public function print_users($username, $start_from, $sort_by, $sort_dir, $show_group)
{
$userlist_data = array();
$username = Container::get('hooks')->fire('model.userlist.print_users_start', $username, $start_from, $sort_by, $sort_dir, $show_group);
// Retrieve a list of user IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
$result = DB::for_table('users')->select('u.id')->table_alias('u')->where_gt('u.id', 1)->where_not_equal('u.group_id', ForumEnv::get('FEATHER_UNVERIFIED'));
if ($username != '') {
$result = $result->where_like('u.username', str_replace('*', '%', $username));
}
if ($show_group > -1) {
$result = $result->where('u.group_id', $show_group);
}
$result = $result->order_by($sort_by, $sort_dir)->order_by_asc('u.id')->limit(50)->offset($start_from);
$result = Container::get('hooks')->fireDB('model.userlist.print_users_query', $result);
$result = $result->find_many();
if ($result) {
$user_ids = array();
foreach ($result as $cur_user_id) {
$user_ids[] = $cur_user_id['id'];
}
// Grab the users
$result['select'] = array('u.id', 'u.username', 'u.title', 'u.num_posts', 'u.registered', 'g.g_id', 'g.g_user_title');
$result = DB::for_table('users')->table_alias('u')->select_many($result['select'])->left_outer_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->where_in('u.id', $user_ids)->order_by($sort_by, $sort_dir)->order_by_asc('u.id');
$result = Container::get('hooks')->fireDB('model.userlist.print_users_grab_query', $result);
$result = $result->find_many();
foreach ($result as $user_data) {
$userlist_data[] = $user_data;
}
}
$userlist_data = Container::get('hooks')->fire('model.userlist.print_users', $userlist_data);
return $userlist_data;
}
public function validate_search_word($word, $idx)
{
static $stopwords;
// If the word is a keyword we don't want to index it, but we do want to be allowed to search it
if ($this->is_keyword($word)) {
return !$idx;
}
if (!isset($stopwords)) {
if (!Container::get('cache')->isCached('stopwords')) {
Container::get('cache')->store('stopwords', \FeatherBB\Model\Cache::get_config(), '+1 week');
}
$stopwords = Container::get('cache')->retrieve('stopwords');
}
// If it is a stopword it isn't valid
if (in_array($word, $stopwords)) {
return false;
}
// If the word is CJK we don't want to index it, but we do want to be allowed to search it
if ($this->is_cjk($word)) {
return !$idx;
}
// Exclude % and * when checking whether current word is valid
$word = str_replace(array('%', '*'), '', $word);
// Check the word is within the min/max length
$num_chars = Utils::strlen($word);
return $num_chars >= ForumEnv::get('FEATHER_SEARCH_MIN_WORD') && $num_chars <= ForumEnv::get('FEATHER_SEARCH_MAX_WORD');
}
public static function generateAdminMenu($page = '')
{
$is_admin = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') ? true : false;
// See if there are any plugins that want to display in the menu
$plugins = self::adminPluginsMenu($is_admin);
\View::setPageInfo(array('page' => $page, 'is_admin' => $is_admin, 'plugins' => $plugins), 1)->addTemplate('admin/menu.php');
}
public function display($req, $res, $args)
{
Container::get('hooks')->fire('controller.register.display');
if (!User::get()->is_guest) {
return Router::redirect(Router::pathFor('home'));
}
// Antispam feature
$lang_antispam_questions = (require ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/antispam.php');
$index_questions = rand(0, count($lang_antispam_questions) - 1);
// Display an error message if new registrations are disabled
// If $_REQUEST['username'] or $_REQUEST['password'] are filled, we are facing a bot
if (ForumSettings::get('o_regs_allow') == '0' || Input::post('username') || Input::post('password')) {
throw new Error(__('No new regs'), 403);
}
$user['timezone'] = isset($user['timezone']) ? $user['timezone'] : ForumSettings::get('o_default_timezone');
$user['dst'] = isset($user['dst']) ? $user['dst'] : ForumSettings::get('o_default_dst');
$user['email_setting'] = isset($user['email_setting']) ? $user['email_setting'] : ForumSettings::get('o_default_email_setting');
$user['errors'] = '';
if (Request::isPost()) {
$user = $this->model->check_for_errors();
// Did everything go according to plan? Insert the user
if (empty($user['errors'])) {
return $this->model->insert_user($user);
}
}
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Register')), 'focus_element' => array('register', 'req_user'), 'required_fields' => array('req_user' => __('Username'), 'req_password1' => __('Password'), 'req_password2' => __('Confirm pass'), 'req_email1' => __('Email'), 'req_email2' => __('Email') . ' 2', 'captcha' => __('Robot title')), 'active_page' => 'register', 'is_indexed' => true, 'errors' => $user['errors'], 'index_questions' => $index_questions, 'languages' => \FeatherBB\Core\Lister::getLangs(), 'question' => array_keys($lang_antispam_questions), 'qencoded' => md5(array_keys($lang_antispam_questions)[$index_questions])))->addTemplate('register/form.php')->display();
}
public function __construct()
{
$this->model = new \FeatherBB\Model\Admin\Bans();
translate('admin/bans');
if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator != '1' || User::get()->g_mod_ban_users == '0')) {
throw new Error(__('No permission'), '403');
}
}
public function __invoke($request, $response, $next)
{
// Redirect user to home page if not admin
if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN')) {
return Router::redirect(Router::pathFor('home'), __('No permission'));
}
$response = $next($request, $response);
return $response;
}
public function get_smiley_files()
{
$imgfiles = array();
$filelist = scandir(ForumEnv::get('FEATHER_ROOT') . 'style/img/smilies');
$filelist = Container::get('hooks')->fire('model.admin.parser.get_smiley_files.filelist', $filelist);
foreach ($filelist as $file) {
if (preg_match('/\\.(?:png|gif|jpe?g)$/', $file)) {
$imgfiles[] = $file;
}
}
$imgfiles = Container::get('hooks')->fire('model.admin.parser.get_smiley_files.imgfiles', $imgfiles);
return $imgfiles;
}
/**
* Get available langs
*/
public static function getLangs($folder = '')
{
$langs = array();
$iterator = new \DirectoryIterator(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/');
foreach ($iterator as $child) {
if (!$child->isDot() && $child->isDir() && file_exists($child->getPathname() . DIRECTORY_SEPARATOR . 'common.po')) {
// If the lang pack is well formed, add it to the list
$langs[] = $child->getFileName();
}
}
natcasesort($langs);
return $langs;
}
public function display($req, $res, $args)
{
Container::get('hooks')->fire('controller.admin.users.display');
// Move multiple users to other user groups
if (Input::post('move_users') || Input::post('move_users_comply')) {
if (User::get()->g_id > ForumEnv::get('FEATHER_ADMIN')) {
throw new Error(__('No permission'), 403);
}
AdminUtils::generateAdminMenu('users');
return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Move users')), 'active_page' => 'moderate', 'admin_console' => true, 'move' => $this->model->move_users()))->addTemplate('admin/users/move_users.php')->display();
}
// Delete multiple users
if (Input::post('delete_users') || Input::post('delete_users_comply')) {
if (User::get()->g_id > ForumEnv::get('FEATHER_ADMIN')) {
throw new Error(__('No permission'), 403);
}
AdminUtils::generateAdminMenu('users');
return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Delete users')), 'active_page' => 'moderate', 'admin_console' => true, 'user_ids' => $this->model->delete_users()))->addTemplate('admin/users/delete_users.php')->display();
}
// Ban multiple users
if (Input::post('ban_users') || Input::post('ban_users_comply')) {
if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator != '1' || User::get()->g_mod_ban_users == '0')) {
throw new Error(__('No permission'), 403);
}
AdminUtils::generateAdminMenu('users');
return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Bans')), 'active_page' => 'moderate', 'focus_element' => array('bans2', 'ban_message'), 'admin_console' => true, 'user_ids' => $this->model->ban_users()))->addTemplate('admin/users/ban_users.php')->display();
}
// Display bans
if (Input::query('find_user')) {
// Return conditions and query string for the URL
$search = $this->model->get_user_search();
// Fetch user count
$num_users = $this->model->get_num_users_search($search['conditions']);
// Determine the user offset (based on $_GET['p'])
$num_pages = ceil($num_users / 50);
$p = !Input::query('p') || Input::query('p') <= 1 || Input::query('p') > $num_pages ? 1 : intval(Input::query('p'));
$start_from = 50 * ($p - 1);
// Generate paging links
$paging_links = '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate_old($num_pages, $p, '?find_user=&' . implode('&', $search['query_str']));
// Some helper variables for permissions
$can_delete = $can_move = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN');
$can_ban = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_ban_users == '1';
$can_action = ($can_delete || $can_ban || $can_move) && $num_users > 0;
View::addAsset('js', 'style/imports/common.js', array('type' => 'text/javascript'));
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users'), __('Results head')), 'active_page' => 'admin', 'admin_console' => true, 'paging_links' => $paging_links, 'search' => $search, 'start_from' => $start_from, 'can_delete' => $can_delete, 'can_ban' => $can_ban, 'can_action' => $can_action, 'can_move' => $can_move, 'user_data' => $this->model->print_users($search['conditions'], $search['order_by'], $search['direction'], $start_from)))->addTemplate('admin/users/find_users.php')->display();
} else {
AdminUtils::generateAdminMenu('users');
return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Users')), 'active_page' => 'admin', 'admin_console' => true, 'focus_element' => array('find_user', 'form[username]'), 'group_list' => $this->model->get_group_list()))->addTemplate('admin/users/admin_users.php')->display();
}
}
/**
* Uninstall a plugin after deactivated
*/
public function uninstall($name)
{
$name = Container::get('hooks')->fire('model.plugin.uninstall.name', $name);
$activePlugins = $this->manager->getActivePlugins();
// Check if plugin is disabled, for security
if (!in_array($name, $activePlugins)) {
$plugin = DB::for_table('plugins')->where('name', $name)->find_one();
if ($plugin) {
$plugin->delete();
}
// Allow additional uninstalling functions
$this->manager->uninstall($name);
if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $name)) {
AdminUtils::delete_folder(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $name);
}
$this->manager->setActivePlugins();
}
return true;
}
/**
* Load a .mo file into the text domain $domain.
*
* If the text domain already exists, the translations will be merged. If both
* sets have the same string, the translation from the original value will be taken.
*
* On success, the .mo file will be placed in the $l10n global by $domain
* and will be a MO object.
*
* @param string $domain Text domain. Unique identifier for retrieving translated strings.
* @param string $mofile Path to the .mo file.
*
* @return boolean True on success, false on failure.
*
* Inspired from Luna <http://getluna.org>
*/
function translate($mofile, $domain = 'featherbb', $language = false)
{
global $l10n;
if (!$language) {
$mofile = ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/' . $mofile . '.mo';
} else {
$mofile = ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . $language . '/' . $mofile . '.mo';
}
if (!is_readable($mofile)) {
return false;
}
$mo = new MO();
if (!$mo->import_from_file($mofile)) {
return false;
}
if (isset($l10n[$domain])) {
$mo->merge_with($l10n[$domain]);
}
$l10n[$domain] =& $mo;
return true;
}
/**
* Download a plugin, unzip it and rename it
*/
public function download($req, $res, $args)
{
$zipFile = ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip';
$zipResource = fopen($zipFile, "w");
// Get the zip file straight from GitHub
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://codeload.github.com/featherbb/' . $args['name'] . '/zip/' . $args['version']);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FILE, $zipResource);
$page = curl_exec($ch);
curl_close($ch);
fclose($zipResource);
if (!$page) {
unlink(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip');
throw new Error(__('Bad request'), 400);
}
$zip = new ZipArchive();
if ($zip->open($zipFile) != true) {
throw new Error(__('Bad request'), 400);
}
$zip->extractTo(ForumEnv::get('FEATHER_ROOT') . 'plugins');
$zip->close();
if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'])) {
AdminUtils::delete_folder(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name']);
}
rename(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'], ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name']);
unlink(ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $args['name'] . "-" . $args['version'] . '.zip');
return Router::redirect(Router::pathFor('adminPlugins'), 'Plugin downloaded!');
}
public function insert_user($user)
{
$user = Container::get('hooks')->fire('model.register.insert_user_start', $user);
// Insert the new user into the database. We do this now to get the last inserted ID for later use
$now = time();
$intial_group_id = ForumSettings::get('o_regs_verify') == '0' ? ForumSettings::get('o_default_user_group') : ForumEnv::get('FEATHER_UNVERIFIED');
$password_hash = Random::hash($user['password1']);
// Add the user
$user['insert'] = array('username' => $user['username'], 'group_id' => $intial_group_id, 'password' => $password_hash, 'email' => $user['email1'], 'email_setting' => ForumSettings::get('o_default_email_setting'), 'timezone' => ForumSettings::get('o_default_timezone'), 'dst' => 0, 'language' => $user['language'], 'style' => ForumSettings::get('o_default_style'), 'registered' => $now, 'registration_ip' => Utils::getIp(), 'last_visit' => $now);
$user = DB::for_table('users')->create()->set($user['insert']);
$user = Container::get('hooks')->fireDB('model.register.insert_user_query', $user);
$user = $user->save();
$new_uid = DB::get_db()->lastInsertId(ForumSettings::get('db_prefix') . 'users');
// If the mailing list isn't empty, we may need to send out some alerts
if (ForumSettings::get('o_mailing_list') != '') {
// If we previously found out that the email was banned
if (isset($user['banned_email'])) {
// Load the "banned email register" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/banned_email_register.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.register.insert_user_banned_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.register.insert_user_banned_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<email>', $user['email1'], $mail_message);
$mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.register.insert_user_banned_mail_message', $mail_message);
Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
}
// If we previously found out that the email was a dupe
if (!empty($dupe_list)) {
// Load the "dupe email register" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/dupe_email_register.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<dupe_list>', implode(', ', $dupe_list), $mail_message);
$mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.register.insert_user_dupe_mail_message', $mail_message);
Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
}
// Should we alert people on the admin mailing list that a new user has registered?
if (ForumSettings::get('o_regs_report') == '1') {
// Load the "new user" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/new_user.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.register.insert_user_new_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.register.insert_user_new_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message);
$mail_message = str_replace('<profile_url>', Router::pathFor('userProfile', ['id' => $new_uid]), $mail_message);
$mail_message = str_replace('<admin_url>', Router::pathFor('profileSection', ['id' => $new_uid, 'section' => 'admin']), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.register.insert_user_new_mail_message', $mail_message);
Container::get('email')->feather_mail(ForumSettings::get('o_mailing_list'), $mail_subject, $mail_message);
}
}
// Must the user verify the registration or do we log him/her in right now?
if (ForumSettings::get('o_regs_verify') == '1') {
// Load the "welcome" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/welcome.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_subject = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_subject', $mail_subject);
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('<board_title>', ForumSettings::get('o_board_title'), $mail_subject);
$mail_message = str_replace('<base_url>', Router::pathFor('home'), $mail_message);
$mail_message = str_replace('<username>', $user['username'], $mail_message);
$mail_message = str_replace('<password>', $user['password1'], $mail_message);
$mail_message = str_replace('<login_url>', Router::pathFor('login'), $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.register.insert_user_welcome_mail_message', $mail_message);
Container::get('email')->feather_mail($user['email1'], $mail_subject, $mail_message);
return Router::redirect(Router::pathFor('home'), __('Reg email') . ' <a href="mailto:' . Utils::escape(ForumSettings::get('o_admin_email')) . '">' . Utils::escape(ForumSettings::get('o_admin_email')) . '</a>.');
}
$user_object = new \stdClass();
$user_object->id = $new_uid;
$user_object->username = $user['username'];
$expire = time() + ForumSettings::get('o_timeout_visit');
$jwt = AuthModel::generate_jwt($user_object, $expire);
AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
// Refresh cache
Container::get('cache')->store('users_info', Cache::get_users_info());
Container::get('hooks')->fire('model.register.insert_user');
return Router::redirect(Router::pathFor('home'), __('Reg complete'));
}
?>
"><input type="hidden" name="csrf_value" value="<?php
echo $csrf_value;
?>
">
<div class="inform">
<fieldset>
<legend><?php
_e('Username and pass legend');
?>
</legend>
<div class="infldset">
<input type="hidden" name="form_sent" value="1" />
<?php
echo $user_disp['username_field'];
if (User::get()->id == $id || User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || $user['g_moderator'] == '0' && User::get()->g_mod_change_passwords == '1') {
?>
<p class="actions"><span><a href="<?php
echo Router::pathFor('profileAction', ['id' => $id, 'action' => 'change_pass']);
?>
"><?php
_e('Change pass');
?>
</a></span></p>
<?php
}
?>
</div>
</fieldset>
</div>
<div class="inform">
<?php
foreach ($assets as $type => $items) {
if ($type == 'js') {
continue;
}
echo "\t" . '<!-- ' . ucfirst($type) . ' -->' . "\n";
foreach ($items as $item) {
echo "\t" . '<link ';
foreach ($item['params'] as $key => $value) {
echo $key . '="' . $value . '" ';
}
echo 'href="' . Url::base_static() . '/' . $item['file'] . '">' . "\n";
}
}
if ($admin_console) {
if (file_exists(ForumEnv::get('FEATHER_ROOT') . 'style/themes/' . User::get()->style . '/base_admin.css')) {
echo "\t" . '<link rel="stylesheet" type="text/css" href="' . Url::base_static() . '/style/themes/' . User::get()->style . '/base_admin.css" />' . "\n";
} else {
echo "\t" . '<link rel="stylesheet" type="text/css" href="' . Url::base_static() . '/style/imports/base_admin.css" />' . "\n";
}
}
if (isset($required_fields)) {
// Output JavaScript to validate form (make sure required fields are filled out)
?>
<script type="text/javascript">
/* <![CDATA[ */
function process_form(the_form)
{
var required_fields = {
<?php
// Output a JavaScript object with localised field names
public function __invoke($req, $res, $next)
{
// Set headers
$res = $this->set_headers($res);
// Block prefetch requests
if (isset($this->app->environment['HTTP_X_MOZ']) && $this->app->environment['HTTP_X_MOZ'] == 'prefetch') {
return $this->app->response->setStatus(403);
// Send forbidden header
}
// Populate Slim object with forum_env vars
Container::set('forum_env', $this->forum_env);
// Load FeatherBB utils class
Container::set('utils', function ($container) {
return new Utils();
});
// Record start time
Container::set('start', Utils::get_microtime());
// Define now var
Container::set('now', function () {
return time();
});
// Load FeatherBB cache
Container::set('cache', function ($container) {
$path = $this->forum_env['FORUM_CACHE_DIR'];
return new \FeatherBB\Core\Cache(array('name' => 'feather', 'path' => $path, 'extension' => '.cache'));
});
// Load FeatherBB permissions
Container::set('perms', function ($container) {
return new \FeatherBB\Core\Permissions();
});
// Load FeatherBB preferences
Container::set('prefs', function ($container) {
return new \FeatherBB\Core\Preferences();
});
// Load FeatherBB view
Container::set('template', function ($container) {
return new View();
});
// Load FeatherBB url class
Container::set('url', function ($container) {
return new Url();
});
// Load FeatherBB hooks
Container::set('hooks', function ($container) {
return new Hooks();
});
// Load FeatherBB email class
Container::set('email', function ($container) {
return new Email();
});
Container::set('parser', function ($container) {
return new Parser();
});
// Set cookies
Container::set('cookie', function ($container) {
$request = $container->get('request');
return new \Slim\Http\Cookies($request->getCookieParams());
});
Container::set('flash', function ($c) {
return new \Slim\Flash\Messages();
});
// This is the very first hook fired
Container::get('hooks')->fire('core.start');
if (!is_file(ForumEnv::get('FORUM_CONFIG_FILE'))) {
// Reset cache
Container::get('cache')->flush();
$installer = new \FeatherBB\Controller\Install();
return $installer->run();
}
// Load config from disk
include ForumEnv::get('FORUM_CONFIG_FILE');
if (isset($featherbb_config) && is_array($featherbb_config)) {
$this->forum_settings = array_merge(self::load_default_forum_settings(), $featherbb_config);
} else {
$this->app->response->setStatus(500);
// Send forbidden header
return $this->app->response->setBody('Wrong config file format');
}
// Init DB and configure Slim
self::init_db($this->forum_settings, ForumEnv::get('FEATHER_SHOW_INFO'));
Config::set('displayErrorDetails', ForumEnv::get('FEATHER_DEBUG'));
if (!Container::get('cache')->isCached('config')) {
Container::get('cache')->store('config', \FeatherBB\Model\Cache::get_config());
}
// Finalize forum_settings array
$this->forum_settings = array_merge(Container::get('cache')->retrieve('config'), $this->forum_settings);
Container::set('forum_settings', $this->forum_settings);
// Set default style and assets
Container::get('template')->setStyle(ForumSettings::get('o_default_style'));
Container::get('template')->addAsset('js', 'style/themes/FeatherBB/phone.min.js');
// Run activated plugins
self::loadPlugins();
// Define time formats and add them to the container
Container::set('forum_time_formats', array(ForumSettings::get('o_time_format'), 'H:i:s', 'H:i', 'g:i:s a', 'g:i a'));
Container::set('forum_date_formats', array(ForumSettings::get('o_date_format'), 'Y-m-d', 'Y-d-m', 'd-m-Y', 'm-d-Y', 'M j Y', 'jS M Y'));
// Call FeatherBBAuth middleware
return $next($req, $res);
}
public static function generate_avatar_markup($user_id)
{
$filetypes = array('jpg', 'gif', 'png');
$avatar_markup = '';
foreach ($filetypes as $cur_type) {
$path = ForumSettings::get('o_avatars_dir') . '/' . $user_id . '.' . $cur_type;
if (file_exists(ForumEnv::get('FEATHER_ROOT') . $path) && ($img_size = getimagesize(ForumEnv::get('FEATHER_ROOT') . $path))) {
$avatar_markup = '<img src="' . \FeatherBB\Core\Utils::escape(Container::get('url')->base(true) . '/' . $path . '?m=' . filemtime(ForumEnv::get('FEATHER_ROOT') . $path)) . '" ' . $img_size[3] . ' alt="" />';
break;
}
}
return $avatar_markup;
}
public function set_default_group($groups)
{
$group_id = intval(Input::post('default_group'));
$group_id = Container::get('hooks')->fire('model.admin.groups.set_default_group.group_id', $group_id);
// Make sure it's not the admin or guest groups
if ($group_id == ForumEnv::get('FEATHER_ADMIN') || $group_id == ForumEnv::get('FEATHER_GUEST')) {
throw new Error(__('Bad request'), 404);
}
// Make sure it's not a moderator group
if ($groups[$group_id]['g_moderator'] != 0) {
throw new Error(__('Bad request'), 404);
}
DB::for_table('config')->where('conf_name', 'o_default_user_group')->update_many('conf_value', $group_id);
// Regenerate the config cache
Container::get('cache')->store('config', Cache::get_config());
return Router::redirect(Router::pathFor('adminGroups'), __('Default group redirect'));
}
public function editpost($req, $res, $args)
{
Container::get('hooks')->fire('controller.post.edit');
// Fetch some informations about the post, the topic and the forum
$cur_post = $this->model->get_info_edit($args['id']);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] != '' ? unserialize($cur_post['moderators']) : array();
$is_admmod = User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && array_key_exists(User::get()->username, $mods_array) ? true : false;
$can_edit_subject = $args['id'] == $cur_post['first_post_id'];
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['subject'] = Utils::censor($cur_post['subject']);
$cur_post['message'] = Utils::censor($cur_post['message']);
}
// Do we have permission to edit this post?
if ((User::get()->g_edit_posts == '0' || $cur_post['poster_id'] != User::get()->id || $cur_post['closed'] == '1') && !$is_admmod) {
throw new Error(__('No permission'), 403);
}
if ($is_admmod && User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && in_array($cur_post['poster_id'], Utils::get_admin_ids())) {
throw new Error(__('No permission'), 403);
}
// Start with a clean slate
$errors = array();
if (Request::isPost()) {
Container::get('hooks')->fire('controller.post.edit.submit', $args['id']);
// Let's see if everything went right
$errors = $this->model->check_errors_before_edit($can_edit_subject, $errors);
// Setup some variables before post
$post = $this->model->setup_edit_variables($cur_post, $is_admmod, $can_edit_subject, $errors);
// Did everything go according to plan?
if (empty($errors) && !Input::post('preview')) {
Container::get('hooks')->fire('controller.post.edit.valid', $args['id']);
// Edit the post
$this->model->edit_post($args['id'], $can_edit_subject, $post, $cur_post, $is_admmod);
return Router::redirect(Router::pathFor('viewPost', ['pid' => $args['id']]) . '#p' . $args['id'], __('Post redirect'));
}
} else {
$post = '';
}
if (Input::post('preview')) {
$preview_message = Container::get('parser')->parse_message($post['message'], $post['hide_smilies']);
$preview_message = Container::get('hooks')->fire('controller.post.edit.preview', $preview_message);
} else {
$preview_message = '';
}
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Edit post')), 'required_fields' => array('req_subject' => __('Subject'), 'req_message' => __('Message')), 'focus_element' => array('edit', 'req_message'), 'cur_post' => $cur_post, 'errors' => $errors, 'preview_message' => $preview_message, 'id' => $args['id'], 'checkboxes' => $this->model->get_edit_checkboxes($can_edit_subject, $is_admmod, $cur_post, 1), 'can_edit_subject' => $can_edit_subject, 'post' => $post))->addTemplate('edit.php')->display();
}
public function send_email($mail)
{
$mail = Container::get('hooks')->fire('model.profile.send_email_start', $mail);
// Clean up message and subject from POST
$subject = Utils::trim(Input::post('req_subject'));
$message = Utils::trim(Input::post('req_message'));
if ($subject == '') {
throw new Error(__('No email subject'), 400);
} elseif ($message == '') {
throw new Error(__('No email message'), 400);
} elseif (strlen($message) > ForumEnv::get('FEATHER_MAX_POSTSIZE')) {
throw new Error(__('Too long email message'), 400);
}
if (User::get()->last_email_sent != '' && time() - User::get()->last_email_sent < User::get()->g_email_flood && time() - User::get()->last_email_sent >= 0) {
throw new Error(sprintf(__('Email flood'), User::get()->g_email_flood, User::get()->g_email_flood - (time() - User::get()->last_email_sent)), 429);
}
// Load the "form email" template
$mail_tpl = trim(file_get_contents(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/mail_templates/form_email.tpl'));
$mail_tpl = Container::get('hooks')->fire('model.profile.send_email_mail_tpl', $mail_tpl);
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = Utils::trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = Utils::trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
$mail_message = str_replace('<sender>', User::get()->username, $mail_message);
$mail_message = str_replace('<board_title>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = str_replace('<mail_message>', $message, $mail_message);
$mail_message = str_replace('<board_mailer>', ForumSettings::get('o_board_title'), $mail_message);
$mail_message = Container::get('hooks')->fire('model.profile.send_email_mail_message', $mail_message);
Container::get('email')->feather_mail($mail['recipient_email'], $mail_subject, $mail_message, User::get()->email, User::get()->username);
$update_last_mail_sent = DB::for_table('users')->where('id', User::get()->id)->find_one()->set('last_email_sent', time());
$update_last_mail_sent = Container::get('hooks')->fireDB('model.profile.send_email_update_last_mail_sent', $update_last_mail_sent);
$update_last_mail_sent = $update_last_mail_sent->save();
// Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after the email is sent) TODO
//$redirect_url = validate_redirect(Input::post('redirect_url'), 'index.php');
return Router::redirect(Router::pathFor('home'), __('Email sent redirect'));
}
public function insert_ban()
{
$ban_user = Utils::trim(Input::post('ban_user'));
$ban_ip = Utils::trim(Input::post('ban_ip'));
$ban_email = strtolower(Utils::trim(Input::post('ban_email')));
$ban_message = Utils::trim(Input::post('ban_message'));
$ban_expire = Utils::trim(Input::post('ban_expire'));
Container::get('hooks')->fire('model.admin.bans.insert_ban_start', $ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire);
if ($ban_user == '' && $ban_ip == '' && $ban_email == '') {
throw new Error(__('Must enter message'), 400);
} elseif (strtolower($ban_user) == 'guest') {
throw new Error(__('Cannot ban guest message'), 400);
}
// Make sure we're not banning an admin or moderator
if (!empty($ban_user)) {
$group_id = DB::for_table('users')->where('username', $ban_user)->where_gt('id', 1)->find_one_col('group_id');
if ($group_id) {
if ($group_id == ForumEnv::get('FEATHER_ADMIN')) {
throw new Error(sprintf(__('User is admin message'), Utils::escape($ban_user)), 403);
}
$is_moderator_group = DB::for_table('groups')->where('g_id', $group_id)->find_one_col('g_moderator');
if ($is_moderator_group) {
throw new Error(sprintf(__('User is mod message'), Utils::escape($ban_user)), 403);
}
}
}
// Validate IP/IP range (it's overkill, I know)
if ($ban_ip != '') {
$ban_ip = preg_replace('%\\s{2,}%S', ' ', $ban_ip);
$addresses = explode(' ', $ban_ip);
$addresses = array_map('trim', $addresses);
for ($i = 0; $i < count($addresses); ++$i) {
if (strpos($addresses[$i], ':') !== false) {
$octets = explode(':', $addresses[$i]);
for ($c = 0; $c < count($octets); ++$c) {
$octets[$c] = ltrim($octets[$c], "0");
if ($c > 7 || !empty($octets[$c]) && !ctype_xdigit($octets[$c]) || intval($octets[$c], 16) > 65535) {
throw new Error(__('Invalid IP message'), 400);
}
}
$cur_address = implode(':', $octets);
$addresses[$i] = $cur_address;
} else {
$octets = explode('.', $addresses[$i]);
for ($c = 0; $c < count($octets); ++$c) {
$octets[$c] = strlen($octets[$c]) > 1 ? ltrim($octets[$c], "0") : $octets[$c];
if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255) {
throw new Error(__('Invalid IP message'), 400);
}
}
$cur_address = implode('.', $octets);
$addresses[$i] = $cur_address;
}
}
$ban_ip = implode(' ', $addresses);
}
if ($ban_email != '' && !Container::get('email')->is_valid_email($ban_email)) {
if (!preg_match('%^[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,63})$%', $ban_email)) {
throw new Error(__('Invalid e-mail message'), 400);
}
}
if ($ban_expire != '' && $ban_expire != 'Never') {
$ban_expire = strtotime($ban_expire . ' GMT');
if ($ban_expire == -1 || !$ban_expire) {
throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
}
$diff = (User::get()->timezone + User::get()->dst) * 3600;
$ban_expire -= $diff;
if ($ban_expire <= time()) {
throw new Error(__('Invalid date message') . ' ' . __('Invalid date reasons'), 400);
}
} else {
$ban_expire = 'NULL';
}
$ban_user = $ban_user != '' ? $ban_user : '******';
$ban_ip = $ban_ip != '' ? $ban_ip : 'NULL';
$ban_email = $ban_email != '' ? $ban_email : 'NULL';
$ban_message = $ban_message != '' ? $ban_message : 'NULL';
$insert_update_ban = array('username' => $ban_user, 'ip' => $ban_ip, 'email' => $ban_email, 'message' => $ban_message, 'expire' => $ban_expire);
$insert_update_ban = Container::get('hooks')->fire('model.admin.bans.insert_ban_data', $insert_update_ban);
if (Input::post('mode') == 'add') {
$insert_update_ban['ban_creator'] = User::get()->id;
$result = DB::for_table('bans')->create()->set($insert_update_ban)->save();
} else {
$result = DB::for_table('bans')->where('id', Input::post('ban_id'))->find_one()->set($insert_update_ban)->save();
}
// Regenerate the bans cache
Container::get('cache')->store('bans', Cache::get_bans());
return Router::redirect(Router::pathFor('adminBans'), __('Ban edited redirect'));
}
public function get_default_group_permissions($fetch_admin = true)
{
$select_get_default_group_permissions = array('g_id', 'g_read_board', 'g_post_replies', 'g_post_topics');
$result = DB::for_table('groups')->select_many($select_get_default_group_permissions);
if (!$fetch_admin) {
$result->where_not_equal('g_id', ForumEnv::get('FEATHER_ADMIN'));
}
$result = $result->order_by_asc('g_id');
$result = Container::get('hooks')->fireDB('model.admin.forums.get_default_group_permissions_query', $result);
$result = $result->find_array();
return $result;
}
public function load_default_config(array $data)
{
Container::get('hooks')->fire('controller.install.load_default_config');
return array('o_cur_version' => ForumEnv::get('FORUM_VERSION'), 'o_database_revision' => ForumEnv::get('FORUM_DB_REVISION'), 'o_searchindex_revision' => ForumEnv::get('FORUM_SI_REVISION'), 'o_parser_revision' => ForumEnv::get('FORUM_PARSER_REVISION'), 'o_board_title' => $data['title'], 'o_board_desc' => $data['description'], 'o_default_timezone' => 0, 'o_time_format' => 'H:i:s', 'o_date_format' => 'Y-m-d', 'o_timeout_visit' => 1800, 'o_timeout_online' => 300, 'o_redirect_delay' => 1, 'o_show_version' => 0, 'o_show_user_info' => 1, 'o_show_post_count' => 1, 'o_signatures' => 1, 'o_smilies' => 1, 'o_smilies_sig' => 1, 'o_make_links' => 1, 'o_default_lang' => $data['default_lang'], 'o_default_style' => $data['default_style'], 'o_default_user_group' => 4, 'o_topic_review' => 15, 'o_disp_topics_default' => 30, 'o_disp_posts_default' => 25, 'o_indent_num_spaces' => 4, 'o_quote_depth' => 3, 'o_quickpost' => 1, 'o_users_online' => 1, 'o_censoring' => 0, 'o_show_dot' => 0, 'o_topic_views' => 1, 'o_quickjump' => 1, 'o_gzip' => 0, 'o_additional_navlinks' => '', 'o_report_method' => 0, 'o_regs_report' => 0, 'o_default_email_setting' => 1, 'o_mailing_list' => $data['email'], 'o_avatars' => $data['avatars'], 'o_avatars_dir' => 'style/img/avatars', 'o_avatars_width' => 60, 'o_avatars_height' => 60, 'o_avatars_size' => 10240, 'o_search_all_forums' => 1, 'o_base_url' => $data['base_url'], 'o_admin_email' => $data['email'], 'o_webmaster_email' => $data['email'], 'o_forum_subscriptions' => 1, 'o_topic_subscriptions' => 1, 'o_smtp_host' => null, 'o_smtp_user' => null, 'o_smtp_pass' => null, 'o_smtp_ssl' => 0, 'o_regs_allow' => 1, 'o_regs_verify' => 0, 'o_announcement' => 0, 'o_announcement_message' => __('Announcement'), 'o_rules' => 0, 'o_rules_message' => __('Rules'), 'o_maintenance' => 0, 'o_maintenance_message' => __('Maintenance message'), 'o_default_dst' => 0, 'o_feed_type' => 2, 'o_feed_ttl' => 0, 'p_message_bbcode' => 1, 'p_message_img_tag' => 1, 'p_message_all_caps' => 1, 'p_subject_all_caps' => 1, 'p_sig_all_caps' => 1, 'p_sig_bbcode' => 1, 'p_sig_img_tag' => 0, 'p_sig_length' => 400, 'p_sig_lines' => 4, 'p_allow_banned_email' => 1, 'p_allow_dupe_email' => 0, 'p_force_guest_email' => 1);
}
protected function checkSimple($plugin)
{
return ForumEnv::get('FEATHER_ROOT') . 'plugins' . DIRECTORY_SEPARATOR . $plugin . DIRECTORY_SEPARATOR . $this->getNamespace($plugin) . '.php';
}
public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod)
{
$post_data = array();
$post_data = Container::get('hooks')->fire('model.topic.print_posts_start', $post_data, $topic_id, $start_from, $cur_topic, $is_admmod);
$post_count = 0;
// Keep track of post numbers
// Retrieve a list of post IDs, LIMIT is (really) expensive so we only fetch the IDs here then later fetch the remaining data
$result = DB::for_table('posts')->select('id')->where('topic_id', $topic_id)->order_by('id')->limit(User::get()->disp_topics)->offset($start_from);
$result = Container::get('hooks')->fireDB('model.topic.print_posts_ids_query', $result);
$result = $result->find_many();
$post_ids = array();
foreach ($result as $cur_post_id) {
$post_ids[] = $cur_post_id['id'];
}
if (empty($post_ids)) {
throw new Error('The post table and topic table seem to be out of sync!', 500);
}
// Retrieve the posts (and their respective poster/online status)
$result['select'] = array('u.email', 'u.title', 'u.url', 'u.location', 'u.signature', 'u.email_setting', 'u.num_posts', 'u.registered', 'u.admin_note', 'p.id', 'username' => 'p.poster', 'p.poster_id', 'p.poster_ip', 'p.poster_email', 'p.message', 'p.hide_smilies', 'p.posted', 'p.edited', 'p.edited_by', 'g.g_id', 'g.g_user_title', 'g.g_promote_next_group', 'is_online' => 'o.user_id');
$result = DB::for_table('posts')->table_alias('p')->select_many($result['select'])->inner_join('users', array('u.id', '=', 'p.poster_id'), 'u')->inner_join('groups', array('g.g_id', '=', 'u.group_id'), 'g')->raw_join('LEFT OUTER JOIN ' . ForumSettings::get('db_prefix') . 'online', "o.user_id!=1 AND o.idle=0 AND o.user_id=u.id", 'o')->where_in('p.id', $post_ids)->order_by('p.id');
$result = Container::get('hooks')->fireDB('model.topic.print_posts_query', $result);
$result = $result->find_array();
foreach ($result as $cur_post) {
$post_count++;
$cur_post['user_avatar'] = '';
$cur_post['user_info'] = array();
$cur_post['user_contacts'] = array();
$cur_post['post_actions'] = array();
$cur_post['is_online_formatted'] = '';
$cur_post['signature_formatted'] = '';
// If the poster is a registered user
if ($cur_post['poster_id'] > 1) {
if (User::get()->g_view_users == '1') {
$cur_post['username_formatted'] = '<a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/">' . Utils::escape($cur_post['username']) . '</a>';
} else {
$cur_post['username_formatted'] = Utils::escape($cur_post['username']);
}
$cur_post['user_title_formatted'] = Utils::get_title($cur_post);
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['user_title_formatted'] = Utils::censor($cur_post['user_title_formatted']);
}
// Format the online indicator
$cur_post['is_online_formatted'] = $cur_post['is_online'] == $cur_post['poster_id'] ? '<strong>' . __('Online') . '</strong>' : '<span>' . __('Offline') . '</span>';
if (ForumSettings::get('o_avatars') == '1' && User::get()->show_avatars != '0') {
if (isset($avatar_cache[$cur_post['poster_id']])) {
$cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']];
} else {
$cur_post['user_avatar'] = $avatar_cache[$cur_post['poster_id']] = Utils::generate_avatar_markup($cur_post['poster_id']);
}
}
// We only show location, register date, post count and the contact links if "Show user info" is enabled
if (ForumSettings::get('o_show_user_info') == '1') {
if ($cur_post['location'] != '') {
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['location'] = Utils::censor($cur_post['location']);
}
$cur_post['user_info'][] = '<dd><span>' . __('From') . ' ' . Utils::escape($cur_post['location']) . '</span></dd>';
}
$cur_post['user_info'][] = '<dd><span>' . __('Registered topic') . ' ' . Utils::format_time($cur_post['registered'], true) . '</span></dd>';
if (ForumSettings::get('o_show_post_count') == '1' || User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span>' . __('Posts topic') . ' ' . Utils::forum_number_format($cur_post['num_posts']) . '</span></dd>';
}
// Now let's deal with the contact links (Email and URL)
if (($cur_post['email_setting'] == '0' && !User::get()->is_guest || User::get()->is_admmod) && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['email']) . '">' . __('Email') . '</a></span>';
} elseif ($cur_post['email_setting'] == '1' && !User::get()->is_guest && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="' . Router::pathFor('email', ['id' => $cur_post['poster_id']]) . '">' . __('Email') . '</a></span>';
}
if ($cur_post['url'] != '') {
if (ForumSettings::get('o_censoring') == '1') {
$cur_post['url'] = Utils::censor($cur_post['url']);
}
$cur_post['user_contacts'][] = '<span class="website"><a href="' . Utils::escape($cur_post['url']) . '" rel="nofollow">' . __('Website') . '</a></span>';
}
}
if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || User::get()->g_moderator == '1' && User::get()->g_mod_promote_users == '1') {
if ($cur_post['g_promote_next_group']) {
$cur_post['user_info'][] = '<dd><span><a href="' . Url::base() . '/user/' . $cur_post['poster_id'] . '/action/promote/pid/' . $cur_post['id'] . '">' . __('Promote user') . '</a></span></dd>';
}
}
if (User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
if ($cur_post['admin_note'] != '') {
$cur_post['user_info'][] = '<dd><span>' . __('Note') . ' <strong>' . Utils::escape($cur_post['admin_note']) . '</strong></span></dd>';
}
}
} else {
$cur_post['username_formatted'] = Utils::escape($cur_post['username']);
$cur_post['user_title_formatted'] = Utils::get_title($cur_post);
if (User::get()->is_admmod) {
$cur_post['user_info'][] = '<dd><span><a href="' . Router::pathFor('getPostHost', ['pid' => $cur_post['id']]) . '" title="' . Utils::escape($cur_post['poster_ip']) . '">' . __('IP address logged') . '</a></span></dd>';
}
if (ForumSettings::get('o_show_user_info') == '1' && $cur_post['poster_email'] != '' && !User::get()->is_guest && User::get()->g_send_email == '1') {
$cur_post['user_contacts'][] = '<span class="email"><a href="mailto:' . Utils::escape($cur_post['poster_email']) . '">' . __('Email') . '</a></span>';
}
}
// Generation post action array (quote, edit, delete etc.)
if (!$is_admmod) {
if (!User::get()->is_guest) {
$cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
}
if ($cur_topic['closed'] == '0') {
if ($cur_post['poster_id'] == User::get()->id) {
if ($start_from + $post_count == 1 && User::get()->g_delete_topics == '1' || $start_from + $post_count > 1 && User::get()->g_delete_posts == '1') {
$cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
}
if (User::get()->g_edit_posts == '1') {
$cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
}
}
if ($cur_topic['post_replies'] == '' && User::get()->g_post_replies == '1' || $cur_topic['post_replies'] == '1') {
$cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
}
}
} else {
$cur_post['post_actions'][] = '<li class="postreport"><span><a href="' . Router::pathFor('report', ['id' => $cur_post['id']]) . '">' . __('Report') . '</a></span></li>';
if (User::get()->g_id == ForumEnv::get('FEATHER_ADMIN') || !in_array($cur_post['poster_id'], $admin_ids)) {
$cur_post['post_actions'][] = '<li class="postdelete"><span><a href="' . Router::pathFor('deletePost', ['id' => $cur_post['id']]) . '">' . __('Delete') . '</a></span></li>';
$cur_post['post_actions'][] = '<li class="postedit"><span><a href="' . Router::pathFor('editPost', ['id' => $cur_post['id']]) . '">' . __('Edit') . '</a></span></li>';
}
$cur_post['post_actions'][] = '<li class="postquote"><span><a href="' . Router::pathFor('newQuoteReply', ['tid' => $topic_id, 'qid' => $cur_post['id']]) . '">' . __('Quote') . '</a></span></li>';
}
// Perform the main parsing of the message (BBCode, smilies, censor words etc)
$cur_post['message'] = Container::get('parser')->parse_message($cur_post['message'], $cur_post['hide_smilies']);
// Do signature parsing/caching
if (ForumSettings::get('o_signatures') == '1' && $cur_post['signature'] != '' && User::get()->show_sig != '0') {
// if (isset($avatar_cache[$cur_post['poster_id']])) {
// $cur_post['signature_formatted'] = $avatar_cache[$cur_post['poster_id']];
// } else {
$cur_post['signature_formatted'] = Container::get('parser')->parse_signature($cur_post['signature']);
// $avatar_cache[$cur_post['poster_id']] = $cur_post['signature_formatted'];
// }
}
$cur_post = Container::get('hooks')->fire('model.print_posts.one', $cur_post);
$post_data[] = $cur_post;
}
$post_data = Container::get('hooks')->fire('model.topic.print_posts', $post_data);
return $post_data;
}
protected function getDefaultPageInfo()
{
// Check if config file exists to avoid error when installing forum
if (!Container::get('cache')->isCached('quickjump') && is_file(ForumEnv::get('FORUM_CONFIG_FILE'))) {
Container::get('cache')->store('quickjump', \FeatherBB\Model\Cache::get_quickjump());
}
$title = Container::get('forum_settings') ? ForumSettings::get('o_board_title') : 'FeatherBB';
$data = array('title' => Utils::escape($title), 'page_number' => null, 'active_page' => 'index', 'focus_element' => null, 'is_indexed' => true, 'admin_console' => false, 'page_head' => null, 'paging_links' => null, 'required_fields' => null, 'footer_style' => null, 'quickjump' => Container::get('cache')->retrieve('quickjump'), 'fid' => null, 'pid' => null, 'tid' => null);
if (is_object(User::get()) && User::get()->is_admmod) {
$data['has_reports'] = \FeatherBB\Model\Admin\Reports::has_reports();
}
if (ForumEnv::get('FEATHER_SHOW_INFO')) {
$data['exec_info'] = \FeatherBB\Model\Debug::get_info();
if (ForumEnv::get('FEATHER_SHOW_QUERIES')) {
$data['queries_info'] = \FeatherBB\Model\Debug::get_queries();
}
}
return $data;
}
</fieldset>
</div>
<p class="buttons"><input type="submit" value="<?php
_e('Change language');
?>
" /></p>
</form>
</div>
</div>
<?php
}
?>
<div class="blockform">
<h2><span><?php
echo sprintf(__('Install'), ForumEnv::get('FORUM_VERSION'));
?>
</span></h2>
<div class="box">
<form id="install" method="post" action="">
<input type="hidden" name="csrf_name" value="<?php
echo $csrf_name;
?>
">
<input type="hidden" name="csrf_value" value="<?php
echo $csrf_value;
?>
">
<?php
if (!empty($errors)) {
?>
public function moderate($req, $res, $args)
{
Container::get('hooks')->fire('controller.topic.moderate');
// Make sure that only admmods allowed access this page
$forumModel = new \FeatherBB\Model\Forum();
$moderators = $forumModel->get_moderators($args['id']);
$mods_array = $moderators != '' ? unserialize($moderators) : array();
if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator == '0' || !array_key_exists(User::get()->username, $mods_array))) {
throw new Error(__('No permission'), 403);
}
$cur_topic = $this->model->get_topic_info($args['fid'], $args['id']);
// Determine the post offset (based on $_GET['p'])
$num_pages = ceil(($cur_topic['num_replies'] + 1) / User::get()->disp_posts);
$p = !isset($args['page']) || $args['page'] <= 1 || $args['page'] > $num_pages ? 1 : intval($args['page']);
$start_from = User::get()->disp_posts * ($p - 1);
// Delete one or more posts
if (Input::post('delete_posts_comply')) {
return $this->model->delete_posts($args['id'], $args['fid']);
} else {
if (Input::post('delete_posts')) {
$posts = $this->model->delete_posts($args['id'], $args['fid']);
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'active_page' => 'moderate', 'posts' => $posts))->addTemplate('moderate/delete_posts.php')->display();
} else {
if (Input::post('split_posts_comply')) {
return $this->model->split_posts($args['id'], $args['fid'], $p);
} else {
if (Input::post('split_posts')) {
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'focus_element' => array('subject', 'new_subject'), 'page' => $p, 'active_page' => 'moderate', 'id' => $args['id'], 'posts' => $this->model->split_posts($args['id'], $args['fid'], $p), 'list_forums' => $this->model->get_forum_list_split($args['fid'])))->addTemplate('moderate/split_posts.php')->display();
} else {
// Show the moderate posts view
// Used to disable the Move and Delete buttons if there are no replies to this topic
$button_status = $cur_topic['num_replies'] == 0 ? ' disabled="disabled"' : '';
/*if (isset($_GET['action']) && $_GET['action'] == 'all') {
User::get()->disp_posts = $cur_topic['num_replies'] + 1;
}*/
if (ForumSettings::get('o_censoring') == '1') {
$cur_topic['subject'] = Utils::censor($cur_topic['subject']);
}
View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), Utils::escape($cur_topic['forum_name']), Utils::escape($cur_topic['subject'])), 'page' => $p, 'active_page' => 'moderate', 'cur_topic' => $cur_topic, 'url_topic' => Url::url_friendly($cur_topic['subject']), 'url_forum' => Url::url_friendly($cur_topic['forum_name']), 'fid' => $args['fid'], 'id' => $args['id'], 'paging_links' => '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate($num_pages, $p, 'topic/moderate/' . $args['id'] . '/forum/' . $args['fid'] . '/#'), 'post_data' => $this->model->display_posts_moderate($args['id'], $start_from), 'button_status' => $button_status, 'start_from' => $start_from))->addTemplate('moderate/posts_view.php')->display();
}
}
}
}
}
_e('Delete ban legend');
?>
</legend>
<div class="infldset">
<input type="submit" name="delete_user" value="<?php
_e('Delete user');
?>
" /> <input type="submit" name="ban" value="<?php
_e('Ban user');
?>
" />
</div>
</fieldset>
</div>
<?php
if ($user['g_moderator'] == '1' || $user['g_id'] == ForumEnv::get('FEATHER_ADMIN')) {
?>
<div class="inform">
<fieldset>
<legend><?php
_e('Set mods legend');
?>
</legend>
<div class="infldset">
<p><?php
_e('Moderator in info');
?>
</p>
<?php
echo $forum_list;
?>
<?php
if (isset($title_field)) {
?>
<?php
echo $title_field;
}
?>
<label><?php
_e('Location');
?>
<br /><input type="text" name="form_location" value="<?php
echo Utils::escape($user['location']);
?>
" size="30" maxlength="30" /><br /></label>
<?php
if (User::get()->g_post_links == '1' || User::get()->g_id == ForumEnv::get('FEATHER_ADMIN')) {
?>
<label><?php
_e('Website');
?>
<br /><input type="text" name="form_url" value="<?php
echo Utils::escape($user['url']);
?>
" size="50" maxlength="80" /><br /></label>
<?php
}
?>
</div>
</fieldset>
</div>
<p class="buttons"><input type="submit" name="update" value="<?php
