/** * Add a configuration option into the database, and initialise it with a specified value. * * @param ID_TEXT The language code to the human name of the config option * @param ID_TEXT The codename for the config option * @param ID_TEXT The type of the config option * @set float integer tick line text transline transtext list date forum category usergroup colour * @param SHORT_TEXT The PHP code to execute to get the default value for this option. Be careful not to make a get_option loop. * @param ID_TEXT The language code for the option category to store the option in * @param ID_TEXT The language code for the option group to store the option in * @param BINARY Whether the option is not settable when on a shared ocportal-hosting environment * @param SHORT_TEXT Extra data for the option */ function add_config_option($human_name, $name, $type, $eval, $category, $group, $shared_hosting_restricted = 0, $data = '') { if (!in_array($type, array('float', 'integer', 'tick', 'line', 'text', 'transline', 'transtext', 'list', 'date', '?forum', 'forum', 'category', 'usergroup', 'colour'))) { fatal_exit('Invalid config option type'); } $map = array('c_set' => 0, 'config_value' => '', 'the_name' => $name, 'human_name' => $human_name, 'the_type' => $type, 'eval' => $eval, 'the_page' => $category, 'section' => $group, 'explanation' => 'CONFIG_OPTION_' . $name, 'shared_hosting_restricted' => $shared_hosting_restricted, 'c_data' => $data); if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 0) { $GLOBALS['SITE_DB']->query_insert('config', $map, false, true); // Allow failure in case the config option got auto-installed through searching (can happen if the option is referenced efore the module installs right) } else { $GLOBALS['SITE_DB']->query_insert('config', $map); // From installer we want to know if there are errors in our install cycle } if (function_exists('persistant_cache_delete')) { persistant_cache_delete('OPTIONS'); } global $OPTIONS; if ($OPTIONS == array()) { load_options(); } else { $OPTIONS[$name] = $map; if (multi_lang()) { unset($OPTIONS[$name]['config_value_translated']); } } }
/** * Give an award. * * @param AUTO_LINK The award ID * @param ID_TEXT The content ID * @param ?TIME Time the award was given (NULL: now) */ function give_award($award_id, $content_id, $time = NULL) { require_lang('awards'); if (is_null($time)) { $time = time(); } $awards = $GLOBALS['SITE_DB']->query_select('award_types', array('*'), array('id' => $award_id), '', 1); if (!array_key_exists(0, $awards)) { warn_exit(do_lang_tempcode('MISSING_RESOURCE')); } $award_title = get_translated_text($awards[0]['a_title']); log_it('GIVE_AWARD', strval($award_id), $award_title); require_code('hooks/systems/awards/' . filter_naughty_harsh($awards[0]['a_content_type'])); $object = object_factory('Hook_awards_' . $awards[0]['a_content_type']); $info = $object->info(); if (is_null($info)) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } if (array_key_exists('submitter_field', $info) && $awards[0]['a_content_type'] != 'author' && !is_null($info['submitter_field'])) { require_code('content'); list($content_title, $member_id, , $content) = content_get_details($awards[0]['a_content_type'], $content_id); if (is_null($content)) { warn_exit(do_lang_tempcode('_MISSING_RESOURCE', escape_html($awards[0]['a_content_type'] . ':' . $content_id))); } // Lots of fiddling around to work out how to check permissions for this $permission_type_code = convert_ocportal_type_codes('award_hook', $awards[0]['a_content_type'], 'permissions_type_code'); $module = convert_ocportal_type_codes('module', $awards[0]['a_content_type'], 'permissions_type_code'); if ($module == '') { $module = $content_id; } $category_id = mixed(); if (isset($info['category_field'])) { if (is_array($info['category_field'])) { $category_id = $content[$info['category_field'][1]]; } else { $category_id = $content[$info['category_field']]; } } if (has_actual_page_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), 'awards') && has_actual_page_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), $module) && ($permission_type_code == '' || is_null($category_id) || has_category_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), $permission_type_code, is_integer($category_id) ? strval($category_id) : $category_id))) { syndicate_described_activity(is_null($member_id) || is_guest($member_id) ? 'awards:_ACTIVITY_GIVE_AWARD' : 'awards:ACTIVITY_GIVE_AWARD', $award_title, $content_title, '', '_SEARCH:awards:award:' . strval($award_id), '', '', 'awards', 1, NULL, false, $member_id); } } else { $member_id = NULL; } if (is_null($member_id)) { $member_id = $GLOBALS['FORUM_DRIVER']->get_guest_id(); } if (!is_guest($member_id) && addon_installed('points')) { require_code('points2'); system_gift_transfer(do_lang('_AWARD', get_translated_text($awards[0]['a_title'])), $awards[0]['a_points'], $member_id); } $GLOBALS['SITE_DB']->query_insert('award_archive', array('a_type_id' => $award_id, 'member_id' => $member_id, 'content_id' => $content_id, 'date_and_time' => $time)); decache('main_awards'); decache('main_multi_content'); }
/** * An option has dissappeared somehow - find it via searching our code-base for it's install code. It doesn't get returned, just loaded up. This function will produce a fatal error if we cannot find it. * * @param ID_TEXT The name of the value */ function find_lost_option($name) { global $OPTIONS; // In the dark dark past, we'd bomb out... if (function_exists('find_all_zones') && !defined('HIPHOP_PHP')) { // However times are pleasant, the grass is green, the sun high is the summer sky. Let's perform some voodoo magic... $all_zones = find_all_zones(); $search = array(); $types = array('modules_custom', 'modules'); foreach ($all_zones as $zone) { foreach ($types as $type) { $pages = find_all_pages($zone, $type); foreach ($pages as $page => $type2) { $search[] = zone_black_magic_filterer(get_file_base() . '/' . $zone . ($zone != '' ? '/' : '') . 'pages/' . $type2 . '/' . $page . '.php'); } } } require_code('zones2'); require_code('zones3'); $all_blocks = find_all_blocks(); foreach ($all_blocks as $block => $type) { $search[] = get_file_base() . '/' . $type . '/blocks/' . $block . '.php'; } if (file_exists(get_file_base() . '/sources_custom/ocf_install.php')) { $search[] = get_file_base() . '/sources_custom/ocf_install.php'; } $search[] = get_file_base() . '/sources/ocf_install.php'; $matches = array(); foreach ($search as $s) { // echo $s.'<br />'; $code = file_get_contents($s); if (preg_match('#add_config_option\\(\'\\w+\',\'' . str_replace('#', '\\#', preg_quote($name)) . '\',\'\\w+\',\'.+\',\'\\w+\',\'\\w+\'(,1)?\\);#', $code, $matches) > 0) { require_code('database_action'); $upgrade_from = NULL; // In case referenced in add_config_option line eval($matches[0]); load_options(); break; // fatal_exit(do_ lang_tempcode('CONFIG_OPTION_FETCHED',escape_html($name))); CONFIG_OPTION_FETCHED=A config option ({1}) was missing, but has been hunted down and installed. This is an unexpected inconsistency, please refresh the page, and hopefully it has been permanently corrected. } } } if (!array_key_exists($name, $OPTIONS)) { fatal_exit(do_lang_tempcode('_MISSING_OPTION', escape_html($name))); } }
/** * Put a member into a usergroup temporarily / extend such a temporary usergroup membership. Note that if people are subsequently removed from the usergroup they won't be put back in; this allows the admin to essentially cancel the subscription - however, if it is then extended, they do keep the time they had before too. * * @param MEMBER The member going in the usergroup. * @param GROUP The usergroup. * @param integer The number of minutes (may be negative to take time away). * @param boolean Whether to put the member into as a primary group if this is a new temporary membership (it is recommended to NOT use this, since we don't track the source group and hence on expiry the member is put back to the first default group - but also generally you probably don't want to box yourself in with moving people's primary group, it ties your future flexibility down a lot). */ function bump_member_group_timeout($member_id, $group_id, $num_minutes, $prefer_for_primary_group = false) { // We don't want guests here! if (is_guest($member_id)) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } require_code('ocf_groups_action'); require_code('ocf_groups_action2'); require_code('ocf_members'); // Add to group if not already there $test = in_array($group_id, $GLOBALS['FORUM_DRIVER']->get_members_groups($member_id)); if (!$test) { // Add them to the group if (get_value('unofficial_ecommerce') == '1' && get_forum_type() != 'ocf') { $GLOBALS['FORUM_DB']->add_member_to_group($member_id, $group_id); } else { if ($prefer_for_primary_group) { $GLOBALS[get_forum_type() == 'ocf' ? 'FORUM_DB' : 'SITE_DB']->query_update('f_members', array('m_primary_group' => $group_id), array('id' => $member_id), '', 1); $GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED = array(); } else { ocf_add_member_to_group($member_id, $group_id); } } } // Extend or add, depending on whether they're in it yet $existing_timeout = $GLOBALS[get_forum_type() == 'ocf' ? 'FORUM_DB' : 'SITE_DB']->query_value_null_ok('f_group_member_timeouts', 'timeout', array('member_id' => $member_id, 'group_id' => $group_id)); if (is_null($existing_timeout)) { // Add $GLOBALS[get_forum_type() == 'ocf' ? 'FORUM_DB' : 'SITE_DB']->query_insert('f_group_member_timeouts', array('member_id' => $member_id, 'group_id' => $group_id, 'timeout' => time() + 60 * $num_minutes)); } else { // Extend $GLOBALS[get_forum_type() == 'ocf' ? 'FORUM_DB' : 'SITE_DB']->query_update('f_group_member_timeouts', array('timeout' => $existing_timeout + 60 * $num_minutes), array('member_id' => $member_id, 'group_id' => $group_id), '', 1); } global $USERS_GROUPS_CACHE, $GROUP_MEMBERS_CACHE; $USERS_GROUPS_CACHE = array(); $GROUP_MEMBERS_CACHE = array(); }
/** * This function is a very basic query executor. It shouldn't usually be used by you, as there are abstracted versions available. * * @param string The complete SQL query * @param array A DB connection * @param ?integer The maximum number of rows to affect (NULL: no limit) * @param ?integer The start row to affect (NULL: no specification) * @param boolean Whether to output an error on failure * @param boolean Whether to get the autoincrement ID created for an insert query * @return ?mixed The results (NULL: no results), or the insert ID */ function db_query($query, $db, $max = NULL, $start = NULL, $fail_ok = false, $get_insert_id = false) { if (!is_null($max)) { if (is_null($start)) { $max += $start; } if (strtoupper(substr($query, 0, 7)) == 'SELECT ') { $query .= ' FETCH FIRST ' . strval($max + $start) . ' ROWS ONLY'; } } $results = @odbc_exec($db, $query); if ($results === false && !$fail_ok) { $err = odbc_errormsg($db); if (function_exists('ocp_mark_as_escaped')) { ocp_mark_as_escaped($err); } if (!running_script('upgrader') && get_page_name() != 'admin_import') { if (!function_exists('do_lang') || is_null(do_lang('QUERY_FAILED', NULL, NULL, NULL, NULL, false))) { fatal_exit(htmlentities('Query failed: ' . $query . ' : ' . $err)); } fatal_exit(do_lang_tempcode('QUERY_FAILED', escape_html($query), $err)); } else { echo htmlentities('Database query failed: ' . $query . ' [') . $err . htmlentities(']' . '<br />' . chr(10)); return NULL; } } if (strtoupper(substr($query, 0, 7)) == 'SELECT ' && !$results !== false) { return $this->db_get_query_rows($results); } if ($get_insert_id) { if (strtoupper(substr($query, 0, 7)) == 'UPDATE ') { return NULL; } $pos = strpos($query, '('); $table_name = substr($query, 12, $pos - 13); $res2 = odbc_exec($db, 'SELECT MAX(id) FROM ' . $table_name); $ar2 = odbc_fetch_row($res2); return $ar2[0]; } return NULL; }
/** * Get a tempcoded version of a normal XHTML template. It is perhaps the most common ocPortal function to load up templates using do_template, and then attach them together either as parameters to each other, or via the tempcode attach method. * * @param ID_TEXT The codename of the template being loaded * @param ?array A map of parameters for the template (key to value) (NULL: no parameters) * @param ?LANGUAGE_NAME The language to load the template in (templates can embed language references) (NULL: users own language) * @param boolean Whether to not produce a stack dump if the template is missing * @param ?ID_TEXT Alternate template to use if the primary one does not exist (NULL: none) * @param string File type suffix of template file (e.g. .tpl) * @param string Subdirectory type to look in * @set templates css * @param ID_TEXT Theme to use * @return tempcode The tempcode for this template */ function do_template($codename, $parameters = NULL, $lang = NULL, $light_error = false, $fallback = NULL, $suffix = '.tpl', $type = 'templates', $theme = NULL) { if (is_null($lang) || $lang == '') { global $USER_LANG_CACHED; $lang = isset($USER_LANG_CACHED) ? $USER_LANG_CACHED : (function_exists('user_lang') ? user_lang() : 'EN'); } if ($GLOBALS['SEMI_DEBUG_MODE']) { if ($codename != 'tempcode_test' && $codename != 'handle_conflict_resolution' && strtoupper($codename) != strtoupper($codename)) { fatal_exit('Template names should be in upper case, and the files should be stored in upper case.'); } if (substr($codename, -7) == '_SCREEN' || $codename == 'POOR_XHTML_WRAPPER' || $codename == 'OCF_WRAPPER') { $GLOBALS['SCREEN_TEMPLATE_CALLED'] = $codename; } } if (is_null($parameters)) { $parameters = array(); } global $RECORD_TEMPLATES_USED, $FILE_ARRAY, $MEM_CACHE, $CACHE_TEMPLATES, $KEEP_MARKERS, $SHOW_EDIT_LINKS, $XHTML_SPIT_OUT, $TEMPLATE_CACHE, $MOBILE, $FORUM_DRIVER; $special_treatment = ($KEEP_MARKERS || $SHOW_EDIT_LINKS) && is_null($XHTML_SPIT_OUT); // Is it already loaded? if ($RECORD_TEMPLATES_USED) { global $RECORDED_TEMPLATES_USED; $RECORDED_TEMPLATES_USED[] = $codename; } // Variables we'll need if (!isset($theme)) { $theme = isset($FORUM_DRIVER) && is_object($FORUM_DRIVER) && method_exists($FORUM_DRIVER, 'get_theme') ? filter_naughty($FORUM_DRIVER->get_theme()) : 'default'; } $_codename = $MOBILE ? $codename . '_mobile' : $codename; if (isset($TEMPLATE_CACHE[$theme][$codename][$lang])) { $_data = $TEMPLATE_CACHE[$theme][$codename][$lang]->bind($parameters, $codename); // Copy and pasted to remove need for an function call if ($special_treatment) { if ($KEEP_MARKERS) { $__data = make_string_tempcode('<!-- START-TEMPLATE=' . $codename . ' -->'); $__data->attach($_data); $__data->attach('<!-- END-TEMPLATE=' . $codename . ' -->'); $_data = $__data; } if ($SHOW_EDIT_LINKS) { $edit_url = build_url(array('page' => 'admin_themes', 'theme' => $FORUM_DRIVER->get_theme(), 'template' => $codename), 'adminzone'); $_data->attach('<br /><a href="' . escape_html($edit_url->evaluate()) . '">' . do_lang('EDIT') . ' ' . $codename . '</a>'); } } return $_data; } // Is it structurally cached on disk yet? $data = mixed(); if ($CACHE_TEMPLATES) { if (!is_null($MEM_CACHE)) { $data = persistant_cache_get(array('TEMPLATE', $theme, $lang, $_codename)); if (!is_null($data)) { $_data = new ocp_tempcode(); $_data->from_assembly($data); if ($_data->bits == array()) { $data = false; } // Corrupt somehow } else { $data = false; } } elseif (is_null($data)) { $_data = new ocp_tempcode(); $tcp_path = get_custom_file_base() . '/themes/' . $theme . '/templates_cached/' . $lang . '/' . $_codename . $suffix . '.tcd'; $data = @file_get_contents($tcp_path, FILE_BINARY); if ($data === '') { $data = false; } // '' needed for PHP4 - weird if ($data !== false) { $_data->from_assembly($data); if ($_data->bits == array()) { $data = false; } // Corrupt somehow } } } else { $data = false; } if ($data === false) { if (!isset($FILE_ARRAY)) { $_data = NULL; $prefix_default = get_file_base() . '/themes/'; $prefix = $theme == 'default' ? $prefix_default : get_custom_file_base() . '/themes/'; if (file_exists($prefix . $theme . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix . $theme . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (!is_null($GLOBALS['CURRENT_SHARE_USER']) && $theme != 'default' && file_exists($prefix_default . $theme . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (!is_null($GLOBALS['CURRENT_SHARE_USER']) && $theme != 'default' && file_exists($prefix_default . $theme . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '_custom/' . $_codename . $suffix)) { $_data = _do_template('default', '/' . $type . '_custom/', $_codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '/' . $_codename . $suffix)) { $_data = _do_template('default', '/' . $type . '/', $_codename, $_codename, $lang, $suffix, $theme); } elseif ($codename != $_codename) { if (file_exists($prefix . $theme . '/' . $type . '_custom/' . $codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '_custom/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix . $theme . '/' . $type . '/' . $codename . $suffix)) { $_data = _do_template($theme, '/' . $type . '/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '_custom/' . $codename . $suffix)) { $_data = _do_template('default', '/' . $type . '_custom/', $codename, $_codename, $lang, $suffix, $theme); } elseif (file_exists($prefix_default . 'default' . '/' . $type . '/' . $codename . $suffix)) { $_data = _do_template('default', '/' . $type . '/', $codename, $_codename, $lang, $suffix, $theme); } } if (is_null($_data)) { if (is_null($fallback)) { if ($light_error) { return paragraph(do_lang_tempcode('MISSING_TEMPLATE_FILE', escape_html($codename))); } fatal_exit(do_lang_tempcode('MISSING_TEMPLATE_FILE', escape_html($codename))); } else { $result = do_template($fallback, $parameters, $lang); $TEMPLATE_CACHE[$theme][$codename][$lang] = $TEMPLATE_CACHE[$fallback][$lang]; return $result; } } } else { $_data = _do_template('default', '/' . $type . '/', $codename, $codename, $lang, $suffix, $theme); } } $TEMPLATE_CACHE[$theme][$codename][$lang] = $_data; $ret = $_data->bind($parameters, $codename); if ($special_treatment) { if ($KEEP_MARKERS) { $__data = new ocp_tempcode(); $__data->attach('<!-- START-TEMPLATE=' . $codename . ' -->'); $__data->attach($ret); $__data->attach('<!-- END-TEMPLATE=' . $codename . ' -->'); $ret = $__data; } if ($SHOW_EDIT_LINKS && $codename != 'PARAM_INFO') { $param_info = do_template('PARAM_INFO', array('MAP' => $parameters)); $edit_url = build_url(array('page' => 'admin_themes', 'theme' => $FORUM_DRIVER->get_theme(), 'template' => $codename), 'adminzone'); $SHOW_EDIT_LINKS = false; $ret = do_template('TEMPLATE_EDIT_LINK', array('_GUID' => '511ae911d31a5b237a4371ff22fc78fd', 'PARAM_INFO' => $param_info, 'CONTENTS' => $ret, 'CODENAME' => $codename, 'EDIT_URL' => $edit_url)); $SHOW_EDIT_LINKS = true; } } return $ret; }
/** * Load up a language file, compiling it (it's not cached yet). * * @param ID_TEXT The language file name * @param ?LANGUAGE_NAME The language (NULL: uses the current language) * @param ?string The language type (lang_custom, or custom) (NULL: normal priorities are used) * @set lang_custom custom * @param PATH Where we are cacheing too * @param boolean Whether to just return if there was a loading error * @return boolean Whether we FAILED to load */ function require_lang_compile($codename, $lang, $type, $cache_path, $ignore_errors = false) { global $LANGUAGE, $REQUIRE_LANG_LOOP, $LANG_LOADED_LANG; $desire_cache = function_exists('get_option') && (get_option('is_on_lang_cache', true) == '1' || get_param_integer('keep_cache', 0) == 1 || get_param_integer('cache', 0) == 1) && get_param_integer('keep_cache', NULL) !== 0 && get_param_integer('cache', NULL) !== 0; if ($desire_cache) { if ($GLOBALS['IN_MINIKERNEL_VERSION'] == 0) { global $DECACHED_COMCODE_LANG_STRINGS; // Cleanup language strings if (!$DECACHED_COMCODE_LANG_STRINGS) { $DECACHED_COMCODE_LANG_STRINGS = true; $comcode_lang_strings = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages', array('string_index'), array('the_zone' => '!'), '', NULL, NULL, true); if (!is_null($comcode_lang_strings)) { $GLOBALS['SITE_DB']->query_delete('cached_comcode_pages', array('the_zone' => '!')); foreach ($comcode_lang_strings as $comcode_lang_string) { delete_lang($comcode_lang_string['string_index']); } } } } $load_target = array(); } else { $load_target =& $LANGUAGE[$lang]; } global $FILE_ARRAY; if (@is_array($FILE_ARRAY) && file_array_exists('lang/' . $lang . '/' . $codename . '.ini')) { $lang_file = 'lang/' . $lang . '/' . $codename . '.ini'; $file = file_array_get($lang_file); _get_lang_file_map($file, $load_target, NULL, true); $bad = true; } else { $bad = true; $dirty = false; // Load originals $lang_file = get_file_base() . '/lang/' . $lang . '/' . filter_naughty($codename) . '.ini'; if (file_exists($lang_file)) { _get_lang_file_map($lang_file, $load_target, NULL, false); $bad = false; } // Load overrides now if they are there if ($type != 'lang') { $lang_file = get_custom_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.ini'; if (!file_exists($lang_file) && get_file_base() != get_custom_file_base()) { $lang_file = get_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.ini'; } if (!file_exists($lang_file)) { $lang_file = get_custom_file_base() . '/lang_custom/' . $lang . '/' . $codename . '.po'; if (!file_exists($lang_file)) { $lang_file = get_file_base() . '/lang_custom/' . $lang . '/' . $codename . '-' . strtolower($lang) . '.po'; } } } if ($type != 'lang' && file_exists($lang_file)) { _get_lang_file_map($lang_file, $load_target, NULL, false); $bad = false; $dirty = true; // Tainted from the official pack, so can't store server wide } // NB: Merge op doesn't happen in require_lang. It happens when do_lang fails and then decides it has to force a recursion to do_lang(xx,fallback_lang()) which triggers require_lang(xx,fallback_lang()) when it sees it's not loaded if ($bad && $lang != fallback_lang()) { require_lang($codename, fallback_lang(), $type, $ignore_errors); $REQUIRE_LANG_LOOP--; $fallback_cache_path = get_custom_file_base() . '/lang_cached/' . fallback_lang() . '/' . $codename . '.lcd'; if (file_exists($fallback_cache_path)) { require_code('files'); @copy($fallback_cache_path, $cache_path); fix_permissions($cache_path); } if (!array_key_exists($lang, $LANG_LOADED_LANG)) { $LANG_LOADED_LANG[$lang] = array(); } $LANG_LOADED_LANG[$lang][$codename] = 1; return $bad; } if ($bad) { if ($ignore_errors) { return true; } if ($codename != 'critical_error' || $lang != get_site_default_lang()) { fatal_exit(do_lang_tempcode('MISSING_LANG_FILE', escape_html($codename), escape_html($lang))); } else { critical_error('CRIT_LANG'); } } } if (is_null($GLOBALS['MEM_CACHE'])) { // Cache if ($desire_cache) { $file = @fopen($cache_path, 'wt'); // Will fail if cache dir missing .. e.g. in quick installer if ($file) { if (fwrite($file, serialize($load_target)) > 0) { // Success fclose($file); require_code('files'); fix_permissions($cache_path); } else { // Failure fclose($file); @unlink($cache_path); } } } } else { persistant_cache_set(array('LANG', $lang, $codename), $load_target, !$dirty); } if ($desire_cache) { $LANGUAGE[$lang] += $load_target; } return $bad; }
/** * Perform a transaction. * * @param ?ID_TEXT The transaction ID (NULL: generate one) * @param SHORT_TEXT Cardholder name * @param SHORT_TEXT Card number * @param SHORT_TEXT Transaction amount * @param SHORT_TEXT Card Expiry date * @param integer Card Issue number * @param SHORT_TEXT Card Start date * @param SHORT_TEXT Card Type * @set "Visa" "Master Card" "Switch" "UK Maestro" "Maestro" "Solo" "Delta" "American Express" "Diners Card" "JCB" * @param SHORT_TEXT Card CV2 number (security number) * @param ?integer The subscription length in the units. (NULL: not a subscription) * @param ?ID_TEXT The length units. (NULL: not a subscription) * @set d w m y * @return array A tuple: success (boolean), trans-id (string), message (string), raw message (string) */ function do_transaction($trans_id, $name, $card_number, $amount, $expiry_date, $issue_number, $start_date, $card_type, $cv2, $length = NULL, $length_units = NULL) { if (is_null($trans_id)) { $trans_id = $this->generate_trans_id(); } $username = $this->_get_username(); $password_2 = get_option('vpn_password'); $digest = md5($trans_id . strval($amount) . get_option('ipn_password')); $options = 'currency=' . get_option('currency') . ',card_type=' . str_replace(',', '', $card_type) . ',digest=' . $digest . ',cv2=' . strval(intval($cv2)); if (ecommerce_test_mode()) { $options .= ',test_status=true'; } if (!is_null($length)) { list($length_units_2, $first_repeat) = $this->_translate_subscription_details($length, $length_units); $options .= ',repeat=' . $first_repeat . '/' . $length_units_2 . '/0/' . $amount; } require_lang('ecommerce'); require_code('xmlrpc'); $result = xml_rpc('https://www.secpay.com:443/secxmlrpc/make_call', 'SECVPN.validateCardFull', array($username, $password_2, $trans_id, get_ip_address(), $name, $card_number, $amount, $expiry_date, $issue_number, $start_date, '', '', '', $options)); $pos_1 = strpos($result, '<value>'); if ($pos_1 === false) { fatal_exit(do_lang('INTERNAL_ERROR')); } $pos_2 = strpos($result, '</value>'); $value = @html_entity_decode(trim(substr($result, $pos_1 + 7, $pos_2 - $pos_1 - 7)), ENT_QUOTES, get_charset()); if (substr($value, 0, 1) == '?') { $value = substr($value, 1); } $_map = explode('&', $value); $map = array(); foreach ($_map as $x) { $explode = explode('=', $x); if (count($explode) == 2) { $map[$explode[0]] = $explode[1]; } } $success = array_key_exists('code', $map) && ($map['code'] == 'A' || $map['code'] == 'P:P'); $message_raw = array_key_exists('message', $map) ? $map['message'] : ''; $message = $success ? do_lang('ACCEPTED_MESSAGE', $message_raw) : do_lang('DECLINED_MESSAGE', $message_raw); $purchase_id = post_param_integer('customfld1', '-1'); if (addon_installed('shopping')) { $this->store_shipping_address($purchase_id); } return array($success, $trans_id, $message, $message_raw); }
/** * Augment an array of CSS colours with colours that are derived actually inside the CSS-sheets. * * @param array Map of colours. * @param ID_TEXT The theme it's being generated from * @return array A pair: extended map of colours, colour expression landscape */ function calculate_dynamic_css_colours($colours, $source_theme) { $theme = filter_naughty($source_theme); $css_dir = $theme == 'default' ? 'css' : 'css_custom'; $dh = opendir(get_file_base() . '/themes/' . $theme . '/' . $css_dir . '/'); require_lang('themes'); // First we build up our landscape $landscape = array(); while (($sheet = readdir($dh)) !== false) { if (substr($sheet, -4) == '.css') { $path = get_file_base() . '/themes/' . $theme . '/' . $css_dir . '/' . $sheet; $contents = unixify_line_format(file_get_contents($path, FILE_TEXT)); $matches = array(); $num_matches = preg_match_all('#/\\* *\\{\\$,([^,\\n\\r\\$\']*),([^}{\\n\\r\\$\']*)\\}#', $contents, $matches); for ($i = 0; $i < $num_matches; $i++) { $parsed = parse_css_colour_expression($matches[2][$i]); if (!is_null($parsed)) { // Colour name Parsed expression Full match string Final colour $landscape[] = array($matches[1][$i], $parsed, substr($matches[0][$i], 6, strlen($matches[0][$i]) - 7), NULL); } } } } // Then we resolve our expressions $resolved_landscaped = array(); $safety_count = 0; while (count($landscape) != 0) { foreach ($landscape as $i => $peak) { $peak[3] = execute_css_colour_expression($peak[1], $colours); if (!is_null($peak[3])) { $resolved_landscaped[] = $peak; unset($landscape[$i]); // Then we add to the colours array if ($peak[0] != 'wizard') { $colours[$peak[0]] = $peak[3]; } } } $safety_count++; if ($safety_count == 100) { $_landscape = ''; foreach ($landscape as $x) { if ($_landscape != '') { $_landscape .= '; '; } $_landscape .= $x[2]; } fatal_exit(do_lang_tempcode('UNRESOLVABLE_COLOURS', escape_html($_landscape))); } } return array($colours, $resolved_landscaped); }
/** * Get a UI element of a route from a known Comcode page back to the declared root of the tree. * * @param ID_TEXT The Comcode page name * @param ID_TEXT The Comcode page zone * @param ID_TEXT The virtual root * @param boolean Whether not to put a link at this point in the navigation tree (usually, because the viewer is already at it) * @param integer The number of jumps we have gone through so far (cuts out after 10 as a failsafe) * @return tempcode The navigation element */ function comcode_breadcrumbs($the_page, $the_zone, $root = '', $no_link_for_me_sir = true, $jumps = 0) { if ($jumps == 10) { return new ocp_tempcode(); } $map = array('page' => $the_page); if ($jumps == 0) { $map['root'] = $the_page; } elseif ($root != '') { $map['root'] = $root; } $url = build_url($map, $the_zone); if ($the_page == '') { return new ocp_tempcode(); } if ($the_page == $root) { if ($no_link_for_me_sir) { return new ocp_tempcode(); } $_title = $GLOBALS['SITE_DB']->query_value_null_ok('cached_comcode_pages', 'cc_page_title', array('the_page' => $the_page, 'the_zone' => $the_zone)); $title = NULL; if ($_title !== NULL) { $title = get_translated_text($_title, NULL, NULL, true); } if ($_title === NULL) { $title = escape_html($the_page); } return hyperlink($url, $title, false, false, do_lang_tempcode('GO_BACKWARDS_TO', @html_entity_decode(strip_tags($title), ENT_QUOTES, get_charset())), NULL, NULL, 'up'); } global $PT_PAIR_CACHE_CP; if (!array_key_exists($the_page, $PT_PAIR_CACHE_CP)) { $page_rows = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages a JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'comcode_pages b ON (a.the_page=b.the_page AND a.the_zone=b.the_zone)', array('cc_page_title', 'p_parent_page', 'string_index'), array('a.the_page' => $the_page, 'a.the_zone' => $the_zone), '', 1, NULL, false, array('string_index', 'cc_page_title')); if (!array_key_exists(0, $page_rows)) { request_page($the_page, false, $the_zone, NULL, true); // It's not cached, force the issue and then try again... $page_rows = $GLOBALS['SITE_DB']->query_select('cached_comcode_pages a JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'comcode_pages b ON (a.the_page=b.the_page AND a.the_zone=b.the_zone)', array('cc_page_title', 'p_parent_page', 'string_index'), array('a.the_page' => $the_page, 'a.the_zone' => $the_zone), '', 1, NULL, false, array('string_index', 'cc_page_title')); if (!array_key_exists(0, $page_rows)) { $_title = $the_page; $PT_PAIR_CACHE_CP[$the_page] = array(); $PT_PAIR_CACHE_CP[$the_page]['cc_page_title'] = escape_html($_title); $PT_PAIR_CACHE_CP[$the_page]['p_parent_page'] = NULL; } } if (array_key_exists(0, $page_rows)) { $PT_PAIR_CACHE_CP[$the_page] = $page_rows[0]; $_title = get_translated_text($PT_PAIR_CACHE_CP[$the_page]['cc_page_title'], NULL, NULL, true); if ($_title === NULL) { $_title = $the_page; } $PT_PAIR_CACHE_CP[$the_page]['cc_page_title'] = $_title; } } $title = $PT_PAIR_CACHE_CP[$the_page]['cc_page_title']; if ($title === NULL) { $title = $the_page; } if (!$no_link_for_me_sir) { $tpl_url = $PT_PAIR_CACHE_CP[$the_page]['p_parent_page'] == '' ? new ocp_tempcode() : do_template('BREADCRUMB_ESCAPED'); $_title = is_object($title) ? $title->evaluate() : $title; $tooltip = $jumps == 0 ? do_lang_tempcode('VIRTUAL_ROOT') : do_lang_tempcode('GO_BACKWARDS_TO', @html_entity_decode(strip_tags($_title), ENT_QUOTES, get_charset())); $title = symbol_truncator(array($_title, BREADCRUMB_CROP_LENGTH, '1', '1'), 'spread', $tooltip); $tpl_url->attach(hyperlink($url, $title, false, false, strlen($_title) > BREADCRUMB_CROP_LENGTH ? new ocp_tempcode() : $tooltip, NULL, NULL, 'up')); } else { $tpl_url = new ocp_tempcode(); if ($jumps == 0) { $tpl_url = $PT_PAIR_CACHE_CP[$the_page]['p_parent_page'] == '' ? new ocp_tempcode() : do_template('BREADCRUMB_ESCAPED'); $_title = is_object($title) ? $title->evaluate() : $title; if ($_title != '') { $tpl_url->attach('<span>' . $_title . '</span>'); } } } if ($PT_PAIR_CACHE_CP[$the_page]['p_parent_page'] == $the_page) { fatal_exit(do_lang_tempcode('RECURSIVE_TREE_CHAIN', escape_html($the_page))); } $below = comcode_breadcrumbs($PT_PAIR_CACHE_CP[$the_page]['p_parent_page'], $the_zone, $root, false, $jumps + 1); $below->attach($tpl_url); return $below; }
/** * OcCLE entry script. */ function occle_script() { $cli = php_sapi_name() == 'cli' && empty($_SERVER['REMOTE_ADDR']); // Closed site if (!$cli) { $site_closed = get_option('site_closed'); if ($site_closed == '1' && !has_specific_permission(get_member(), 'access_closed_site') && !$GLOBALS['IS_ACTUALLY_ADMIN']) { header('Content-Type: text/plain'); @exit(get_option('closed')); } if (get_file_base() != get_custom_file_base()) { warn_exit(do_lang_tempcode('SHARED_INSTALL_PROHIBIT')); } if (!has_actual_page_access(get_member(), 'admin_occle')) { fatal_exit(do_lang_tempcode('ACCESS_DENIED__PAGE_ACCESS', escape_html($GLOBALS['FORUM_DRIVER']->get_username(get_member())))); } } // Check the action convert_data_encodings(true); $action = get_param('action', 'occle'); if ($action == 'message') { // We're receiving an OcCLEchat message $url = get_param('base_url') . '/data/occle.php?action=confirm&message=' . urlencode(get_param('message')); $return = http_download_file($url, NULL, false); if ($return == '1') { if (ocp_srv('HTTP_USER_AGENT') == 'ocPortal') { $GLOBALS['SITE_DB']->query_insert('occlechat', array('c_message' => get_param('message'), 'c_url' => get_param('base_url'), 'c_incoming' => 1, 'c_timestamp' => time())); echo '1'; } else { echo '0'; } } else { echo '0'; } } elseif ($action == 'confirm') { // We're confirming a received message if (ocp_srv('HTTP_USER_AGENT') == 'ocPortal') { $results = $GLOBALS['SITE_DB']->query_value_null_ok('occlechat', 'COUNT(*)', array('c_message' => get_param('message'), 'c_incoming' => false)); if (!is_null($results)) { echo '1'; } else { echo '0'; } } else { echo '0'; } } else { // Executing a command from the command-line $command = post_param('command', $cli ? NULL : false); if (is_null($command)) { require_code('comcode_from_html'); require_code('mail'); $stdin = @fopen('php://stdin', 'rt'); $stderr = @fopen('php://stderr', 'wt'); $stdout = @fopen('php://stdout', 'wt'); while (true) { fwrite($stdout, "\n> "); $command = fgets($stdin, 102400); if (trim($command) == 'exit') { break; } $temp = new virtual_bash(trim($command)); if (trim($temp->output[STREAM_STDHTML]) != '') { fwrite($stdout, trim(comcode_to_clean_text(semihtml_to_comcode(preg_replace('#<(\\w+) [^<>]*>#', '<${1}>', $temp->output[STREAM_STDHTML]))))); } if (trim($temp->output[STREAM_STDOUT]) != '') { fwrite($stdout, trim($temp->output[STREAM_STDOUT])); } if (trim($temp->output[STREAM_STDERR]) != '') { fwrite($stderr, trim($temp->output[STREAM_STDERR])); } } fclose($stdin); fclose($stderr); fclose($stdout); } else { $temp = new virtual_bash(trim($command)); $temp->output_xml(); } if (get_option('occle_chat_announce') == '1') { http_download_file('http://ocportal.com/data_custom/occle.php?title=' . urlencode(get_site_name()) . '&url=' . urlencode(get_custom_base_url()), NULL, false, true); } } }
/** * Show a banner according to GET parameter specification. * * @param boolean Whether to return a result rather than outputting * @param ?string Whether we are displaying or click-processing (NULL: get from URL param) * @set "click" "" * @param ?string Specific banner to display (NULL: get from URL param) (blank: randomise) * @param ?string Banner type to display (NULL: get from URL param) * @param ?integer Whether we are only showing our own banners, rather than allowing external rotation ones (NULL: get from URL param) * @param ?string The banner advertisor who is actively displaying the banner (calling up this function) and hence is rewarded (NULL: get from URL param) (blank: our own site) * @return ?tempcode Result (NULL: we weren't asked to return the result) */ function banners_script($ret = false, $type = NULL, $dest = NULL, $b_type = NULL, $internal_only = NULL, $source = NULL) { require_code('images'); require_lang('banners'); // If this is being called for a click through if (is_null($type)) { $type = get_param('type', ''); } if ($type == 'click') { // Input parameters if (is_null($source)) { $source = get_param('source', ''); } if (is_null($dest)) { $dest = get_param('dest', ''); } // Has the banner been clicked before? $test = $GLOBALS['SITE_DB']->query_value('banner_clicks', 'MAX(c_date_and_time)', array('c_ip_address' => get_ip_address(), 'c_banner_id' => $dest)); $unique = is_null($test) || $test < time() - 60 * 60 * 24; // Find the information about the dest $rows = $GLOBALS['SITE_DB']->query_select('banners', array('site_url', 'hits_to', 'campaign_remaining'), array('name' => $dest)); if (!array_key_exists(0, $rows)) { fatal_exit(do_lang_tempcode('MISSING_RESOURCE')); } $myrow = $rows[0]; $url = $myrow['site_url']; $page_link = url_to_pagelink($url); if ($page_link != '') { $keep = symbol_tempcode('KEEP', array(strpos($url, '?') === false ? '1' : '0')); $url .= $keep->evaluate(); } if ($unique) { if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET hits_to=(hits_to+1) WHERE ' . db_string_equal_to('name', $dest), 1); } $campaignremaining = $myrow['campaign_remaining']; if (!is_null($campaignremaining)) { if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET campaign_remaining=(campaign_remaining-1) WHERE ' . db_string_equal_to('name', $dest), 1); } } } // Find the information about the source if ($source != '' && $unique) { $rows = $GLOBALS['SITE_DB']->query_select('banners', array('hits_from', 'campaign_remaining'), array('name' => $source)); if (!array_key_exists(0, $rows)) { fatal_exit(do_lang_tempcode('BANNER_MISSING_SOURCE')); } $myrow = $rows[0]; if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET hits_from=(hits_from+1) WHERE ' . db_string_equal_to('name', $source), 1); } $campaignremaining = $myrow['campaign_remaining']; if (!is_null($campaignremaining)) { if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET campaign_remaining=(campaign_remaining+1) WHERE ' . db_string_equal_to('name', $source), 1); } } } // Log the click load_user_stuff(); $GLOBALS['SITE_DB']->query_insert('banner_clicks', array('c_date_and_time' => time(), 'c_member_id' => get_member(), 'c_ip_address' => get_ip_address(), 'c_source' => $source, 'c_banner_id' => $dest)); if (strpos($url, chr(10)) !== false || strpos($url, chr(13)) !== false) { log_hack_attack_and_exit('HEADER_SPLIT_HACK'); } header('Location: ' . $url); } else { if (is_null($dest)) { $dest = get_param('dest', ''); } if (is_null($b_type)) { $b_type = get_param('b_type', ''); } if (is_null($internal_only)) { $internal_only = get_param_integer('internal_only', 0); } if ($internal_only == 0 && $dest == '' && $b_type == '') { $adcode = get_option('money_ad_code'); if ($adcode != '' && (0 == $GLOBALS['SITE_DB']->query_value('banners', 'COUNT(*)', array('validated' => 1)) || mt_rand(0, 100) > intval(get_option('advert_chance')))) { if ($ret) { return make_string_tempcode($adcode); } $echo = do_template('BASIC_HTML_WRAP', array('_GUID' => 'fd6fc24384dd13e7931ceb369a500672', 'TITLE' => do_lang_tempcode('BANNER'), 'CONTENT' => $adcode)); $echo->evaluate_echo(); return NULL; } } // A community banner then... // ========================== // Input parameters (clicks-in from source site) if (is_null($source)) { $source = get_param('source', ''); } // To allow overriding to specify a specific banner if ($dest != '') { $myquery = 'SELECT * FROM ' . get_table_prefix() . 'banners WHERE ' . db_string_equal_to('name', $dest); } else { $myquery = 'SELECT * FROM ' . get_table_prefix() . 'banners WHERE ((the_type<>' . strval(BANNER_CAMPAIGN) . ') OR (campaign_remaining>0)) AND ((expiry_date IS NULL) OR (expiry_date>' . strval(time()) . ')) AND ' . db_string_not_equal_to('name', $source) . ' AND validated=1 AND ' . db_string_equal_to('b_type', $b_type); } // Run Query $rows = $GLOBALS['SITE_DB']->query($myquery, 500, NULL, true); if (is_null($rows)) { $rows = array(); } // Error, but tolerate it as it could be on each page load // Filter out what we don't have permission for if (get_option('use_banner_permissions', true) === '1') { load_user_stuff(); require_code('permissions'); $groups = _get_where_clause_groups(get_member()); if (!is_null($groups)) { $perhaps = collapse_1d_complexity('category_name', $GLOBALS['SITE_DB']->query('SELECT category_name FROM ' . get_table_prefix() . 'group_category_access WHERE ' . db_string_equal_to('module_the_name', 'banners') . ' AND (' . $groups . ')')); $new_rows = array(); foreach ($rows as $row) { if (in_array($row['name'], $perhaps)) { $new_rows[] = $row; } } $rows = $new_rows; } } // Are we allowed to show default banners? $counter = 0; $show_defaults = true; while (array_key_exists($counter, $rows)) { $myrow = $rows[$counter]; if ($myrow['the_type'] == BANNER_CAMPAIGN) { $show_defaults = false; } $counter++; } // Count the total of all importance_modulus entries $tally = 0; $counter = 0; $bound = array(); while (array_key_exists($counter, $rows)) { $myrow = $rows[$counter]; if ($myrow['the_type'] == 2 && !$show_defaults) { $myrow['importance_modulus'] = 0; } $tally += $myrow['importance_modulus']; $bound[$counter] = $tally; $counter++; } if ($tally == 0) { load_user_stuff(); require_code('permissions'); if (has_actual_page_access(NULL, 'cms_banners') && has_submit_permission('mid', get_member(), get_ip_address(), 'cms_banners')) { $add_banner_url = build_url(array('page' => 'cms_banners', 'type' => 'ad'), get_module_zone('cms_banners')); } else { $add_banner_url = new ocp_tempcode(); } $content = do_template('BANNERS_NONE', array('_GUID' => 'b786ec327365d1ef38134ce401db9dd2', 'ADD_BANNER_URL' => $add_banner_url)); if ($ret) { return $content; } $echo = do_template('BASIC_HTML_WRAP', array('_GUID' => '00c8549b88dac8a1291450eb5b681d80', 'TARGET' => '_top', 'TITLE' => do_lang_tempcode('BANNER'), 'CONTENT' => $content)); $echo->evaluate_echo(); return NULL; } // Choose which banner to show from the results $rand = mt_rand(0, $tally); for ($i = 0; $i < $counter; $i++) { if ($rand <= $bound[$i]) { break; } } $name = $rows[$i]['name']; // Update the counts (ones done per-view) if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET views_to=(views_to+1) WHERE ' . db_string_equal_to('name', $name), 1, NULL, false, true); } if ($source != '') { if (get_db_type() != 'xml') { $GLOBALS['SITE_DB']->query('UPDATE ' . get_table_prefix() . 'banners SET views_from=(views_from+1) WHERE ' . db_string_equal_to('name', $name), 1, NULL, false, true); } } // Display! $img = $rows[$i]['img_url']; $caption = get_translated_tempcode($rows[$i]['caption']); $content = show_banner($name, $rows[$i]['b_title_text'], $caption, $img, $source, $rows[$i]['site_url'], $rows[$i]['b_type']); if ($ret) { return $content; } $echo = do_template('BASIC_HTML_WRAP', array('_GUID' => 'd23424ded86c850f4ae0006241407ff9', 'TITLE' => do_lang_tempcode('BANNER'), 'CONTENT' => $content)); $echo->evaluate_echo(); } return NULL; }
/** * Standard modular run function for CRON hooks. Searches for tasks to perform. */ function run() { //if (!running_script('execute_temp')) return; $time_now = time(); //$time_now=1335726076; $last_cron_time = intval(get_value('last_welcome_mail_time')); if ($last_cron_time == 0) { $last_cron_time = $time_now - 24 * 60 * 60 * 7; } set_value('last_welcome_mail_time', strval($time_now)); //$last_cron_time=$time_now-60*60*1; require_code('mail'); $GLOBALS['NO_DB_SCOPE_CHECK'] = true; $mails = $GLOBALS['SITE_DB']->query_select('f_welcome_emails', array('*')); $GLOBALS['NO_DB_SCOPE_CHECK'] = false; foreach ($mails as $mail) { $send_seconds_after_joining = $mail['w_send_time'] * 60 * 60; $newsletter_style = get_value('welcome_nw_choice') === '1' && !is_null($mail['w_newsletter']) || get_value('welcome_nw_choice') !== '1' && ($mail['w_newsletter'] == 1 || get_forum_type() != 'ocf'); if ($newsletter_style) { if (addon_installed('newsletter')) { // Think of it like this, m_join_time (members join time) must between $last_cron_time and $time_now, but offset back by $send_seconds_after_joining $where = ' WHERE join_time>' . strval($last_cron_time - $send_seconds_after_joining) . ' AND join_time<=' . strval($time_now - $send_seconds_after_joining) . ' AND (the_level=3 OR the_level=4)'; if (get_value('welcome_nw_choice') === '1') { $where .= ' AND newsletter_id=' . strval($mail['w_newsletter']); } $members = $GLOBALS['SITE_DB']->query('SELECT s.email AS m_email_address,the_password,n_forename,n_surname,n.id,join_time AS m_join_time FROM ' . get_table_prefix() . 'newsletter_subscribe s JOIN ' . get_table_prefix() . 'newsletter n ON n.email=s.email ' . $where . ' GROUP BY s.email'); } else { $members = array(); } } else { // Think of it like this, m_join_time (members join time) must between $last_cron_time and $time_now, but offset back by $send_seconds_after_joining $where = ' WHERE m_join_time>' . strval($last_cron_time - $send_seconds_after_joining) . ' AND m_join_time<=' . strval($time_now - $send_seconds_after_joining); if (get_option('allow_email_from_staff_disable') == '1') { $where .= ' AND m_allow_emails=1'; } $query = 'SELECT m_email_address,m_username,id,m_join_time FROM ' . get_table_prefix() . 'f_members' . $where; $members = $GLOBALS['FORUM_DB']->query($query); } //var_dump($members);exit(); foreach ($members as $member) { $subject = get_translated_text($mail['w_subject'], NULL, get_lang($member['id'])); $text = get_translated_text($mail['w_text'], NULL, get_lang($member['id'])); $_text = do_template('NEWSLETTER_DEFAULT', array('CONTENT' => $text, 'LANG' => get_site_default_lang())); for ($i = 0; $i < 100; $i++) { if (strpos($text, '{{' . strval($i) . '}}') !== false) { $text = str_replace('{{' . strval($i) . '}}', get_timezoned_date($time_now + $i * 60 * 60 * 24), $text); } } if ($member['m_email_address'] != '') { $message = $_text->evaluate(get_lang($member['id'])); if ($newsletter_style) { $forename = $member['n_forename']; $surname = $member['n_surname']; $name = trim($forename . ' ' . $surname); require_lang('newsletter'); if ($name == '') { $name = do_lang('NEWSLETTER_SUBSCRIBER', get_site_name()); } } else { $forename = ''; $surname = ''; $name = $member['m_username']; } if (addon_installed('newsletter')) { if ($newsletter_style) { $sendid = 'n' . strval($member['id']); $hash = best_hash($member['the_password'], 'xunsub'); } else { $sendid = 'w' . strval('id'); $hash = ''; } require_code('newsletter'); $message = newsletter_variable_substitution($message, $subject, $forename, $surname, $name, $member['m_email_address'], $sendid, $hash); } if ($is_html) { require_code('tempcode_compiler'); $temp = template_to_tempcode($message); $message = $temp->evaluate(get_lang($member['id'])); } if (get_value('notification_safety_testing') === '1') { $test = $GLOBALS['SITE_DB']->query_value_null_ok('logged_mail_messages', 'm_date_and_time', array('m_subject' => $subject, 'm_to_email' => serialize(array($member['m_email_address'])))); if (!is_null($test)) { if ($test > $member['m_join_time']) { fatal_exit(do_lang('INTERNAL_ERROR') . ' [' . $member['m_email_address'] . ']'); } // otherwise they probably just resubscribed and hence bumped their time } } mail_wrap($subject, $message, array($member['m_email_address']), $name, '', '', 3, NULL, false, NULL, true, $is_html); } } } }
/** * Delete a theme. * * @param ID_TEXT The theme name */ function actual_delete_theme($theme) { if ($theme == 'default') { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } global $CACHED_THEME; if (!is_null($CACHED_THEME) && $CACHED_THEME == $theme) { $CACHED_THEME = 'default'; } require_code('abstract_file_manager'); force_have_afm_details(); afm_delete_directory('themes/' . $theme, true); $GLOBALS['SITE_DB']->query_delete('theme_images', array('theme' => $theme)); log_it('DELETE_THEME', $theme); }
/** * This function is a very basic query executor. It shouldn't usually be used by you, as there are abstracted versions available. * * @param string The complete SQL query * @param array A DB connection * @param ?integer The maximum number of rows to affect (NULL: no limit) * @param ?integer The start row to affect (NULL: no specification) * @param boolean Whether to output an error on failure * @param boolean Whether to get the autoincrement ID created for an insert query * @return ?mixed The results (NULL: no results), or the insert ID */ function db_query($query, $db_parts, $max = NULL, $start = NULL, $fail_ok = false, $get_insert_id = false) { list($db, $db_name) = $db_parts; if (isset($query[500000])) { $test_result = $this->db_query('SHOW VARIABLES LIKE \'max_allowed_packet\'', $db_parts, NULL, NULL, true); if (!is_array($test_result)) { return NULL; } if (intval($test_result[0]['Value']) < intval(strlen($query) * 1.2)) { /*@mysql_query('SET session max_allowed_packet='.strval(intval(strlen($query)*1.3)),$db); Does not work well, as MySQL server has gone away error will likely just happen instead */ if ($get_insert_id) { fatal_exit(do_lang_tempcode('QUERY_FAILED_TOO_BIG', escape_html($query))); } return NULL; } } global $LAST_SELECT_DB; if ($LAST_SELECT_DB[1] != $db_name) { mysqli_select_db($db, $db_name); $LAST_SELECT_DB = array($db, $db_name); } if ($max !== NULL && $start !== NULL) { $query .= ' LIMIT ' . strval($start) . ',' . strval($max); } elseif ($max !== NULL) { $query .= ' LIMIT ' . strval($max); } elseif ($start !== NULL) { $query .= ' LIMIT ' . strval($start) . ',30000000'; } $results = @mysqli_query($db, $query); if ($results === false && (!$fail_ok || strpos(mysqli_error($db), 'is marked as crashed and should be repaired') !== false)) { $err = mysqli_error($db); if (function_exists('mysqli_ping') && $err == 'MySQL server has gone away' && !isset($GLOBALS['REDONE_ONCE'])) { $GLOBALS['REDONE_ONCE'] = true; mysqli_ping($db); $ret = $this->db_query($query, $db_parts, $max, $start, $fail_ok, $get_insert_id); unset($GLOBALS['REDONE_ONCE']); return $ret; } if (function_exists('ocp_mark_as_escaped')) { ocp_mark_as_escaped($err); } if (!running_script('upgrader') && get_page_name() != 'admin_import') { if (!function_exists('do_lang') || is_null(do_lang('QUERY_FAILED', NULL, NULL, NULL, NULL, false))) { fatal_exit(htmlentities('Query failed: ' . $query . ' : ' . $err)); } fatal_exit(do_lang_tempcode('QUERY_FAILED', escape_html($query), $err)); } else { echo htmlentities('Database query failed: ' . $query . ' [') . $err . htmlentities(']' . '<br />' . chr(10)); return NULL; } } if ($results !== true && (strtoupper(substr($query, 0, 7)) == 'SELECT ' || strtoupper(substr($query, 0, 8)) == '(SELECT ' || strtoupper(substr($query, 0, 8)) == 'EXPLAIN ' || strtoupper(substr($query, 0, 9)) == 'DESCRIBE ' || strtoupper(substr($query, 0, 5)) == 'SHOW ') && $results !== false) { return $this->db_get_query_rows($results); } if ($get_insert_id) { if (strtoupper(substr($query, 0, 7)) == 'UPDATE ') { return mysqli_affected_rows($db); } $ins = mysqli_insert_id($db); if ($ins === 0) { $table = substr($query, 12, strpos($query, ' ', 12) - 12); $rows = $this->db_query('SELECT MAX(id) AS x FROM ' . $table, $db_parts, 1, 0, false, false); return $rows[0]['x']; } return $ins; } return NULL; }
/** * Get a formatted XHTML string of the route back to the specified root, from the specified category. * * @param AUTO_LINK The category we are finding for * @param ?AUTO_LINK The root of the tree (NULL: the true root) * @param boolean Whether to include category links at this level (the recursed levels will always contain links - the top level is optional, hence this parameter) * @return tempcode The tree route */ function catalogue_category_breadcrumbs($category_id, $root = NULL, $no_link_for_me_sir = true) { $map = array('page' => 'catalogues', 'type' => 'category', 'id' => $category_id); if (!is_null($root)) { $map['root'] = $root; } $url = build_url($map, get_module_zone('catalogues')); if (is_null($category_id)) { return new ocp_tempcode(); } if ($category_id != $root || !$no_link_for_me_sir) { global $PT_PAIR_CACHE; if (!array_key_exists($category_id, $PT_PAIR_CACHE)) { $category_rows = $GLOBALS['SITE_DB']->query_select('catalogue_categories', array('cc_parent_id', 'cc_title'), array('id' => $category_id), '', 1); if (!array_key_exists(0, $category_rows)) { fatal_exit(do_lang_tempcode('CAT_NOT_FOUND', escape_html(strval($category_id)))); } $PT_PAIR_CACHE[$category_id] = $category_rows[0]; } if ($PT_PAIR_CACHE[$category_id]['cc_parent_id'] == $category_id) { fatal_exit(do_lang_tempcode('RECURSIVE_TREE_CHAIN', escape_html(strval($category_id)))); } } if ($category_id == $root) { $below = new ocp_tempcode(); } else { $below = catalogue_category_breadcrumbs($PT_PAIR_CACHE[$category_id]['cc_parent_id'], $root, false); } if (!$no_link_for_me_sir) { $title = get_translated_text($PT_PAIR_CACHE[$category_id]['cc_title']); if (!$below->is_empty()) { $tpl_url = do_template('BREADCRUMB_ESCAPED'); } else { $tpl_url = new ocp_tempcode(); } $tpl_url->attach(hyperlink($url, escape_html($title), false, false, do_lang_tempcode('GO_BACKWARDS_TO', $title), NULL, NULL, 'up')); } else { $tpl_url = new ocp_tempcode(); } $below->attach($tpl_url); return $below; }
/** * Get the version number of GD on the system. It should only be called if GD is known to be on the system, and in use * * @return float The version of GD installed */ function get_gd_version() { if (function_exists('gd_info')) { $info = gd_info(); $matches = array(); if (preg_match('#(\\d(\\.|))+#', $info['GD Version'], $matches) != 0) { $version = $matches[0]; } else { $version = $info['version']; } return floatval($version); } ob_start(); phpinfo(); $_info = ob_get_contents(); ob_end_clean(); $a = explode("\n", $_info); foreach ($a as $line) { if (strpos($line, "GD Version") !== false) { return floatval(trim(str_replace('GD Version', '', strip_tags($line)))); } } fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); return -1.0; // trick for Zend }
/** * Get a UI element of a route from a known gallery back to the declared root of the tree. * * @param ID_TEXT The gallery name * @param ID_TEXT The virtual root * @param boolean Whether not to put a link at this point in the navigation tree (usually, because the viewer is already at it) * @param ID_TEXT The zone that the linked to gallery module is in * @return tempcode The navigation element */ function gallery_breadcrumbs($category_id, $root = 'root', $no_link_for_me_sir = true, $zone = '') { if ($category_id == '') { $category_id = 'root'; } // To fix corrupt data $url = build_url(array('page' => 'galleries', 'type' => 'misc', 'id' => $category_id, 'root' => $root == 'root' ? NULL : $root), $zone); if ($category_id == $root || $category_id == 'root') { if ($no_link_for_me_sir) { return new ocp_tempcode(); } $title = get_translated_text($GLOBALS['SITE_DB']->query_value('galleries', 'fullname', array('name' => $category_id))); return hyperlink($url, escape_html($title), false, false, do_lang_tempcode('GO_BACKWARDS_TO', $title), NULL, NULL, 'up'); } global $PT_PAIR_CACHE_G; if (!array_key_exists($category_id, $PT_PAIR_CACHE_G)) { $category_rows = $GLOBALS['SITE_DB']->query_select('galleries', array('parent_id', 'fullname'), array('name' => $category_id), '', 1); if (!array_key_exists(0, $category_rows)) { return new ocp_tempcode(); } //fatal_exit(do_lang_tempcode('CAT_NOT_FOUND',escape_html($category_id))); $PT_PAIR_CACHE_G[$category_id] = $category_rows[0]; } $title = get_translated_text($PT_PAIR_CACHE_G[$category_id]['fullname']); if (!$no_link_for_me_sir) { $tpl_url = do_template('BREADCRUMB_ESCAPED'); $tpl_url->attach(hyperlink($url, escape_html($title), false, false, do_lang_tempcode('GO_BACKWARDS_TO', $title), NULL, NULL, 'up')); } else { $tpl_url = new ocp_tempcode(); } if ($PT_PAIR_CACHE_G[$category_id]['parent_id'] == $category_id) { fatal_exit(do_lang_tempcode('RECURSIVE_TREE_CHAIN', escape_html($category_id))); } $below = gallery_breadcrumbs($PT_PAIR_CACHE_G[$category_id]['parent_id'], $root, false, $zone); $below->attach($tpl_url); return $below; }
/** * Get a formatted XHTML string of the route back to the specified root, from the specified category. * * @param AUTO_LINK The category we are finding for * @param ?AUTO_LINK The root of the tree (NULL: the true root) * @param boolean Whether to include category links at this level (the recursed levels will always contain links - the top level is optional, hence this parameter) * @param ?ID_TEXT The zone the download module we're using is in (NULL: find it) * @return tempcode The tree route */ function download_breadcrumbs($category_id, $root = NULL, $no_link_for_me_sir = true, $zone = NULL) { if (is_null($root)) { $root = db_get_first_id(); } if (is_null($zone)) { $zone = get_module_zone('downloads'); } $url = build_url(array('page' => 'downloads', 'type' => 'misc', 'id' => $category_id == db_get_first_id() ? NULL : $category_id, 'root' => $root == db_get_first_id() ? NULL : $root), $zone); if ($category_id == $root || $category_id == db_get_first_id()) { if ($no_link_for_me_sir) { return new ocp_tempcode(); } $title = get_translated_text($GLOBALS['SITE_DB']->query_value('download_categories', 'category', array('id' => $category_id))); return hyperlink($url, escape_html($title), false, false, do_lang_tempcode('GO_BACKWARDS_TO', $title), NULL, NULL, 'up'); } global $PT_PAIR_CACHE_D; if (!array_key_exists($category_id, $PT_PAIR_CACHE_D)) { $category_rows = $GLOBALS['SITE_DB']->query_select('download_categories', array('parent_id', 'category'), array('id' => $category_id), '', 1); if (!array_key_exists(0, $category_rows)) { warn_exit(do_lang_tempcode('CAT_NOT_FOUND', strval($category_id))); } $PT_PAIR_CACHE_D[$category_id] = $category_rows[0]; } $title = get_translated_text($PT_PAIR_CACHE_D[$category_id]['category']); if (!$no_link_for_me_sir) { $tpl_url = do_template('BREADCRUMB_ESCAPED'); $tpl_url->attach(hyperlink($url, escape_html($title), false, false, do_lang_tempcode('GO_BACKWARDS_TO', $title), NULL, NULL, 'up')); } else { $tpl_url = new ocp_tempcode(); } if ($PT_PAIR_CACHE_D[$category_id]['parent_id'] == $category_id) { fatal_exit(do_lang_tempcode('RECURSIVE_TREE_CHAIN', strval($category_id))); } $below = download_breadcrumbs($PT_PAIR_CACHE_D[$category_id]['parent_id'], $root, false, $zone); $below->attach($tpl_url); return $below; }
/** * Get the ID of the currently active member. * It see's if the session exists / cookie is valid -- and gets the member id accordingly * * @param boolean Whether to just do a quick check, don't establish new sessions * @return MEMBER The member requesting this web page (possibly the guest member - which strictly speaking, is not a member) */ function get_member($quick_only = false) { global $SESSION_CACHE, $MEMBER_CACHED, $GETTING_MEMBER, $SITE_INFO; if ($MEMBER_CACHED !== NULL) { $GETTING_MEMBER = false; return $MEMBER_CACHED; } // If lots of aging sessions, clean out reset($SESSION_CACHE); if (count($SESSION_CACHE) > 50 && $SESSION_CACHE[key($SESSION_CACHE)]['last_activity'] < time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) { delete_expired_sessions_or_recover(); } // Try via backdoor that someone with full server access can place $backdoor_ip_address = mixed(); // Enable to a real IP address to force login from FTP access (if lost admin password) if (array_key_exists('backdoor_ip', $SITE_INFO)) { $backdoor_ip_address = $SITE_INFO['backdoor_ip']; } if (is_string($backdoor_ip_address) && get_ip_address() == $backdoor_ip_address) { require_code('users_active_actions'); $MEMBER_CACHED = restricted_manually_enabled_backdoor(); // Will have created a session in here already return $MEMBER_CACHED; } if ($GETTING_MEMBER) { if (!isset($GLOBALS['FORUM_DRIVER'])) { return db_get_first_id(); } // :S return $GLOBALS['FORUM_DRIVER']->get_guest_id(); } $GETTING_MEMBER = true; global $FORCE_INVISIBLE_GUEST; if ($FORCE_INVISIBLE_GUEST) { $GETTING_MEMBER = false; if (!isset($GLOBALS['FORUM_DRIVER'])) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $MEMBER_CACHED = $GLOBALS['FORUM_DRIVER']->get_guest_id(); return $MEMBER_CACHED; } $member = NULL; $cookie_bits = explode(':', str_replace('|', ':', get_member_cookie())); $base = $cookie_bits[0]; // Try by session $session = get_session_id(); if ($session != -1 && get_param_integer('keep_force_htaccess', 0) == 0) { $ip = get_ip_address(3); // I hope AOL can cope with this $allow_unbound_guest = true; // Note: Guest sessions are not IP bound $member_row = NULL; if ($SESSION_CACHE !== NULL && array_key_exists($session, $SESSION_CACHE) && $SESSION_CACHE[$session] !== NULL && array_key_exists('the_user', $SESSION_CACHE[$session]) && (get_option('ip_strict_for_sessions') == '0' || $SESSION_CACHE[$session]['ip'] == $ip || is_guest($SESSION_CACHE[$session]['the_user']) && $allow_unbound_guest || $SESSION_CACHE[$session]['session_confirmed'] == 0 && !is_guest($SESSION_CACHE[$session]['the_user'])) && $SESSION_CACHE[$session]['last_activity'] > time() - 60 * 60 * max(1, intval(get_option('session_expiry_time')))) { $member_row = $SESSION_CACHE[$session]; } if ($member_row !== NULL && (!array_key_exists($base, $_COOKIE) || !is_guest($member_row['the_user']))) { $member = $member_row['the_user']; if ($member !== NULL && time() - $member_row['last_activity'] > 10) { //$GLOBALS['SITE_DB']->query_update('sessions',array('last_activity'=>time(),'the_zone'=>get_zone_name(),'the_page'=>get_page_name()),array('the_session'=>$session),'',1); Done in get_page_title now $SESSION_CACHE[$session]['last_activity'] = time(); if (get_value('session_prudence') !== '1') { persistant_cache_set('SESSION_CACHE', $SESSION_CACHE); } } global $SESSION_CONFIRMED; $SESSION_CONFIRMED = $member_row['session_confirmed']; if (get_forum_type() == 'ocf') { $GLOBALS['FORUM_DRIVER']->ocf_flood_control($member); } if (!is_guest($member) && $GLOBALS['FORUM_DRIVER']->is_banned($member)) { warn_exit(do_lang_tempcode('USER_BANNED')); } // Test this member still exists if ($GLOBALS['FORUM_DRIVER']->get_username($member) === NULL) { $member = $GLOBALS['FORUM_DRIVER']->get_guest_id(); } if (array_key_exists($base, $_COOKIE)) { global $IS_A_COOKIE_LOGIN; $IS_A_COOKIE_LOGIN = true; } } else { require_code('users_inactive_occasionals'); set_session_id(-1); } } if ($member === NULL && get_session_id() == -1 && get_param_integer('keep_force_htaccess', 0) == 0) { // Try by cookie (will defer to forum driver to authorise against detected cookie) require_code('users_inactive_occasionals'); $member = try_cookie_login(); // Can forum driver help more directly? if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member')) { $member = $GLOBALS['FORUM_DRIVER']->get_member(); } } // Try via additional login providers. They can choose whether to respect existing $member of get_session_id() settings. Some may do an account linkage, so we need to let them decide what to do. $hooks = find_all_hooks('systems', 'login_providers'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/login_providers/' . $hook); $ob = object_factory('Hook_login_provider_' . $hook); $member = $ob->try_login($member); } // Guest or banned if ($member === NULL) { $member = $GLOBALS['FORUM_DRIVER']->get_guest_id(); $is_guest = true; } else { $is_guest = is_guest($member); } // If we are doing a very quick init, bomb out now - no need to establish session etc global $SITE_INFO; if ($quick_only) { $GETTING_MEMBER = false; return $member; } // If one of the try_* functions hasn't actually created the session, call it here $session = get_session_id(); if ($session == -1) { require_code('users_inactive_occasionals'); create_session($member); } // If we are logged in, maybe do some further processing if (!$is_guest) { // Is there a su operation? $ks = get_param('keep_su', ''); if ($ks != '') { require_code('users_inactive_occasionals'); $member = try_su_login($member); } // Run hooks, if any exist $hooks = find_all_hooks('systems', 'upon_login'); foreach (array_keys($hooks) as $hook) { require_code('hooks/systems/upon_login/' . filter_naughty($hook)); $ob = object_factory('upon_login' . filter_naughty($hook), true); if ($ob === NULL) { continue; } $ob->run(false, NULL, $member); // false means "not a new login attempt" } } // Ok we have our answer $MEMBER_CACHED = $member; $GETTING_MEMBER = false; // We call this to ensure any HTTP-auth specific code has a chance to run is_httpauth_login(); return $member; }
/** * This function is a very basic query executor. It shouldn't usually be used by you, as there are abstracted versions available. * * @param string The complete SQL query * @param array A DB connection * @param ?integer The maximum number of rows to affect (NULL: no limit) * @param ?integer The start row to affect (NULL: no specification) * @param boolean Whether to output an error on failure * @param boolean Whether to get the autoincrement ID created for an insert query * @return ?mixed The results (NULL: no results), or the insert ID */ function db_query($query, $db, $max = NULL, $start = NULL, $fail_ok = false, $get_insert_id = false) { if (substr($query, 0, 7) == 'SELECT') { if (!is_null($max) && !is_null($start)) { $query .= ' LIMIT ' . strval(intval($start)) . ',' . strval(intval($max)); } elseif (!is_null($max)) { $query .= ' LIMIT ' . strval(intval($max)); } elseif (!is_null($start)) { $query .= ' LIMIT ' . strval(intval($start)) . ',30000000'; } } $results = @sqlite_query($db, $query); if (($results === false || strtoupper(substr($query, 0, 7)) == 'SELECT ' && $results === true) && !$fail_ok) { $err = sqlite_last_error($db); if (function_exists('ocp_mark_as_escaped')) { ocp_mark_as_escaped($err); } if (!running_script('upgrader') && get_page_name() != 'admin_import') { if (!function_exists('do_lang') || is_null(do_lang('QUERY_FAILED', NULL, NULL, NULL, NULL, false))) { fatal_exit(htmlentities('Query failed: ' . $query . ' : ' . $err)); } fatal_exit(do_lang_tempcode('QUERY_FAILED', escape_html($query), $err)); } else { echo htmlentities('Database query failed: ' . $query . ' [') . $err . htmlentities(']' . '<br />' . chr(10)); return NULL; } } if (strtoupper(substr($query, 0, 7)) == 'SELECT ' && $results !== false && $results !== true) { return $this->db_get_query_rows($results); } if ($get_insert_id) { if (strtoupper(substr($query, 0, 7)) == 'UPDATE ') { return NULL; } return sqlite_last_insert_rowid($db); } return NULL; }
/** * Find a map of results relating to a certain poll. * * @param AUTO_LINK The poll. * @param boolean Whether we must record that the current member is requesting the results, blocking future voting for them. * @return array The map of results. */ function ocf_poll_get_results($poll_id, $request_results = true) { $poll_info = $GLOBALS['FORUM_DB']->query_select('f_polls', array('*'), array('id' => $poll_id), '', 1); if (!array_key_exists(0, $poll_info)) { fatal_exit(do_lang_tempcode('_MISSING_RESOURCE', 'poll#' . strval($poll_id))); } $_answers = $GLOBALS['FORUM_DB']->query_select('f_poll_answers', array('*'), array('pa_poll_id' => $poll_id), 'ORDER BY id'); $answers = array(); foreach ($_answers as $_answer) { $answer = array(); $answer['answer'] = $_answer['pa_answer']; $answer['id'] = $_answer['id']; if (($request_results || $poll_info[0]['po_is_open'] == 0) && $poll_info[0]['po_is_private'] == 0) { // We usually will show the results for a closed poll, but not one still private $answer['num_votes'] = $_answer['pa_cache_num_votes']; } $answers[] = $answer; } if ($request_results) { // Forfeighting this by viewing results? $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_poll_votes', 'pv_answer_id', array('pv_poll_id' => $poll_id, 'pv_member_id' => get_member())); if (is_null($test)) { $forfeight = !has_specific_permission(get_member(), 'view_poll_results_before_voting'); if ($forfeight) { $GLOBALS['FORUM_DB']->query_insert('f_poll_votes', array('pv_poll_id' => $poll_id, 'pv_member_id' => get_member(), 'pv_answer_id' => -1)); } } } $out = array('is_private' => $poll_info[0]['po_is_private'], 'id' => $poll_info[0]['id'], 'question' => $poll_info[0]['po_question'], 'minimum_selections' => $poll_info[0]['po_minimum_selections'], 'maximum_selections' => $poll_info[0]['po_maximum_selections'], 'requires_reply' => $poll_info[0]['po_requires_reply'], 'is_open' => $poll_info[0]['po_is_open'], 'answers' => $answers, 'total_votes' => $poll_info[0]['po_cache_total_votes']); return $out; }
/** * The UI shows member galleries that do not exist. If it is a member gallery, and it does not exist, it'll need making, before something can be added. This gallery performs the check and makes the gallery if needed. * * @param ID_TEXT The gallery name */ function make_member_gallery_if_needed($cat) { // If it is a non-member gallery, it must surely exist, as we have no interface to choose non-existant ones (it's safe enough to assume it hasn't been deleted suddenly) if (substr($cat, 0, 7) != 'member_') { return; } // Test to see if it exists $test = $GLOBALS['SITE_DB']->query_value_null_ok('galleries', 'name', array('name' => $cat)); if (is_null($test)) { $parts = explode('_', $cat, 3); $member = intval($parts[1]); // Almost certainly going to be same as get_member(), but we might as well be general here if (!has_specific_permission($member, 'have_personal_category', 'cms_galleries')) { return; } // Find about parent (new gallery inherits) $parent_id = $parts[2]; $_parent_info = $GLOBALS['SITE_DB']->query_select('galleries', array('accept_images', 'accept_videos', 'flow_mode_interface', 'fullname'), array('name' => $parent_id), '', 1); if (!array_key_exists(0, $_parent_info)) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $parent_info = $_parent_info[0]; $username = $GLOBALS['FORUM_DRIVER']->get_username($member); if (is_null($username)) { warn_exit(do_lang_tempcode('_USER_NO_EXIST', escape_html($username))); } add_gallery($cat, do_lang('PERSONAL_GALLERY_OF', $username, get_translated_text($parent_info['fullname'])), '', '', '', $parent_id, $parent_info['accept_images'], $parent_info['accept_videos'], 0, $parent_info['flow_mode_interface']); $rows = $GLOBALS['SITE_DB']->query_select('group_category_access', array('group_id'), array('module_the_name' => 'galleries', 'category_name' => $parent_id)); foreach ($rows as $row) { $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => 'galleries', 'category_name' => $cat, 'group_id' => $row['group_id'])); } } }
/** * Adds a news entry to the database, and send out the news to any RSS cloud listeners. * * @param SHORT_TEXT The news title * @param LONG_TEXT The news summary (or if not an article, the full news) * @param ?ID_TEXT The news author (possibly, a link to an existing author in the system, but does not need to be) (NULL: current username) * @param BINARY Whether the news has been validated * @param BINARY Whether the news may be rated * @param SHORT_INTEGER Whether comments are allowed (0=no, 1=yes, 2=review style) * @param BINARY Whether the news may have trackbacks * @param LONG_TEXT Notes for the news * @param LONG_TEXT The news entry (blank means no entry) * @param ?AUTO_LINK The primary news category (NULL: personal) * @param ?array The IDs of the news categories that this is in (NULL: none) * @param ?TIME The time of submission (NULL: now) * @param ?MEMBER The news submitter (NULL: current member) * @param integer The number of views the article has had * @param ?TIME The edit date (NULL: never) * @param ?AUTO_LINK Force an ID (NULL: don't force an ID) * @param URLPATH URL to the image for the news entry (blank: use cat image) * @return AUTO_LINK The ID of the news just added */ function add_news($title, $news, $author = NULL, $validated = 1, $allow_rating = 1, $allow_comments = 1, $allow_trackbacks = 1, $notes = '', $news_article = '', $main_news_category = NULL, $news_category = NULL, $time = NULL, $submitter = NULL, $views = 0, $edit_date = NULL, $id = NULL, $image = '') { if (is_null($author)) { $author = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); } if (is_null($news_category)) { $news_category = array(); } if (is_null($time)) { $time = time(); } if (is_null($submitter)) { $submitter = get_member(); } $already_created_personal_category = false; require_code('comcode_check'); check_comcode($news_article, NULL, false, NULL, true); if (is_null($main_news_category)) { $main_news_category_id = $GLOBALS['SITE_DB']->query_value_null_ok('news_categories', 'id', array('nc_owner' => $submitter)); if (is_null($main_news_category_id)) { if (!has_specific_permission(get_member(), 'have_personal_category', 'cms_news')) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $p_nc_title = insert_lang(do_lang('MEMBER_CATEGORY', $GLOBALS['FORUM_DRIVER']->get_username($submitter)), 2); $main_news_category_id = $GLOBALS['SITE_DB']->query_insert('news_categories', array('nc_title' => $p_nc_title, 'nc_img' => 'newscats/community', 'notes' => '', 'nc_owner' => $submitter), true); $already_created_personal_category = true; $groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, true); foreach (array_keys($groups) as $group_id) { $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => 'news', 'category_name' => strval($main_news_category_id), 'group_id' => $group_id)); } } } else { $main_news_category_id = $main_news_category; } if (!addon_installed('unvalidated')) { $validated = 1; } $map = array('news_image' => $image, 'edit_date' => $edit_date, 'news_category' => $main_news_category_id, 'news_views' => $views, 'news_article' => 0, 'allow_rating' => $allow_rating, 'allow_comments' => $allow_comments, 'allow_trackbacks' => $allow_trackbacks, 'notes' => $notes, 'submitter' => $submitter, 'validated' => $validated, 'date_and_time' => $time, 'title' => insert_lang_comcode($title, 1), 'news' => insert_lang_comcode($news, 1), 'author' => $author); if (!is_null($id)) { $map['id'] = $id; } $id = $GLOBALS['SITE_DB']->query_insert('news', $map, true); if (!is_null($news_category)) { $news_category = array_unique($news_category); foreach ($news_category as $value) { if (is_null($value) && !$already_created_personal_category) { $p_nc_title = insert_lang(do_lang('MEMBER_CATEGORY', $GLOBALS['FORUM_DRIVER']->get_username($submitter)), 2); $news_category_id = $GLOBALS['SITE_DB']->query_insert('news_categories', array('nc_title' => $p_nc_title, 'nc_img' => 'newscats/community', 'notes' => '', 'nc_owner' => $submitter), true); $groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list(false, true); foreach (array_keys($groups) as $group_id) { $GLOBALS['SITE_DB']->query_insert('group_category_access', array('module_the_name' => 'news', 'category_name' => strval($news_category_id), 'group_id' => $group_id)); } } else { $news_category_id = $value; } if (is_null($news_category_id)) { continue; } // Double selected $GLOBALS['SITE_DB']->query_insert('news_category_entries', array('news_entry' => $id, 'news_entry_category' => $news_category_id)); } } require_code('attachments2'); $map = array('news_article' => insert_lang_comcode_attachments(2, $news_article, 'news', strval($id))); $GLOBALS['SITE_DB']->query_update('news', $map, array('id' => $id), '', 1); log_it('ADD_NEWS', strval($id), $title); if (function_exists('xmlrpc_encode')) { if (function_exists('set_time_limit')) { @set_time_limit(0); } // Send out on RSS cloud $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'news_rss_cloud WHERE register_time<' . strval(time() - 25 * 60 * 60)); $start = 0; do { $listeners = $GLOBALS['SITE_DB']->query_select('news_rss_cloud', array('*'), NULL, '', 100, $start); foreach ($listeners as $listener) { $data = $listener['watching_channel']; if ($listener['rem_protocol'] == 'xml-rpc') { $request = xmlrpc_encode_request($listener['rem_procedure'], $data); $length = strlen($request); $_length = strval($length); $packet = <<<END POST /{$listener['rem_path']} HTTP/1.0 Host: {$listener['rem_ip']} Content-Type: text/xml Content-length: {$_length} {$request} END; } $errno = 0; $errstr = ''; $mysock = @fsockopen($listener['rem_ip'], $listener['rem_port'], $errno, $errstr, 6.0); if ($mysock !== false) { @fwrite($mysock, $packet); @fclose($mysock); } $start += 100; } } while (array_key_exists(0, $listeners)); } require_code('seo2'); seo_meta_set_for_implicit('news', strval($id), array($title, $news == '' ? $news_article : $news), $news == '' ? $news_article : $news); // News article could be used, but it's probably better to go for the summary only to avoid crap if ($validated == 1) { decache('main_news'); decache('side_news'); decache('side_news_archive'); decache('bottom_news'); dispatch_news_notification($id, $title, $main_news_category_id); } if ($validated == 1 && get_option('site_closed') == '0' && ocp_srv('HTTP_HOST') != '127.0.0.1' && ocp_srv('HTTP_HOST') != 'localhost' && has_category_access($GLOBALS['FORUM_DRIVER']->get_guest_id(), 'news', strval($main_news_category_id))) { $_ping_url = str_replace('{url}', urlencode(get_base_url()), str_replace('{rss}', urlencode(find_script('backend') . '?type=rss&mode=news'), str_replace('{title}', urlencode(get_site_name()), get_option('ping_url')))); $ping_urls = explode(chr(10), $_ping_url); foreach ($ping_urls as $ping_url) { $ping_url = trim($ping_url); if ($ping_url != '') { http_download_file($ping_url, NULL, false); } } } return $id; }
function testScreenPreview() { require_code('validation'); require_lang('validation'); global $DONE_HEADER, $RECORD_TEMPLATES_USED, $RECORDED_TEMPLATES_USED; $RECORD_TEMPLATES_USED = true; $only_do_these = array(); $lists = find_all_previews__by_template(); foreach ($lists as $template => $list) { $temp_name = basename($template, '.tpl'); if (count($only_do_these) != 0) { if (!in_array($temp_name, $only_do_these)) { continue; } } if ($temp_name == 'tempcode_test') { continue; } if (is_plain_text_template($temp_name)) { continue; } $hook = $list[0]; $function = $list[1]; if (is_file(get_file_base() . '/_tests/screens_tested/' . $function)) { continue; } // To make easier to debug through if (function_exists('set_time_limit')) { @set_time_limit(0); } $DONE_HEADER = false; $RECORDED_TEMPLATES_USED = array(); $out = render_screen_preview($template, $hook, $function); $flag = false; foreach ($lists as $template_2 => $list_2) { $temp_name_2 = basename($template_2, '.tpl'); if (count($only_do_these) != 0) { if (!in_array($temp_name_2, $only_do_these)) { continue; } } if ($temp_name_2 == 'tempcode_test') { continue; } if (is_plain_text_template($temp_name_2)) { continue; } if ($list_2[1] == $function) { if ($temp_name_2 == 'FORM_STANDARD_END' || $temp_name_2 == 'MENU_LINK_PROPERTIES') { continue; } $this->assertTrue(in_array($temp_name_2, $RECORDED_TEMPLATES_USED), $template_2 . ' not used in preview as claimed in ' . $hook . '/' . $function); if (!in_array($temp_name_2, $RECORDED_TEMPLATES_USED)) { $flag = true; } } } if (!is_object($out)) { fatal_exit('Claimed screen for ' . $template . ' is not defined'); } $_out = $out->evaluate(); $result = check_xhtml($_out, false, false, false, true, true, false, false); if (!is_null($result) && count($result['errors']) == 0) { $result = NULL; } $this->assertTrue(is_null($result), $hook . '/' . $temp_name); if (!is_null($result)) { require_code('view_modes'); display_validation_results($_out, $result, false, false); } else { if (!$flag) { fclose(fopen(get_file_base() . '/_tests/screens_tested/' . $function, 'wb')); sync_file(get_file_base() . '/_tests/screens_tested/' . $function); fix_permissions(get_file_base() . '/_tests/screens_tested/' . $function); } } } }
/** * Render a stored menu to tempcode. * * @param array Menu details * @param ?MEMBER The member the menu is being built as (NULL: current member) * @param ID_TEXT The menu type (determines what templates get used) * @param boolean Whether to generate Comcode with admin privilege * @return tempcode The generated tempcode of the menu */ function render_menu($menu, $source_member, $type, $as_admin = false) { if (is_null($source_member)) { $source_member = get_member(); } $content = new ocp_tempcode(); if (!isset($menu['type']) || $menu['type'] != 'root') { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $codename = $menu['special']; // A bit of a hack to calculate the true number of rendered items... $new_children = array(); foreach ($menu['children'] as $child) { $branch = render_menu_branch($child, $codename, $source_member, 0, $type, $as_admin, $menu['children'], 1); if (!is_null($branch[0])) { $new_children[] = $branch[0]; } } $num = count($new_children); foreach ($new_children as $i => $child) { if (is_object($child)) { $content->attach($child); } else { $content->attach(do_template('MENU_BRANCH_' . filter_naughty_harsh($type), $child + array('POSITION' => strval($i), 'LAST' => $i == $num - 1, 'BRETHREN_COUNT' => strval($num)), NULL, false, 'MENU_BRANCH_tree')); } } return do_template('MENU_' . filter_naughty_harsh($type), array('CONTENT' => $content, 'MENU' => $menu['special']), NULL, false, 'MENU_tree'); }
/** * Find the price for a booking. This may involve multiple bookables, as at this point we don't care about that or not (once in the DB, it will actually be considered many separate bookings) * * @param array Booking details structure to check. * @return REAL The price. */ function find_booking_price($request) { $price = 0.0; foreach ($request as $i => $part) { $days = days_in_range($part['start_day'], $part['start_month'], $part['start_year'], $part['end_day'], $part['end_month'], $part['end_year']); foreach ($days as $_date) { $price += find_bookable_price($part['bookable_id']) * $part['quantity']; } foreach ($part['supplements'] as $supplement_id => $supplement_part) { $supplement_quantity = $supplement_part['quantity']; $_supplement = $GLOBALS['SITE_DB']->query_select('bookable_supplement', array('*'), array('id' => $supplement_id), '', 1); if (array_key_exists(0, $_supplement)) { $price += $_supplement[0]['price'] * $supplement_quantity * ($_supplement[0]['price_is_per_period'] == 1 ? count($days) : 1); if ($supplement_quantity != 0 && $_supplement[0]['supports_quantities'] == 0) { fatal_exit('INTERNAL_ERROR'); } } } } return $price; }
/** * Send out a notification to members enabled. */ function dispatch() { if (running_script('stress_test_loader')) { return; } if (get_page_name() == 'admin_import') { return; } $subject = $this->subject; $message = $this->message; $no_cc = $this->no_cc; if ($GLOBALS['DEBUG_MODE']) { if (strpos($this->message, 'keep_devtest') !== false && $this->notification_code != 'hack_attack' && $this->notification_code != 'auto_ban' && strpos($this->message, running_script('index') ? static_evaluate_tempcode(build_url(array('page' => '_SELF'), '_SELF', NULL, true, false, true)) : get_self_url_easy()) === false && (strpos(ocp_srv('HTTP_REFERER'), 'keep_devtest') === false || strpos($this->message, ocp_srv('HTTP_REFERER')) === false)) { // Bad URL - it has to be general, not session-specific fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } } $ob = _get_notification_ob_for_code($this->notification_code); if (is_null($ob)) { if (get_page_name() != 'admin_setupwizard') { // Setupwizard may have removed after register_shutdown_function was called fatal_exit('Missing notification code: ' . $this->notification_code); } return; } require_lang('notifications'); require_code('mail'); if (function_exists('set_time_limit')) { @set_time_limit(0); } if ($this->store_in_staff_messaging_system && addon_installed('staff_messaging')) { require_lang('messaging'); list($type, $id) = explode('_', $this->code_category, 2); $message_url = build_url(array('page' => 'admin_messaging', 'type' => 'view', 'id' => $id, 'message_type' => $type), get_module_zone('admin_messaging'), NULL, false, false, true); $message = do_lang('MESSAGING_NOTIFICATION_WRAPPER', $message, $message_url->evaluate()); require_code('feedback'); actualise_post_comment(true, $type, $id, $message_url, $subject, get_option('messaging_forum_name'), true, 1, true, true, true); } $testing = get_param_integer('keep_debug_notifications', 0) == 1; $start = 0; $max = 300; do { list($members, $possibly_has_more) = $ob->list_members_who_have_enabled($this->notification_code, $this->code_category, $this->to_member_ids, $start, $max); if (get_value('notification_safety_testing') === '1') { if (count($members) > 20) { $members = array(6 => A_INSTANT_EMAIL); // This is just for testing on ocportal.com, if lots of notifications going out it's probably a scary bug, so send just to Chris (#6) with a note $message = 'OVER-ADDRESSED?' . "\n\n" . $message; } } foreach ($members as $to_member_id => $setting) { if (!is_null($this->no_notify_for__notification_code)) { if (notifications_enabled($this->no_notify_for__notification_code, $this->no_notify_for__code_category, $to_member_id)) { continue; } // Signal they are getting some other notification for this } if ($to_member_id !== $this->from_member_id || $testing) { $no_cc = _dispatch_notification_to_member($to_member_id, $setting, $this->notification_code, $this->code_category, $subject, $message, $this->from_member_id, $this->priority, $no_cc); } } $start += $max; } while ($possibly_has_more); }
/** * Try to return the human-readable version of the language id, passed in as $entry. * * @param integer The id * @param ?object The database connection to use (NULL: standard site connection) * @param ?LANGUAGE_NAME The language (NULL: uses the current language) * @return string The human-readable version */ function get_translated_text($entry, $connection = NULL, $lang = NULL) { if ($entry == 0) { return do_lang('FAILED_ENTRY'); } if ($entry === NULL) { fatal_exit(do_lang_tempcode('NULL_LANG_STRING')); } if ($connection === NULL) { $connection = $GLOBALS['SITE_DB']; } global $RECORD_LANG_STRINGS_CONTENT; if ($RECORD_LANG_STRINGS_CONTENT) { global $RECORDED_LANG_STRINGS_CONTENT; $RECORDED_LANG_STRINGS_CONTENT[$entry] = $connection->connection_write != $GLOBALS['SITE_DB']->connection_write; } if ($lang === NULL) { $lang = user_lang(); } if (array_key_exists($entry, $connection->text_lookup_original_cache) && $lang == user_lang()) { return $connection->text_lookup_original_cache[$entry]; } if ($lang == 'xxx') { return '!!!'; } // Helpful for testing language compliancy. We don't expect to see non x's/!'s if we're running this language $result = $connection->query_select('translate', array('text_original', 'text_parsed'), array('id' => $entry, 'language' => $lang), '', 1); if (!array_key_exists(0, $result)) { $result = $connection->query_select('translate', array('*'), array('id' => $entry, 'language' => get_site_default_lang()), '', 1); if (!array_key_exists(0, $result)) { $result = $connection->query_select('translate', array('*'), array('id' => $entry), '', 1); } if (array_key_exists(0, $result)) { $result[0]['text_original'] = google_translate($result[0]['text_original'], $lang); $result[0]['text_parsed'] = ''; $connection->query_insert('translate', array('broken' => 1, 'language' => $lang) + $result[0]); } } if (!array_key_exists(0, $result)) { $member_id = function_exists('get_member') ? get_member() : $GLOBALS['FORUM_DRIVER']->get_guest_id(); $connection->query_insert('translate', array('id' => $entry, 'source_user' => $member_id, 'broken' => 0, 'importance_level' => 3, 'text_original' => '', 'text_parsed' => '', 'language' => $lang)); $msg = do_lang('LANGUAGE_CORRUPTION', strval($entry)); if (preg_match('#^localhost[\\.\\:$]#', ocp_srv('HTTP_HOST')) != 0) { fatal_exit($msg); } require_code('site'); attach_message(make_string_tempcode($msg), 'warn'); return ''; } if ($lang == user_lang()) { $connection->text_lookup_original_cache[$entry] = $result[0]['text_original']; $connection->text_lookup_cache[$entry] = $result[0]['text_parsed']; } return $result[0]['text_original']; }
/** * The actualiser to contact a member. * * @return tempcode The UI */ function actual() { if (addon_installed('captcha')) { require_code('captcha'); enforce_captcha(); } $member_id = get_param_integer('id'); $email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address'); if (is_null($email_address)) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $to_name = $GLOBALS['FORUM_DRIVER']->get_username($member_id); breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('EMAIL_MEMBER', escape_html($to_name))))); if (is_null($to_name)) { warn_exit(do_lang_tempcode('USER_NO_EXIST')); } $from_email = trim(post_param('email_address')); require_code('type_validation'); if (!is_valid_email_address($from_email)) { warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS')); } $from_name = post_param('name'); $title = get_page_title('EMAIL_MEMBER', true, array(escape_html($GLOBALS['FORUM_DRIVER']->get_username($member_id)))); require_code('mail'); $attachments = array(); $size_so_far = 0; require_code('uploads'); is_swf_upload(true); foreach ($_FILES as $file) { if (is_swf_upload() || is_uploaded_file($file['tmp_name'])) { $attachments[$file['tmp_name']] = $file['name']; $size_so_far += $file['size']; } else { if (defined('UPLOAD_ERR_NO_FILE') && array_key_exists('error', $file) && $file['error'] != UPLOAD_ERR_NO_FILE) { warn_exit(do_lang_tempcode('ERROR_UPLOADING_ATTACHMENTS')); } } } $size = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_max_email_attach_size_mb'); if ($size_so_far > $size * 1024 * 1024) { warn_exit(do_lang_tempcode('EXCEEDED_ATTACHMENT_SIZE', integer_format($size))); } mail_wrap(do_lang('EMAIL_MEMBER_SUBJECT', get_site_name(), post_param('subject'), NULL, get_lang($member_id)), post_param('message'), array($email_address), $to_name, $from_email, $from_name, 3, $attachments, false, get_member()); log_it('EMAIL', strval($member_id), $to_name); breadcrumb_set_self(do_lang_tempcode('DONE')); $url = get_param('redirect'); return redirect_screen($title, $url, do_lang_tempcode('SUCCESS')); }