[0], $ex[2]);
$bio_info[] = array('var' => 'Birthday', 'val' => $this->objTime->mk_time($tiem, 'D jS M'));
}
if (!is_empty($location)) {
$bio_info[] = array('var' => 'Location', 'val' => $location);
}
$i = 0;
foreach ($bio_info as $row) {
$this->objTPL->assign_block_vars('profile.BINFO', array('VAR' => $row['var'], 'VAL' => $row['val'], 'ROW' => $i++ % 2 == 0 ? 'row_color1' : 'row_color2'));
}
$this->objTPL->assign_vars(array('RECENT_ACTIVITY_MSG' => msg('INFO', 'This part of the panel is still in development. Watch this space.', 'return')));
$this->objTPL->parse('body', false);
}
/**
* Generates a ACL list for categories
*
* @version 2.0
* @since 1.0.0
* @author xLink
*
* @param constant $type
* @param int $forum_id
*
* @return array
*/
public function auth($type, $forum_id, $f_access = NULL)
{
switch ($type) {
case AUTH_ALL:
$a_sql = 'a.auth_view, a.auth_read, a.auth_post, a.auth_reply, a.auth_edit, a.auth_del, a.auth_move, a.auth_special';
$auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_del', 'auth_move', 'auth_special');
break;
case AUTH_VIEW:
$a_sql = 'a.auth_view';
$auth_fields = array('auth_view');
break;
case AUTH_READ:
$a_sql = 'a.auth_read';
$auth_fields = array('auth_read');
break;
case AUTH_POST:
$a_sql = 'a.auth_post';
$auth_fields = array('auth_post');
break;
case AUTH_REPLY:
$a_sql = 'a.auth_reply';
$auth_fields = array('auth_reply');
break;
case AUTH_EDIT:
$a_sql = 'a.auth_edit';
$auth_fields = array('auth_edit');
break;
case AUTH_DELETE:
$a_sql = 'a.auth_del';
$auth_fields = array('auth_del');
break;
case AUTH_MOVE:
$a_sql = 'a.auth_move';
$auth_fields = array('auth_move');
break;
case AUTH_SPECIAL:
$a_sql = 'a.auth_special';
$auth_fields = array('auth_special');
break;
default:
break;
}
//check if we need to return perms for a specific forum or the entire lot
if (empty($f_access)) {
if (!isset($this->authQuery[$type][$forum_id])) {
$forum_match_sql = $forum_id != AUTH_LIST_ALL ? 'WHERE a.id = ' . $forum_id : '';
$sql = 'SELECT a.id, %s FROM `$Pforum_cats` a %s';
$function = $forum_id != AUTH_LIST_ALL ? 'getLine' : 'getTable';
if (!($this->authQuery[$type][$forum_id] = $f_access = $this->objSQL->{$function}($sql, array($a_sql, $forum_match_sql)))) {
$this->objSQL->freeResult($f_access);
return array();
}
$this->objSQL->freeResult($f_access);
} else {
$f_access = $this->authQuery[$type][$forum_id];
}
}
// If the user isn't logged on then all we need do is check if the forum
// has the type set to ALL, if yes they are good to go, if not then they
// are denied access
$u_access = array();
if (user::$IS_ONLINE) {
if (!isset($this->authQuery2[$type][$forum_id])) {
if (!isset($this->authQuery3)) {
$this->authQuery3 = $query = $this->objSQL->getTable('SELECT a.cat_id, %s, a.auth_mod
FROM `$Pforum_auth` a, `$Pgroup_subs` ug
WHERE ug.uid = "%s"
AND ug.pending = 0
AND a.group_id = ug.gid', array($a_sql, $this->objUser->grab('id')));
if ($query === false) {
hmsgDie('FAIL', 'Error: Cannot retreive the forum authorization');
}
} else {
$query = $this->authQuery3;
}
if (count($query)) {
foreach ($query as $row) {
if ($forum_id != AUTH_LIST_ALL) {
$u_access[] = $row;
} else {
$u_access[$row['cat_id']][] = $row;
}
}
}
$this->authQuery2[$type][$forum_id] = $u_access;
$this->objSQL->freeResult($query);
} else {
$u_access = $this->authQuery2[$type][$forum_id];
}
}
$is_admin = User::$IS_ONLINE && User::$IS_ADMIN ? true : 0;
$auth_user = array();
$icount = count($auth_fields);
for ($i = 0; $i < $icount; $i++) {
$key = $auth_fields[$i];
if ($forum_id != AUTH_LIST_ALL) {
$value = $f_access[$key];
switch ($value) {
case AUTH_ALL:
$auth_user[$key] = true;
$auth_user[$key . '_type'] = langVar('L_Auth_Anonymous_Users');
break;
case AUTH_REG:
$auth_user[$key] = User::$IS_ONLINE ? true : 0;
$auth_user[$key . '_type'] = langVar('L_Auth_Registered_Users');
break;
case AUTH_ACL:
$auth_user[$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_ACL, $key, $u_access, $is_admin) : 0;
$auth_user[$key . '_type'] = langVar('L_Auth_Users_granted_access');
break;
case AUTH_MOD:
$auth_user[$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
$auth_user[$key . '_type'] = langVar('L_Auth_Moderators');
break;
case AUTH_ADMIN:
$auth_user[$key] = $is_admin;
$auth_user[$key . '_type'] = langVar('L_Auth_Administrators');
break;
default:
$auth_user[$key] = 0;
break;
}
} else {
$kcount = count($f_access);
for ($k = 0; $k < $kcount; $k++) {
$value = $f_access[$k][$key];
$f_fid = $f_access[$k]['id'];
$u_access[$f_fid] = isset($u_access[$f_fid]) ? $u_access[$f_fid] : array();
switch ($value) {
case AUTH_ALL:
$auth_user[$f_fid][$key] = true;
$auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Anonymous_Users');
break;
case AUTH_REG:
$auth_user[$f_fid][$key] = User::$IS_ONLINE ? true : 0;
$auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Registered_Users');
break;
case AUTH_ACL:
$auth_user[$f_fid][$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_ACL, $key, $u_access[$f_fid], $is_admin) : 0;
$auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Users_granted_access');
break;
case AUTH_MOD:
$auth_user[$f_fid][$key] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access[$f_fid], $is_admin) : 0;
$auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Moderators');
break;
case AUTH_ADMIN:
$auth_user[$f_fid][$key] = $is_admin;
$auth_user[$f_fid][$key . '_type'] = langVar('L_Auth_Administrators');
break;
default:
$auth_user[$f_fid][$key] = 0;
break;
}
}
}
}
// Is user a moderator?
if ($forum_id != AUTH_LIST_ALL) {
$auth_user['auth_mod'] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
} else {
for ($k = 0; $k < count($f_access); $k++) {
$f_fid = $f_access[$k]['id'];
$u_access[$f_fid] = isset($u_access[$f_fid]) ? $u_access[$f_fid] : array();
$auth_user[$f_fid]['auth_mod'] = User::$IS_ONLINE ? $this->objUser->checkUserAuth(AUTH_MOD, 'auth_mod', $u_access[$f_fid], $is_admin) : 0;
}
}
return $auth_user;
}
if (doArgs($setting, false, $_POST) != $objCore->config('site', $setting, true)) {
$update[$setting] = $_POST[$setting];
}
}
//if we have stuff to update
if (count($update)) {
foreach ($update as $setting => $value) {
$update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting));
if (!$update) {
$failed[$setting] = $objSQL->error();
}
}
}
//if we have a setting that failed, let the user know
if (!is_empty($failed)) {
$msg = null;
foreach ($failed as $setting => $error) {
$msg .= $setting . ': ' . $error . '<br />';
}
$objPage->redirect($url, 7);
hmsgDie('FAIL', langVar('L_SET_NOT_UPDATED', $msg));
}
//unset the panel info and reset the cache
unset($_SESSION['site']['panel']);
$objCache->regenerateCache('config');
//and redirect back
$objPage->redirect($url, 3);
hmsgDie('OK', langVar('L_SET_UPDATED'));
break;
}
$objTPL->parse('body', false);
|| Cybershade CMS - Your CMS, Your Way ||
\*======================================================================*/
define('INDEX_CHECK', 1);
define('cmsDEBUG', 1);
include_once 'core/core.php';
//check to make sure the module has the needed function to run
$module = $objCore->config('site', 'index_module');
if (is_dir(cmsROOT . 'modules/' . $module . '/') && is_readable(cmsROOT . 'modules/' . $module . '/cfg.php')) {
if (!preg_match('/function\\sshowMain\\(/is', file_get_contents(cmsROOT . 'modules/' . $module . '/class.' . $module . '.php'))) {
$module = 'core';
}
} else {
$module = 'core';
}
if (!empty($module) && $objCore->loadModule($module, true)) {
$objModule = new $module($objCore);
if (method_exists($objModule, 'showMain')) {
$objModule->showMain();
} else {
hmsgDie('FAIL', 'Sorry the Module that was supposed to be supplying this page with data apparently cant....');
}
} else {
$objCore->throwHTTP(404);
}
$objPage->showHeader();
if (!$objTPL->get_html('body')) {
msgDie('FAIL', 'No output received from module.');
} else {
echo $objTPL->get_html('body');
}
$objPage->showFooter();
/**
* Generates the cache for the routing system, used as a callback in the caching class
*
* @version 1.0
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @todo Use 2 Queries, One to select non-structure url's (without :'s)
* and one with structure'd url's. The first should be listed
* before the second, to allow for successful processing and
* precedence.
*
* @return array
*/
public static function generate_cache()
{
$output = array();
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('module', 'label', 'pattern', 'method', 'arguments', 'requirements', 'status', 'redirect')->addField('pattern LIKE "%:%" as `dynamic`')->from('#__routes')->where('status = 1')->orderBy('`dynamic` ASC, method DESC, CHAR_LENGTH(pattern)', 'DESC')->build();
$results = $objSQL->fetchAll($query);
$methods = array('ANY', 'HEAD', 'PUT', 'GET', 'OPTIONS', 'POST', 'DELETE', 'TRACE', 'CONNECT', 'PATCH');
foreach ($results as $result) {
$args = json_decode($result['arguments'], true);
if ($args === null) {
$args = array();
}
$reqs = json_decode($result['requirements'], true);
if ($reqs === null) {
$reqs = array();
}
// Error if the route label exists more than once
if (isset($output[$result['label']])) {
hmsgDie('fail', 'Route label exists more than once.. :/ Weird eh?');
}
$output[$result['label']] = array('method' => in_array($result['method'], $methods) ? $result['method'] : 'ANY', 'pattern' => $result['pattern'], 'module' => $result['module'], 'arguments' => $args, 'requirements' => $reqs, 'label' => $result['label'], 'status' => $result['status'], 'redirect' => $result['redirect']);
}
return $output;
}
}
if (User::$IS_ONLINE && !$acpCheck && !isset($_GET['ajax'])) {
$objPage->redirect('/' . root() . 'index.php');
}
$objLogin->doLogin(isset($_GET['ajax']) && HTTP_AJAX ? true : false);
break;
case 'active':
if (!isset($_GET['un']) || !isset($_GET['check'])) {
hmsgDie('FAIL', 'Cannot activate your account, Please use all the url sent to you in the email');
} else {
if ($objUser->getUserInfo($_GET['un'], 'active') == 1) {
hmsgDie('Info', 'You account is already active.');
}
if ($objLogin->activateAccount($_GET['un'], $_GET['check'])) {
$objLogin->doError('0x08');
} else {
// Make this into a form
hmsgDie('FAIL', contentParse('Cannot activate your account.
Please email the site administrator at [email]' . $objCore->config('site', 'admin_email') . '[/email]'));
}
}
break;
case 'logout':
$objLogin->logout($_GET['check']);
break;
}
$objPage->showHeader(isset($_GET['ajax']) ? true : false);
if ($objTPL->output('body')) {
msgDie('FAIL', 'No output received.');
}
$objPage->showFooter(isset($_GET['ajax']) ? true : false);
}
if (User::$IS_MOD) {
$corePanels['mod'] = cmsROOT . 'modules/core/panels/mod/';
}
if (User::$IS_USER) {
$corePanels['user'] = cmsROOT . 'modules/core/panels/user/';
}
if ($module == 'core') {
//setup the tabs
$_cp_tabs = 'modules/core/panels/' . $controlPanel . '/menu.php';
if (!is_file($_cp_tabs) || !is_readable($_cp_tabs)) {
hmsgDie('FAIL', 'Error: Tabs for this panel don\'t exist.');
}
$menuTabs = parse_ini_file($_cp_tabs, true);
if (!is_array($menuTabs) || !count($menuTabs)) {
hmsgDie('FAIL', 'Error: Tabs setup failed.');
}
} else {
include cmsROOT . 'modules/' . $module . '/cfg.php';
if (isset($mod_menu) && count($mod_menu)) {
$menuTabs = $mod_menu[$controlPanel];
}
}
$_output_tabs = array();
//make sure we are in a good mode
$array = array('user', 'mod', 'admin');
if (count($config['modules']) && in_array($controlPanel, $array)) {
foreach ($menuTabs as $parentKey => $v) {
if (is_array($v)) {
foreach ($v as $key => $value) {
if ($key != 'info') {
if ($objForm->loadCaptcha('verify') === false) {
$_error['captcha'] = 'The captcha you provided was incorrect. Please try again.';
}
if (count($_error)) {
$_SESSION['register']['error'] = $_error;
$_SESSION['register']['form'] = $_POST;
$objPage->redirect($objCore->config('global', 'fullPath'), 3, 0);
exit;
}
//set the input array up
$userInfo['username'] = $_POST['username'];
$userInfo['password'] = $_POST['password'];
$userInfo['email'] = $_POST['email'];
$register = $objUser->register($userInfo);
if (!$register) {
msgDie('FAIL', $objUser->error());
}
if ($objPage->config('site', 'register_verification')) {
$user = $objUser->getUserInfo($register);
$emailVars['URL'] = 'http://' . $_SERVER['HTTP_HOST'] . '/' . root() . 'login.php?action=active&un=' . $user['id'] . '&check=' . $user['usercode'];
$emailVars['USERNAME'] = $userInfo['username'];
$emailVars['SITE_NAME'] = $objCore->config('site', 'name');
sendEmail($userInfo['email'], 'E_REG_SUCCESSFUL', $emailVars);
$msg = langVar('L_REG_SUCCESS_EMAIL');
} else {
$msg = langVar('L_REG_SUCCESS_NO_EMAIL');
}
unset($_SESSION['register'], $_SESSION['error'], $query, $userInfo, $_error);
$objCache->generate_statistics_cache();
hmsgDie('INFO', $msg);
}
hmsgDie('FAIL', 'Fatal Error - BBCode\'s not available.');
}
//
//--Module Setup
//
$file = cmsROOT . 'core/classes/class.module.php';
if (is_readable($file)) {
require_once $file;
} else {
hmsgDie('FAIL', 'Fatal Error - Modules cannot be loaded.');
}
//if site is closed, make it so, kill debug, no menu is needed, 'cmsCLOSED' can be used as a bypass
if ($objCore->config('site', 'site_closed') == 1 && !defined('cmsCLOSED')) {
if ($objUser->grab('userlevel') != ADMIN) {
$objSQL->debug = false;
$objPage->setMenu(false);
$objPage->setTitle('DISABLED');
hmsgDie('INFO', 'Site has been disabled. ' . contentParse("\n" . $objCore->config('site', 'closed_msg')));
} else {
$objTPL->assign_block_vars('__MSG', array('MESSAGE' => langVar('L_MAINTENANCE')));
}
}
//
//--Include the CMS's internal CRON
//
$file = cmsROOT . 'core/cron.php';
if (is_readable($file)) {
require_once $file;
} else {
hmsgDie('FAIL', 'Fatal Error - Cron cannot be found.');
}
$classes['objPage'] = array($classDir . 'class.page.php');
$classes['objGroups'] = array($classDir . 'class.groups.php');
$classes['objForm'] = array($classDir . 'class.form.php');
$classes['objTime'] = array($classDir . 'class.time.php');
$classes['objNotify'] = array($classDir . 'class.notify.php');
//init these classes
$doneSetup = $objCore->setup($classes);
if (!$doneSetup) {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Cannot load CMS Classes, make sure file structure is intact and $cmsROOT is defined properly if applicable.'));
}
//globalise the class names
foreach ($objCore->classes as $objName => $args) {
${$objName} =& $objCore->{$objName};
}
$objSQL = false;
unset($classes, $objCore->classes);
$objPage->setVar('language', $language);
//
//--BBCode Setup
//
$objBBCode = new BBCode();
$objBBCode->SetDebug(true);
$objBBCode->SetDetectURLs(false);
$objBBCode->ClearSmileys();
$objBBCode->SetSmileyDir('/' . root() . 'images/smilies/');
$file = cmsROOT . 'core/bbcode_tags.php';
if (is_readable($file)) {
require_once $file;
} else {
hmsgDie('FAIL', 'Fatal Error - BBCode\'s not available.');
}
$output = null;
switch ($mode) {
default:
$output = msg('INFO', 'WARNING: This panel is designed to keep you informed of any changes in your files, ' . 'as such the operations that are avalible here are resource intensive and may take several mins to complete ' . 'depending on the size of your installation. This panel will keep information for files inside the CMS Install ' . 'Directory "<strong>/' . root() . '</strong>".<br /><br />Please click an option from above to continue.', 'return');
break;
case 'new':
$empty = $objSQL->query('TRUNCATE TABLE `$Pfileregistry`');
if ($empty) {
$output .= 'File Hashes removed<br />';
}
//update the table with the new info
recursive_filechk('./', '', 'php');
//upadte the db tell it we did an update
$update = $objSQL->updateRow('config', array('value' => time()), 'var = "registry_update"');
if (!$update) {
hmsgDie('FAIL', 'Error: Could not update the check time.');
}
//reboot the cache
$objCache->regenerateCache('config');
$output .= 'File Hashes renewed<br />';
break;
case 'check':
$query = $objSQL->getTable('SELECT * FROM `$Pfileregistry`');
$i = 0;
foreach ($query as $row) {
$current_hash = -1;
if (is_file($row['filename'])) {
$current_hash = @filesize($row['filename']) . '-' . count(@file($row['filename'])) . '-' . sha1(file_get_contents($row['filename']));
}
if ($current_hash == '-1') {
$filestatus = langVar('L_DELETED');
public function categoryModify()
{
//grab the ID, if its set to 0 then we want to add a category
$id = doArgs('id', -1, $_GET, 'is_number');
if ($id == -1) {
hmsgDie('FAIL', 'Error: Invalid ID passed.');
}
//grab the forum category
if ($id != 0) {
$cat = $this->objForum->getForumInfo($id);
if (!$cat) {
hmsgDie('FAIL', 'Error: Could not find category by ID');
}
$cat = $cat[0];
} else {
$cat = array('title' => '', 'parent_id' => 0, 'desc' => '', 'auth_view' => 0, 'auth_read' => 0, 'auth_post' => 0, 'auth_reply' => 0, 'auth_edit' => 0, 'auth_del' => 0, 'auth_move' => 0, 'auth_special' => 0, 'auth_mod' => 0);
}
$this->objPage->setTitle(langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT'));
$this->objPage->addPagecrumb(array(array('url' => '/' . root() . 'admin/forum/setup/', 'name' => 'Category Management'), array('url' => $_url, 'name' => langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT'))));
if (!HTTP_POST) {
$this->objPage->addJSFile('/' . root() . 'modules/forum/scripts/admin_catEdit.js');
$this->objTPL->set_filenames(array('body' => 'modules/forum/template/admin/panel.edit_category.tpl'));
$permList = array();
$permList['0'] = 'Everyone';
$permList['1'] = 'Registered Only';
$permList['2'] = 'With Permission';
$permList['3'] = 'Moderators Only';
$permList['5'] = 'Admin Only';
$field_names = array('auth_view' => array('View', 'Determine whether it is visible on listings.'), 'auth_read' => array('Read', 'Determine whether this categories contents are readable.'), 'auth_post' => array('Post', 'Determine if this category can be posted to.'), 'auth_reply' => array('Reply', 'Determine if the threads in this category can be replied to.'), 'auth_edit' => array('Edit', 'Deternine if the threads in this category can be editable.'), 'auth_del' => array('Delete', 'Deternine if the threads in this category can be deleted.'), 'auth_move' => array('Move', 'Deternine if the threads in this category can be moved.'), 'auth_special' => array('Special', 'Determine who has the ability to add special items(attachments, polls, etc) to a thread/post.'), 'auth_mod' => array('Moderate', 'Determine who gets to moderate this category.'));
$perms = NULL;
$j = 0;
$img = '/' . root() . 'images/icons/help.png';
foreach ($cat as $k => $v) {
$match = preg_match('/auth_([a-zA-Z]*)/is', $k, $m);
if (!$match) {
continue;
}
$perms .= '<td><div class="float-left"><img src="' . $img . '" alt="' . $field_names[$m[0]][1] . '" title="' . $field_names[$m[0]][1] . '" />' . $field_names[$m[0]][0] . ':</div>' . '<div class="float-right">' . $this->objForm->select($m[0], $permList, array('fancy' => false, 'extra' => 'data-js="changeme"')) . '</div></td>';
if ($j++ == 4) {
$j = 0;
$perms .= '</tr><tr>';
}
}
//this var handles the quick permission select box, this determines
// View Read Post Reply Edit Delete Move Special Moderate
$simple_auth_array = array('01' => 'Change Me', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Everyone', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Registered', AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Registered [ Hidden ]', AUTH_ALL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'With Permission', AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_ACL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'With Permission [ Hidden ]', AUTH_ALL . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Moderators', AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'Moderators [ Hidden ]', '02' => '---', AUTH_ALL . ',' . AUTH_ALL . ',' . AUTH_MOD . ',' . AUTH_REG . ',' . AUTH_REG . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD . ',' . AUTH_MOD => 'News Category');
$this->objTPL->assign_vars(array('L_EDITING_CAT' => langVar($id != 0 ? 'L_EDIT_CAT' : 'L_ADD_CAT'), 'FORM_START' => $this->objForm->start('admin', array('method' => 'POST', 'action' => '/' . root() . 'admin/forum/setup/edit/?action=save&id=' . $id)), 'FORM_END' => $this->objForm->finish(), 'L_CAT_NAME' => 'Category Name', 'CAT_NAME' => $this->objForm->inputbox('title', 'input', $cat['title'], array('extra' => 'style="width:99%"')), 'L_CAT_DESC' => 'Category Desc', 'CAT_DESC' => $this->objForm->textarea('desc', $cat['desc'], array('extra' => 'style="width:99%"', 'rows' => '3')), 'L_CAT_ATTACH' => 'Attach Forum To', 'CAT_ATTACH' => $this->objForum->buildJumpBox('parent_id', $this->objForum->buildJumpBoxArray(array('id' => 0, 'title' => 'Forum Root')), $cat['parentid']), 'L_CAT_PERMS' => 'Category Default Permissions', 'CAT_PERMS' => $perms, 'L_QUICK_PERMS' => 'Quick Swap Perms', 'QUICK_PERMS' => $this->objForm->select('quick_perms', $simple_auth_array, array('fancy' => false)), 'SUBMIT' => $this->objForm->button('submit', 'Save'), 'RESET' => $this->objForm->button('reset', 'Reset')));
$this->objTPL->parse('body', false);
} else {
$cats = $this->objSQL->getTable('SELECT id FROM `$Pforum_cats`');
#if(!$cats){ hmsgDie('FAIL', 'Error: Could not request forum categories.'); }
$catRange = array(0);
//set a default of 0, for the new "Master Cat"
if ($cats) {
foreach ($cats as $cat) {
$catRange[] = $cat['id'];
}
}
$authRange = range(0, 5);
$needed = array('title' => 'string', 'parentid' => $catRange, 'desc' => 'string', 'auth_view' => $authRange, 'auth_read' => $authRange, 'auth_post' => $authRange, 'auth_reply' => $authRange, 'auth_edit' => $authRange, 'auth_del' => $authRange, 'auth_move' => $authRange, 'auth_special' => $authRange, 'auth_mod' => $authRange);
unset($update);
foreach ($needed as $field => $vals) {
//if what we need aint there, just continue
if (!isset($_POST[$field])) {
continue;
}
//now check if its not an array, then we want to check if its empty
if (!is_array($vals) && empty($_POST[$field])) {
continue;
}
//its an array, so check if the value from the post, is in the acceptable array
if (is_array($vals) && !in_array($_POST[$field], $vals)) {
continue;
}
$update[$field] = $_POST[$field];
}
if ($id != 0) {
$update = $this->objSQL->updateRow('forum_cats', $update, 'id = ' . $id, 'Forum: Updated category - ' . $update['title']);
$this->objPage->redirect('/' . root() . 'admin/forum/setup/edit/?id=' . $id, 2);
if (!$update) {
hmsgDie('FAIL', 'Error: Update Failed.');
}
hmsgDie('INFO', 'Update Successful.');
} else {
$AI = $this->objSQL->getAI('forum_cats');
$update = $this->objSQL->insertRow('forum_cats', $update, 'Forum: Added new category - ' . $update['title']);
$this->objPage->redirect('/' . root() . 'admin/forum/setup/edit/?id=' . $AI, 2);
if (!$update) {
hmsgDie('FAIL', 'Error: Adding new category Failed.');
}
hmsgDie('INFO', 'New Category Added.');
}
}
}
WHERE array NOT IN("%s")
AND var NOT IN("%s")
AND var NOT LIKE "%s"
ORDER BY array, var ASC', array(implode('", "', $array), implode('", "', $var), '%captcha_%')));
}
//and output
include $path . '/cfg.php';
$objTPL->assign_vars(array('ADMIN_MODE' => $mod_name, 'MSG' => msg('INFO', langVar('L_SYSINFO_MSG'), 'return', 'Information - <a href="' . $objCore->getQueryString($url, array('config' => 'true')) . '">With Configuration</a>'), 'CONTENT' => $objForm->textarea('sysInfo', $content, array('style' => 'width: 99%;border:0;'))));
break;
case 'update':
hmsgDie('INFO', 'This panel has yet to be implemented. Some ideas for it have been put in the source.');
/* TODO:
No clue :P
*/
break;
case 'about':
// $objTPL->set_filenames(array(
// 'body' => 'modules/core/template/panels/panel.settings.tpl',
// ));
hmsgDie('INFO', 'This panel has yet to be implemented. Some ideas for it have been put in the source.');
/* TODO:
Not sure about this one either, prolly wont stay here..
*/
break;
default:
$objCore->throwHTTP(404);
break;
}
$objTPL->parse('body', false);
public static function getDBO()
{
global $errorTPL;
if (!isset(Core_Classes_coreObj::$_classes['database'])) {
$options = self::config('db');
if (!$options) {
trigger_error('Error: Could not obtain values from the configuration file. Please ensure it is present.', E_USER_ERROR);
}
$name = 'Core_Drivers_' . $options['driver'];
$options['persistant'] = true;
$options['debug'] = cmsDEBUG ? true : false;
$options['logging'] = is_file(cmsROOT . 'cache/ALLOW_LOGGING');
$objSQL = new $name(null, $options);
if ($objSQL === false) {
if (!headers_sent()) {
header('HTTP/1.1 500 Internal Server Error');
exit;
}
hmsgDie('FAIL', 'Error: No DB Avaliable');
}
if (!$objSQL->connect()) {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Connecting to SQL failed. ' . $objSQL->getVar('errorMsg') . (cmsDEBUG ? '<br />' . $objSQL->getError() : NULL)));
}
Core_Classes_coreObj::$_classes['database'] = $objSQL;
}
return Core_Classes_coreObj::$_classes['database'];
}
public function parseString($handle, $string, $echo = true)
{
if (is_empty($handle) || is_empty($string)) {
hmsgDie('FAIL', 'Error: Invalid arguments passed to parseString())');
}
if (isset($this->uncompiled_code[$handle])) {
hmsgDie('FAIL', 'Error: Code Handle already set for ' . $handle);
}
$this->uncompiled_code[$handle] = $string;
if ($this->use_cache) {
$this->loadfile[$handle] = false;
$code = $this->get_cached_code($handle);
} else {
if (!isset($this->compiled_code[$handle]) || is_empty($this->compiled_code[$handle])) {
$this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]);
}
$code = $this->compiled_code[$handle];
}
if (substr($code, 0, 5) == '$_str') {
$code .= ' echo $_str;';
}
if ($echo) {
eval($code);
return true;
} else {
$this->__eval[$handle] = $code;
return;
}
}
/**
* Loads in a instance of the requested module
*
* @version 2.0
* @since 0.8.0
* @author xLink
*
* @param string $module Module name
* @param var $returnVar Variable you want the module to be loaded into
* @param string $mode class, admin, mod, user
*/
function autoLoadModule($module, &$returnVar, $mode = 'class')
{
global $objCore;
$objCore->objSQL->recordMessage('Loading Module: ' . $module, 'INFO');
if (!is_dir(cmsROOT . 'modules/' . $module . '/')) {
hmsgDie('FAIL', 'Error loading module file "' . $module . '"');
return;
}
$file = cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php';
if (!is_readable($file)) {
hmsgDie('FAIL', 'Error loading module file "' . $module . '"');
return;
}
$fileData = file_get_contents($file);
$newModule = $module . '_' . substr(md5(microtime()), 0, 6);
$fileData = preg_replace("/(class[\\s]){$module}([\\s]extends[\\s]module{)/i", '\\1' . $newModule . '\\2', $fileData);
$success = eval('?>' . $fileData . '<?php ');
if ($success === false) {
hmsgdie('FAIL', 'Error: There was a syntax error in the class."' . $module . '".php file. Loading Halted.');
return;
}
$returnVar = new $newModule($objCore);
}
if ($userava_update === NULL) {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
$avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>';
$this->objLogin->setSessions($uid);
msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0);
} else {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
} else {
unset($update);
$update['avatar'] = '/' . root() . 'images/avatars/' . $uid . '/' . $file;
$userava_update = $this->objSQL->updateRow('users', $update, 'id = "' . $uid . '"');
$avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>';
if ($userava_update === NULL) {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
$this->objLogin->setSessions($uid);
msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0);
}
} else {
$this->objTPL->set_filenames(array('body' => 'modules/profile/template/ava_upload.tpl'));
$form = 'File: ' . $this->objForm->inputbox('file', '', 'avatar', array('class' => 'upload_field', 'extra' => ' size="30"')) . $this->objForm->inputbox('hidden', 30000, 'MAX_FILE_SIZE');
$this->objTPL->assign_vars(array('SFORM' => $this->objForm->start('upload', 'POST', '/' . root() . 'modules/profile/avatar/?action=upload', "\$(\"uploading\").Show;\$(\"uploader\").Hide;", ' enctype="multipart/form-data"'), 'EFORM' => $this->objForm->finish(), 'MSG' => 'Please select the image you wish to use as your avatar.', 'FIELDS' => $form, 'SUBMIT' => $this->objForm->button('Upload', 'submit'), 'IMG' => '/' . root() . 'images/ajax-loading.gif', 'YES' => $this->objForm->button('Yes', 'submit', 'boxgreen'), 'NO' => $this->objForm->button('No', 'submit', 'boxred')));
$this->objTPL->pparse('body');
}
break;
default:
hmsgDie('FAIL', 'No idea what you were trying to do there...');
break;
}
$pageUrl = $objCore->config('global', 'url');
$url = str_replace('?save', '', $objCore->config('global', 'url'));
$saveUrl = $objCore->getQueryString($url, array('save' => null));
$uid = User::$IS_MOD ? doArgs('uid', $objUser->grab('id'), $_GET, 'is_number') : $objUser->grab('id');
// mode will change based on what we want, set it to null to begin with, then check for mode, and then for save
// not using doArgs() in this instance due to wanting ?save to actually work
$mode = null;
if (isset($_GET['mode']) && !is_empty($_GET['mode'])) {
$mode = $_GET['mode'];
}
if (isset($_GET['save'])) {
$mode = 'save';
}
if (!defined('NOMENU')) {
if (!is_readable(cmsROOT . 'modules/core/handler.panelTabs.php')) {
hmsgDie('FAIL', 'Error: Missing Panel Menu File...Cannot Continue.');
}
include cmsROOT . 'modules/core/handler.panelTabs.php';
}
$file = $path . '/panel.' . $panel . '.php';
if (!is_file($file) || !is_readable($file)) {
$objCore->throwHTTP(404);
} else {
include_once $file;
}
if (!$objTPL->isHandle('body')) {
msg('FAIL', 'Error: Panel did not output any content.', '_CONTENT');
}
$objTPL->assign_var('_TABS', $objTPL->output('sys_tabs', false));
$objTPL->assign_var('_CONTENT', $objTPL->output('body', false));
$objTPL->parse('panel', false);
/**
* Displays a confirmation messagebox.
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param string $type
* @param string $msg
* @param string $title
* @param string $tplVar
*
* @return bool
*/
function confirmMsg($type, $msg, $title = NULL, $tplVar = NULL)
{
$objPage = Core_Classes_coreObj::getPage();
$objForm = Core_Classes_coreObj::getForm();
$objUser = Core_Classes_coreObj::getUser();
//check if we have confirmed either way yet
if (!HTTP_POST) {
//setup redirects and session ids
$_SESSION['site']['confirm']['return'] = isset($_SERVER['HTTP_REFERER']) && !is_empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/' . root() . '';
$_SESSION['site']['confirm']['sessid'] = $sessid = $objUser->mkPassword($objUser->grab('username') . time());
//and the form, atm its gotta be crude, it'll be sexied up for the rebuild
$newMsg = $objForm->start('msg', array('method' => 'POST'));
$newMsg .= $msg . '<br />';
$newMsg .= $objForm->inputbox('sessid', 'hidden', $sessid) . '<br />';
$newMsg .= '<div align="center">' . $objForm->button('submit', 'Continue') . ' ' . $objForm->button('submit', 'Go Back', array('class' => 'black')) . '</div>';
$newMsg .= $objForm->finish();
//use msg() to output and return false so the code wont exec below
echo msg($type, $newMsg, $tplVar, $title);
return false;
} else {
//now we have confirmed, lets do a little sanity checking
$redir = $_SESSION['site']['confirm']['return'];
//we have the sessid
if (!isset($_POST['sessid'])) {
hmsgDie('FAIL', 'Error: Please confirm your intentions via the form.');
}
if ($_POST['sessid'] != $_SESSION['site']['confirm']['sessid']) {
hmsgDie('FAIL', 'Error: Could not verify your intentions.');
}
//dont need this anymore
unset($_SESSION['site']['confirm']);
//make sure we actually have the submit
if (!isset($_POST['submit'])) {
hmsgDie('FAIL', 'Error: Could not verify your intentions.');
}
//now check for what we expect and act accordingly
if ($_POST['submit'] == 'Continue') {
return true;
}
if ($_POST['submit'] == 'Go Back') {
$objPage->redirect($redir, 3, 0);
hmsgDie('INFO', 'Redirecting you back.');
}
//if we get here, they tried to play us, so lets just return false anyway
return false;
}
}
#echo dump($_GET);
$mode = doArgs('__mode', null, $_GET);
$module = doArgs('__module', 'core', $_GET);
$action = doArgs('__action', null, $_GET);
$extra = doArgs('__extra', null, $_GET);
if (false) {
echo dump($mode) . dump($module) . dump($action) . dump($extra);
}
//user isnt even logged in lets 404 them
if (!User::$IS_ONLINE) {
$objCore->throwHTTP(404);
}
//make sure they are getting at the right panel
$checkMode = array('admin', 'mod', 'user');
if (!in_array($mode, $checkMode)) {
hmsgDie('FAIL', 'Error: Unknown Panel Group');
}
$objPage->addPagecrumb(array(array('url' => '/' . root() . $mode . '/', 'name' => ucwords($mode) . ' Control Panel')));
//if we are tryin to load a core panel..
if (strtolower($module) == 'core') {
require cmsROOT . 'modules/core/handler.panels.php';
} else {
$controlPanel = $mode;
require cmsROOT . 'modules/core/handler.panelTabs.php';
if (!empty($module) && $objPage->loadModule($module, true, $mode)) {
$objModule = new $module($objCore);
$objModule->doAction($action);
} else {
$objCore->throwHTTP(404);
}
}
