Example #1
0
 /**
  * This function processes the DB post before printing as output
  *
  * @access	public
  * @param	string			Raw text
  * @return	string			Converted text
  */
 public function preDisplayParse($txt = "")
 {
     $this->cache->updateCacheWithoutSaving('_tmp_bbcode_media', 0);
     $this->cache->updateCacheWithoutSaving('_tmp_bbcode_images', 0);
     if ($this->parse_html) {
         //-----------------------------------------
         // Store true line breaks first
         //-----------------------------------------
         $txt = str_replace('<br />', "~~~~~_____~~~~~", $txt);
         $txt = $this->_parseHtml($txt);
         /* We still don't want XSS thx */
         if (!$this->skipXssCheck) {
             $txt = $this->checkXss($txt, true);
         }
     }
     /* http://community.invisionpower.com/resources/bugs.html/_/ip-board/profile-quotes-in-likes-tab-does-not-appear-r42346
     		else
     		{
     			$txt = str_replace( '  ', '&nbsp;&nbsp;', $txt );
     		}*/
     //-----------------------------------------
     // Fix "{style_images_url}"
     //-----------------------------------------
     $txt = str_replace("{style_images_url}", "&#123;style_images_url&#125;", $txt);
     //-----------------------------------------
     // Custom BB code
     //-----------------------------------------
     $_NOW = IPSDebug::getMemoryDebugFlag();
     IPSDebug::setMemoryDebugFlag("PreDisplayParse - parsed BBCode", $_NOW);
     //-----------------------------------------
     // Fix line breaks
     //-----------------------------------------
     if ($this->parse_html) {
         $txt = str_replace("~~~~~_____~~~~~", '<br />', $txt);
     }
     $_memberData = array('member_group_id' => $this->parsing_mgroup, 'mgroup_others' => $this->parsing_mgroup_others);
     if ($this->parsing_mgroup) {
         $_memberData = array_merge($_memberData, $this->caches['group_cache'][$this->parsing_mgroup]);
     }
     if ($this->parsing_mgroup_others) {
         $_memberData = ips_MemberRegistry::setUpSecondaryGroups($_memberData);
     }
     /* Finish hiiiiiiiiiiiiiiim */
     $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/text/parser.php', 'classes_text_parser');
     $parser = new $classToLoad();
     $parser->set(array('memberData' => $_memberData, 'parseBBCode' => $this->parse_bbcode, 'parseArea' => $this->parsing_section, 'parseHtml' => $this->parse_html, 'parseEmoticons' => $this->parse_smilies));
     /* Convert emos back into code */
     $txt = $parser->emoticonImgtoCode($txt);
     $txt = $parser->display($txt);
     //-----------------------------------------
     // Fix images nested inside anchors
     //-----------------------------------------
     $txt = preg_replace_callback('#(\\<a[^\\>]+bbc_url[^\\>]+\\>)\\s*?(.+?)\\s*?(\\<\\/a\\>)#im', array($this, 'removeLightboxSpans'), $txt);
     return $txt;
 }
Example #2
0
 /**
  * Load and return member data
  *
  * @access	public
  * @param	int		Member ID to load
  * @return	array
  */
 public function loadMemberData($memberId)
 {
     /* At this point, we could be either using 2.3 or 3.0 */
     if ($this->DB->checkForField('member_id', 'members')) {
         /* Attempt to load member */
         $this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.member_id=' . intval($memberId), 'add_join' => array(array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.member_group_id'))));
         $this->DB->execute();
         $this->_member = $this->DB->fetch();
     } else {
         /* Attempt to load member */
         $this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.id=' . intval($memberId), 'add_join' => array(array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.mgroup'))));
         $this->DB->execute();
         $this->_member = $this->DB->fetch();
         /* Fix up pre-3 stuffs */
         $this->_member['member_id'] = $this->_member['id'];
         $this->_member['member_group_id'] = $this->_member['mgroup'];
     }
     /* Set up seconday groups */
     $this->_member = ips_MemberRegistry::setUpSecondaryGroups($this->_member);
     return $this->fetchMemberData();
 }
 /**
  * Load and return member data
  *
  * @access	public
  * @param	int		Member ID to load
  * @return	array
  */
 public function loadMemberData($memberId)
 {
     /* Attempt to load member */
     $this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.member_id=' . intval($memberId), 'add_join' => array(array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.member_group_id'))));
     $this->DB->execute();
     /* Set up seconday groups */
     $this->_member = ips_MemberRegistry::setUpSecondaryGroups($this->DB->fetch());
     return $this->fetchMemberData();
 }
 /**
  * Our singleton INIT function
  *
  * @access	protected
  * @return	@e void
  */
 protected static function init()
 {
     if (self::$initiated !== TRUE) {
         //-----------------------------------------
         // IP Address
         //-----------------------------------------
         if (ipsRegistry::$settings['xforward_matching']) {
             foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) {
                 $addrs[] = trim($x_f);
             }
             $addrs[] = my_getenv('HTTP_CLIENT_IP');
             $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP');
             $addrs[] = my_getenv('HTTP_PROXY_USER');
         }
         $addrs[] = my_getenv('REMOTE_ADDR');
         //-----------------------------------------
         // Do we have one yet?
         //-----------------------------------------
         foreach ($addrs as $ip) {
             //-----------------------------------------
             // IP v4
             //-----------------------------------------
             if (IPSLib::validateIPv4($ip)) {
                 self::instance()->ip_address = $ip;
                 break;
             } else {
                 if (IPSLib::validateIPv6($ip)) {
                     self::instance()->ip_address = $ip;
                     break;
                 }
             }
         }
         //-----------------------------------------
         // Make sure we take a valid IP address
         //-----------------------------------------
         if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') {
             print "Could not determine your IP address";
             exit;
         }
         if (IPS_IS_UPGRADER) {
             require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php";
             /*noLibHook*/
             self::$session_class = new sessions();
         } else {
             self::setMember(0);
         }
     }
 }
Example #5
0
 /**
  * Set up a member
  *
  * @return	@e void
  */
 protected static function setUpMember()
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $cache = ipsRegistry::cache()->getCache('group_cache');
     //-----------------------------------------
     // Unpack cache
     //-----------------------------------------
     if (isset(self::$data_store['members_cache'])) {
         self::$data_store['_cache'] = IPSMember::unpackMemberCache(self::$data_store['members_cache']);
     } else {
         self::$data_store['_cache'] = array();
     }
     if (!isset(self::$data_store['_cache']['friends']) or !is_array(self::$data_store['_cache']['friends'])) {
         self::$data_store['_cache']['friends'] = array();
     }
     //-----------------------------------------
     // Unpack ignored users
     //-----------------------------------------
     if (isset(self::$data_store['ignored_users'])) {
         self::$data_store['_ignoredUsers'] = @unserialize(self::$data_store['ignored_users']);
     } else {
         self::$data_store['_ignoredUsers'] = array();
     }
     //-----------------------------------------
     // Set up main 'display' group
     //-----------------------------------------
     if (is_array($cache[self::$data_store['member_group_id']])) {
         self::$data_store = array_merge(self::$data_store, $cache[self::$data_store['member_group_id']]);
     }
     //-----------------------------------------
     // Work out permissions
     //-----------------------------------------
     self::$data_store = self::instance()->setUpSecondaryGroups(self::$data_store);
     /* Ensure we don't have a ,, string */
     self::$data_store['org_perm_id'] = IPSText::cleanPermString(self::$data_store['org_perm_id']);
     self::instance()->perm_id = !empty(self::$data_store['org_perm_id']) ? self::$data_store['org_perm_id'] : self::$data_store['g_perm_id'];
     self::instance()->perm_id_array = explode(",", self::instance()->perm_id);
     //-----------------------------------------
     // Synchronise the last visit and activity times if
     // we have some in the member profile
     //-----------------------------------------
     if (!self::$data_store['last_activity']) {
         self::$data_store['last_activity'] = IPS_UNIX_TIME_NOW;
     }
     //-----------------------------------------
     // If there hasn't been a cookie update in 2 hours,
     // we assume that they've gone and come back
     //-----------------------------------------
     if (!self::$data_store['last_visit']) {
         //-----------------------------------------
         // No last visit set, do so now!
         //-----------------------------------------
         ipsRegistry::DB()->update('members', array('last_visit' => self::$data_store['last_activity'], 'last_activity' => IPS_UNIX_TIME_NOW), "member_id=" . self::$data_store['member_id'], true);
         self::$data_store['last_visit'] = self::$data_store['last_activity'];
     } else {
         if (IPS_UNIX_TIME_NOW - self::$data_store['last_activity'] > 300) {
             //-----------------------------------------
             // If the last click was longer than 5 mins ago and this is a member
             // Update their profile.
             //-----------------------------------------
             $be_anon = IPSMember::isLoggedInAnon(self::$data_store);
             ipsRegistry::DB()->update('members', array('login_anonymous' => "{$be_anon}&1", 'last_activity' => IPS_UNIX_TIME_NOW), 'member_id=' . self::$data_store['member_id'], true);
         }
     }
     //-----------------------------------------
     // Group promotion based on time since joining
     //-----------------------------------------
     /* Are we checking for auto promotion? */
     if (self::$data_store['g_promotion'] != '-1&-1') {
         /* Are we checking for post based auto incrementation? 0 is post based, 1 is date based, so...  */
         if (self::$data_store['gbw_promote_unit_type']) {
             list($gid, $gdate) = explode('&', self::$data_store['g_promotion']);
             if ($gid > 0 and $gdate > 0) {
                 if (self::$data_store['joined'] <= time() - $gdate * 86400) {
                     IPSMember::save(self::$data_store['member_id'], array('core' => array('member_group_id' => $gid)));
                     /* Now reset the members group stuff */
                     self::$data_store = array_merge(self::$data_store, $cache[$gid]);
                     self::$data_store = self::instance()->setUpSecondaryGroups(self::$data_store);
                     self::instance()->perm_id = !empty(self::$data_store['org_perm_id']) ? self::$data_store['org_perm_id'] : self::$data_store['g_perm_id'];
                     self::instance()->perm_id_array = explode(",", self::instance()->perm_id);
                 }
             }
         }
     }
 }
 /**
  * Load member
  *
  * @param 	string	Member key: Either ID or email address OR array of IDs when $key_type is either ID or not set OR a list of $key_type strings (email address, name, etc)
  * @param 	string	Extra tables to load(all, none or comma delisted tables) Tables: members, pfields_content, profile_portal, groups, sessions, core_item_markers_storage, members_partial.
  *					You can also use the aliases: 'extendedProfile', 'customFields' and 'itemMarkingStorage'
  * @param	string  Key type. Leave it blank to auto-detect or specify "id", "email", "username", "displayname".
  * @return	array   Array containing member data
  * <code>
  * # Single member
  * $member = IPSMember::load( 1, 'extendedProfile,groups' );
  * $member = IPSMember::load( '*****@*****.**', 'all' );
  * $member = IPSMember::load( 'MattM', 'all', 'displayname' ); // Can also use 'username', 'email' or 'id'
  * # Multiple members
  * $members = IPSMember::load( array( 1, 2, 10 ), 'all' );
  * $members = IPSMember::load( array( 'MattM, 'JoeD', 'DaveP' ), 'all', 'displayname' );
  * </code>
  */
 public static function load($member_key, $extra_tables = 'all', $key_type = '')
 {
     //-----------------------------------------
     // INIT
     //-----------------------------------------
     $member_value = 0;
     $members = array();
     $multiple_ids = array();
     $member_field = '';
     $joins = array();
     $tables = array('pfields_content' => 0, 'profile_portal' => 0, 'groups' => 0, 'sessions' => 0, 'members_partial' => 0);
     $remap = array('extendedProfile' => 'profile_portal', 'customFields' => 'pfields_content');
     //-----------------------------------------
     // ID or email?
     //-----------------------------------------
     if (!$key_type) {
         if (is_array($member_key)) {
             $multiple_ids = array_map('intval', $member_key);
             // Bug #20908
             $member_field = 'member_id';
         } else {
             if (strstr($member_key, '@')) {
                 if (strstr($member_key, ' ')) {
                     $member_key = '';
                 }
                 $member_key = IPSText::mbsubstr($member_key, 0, 150);
                 $member_value = "'" . ipsRegistry::DB()->addSlashes(strtolower($member_key)) . "'";
                 $member_field = 'email';
             } else {
                 $member_value = intval($member_key);
                 $member_field = 'member_id';
             }
         }
     } else {
         switch ($key_type) {
             default:
             case 'id':
                 if (is_array($member_key)) {
                     $multiple_ids = $member_key;
                 } else {
                     $member_value = intval($member_key);
                 }
                 $member_field = 'member_id';
                 break;
             case 'fb_uid':
                 if (is_array($member_key)) {
                     $multiple_ids = $member_key;
                 } else {
                     $member_value = is_numeric($member_key) ? $member_key : 0;
                 }
                 $member_field = 'fb_uid';
                 if ($member_value == 0) {
                     return array();
                 }
                 break;
             case 'twitter_id':
                 if (is_array($member_key)) {
                     $multiple_ids = $member_key;
                 } else {
                     $member_value = is_numeric($member_key) ? $member_key : 0;
                 }
                 $member_field = 'twitter_id';
                 if ($member_value == 0) {
                     return array();
                 }
                 break;
             case 'email':
                 if (is_array($member_key)) {
                     array_walk($member_key, create_function('&$v,$k', '$v="\'".( ( strstr( $v, \' \' ) ) ? \'\' : ipsRegistry::DB()->addSlashes( IPSText::mbsubstr( strtolower( $v ), 0, 150 ) ) ) . "\'";'));
                     $multiple_ids = $member_key;
                 } else {
                     if (strstr($member_key, ' ')) {
                         $member_key = '';
                     }
                     $member_key = IPSText::mbsubstr($member_key, 0, 150);
                     $member_value = "'" . ipsRegistry::DB()->addSlashes(strtolower($member_key)) . "'";
                 }
                 $member_field = 'email';
                 break;
             case 'username':
                 if (is_array($member_key)) {
                     array_walk($member_key, create_function('&$v,$k', '$v="\'".ipsRegistry::DB()->addSlashes( IPSText::mbsubstr( strtolower( $v ), 0, 255 ) ) . "\'";'));
                     $multiple_ids = $member_key;
                 } else {
                     $member_key = IPSText::mbsubstr($member_key, 0, 255);
                     $member_value = "'" . ipsRegistry::DB()->addSlashes(strtolower($member_key)) . "'";
                 }
                 $member_field = 'members_l_username';
                 break;
             case 'displayname':
                 if (is_array($member_key)) {
                     array_walk($member_key, create_function('&$v,$k', '$v="\'".ipsRegistry::DB()->addSlashes( IPSText::mbsubstr( strtolower( $v ), 0, 255 ) ) . "\'";'));
                     $multiple_ids = $member_key;
                 } else {
                     $member_key = IPSText::mbsubstr($member_key, 0, 255);
                     $member_value = "'" . ipsRegistry::DB()->addSlashes(strtolower($member_key)) . "'";
                 }
                 $member_field = 'members_l_display_name';
                 break;
             case 'ipsconnect':
                 if (is_array($member_key)) {
                     $multiple_ids = $member_key;
                 } else {
                     $member_value = intval($member_key);
                 }
                 $member_field = 'ipsconnect_id';
                 break;
         }
     }
     //-----------------------------------------
     // Protected against member_id=0
     //-----------------------------------------
     if (!count($multiple_ids) or !is_array($multiple_ids)) {
         if ($member_field == 'member_id' and !$member_value) {
             return array();
         }
     }
     //-----------------------------------------
     // Sort out joins...
     //-----------------------------------------
     if ($extra_tables == 'all') {
         foreach ($tables as $_table => $_val) {
             /* Let's not load sessions or members_partial unless specifically requested */
             if ($_table == 'sessions' or $_table == 'members_partial') {
                 continue;
             }
             $tables[$_table] = 1;
         }
     } else {
         if ($extra_tables) {
             $_tables = explode(",", $extra_tables);
             foreach ($_tables as $_t) {
                 $_t = trim($_t);
                 if (isset($tables[$_t])) {
                     $tables[$_t] = 1;
                 } else {
                     if (isset(self::$remap[$_t])) {
                         if (strstr($tables[self::$remap[$_t]], ',')) {
                             $__tables = explode(',', $tables[self::$remap[$_t]]);
                             foreach ($__tables as $__t) {
                                 $tables[$__t] = 1;
                             }
                         } else {
                             $tables[self::$remap[$_t]] = 1;
                         }
                     }
                 }
             }
         }
     }
     //-----------------------------------------
     // Grab used tables
     //-----------------------------------------
     $_usedTables = array();
     foreach ($tables as $_name => $_use) {
         if ($_use) {
             $_usedTables[] = $_name;
         }
     }
     //-----------------------------------------
     // Check the cache first...
     //-----------------------------------------
     if ($member_field == 'member_id' and $member_value) {
         $member = self::_fetchFromCache($member_value, $_usedTables);
         if ($member !== FALSE) {
             return $member;
         }
     } else {
         if (count($multiple_ids) and is_array($multiple_ids)) {
             $_totalUsers = count($multiple_ids);
             $_gotFromCache = 0;
             $_fromCache = array();
             foreach ($multiple_ids as $_memberValue) {
                 $member = self::_fetchFromCache($_memberValue, $_usedTables);
                 if ($member !== FALSE) {
                     $_fromCache[$member['member_id']] = $member;
                     $_gotFromCache++;
                 }
             }
             //-----------------------------------------
             // Did we find all the members in cache?
             //-----------------------------------------
             if ($_gotFromCache == $_totalUsers) {
                 return $_fromCache;
             }
         }
     }
     self::$ignoreCache = FALSE;
     //-----------------------------------------
     // Fix up joins...
     //-----------------------------------------
     if ($tables['pfields_content']) {
         $joins[] = array('select' => 'p.*', 'from' => array('pfields_content' => 'p'), 'where' => 'p.member_id=m.member_id', 'type' => 'left');
     }
     if ($tables['profile_portal']) {
         $joins[] = array('select' => 'pp.*', 'from' => array('profile_portal' => 'pp'), 'where' => 'pp.pp_member_id=m.member_id', 'type' => 'left');
     }
     if ($tables['groups']) {
         $joins[] = array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'g.g_id=m.member_group_id', 'type' => 'left');
     }
     if ($tables['sessions']) {
         $joins[] = array('select' => 's.*', 'from' => array('sessions' => 's'), 'where' => 's.member_id=m.member_id', 'type' => 'left');
     }
     if ($tables['core_item_markers_storage']) {
         $joins[] = array('select' => 'im.*', 'from' => array('core_item_markers_storage' => 'im'), 'where' => 'im.item_member_id=m.member_id', 'type' => 'left');
     }
     if ($tables['members_partial']) {
         $joins[] = array('select' => 'mp.*', 'from' => array('members_partial' => 'mp'), 'where' => 'mp.partial_member_id=m.member_id', 'type' => 'left');
     }
     if (IPSContentCache::isEnabled()) {
         if (IPSContentCache::fetchSettingValue('sig')) {
             $joins[] = IPSContentCache::join('sig', 'm.member_id', 'ccb', 'left', 'ccb.cache_content');
         }
     }
     //-----------------------------------------
     // Do eeet
     //-----------------------------------------
     if (count($joins)) {
         ipsRegistry::DB()->build(array('select' => 'm.*, m.member_id as my_member_id', 'from' => array('members' => 'm'), 'where' => (is_array($multiple_ids) and count($multiple_ids)) ? 'm.' . $member_field . ' IN (' . implode(',', $multiple_ids) . ')' : 'm.' . $member_field . '=' . $member_value, 'add_join' => $joins));
     } else {
         ipsRegistry::DB()->build(array('select' => '*', 'from' => 'members', 'where' => (is_array($multiple_ids) and count($multiple_ids)) ? $member_field . ' IN (' . implode(',', $multiple_ids) . ')' : $member_field . '=' . $member_value));
     }
     //-----------------------------------------
     // Execute
     //-----------------------------------------
     ipsRegistry::DB()->execute();
     while ($mem = ipsRegistry::DB()->fetch()) {
         if (isset($mem['my_member_id'])) {
             $mem['member_id'] = $mem['my_member_id'];
         }
         $mem['full'] = true;
         if (!$mem['email'] or !$mem['members_display_name'] or $mem['email'] == $mem['name'] . '@' . $mem['joined']) {
             $mem['full'] = false;
             $mem['timenow'] = $mem['joined'];
         }
         /* Clean secondary groups */
         $mem['mgroup_others'] = $mem['mgroup_others'] != '' ? IPSText::cleanPermString($mem['mgroup_others']) : '';
         //-----------------------------------------
         // Be sure we properly apply secondary permissions
         //-----------------------------------------
         if ($tables['groups']) {
             $mem = ips_MemberRegistry::setUpSecondaryGroups($mem);
             /* Unpack groups */
             $mem = IPSMember::unpackGroup($mem, TRUE, TRUE);
         }
         //-----------------------------------------
         // Unblockable
         //-----------------------------------------
         $mem['_canBeIgnored'] = self::isIgnorable($mem['member_group_id'], $mem['mgroup_others']);
         /* Bitwise Options */
         $mem = self::buildBitWiseOptions($mem);
         /* Twitter is disabled them remove twitter tokens and such */
         if ($mem['twitter_id'] && !IPSLib::twitter_enabled()) {
             $mem['twitter_token'] = '';
             $mem['twitter_secret'] = '';
             $mem['twitter_id'] = '';
         }
         /* Add to array */
         $members[$mem['member_id']] = $mem;
         //-----------------------------------------
         // Add to cache
         //-----------------------------------------
         self::_addToCache($mem, $_usedTables);
     }
     //-----------------------------------------
     // Return just a single if we only sent one id
     //-----------------------------------------
     return (is_array($multiple_ids) and count($multiple_ids)) ? $members : array_shift($members);
 }
 /**
  * Our singleton INIT function
  *
  * @access	protected
  * @return	void
  */
 protected static function init()
 {
     if (self::$initiated !== TRUE) {
         //-----------------------------------------
         // IP Address
         //-----------------------------------------
         if (ipsRegistry::$settings['xforward_matching']) {
             foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) {
                 $x_f = trim($x_f);
                 if (preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/', $x_f)) {
                     $addrs[] = $x_f;
                 }
             }
             $addrs[] = my_getenv('HTTP_CLIENT_IP');
             $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP');
             $addrs[] = my_getenv('HTTP_PROXY_USER');
         }
         $addrs[] = my_getenv('REMOTE_ADDR');
         //-----------------------------------------
         // Do we have one yet?
         //-----------------------------------------
         foreach ($addrs as $ip) {
             if ($ip) {
                 preg_match("/^([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\$/", $ip, $match);
                 self::instance()->ip_address = $match[1] . '.' . $match[2] . '.' . $match[3] . '.' . $match[4];
                 if (self::instance()->ip_address and self::instance()->ip_address != '...') {
                     break;
                 }
             }
         }
         //-----------------------------------------
         // Make sure we take a valid IP address
         //-----------------------------------------
         if ((!self::instance()->ip_address or self::instance()->ip_address == '...') and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') {
             print "Could not determine your IP address";
             exit;
         }
         if (IPS_IS_UPGRADER) {
             require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php";
             self::$session_class = new sessions();
         } else {
             self::setMember(0);
         }
     }
 }
 /**
  * _authenticate()
  *
  * Authenticates the username and password
  *
  * This will return
  * - false	(Failed)
  * - true	(Succes)
  *
  * @access	private
  * @param  string  $username       	   			Username
  * @param  string  $password					Password
  * @return boolean
  **/
 private function _authenticate($username, $password)
 {
     //-----------------------------------------
     // Are they banned?
     //-----------------------------------------
     if (is_array($this->caches['banfilters']) and count($this->caches['banfilters'])) {
         foreach ($this->caches['banfilters'] as $ip) {
             $ip = str_replace('\\*', '.*', preg_quote($ip, "/"));
             if (preg_match("/^{$ip}\$/", $this->request['IP_ADDRESS'])) {
                 $this->error = $this->registry->class_localization->words['blogger_banned_msg'];
                 return false;
             }
         }
     }
     //-----------------------------------------
     // load the member
     //-----------------------------------------
     $member = IPSMember::load(IPSText::parseCleanValue($username), 'extendedProfile', 'username');
     if (!$member['member_id']) {
         $this->error = $this->registry->class_localization->words['blogger_unknown_user'];
         return false;
     }
     ips_MemberRegistry::setMember($member['member_id']);
     //--------------------------------
     //  Is the board offline?
     //--------------------------------
     if (ipsRegistry::$settings['board_offline'] == 1) {
         if ($member['g_access_offline'] != 1) {
             $this->error = $this->registry->class_localization->words['blogger_board_offline'];
             return false;
         }
     }
     //-----------------------------------------
     // Temporarely banned?
     //-----------------------------------------
     if ($member['temp_ban']) {
         $this->error = $this->registry->class_localization->words['blogger_suspended'];
         return false;
     }
     //-----------------------------------------
     // Load the Blog
     //-----------------------------------------
     $this->registry->blog_std->buildPerms();
     //-----------------------------------------
     // Users can have more than one blog - just
     // grab first one mysql returns
     //-----------------------------------------
     $blog = $this->registry->DB()->buildAndFetch(array('select' => 'blog_id, blog_name', 'from' => 'blog_blogs', 'where' => "member_id={$member['member_id']}"));
     if (!$blog['blog_id']) {
         $this->error = $this->registry->class_localization->words['blogger_noblog'];
         return false;
     }
     if (!($this->blog = $this->registry->blog_std->loadBlog($blog['blog_id'], 1))) {
         $this->error = $this->blog_std->error;
         return false;
     }
     //-----------------------------------------
     // Blog post permissions?
     //-----------------------------------------
     if (!$this->blog['allow_entry']) {
         $this->error = $this->registry->class_localization->words['blogger_nopost'];
         return false;
     }
     //-----------------------------------------
     // Validate password?
     //-----------------------------------------
     if (!ipsRegistry::$settings['blog_allow_xmlrpc'] or !$this->blog['blog_settings']['enable_xmlrpc']) {
         $this->error = $this->registry->class_localization->words['blogger_noxmlrpc'];
         return false;
     }
     if ($this->blog['blog_settings']['xmlrpc_password'] != md5(IPSText::parseCleanValue($password))) {
         if (isset($this->blog['blog_settings']['xmlrpc_failedattempts']) && $this->blog['blog_settings']['xmlrpc_failedattempts'] > 5) {
             $this->blog['blog_settings']['enable_xmlrpc'] = 0;
             $this->blog['blog_settings']['xmlrpc_failedattempts'] = 0;
             $blog_settings = serialize($this->blog['blog_settings']);
             $this->registry->DB()->update('blog_blogs', array('blog_settings' => $blog_settings), "blog_id = {$this->blog['blog_id']}");
         } else {
             $this->blog['blog_settings']['xmlrpc_failedattempts'] = isset($this->blog['blog_settings']['xmlrpc_failedattempts']) ? intval($this->blog['blog_settings']['xmlrpc_failedattempts']) + 1 : 1;
             $blog_settings = serialize($this->blog['blog_settings']);
             $this->registry->DB()->update('blog_blogs', array('blog_settings' => $blog_settings), "blog_id = {$this->blog['blog_id']}");
         }
         $this->error = $this->registry->class_localization->words['blogger_inv_pass'];
         return false;
     } else {
         if (isset($this->blog['blog_settings']['xmlrpc_failedattempts']) && $this->blog['blog_settings']['xmlrpc_failedattempts'] > 0) {
             $this->blog['blog_settings']['xmlrpc_failedattempts'] = 0;
             $blog_settings = serialize($this->blog['blog_settings']);
             $this->registry->DB()->update('blog_blogs', array('blog_settings' => $blog_settings), "blog_id = {$this->blog['blog_id']}");
         }
     }
     //-----------------------------------------
     // Set the member data
     //-----------------------------------------
     $this->memberData = $member;
     return true;
 }
Example #9
0
 /**
  * Replace bad words
  *
  * @param	string	Raw text
  * @return	string	Converted text
  */
 public function parseBadWords($text = '')
 {
     /* @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/report-center-bypass-word-filter-r40719 */
     if (self::$Perms['memberData']['member_group_id'] and !self::$Perms['memberData']['g_id']) {
         self::$Perms['memberData'] = array_merge(self::$Perms['memberData'], $this->caches['group_cache'][self::$Perms['memberData']['member_group_id']]);
         if (self::$Perms['memberData']['mgroup_others']) {
             self::$Perms['memberData'] = ips_MemberRegistry::setUpSecondaryGroups(self::$Perms['memberData']);
         }
     }
     /* Empty text or bypass? */
     if ($text == '' || self::$Perms['memberData']['g_bypass_badwords']) {
         return $text;
     }
     $badwords = $this->cache->getCache('badwords');
     $temp_text = $text;
     $urls = array();
     /* Got any naughty words? */
     if (!is_array($badwords) or !count($badwords)) {
         return $text;
     }
     /* strip out URLs so replacements aren't made */
     preg_match_all('#((http|https|news|ftp)://(?:[^<>\\)\\[\\"\\s]+|[a-zA-Z0-9/\\._\\-!&\\#;,%\\+\\?:=]+))#isu', $text, $matches);
     foreach ($matches[0] as $m) {
         $c = count($urls);
         $urls[$c] = $m;
         $text = str_replace($m, '<!--url{' . $c . '}-->', $text);
     }
     //-----------------------------------------
     // Convert back entities
     //-----------------------------------------
     for ($i = 65; $i <= 90; $i++) {
         $text = str_replace("&#" . $i . ";", chr($i), $text);
     }
     for ($i = 97; $i <= 122; $i++) {
         $text = str_replace("&#" . $i . ";", chr($i), $text);
     }
     //-----------------------------------------
     // Go all loopy
     //-----------------------------------------
     foreach ($badwords as $r) {
         $r['type'] = str_replace('&', '&amp;', IPSText::UNhtmlspecialchars($r['type']));
         if ($this->parseType != 'topics') {
             $r['swop'] = strip_tags($r['swop']);
         }
         $replace = $r['swop'] ? $r['swop'] : '######';
         if ($r['m_exact']) {
             $r['type'] = preg_quote($r['type'], "/");
             /* Link */
             // 				if ( IPS_DOC_CHAR_SET == 'UTF-8' && IPSText::isUTF8( $text ) )
             // 				{
             // 					$text = preg_replace( '/(^|\p{L}|\s)' . $r['type'] . '(\p{L}|!|\?|\.|,|$)/i', "\\1{$replace}\\2", $text );
             // 				}
             // 				else
             // 				{
             // \b does not work well because it matches word boundary, which is technically a \w to \W shift
             // @see http://stackoverflow.com/questions/6531724/how-exactly-do-regular-expression-word-boundaries-work-in-php
             // What we really want to look for is a non-word character on either side, so this works
             // Bad word filter for $!^& becomes $!^&amp;.  Submitted in a post that is <p>$!^&amp;</p> and </ is not a shift from non-word to word character
             //changed by denchu 06062013 \P{L} is better and works when others not
             $text = preg_replace('/(^|\\P{L})' . $r['type'] . '(\\P{L}|$)/i', "\\1" . $replace . "\\2", $text);
             /* I'd retest that for a dollar! */
             if (strstr($r['type'], '$')) {
                 $test = preg_replace('#(\\\\)?\\$#', '$', $r['type']);
                 $text = preg_replace('/(^|\\P{L})' . preg_quote($test) . '(\\P{L}|$)/i', "\\1" . $replace . "\\2", $text);
             }
             //				}
         } else {
             //----------------------------
             // 'ass' in 'class' kills css
             //----------------------------
             if ($r['type'] == 'ass') {
                 $text = preg_replace("/(?<!cl)" . $r['type'] . "/i", $replace, $text);
             } else {
                 $text = str_ireplace($r['type'], $replace, $text);
             }
         }
     }
     /* replace urls */
     if (count($urls)) {
         preg_match_all('#\\<\\!--url\\{(\\d+?)\\}--\\>#is', $text, $matches);
         for ($i = 0; $i < count($matches[0]); $i++) {
             if (isset($matches[1][$i])) {
                 $text = str_replace($matches[0][$i], $urls[$matches[1][$i]], $text);
             }
         }
     }
     return $text ? $text : $temp_text;
 }
Example #10
0
 /**
  * This method is run after a users profile is successfully updated
  *
  * @access	public
  * @param	array 	$member		Array of values that were changed
  * @return	void
  **/
 public function onProfileUpdate($member)
 {
     if (!DLE_PROFILE) {
         return true;
     }
     $update_array = array();
     if (isset($member['customFields']['field_6'])) {
         $update_array['land'] = $member['customFields']['field_6'];
     }
     if (isset($member['customFields']['field_7'])) {
         $update_array['info'] = $member['customFields']['field_7'];
     }
     $user = ips_MemberRegistry::getProperty('name');
     if ($update_array && $user) {
         if (DLE_CHARSET && DLE_CHARSET != 'UTF-8') {
             $user = iconv('UTF-8', DLE_CHARSET, $user);
             foreach ($update_array as &$value) {
                 $value = iconv('UTF-8', DLE_CHARSET, $value);
             }
         }
         $user = $this->db_connect()->addSlashes($user);
         /*  $set = '';
             foreach ($update_array as $field=>&$value)
             {
                 if ($set)
                 {
                     $set .= ", ";
                 }
                 
                 $value = $this->db->addSlashes($value);
                 $set .= $field . "='" . $value . "'";
             }*/
         $this->db->update("_users", $update_array, "name='{$user}'");
         $this->db_disconnect();
     }
 }