public function setSenha($senha) { if (vazio_ou_nulo($senha)) { throw new RegraDeNegocioException('Senha não pode ser vazia!'); } $senhaTamanho = strlen($senha); if ($senhaTamanho > 16 || $senhaTamanho < 4) { throw new RegraDeNegocioException('Senha deve ter entre 4 e 16 caracteres!'); } if (!is_md5($senha)) { $senha = md5($senha); } $this->senha = $senha; }
function pm_add_sent_item($sent_item_mid, $to_uid, $from_uid, $subject, $content, $aid) { if (!($db = db::get())) { return false; } if (!is_numeric($sent_item_mid)) { return false; } if (!is_numeric($to_uid)) { return false; } if (!is_numeric($from_uid)) { return false; } if (!is_md5($aid)) { return false; } // Escape the subject and content for insertion into database. $subject_escaped = $db->escape($subject); $content_escaped = $db->escape($content); // PM_SENT constant. $pm_sent = PM_SENT; // Current datetime $current_datetime = date(MYSQL_DATETIME, time()); // Insert the main PM Data into the database $sql = "INSERT INTO PM (TYPE, TO_UID, FROM_UID, SUBJECT, RECIPIENTS, "; $sql .= "CREATED, NOTIFIED, SMID) VALUES ('{$pm_sent}', '{$to_uid}', '{$from_uid}', "; $sql .= "'{$subject_escaped}', '', CAST('{$current_datetime}' AS DATETIME), "; $sql .= "1, '{$sent_item_mid}')"; if ($db->query($sql)) { $new_mid = $db->insert_id; // Insert the PM Content into the database $sql = "INSERT INTO PM_CONTENT (MID, CONTENT) "; $sql .= "VALUES ('{$new_mid}', '{$content_escaped}')"; if (!$db->query($sql)) { return false; } // Save the attachment ID. pm_save_attachment_id($new_mid, $aid); return $new_mid; } return false; }
function forum_get_password($forum_fid) { if (!($db = db::get())) { return false; } if (!is_numeric($forum_fid)) { return false; } $sql = "SELECT FORUM_PASSWD FROM FORUMS WHERE FID = '{$forum_fid}'"; if (!($result = $db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } list($forum_passwd) = $result->fetch_row(); return is_md5($forum_passwd) ? $forum_passwd : false; }
if (isset($_POST['message_text']) && strlen(trim($_POST['message_text'])) > 0) { $message_text = fix_html(emoticons_strip($_POST['message_text'])); } $allow_html = true; $allow_sig = true; if (isset($fid) && !session::check_perm(USER_PERM_HTML_POSTING, $fid)) { $allow_html = false; } if (isset($fid) && !session::check_perm(USER_PERM_SIGNATURE, $fid)) { $allow_sig = false; } if ($allow_html == false) { $message_text = htmlentities_array($message_text); $sig_text = htmlentities_array($sig_text); } if (isset($_POST['aid']) && is_md5($_POST['aid'])) { $aid = $_POST['aid']; } else { $aid = md5(uniqid(mt_rand())); } if (session::check_perm(USER_PERM_EMAIL_CONFIRM, 0)) { html_email_confirmation_error(); exit; } if (isset($_POST['preview_poll']) || isset($_POST['preview_form']) || isset($_POST['post'])) { $valid = true; if (!isset($thread_title) || strlen(trim($thread_title)) == 0) { $error_msg_array[] = gettext("You must enter a title for the thread!"); $valid = false; } if (!isset($fid) || !folder_is_valid($fid)) {
function post_save_attachment_id($tid, $pid, $aid) { if (!is_numeric($tid)) { return false; } if (!is_numeric($pid)) { return false; } if (!is_md5($aid)) { return false; } if (!($db = db::get())) { return false; } if (!($table_prefix = get_table_prefix())) { return false; } if (!($forum_fid = get_forum_fid())) { return false; } $sql = "INSERT INTO POST_ATTACHMENT_IDS (FID, TID, PID, AID) "; $sql .= "VALUES ({$forum_fid}, {$tid}, {$pid}, '{$aid}') ON DUPLICATE KEY "; $sql .= "UPDATE AID = VALUES(AID)"; if (!$db->query($sql)) { return false; } return true; }
function message_display($tid, $message, $msg_count, $first_msg, $folder_fid, $in_list = true, $closed = false, $limit_text = true, $is_poll = false, $show_sigs = true, $is_preview = false, $highlight_array = array()) { $perm_is_moderator = session::check_perm(USER_PERM_FOLDER_MODERATE, $folder_fid); $post_edit_time = forum_get_setting('post_edit_time', null, 0); $post_edit_grace_period = forum_get_setting('post_edit_grace_period', null, 0); $webtag = get_webtag(); if (($uid = session::get_value('UID')) === false) { return; } if ($posts_per_page = session::get_value('POSTS_PER_PAGE')) { if ($posts_per_page < 10) { $posts_per_page = 10; } if ($posts_per_page > 30) { $posts_per_page = 30; } } else { $posts_per_page = 20; } if (($quick_reply = session::get_value('REPLY_QUICK')) === false) { $quick_reply = 'N'; } if ((!isset($message['CONTENT']) || $message['CONTENT'] == "") && !$is_preview) { message_display_deleted($tid, isset($message['PID']) ? $message['PID'] : 0, $message, $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page); return; } $from_user_permissions = perm_get_user_permissions($message['FROM_UID']); if ($uid != $message['FROM_UID']) { if ($from_user_permissions & USER_PERM_WORMED && !$perm_is_moderator) { message_display_deleted($tid, $message['PID'], $message, $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page); return; } } if (!isset($message['FROM_RELATIONSHIP'])) { $message['FROM_RELATIONSHIP'] = 0; } if (!isset($message['TO_RELATIONSHIP'])) { $message['TO_RELATIONSHIP'] = 0; } if ($message['TO_RELATIONSHIP'] & USER_IGNORED_COMPLETELY || $message['FROM_RELATIONSHIP'] & USER_IGNORED_COMPLETELY) { message_display_deleted($tid, $message['PID'], $message, $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page); return; } // Add emoticons/WikiLinks and ignore signature ---------------------------- if (session::get_value('IMAGES_TO_LINKS') == 'Y') { $message['CONTENT'] = preg_replace('/<a([^>]*)href="([^"]*)"([^\\>]*)><img[^>]*src="([^"]*)"[^>]*><\\/a>/iu', '[href: <a\\1href="\\2"\\3>\\2</a>][img: <a\\1href="\\4"\\3>\\4</a>]', $message['CONTENT']); $message['CONTENT'] = preg_replace('/<img[^>]*src="([^"]*)"[^>]*>/iu', '[img: <a href="\\1">\\1</a>]', $message['CONTENT']); $message['CONTENT'] = preg_replace('/<embed[^>]*src="([^"]*)"[^>]*>/iu', '[object: <a href="\\1">\\1</a>]', $message['CONTENT']); } if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $message['CONTENT'] = message_apply_formatting($message['CONTENT'], $message['FROM_RELATIONSHIP'] & USER_IGNORED_SIG || !$show_sigs); } // Check length of post to see if we should truncate it for display -------- if (mb_strlen(strip_tags($message['CONTENT'])) > intval(forum_get_setting('maximum_post_length', null, 6226)) && $limit_text) { $cut_msg = mb_substr($message['CONTENT'], 0, intval(forum_get_setting('maximum_post_length', null, 6226))); $cut_msg = preg_replace("/(<[^>]+)?\$/Du", "", $cut_msg); $message['CONTENT'] = fix_html($cut_msg); $message['CONTENT'] .= "…[" . gettext("Message Truncated") . "]\n<p align=\"center\"><a href=\"display.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"_self\">" . gettext("View full message") . "</a>"; } // Check for words that should be filtered --------------------------------- if (!$is_poll || $is_poll && isset($message['PID']) && $message['PID'] > 1) { $message['CONTENT'] = word_filter_add_ob_tags($message['CONTENT'], false); } if ($in_list && isset($message['PID'])) { echo "<a name=\"a{$tid}_{$message['PID']}\"></a>\n"; } // Check for search words to highlight ------------------------------------- if (is_array($highlight_array) && sizeof($highlight_array) > 0) { $highlight_pattern = array(); $highlight_replace = array(); foreach ($highlight_array as $key => $word) { $highlight_word = preg_quote($word, "/"); $highlight_pattern[$key] = "/({$highlight_word})/iu"; $highlight_replace[$key] = "<span class=\"highlight\">\\1</span>"; } $message_parts = preg_split('/([<|>])/u', $message['CONTENT'], -1, PREG_SPLIT_DELIM_CAPTURE); for ($i = 0; $i < sizeof($message_parts); $i++) { if (!($i % 4)) { $message_parts[$i] = preg_replace($highlight_pattern, $highlight_replace, $message_parts[$i], 1); } } $message['CONTENT'] = implode("", $message_parts); } // Little up/down arrows to the left of each message ----------------------- if (forum_get_setting('require_post_approval', 'Y') && $message['FROM_UID'] != $uid) { if (isset($message['APPROVED']) && $message['APPROVED'] == 0 && !$perm_is_moderator) { message_display_approval_req($tid, $message['PID'], $in_list, $is_preview, $first_msg, $msg_count, $posts_per_page); return; } } // OUTPUT MESSAGE ---------------------------------------------------------- if (!$is_preview && $message['MOVED_TID'] > 0 && $message['MOVED_PID'] > 0) { $post_link = "<a href=\"messages.php?webtag={$webtag}&msg=%s.%s\" target=\"_self\">%s</a>"; $post_link = sprintf($post_link, $message['MOVED_TID'], $message['MOVED_PID'], gettext("here")); echo "<div align=\"center\">\n"; echo "<table class=\"thread_track_notice\" width=\"96%\">\n"; echo " <tr>\n"; echo " <td align=\"left\">", sprintf(gettext("<b>Thread Split:</b> This post has been moved %s"), $post_link), "</td>\n"; echo " </tr>\n"; echo "</table>\n"; echo "</div>\n"; echo $in_list ? "<br />\n" : ''; return; } echo "<div align=\"center\">\n"; echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\n"; echo " <tr>\n"; if ($in_list && !$is_preview) { message_display_navigation($tid, $message['PID'], $first_msg, $msg_count, $posts_per_page); } echo " <td align=\"center\">\n"; echo " <table width=\"100%\" class=\"box\" cellpadding=\"0\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td width=\"1%\" align=\"right\" style=\"white-space: nowrap\"><span class=\"posttofromlabel\"> ", gettext("From"), ": </span></td>\n"; echo " <td style=\"white-space: nowrap\" width=\"98%\" align=\"left\"><span class=\"posttofrom\">"; if ($message['FROM_UID'] > -1) { echo "<a href=\"user_profile.php?webtag={$webtag}&uid={$message['FROM_UID']}\" target=\"_blank\" class=\"popup 650x500\">"; echo word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true), "</a></span>"; } else { echo word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true), "</span>"; } if (session::get_value('SHOW_AVATARS') == 'Y') { if (isset($message['AVATAR_URL']) && strlen($message['AVATAR_URL']) > 0) { echo " <img src=\"{$message['AVATAR_URL']}\" alt=\"\" title=\"", word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true), "\" border=\"0\" width=\"16\" height=\"16\" />"; } else { if (isset($message['AVATAR_AID']) && is_md5($message['AVATAR_AID'])) { $attachment = attachments_get_by_hash($message['AVATAR_AID']); if ($profile_picture_href = attachments_make_link($attachment, false, false, false, false)) { echo " <img src=\"{$profile_picture_href}&avatar_picture\" alt=\"\" title=\"", word_filter_add_ob_tags(format_user_name($message['FLOGON'], $message['FNICK']), true), "\" border=\"0\" width=\"16\" height=\"16\" />\n"; } } } } $temp_ignore = false; // If the user posting a poll is ignored, remove ignored status for this message only so the poll can be seen if ($is_poll && isset($message['PID']) && $message['PID'] == 1 && $message['FROM_RELATIONSHIP'] & USER_IGNORED) { $message['FROM_RELATIONSHIP'] -= USER_IGNORED; $temp_ignore = true; } if ($message['FROM_RELATIONSHIP'] & USER_FRIEND) { echo " <img src=\"", html_style_image('friend.png'), "\" alt=\"", gettext("Friend"), "\" title=\"", gettext("Friend"), "\" />"; } else { if ($message['FROM_RELATIONSHIP'] & USER_IGNORED || $temp_ignore) { echo " <img src=\"", html_style_image('enemy.png'), "\" alt=\"", gettext("Ignored user"), "\" title=\"", gettext("Ignored user"), "\" />"; } } echo "</td>\n"; echo " <td width=\"1%\" align=\"right\" style=\"white-space: nowrap\"><span class=\"postinfo\">"; if ($message['FROM_RELATIONSHIP'] & USER_IGNORED && $limit_text && $uid != 0) { echo "<b>", gettext("Ignored message"), "</b>"; } else { if ($in_list) { if ($from_user_permissions & USER_PERM_WORMED) { echo "<b>", gettext("Wormed user"), "</b> "; } if ($message['FROM_RELATIONSHIP'] & USER_IGNORED_SIG) { echo "<b>", gettext("Ignored signature"), "</b> "; } if (forum_get_setting('require_post_approval', 'Y') && isset($message['APPROVED']) && $message['APPROVED'] == 0) { echo "<b>", gettext("Approval Required"), "</b> "; } echo format_time($message['CREATED']); } } echo " </span></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td width=\"1%\" align=\"right\" style=\"white-space: nowrap\"><span class=\"posttofromlabel\"> ", gettext("To"), ": </span></td>\n"; echo " <td style=\"white-space: nowrap\" width=\"98%\" align=\"left\"><span class=\"posttofrom\">"; if ($message['TLOGON'] != gettext("ALL") && $message['TO_UID'] != 0) { echo "<a href=\"user_profile.php?webtag={$webtag}&uid={$message['TO_UID']}\" target=\"_blank\" class=\"popup 650x500\">"; echo word_filter_add_ob_tags(format_user_name($message['TLOGON'], $message['TNICK']), true), "</a></span>"; if ($message['TO_RELATIONSHIP'] & USER_FRIEND) { echo " <img src=\"", html_style_image('friend.png'), "\" alt=\"", gettext("Friend"), "\" title=\"", gettext("Friend"), "\" />"; } else { if ($message['TO_RELATIONSHIP'] & USER_IGNORED) { echo " <img src=\"", html_style_image('enemy.png'), "\" alt=\"", gettext("Ignored user"), "\" title=\"", gettext("Ignored user"), "\" />"; } } if (isset($message['VIEWED']) && $message['VIEWED'] > 0) { echo " <span class=\"smalltext\"><img src=\"", html_style_image('post_read.png'), "\" alt=\"\" title=\"", sprintf(gettext("Read: %s"), format_time($message['VIEWED'])), "\" /></span>"; } else { if ($is_preview == false) { echo " <span class=\"smalltext\"><img src=\"", html_style_image('post_unread.png'), "\" alt=\"\" title=\"", gettext("Unread Message"), "\" /></span>"; } } } else { echo "", gettext("ALL"), "</span>"; } echo "</td>\n"; echo " <td align=\"right\" style=\"white-space: nowrap\"><span class=\"postinfo\">"; if ($message['FROM_RELATIONSHIP'] & USER_IGNORED && $limit_text && $in_list && $uid != 0) { echo "<a href=\"user_rel.php?webtag={$webtag}&uid={$message['FROM_UID']}&msg={$tid}.{$message['PID']}\" target=\"_self\">", gettext("Stop ignoring this user"), "</a> "; echo "<a href=\"display.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"_self\">", gettext("View Message"), "</a>"; } else { if ($in_list && $msg_count > 0) { if ($is_poll) { echo "<a href=\"poll_results.php?webtag={$webtag}&tid={$tid}\" target=\"_blank\" class=\"popup 800x600\"><img src=\"", html_style_image('poll.png'), "\" border=\"0\" alt=\"", gettext("This is a poll. Click to view results."), "\" title=\"", gettext("This is a poll. Click to view results."), "\" /></a> ", gettext("Poll"), " "; } echo sprintf(gettext("%s of %s"), $message['PID'], $msg_count); } } echo " </span></td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; if (!($message['FROM_RELATIONSHIP'] & USER_IGNORED) || !$limit_text) { echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table width=\"100%\">\n"; echo " <tr>\n"; echo " <td colspan=\"3\" align=\"right\"><span class=\"postnumber\">"; if ($in_list && $msg_count > 0) { $title = $message['PID'] == 1 ? "" . gettext("Permanent link to this thread") . " ({$tid}.1)" : "" . gettext("Link to this post"); if ($is_preview) { echo "<a href=\"messages.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"_blank\" title=\"{$title}\">{$tid}.{$message['PID']}</a>"; } else { echo "<a href=\"index.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"", html_get_top_frame_name(), "\" title=\"{$title}\">{$tid}.{$message['PID']}</a>"; } if ($message['REPLY_TO_PID'] > 0) { $title = "" . gettext("Link to post") . " #{$message['REPLY_TO_PID']}"; echo " ", gettext("In reply to"), " "; if (intval($message['REPLY_TO_PID']) >= intval($first_msg)) { echo "<a href=\"#a{$tid}_{$message['REPLY_TO_PID']}\" target=\"_self\" title=\"{$title}\">"; echo "{$tid}.{$message['REPLY_TO_PID']}</a>"; } else { if ($is_preview) { echo "<a href=\"messages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\" target=\"_blank\" title=\"{$title}\">"; echo "{$tid}.{$message['REPLY_TO_PID']}</a>"; } else { echo "<a href=\"messages.php?webtag={$webtag}&msg={$tid}.{$message['REPLY_TO_PID']}\" target=\"_self\" title=\"{$title}\">"; echo "{$tid}.{$message['REPLY_TO_PID']}</a>"; } } } } echo " </span></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td class=\"postbody postcontent\" align=\"left\">{$message['CONTENT']}</td>\n"; echo " </tr>\n"; if (isset($message['EDITED']) && $message['EDITED'] > 0) { if ($post_edit_grace_period == 0 || $message['EDITED'] - $message['CREATED'] > $post_edit_grace_period * MINUTE_IN_SECONDS) { if ($edit_user = user_get_logon($message['EDITED_BY'])) { echo " <tr>\n"; echo " <td class=\"postbody\" align=\"left\"><p class=\"edit_text\">", sprintf(gettext("EDITED: %s by %s"), format_time($message['EDITED']), $edit_user), "</p></td>\n"; echo " </tr>\n"; } } } if (forum_get_setting('require_post_approval', 'Y') && isset($message['APPROVED']) && $message['APPROVED'] > 0 && $perm_is_moderator) { if (isset($message['APPROVED_BY']) && $message['APPROVED_BY'] > 0 && $message['APPROVED_BY'] != $message['FROM_UID']) { if ($approved_user = user_get_logon($message['APPROVED_BY'])) { echo " <tr>\n"; echo " <td class=\"postbody\" align=\"left\"><p class=\"approved_text\">", sprintf(gettext("APPROVED: %s by %s"), format_time($message['APPROVED']), $approved_user), "</p></td>\n"; echo " </tr>\n"; } } } if ($tid != 0 && isset($message['PID']) || isset($message['AID'])) { $aid = isset($message['AID']) ? $message['AID'] : attachments_get_id($tid, $message['PID']); $attachments_array = array(); $image_attachments_array = array(); if (attachments_get($message['FROM_UID'], $aid, $attachments_array, $image_attachments_array)) { echo " <tr>\n"; echo " <td class=\"postbody\" align=\"left\">\n"; if (is_array($attachments_array) && sizeof($attachments_array) > 0) { echo " <p><b>", gettext("Attachments"), ":</b><br />\n"; foreach ($attachments_array as $attachment) { echo " ", attachments_make_link($attachment), "<br />\n"; } echo " </p>\n"; } if (is_array($image_attachments_array) && sizeof($image_attachments_array) > 0) { echo " <p><b>", gettext("Image Attachments"), ":</b><br />\n"; foreach ($image_attachments_array as $key => $attachment) { echo " ", attachments_make_link($attachment), "\n"; } echo " </p>\n"; } echo " </td>\n"; echo " </tr>\n"; } } echo " </table>\n"; if (!$is_preview) { echo " <table width=\"100%\" class=\"postresponse\" cellspacing=\"1\" cellpadding=\"0\">\n"; echo " <tr>\n"; if (isset($message['ANON_LOGON']) && $message['ANON_LOGON'] > USER_ANON_DISABLED || !isset($message['USER_ACTIVE']) || is_null($message['USER_ACTIVE'])) { echo " <td width=\"25%\" align=\"left\">"; echo " <img src=\"", html_style_image('status_offline.png'), "\" alt=\"\" title=\"", gettext("Inactive / Offline"), "\" />"; echo " </td>\n"; } else { echo " <td width=\"25%\" align=\"left\">"; echo " <img src=\"", html_style_image('status_online.png'), "\" alt=\"\" title=\"", gettext("Online"), "\" />"; echo " </td>\n"; } echo " <td width=\"50%\" style=\"white-space: nowrap\">"; if ($msg_count > 0) { if (!$closed && session::check_perm(USER_PERM_POST_CREATE, $folder_fid) || $perm_is_moderator) { if ($quick_reply == 'Y') { echo "<img src=\"", html_style_image('quickreply.png'), "\" border=\"0\" alt=\"", gettext("Quick Reply"), "\" title=\"", gettext("Quick Reply"), "\" />\n"; echo "<a href=\"Javascript:void(0)\" rel=\"{$tid}.{$message['PID']}\" target=\"_self\" class=\"quick_reply_link\">", gettext("Quick Reply"), "</a>\n"; } else { echo "<img src=\"", html_style_image('post.png'), "\" border=\"0\" alt=\"", gettext("Reply"), "\" title=\"", gettext("Reply"), "\" />"; echo " <a href=\"post.php?webtag={$webtag}&replyto={$tid}.{$message['PID']}\" target=\"_parent\" id=\"reply_{$message['PID']}\">", gettext("Reply"), "</a>"; } echo " <img src=\"", html_style_image('quote_disabled.png'), "\" border=\"0\" alt=\"", gettext("Quote"), "\" title=\"", gettext("Quote"), "\" id=\"quote_img_{$message['PID']}\" />"; echo " <a href=\"post.php?webtag={$webtag}&replyto={$tid}.{$message['PID']}&quote_list={$message['PID']}\" target=\"_parent\" title=\"", gettext("Quote"), "\" id=\"quote_{$message['PID']}\" rel=\"{$message['PID']}\">", gettext("Quote"), "</a>"; if (!session::check_perm(USER_PERM_PILLORIED, 0) && ($uid != $message['FROM_UID'] && $from_user_permissions & USER_PERM_PILLORIED || $uid == $message['FROM_UID']) && session::check_perm(USER_PERM_POST_EDIT, $folder_fid) && ($post_edit_time == 0 || time() - $message['CREATED'] < $post_edit_time * HOUR_IN_SECONDS) && forum_get_setting('allow_post_editing', 'Y') || $perm_is_moderator) { if ($is_poll && $message['PID'] == 1) { if (!poll_is_closed($tid) || $perm_is_moderator) { echo " <img src=\"", html_style_image('edit.png'), "\" border=\"0\" alt=\"", gettext("Edit Poll"), "\" title=\"", gettext("Edit Poll"), "\" />"; echo " <a href=\"edit_poll.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"_parent\">", gettext("Edit Poll"), "</a>\n"; } } else { echo " <img src=\"", html_style_image('edit.png'), "\" border=\"0\" alt=\"", gettext("Edit"), "\" title=\"", gettext("Edit"), "\" />"; echo " <a href=\"edit.php?webtag={$webtag}&msg={$tid}.{$message['PID']}\" target=\"_parent\">", gettext("Edit"), "</a>"; } } } } else { echo " "; } echo "</td>\n"; echo " <td width=\"25%\" align=\"right\" style=\"white-space: nowrap\">\n"; echo " <span class=\"post_options\" id=\"post_options_{$tid}.{$message['PID']}\"></span>\n"; echo " </td>\n"; echo " </tr>"; echo " </table>\n"; } else { echo " <table width=\"100%\" class=\"postresponse\" cellspacing=\"1\" cellpadding=\"0\">\n"; echo " <tr>\n"; echo " <td> </td>\n"; echo " </tr>\n"; echo " </table>\n"; } } echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; if ($in_list && !$is_preview) { message_display_navigation($tid, $message['PID'], $first_msg, $msg_count, $posts_per_page); } echo " </tr>\n"; echo " </table>\n"; if ($in_list && isset($message['PID'])) { echo " <div id=\"quick_reply_{$message['PID']}\"></div>\n"; } echo "</div>\n"; echo $in_list ? "<br />\n" : ''; }
function openinviter_conf() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $options = array(); $ers = array(); if (empty($_POST['message_body_box'])) { $ers['message'] = __("Message missing"); } elseif (strlen($_POST['message_body_box']) < 15) { $ers['message'] = __("Message body too short. Minimum length: 15 chars"); } else { $options['message_body'] = $_POST['message_body_box']; } if (empty($_POST['message_subject_box'])) { $ers['message_subject'] = __("Message subject missing"); } elseif (strlen($_POST['message_subject_box']) < 5) { $ers['message_subject'] = __("Message subject too short. Minimum length: 5 chars"); } else { $options['message_subject'] = $_POST['message_subject_box']; } if (empty($_POST['username_box'])) { $ers['username'] = __("OpenInviter.com Username missing"); } else { $options['username'] = $_POST['username_box']; } if (empty($_POST['private_key_box'])) { $ers['private_key'] = __("OpenInviter.com Private Key missing"); } elseif (!is_md5($_POST['private_key_box'])) { $ers['private_key'] = __("Invalid OpenInviter.com Private Key"); } else { $options['private_key'] = $_POST['private_key_box']; } if (empty($_POST['transport_box'])) { $ers['transport'] = __("Transport missing"); } else { $options['transport'] = $_POST['transport_box']; } if (empty($_POST['cookie_path_box'])) { $ers['cookie'] = __("Cookie path missing"); } else { $options['cookie_path'] = $_POST['cookie_path_box']; } if (empty($_POST['local_debug_box'])) { $ers['local_debug'] = __("Local debugger setting missing"); } else { $options['local_debug'] = $_POST['local_debug_box'] == 'off' ? false : $_POST['local_debug_box']; } if (empty($_POST['remote_debug_box'])) { $ers['remote_debug'] = __("Remote debugger setting missing"); } else { $options['remote_debug'] = $_POST['remote_debug_box'] == 'on' ? true : false; } if (!isset($_POST['filter_emails_box'])) { $options['filter_emails'] = false; } else { $options['filter_emails'] = true; } if (count($ers) == 0) { if (!get_option('openinviter_settings')) { add_option('openinviter_settings', $options); } else { update_option('openinviter_settings', $options); } $path = WP_PLUGIN_DIR . "/openinviter-for-wordpress/oi_includes/config.php"; $file_contents = "<?php\n"; $file_contents .= "\$openinviter_settings=array(\n" . row2text($options) . "\n);\n"; $file_contents .= "?>"; file_put_contents($path, $file_contents); echo "<div id='message' class='updated fade'><p><strong>" . __('Options saved.') . "</strong></p></div>"; } else { echo "<div id='message' class='error'><p><strong>" . __('Errors encountered:') . "</strong>"; foreach ($ers as $er) { echo "<br> {$er}"; } echo "</p></div>"; } } else { $options = get_option('openinviter_settings'); global $openinviter_options; foreach ($openinviter_options['settings'] as $key => $val) { if (!isset($options[$key])) { $options[$key] = $val['default']; } } } $transports = array('curl' => __('cURL'), 'wget' => __('WGET')); $local_debugs = array('off' => __('None'), 'on_error' => __('Errors only'), 'always' => __('Always')); $remote_debugs = array('off' => __('Off'), 'on' => __('On')); $contents = "<div class='wrap'><h2>" . __('OpenInviter Configuration') . "</h2>\n\t\t\t<div class='narrow'><form action='' method='POST' style='margin: auto; width: 600px;'><p>\n\t\t\t" . sprintf(__('<strong>Tip</strong>: You can get your API details (username and private key) from <a href="%1$s">OpenInviter.com</a>. If you don\'t have an OpenInviter.com account you can sign up at <a href="%2$s">OpenInviter.com</a>.'), 'http://openinviter.com/get_key.php', 'http://openinviter.com/register.php') . "</p>\n\t\t\t\t<table>\n\t\t\t\t<tr><td valign='top'><strong><label for='message_body_box'>" . __("Invite message body") . "</label></strong></td><td><textarea rows='5' cols='47' id='message_body_box' name='message_body_box'>{$options['message_body']}</textarea></td></tr>\n\t\t\t\t<tr><td valign='top'><strong><label for='message_subject_box'>" . __("Invite message subject") . "</label></strong></td><td><input type='text' id='message_subject_box' name='message_subject_box' value='{$options['message_subject']}' style='font-family: 'Courier New', Courier, mono; font-size: 1.5em;' size='50' /></td></tr>\n\t\t\t\t<tr><td colspan='2' align='right'>The <strong>%s</strong> in the message subject will be replaced with the sender</td></tr>\n\t\t\t\t<tr><td colspan='2'> </td></tr>\n\t\t\t\t<tr><td><strong><label for='username_box'>" . __('OpenInviter.com Username') . "</label></strong></td><td><input id='username_box' name='username_box' type='text' value='{$options['username']}' style='font-family: 'Courier New', Courier, mono; font-size: 1.5em;' size='50' /></td></tr>\n\t\t\t\t<tr><td><strong><label for='private_key_box'>" . __('OpenInviter.com Private Key') . "</label></strong></td><td><input id='private_key_box' name='private_key_box' type='text' value='{$options['private_key']}' style='font-family: 'Courier New', Courier, mono; font-size: 1.5em;' size='50' /></td></tr>\n\t\t\t\t<tr><td><strong><label for='transport_box'>" . __("Transport") . "</label></strong></td><td><select id='transport_box' name='transport_box'><option value=''></option>"; foreach ($transports as $value => $name) { $contents .= "<option value='{$value}'" . ($options['transport'] == $value ? ' selected' : '') . ">{$name}</option>"; } $contents .= "</select></td></tr>\n\t\t\t\t<tr><td><strong><label for='cookie_path_box'>" . __("Cookie path") . "</label></strong></td><td><input type='text' id='cookie_path_box' name='cookie_path_box' value='{$options['cookie_path']}' style='font-family: 'Courier New', Courier, mono; font-size: 1.5em;' size='50' /></td></tr>\n\t\t\t\t<tr><td><strong><label for='local_debug_box'>" . __('Local debugger') . "</label></strong></td><td><select id='local_debug_box' name='local_debug_box'><option value=''></option>"; if ($options['local_debug'] === false) { $options['local_debug'] = 'off'; } if ($options['remote_debug'] === false) { $options['remote_debug'] = 'off'; } else { $options['remote_debug'] = 'on'; } foreach ($local_debugs as $value => $name) { $contents .= "<option value='{$value}'" . ($options['local_debug'] == $value ? ' selected' : '') . ">{$name}</option>"; } $contents .= "</select></td></tr>\n\t\t\t\t<tr><td><strong><label for='remote_debug_box'>" . __('Remote debugger') . "</label></strong></td><td><select id='remote_debug_box' name='remote_debug_box'><option value=''></option>"; foreach ($remote_debugs as $value => $name) { $contents .= "<option value='{$value}'" . ($options['remote_debug'] == $value ? ' selected' : '') . ">{$name}</option>"; } $contents .= "</select></td></tr>\n\t\t\t\t<tr><td><strong><label for='filter_emails_box'>" . __('Filter emails') . "</label></strong></td><td><input id='filter_emails_box' name='filter_emails_box' type='checkbox' value='Y'" . ($options['filter_emails'] ? ' checked' : '') . "></td></tr>\n\t\t\t\t<tr><td colspan='2' align='center'><p class='submit'><input type='submit' id='submit' name='save' value='" . __("Save options") . "' /></p></td></tr>\n\t\t\t\t</table>\n\t\t\t</form>\n\t\t\t</div>\n\t\t</div>"; echo $contents; }
header('Location: index.php?action=backupjobs'); } else { echo 'Unable to delete file'; } } else { echo 'File does not exist'; } } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'backuprestore') { checkacl('restoreb'); include $config['path'] . '/includes/backuprestore.php'; } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'logout') { session_unset(); session_destroy(); logevent('User ' . $_SESSION['user'] . ' logged out', 'activity'); header('Location: index.php'); } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'runbackup' && isset($_REQUEST['id']) && is_md5($_REQUEST['id'])) { checkacl('backnow'); logevent('User ' . $_SESSION['user'] . ' ran backup job manually', 'activity'); //making sure backup job is not terminated ignore_user_abort(true); set_time_limit(0); echo 'Backup task has been started, please do not close this window <pre>'; echo shell_exec(escapeshellcmd('php ' . $config['path'] . '/cron.php ' . $_REQUEST['id'])); echo '</pre>'; } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'activitylogs') { checkacl('alog'); $smarty->display($config['path'] . '/templates/header.tpl'); echo '<h4>Activity Logs</h4>'; $activitylogs = json_decode(file_get_contents($config['path'] . '/db/db-activitylog.json'), true); $activitylogs = array_reverse($activitylogs); echo '<table class="table table-bordered table-striped">';
$chat_id = $chatid; $head_name = lang($L['chat_with'], array($user['username'])); $head_title = $head_name . $DT['seo_delimiter'] . $head_title; $forward = is_url($forward) ? addslashes(dhtmlspecialchars($forward)) : ''; if (strpos($forward, $MOD['linkurl']) !== false) { $forward = ''; } $chat = $db->get_one("SELECT * FROM {$table} WHERE chatid='{$chatid}'"); if ($chat) { $db->query("UPDATE {$table} SET forward='{$forward}' WHERE chatid='{$chatid}'"); } else { $db->query("INSERT INTO {$table} (chatid,fromuser,touser,tgettime,forward) VALUES ('{$chat_id}','{$_username}','{$touser}','0','{$forward}')"); } $type = 1; } else { if (isset($chatid) && is_md5($chatid)) { $chat = $db->get_one("SELECT * FROM {$table} WHERE chatid='{$chatid}'"); if ($chat && ($chat['touser'] == $_username || $chat['fromuser'] == $_username)) { if ($chat['touser'] == $_username) { $user = userinfo($chat['fromuser']); } else { if ($chat['fromuser'] == $_username) { $user = userinfo($chat['touser']); } } $online = online($user['userid']); $chat_id = $chatid; $head_name = lang($L['chat_with'], array($user['username'])); $head_title = $head_name . $DT['seo_delimiter'] . $head_title; } else { dheader('?action=index');
echo " </tr>\n"; } echo " <tr>\n"; echo " <td align=\"left\" colspan=\"5\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; if ($uid == session::get_value('UID')) { if (!is_md5($aid)) { $aid = md5(uniqid(mt_rand())); } if ($popup == 1) { echo " <tr>\n"; echo " <td align=\"center\">"; echo " <a href=\"attachments.php?webtag={$webtag}&aid={$aid}\" class=\"button popup 660x500\" id=\"attachments\"><span>", gettext("Attachments"), "</span></a>\n"; echo " ", form_submit('delete', gettext("Delete")), " ", form_submit('close', gettext("Close")); echo " </td>\n"; echo " </tr>\n"; } else { echo " <tr>\n"; echo " <td align=\"center\">"; echo " <a href=\"attachments.php?webtag={$webtag}&aid={$aid}\" class=\"button popup 660x500\" id=\"attachments\"><span>", gettext("Attachments"), "</span></a>\n"; echo " ", form_submit('delete', gettext("Delete")); echo " </td>\n";
if ($r) { $username = $r['username']; } } } else { message($L['login_msg_not_member']); } } if ($MOD['passport'] == 'uc') { include DT_ROOT . '/api/' . $MOD['passport'] . '.inc.php'; } $user = $do->login($username, $password, $cookietime); if ($user) { if ($MOD['passport'] && $MOD['passport'] != 'uc') { $api_url = ''; $user['password'] = is_md5($password) ? $password : md5($password); //Once MD5 if (strtoupper($MOD['passport_charset']) != DT_CHARSET) { $user = convert($user, DT_CHARSET, $MOD['passport_charset']); } extract($user); include DT_ROOT . '/api/' . $MOD['passport'] . '.inc.php'; if ($api_url) { $forward = $api_url; } } #if($MOD['sso']) include DT_ROOT.'/api/sso.inc.php'; if ($DT['login_log'] == 2) { $do->login_log($username, $password, $user['passsalt'], 0); } if ($api_msg) {
function user_get_profile($uid) { if (!($db = db::get())) { return false; } if (!is_numeric($uid)) { return false; } $peer_uid = session::get_value('UID'); if (!($table_prefix = get_table_prefix())) { return false; } if (!($forum_fid = get_forum_fid())) { return false; } $user_groups_array = array(); $user_prefs = user_get_prefs($uid); $session_gc_maxlifetime = ini_get('session.gc_maxlifetime'); $session_cutoff_datetime = date(MYSQL_DATETIME, time() - $session_gc_maxlifetime); $sql = "SELECT USER.UID, USER.LOGON, USER.NICKNAME, USER_PEER.PEER_NICKNAME, "; $sql .= "UNIX_TIMESTAMP(USER_FORUM.LAST_VISIT) AS LAST_VISIT, "; $sql .= "UNIX_TIMESTAMP(USER.REGISTERED) AS REGISTERED, "; $sql .= "UNIX_TIMESTAMP(USER_TRACK.USER_TIME_BEST) AS USER_TIME_BEST, "; $sql .= "UNIX_TIMESTAMP(USER_TRACK.USER_TIME_TOTAL) AS USER_TIME_TOTAL, "; $sql .= "USER_PEER.RELATIONSHIP, SESSIONS.ID FROM USER USER "; $sql .= "LEFT JOIN USER_PREFS USER_PREFS_GLOBAL ON (USER_PREFS_GLOBAL.UID = USER.UID) "; $sql .= "LEFT JOIN `{$table_prefix}USER_PREFS` USER_PREFS_FORUM "; $sql .= "ON (USER_PREFS_FORUM.UID = USER.UID) "; $sql .= "LEFT JOIN `{$table_prefix}USER_PEER` USER_PEER "; $sql .= "ON (USER_PEER.PEER_UID = USER.UID AND USER_PEER.UID = '{$peer_uid}') "; $sql .= "LEFT JOIN USER_FORUM USER_FORUM ON (USER_FORUM.UID = USER.UID "; $sql .= "AND USER_FORUM.FID = '{$forum_fid}') "; $sql .= "LEFT JOIN `{$table_prefix}USER_TRACK` USER_TRACK "; $sql .= "ON (USER_TRACK.UID = USER.UID) "; $sql .= "LEFT JOIN SESSIONS ON (SESSIONS.UID = USER.UID "; $sql .= "AND SESSIONS.TIME >= CAST('{$session_cutoff_datetime}' AS DATETIME)) "; $sql .= "WHERE USER.UID = '{$uid}' "; $sql .= "GROUP BY USER.UID"; if (!($result = $db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } $user_profile = $result->fetch_assoc(); if (isset($user_prefs['ANON_LOGON']) && $user_prefs['ANON_LOGON'] > USER_ANON_DISABLED) { $anon_logon = $user_prefs['ANON_LOGON']; } else { $anon_logon = USER_ANON_DISABLED; } if ($anon_logon == USER_ANON_DISABLED && isset($user_profile['LAST_VISIT']) && $user_profile['LAST_VISIT'] > 0) { $user_profile['LAST_LOGON'] = format_time($user_profile['LAST_VISIT']); } else { $user_profile['LAST_LOGON'] = gettext("Unknown"); } if (isset($user_profile['REGISTERED']) && $user_profile['REGISTERED'] > 0) { $user_profile['REGISTERED'] = format_date($user_profile['REGISTERED']); } else { $user_profile['REGISTERED'] = gettext("Unknown"); } if (isset($user_profile['USER_TIME_BEST']) && $user_profile['USER_TIME_BEST'] > 0) { $user_profile['USER_TIME_BEST'] = format_time_display($user_profile['USER_TIME_BEST']); } else { $user_profile['USER_TIME_BEST'] = gettext("Unknown"); } if (isset($user_profile['USER_TIME_TOTAL']) && $user_profile['USER_TIME_TOTAL'] > 0) { $user_profile['USER_TIME_TOTAL'] = format_time_display($user_profile['USER_TIME_TOTAL']); } else { $user_profile['USER_TIME_TOTAL'] = gettext("Unknown"); } if (isset($user_prefs['DOB_DISPLAY']) && !empty($user_prefs['DOB']) && $user_prefs['DOB'] != "0000-00-00") { if ($user_prefs['DOB_DISPLAY'] == USER_DOB_DISPLAY_BOTH) { $user_profile['DOB'] = format_birthday($user_prefs['DOB']); $user_profile['AGE'] = format_age($user_prefs['DOB']); } else { if ($user_prefs['DOB_DISPLAY'] == USER_DOB_DISPLAY_DATE) { $user_profile['DOB'] = format_birthday($user_prefs['DOB']); } else { if ($user_prefs['DOB_DISPLAY'] == USER_DOB_DISPLAY_AGE) { $user_profile['AGE'] = format_age($user_prefs['DOB']); } } } } if (isset($user_prefs['PIC_URL']) && strlen($user_prefs['PIC_URL']) > 0) { $user_profile['PIC_URL'] = $user_prefs['PIC_URL']; } if (isset($user_prefs['PIC_AID']) && is_md5($user_prefs['PIC_AID'])) { $user_profile['PIC_AID'] = $user_prefs['PIC_AID']; } if (isset($user_prefs['AVATAR_URL']) && strlen($user_prefs['AVATAR_URL']) > 0) { $user_profile['AVATAR_URL'] = $user_prefs['AVATAR_URL']; } if (isset($user_prefs['AVATAR_AID']) && is_md5($user_prefs['AVATAR_AID'])) { $user_profile['AVATAR_AID'] = $user_prefs['AVATAR_AID']; } if (isset($user_prefs['HOMEPAGE_URL']) && strlen($user_prefs['HOMEPAGE_URL']) > 0) { $user_profile['HOMEPAGE_URL'] = $user_prefs['HOMEPAGE_URL']; } if (!isset($user_profile['RELATIONSHIP'])) { $user_profile['RELATIONSHIP'] = 0; } if (isset($user_profile['PEER_NICKNAME'])) { if (!is_null($user_profile['PEER_NICKNAME']) && strlen($user_profile['PEER_NICKNAME']) > 0) { $user_profile['NICKNAME'] = $user_profile['PEER_NICKNAME']; } } if ($anon_logon == USER_ANON_DISABLED) { if (isset($user_profile['ID'])) { $user_profile['STATUS'] = gettext("Online"); } else { $user_profile['STATUS'] = gettext("Inactive / Offline"); } } else { $user_profile['STATUS'] = gettext("Unknown"); } if ($user_post_count = user_get_post_count($uid)) { $user_profile['POST_COUNT'] = $user_post_count; } else { $user_profile['POST_COUNT'] = 0; } if ($user_local_time = user_format_local_time($user_prefs)) { $user_profile['LOCAL_TIME'] = $user_local_time; } if (user_is_banned($uid)) { $user_profile['USER_GROUPS'] = gettext("Banned"); } else { perm_user_get_group_names($uid, $user_groups_array); if (sizeof($user_groups_array) > 0) { $user_profile['USER_GROUPS'] = implode(', ', $user_groups_array); } else { $user_profile['USER_GROUPS'] = gettext("Registered"); } } return $user_profile; }
/** * Confirmation of password restoring process * * @param string $key * * @return array|bool array('id' => <i>id</i>, 'password' => <i>password</i>) or <b>false</b> on failure */ function restore_password_confirmation($key) { if (!is_md5($key)) { return false; } $id = $this->db_prime()->qfs(["SELECT `id`\n\t\t\tFROM `[prefix]users`\n\t\t\tWHERE\n\t\t\t\t`reg_key`\t= '%s' AND\n\t\t\t\t`status`\t= '%s'\n\t\t\tLIMIT 1", $key, self::STATUS_ACTIVE]); if (!$id) { return false; } $data = $this->get('data', $id); if (!isset($data['restore_until'])) { return false; } elseif ($data['restore_until'] < TIME) { unset($data['restore_until']); $this->set('data', $data, $id); return false; } unset($data['restore_until']); $Config = Config::instance(); $password = password_generate($Config->core['password_min_length'], $Config->core['password_min_strength']); $this->set(['password_hash' => hash('sha512', hash('sha512', $password) . Core::instance()->public_key), 'data' => $data], null, $id); $this->add_session($id); return ['id' => $id, 'password' => $password]; }
function login_log($username, $password, $admin = 0, $message = '') { global $DT_PRE, $DT_TIME, $DT_IP, $L; $password = is_md5($password) ? md5($password) : md5(md5($password)); $agent = addslashes(htmlspecialchars(strip_sql($_SERVER['HTTP_USER_AGENT']))); $message or $message = $L['member_login_ok']; if ($message == $L['member_login_ok']) { cache_delete($DT_IP . '.php', 'ban'); } $this->db->query("INSERT INTO {$DT_PRE}login (username,password,admin,loginip,logintime,message,agent) VALUES ('{$username}','{$password}','{$admin}','{$DT_IP}','{$DT_TIME}','{$message}','{$agent}')"); }
function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true) { if (!is_array($attachment)) { return false; } if (!is_bool($show_thumbs)) { $show_thumbs = true; } if (!is_bool($limit_filename)) { $limit_filename = false; } if (!is_bool($local_path)) { $local_path = false; } if (!is_bool($img_tag)) { $img_tag = true; } if (!($attachment_dir = forum_get_setting('attachment_dir'))) { return false; } if (!isset($attachment['aid'])) { return false; } if (!isset($attachment['hash'])) { return false; } if (!isset($attachment['filename'])) { return false; } if (!isset($attachment['downloads'])) { return false; } if (!is_md5($attachment['aid'])) { return false; } if (!is_md5($attachment['hash'])) { return false; } $webtag = get_webtag(); if (forum_get_setting('attachment_thumbnails', 'Y') && (($user_show_thumbs = session::get_value('SHOW_THUMBS')) > 0 || !session::logged_in())) { $thumbnail_size = array(1 => 50, 2 => 100, 3 => 150); $thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100; } else { $thumbnail_max_size = 100; $show_thumbs = false; } if ($local_path) { $attachment_href = "attachments/{$attachment['filename']}"; } else { $attachment_href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}"; $attachment_href .= "&filename={$attachment['filename']}"; } if ($img_tag === true) { $title_array = array(); if (mb_strlen($attachment['filename']) > 16 && $limit_filename) { $title_array[] = gettext("Filename") . ": {$attachment['filename']}"; $attachment['filename'] = mb_substr($attachment['filename'], 0, 16); $attachment['filename'] .= "…"; } if (isset($attachment['filesize']) && is_numeric($attachment['filesize'])) { $title_array[] = gettext("Size") . ": " . format_file_size($attachment['filesize']); } if ($attachment['downloads'] == 1) { $title_array[] = gettext("Downloaded: 1 time"); } else { $title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']); } if (@file_exists("{$attachment_dir}/{$attachment['hash']}.thumb") && $show_thumbs) { if (@($image_info = getimagesize("{$attachment_dir}/{$attachment['hash']}"))) { $title_array[] = gettext("Dimensions") . ": {$image_info[0]}x{$image_info[1]}px"; $thumbnail_width = $image_info[0]; $thumbnail_height = $image_info[1]; while ($thumbnail_width > $thumbnail_max_size || $thumbnail_height > $thumbnail_max_size) { $thumbnail_width--; $thumbnail_height = floor($thumbnail_width * ($image_info[1] / $image_info[0])); } $title = implode(", ", $title_array); $attachment_link = "<span class=\"attachment_thumb\"><a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\"><img src=\"{$attachment_href}&thumb=1\""; $attachment_link .= "border=\"0\" width=\"{$thumbnail_width}\" height=\"{$thumbnail_height}\""; $attachment_link .= "alt=\"{$title}\" title=\"{$title}\" /></a></span>"; return $attachment_link; } } $title = implode(", ", $title_array); $attachment_link = "<img src=\""; $attachment_link .= html_style_image('attach.png'); $attachment_link .= "\" width=\"14\" height=\"14\" border=\"0\" "; $attachment_link .= "alt=\"" . gettext("Attachment") . "\" "; $attachment_link .= "title=\"" . gettext("Attachment") . "\" />"; $attachment_link .= "<a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>\n"; return $attachment_link; } return $attachment_href; }
} else { if ($DT['mail_type'] == 'close') { message($L['send_mail_close']); } if ($MOD['checkuser'] != 2) { dheader(DT_PATH); } if ($submit) { captcha($captcha); check_name($username) or message($L['send_check_username_bad']); $user = $db->get_one("SELECT email,password,groupid FROM {$DT_PRE}member WHERE username='******'"); if ($user) { if ($user['groupid'] != 4) { dalert($L['send_check_deny'], DT_PATH); } if ($user['password'] != (is_md5($password) ? md5($password) : md5(md5($password)))) { message($L['send_check_password_bad']); } $email = trim($email); if ($email && $email != $user['email']) { is_email($email) or message($L['send_check_email_bad']); $r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE email='{$email}'"); if ($r) { message($L['send_check_email_repeat']); } $db->query("UPDATE {$DT_PRE}member SET email='{$email}' WHERE username='******'"); } else { $email = $user['email']; } $auth = make_auth($username); $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authtime='{$DT_TIME}' WHERE username='******'");
echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; // Get recent visitors if ($recent_visitors_array = visitor_log_get_recent()) { echo " <tr>\n"; echo " <td align=\"center\">\n"; echo " <table class=\"posthead\" border=\"0\" width=\"100%\" cellpadding=\"2\" cellspacing=\"0\">\n"; foreach ($recent_visitors_array as $recent_visitor) { if (isset($recent_visitor['LAST_LOGON']) && $recent_visitor['LAST_LOGON'] > 0) { echo " <tr>\n"; if (session::get_value('SHOW_AVATARS') == 'Y') { if (isset($recent_visitor['AVATAR_URL']) && strlen($recent_visitor['AVATAR_URL']) > 0) { echo " <td valign=\"top\" class=\"postbody\" align=\"left\" width=\"25\"><img src=\"{$recent_visitor['AVATAR_URL']}\" alt=\"\" title=\"", word_filter_add_ob_tags(htmlentities_array(format_user_name($recent_visitor['LOGON'], $recent_visitor['NICKNAME']))), "\" border=\"0\" width=\"16\" height=\"16\" /></td>\n"; } else { if (isset($recent_visitor['AVATAR_AID']) && is_md5($recent_visitor['AVATAR_AID'])) { $attachment = attachments_get_by_hash($recent_visitor['AVATAR_AID']); if ($profile_picture_href = attachments_make_link($attachment, false, false, false, false)) { echo " <td valign=\"top\" class=\"postbody\" align=\"left\" width=\"25\"><img src=\"{$profile_picture_href}&avatar_picture\" alt=\"\" title=\"", word_filter_add_ob_tags(htmlentities_array(format_user_name($recent_visitor['LOGON'], $recent_visitor['NICKNAME']))), "\" border=\"0\" width=\"16\" height=\"16\" /></td>\n"; } else { echo " <td valign=\"top\" align=\"left\" class=\"postbody\" width=\"25\"><img src=\"", html_style_image('bullet.png'), "\" alt=\"", gettext('User'), "\" title=\"", gettext('User'), "\" /></td>\n"; } } else { echo " <td valign=\"top\" align=\"left\" class=\"postbody\" width=\"25\"><img src=\"", html_style_image('bullet.png'), "\" alt=\"", gettext('User'), "\" title=\"", gettext('User'), "\" /></td>\n"; } } } else { echo " <td valign=\"top\" align=\"left\" class=\"postbody\" width=\"25\"><img src=\"", html_style_image('bullet.png'), "\" alt=\"", gettext('User'), "\" title=\"", gettext('User'), "\" /></td>\n"; } if (isset($recent_visitor['SID']) && !is_null($recent_visitor['SID']) && forum_get_setting('searchbots_show_recent', 'Y')) { echo " <td valign=\"top\" align=\"left\"><a href=\"{$recent_visitor['URL']}\" target=\"_blank\">", word_filter_add_ob_tags(htmlentities_array($recent_visitor['NAME'])), "</a></td>\n";
function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true) { if (!is_array($attachment)) { return false; } if (!is_bool($show_thumbs)) { $show_thumbs = true; } if (!is_bool($limit_filename)) { $limit_filename = false; } if (!is_bool($local_path)) { $local_path = false; } if (!is_bool($img_tag)) { $img_tag = true; } if (!($attachment_dir = attachments_check_dir())) { return false; } if (!isset($attachment['hash'])) { return false; } if (!isset($attachment['filename'])) { return false; } if (!isset($attachment['downloads'])) { return false; } if (!is_md5($attachment['hash'])) { return false; } $thumbnail_max_size = 100; $webtag = get_webtag(); forum_check_webtag_available($webtag); if (isset($_SESSION['SHOW_THUMBS']) && is_numeric($_SESSION['SHOW_THUMBS'])) { $user_show_thumbs = $_SESSION['SHOW_THUMBS']; } else { $user_show_thumbs = 100; } if ($show_thumbs && forum_get_setting('attachment_thumbnails', 'Y') && ($user_show_thumbs > 0 || !session::logged_in())) { $thumbnail_size = array(1 => 50, 2 => 100, 3 => 150); $thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100; } else { $show_thumbs = false; } if ($local_path) { $attachment_href = "attachments/{$attachment['filename']}"; } else { $attachment_href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}"; $attachment_href .= "&filename={$attachment['filename']}"; } if ($img_tag) { $title_array = array(); if (mb_strlen($attachment['filename']) > 16 && $limit_filename) { $title_array[] = sprintf(gettext("Filename: %s"), $attachment['filename']); $attachment['filename'] = format_file_name($attachment['filename']); } if (isset($attachment['filesize']) && is_numeric($attachment['filesize']) && $attachment['filesize'] > 0) { $title_array[] = sprintf(gettext("Size: %s"), format_file_size($attachment['filesize'])); } if ($attachment['downloads'] == 1) { $title_array[] = gettext("Downloaded: 1 time"); } else { $title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']); } if (isset($attachment['width'], $attachment['height'])) { $title_array[] = sprintf(gettext("Dimensions %dx%dpx"), $attachment['width'], $attachment['height']); } $title = implode(", ", $title_array); if ($show_thumbs && isset($attachment['thumbnail']) && $attachment['thumbnail'] == 'Y') { $thumbnail_width = 150; $thumbnail_height = 150; while ($thumbnail_width > $thumbnail_max_size) { $thumbnail_width--; $thumbnail_height--; } $attachment_link = "<a href=\"{$attachment_href}\" target=\"_blank\"><span class=\"attachment_thumb\" "; $attachment_link .= "style=\"background-image: url('{$attachment_href}&thumb=1'); "; $attachment_link .= "width: {$thumbnail_width}px; height: {$thumbnail_height}px\" "; $attachment_link .= "title=\"{$title}\"></span></a>"; } else { $attachment_link = html_style_image('attach', gettext("Attachment")); $attachment_link .= "<a href=\"{$attachment_href}\" title=\"{$title}\" "; $attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>"; } return $attachment_link; } return $attachment_href; }
/* [Destoon B2B System] Copyright (c) 2008-2013 Destoon.COM This is NOT a freeware, use is subject to license.txt */ @set_time_limit(0); require 'common.inc.php'; if ($DT_BOT) { dhttp(403); } $from = isset($from) ? trim($from) : ''; $swfupload = isset($swfupload) ? 1 : 0; $errmsg = ''; if ($swfupload) { //Fix FlashPlayer Bug $swf_userid = intval($swf_userid); if ($swf_userid != $_userid && is_md5($swf_auth)) { $swf_groupid = intval($swf_groupid); if ($swf_auth == md5($swf_userid . $swf_username . $swf_groupid . $swf_company . DT_KEY . $DT_IP) || $swf_auth == md5($swf_userid . $swf_username . $swf_groupid . convert($swf_company, 'utf-8', DT_CHARSET) . DT_KEY . $DT_IP)) { $_userid = $swf_userid; $_username = $swf_username; $_groupid = $swf_groupid; $_company = convert($swf_company, 'utf-8', DT_CHARSET); $MG = cache_read('group-' . $_groupid . '.php'); } else { $errmsg = 'Error(0)' . 'SWFUpload Denied'; if ($swfupload) { exit(convert($errmsg, DT_CHARSET, 'utf-8')); } dalert($errmsg); } }
function forum_get_saved_password(&$password, &$passhash, &$sesshash) { $webtag = get_webtag($webtag_search); if (isset($_COOKIE["bh_{$webtag}_password"]) && strlen(_stripslashes($_COOKIE["bh_{$webtag}_password"])) > 0) { $password = _stripslashes($_COOKIE["bh_{$webtag}_password"]); } else { $password = ""; } if (isset($_COOKIE["bh_{$webtag}_passhash"]) && is_md5($_COOKIE["bh_{$webtag}_passhash"])) { $passhash = trim(_stripslashes($_COOKIE["bh_{$webtag}_passhash"])); } else { $passhash = ""; } if (isset($_COOKIE["bh_{$webtag}_sesshash"]) && is_md5($_COOKIE["bh_{$webtag}_sesshash"])) { $sesshash = trim(_stripslashes($_COOKIE["bh_{$webtag}_sesshash"])); } else { $sesshash = ""; } return true; }
/** * Validates user * * Validates user using key sent to the user via email upon registration. Can be turned on/off * @global resource * @param string $email email of user being validated * @param string $key key given at registration * @return integer|boolean */ function validate_user($email, $key) { global $database; // Error codes // 904 - Email not given // 905 - Invalid email // 906 - No key given // 907 - Invaid key given // 908 - Invalid key / email combo // Empty email? if (empty($email)) { return 904; } // Empty Key? if (empty($key)) { return 906; } // Valid email? if (is_email($email)) { // Valid md5? if (is_md5($key)) { //Query $result = $database->query("SELECT * FROM `users` WHERE `email` = '{$email}' AND `key` = '{$key}' LIMIT 1"); if ($database->num($result) < 1) { return 908; } else { // The user data $user_data = $database->fetch($result); // update user fields $active = update_user($user_data['id'], false, 'active', 1); $key = update_user($user_data['id'], false, 'key', ''); // What happened? if ($active && $key) { // is it true? if (!alpha($active, 'numeric')) { // Example of codes switch ($active) { case 905: return false; break; default: return true; break; } } // is it true? if (!alpha($key, 'numeric')) { // Example of codes switch ($key) { case 905: return false; break; default: return true; break; } } } } } else { return 907; } } else { return 905; } }
} } if (isset($thread['POLL_FLAG']) && $thread['POLL_FLAG'] == 'Y') { echo "<a href=\"poll_results.php?webtag={$webtag}&tid={$thread['TID']}\" target=\"_blank\" class=\"popup 800x600\"><img src=\"", html_style_image('poll.png'), "\" border=\"0\" alt=\"", gettext("This is a poll. Click to view results."), "\" title=\"", gettext("This is a poll. Click to view results."), "\" /></a> "; } if (isset($thread['STICKY']) && $thread['STICKY'] == "Y") { echo "<img src=\"", html_style_image('sticky.png'), "\" alt=\"", gettext("Sticky"), "\" title=\"", gettext("Sticky"), "\" /> "; } if (isset($thread['TRACK_TYPE']) && $thread['TRACK_TYPE'] == THREAD_TYPE_SPLIT) { echo "<img src=\"", html_style_image('split_thread.png'), "\" alt=\"", gettext("Thread has been split"), "\" title=\"", gettext("Thread has been split"), "\" /> "; } else { if (isset($thread['TRACK_TYPE']) && $thread['TRACK_TYPE'] == THREAD_TYPE_MERGE) { echo "<img src=\"", html_style_image('merge_thread.png'), "\" alt=\"", gettext("Thread has been merged"), "\" title=\"", gettext("Thread has been merged"), "\" /> "; } } if (isset($thread['AID']) && is_md5($thread['AID'])) { echo "<img src=\"", html_style_image('attach.png'), "\" alt=\"", gettext("Attachment"), "\" title=\"", gettext("Attachment"), "\" /> "; } echo "<span class=\"threadxnewofy\">{$number}</span></td>\n"; echo " <td valign=\"top\" style=\"white-space: nowrap\" align=\"right\"><span class=\"threadtime\">{$thread_time} </span></td>\n"; echo " </tr>\n"; echo " </table>\n"; unset($thread_info[$key]); } } if (is_numeric($folder) && $folder_number == $folder && $thread_count >= 50) { echo " <table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n"; echo " <tr>\n"; echo " <td align=\"left\" colspan=\"3\"><a href=\"thread_list.php?webtag={$webtag}&mode={$mode}&folder={$folder}&page=", $page + 1, "\" class=\"folderinfo\" title=\"", gettext("Show next 50 threads"), "\">", gettext("Next 50 threads"), "</a></td>\n"; echo " </tr>\n"; echo " </table>\n";
/** * Get new access_token with refresh_token * * @param string $refresh_token * @param string $client Client id * @param string $secret Client secret * * @return array|bool <i>false</i> on failure, * otherwise array ['access_token' => md5, 'refresh_token' => md5, 'expires_in' => seconds, 'token_type' => 'bearer'] */ function refresh_token($refresh_token, $client, $secret) { $client = $this->get_client($client); if (!is_md5($refresh_token) || !$client || $client['secret'] != $secret) { return false; } $data = $this->db_prime()->qf(["SELECT\n\t\t\t\t`user`,\n\t\t\t\t`access_token`,\n\t\t\t\t`session`\n\t\t\tFROM `[prefix]oauth2_clients_sessions`\n\t\t\tWHERE\n\t\t\t\t`id`\t\t\t= '%s' AND\n\t\t\t\t`refresh_token`\t= '%s'\n\t\t\tLIMIT 1", $client['id'], $refresh_token]); $this->db_prime()->q("DELETE FROM `[prefix]oauth2_clients_sessions`\n\t\t\tWHERE\n\t\t\t\t`id`\t\t\t= '%s' AND\n\t\t\t\t`refresh_token`\t= '%s'\n\t\t\tLIMIT 1", $client['id'], $refresh_token); if (!$data) { return false; } unset($this->cache->{"tokens/{$data['access_token']}"}); $User = User::instance(); $id = $User->get_session_user($data['session']); if ($id != $data['user']) { return false; } $User->add_session($id); $result = $this->get_code($this->add_code($client['id'], 'code'), $client['id'], $client['secret']); $User->del_session(); return $result; }
if (is_array($chatid)) { foreach ($chatid as $cid) { if (is_md5($cid)) { $db->query("DELETE FROM {$table} WHERE chatid='{$cid}'"); } } } else { if (is_md5($chatid)) { $db->query("DELETE FROM {$table} WHERE chatid='{$chatid}'"); } } dmsg('删除成功', $forward); break; case 'view': $lists = array(); if (is_md5($chatid)) { $data = file_get(DT_ROOT . '/file/chat/' . substr($chatid, 0, 2) . '/' . $chatid . '.php'); if ($data) { $data = trim(substr($data, 13)); $data = explode("\n", $data); foreach ($data as $d) { list($time, $name, $word) = explode("|", $d); if ($MOD['chat_url'] || $MOD['chat_img']) { if (preg_match_all("/([http|https]+)\\:\\/\\/([a-z0-9\\/\\-\\_\\.\\,\\?\\&\\#\\=\\%\\+\\;]{4,})/i", $word, $m)) { foreach ($m[0] as $u) { if ($MOD['chat_img'] && preg_match("/^(jpg|jpeg|gif|png|bmp)\$/i", file_ext($u)) && !preg_match("/([\\?\\&\\=]{1,})/i", $u)) { $word = str_replace($u, '<img src="' . $u . '" onload="if(this.width>320)this.width=320;" onclick="window.open(this.src);"/>', $word); } else { if ($MOD['chat_url']) { $word = str_replace($u, '<a href="' . $u . '" target="_blank">' . $u . '</a>', $word); }
function stats_get_active_user_list() { $stats = array('ANON_USERS' => 0, 'BOTS' => 0, 'GUESTS' => 0, 'USER_COUNT' => 0, 'USERS' => array()); $search_engine_bots = array(); $user_sort = array(); if (!($db = db::get())) { return $stats; } if (!($table_prefix = get_table_prefix())) { return $stats; } if (!($forum_fid = get_forum_fid())) { return $stats; } $session_gc_maxlifetime = ini_get('session.gc_maxlifetime'); $session_cutoff_datetime = date(MYSQL_DATETIME, time() - $session_gc_maxlifetime); if (($uid = session::get_value('UID')) === false) { return $stats; } $sql = "SELECT COUNT(UID) FROM SESSIONS WHERE UID = 0 AND SID IS NULL "; $sql .= "AND SESSIONS.TIME >= CAST('{$session_cutoff_datetime}' AS DATETIME) "; $sql .= "AND SESSIONS.FID = '{$forum_fid}'"; if (!($result = $db->query($sql))) { return $stats; } list($stats['GUESTS']) = $result->fetch_row(); $sql = "SELECT DISTINCT SESSIONS.UID, USER.LOGON, USER.NICKNAME, USER_PEER2.PEER_NICKNAME, "; $sql .= "USER_PREFS_GLOBAL.ANON_LOGON, USER_PEER.RELATIONSHIP AS PEER_RELATIONSHIP, "; $sql .= "USER_PEER2.RELATIONSHIP AS USER_RELATIONSHIP, SEARCH_ENGINE_BOTS.SID, "; $sql .= "SEARCH_ENGINE_BOTS.URL AS BOT_URL, SEARCH_ENGINE_BOTS.NAME AS BOT_NAME, "; $sql .= "USER_PREFS_FORUM.AVATAR_URL AS AVATAR_URL_FORUM, USER_PREFS_FORUM.AVATAR_AID AS AVATAR_AID_FORUM, "; $sql .= "USER_PREFS_GLOBAL.AVATAR_URL AS AVATAR_URL_GLOBAL, USER_PREFS_GLOBAL.AVATAR_AID AS AVATAR_AID_GLOBAL "; $sql .= "FROM SESSIONS SESSIONS LEFT JOIN USER USER ON (USER.UID = SESSIONS.UID) "; $sql .= "LEFT JOIN `{$table_prefix}USER_PEER` USER_PEER "; $sql .= "ON (USER_PEER.UID = SESSIONS.UID AND USER_PEER.PEER_UID = '{$uid}') "; $sql .= "LEFT JOIN `{$table_prefix}USER_PEER` USER_PEER2 "; $sql .= "ON (USER_PEER2.PEER_UID = SESSIONS.UID AND USER_PEER2.UID = '{$uid}') "; $sql .= "LEFT JOIN `{$table_prefix}USER_PREFS` USER_PREFS_FORUM ON (USER_PREFS_FORUM.UID = SESSIONS.UID) "; $sql .= "LEFT JOIN USER_PREFS USER_PREFS_GLOBAL ON (USER_PREFS_GLOBAL.UID = SESSIONS.UID) "; $sql .= "LEFT JOIN SEARCH_ENGINE_BOTS ON (SEARCH_ENGINE_BOTS.SID = SESSIONS.SID) "; $sql .= "WHERE SESSIONS.TIME >= CAST('{$session_cutoff_datetime}' AS DATETIME) "; $sql .= "AND SESSIONS.FID = '{$forum_fid}' AND (SESSIONS.UID > 0 OR SESSIONS.SID IS NOT NULL)"; if (!($result = $db->query($sql))) { return $stats; } while ($user_data = $result->fetch_assoc()) { if (isset($user_data['ANON_LOGON']) && $user_data['ANON_LOGON'] > USER_ANON_DISABLED) { $anon_logon = $user_data['ANON_LOGON']; } else { $anon_logon = USER_ANON_DISABLED; } if (!isset($user_data['USER_RELATIONSHIP'])) { $user_data['USER_RELATIONSHIP'] = USER_NORMAL; } if (!isset($user_data['PEER_RELATIONSHIP'])) { $user_data['PEER_RELATIONSHIP'] = USER_NORMAL; } if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) { if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) { $user_data['NICKNAME'] = $user_data['PEER_NICKNAME']; } } if (isset($user_data['AVATAR_URL_FORUM']) && strlen($user_data['AVATAR_URL_FORUM']) > 0) { $user_data['AVATAR_URL'] = $user_data['AVATAR_URL_FORUM']; } else { if (isset($user_data['AVATAR_URL_GLOBAL']) && strlen($user_data['AVATAR_URL_GLOBAL']) > 0) { $user_data['AVATAR_URL'] = $user_data['AVATAR_URL_GLOBAL']; } else { $user_data['AVATAR_URL'] = null; } } if (isset($user_data['AVATAR_AID_FORUM']) && is_md5($user_data['AVATAR_AID_FORUM'])) { $user_data['AVATAR_AID'] = $user_data['AVATAR_AID_FORUM']; } else { if (isset($user_data['AVATAR_AID_GLOBAL']) && is_md5($user_data['AVATAR_AID_GLOBAL'])) { $user_data['AVATAR_AID'] = $user_data['AVATAR_AID_GLOBAL']; } else { $user_data['AVATAR_AID'] = null; } } if (!isset($user_data['LOGON'])) { $user_data['LOGON'] = gettext("Unknown user"); } if (!isset($user_data['NICKNAME'])) { $user_data['NICKNAME'] = ""; } if (($user_data['USER_RELATIONSHIP'] & USER_IGNORED_COMPLETELY) > 0) { unset($user_data); } else { if (isset($user_data['SID']) && !is_null($user_data['SID'])) { if (forum_get_setting('searchbots_show_active', 'Y')) { $stats['BOTS']++; $user_sort[] = $user_data['BOT_NAME']; $stats['USERS'][] = array('BOT_NAME' => $user_data['BOT_NAME'], 'BOT_URL' => $user_data['BOT_URL']); } else { $stats['GUESTS']++; } } else { if ($anon_logon == USER_ANON_DISABLED || $user_data['UID'] == $uid || ($user_data['PEER_RELATIONSHIP'] & USER_FRIEND) > 0 && $anon_logon == USER_ANON_FRIENDS_ONLY) { $stats['USER_COUNT']++; $user_sort[] = format_user_name($user_data['LOGON'], $user_data['NICKNAME']); $stats['USERS'][] = array('UID' => $user_data['UID'], 'LOGON' => $user_data['LOGON'], 'NICKNAME' => $user_data['NICKNAME'], 'RELATIONSHIP' => $user_data['USER_RELATIONSHIP'], 'ANON_LOGON' => $anon_logon, 'AVATAR_URL' => $user_data['AVATAR_URL'], 'AVATAR_AID' => $user_data['AVATAR_AID']); } else { $stats['ANON_USERS']++; } } } } $user_sort = array_map('strtolower', $user_sort); array_multisort($user_sort, SORT_ASC, SORT_STRING, $stats['USERS']); return $stats; }
function light_attachments_make_link($attachment) { if (!is_array($attachment)) { return false; } if (!isset($attachment['hash']) || !is_md5($attachment['hash'])) { return false; } if (!isset($attachment['filename'])) { return false; } $webtag = get_webtag(); forum_check_webtag_available($webtag); $href = "get_attachment.php?webtag={$webtag}&hash={$attachment['hash']}"; $href .= "&filename={$attachment['filename']}"; return "<a href=\"{$href}\" target=\"_blank\">{$attachment['filename']}</a>"; }
function forum_check_password($forum_fid) { if (!is_numeric($forum_fid)) { return; } $webtag = get_webtag(); if (!forum_check_webtag_available($webtag)) { return; } if (!($forum_passhash = forum_get_password($forum_fid))) { return; } if (isset($_SESSION["{$webtag}_PASSWORD"]) && is_md5($_SESSION["{$webtag}_PASSWORD"])) { $forum_passhash_check = $_SESSION["{$webtag}_PASSWORD"]; } else { $forum_passhash_check = null; } if (isset($_POST['forum_password']) && strlen($_POST['forum_password']) > 0) { $forum_passhash_check = md5($_POST['forum_password']); } if ($forum_passhash == $forum_passhash_check) { $_SESSION["{$webtag}_PASSWORD"] = $forum_passhash_check; return; } cache_disable(); html_draw_top(array('title' => gettext("Password Protected Forum"))); echo "<h1>", gettext("Password Protected Forum"), "</h1>\n"; if (isset($_SESSION["{$webtag}_PASSWORD"]) && is_md5($_SESSION["{$webtag}_PASSWORD"])) { html_display_error_msg(gettext("The username or password you supplied is not valid."), '550', 'center'); } if (($password_protected_message = forum_get_setting('password_protected_message')) !== false) { echo fix_html($password_protected_message); } else { html_display_warning_msg(gettext("This forum is password protected. To gain access enter the password below."), '400', 'center'); } echo "<br />\n"; echo "<div align=\"center\">\n"; echo " <form accept-charset=\"utf-8\" method=\"post\" action=\"", get_request_uri(), "\" target=\"_self\" autocomplete=\"off\">\n"; echo " ", form_csrf_token_field(), "\n"; if (isset($_POST) && is_array($_POST) && sizeof($_POST) > 0) { echo form_input_hidden_array($_POST); } echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n"; echo " <tr>\n"; echo " <td align=\"left\">\n"; echo " <table class=\"box\" width=\"400\">\n"; echo " <tr>\n"; echo " <td class=\"posthead\" align=\"center\">\n"; echo " <table class=\"posthead\" width=\"100%\">\n"; echo " <tr>\n"; echo " <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Enter Password"), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " <table class=\"posthead\" width=\"90%\">\n"; echo " <tr>\n"; echo " <td align=\"left\">", gettext("Password"), ":</td>\n"; echo " <td align=\"left\">", form_input_password('forum_password', null, 40), "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\" colspan=\"2\"> </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " </table>\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"left\"> </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td align=\"center\">", form_submit("logon", gettext("Logon")), " ", form_submit("cancel", gettext("Cancel")), "</td>\n"; echo " </tr>\n"; echo " </table>\n"; if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0) || session::check_perm(USER_PERM_FORUM_TOOLS, 0)) { html_display_warning_msg(gettext("If you want to change some settings on your forum click the Admin link in the navigation bar above."), '400', 'center'); } echo " </form>\n"; echo "</div>\n"; html_draw_bottom(); exit; }
echo " <td align=\"left\"> </td>\n"; } echo " <td align=\"right\" valign=\"top\" style=\"white-space: nowrap\" class=\"postbody\">", format_file_size($attachment['filesize']), "</td>\n"; echo " <td align=\"left\" width=\"25\"> </td>\n"; echo " </tr>\n"; $total_attachment_size += $attachment['filesize']; } } } if (is_array($image_attachments_array) && sizeof($image_attachments_array) > 0) { foreach ($image_attachments_array as $key => $attachment) { if ($attachment_link = attachments_make_link($attachment, false)) { echo " <tr>\n"; echo " <td align=\"center\" width=\"1%\">", form_checkbox("delete_other_attachment[{$attachment['hash']}]", "Y"), "</td>\n"; echo " <td align=\"left\" valign=\"top\" style=\"white-space: nowrap\" class=\"postbody\">{$attachment_link}</td>\n"; if (!is_md5($aid) && is_md5($attachment['aid'])) { echo " <td align=\"left\" valign=\"top\" style=\"white-space: nowrap\" class=\"postbody\">"; if ($message_link = attachments_get_message_link($attachment['aid'])) { echo "<a href=\"{$message_link}\" target=\"_blank\">", gettext("View Message"), "</a>"; } else { if ($message_link = attachments_get_pm_link($attachment['aid'])) { echo "<a href=\"{$message_link}\" target=\"_blank\">", gettext("View Message"), "</a>"; } else { echo ' '; } } echo "</td>\n"; } else { echo " <td align=\"left\"> </td>\n"; } echo " <td align=\"right\" valign=\"top\" style=\"white-space: nowrap\" class=\"postbody\">", format_file_size($attachment['filesize']), "</td>\n";
function rm($key) { is_md5($key) or $key = md5($this->pre . $key); return file_del(DT_CACHE . '/php/' . substr($key, 0, 2) . '/' . $key . '.php'); }
function is_payword($username, $payword) { global $db; if (strlen($payword) < 6) { return false; } $r = $db->get_one("SELECT payword,password FROM {$db->pre}member WHERE username='******'"); if (!$r) { return false; } $r['payword'] = $r['payword'] ? $r['payword'] : $r['password']; return $r['payword'] == (is_md5($payword) ? md5($payword) : md5(md5($payword))); }