public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_INFORMATION']); if ($session['user'] instanceof Guest) { $email = htmlspecialchars($request['email']); if ($email == check_mail($email)) { if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE email = '{$email}'")->NumRows() > 0) { $new_pw = $this->GetRandom(); $forum = $this->dba->GetValue("SELECT name FROM " . FORUMS . " WHERE row_left = 1"); $username = $this->dba->GetValue("SELECT name FROM " . USERS . " WHERE email = '{$email}'"); if (mail($email, sprintf($template['L_PWSENTSUBJECT'], $forum), sprintf($template['L_PWSENTMESSAGE'], $forum, $username, $new_pw, $forum), "From: \"Password Reset - k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">")) { $this->dba->Query("UPDATE " . USERS . " SET pass = '******' WHERE email = '{$email}'"); return new Error($template['L_PASSWORDSENT'] . '<meta http-equiv="refresh" content="2; url=index.php">', $template); } else { return new Error($template['L_ERRORRESETPW'], $template); } } else { return new Error($template['L_INVALIDEMAIL'], $template); } } else { return new Error($template['L_INVALIDEMAIL'], $template); } } else { return new Error($template['L_CANTBELOGGEDIN'], $template); } }
public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { if (isset($request['forum']) && isset($request['days'])) { /* Turn the board off for safety reasons */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'"); $days = intval($request['days']); $forum = intval($request['forum']); $created = $days == 0 ? time() : time() - $days * 24 * 3600; $prune = new Prune(); if ($forum == -1) { foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) { $prune->KillNode($post); } } else { foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) { $prune->KillNode($post); } } /* Turn the board back on */ $this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'"); return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template); } else { return new Error($template['L_FORUMDOESNTEXIST'], $template); } } return TRUE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_FAQ']); $template->content = array('file' => 'faq.html'); $template->all_faq = new FAQCatIterator(0); /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { $forum = new Forum(); if ($forum->setForumpermissions(intval($request['forum_id']), $request)) { header("Location: admin.php?act=permissions"); } } return TRUE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { //$template->content = array('file' => 'admin/admin.html'); //$template->admin_panel = array('file' => 'admin/default.html'); } else { return new Error($template['L_CANNOTUSEFEATURE'], $template); } return TRUE; }
public function Execute(Template $template, Session $session, $request) { if ($session['user'] instanceof Member) { /* Create the ancestors bar, this just sets the title basically */ $template = CreateAncestors($template, $template['L_UPLOAD']); /* Tell is what template to use */ $template->content = array('file' => 'usercp/select_file.html'); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_INFORMATION']); if ($session['user'] instanceof Guest) { $template->content = array('file' => 'remindme_form.html'); return TRUE; } else { return new Error($template['L_CANTBELOGGEDIN'], $template); } return FALSE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_CALENDAR'] . ' - ' . $template['L_YEARLY']); if ($template['calendarenabled'] == 1) { $cal = new Calendar(); $template->content = array('file' => 'calendar_week.html'); /* ------------------------------------------------------------ THIS IS ALL TO FIND THE WEEK IF ONE WAS NOT GIVEN --------------------------------------------------------------*/ if (!isset($request['week']) || !$request['week'] || intval($request['week']) == 0) { $day_of_week = date("w", mktime(0, 0, 0, date("n"), 1, date("Y"))); // the day of the week 0 - 6 $last_month = date("n") != 1 ? date("n") - 1 : 12; // the number of last month 1- 12 $day_of_month = date("j"); // the day of this month 1 - 31 $year = $last_month != 1 ? date("Y") : date("Y") - 1; // year of the previous month $prev_month = date("t", mktime(0, 0, 0, $last_month, 1, $year)); // number of days in previous month /* First week of a month */ if ($day_of_month >= 1 && $day_of_week <= 7) { $start = $prev_month - ($day_of_week - 1); // start of the week $week = mktime(0, 0, 0, $last_month, $start, $year); } else { $week = mktime(0, 0, 0, date("n"), 1, date("Y")); } } /* ----------------------------------------------------------- DO THE OTHER LESS COMPLICATED STUFF -------------------------------------------------------------*/ $month = !isset($request['month']) ? date("n") : intval($request['month']); $year = !isset($request['year']) ? date("Y") : intval($request['year']); $week = !isset($request['week']) ? $week : intval($request['week']); $lm = $cal->rewind_month($month, $year); $template['prev_month'] = $cal->draw_calendar(1, 1, $lm['m'], $lm['y'], TRUE); $nm = $cal->advance_month($month, $year, TRUE); $template['next_month'] = $cal->draw_calendar(1, 1, $nm['m'], $nm['y'], TRUE); $weeks = $cal->week_range($week, $month, $year); //$template->week = !isset($weeks[$week-1]) ? @$weeks[$week+1] : @$weeks[$week-1]; $template->week = $weeks; } else { return new Error($template['L_FEATUREDENIED'], $template); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_FILEMANAGER']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { $fullpath = '../../'; $dir = dir($fullpath); $files = array(); while (false !== ($file = $dir->Read())) { $files[] = array('name' => $file, 'size' => filesize($fullpath . $file)); } $template->file_list = $files; } else { return new Error($template['L_CANNOTUSEFEATURE'], $template); } return TRUE; }
public function Execute(Template $template, Session $session, $request) { $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { $parser = new BBParser($this->dba->Quote($request['rank'])); $rank = $parser->Execute(); $rank_to = intval($request['rank_to']); switch ($rank_to) { case '1': if ($this->dba->Query("SELECT * FROM " . GROUPS . " WHERE id = " . intval($request['group_id']))->NumRows() == 1) { $col = "group_id"; $val = intval($request['group_id']); } else { return new Error($template['L_GROUPDOESNTEXIST'], $template); } break; case '2': if ($user = $this->dba->GetRow("SELECT * FROM " . USERS . " WHERE name = '" . $this->dba->Quote($request['name']) . "'")) { $col = "user_id"; $val = intval($user['id']); } else { return new Error($template['L_USERDOESNTEXIST'], $template); } break; case '3': $col = "banned"; $val = 1; break; } if (!$this->update) { if ($this->dba->Query("INSERT INTO " . RANKS . " ({$col}, rank) VALUES ({$val}, '{$rank}');")) { return new Error($template['L_RANKADDED'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=ranks">', $template); } } else { $id = intval($request['id']); if ($this->dba->Query("UPDATE " . RANKS . " SET user_id = 0, group_id = 0, banned = 0 WHERE id = {$id}") && $this->dba->Query("UPDATE " . RANKS . " SET {$col} = {$val}, rank = '{$rank}' WHERE id = {$id}")) { return new Error($template['L_RANKUPDATED'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=ranks">', $template); } } } return TRUE; }
public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); $template = CreateAncestors($template, $template['L_ADMINPANEL']); if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) { $user = $this->dba->Quote($request['name']); if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE name = '{$user}'")->NumRows() == 1) { $id = $this->dba->GetValue("SELECT id FROM " . USERS . " WHERE name = '{$user}'"); if (isset($request['edit'])) { header("Location: member.php?id=" . $id); } else { if (isset($request['delete'])) { if ($id != 1) { $this->dba->Execute("DELETE FROM " . SESSIONS . " WHERE uid = " . $id); $this->dba->Execute("DELETE FROM " . USERS . " WHERE id = " . $id); $this->dba->Execute("UPDATE " . POSTS . " SET poster_id = 0 WHERE poster_id = " . $id); $this->dba->Execute("UPDATE " . FORUMS . " SET thread_uid = 0 WHERE thread_uid = " . $id); return new Error($template['L_DELETEDUSER'], $template); } else { return new Error($template['L_CANNOTDELETEADMIN'], $template); } } } } else { return new Error($template['L_USERDOESNTEXIST'], $template); } } }
public function Execute(Template $template, Session $session, $request) { /* Create the anceators bar, or moreover, the title :P */ $template = CreateAncestors($template, $template['L_ATTACHMENTSM']); /* Get the variables */ $file = $request['file']; $temp = explode("/", $file); $temp_dir = $temp[0]; $exts = explode(".", $request['file']); $extension = $exts[count($exts) - 1]; global $lang; /* Open up the uploads directory and find the directory which matches the posts id */ if ($dir = dir('Uploads/' . $temp_dir)) { $array = array(); while (false !== ($file = $dir->read())) { if ($file != '.' && $file != '..') { $vars = explode('.', $file); $ext = $vars[count($vars) - 1]; $array[] = array('name' => $file, 'post_id' => $temp_dir, 'img' => $ext); } } $fullpath = 'Uploads/' . $request['file']; $attachment = ""; /* Give a nice way to display each file type */ switch ($extension) { /* These will all just fall down onto PNG, which is the only way we will display our images */ case 'gif': case 'bmp': case 'jpg': case 'jpe': case 'tiff': case 'jpeg': case 'png': $attachment = '<img src="' . $fullpath . '" alt="" border="1" />'; break; case 'php': $attachment = highlight_string(file_get_contents($fullpath), TRUE); break; case 'txt': $attachment = file_get_contents($fullpath); break; case 'phps': $attachment = highlight_string(file_get_contents($fullpath), TRUE); break; case 'pdf': $attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>'; break; case 'doc': $attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>'; break; case 'psd': $attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>'; break; case 'rtf': $attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>'; break; case 'zip': $attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>'; break; } $template['attachment'] = $attachment; $template->attachments = $array; } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { $guest = $session['user']; $dba = DBA::Open(); $session['post_vars'] = $request; /* I pop out the password and pass_check right away because I don't want those fields restored if the person encounters errors */ $this->Pop('pass'); $this->Pop('pass_check'); /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_REGISTER']); /* dba quote all of the request variables, just to make sure :) */ foreach ($request as $key => $val) { $request[$key] = $dba->Quote($val); } /* Check if the person is already logged in */ if ($guest instanceof Member) { return new Error($template['L_CANTBELOGGEDIN'], $template); } /* Check if that username is already taken */ if (isset($request['name']) && $guest->GetId($request['name']) != FALSE) { $this->Pop('name'); return new Error($template['L_USERNAMETAKEN'], $template); } /* Check if this is an invalid username */ if ($dba->Query("SELECT lower(name) FROM " . BADNAMES . " WHERE lower(name) = lower('" . $request['name'] . "')")->NumRows() >= 1) { $this->Pop('name'); return new Error($template['L_USERNAMENOTGOOD'], $template); } if (isset($request['name']) && strlen($request['name']) < 3) { $this->Pop('name'); return new Error($template['L_USERNAMETOOSHORT'], $template); } else { if (isset($request['name']) && strlen($request['name']) > 16) { $this->Pop('name'); return new Error($template['L_USERNAMETOOLONG'], $template); } } /* Check if that email is already taken */ if (isset($request['email']) && $guest->GetIdByEmail($request['email']) != FALSE) { $this->Pop('email'); return new Error($template['L_EMAILTAKEN'], $template); } /* Is the email valid ? */ if (isset($request['email']) && $request['email'] != check_mail($request['email'])) { $this->Pop('email'); return new Error($template['L_SUPPLYVALIDEMAIL'], $template); } /* Simple array of all of the required fields */ $required = array('name' => $template['L_SUPPLYUSERNAME'], 'email' => $template['L_SUPPLYVALIDEMAIL'], 'pass' => $template['L_SUPPLYPASS'], 'pass_check' => $template['L_SUPPLYPASSCHECK']); /* Return error messages if the fields are not filled in */ foreach ($required as $field => $message) { if (!isset($request[$field]) || $request[$field] == '') { $this->Pop($field); return new Error($message, $template); } } if (isset($request['pass']) && isset($request['pass_check']) && $request['pass'] != $request['pass_check']) { return new Error($template['L_PASSESDONTMATCH'], $template); } $member = $guest->Register($request); if ($member instanceof Member) { $member->Login(); if ($request['rememberme'] == 'on') { $session['rememberme'] = 'on'; } $session['user'] = $member; @mail($request['email'], sprintf($template['L_USERWELCOMEK4'], $template['bbtitle']), sprintf($template['L_USERWELCOMEMSGK4'], $template['bbtitle'], $session['user']['name'], $request['pass']), "From: \"k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">"); header("Location: index.php"); exit; } return FALSE; }
public function Execute(Template $template, Session $session, $request) { $this->dba = DBA::Open(); /* Ancestors Bar */ $template = CreateAncestors($template, $template['L_LOCKTHREAD']); /* Check permissions */ if ($session['user'] instanceof Member && $session['user']['perms'] >= MOD) { /* Set the templates */ $template->content = array('file' => 'admin/admin.html'); $row = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['id'])); if (!empty($row) && isset($row['id'])) { /* Lock the thread */ $this->dba->Execute("UPDATE " . POSTS . " SET row_locked = 1 WHERE id = " . $row['id']); return new Error($template['L_LOCKEDTHREAD'] . '<meta http-equiv="refresh" content="2; url=viewforum.php?id=' . $row['forum_id'] . '">', $template); } else { return new Error($template['L_INVALIDTHREADID'], $template); } } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Create the ancestors Bar */ $template = CreateAncestors($template, $template['L_VIEWMESSAGE']); /* If the user is allowed to see his/her/any user CP */ if ($session['user'] instanceof Member) { if (isset($request['id']) && intval($request['id']) != 0) { $dba = DBA::Open(); $msg = $dba->GetRow("SELECT * FROM " . PMSGS . " WHERE id = " . intval($request['id']) . " AND ((saved = 1 AND poster_id = " . $session['user']['id'] . ") OR (saved = 0 AND member_id = " . $session['user']['id'] . " OR member_id = 0))"); /* ReCreate the ancestors Bar */ $template = CreateAncestors($template, $template['L_VIEWMESSAGE'] . ' - ' . stripslashes($msg['name'])); /* Private Messages folder */ $template->pmsg_folders = new PMFolders(); if (!empty($msg) && isset($msg['id'])) { /* Set the messages */ $template->message = new PMMessage($msg); /* Set the Buddy List */ $template->buddy_list = new FriendsList(); /* Set the files */ $template->content = array('file' => 'usercp.html'); $template->usercp = array('file' => 'usercp/viewmessage.html'); /* Set this and all sub messages to read */ $dba->Execute("UPDATE " . PMSGS . " SET member_has_read = 1, new_reply = 0 WHERE row_left >= " . $msg['row_left'] . " AND row_right <= " . $msg['row_right']); } else { return new Error($template['L_MSGDOESNTEXIST'], $template); } } else { return new Error($template['L_FOLDERDOESNTEXIST'], $template); } } else { return new Error($template['L_NEEDLOGGEDIN'], $template); } return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_FORUMLOGIN']); $this->dba = DBA::Open(); /* If we're logged in or not */ if ($session['user'] instanceof Member) { if (isset($request['id']) && intval($request['id']) != 0) { $forum = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = " . intval($request['id'])); if (!empty($forum) && $forum['private'] == 1) { if ($this->dba->Quote($request['pass']) == $forum['pass']) { $session['forum_logged'] = $forum['id']; //$_SESSION[$forum['id']] = TRUE; //$session->OffsetSet($forum['id'], TRUE); //print_r($session); exit; /* Return a successful message */ return new Error($template['L_LOGGEDINTOFORUM'] . '<meta http-equiv="refresh" content="1; url=viewforum.php?id=' . intval($request['id']) . '">', $template); } else { return new Error($template['L_INVALIDFORUMPASS'], $template); } } else { return new Error($template['L_FORUMDOESNTEXIST'], $template); } } else { return new Error($template['L_FORUMDOESNTEXIST'], $template); } } else { return new Error($template['L_NEEDLOGGEDIN'], $template); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Fool around with the session and the request variables so pagination works throughout */ if (isset($request['keywords']) || isset($request['username'])) { $session->OffsetSet('search_results', $request); } else { $session['search_results'] = isset($session['search_results']) ? $session['search_results'] : $request; } $request = $session['search_results']; /* Set the template */ $template->content = array('file' => 'search_results.html'); /* Set the ancestors bar */ $template = CreateAncestors($template, $template['L_SEARCHRESULTS']); /* Do the search */ if (isset($request['keywords']) && $request['keywords'] || isset($request['username']) && $request['username']) { /* Set a variable to the column that we will search against */ $to_use = ''; /* Check to find out which field we want to search for */ if ($request['keywords'] != '' && $request['username'] != '') { $to_use = 1; } if ($to_use == '') { $to_use = $request['keywords'] != '' ? 1 : 2; } /* Auto quote out invalid characters */ foreach ($request as $key => $val) { if ($key != 'forums') { $request[$key] = $this->dba->Quote($val); } } $this->exact = isset($request['exact']) ? TRUE : FALSE; /* Get the forums to search in */ $forums = isset($request['forums']) ? $request['forums'] : array(); /* Check if the user has actually selected any forums to search in */ if (count($forums) == 0) { return new Error($template['L_FORUMDOESNTEXIST'], $template); } /* Set up this section of the query */ $query_users = ''; $query_posts = ''; /* If we are searching using keywords */ if ($to_use == 1) { $keywords = htmlspecialchars($request['keywords']); $template['search_terms'] = $template['L_KEYWORDS'] . ': ' . $keywords; $field = intval($request['search_where']) == 1 ? 'body_text' : 'name'; $query_posts = " lower(" . $field . ") LIKE lower('%" . $keywords . "%') "; /* If we are searching by poster names */ } else { if ($to_use == 2) { $template['search_terms'] = $template['L_USERNAME'] . ': ' . $request['username']; /* Get the user(s) */ $users = $this->GetUsers($this->dba->Quote($request['username'])); $i = 1; if ($users instanceof SetError) { return new Error($users->message, $template); } else { /* Loop through the users */ foreach ($users as $user) { /* Make this section of the query */ $query_users .= $i != $this->user_count ? "poster_name = '" . $user['name'] . "' OR " : "poster_name = '" . $user['name'] . "'"; /* increment the $i variable */ $i++; } /* If we are just looking for threads by the user */ if (intval($request['user_where']) == '2') { $query_users .= " AND row_type = 2 "; } } } } $query_forums = ''; /* Loop the forums and make that part of the query */ for ($f = 0; $f < count($forums); $f++) { /* Make the forums part of the query */ $query_forums .= $f != count($forums) - 1 ? "id = " . $forums[$f] . " OR " : "id = " . $forums[$f]; } $at_least = ''; //$at_least = intval($request['at_least']) == 0 ? '<=' : '>='; //$at_least = " AND (right-left-1)/2 $at_least ". intval(@$request['num_posts']) ." "; /* set the display order */ $order = intval($request['sort']) == 1 ? ' ORDER BY created DESC' : ' ORDER BY created ASC'; /* Set from how long ago the posts will be */ $oldnew = intval($request['posts_oldnew']) == 1 ? '>=' : '<='; $from = " AND created {$oldnew} '" . intval($request['posts_from']) . "' "; $template['postlimit'] = 30; $template['total_posts'] = DBA::Open()->GetValue("SELECT COUNT(*) FROM " . FORUMS . " WHERE {$query_forums}"); $template->search_results = new SearchResultsIterator($query_forums, $query_posts, $query_users, $order, $at_least, $from); } else { /* Return an error if they have not put anything to search for */ return new Error($template['L_MUSTDEFINESEARCH'], $template); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { if (isset($request['id'])) { /* Instanciate the forum class */ $forum = new Forum(); $id = intval($request['id']); $suspend = $session['user']['perms'] & ADMIN ? 1 : 0; $row = $forum->getForum($id); /* Simple redirect to index.php */ if ($row['row_left'] == 1) { exit(header("Location: index.php")); } /* Check if the Category or forum exists */ if (!$row) { return new Error($template['L_FORUMDOESNTEXIST'], $template); } /* Create the ancestors list with the results from the get category query */ $template = CreateAncestors($template, $row, $suspend); /* Are we looking at forums within a category? */ if ($row['row_level'] == 1) { $template->welcome_msg = array('hide' => TRUE); $template->content = array('file' => 'forums.html'); $template->categories = new ForumList($id, $suspend); } else { if ($row['row_level'] >= 2) { /* Make sure that the forum isn't a link */ if ($row['is_link'] == 0) { /* Is this forum password-protected? */ if ($row['private'] == 1 && @$_SESSION['forum_logged'] != $row['id']) { $template['forum_id'] = $row['id']; $template->content = array('file' => 'forum_login.html'); } else { /* Get the user permissions */ $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL; /* If the current user is allowed to read the forums */ if ($user_perms >= $row['can_view']) { if ($row['subforums'] > 0) { $template->subforums = new SubForumList($row, FALSE, $suspend); } else { $template->sub_forums = array('hide' => TRUE); } /* Set the template */ $template->content = array('file' => 'forum.html'); if (isset($request['sort']) && isset($request['order'])) { $template[$request['sort'] . '_sort'] = $request['order'] == 'ASC' ? ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_up.gif" alt="" border="0" />' : ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_down.gif" alt="" border="0" />'; } if (!isset($request['order'])) { $template['order'] = 'DESC'; } else { $template['order'] = $request['order'] == 'DESC' ? 'ASC' : 'DESC'; } /* This could return an instance of the SetError class, so we'll check that */ $threads = new ThreadIterator($session); /* Check if there was an error */ if ($threads instanceof SetError) { return new Error($threads->message, $template); } else { $template->threads = $threads; } $template['total_posts'] = $row['threads']; $template['forum_id'] = $row['id']; $template['postlimit'] = $row['threadsperpage']; $template['pag_start'] = isset($request['start']) ? intval(@$request['start']) : 0; } else { return new Error($template['L_PERMCANTVIEW'], $template); } } } else { DBA::Open()->Execute("UPDATE " . FORUMS . " SET referals = referals+1 WHERE id = " . $row['id']); header("Location: " . $row['link_href']); } } else { return new Error($template['L_ERRORVIEWFORUM'], $template); } } } else { return new Error($template['L_INVALIDFORUM'], $template); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { $dba = DBA::Open(); /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_EDITPOST']); /* Set the user's permissions */ $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL; if ($session['user'] instanceof Member) { $id = intval(@$request['id']); if (isset($request['id']) && $id != 0) { try { @($post = $dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = {$id}")); } catch (DBA_Exception $e) { return new TplException($e, $template); } if (is_array($post) && !empty($post)) { /* Try and get the forum */ try { @($f = new Forum()); @($forum = $f->getForum($post['forum_id'])); } catch (DBA_Exception $e) { return new TplException($e, $template); } if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) { /* Set the post icons and the emoticons */ $template->posticons = DBA::Open()->Query("SELECT * FROM " . POSTICONS); $template->emoticons = DBA::Open()->Query("SELECT * FROM " . EMOTICONS); /* Hide the part of this template that has to do with replying */ $template->post_thread = array('hide' => TRUE); /* Set the template */ $template->content = array('file' => 'newthread.html'); $parser = new BBParser($post['body_text']); $template['message'] = $parser->Revert($post['body_text']); $template['posttitle'] = $post['name']; /* Remove all of the extra features */ $template->poll_options = array('hide' => TRUE); $template->post_options = array('hide' => TRUE); $template->can_attach = array('hide' => TRUE); /* Set the thread action */ $template['a_add_thread'] = new Action('posting.php', 'update_post'); /* Set the post id */ $template['post_id'] = $post['id']; } else { return new Error($template['L_PERMSEDITPOST'], $template); } } else { return new Error($template['L_INVALIDPOSTID'], $template); } } else { return new Error($template['L_INVALIDPOSTID'], $template); } } else { return new Error($template['L_NEEDLOGGEDIN'], $template); } /* Set the number of queries */ $template['num_queries'] = $session->dba->num_queries; return TRUE; }
public function Execute(Template $template, Session $session, $request) { /* Create the ancestors bar (if we run into any trouble */ $template = CreateAncestors($template, $template['L_POSTREPLY']); /* Open a connection to the database */ $this->dba = DBA::Open(); /* Set the a variable to this user's permissions and id */ $user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL; $user_id = $session['user']['id']; /* Get our parent forum */ try { @($post = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['post_id']))); @($thread = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE row_left <= " . $post['row_left'] . " AND row_right >= " . $post['row_right'])); } catch (DBA_Exception $e) { return new TplException($e, $template); } /* Parse the Message */ $request['message'] = BB::Open($request['message'])->Execute(); /* Quote all of the REQUEST variables */ foreach ($request as $key => $val) { $request[$key] = $this->dba->Quote($val); } /* Set the post icon */ if (isset($request['posticon']) && intval($request['posticon']) != 0 && $request['posticon'] != '-1') { try { $posticon = $this->dba->GetValue("SELECT image FROM " . POSTICONS . " WHERE id = " . intval($request['posticon'])); } catch (DBA_Exception $e) { return new TplException($e, $template); } } else { $posticon = 'clear.gif'; } if (is_array($post) && !empty($post)) { /* Try and get the forum */ try { @($f = new Forum()); @($forum = $f->getForum($post['forum_id'])); } catch (DBA_Exception $e) { return new TplException($e, $template); } if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) { try { @$this->dba->Query("UPDATE " . POSTS . " SET name = '" . $request['title'] . "', body_text = '" . $request['message'] . "', icon = '" . $posticon . "', edited = " . time() . " WHERE id = " . $post['id']); } catch (DBA_Exception $e) { return new TplException($e, $template); } /* If we've gotten to this point, reload the page to our recently added thread :) */ return new Error($template['L_UPDATEDPOST'] . '<meta http-equiv="refresh" content="1; url=viewthread.php?id=' . $thread['id'] . '">', $template); } else { return new Error($template['L_PERMSEDITPOST'], $template); } } else { return new Error($template['L_INVALIDPOSTID'], $template); } }
public function Execute(Template $template, Session $session, &$cookie, &$post, &$get) { //$forum = new Forum; if ($session['user'] instanceof Member) { $template['user_name'] = $session['user']['name']; } $template = CreateAncestors($template); return TRUE; }