public static function createLink($params)
{
$structure = array();
$structure['url'] = $params[0];
$structure['width'] = $params[1];
$structure['height'] = $params[2];
$structure['icon'] = str_replace('eyeos/extern/', 'index.php?extern=', $params[5]);
$structure['openInNewWindow'] = $params[6];
$structure['type'] = 'web';
$linkName = utf8_basename($params[3]);
$info = pathinfo($linkName);
if (!isset($info['extension']) || $info['extension'] != 'lnk') {
$linkName .= '.lnk';
}
$path = $params[4];
$text = json_encode($structure);
$linkName = str_replace('?', '_', $linkName);
$linkName = str_replace('#', '_', $linkName);
$newFile = FSI::getFile($path . '/' . $linkName);
$newFile->createNewFile();
$newFile->putContents($text);
$currentUser = ProcManager::getInstance()->getCurrentProcess()->getLoginContext()->getEyeosUser();
$settings = MetaManager::getInstance()->retrieveMeta($currentUser);
//TODO: better message?
$message = new ClientBusMessage('file', 'uploadComplete', self::getFileInfo($newFile, $settings));
ClientMessageBusController::getInstance()->queueMessage($message);
}
/**
* Fetch the an ID from request
*
* Uses either standard $_REQUEST variable or extracts it from
* the full request URI when userewrite is set to 2
*
* For $param='id' $conf['start'] is returned if no id was found.
* If the second parameter is true (default) the ID is cleaned.
*
* @author Andreas Gohr <*****@*****.**>
*/
function getID($param = 'id', $clean = true)
{
global $INPUT;
global $conf;
$id = $INPUT->str($param);
//construct page id from request URI
if (empty($id) && $conf['userewrite'] == 2) {
$request = $_SERVER['REQUEST_URI'];
$script = '';
//get the script URL
if ($conf['basedir']) {
$relpath = '';
if ($param != 'id') {
$relpath = 'lib/exe/';
}
$script = $conf['basedir'] . $relpath . utf8_basename($_SERVER['SCRIPT_FILENAME']);
} elseif ($_SERVER['PATH_INFO']) {
$request = $_SERVER['PATH_INFO'];
} elseif ($_SERVER['SCRIPT_NAME']) {
$script = $_SERVER['SCRIPT_NAME'];
} elseif ($_SERVER['DOCUMENT_ROOT'] && $_SERVER['SCRIPT_FILENAME']) {
$script = preg_replace('/^' . preg_quote($_SERVER['DOCUMENT_ROOT'], '/') . '/', '', $_SERVER['SCRIPT_FILENAME']);
$script = '/' . $script;
}
//clean script and request (fixes a windows problem)
$script = preg_replace('/\\/\\/+/', '/', $script);
$request = preg_replace('/\\/\\/+/', '/', $request);
//remove script URL and Querystring to gain the id
if (preg_match('/^' . preg_quote($script, '/') . '(.*)/', $request, $match)) {
$id = preg_replace('/\\?.*/', '', $match[1]);
}
$id = urldecode($id);
//strip leading slashes
$id = preg_replace('!^/+!', '', $id);
}
// Namespace autolinking from URL
if (substr($id, -1) == ':' || $conf['useslash'] && substr($id, -1) == '/') {
if (page_exists($id . $conf['start'])) {
// start page inside namespace
$id = $id . $conf['start'];
} elseif (page_exists($id . noNS(cleanID($id)))) {
// page named like the NS inside the NS
$id = $id . noNS(cleanID($id));
} elseif (page_exists($id)) {
// page like namespace exists
$id = substr($id, 0, -1);
} else {
// fall back to default
$id = $id . $conf['start'];
}
send_redirect(wl($id, '', true));
}
if ($clean) {
$id = cleanID($id);
}
if (empty($id) && $param == 'id') {
$id = $conf['start'];
}
return $id;
}
function test1()
{
$data = array(array('/this/foo/bar.test.png', '', 'bar.test.png'), array('\\this\\foo\\bar.test.png', '', 'bar.test.png'), array('/this\\foo/bar.test.png', '', 'bar.test.png'), array('/this/foo\\bar.test.png', '', 'bar.test.png'), array('/this/ДокуВики/bar.test.png', '', 'bar.test.png'), array('\\this\\ДокуВики\\bar.test.png', '', 'bar.test.png'), array('/this\\ДокуВики/bar.test.png', '', 'bar.test.png'), array('/this/ДокуВики\\bar.test.png', '', 'bar.test.png'), array('/this/foo/ДокуВики.test.png', '', 'ДокуВики.test.png'), array('\\this\\foo\\ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this\\foo/ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this/foo\\ДокуВики.test.png', '', 'ДокуВики.test.png'), array('/this/foo/bar.test.png', '.png', 'bar.test'), array('\\this\\foo\\bar.test.png', '.png', 'bar.test'), array('/this\\foo/bar.test.png', '.png', 'bar.test'), array('/this/foo\\bar.test.png', '.png', 'bar.test'), array('/this/ДокуВики/bar.test.png', '.png', 'bar.test'), array('\\this\\ДокуВики\\bar.test.png', '.png', 'bar.test'), array('/this\\ДокуВики/bar.test.png', '.png', 'bar.test'), array('/this/ДокуВики\\bar.test.png', '.png', 'bar.test'), array('/this/foo/ДокуВики.test.png', '.png', 'ДокуВики.test'), array('\\this\\foo\\ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this\\foo/ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this/foo\\ДокуВики.test.png', '.png', 'ДокуВики.test'), array('/this/foo/bar.test.png', '.foo', 'bar.test.png'), array('\\this\\foo\\bar.test.png', '.foo', 'bar.test.png'), array('/this\\foo/bar.test.png', '.foo', 'bar.test.png'), array('/this/foo\\bar.test.png', '.foo', 'bar.test.png'), array('/this/ДокуВики/bar.test.png', '.foo', 'bar.test.png'), array('\\this\\ДокуВики\\bar.test.png', '.foo', 'bar.test.png'), array('/this\\ДокуВики/bar.test.png', '.foo', 'bar.test.png'), array('/this/ДокуВики\\bar.test.png', '.foo', 'bar.test.png'), array('/this/foo/ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('\\this\\foo\\ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this\\foo/ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this/foo\\ДокуВики.test.png', '.foo', 'ДокуВики.test.png'), array('/this/foo/ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('\\this\\foo\\ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this\\foo/ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this/foo\\ДокуВики.test.Вик', '.foo', 'ДокуВики.test.Вик'), array('/this/foo/ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('\\this\\foo\\ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('/this\\foo/ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('/this/foo\\ДокуВики.test.Вик', '.Вик', 'ДокуВики.test'), array('bar.test.png', '', 'bar.test.png'), array('bar.test.png', '.png', 'bar.test'), array('/bar.test.png', '', 'bar.test.png'), array('/bar.test.png', '.png', 'bar.test'), array('\\bar.test.png', '', 'bar.test.png'), array('\\bar.test.png', '.png', 'bar.test'), array('\\/bar.test.png', '', 'bar.test.png'), array('\\/bar.test.png', '.png', 'bar.test'), array('/\\bar.test.png', '', 'bar.test.png'), array('/\\bar.test.png', '.png', 'bar.test'), array('foo/', '', 'foo'), array('foo\\', '', 'foo'), array('foo\\/', '', 'foo'), array('foo/\\', '', 'foo'), array('foo.png/', '.png', 'foo'), array('foo.png\\', '.png', 'foo'), array('foo.png\\/', '.png', 'foo'), array('foo.png/\\', '.png', 'foo'));
foreach ($data as $test) {
$this->assertEquals($test[2], utf8_basename($test[0], $test[1]), "input: ('" . $test[0] . "', '" . $test[1] . "')");
}
}
/**
* Attach a file
*
* @param string $path Path to the file to attach
* @param string $mime Mimetype of the attached file
* @param string $name The filename to use
* @param string $embed Unique key to reference this file from the HTML part
*/
public function attachFile($path, $mime, $name = '', $embed = '')
{
if (!$name) {
$name = utf8_basename($path);
}
$this->attach[] = array('data' => file_get_contents($path), 'mime' => $mime, 'name' => $name, 'embed' => $embed);
}
private static function loadModule($moduleName)
{
$path = FRAMEWORK_APPLICATION_EXECUTABLES_EYEOSMODULES_PATH . '/' . utf8_basename($moduleName) . '.php';
if (!is_file($path) || !is_readable($path)) {
throw new EyeFileNotFoundException('File not found or not readable for module "' . $moduleName . '".');
}
require $path;
}
public function userCreated(UMEvent $e)
{
if ($e->getSource() instanceof AbstractEyeosUser) {
$userDirPath = UMManager::getEyeosUserDirectory($e->getSource()->getName());
$skel = utf8_basename($e->getSkel());
AdvancedPathLib::cpdirs(SYSTEM_SKEL_PATH . '/' . USERS_DIR . '/profiles/' . $skel . '/skel_files/', $userDirPath, false);
ProfileManager::executeProfile(new Profile($skel), $e->getSource());
}
}
/**
* @param string $zip Full path to the zip package
* @param string $new_dir_name name of the directory you want to use in the zip package (leave blank if the initial steps have been run already)
*/
public function __construct($original_zip, $new_dir_name = '')
{
$this->original_zip = $original_zip;
if ($new_dir_name) {
$this->new_dir_name = utf8_basename($new_dir_name);
$this->unzip_dir = titania::$config->contrib_temp_path . $this->new_dir_name . '/';
// Unzippage
$this->extract($this->original_zip, $this->unzip_dir);
}
}
public static function executeProfile(Profile $profile, AbstractEyeosUser $user)
{
$path = SYSTEM_SKEL_PATH . '/' . USERS_DIR . '/profiles/' . utf8_basename($profile->getName()) . '/scripts/';
$directory = new DirectoryIterator($path);
foreach ($directory as $fileInfo) {
$fileInfoName = $fileInfo->getFileName();
if (!$fileInfo->isDot() && $fileInfoName != '.svn') {
require_once $path . $fileInfoName;
}
}
}
/**
* Remote upload method
* Uploads file from given url
*
* @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif
* @return filespec $file Object "filespec" is returned, all further operations can be done with this object
* @access public
*/
protected function remote_upload($upload_url)
{
$upload_ary = array();
$upload_ary['local_mode'] = true;
if (!preg_match('#^(https?://).*?\\.(' . implode('|', $this->upload->allowed_extensions) . ')$#i', $upload_url, $match)) {
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'URL_INVALID'));
}
$url = parse_url($upload_url);
$upload_ary['type'] = 'application/octet-stream';
$url['path'] = explode('.', $url['path']);
$ext = array_pop($url['path']);
$url['path'] = implode('', $url['path']);
$upload_ary['name'] = utf8_basename($url['path']) . ($ext ? '.' . $ext : '');
$remote_max_filesize = $this->get_max_file_size();
$guzzle_options = ['timeout' => $this->upload->upload_timeout, 'connect_timeout' => $this->upload->upload_timeout, 'verify' => !empty($this->config['remote_upload_verify']) ? (bool) $this->config['remote_upload_verify'] : false];
$client = new \GuzzleHttp\Client($guzzle_options);
try {
$response = $client->get($upload_url, $guzzle_options);
} catch (\GuzzleHttp\Exception\ClientException $clientException) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'URL_NOT_FOUND');
} catch (\GuzzleHttp\Exception\RequestException $requestException) {
if (strpos($requestException->getMessage(), 'cURL error 28') !== false || preg_match('/408|504/', $requestException->getCode())) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'REMOTE_UPLOAD_TIMEOUT');
} else {
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED'));
}
} catch (\Exception $e) {
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED'));
}
$content_length = $response->getBody()->getSize();
if ($remote_max_filesize && $content_length > $remote_max_filesize) {
$max_filesize = get_formatted_filesize($remote_max_filesize, false);
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit']));
}
if ($content_length == 0) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'EMPTY_REMOTE_DATA');
}
$data = $response->getBody();
$filename = tempnam(sys_get_temp_dir(), unique_id() . '-');
if (!($fp = @fopen($filename, 'wb'))) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'NOT_UPLOADED');
}
$upload_ary['size'] = fwrite($fp, $data);
fclose($fp);
unset($data);
$upload_ary['tmp_name'] = $filename;
/** @var filespec $file */
$file = $this->factory->get('filespec')->set_upload_ary($upload_ary)->set_upload_namespace($this->upload);
$this->upload->common_checks($file);
return $file;
}
/**
* Returns information about a file path
*
* @author Lars Knickrehm <*****@*****.**>
* @category Library
* @copyright Copyright © 2009 Lars Knickrehm
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License
* @link http://php.net/manual/function.pathinfo.php
* @package UTF-8
* @param string $path The path being checked.
* @return array The following associative array elements are returned: dirname, basename, extension (if any), and filename.
* @since Version 0.5.0
* @version 0.5.0
*/
function utf8_pathinfo($path)
{
$return['dirname'] = dirname($path);
$return['basename'] = utf8_basename($path);
$position = utf8_strrpos($return['basename'], '.');
if ($position !== false) {
$return['extension'] = utf8_substr($return['basename'], $position + 1);
$return['filename'] = $return['basename'];
$return['filename'] = utf8_substr($return['filename'], 0, $position);
} else {
$return['filename'] = $return['basename'];
}
return $return;
}
public function getIcons($params)
{
$cat = utf8_basename($params[0]);
$size = utf8_basename($params[1]);
$icons = array();
if ($handle = opendir('extern/images/' . $size . '/' . $cat)) {
while (false !== ($file = readdir($handle))) {
if ($file[0] != '.') {
$icons[] = $file;
}
}
closedir($handle);
}
return $icons;
}
/**
* @param array $files array filled with array(string filename, string data)
* @param bool $compact
* @return array
*/
function Add($files, $compact)
{
if (!is_array($files[0])) {
$files = array($files);
}
$ret = array();
for ($i = 0; $files[$i]; $i++) {
$fn = $files[$i];
if (!in_Array(dirname($fn[0]), $this->dirs)) {
$this->add_Dir(dirname($fn[0]));
}
if (utf8_basename($fn[0])) {
$ret[utf8_basename($fn[0])] = $this->add_File($fn[1], $fn[0], $compact);
}
}
return $ret;
}
/**
* Send the wanted code block to the browser
*
* When the correct block was found it exits the script.
*/
function code($text, $language = NULL, $filename = '')
{
global $INPUT;
if (!$language) {
$language = 'txt';
}
if (!$filename) {
$filename = 'snippet.' . $language;
}
$filename = utf8_basename($filename);
if ($this->_codeblock == $INPUT->str('codeblock')) {
header("Content-Type: text/plain; charset=utf-8");
header("Content-Disposition: attachment; filename={$filename}");
header("X-Robots-Tag: noindex");
echo trim($text, "\r\n");
exit;
}
$this->_codeblock++;
}
/**
* Sync attachments
*/
public function attachments($mode, $attachment_id = false)
{
switch ($mode) {
case 'hash':
$sql = 'SELECT * FROM ' . TITANIA_ATTACHMENTS_TABLE . ($attachment_id !== false ? ' WHERE attachment_id = ' . (int) $attachment_id : '');
$result = phpbb::$db->sql_query($sql);
while ($row = phpbb::$db->sql_fetchrow($result)) {
$file = titania::$config->upload_path . utf8_basename($row['attachment_directory']) . '/' . utf8_basename($row['physical_filename']);
$md5 = md5_file($file);
if ($md5 != $row['hash']) {
$sql = 'UPDATE ' . TITANIA_ATTACHMENTS_TABLE . '
SET hash = \'' . phpbb::$db->sql_escape($md5) . '\'
WHERE attachment_id = ' . $row['attachment_id'];
phpbb::$db->sql_query($sql);
}
}
phpbb::$db->sql_freeresult($result);
break;
}
}
public static function getFile($params)
{
$hash = utf8_basename($params[0]);
$num = utf8_basename(intval($params[1]));
$thubnail = $params[2];
$to = 'home:///';
//then, check the destination file
$myFileDest = FSI::getFile($to);
$myFileDest->checkWritePermission();
$myRealFile = $myFileDest->getRealFile();
$fileNameDestination = AdvancedPathLib::getPhpLocalHackPath($myRealFile->getPath());
header('Content-Type: image/jpeg');
if (!$thubnail) {
readfile($fileNameDestination . '/.office/' . $hash . '/' . $hash . '-' . $num . '.jpg');
} else {
session_write_close();
require_once 'system/Frameworks/Applications/Executables/EyeosModules/FileSystemExecModule.php';
FileSystemExecModule::getScaledImage(array('maxWidth' => '150', 'path' => $fileNameDestination . '/.office/' . $hash . '/' . $hash . '-' . $num . '.jpg'));
}
exit;
}
/**
*
* @param string $handlerId The ID of the handler to return (e.g. "SQL/EyeosDAO").
* @param IStorageHandler
*/
public function getHandler($handlerId, array $params = null)
{
//TODO need a resolution of the ID here (remove leading slashes, ".." occurrences, etc.)
if (!isset($this->handlers[$handlerId])) {
if (!is_file(SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php')) {
throw new EyeFileNotFoundException(SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php');
}
require SERVICE_STORAGE_HANDLERS_PATH . '/' . $handlerId . '.php';
$this->handlers[$handlerId] = utf8_basename($handlerId, '.php');
}
$className = $this->handlers[$handlerId];
try {
$obj = new $className($params);
if ($obj === false) {
throw new EyeBadMethodCallException('Unable to create instance of class ' . $className);
}
} catch (Exception $e) {
throw new EyeRuntimeException('Unable to create instance of the security manager class ' . $className, 0, $e);
}
return $obj;
}
public function check_friends($event)
{
$context = new RequestContext();
$context->fromRequest($this->symfony_request);
$baseUrl = generate_board_url(true) . $context->getBaseUrl();
$scriptName = $this->symfony_request->getScriptName();
$scriptName = substr($scriptName, -1, 1) == '/' ? '' : utf8_basename($scriptName);
if ($scriptName != '') {
$baseUrl = str_replace('/' . $scriptName, '', $baseUrl);
}
$user_id = $event['member']['user_id'];
$sender_id = $this->user->data['user_id'];
$request = $this->friends_model->get_request_by_sender_id($sender_id);
$check_friend = $this->friends_model->check_friend(array('user_id' => $this->user->data['user_id'], 'friend_id' => $user_id));
$check_request = $this->friends_model->check_request(array('user_id' => $user_id, 'sender_id' => $this->user->data['user_id']));
$check_request_confirm = $this->friends_model->check_request(array('user_id' => $this->user->data['user_id'], 'sender_id' => $user_id));
$check_widget = true;
if ($user_id == $this->user->data['user_id']) {
$check_widget = false;
}
$this->template->assign_vars(array('U_USER_ID' => $user_id, 'U_CHECK_FRIEND' => $check_friend, 'U_CHECK_REQUEST' => $check_request, 'U_CHECK_REQUEST_CONFIRM' => $check_request_confirm, 'U_CHECK_WIDGET' => $check_widget, 'U_REQUEST_ID' => $request['request_id'], 'BASE_URL' => $baseUrl));
}
/**
* Send the wanted code block to the browser
*
* When the correct block was found it exits the script.
*/
function code($text, $language = null, $filename = '')
{
global $INPUT;
if (!$language) {
$language = 'txt';
}
if (!$filename) {
$filename = 'snippet.' . $language;
}
$filename = utf8_basename($filename);
$filename = utf8_stripspecials($filename, '_');
// send CRLF to Windows clients
if (strpos($INPUT->server->str('HTTP_USER_AGENT'), 'Windows') !== false) {
$text = str_replace("\n", "\r\n", $text);
}
if ($this->_codeblock == $INPUT->str('codeblock')) {
header("Content-Type: text/plain; charset=utf-8");
header("Content-Disposition: attachment; filename={$filename}");
header("X-Robots-Tag: noindex");
echo trim($text, "\r\n");
exit;
}
$this->_codeblock++;
}
/**
* Finds pathnames matching a pattern.
* Note: This function does not return hidden files (.*) under *NIX with default pattern (*)
*
* @see glob() in PHP manual
* @param string $path
* @param mixed $pattern A simple string or an array of strings representing the patterns.
* @param int $flags
* GLOB_ONLY_DIR: Set it to retrieve directories only.<br />
* GLOB_DIR_IGNORE_PATTERN: Set it to apply given $pattern on files only, and retrieve all directories.<br />
* GLOB_DIR_FIRST: Set it to force placing directories first in the returned list.<br />
* GLOB_RETURN_SIMPLE_PATH: Set it to force returning a simple path (from the root) instead of a URL.<br />
* GLOB_CASEINSENSITIVE: Set it to apply given $pattern in a case insensitive way.<br />
* GLOB_FORCE_SCANDIR: Set it to force direct use of scandir() instead of glob().
* @return array(string)
*/
public static function glob($path, $pattern = self::WILDCARD_CHAR, $flags = self::GLOB_NORMAL)
{
if (!is_string($path)) {
throw new EyeInvalidArgumentException('$path must be a string (given: ' . gettype($pattern) . ').');
}
if (!is_string($pattern) && !is_array($pattern)) {
throw new EyeInvalidArgumentException('$pattern must be a string or an array (given: ' . gettype($pattern) . ').');
}
if (is_array($pattern)) {
if (count($pattern) === 0) {
$pattern = self::WILDCARD_CHAR;
} else {
if (count($pattern) === 1) {
$pattern = $pattern[0];
}
}
}
$globFlags = 0;
if (is_array($pattern)) {
// Clean original $pattern (common to glob & scandir)
foreach ($pattern as &$subPattern) {
$subPattern = str_replace('/', '', $subPattern);
if ($flags & self::GLOB_CASEINSENSITIVE) {
$subPattern = mb_sql_regcase($subPattern);
}
}
// Create a glob-compatible expression with multiple patterns using braces
$globPattern = '{' . implode(',', $pattern) . '}';
$globFlags |= GLOB_BRACE;
} else {
$globPattern =& $pattern;
$pattern = str_replace('/', '', $pattern);
if ($flags & self::GLOB_CASEINSENSITIVE) {
$pattern = mb_sql_regcase($pattern);
}
}
$return = array();
$globFlags |= $flags & self::GLOB_ONLY_DIR ? GLOB_ONLYDIR : 0;
$globPath = self::getPhpLocalHackPath(strtr($path, array('[' => '\\[', ']' => '\\]')), self::PARSE_URL_DONTRESOLVE);
//first of all, let's try with the normal glob() function (works only on localhost, but faster)
if (!($flags & self::GLOB_FORCE_SCANDIR) && ($allFiles = glob($globPath . '/' . $globPattern, $globFlags))) {
//_and_ glob() must succeed (an empty array may indicate that glob() failed)
$onlyDirs = array();
if ($flags & self::GLOB_DIR_IGNORE_PATTERN) {
$onlyDirs = glob($globPath . '/' . self::WILDCARD_CHAR, GLOB_ONLYDIR);
} else {
$onlyDirs = glob($globPath . '/' . $globPattern, GLOB_ONLYDIR);
}
//in some servers glob is returning false, documentation says it shoul
//return an empty array, however, this is not happening.
if (!$onlyDirs) {
$onlyDirs = array();
}
natcasesort($onlyDirs);
$onlyFiles = array_diff($allFiles, $onlyDirs);
$sortedFiles = array_merge($onlyDirs, $onlyFiles);
//dirs are placed first (alphab. sorted), then files (alphab. sorted)
if (!($flags & self::GLOB_DIR_FIRST)) {
natcasesort($sortedFiles);
}
$scheme = '';
if (!($flags & self::GLOB_RETURN_SIMPLE_PATH)) {
//retrieve the original scheme
$urlParts = self::parse_url($path, self::PARSE_URL_NO_AUTOSET_SCHEME);
if (isset($urlParts['scheme'])) {
$scheme = $urlParts['scheme'] . '://';
}
}
foreach ($sortedFiles as $filepath) {
if (utf8_basename($filepath) != '.' && utf8_basename($filepath) != '..') {
$return[] = $scheme . $filepath;
}
}
} else {
$files = @scandir($path);
if ($files === false) {
throw new EyeIOException('Unable to list files in directory "' . $path . '"');
}
$files_tmp = array();
$dirs_tmp = array();
foreach ($files as $filepath) {
if ($filepath != '.' && $filepath != '..') {
// Single pattern (string)
if (is_string($pattern)) {
$fileNameMatches = self::glob_fnmatch($pattern, $filepath);
} else {
$fileNameMatches = false;
foreach ($pattern as &$subPattern) {
if (self::glob_fnmatch($subPattern, $filepath)) {
$fileNameMatches = true;
break;
}
}
}
if (is_dir($path . '/' . $filepath)) {
if ($fileNameMatches || $flags & self::GLOB_DIR_IGNORE_PATTERN) {
$dirs_tmp[] = $path . '/' . $filepath;
}
} else {
if (!($flags & self::GLOB_ONLY_DIR) && $fileNameMatches) {
$files_tmp[] = $path . '/' . $filepath;
}
}
}
}
$return = array_merge($dirs_tmp, $files_tmp);
if (!($flags & self::GLOB_DIR_FIRST)) {
natcasesort($return);
$return = array_values($return);
}
}
return $return;
}
/**
* Submit PM
*/
function submit_pm($mode, $subject, &$data, $put_in_outbox = true)
{
global $db, $auth, $config, $phpEx, $template, $user, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $request;
// We do not handle erasing pms here
if ($mode == 'delete') {
return false;
}
$current_time = time();
/**
* Get all parts of the PM that are to be submited to the DB.
*
* @event core.submit_pm_before
* @var string mode PM Post mode - post|reply|quote|quotepost|forward|edit
* @var string subject Subject of the private message
* @var array data The whole row data of the PM.
* @since 3.1.0-b3
*/
$vars = array('mode', 'subject', 'data');
extract($phpbb_dispatcher->trigger_event('core.submit_pm_before', compact($vars)));
// Collect some basic information about which tables and which rows to update/insert
$sql_data = array();
$root_level = 0;
// Recipient Information
$recipients = $to = $bcc = array();
if ($mode != 'edit') {
// Build Recipient List
// u|g => array($user_id => 'to'|'bcc')
$_types = array('u', 'g');
foreach ($_types as $ug_type) {
if (isset($data['address_list'][$ug_type]) && sizeof($data['address_list'][$ug_type])) {
foreach ($data['address_list'][$ug_type] as $id => $field) {
$id = (int) $id;
// Do not rely on the address list being "valid"
if (!$id || $ug_type == 'u' && $id == ANONYMOUS) {
continue;
}
$field = $field == 'to' ? 'to' : 'bcc';
if ($ug_type == 'u') {
$recipients[$id] = $field;
}
${$field}[] = $ug_type . '_' . $id;
}
}
}
if (isset($data['address_list']['g']) && sizeof($data['address_list']['g'])) {
// We need to check the PM status of group members (do they want to receive PM's?)
// Only check if not a moderator or admin, since they are allowed to override this user setting
$sql_allow_pm = !$auth->acl_gets('a_', 'm_') && !$auth->acl_getf_global('m_') ? ' AND u.user_allow_pm = 1' : '';
$sql = 'SELECT u.user_type, ug.group_id, ug.user_id
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($data['address_list']['g'])) . '
AND ug.user_pending = 0
AND u.user_id = ug.user_id
AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')' . $sql_allow_pm;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$field = $data['address_list']['g'][$row['group_id']] == 'to' ? 'to' : 'bcc';
$recipients[$row['user_id']] = $field;
}
$db->sql_freeresult($result);
}
if (!sizeof($recipients)) {
trigger_error('NO_RECIPIENT');
}
}
// First of all make sure the subject are having the correct length.
$subject = truncate_string($subject);
$db->sql_transaction('begin');
$sql = '';
switch ($mode) {
case 'reply':
case 'quote':
$root_level = $data['reply_from_root_level'] ? $data['reply_from_root_level'] : $data['reply_from_msg_id'];
// Set message_replied switch for this user
$sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . '
SET pm_replied = 1
WHERE user_id = ' . $data['from_user_id'] . '
AND msg_id = ' . $data['reply_from_msg_id'];
// no break
// no break
case 'forward':
case 'post':
case 'quotepost':
$sql_data = array('root_level' => $root_level, 'author_id' => $data['from_user_id'], 'icon_id' => $data['icon_id'], 'author_ip' => $data['from_user_ip'], 'message_time' => $current_time, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'message_subject' => $subject, 'message_text' => $data['message'], 'message_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'to_address' => implode(':', $to), 'bcc_address' => implode(':', $bcc), 'message_reported' => 0);
break;
case 'edit':
$sql_data = array('icon_id' => $data['icon_id'], 'message_edit_time' => $current_time, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'message_subject' => $subject, 'message_text' => $data['message'], 'message_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid']);
break;
}
if (sizeof($sql_data)) {
$query = '';
if ($mode == 'post' || $mode == 'reply' || $mode == 'quote' || $mode == 'quotepost' || $mode == 'forward') {
$db->sql_query('INSERT INTO ' . PRIVMSGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data));
$data['msg_id'] = $db->sql_nextid();
} else {
if ($mode == 'edit') {
$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
SET message_edit_count = message_edit_count + 1, ' . $db->sql_build_array('UPDATE', $sql_data) . '
WHERE msg_id = ' . $data['msg_id'];
$db->sql_query($sql);
}
}
}
if ($mode != 'edit') {
if ($sql) {
$db->sql_query($sql);
}
unset($sql);
$sql_ary = array();
foreach ($recipients as $user_id => $type) {
$sql_ary[] = array('msg_id' => (int) $data['msg_id'], 'user_id' => (int) $user_id, 'author_id' => (int) $data['from_user_id'], 'folder_id' => PRIVMSGS_NO_BOX, 'pm_new' => 1, 'pm_unread' => 1, 'pm_forwarded' => $mode == 'forward' ? 1 : 0);
}
$db->sql_multi_insert(PRIVMSGS_TO_TABLE, $sql_ary);
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_new_privmsg = user_new_privmsg + 1, user_unread_privmsg = user_unread_privmsg + 1, user_last_privmsg = ' . time() . '
WHERE ' . $db->sql_in_set('user_id', array_keys($recipients));
$db->sql_query($sql);
// Put PM into outbox
if ($put_in_outbox) {
$db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array('msg_id' => (int) $data['msg_id'], 'user_id' => (int) $data['from_user_id'], 'author_id' => (int) $data['from_user_id'], 'folder_id' => PRIVMSGS_OUTBOX, 'pm_new' => 0, 'pm_unread' => 0, 'pm_forwarded' => $mode == 'forward' ? 1 : 0)));
}
}
// Set user last post time
if ($mode == 'reply' || $mode == 'quote' || $mode == 'quotepost' || $mode == 'forward' || $mode == 'post') {
$sql = 'UPDATE ' . USERS_TABLE . "\n\t\t\tSET user_lastpost_time = {$current_time}\n\t\t\tWHERE user_id = " . $data['from_user_id'];
$db->sql_query($sql);
}
// Submit Attachments
if (!empty($data['attachment_data']) && $data['msg_id'] && in_array($mode, array('post', 'reply', 'quote', 'quotepost', 'edit', 'forward'))) {
$space_taken = $files_added = 0;
$orphan_rows = array();
foreach ($data['attachment_data'] as $pos => $attach_row) {
$orphan_rows[(int) $attach_row['attach_id']] = array();
}
if (sizeof($orphan_rows)) {
$sql = 'SELECT attach_id, filesize, physical_filename
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . '
AND in_message = 1
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$orphan_rows = array();
while ($row = $db->sql_fetchrow($result)) {
$orphan_rows[$row['attach_id']] = $row;
}
$db->sql_freeresult($result);
}
foreach ($data['attachment_data'] as $pos => $attach_row) {
if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']])) {
continue;
}
if (!$attach_row['is_orphan']) {
// update entry in db if attachment already stored in db and filespace
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . '
AND is_orphan = 0';
$db->sql_query($sql);
} else {
// insert attachment into db
if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) {
continue;
}
$space_taken += $orphan_rows[$attach_row['attach_id']]['filesize'];
$files_added++;
$attach_sql = array('post_msg_id' => $data['msg_id'], 'topic_id' => 0, 'is_orphan' => 0, 'poster_id' => $data['from_user_id'], 'attach_comment' => $attach_row['attach_comment']);
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . '
WHERE attach_id = ' . $attach_row['attach_id'] . '
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$db->sql_query($sql);
}
}
if ($space_taken && $files_added) {
$config->increment('upload_dir_size', $space_taken, false);
$config->increment('num_files', $files_added, false);
}
}
// Delete draft if post was loaded...
$draft_id = $request->variable('draft_loaded', 0);
if ($draft_id) {
$sql = 'DELETE FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND user_id = " . $data['from_user_id'];
$db->sql_query($sql);
}
$db->sql_transaction('commit');
// Send Notifications
$pm_data = array_merge($data, array('message_subject' => $subject, 'recipients' => $recipients));
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
if ($mode == 'edit') {
$phpbb_notifications->update_notifications('notification.type.pm', $pm_data);
} else {
$phpbb_notifications->add_notifications('notification.type.pm', $pm_data);
}
/**
* Get PM message ID after submission to DB
*
* @event core.submit_pm_after
* @var string mode PM Post mode - post|reply|quote|quotepost|forward|edit
* @var string subject Subject of the private message
* @var array data The whole row data of the PM.
* @var array pm_data The data sent to notification class
* @since 3.1.0-b5
*/
$vars = array('mode', 'subject', 'data', 'pm_data');
extract($phpbb_dispatcher->trigger_event('core.submit_pm_after', compact($vars)));
return $data['msg_id'];
}
/**
* Fork Topic
*/
function mcp_fork_topic($topic_ids)
{
global $auth, $user, $db, $template, $config;
global $phpEx, $phpbb_root_path, $phpbb_log, $request, $phpbb_dispatcher;
if (!phpbb_check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_'))) {
return;
}
$to_forum_id = $request->variable('to_forum_id', 0);
$forum_id = $request->variable('f', 0);
$redirect = $request->variable('redirect', build_url(array('action', 'quickmod')));
$additional_msg = $success_msg = '';
$counter = array();
$s_hidden_fields = build_hidden_fields(array('topic_id_list' => $topic_ids, 'f' => $forum_id, 'action' => 'fork', 'redirect' => $redirect));
if ($to_forum_id) {
$forum_data = phpbb_get_forum_data($to_forum_id, 'f_post');
if (!sizeof($topic_ids)) {
$additional_msg = $user->lang['NO_TOPIC_SELECTED'];
} else {
if (!sizeof($forum_data)) {
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
} else {
$forum_data = $forum_data[$to_forum_id];
if ($forum_data['forum_type'] != FORUM_POST) {
$additional_msg = $user->lang['FORUM_NOT_POSTABLE'];
} else {
if (!$auth->acl_get('f_post', $to_forum_id)) {
$additional_msg = $user->lang['USER_CANNOT_POST'];
}
}
}
}
} else {
if (isset($_POST['confirm'])) {
$additional_msg = $user->lang['FORUM_NOT_EXIST'];
}
}
if ($additional_msg) {
$request->overwrite('confirm', null, \phpbb\request\request_interface::POST);
$request->overwrite('confirm_key', null);
}
if (confirm_box(true)) {
$topic_data = phpbb_get_topic_data($topic_ids, 'f_post');
$total_topics = $total_topics_unapproved = $total_topics_softdeleted = 0;
$total_posts = $total_posts_unapproved = $total_posts_softdeleted = 0;
$new_topic_id_list = array();
foreach ($topic_data as $topic_id => $topic_row) {
if (!isset($search_type) && $topic_row['enable_indexing']) {
// Select the search method and do some additional checks to ensure it can actually be utilised
$search_type = $config['search_type'];
if (!class_exists($search_type)) {
trigger_error('NO_SUCH_SEARCH_MODULE');
}
$error = false;
$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
$search_mode = 'post';
if ($error) {
trigger_error($error);
}
} else {
if (!isset($search_type) && !$topic_row['enable_indexing']) {
$search_type = false;
}
}
$sql_ary = array('forum_id' => (int) $to_forum_id, 'icon_id' => (int) $topic_row['icon_id'], 'topic_attachment' => (int) $topic_row['topic_attachment'], 'topic_visibility' => (int) $topic_row['topic_visibility'], 'topic_reported' => 0, 'topic_title' => (string) $topic_row['topic_title'], 'topic_poster' => (int) $topic_row['topic_poster'], 'topic_time' => (int) $topic_row['topic_time'], 'topic_posts_approved' => (int) $topic_row['topic_posts_approved'], 'topic_posts_unapproved' => (int) $topic_row['topic_posts_unapproved'], 'topic_posts_softdeleted' => (int) $topic_row['topic_posts_softdeleted'], 'topic_status' => (int) $topic_row['topic_status'], 'topic_type' => (int) $topic_row['topic_type'], 'topic_first_poster_name' => (string) $topic_row['topic_first_poster_name'], 'topic_last_poster_id' => (int) $topic_row['topic_last_poster_id'], 'topic_last_poster_name' => (string) $topic_row['topic_last_poster_name'], 'topic_last_post_time' => (int) $topic_row['topic_last_post_time'], 'topic_last_view_time' => (int) $topic_row['topic_last_view_time'], 'topic_bumped' => (int) $topic_row['topic_bumped'], 'topic_bumper' => (int) $topic_row['topic_bumper'], 'poll_title' => (string) $topic_row['poll_title'], 'poll_start' => (int) $topic_row['poll_start'], 'poll_length' => (int) $topic_row['poll_length'], 'poll_max_options' => (int) $topic_row['poll_max_options'], 'poll_vote_change' => (int) $topic_row['poll_vote_change']);
$db->sql_query('INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_topic_id = $db->sql_nextid();
$new_topic_id_list[$topic_id] = $new_topic_id;
switch ($topic_row['topic_visibility']) {
case ITEM_APPROVED:
$total_topics++;
break;
case ITEM_UNAPPROVED:
case ITEM_REAPPROVE:
$total_topics_unapproved++;
break;
case ITEM_DELETED:
$total_topics_softdeleted++;
break;
}
if ($topic_row['poll_start']) {
$poll_rows = array();
$sql = 'SELECT *
FROM ' . POLL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE topic_id = {$topic_id}";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$sql_ary = array('poll_option_id' => (int) $row['poll_option_id'], 'topic_id' => (int) $new_topic_id, 'poll_option_text' => (string) $row['poll_option_text'], 'poll_option_total' => 0);
$db->sql_query('INSERT INTO ' . POLL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
}
$db->sql_freeresult($result);
}
$sql = 'SELECT *
FROM ' . POSTS_TABLE . "\n\t\t\t\tWHERE topic_id = {$topic_id}\n\t\t\t\tORDER BY post_time ASC, post_id ASC";
$result = $db->sql_query($sql);
$post_rows = array();
while ($row = $db->sql_fetchrow($result)) {
$post_rows[] = $row;
}
$db->sql_freeresult($result);
if (!sizeof($post_rows)) {
continue;
}
foreach ($post_rows as $row) {
$sql_ary = array('topic_id' => (int) $new_topic_id, 'forum_id' => (int) $to_forum_id, 'poster_id' => (int) $row['poster_id'], 'icon_id' => (int) $row['icon_id'], 'poster_ip' => (string) $row['poster_ip'], 'post_time' => (int) $row['post_time'], 'post_visibility' => (int) $row['post_visibility'], 'post_reported' => 0, 'enable_bbcode' => (int) $row['enable_bbcode'], 'enable_smilies' => (int) $row['enable_smilies'], 'enable_magic_url' => (int) $row['enable_magic_url'], 'enable_sig' => (int) $row['enable_sig'], 'post_username' => (string) $row['post_username'], 'post_subject' => (string) $row['post_subject'], 'post_text' => (string) $row['post_text'], 'post_edit_reason' => (string) $row['post_edit_reason'], 'post_edit_user' => (int) $row['post_edit_user'], 'post_checksum' => (string) $row['post_checksum'], 'post_attachment' => (int) $row['post_attachment'], 'bbcode_bitfield' => $row['bbcode_bitfield'], 'bbcode_uid' => (string) $row['bbcode_uid'], 'post_edit_time' => (int) $row['post_edit_time'], 'post_edit_count' => (int) $row['post_edit_count'], 'post_edit_locked' => (int) $row['post_edit_locked'], 'post_postcount' => $row['post_postcount']);
// Adjust post count only if the post can be incremented to the user counter
if ($row['post_postcount']) {
if (isset($counter[$row['poster_id']])) {
++$counter[$row['poster_id']];
} else {
$counter[$row['poster_id']] = 1;
}
}
$db->sql_query('INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
$new_post_id = $db->sql_nextid();
switch ($row['post_visibility']) {
case ITEM_APPROVED:
$total_posts++;
break;
case ITEM_UNAPPROVED:
case ITEM_REAPPROVE:
$total_posts_unapproved++;
break;
case ITEM_DELETED:
$total_posts_softdeleted++;
break;
}
// Copy whether the topic is dotted
markread('post', $to_forum_id, $new_topic_id, 0, $row['poster_id']);
if (!empty($search_type)) {
$search->index($search_mode, $new_post_id, $sql_ary['post_text'], $sql_ary['post_subject'], $sql_ary['poster_id'], $topic_row['topic_type'] == POST_GLOBAL ? 0 : $to_forum_id);
$search_mode = 'reply';
// After one we index replies
}
// Copy Attachments
if ($row['post_attachment']) {
$sql = 'SELECT * FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\t\tWHERE post_msg_id = {$row['post_id']}\n\t\t\t\t\t\t\tAND topic_id = {$topic_id}\n\t\t\t\t\t\t\tAND in_message = 0";
$result = $db->sql_query($sql);
$sql_ary = array();
while ($attach_row = $db->sql_fetchrow($result)) {
$sql_ary[] = array('post_msg_id' => (int) $new_post_id, 'topic_id' => (int) $new_topic_id, 'in_message' => 0, 'is_orphan' => (int) $attach_row['is_orphan'], 'poster_id' => (int) $attach_row['poster_id'], 'physical_filename' => (string) utf8_basename($attach_row['physical_filename']), 'real_filename' => (string) utf8_basename($attach_row['real_filename']), 'download_count' => (int) $attach_row['download_count'], 'attach_comment' => (string) $attach_row['attach_comment'], 'extension' => (string) $attach_row['extension'], 'mimetype' => (string) $attach_row['mimetype'], 'filesize' => (int) $attach_row['filesize'], 'filetime' => (int) $attach_row['filetime'], 'thumbnail' => (int) $attach_row['thumbnail']);
}
$db->sql_freeresult($result);
if (sizeof($sql_ary)) {
$db->sql_multi_insert(ATTACHMENTS_TABLE, $sql_ary);
}
}
}
// Copy topic subscriptions to new topic
$sql = 'SELECT user_id, notify_status
FROM ' . TOPICS_WATCH_TABLE . '
WHERE topic_id = ' . $topic_id;
$result = $db->sql_query($sql);
$sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$sql_ary[] = array('topic_id' => (int) $new_topic_id, 'user_id' => (int) $row['user_id'], 'notify_status' => (int) $row['notify_status']);
}
$db->sql_freeresult($result);
if (sizeof($sql_ary)) {
$db->sql_multi_insert(TOPICS_WATCH_TABLE, $sql_ary);
}
// Copy bookmarks to new topic
$sql = 'SELECT user_id
FROM ' . BOOKMARKS_TABLE . '
WHERE topic_id = ' . $topic_id;
$result = $db->sql_query($sql);
$sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$sql_ary[] = array('topic_id' => (int) $new_topic_id, 'user_id' => (int) $row['user_id']);
}
$db->sql_freeresult($result);
if (sizeof($sql_ary)) {
$db->sql_multi_insert(BOOKMARKS_TABLE, $sql_ary);
}
}
// Sync new topics, parent forums and board stats
$sql = 'UPDATE ' . FORUMS_TABLE . '
SET forum_posts_approved = forum_posts_approved + ' . $total_posts . ',
forum_posts_unapproved = forum_posts_unapproved + ' . $total_posts_unapproved . ',
forum_posts_softdeleted = forum_posts_softdeleted + ' . $total_posts_softdeleted . ',
forum_topics_approved = forum_topics_approved + ' . $total_topics . ',
forum_topics_unapproved = forum_topics_unapproved + ' . $total_topics_unapproved . ',
forum_topics_softdeleted = forum_topics_softdeleted + ' . $total_topics_softdeleted . '
WHERE forum_id = ' . $to_forum_id;
$db->sql_query($sql);
if (!empty($counter)) {
// Do only one query per user and not a query per post.
foreach ($counter as $user_id => $count) {
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_posts = user_posts + ' . (int) $count . '
WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);
}
}
sync('topic', 'topic_id', $new_topic_id_list);
sync('forum', 'forum_id', $to_forum_id);
$config->increment('num_topics', sizeof($new_topic_id_list), false);
$config->increment('num_posts', $total_posts, false);
foreach ($new_topic_id_list as $topic_id => $new_topic_id) {
$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_FORK', false, array('forum_id' => $to_forum_id, 'topic_id' => $new_topic_id, $topic_row['forum_name']));
}
$success_msg = sizeof($topic_ids) == 1 ? 'TOPIC_FORKED_SUCCESS' : 'TOPICS_FORKED_SUCCESS';
} else {
$template->assign_vars(array('S_FORUM_SELECT' => make_forum_select($to_forum_id, false, false, true, true, true), 'S_CAN_LEAVE_SHADOW' => false, 'ADDITIONAL_MSG' => $additional_msg));
confirm_box(false, 'FORK_TOPIC' . (sizeof($topic_ids) == 1 ? '' : 'S'), $s_hidden_fields, 'mcp_move.html');
}
$redirect = $request->variable('redirect', "index.{$phpEx}");
$redirect = reapply_sid($redirect);
if (!$success_msg) {
redirect($redirect);
} else {
$redirect_url = append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $forum_id);
meta_refresh(3, $redirect_url);
$return_link = sprintf($user->lang['RETURN_FORUM'], '<a href="' . $redirect_url . '">', '</a>');
if ($forum_id != $to_forum_id) {
$return_link .= '<br /><br />' . sprintf($user->lang['RETURN_NEW_FORUM'], '<a href="' . append_sid("{$phpbb_root_path}viewforum.{$phpEx}", 'f=' . $to_forum_id) . '">', '</a>');
}
trigger_error($user->lang[$success_msg] . '<br /><br />' . $return_link);
}
}
/**
* Submit Post
* @todo Split up and create lightweight, simple API for this.
*/
function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $update_message = true, $update_search_index = true)
{
global $db, $auth, $user, $config, $phpEx, $template, $phpbb_root_path, $phpbb_container, $phpbb_dispatcher, $phpbb_log, $request;
/**
* Modify the data for post submitting
*
* @event core.modify_submit_post_data
* @var string mode Variable containing posting mode value
* @var string subject Variable containing post subject value
* @var string username Variable containing post author name
* @var int topic_type Variable containing topic type value
* @var array poll Array with the poll data for the post
* @var array data Array with the data for the post
* @var bool update_message Flag indicating if the post will be updated
* @var bool update_search_index Flag indicating if the search index will be updated
* @since 3.1.0-a4
*/
$vars = array('mode', 'subject', 'username', 'topic_type', 'poll', 'data', 'update_message', 'update_search_index');
extract($phpbb_dispatcher->trigger_event('core.modify_submit_post_data', compact($vars)));
// We do not handle erasing posts here
if ($mode == 'delete') {
return false;
}
if (!empty($data['post_time'])) {
$current_time = $data['post_time'];
} else {
$current_time = time();
}
if ($mode == 'post') {
$post_mode = 'post';
$update_message = true;
} else {
if ($mode != 'edit') {
$post_mode = 'reply';
$update_message = true;
} else {
if ($mode == 'edit') {
$post_mode = $data['topic_posts_approved'] + $data['topic_posts_unapproved'] + $data['topic_posts_softdeleted'] == 1 ? 'edit_topic' : ($data['topic_first_post_id'] == $data['post_id'] ? 'edit_first_post' : ($data['topic_last_post_id'] == $data['post_id'] ? 'edit_last_post' : 'edit'));
}
}
}
// First of all make sure the subject and topic title are having the correct length.
// To achieve this without cutting off between special chars we convert to an array and then count the elements.
$subject = truncate_string($subject, 120);
$data['topic_title'] = truncate_string($data['topic_title'], 120);
// Collect some basic information about which tables and which rows to update/insert
$sql_data = $topic_row = array();
$poster_id = $mode == 'edit' ? $data['poster_id'] : (int) $user->data['user_id'];
// Retrieve some additional information if not present
if ($mode == 'edit' && (!isset($data['post_visibility']) || !isset($data['topic_visibility']) || $data['post_visibility'] === false || $data['topic_visibility'] === false)) {
$sql = 'SELECT p.post_visibility, t.topic_type, t.topic_posts_approved, t.topic_posts_unapproved, t.topic_posts_softdeleted, t.topic_visibility
FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p
WHERE t.topic_id = p.topic_id
AND p.post_id = ' . $data['post_id'];
$result = $db->sql_query($sql);
$topic_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$data['topic_visibility'] = $topic_row['topic_visibility'];
$data['post_visibility'] = $topic_row['post_visibility'];
}
// This variable indicates if the user is able to post or put into the queue
$post_visibility = ITEM_APPROVED;
// Check the permissions for post approval.
// Moderators must go through post approval like ordinary users.
if (!$auth->acl_get('f_noapprove', $data['forum_id'])) {
// Post not approved, but in queue
$post_visibility = ITEM_UNAPPROVED;
switch ($post_mode) {
case 'edit_first_post':
case 'edit':
case 'edit_last_post':
case 'edit_topic':
$post_visibility = ITEM_REAPPROVE;
break;
}
}
// MODs/Extensions are able to force any visibility on posts
if (isset($data['force_approved_state'])) {
$post_visibility = in_array((int) $data['force_approved_state'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE)) ? (int) $data['force_approved_state'] : $post_visibility;
}
if (isset($data['force_visibility'])) {
$post_visibility = in_array((int) $data['force_visibility'], array(ITEM_APPROVED, ITEM_UNAPPROVED, ITEM_DELETED, ITEM_REAPPROVE)) ? (int) $data['force_visibility'] : $post_visibility;
}
// Start the transaction here
$db->sql_transaction('begin');
// Collect Information
switch ($post_mode) {
case 'post':
case 'reply':
$sql_data[POSTS_TABLE]['sql'] = array('forum_id' => $data['forum_id'], 'poster_id' => (int) $user->data['user_id'], 'icon_id' => $data['icon_id'], 'poster_ip' => $user->ip, 'post_time' => $current_time, 'post_visibility' => $post_visibility, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => !$user->data['is_registered'] ? $username : '', 'post_subject' => $subject, 'post_text' => $data['message'], 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_postcount' => $auth->acl_get('f_postcount', $data['forum_id']) ? 1 : 0, 'post_edit_locked' => $data['post_edit_locked']);
break;
case 'edit_first_post':
case 'edit':
case 'edit_last_post':
case 'edit_topic':
// If edit reason is given always display edit info
// If editing last post then display no edit info
// If m_edit permission then display no edit info
// If normal edit display edit info
// Display edit info if edit reason given or user is editing his post, which is not the last within the topic.
if ($data['post_edit_reason'] || !$auth->acl_get('m_edit', $data['forum_id']) && ($post_mode == 'edit' || $post_mode == 'edit_first_post')) {
$data['post_edit_reason'] = truncate_string($data['post_edit_reason'], 255, 255, false);
$sql_data[POSTS_TABLE]['sql'] = array('post_edit_time' => $current_time, 'post_edit_reason' => $data['post_edit_reason'], 'post_edit_user' => (int) $data['post_edit_user']);
$sql_data[POSTS_TABLE]['stat'][] = 'post_edit_count = post_edit_count + 1';
} else {
if (!$data['post_edit_reason'] && $mode == 'edit' && $auth->acl_get('m_edit', $data['forum_id'])) {
$sql_data[POSTS_TABLE]['sql'] = array('post_edit_reason' => '');
}
}
// If the person editing this post is different to the one having posted then we will add a log entry stating the edit
// Could be simplified by only adding to the log if the edit is not tracked - but this may confuse admins/mods
if ($user->data['user_id'] != $poster_id) {
$log_subject = $subject ? $subject : $data['topic_title'];
$phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_POST_EDITED', false, array('forum_id' => $data['forum_id'], 'topic_id' => $data['topic_id'], 'post_id' => $data['post_id'], $log_subject, !empty($username) ? $username : $user->lang['GUEST'], $data['post_edit_reason']));
}
if (!isset($sql_data[POSTS_TABLE]['sql'])) {
$sql_data[POSTS_TABLE]['sql'] = array();
}
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('forum_id' => $data['forum_id'], 'poster_id' => $data['poster_id'], 'icon_id' => $data['icon_id'], 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_magic_url' => $data['enable_urls'], 'enable_sig' => $data['enable_sig'], 'post_username' => $username && $data['poster_id'] == ANONYMOUS ? $username : '', 'post_subject' => $subject, 'post_checksum' => $data['message_md5'], 'post_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'post_edit_locked' => $data['post_edit_locked']));
if ($update_message) {
$sql_data[POSTS_TABLE]['sql']['post_text'] = $data['message'];
}
break;
}
$topic_row = array();
// And the topic ladies and gentlemen
switch ($post_mode) {
case 'post':
$sql_data[TOPICS_TABLE]['sql'] = array('topic_poster' => (int) $user->data['user_id'], 'topic_time' => $current_time, 'topic_last_view_time' => $current_time, 'forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_posts_approved' => $post_visibility == ITEM_APPROVED ? 1 : 0, 'topic_posts_softdeleted' => $post_visibility == ITEM_DELETED ? 1 : 0, 'topic_posts_unapproved' => $post_visibility == ITEM_UNAPPROVED ? 1 : 0, 'topic_visibility' => $post_visibility, 'topic_delete_user' => $post_visibility != ITEM_APPROVED ? (int) $user->data['user_id'] : 0, 'topic_title' => $subject, 'topic_first_poster_name' => !$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : ''), 'topic_first_poster_colour' => $user->data['user_colour'], 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : 0, 'topic_status' => isset($data['topic_status']) ? $data['topic_status'] : ITEM_UNLOCKED);
if (isset($poll['poll_options']) && !empty($poll['poll_options'])) {
$poll_start = $poll['poll_start'] ? $poll['poll_start'] : $current_time;
$poll_length = $poll['poll_length'] * 86400;
if ($poll_length < 0) {
$poll_start = $poll_start + $poll_length;
if ($poll_start < 0) {
$poll_start = 0;
}
$poll_length = 1;
}
$sql_data[TOPICS_TABLE]['sql'] = array_merge($sql_data[TOPICS_TABLE]['sql'], array('poll_title' => $poll['poll_title'], 'poll_start' => $poll_start, 'poll_max_options' => $poll['poll_max_options'], 'poll_length' => $poll_length, 'poll_vote_change' => $poll['poll_vote_change']));
}
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_visibility == ITEM_APPROVED ? ', user_posts = user_posts + 1' : '');
if ($post_visibility == ITEM_APPROVED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_approved = forum_topics_approved + 1';
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1';
} else {
if ($post_visibility == ITEM_UNAPPROVED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_unapproved = forum_topics_unapproved + 1';
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1';
} else {
if ($post_visibility == ITEM_DELETED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_topics_softdeleted = forum_topics_softdeleted + 1';
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1';
}
}
}
break;
case 'reply':
$sql_data[TOPICS_TABLE]['stat'][] = 'topic_last_view_time = ' . $current_time . ',
topic_bumped = 0,
topic_bumper = 0' . ($post_visibility == ITEM_APPROVED ? ', topic_posts_approved = topic_posts_approved + 1' : '') . ($post_visibility == ITEM_UNAPPROVED ? ', topic_posts_unapproved = topic_posts_unapproved + 1' : '') . ($post_visibility == ITEM_DELETED ? ', topic_posts_softdeleted = topic_posts_softdeleted + 1' : '') . (!empty($data['attachment_data']) || isset($data['topic_attachment']) && $data['topic_attachment'] ? ', topic_attachment = 1' : '');
$sql_data[USERS_TABLE]['stat'][] = "user_lastpost_time = {$current_time}" . ($auth->acl_get('f_postcount', $data['forum_id']) && $post_visibility == ITEM_APPROVED ? ', user_posts = user_posts + 1' : '');
if ($post_visibility == ITEM_APPROVED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_approved = forum_posts_approved + 1';
} else {
if ($post_visibility == ITEM_UNAPPROVED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_unapproved = forum_posts_unapproved + 1';
} else {
if ($post_visibility == ITEM_DELETED) {
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts_softdeleted = forum_posts_softdeleted + 1';
}
}
}
break;
case 'edit_topic':
case 'edit_first_post':
if (isset($poll['poll_options'])) {
$poll_start = $poll['poll_start'] || empty($poll['poll_options']) ? $poll['poll_start'] : $current_time;
$poll_length = $poll['poll_length'] * 86400;
if ($poll_length < 0) {
$poll_start = $poll_start + $poll_length;
if ($poll_start < 0) {
$poll_start = 0;
}
$poll_length = 1;
}
}
$sql_data[TOPICS_TABLE]['sql'] = array('forum_id' => $data['forum_id'], 'icon_id' => $data['icon_id'], 'topic_title' => $subject, 'topic_first_poster_name' => $username, 'topic_type' => $topic_type, 'topic_time_limit' => $topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE ? $data['topic_time_limit'] * 86400 : 0, 'poll_title' => isset($poll['poll_options']) ? $poll['poll_title'] : '', 'poll_start' => isset($poll['poll_options']) ? $poll_start : 0, 'poll_max_options' => isset($poll['poll_options']) ? $poll['poll_max_options'] : 1, 'poll_length' => isset($poll['poll_options']) ? $poll_length : 0, 'poll_vote_change' => isset($poll['poll_vote_change']) ? $poll['poll_vote_change'] : 0, 'topic_last_view_time' => $current_time, 'topic_attachment' => !empty($data['attachment_data']) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0));
break;
}
/**
* Modify sql query data for post submitting
*
* @event core.submit_post_modify_sql_data
* @var array data Array with the data for the post
* @var array poll Array with the poll data for the post
* @var string post_mode Variable containing posting mode value
* @var bool sql_data Array with the data for the posting SQL query
* @var string subject Variable containing post subject value
* @var int topic_type Variable containing topic type value
* @var string username Variable containing post author name
* @since 3.1.3-RC1
*/
$vars = array('data', 'poll', 'post_mode', 'sql_data', 'subject', 'topic_type', 'username');
extract($phpbb_dispatcher->trigger_event('core.submit_post_modify_sql_data', compact($vars)));
// Submit new topic
if ($post_mode == 'post') {
$sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[TOPICS_TABLE]['sql']);
$db->sql_query($sql);
$data['topic_id'] = $db->sql_nextid();
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id']));
unset($sql_data[TOPICS_TABLE]['sql']);
}
// Submit new post
if ($post_mode == 'post' || $post_mode == 'reply') {
if ($post_mode == 'reply') {
$sql_data[POSTS_TABLE]['sql'] = array_merge($sql_data[POSTS_TABLE]['sql'], array('topic_id' => $data['topic_id']));
}
$sql = 'INSERT INTO ' . POSTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data[POSTS_TABLE]['sql']);
$db->sql_query($sql);
$data['post_id'] = $db->sql_nextid();
if ($post_mode == 'post' || $post_visibility == ITEM_APPROVED) {
$sql_data[TOPICS_TABLE]['sql'] = array('topic_last_post_id' => $data['post_id'], 'topic_last_post_time' => $current_time, 'topic_last_poster_id' => $sql_data[POSTS_TABLE]['sql']['poster_id'], 'topic_last_poster_name' => $user->data['user_id'] == ANONYMOUS ? $sql_data[POSTS_TABLE]['sql']['post_username'] : $user->data['username'], 'topic_last_poster_colour' => $user->data['user_colour'], 'topic_last_post_subject' => (string) $subject);
}
if ($post_mode == 'post') {
$sql_data[TOPICS_TABLE]['sql']['topic_first_post_id'] = $data['post_id'];
}
// Update total post count and forum information
if ($post_visibility == ITEM_APPROVED) {
if ($post_mode == 'post') {
$config->increment('num_topics', 1, false);
}
$config->increment('num_posts', 1, false);
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_id = ' . $data['post_id'];
$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'";
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_post_time = ' . $current_time;
$sql_data[FORUMS_TABLE]['stat'][] = 'forum_last_poster_id = ' . (int) $user->data['user_id'];
$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape(!$user->data['is_registered'] && $username ? $username : ($user->data['user_id'] != ANONYMOUS ? $user->data['username'] : '')) . "'";
$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_colour = '" . $db->sql_escape($user->data['user_colour']) . "'";
}
unset($sql_data[POSTS_TABLE]['sql']);
}
// Update the topics table
if (isset($sql_data[TOPICS_TABLE]['sql'])) {
$sql = 'UPDATE ' . TOPICS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[TOPICS_TABLE]['sql']) . '
WHERE topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
unset($sql_data[TOPICS_TABLE]['sql']);
}
// Update the posts table
if (isset($sql_data[POSTS_TABLE]['sql'])) {
$sql = 'UPDATE ' . POSTS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_data[POSTS_TABLE]['sql']) . '
WHERE post_id = ' . $data['post_id'];
$db->sql_query($sql);
unset($sql_data[POSTS_TABLE]['sql']);
}
// Update Poll Tables
if (isset($poll['poll_options'])) {
$cur_poll_options = array();
if ($mode == 'edit') {
$sql = 'SELECT *
FROM ' . POLL_OPTIONS_TABLE . '
WHERE topic_id = ' . $data['topic_id'] . '
ORDER BY poll_option_id';
$result = $db->sql_query($sql);
$cur_poll_options = array();
while ($row = $db->sql_fetchrow($result)) {
$cur_poll_options[] = $row;
}
$db->sql_freeresult($result);
}
$sql_insert_ary = array();
for ($i = 0, $size = sizeof($poll['poll_options']); $i < $size; $i++) {
if (strlen(trim($poll['poll_options'][$i]))) {
if (empty($cur_poll_options[$i])) {
// If we add options we need to put them to the end to be able to preserve votes...
$sql_insert_ary[] = array('poll_option_id' => (int) sizeof($cur_poll_options) + 1 + sizeof($sql_insert_ary), 'topic_id' => (int) $data['topic_id'], 'poll_option_text' => (string) $poll['poll_options'][$i]);
} else {
if ($poll['poll_options'][$i] != $cur_poll_options[$i]) {
$sql = 'UPDATE ' . POLL_OPTIONS_TABLE . "\n\t\t\t\t\t\tSET poll_option_text = '" . $db->sql_escape($poll['poll_options'][$i]) . "'\n\t\t\t\t\t\tWHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id'] . '
AND topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
}
}
}
$db->sql_multi_insert(POLL_OPTIONS_TABLE, $sql_insert_ary);
if (sizeof($poll['poll_options']) < sizeof($cur_poll_options)) {
$sql = 'DELETE FROM ' . POLL_OPTIONS_TABLE . '
WHERE poll_option_id > ' . sizeof($poll['poll_options']) . '
AND topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
// If edited, we would need to reset votes (since options can be re-ordered above, you can't be sure if the change is for changing the text or adding an option
if ($mode == 'edit' && sizeof($poll['poll_options']) != sizeof($cur_poll_options)) {
$db->sql_query('DELETE FROM ' . POLL_VOTES_TABLE . ' WHERE topic_id = ' . $data['topic_id']);
$db->sql_query('UPDATE ' . POLL_OPTIONS_TABLE . ' SET poll_option_total = 0 WHERE topic_id = ' . $data['topic_id']);
}
}
// Submit Attachments
if (!empty($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit'))) {
$space_taken = $files_added = 0;
$orphan_rows = array();
foreach ($data['attachment_data'] as $pos => $attach_row) {
$orphan_rows[(int) $attach_row['attach_id']] = array();
}
if (sizeof($orphan_rows)) {
$sql = 'SELECT attach_id, filesize, physical_filename
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . '
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$orphan_rows = array();
while ($row = $db->sql_fetchrow($result)) {
$orphan_rows[$row['attach_id']] = $row;
}
$db->sql_freeresult($result);
}
foreach ($data['attachment_data'] as $pos => $attach_row) {
if ($attach_row['is_orphan'] && !isset($orphan_rows[$attach_row['attach_id']])) {
continue;
}
if (!$attach_row['is_orphan']) {
// update entry in db if attachment already stored in db and filespace
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "\n\t\t\t\t\tSET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'\n\t\t\t\t\tWHERE attach_id = " . (int) $attach_row['attach_id'] . '
AND is_orphan = 0';
$db->sql_query($sql);
} else {
// insert attachment into db
if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename']))) {
continue;
}
$space_taken += $orphan_rows[$attach_row['attach_id']]['filesize'];
$files_added++;
$attach_sql = array('post_msg_id' => $data['post_id'], 'topic_id' => $data['topic_id'], 'is_orphan' => 0, 'poster_id' => $poster_id, 'attach_comment' => $attach_row['attach_comment']);
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . '
WHERE attach_id = ' . $attach_row['attach_id'] . '
AND is_orphan = 1
AND poster_id = ' . $user->data['user_id'];
$db->sql_query($sql);
}
}
if ($space_taken && $files_added) {
$config->increment('upload_dir_size', $space_taken, false);
$config->increment('num_files', $files_added, false);
}
}
$first_post_has_topic_info = $post_mode == 'edit_first_post' && ($post_visibility == ITEM_DELETED && $data['topic_posts_softdeleted'] == 1 || $post_visibility == ITEM_UNAPPROVED && $data['topic_posts_unapproved'] == 1 || $post_visibility == ITEM_REAPPROVE && $data['topic_posts_unapproved'] == 1 || $post_visibility == ITEM_APPROVED && $data['topic_posts_approved'] == 1);
// Fix the post's and topic's visibility and first/last post information, when the post is edited
if ($post_mode != 'post' && $post_mode != 'reply' && $data['post_visibility'] != $post_visibility) {
// If the post was not approved, it could also be the starter,
// so we sync the starter after approving/restoring, to ensure that the stats are correct
// Same applies for the last post
$is_starter = $post_mode == 'edit_first_post' || $post_mode == 'edit_topic' || $data['post_visibility'] != ITEM_APPROVED;
$is_latest = $post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $data['post_visibility'] != ITEM_APPROVED;
/* @var $phpbb_content_visibility \phpbb\content_visibility */
$phpbb_content_visibility = $phpbb_container->get('content.visibility');
$phpbb_content_visibility->set_post_visibility($post_visibility, $data['post_id'], $data['topic_id'], $data['forum_id'], $user->data['user_id'], time(), '', $is_starter, $is_latest);
} else {
if ($post_mode == 'edit_last_post' || $post_mode == 'edit_topic' || $first_post_has_topic_info) {
if ($post_visibility == ITEM_APPROVED || $data['topic_visibility'] == $post_visibility) {
// only the subject can be changed from edit
$sql_data[TOPICS_TABLE]['stat'][] = "topic_last_post_subject = '" . $db->sql_escape($subject) . "'";
// Maybe not only the subject, but also changing anonymous usernames. ;)
if ($data['poster_id'] == ANONYMOUS) {
$sql_data[TOPICS_TABLE]['stat'][] = "topic_last_poster_name = '" . $db->sql_escape($username) . "'";
}
if ($post_visibility == ITEM_APPROVED) {
// this does not _necessarily_ mean that we must update the info again,
// it just means that we might have to
$sql = 'SELECT forum_last_post_id, forum_last_post_subject
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . (int) $data['forum_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// this post is the latest post in the forum, better update
if ($row['forum_last_post_id'] == $data['post_id'] && ($row['forum_last_post_subject'] !== $subject || $data['poster_id'] == ANONYMOUS)) {
// the post's subject changed
if ($row['forum_last_post_subject'] !== $subject) {
$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_post_subject = '" . $db->sql_escape($subject) . "'";
}
// Update the user name if poster is anonymous... just in case a moderator changed it
if ($data['poster_id'] == ANONYMOUS) {
$sql_data[FORUMS_TABLE]['stat'][] = "forum_last_poster_name = '" . $db->sql_escape($username) . "'";
}
}
}
}
}
}
// Update forum stats
$where_sql = array(POSTS_TABLE => 'post_id = ' . $data['post_id'], TOPICS_TABLE => 'topic_id = ' . $data['topic_id'], FORUMS_TABLE => 'forum_id = ' . $data['forum_id'], USERS_TABLE => 'user_id = ' . $poster_id);
foreach ($sql_data as $table => $update_ary) {
if (isset($update_ary['stat']) && implode('', $update_ary['stat'])) {
$sql = "UPDATE {$table} SET " . implode(', ', $update_ary['stat']) . ' WHERE ' . $where_sql[$table];
$db->sql_query($sql);
}
}
// Delete topic shadows (if any exist). We do not need a shadow topic for an global announcement
if ($topic_type == POST_GLOBAL) {
$sql = 'DELETE FROM ' . TOPICS_TABLE . '
WHERE topic_moved_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
// Committing the transaction before updating search index
$db->sql_transaction('commit');
// Delete draft if post was loaded...
$draft_id = $request->variable('draft_loaded', 0);
if ($draft_id) {
$sql = 'DELETE FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND user_id = {$user->data['user_id']}";
$db->sql_query($sql);
}
// Index message contents
if ($update_search_index && $data['enable_indexing']) {
// Select the search method and do some additional checks to ensure it can actually be utilised
$search_type = $config['search_type'];
if (!class_exists($search_type)) {
trigger_error('NO_SUCH_SEARCH_MODULE');
}
$error = false;
$search = new $search_type($error, $phpbb_root_path, $phpEx, $auth, $config, $db, $user, $phpbb_dispatcher);
if ($error) {
trigger_error($error);
}
$search->index($mode, $data['post_id'], $data['message'], $subject, $poster_id, $data['forum_id']);
}
// Topic Notification, do not change if moderator is changing other users posts...
if ($user->data['user_id'] == $poster_id) {
if (!$data['notify_set'] && $data['notify']) {
$sql = 'INSERT INTO ' . TOPICS_WATCH_TABLE . ' (user_id, topic_id)
VALUES (' . $user->data['user_id'] . ', ' . $data['topic_id'] . ')';
$db->sql_query($sql);
} else {
if (($config['email_enable'] || $config['jab_enable']) && $data['notify_set'] && !$data['notify']) {
$sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND topic_id = ' . $data['topic_id'];
$db->sql_query($sql);
}
}
}
if ($mode == 'post' || $mode == 'reply' || $mode == 'quote') {
// Mark this topic as posted to
markread('post', $data['forum_id'], $data['topic_id']);
}
// Mark this topic as read
// We do not use post_time here, this is intended (post_time can have a date in the past if editing a message)
markread('topic', $data['forum_id'], $data['topic_id'], time());
//
if ($config['load_db_lastread'] && $user->data['is_registered']) {
$sql = 'SELECT mark_time
FROM ' . FORUMS_TRACK_TABLE . '
WHERE user_id = ' . $user->data['user_id'] . '
AND forum_id = ' . $data['forum_id'];
$result = $db->sql_query($sql);
$f_mark_time = (int) $db->sql_fetchfield('mark_time');
$db->sql_freeresult($result);
} else {
if ($config['load_anon_lastread'] || $user->data['is_registered']) {
$f_mark_time = false;
}
}
if ($config['load_db_lastread'] && $user->data['is_registered'] || $config['load_anon_lastread'] || $user->data['is_registered']) {
// Update forum info
$sql = 'SELECT forum_last_post_time
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . $data['forum_id'];
$result = $db->sql_query($sql);
$forum_last_post_time = (int) $db->sql_fetchfield('forum_last_post_time');
$db->sql_freeresult($result);
update_forum_tracking_info($data['forum_id'], $forum_last_post_time, $f_mark_time, false);
}
// If a username was supplied or the poster is a guest, we will use the supplied username.
// Doing it this way we can use "...post by guest-username..." in notifications when
// "guest-username" is supplied or ommit the username if it is not.
$username = $username !== '' || !$user->data['is_registered'] ? $username : $user->data['username'];
// Send Notifications
$notification_data = array_merge($data, array('topic_title' => isset($data['topic_title']) ? $data['topic_title'] : $subject, 'post_username' => $username, 'poster_id' => $poster_id, 'post_text' => $data['message'], 'post_time' => $current_time, 'post_subject' => $subject));
/* @var $phpbb_notifications \phpbb\notification\manager */
$phpbb_notifications = $phpbb_container->get('notification_manager');
if ($post_visibility == ITEM_APPROVED) {
switch ($mode) {
case 'post':
$phpbb_notifications->add_notifications(array('notification.type.quote', 'notification.type.topic'), $notification_data);
break;
case 'reply':
case 'quote':
$phpbb_notifications->add_notifications(array('notification.type.quote', 'notification.type.bookmark', 'notification.type.post'), $notification_data);
break;
case 'edit_topic':
case 'edit_first_post':
case 'edit':
case 'edit_last_post':
$phpbb_notifications->update_notifications(array('notification.type.quote', 'notification.type.bookmark', 'notification.type.topic', 'notification.type.post'), $notification_data);
break;
}
} else {
if ($post_visibility == ITEM_UNAPPROVED) {
switch ($mode) {
case 'post':
$phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data);
break;
case 'reply':
case 'quote':
$phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data);
break;
case 'edit_topic':
case 'edit_first_post':
case 'edit':
case 'edit_last_post':
// Nothing to do here
break;
}
} else {
if ($post_visibility == ITEM_REAPPROVE) {
switch ($mode) {
case 'edit_topic':
case 'edit_first_post':
$phpbb_notifications->add_notifications('notification.type.topic_in_queue', $notification_data);
// Delete the approve_post notification so we can notify the user again,
// when his post got reapproved
$phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']);
break;
case 'edit':
case 'edit_last_post':
$phpbb_notifications->add_notifications('notification.type.post_in_queue', $notification_data);
// Delete the approve_post notification so we can notify the user again,
// when his post got reapproved
$phpbb_notifications->delete_notifications('notification.type.approve_post', $notification_data['post_id']);
break;
case 'post':
case 'reply':
case 'quote':
// Nothing to do here
break;
}
} else {
if ($post_visibility == ITEM_DELETED) {
switch ($mode) {
case 'post':
case 'reply':
case 'quote':
case 'edit_topic':
case 'edit_first_post':
case 'edit':
case 'edit_last_post':
// Nothing to do here
break;
}
}
}
}
}
$params = $add_anchor = '';
if ($post_visibility == ITEM_APPROVED) {
$params .= '&t=' . $data['topic_id'];
if ($mode != 'post') {
$params .= '&p=' . $data['post_id'];
$add_anchor = '#p' . $data['post_id'];
}
} else {
if ($mode != 'post' && $post_mode != 'edit_first_post' && $post_mode != 'edit_topic') {
$params .= '&t=' . $data['topic_id'];
}
}
$url = !$params ? "{$phpbb_root_path}viewforum.{$phpEx}" : "{$phpbb_root_path}viewtopic.{$phpEx}";
$url = append_sid($url, 'f=' . $data['forum_id'] . $params) . $add_anchor;
/**
* This event is used for performing actions directly after a post or topic
* has been submitted. When a new topic is posted, the topic ID is
* available in the $data array.
*
* The only action that can be done by altering data made available to this
* event is to modify the return URL ($url).
*
* @event core.submit_post_end
* @var string mode Variable containing posting mode value
* @var string subject Variable containing post subject value
* @var string username Variable containing post author name
* @var int topic_type Variable containing topic type value
* @var array poll Array with the poll data for the post
* @var array data Array with the data for the post
* @var int post_visibility Variable containing up to date post visibility
* @var bool update_message Flag indicating if the post will be updated
* @var bool update_search_index Flag indicating if the search index will be updated
* @var string url The "Return to topic" URL
*
* @since 3.1.0-a3
* @change 3.1.0-RC3 Added vars mode, subject, username, topic_type,
* poll, update_message, update_search_index
*/
$vars = array('mode', 'subject', 'username', 'topic_type', 'poll', 'data', 'post_visibility', 'update_message', 'update_search_index', 'url');
extract($phpbb_dispatcher->trigger_event('core.submit_post_end', compact($vars)));
return $url;
}
/**
* Remote upload method
* Uploads file from given url
*
* @param string $upload_url URL pointing to file to upload, for example http://www.foobar.com/example.gif
* @return filespec $file Object "filespec" is returned, all further operations can be done with this object
* @access public
*/
protected function remote_upload($upload_url)
{
$upload_ary = array();
$upload_ary['local_mode'] = true;
if (!preg_match('#^(https?://).*?\\.(' . implode('|', $this->upload->allowed_extensions) . ')$#i', $upload_url, $match)) {
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'URL_INVALID'));
}
$url = parse_url($upload_url);
$host = $url['host'];
$path = $url['path'];
$port = !empty($url['port']) ? (int) $url['port'] : 80;
$upload_ary['type'] = 'application/octet-stream';
$url['path'] = explode('.', $url['path']);
$ext = array_pop($url['path']);
$url['path'] = implode('', $url['path']);
$upload_ary['name'] = utf8_basename($url['path']) . ($ext ? '.' . $ext : '');
$filename = $url['path'];
$filesize = 0;
$remote_max_filesize = $this->get_max_file_size();
$errno = 0;
$errstr = '';
if (!($fsock = @fsockopen($host, $port, $errno, $errstr))) {
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'NOT_UPLOADED'));
}
// Make sure $path not beginning with /
if (strpos($path, '/') === 0) {
$path = substr($path, 1);
}
fputs($fsock, 'GET /' . $path . " HTTP/1.1\r\n");
fputs($fsock, "HOST: " . $host . "\r\n");
fputs($fsock, "Connection: close\r\n\r\n");
// Set a proper timeout for the socket
socket_set_timeout($fsock, $this->upload->upload_timeout);
$get_info = false;
$data = '';
$length = false;
$timer_stop = time() + $this->upload->upload_timeout;
while ((!$length || $filesize < $length) && !@feof($fsock)) {
if ($get_info) {
if ($length) {
// Don't attempt to read past end of file if server indicated length
$block = @fread($fsock, min($length - $filesize, 1024));
} else {
$block = @fread($fsock, 1024);
}
$filesize += strlen($block);
if ($remote_max_filesize && $filesize > $remote_max_filesize) {
$max_filesize = get_formatted_filesize($remote_max_filesize, false);
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit']));
}
$data .= $block;
} else {
$line = @fgets($fsock, 1024);
if ($line == "\r\n") {
$get_info = true;
} else {
if (stripos($line, 'content-type: ') !== false) {
$upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line)));
} else {
if ($this->upload->max_filesize && stripos($line, 'content-length: ') !== false) {
$length = (int) str_replace('content-length: ', '', strtolower($line));
if ($remote_max_filesize && $length && $length > $remote_max_filesize) {
$max_filesize = get_formatted_filesize($remote_max_filesize, false);
return $this->factory->get('filespec')->set_error($this->language->lang($this->upload->error_prefix . 'WRONG_FILESIZE', $max_filesize['value'], $max_filesize['unit']));
}
} else {
if (stripos($line, '404 not found') !== false) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'URL_NOT_FOUND');
}
}
}
}
}
$stream_meta_data = stream_get_meta_data($fsock);
// Cancel upload if we exceed timeout
if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'REMOTE_UPLOAD_TIMEOUT');
}
}
@fclose($fsock);
if (empty($data)) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'EMPTY_REMOTE_DATA');
}
$filename = tempnam(sys_get_temp_dir(), unique_id() . '-');
if (!($fp = @fopen($filename, 'wb'))) {
return $this->factory->get('filespec')->set_error($this->upload->error_prefix . 'NOT_UPLOADED');
}
$upload_ary['size'] = fwrite($fp, $data);
fclose($fp);
unset($data);
$upload_ary['tmp_name'] = $filename;
/** @var filespec $file */
$file = $this->factory->get('filespec')->set_upload_ary($upload_ary)->set_upload_namespace($this->upload);
$this->upload->common_checks($file);
return $file;
}
function copy_file($src, $trg, $overwrite = false, $die_on_failure = true, $source_relative_path = true)
{
global $convert, $phpbb_root_path, $config, $user, $db;
if (substr($trg, -1) == '/') {
$trg .= utf8_basename($src);
}
$src_path = relative_base($src, $source_relative_path, __LINE__, __FILE__);
$trg_path = $trg;
if (!$overwrite && @file_exists($trg_path)) {
return true;
}
if (!@file_exists($src_path)) {
return;
}
$path = $phpbb_root_path;
$parts = explode('/', $trg);
unset($parts[sizeof($parts) - 1]);
for ($i = 0; $i < sizeof($parts); ++$i) {
$path .= $parts[$i] . '/';
if (!is_dir($path)) {
@mkdir($path, 0777);
}
}
if (!phpbb_is_writable($path)) {
@chmod($path, 0777);
}
if (!@copy($src_path, $phpbb_root_path . $trg_path)) {
$convert->p_master->error(sprintf($user->lang['COULD_NOT_COPY'], $src_path, $phpbb_root_path . $trg_path), __LINE__, __FILE__, !$die_on_failure);
return;
}
if ($perm = @fileperms($src_path)) {
@chmod($phpbb_root_path . $trg_path, $perm);
}
return true;
}
/**
* Embed audio in HTML
*
* @author Anika Henke <*****@*****.**>
*
* @param string $src - ID of audio to embed
* @param array $atts - additional attributes for the <audio> tag
* @return string
*/
function _audio($src, $atts = array())
{
$files = array();
$isExternal = media_isexternal($src);
if ($isExternal) {
// take direct source for external files
list(, $srcMime) = mimetype($src);
$files[$srcMime] = $src;
} else {
// prepare alternative formats
$extensions = array('ogg', 'mp3', 'wav');
$files = media_alternativefiles($src, $extensions);
}
$out = '';
// open audio tag
$out .= '<audio ' . buildAttributes($atts) . ' controls="controls">' . NL;
$fallback = '';
// output source for each alternative audio format
foreach ($files as $mime => $file) {
if ($isExternal) {
$url = $file;
$linkType = 'externalmedia';
} else {
$url = ml($file, '', true, '&');
$linkType = 'internalmedia';
}
$title = $atts['title'] ? $atts['title'] : $this->_xmlEntities(utf8_basename(noNS($file)));
$out .= '<source src="' . hsc($url) . '" type="' . $mime . '" />' . NL;
// alternative content (just a link to the file)
$fallback .= $this->{$linkType}($file, $title, null, null, null, $cache = null, $linking = 'linkonly', $return = true);
}
// finish
$out .= $fallback;
$out .= '</audio>' . NL;
return $out;
}
public static function createLink($params)
{
$structure = array();
$structure['app'] = $params[0];
$structure['type'] = 'application';
//we need to fill $structure['icon'] with the application icon!
$app = new EyeosApplicationDescriptor(utf8_basename($params[0]));
$icon = FSI::toExternalUrl($app->getMeta()->get('eyeos.application.iconUrl'));
$structure['icon'] = str_replace('eyeos/extern/', 'index.php?extern=', $icon);
$linkName = utf8_basename($params[0]);
$info = pathinfo($linkName);
if (!isset($info['extension']) || $info['extension'] != 'lnk') {
$linkName .= '.lnk';
}
$path = 'home:///Desktop/';
$text = json_encode($structure);
$newFile = FSI::getFile($path . '/' . $linkName);
$newFile->createNewFile();
$newFile->putContents($text);
$newfile = FSI::getFile($path . '/' . $linkName);
$meta = $newfile->getMeta();
$meta->set('iconPositionX', $params[1]);
$meta->set('iconPositionY', $params[2]);
$newfile->setMeta($meta);
$return = array('class' => get_class($newfile), 'type' => $newfile->isDirectory() ? 'folder' : ($newfile->isLink() ? 'link' : 'file'), 'extension' => utf8_strtoupper($newfile->getExtension()), 'size' => $newfile->isDirectory() ? 0 : $newfile->getSize(), 'permissions' => $newfile->getPermissions(false), 'owner' => $newfile->getOwner(), 'group' => $newfile->getGroup(), 'absolutepath' => $newfile->getAbsolutePath(), 'meta' => $newfile->getMeta()->getAll());
if ($return['extension'] == 'LNK') {
$return['content'] = $newfile->getContents();
}
$return['name'] = $newfile->getName() != '/' ? $newfile->getName() : $return['absolutepath'];
if ($newfile instanceof EyeosAbstractVirtualFile) {
$return['virtual'] = 'true';
} else {
$return['virtual'] = 'false';
}
return $return;
}
/**
* General attachment parsing
*
* @param mixed $forum_id The forum id the attachments are displayed in (false if in private message)
* @param string &$message The post/private message
* @param array &$attachments The attachments to parse for (inline) display. The attachments array will hold templated data after parsing.
* @param array &$update_count The attachment counts to be updated - will be filled
* @param bool $preview If set to true the attachments are parsed for preview. Within preview mode the comments are fetched from the given $attachments array and not fetched from the database.
*/
function parse_attachments($forum_id, &$message, &$attachments, &$update_count, $preview = false)
{
if (!sizeof($attachments)) {
return;
}
global $template, $cache, $user, $phpbb_dispatcher;
global $extensions, $config, $phpbb_root_path, $phpEx;
//
$compiled_attachments = array();
if (!isset($template->filename['attachment_tpl'])) {
$template->set_filenames(array('attachment_tpl' => 'attachment.html'));
}
if (empty($extensions) || !is_array($extensions)) {
$extensions = $cache->obtain_attach_extensions($forum_id);
}
// Look for missing attachment information...
$attach_ids = array();
foreach ($attachments as $pos => $attachment) {
// If is_orphan is set, we need to retrieve the attachments again...
if (!isset($attachment['extension']) && !isset($attachment['physical_filename'])) {
$attach_ids[(int) $attachment['attach_id']] = $pos;
}
}
// Grab attachments (security precaution)
if (sizeof($attach_ids)) {
global $db;
$new_attachment_data = array();
$sql = 'SELECT *
FROM ' . ATTACHMENTS_TABLE . '
WHERE ' . $db->sql_in_set('attach_id', array_keys($attach_ids));
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!isset($attach_ids[$row['attach_id']])) {
continue;
}
// If we preview attachments we will set some retrieved values here
if ($preview) {
$row['attach_comment'] = $attachments[$attach_ids[$row['attach_id']]]['attach_comment'];
}
$new_attachment_data[$attach_ids[$row['attach_id']]] = $row;
}
$db->sql_freeresult($result);
$attachments = $new_attachment_data;
unset($new_attachment_data);
}
// Sort correctly
if ($config['display_order']) {
// Ascending sort
krsort($attachments);
} else {
// Descending sort
ksort($attachments);
}
foreach ($attachments as $attachment) {
if (!sizeof($attachment)) {
continue;
}
// We need to reset/empty the _file block var, because this function might be called more than once
$template->destroy_block_vars('_file');
$block_array = array();
// Some basics...
$attachment['extension'] = strtolower(trim($attachment['extension']));
$filename = $phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($attachment['physical_filename']);
$thumbnail_filename = $phpbb_root_path . $config['upload_path'] . '/thumb_' . utf8_basename($attachment['physical_filename']);
$upload_icon = '';
if (isset($extensions[$attachment['extension']])) {
if ($user->img('icon_topic_attach', '') && !$extensions[$attachment['extension']]['upload_icon']) {
$upload_icon = $user->img('icon_topic_attach', '');
} else {
if ($extensions[$attachment['extension']]['upload_icon']) {
$upload_icon = '<img src="' . $phpbb_root_path . $config['upload_icons_path'] . '/' . trim($extensions[$attachment['extension']]['upload_icon']) . '" alt="" />';
}
}
}
$filesize = get_formatted_filesize($attachment['filesize'], false);
$comment = bbcode_nl2br(censor_text($attachment['attach_comment']));
$block_array += array('UPLOAD_ICON' => $upload_icon, 'FILESIZE' => $filesize['value'], 'SIZE_LANG' => $filesize['unit'], 'DOWNLOAD_NAME' => utf8_basename($attachment['real_filename']), 'COMMENT' => $comment);
$denied = false;
if (!extension_allowed($forum_id, $attachment['extension'], $extensions)) {
$denied = true;
$block_array += array('S_DENIED' => true, 'DENIED_MESSAGE' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
}
if (!$denied) {
$l_downloaded_viewed = $download_link = '';
$display_cat = $extensions[$attachment['extension']]['display_cat'];
if ($display_cat == ATTACHMENT_CATEGORY_IMAGE) {
if ($attachment['thumbnail']) {
$display_cat = ATTACHMENT_CATEGORY_THUMB;
} else {
if ($config['img_display_inlined']) {
if ($config['img_link_width'] || $config['img_link_height']) {
$dimension = @getimagesize($filename);
// If the dimensions could not be determined or the image being 0x0 we display it as a link for safety purposes
if ($dimension === false || empty($dimension[0]) || empty($dimension[1])) {
$display_cat = ATTACHMENT_CATEGORY_NONE;
} else {
$display_cat = $dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height'] ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
}
}
} else {
$display_cat = ATTACHMENT_CATEGORY_NONE;
}
}
}
// Make some descisions based on user options being set.
if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg')) {
$display_cat = ATTACHMENT_CATEGORY_NONE;
}
if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash')) {
$display_cat = ATTACHMENT_CATEGORY_NONE;
}
$download_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id']);
$l_downloaded_viewed = 'VIEWED_COUNTS';
switch ($display_cat) {
// Images
case ATTACHMENT_CATEGORY_IMAGE:
$inline_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id']);
$download_link .= '&mode=view';
$block_array += array('S_IMAGE' => true, 'U_INLINE_LINK' => $inline_link);
$update_count[] = $attachment['attach_id'];
break;
// Images, but display Thumbnail
// Images, but display Thumbnail
case ATTACHMENT_CATEGORY_THUMB:
$thumbnail_link = append_sid("{$phpbb_root_path}download/file.{$phpEx}", 'id=' . $attachment['attach_id'] . '&t=1');
$download_link .= '&mode=view';
$block_array += array('S_THUMBNAIL' => true, 'THUMB_IMAGE' => $thumbnail_link);
$update_count[] = $attachment['attach_id'];
break;
// Windows Media Streams
// Windows Media Streams
case ATTACHMENT_CATEGORY_WM:
// Giving the filename directly because within the wm object all variables are in local context making it impossible
// to validate against a valid session (all params can differ)
// $download_link = $filename;
$block_array += array('U_FORUM' => generate_board_url(), 'ATTACH_ID' => $attachment['attach_id'], 'S_WM_FILE' => true);
// Viewed/Heared File ... update the download count
$update_count[] = $attachment['attach_id'];
break;
// Real Media Streams
// Real Media Streams
case ATTACHMENT_CATEGORY_RM:
case ATTACHMENT_CATEGORY_QUICKTIME:
$block_array += array('S_RM_FILE' => $display_cat == ATTACHMENT_CATEGORY_RM ? true : false, 'S_QUICKTIME_FILE' => $display_cat == ATTACHMENT_CATEGORY_QUICKTIME ? true : false, 'U_FORUM' => generate_board_url(), 'ATTACH_ID' => $attachment['attach_id']);
// Viewed/Heared File ... update the download count
$update_count[] = $attachment['attach_id'];
break;
// Macromedia Flash Files
// Macromedia Flash Files
case ATTACHMENT_CATEGORY_FLASH:
list($width, $height) = @getimagesize($filename);
$block_array += array('S_FLASH_FILE' => true, 'WIDTH' => $width, 'HEIGHT' => $height, 'U_VIEW_LINK' => $download_link . '&view=1');
// Viewed/Heared File ... update the download count
$update_count[] = $attachment['attach_id'];
break;
default:
$l_downloaded_viewed = 'DOWNLOAD_COUNTS';
$block_array += array('S_FILE' => true);
break;
}
if (!isset($attachment['download_count'])) {
$attachment['download_count'] = 0;
}
$block_array += array('U_DOWNLOAD_LINK' => $download_link, 'L_DOWNLOAD_COUNT' => $user->lang($l_downloaded_viewed, (int) $attachment['download_count']));
}
/**
* Use this event to modify the attachment template data.
*
* This event is triggered once per attachment.
*
* @event core.parse_attachments_modify_template_data
* @var array attachment Array with attachment data
* @var array block_array Template data of the attachment
* @var int display_cat Attachment category data
* @var string download_link Attachment download link
* @var array extensions Array with attachment extensions data
* @var mixed forum_id The forum id the attachments are displayed in (false if in private message)
* @var bool preview Flag indicating if we are in post preview mode
* @var array update_count Array with attachment ids to update download count
* @since 3.1.0-RC5
*/
$vars = array('attachment', 'block_array', 'display_cat', 'download_link', 'extensions', 'forum_id', 'preview', 'update_count');
extract($phpbb_dispatcher->trigger_event('core.parse_attachments_modify_template_data', compact($vars)));
$template->assign_block_vars('_file', $block_array);
$compiled_attachments[] = $template->assign_display('attachment_tpl');
}
$attachments = $compiled_attachments;
unset($compiled_attachments);
$tpl_size = sizeof($attachments);
$unset_tpl = array();
preg_match_all('#<!\\-\\- ia([0-9]+) \\-\\->(.*?)<!\\-\\- ia\\1 \\-\\->#', $message, $matches, PREG_PATTERN_ORDER);
$replace = array();
foreach ($matches[0] as $num => $capture) {
// Flip index if we are displaying the reverse way
$index = $config['display_order'] ? $tpl_size - ($matches[1][$num] + 1) : $matches[1][$num];
$replace['from'][] = $matches[0][$num];
$replace['to'][] = isset($attachments[$index]) ? $attachments[$index] : sprintf($user->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][array_search($index, $matches[1])]);
$unset_tpl[] = $index;
}
if (isset($replace['from'])) {
$message = str_replace($replace['from'], $replace['to'], $message);
}
$unset_tpl = array_unique($unset_tpl);
// Needed to let not display the inlined attachments at the end of the post again
foreach ($unset_tpl as $index) {
unset($attachments[$index]);
}
}
/**
* Load the given file, handle include calls and print it
*
* @author Andreas Gohr <*****@*****.**>
*/
function js_load($file)
{
if (!@file_exists($file)) {
return;
}
static $loaded = array();
$data = io_readFile($file);
while (preg_match('#/\\*\\s*DOKUWIKI:include(_once)?\\s+([\\w\\.\\-_/]+)\\s*\\*/#', $data, $match)) {
$ifile = $match[2];
// is it a include_once?
if ($match[1]) {
$base = utf8_basename($ifile);
if ($loaded[$base]) {
$data = str_replace($match[0], '', $data);
continue;
}
$loaded[$base] = true;
}
if ($ifile[0] != '/') {
$ifile = dirname($file) . '/' . $ifile;
}
if (@file_exists($ifile)) {
$idata = io_readFile($ifile);
} else {
$idata = '';
}
$data = str_replace($match[0], $idata, $data);
}
echo "{$data}\n";
}
/**
* Renders internal and external media
*
* @author Andreas Gohr <*****@*****.**>
*/
function _media($src, $title = NULL, $align = NULL, $width = NULL, $height = NULL, $cache = NULL, $render = true)
{
$ret = '';
list($ext, $mime, $dl) = mimetype($src);
if (substr($mime, 0, 5) == 'image') {
// first get the $title
if (!is_null($title)) {
$title = $this->_xmlEntities($title);
} elseif ($ext == 'jpg' || $ext == 'jpeg') {
//try to use the caption from IPTC/EXIF
require_once DOKU_INC . 'inc/JpegMeta.php';
$jpeg = new JpegMeta(mediaFN($src));
if ($jpeg !== false) {
$cap = $jpeg->getTitle();
}
if ($cap) {
$title = $this->_xmlEntities($cap);
}
}
if (!$render) {
// if the picture is not supposed to be rendered
// return the title of the picture
if (!$title) {
// just show the sourcename
$title = $this->_xmlEntities(utf8_basename(noNS($src)));
}
return $title;
}
//add image tag
$ret .= '<img src="' . ml($src, array('w' => $width, 'h' => $height, 'cache' => $cache)) . '"';
$ret .= ' class="media' . $align . '"';
if ($title) {
$ret .= ' title="' . $title . '"';
$ret .= ' alt="' . $title . '"';
} else {
$ret .= ' alt=""';
}
if (!is_null($width)) {
$ret .= ' width="' . $this->_xmlEntities($width) . '"';
}
if (!is_null($height)) {
$ret .= ' height="' . $this->_xmlEntities($height) . '"';
}
$ret .= ' />';
} elseif ($mime == 'application/x-shockwave-flash') {
if (!$render) {
// if the flash is not supposed to be rendered
// return the title of the flash
if (!$title) {
// just show the sourcename
$title = utf8_basename(noNS($src));
}
return $this->_xmlEntities($title);
}
$att = array();
$att['class'] = "media{$align}";
if ($align == 'right') {
$att['align'] = 'right';
}
if ($align == 'left') {
$att['align'] = 'left';
}
$ret .= html_flashobject(ml($src, array('cache' => $cache), true, '&'), $width, $height, array('quality' => 'high'), null, $att, $this->_xmlEntities($title));
} elseif ($title) {
// well at least we have a title to display
$ret .= $this->_xmlEntities($title);
} else {
// just show the sourcename
$ret .= $this->_xmlEntities(utf8_basename(noNS($src)));
}
return $ret;
}
/**
* Delete attached file
*/
function phpbb_unlink($filename, $mode = 'file', $entry_removed = false)
{
global $db, $phpbb_root_path, $config;
// Because of copying topics or modifications a physical filename could be assigned more than once. If so, do not remove the file itself.
$sql = 'SELECT COUNT(attach_id) AS num_entries
FROM ' . ATTACHMENTS_TABLE . "\n\t\tWHERE physical_filename = '" . $db->sql_escape(utf8_basename($filename)) . "'";
$result = $db->sql_query($sql);
$num_entries = (int) $db->sql_fetchfield('num_entries');
$db->sql_freeresult($result);
// Do not remove file if at least one additional entry with the same name exist.
if ($entry_removed && $num_entries > 0 || !$entry_removed && $num_entries > 1) {
return false;
}
$filename = $mode == 'thumbnail' ? 'thumb_' . utf8_basename($filename) : utf8_basename($filename);
return @unlink($phpbb_root_path . $config['upload_path'] . '/' . $filename);
}
