public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_INFORMATION']);
if ($session['user'] instanceof Guest) {
$email = htmlspecialchars($request['email']);
if ($email == check_mail($email)) {
if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE email = '{$email}'")->NumRows() > 0) {
$new_pw = $this->GetRandom();
$forum = $this->dba->GetValue("SELECT name FROM " . FORUMS . " WHERE row_left = 1");
$username = $this->dba->GetValue("SELECT name FROM " . USERS . " WHERE email = '{$email}'");
if (mail($email, sprintf($template['L_PWSENTSUBJECT'], $forum), sprintf($template['L_PWSENTMESSAGE'], $forum, $username, $new_pw, $forum), "From: \"Password Reset - k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">")) {
$this->dba->Query("UPDATE " . USERS . " SET pass = '******' WHERE email = '{$email}'");
return new Error($template['L_PASSWORDSENT'] . '<meta http-equiv="refresh" content="2; url=index.php">', $template);
} else {
return new Error($template['L_ERRORRESETPW'], $template);
}
} else {
return new Error($template['L_INVALIDEMAIL'], $template);
}
} else {
return new Error($template['L_INVALIDEMAIL'], $template);
}
} else {
return new Error($template['L_CANTBELOGGEDIN'], $template);
}
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
if (isset($request['forum']) && isset($request['days'])) {
/* Turn the board off for safety reasons */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '0' WHERE varname = 'bbactive'");
$days = intval($request['days']);
$forum = intval($request['forum']);
$created = $days == 0 ? time() : time() - $days * 24 * 3600;
$prune = new Prune();
if ($forum == -1) {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
} else {
foreach ($this->dba->Query("SELECT * FROM " . POSTS . " WHERE parent_id = " . $forum . " AND row_status != 2 AND row_status != 3 AND row_type = 2 AND row_right-row_left-1 = 0 AND created <= " . $created) as $post) {
$prune->KillNode($post);
}
}
/* Turn the board back on */
$this->dba->Execute("UPDATE " . SETTING . " SET value = '1' WHERE varname = 'bbactive'");
return new Error($template['L_PRUNESUCCESS'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=prune">', $template);
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_FAQ']);
$template->content = array('file' => 'faq.html');
$template->all_faq = new FAQCatIterator(0);
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$forum = new Forum();
if ($forum->setForumpermissions(intval($request['forum_id']), $request)) {
header("Location: admin.php?act=permissions");
}
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
//$template->content = array('file' => 'admin/admin.html');
//$template->admin_panel = array('file' => 'admin/default.html');
} else {
return new Error($template['L_CANNOTUSEFEATURE'], $template);
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
if ($session['user'] instanceof Member) {
/* Create the ancestors bar, this just sets the title basically */
$template = CreateAncestors($template, $template['L_UPLOAD']);
/* Tell is what template to use */
$template->content = array('file' => 'usercp/select_file.html');
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_INFORMATION']);
if ($session['user'] instanceof Guest) {
$template->content = array('file' => 'remindme_form.html');
return TRUE;
} else {
return new Error($template['L_CANTBELOGGEDIN'], $template);
}
return FALSE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_CALENDAR'] . ' - ' . $template['L_YEARLY']);
if ($template['calendarenabled'] == 1) {
$cal = new Calendar();
$template->content = array('file' => 'calendar_week.html');
/* ------------------------------------------------------------
THIS IS ALL TO FIND THE WEEK IF ONE WAS NOT GIVEN
--------------------------------------------------------------*/
if (!isset($request['week']) || !$request['week'] || intval($request['week']) == 0) {
$day_of_week = date("w", mktime(0, 0, 0, date("n"), 1, date("Y")));
// the day of the week 0 - 6
$last_month = date("n") != 1 ? date("n") - 1 : 12;
// the number of last month 1- 12
$day_of_month = date("j");
// the day of this month 1 - 31
$year = $last_month != 1 ? date("Y") : date("Y") - 1;
// year of the previous month
$prev_month = date("t", mktime(0, 0, 0, $last_month, 1, $year));
// number of days in previous month
/* First week of a month */
if ($day_of_month >= 1 && $day_of_week <= 7) {
$start = $prev_month - ($day_of_week - 1);
// start of the week
$week = mktime(0, 0, 0, $last_month, $start, $year);
} else {
$week = mktime(0, 0, 0, date("n"), 1, date("Y"));
}
}
/* -----------------------------------------------------------
DO THE OTHER LESS COMPLICATED STUFF
-------------------------------------------------------------*/
$month = !isset($request['month']) ? date("n") : intval($request['month']);
$year = !isset($request['year']) ? date("Y") : intval($request['year']);
$week = !isset($request['week']) ? $week : intval($request['week']);
$lm = $cal->rewind_month($month, $year);
$template['prev_month'] = $cal->draw_calendar(1, 1, $lm['m'], $lm['y'], TRUE);
$nm = $cal->advance_month($month, $year, TRUE);
$template['next_month'] = $cal->draw_calendar(1, 1, $nm['m'], $nm['y'], TRUE);
$weeks = $cal->week_range($week, $month, $year);
//$template->week = !isset($weeks[$week-1]) ? @$weeks[$week+1] : @$weeks[$week-1];
$template->week = $weeks;
} else {
return new Error($template['L_FEATUREDENIED'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_FILEMANAGER']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$fullpath = '../../';
$dir = dir($fullpath);
$files = array();
while (false !== ($file = $dir->Read())) {
$files[] = array('name' => $file, 'size' => filesize($fullpath . $file));
}
$template->file_list = $files;
} else {
return new Error($template['L_CANNOTUSEFEATURE'], $template);
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$parser = new BBParser($this->dba->Quote($request['rank']));
$rank = $parser->Execute();
$rank_to = intval($request['rank_to']);
switch ($rank_to) {
case '1':
if ($this->dba->Query("SELECT * FROM " . GROUPS . " WHERE id = " . intval($request['group_id']))->NumRows() == 1) {
$col = "group_id";
$val = intval($request['group_id']);
} else {
return new Error($template['L_GROUPDOESNTEXIST'], $template);
}
break;
case '2':
if ($user = $this->dba->GetRow("SELECT * FROM " . USERS . " WHERE name = '" . $this->dba->Quote($request['name']) . "'")) {
$col = "user_id";
$val = intval($user['id']);
} else {
return new Error($template['L_USERDOESNTEXIST'], $template);
}
break;
case '3':
$col = "banned";
$val = 1;
break;
}
if (!$this->update) {
if ($this->dba->Query("INSERT INTO " . RANKS . " ({$col}, rank) VALUES ({$val}, '{$rank}');")) {
return new Error($template['L_RANKADDED'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=ranks">', $template);
}
} else {
$id = intval($request['id']);
if ($this->dba->Query("UPDATE " . RANKS . " SET user_id = 0, group_id = 0, banned = 0 WHERE id = {$id}") && $this->dba->Query("UPDATE " . RANKS . " SET {$col} = {$val}, rank = '{$rank}' WHERE id = {$id}")) {
return new Error($template['L_RANKUPDATED'] . '<meta http-equiv="refresh" content="2; url=admin.php?act=ranks">', $template);
}
}
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
$template = CreateAncestors($template, $template['L_ADMINPANEL']);
if ($session['user'] instanceof Member && $session['user']['perms'] & ADMIN) {
$user = $this->dba->Quote($request['name']);
if ($this->dba->Query("SELECT * FROM " . USERS . " WHERE name = '{$user}'")->NumRows() == 1) {
$id = $this->dba->GetValue("SELECT id FROM " . USERS . " WHERE name = '{$user}'");
if (isset($request['edit'])) {
header("Location: member.php?id=" . $id);
} else {
if (isset($request['delete'])) {
if ($id != 1) {
$this->dba->Execute("DELETE FROM " . SESSIONS . " WHERE uid = " . $id);
$this->dba->Execute("DELETE FROM " . USERS . " WHERE id = " . $id);
$this->dba->Execute("UPDATE " . POSTS . " SET poster_id = 0 WHERE poster_id = " . $id);
$this->dba->Execute("UPDATE " . FORUMS . " SET thread_uid = 0 WHERE thread_uid = " . $id);
return new Error($template['L_DELETEDUSER'], $template);
} else {
return new Error($template['L_CANNOTDELETEADMIN'], $template);
}
}
}
} else {
return new Error($template['L_USERDOESNTEXIST'], $template);
}
}
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the anceators bar, or moreover, the title :P */
$template = CreateAncestors($template, $template['L_ATTACHMENTSM']);
/* Get the variables */
$file = $request['file'];
$temp = explode("/", $file);
$temp_dir = $temp[0];
$exts = explode(".", $request['file']);
$extension = $exts[count($exts) - 1];
global $lang;
/* Open up the uploads directory and find the directory which matches the posts id */
if ($dir = dir('Uploads/' . $temp_dir)) {
$array = array();
while (false !== ($file = $dir->read())) {
if ($file != '.' && $file != '..') {
$vars = explode('.', $file);
$ext = $vars[count($vars) - 1];
$array[] = array('name' => $file, 'post_id' => $temp_dir, 'img' => $ext);
}
}
$fullpath = 'Uploads/' . $request['file'];
$attachment = "";
/* Give a nice way to display each file type */
switch ($extension) {
/* These will all just fall down onto PNG, which is the only way we will display our images */
case 'gif':
case 'bmp':
case 'jpg':
case 'jpe':
case 'tiff':
case 'jpeg':
case 'png':
$attachment = '<img src="' . $fullpath . '" alt="" border="1" />';
break;
case 'php':
$attachment = highlight_string(file_get_contents($fullpath), TRUE);
break;
case 'txt':
$attachment = file_get_contents($fullpath);
break;
case 'phps':
$attachment = highlight_string(file_get_contents($fullpath), TRUE);
break;
case 'pdf':
$attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>';
break;
case 'doc':
$attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>';
break;
case 'psd':
$attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>';
break;
case 'rtf':
$attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>';
break;
case 'zip':
$attachment = '<a href="' . $fullpath . '" target="_blank">' . $lang['L_CLICKHERE'] . '</a>';
break;
}
$template['attachment'] = $attachment;
$template->attachments = $array;
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$guest = $session['user'];
$dba = DBA::Open();
$session['post_vars'] = $request;
/* I pop out the password and pass_check right away because I don't want those fields restored if the person encounters errors */
$this->Pop('pass');
$this->Pop('pass_check');
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_REGISTER']);
/* dba quote all of the request variables, just to make sure :) */
foreach ($request as $key => $val) {
$request[$key] = $dba->Quote($val);
}
/* Check if the person is already logged in */
if ($guest instanceof Member) {
return new Error($template['L_CANTBELOGGEDIN'], $template);
}
/* Check if that username is already taken */
if (isset($request['name']) && $guest->GetId($request['name']) != FALSE) {
$this->Pop('name');
return new Error($template['L_USERNAMETAKEN'], $template);
}
/* Check if this is an invalid username */
if ($dba->Query("SELECT lower(name) FROM " . BADNAMES . " WHERE lower(name) = lower('" . $request['name'] . "')")->NumRows() >= 1) {
$this->Pop('name');
return new Error($template['L_USERNAMENOTGOOD'], $template);
}
if (isset($request['name']) && strlen($request['name']) < 3) {
$this->Pop('name');
return new Error($template['L_USERNAMETOOSHORT'], $template);
} else {
if (isset($request['name']) && strlen($request['name']) > 16) {
$this->Pop('name');
return new Error($template['L_USERNAMETOOLONG'], $template);
}
}
/* Check if that email is already taken */
if (isset($request['email']) && $guest->GetIdByEmail($request['email']) != FALSE) {
$this->Pop('email');
return new Error($template['L_EMAILTAKEN'], $template);
}
/* Is the email valid ? */
if (isset($request['email']) && $request['email'] != check_mail($request['email'])) {
$this->Pop('email');
return new Error($template['L_SUPPLYVALIDEMAIL'], $template);
}
/* Simple array of all of the required fields */
$required = array('name' => $template['L_SUPPLYUSERNAME'], 'email' => $template['L_SUPPLYVALIDEMAIL'], 'pass' => $template['L_SUPPLYPASS'], 'pass_check' => $template['L_SUPPLYPASSCHECK']);
/* Return error messages if the fields are not filled in */
foreach ($required as $field => $message) {
if (!isset($request[$field]) || $request[$field] == '') {
$this->Pop($field);
return new Error($message, $template);
}
}
if (isset($request['pass']) && isset($request['pass_check']) && $request['pass'] != $request['pass_check']) {
return new Error($template['L_PASSESDONTMATCH'], $template);
}
$member = $guest->Register($request);
if ($member instanceof Member) {
$member->Login();
if ($request['rememberme'] == 'on') {
$session['rememberme'] = 'on';
}
$session['user'] = $member;
@mail($request['email'], sprintf($template['L_USERWELCOMEK4'], $template['bbtitle']), sprintf($template['L_USERWELCOMEMSGK4'], $template['bbtitle'], $session['user']['name'], $request['pass']), "From: \"k4 Bulletin Board Mailer\" <noreply@" . $_SERVER['HTTP_HOST'] . ">");
header("Location: index.php");
exit;
}
return FALSE;
}
public function Execute(Template $template, Session $session, $request)
{
$this->dba = DBA::Open();
/* Ancestors Bar */
$template = CreateAncestors($template, $template['L_LOCKTHREAD']);
/* Check permissions */
if ($session['user'] instanceof Member && $session['user']['perms'] >= MOD) {
/* Set the templates */
$template->content = array('file' => 'admin/admin.html');
$row = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['id']));
if (!empty($row) && isset($row['id'])) {
/* Lock the thread */
$this->dba->Execute("UPDATE " . POSTS . " SET row_locked = 1 WHERE id = " . $row['id']);
return new Error($template['L_LOCKEDTHREAD'] . '<meta http-equiv="refresh" content="2; url=viewforum.php?id=' . $row['forum_id'] . '">', $template);
} else {
return new Error($template['L_INVALIDTHREADID'], $template);
}
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the ancestors Bar */
$template = CreateAncestors($template, $template['L_VIEWMESSAGE']);
/* If the user is allowed to see his/her/any user CP */
if ($session['user'] instanceof Member) {
if (isset($request['id']) && intval($request['id']) != 0) {
$dba = DBA::Open();
$msg = $dba->GetRow("SELECT * FROM " . PMSGS . " WHERE id = " . intval($request['id']) . " AND ((saved = 1 AND poster_id = " . $session['user']['id'] . ") OR (saved = 0 AND member_id = " . $session['user']['id'] . " OR member_id = 0))");
/* ReCreate the ancestors Bar */
$template = CreateAncestors($template, $template['L_VIEWMESSAGE'] . ' - ' . stripslashes($msg['name']));
/* Private Messages folder */
$template->pmsg_folders = new PMFolders();
if (!empty($msg) && isset($msg['id'])) {
/* Set the messages */
$template->message = new PMMessage($msg);
/* Set the Buddy List */
$template->buddy_list = new FriendsList();
/* Set the files */
$template->content = array('file' => 'usercp.html');
$template->usercp = array('file' => 'usercp/viewmessage.html');
/* Set this and all sub messages to read */
$dba->Execute("UPDATE " . PMSGS . " SET member_has_read = 1, new_reply = 0 WHERE row_left >= " . $msg['row_left'] . " AND row_right <= " . $msg['row_right']);
} else {
return new Error($template['L_MSGDOESNTEXIST'], $template);
}
} else {
return new Error($template['L_FOLDERDOESNTEXIST'], $template);
}
} else {
return new Error($template['L_NEEDLOGGEDIN'], $template);
}
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_FORUMLOGIN']);
$this->dba = DBA::Open();
/* If we're logged in or not */
if ($session['user'] instanceof Member) {
if (isset($request['id']) && intval($request['id']) != 0) {
$forum = $this->dba->GetRow("SELECT * FROM " . FORUMS . " WHERE id = " . intval($request['id']));
if (!empty($forum) && $forum['private'] == 1) {
if ($this->dba->Quote($request['pass']) == $forum['pass']) {
$session['forum_logged'] = $forum['id'];
//$_SESSION[$forum['id']] = TRUE;
//$session->OffsetSet($forum['id'], TRUE);
//print_r($session); exit;
/* Return a successful message */
return new Error($template['L_LOGGEDINTOFORUM'] . '<meta http-equiv="refresh" content="1; url=viewforum.php?id=' . intval($request['id']) . '">', $template);
} else {
return new Error($template['L_INVALIDFORUMPASS'], $template);
}
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
} else {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
} else {
return new Error($template['L_NEEDLOGGEDIN'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Fool around with the session and the request variables so pagination works throughout */
if (isset($request['keywords']) || isset($request['username'])) {
$session->OffsetSet('search_results', $request);
} else {
$session['search_results'] = isset($session['search_results']) ? $session['search_results'] : $request;
}
$request = $session['search_results'];
/* Set the template */
$template->content = array('file' => 'search_results.html');
/* Set the ancestors bar */
$template = CreateAncestors($template, $template['L_SEARCHRESULTS']);
/* Do the search */
if (isset($request['keywords']) && $request['keywords'] || isset($request['username']) && $request['username']) {
/* Set a variable to the column that we will search against */
$to_use = '';
/* Check to find out which field we want to search for */
if ($request['keywords'] != '' && $request['username'] != '') {
$to_use = 1;
}
if ($to_use == '') {
$to_use = $request['keywords'] != '' ? 1 : 2;
}
/* Auto quote out invalid characters */
foreach ($request as $key => $val) {
if ($key != 'forums') {
$request[$key] = $this->dba->Quote($val);
}
}
$this->exact = isset($request['exact']) ? TRUE : FALSE;
/* Get the forums to search in */
$forums = isset($request['forums']) ? $request['forums'] : array();
/* Check if the user has actually selected any forums to search in */
if (count($forums) == 0) {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
/* Set up this section of the query */
$query_users = '';
$query_posts = '';
/* If we are searching using keywords */
if ($to_use == 1) {
$keywords = htmlspecialchars($request['keywords']);
$template['search_terms'] = $template['L_KEYWORDS'] . ': ' . $keywords;
$field = intval($request['search_where']) == 1 ? 'body_text' : 'name';
$query_posts = " lower(" . $field . ") LIKE lower('%" . $keywords . "%') ";
/* If we are searching by poster names */
} else {
if ($to_use == 2) {
$template['search_terms'] = $template['L_USERNAME'] . ': ' . $request['username'];
/* Get the user(s) */
$users = $this->GetUsers($this->dba->Quote($request['username']));
$i = 1;
if ($users instanceof SetError) {
return new Error($users->message, $template);
} else {
/* Loop through the users */
foreach ($users as $user) {
/* Make this section of the query */
$query_users .= $i != $this->user_count ? "poster_name = '" . $user['name'] . "' OR " : "poster_name = '" . $user['name'] . "'";
/* increment the $i variable */
$i++;
}
/* If we are just looking for threads by the user */
if (intval($request['user_where']) == '2') {
$query_users .= " AND row_type = 2 ";
}
}
}
}
$query_forums = '';
/* Loop the forums and make that part of the query */
for ($f = 0; $f < count($forums); $f++) {
/* Make the forums part of the query */
$query_forums .= $f != count($forums) - 1 ? "id = " . $forums[$f] . " OR " : "id = " . $forums[$f];
}
$at_least = '';
//$at_least = intval($request['at_least']) == 0 ? '<=' : '>=';
//$at_least = " AND (right-left-1)/2 $at_least ". intval(@$request['num_posts']) ." ";
/* set the display order */
$order = intval($request['sort']) == 1 ? ' ORDER BY created DESC' : ' ORDER BY created ASC';
/* Set from how long ago the posts will be */
$oldnew = intval($request['posts_oldnew']) == 1 ? '>=' : '<=';
$from = " AND created {$oldnew} '" . intval($request['posts_from']) . "' ";
$template['postlimit'] = 30;
$template['total_posts'] = DBA::Open()->GetValue("SELECT COUNT(*) FROM " . FORUMS . " WHERE {$query_forums}");
$template->search_results = new SearchResultsIterator($query_forums, $query_posts, $query_users, $order, $at_least, $from);
} else {
/* Return an error if they have not put anything to search for */
return new Error($template['L_MUSTDEFINESEARCH'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
if (isset($request['id'])) {
/* Instanciate the forum class */
$forum = new Forum();
$id = intval($request['id']);
$suspend = $session['user']['perms'] & ADMIN ? 1 : 0;
$row = $forum->getForum($id);
/* Simple redirect to index.php */
if ($row['row_left'] == 1) {
exit(header("Location: index.php"));
}
/* Check if the Category or forum exists */
if (!$row) {
return new Error($template['L_FORUMDOESNTEXIST'], $template);
}
/* Create the ancestors list with the results from the get category query */
$template = CreateAncestors($template, $row, $suspend);
/* Are we looking at forums within a category? */
if ($row['row_level'] == 1) {
$template->welcome_msg = array('hide' => TRUE);
$template->content = array('file' => 'forums.html');
$template->categories = new ForumList($id, $suspend);
} else {
if ($row['row_level'] >= 2) {
/* Make sure that the forum isn't a link */
if ($row['is_link'] == 0) {
/* Is this forum password-protected? */
if ($row['private'] == 1 && @$_SESSION['forum_logged'] != $row['id']) {
$template['forum_id'] = $row['id'];
$template->content = array('file' => 'forum_login.html');
} else {
/* Get the user permissions */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
/* If the current user is allowed to read the forums */
if ($user_perms >= $row['can_view']) {
if ($row['subforums'] > 0) {
$template->subforums = new SubForumList($row, FALSE, $suspend);
} else {
$template->sub_forums = array('hide' => TRUE);
}
/* Set the template */
$template->content = array('file' => 'forum.html');
if (isset($request['sort']) && isset($request['order'])) {
$template[$request['sort'] . '_sort'] = $request['order'] == 'ASC' ? ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_up.gif" alt="" border="0" />' : ' <img src="Images/' . $template['imageset'] . '/Icons/arrow_down.gif" alt="" border="0" />';
}
if (!isset($request['order'])) {
$template['order'] = 'DESC';
} else {
$template['order'] = $request['order'] == 'DESC' ? 'ASC' : 'DESC';
}
/* This could return an instance of the SetError class, so we'll check that */
$threads = new ThreadIterator($session);
/* Check if there was an error */
if ($threads instanceof SetError) {
return new Error($threads->message, $template);
} else {
$template->threads = $threads;
}
$template['total_posts'] = $row['threads'];
$template['forum_id'] = $row['id'];
$template['postlimit'] = $row['threadsperpage'];
$template['pag_start'] = isset($request['start']) ? intval(@$request['start']) : 0;
} else {
return new Error($template['L_PERMCANTVIEW'], $template);
}
}
} else {
DBA::Open()->Execute("UPDATE " . FORUMS . " SET referals = referals+1 WHERE id = " . $row['id']);
header("Location: " . $row['link_href']);
}
} else {
return new Error($template['L_ERRORVIEWFORUM'], $template);
}
}
} else {
return new Error($template['L_INVALIDFORUM'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
$dba = DBA::Open();
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_EDITPOST']);
/* Set the user's permissions */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
if ($session['user'] instanceof Member) {
$id = intval(@$request['id']);
if (isset($request['id']) && $id != 0) {
try {
@($post = $dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = {$id}"));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
if (is_array($post) && !empty($post)) {
/* Try and get the forum */
try {
@($f = new Forum());
@($forum = $f->getForum($post['forum_id']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) {
/* Set the post icons and the emoticons */
$template->posticons = DBA::Open()->Query("SELECT * FROM " . POSTICONS);
$template->emoticons = DBA::Open()->Query("SELECT * FROM " . EMOTICONS);
/* Hide the part of this template that has to do with replying */
$template->post_thread = array('hide' => TRUE);
/* Set the template */
$template->content = array('file' => 'newthread.html');
$parser = new BBParser($post['body_text']);
$template['message'] = $parser->Revert($post['body_text']);
$template['posttitle'] = $post['name'];
/* Remove all of the extra features */
$template->poll_options = array('hide' => TRUE);
$template->post_options = array('hide' => TRUE);
$template->can_attach = array('hide' => TRUE);
/* Set the thread action */
$template['a_add_thread'] = new Action('posting.php', 'update_post');
/* Set the post id */
$template['post_id'] = $post['id'];
} else {
return new Error($template['L_PERMSEDITPOST'], $template);
}
} else {
return new Error($template['L_INVALIDPOSTID'], $template);
}
} else {
return new Error($template['L_INVALIDPOSTID'], $template);
}
} else {
return new Error($template['L_NEEDLOGGEDIN'], $template);
}
/* Set the number of queries */
$template['num_queries'] = $session->dba->num_queries;
return TRUE;
}
public function Execute(Template $template, Session $session, $request)
{
/* Create the ancestors bar (if we run into any trouble */
$template = CreateAncestors($template, $template['L_POSTREPLY']);
/* Open a connection to the database */
$this->dba = DBA::Open();
/* Set the a variable to this user's permissions and id */
$user_perms = isset($session['user']['perms']) ? $session['user']['perms'] : ALL;
$user_id = $session['user']['id'];
/* Get our parent forum */
try {
@($post = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE id = " . intval($request['post_id'])));
@($thread = $this->dba->GetRow("SELECT * FROM " . POSTS . " WHERE row_left <= " . $post['row_left'] . " AND row_right >= " . $post['row_right']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
/* Parse the Message */
$request['message'] = BB::Open($request['message'])->Execute();
/* Quote all of the REQUEST variables */
foreach ($request as $key => $val) {
$request[$key] = $this->dba->Quote($val);
}
/* Set the post icon */
if (isset($request['posticon']) && intval($request['posticon']) != 0 && $request['posticon'] != '-1') {
try {
$posticon = $this->dba->GetValue("SELECT image FROM " . POSTICONS . " WHERE id = " . intval($request['posticon']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
} else {
$posticon = 'clear.gif';
}
if (is_array($post) && !empty($post)) {
/* Try and get the forum */
try {
@($f = new Forum());
@($forum = $f->getForum($post['forum_id']));
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
if ($user_perms >= $forum['can_edit'] && ($session['user']['id'] == $post['poster_id'] || $user_perms & ADMIN)) {
try {
@$this->dba->Query("UPDATE " . POSTS . " SET name = '" . $request['title'] . "', body_text = '" . $request['message'] . "', icon = '" . $posticon . "', edited = " . time() . " WHERE id = " . $post['id']);
} catch (DBA_Exception $e) {
return new TplException($e, $template);
}
/* If we've gotten to this point, reload the page to our recently added thread :) */
return new Error($template['L_UPDATEDPOST'] . '<meta http-equiv="refresh" content="1; url=viewthread.php?id=' . $thread['id'] . '">', $template);
} else {
return new Error($template['L_PERMSEDITPOST'], $template);
}
} else {
return new Error($template['L_INVALIDPOSTID'], $template);
}
}
public function Execute(Template $template, Session $session, &$cookie, &$post, &$get)
{
//$forum = new Forum;
if ($session['user'] instanceof Member) {
$template['user_name'] = $session['user']['name'];
}
$template = CreateAncestors($template);
return TRUE;
}
