public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { if (isset($request['forum']) && isset($request['days'])) { /* Turn the board off for safety reasons */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'"); $days = intval($request['days']); $forum = intval($request['forum']); $created = $days == 0 ? time() : time() - $days * 24 * 3600; $prune = new Prune(); if ($forum == -1) { foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) { $prune->KillNode($post); } } else { foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) { $prune->KillNode($post); } } /* Turn the board back on */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'"); return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template); } else { return new Error($template['L_FORUMDOESNTEXIST'], $template); } } return TRUE; }
public function pruneGame($gameId, $surrogate, $editorId, $editorToken) { if (!Module::authenticateGameEditor($gameId, $editorId, $editorToken, "read_write")) { return new returnData(6, NULL, "Failed Authentication"); } $TBD = new stdClass(); $TBD->locations = Prune::pruneLocationsForGame($gameId, $surrogate, $editorId, $editorToken); $TBD->media = Prune::pruneMediaForGame($gameId, $surrogate, $editorId, $editorToken); $TBD->note_content = Prune::pruneNoteContentFromGame($gameId, $surrogate, $editorId, $editorToken); return $TBD; }
public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); /* Ancestors Bar */ $template = CreateAncestors($template, $template['L_DELETENODE']); /* Check permissions */ if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { /* Set the templates */ $template->content = array('file' => 'admin/admin.html'); if (isset($request['type']) && intval($request['type']) != 0 && (intval($request['type']) == 1 || intval($request['type']) == 2) && isset($request['id']) && intval($request['id']) != 0) { /* Deletion message and table to use */ $message = array(1 => $template['L_DELETEDPOSTTHREAD'], 2 => $template['L_DELETEDFORUMCAT']); $table = intval($request['type']) == 1 ? POSTS : FORUMS; $row = $this->dba->GetRow("SELECT * FROM " . $table . " WHERE id = " . intval($request['id'])); if (!empty($row) && isset($row['id'])) { $prune = new Prune(); /* Turn the board off for safety reasons */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'"); /* Remove the node */ $prune->KillSingle($row, intval($request['type'])); /* Turn the board back on */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'"); return new Error($message[intval($request['type'])] . '<meta http-equiv="refresh" content="2; url=index.php">', $template); } else { return new Error($template['L_ERRORUSINGFEATURE'], $template); } } else { return new Error($template['L_ERRORUSINGFEATURE'], $template); } } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Set the post vars session */ $session['post_vars'] = $request; /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_POSTTHREAD']); /* Open a connection to the database */ $this->dba = DBA::Open(); /* Set the a variable to this user's permissions and id */ $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL; $user_id = $session['user']['id']; /* Get our parent forum */ try { $parent_id = intval($request['forum_id']); @($parent = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = {$parent_id}")); } catch (DBA_Exception $e) { return new TplException($e, $template); } /* Quote all of the REQUEST variables */ foreach ($request as $key => $val) { $request[$key] = $this->dba->Quote($val); } /* Parse the Message */ $parser = new BBParser(substr($request['message'], 0, $template['postmaxchars'])); //$parser->addOmit('omit', 'omit'); $request['message'] = $parser->Execute(); /* Set the post icon */ if (isset($request['posticon']) && intval($request['posticon']) != 0 && $request['posticon'] != '-1') { try { $posticon = $this->dba->GetValue("SELECT image FROM " . POSTICONS . " WHERE id = " . intval($request['posticon'])); } catch (DBA_Exception $e) { return new TplException($e, $template); } } else { $posticon = 'clear.gif'; } /* Is it a poll, if so, deal with it. */ $polloptions = array(); $poll = 0; $poll_question = ''; if (isset($request['polloptions'])) { if ($user_perms >= $parent['can_pollcreate']) { $poll = 1; if ($request['poll_question'] == '') { return new Error($template['L_MUSTHAVEPOLLQUESTION'], $template); } $poll_question = BB::Open($request['poll_question'])->Execute(); $opts = explode("\n", $request['polloptions']); if (count($opts) <= $parent['maxpolloptions']) { foreach ($opts as $key => $option) { preg_match('~\\[color=(.*?)\\](.*?)\\[\\/color\\]~is', $option, $matches); $polloptions[] = array_key_exists(1, $matches) ? array('color' => $matches[1], 'option' => $matches[2]) : array('color' => 'blue', 'option' => $option); } } else { return new Error(sprintf($template['L_TOOMANYPOLLOPTIONS'], count($opts), $parent['maxpolloptions']) . '<meta http-equiv="refresh" content="1; url=' . $_SERVER['HTTP_REFERER'] . '">', $template); } } } /* Bring in the forums clas */ $forum = new Forum(); $stack = $forum->getForums(); /* Check if the forum that we are adding this thread to is NOT the root forum */ if ($parent['row_left'] != 1) { /* Set a shorter version of the $parent variable */ $f = $parent; /* Is this forum password-protected? */ if ($f['private'] == 1 && @$_SESSION['forum_logged'] != $f['id']) { $template['forum_id'] = $f['id']; $template->content = array('file' => 'forum_login.html'); } else { /* Check if the forum is suspended or locked */ if (($f['suspend'] == 1 && $session['user']['perms'] & ADMIN || $f['suspend'] != 1) && $f['is_link'] != 1 && ($f['row_lock'] != 1 || $f['row_lock'] == 1 && $session['user']['perms'] >= MOD)) { /* Fix some cariables if they are not set */ $request['attach_files'] = !isset($request['attach_files']) ? 0 : $request['attach_files']; /* The status of the Thread is sticky/announcement/normal */ $status = isset($request['status']) ? intval($request['status']) : 1; /* Check if the user has permission to make sticky or announcement threads */ if ($status == 2) { $status = $user_perms >= $f['can_sticky'] ? 2 : 1; } else { if ($status == 3) { $status = $user_perms >= $f['can_announce'] ? 3 : 1; } } /* Get the number of threads on the same level as this one */ if ($this->getNumOnLevel($parent_id) > 0) { $left = $parent['row_right']; } else { $left = $parent['row_left'] + 1; } /* Set a depth variable, and the the right value */ $depth = $parent['row_level'] + 1; $right = $left + 1; /* Timestamp */ $time = time(); /* If this user can post */ if ($user_perms >= $f['can_post']) { try { /* Make room for the thread in the Forums table by updating the right values */ @$this->dba->Query("UPDATE " . FORUMS . " SET row_right = row_right+2 WHERE row_left < {$left} AND row_right >= {$left}"); // Good /* Keep updating the Forums table by changing all of the necessary left AND right values */ @$this->dba->Query("UPDATE " . FORUMS . " SET row_left = row_left+2, row_right=row_right+2 WHERE row_left >= {$left}"); // Good /* Make room in the Posts table for this thread */ @$this->dba->Query("UPDATE " . POSTS . " SET row_right = row_right+2 WHERE row_left < {$left} AND row_right >= {$left}"); /* Keep updating the Posts table */ @$this->dba->Query("UPDATE " . POSTS . " SET row_left = row_left+2, row_right=row_right+2 WHERE row_left > {$left}"); /* Finally insert our thread into the Posts table */ @$this->dba->Query("INSERT INTO " . POSTS . " (row_left, row_right, name, forum_id, parent_id, row_level, description, body_text, created, poster_name, poster_id, row_type, attach, icon, poll, poll_question, row_status) VALUES ({$left}, {$right}, '" . stripslashes($request['title']) . "', " . $f['id'] . ", {$parent_id}, {$depth}, '" . $parser->Revert(stripslashes(substr($request['message'], 0, 50))) . "..." . "', '" . stripslashes($request['message']) . "', " . $time . ", '" . $session['user']['name'] . "', " . $session['user']['id'] . ", 2, " . intval($request['attach_files']) . ", '{$posticon}', {$poll}, '{$poll_question}', {$status})"); } catch (DBA_Exception $e) { return new TplException($e, $template); } /* Change the REQUEST title variable to make it shorter for the forums last post info */ $request['title'] = strlen($request['title']) > 29 ? substr($request['title'], 0, 29) . '...' : $request['title']; /* Get the id of the thread that we just inserted into the database */ $last_post = $this->lastPostByUser($user_id); $last_post_id = $last_post['id']; try { /* Update the Forums post & thread count, and last post info for this thread*/ @$this->dba->Query("UPDATE " . FORUMS . " SET posts = posts+1, threads = threads+1, thread_created = {$time}, thread_name = '" . $request['title'] . "', thread_id = " . $last_post_id . ", thread_uname = '" . $session['user']['name'] . "', thread_uid = " . $session['user']['id'] . " WHERE id = {$parent_id}"); /* Update the users's post count */ if ($user_id != 0) { @$this->dba->Query("UPDATE " . USERS . " SET posts = posts+1 WHERE id = " . $session['user']['id']); } } catch (DBA_Exception $e) { return new TplException($e, $template); } /* If there are files to attach, try to attach them */ if (intval($request['attach_files']) == 1) { if ($user_perms >= $f['can_attach']) { if (@$this->Upload($last_post_id, array('attach1', 'attach2', 'attach3', 'attach4')) instanceof SetError) { $p = new Prune(); /* Remove everything that we just added to the db */ $p->KillSingle($last_post, 1); return new Error($upload->message, $template); } } } /* If there are poll options, add them to the database */ if (isset($request['polloptions'])) { /* Does the user have permission to create the poll? */ if ($user_perms >= $f['can_pollcreate']) { foreach ($polloptions as $option) { try { @$this->dba->Query("INSERT INTO " . POLLOPTIONS . " (poll_id, name, color) VALUES ({$last_post_id}, '" . $option['option'] . "', '" . $option['color'] . "')"); } catch (DBA_Exception $e) { return new TplException($e, $template); } } } } } else { return new Error($template['L_PERMCANTPOST'], $template); } /* Assuming that we've made it this far, unset the post vars session */ unset($session['post_vars']); /* If we've gotten to this point, reload the page to our recently added thread :) */ return new Error($template['L_ADDEDTHREAD'] . '<meta http-equiv="refresh" content="1; url=viewthread.php?id=' . $last_post_id . '">', $template); } else { return new Error($template['L_PERMCANTPOST'], $template); } } // end check forum login required } else { return new Error($template['L_ERRORPOSTING'], $template); } }