Example #1
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.search.display');
     if (User::get()->g_search == '0') {
         throw new Error(__('No search permission'), 403);
     }
     // Figure out what to do :-)
     if (Input::query('action') || Input::query('search_id')) {
         $search = $this->model->get_search_results();
         // We have results to display
         if (!is_object($search) && isset($search['is_result'])) {
             View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Search results')), 'active_page' => 'search', 'search' => $search, 'footer' => $search));
             $display = $this->model->display_search_results($search);
             View::setPageInfo(array('display' => $display));
             View::addTemplate('search/header.php', 1);
             if ($search['show_as'] == 'posts') {
                 View::addTemplate('search/posts.php', 5);
             } else {
                 View::addTemplate('search/topics.php', 5);
             }
             View::addTemplate('search/footer.php', 10)->display();
         } else {
             return Router::redirect(Router::pathFor('search'), __('No hits'));
         }
     } else {
         View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Search')), 'active_page' => 'search', 'focus_element' => array('search', 'keywords'), 'is_indexed' => true, 'forums' => $this->model->get_list_forums()))->addTemplate('search/form.php')->display();
     }
 }
 public function __construct($container)
 {
     $pendingPlugins = ORM::for_table('market_plugins')->where('status', 0)->count();
     $pendingThemes = ORM::for_table('market_themes')->where('status', 0)->count();
     $stats = ['pendingPlugins' => $pendingPlugins, 'pendingThemes' => $pendingThemes];
     View::setPageInfo($stats);
 }
Example #3
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.maintenance.display');
     $action = '';
     if (Input::post('action')) {
         $action = Input::post('action');
     } elseif (Input::query('action')) {
         $action = Input::query('action');
     }
     if ($action == 'rebuild') {
         $this->model->rebuild();
         View::setPageInfo(array('page_title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Rebuilding search index')), 'query_str' => $this->model->get_query_str()))->addTemplate('admin/maintenance/rebuild.php')->display();
     }
     if ($action == 'prune') {
         $prune_from = Utils::trim(Input::post('prune_from'));
         $prune_sticky = intval(Input::post('prune_sticky'));
         AdminUtils::generateAdminMenu('maintenance');
         if (Input::post('prune_comply')) {
             $this->model->prune_comply($prune_from, $prune_sticky);
         }
         View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Prune')), 'active_page' => 'admin', 'admin_console' => true, 'prune_sticky' => $prune_sticky, 'prune_from' => $prune_from, 'prune' => $this->model->get_info_prune($prune_sticky, $prune_from)))->addTemplate('admin/maintenance/prune.php')->display();
     }
     AdminUtils::generateAdminMenu('maintenance');
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Maintenance')), 'active_page' => 'admin', 'admin_console' => true, 'first_id' => $this->model->get_first_id(), 'categories' => $this->model->get_categories()))->addTemplate('admin/maintenance/admin_maintenance.php')->display();
 }
Example #4
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.userlist.display');
     if (User::get()->g_view_users == '0') {
         throw new Error(__('No permission'), 403);
     }
     // Determine if we are allowed to view post counts
     $show_post_count = ForumSettings::get('o_show_post_count') == '1' || User::get()->is_admmod ? true : false;
     $username = Input::query('username') && User::get()->g_search_users == '1' ? Utils::trim(Input::query('username')) : '';
     $show_group = Input::query('show_group') ? intval(Input::query('show_group')) : -1;
     $sort_by = Input::query('sort_by') && (in_array(Input::query('sort_by'), array('username', 'registered')) || Input::query('sort_by') == 'num_posts' && $show_post_count) ? Input::query('sort_by') : 'username';
     $sort_dir = Input::query('sort_dir') && Input::query('sort_dir') == 'DESC' ? 'DESC' : 'ASC';
     $num_users = $this->model->fetch_user_count($username, $show_group);
     // Determine the user offset (based on $page)
     $num_pages = ceil($num_users / 50);
     $p = !Input::query('p') || $page <= 1 || $page > $num_pages ? 1 : intval($page);
     $start_from = 50 * ($p - 1);
     if (User::get()->g_search_users == '1') {
         $focus_element = array('userlist', 'username');
     } else {
         $focus_element = array();
     }
     // Generate paging links
     $paging_links = '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate_old($num_pages, $p, '?username='******'&amp;show_group=' . $show_group . '&amp;sort_by=' . $sort_by . '&amp;sort_dir=' . $sort_dir);
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('User list')), 'active_page' => 'userlist', 'page_number' => $p, 'paging_links' => $paging_links, 'focus_element' => $focus_element, 'is_indexed' => true, 'username' => $username, 'show_group' => $show_group, 'sort_by' => $sort_by, 'sort_dir' => $sort_dir, 'show_post_count' => $show_post_count, 'dropdown_menu' => $this->model->generate_dropdown_menu($show_group), 'userlist_data' => $this->model->print_users($username, $start_from, $sort_by, $sort_dir, $show_group)))->addTemplate('userlist.php')->display();
 }
Example #5
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.statistics.display');
     AdminUtils::generateAdminMenu('index');
     $total = $this->model->get_total_size();
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Server statistics')), 'active_page' => 'admin', 'admin_console' => true, 'server_load' => $this->model->get_server_load(), 'num_online' => $this->model->get_num_online(), 'total_size' => $total['size'], 'total_records' => $total['records'], 'php_accelerator' => $this->model->get_php_accelerator()))->addTemplate('admin/statistics.php')->display();
 }
 function login($req, $res, $args)
 {
     if ($req->isPost()) {
         $form_username = Input::post('req_username');
         $form_password = Input::post('req_password');
         $save_pass = (bool) Input::post('save_pass');
         // If form was correctly filled
         if ($form_username && $form_password) {
             $user = AuthModel::get_user_from_name($form_username);
             // Compare user pass with form data
             $form_password_hash = Random::hash($form_password);
             // Will result in a SHA-1 hash
             if ($user->password == $form_password_hash) {
                 $expire = $save_pass ? time() + 1209600 : time() + 1800;
                 $jwt = AuthModel::generate_jwt($user);
                 AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
                 return Router::redirect(Router::pathFor('home'), 'Welcome ' . $user->username . '!');
             } else {
                 throw new \Exception('Wrong user/pass', 403);
             }
         } else {
             throw new \Exception("Username and password are required fields.", 1);
         }
     } elseif ($req->isGet()) {
         return View::setPageInfo(['title' => 'Login', 'active_nav' => 'login'])->addTemplate('login.php')->display();
     }
 }
Example #7
0
 public function rules()
 {
     Container::get('hooks')->fire('controller.index.rules');
     if (ForumSettings::get('o_rules') == '0' || User::get()->is_guest && User::get()->g_read_board == '0' && ForumSettings::get('o_regs_allow') == '0') {
         throw new Error(__('Bad request'), 404);
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Forum rules')), 'active_page' => 'rules'))->addTemplate('misc/rules.php')->display();
 }
Example #8
0
 public function edit($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.bans.edit');
     if (Input::post('add_edit_ban')) {
         return $this->model->insert_ban();
     }
     AdminUtils::generateAdminMenu('bans');
     View::setPageInfo(array('admin_console' => true, 'focus_element' => array('bans2', 'ban_user'), 'title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Bans')), 'ban' => $this->model->edit_ban_info($args['id'])))->addTemplate('admin/bans/add_ban.php')->display();
 }
Example #9
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.options.display');
     if (Request::isPost()) {
         return $this->model->update_options();
     }
     AdminUtils::generateAdminMenu('options');
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Options')), 'active_page' => 'admin', 'admin_console' => true, 'languages' => $this->model->get_langs(), 'styles' => $this->model->get_styles(), 'times' => $this->model->get_times()))->addTemplate('admin/options.php')->display();
 }
Example #10
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.permissions.display');
     // Update permissions
     if (Request::isPost()) {
         return $this->model->update_permissions();
     }
     AdminUtils::generateAdminMenu('permissions');
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Permissions')), 'active_page' => 'admin', 'admin_console' => true))->addTemplate('admin/permissions.php')->display();
 }
Example #11
0
 public function index($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.plugins.index');
     View::addAsset('js', 'style/imports/common.js', array('type' => 'text/javascript'));
     $availablePlugins = Lister::getPlugins();
     $activePlugins = Container::get('cache')->isCached('activePlugins') ? Container::get('cache')->retrieve('activePlugins') : array();
     $officialPlugins = Lister::getOfficialPlugins();
     AdminUtils::generateAdminMenu('plugins');
     View::setPageInfo(array('admin_console' => true, 'active_page' => 'admin', 'availablePlugins' => $availablePlugins, 'activePlugins' => $activePlugins, 'officialPlugins' => $officialPlugins, 'title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Extension'))))->addTemplate('admin/plugins.php')->display();
 }
Example #12
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.reports.display');
     // Zap a report
     if (Request::isPost()) {
         $zap_id = intval(key(Input::post('zap_id')));
         $this->model->zap_report($zap_id);
         return Router::redirect(Router::pathFor('adminReports'), __('Report zapped redirect'));
     }
     AdminUtils::generateAdminMenu('reports');
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Reports')), 'active_page' => 'admin', 'admin_console' => true, 'report_data' => $this->model->get_reports(), 'report_zapped_data' => $this->model->get_zapped_reports()))->addTemplate('admin/reports.php')->display();
 }
Example #13
0
 public function addedit($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.groups.addedit');
     $groups = $this->model->fetch_groups();
     // Add/edit a group (stage 2)
     if (Input::post('add_edit_group')) {
         return $this->model->add_edit_group($groups);
     } elseif (Input::post('add_group') || isset($args['id'])) {
         AdminUtils::generateAdminMenu('groups');
         $group = $this->model->info_add_group($groups, $args['id']);
         View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('User groups')), 'active_page' => 'admin', 'admin_console' => true, 'focus_element' => array('groups2', 'req_title'), 'required_fields' => array('req_title' => __('Group title label')), 'group' => $group, 'groups' => $groups, 'id' => $args['id'], 'group_list' => $this->model->get_group_list($groups, $group)))->addTemplate('admin/groups/add_edit_group.php')->display();
     }
 }
Example #14
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.censoring.display');
     // Add a censor word
     if (Input::post('add_word')) {
         return $this->model->add_word();
     } elseif (Input::post('update')) {
         return $this->model->update_word();
     } elseif (Input::post('remove')) {
         return $this->model->remove_word();
     }
     AdminUtils::generateAdminMenu('censoring');
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Censoring')), 'focus_element' => array('censoring', 'new_search_for'), 'active_page' => 'admin', 'admin_console' => true, 'word_data' => $this->model->get_words()))->addTemplate('admin/censoring.php')->display();
 }
Example #15
0
 public function rules($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.register.rules');
     // If we are logged in, we shouldn't be here
     if (!User::get()->is_guest) {
         return Router::redirect(Router::pathFor('home'));
     }
     // Display an error message if new registrations are disabled
     if (ForumSettings::get('o_regs_allow') == '0') {
         throw new Error(__('No new regs'), 403);
     }
     if (ForumSettings::get('o_rules') != '1') {
         return Router::redirect(Router::pathFor('register'));
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Register'), __('Forum rules')), 'active_page' => 'register'))->addTemplate('register/rules.php')->display();
 }
Example #16
0
 public function __invoke($req, $res, $next)
 {
     // setcookie('authorization', '', 1, '/', '', false, true);
     $authCookie = Container::get('cookie')->get('authorization');
     if ($jwt = $this->get_cookie_data($authCookie)) {
         // If JWT given in cookie is valid, load user infos
         $user = AuthModel::load_user($jwt->data->userId);
         $user->is_guest = false;
         $user->is_admmod = $user->g_id == '1' || $user->g_moderator == '1';
         // Refresh cookie to avoid re-logging between idle
         $expire = $jwt->exp > time() + 1800 ? time() + 1209600 : time() + 1800;
         $jwt = AuthModel::generate_jwt($user, $expire);
         AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
     } else {
         $user = AuthModel::load_user(1);
         $user->is_guest = true;
         $user->is_admmod = false;
     }
     // Add user infos in request attributes and view
     $req = $req->withAttribute('user', $user);
     View::setPageInfo(['user' => $user]);
     return $next($req, $res);
 }
Example #17
0
 public function display($req, $res, $args)
 {
     if (!isset($args['action'])) {
         $args['action'] = null;
     }
     Container::get('hooks')->fire('controller.admin.index.display');
     // Check for upgrade
     if ($args['action'] == 'check_upgrade') {
         if (!ini_get('allow_url_fopen')) {
             throw new Error(__('fopen disabled message'), 500);
         }
         $latest_version = trim(@file_get_contents('http://featherbb.org/latest_version.html'));
         if (empty($latest_version)) {
             throw new Error(__('Upgrade check failed message'), 500);
         }
         if (version_compare(ForumSettings::get('o_cur_version'), $latest_version, '>=')) {
             return Router::redirect(Router::pathFor('adminIndex'), __('Running latest version message'));
         } else {
             return Router::redirect(Router::pathFor('adminIndex'), sprintf(__('New version available message'), '<a href="http://featherbb.org/">FeatherBB.org</a>'));
         }
     }
     AdminUtils::generateAdminMenu('index');
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Index')), 'active_page' => 'admin', 'admin_console' => true))->addTemplate('admin/index.php')->display();
 }
Example #18
0
 public function report($req, $res, $args)
 {
     $args['id'] = Container::get('hooks')->fire('controller.post.report', $args['id']);
     if (Request::isPost()) {
         $this->model->insert_report($args['id']);
     }
     // Fetch some info about the post, the topic and the forum
     $cur_post = $this->model->get_info_report($args['id']);
     if (ForumSettings::get('o_censoring') == '1') {
         $cur_post['subject'] = Utils::censor($cur_post['subject']);
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Report post')), 'active_page' => 'report', 'required_fields' => array('req_reason' => __('Reason')), 'focus_element' => array('report', 'req_reason'), 'id' => $args['id'], 'cur_post' => $cur_post))->addTemplate('misc/report.php')->display();
 }
Example #19
0
 public function moderate($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.topic.moderate');
     // Make sure that only admmods allowed access this page
     $forumModel = new \FeatherBB\Model\Forum();
     $moderators = $forumModel->get_moderators($args['id']);
     $mods_array = $moderators != '' ? unserialize($moderators) : array();
     if (User::get()->g_id != ForumEnv::get('FEATHER_ADMIN') && (User::get()->g_moderator == '0' || !array_key_exists(User::get()->username, $mods_array))) {
         throw new Error(__('No permission'), 403);
     }
     $cur_topic = $this->model->get_topic_info($args['fid'], $args['id']);
     // Determine the post offset (based on $_GET['p'])
     $num_pages = ceil(($cur_topic['num_replies'] + 1) / User::get()->disp_posts);
     $p = !isset($args['page']) || $args['page'] <= 1 || $args['page'] > $num_pages ? 1 : intval($args['page']);
     $start_from = User::get()->disp_posts * ($p - 1);
     // Delete one or more posts
     if (Input::post('delete_posts_comply')) {
         return $this->model->delete_posts($args['id'], $args['fid']);
     } else {
         if (Input::post('delete_posts')) {
             $posts = $this->model->delete_posts($args['id'], $args['fid']);
             View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'active_page' => 'moderate', 'posts' => $posts))->addTemplate('moderate/delete_posts.php')->display();
         } else {
             if (Input::post('split_posts_comply')) {
                 return $this->model->split_posts($args['id'], $args['fid'], $p);
             } else {
                 if (Input::post('split_posts')) {
                     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Moderate')), 'focus_element' => array('subject', 'new_subject'), 'page' => $p, 'active_page' => 'moderate', 'id' => $args['id'], 'posts' => $this->model->split_posts($args['id'], $args['fid'], $p), 'list_forums' => $this->model->get_forum_list_split($args['fid'])))->addTemplate('moderate/split_posts.php')->display();
                 } else {
                     // Show the moderate posts view
                     // Used to disable the Move and Delete buttons if there are no replies to this topic
                     $button_status = $cur_topic['num_replies'] == 0 ? ' disabled="disabled"' : '';
                     /*if (isset($_GET['action']) && $_GET['action'] == 'all') {
                               User::get()->disp_posts = $cur_topic['num_replies'] + 1;
                       }*/
                     if (ForumSettings::get('o_censoring') == '1') {
                         $cur_topic['subject'] = Utils::censor($cur_topic['subject']);
                     }
                     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), Utils::escape($cur_topic['forum_name']), Utils::escape($cur_topic['subject'])), 'page' => $p, 'active_page' => 'moderate', 'cur_topic' => $cur_topic, 'url_topic' => Url::url_friendly($cur_topic['subject']), 'url_forum' => Url::url_friendly($cur_topic['forum_name']), 'fid' => $args['fid'], 'id' => $args['id'], 'paging_links' => '<span class="pages-label">' . __('Pages') . ' </span>' . Url::paginate($num_pages, $p, 'topic/moderate/' . $args['id'] . '/forum/' . $args['fid'] . '/#'), 'post_data' => $this->model->display_posts_moderate($args['id'], $start_from), 'button_status' => $button_status, 'start_from' => $start_from))->addTemplate('moderate/posts_view.php')->display();
                 }
             }
         }
     }
 }
Example #20
0
 public function maintenance_message()
 {
     // Deal with newlines, tabs and multiple spaces
     $pattern = array("\t", '  ', '  ');
     $replace = array('&#160; &#160; ', '&#160; ', ' &#160;');
     $message = str_replace($pattern, $replace, ForumSettings::get('o_maintenance_message'));
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Maintenance')), 'msg' => $message, 'backlink' => false))->addTemplate('maintenance.php')->display();
 }
Example #21
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.help.start');
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Help')), 'active_page' => 'help'))->addTemplate('help.php')->display();
 }
Example #22
0
 public function run()
 {
     Container::get('hooks')->fire('controller.install.run_install');
     if (Input::getParsedBodyParam('choose_lang')) {
         if (in_array(Utils::trim(Input::getParsedBodyParam('install_lang')), $this->available_langs)) {
             $this->install_lang = Input::getParsedBodyParam('install_lang');
         }
     }
     $csrf = new \FeatherBB\Middleware\Csrf();
     $csrf->generateNewToken(Container::get('request'));
     translate('install', 'featherbb', $this->install_lang);
     if (Request::isPost() && empty(Input::getParsedBodyParam('choose_lang'))) {
         $missing_fields = array();
         $data = array_map(function ($item) {
             return Utils::escape(Utils::trim($item));
         }, Input::getParsedBodyParam('install'));
         foreach ($data as $field => $value) {
             // Handle empty fields
             if (empty($value)) {
                 // If the field is required, or if user and pass are missing even though mysql or pgsql are selected as DB
                 if (!in_array($field, $this->optional_fields) || in_array($field, array('db_user')) && in_array($data['db_type'], array('mysql', 'pgsql'))) {
                     $missing_fields[] = $field;
                 }
             }
         }
         if (!empty($missing_fields)) {
             $this->errors = 'The following fields are required but are missing : ' . implode(', ', $missing_fields);
         } else {
             // Missing fields, so we don't need to validate the others
             // VALIDATION
             // Make sure base_url doesn't end with a slash
             if (substr($data['base_url'], -1) == '/') {
                 $data['base_url'] = substr($data['base_url'], 0, -1);
             }
             // Validate username and passwords
             if (Utils::strlen($data['username']) < 2) {
                 $this->errors[] = __('Username 1');
             } elseif (Utils::strlen($data['username']) > 25) {
                 // This usually doesn't happen since the form element only accepts 25 characters
                 $this->errors[] = __('Username 2');
             } elseif (!strcasecmp($data['username'], 'Guest')) {
                 $this->errors[] = __('Username 3');
             } elseif (preg_match('%[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}%', $data['username']) || preg_match('%((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b)\\.){3}(\\b((25[0-5])|(1\\d{2})|(2[0-4]\\d)|(\\d{1,2}))\\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))%', $data['username'])) {
                 $this->errors[] = __('Username 4');
             } elseif ((strpos($data['username'], '[') !== false || strpos($data['username'], ']') !== false) && strpos($data['username'], '\'') !== false && strpos($data['username'], '"') !== false) {
                 $this->errors[] = __('Username 5');
             } elseif (preg_match('%(?:\\[/?(?:b|u|i|h|colou?r|quote|code|img|url|email|list)\\]|\\[(?:code|quote|list)=)%i', $data['username'])) {
                 $this->errors[] = __('Username 6');
             }
             if (Utils::strlen($data['password']) < 6) {
                 $this->errors[] = __('Short password');
             } elseif ($data['password'] != $data['password_conf']) {
                 $this->errors[] = __('Passwords not match');
             }
             // Validate email
             if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
                 $this->errors[] = __('Wrong email');
             }
             // Validate language
             if (!in_array($data['default_lang'], Lister::getLangs())) {
                 $this->errors[] = __('Error default language');
             }
             // Check if the cache directory is writable
             if (!is_writable(ForumEnv::get('FORUM_CACHE_DIR'))) {
                 $this->errors[] = sprintf(__('Alert cache'), ForumEnv::get('FORUM_CACHE_DIR'));
             }
             // Check if default avatar directory is writable
             if (!is_writable(ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/')) {
                 $this->errors[] = sprintf(__('Alert avatar'), ForumEnv::get('FEATHER_ROOT') . 'style/img/avatars/');
             }
             // Validate db_prefix if existing
             if (!empty($data['db_prefix']) && (strlen($data['db_prefix']) > 0 && (!preg_match('%^[a-zA-Z_][a-zA-Z0-9_]*$%', $data['db_prefix']) || strlen($data['db_prefix']) > 40))) {
                 $this->errors[] = sprintf(__('Table prefix error'), $data['db_prefix']);
             }
         }
         // End validation and check errors
         if (!empty($this->errors)) {
             return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'errors' => $this->errors))->addTemplate('install.php')->display(false);
         } else {
             $data['default_style'] = $this->default_style;
             $data['avatars'] = in_array(strtolower(@ini_get('file_uploads')), array('on', 'true', '1')) ? 1 : 0;
             return $this->create_config($data);
         }
     } else {
         $base_url = str_replace('index.php', '', Url::base());
         $data = array('title' => __('My FeatherBB Forum'), 'description' => __('Description'), 'base_url' => $base_url, 'default_lang' => $this->install_lang);
         return View::setPageInfo(array('languages' => $this->available_langs, 'supported_dbs' => $this->supported_dbs, 'data' => $data, 'alerts' => array()))->addTemplate('install.php')->display(false);
     }
 }
 public function search($req, $res, $args)
 {
     if (!Input::query('keywords')) {
         return Router::redirect(Router::pathFor('plugins'));
     }
     // Get number of pages
     $nbPlugins = PluginModel::countGetSearch(Input::query('keywords'));
     $nbPages = ceil(($nbPlugins + 1) / 20);
     // Determine the offset
     $p = !isset($args['page']) || $args['page'] <= 1 || $args['page'] > $nbPages ? 1 : intval($args['page']);
     $offset = 20 * ($p - 1);
     // Generate paging links
     $pagination = Router::paginate($nbPages, $p, 'plugins/search?keywords=' . Input::query('keywords') . '/#');
     $plugins = PluginModel::getSearch(Input::query('keywords'));
     return View::setPageInfo(['plugins' => $plugins, 'pagination' => $pagination, 'title' => 'Search', 'active_nav' => 'plugins', 'top_right_link' => ['url' => Router::pathFor('plugins.create'), 'text' => 'Add plugin']])->addBreadcrumb([Router::pathFor('plugins') => 'Plugins', 'Search results', '"' . Input::query('keywords') . '"'])->addTemplate('plugins/index.php')->display();
 }
Example #24
0
 public function email($req, $res, $args)
 {
     $args['id'] = Container::get('hooks')->fire('controller.profile.email', $args['id']);
     if (User::get()->g_send_email == '0') {
         throw new Error(__('No permission'), 403);
     }
     if ($args['id'] < 2) {
         throw new Error(__('Bad request'), 400);
     }
     $mail = $this->model->get_info_mail($args['id']);
     if ($mail['email_setting'] == 2 && !User::get()->is_admmod) {
         throw new Error(__('Form email disabled'), 403);
     }
     if (Request::isPost()) {
         $this->model->send_email($mail);
     }
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Send email to') . ' ' . Utils::escape($mail['recipient'])), 'active_page' => 'email', 'required_fields' => array('req_subject' => __('Email subject'), 'req_message' => __('Email message')), 'focus_element' => array('email', 'req_subject'), 'id' => $args['id'], 'mail' => $mail))->addTemplate('misc/email.php')->display();
 }
 public function index($request, $response, $args)
 {
     // Render index view
     return View::setPageInfo(['active_nav' => 'index'])->addTemplate('index.php')->display();
 }
Example #26
0
 /**
  * Generates a new CSRF token and attaches it to the Request Object
  *
  * @param  RequestInterface $request PSR7 response object.
  *
  * @return RequestInterface PSR7 response object.
  */
 public function generateNewToken(ServerRequestInterface $request)
 {
     $pair = $this->generateToken();
     $request = $request->withAttribute($this->prefix . '_name', $pair[$this->prefix . '_name'])->withAttribute($this->prefix . '_value', $pair[$this->prefix . '_value']);
     View::setPageInfo([$this->prefix . '_name' => $pair[$this->prefix . '_name'], $this->prefix . '_value' => $pair[$this->prefix . '_value']]);
     return $request;
 }
Example #27
0
 public function display($req, $res, $args)
 {
     global $lang_admin_parser;
     Container::get('hooks')->fire('controller.admin.parser.display');
     // Legacy
     require ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/admin/parser.php';
     // This is where the parser data lives and breathes.
     $cache_file = ForumEnv::get('FEATHER_ROOT') . 'cache/cache_parser_data.php';
     // If RESET button pushed, or no cache file, re-compile master bbcode source file.
     if (Input::post('reset') || !file_exists($cache_file)) {
         require_once ForumEnv::get('FEATHER_ROOT') . 'featherbb/Core/parser/bbcd_source.php';
         require_once ForumEnv::get('FEATHER_ROOT') . 'featherbb/Core/parser/bbcd_compile.php';
         return Router::redirect(Router::pathFor('adminParser'), $lang_admin_parser['reset_success']);
     }
     // Load the current BBCode $pd array from featherbb/Core/parser/parser_data.inc.php.
     require_once $cache_file;
     // Fetch $pd compiled global regex data.
     $bbcd = $pd['bbcd'];
     // Local scratch copy of $bbcd.
     $smilies = $pd['smilies'];
     // Local scratch copy of $smilies.
     $config = $pd['config'];
     // Local scratch copy of $config.
     $count = count($bbcd);
     if (Input::post('form_sent')) {
         // Upload new smiley image to style/img/smilies
         if (Input::post('upload') && isset($_FILES['new_smiley']) && isset($_FILES['new_smiley']['error'])) {
             $f = $_FILES['new_smiley'];
             switch ($f['error']) {
                 case 0:
                     // 0: Successful upload.
                     $name = str_replace(' ', '_', $f['name']);
                     // Convert spaces to underscoree.
                     $name = preg_replace('/[^\\w\\-.]/S', '', $name);
                     // Weed out all unsavory filename chars.
                     if (preg_match('/^[\\w\\-.]++$/', $name)) {
                         // If we have a valid filename?
                         if (preg_match('%^image/%', $f['type'])) {
                             // If we have an image file type?
                             if ($f['size'] > 0 && $f['size'] <= ForumSettings::get('o_avatars_size')) {
                                 if (move_uploaded_file($f['tmp_name'], ForumEnv::get('FEATHER_ROOT') . 'style/img/smilies/' . $name)) {
                                     return Router::redirect(Router::pathFor('adminParser'), $lang_admin_parser['upload success']);
                                 } else {
                                     //  Error #1: 'Smiley upload failed. Unable to move to smiley folder.'.
                                     throw new Error($lang_admin_parser['upload_err_1'], 500);
                                 }
                             } else {
                                 // Error #2: 'Smiley upload failed. File is too big.'
                                 throw new Error($lang_admin_parser['upload_err_2'], 400);
                             }
                         } else {
                             // Error #3: 'Smiley upload failed. File type is not an image.'.
                             throw new Error($lang_admin_parser['upload_err_3'], 400);
                         }
                     } else {
                         // Error #4: 'Smiley upload failed. Bad filename.'
                         throw new Error($lang_admin_parser['upload_err_4'], 400);
                     }
                     break;
                 case 1:
                     // case 1 similar to case 2 so fall through...
                 // case 1 similar to case 2 so fall through...
                 case 2:
                     throw new Error($lang_admin_parser['upload_err_2'], 400);
                     // File exceeds MAX_FILE_SIZE.
                 // File exceeds MAX_FILE_SIZE.
                 case 3:
                     throw new Error($lang_admin_parser['upload_err_5'], 400);
                     // File only partially uploaded.
                     //        case 4: break; // No error. Normal response when this form element left empty
                 // File only partially uploaded.
                 //        case 4: break; // No error. Normal response when this form element left empty
                 case 4:
                     throw new Error($lang_admin_parser['upload_err_6'], 400);
                     // No filename.
                 // No filename.
                 case 6:
                     throw new Error($lang_admin_parser['upload_err_7'], 500);
                     // No temp folder.
                 // No temp folder.
                 case 7:
                     throw new Error($lang_admin_parser['upload_err_8'], 500);
                     // Cannot write to disk.
                 // Cannot write to disk.
                 default:
                     throw new Error($lang_admin_parser['upload_err_9'], 500);
                     // Generic/unknown error
             }
         }
         // Set new $config values:
         if (Input::post('config')) {
             $pcfg = Input::post('config');
             if (isset($pcfg['textile'])) {
                 if ($pcfg['textile'] == '1') {
                     $config['textile'] = true;
                 } else {
                     $config['textile'] = false;
                 }
             }
             if (isset($pcfg['quote_links'])) {
                 if ($pcfg['quote_links'] == '1') {
                     $config['quote_links'] = true;
                 } else {
                     $config['quote_links'] = false;
                 }
             }
             if (isset($pcfg['quote_imgs'])) {
                 if ($pcfg['quote_imgs'] == '1') {
                     $config['quote_imgs'] = true;
                 } else {
                     $config['quote_imgs'] = false;
                 }
             }
             if (isset($pcfg['valid_imgs'])) {
                 if ($pcfg['valid_imgs'] == '1') {
                     $config['valid_imgs'] = true;
                 } else {
                     $config['valid_imgs'] = false;
                 }
             }
             if (isset($pcfg['click_imgs'])) {
                 if ($pcfg['click_imgs'] == '1') {
                     $config['click_imgs'] = true;
                 } else {
                     $config['click_imgs'] = false;
                 }
             }
             if (isset($pcfg['max_size']) && preg_match('/^\\d++$/', $pcfg['max_size'])) {
                 $config['max_size'] = (int) $pcfg['max_size'];
             }
             if (isset($pcfg['max_width']) && preg_match('/^\\d++$/', $pcfg['max_width'])) {
                 $config['max_width'] = (int) $pcfg['max_width'];
                 // Limit default to maximum.
                 if ($config['def_width'] > $config['max_width']) {
                     $config['def_width'] = $config['max_width'];
                 }
             }
             if (isset($pcfg['max_height']) && preg_match('/^\\d++$/', $pcfg['max_height'])) {
                 $config['max_height'] = (int) $pcfg['max_height'];
                 // Limit default to maximum.
                 if ($config['def_height'] > $config['max_height']) {
                     $config['def_height'] = $config['max_height'];
                 }
             }
             if (isset($pcfg['def_width']) && preg_match('/^\\d++$/', $pcfg['def_width'])) {
                 $config['def_width'] = (int) $pcfg['def_width'];
                 // Limit default to maximum.
                 if ($config['def_width'] > $config['max_width']) {
                     $config['def_width'] = $config['max_width'];
                 }
             }
             if (isset($pcfg['def_height']) && preg_match('/^\\d++$/', $pcfg['def_height'])) {
                 $config['def_height'] = (int) $pcfg['def_height'];
                 // Limit default to maximum.
                 if ($config['def_height'] > $config['max_height']) {
                     $config['def_height'] = $config['max_height'];
                 }
             }
             if (isset($pcfg['smiley_size']) && preg_match('/^\\s*+(\\d++)\\s*+%?+\\s*+$/', $pcfg['smiley_size'], $m)) {
                 $config['smiley_size'] = (int) $m[1];
                 // Limit default to maximum.
             }
         }
         // Set new $bbcd values:
         foreach ($bbcd as $tagname => $tagdata) {
             if ($tagname == '_ROOT_') {
                 continue;
                 // Skip last pseudo-tag
             }
             $tag =& $bbcd[$tagname];
             if (Input::post($tagname . '_in_post') && Input::post($tagname . '_in_post') == '1') {
                 $tag['in_post'] = true;
             } else {
                 $tag['in_post'] = false;
             }
             if (Input::post($tagname . '_in_sig') && Input::post($tagname . '_in_sig') == '1') {
                 $tag['in_sig'] = true;
             } else {
                 $tag['in_sig'] = false;
             }
             if (Input::post($tagname . '_depth_max') && preg_match('/^\\d++$/', Input::post($tagname . '_depth_max'))) {
                 $tag['depth_max'] = (int) Input::post($tagname . '_depth_max');
             }
         }
         // Set new $smilies values:
         if (Input::post('smiley_text') && is_array(Input::post('smiley_text')) && Input::post('smiley_file') && is_array(Input::post('smiley_file')) && count(Input::post('smiley_text')) === count(Input::post('smiley_file'))) {
             $stext = Input::post('smiley_text');
             $sfile = Input::post('smiley_file');
             $len = count($stext);
             $good = '';
             $smilies = array();
             for ($i = 0; $i < $len; ++$i) {
                 // Loop through all posted smileys.
                 if ($stext[$i] && $sfile !== 'select new file') {
                     $smilies[$stext[$i]] = array('file' => $sfile[$i]);
                 }
             }
         }
         require_once 'featherbb/Core/parser/bbcd_compile.php';
         // Compile $bbcd and save into $pd['bbcd']
         return Router::redirect(Router::pathFor('adminParser'), $lang_admin_parser['save_success']);
     }
     AdminUtils::generateAdminMenu('parser');
     return View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Parser')), 'active_page' => 'admin', 'admin_console' => true, 'lang_admin_parser' => $lang_admin_parser, 'smiley_files' => $this->model->get_smiley_files(), 'bbcd' => $bbcd, 'config' => $config, 'smilies' => $smilies, 'i' => -1))->addTemplate('admin/parser.php')->display();
 }
Example #28
0
 public function display($req, $res, $args)
 {
     Container::get('hooks')->fire('controller.admin.categories.display');
     AdminUtils::generateAdminMenu('categories');
     View::setPageInfo(array('title' => array(Utils::escape(ForumSettings::get('o_board_title')), __('Admin'), __('Categories')), 'active_page' => 'admin', 'admin_console' => true, 'cat_list' => $this->model->get_cat_list()))->addTemplate('admin/categories.php')->display();
 }
 public function generateMenu($page = '')
 {
     if (!isset($this->inboxes)) {
         $this->inboxes = $this->model->getInboxes(User::get()->id);
     }
     View::setPageInfo(array('page' => $page, 'inboxes' => $this->inboxes), 1)->addTemplate('menu.php');
     return $this->inboxes;
 }
 public function search($req, $res, $args)
 {
     if (!Input::query('keywords')) {
         return Router::redirect(Router::pathFor('plugins'));
     }
     $plugins = PluginModel::getSearch(Input::query('keywords'));
     return View::setPageInfo(['plugins' => $plugins, 'title' => 'Search', 'active_nav' => 'plugins', 'top_right_link' => ['url' => Router::pathFor('plugins.create'), 'text' => 'Add plugin']])->addBreadcrumb([Router::pathFor('plugins') => 'Plugins', 'Search'])->addTemplate('plugins/index.php')->display();
 }