/**
* Tests the response of the response_prefix function
*/
function testReplaceBasicActionUrl()
{
global $scripturl, $context, $boardurl;
$testStrings = array('{forum_name}' => $context['forum_name'], '{forum_name_html_safe}' => $context['forum_name_html_safe'], '{script_url}' => $scripturl, '{board_url}' => $boardurl, '{login_url}' => $scripturl . '?action=login', '{register_url}' => $scripturl . '?action=register', '{activate_url}' => $scripturl . '?action=activate', '{help_url}' => $scripturl . '?action=help', '{admin_url}' => $scripturl . '?action=admin', '{moderate_url}' => $scripturl . '?action=moderate', '{recent_url}' => $scripturl . '?action=recent', '{search_url}' => $scripturl . '?action=search', '{who_url}' => $scripturl . '?action=who', '{credits_url}' => $scripturl . '?action=who;sa=credits', '{calendar_url}' => $scripturl . '?action=calendar', '{memberlist_url}' => $scripturl . '?action=memberlist', '{stats_url}' => $scripturl . '?action=stats');
foreach ($testStrings as $string => $value) {
$this->assertEqual(replaceBasicActionUrl($string), $value);
}
}
/**
* Shows a form to edit a forum mailing and its recipients.
*
* What it does:
* - Called by ?action=admin;area=news;sa=mailingcompose.
* - Requires the send_mail permission.
* - Form is submitted to ?action=admin;area=news;sa=mailingsend.
*
* @uses ManageNews template, email_members_compose sub-template.
*/
public function action_mailingcompose()
{
global $txt, $context;
// Setup the template!
$context['page_title'] = $txt['admin_newsletters'];
$context['sub_template'] = 'email_members_compose';
$context['subject'] = !empty($_POST['subject']) ? $_POST['subject'] : $context['forum_name'] . ': ' . htmlspecialchars($txt['subject'], ENT_COMPAT, 'UTF-8');
$context['message'] = !empty($_POST['message']) ? $_POST['message'] : htmlspecialchars($txt['message'] . "\n\n" . replaceBasicActionUrl($txt['regards_team']) . "\n\n" . '{$board_url}', ENT_COMPAT, 'UTF-8');
// Needed for the WYSIWYG editor.
require_once SUBSDIR . '/Editor.subs.php';
// Now create the editor.
$editorOptions = array('id' => 'message', 'value' => $context['message'], 'height' => '250px', 'width' => '100%', 'labels' => array('post_button' => $txt['sendtopic_send']), 'preview_type' => 2);
create_control_richedit($editorOptions);
if (isset($context['preview'])) {
require_once SUBSDIR . '/Mail.subs.php';
$context['recipients']['members'] = !empty($_POST['members']) ? explode(',', $_POST['members']) : array();
$context['recipients']['exclude_members'] = !empty($_POST['exclude_members']) ? explode(',', $_POST['exclude_members']) : array();
$context['recipients']['groups'] = !empty($_POST['groups']) ? explode(',', $_POST['groups']) : array();
$context['recipients']['exclude_groups'] = !empty($_POST['exclude_groups']) ? explode(',', $_POST['exclude_groups']) : array();
$context['recipients']['emails'] = !empty($_POST['emails']) ? explode(';', $_POST['emails']) : array();
$context['email_force'] = !empty($_POST['email_force']) ? 1 : 0;
$context['total_emails'] = !empty($_POST['total_emails']) ? (int) $_POST['total_emails'] : 0;
$context['max_id_member'] = !empty($_POST['max_id_member']) ? (int) $_POST['max_id_member'] : 0;
$context['send_pm'] = !empty($_POST['send_pm']) ? 1 : 0;
$context['send_html'] = !empty($_POST['send_html']) ? '1' : '0';
return prepareMailingForPreview();
}
// Start by finding any members!
$toClean = array();
if (!empty($_POST['members'])) {
$toClean[] = 'members';
}
if (!empty($_POST['exclude_members'])) {
$toClean[] = 'exclude_members';
}
if (!empty($toClean)) {
require_once SUBSDIR . '/Auth.subs.php';
foreach ($toClean as $type) {
// Remove the quotes.
$_POST[$type] = strtr((string) $_POST[$type], array('\\"' => '"'));
preg_match_all('~"([^"]+)"~', $_POST[$type], $matches);
$_POST[$type] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_POST[$type]))));
foreach ($_POST[$type] as $index => $member) {
if (strlen(trim($member)) > 0) {
$_POST[$type][$index] = Util::htmlspecialchars(Util::strtolower(trim($member)));
} else {
unset($_POST[$type][$index]);
}
}
// Find the members
$_POST[$type] = implode(',', array_keys(findMembers($_POST[$type])));
}
}
if (isset($_POST['member_list']) && is_array($_POST['member_list'])) {
$members = array();
foreach ($_POST['member_list'] as $member_id) {
$members[] = (int) $member_id;
}
$_POST['members'] = implode(',', $members);
}
if (isset($_POST['exclude_member_list']) && is_array($_POST['exclude_member_list'])) {
$members = array();
foreach ($_POST['exclude_member_list'] as $member_id) {
$members[] = (int) $member_id;
}
$_POST['exclude_members'] = implode(',', $members);
}
// Clean the other vars.
$this->action_mailingsend(true);
// We need a couple strings from the email template file
loadLanguage('EmailTemplates');
require_once SUBSDIR . '/News.subs.php';
// Get a list of all full banned users. Use their Username and email to find them.
// Only get the ones that can't login to turn off notification.
$context['recipients']['exclude_members'] = excludeBannedMembers();
// Did they select moderators - if so add them as specific members...
if (!empty($context['recipients']['groups']) && in_array(3, $context['recipients']['groups']) || !empty($context['recipients']['exclude_groups']) && in_array(3, $context['recipients']['exclude_groups'])) {
$mods = getModerators();
foreach ($mods as $row) {
if (in_array(3, $context['recipients'])) {
$context['recipients']['exclude_members'][] = $row;
} else {
$context['recipients']['members'][] = $row;
}
}
}
require_once SUBSDIR . '/Members.subs.php';
// For progress bar!
$context['total_emails'] = count($context['recipients']['emails']);
$context['max_id_member'] = maxMemberID();
// Clean up the arrays.
$context['recipients']['members'] = array_unique($context['recipients']['members']);
$context['recipients']['exclude_members'] = array_unique($context['recipients']['exclude_members']);
}
/**
* Allows the admin to choose from predefined and custom templates
*
* - Uses the selected template to send a bounce notification with
* details as specified by the template
* - Accessd by ?action=admin;area=maillist;sa=bounce;item=?'
* - Redirects to action=admin;area=maillist;sa=bounced
*
* @uses bounce_email sub-template
*/
public function action_bounce_email()
{
global $context, $txt, $modSettings, $scripturl, $mbname;
if (!isset($_REQUEST['bounce'])) {
checkSession('get');
validateToken('admin-ml', 'get');
}
require_once SUBSDIR . '/Mail.subs.php';
// We should have been sent an email ID
if (isset($_REQUEST['item'])) {
// Needs to be an int!
$id = (int) $_REQUEST['item'];
// Load up the email details, no funny biz yall ;)
$temp_email = list_maillist_unapproved($id);
if (!empty($temp_email)) {
// Set the options
$_POST['item'] = (int) $temp_email[0]['id_email'];
$fullerrortext = $txt[$temp_email[0]['error_code']];
// Build the template selection area, first the standard ones
$bounce = array('bounce', 'inform');
foreach ($bounce as $k => $type) {
$context['bounce_templates'][$k]['body'] = $txt['ml_' . $type . '_body'];
$context['bounce_templates'][$k]['subject'] = $txt['ml_' . $type . '_subject'];
$context['bounce_templates'][$k]['title'] = $txt['ml_' . $type . '_title'];
}
// And now any custom ones available for this moderator
$context['bounce_templates'] += array_merge($context['bounce_templates'], maillist_templates('bnctpl', $txt['ml_bounce_template_subject_default']));
// Replace all the variables in the templates
foreach ($context['bounce_templates'] as $k => $name) {
$context['bounce_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($temp_email[0]['name']), '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => replaceBasicActionUrl($txt['regards_team']), '{SUBJECT}' => $temp_email[0]['subject'], '{ERROR}' => $fullerrortext, '{FORUMNAME}' => $mbname, '{FORUMNAMESHORT}' => !empty($modSettings['maillist_sitename']) ? $modSettings['maillist_sitename'] : $mbname, '{EMAILREGARDS}' => !empty($modSettings['maillist_sitename_regards']) ? $modSettings['maillist_sitename_regards'] : ''));
}
} else {
$context['settings_message'] = $txt['badid'];
}
} else {
$context['settings_message'] = $txt['badid'];
}
// Check if they are sending the notice
if (isset($_REQUEST['bounce']) && isset($temp_email)) {
checkSession('post');
validateToken('admin-ml');
// They did check the box, how else could they have posted
if (isset($_POST['warn_notify'])) {
// lets make sure we have the items to send it
$check_emails = explode('=>', $temp_email[0]['from']);
$to = trim($check_emails[0]);
$subject = trim($_POST['warn_sub']);
$body = trim($_POST['warn_body']);
if (empty($body) || empty($subject)) {
$context['settings_message'] = $txt['bad_bounce'];
} else {
// Time for someone to get a we're so sorry message!
sendmail($to, $subject, $body, null, null, false, 5);
redirectexit('action=admin;area=maillist;bounced');
}
}
}
// Prepare and show the template
createToken('admin-ml');
$context['warning_data'] = array('notify' => '', 'notify_subject' => '', 'notify_body' => '');
$context['body'] = isset($fullerrortext) ? parse_bbc($fullerrortext) : '';
$context['item'] = isset($_POST['item']) ? $_POST['item'] : '';
$context['notice_to'] = $txt['to'] . ' ' . isset($temp_email[0]['from']) ? $temp_email[0]['from'] : '';
$context['page_title'] = $txt['bounce_title'];
$context['sub_template'] = 'bounce_email';
}
/**
* This function will display the contact information for the forum, as well a form to fill in.
* Accessed by action=coppa
*/
public function action_coppa()
{
global $context, $modSettings, $txt;
loadLanguage('Login');
loadTemplate('Register');
// No User ID??
if (!isset($_GET['member'])) {
fatal_lang_error('no_access', false);
}
// Get the user details...
require_once SUBSDIR . '/Members.subs.php';
$member = getBasicMemberData((int) $_GET['member'], array('authentication' => true));
// If doesn't exist or not pending coppa
if (empty($member) || $member['is_activated'] != 5) {
fatal_lang_error('no_access', false);
}
if (isset($_GET['form'])) {
// Some simple contact stuff for the forum.
$context['forum_contacts'] = (!empty($modSettings['coppaPost']) ? $modSettings['coppaPost'] . '<br /><br />' : '') . (!empty($modSettings['coppaFax']) ? $modSettings['coppaFax'] . '<br />' : '');
$context['forum_contacts'] = !empty($context['forum_contacts']) ? $context['forum_name_html_safe'] . '<br />' . $context['forum_contacts'] : '';
// Showing template?
if (!isset($_GET['dl'])) {
// Shortcut for producing underlines.
$context['ul'] = '<u> </u>';
Template_Layers::getInstance()->removeAll();
$context['sub_template'] = 'coppa_form';
$context['page_title'] = replaceBasicActionUrl($txt['coppa_form_title']);
$context['coppa_body'] = str_replace(array('{PARENT_NAME}', '{CHILD_NAME}', '{USER_NAME}'), array($context['ul'], $context['ul'], $member['member_name']), replaceBasicActionUrl($txt['coppa_form_body']));
} else {
// The data.
$ul = ' ';
$crlf = "\r\n";
$data = $context['forum_contacts'] . $crlf . $txt['coppa_form_address'] . ':' . $crlf . $txt['coppa_form_date'] . ':' . $crlf . $crlf . $crlf . replaceBasicActionUrl($txt['coppa_form_body']);
$data = str_replace(array('{PARENT_NAME}', '{CHILD_NAME}', '{USER_NAME}', '<br>', '<br />'), array($ul, $ul, $member['member_name'], $crlf, $crlf), $data);
// Send the headers.
header('Connection: close');
header('Content-Disposition: attachment; filename="approval.txt"');
header('Content-Type: ' . (isBrowser('ie') || isBrowser('opera') ? 'application/octetstream' : 'application/octet-stream'));
header('Content-Length: ' . count($data));
echo $data;
obExit(false);
}
} else {
$context += array('page_title' => $txt['coppa_title'], 'sub_template' => 'coppa');
$context['coppa'] = array('body' => str_replace('{MINIMUM_AGE}', $modSettings['coppaAge'], replaceBasicActionUrl($txt['coppa_after_registration'])), 'many_options' => !empty($modSettings['coppaPost']) && !empty($modSettings['coppaFax']), 'post' => empty($modSettings['coppaPost']) ? '' : $modSettings['coppaPost'], 'fax' => empty($modSettings['coppaFax']) ? '' : $modSettings['coppaFax'], 'phone' => empty($modSettings['coppaPhone']) ? '' : str_replace('{PHONE_NUMBER}', $modSettings['coppaPhone'], $txt['coppa_send_by_phone']), 'id' => $_GET['member']);
}
}
/**
* Display a welcome message, like:
* "Hey, User, you have 0 messages, 0 are new."
*
* @param string $output_method
*/
function ssi_welcome($output_method = 'echo')
{
global $context, $txt, $scripturl;
if ($output_method == 'echo') {
if ($context['user']['is_guest']) {
echo replaceBasicActionUrl($txt[$context['can_register'] ? 'welcome_guest_register' : 'welcome_guest']);
} else {
echo $txt['hello_member'], ' <strong>', $context['user']['name'], '</strong>', allowedTo('pm_read') ? ', ' . (empty($context['user']['messages']) ? $txt['msg_alert_no_messages'] : ($context['user']['messages'] == 1 ? sprintf($txt['msg_alert_one_message'], $scripturl . '?action=pm') : sprintf($txt['msg_alert_many_message'], $scripturl . '?action=pm', $context['user']['messages'])) . ', ' . ($context['user']['unread_messages'] == 1 ? $txt['msg_alert_one_new'] : sprintf($txt['msg_alert_many_new'], $context['user']['unread_messages']))) : '';
}
} else {
return $context['user'];
}
}
/**
* Load a template from EmailTemplates language file.
*
* @package Mail
* @param string $template
* @param mixed[] $replacements
* @param string $lang = ''
* @param bool $loadLang = true
*/
function loadEmailTemplate($template, $replacements = array(), $lang = '', $loadLang = true)
{
global $txt, $mbname, $scripturl, $settings, $boardurl, $modSettings;
// First things first, load up the email templates language file, if we need to.
if ($loadLang) {
loadLanguage('EmailTemplates', $lang);
if (!empty($modSettings['maillist_enabled'])) {
loadLanguage('MaillistTemplates', $lang);
}
}
if (!isset($txt[$template . '_subject']) || !isset($txt[$template . '_body'])) {
fatal_lang_error('email_no_template', 'template', array($template));
}
$ret = array('subject' => $txt[$template . '_subject'], 'body' => $txt[$template . '_body']);
// Add in the default replacements.
$replacements += array('FORUMNAME' => $mbname, 'FORUMNAMESHORT' => !empty($modSettings['maillist_sitename']) ? $modSettings['maillist_sitename'] : $mbname, 'EMAILREGARDS' => !empty($modSettings['maillist_sitename_regards']) ? $modSettings['maillist_sitename_regards'] : '', 'FORUMURL' => $boardurl, 'SCRIPTURL' => $scripturl, 'THEMEURL' => $settings['theme_url'], 'IMAGESURL' => $settings['images_url'], 'DEFAULT_THEMEURL' => $settings['default_theme_url'], 'REGARDS' => replaceBasicActionUrl($txt['regards_team']));
// Split the replacements up into two arrays, for use with str_replace
$find = array();
$replace = array();
foreach ($replacements as $f => $r) {
$find[] = '{' . $f . '}';
$replace[] = $r;
}
// Do the variable replacements.
$ret['subject'] = str_replace($find, $replace, $ret['subject']);
$ret['body'] = str_replace($find, $replace, $ret['body']);
// Now deal with the {USER.variable} items.
$ret['subject'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['subject']);
$ret['body'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['body']);
// Finally return the email to the caller so they can send it out.
return $ret;
}
/**
* Used to preview custom email bounce templates before they are saved for use
*/
public function action_bounce_preview()
{
global $context, $txt, $scripturl, $mbname, $modSettings;
require_once SUBSDIR . '/Post.subs.php';
loadLanguage('Errors');
loadLanguage('ModerationCenter');
$context['post_error']['errors'] = array();
// If you can't approve emails, what are you doing here?
if (allowedTo('approve_emails')) {
$body = !empty($_POST['body']) ? trim(censorText($_POST['body'])) : '';
$context['preview_subject'] = !empty($_POST['title']) ? trim(Util::htmlspecialchars($_POST['title'])) : '';
if (isset($_POST['issuing'])) {
if (empty($_POST['title']) || empty($_POST['body'])) {
$context['post_error']['errors'][] = $txt['warning_notify_blank'];
}
} else {
if (empty($_POST['title'])) {
$context['post_error']['errors'][] = $txt['mc_warning_template_error_no_title'];
}
if (empty($_POST['body'])) {
$context['post_error']['errors'][] = $txt['mc_warning_template_error_no_body'];
}
// Add in few replacements.
/**
* These are the defaults:
* - {FORUMNAME} - Forum Name, the full name with all the bells
* - {FORUMNAMESHORT} - Short and simple name
* - {SCRIPTURL} - Web address of forum.
* - {ERROR} - The error that was generated by the post, its unique to the post so can't render it here
* - {SUBJECT} - The subject of the email thats being discussed, unique to the post so can't render it here
* - {REGARDS} - Standard email sign-off.
* - {EMAILREGARDS} - Maybe a bit more friendly sign-off.
*/
$find = array('{FORUMNAME}', '{FORUMNAMESHORT}', '{SCRIPTURL}', '{REGARDS}', '{EMAILREGARDS}');
$replace = array($mbname, !empty($modSettings['maillist_sitename']) ? $modSettings['maillist_sitename'] : $mbname, $scripturl, replaceBasicActionUrl($txt['regards_team']), !empty($modSettings['maillist_sitename_regards']) ? $modSettings['maillist_sitename_regards'] : '');
$body = str_replace($find, $replace, $body);
}
// Deal with any BBC so it looks good for the preview
if (!empty($_POST['body'])) {
preparsecode($body);
$body = parse_bbc($body, true);
}
$context['preview_message'] = $body;
}
$context['sub_template'] = 'generic_preview';
}
/**
* Allow the user to change the forum options in their profile.
*
*/
public function action_forumProfile()
{
global $context, $txt;
$memID = currentMemberID();
loadTemplate('ProfileOptions');
loadThemeOptions($memID);
if (allowedTo(array('profile_extra_own', 'profile_extra_any'))) {
loadCustomFields($memID, 'forumprofile');
}
$context['sub_template'] = 'edit_options';
$context['page_desc'] = replaceBasicActionUrl($txt['forumProfile_info']);
$context['show_preview_button'] = true;
setupProfileContext(array('avatar_choice', 'hr', 'personal_text', 'hr', 'bday1', 'location', 'gender', 'hr', 'usertitle', 'signature', 'hr', 'karma_good', 'hr', 'website_title', 'website_url'), 'forum');
}
/**
* Set any setting related to paid subscriptions,
*
* - i.e. modify which payment methods are to be used.
* - It requires the moderate_forum permission
* - Accessed from ?action=admin;area=paidsubscribe;sa=settings.
*/
public function action_paidSettings_display()
{
global $context, $txt, $scripturl;
require_once SUBSDIR . '/PaidSubscriptions.subs.php';
// Initialize the form
$this->_init_paidSettingsForm();
$config_vars = $this->_paidSettings->settings();
// Now load all the other gateway settings.
$gateways = loadPaymentGateways();
foreach ($gateways as $gateway) {
$gatewayClass = new $gateway['display_class']();
$setting_data = $gatewayClass->getGatewaySettings();
if (!empty($setting_data)) {
$config_vars[] = array('title', $gatewayClass->title, 'text_label' => isset($txt['paidsubs_gateway_title_' . $gatewayClass->title]) ? $txt['paidsubs_gateway_title_' . $gatewayClass->title] : $gatewayClass->title);
$config_vars = array_merge($config_vars, $setting_data);
}
}
// Some important context stuff
$context['page_title'] = $txt['settings'];
$context['sub_template'] = 'show_settings';
$context['settings_message'] = replaceBasicActionUrl($txt['paid_note']);
$context[$context['admin_menu_name']]['current_subsection'] = 'settings';
// Get the final touches in place.
$context['post_url'] = $scripturl . '?action=admin;area=paidsubscribe;save;sa=settings';
$context['settings_title'] = $txt['settings'];
// We want javascript for our currency options.
addInlineJavascript('
toggleCurrencyOther();', true);
// Saving the settings?
if (isset($_GET['save'])) {
checkSession();
call_integration_hook('integrate_save_subscription_settings');
// Check that the entered email addresses are valid
if (!empty($_POST['paid_email_to'])) {
require_once SUBSDIR . '/DataValidator.class.php';
$validator = new Data_Validator();
// Some cleaning and some rules
$validator->sanitation_rules(array('paid_email_to' => 'trim'));
$validator->validation_rules(array('paid_email_to' => 'valid_email'));
$validator->input_processing(array('paid_email_to' => 'csv'));
$validator->text_replacements(array('paid_email_to' => $txt['paid_email_to']));
if ($validator->validate($_POST)) {
$_POST['paid_email_to'] = $validator->paid_email_to;
} else {
// Thats not an email, lets set it back in the form to be fixed and let them know its wrong
$config_vars[1]['value'] = $_POST['paid_email_to'];
$context['error_type'] = 'minor';
$context['settings_message'] = array();
foreach ($validator->validation_errors() as $id => $error) {
$context['settings_message'][] = $error;
}
}
}
// No errors, then save away
if (empty($context['error_type'])) {
// Sort out the currency stuff.
if ($_POST['paid_currency'] != 'other') {
$_POST['paid_currency_code'] = $_POST['paid_currency'];
$_POST['paid_currency_symbol'] = $txt[$_POST['paid_currency'] . '_symbol'];
}
$_POST['paid_currency_code'] = trim($_POST['paid_currency_code']);
unset($config_vars['dummy_currency']);
Settings_Form::save_db($config_vars);
redirectexit('action=admin;area=paidsubscribe;sa=settings');
}
}
// Prepare the settings...
Settings_Form::prepare_db($config_vars);
}
/**
* User info block, shows avatar, group, icons, posts, karma, etc.
*
* @param mixed[] $parameters not used in this block
* @param int $id - not used in this block
* @param boolean $return_parameters if true returns the configuration options for the block
*/
function sp_userInfo($parameters, $id, $return_parameters = false)
{
global $context, $txt, $scripturl, $memberContext, $modSettings, $user_info, $color_profile, $settings;
$block_parameters = array();
if ($return_parameters) {
return $block_parameters;
}
echo '
<div class="centertext">';
// Show the guests a login area
if ($context['user']['is_guest']) {
echo '
<script src="' . $settings['default_theme_url'] . '/scripts/sha256.js"></script>
<form action="', $scripturl, '?action=login2;quicklogin" method="post" accept-charset="UTF-8"', empty($context['disable_login_hashing']) ? ' onsubmit="hashLoginPassword(this, \'' . $context['session_id'] . '\');"' : '', ' >
<table>
<tr>
<td class="righttext">
<label for="sp_user">', $txt['username'], ':</label>
</td>
<td>
<input type="text" id="sp_user" name="user" size="8" value="', !empty($user_info['username']) ? $user_info['username'] : '', '" />
</td>
</tr>
<tr>
<td class="righttext">
<label for="sp_passwrd">', $txt['password'], ':</label>
</td>
<td>
<input type="password" name="passwrd" id="sp_passwrd" size="8" />
</td>
</tr>
<tr>
<td>
<label for="cookielength">
<select id="cookielength" name="cookielength">
<option value="60">', $txt['one_hour'], '</option>
<option value="1440">', $txt['one_day'], '</option>
<option value="10080">', $txt['one_week'], '</option>
<option value="43200">', $txt['one_month'], '</option>
<option value="-1" selected="selected">', $txt['forever'], '</option>
</select>
</label>
</td>
<td>
<input type="submit" value="', $txt['login'], '" class="button_submit" />
</td>
</tr>
</table>
<input type="hidden" name="hash_passwrd" value="" />
<input type="hidden" name="old_hash_passwrd" value="" />
<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
<input type="hidden" name="', $context['login_token_var'], '" value="', $context['login_token'], '" />
</form>', replaceBasicActionUrl($txt[$context['can_register'] ? 'welcome_guest_register' : 'welcome_guest']);
} else {
// load up the members details
loadMemberData($user_info['id']);
loadMemberContext($user_info['id'], true);
$member_info = $memberContext[$user_info['id']];
if (sp_loadColors($member_info['id']) !== false) {
$member_info['colored_name'] = $color_profile[$member_info['id']]['colored_name'];
}
$member_info['karma']['total'] = $member_info['karma']['good'] - $member_info['karma']['bad'];
echo '
', $txt['hello_member'], ' <strong>', !empty($member_info['colored_name']) ? $member_info['colored_name'] : $member_info['name'], '</strong>
<br /><br />';
if (!empty($member_info['avatar']['image'])) {
echo '
<a href="', $scripturl, '?action=profile;u=', $member_info['id'], '">', $member_info['avatar']['image'], '</a>
<br />';
}
if (!empty($member_info['group'])) {
echo '
', $member_info['group'], '<br />';
} else {
echo '
', $member_info['post_group'], '<br />';
}
echo '
', $member_info['group_icons'], '
<br />
<br />
<ul class="sp_list">
<li ', sp_embed_class('dot'), '>
<strong>', $txt['posts'], ':</strong> ', $member_info['posts'], '
</li>';
if (!empty($modSettings['karmaMode'])) {
echo '
<li ', sp_embed_class('dot'), '>
<strong>', $modSettings['karmaLabel'], '
</strong> ';
if ($modSettings['karmaMode'] == 1) {
echo $member_info['karma']['total'];
} elseif ($modSettings['karmaMode'] == 2) {
echo '+', $member_info['karma']['good'], '/-', $member_info['karma']['bad'];
}
echo '</li>';
}
// What do they like?
if (!empty($modSettings['likes_enabled'])) {
echo '
<li ', sp_embed_class('dot'), '>
<strong>', $txt['likes'], ': </strong><a href="', $scripturl, '?action=profile;area=showlikes;sa=given;u=', $user_info['id'], '">', $member_info['likes']['given'], ' <span ', sp_embed_class('given'), '></span></a> / <a href="', $scripturl, '?action=profile;area=showlikes;sa=received;u=', $user_info['id'], '">', $member_info['likes']['received'], ' <span ', sp_embed_class('received'), '></span></a></li>';
}
if (allowedTo('pm_read')) {
echo '
<li ', sp_embed_class('dot'), '>
<strong>', $txt['sp-usertmessage'], ': </strong><a href="', $scripturl, '?action=pm">', $context['user']['messages'], '</a>
</li>
<li ', sp_embed_class('dot'), '>
<strong>', $txt['sp-usernmessage'], ': </strong> ', $context['user']['unread_messages'], '
</li>';
}
echo '
<li ', sp_embed_class('dot'), '>
<a href="', $scripturl, '?action=unread">', $txt['unread_topics_visit'], '</a>
</li>
<li ', sp_embed_class('dot'), '>
<a href="', $scripturl, '?action=unreadreplies">', $txt['unread_replies'], '</a>
</li>
</ul>
<br />
<a class="dot arrow" href="', $scripturl, '?action=profile">', $txt['profile'], '</a>
<a class="dot arrow" href="', $scripturl, '?action=logout;sesc=', $context['session_id'], '">', $txt['logout'], '</a>';
}
echo '
</div>';
}
function show_footer()
{
global $boardurl, $forum_copyright, $forum_version;
echo '
</div>
<div style="clear: left">
', replaceBasicActionUrl(sprintf($forum_copyright, 'ElkArte' . $forum_version)), '
</div>
</div>';
/* Below is the hefty javascript for this. Upon opening the page it checks the current file versions with ones
held at simplemachines.org and works out if they are up to date. If they aren't it colors that files number
red. It also contains the function, swapOption, that toggles showing the detailed information for each of the
file catorgories. (sources, languages, and templates.) */
echo '
<script src="', $boardurl, '/themes/default/scripts/script.js"></script>
<script><!-- // --><![CDATA[
var swaps = {};
function swapOption(sendingElement, name)
{
// If it is undefined, or currently off, turn it on - otherwise off.
swaps[name] = typeof(swaps[name]) == "undefined" || !swaps[name];
document.getElementById(name).style.display = swaps[name] ? "" : "none";
// Unselect the link and return false.
sendingElement.blur();
return false;
}
function siteDetermineVersions()
{
document.getElementById("sources").style.display = "none";
document.getElementById("admin").style.display = "none";
document.getElementById("subs").style.display = "none";
document.getElementById("controllers").style.display = "none";
document.getElementById("database").style.display = "none";
document.getElementById("Languages").style.display = "none";
document.getElementById("default").style.display = "none";
if (document.getElementById("Templates"))
document.getElementById("Templates").style.display = "none";
}
function smfHideDbColumns()
{
if (typeof(window.databaseTables) == "undefined")
window.databaseTables = {};
for (var filename in window.databaseTables)
{
if (!document.getElementById(filename))
continue;
document.getElementById(filename).style.display = "none";
}
}
// ]]></script>';
echo '
<script><!-- // --><![CDATA[
addLoadEvent(function() {
siteDetermineVersions();
smfHideDbColumns();
});
// ]]></script>';
echo '
</body>
</html>
';
}
/**
* Outputs xml data representing recent information or a profile.
*
* What it does:
* - Can be passed 4 subactions which decide what is output:
* 'recent' for recent posts,
* 'news' for news topics,
* 'members' for recently registered members,
* 'profile' for a member's profile.
* - To display a member's profile, a user id has to be given. (;u=1) e.g. ?action=.xml;sa=profile;u=1;type=atom
* - Outputs an rss feed instead of a proprietary one if the 'type' $_GET
* parameter is 'rss' or 'rss2'.
* - Accessed via ?action=.xml
* - Does not use any templates, sub templates, or template layers.
*
* @uses Stats language file.
*/
public function action_showfeed()
{
global $board, $board_info, $context, $scripturl, $boardurl, $txt, $modSettings, $user_info;
global $forum_version, $cdata_override, $settings;
// If it's not enabled, die.
if (empty($modSettings['xmlnews_enable'])) {
obExit(false);
}
loadLanguage('Stats');
$txt['xml_rss_desc'] = replaceBasicActionUrl($txt['xml_rss_desc']);
// Default to latest 5. No more than whats defined in the ACP or 255
$limit = empty($modSettings['xmlnews_limit']) ? 5 : min($modSettings['xmlnews_limit'], 255);
$this->_limit = empty($_GET['limit']) || (int) $_GET['limit'] < 1 ? $limit : min((int) $_GET['limit'], $limit);
// Handle the cases where a board, boards, or category is asked for.
$this->_query_this_board = '1=1';
$context['optimize_msg'] = array('highest' => 'm.id_msg <= b.id_last_msg');
if (!empty($_REQUEST['c']) && empty($board)) {
$categories = array_map('intval', explode(',', $_REQUEST['c']));
if (count($categories) == 1) {
require_once SUBSDIR . '/Categories.subs.php';
$feed_title = categoryName($categories[0]);
$feed_title = ' - ' . strip_tags($feed_title);
}
require_once SUBSDIR . '/Boards.subs.php';
$boards_posts = boardsPosts(array(), $categories);
$total_cat_posts = array_sum($boards_posts);
$boards = array_keys($boards_posts);
if (!empty($boards)) {
$this->_query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
}
// Try to limit the number of messages we look through.
if ($total_cat_posts > 100 && $total_cat_posts > $modSettings['totalMessages'] / 15) {
$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 400 - $this->_limit * 5);
}
} elseif (!empty($_REQUEST['boards'])) {
require_once SUBSDIR . '/Boards.subs.php';
$query_boards = array_map('intval', explode(',', $_REQUEST['boards']));
$boards_data = fetchBoardsInfo(array('boards' => $query_boards), array('selects' => 'detailed'));
// Either the board specified doesn't exist or you have no access.
$num_boards = count($boards_data);
if ($num_boards == 0) {
fatal_lang_error('no_board');
}
$total_posts = 0;
$boards = array_keys($boards_data);
foreach ($boards_data as $row) {
if ($num_boards == 1) {
$feed_title = ' - ' . strip_tags($row['name']);
}
$total_posts += $row['num_posts'];
}
$this->_query_this_board = 'b.id_board IN (' . implode(', ', $boards) . ')';
// The more boards, the more we're going to look through...
if ($total_posts > 100 && $total_posts > $modSettings['totalMessages'] / 12) {
$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 500 - $this->_limit * 5);
}
} elseif (!empty($board)) {
require_once SUBSDIR . '/Boards.subs.php';
$boards_data = fetchBoardsInfo(array('boards' => $board), array('selects' => 'posts'));
$feed_title = ' - ' . strip_tags($board_info['name']);
$this->_query_this_board = 'b.id_board = ' . $board;
// Try to look through just a few messages, if at all possible.
if ($boards_data[$board]['num_posts'] > 80 && $boards_data[$board]['num_posts'] > $modSettings['totalMessages'] / 10) {
$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 600 - $this->_limit * 5);
}
} else {
$this->_query_this_board = '{query_see_board}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
AND b.id_board != ' . $modSettings['recycle_board'] : '');
$context['optimize_msg']['lowest'] = 'm.id_msg >= ' . max(0, $modSettings['maxMsgID'] - 100 - $this->_limit * 5);
}
// If format isn't set, rss2 is default
$xml_format = isset($_GET['type']) && in_array($_GET['type'], array('rss', 'rss2', 'atom', 'rdf', 'webslice')) ? $_GET['type'] : 'rss2';
// List all the different types of data they can pull.
$subActions = array('recent' => array('action_xmlrecent'), 'news' => array('action_xmlnews'), 'members' => array('action_xmlmembers'), 'profile' => array('action_xmlprofile'));
// Easy adding of sub actions
call_integration_hook('integrate_xmlfeeds', array(&$subActions));
$subAction = isset($_GET['sa']) && isset($subActions[$_GET['sa']]) ? $_GET['sa'] : 'recent';
// Webslices doesn't do everything (yet? ever?) so for now only recent posts is allowed in that format
if ($xml_format == 'webslice' && $subAction != 'recent') {
$xml_format = 'rss2';
} elseif ($xml_format == 'webslice') {
$context['user'] += $user_info;
$cdata_override = true;
loadTemplate('Xml');
}
// We only want some information, not all of it.
$cachekey = array($xml_format, $_GET['action'], $this->_limit, $subAction);
foreach (array('board', 'boards', 'c') as $var) {
if (isset($_REQUEST[$var])) {
$cachekey[] = $_REQUEST[$var];
}
}
$cachekey = md5(serialize($cachekey) . (!empty($this->_query_this_board) ? $this->_query_this_board : ''));
$cache_t = microtime(true);
// Get the associative array representing the xml.
if (!empty($modSettings['cache_enable']) && (!$user_info['is_guest'] || $modSettings['cache_enable'] >= 3)) {
$xml = cache_get_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, 240);
}
if (empty($xml)) {
$xml = $this->{$subActions[$subAction][0]}($xml_format);
if (!empty($modSettings['cache_enable']) && ($user_info['is_guest'] && $modSettings['cache_enable'] >= 3 || !$user_info['is_guest'] && microtime(true) - $cache_t > 0.2)) {
cache_put_data('xmlfeed-' . $xml_format . ':' . ($user_info['is_guest'] ? '' : $user_info['id'] . '-') . $cachekey, $xml, 240);
}
}
$feed_title = encode_special(strip_tags(un_htmlspecialchars($context['forum_name']) . (isset($feed_title) ? $feed_title : '')));
// This is an xml file....
@ob_end_clean();
if (!empty($modSettings['enableCompressedOutput'])) {
ob_start('ob_gzhandler');
} else {
ob_start();
}
if (isset($_REQUEST['debug'])) {
header('Content-Type: text/xml; charset=UTF-8');
} elseif ($xml_format == 'rss' || $xml_format == 'rss2' || $xml_format == 'webslice') {
header('Content-Type: application/rss+xml; charset=UTF-8');
} elseif ($xml_format == 'atom') {
header('Content-Type: application/atom+xml; charset=UTF-8');
} elseif ($xml_format == 'rdf') {
header('Content-Type: ' . (isBrowser('ie') ? 'text/xml' : 'application/rdf+xml') . '; charset=UTF-8');
}
// First, output the xml header.
echo '<?xml version="1.0" encoding="UTF-8"?' . '>';
// Are we outputting an rss feed or one with more information?
if ($xml_format == 'rss' || $xml_format == 'rss2') {
// Start with an RSS 2.0 header.
echo '
<rss version=', $xml_format == 'rss2' ? '"2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"' : '"0.92"', ' xml:lang="', strtr($txt['lang_locale'], '_', '-'), '">
<channel>
<title>', $feed_title, '</title>
<link>', $scripturl, '</link>
<description><![CDATA[', un_htmlspecialchars(strip_tags($txt['xml_rss_desc'])), ']]></description>
<generator>ElkArte</generator>
<ttl>30</ttl>
<image>
<url>', $settings['default_theme_url'], '/images/logo.png</url>
<title>', $feed_title, '</title>
<link>', $scripturl, '</link>
</image>';
// Output all of the associative array, start indenting with 2 tabs, and name everything "item".
dumpTags($xml, 2, 'item', $xml_format);
// Output the footer of the xml.
echo '
</channel>
</rss>';
} elseif ($xml_format == 'webslice') {
// Format specification http://msdn.microsoft.com/en-us/library/cc304073%28VS.85%29.aspx
// Known browsers to support webslices: IE8, IE9, Firefox with Webchunks addon.
// It uses RSS 2.
// We send a feed with recent posts, and alerts for PMs for logged in users
$context['recent_posts_data'] = $xml;
$context['can_pm_read'] = allowedTo('pm_read');
// This always has RSS 2
echo '
<rss version="2.0" xmlns:mon="http://www.microsoft.com/schemas/rss/monitoring/2007" xml:lang="', strtr($txt['lang_locale'], '_', '-'), '">
<channel>
<title>', $feed_title, ' - ', $txt['recent_posts'], '</title>
<link>', $scripturl, '?action=recent</link>
<description><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></description>
<item>
<title>', $feed_title, ' - ', $txt['recent_posts'], '</title>
<link>', $scripturl, '?action=recent</link>
<description><![CDATA[
', template_webslice_header_above(), '
', template_webslice_recent_posts(), '
]]></description>
</item>
</channel>
</rss>';
} elseif ($xml_format == 'atom') {
$url_parts = array();
foreach (array('board', 'boards', 'c') as $var) {
if (isset($_REQUEST[$var])) {
$url_parts[] = $var . '=' . (is_array($_REQUEST[$var]) ? implode(',', $_REQUEST[$var]) : $_REQUEST[$var]);
}
}
echo '
<feed xmlns="http://www.w3.org/2005/Atom">
<title>', $feed_title, '</title>
<link rel="alternate" type="text/html" href="', $scripturl, '" />
<link rel="self" type="application/rss+xml" href="', $scripturl, '?type=atom;action=.xml', !empty($url_parts) ? ';' . implode(';', $url_parts) : '', '" />
<id>', $scripturl, '</id>
<icon>', $boardurl, '/favicon.ico</icon>
<updated>', gmstrftime('%Y-%m-%dT%H:%M:%SZ'), '</updated>
<subtitle><![CDATA[', strip_tags(un_htmlspecialchars($txt['xml_rss_desc'])), ']]></subtitle>
<generator uri="http://www.elkarte.net" version="', strtr($forum_version, array('ElkArte' => '')), '">ElkArte</generator>
<author>
<name>', strip_tags(un_htmlspecialchars($context['forum_name'])), '</name>
</author>';
dumpTags($xml, 2, 'entry', $xml_format);
echo '
</feed>';
} else {
echo '
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns="http://purl.org/rss/1.0/">
<channel rdf:about="', $scripturl, '">
<title>', $feed_title, '</title>
<link>', $scripturl, '</link>
<description><![CDATA[', strip_tags($txt['xml_rss_desc']), ']]></description>
<items>
<rdf:Seq>';
foreach ($xml as $item) {
echo '
<rdf:li rdf:resource="', $item['link'], '" />';
}
echo '
</rdf:Seq>
</items>
</channel>
';
dumpTags($xml, 1, 'item', $xml_format);
echo '
</rdf:RDF>';
}
obExit(false);
}
/**
* The credits section in admin panel.
*
* What it does:
* - Determines the current level of support functions from the server, such as
* current level of caching engine or graphics librayrs installed.
* - Accessed by ?action=admin;area=credits
*/
public function action_credits()
{
global $forum_version, $txt, $scripturl, $context, $user_info, $modSettings;
// We need a little help from our friends
require_once SUBSDIR . '/Membergroups.subs.php';
require_once SUBSDIR . '/Who.subs.php';
require_once SUBSDIR . '/Admin.subs.php';
// You have to be able to do at least one of the below to see this page.
isAllowedTo(array('admin_forum', 'manage_permissions', 'moderate_forum', 'manage_membergroups', 'manage_bans', 'send_mail', 'edit_news', 'manage_boards', 'manage_smileys', 'manage_attachments'));
// Find all of this forum's administrators...
if (listMembergroupMembers_Href($context['administrators'], 1, 32) && allowedTo('manage_membergroups')) {
// Add a 'more'-link if there are more than 32.
$context['more_admins_link'] = '<a href="' . $scripturl . '?action=moderate;area=viewgroups;sa=members;group=1">' . $txt['more'] . '</a>';
}
// Load credits.
$context[$context['admin_menu_name']]['tab_data'] = array('title' => $txt['support_credits_title'], 'help' => '', 'description' => '');
loadLanguage('Who');
$context += prepareCreditsData();
// This makes it easier to get the latest news with your time format.
$context['time_format'] = urlencode($user_info['time_format']);
$context['forum_version'] = $forum_version;
// Get a list of current server versions.
$checkFor = array('gd', 'imagick', 'db_server', 'mmcache', 'eaccelerator', 'zend', 'apc', 'memcache', 'xcache', 'opcache', 'php', 'server');
$context['current_versions'] = getServerVersions($checkFor);
$context['can_admin'] = allowedTo('admin_forum');
$context['sub_template'] = 'credits';
$context['page_title'] = $txt['support_credits_title'];
// Load in the admin quick tasks
$context['quick_admin_tasks'] = getQuickAdminTasks();
$index = 'new_in_' . str_replace(array('ElkArte ', '.'), array('', '_'), FORUM_VERSION);
if (isset($txt[$index])) {
$context['latest_updates'] = replaceBasicActionUrl($txt[$index]);
require_once SUBSDIR . '/Themes.subs.php';
updateThemeOptions(array(1, $user_info['id'], 'dismissed_' . $index, 1));
}
}
/**
* Issue/manage an user's warning status.
* @uses ProfileAccount template issueWarning sub template
* @uses Profile template
*/
public function action_issuewarning()
{
global $txt, $scripturl, $modSettings, $mbname, $context, $cur_profile;
$memID = currentMemberID();
// make sure the sub-template is set...
loadTemplate('ProfileAccount');
$context['sub_template'] = 'issueWarning';
// We need this because of template_load_warning_variables
loadTemplate('Profile');
loadJavascriptFile('profile.js');
// jQuery-UI FTW!
$modSettings['jquery_include_ui'] = true;
loadCSSFile('jquery.ui.slider.css');
loadCSSFile('jquery.ui.theme.css');
// Get all the actual settings.
list($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
// This stores any legitimate errors.
$issueErrors = array();
// Doesn't hurt to be overly cautious.
if (empty($modSettings['warning_enable']) || $context['user']['is_owner'] && !$cur_profile['warning'] || !allowedTo('issue_warning')) {
fatal_lang_error('no_access', false);
}
// Get the base (errors related) stuff done.
loadLanguage('Errors');
$context['custom_error_title'] = $txt['profile_warning_errors_occurred'];
// Make sure things which are disabled stay disabled.
$modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
$modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
$modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
$context['warning_limit'] = allowedTo('admin_forum') ? 0 : $modSettings['user_limit'];
$context['member']['warning'] = $cur_profile['warning'];
$context['member']['name'] = $cur_profile['real_name'];
// What are the limits we can apply?
$context['min_allowed'] = 0;
$context['max_allowed'] = 100;
if ($context['warning_limit'] > 0) {
require_once SUBSDIR . '/Moderation.subs.php';
$current_applied = warningDailyLimit($memID);
$context['min_allowed'] = max(0, $cur_profile['warning'] - $current_applied - $context['warning_limit']);
$context['max_allowed'] = min(100, $cur_profile['warning'] - $current_applied + $context['warning_limit']);
}
// Defaults.
$context['warning_data'] = array('reason' => '', 'notify' => '', 'notify_subject' => '', 'notify_body' => '');
// Are we saving?
if (isset($_POST['save'])) {
// Security is good here.
checkSession('post');
// This cannot be empty!
$_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : '';
if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) {
$issueErrors[] = 'warning_no_reason';
}
$_POST['warn_reason'] = Util::htmlspecialchars($_POST['warn_reason']);
// If the value hasn't changed it's either no JS or a real no change (Which this will pass)
if ($_POST['warning_level'] == 'SAME') {
$_POST['warning_level'] = $_POST['warning_level_nojs'];
}
$_POST['warning_level'] = (int) $_POST['warning_level'];
$_POST['warning_level'] = max(0, min(100, $_POST['warning_level']));
if ($_POST['warning_level'] < $context['min_allowed']) {
$_POST['warning_level'] = $context['min_allowed'];
} elseif ($_POST['warning_level'] > $context['max_allowed']) {
$_POST['warning_level'] = $context['max_allowed'];
}
require_once SUBSDIR . '/Moderation.subs.php';
// Do we actually have to issue them with a PM?
$id_notice = 0;
if (!empty($_POST['warn_notify']) && empty($issueErrors)) {
$_POST['warn_sub'] = trim($_POST['warn_sub']);
$_POST['warn_body'] = trim($_POST['warn_body']);
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
} else {
require_once SUBSDIR . '/PersonalMessage.subs.php';
$from = array('id' => 0, 'name' => $context['forum_name'], 'username' => $context['forum_name']);
sendpm(array('to' => array($memID), 'bcc' => array()), $_POST['warn_sub'], $_POST['warn_body'], false, $from);
// Log the notice.
$id_notice = logWarningNotice($_POST['warn_sub'], $_POST['warn_body']);
}
}
// Just in case - make sure notice is valid!
$id_notice = (int) $id_notice;
// What have we changed?
$level_change = $_POST['warning_level'] - $cur_profile['warning'];
// No errors? Proceed! Only log if you're not the owner.
if (empty($issueErrors)) {
// Log what we've done!
if (!$context['user']['is_owner']) {
logWarning($memID, $cur_profile['real_name'], $id_notice, $level_change, $_POST['warn_reason']);
}
// Make the change.
updateMemberData($memID, array('warning' => $_POST['warning_level']));
// Leave a lovely message.
$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
} else {
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '');
}
// Show the new improved warning level.
$context['member']['warning'] = $_POST['warning_level'];
}
// Taking a look first, good idea that one.
if (isset($_POST['preview'])) {
$warning_body = !empty($_POST['warn_body']) ? trim(censorText($_POST['warn_body'])) : '';
$context['preview_subject'] = !empty($_POST['warn_sub']) ? trim(Util::htmlspecialchars($_POST['warn_sub'])) : '';
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
}
if (!empty($_POST['warn_body'])) {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($warning_body);
$warning_body = parse_bbc($warning_body, true);
}
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '', 'body_preview' => $warning_body);
}
if (!empty($issueErrors)) {
// Fill in the suite of errors.
$context['post_errors'] = array();
foreach ($issueErrors as $error) {
$context['post_errors'][] = $txt[$error];
}
}
$context['page_title'] = $txt['profile_issue_warning'];
// Let's use a generic list to get all the current warnings
require_once SUBSDIR . '/GenericList.class.php';
require_once SUBSDIR . '/Profile.subs.php';
// Work our the various levels.
$context['level_effects'] = array(0 => $txt['profile_warning_effect_none'], $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], $modSettings['warning_mute'] => $txt['profile_warning_effect_mute']);
$context['current_level'] = 0;
foreach ($context['level_effects'] as $limit => $dummy) {
if ($context['member']['warning'] >= $limit) {
$context['current_level'] = $limit;
}
}
// Build a list to view the warnings
$listOptions = array('id' => 'issued_warnings', 'title' => $txt['profile_viewwarning_previous_warnings'], 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $txt['profile_viewwarning_no_warnings'], 'base_href' => $scripturl . '?action=profile;area=issuewarning;sa=user;u=' . $memID, 'default_sort_col' => 'log_time', 'get_items' => array('function' => 'list_getUserWarnings', 'params' => array($memID)), 'get_count' => array('function' => 'list_getUserWarningCount', 'params' => array($memID)), 'columns' => array('issued_by' => array('header' => array('value' => $txt['profile_warning_previous_issued'], 'style' => 'width: 20%;'), 'data' => array('function' => create_function('$warning', '
return $warning[\'issuer\'][\'link\'];
')), 'sort' => array('default' => 'lc.member_name DESC', 'reverse' => 'lc.member_name')), 'log_time' => array('header' => array('value' => $txt['profile_warning_previous_time'], 'style' => 'width: 30%;'), 'data' => array('db' => 'time'), 'sort' => array('default' => 'lc.log_time DESC', 'reverse' => 'lc.log_time')), 'reason' => array('header' => array('value' => $txt['profile_warning_previous_reason']), 'data' => array('function' => create_function('$warning', '
global $scripturl, $txt, $settings;
$ret = \'
<div class="floatleft">
\' . $warning[\'reason\'] . \'
</div>\';
// If a notice was sent, provide a way to view it
if (!empty($warning[\'id_notice\']))
$ret .= \'
<div class="floatright">
<a href="\' . $scripturl . \'?action=moderate;area=notice;nid=\' . $warning[\'id_notice\'] . \'" onclick="window.open(this.href, \\\'\\\', \\\'scrollbars=yes,resizable=yes,width=400,height=250\\\');return false;" target="_blank" class="new_win" title="\' . $txt[\'profile_warning_previous_notice\'] . \'"><img src="\' . $settings[\'images_url\'] . \'/filter.png" alt="" /></a>
</div>\';
return $ret;'))), 'level' => array('header' => array('value' => $txt['profile_warning_previous_level'], 'style' => 'width: 6%;'), 'data' => array('db' => 'counter'), 'sort' => array('default' => 'lc.counter DESC', 'reverse' => 'lc.counter'))));
// Create the list for viewing.
createList($listOptions);
$warning_for_message = isset($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : false;
$warned_message_subject = '';
// Are they warning because of a message?
if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) {
require_once SUBSDIR . '/Messages.subs.php';
$message = basicMessageInfo((int) $_REQUEST['msg']);
if (!empty($message)) {
$warned_message_subject = $message['subject'];
}
}
require_once SUBSDIR . '/Maillist.subs.php';
// Any custom templates?
$context['notification_templates'] = array();
$notification_templates = maillist_templates('warntpl');
foreach ($notification_templates as $row) {
// If we're not warning for a message skip any that are.
if (!$warning_for_message && strpos($row['body'], '{MESSAGE}') !== false) {
continue;
}
$context['notification_templates'][] = array('title' => $row['title'], 'body' => $row['body']);
}
// Setup the "default" templates.
foreach (array('spamming', 'offence', 'insulting') as $type) {
$context['notification_templates'][] = array('title' => $txt['profile_warning_notify_title_' . $type], 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($warning_for_message) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]));
}
// Replace all the common variables in the templates.
foreach ($context['notification_templates'] as $k => $name) {
$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $warning_for_message . ']' . un_htmlspecialchars($warned_message_subject) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => replaceBasicActionUrl($txt['regards_team'])));
}
}
/**
* Do some important security checks:
*
* What it does:
* - checks the existence of critical files e.g. install.php
* - checks for an active admin session.
* - checks cache directory is writable.
* - calls secureDirectory to protect attachments & cache.
* - checks if the forum is in maintance mode.
*/
function doSecurityChecks()
{
global $modSettings, $context, $maintenance, $user_info, $txt, $scripturl, $user_settings, $options;
$show_warnings = false;
if (allowedTo('admin_forum') && !$user_info['is_guest']) {
// If agreement is enabled, at least the english version shall exists
if ($modSettings['requireAgreement'] && !file_exists(BOARDDIR . '/agreement.txt')) {
$context['security_controls_files']['title'] = $txt['generic_warning'];
$context['security_controls_files']['errors']['agreement'] = $txt['agreement_missing'];
$show_warnings = true;
}
// Cache directory writeable?
if (!empty($modSettings['cache_enable']) && !is_writable(CACHEDIR)) {
$context['security_controls_files']['title'] = $txt['generic_warning'];
$context['security_controls_files']['errors']['cache'] = $txt['cache_writable'];
$show_warnings = true;
}
// @todo add a hook here
$securityFiles = array('install.php', 'upgrade.php', 'convert.php', 'repair_paths.php', 'repair_settings.php', 'Settings.php~', 'Settings_bak.php~');
foreach ($securityFiles as $securityFile) {
if (file_exists(BOARDDIR . '/' . $securityFile)) {
$context['security_controls_files']['title'] = $txt['security_risk'];
$context['security_controls_files']['errors'][$securityFile] = sprintf($txt['not_removed'], $securityFile);
$show_warnings = true;
if ($securityFile == 'Settings.php~' || $securityFile == 'Settings_bak.php~') {
$context['security_controls_files']['errors'][$securityFile] .= '<span class="smalltext">' . sprintf($txt['not_removed_extra'], $securityFile, substr($securityFile, 0, -1)) . '</span>';
}
}
}
// We are already checking so many files...just few more doesn't make any difference! :P
require_once SUBSDIR . '/Attachments.subs.php';
$path = getAttachmentPath();
secureDirectory($path, true);
secureDirectory(CACHEDIR);
// Active admin session?
if (empty($modSettings['securityDisable']) && (isset($_SESSION['admin_time']) && $_SESSION['admin_time'] + $modSettings['admin_session_lifetime'] * 60 > time())) {
$context['warning_controls']['admin_session'] = sprintf($txt['admin_session_active'], $scripturl . '?action=admin;area=adminlogoff;redir;' . $context['session_var'] . '=' . $context['session_id']);
}
// Maintenance mode enabled?
if (!empty($maintenance)) {
$context['warning_controls']['maintenance'] = sprintf($txt['admin_maintenance_active'], $scripturl . '?action=admin;area=serversettings;' . $context['session_var'] . '=' . $context['session_id']);
}
// New updates
if (defined('FORUM_VERSION')) {
$index = 'new_in_' . str_replace(array('ElkArte ', '.'), array('', '_'), FORUM_VERSION);
if (!empty($modSettings[$index]) && empty($options['dismissed_' . $index])) {
$show_warnings = true;
$context['new_version_updates'] = array('title' => $txt['new_version_updates'], 'errors' => array(replaceBasicActionUrl($txt['new_version_updates_text'])));
}
}
}
// Check for database errors.
if (!empty($_SESSION['query_command_denied'])) {
if ($user_info['is_admin']) {
$context['security_controls_query']['title'] = $txt['query_command_denied'];
$show_warnings = true;
foreach ($_SESSION['query_command_denied'] as $command => $error) {
$context['security_controls_query']['errors'][$command] = '<pre>' . Util::htmlspecialchars($error) . '</pre>';
}
} else {
$context['security_controls_query']['title'] = $txt['query_command_denied_guests'];
foreach ($_SESSION['query_command_denied'] as $command => $error) {
$context['security_controls_query']['errors'][$command] = '<pre>' . sprintf($txt['query_command_denied_guests_msg'], Util::htmlspecialchars($command)) . '</pre>';
}
}
}
// Are there any members waiting for approval?
if (allowedTo('moderate_forum') && (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 2 || !empty($modSettings['approveAccountDeletion'])) && !empty($modSettings['unapprovedMembers'])) {
$context['warning_controls']['unapproved_members'] = sprintf($txt[$modSettings['unapprovedMembers'] == 1 ? 'approve_one_member_waiting' : 'approve_many_members_waiting'], $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve', $modSettings['unapprovedMembers']);
}
if (!empty($context['open_mod_reports']) && (empty($user_settings['mod_prefs']) || $user_settings['mod_prefs'][0] == 1)) {
$context['warning_controls']['open_mod_reports'] = '<a href="' . $scripturl . '?action=moderate;area=reports">' . sprintf($txt['mod_reports_waiting'], $context['open_mod_reports']) . '</a>';
}
if (isset($_SESSION['ban']['cannot_post'])) {
// An admin cannot be banned (technically he could), and if it is better he knows.
$context['security_controls_ban']['title'] = sprintf($txt['you_are_post_banned'], $user_info['is_guest'] ? $txt['guest_title'] : $user_info['name']);
$show_warnings = true;
$context['security_controls_ban']['errors']['reason'] = '';
if (!empty($_SESSION['ban']['cannot_post']['reason'])) {
$context['security_controls_ban']['errors']['reason'] = $_SESSION['ban']['cannot_post']['reason'];
}
if (!empty($_SESSION['ban']['expire_time'])) {
$context['security_controls_ban']['errors']['reason'] .= '<span class="smalltext">' . sprintf($txt['your_ban_expires'], standardTime($_SESSION['ban']['expire_time'], false)) . '</span>';
} else {
$context['security_controls_ban']['errors']['reason'] .= '<span class="smalltext">' . $txt['your_ban_expires_never'] . '</span>';
}
}
// Finally, let's show the layer.
if ($show_warnings || !empty($context['warning_controls'])) {
Template_Layers::getInstance()->addAfter('admin_warning', 'body');
}
}
/**
* This function determines the actions of the members passed in urls.
*
* Adding actions to the Who's Online list:
* Adding actions to this list is actually relatively easy...
* - for actions anyone should be able to see, just add a string named whoall_ACTION.
* (where ACTION is the action used in index.php.)
* - for actions that have a subaction which should be represented differently, use whoall_ACTION_SUBACTION.
* - for actions that include a topic, and should be restricted, use whotopic_ACTION.
* - for actions that use a message, by msg or quote, use whopost_ACTION.
* - for administrator-only actions, use whoadmin_ACTION.
* - for actions that should be viewable only with certain permissions, use whoallow_ACTION and
* add a list of possible permissions to the $allowedActions array, using ACTION as the key.
*
* @param mixed[]|string $urls a single url (string) or an array of arrays, each inner array being (serialized request data, id_member)
* @param string|false $preferred_prefix = false
* @return mixed[]|string an array of descriptions if you passed an array, otherwise the string describing their current location.
*/
function determineActions($urls, $preferred_prefix = false)
{
global $txt, $user_info, $modSettings, $scripturl;
$db = database();
if (!allowedTo('who_view')) {
return array();
}
loadLanguage('Who');
// Actions that require a specific permission level.
$allowedActions = array('admin' => array('moderate_forum', 'manage_membergroups', 'manage_bans', 'admin_forum', 'manage_permissions', 'send_mail', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news'), 'ban' => array('manage_bans'), 'boardrecount' => array('admin_forum'), 'calendar' => array('calendar_view'), 'editnews' => array('edit_news'), 'mailing' => array('send_mail'), 'maintain' => array('admin_forum'), 'manageattachments' => array('manage_attachments'), 'manageboards' => array('manage_boards'), 'memberlist' => array('view_mlist'), 'moderate' => array('access_mod_center', 'moderate_forum', 'manage_membergroups'), 'optimizetables' => array('admin_forum'), 'repairboards' => array('admin_forum'), 'search' => array('search_posts'), 'setcensor' => array('moderate_forum'), 'setreserve' => array('moderate_forum'), 'stats' => array('view_stats'), 'viewErrorLog' => array('admin_forum'), 'viewmembers' => array('moderate_forum'));
// Provide integration a way to add to the allowed action array
call_integration_hook('integrate_whos_online_allowed', array(&$allowedActions));
if (!is_array($urls)) {
$url_list = array(array($urls, $user_info['id']));
} else {
$url_list = $urls;
}
// These are done to query these in large chunks. (instead of one by one.)
$topic_ids = array();
$profile_ids = array();
$board_ids = array();
$data = array();
foreach ($url_list as $k => $url) {
// Get the request parameters..
$actions = @unserialize($url[0]);
if ($actions === false) {
continue;
}
// If it's the admin or moderation center, and there is an area set, use that instead.
if (isset($actions['action']) && ($actions['action'] == 'admin' || $actions['action'] == 'moderate') && isset($actions['area'])) {
$actions['action'] = $actions['area'];
}
// Check if there was no action or the action is display.
if (!isset($actions['action']) || $actions['action'] == 'display') {
// It's a topic! Must be!
if (isset($actions['topic'])) {
// Assume they can't view it, and queue it up for later.
$data[$k] = $txt['who_hidden'];
$topic_ids[(int) $actions['topic']][$k] = $txt['who_topic'];
} elseif (isset($actions['board'])) {
// Hide first, show later.
$data[$k] = $txt['who_hidden'];
$board_ids[$actions['board']][$k] = $txt['who_board'];
} else {
$data[$k] = replaceBasicActionUrl($txt['who_index']);
}
} elseif ($actions['action'] == '') {
$data[$k] = replaceBasicActionUrl($txt['who_index']);
} else {
// Viewing/editing a profile.
if ($actions['action'] == 'profile') {
// Whose? Their own?
if (empty($actions['u'])) {
require_once SUBSDIR . '/Profile.subs.php';
$memID = currentMemberID();
if ($memID == $user_info['id']) {
$actions['u'] = $url[1];
} else {
$actions['u'] = $memID;
}
}
$data[$k] = $txt['who_hidden'];
$profile_ids[(int) $actions['u']][$k] = $actions['action'] == 'profile' ? $txt['who_viewprofile'] : $txt['who_profile'];
} elseif (($actions['action'] == 'post' || $actions['action'] == 'post2' || $actions['action'] == 'topicbyemail') && empty($actions['topic']) && isset($actions['board'])) {
$data[$k] = $txt['who_hidden'];
if ($actions['action'] == 'topicbyemail') {
$board_ids[(int) $actions['board']][$k] = $txt['who_topicbyemail'];
} else {
$board_ids[(int) $actions['board']][$k] = isset($actions['poll']) ? $txt['who_poll'] : $txt['who_post'];
}
} elseif (isset($actions['sa']) && isset($txt['whoall_' . $actions['action'] . '_' . $actions['sa']])) {
$data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']]) ? $txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']] : $txt['whoall_' . $actions['action'] . '_' . $actions['sa']];
} elseif (isset($txt['whoall_' . $actions['action']])) {
$data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action']]) ? $txt[$preferred_prefix . $actions['action']] : replaceBasicActionUrl($txt['whoall_' . $actions['action']]);
} elseif (isset($txt['whotopic_' . $actions['action']])) {
// Find out what topic they are accessing.
$topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0));
$data[$k] = $txt['who_hidden'];
$topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action']];
} elseif (isset($actions['sa']) && isset($txt['whotopic_' . $actions['action'] . '_' . $actions['sa']])) {
// Find out what topic they are accessing.
$topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0));
$data[$k] = $txt['who_hidden'];
$topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action'] . '_' . $actions['sa']];
} elseif (isset($txt['whopost_' . $actions['action']])) {
// Find out what message they are accessing.
$msgid = (int) (isset($actions['msg']) ? $actions['msg'] : (isset($actions['quote']) ? $actions['quote'] : 0));
$result = $db->query('', '
SELECT m.id_topic, m.subject
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ')
WHERE m.id_msg = {int:id_msg}
AND {query_see_board}' . ($modSettings['postmod_active'] ? '
AND m.approved = {int:is_approved}' : '') . '
LIMIT 1', array('is_approved' => 1, 'id_msg' => $msgid));
list($id_topic, $subject) = $db->fetch_row($result);
$data[$k] = sprintf($txt['whopost_' . $actions['action']], $scripturl . '?topic=' . $id_topic . '.0', $subject);
$db->free_result($result);
if (empty($id_topic)) {
$data[$k] = $txt['who_hidden'];
}
} elseif (allowedTo('moderate_forum') && isset($txt['whoadmin_' . $actions['action']])) {
$data[$k] = $txt['whoadmin_' . $actions['action']];
} elseif (isset($allowedActions[$actions['action']])) {
if (allowedTo($allowedActions[$actions['action']])) {
if (isset($actions['sa']) && isset($txt['whoallow_' . $actions['action'] . '_' . $actions['sa']])) {
$data[$k] = replaceBasicActionUrl($txt['whoallow_' . $actions['action'] . '_' . $actions['sa']]);
} else {
$data[$k] = replaceBasicActionUrl($txt['whoallow_' . $actions['action']]);
}
} elseif (in_array('moderate_forum', $allowedActions[$actions['action']])) {
$data[$k] = $txt['who_moderate'];
} elseif (in_array('admin_forum', $allowedActions[$actions['action']])) {
$data[$k] = $txt['who_admin'];
} else {
$data[$k] = $txt['who_hidden'];
}
} elseif (!empty($actions['action'])) {
$data[$k] = sprintf($txt['who_generic'], $actions['action']);
} else {
$data[$k] = $txt['who_unknown'];
}
}
// Maybe the action is integrated into another system?
if (count($integrate_actions = call_integration_hook('integrate_whos_online', array($actions))) > 0) {
// Try each integraion hook with this url and see if they can fill in the details
foreach ($integrate_actions as $integrate_action) {
if (!empty($integrate_action)) {
// Found it, all done then
$data[$k] = $integrate_action;
break;
}
}
}
}
// Load topic names.
if (!empty($topic_ids)) {
require_once SUBSDIR . '/Topic.subs.php';
$topics_data = topicsList(array_keys($topic_ids));
foreach ($topics_data as $topic) {
// Show the topic's subject for each of the members looking at this...
foreach ($topic_ids[$topic['id_topic']] as $k => $session_text) {
$data[$k] = sprintf($session_text, $scripturl . '?topic=' . $topic['id_topic'] . '.0', $topic['subject']);
}
}
}
// Load board names.
if (!empty($board_ids)) {
require_once SUBSDIR . '/Boards.subs.php';
$boards_list = getBoardList(array('included_boards' => array_keys($board_ids)), true);
foreach ($boards_list as $board) {
// Put the board name into the string for each member...
foreach ($board_ids[$board['id_board']] as $k => $session_text) {
$data[$k] = sprintf($session_text, $scripturl . '?board=' . $board['id_board'] . '.0', $board['board_name']);
}
}
}
// Load member names for the profile.
if (!empty($profile_ids) && (allowedTo('profile_view_any') || allowedTo('profile_view_own'))) {
require_once SUBSDIR . '/Members.subs.php';
$result = getBasicMemberData(array_keys($profile_ids));
foreach ($result as $row) {
// If they aren't allowed to view this person's profile, skip it.
if (!allowedTo('profile_view_any') && $user_info['id'] != $row['id_member']) {
continue;
}
// Set their action on each - session/text to sprintf.
foreach ($profile_ids[$row['id_member']] as $k => $session_text) {
$data[$k] = sprintf($session_text, $scripturl . '?action=profile;u=' . $row['id_member'], $row['real_name']);
}
}
}
if (!is_array($urls)) {
return isset($data[0]) ? $data[0] : false;
} else {
return $data;
}
}
/**
* Show the copyright.
*/
function theme_copyright()
{
global $forum_copyright, $forum_version;
// Don't display copyright for things like SSI.
if (!isset($forum_version)) {
return;
}
// Put in the version...
$forum_copyright = replaceBasicActionUrl(sprintf($forum_copyright, $forum_version));
echo '
', $forum_copyright;
}
