$tmp_user["user_id"] = $uid;
$tmp_user["password_temp"] = $newpass;
phorum_user_save($tmp_user);
// Mail the new password.
$user = phorum_user_get( $uid );
$maildata = array();
$maildata['mailmessage'] =
wordwrap($PHORUM["DATA"]["LANG"]["LostPassEmailBody1"],72).
"\n\n".
$PHORUM["DATA"]["LANG"]["Username"] .": $user[username]\n".
$PHORUM["DATA"]["LANG"]["Password"] .": $newpass".
"\n\n".
wordwrap($PHORUM["DATA"]["LANG"]["LostPassEmailBody2"],72);
$maildata['mailsubject'] = $PHORUM["DATA"]["LANG"]["LostPassEmailSubject"];
phorum_email_user(array( 0 => $user['email'] ), $maildata);
$okmsg = $PHORUM["DATA"]["LANG"]["LostPassSent"];
}
}
// The entered email address was not found.
else {
$error = $PHORUM["DATA"]["LANG"]["LostPassError"];
}
}
// The user wants to login.
else {
$_POST['email_temp']="";
unset($email_temp_part);
} elseif($PHORUM['registration_control'] && !empty($_POST['email']) && strtolower($_POST['email']) != strtolower($PHORUM["DATA"]["PROFILE"]['email'])) {
// ... generate the confirmation-code ... //
$conf_code= mt_rand ( 1000000, 9999999);
$_POST['email_temp']=$_POST['email']."|".$conf_code;
// ... send email ... //
$maildata=array(
'mailmessage' => wordwrap($PHORUM['DATA']['LANG']['EmailVerifyBody'], 72),
'mailsubject' => $PHORUM['DATA']['LANG']['EmailVerifySubject'],
'uname' => $PHORUM['DATA']['PROFILE']['username'],
'newmail' => $_POST['email'],
'mailcode' => $conf_code,
'cc_url' => phorum_get_url(PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_MAIL)
);
phorum_email_user(array($_POST['email']),$maildata);
// Remember this for the template.
$email_temp_part = $_POST['email'];
unset($_POST['email']);
}
list($error,$okmsg) = phorum_controlcenter_user_save( $panel );
}
}
if (isset($email_temp_part)) {
$PHORUM['DATA']['PROFILE']['email_temp_part'] = $email_temp_part;
}
// flip this due to db vs. UI wording.
if ( !empty( $PHORUM['DATA']['PROFILE']["hide_email"] ) ) {
function phorum_email_moderators($message)
{
$PHORUM=$GLOBALS["PHORUM"];
$mail_users = phorum_user_get_moderators($PHORUM['forum_id'],false,true);
if (count($mail_users)) {
include_once("./include/format_functions.php");
if($message["status"] > 0) { // just notification of a new message
$mailtext = $PHORUM["DATA"]["LANG"]['NewUnModeratedMessage'];
} else { // posts needing approval
$mailtext = $PHORUM["DATA"]["LANG"]['NewModeratedMessage'];
}
$mail_data = array(
"mailmessage" => $mailtext,
"mailsubject" => $PHORUM["DATA"]["LANG"]['NewModeratedSubject'],
"forumname" => strip_tags($PHORUM["DATA"]["NAME"]),
"forum_id" => $PHORUM['forum_id'],
"message_id" => $message['message_id'],
"author" => $message['author'],
"subject" => $message['subject'],
"full_body" => $message['body'],
"plain_body" => phorum_strip_body($message['body']),
"approve_url" => phorum_get_url(PHORUM_PREPOST_URL),
"read_url" => phorum_get_url(PHORUM_READ_URL, $message['thread'], $message['message_id'])
);
if (isset($_POST[PHORUM_SESSION_LONG_TERM])) {
// strip any auth info from the read url
$mail_data["read_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["read_url"]);
$mail_data["approve_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["approve_url"]);
}
phorum_email_user($mail_users, $mail_data);
}
}
}
$mail_users = phorum_api_user_list_moderators($PHORUM['forum_id'], $PHORUM['email_ignore_admin'], TRUE);
if (count($mail_users)) {
$mail_data = array("mailmessage" => $PHORUM["DATA"]["LANG"]['ReportPostEmailBody'], "mailsubject" => $PHORUM["DATA"]["LANG"]['ReportPostEmailSubject'], "forumname" => $PHORUM["DATA"]["NAME"], "reportedby" => $PHORUM["user"]["display_name"], "author" => $message["author"], "subject" => $message["subject"], "body" => wordwrap($message["body"], 72), "ip" => $message["ip"], "raw_date" => $message["datestamp"], "date" => phorum_date($PHORUM["short_date_time"], $message["datestamp"]), "explanation" => wordwrap($_POST["explanation"], 72), "url" => phorum_get_url(PHORUM_READ_URL, $message["thread"], $message_id), "delete_url" => phorum_get_url(PHORUM_MODERATION_URL, PHORUM_DELETE_MESSAGE, $message_id), "hide_url" => phorum_get_url(PHORUM_MODERATION_URL, PHORUM_HIDE_POST, $message_id), "edit_url" => phorum_get_url(PHORUM_POSTING_URL, 'moderation', $message_id), "reporter_url" => phorum_get_url(PHORUM_PROFILE_URL, $PHORUM["user"]["user_id"]), "message" => $message);
if (isset($_POST[PHORUM_SESSION_LONG_TERM])) {
// strip any auth info from the created urls
$mail_data["url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["url"]);
$mail_data["delete_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["delete_url"]);
$mail_data["hide_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["hide_url"]);
$mail_data["edit_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["edit_url"]);
$mail_data["reporter_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["reporter_url"]);
}
if (isset($PHORUM["hooks"]["report"])) {
$mail_data = phorum_hook("report", $mail_data);
}
phorum_email_user($mail_users, $mail_data);
$PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $message["thread"]);
$PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["BackToThread"];
$PHORUM["DATA"]["OKMSG"] = $PHORUM["DATA"]["LANG"]["ReportPostSuccess"];
$template = "message";
$report = true;
}
} else {
$PHORUM["DATA"]["ReportPostMessage"] = $PHORUM["DATA"]["LANG"]['ReportPostNotAllowed'];
}
}
// format message
list($message) = phorum_format_messages(array($message));
$PHORUM["DATA"]["PostSubject"] = $message["subject"];
$PHORUM["DATA"]["PostAuthor"] = $message["author"];
$PHORUM["DATA"]["PostBody"] = $message["body"];
function phorum_email_moderators($message)
{
$PHORUM = $GLOBALS["PHORUM"];
$mail_users = phorum_api_user_list_moderators($PHORUM['forum_id'], $PHORUM['email_ignore_admin'], TRUE);
if (count($mail_users)) {
include_once "./include/format_functions.php";
if ($message["status"] > 0) {
// just notification of a new message
$mailsubjecttpl = 'NewUnModeratedSubject';
$mailmessagetpl = 'NewUnModeratedMessage';
$mailsubject = $PHORUM["DATA"]["LANG"]['NewUnModeratedSubject'];
$mailmessage = $PHORUM["DATA"]["LANG"]['NewUnModeratedMessage'];
} else {
// posts needing approval
$mailsubjecttpl = 'NewModeratedSubject';
$mailmessagetpl = 'NewModeratedMessage';
$mailsubject = $PHORUM["DATA"]["LANG"]['NewModeratedSubject'];
$mailmessage = $PHORUM["DATA"]["LANG"]['NewModeratedMessage'];
}
$mail_data = array("forumname" => strip_tags($PHORUM["DATA"]["NAME"]), "forum_id" => $PHORUM['forum_id'], "message_id" => $message['message_id'], "author" => phorum_api_user_get_display_name($message["user_id"], $message["author"], PHORUM_FLAG_PLAINTEXT), "subject" => $message['subject'], "full_body" => $message['body'], "plain_body" => phorum_strip_body($message['body']), "approve_url" => phorum_get_url(PHORUM_CONTROLCENTER_URL, "panel=messages"), "read_url" => phorum_get_url(PHORUM_READ_URL, $message['thread'], $message['message_id']), "mailmessage" => $mailmessage, "mailsubject" => $mailsubject, "mailmessagetpl" => $mailmessagetpl, "mailsubjecttpl" => $mailsubjecttpl, "language" => $PHORUM['language']);
if (isset($_POST[PHORUM_SESSION_LONG_TERM])) {
// strip any auth info from the read url
$mail_data["read_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["read_url"]);
$mail_data["approve_url"] = preg_replace("!,{0,1}" . PHORUM_SESSION_LONG_TERM . "=" . urlencode($_POST[PHORUM_SESSION_LONG_TERM]) . "!", "", $mail_data["approve_url"]);
}
phorum_email_user($mail_users, $mail_data);
}
}
$userdata["active"] = PHORUM_USER_ACTIVE;
// send reg approved message
$maildata["mailsubject"] = $PHORUM["DATA"]["LANG"]["RegApprovedSubject"];
$maildata["mailmessage"] = wordwrap($PHORUM["DATA"]["LANG"]["RegApprovedEmailBody"], 72);
phorum_email_user(array($user["email"]), $maildata);
}
}
$userdata["user_id"] = $user_id;
// only save it if something was changed
if (isset($userdata['active'])) {
phorum_api_user_save($userdata);
}
if (isset($_POST["disapprove"])) {
$maildata["mailsubject"] = $PHORUM["DATA"]["LANG"]["RegRejectedSubject"];
$maildata["mailmessage"] = wordwrap($PHORUM["DATA"]["LANG"]["RegRejectedEmailBody"], 72);
phorum_email_user(array($user["email"]), $maildata);
phorum_api_user_delete($user_id);
}
}
}
if (empty($users)) {
$PHORUM["DATA"]["OKMSG"] = $PHORUM["DATA"]["LANG"]["NoUnapprovedUsers"];
} else {
// get a fresh list to update any changes
$users = phorum_db_user_get_unapproved();
// XSS prevention.
foreach ($users as $id => $user) {
$users[$id]["username"] = htmlspecialchars($user["username"], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
$users[$id]["email"] = htmlspecialchars($user["email"], ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]);
}
$PHORUM["DATA"]["USERS"] = $users;
/**
* error handling function
* NOTE: This is not a required part of abstraction
*/
function phorum_db_pg_last_error($err){
if(isset($GLOBALS['PHORUM']['error_logging'])) {
$logsetting = $GLOBALS['PHORUM']['error_logging'];
} else {
$logsetting = "";
}
$adminemail = $GLOBALS['PHORUM']['system_email_from_address'];
$cache_dir = $GLOBALS['PHORUM']['cache'];
if (!defined("PHORUM_ADMIN")){
if($logsetting == 'mail') {
include_once("./include/email_functions.php");
$data=array('mailmessage'=>"An SQL-error occured in your phorum-installation.\n\nThe error-message was:\n$err\n\n",
'mailsubject'=>'Phorum: an SQL-error occured');
phorum_email_user(array($adminemail),$data);
} elseif($logsetting == 'file') {
$fp = fopen($cache_dir."/phorum-sql-errors.log",'a');
fputs($fp,time().": $err\n");
fclose($fp);
} else {
echo htmlspecialchars($err);
}
exit();
}else{
echo "<!-- $err -->";
}
}
/**
* Database error handling function.
*
* @param $error - The error message.
*/
function phorum_database_error($error)
{
$PHORUM = $GLOBALS["PHORUM"];
// Flush output that we buffered so far (for displaying a
// clean page in the admin interface).
phorum_ob_clean();
/*
* [hook]
* database_error
*
* [description]
* Give modules a chance to handle or process database errors.
* This can be useful to implement addional logging backends and/or
* alerting mechanisms. Another option is to fully override Phorum's
* default database error handling by handling the error and then
* calling exit() from the hook to prevent the default Phorum code
* from running.<sbr/>
* <sbr/>
* Note: If you decide to use the full override scenario, then
* it is best to make your module run the database_error hook
* last, so other modules can still run their hook handling
* before the script exits. To accomplish this, add this to your
* module info:
* <programlisting>
* priority: run hook database_error after *
* </programlisting>
*
* [category]
* Miscellaneous
*
* [when]
* At the start of the function
* <literal>phorum_database_error</literal> (which you can find in
* <filename>common.php</filename>). This function is called from
* the database layer when some database error occurs.
*
* [input]
* The error message that was returned from the database layer.
* This error is not HTML escaped, so if you send it to the browser,
* be sure to preprocess it using <phpfunc>htmlspecialchars</phpfunc>.
*
* [output]
* Same as input.
*
* [example]
* <hookcode>
* function phorum_mod_foo_database_error($error)
* {
* // Log database errors to syslog facility "LOCAL0".
* openlog("Phorum", LOG_PID | LOG_PERROR, LOG_LOCAL0);
* syslog(LOG_ERR, $error);
*
* return $error;
* }
* </hookcode>
*/
if (isset($PHORUM["hooks"]["database_error"])) {
phorum_hook("database_error", $error);
}
// Find out what type of error handling is required.
$logopt = isset($PHORUM["error_logging"]) ? $PHORUM["error_logging"] : 'screen';
// Create a backtrace report, so it's easier to find out where a problem
// is coming from.
$backtrace = phorum_generate_backtrace(0);
// Start the error page.
?>
<html>
<head><title>Phorum database error</title></head>
<body>
<h1>Phorum Database Error</h1>
Sorry, a Phorum database error occurred.<br/>
<?php
// In admin scripts, we will always include the
// error message inside a comment in the page.
if (defined("PHORUM_ADMIN")) {
print "<!-- " . htmlspecialchars($error, ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]) . " -->";
}
switch ($logopt) {
// Log the database error to a logfile.
case "file":
$cache_dir = $PHORUM["cache"];
$fp = fopen($cache_dir . "/phorum-sql-errors.log", "a");
fputs($fp, "Time: " . time() . "\n" . "Error: {$error}\n" . ($backtrace !== NULL ? "Back trace:\n{$backtrace}\n\n" : ""));
fclose($fp);
print "The error message has been written<br/>" . "to the phorum-sql-errors.log error log.<br/>" . "Please try again later!";
break;
// Display the database error on screen.
// Display the database error on screen.
case "screen":
$htmlbacktrace = $backtrace === NULL ? NULL : nl2br(htmlspecialchars($backtrace, ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]));
print "Please try again later!" . "<h3>Error:</h3>" . htmlspecialchars($error, ENT_COMPAT, $PHORUM["DATA"]["HCHARSET"]) . ($backtrace !== NULL ? "<h3>Backtrace:</h3>\n{$htmlbacktrace}" : "");
break;
// Send a mail to the administrator about the database error.
// Send a mail to the administrator about the database error.
case "mail":
default:
require_once "./include/email_functions.php";
$data = array("mailmessage" => "A database error occured in your Phorum installation.\n" . "\n" . "Error message:\n" . "--------------\n" . "\n" . "{$error}\n" . "\n" . ($backtrace !== NULL ? "Backtrace:\n----------\n\n{$backtrace}" : ""), "mailsubject" => "Phorum: A database error occured");
$adminmail = $PHORUM["system_email_from_address"];
phorum_email_user(array($adminmail), $data);
print "The administrator of this forum has been<br/>" . "notified by email about the error.<br/>" . "Please try again later!";
break;
}
// Finish the error page.
?>
</body>
</html>
<?php
exit;
}
