/** * just returns to the list and exits the program */ function phorum_return_to_list() { $PHORUM=$GLOBALS["PHORUM"]; if(!empty($PHORUM["forum_id"])){ phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); }else{ phorum_redirect_by_url(phorum_get_url(PHORUM_INDEX_URL)); } exit(); }
// phorum.org) or the Phorum License that was distributed with this file // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM_CONTROL_CENTER")) { return; } require_once "./include/api/base.php"; require_once "./include/api/file_storage.php"; if (!$PHORUM["DATA"]["MESSAGE_MODERATOR"]) { phorum_redirect_by_url(phorum_get_url(PHORUM_CONTROLCENTER_URL)); exit; } // the number of days to show if (isset($_POST['moddays']) && is_numeric($_POST['moddays'])) { $moddays = (int) $_POST['moddays']; } elseif (isset($PHORUM['args']['moddays']) && !empty($PHORUM["args"]['moddays']) && is_numeric($PHORUM["args"]['moddays'])) { $moddays = (int) $PHORUM['args']['moddays']; } else { $moddays = phorum_api_user_get_setting("cc_messages_moddays"); } if ($moddays === NULL) { $moddays = 2; } if (isset($_POST['onlyunapproved']) && is_numeric($_POST['onlyunapproved'])) { $showwaiting = (int) $_POST['onlyunapproved'];
// we have now set this folder as vroot } elseif($setvroot && ($oldfolder['vroot']==0 || $oldfolder['vroot'] != $cur_folder_id)) { if(!phorum_admin_set_vroot($cur_folder_id)) { $error="Database error while setting virtual-root info."; } } // is there an else? } else { $error="Database error while adding/updating folder."; } } if(empty($error)) { phorum_redirect_by_url($_SERVER['PHP_SELF']); exit(); } foreach($_POST as $key=>$value){ $$key=$value; } } elseif(defined("PHORUM_EDIT_FOLDER")) { $forum_settings = phorum_db_get_forums($_REQUEST["forum_id"]); extract($forum_settings[$_REQUEST["forum_id"]]); } if($error){
// dst is time + 1 hour if (isset($_POST['tz_offset']) && $_POST['tz_offset'] != -99) { if ($_POST['tz_offset'] && isset($_POST['is_dst']) && $_POST['is_dst']) { $_POST['tz_offset'] = ++$_POST['tz_offset'] . ""; } } // unsetting dst if not checked if (!isset($_POST['is_dst'])) { $_POST['is_dst'] = 0; } $oldtemplate = $PHORUM["user"]["user_template"]; list($error, $okmsg) = phorum_controlcenter_user_save($panel); // No error and the template changed? The reload the page to // reflect the new template. if (empty($error) && !empty($_POST["user_template"]) && $oldtemplate != $_POST["user_template"]) { phorum_redirect_by_url($PHORUM['DATA']['URL']['CC6']); exit; } } if (isset($PHORUM["user_time_zone"])) { $PHORUM['DATA']['PROFILE']['TZSELECTION'] = $PHORUM["user_time_zone"]; } // compute the tz-array if (!isset($PHORUM['DATA']['PROFILE']['tz_offset']) || $PHORUM['DATA']['PROFILE']['tz_offset'] == -99) { $defsel = " selected=\"selected\""; } else { $defsel = ""; } // remove dst from tz_offset if (isset($PHORUM['DATA']['PROFILE']['is_dst']) && $PHORUM['DATA']['PROFILE']['is_dst']) { $PHORUM['DATA']['PROFILE']['tz_offset'] = --$PHORUM['DATA']['PROFILE']['tz_offset'];
<?php //////////////////////////////////////////////////////////////////////////////// // // // Copyright (C) 2006 Phorum Development Team // // http://www.phorum.org // // // // This program is free software. You can redistribute it and/or modify // // it under the terms of either the current Phorum License (viewable at // // phorum.org) or the Phorum License that was distributed with this file // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if(!defined("PHORUM_ADMIN")) return; phorum_redirect_by_url(phorum_get_url(PHORUM_INDEX_URL)); exit(); ?>
// This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM_CONTROL_CENTER")) { return; } if (count($_POST)) { $old_password = trim($_POST["password_old"]); $new_password = trim($_POST['password_new']); // attempt to authenticate the user if (empty($old_password) || !phorum_api_user_authenticate(PHORUM_FORUM_SESSION, $PHORUM['user']['username'], $old_password)) { $error = $PHORUM["DATA"]["LANG"]["ErrOriginalPassword"]; } elseif (empty($new_password) || empty($_POST['password_new2']) || $_POST['password_new'] !== $_POST['password_new2']) { $error = $PHORUM["DATA"]["LANG"]["ErrPassword"]; } else { // everything's good, save $_POST['password_temp'] = $_POST['password'] = $new_password; list($error, $okmsg) = phorum_controlcenter_user_save($panel); // Redirect to the password page, to make sure that the // CSRF token is refreshed. This token is partly based on the // session id and this session id changed along with the password. phorum_redirect_by_url(phorum_get_url(PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_PASSWORD, "okmsg=" . urlencode($okmsg))); } } $PHORUM["DATA"]["HEADING"] = $PHORUM["DATA"]["LANG"]["ChangePassword"]; $PHORUM['DATA']['PROFILE']['CHANGEPASSWORD'] = 1; $template = "cc_usersettings";
// somehow we got to a folder if($PHORUM["folder_flag"] || empty($PHORUM["forum_id"])){ $dest_url = phorum_get_url(PHORUM_INDEX_URL, $PHORUM["forum_id"]); phorum_redirect_by_url($dest_url); exit(); } if(isset($PHORUM["args"][1])){ $thread=$PHORUM["args"][1]; } elseif(isset($_POST["thread"])){ $thread=$_POST["thread"]; } if(empty($thread)) { phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); exit(); } $message=phorum_db_get_message($thread); if(isset($PHORUM["args"]["remove"])){ // we are removing a message from the follow list phorum_user_unsubscribe( $PHORUM['user']['user_id'], $thread ); $PHORUM["DATA"]["MESSAGE"]=$PHORUM["DATA"]["LANG"]["RemoveFollowed"]; $PHORUM["DATA"]["URL"]["REDIRECT"]=phorum_get_url(PHORUM_FOREIGN_READ_URL, $message["forum_id"], $thread); $PHORUM["DATA"]["BACKMSG"]=$PHORUM["DATA"]["LANG"]["BackToThread"]; $template="message"; } elseif(isset($PHORUM["args"]["noemail"])){ // we are stopping emails for this thread phorum_user_unsubscribe( $PHORUM['user']['user_id'], $thread );
<?php //////////////////////////////////////////////////////////////////////////////// // // // Copyright (C) 2007 Phorum Development Team // // http://www.phorum.org // // // // This program is free software. You can redistribute it and/or modify // // it under the terms of either the current Phorum License (viewable at // // phorum.org) or the Phorum License that was distributed with this file // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // You should have received a copy of the Phorum License // // along with this program. // //////////////////////////////////////////////////////////////////////////////// if (!defined("PHORUM_ADMIN")) { return; } phorum_db_update_settings(array("status" => $_POST["status"])); phorum_redirect_by_url($PHORUM["admin_http_path"]); exit;
phorum_require_login(); include_once("./include/email_functions.php"); include_once("./include/format_functions.php"); define("PHORUM_CONTROL_CENTER", 1); // A user has to be logged in to use his control-center. if (!$PHORUM["DATA"]["LOGGEDIN"]) { phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); exit(); } // If the user is not fully logged in, send him to the login page. if(!$PHORUM["DATA"]["FULLY_LOGGEDIN"]){ phorum_redirect_by_url(phorum_get_url(PHORUM_LOGIN_URL, "redir=".PHORUM_CONTROLCENTER_URL)); exit(); } $error_msg = false; // Generating the panel id of the page to use. $panel = (!isset($PHORUM['args']['panel']) || empty($PHORUM["args"]['panel'])) ? PHORUM_CC_SUMMARY : $PHORUM["args"]['panel']; // Sometimes we set the panel id from a post-form. if (isset($_POST['panel'])) { $panel = $_POST['panel']; } // Set all our URLs.
$addcode = ""; if (isset($_POST['moddays']) && is_numeric($_POST['moddays'])) { $addcode .= "moddays=" . $_POST['moddays']; } if (isset($_POST['onlyunapproved']) && is_numeric($_POST['onlyunapproved'])) { if (!empty($addcode)) { $addcode .= ","; } $addcode .= "onlyunapproved=" . $_POST['onlyunapproved']; } $url = phorum_get_url(PHORUM_CONTROLCENTER_URL, "panel=" . PHORUM_CC_UNAPPROVED, $addcode); } else { $message = phorum_db_get_message($msgthd_id); $url = phorum_get_url(PHORUM_READ_URL, $message["thread"], $message["message_id"]); } phorum_redirect_by_url($url); exit; } $template = "message"; // set all our URL's phorum_build_common_urls(); // make it possible to override this var in a hook $is_admin_user = $PHORUM["user"]["admin"]; /* * [hook] * moderation * * [description] * This hook can be used for logging moderator actions. You can * use the <literal>$PHORUM</literal> array to retrieve additional info * like the moderating user's id and similar.<sbr/>
// just default root ... phorum_admin_set_vroot($cur_folder_id, 0, $cur_folder_id); } // we have now set this folder as vroot } elseif ($setvroot && ($oldfolder['vroot'] == 0 || $oldfolder['vroot'] != $cur_folder_id)) { if (!phorum_admin_set_vroot($cur_folder_id)) { $error = "Database error while setting virtual-root info."; } } // is there an else? } else { $error = "Database error while adding/updating folder."; } } if (empty($error)) { phorum_redirect_by_url("{$PHORUM["admin_http_path"]}?parent_id={$cur_folder["parent_id"]}"); exit; } foreach ($_POST as $key => $value) { ${$key} = $value; } $forum_settings = $_POST; if ($setvroot) { $vroot = $_POST["forum_id"]; } else { if ($_POST["forum_id"] != $oldfolder["vroot"]) { $vroot = $oldfolder["vroot"]; } else { $vroot = 0; } }
$PHORUM["DATA"]["MODERATOR"] = phorum_user_access_allowed(PHORUM_USER_ALLOW_MODERATE_MESSAGES); $msgthd_id = (isset($_POST["thread"])) ? (int)$_POST["thread"] : (int)$PHORUM['args'][2]; $mod_step = (isset($_POST["mod_step"])) ? (int)$_POST["mod_step"] : (int)$PHORUM['args'][1]; if(empty($msgthd_id) || !phorum_user_access_allowed(PHORUM_USER_ALLOW_MODERATE_MESSAGES)) { phorum_return_to_list(); } // If the user is not fully logged in, send him to the login page. // because moderation action can vary so much, the only safe bet is to send them // to the referrer if they are not fully logged in if(!$PHORUM["DATA"]["FULLY_LOGGEDIN"]){ phorum_redirect_by_url(phorum_get_url(PHORUM_LOGIN_URL, "redir=".$_SERVER["HTTP_REFERER"])); exit(); } $template="message"; // set all our URL's phorum_build_common_urls(); // make it possible to override this var in a hook $is_admin_user=$PHORUM["user"]["admin"]; // a hook for doing stuff in moderation, i.e. logging moderator-actions phorum_hook("moderation",$mod_step);
/** * A common function to check that a user is logged in */ function phorum_require_login() { $PHORUM = $GLOBALS['PHORUM']; if ( !$PHORUM["user"]["user_id"] ) { $url = phorum_get_url( PHORUM_LOGIN_URL, "redir=" . urlencode( $PHORUM["http_path"] . "/" . basename( $_SERVER["PHP_SELF"] ) . "?" . $_SERVER["QUERY_STRING"] ) ); phorum_redirect_by_url( $url ); exit(); } }
/** * Require that the user is logged in. * * A check is done to see if the user is logged in. * If not, then the user is redirected to the login page. */ function phorum_require_login() { $PHORUM = $GLOBALS['PHORUM']; if (!$PHORUM["user"]["user_id"]) { $url = phorum_get_url(PHORUM_LOGIN_URL, "redir=" . phorum_get_current_url()); phorum_redirect_by_url($url); exit; } }
// Redirecting to the registration or login page is a little weird, // so we just go to the list page if we came from one of those. elseif (isset($PHORUM['use_cookies']) && $PHORUM["use_cookies"] && !strstr($_POST["redir"], "register." . PHORUM_FILE_EXTENSION) && !strstr($_POST["redir"], "login." . PHORUM_FILE_EXTENSION)) { $redir = $_POST["redir"]; // By default, we redirect to the list page. } else { $redir = phorum_get_url( PHORUM_LIST_URL ); } // The hook "after_login" can be used by module writers to // set a custom redirect URL. $redir =phorum_hook( "after_login", $redir ); phorum_redirect_by_url($redir); exit(); } // Login failed. else { $error = $PHORUM["DATA"]["LANG"]["InvalidLogin"]; } } } // No data posted, so this is the first request. Here we set // a temporary cookie, so we can check if the user's browser // supports cookies. elseif($PHORUM["use_cookies"]) { setcookie( "phorum_tmp_cookie", "this will be destroyed once logged in", 0, $PHORUM["session_path"], $PHORUM["session_domain"] );
$new_checks = phorum_db_newflag_check(array_keys($forums)); } elseif ($PHORUM["show_new_on_index"] == 1) { $new_counts = phorum_db_newflag_count(array_keys($forums)); } } foreach ($forums as $forum) { if ($forum["folder_flag"]) { $forum["URL"]["LIST"] = phorum_get_url(PHORUM_INDEX_URL, $forum["forum_id"]); } else { if ($PHORUM["hide_forums"] && !phorum_api_user_check_access(PHORUM_USER_ALLOW_READ, $forum["forum_id"])) { continue; } $forum["url"] = phorum_get_url(PHORUM_LIST_URL, $forum["forum_id"]); // if there is only one forum in Phorum, redirect to it. if ($parent_id == 0 && count($forums) < 2) { phorum_redirect_by_url($forum['url']); exit; } if ($forum["message_count"] > 0) { $forum["raw_last_post"] = $forum["last_post_time"]; $forum["last_post"] = phorum_date($PHORUM["long_date_time"], $forum["last_post_time"]); } else { $forum["last_post"] = " "; } $forum["URL"]["LIST"] = phorum_get_url(PHORUM_LIST_URL, $forum["forum_id"]); if ($PHORUM["DATA"]["LOGGEDIN"]) { $forum["URL"]["MARK_READ"] = phorum_get_url(PHORUM_INDEX_URL, $forum["forum_id"], "markread", $PHORUM['forum_id']); } if (isset($PHORUM['use_rss']) && $PHORUM['use_rss']) { $forum["URL"]["FEED"] = phorum_get_url(PHORUM_FEED_URL, $forum["forum_id"], "type=" . $PHORUM["default_feed"]); }
$dest_url = phorum_get_url(PHORUM_READ_URL, $thread, $new_message, "page={$new_page}"); } else { // for threaded $dest_url = phorum_get_url(PHORUM_READ_URL, $thread, $new_message); } break; } if (empty($dest_url)) { if ($thread > 0) { $dest_url = phorum_get_url(PHORUM_READ_URL, $thread); } else { // we are either at the top or the bottom, go back to the list. $dest_url = phorum_get_url(PHORUM_LIST_URL); } } phorum_redirect_by_url($dest_url); exit; } $thread = (int) $PHORUM["args"][1]; $message_id = (int) $PHORUM["args"][2]; if (isset($PHORUM["args"][3]) && $PHORUM["args"][3] == "printview") { $PHORUM["DATA"]["PRINTVIEW"] = 1; } else { $PHORUM["DATA"]["PRINTVIEW"] = 0; } } //timing_mark("before database"); // determining the page if page isn't given and message_id != thread $page = 0; if (!$PHORUM["threaded_read"]) { if (isset($PHORUM['args']['page']) && is_numeric($PHORUM["args"]["page"]) && $PHORUM["args"]["page"] > 0) {
$forums_updated++; } } $PHORUM['forum_id'] = $old_forum_id; $okmsg .= "{$threads_updated} threads updated.<br />"; } if (isset($_POST['rebuild_searchdata']) && !empty($_POST['rebuild_searchdata'])) { $ret = phorum_db_rebuild_search_data(); $okmsg .= "Searchdata successfully rebuilt.<br />"; } if (isset($_POST['rebuild_userposts']) && !empty($_POST['rebuild_userposts'])) { $ret = phorum_db_rebuild_user_posts(); $okmsg .= "Postcounts for users updated.<br />"; } if (isset($_POST['rebuild_display_names']) && !empty($_POST['rebuild_display_names'])) { phorum_redirect_by_url($PHORUM['admin_http_path'] . "?module=update_display_names&request=integrity"); exit; } if (isset($_POST['rebuild_forumpaths']) && !empty($_POST['rebuild_forumpaths'])) { $forums = phorum_admin_build_path_array(); unset($forums[0]); foreach ($forums as $fid => $forumpath) { $update_forum = array('forum_id' => $fid, 'forum_path' => $forumpath); phorum_db_update_forum($update_forum); } $okmsg .= "Forum paths successfully rebuilt.<br />"; } } if ($error) { phorum_admin_error($error); } elseif ($okmsg) {