function spa_render_profiles_container($formid)
{
switch ($formid) {
case 'options':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-options-form.php';
spa_profiles_options_form();
break;
case 'tabsmenus':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-tabs-menus-form.php';
spa_profiles_tabs_menus_form();
break;
case 'avatars':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-avatars-form.php';
spa_profiles_avatars_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_options_container($formid)
{
switch ($formid) {
case 'global':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-global-form.php';
spa_options_global_form();
break;
case 'display':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-display-form.php';
spa_options_display_form();
break;
case 'content':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-content-form.php';
spa_options_content_form();
break;
case 'members':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-members-form.php';
spa_options_members_form();
break;
case 'email':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-email-form.php';
spa_options_email_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_integration_container($formid)
{
switch ($formid) {
case 'page':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-page-form.php';
spa_integration_page_form();
break;
case 'storage':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-storage-form.php';
spa_integration_storage_form();
break;
case 'language':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-language-form.php';
spa_integration_language_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_themes_container($formid)
{
switch ($formid) {
case 'theme-list':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-list-form.php';
spa_themes_list_form();
break;
case 'mobile':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-mobile-form.php';
spa_themes_mobile_form();
break;
case 'tablet':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-tablet-form.php';
spa_themes_tablet_form();
break;
case 'editor':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-editor-form.php';
spa_themes_editor_form();
break;
case 'theme-upload':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-upload-form.php';
spa_themes_upload_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_admins_container($formid)
{
switch ($formid) {
case 'youradmin':
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-your-options-form.php';
spa_admins_your_options_form();
break;
case 'globaladmin':
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-global-options-form.php';
spa_admins_global_options_form();
break;
case 'manageadmin':
require_once ABSPATH . 'wp-admin/includes/admin.php';
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-manage-admins-form.php';
spa_admins_manage_admins_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function sp_profile_add_menu($menu, $name, $form, $order = 0, $display = 1, $auth = '')
{
# sanitize before use
$menu = sp_filter_title_save($menu);
$slug = sp_create_slug($name, false);
$name = sp_filter_title_save($name);
$form = str_replace('\\', '/', $form);
# sanitize for Win32 installs
$display = (int) $display;
$auth = sp_esc_str($auth);
# get profile tabs
$tabs = sp_profile_get_tabs();
if (empty($tabs)) {
return false;
}
# find the requested tab
foreach ($tabs as &$tab) {
$found = false;
if ($tab['name'] == $menu) {
# make sure the menu doesnt already exist on this tab
if (isset($tab['menus']) && $tab['menus']) {
foreach ($tab['menus'] as $thisMenu) {
if ($thisMenu['name'] == $name) {
return -1;
}
}
}
# insert the new menu
if (empty($order)) {
$order = empty($tab['menus']) ? 0 : count($tab['menus']);
}
$newtab = array();
$newtab['name'] = $name;
$newtab['slug'] = $slug;
$newtab['form'] = $form;
$newtab['display'] = $display;
$newtab['auth'] = $auth;
sp_array_insert($tab['menus'], $newtab, $order);
# make sure its compact
$tab['menus'] = array_values($tab['menus']);
# menu added so break out
$found = true;
break;
}
}
# if tab wasnt found bail
if (!$found) {
return false;
}
# save the new profile tabs
$result = sp_add_sfmeta('profile', 'tabs', $tabs);
return $result;
}
function spa_render_toolbox_container($formid)
{
switch ($formid) {
case 'toolbox':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-toolbox-form.php';
spa_toolbox_toolbox_form();
break;
case 'environment':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-environment-form.php';
spa_toolbox_environment_form();
break;
case 'housekeeping':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-housekeeping-form.php';
spa_toolbox_housekeeping_form();
break;
case 'inspector':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-inspector-form.php';
spa_toolbox_inspector_form();
break;
case 'cron':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-cron-form.php';
spa_toolbox_cron_form();
break;
case 'log':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-log-form.php';
spa_toolbox_log_form();
break;
case 'errorlog':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-errorlog-form.php';
spa_toolbox_errorlog_form();
break;
case 'changelog':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-changelog-form.php';
spa_toolbox_changelog_form();
break;
case 'uninstall':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-uninstall-form.php';
spa_toolbox_uninstall_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_components_container($formid)
{
switch ($formid) {
case 'smileys':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-smileys-form.php';
spa_components_smileys_form();
break;
case 'login':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-login-form.php';
spa_components_login_form();
break;
case 'seo':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-seo-form.php';
spa_components_seo_form();
break;
case 'forumranks':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-forumranks-form.php';
spa_components_forumranks_form();
break;
case 'addmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-add-form.php';
spa_components_sr_add_members_form($_GET['id']);
break;
case 'delmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-del-form.php';
spa_components_sr_del_members_form($_GET['id']);
break;
case 'messages':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-messages-form.php';
spa_components_messages_form();
break;
case 'policies':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-policies-form.php';
spa_components_policies_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_usergroups_container($formid)
{
switch ($formid) {
case 'usergroups':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/spa-usergroups-display-main.php';
spa_usergroups_usergroup_main();
break;
case 'createusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-create-usergroup-form.php';
spa_usergroups_create_usergroup_form();
break;
case 'editusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-edit-usergroup-form.php';
spa_usergroups_edit_usergroup_form(sp_esc_int($_GET['id']));
break;
case 'delusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-usergroup-form.php';
spa_usergroups_delete_usergroup_form(sp_esc_int($_GET['id']));
break;
case 'addmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-add-members-form.php';
spa_usergroups_add_members_form(sp_esc_int($_GET['id']));
break;
case 'delmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-members-form.php';
spa_usergroups_delete_members_form(sp_esc_int($_GET['id']));
break;
case 'mapusers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-map-users.php';
spa_usergroups_map_users();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_users_container($formid)
{
switch ($formid) {
case 'member-info':
require_once ABSPATH . 'wp-admin/includes/admin.php';
include_once SF_PLUGIN_DIR . '/admin/panel-users/forms/spa-users-members-form.php';
spa_users_members_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_permissions_container($formid)
{
switch ($formid) {
case 'permissions':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/spa-permissions-display-main.php';
spa_permissions_permission_main();
break;
case 'createperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-permission-form.php';
spa_permissions_add_permission_form();
break;
case 'editperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-edit-permission-form.php';
spa_permissions_edit_permission_form(sp_esc_int($_GET['id']));
break;
case 'delperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-delete-permission-form.php';
spa_permissions_delete_permission_form(sp_esc_int($_GET['id']));
break;
case 'resetperms':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-reset-permissions-form.php';
spa_permissions_reset_perms_form();
break;
case 'newauth':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-auth-form.php';
spa_permissions_add_auth_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_save_plugin_activation()
{
check_admin_referer('forum-adminform_plugins', 'sfnonce');
if (!sp_current_user_can('SPF Manage Plugins')) {
spa_etext('Access denied - you do not have permission');
die;
}
if (empty($_GET['action']) && empty($_GET['action2']) || empty($_GET['plugin'])) {
return spa_text('An error occurred activating/deactivating the plugin!');
}
$action = !empty($_GET['action']) ? sp_esc_str($_GET['action']) : sp_esc_str($_GET['action2']);
$plugin = sp_esc_str($_GET['plugin']);
if ($action == 'activate') {
# activate the plugin
sp_activate_sp_plugin($plugin);
# reset all users plugin data in case new plugin adds elements to user object
sp_reset_member_plugindata();
} else {
if ($action == 'deactivate') {
# deactivate the plugin
sp_deactivate_sp_plugin($plugin);
} else {
if ($action == 'uninstall_confirmed') {
# fire uninstall action
do_action('sph_uninstall_plugin', trim($plugin));
do_action('sph_uninstall_' . trim($plugin));
do_action('sph_uninstalled_plugin', trim($plugin));
# now deactivate the plugin
sp_deactivate_sp_plugin($plugin);
} else {
if ($action == 'delete' && (!is_multisite() || is_super_admin())) {
# delete the plugin
sp_delete_sp_plugin($plugin);
}
}
}
}
do_action('sph_plugins_save', $action, $plugin);
}
function spa_render_sidemenu()
{
global $sfadminpanels, $spThisUser, $spDevice;
$target = 'sfmaincontainer';
$image = SFADMINIMAGES;
$upgrade = admin_url('admin.php?page=' . SPINSTALLPATH);
if (isset($_GET['tab']) ? $formid = sp_esc_str($_GET['tab']) : ($formid = '')) {
}
if ($spDevice == 'mobile') {
echo '<div id="spaMobileAdmin">' . "\n";
echo '<select class="wp-core-ui" onchange="location = this.options[this.selectedIndex].value;">' . "\n";
foreach ($sfadminpanels as $index => $panel) {
if (sp_current_user_can($panel[1]) || $panel[0] == 'Admins' && ($spThisUser->admin || $spThisUser->moderator)) {
echo '<optgroup label="' . $panel[0] . '">' . "\n";
foreach ($panel[6] as $label => $data) {
foreach ($data as $formid => $reload) {
# ignore user plugin data for menu
if ($formid == 'admin' || $formid == 'save' || $formid == 'form') {
continue;
}
$id = '';
if ($reload != '') {
$id = ' id="' . esc_attr($reload) . '"';
} else {
$id = ' id="acc' . esc_attr($formid) . '"';
}
$sel = '';
if (isset($_GET['tab'])) {
if ($_GET['tab'] == 'plugin') {
if (isset($_GET['admin']) && isset($data['admin']) && $_GET['admin'] == $data['admin']) {
$sel = ' selected="selected" ';
}
} else {
if ($_GET['tab'] == $formid) {
$sel = ' selected="selected" ';
}
}
}
echo "<option {$id} {$sel}";
$admin = !empty($data['admin']) ? '&admin=' . $data['admin'] : '';
$save = !empty($data['save']) ? '&save=' . $data['save'] : '';
$form = !empty($data['form']) ? '&form=' . $data['form'] : '';
if (empty($admin)) {
$base = SFHOMEURL . 'wp-admin/admin.php?page=simple-press/admin';
} else {
$base = SFHOMEURL . 'wp-admin/admin.php?page=simple-press/admin/panel-plugins/spa-plugins.php';
$panel[2] = '';
}
$http = $base . $panel[2] . '&tab=' . $formid . $admin . $save . $form;
echo 'value="' . $http . '">' . $label . '</option>' . "\n";
}
}
echo '</optgroup>' . "\n";
}
}
echo '</select>' . "\n";
echo '<a class="button button-secondary" href="' . sp_url() . '">' . spa_text('Go To Forum') . '</a>';
echo '</div>' . "\n";
} else {
echo '<div id="sfsidepanel">' . "\n";
echo '<div id="sfadminmenu">' . "\n";
foreach ($sfadminpanels as $index => $panel) {
if (sp_current_user_can($panel[1]) || $panel[0] == 'Admins' && ($spThisUser->admin || $spThisUser->moderator)) {
$pName = str_replace(' ', '', $panel[0]);
echo '<div class="sfsidebutton" id="sfacc' . $pName . '">' . "\n";
echo '<div class="" title="' . esc_attr($panel[3]) . '"><span class="spa' . $panel[4] . '"></span><a href="#">' . $panel[0] . '</a></div>' . "\n";
echo '</div>' . "\n";
echo '<div class="sfmenublock">' . "\n";
foreach ($panel[6] as $label => $data) {
foreach ($data as $formid => $reload) {
# ignore user plugin data for menu
if ($formid == 'admin' || $formid == 'save' || $formid == 'form') {
continue;
}
echo '<div class="sfsideitem">' . "\n";
$id = '';
if ($reload != '') {
$id = ' id="' . esc_attr($reload) . '"';
} else {
$id = ' id="acc' . esc_attr($formid) . '"';
}
$base = esc_js($panel[5]);
$admin = !empty($data['admin']) ? $data['admin'] : '';
$save = !empty($data['save']) ? $data['save'] : '';
$form = !empty($data['form']) ? $data['form'] : '';
?>
<a<?php
echo $id;
?>
href="#" onclick="spjLoadForm('<?php
echo $formid;
?>
', '<?php
echo $base;
?>
', '<?php
echo $target;
?>
', '<?php
echo $image;
?>
', '', 'sfopen', '<?php
echo $upgrade;
?>
', '<?php
echo esc_js($admin);
?>
', '<?php
echo esc_js($save);
?>
', '<?php
echo $form;
?>
', '<?php
echo $reload;
?>
');"><?php
echo $label;
?>
</a><?php
echo "\n";
?>
<?php
}
echo '</div>' . "\n";
}
echo '</div>' . "\n";
}
}
echo '</div>' . "\n";
# Help link
$site = SFHOMEURL . 'index.php?sp_ahah=troubleshooting&sfnonce=' . wp_create_nonce('forum-ahah');
echo '<br /><input type="button" id="spHelp" class="button-primary" value="' . spa_text('Simple:Press‌ Help and Troubleshooting') . '" onclick="spjTroubleshooting(\'' . $site . '\', \'' . $target . '\');" />' . "\n";
echo '</div>' . "\n";
}
}
echo '</fieldset>';
}
if ($action == 'delsmiley') {
$file = sp_esc_str($_GET['file']);
$path = SF_STORE_DIR . '/' . $spPaths['smileys'] . '/' . $file;
@unlink($path);
# load smiles from sfmeta
$meta = sp_get_sfmeta('smileys', 'smileys');
# now cycle through to remove this entry and resave
if (!empty($meta[0]['meta_value'])) {
$newsmileys = array();
foreach ($meta[0]['meta_value'] as $name => $info) {
if ($info[0] != $file) {
$newsmileys[$name][0] = sp_filter_title_save($info[0]);
$newsmileys[$name][1] = sp_filter_name_save($info[1]);
$newsmileys[$name][2] = sp_filter_name_save($info[2]);
$newsmileys[$name][3] = $info[3];
$newsmileys[$name][4] = $info[4];
}
}
sp_update_sfmeta('smileys', 'smileys', $newsmileys, $meta[0]['meta_id'], true);
}
echo '1';
}
if ($action == 'delbadge') {
$file = sp_esc_str($_GET['file']);
$path = SF_STORE_DIR . '/' . $spPaths['ranks'] . '/' . $file;
@unlink($path);
echo '1';
}
die;
# check for tab press
if (isset($_GET['tab'])) {
# profile edit, so only admin or logged in user can view
if (empty($userid) || $spThisUser->ID != $userid && !$spThisUser->admin) {
sp_notify(SPFAILURE, sp_text('Invalid profile request'));
$out .= sp_render_queued_notification();
$out .= '<div class="sfmessagestrip">';
$out .= apply_filters('sph_ProfileErrorMsg', sp_text('Sorry, an invalid profile request was detected. Do you need to log in?'));
$out .= '</div>';
return $out;
}
# set up profile for requested user
sp_SetupUserProfileData($userid);
# get pressed tab and menu (if pressed)
$thisTab = sp_esc_str($_GET['tab']);
$thisMenu = isset($_GET['menu']) ? sp_esc_str($_GET['menu']) : '';
# get all the tabs meta info
$tabs = sp_profile_get_tabs();
if (!empty($tabs)) {
foreach ($tabs as $tab) {
# find the pressed tab in the list of tabs
if ($tab['slug'] == $thisTab) {
# now output the menu and content
$first = true;
$thisForm = '';
$thisName = '';
$thisSlug = '';
$out = '';
if (!empty($tab['menus'])) {
foreach ($tab['menus'] as $menu) {
# do we need an auth check?
function sp_ProfileEditMobile($tabSlug = 'profile', $menuSlug = 'overview')
{
# is this edit for current user of admin edit of user
global $spVars, $spThisUser;
if (!empty($spVars['member'])) {
$userid = (int) $spVars['member'];
} else {
$userid = $spThisUser->ID;
}
if (empty($userid) || $spThisUser->ID != $userid && !$spThisUser->admin) {
sp_notify(SPFAILURE, sp_text('Invalid profile request'));
$out = sp_render_queued_notification();
$out .= '<div class="spMessage">';
$out .= apply_filters('sph_ProfileErrorMsg', sp_text('Sorry, an invalid profile request was detected. Do you need to log in?'));
$out .= '</div>';
echo $out;
return;
}
# see if query args used to specify tab and/or menu
if (isset($_GET['ptab'])) {
$tabSlug = sp_esc_str($_GET['ptab']);
}
if (isset($_GET['pmenu'])) {
$menuSlug = sp_esc_str($_GET['pmenu']);
}
# set up the profile data
global $spProfileUser;
sp_SetupUserProfileData($userid);
do_action('sph_profile_edit_before');
do_action('sph_ProfileStart');
$tabs = sp_profile_get_tabs();
if (!empty($tabs)) {
do_action('sph_profile_edit_before_tabs');
echo '<div id="spProfileAccordion">';
echo "<div class='spProfileAccordionTab'>\n";
$firstTab = $firstMenu = '';
$tabSlugExist = $menuSlugExist = false;
foreach ($tabs as $tab) {
# do we need an auth check?
$authCheck = empty($tab['auth']) ? true : sp_get_auth($tab['auth'], '', $userid);
# is this tab being displayed and does user have auth to see it?
if ($authCheck && $tab['display']) {
if ($tab['slug'] == $tabSlug) {
$tabSlugExist = true;
}
if (empty($firstTab)) {
$firstTab = $tab['slug'];
}
echo '<h2 id="spProfileTabTitle-' . esc_attr($tab['slug']) . '">' . sp_filter_title_display($tab['name']) . "</h2>\n";
echo "<div id='spProfileTab-" . esc_attr($tab['slug']) . "' class='spProfileAccordionPane'>\n";
if (!empty($tab['menus'])) {
echo "<div class='spProfileAccordionTab'>\n";
foreach ($tab['menus'] as $menu) {
# do we need an auth check?
$authCheck = empty($menu['auth']) ? true : sp_get_auth($menu['auth'], '', $userid);
# is this menu being displayed and does user have auth to see it?
if ($authCheck && $menu['display']) {
if ($menu['slug'] == $menuSlug) {
$menuSlugExist = true;
}
if (empty($firstMenu)) {
$firstMenu = $menu['slug'];
}
$thisSlug = $menu['slug'];
# this variable is used in the form action url
# special checking for displaying menus
$spProfileOptions = sp_get_option('sfprofile');
$spAvatars = sp_get_option('sfavatars');
$noPhotos = $menu['slug'] == 'edit-photos' && $spProfileOptions['photosmax'] < 1;
# dont display edit photos if disabled
$noAvatars = $menu['slug'] == 'edit-avatars' && !$spAvatars['sfshowavatars'];
# dont display edit avatars if disabled
$hideMenu = $noPhotos || $noAvatars;
$hideMenu = apply_filters('sph_ProfileMenuHide', $hideMenu, $tab, $menu, $userid);
if (!$hideMenu) {
echo '<h2 id="spProfileMenuTitle-' . esc_attr($menu['slug']) . '">' . sp_filter_title_display($menu['name']) . "</h2>\n";
echo "<div id='spProfileMenu-" . esc_attr($menu['slug']) . "' class='spProfileAccordionPane'>\n";
if (!empty($menu['form']) && file_exists($menu['form'])) {
echo "<div class='spProfileAccordionForm'>\n";
include_once $menu['form'];
echo "</div>\n";
} else {
echo sp_text('Profile form could not be found') . ': [' . $menu['name'] . ']<br />';
echo sp_text('You might try the forum - toolbox - housekeeping admin form and reset the profile tabs and menus and see if that helps');
}
echo "</div>\n";
# menu pane
}
}
}
echo "</div>\n";
# menu accordion
}
echo "</div>\n";
# tab pane
}
}
echo "</div>\n";
# tab accordion
echo '</div>';
# profile accordion
do_action('sph_profile_edit_after_tabs');
# inline js to create profile tabs
global $firstTab, $firstMenu;
$firstTab = $tabSlugExist ? $tabSlug : $firstTab;
# if selected tab does not exist, use first tab
$firstMenu = $menuSlugExist ? $menuSlug : $firstMenu;
# if selected tab does not exist, use first menu in first tab
# are we forcing password change on first login?
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
$firstTab = 'profile';
$firstMenu = 'account-settings';
}
add_action('wp_footer', 'sp_ProfileEditFooterMobile');
}
do_action('sph_profile_edit_after');
}
function sp_UpdateProfile()
{
global $spGlobals, $spThisUser;
# make sure nonce is there
check_admin_referer('forum-profile', 'forum-profile');
$message = array();
# dont update forum if its locked down
if ($spGlobals['lockdown']) {
$message['type'] = 'error';
$message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated');
return $message;
}
# do we have a form to update?
if (isset($_GET['form'])) {
$thisForm = sp_esc_str($_GET['form']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid form');
return $message;
}
# do we have an actual user to update?
if (isset($_GET['userid'])) {
$thisUser = sp_esc_int($_GET['userid']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
# Check the user ID for current user of admin edit
if ($thisUser != $spThisUser->ID && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (empty($pass1) || empty($pass2) || $pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Cannot save profile until password has been changed');
return $message;
}
}
# form save filter
$thisForm = apply_filters('sph_profile_save_thisForm', $thisForm);
# valid save attempt, so lets process the save
switch ($thisForm) {
case 'show-memberships':
# update memberships
# any usergroup removals?
if (isset($_POST['usergroup_leave'])) {
foreach ($_POST['usergroup_leave'] as $membership) {
sp_remove_membership(sp_esc_str($membership), $thisUser);
}
}
# any usergroup joins?
if (isset($_POST['usergroup_join'])) {
foreach ($_POST['usergroup_join'] as $membership) {
sp_add_membership(sp_esc_int($membership), $thisUser);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser);
# output update message
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Memberships updated');
}
break;
case 'account-settings':
# update account settings
# check for password update
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (!empty($pass1) || !empty($pass2)) {
if ($pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter the same password in the two password fields');
return $message;
} else {
# update the password
$user = new stdClass();
$user->ID = (int) $thisUser;
$user->user_pass = $pass1;
wp_update_user(get_object_vars($user));
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
delete_user_meta($spThisUser->ID, 'sp_change_pw');
}
}
}
# now check the email is valid and unique
$update = apply_filters('sph_ProfileUserEmailUpdate', true);
if ($update) {
$curEmail = sp_filter_email_save($_POST['curemail']);
$email = sp_filter_email_save($_POST['email']);
if ($email != $curEmail) {
if (empty($email)) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter a valid email address');
return $message;
} elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = sp_text('The email address is already registered. Please choose another one');
return $message;
}
# save new email address
$sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser;
spdb_query($sql);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Account settings updated');
}
break;
case 'edit-profile':
# update profile settings
# validate any username change
$update = apply_filters('sph_ProfileUserDisplayNameUpdate', true);
if ($update) {
$spProfile = sp_get_option('sfprofile');
if ($spProfile['nameformat'] || $spThisUser->admin) {
$display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login');
$display_name = sp_filter_name_save($display_name);
# make sure display name isnt already used
if ($_POST['oldname'] != $display_name) {
$records = spdb_table(SFMEMBERS, "display_name='{$display_name}'");
if ($records) {
foreach ($records as $record) {
if ($record->user_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name');
return $message;
}
}
}
# validate display name
$errors = new WP_Error();
$user = new stdClass();
$user->display_name = $display_name;
sp_validate_display_name($errors, true, $user);
if ($errors->get_error_codes()) {
$message['type'] = 'error';
$message['text'] = sp_text('The display name you have chosen is not allowed on this site');
return $message;
}
# now save the display name
sp_update_member_item($thisUser, 'display_name', $display_name);
# Update new users list with changed display name
sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name);
# do we need to sync display name with wp?
$options = sp_get_member_item($thisUser, 'user_options');
if ($options['namesync']) {
spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser);
}
}
}
}
# save the url
$update = apply_filters('sph_ProfileUserWebsiteUpdate', true);
if ($update) {
$url = sp_filter_url_save($_POST['website']);
$sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser;
spdb_query($sql);
}
# update first name, last name, location and biorgraphy
$update = apply_filters('sph_ProfileUserFirstNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name'])));
}
$update = apply_filters('sph_ProfileUserLastNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name'])));
}
$update = apply_filters('sph_ProfileUserLocationUpdate', true);
if ($update) {
update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location'])));
}
$update = apply_filters('sph_ProfileUserBiographyUpdate', true);
if ($update) {
update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description']));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Profile settings updated');
}
break;
case 'edit-identities':
# update identity settings
# update the user identities
$update = apply_filters('sph_ProfileUserAIMUpdate', true);
if ($update) {
update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim'])));
}
$update = apply_filters('sph_ProfileUserYahooUpdate', true);
if ($update) {
update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim'])));
}
$update = apply_filters('sph_ProfileUserGoogleUpdate', true);
if ($update) {
update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber'])));
}
$update = apply_filters('sph_ProfileUserMSNUpdate', true);
if ($update) {
update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn'])));
}
$update = apply_filters('sph_ProfileUserICQUpdate', true);
if ($update) {
update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq'])));
}
$update = apply_filters('sph_ProfileUserSkypeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype'])));
}
$update = apply_filters('sph_ProfileUserFacebookUpdate', true);
if ($update) {
update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook'])));
}
$update = apply_filters('sph_ProfileUserMySpaceUpdate', true);
if ($update) {
update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace'])));
}
$update = apply_filters('sph_ProfileUserTwitterUpdate', true);
if ($update) {
update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter'])));
}
$update = apply_filters('sph_ProfileUserLinkedInUpdate', true);
if ($update) {
update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin'])));
}
$update = apply_filters('sph_ProfileUserYouTubeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube'])));
}
$update = apply_filters('sph_ProfileUserGooglePlusUpdate', true);
if ($update) {
update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus'])));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Identities updated');
}
break;
case 'avatar-upload':
# upload avatar
# did we get an avatar to upload?
if (empty($_FILES['avatar-upload']['name'])) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar filename was empty');
return $message;
}
# Verify the file extension
global $spPaths;
$uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/';
$filename = basename($_FILES['avatar-upload']['name']);
$path = pathinfo($filename);
$ext = strtolower($path['extension']);
if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed');
return $message;
}
# check image file mimetype
$mimetype = 0;
$mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']);
if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file is an invalid format');
return $message;
}
# make sure file extension and mime type actually match
if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the file mime type does not match file extension');
return $message;
}
# Clean up file name just in case
$filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name']));
$uploadfile = $uploaddir . $filename;
# check for existence
if (file_exists($uploadfile)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file already exists');
return $message;
}
# check file size against limit if provided
$spAvatars = sp_get_option('sfavatars');
if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size');
return $message;
}
# valid avatar, so try moving the uploaded file to the avatar storage directory
if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) {
@chmod("{$uploadfile}", 0644);
# do we need to resize?
$sfavatars = sp_get_option('sfavatars');
if ($sfavatars['sfavatarresize']) {
$editor = wp_get_image_editor($uploadfile);
if (is_wp_error($editor)) {
@unlink($uploadfile);
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, there was a problem resizing the avatar');
return $message;
} else {
$editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true);
$imageinfo = $editor->save($uploadfile);
$filename = $imageinfo['file'];
}
}
# update member avatar data
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['uploaded'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location');
return $message;
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Uploaded avatar updated');
}
break;
case 'avatar-pool':
# pool avatar
# get pool avatar name
$filename = sp_filter_filename_save($_POST['spPoolAvatar']);
# error if no pool avatar provided
if (empty($filename)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it');
return $message;
}
# save the pool avatar
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['pool'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Pool avatar updated');
}
break;
case 'avatar-remote':
# remote avatar
# get remote avatar name
$filename = sp_filter_url_save($_POST['spAvatarRemote']);
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['remote'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Remote avatar updated');
}
break;
case 'edit-signature':
# save signature
# Check if maxmium links has been exceeded
$numLinks = substr_count($_POST['postitem'], '</a>');
$spFilters = sp_get_option('sffilters');
if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('You are not allowed to put links in signatures');
return $message;
}
if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed');
return $message;
}
// $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem'])));
$sig = sp_filter_content_save($_POST['postitem'], 'edit');
sp_update_member_item($thisUser, 'signature', $sig);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Signature updated');
}
break;
case 'edit-photos':
# save photos
$photos = array();
$spProfileOptions = sp_get_option('sfprofile');
for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) {
$photos[$x] = sp_filter_url_save($_POST['photo' . $x]);
}
update_user_meta($thisUser, 'photos', $photos);
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Photos updated');
}
break;
case 'edit-global-options':
# save global options
$options = sp_get_member_item($thisUser, 'user_options');
$options['hidestatus'] = isset($_POST['hidestatus']) ? true : false;
$update = apply_filters('sph_ProfileUserSyncNameUpdate', true);
if ($update) {
$options['namesync'] = isset($_POST['namesync']) ? true : false;
}
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Global options updated');
}
break;
case 'edit-posting-options':
# save posting options
$update = apply_filters('sph_ProfileUserEditorUpdate', true);
if ($update) {
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['editor'])) {
$options['editor'] = sp_esc_int($_POST['editor']);
}
sp_update_member_item($thisUser, 'user_options', $options);
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Posting options updated');
}
break;
case 'edit-display-options':
# save display options
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['timezone'])) {
if (preg_match('/^UTC[+-]/', $_POST['timezone'])) {
# correct for manual UTC offets
$userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600;
} else {
# get timezone offset for user
$date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone']));
$userOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# get timezone offset for server based on wp settings
$wptz = get_option('timezone_string');
if (empty($wptz)) {
$serverOffset = get_option('gmt_offset');
} else {
$date_time_zone_selected = new DateTimeZone($wptz);
$serverOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# calculate time offset between user and server
$options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2);
$options['timezone_string'] = sp_esc_str($_POST['timezone']);
} else {
$options['timezone'] = 0;
$options['timezone_string'] = 'UTC';
}
if (isset($_POST['unreadposts'])) {
$sfcontrols = sp_get_option('sfcontrols');
$options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts'];
}
$options['topicASC'] = isset($_POST['topicASC']);
$options['postDESC'] = isset($_POST['postDESC']);
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Display options updated');
}
break;
default:
break;
}
# let plugins do their thing on success
$message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm);
do_action('sph_UpdateProfile', $thisUser, $thisForm);
# reset the plugin_data just in case
sp_reset_member_plugindata($thisUser);
# done saving - return the messages
return $message;
}
function sp_render_forum($content)
{
global $spIsForum, $spContentLoaded, $spVars, $spGlobals, $spThisUser, $spStatus;
# make sure we are at least in the html body before outputting any content
if (!sp_get_option('sfwpheadbypass') && !did_action('wp_head')) {
return '';
}
if ($spIsForum && !post_password_required(get_post(sp_get_option('sfpage')))) {
# Limit forum display to within the wp loop?
if (sp_get_option('sfinloop') && !in_the_loop()) {
return $content;
}
# Has forum content already been loaded and are we limiting?
if (!sp_get_option('sfmultiplecontent') && $spContentLoaded) {
return $content;
}
$spContentLoaded = true;
sp_set_server_timezone();
# offer a way for forum display to be short circuited but always show for admins unless an upgrade
$message = sp_abort_display_forum();
$content .= $message;
if (!empty($message) && (!$spThisUser->admin || $spStatus != 'ok')) {
return $content;
}
# process query arg actions
# check for edit operation. Need tp check for '_x' in case using mobile as buttin is an image
if (isset($_POST['editpost']) || isset($_POST['editpost_x'])) {
sp_save_edited_post();
}
if (isset($_POST['edittopic'])) {
sp_save_edited_topic();
}
if (isset($_POST['ordertopicpins'])) {
sp_promote_pinned_topic();
}
if (isset($_POST['makepostreassign'])) {
sp_reassign_post();
}
if (isset($_POST['approvepost'])) {
sp_approve_post(false, sp_esc_int($_POST['approvepost']), $spVars['topicid']);
}
if (isset($_POST['unapprovepost'])) {
sp_unapprove_post(sp_esc_int($_POST['unapprovepost']));
}
if (isset($_POST['doqueue'])) {
sp_remove_waiting_queue();
}
if (isset($_POST['notifyuser'])) {
sp_post_notification(sp_esc_str($_POST['sp_notify_user']), sp_esc_str($_POST['message']), sp_esc_int($_POST['postid']));
}
# move a topic and redirect to that topic
if (isset($_POST['maketopicmove'])) {
if (empty($_POST['forumid'])) {
sp_notify(1, sp_text('Destination forum not selected'));
return;
}
sp_move_topic();
$forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int(sp_esc_int($_POST['forumid'])), 'forum_slug');
$topicslug = spdb_table(SFTOPICS, 'topic_id=' . sp_esc_int(sp_esc_int($_POST['currenttopicid'])), 'topic_slug');
$returnURL = sp_build_url($forumslug, $topicslug, 0);
sp_redirect($returnURL);
}
# move a post and redirect to the post
if (isset($_POST['makepostmove1']) || isset($_POST['makepostmove2']) || isset($_POST['makepostmove3'])) {
sp_move_post();
if (isset($_POST['makepostmove1'])) {
$returnURL = sp_permalink_from_postid(sp_esc_int($_POST['postid']));
sp_redirect($returnURL);
}
}
# cancel a post move
if (isset($_POST['cancelpostmove'])) {
$meta = sp_get_sfmeta('post_move', 'post_move');
if ($meta) {
$id = $meta[0]['meta_id'];
sp_delete_sfmeta($id);
unset($spGlobals['post_move']);
}
}
# rebuild the forum and post indexes
if (isset($_POST['rebuildforum']) || isset($_POST['rebuildtopic'])) {
sp_build_post_index(sp_esc_int($_POST['topicid']), true);
sp_build_forum_index(sp_esc_int($_POST['forumid']), false);
}
# Set display mode if topic view (for editing posts)
if ($spVars['pageview'] == 'topic' && isset($_POST['postedit'])) {
$spVars['displaymode'] = 'edit';
$spVars['postedit'] = $_POST['postedit'];
} else {
$spVars['displaymode'] = 'posts';
}
# clean cache of timed our records
sp_clean_cache();
#--Scratch Pad Area---Please Leave Here---------
#--End Scratch Pad Area-------------------------
# let other plugins check for posted actions
do_action('sph_setup_forum');
# do we use output buffering?
$ob = sp_get_option('sfuseob');
if ($ob) {
ob_start();
}
# set up some stuff before wp page content
$content .= sp_display_banner();
$content = apply_filters('sph_before_wp_page_content', $content);
# run any other wp filters on page content but exclude ours
if (!$ob) {
remove_filter('the_content', 'sp_render_forum', 1);
$content = apply_filters('the_content', $content);
$content = wpautop($content);
add_filter('the_content', 'sp_render_forum', 1);
}
# set up some stuff after wp page content
$content = apply_filters('sph_after_wp_page_content', $content);
$content .= '<div id="dialogcontainer" style="display:none;"></div>';
$content .= sp_js_check();
# echo any wp page content
echo $content;
# now add our content
do_action('sph_before_template_processing');
sp_process_template();
do_action('sph_after_template_processing');
# Return if using output buffering
if ($ob) {
$forum = ob_get_contents();
ob_end_clean();
return $forum;
}
}
# not returning any content since we output it already unless password needed
if (post_password_required(get_post(sp_get_option('sfpage')))) {
return $content;
}
}
$Rev: 3818 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
# workaround function for php installs without exif. leave original function since this is slower.
if (!function_exists('exif_imagetype')) {
function exif_imagetype($filename)
{
if ((list($width, $height, $type, $attr) = @getimagesize(str_replace(' ', '%20', $filename))) !== false) {
return $type;
}
return false;
}
}
$uploaddir = sp_esc_str($_POST['saveloc']);
# Clean up file name just in case
$uploadfile = $uploaddir . sp_filter_filename_save(basename($_FILES['uploadfile']['name']));
# check image file mimetype
$mimetype = 0;
$mimetype = exif_imagetype($_FILES['uploadfile']['tmp_name']);
if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) {
echo 'invalid';
die;
}
# check for existence
if (file_exists($uploadfile)) {
echo 'exists';
die;
}
# check file size against limit if provided
function spa_save_content_data()
{
check_admin_referer('forum-adminform_content', 'forum-adminform_content');
$mess = spa_text('Options updated');
# Save Image resizing
$sfimage = array();
$sfimage = sp_get_option('sfimage');
$sfimage['enlarge'] = isset($_POST['sfimgenlarge']);
$sfimage['process'] = isset($_POST['process']);
$sfimage['constrain'] = isset($_POST['constrain']);
$sfimage['forceclear'] = isset($_POST['forceclear']);
$thumb = sp_esc_int($_POST['sfthumbsize']);
if ($thumb < 100) {
$thumb = 100;
$mess .= '<br />* ' . spa_text('Image thumbsize reset to minimum 100px');
}
$sfimage['thumbsize'] = $thumb;
$sfimage['style'] = sp_esc_str($_POST['style']);
sp_update_option('sfimage', $sfimage);
sp_update_option('sfdates', sp_filter_title_save(trim($_POST['sfdates'])));
sp_update_option('sftimes', sp_filter_title_save(trim($_POST['sftimes'])));
# link filters
$sffilters = array();
$sffilters['sfnofollow'] = isset($_POST['sfnofollow']);
$sffilters['sftarget'] = isset($_POST['sftarget']);
$sffilters['sffilterpre'] = isset($_POST['sffilterpre']);
$sffilters['sfdupemember'] = isset($_POST['sfdupemember']);
$sffilters['sfdupeguest'] = isset($_POST['sfdupeguest']);
$sffilters['sfurlchars'] = sp_esc_int($_POST['sfurlchars']);
$sffilters['sfmaxlinks'] = sp_esc_int($_POST['sfmaxlinks']);
if (empty($sffilters['sfmaxlinks'])) {
$sffilters['sfmaxlinks'] = 0;
}
$sffilters['sfmaxsmileys'] = sp_esc_int($_POST['sfmaxsmileys']);
if (empty($sffilters['sfmaxsmileys'])) {
$sffilters['sfmaxsmileys'] = 0;
}
$sffilters['sfnolinksmsg'] = sp_filter_text_save(trim($_POST['sfnolinksmsg']));
sp_update_option('sffilters', $sffilters);
spa_update_check_option('sffiltershortcodes');
sp_update_option('sfshortcodes', sp_filter_text_save(trim($_POST['sfshortcodes'])));
do_action('sph_option_content_save');
return $mess;
}
function sp_MemberListUsergroupSelect($args = '')
{
global $spMembersList;
if (empty($spMembersList->userGroups)) {
return;
}
if (!sp_get_auth('view_members_list')) {
return;
}
global $spMembersList;
$defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_MemberListUsergroupSelect_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$selectClass = esc_attr($selectClass);
$echo = (int) $echo;
$search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : '';
$search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search;
$ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : '';
$ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug;
$out = "<div id='{$tagId}' class='{$tagClass}'>";
$out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>";
$out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>";
foreach ($spMembersList->userGroups as $usergroup) {
$selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : '';
$out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>';
}
if (!empty($ug)) {
$out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>";
}
$out .= '</select>';
$out .= "</div>\n";
$out = apply_filters('sph_MemberListUsergroupSelect', $out, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
/*
Simple:Press
general ahah routines
$LastChangedDate: 2015-08-12 07:21:39 -0700 (Wed, 12 Aug 2015) $
$Rev: 13286 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
# get out of here if no action specified
if (empty($_GET['action'])) {
die;
}
$action = sp_esc_str($_GET['action']);
if ($action == 'page-popup') {
sp_text('Jump to page:');
$permalink = trailingslashit(sp_esc_str($_GET['url']));
$max = sp_esc_str($_GET['max']);
$out = '<div id="spMainContainer">';
$out .= '<form action="' . sp_url() . '" method="post" id ="pagejump" name="pagejump">' . "\n";
$out .= '<input type="hidden" id="url" name="url" value="' . $permalink . '" />' . "\n";
$out .= '<input type="hidden" id="max" name="max" value="' . $max . '" />' . "\n";
$out .= '<label>' . sp_text('Enter page you want to go to:') . '</label>';
$out .= '<input class="spSubmit" type="text" id="page" name="page" value="" />' . "\n";
$out .= '<div style="text-align:center"><p><input type="submit" class="spButton" name="pagejump" value="' . sp_text('Go') . '" onclick="spjPageJump(); return false;" /></p></div>';
$out .= '</form></div>' . "\n";
echo apply_filters('sph_jump_page', $out);
}
die;
function sp_og_meta()
{
global $spVars, $spPaths, $post;
$sfseo = sp_get_option('sfseo');
if ($sfseo['sfseo_og']) {
$mp = "\t<meta property=";
$out = "\n";
$out .= $mp . '"og:url" content="' . $spVars['seourl'] . '"/>' . "\n";
$out .= $mp . '"og:title" content="' . $spVars['seotitle'] . '"/>' . "\n";
$out .= $mp . '"og:site_name" content="' . get_option('blogname') . '"/>' . "\n";
$out .= $mp . '"og:description" content="' . $spVars['seodescription'] . '"/>' . "\n";
$out .= $mp . '"og:type" content="' . $sfseo['seo_og_type'] . '"/>' . "\n";
$out .= $mp . '"og:locale" content="' . get_locale() . '"/>' . "\n";
# image processing
$link = '';
if ($spVars['topicid'] && $sfseo['seo_og_attachment']) {
# Topic View
$link = apply_filters('sph_find_attachment', '');
}
# if no attachment then move on...
if (empty($link)) {
if (!empty($spVars['featureimage'])) {
$file = sp_esc_str($spVars['featureimage']);
$link = SF_STORE_URL . '/' . $spPaths['forum-images'] . '/' . $file;
} elseif (has_post_thumbnail($post->ID)) {
$thumbnail_src = wp_get_attachment_image_src(get_post_thumbnail_id($post->ID), 'large');
$link = $thumbnail_src[0];
if (!preg_match('/^https?:\\/\\//', $link)) {
$link = site_url('/') . ltrim($link, '/');
}
}
}
if ($link) {
$out .= $mp . '"og:image" content="' . $link . '"/>' . "\n";
}
echo $out . "\n";
}
}
function sp_topic_delete()
{
sp_delete_topic(sp_esc_int($_GET['killtopic']), sp_esc_int($_GET['killtopicforum']), false);
$view = sp_esc_str($_GET['view']);
if ($view == 'topic') {
$forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int($_GET['killtopicforum']), 'forum_slug');
$returnURL = sp_build_url($forumslug, '', 0);
echo $returnURL;
} else {
if ($_GET['count'] == 1) {
$forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int($_GET['killtopicforum']), 'forum_slug');
$page = sp_esc_int($_GET['page']);
if ($page == 1) {
$returnURL = sp_build_url($forumslug, '', 0);
} else {
$page = $page - 1;
$returnURL = sp_build_url($forumslug, '', $page);
}
echo $returnURL;
}
}
die;
}
function sp_spamcheck()
{
$spamcheck = array();
$spamcheck[0] = false;
# Check dummy input field
if (array_key_exists('url', $_POST)) {
if (!empty($_POST['url'])) {
$spamcheck[0] = true;
$spamcheck[1] = sp_text('Form not filled by human hands!');
return $spamcheck;
}
}
# Check math question
$uKey = sp_get_option('spukey');
$correct = sp_esc_str($_POST[$uKey . '2']);
$test = sp_esc_str($_POST[$uKey . '1']);
$test = preg_replace('/[^0-9]/', '', $test);
if ($test == '') {
$spamcheck[0] = true;
$spamcheck[1] = sp_text('No answer was given to the math question');
return $spamcheck;
}
# Add name of the weblog:
$test .= get_bloginfo('name');
# Add date:
$test .= date('j') . date('ny');
# Get MD5 and reverse it
$enc = strrev(md5($test));
# Get only a few chars out of the string
$enc = substr($enc, 26, 1) . substr($enc, 10, 1) . substr($enc, 23, 1) . substr($enc, 3, 1) . substr($enc, 19, 1);
if ($enc != $correct) {
$spamcheck[0] = true;
$spamcheck[1] = sp_text('The answer to the math question was incorrect');
return $spamcheck;
}
return $spamcheck;
}
function sp_move_post()
{
global $spVars, $spGlobals, $spThisUser;
# extract data from POST
$postid = sp_esc_int($_POST['postid']);
$oldtopicid = sp_esc_int($_POST['oldtopicid']);
$oldforumid = sp_esc_int($_POST['oldforumid']);
$action = sp_esc_str($_POST['moveop']);
# determine op type - new or exsiting topic
if (isset($_POST['makepostmove1']) || isset($_POST['makepostmove3'])) {
# new topic move or exsiting topic move called from notification
# extract data from POST
$newforumid = sp_esc_int($_POST['forumid']);
if (!sp_get_auth('move_posts', $oldforumid) || !sp_get_auth('move_posts', $newforumid)) {
if (!is_user_logged_in()) {
$msg = sp_text('Access denied - are you logged in?');
} else {
$msg = sp_text('Access denied - you do not have permission');
}
sp_notify(SPFAILURE, $msg);
return;
}
if (empty($newforumid)) {
sp_notify(SPFAILURE, sp_text('Post move abandoned as no forum was selected'));
return;
}
if (isset($_POST['makepostmove1'])) {
# create new topic for a new topic post move only
$newtopicname = sp_filter_title_save(trim($_POST['newtopicname']), SFTOPICS, 'topic_name');
if (empty($newtopicname)) {
sp_notify(SPFAILURE, sp_text('Post move abandoned as no topic was defined'));
return;
}
# start with creating the new topic
$newtopicslug = sp_create_slug($newtopicname, true, SFTOPICS, 'topic_slug');
# now create the topic and post records
$sql = 'INSERT INTO ' . SFTOPICS . "\n\t\t\t\t (topic_name, topic_slug, topic_date, forum_id, post_count, post_id, post_count_held, post_id_held)\n\t\t\t\t VALUES\n\t\t\t\t ('{$newtopicname}', '{$newtopicslug}', now(), {$newforumid}, 1, {$postid}, 1, {$postid});";
if (spdb_query($sql) == false) {
sp_notify(SPFAILURE, sp_text('Post move failed'));
return;
}
$newtopicid = $spVars['insertid'];
# check the topic slug and if empty use the topic id
if (empty($newtopicslug)) {
$newtopicslug = 'topic-' . $newtopicid;
$thistopic = spdb_query('UPDATE ' . SFTOPICS . " SET\n\t\t\t\t\t\t\t\t\t\ttopic_slug='{$newtopicslug}'\n\t\t\t\t\t\t\t\t\t\tWHERE topic_id={$newtopicid}");
}
} else {
# it's a re-entry
$newtopicid = sp_esc_int($_POST['newtopicid']);
}
# Now determine the list of post ids to move
$posts = array();
switch ($action) {
case 'single':
$posts[] = $postid;
break;
case 'tostart':
$sql = "SELECT post_id FROM " . SFPOSTS . " WHERE topic_id = {$oldtopicid} AND post_id <= {$postid}";
$posts = spdb_select('col', $sql);
break;
case 'toend':
$sql = "SELECT post_id FROM " . SFPOSTS . " WHERE topic_id = {$oldtopicid} AND post_id >= {$postid}";
$posts = spdb_select('col', $sql);
break;
case 'select':
$idlist = sp_esc_str(trim($_POST['idlist'], ","));
if (empty($idlist)) {
$posts[] = $postid;
} else {
$where = "topic_id = {$oldtopicid} AND post_index IN ({$idlist})";
$sql = "SELECT post_id FROM " . SFPOSTS . " WHERE topic_id = {$oldtopicid} AND post_index IN ({$idlist})";
$posts = spdb_select('col', $sql);
}
break;
}
if (empty($posts)) {
sp_notify(SPFAILURE, sp_text('Post move abandoned as no posts were selected'));
return;
}
# loop through and update post records and other housekeeping
foreach ($posts as $post) {
# update post record
$sql = 'UPDATE ' . SFPOSTS . " SET\n\t\t\t\t \ttopic_id={$newtopicid},\n\t\t\t\t \tforum_id={$newforumid},\n\t\t\t\t \tpost_status=0\n\t\t\t\t \tWHERE post_id={$post}";
spdb_query($sql);
# update post if in sfwaiting
spdb_query("UPDATE " . SFWAITING . " SET forum_id={$newforumid}, topic_id={$newtopicid} WHERE post_id={$post}");
# notify author of move
$thisPost = spdb_table(SFPOSTS, "post_id={$post}", 'row');
$sfadminsettings = sp_get_option('sfadminsettings');
if ($sfadminsettings['movenotice'] && $spThisUser->ID != $thisPost->user_id) {
$nData = array();
$nData['user_id'] = $thisPost->user_id;
$nData['guest_email'] = $thisPost->guest_email;
$nData['post_id'] = $post;
$nData['link'] = sp_permalink_from_postid($post);
$nData['link_text'] = spdb_table(SFTOPICS, "topic_id={$thisPost->topic_id}", 'topic_name');
$nData['message'] = sp_text('A post of yours was moved to');
$nData['expires'] = time() + 30 * 24 * 60 * 60;
# 30 days; 24 hours; 60 mins; 60secs
sp_add_notice($nData);
}
}
# flush and rebuild topic cache (since one or more posts approved)
sp_rebuild_topic_cache();
# rebuild indexing on target topic and forum
sp_build_post_index($newtopicid);
sp_build_forum_index($newforumid);
# determine if any posts left in old topic - just in case - delete or reindex
$sql = "SELECT post_id FROM " . SFPOSTS . " WHERE topic_id = {$oldtopicid}";
$posts = spdb_select('col', $sql);
if (empty($posts)) {
spdb_query("DELETE FROM " . SFTOPICS . " WHERE topic_id=" . $oldtopicid);
} else {
sp_build_post_index($oldtopicid);
sp_build_forum_index($oldforumid);
}
do_action('sph_move_post', $oldtopicid, $newtopicid, $newforumid, $oldforumid, $postid, $spThisUser->ID);
sp_notify(SPSUCCESS, sp_text('Post moved'));
} elseif (isset($_POST['makepostmove2'])) {
# must be a move to an exisiting topic action
sp_add_sfmeta('post_move', 'post_move', $_POST, true);
}
if (isset($_POST['makepostmove3'])) {
# if a re-entry for move to exisiting - clear the sfmeta record
$meta = sp_get_sfmeta('post_move', 'post_move');
if ($meta) {
$id = $meta[0]['meta_id'];
sp_delete_sfmeta($id);
unset($spGlobals['post_move']);
}
}
}
function spa_save_login_data()
{
check_admin_referer('forum-adminform_login', 'forum-adminform_login');
# login
$sflogin = sp_get_option('sflogin');
$sflogin['sfregmath'] = isset($_POST['sfregmath']);
if (!empty($_POST['sfloginurl'])) {
$sflogin['sfloginurl'] = sp_filter_save_cleanurl($_POST['sfloginurl']);
} else {
$sflogin['sfloginurl'] = '';
}
if (!empty($_POST['sflogouturl'])) {
$sflogin['sflogouturl'] = sp_filter_save_cleanurl($_POST['sflogouturl']);
} else {
$sflogin['sflogouturl'] = '';
}
if (!empty($_POST['sfregisterurl'])) {
$sflogin['sfregisterurl'] = sp_filter_save_cleanurl($_POST['sfregisterurl']);
} else {
$sflogin['sfregisterurl'] = '';
}
if (!empty($_POST['sfloginemailurl'])) {
$sflogin['sfloginemailurl'] = sp_filter_save_cleanurl($_POST['sfloginemailurl']);
} else {
$sflogin['sfloginemailurl'] = esc_url(wp_login_url(sp_url()));
}
if (!empty($_POST['sptimeout'])) {
$timeout = sp_esc_int($_POST['sptimeout']);
}
if (!$timeout) {
$timeout = 20;
}
$sflogin['sptimeout'] = $timeout;
sp_update_option('sflogin', $sflogin);
# RPX support
$sfrpx = sp_get_option('sfrpx');
$oldrpx = $sfrpx['sfrpxenable'];
$sfrpx['sfrpxenable'] = isset($_POST['sfrpxenable']);
$sfrpx['sfrpxkey'] = sp_esc_str($_POST['sfrpxkey']);
$sfrpx['sfrpxredirect'] = sp_filter_save_cleanurl($_POST['sfrpxredirect']);
# change in RPX support?
if (!$oldrpx && $sfrpx['sfrpxenable']) {
include_once SPBOOT . 'site/credentials/sp-rpx.php';
$post_data = array('apiKey' => $_POST['sfrpxkey'], 'format' => 'json');
$raw = sp_rpx_http_post('https://rpxnow.com/plugin/lookup_rp', $post_data);
$r = sp_rpx_parse_lookup_rp($raw);
if ($r) {
$sfrpx['sfrpxrealm'] = $r['realm'];
} else {
$mess = spa_text('Error in RPX API data!');
return $mess;
}
}
sp_update_option('sfrpx', $sfrpx);
do_action('sph_component_login_save');
$mess = spa_text('Login and registration component updated');
return $mess;
}
function sp_build_search_vars($stuff)
{
global $spVars;
if (isset($_GET['forum'])) {
# means searching all
$spVars['forumslug'] = sp_esc_str($_GET['forum']);
} else {
# searching single forum
if (!empty($stuff[1])) {
$spVars['forumslug'] = $stuff[1];
}
# (2) topic
if (!empty($stuff[2])) {
$parts = explode('&', $stuff[2]);
$spVars['topicslug'] = $parts[0];
}
}
}
/*
Simple:Press
Admin Help
$LastChangedDate: 2014-10-20 07:38:39 -0700 (Mon, 20 Oct 2014) $
$Rev: 12009 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
spa_admin_ahah_support();
if (!isset($_GET['file'])) {
die;
}
$file = sp_esc_str($_GET['file']);
$tag = sp_esc_str($_GET['item']);
$tag = '[' . $tag . ']';
$folder = 'panels/';
# Formatting and Display of Help Panel
$helptext = wpautop(sp_retrieve_help($file, $tag, $folder), false);
echo '<div class="sfhelptext">';
echo '<div class="sfhelptag"><p>' . sp_convert_tag($tag) . '</p></div>';
echo '<fieldset>';
echo $helptext;
echo '</fieldset>';
echo '<div class="sfhelptextlogo">';
echo '<img src="' . SFCOMMONIMAGES . 'sp-small-megaphone.png" alt="" title="" />';
echo '</div></div>';
die;
function sp_retrieve_help($file, $tag, $folder)
{
# Set data items needed for initial needed permission checks -----------------------
if (isset($_POST['action'])) {
$p->action = $_POST['action'];
}
if (isset($_POST['forumid'])) {
$p->newpost['forumid'] = sp_esc_int($_POST['forumid']);
}
if (isset($_POST['forumslug'])) {
$p->newpost['forumslug'] = sp_esc_str($_POST['forumslug']);
}
if ($p->action == 'post') {
if (isset($_POST['topicid'])) {
$p->newpost['topicid'] = sp_esc_int($_POST['topicid']);
}
if (isset($_POST['topicslug'])) {
$p->newpost['topicslug'] = sp_esc_str($_POST['topicslug']);
}
}
# Anti-spam-bot/human checks come first ------------------------------------------------------
$p->validateHuman($_POST);
if ($p->abort) {
# it the checks fail then just die.
die;
}
# Permission checks on forum data --------------------------------------------------
$p->validatePermission();
if ($p->abort) {
sp_notify(1, $p->message);
wp_redirect($p->returnURL);
die;
}
